chef 17.1.35-universal-mingw32 → 17.4.38-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +6 -4
- data/chef.gemspec +1 -0
- data/lib/chef/action_collection.rb +6 -26
- data/lib/chef/application/base.rb +15 -0
- data/lib/chef/application.rb +4 -2
- data/lib/chef/client.rb +7 -1
- data/lib/chef/compliance/default_attributes.rb +5 -3
- data/lib/chef/compliance/reporter/automate.rb +1 -1
- data/lib/chef/compliance/runner.rb +16 -2
- data/lib/chef/cookbook_version.rb +26 -4
- data/lib/chef/data_collector/run_end_message.rb +1 -1
- data/lib/chef/data_collector.rb +0 -1
- data/lib/chef/deprecated.rb +14 -4
- data/lib/chef/dsl/render_helpers.rb +44 -0
- data/lib/chef/dsl/secret.rb +64 -0
- data/lib/chef/dsl/toml.rb +116 -0
- data/lib/chef/dsl/universal.rb +5 -0
- data/lib/chef/dsl.rb +1 -0
- data/lib/chef/event_dispatch/base.rb +2 -1
- data/lib/chef/exceptions.rb +23 -0
- data/lib/chef/formatters/doc.rb +14 -13
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/formatters/minimal.rb +6 -5
- data/lib/chef/handler/slow_report.rb +66 -0
- data/lib/chef/handler.rb +46 -8
- data/lib/chef/http.rb +5 -5
- data/lib/chef/json_compat.rb +1 -1
- data/lib/chef/node.rb +20 -19
- data/lib/chef/policy_builder/policyfile.rb +88 -45
- data/lib/chef/provider/execute.rb +1 -1
- data/lib/chef/provider/file.rb +2 -2
- data/lib/chef/provider/group/dscl.rb +1 -1
- data/lib/chef/provider/launchd.rb +6 -6
- data/lib/chef/provider/lwrp_base.rb +1 -1
- data/lib/chef/provider/package/habitat.rb +168 -0
- data/lib/chef/provider/package/powershell.rb +5 -0
- data/lib/chef/provider/subversion.rb +4 -4
- data/lib/chef/provider/support/yum_repo.erb +1 -1
- data/lib/chef/provider/support/zypper_repo.erb +4 -2
- data/lib/chef/provider/systemd_unit.rb +17 -16
- data/lib/chef/provider/user/mac.rb +3 -3
- data/lib/chef/provider/yum_repository.rb +27 -43
- data/lib/chef/provider/zypper_repository.rb +30 -34
- data/lib/chef/provider.rb +26 -1
- data/lib/chef/provider_resolver.rb +8 -2
- data/lib/chef/providers.rb +1 -0
- data/lib/chef/resource/alternatives.rb +5 -5
- data/lib/chef/resource/apt_preference.rb +2 -2
- data/lib/chef/resource/apt_repository.rb +2 -2
- data/lib/chef/resource/apt_update.rb +4 -4
- data/lib/chef/resource/build_essential.rb +1 -1
- data/lib/chef/resource/chef_client_config.rb +10 -5
- data/lib/chef/resource/chef_client_cron.rb +3 -3
- data/lib/chef/resource/chef_client_launchd.rb +3 -3
- data/lib/chef/resource/chef_client_scheduled_task.rb +15 -15
- data/lib/chef/resource/chef_client_systemd_timer.rb +3 -3
- data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
- data/lib/chef/resource/chef_handler.rb +2 -2
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/chef_vault_secret.rb +2 -2
- data/lib/chef/resource/chocolatey_feature.rb +2 -2
- data/lib/chef/resource/chocolatey_source.rb +1 -1
- data/lib/chef/resource/cron/cron_d.rb +4 -6
- data/lib/chef/resource/cron_access.rb +1 -1
- data/lib/chef/resource/dmg_package.rb +1 -1
- data/lib/chef/resource/dsc_resource.rb +1 -1
- data/lib/chef/resource/execute.rb +5 -5
- data/lib/chef/resource/gem_package.rb +2 -1
- data/lib/chef/resource/group.rb +4 -4
- data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
- data/lib/chef/resource/habitat/habitat_package.rb +129 -0
- data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
- data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
- data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
- data/lib/chef/resource/habitat_config.rb +107 -0
- data/lib/chef/resource/habitat_install.rb +247 -0
- data/lib/chef/resource/habitat_service.rb +451 -0
- data/lib/chef/resource/habitat_user_toml.rb +92 -0
- data/lib/chef/resource/homebrew_cask.rb +18 -7
- data/lib/chef/resource/homebrew_package.rb +1 -1
- data/lib/chef/resource/homebrew_tap.rb +4 -3
- data/lib/chef/resource/homebrew_update.rb +2 -2
- data/lib/chef/resource/hostname.rb +49 -7
- data/lib/chef/resource/inspec_waiver_file_entry.rb +8 -7
- data/lib/chef/resource/kernel_module.rb +6 -6
- data/lib/chef/resource/launchd.rb +3 -3
- data/lib/chef/resource/locale.rb +1 -1
- data/lib/chef/resource/lwrp_base.rb +1 -1
- data/lib/chef/resource/macos_userdefaults.rb +2 -2
- data/lib/chef/resource/ohai_hint.rb +2 -6
- data/lib/chef/resource/openbsd_package.rb +17 -0
- data/lib/chef/resource/openssl_dhparam.rb +1 -2
- data/lib/chef/resource/openssl_ec_private_key.rb +1 -3
- data/lib/chef/resource/openssl_ec_public_key.rb +1 -3
- data/lib/chef/resource/openssl_rsa_private_key.rb +1 -3
- data/lib/chef/resource/openssl_rsa_public_key.rb +1 -3
- data/lib/chef/resource/openssl_x509_certificate.rb +1 -4
- data/lib/chef/resource/openssl_x509_crl.rb +1 -3
- data/lib/chef/resource/openssl_x509_request.rb +1 -3
- data/lib/chef/resource/osx_profile.rb +3 -3
- data/lib/chef/resource/plist.rb +1 -1
- data/lib/chef/resource/powershell_package_source.rb +2 -4
- data/lib/chef/resource/reboot.rb +38 -9
- data/lib/chef/resource/remote_directory.rb +2 -2
- data/lib/chef/resource/remote_file.rb +1 -1
- data/lib/chef/resource/rhsm_errata.rb +0 -2
- data/lib/chef/resource/rhsm_errata_level.rb +1 -5
- data/lib/chef/resource/rhsm_repo.rb +15 -0
- data/lib/chef/resource/rhsm_subscription.rb +5 -5
- data/lib/chef/resource/ruby_block.rb +100 -0
- data/lib/chef/resource/scm/subversion.rb +1 -1
- data/lib/chef/resource/ssh_known_hosts_entry.rb +4 -7
- data/lib/chef/resource/sudo.rb +2 -6
- data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
- data/lib/chef/resource/support/client.erb +8 -1
- data/lib/chef/resource/support/sup.toml.erb +179 -0
- data/lib/chef/resource/swap_file.rb +2 -6
- data/lib/chef/resource/sysctl.rb +2 -2
- data/lib/chef/resource/systemd_unit.rb +3 -3
- data/lib/chef/resource/timezone.rb +1 -1
- data/lib/chef/resource/user_ulimit.rb +2 -2
- data/lib/chef/resource/windows_ad_join.rb +2 -2
- data/lib/chef/resource/windows_audit_policy.rb +2 -2
- data/lib/chef/resource/windows_auto_run.rb +2 -2
- data/lib/chef/resource/windows_certificate.rb +1 -1
- data/lib/chef/resource/windows_defender.rb +163 -0
- data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
- data/lib/chef/resource/windows_dfs_folder.rb +2 -2
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
- data/lib/chef/resource/windows_dns_record.rb +2 -2
- data/lib/chef/resource/windows_dns_zone.rb +2 -2
- data/lib/chef/resource/windows_feature.rb +3 -3
- data/lib/chef/resource/windows_feature_dism.rb +3 -5
- data/lib/chef/resource/windows_feature_powershell.rb +3 -3
- data/lib/chef/resource/windows_firewall_profile.rb +2 -2
- data/lib/chef/resource/windows_firewall_rule.rb +20 -6
- data/lib/chef/resource/windows_font.rb +1 -1
- data/lib/chef/resource/windows_pagefile.rb +103 -64
- data/lib/chef/resource/windows_path.rb +2 -2
- data/lib/chef/resource/windows_printer.rb +80 -61
- data/lib/chef/resource/windows_printer_port.rb +48 -65
- data/lib/chef/resource/windows_security_policy.rb +2 -2
- data/lib/chef/resource/windows_share.rb +2 -2
- data/lib/chef/resource/windows_shortcut.rb +1 -1
- data/lib/chef/resource/windows_task.rb +1 -1
- data/lib/chef/resource/windows_uac.rb +3 -5
- data/lib/chef/resource/windows_update_settings.rb +259 -0
- data/lib/chef/resource/windows_user_privilege.rb +2 -2
- data/lib/chef/resource/windows_workgroup.rb +2 -2
- data/lib/chef/resource/yum_package.rb +11 -15
- data/lib/chef/resource/zypper_package.rb +4 -4
- data/lib/chef/resource/zypper_repository.rb +28 -8
- data/lib/chef/resource.rb +13 -17
- data/lib/chef/resource_inspector.rb +6 -2
- data/lib/chef/resource_reporter.rb +0 -1
- data/lib/chef/resources.rb +12 -1
- data/lib/chef/secret_fetcher/aws_secrets_manager.rb +65 -0
- data/lib/chef/secret_fetcher/azure_key_vault.rb +78 -0
- data/lib/chef/secret_fetcher/base.rb +76 -0
- data/lib/chef/secret_fetcher/example.rb +46 -0
- data/lib/chef/secret_fetcher.rb +55 -0
- data/lib/chef/version.rb +1 -1
- data/spec/functional/mixin/from_file_spec.rb +1 -1
- data/spec/functional/resource/windows_hostname_spec.rb +91 -0
- data/spec/functional/resource/windows_pagefile_spec.rb +98 -0
- data/spec/integration/compliance/compliance_spec.rb +1 -0
- data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
- data/spec/integration/recipes/resource_action_spec.rb +6 -6
- data/spec/support/shared/unit/provider/file.rb +2 -8
- data/spec/unit/compliance/runner_spec.rb +46 -2
- data/spec/unit/cookbook_version_spec.rb +52 -0
- data/spec/unit/data_collector_spec.rb +47 -1
- data/spec/unit/dsl/render_helpers_spec.rb +102 -0
- data/spec/unit/dsl/secret_spec.rb +71 -0
- data/spec/unit/formatters/doc_spec.rb +1 -1
- data/spec/unit/handler_spec.rb +8 -2
- data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
- data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
- data/spec/unit/provider/apt_update_spec.rb +3 -1
- data/spec/unit/provider/mount/aix_spec.rb +1 -1
- data/spec/unit/provider/package/powershell_spec.rb +74 -12
- data/spec/unit/provider/zypper_repository_spec.rb +3 -10
- data/spec/unit/provider_spec.rb +23 -0
- data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
- data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
- data/spec/unit/resource/windows_defender_spec.rb +71 -0
- data/spec/unit/resource/windows_firewall_rule_spec.rb +12 -7
- data/spec/unit/resource/windows_pagefile_spec.rb +4 -9
- data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
- data/spec/unit/resource/zypper_repository_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +19 -8
- data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
- data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +70 -0
- data/spec/unit/secret_fetcher_spec.rb +82 -0
- metadata +55 -7
@@ -34,7 +34,7 @@ class Chef
|
|
34
34
|
|
35
35
|
property :cask_name, String,
|
36
36
|
description: "An optional property to set the cask name if it differs from the resource block's name.",
|
37
|
-
regex: %r{^[\w
|
37
|
+
regex: %r{^[\w/\-@]+$},
|
38
38
|
validation_message: "The provided Homebrew cask name is not valid. Cask names can contain alphanumeric characters, _, -, or / only!",
|
39
39
|
name_property: true
|
40
40
|
|
@@ -51,10 +51,16 @@ class Chef
|
|
51
51
|
|
52
52
|
property :owner, [String, Integer],
|
53
53
|
description: "The owner of the Homebrew installation.",
|
54
|
-
default: lazy { find_homebrew_username }
|
55
|
-
|
56
|
-
|
57
|
-
|
54
|
+
default: lazy { find_homebrew_username },
|
55
|
+
default_description: "Calculated default username"\
|
56
|
+
|
57
|
+
action :install, description: "Install an application that is packaged as a Homebrew cask." do
|
58
|
+
if new_resource.install_cask
|
59
|
+
homebrew_tap "homebrew/cask" do
|
60
|
+
homebrew_path new_resource.homebrew_path
|
61
|
+
owner new_resource.owner
|
62
|
+
end
|
63
|
+
end
|
58
64
|
|
59
65
|
unless casked?
|
60
66
|
converge_by("install cask #{new_resource.cask_name} #{new_resource.options}") do
|
@@ -66,8 +72,13 @@ class Chef
|
|
66
72
|
end
|
67
73
|
end
|
68
74
|
|
69
|
-
action :remove, description: "Remove an application packaged as a Homebrew cask" do
|
70
|
-
|
75
|
+
action :remove, description: "Remove an application that is packaged as a Homebrew cask." do
|
76
|
+
if new_resource.install_cask
|
77
|
+
homebrew_tap "homebrew/cask" do
|
78
|
+
homebrew_path new_resource.homebrew_path
|
79
|
+
owner new_resource.owner
|
80
|
+
end
|
81
|
+
end
|
71
82
|
|
72
83
|
if casked?
|
73
84
|
converge_by("uninstall cask #{new_resource.cask_name}") do
|
@@ -62,7 +62,7 @@ class Chef
|
|
62
62
|
DOC
|
63
63
|
|
64
64
|
property :homebrew_user, [ String, Integer ],
|
65
|
-
description: "The name or uid of the Homebrew owner to be used by #{ChefUtils::Dist::Infra::PRODUCT} when executing a command."
|
65
|
+
description: "The name or uid of the Homebrew owner to be used by #{ChefUtils::Dist::Infra::PRODUCT} when executing a command.\n\n#{ChefUtils::Dist::Infra::PRODUCT}, by default, will attempt to execute a Homebrew command as the owner of the `/usr/local/bin/brew` executable. If that executable does not exist, #{ChefUtils::Dist::Infra::PRODUCT} will attempt to find the user by executing `which brew`. If that executable cannot be found, #{ChefUtils::Dist::Infra::PRODUCT} will print an error message: `Could not find the 'brew' executable in /usr/local/bin or anywhere on the path.`.\n\nSet this property to specify the Homebrew owner for situations where Chef Infra Client cannot automatically detect the correct owner.'"
|
66
66
|
|
67
67
|
end
|
68
68
|
end
|
@@ -51,9 +51,10 @@ class Chef
|
|
51
51
|
|
52
52
|
property :owner, String,
|
53
53
|
description: "The owner of the Homebrew installation.",
|
54
|
-
default: lazy { find_homebrew_username }
|
54
|
+
default: lazy { find_homebrew_username },
|
55
|
+
default_description: "Calculated default username"
|
55
56
|
|
56
|
-
action :tap, description: "Add a Homebrew tap" do
|
57
|
+
action :tap, description: "Add a Homebrew tap." do
|
57
58
|
unless tapped?(new_resource.tap_name)
|
58
59
|
converge_by("tap #{new_resource.tap_name}") do
|
59
60
|
shell_out!("#{new_resource.homebrew_path} tap #{new_resource.full ? "--full" : ""} #{new_resource.tap_name} #{new_resource.url || ""}",
|
@@ -64,7 +65,7 @@ class Chef
|
|
64
65
|
end
|
65
66
|
end
|
66
67
|
|
67
|
-
action :untap, description: "Remove a Homebrew tap" do
|
68
|
+
action :untap, description: "Remove a Homebrew tap." do
|
68
69
|
if tapped?(new_resource.tap_name)
|
69
70
|
converge_by("untap #{new_resource.tap_name}") do
|
70
71
|
shell_out!("#{new_resource.homebrew_path} untap #{new_resource.tap_name}",
|
@@ -88,7 +88,7 @@ class Chef
|
|
88
88
|
end
|
89
89
|
end
|
90
90
|
|
91
|
-
action :periodic do
|
91
|
+
action :periodic, description: "Run a periodic update based on the frequency property." do
|
92
92
|
return unless macos?
|
93
93
|
|
94
94
|
unless brew_up_to_date?
|
@@ -98,7 +98,7 @@ class Chef
|
|
98
98
|
end
|
99
99
|
end
|
100
100
|
|
101
|
-
action :update do
|
101
|
+
action :update, description: "Run an immediate update." do
|
102
102
|
return unless macos?
|
103
103
|
|
104
104
|
converge_by "force update new lists of packages" do
|
@@ -44,6 +44,24 @@ class Chef
|
|
44
44
|
ipaddress '198.51.100.2'
|
45
45
|
end
|
46
46
|
```
|
47
|
+
|
48
|
+
**Change the hostname of a Windows, Non-Domain joined node**:
|
49
|
+
|
50
|
+
```ruby
|
51
|
+
hostname 'renaming a workgroup computer' do
|
52
|
+
hostname 'Foo'
|
53
|
+
end
|
54
|
+
```
|
55
|
+
|
56
|
+
**Change the hostname of a Windows, Domain-joined node (new in 17.2)**:
|
57
|
+
|
58
|
+
```ruby
|
59
|
+
hostname 'renaming a domain-joined computer' do
|
60
|
+
hostname 'Foo'
|
61
|
+
domain_user "Domain\\Someone"
|
62
|
+
domain_password 'SomePassword'
|
63
|
+
end
|
64
|
+
```
|
47
65
|
DOC
|
48
66
|
|
49
67
|
property :hostname, String,
|
@@ -71,6 +89,15 @@ class Chef
|
|
71
89
|
description: "Determines whether or not Windows should be reboot after changing the hostname, as this is required for the change to take effect.",
|
72
90
|
default: true
|
73
91
|
|
92
|
+
property :domain_user, String,
|
93
|
+
description: "A domain account specified in the form of DOMAIN\\user used when renaming a domain-joined device",
|
94
|
+
introduced: "17.2"
|
95
|
+
|
96
|
+
property :domain_password, String,
|
97
|
+
description: "The password to accompany the domain_user parameter",
|
98
|
+
sensitive: true,
|
99
|
+
introduced: "17.2"
|
100
|
+
|
74
101
|
action_class do
|
75
102
|
def append_replacing_matching_lines(path, regex, string)
|
76
103
|
text = IO.read(path).split("\n")
|
@@ -103,7 +130,11 @@ class Chef
|
|
103
130
|
end
|
104
131
|
end
|
105
132
|
|
106
|
-
|
133
|
+
def is_domain_joined?
|
134
|
+
powershell_exec!("(Get-CIMInstance -Class Win32_ComputerSystem).PartofDomain").result
|
135
|
+
end
|
136
|
+
|
137
|
+
action :set, description: "Sets the node's hostname." do
|
107
138
|
if !windows?
|
108
139
|
ohai "reload hostname" do
|
109
140
|
plugin "hostname"
|
@@ -243,13 +274,24 @@ class Chef
|
|
243
274
|
end
|
244
275
|
|
245
276
|
unless Socket.gethostbyname(Socket.gethostname).first == new_resource.hostname
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
277
|
+
if is_domain_joined?
|
278
|
+
if new_resource.domain_user.nil? || new_resource.domain_password.nil?
|
279
|
+
raise "The `domain_user` and `domain_password` properties are required to change the hostname of a domain-connected Windows system."
|
280
|
+
else
|
281
|
+
converge_by "set hostname to #{new_resource.hostname}" do
|
282
|
+
powershell_exec! <<~EOH
|
283
|
+
$user = #{new_resource.domain_user}
|
284
|
+
$secure_password = #{new_resource.domain_password} | Convertto-SecureString -AsPlainText -Force
|
285
|
+
$Credentials = New-Object System.Management.Automation.PSCredential -Argumentlist ($user, $secure_password)
|
286
|
+
Rename-Computer -NewName #{new_resource.hostname} -DomainCredential $Credentials
|
287
|
+
EOH
|
288
|
+
end
|
289
|
+
end
|
290
|
+
else
|
291
|
+
converge_by "set hostname to #{new_resource.hostname}" do
|
292
|
+
powershell_exec!("Rename-Computer -NewName #{new_resource.hostname}")
|
293
|
+
end
|
251
294
|
end
|
252
|
-
|
253
295
|
# reboot because $windows
|
254
296
|
reboot "setting hostname" do
|
255
297
|
reason "#{ChefUtils::Dist::Infra::PRODUCT} updated system hostname"
|
@@ -16,8 +16,9 @@
|
|
16
16
|
#
|
17
17
|
|
18
18
|
require_relative "../resource"
|
19
|
-
|
19
|
+
autoload :YAML, "yaml"
|
20
20
|
require "date"
|
21
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
21
22
|
|
22
23
|
class Chef
|
23
24
|
class Resource
|
@@ -35,7 +36,7 @@ class Chef
|
|
35
36
|
file_path 'C:\\chef\\inspec_waiver_file.yml'
|
36
37
|
control 'my_inspec_control_01'
|
37
38
|
run_test false
|
38
|
-
justification "The subject of this control is not managed by
|
39
|
+
justification "The subject of this control is not managed by #{ChefUtils::Dist::Infra::PRODUCT} on the systems in policy group \#{node['policy_group']}"
|
39
40
|
expiration '2022-01-01'
|
40
41
|
action :add
|
41
42
|
end
|
@@ -45,7 +46,7 @@ class Chef
|
|
45
46
|
|
46
47
|
```ruby
|
47
48
|
inspec_waiver_file_entry 'my_inspec_control_01' do
|
48
|
-
justification "The subject of this control is not managed by
|
49
|
+
justification "The subject of this control is not managed by #{ChefUtils::Dist::Infra::PRODUCT} on the systems in policy group \#{node['policy_group']}"
|
49
50
|
action :add
|
50
51
|
end
|
51
52
|
```
|
@@ -83,13 +84,13 @@ class Chef
|
|
83
84
|
}
|
84
85
|
|
85
86
|
property :run_test, [true, false],
|
86
|
-
description: "If present and true
|
87
|
+
description: "If present and `true`, the control will run and be reported, but failures in it won’t make the overall run fail. If absent or `false`, the control will not be run."
|
87
88
|
|
88
89
|
property :justification, String,
|
89
90
|
description: "Can be any text you want and might include a reason for the waiver as well as who signed off on the waiver."
|
90
91
|
|
91
92
|
property :backup, [false, Integer],
|
92
|
-
description: "The number of backups to be kept in
|
93
|
+
description: "The number of backups to be kept in `/var/chef/backup` (for UNIX- and Linux-based platforms) or `C:/chef/backup` (for the Microsoft Windows platform). Set to `false` to prevent backups from being kept.",
|
93
94
|
default: false
|
94
95
|
|
95
96
|
action :add do
|
@@ -110,7 +111,7 @@ class Chef
|
|
110
111
|
|
111
112
|
file "Update Waiver File #{new_resource.file_path} to update waiver for control #{new_resource.control}" do
|
112
113
|
path new_resource.file_path
|
113
|
-
content waiver_hash
|
114
|
+
content ::YAML.dump(waiver_hash)
|
114
115
|
backup new_resource.backup
|
115
116
|
action :create
|
116
117
|
end
|
@@ -125,7 +126,7 @@ class Chef
|
|
125
126
|
waiver_hash = waiver_hash.sort.to_h
|
126
127
|
file "Update Waiver File #{new_resource.file_path} to remove waiver for control #{new_resource.control}" do
|
127
128
|
path new_resource.file_path
|
128
|
-
content waiver_hash
|
129
|
+
content ::YAML.dump(waiver_hash)
|
129
130
|
backup new_resource.backup
|
130
131
|
action :create
|
131
132
|
end
|
@@ -93,7 +93,7 @@ class Chef
|
|
93
93
|
description: "The modprobe.d directory.",
|
94
94
|
default: "/etc/modprobe.d"
|
95
95
|
|
96
|
-
action :install, description: "Load kernel module, and ensure it loads on reboot" do
|
96
|
+
action :install, description: "Load kernel module, and ensure it loads on reboot." do
|
97
97
|
with_run_context :root do
|
98
98
|
find_resource(:execute, "update initramfs") do
|
99
99
|
command initramfs_command
|
@@ -121,7 +121,7 @@ class Chef
|
|
121
121
|
end
|
122
122
|
end
|
123
123
|
|
124
|
-
action :uninstall, description: "Unload a kernel module and remove module config, so it doesn't load on reboot" do
|
124
|
+
action :uninstall, description: "Unload a kernel module and remove module config, so it doesn't load on reboot." do
|
125
125
|
with_run_context :root do
|
126
126
|
find_resource(:execute, "update initramfs") do
|
127
127
|
command initramfs_command
|
@@ -146,7 +146,7 @@ class Chef
|
|
146
146
|
action_unload
|
147
147
|
end
|
148
148
|
|
149
|
-
action :blacklist, description: "Blacklist a kernel module" do
|
149
|
+
action :blacklist, description: "Blacklist a kernel module." do
|
150
150
|
with_run_context :root do
|
151
151
|
find_resource(:execute, "update initramfs") do
|
152
152
|
command initramfs_command
|
@@ -162,7 +162,7 @@ class Chef
|
|
162
162
|
action_unload
|
163
163
|
end
|
164
164
|
|
165
|
-
action :disable, description: "Disable a kernel module" do
|
165
|
+
action :disable, description: "Disable a kernel module. **New in Chef Infra Client 15.2.**" do
|
166
166
|
with_run_context :root do
|
167
167
|
find_resource(:execute, "update initramfs") do
|
168
168
|
command initramfs_command
|
@@ -178,7 +178,7 @@ class Chef
|
|
178
178
|
action_unload
|
179
179
|
end
|
180
180
|
|
181
|
-
action :load, description: "Load a kernel module" do
|
181
|
+
action :load, description: "Load a kernel module." do
|
182
182
|
unless module_loaded?
|
183
183
|
converge_by("load kernel module #{new_resource.modname}") do
|
184
184
|
shell_out!("modprobe #{new_resource.modname}")
|
@@ -186,7 +186,7 @@ class Chef
|
|
186
186
|
end
|
187
187
|
end
|
188
188
|
|
189
|
-
action :unload, description: "Unload kernel module" do
|
189
|
+
action :unload, description: "Unload kernel module." do
|
190
190
|
if module_loaded?
|
191
191
|
converge_by("unload kernel module #{new_resource.modname}") do
|
192
192
|
shell_out!("modprobe -r #{new_resource.modname}")
|
@@ -36,7 +36,7 @@ class Chef
|
|
36
36
|
|
37
37
|
property :backup, [Integer, FalseClass],
|
38
38
|
desired_state: false,
|
39
|
-
description: "The number of backups to be kept in
|
39
|
+
description: "The number of backups to be kept in `/var/chef/backup`. Set to `false` to prevent backups from being kept."
|
40
40
|
|
41
41
|
property :cookbook, String,
|
42
42
|
desired_state: false,
|
@@ -197,10 +197,10 @@ class Chef
|
|
197
197
|
description: "The intended purpose of the job: `Adaptive`, `Background`, `Interactive`, or `Standard`."
|
198
198
|
|
199
199
|
property :program, String,
|
200
|
-
description: "The first argument of execvp
|
200
|
+
description: "The first argument of `execvp`, typically the file name associated with the file to be executed. This value must be specified if `program_arguments` is not specified, and vice-versa."
|
201
201
|
|
202
202
|
property :program_arguments, Array,
|
203
|
-
description: "The second argument of execvp
|
203
|
+
description: "The second argument of `execvp`. If program is not specified, this property must be specified and will be handled as if it were the first argument."
|
204
204
|
|
205
205
|
property :queue_directories, Array,
|
206
206
|
description: "An array of non-empty directories which, if any are modified, will cause a job to be started."
|
data/lib/chef/resource/locale.rb
CHANGED
@@ -97,7 +97,7 @@ class Chef
|
|
97
97
|
powershell_exec("Get-WinSystemLocale").result["Name"]
|
98
98
|
end
|
99
99
|
|
100
|
-
action :update, description: "Update the system's locale" do
|
100
|
+
action :update, description: "Update the system's locale." do
|
101
101
|
converge_if_changed do
|
102
102
|
set_system_locale
|
103
103
|
end
|
@@ -140,7 +140,7 @@ class Chef
|
|
140
140
|
state_cmd
|
141
141
|
end
|
142
142
|
|
143
|
-
action :write, description: "Write the value to the specified domain/key" do
|
143
|
+
action :write, description: "Write the value to the specified domain/key." do
|
144
144
|
converge_if_changed do
|
145
145
|
cmd = defaults_modify_cmd
|
146
146
|
Chef::Log.debug("Updating defaults value by shelling out: #{cmd.join(" ")}")
|
@@ -149,7 +149,7 @@ class Chef
|
|
149
149
|
end
|
150
150
|
end
|
151
151
|
|
152
|
-
action :delete, description: "Delete a key from a domain" do
|
152
|
+
action :delete, description: "Delete a key from a domain." do
|
153
153
|
# if it's not there there's nothing to remove
|
154
154
|
return unless current_resource
|
155
155
|
|
@@ -72,9 +72,7 @@ class Chef
|
|
72
72
|
description: "Determines whether or not the resource is executed during the compile time phase.",
|
73
73
|
default: true, desired_state: false
|
74
74
|
|
75
|
-
action :create do
|
76
|
-
description "Create an Ohai hint file."
|
77
|
-
|
75
|
+
action :create, description: "Create an Ohai hint file." do
|
78
76
|
directory ::Ohai::Config.ohai.hints_path.first do
|
79
77
|
action :create
|
80
78
|
recursive true
|
@@ -86,9 +84,7 @@ class Chef
|
|
86
84
|
end
|
87
85
|
end
|
88
86
|
|
89
|
-
action :delete do
|
90
|
-
description "Delete an Ohai hint file."
|
91
|
-
|
87
|
+
action :delete, description: "Delete an Ohai hint file." do
|
92
88
|
file ohai_hint_file_path(new_resource.hint_name) do
|
93
89
|
action :delete
|
94
90
|
notifies :reload, ohai[reload ohai post hint removal]
|
@@ -31,6 +31,23 @@ class Chef
|
|
31
31
|
|
32
32
|
description "Use the **openbsd_package** resource to manage packages for the OpenBSD platform."
|
33
33
|
introduced "12.1"
|
34
|
+
examples <<~DOC
|
35
|
+
**Install a package**
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
openbsd_package 'name of package' do
|
39
|
+
action :install
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
**Remove a package**
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
openbsd_package 'name of package' do
|
47
|
+
action :remove
|
48
|
+
end
|
49
|
+
```
|
50
|
+
DOC
|
34
51
|
|
35
52
|
property :package_name, String,
|
36
53
|
description: "An optional property to set the package name if it differs from the resource block's name.",
|
@@ -88,8 +88,7 @@ class Chef
|
|
88
88
|
description: "The permission mode applied to all files created by the resource.",
|
89
89
|
default: "0640"
|
90
90
|
|
91
|
-
action :create do
|
92
|
-
description "Create the dhparam file."
|
91
|
+
action :create, description: "Create the `dhparam.pem` file." do
|
93
92
|
dhparam_content = nil
|
94
93
|
unless dhparam_pem_valid?(new_resource.path)
|
95
94
|
dhparam_content = gen_dhparam(new_resource.key_length, new_resource.generator).to_pem
|
@@ -88,9 +88,7 @@ class Chef
|
|
88
88
|
description: "Force creation of the key even if the same key already exists on the node.",
|
89
89
|
default: false, desired_state: false
|
90
90
|
|
91
|
-
action :create do
|
92
|
-
description "Generate the ec private key"
|
93
|
-
|
91
|
+
action :create, description: "Generate the EC private key file." do
|
94
92
|
unless new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
|
95
93
|
converge_by("Create an EC private key #{new_resource.path}") do
|
96
94
|
log "Generating an #{new_resource.key_curve} "\
|
@@ -74,9 +74,7 @@ class Chef
|
|
74
74
|
description: "The permission mode applied to all files created by the resource.",
|
75
75
|
default: "0640"
|
76
76
|
|
77
|
-
action :create do
|
78
|
-
description "Generate the ec public key from a private key"
|
79
|
-
|
77
|
+
action :create, description: "Generate the EC public key file from a private key." do
|
80
78
|
raise ArgumentError, "You cannot specify both 'private_key_path' and 'private_key_content' properties at the same time." if new_resource.private_key_path && new_resource.private_key_content
|
81
79
|
raise ArgumentError, "You must specify the private key with either 'private_key_path' or 'private_key_content' properties." unless new_resource.private_key_path || new_resource.private_key_content
|
82
80
|
raise "#{new_resource.private_key_path} not a valid private EC key or password is invalid" unless priv_key_file_valid?((new_resource.private_key_path || new_resource.private_key_content), new_resource.private_key_pass)
|
@@ -87,9 +87,7 @@ class Chef
|
|
87
87
|
description: "Force creation of the key even if the same key already exists on the node.",
|
88
88
|
default: false, desired_state: false
|
89
89
|
|
90
|
-
action :create do
|
91
|
-
description "Create the RSA private key."
|
92
|
-
|
90
|
+
action :create, description: "Create the RSA private key file." do
|
93
91
|
return if new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
|
94
92
|
|
95
93
|
converge_by("create #{new_resource.key_length} bit RSA key #{new_resource.path}") do
|