RubyGems - chef - Versions diffs - 17.1.35-universal-mingw32 → 17.4.38-universal-mingw32 - Mend

chef 17.1.35-universal-mingw32 → 17.4.38-universal-mingw32

Files changed (198) hide show

checksums.yaml +4 -4
data/Gemfile +6 -4
data/chef.gemspec +1 -0
data/lib/chef/action_collection.rb +6 -26
data/lib/chef/application/base.rb +15 -0
data/lib/chef/application.rb +4 -2
data/lib/chef/client.rb +7 -1
data/lib/chef/compliance/default_attributes.rb +5 -3
data/lib/chef/compliance/reporter/automate.rb +1 -1
data/lib/chef/compliance/runner.rb +16 -2
data/lib/chef/cookbook_version.rb +26 -4
data/lib/chef/data_collector/run_end_message.rb +1 -1
data/lib/chef/data_collector.rb +0 -1
data/lib/chef/deprecated.rb +14 -4
data/lib/chef/dsl/render_helpers.rb +44 -0
data/lib/chef/dsl/secret.rb +64 -0
data/lib/chef/dsl/toml.rb +116 -0
data/lib/chef/dsl/universal.rb +5 -0
data/lib/chef/dsl.rb +1 -0
data/lib/chef/event_dispatch/base.rb +2 -1
data/lib/chef/exceptions.rb +23 -0
data/lib/chef/formatters/doc.rb +14 -13
data/lib/chef/formatters/error_mapper.rb +2 -2
data/lib/chef/formatters/minimal.rb +6 -5
data/lib/chef/handler/slow_report.rb +66 -0
data/lib/chef/handler.rb +46 -8
data/lib/chef/http.rb +5 -5
data/lib/chef/json_compat.rb +1 -1
data/lib/chef/node.rb +20 -19
data/lib/chef/policy_builder/policyfile.rb +88 -45
data/lib/chef/provider/execute.rb +1 -1
data/lib/chef/provider/file.rb +2 -2
data/lib/chef/provider/group/dscl.rb +1 -1
data/lib/chef/provider/launchd.rb +6 -6
data/lib/chef/provider/lwrp_base.rb +1 -1
data/lib/chef/provider/package/habitat.rb +168 -0
data/lib/chef/provider/package/powershell.rb +5 -0
data/lib/chef/provider/subversion.rb +4 -4
data/lib/chef/provider/support/yum_repo.erb +1 -1
data/lib/chef/provider/support/zypper_repo.erb +4 -2
data/lib/chef/provider/systemd_unit.rb +17 -16
data/lib/chef/provider/user/mac.rb +3 -3
data/lib/chef/provider/yum_repository.rb +27 -43
data/lib/chef/provider/zypper_repository.rb +30 -34
data/lib/chef/provider.rb +26 -1
data/lib/chef/provider_resolver.rb +8 -2
data/lib/chef/providers.rb +1 -0
data/lib/chef/resource/alternatives.rb +5 -5
data/lib/chef/resource/apt_preference.rb +2 -2
data/lib/chef/resource/apt_repository.rb +2 -2
data/lib/chef/resource/apt_update.rb +4 -4
data/lib/chef/resource/build_essential.rb +1 -1
data/lib/chef/resource/chef_client_config.rb +10 -5
data/lib/chef/resource/chef_client_cron.rb +3 -3
data/lib/chef/resource/chef_client_launchd.rb +3 -3
data/lib/chef/resource/chef_client_scheduled_task.rb +15 -15
data/lib/chef/resource/chef_client_systemd_timer.rb +3 -3
data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
data/lib/chef/resource/chef_handler.rb +2 -2
data/lib/chef/resource/chef_sleep.rb +1 -1
data/lib/chef/resource/chef_vault_secret.rb +2 -2
data/lib/chef/resource/chocolatey_feature.rb +2 -2
data/lib/chef/resource/chocolatey_source.rb +1 -1
data/lib/chef/resource/cron/cron_d.rb +4 -6
data/lib/chef/resource/cron_access.rb +1 -1
data/lib/chef/resource/dmg_package.rb +1 -1
data/lib/chef/resource/dsc_resource.rb +1 -1
data/lib/chef/resource/execute.rb +5 -5
data/lib/chef/resource/gem_package.rb +2 -1
data/lib/chef/resource/group.rb +4 -4
data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
data/lib/chef/resource/habitat/habitat_package.rb +129 -0
data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
data/lib/chef/resource/habitat_config.rb +107 -0
data/lib/chef/resource/habitat_install.rb +247 -0
data/lib/chef/resource/habitat_service.rb +451 -0
data/lib/chef/resource/habitat_user_toml.rb +92 -0
data/lib/chef/resource/homebrew_cask.rb +18 -7
data/lib/chef/resource/homebrew_package.rb +1 -1
data/lib/chef/resource/homebrew_tap.rb +4 -3
data/lib/chef/resource/homebrew_update.rb +2 -2
data/lib/chef/resource/hostname.rb +49 -7
data/lib/chef/resource/inspec_waiver_file_entry.rb +8 -7
data/lib/chef/resource/kernel_module.rb +6 -6
data/lib/chef/resource/launchd.rb +3 -3
data/lib/chef/resource/locale.rb +1 -1
data/lib/chef/resource/lwrp_base.rb +1 -1
data/lib/chef/resource/macos_userdefaults.rb +2 -2
data/lib/chef/resource/ohai_hint.rb +2 -6
data/lib/chef/resource/openbsd_package.rb +17 -0
data/lib/chef/resource/openssl_dhparam.rb +1 -2
data/lib/chef/resource/openssl_ec_private_key.rb +1 -3
data/lib/chef/resource/openssl_ec_public_key.rb +1 -3
data/lib/chef/resource/openssl_rsa_private_key.rb +1 -3
data/lib/chef/resource/openssl_rsa_public_key.rb +1 -3
data/lib/chef/resource/openssl_x509_certificate.rb +1 -4
data/lib/chef/resource/openssl_x509_crl.rb +1 -3
data/lib/chef/resource/openssl_x509_request.rb +1 -3
data/lib/chef/resource/osx_profile.rb +3 -3
data/lib/chef/resource/plist.rb +1 -1
data/lib/chef/resource/powershell_package_source.rb +2 -4
data/lib/chef/resource/reboot.rb +38 -9
data/lib/chef/resource/remote_directory.rb +2 -2
data/lib/chef/resource/remote_file.rb +1 -1
data/lib/chef/resource/rhsm_errata.rb +0 -2
data/lib/chef/resource/rhsm_errata_level.rb +1 -5
data/lib/chef/resource/rhsm_repo.rb +15 -0
data/lib/chef/resource/rhsm_subscription.rb +5 -5
data/lib/chef/resource/ruby_block.rb +100 -0
data/lib/chef/resource/scm/subversion.rb +1 -1
data/lib/chef/resource/ssh_known_hosts_entry.rb +4 -7
data/lib/chef/resource/sudo.rb +2 -6
data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
data/lib/chef/resource/support/client.erb +8 -1
data/lib/chef/resource/support/sup.toml.erb +179 -0
data/lib/chef/resource/swap_file.rb +2 -6
data/lib/chef/resource/sysctl.rb +2 -2
data/lib/chef/resource/systemd_unit.rb +3 -3
data/lib/chef/resource/timezone.rb +1 -1
data/lib/chef/resource/user_ulimit.rb +2 -2
data/lib/chef/resource/windows_ad_join.rb +2 -2
data/lib/chef/resource/windows_audit_policy.rb +2 -2
data/lib/chef/resource/windows_auto_run.rb +2 -2
data/lib/chef/resource/windows_certificate.rb +1 -1
data/lib/chef/resource/windows_defender.rb +163 -0
data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
data/lib/chef/resource/windows_dfs_folder.rb +2 -2
data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
data/lib/chef/resource/windows_dns_record.rb +2 -2
data/lib/chef/resource/windows_dns_zone.rb +2 -2
data/lib/chef/resource/windows_feature.rb +3 -3
data/lib/chef/resource/windows_feature_dism.rb +3 -5
data/lib/chef/resource/windows_feature_powershell.rb +3 -3
data/lib/chef/resource/windows_firewall_profile.rb +2 -2
data/lib/chef/resource/windows_firewall_rule.rb +20 -6
data/lib/chef/resource/windows_font.rb +1 -1
data/lib/chef/resource/windows_pagefile.rb +103 -64
data/lib/chef/resource/windows_path.rb +2 -2
data/lib/chef/resource/windows_printer.rb +80 -61
data/lib/chef/resource/windows_printer_port.rb +48 -65
data/lib/chef/resource/windows_security_policy.rb +2 -2
data/lib/chef/resource/windows_share.rb +2 -2
data/lib/chef/resource/windows_shortcut.rb +1 -1
data/lib/chef/resource/windows_task.rb +1 -1
data/lib/chef/resource/windows_uac.rb +3 -5
data/lib/chef/resource/windows_update_settings.rb +259 -0
data/lib/chef/resource/windows_user_privilege.rb +2 -2
data/lib/chef/resource/windows_workgroup.rb +2 -2
data/lib/chef/resource/yum_package.rb +11 -15
data/lib/chef/resource/zypper_package.rb +4 -4
data/lib/chef/resource/zypper_repository.rb +28 -8
data/lib/chef/resource.rb +13 -17
data/lib/chef/resource_inspector.rb +6 -2
data/lib/chef/resource_reporter.rb +0 -1
data/lib/chef/resources.rb +12 -1
data/lib/chef/secret_fetcher/aws_secrets_manager.rb +65 -0
data/lib/chef/secret_fetcher/azure_key_vault.rb +78 -0
data/lib/chef/secret_fetcher/base.rb +76 -0
data/lib/chef/secret_fetcher/example.rb +46 -0
data/lib/chef/secret_fetcher.rb +55 -0
data/lib/chef/version.rb +1 -1
data/spec/functional/mixin/from_file_spec.rb +1 -1
data/spec/functional/resource/windows_hostname_spec.rb +91 -0
data/spec/functional/resource/windows_pagefile_spec.rb +98 -0
data/spec/integration/compliance/compliance_spec.rb +1 -0
data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
data/spec/integration/recipes/resource_action_spec.rb +6 -6
data/spec/support/shared/unit/provider/file.rb +2 -8
data/spec/unit/compliance/runner_spec.rb +46 -2
data/spec/unit/cookbook_version_spec.rb +52 -0
data/spec/unit/data_collector_spec.rb +47 -1
data/spec/unit/dsl/render_helpers_spec.rb +102 -0
data/spec/unit/dsl/secret_spec.rb +71 -0
data/spec/unit/formatters/doc_spec.rb +1 -1
data/spec/unit/handler_spec.rb +8 -2
data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
data/spec/unit/provider/apt_update_spec.rb +3 -1
data/spec/unit/provider/mount/aix_spec.rb +1 -1
data/spec/unit/provider/package/powershell_spec.rb +74 -12
data/spec/unit/provider/zypper_repository_spec.rb +3 -10
data/spec/unit/provider_spec.rb +23 -0
data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
data/spec/unit/resource/systemd_unit_spec.rb +1 -1
data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
data/spec/unit/resource/windows_defender_spec.rb +71 -0
data/spec/unit/resource/windows_firewall_rule_spec.rb +12 -7
data/spec/unit/resource/windows_pagefile_spec.rb +4 -9
data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
data/spec/unit/resource/zypper_repository_spec.rb +1 -1
data/spec/unit/resource_spec.rb +19 -8
data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +70 -0
data/spec/unit/secret_fetcher_spec.rb +82 -0
metadata +55 -7

data/spec/unit/resource/zypper_repository_spec.rb CHANGED Viewed

@@ -85,7 +85,7 @@ describe Chef::Resource::ZypperRepository do
   it "accepts the legacy 'key' property" do
     resource.key "foo"
-    expect(resource.gpgkey).to eql("foo")
+    expect(resource.gpgkey).to eql(["foo"])
   end
   it "accepts the legacy 'uri' property" do

data/spec/unit/resource_spec.rb CHANGED Viewed

@@ -1172,21 +1172,23 @@ describe Chef::Resource do
       action :base_action3, description: "unmodified base action 3 desc" do; end
     end
+    let(:resource_inst) { TestResource.new("TestResource", nil) }
     it "returns nil when no description was provided for the action" do
-      expect(TestResource.action_description(:base_action0)).to eql(nil)
+      expect(resource_inst.action_description(:base_action0)).to eql(nil)
     end
     context "when action definition is a string" do
       it "returns the description whether a symbol or string is used to look it up" do
-        expect(TestResource.action_description("string_action")).to eql("a string test")
-        expect(TestResource.action_description(:string_action)).to eql("a string test")
+        expect(resource_inst.action_description("string_action")).to eql("a string test")
+        expect(resource_inst.action_description(:string_action)).to eql("a string test")
       end
     end
     context "when action definition is a symbol" do
       it "returns the description whether a symbol or string is used to look up" do
-        expect(TestResource.action_description("symbol_action")).to eql("a symbol test")
-        expect(TestResource.action_description(:symbol_action)).to eql("a symbol test")
+        expect(resource_inst.action_description("symbol_action")).to eql("a symbol test")
+        expect(resource_inst.action_description(:symbol_action)).to eql("a symbol test")
       end
     end
@@ -1196,14 +1198,23 @@ describe Chef::Resource do
         action :base_action3 do; end
       end
+      class TestResourceChild2 < TestResource
+        # We should never see this description
+        action :base_action2, description: "if you see this in an error, TestResourceChild was polluted with this description" do; end
+      end
+      let(:resource_inst) { TestResourceChild.new("TestResource", nil) }
       it "returns original description when a described action is not overridden in child resource" do
-        expect(TestResourceChild.action_description(:base_action1)).to eq "unmodified base action 1 desc"
+        expect(resource_inst.action_description(:base_action1)).to eq "unmodified base action 1 desc"
       end
       it "returns original description when the child resource overrides an inherited action but NOT its description" do
-        expect(TestResourceChild.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+        expect(resource_inst.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+      end
+      it "returns new description when the child resource overrides an inherited action and its description" do
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
       it "returns new description when the child resource overrides an inherited action and its description" do
-        expect(TestResourceChild.action_description(:base_action2)).to eq "modified base action 2 desc"
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
     end
   end

data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb ADDED Viewed

@@ -0,0 +1,70 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+require_relative "../../spec_helper"
+require "chef/secret_fetcher/aws_secrets_manager"
+describe Chef::SecretFetcher::AWSSecretsManager do
+  let(:node) { {} }
+  let(:aws_global_config) { {} }
+  let(:fetcher_config) { {} }
+  let(:run_context) { double("run_context", node: node) }
+  let(:fetcher) {
+    Chef::SecretFetcher::AWSSecretsManager.new( fetcher_config, run_context )
+  }
+  before do
+    allow(Aws).to receive(:config).and_return(aws_global_config)
+  end
+  context "when region is provided" do
+    let(:fetcher_config) { { region: "region-from-caller" } }
+    it "uses the provided region" do
+      fetcher.validate!
+      expect(fetcher.config[:region]).to eq "region-from-caller"
+    end
+  end
+  context "when region is not provided" do
+    context "and no region exists in AWS config or node attributes" do
+      it "raises a ConfigurationInvalid error" do
+        expect { fetcher.validate! }.to raise_error Chef::Exceptions::Secret::ConfigurationInvalid
+      end
+    end
+    context "and region exists in AWS config and node attributes" do
+      let(:aws_global_config)  { { region: "region-from-aws-global-config" } }
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-aws-global-config"
+      end
+    end
+    context "and region exists only in node attributes" do
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-ohai-data"
+      end
+    end
+  end
+end

data/spec/unit/secret_fetcher/azure_key_vault_spec.rb ADDED Viewed

@@ -0,0 +1,70 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative "../../spec_helper"
+require "chef/secret_fetcher"
+require "chef/secret_fetcher/azure_key_vault"
+describe Chef::SecretFetcher::AzureKeyVault do
+  let(:config) { { vault: "my_vault" } }
+  let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config, nil) }
+  context "when performing a fetch" do
+    let(:body) { '{ "value" : "my secret value" }' }
+    let(:response_mock) { double("response", body: body) }
+    let(:http_mock) { double("http", :get => response_mock, :use_ssl= => nil) }
+    before do
+      allow(fetcher).to receive(:fetch_token).and_return "a token"
+      allow(Net::HTTP).to receive(:new).and_return(http_mock)
+    end
+    context "and vault name is only provided in the secret name" do
+      let(:body) { '{ "value" : "my secret value" }' }
+      let(:config) { {} }
+      it "fetches the value" do
+        expect(fetcher.fetch("my_vault/value")).to eq "my secret value"
+      end
+    end
+    context "and vault name is not provided in the secret name" do
+      context "and vault name is not provided in config" do
+        let(:config) { {} }
+        it "raises a ConfigurationInvalid exception" do
+          expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
+        end
+      end
+      context "and vault name is provided in config" do
+        let(:config) { { vault: "my_vault" } }
+        it "fetches the value" do
+          expect(fetcher.fetch("value")).to eq "my secret value"
+        end
+      end
+    end
+    context "and an error response is received in the body" do
+      let(:config) { { vault: "my_vault" } }
+      let(:body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
+      it "raises FetchFailed" do
+        expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
+      end
+    end
+  end
+end

data/spec/unit/secret_fetcher_spec.rb ADDED Viewed

@@ -0,0 +1,82 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require "chef/secret_fetcher"
+require "chef/secret_fetcher/example"
+class SecretFetcherImpl < Chef::SecretFetcher::Base
+  def do_fetch(name, version)
+    name
+  end
+  def validate!; end
+end
+describe Chef::SecretFetcher do
+  let(:fetcher_impl) { SecretFetcherImpl.new({}, nil) }
+  before do
+    allow(Chef::SecretFetcher::Example).to receive(:new).and_return fetcher_impl
+  end
+  context ".for_service" do
+    it "resolves the example fetcher without error" do
+      Chef::SecretFetcher.for_service(:example, {}, nil)
+    end
+    it "resolves the Azure Key Vault fetcher without error" do
+      Chef::SecretFetcher.for_service(:azure_key_vault, { vault: "invalid" }, nil)
+    end
+    it "resolves the AWS fetcher without error" do
+      Chef::SecretFetcher.for_service(:aws_secrets_manager, { region: "invalid" }, nil)
+    end
+    it "raises Chef::Exceptions::Secret::MissingFetcher when service is blank" do
+      expect { Chef::SecretFetcher.for_service(nil, {}, nil) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
+    end
+    it "raises Chef::Exceptions::Secret::MissingFetcher when service is nil" do
+      expect { Chef::SecretFetcher.for_service("", {}, nil) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
+    end
+    it "raises Chef::Exceptions::Secret::InvalidFetcher for an unknown fetcher" do
+      expect { Chef::SecretFetcher.for_service(:bad_example, {}, nil) }.to raise_error(Chef::Exceptions::Secret::InvalidFetcherService)
+    end
+    it "ensures fetcher configuration is valid by invoking validate!" do
+      expect(fetcher_impl).to receive(:validate!)
+      Chef::SecretFetcher.for_service(:example, {}, nil)
+    end
+  end
+  context "#fetch" do
+    let(:fetcher) {
+      Chef::SecretFetcher.for_service(:example, { "key1" => "value1" }, nil)
+    }
+    it "fetches from the underlying service when secret name is provided " do
+      expect(fetcher_impl).to receive(:fetch).with("key1", "v1")
+      fetcher.fetch("key1", "v1")
+    end
+    it "raises an error when the secret name is not provided" do
+      expect { fetcher.fetch(nil) }.to raise_error(Chef::Exceptions::Secret::MissingSecretName)
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 17.1.35
+  version: 17.4.38
 platform: universal-mingw32
 authors:
 - Adam Jacob
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-11 00:00:00.000000000 Z
+date: 2021-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -440,6 +440,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-secretsmanager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.46'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.46'
 - !ruby/object:Gem::Dependency
   name: win32-api
   requirement: !ruby/object:Gem::Requirement
@@ -1407,7 +1421,10 @@ files:
 - lib/chef/dsl/reboot_pending.rb
 - lib/chef/dsl/recipe.rb
 - lib/chef/dsl/registry_helper.rb
+- lib/chef/dsl/render_helpers.rb
 - lib/chef/dsl/resources.rb
+- lib/chef/dsl/secret.rb
+- lib/chef/dsl/toml.rb
 - lib/chef/dsl/universal.rb
 - lib/chef/encrypted_data_bag_item.rb
 - lib/chef/encrypted_data_bag_item/assertions.rb
@@ -1460,6 +1477,7 @@ files:
 - lib/chef/handler.rb
 - lib/chef/handler/error_report.rb
 - lib/chef/handler/json_file.rb
+- lib/chef/handler/slow_report.rb
 - lib/chef/http.rb
 - lib/chef/http/api_versions.rb
 - lib/chef/http/auth_credentials.rb
@@ -1612,6 +1630,7 @@ files:
 - lib/chef/provider/package/freebsd/base.rb
 - lib/chef/provider/package/freebsd/pkgng.rb
 - lib/chef/provider/package/freebsd/port.rb
+- lib/chef/provider/package/habitat.rb
 - lib/chef/provider/package/homebrew.rb
 - lib/chef/provider/package/ips.rb
 - lib/chef/provider/package/macports.rb
@@ -1745,6 +1764,15 @@ files:
 - lib/chef/resource/freebsd_package.rb
 - lib/chef/resource/gem_package.rb
 - lib/chef/resource/group.rb
+- lib/chef/resource/habitat/_habitat_shared.rb
+- lib/chef/resource/habitat/habitat_package.rb
+- lib/chef/resource/habitat/habitat_sup.rb
+- lib/chef/resource/habitat/habitat_sup_systemd.rb
+- lib/chef/resource/habitat/habitat_sup_windows.rb
+- lib/chef/resource/habitat_config.rb
+- lib/chef/resource/habitat_install.rb
+- lib/chef/resource/habitat_service.rb
+- lib/chef/resource/habitat_user_toml.rb
 - lib/chef/resource/helpers/cron_validations.rb
 - lib/chef/resource/homebrew_cask.rb
 - lib/chef/resource/homebrew_package.rb
@@ -1815,11 +1843,13 @@ files:
 - lib/chef/resource/solaris_package.rb
 - lib/chef/resource/ssh_known_hosts_entry.rb
 - lib/chef/resource/sudo.rb
+- lib/chef/resource/support/HabService.dll.config.erb
 - lib/chef/resource/support/client.erb
 - lib/chef/resource/support/cron.d.erb
 - lib/chef/resource/support/cron_access.erb
 - lib/chef/resource/support/ssh_known_hosts.erb
 - lib/chef/resource/support/sudoer.erb
+- lib/chef/resource/support/sup.toml.erb
 - lib/chef/resource/support/ulimit.erb
 - lib/chef/resource/swap_file.rb
 - lib/chef/resource/sysctl.rb
@@ -1839,6 +1869,8 @@ files:
 - lib/chef/resource/windows_audit_policy.rb
 - lib/chef/resource/windows_auto_run.rb
 - lib/chef/resource/windows_certificate.rb
+- lib/chef/resource/windows_defender.rb
+- lib/chef/resource/windows_defender_exclusion.rb
 - lib/chef/resource/windows_dfs_folder.rb
 - lib/chef/resource/windows_dfs_namespace.rb
 - lib/chef/resource/windows_dfs_server.rb
@@ -1863,6 +1895,7 @@ files:
 - lib/chef/resource/windows_shortcut.rb
 - lib/chef/resource/windows_task.rb
 - lib/chef/resource/windows_uac.rb
+- lib/chef/resource/windows_update_settings.rb
 - lib/chef/resource/windows_user_privilege.rb
 - lib/chef/resource/windows_workgroup.rb
 - lib/chef/resource/yum_package.rb
@@ -1894,6 +1927,11 @@ files:
 - lib/chef/sandbox.rb
 - lib/chef/scan_access_control.rb
 - lib/chef/search/query.rb
+- lib/chef/secret_fetcher.rb
+- lib/chef/secret_fetcher/aws_secrets_manager.rb
+- lib/chef/secret_fetcher/azure_key_vault.rb
+- lib/chef/secret_fetcher/base.rb
+- lib/chef/secret_fetcher/example.rb
 - lib/chef/server_api.rb
 - lib/chef/server_api_versions.rb
 - lib/chef/shell.rb
@@ -2444,7 +2482,9 @@ files:
 - spec/functional/resource/windows_env_spec.rb
 - spec/functional/resource/windows_firewall_rule_spec.rb
 - spec/functional/resource/windows_font_spec.rb
+- spec/functional/resource/windows_hostname_spec.rb
 - spec/functional/resource/windows_package_spec.rb
+- spec/functional/resource/windows_pagefile_spec.rb
 - spec/functional/resource/windows_path_spec.rb
 - spec/functional/resource/windows_security_policy_spec.rb
 - spec/functional/resource/windows_share_spec.rb
@@ -2606,7 +2646,9 @@ files:
 - spec/unit/dsl/reboot_pending_spec.rb
 - spec/unit/dsl/recipe_spec.rb
 - spec/unit/dsl/registry_helper_spec.rb
+- spec/unit/dsl/render_helpers_spec.rb
 - spec/unit/dsl/resources_spec.rb
+- spec/unit/dsl/secret_spec.rb
 - spec/unit/encrypted_data_bag_item/check_encrypted_spec.rb
 - spec/unit/encrypted_data_bag_item_spec.rb
 - spec/unit/environment_spec.rb
@@ -2943,6 +2985,8 @@ files:
 - spec/unit/resource/windows_audit_policy_spec.rb
 - spec/unit/resource/windows_auto_run_spec.rb
 - spec/unit/resource/windows_certificate_spec.rb
+- spec/unit/resource/windows_defender_exclusion_spec.rb
+- spec/unit/resource/windows_defender_spec.rb
 - spec/unit/resource/windows_dfs_folder_spec.rb
 - spec/unit/resource/windows_dfs_namespace_spec.rb
 - spec/unit/resource/windows_dfs_server_spec.rb
@@ -2965,6 +3009,7 @@ files:
 - spec/unit/resource/windows_shortcut_spec.rb
 - spec/unit/resource/windows_task_spec.rb
 - spec/unit/resource/windows_uac_spec.rb
+- spec/unit/resource/windows_update_settings_spec.rb
 - spec/unit/resource/windows_user_privilege_spec.rb
 - spec/unit/resource/windows_workgroup_spec.rb
 - spec/unit/resource/yum_package_spec.rb
@@ -2994,6 +3039,9 @@ files:
 - spec/unit/runner_spec.rb
 - spec/unit/scan_access_control_spec.rb
 - spec/unit/search/query_spec.rb
+- spec/unit/secret_fetcher/aws_secrets_manager_spec.rb
+- spec/unit/secret_fetcher/azure_key_vault_spec.rb
+- spec/unit/secret_fetcher_spec.rb
 - spec/unit/server_api_spec.rb
 - spec/unit/server_api_versions_spec.rb
 - spec/unit/shell/model_wrapper_spec.rb
@@ -3050,7 +3098,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.22
 signing_key:
 specification_version: 4
 summary: A systems integration framework, built to bring the benefits of configuration