RubyGems - chef - Versions diffs - 17.1.35-universal-mingw32 → 17.4.38-universal-mingw32 - Mend

chef 17.1.35-universal-mingw32 → 17.4.38-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (198) hide show

checksums.yaml +4 -4
data/Gemfile +6 -4
data/chef.gemspec +1 -0
data/lib/chef/action_collection.rb +6 -26
data/lib/chef/application/base.rb +15 -0
data/lib/chef/application.rb +4 -2
data/lib/chef/client.rb +7 -1
data/lib/chef/compliance/default_attributes.rb +5 -3
data/lib/chef/compliance/reporter/automate.rb +1 -1
data/lib/chef/compliance/runner.rb +16 -2
data/lib/chef/cookbook_version.rb +26 -4
data/lib/chef/data_collector/run_end_message.rb +1 -1
data/lib/chef/data_collector.rb +0 -1
data/lib/chef/deprecated.rb +14 -4
data/lib/chef/dsl/render_helpers.rb +44 -0
data/lib/chef/dsl/secret.rb +64 -0
data/lib/chef/dsl/toml.rb +116 -0
data/lib/chef/dsl/universal.rb +5 -0
data/lib/chef/dsl.rb +1 -0
data/lib/chef/event_dispatch/base.rb +2 -1
data/lib/chef/exceptions.rb +23 -0
data/lib/chef/formatters/doc.rb +14 -13
data/lib/chef/formatters/error_mapper.rb +2 -2
data/lib/chef/formatters/minimal.rb +6 -5
data/lib/chef/handler/slow_report.rb +66 -0
data/lib/chef/handler.rb +46 -8
data/lib/chef/http.rb +5 -5
data/lib/chef/json_compat.rb +1 -1
data/lib/chef/node.rb +20 -19
data/lib/chef/policy_builder/policyfile.rb +88 -45
data/lib/chef/provider/execute.rb +1 -1
data/lib/chef/provider/file.rb +2 -2
data/lib/chef/provider/group/dscl.rb +1 -1
data/lib/chef/provider/launchd.rb +6 -6
data/lib/chef/provider/lwrp_base.rb +1 -1
data/lib/chef/provider/package/habitat.rb +168 -0
data/lib/chef/provider/package/powershell.rb +5 -0
data/lib/chef/provider/subversion.rb +4 -4
data/lib/chef/provider/support/yum_repo.erb +1 -1
data/lib/chef/provider/support/zypper_repo.erb +4 -2
data/lib/chef/provider/systemd_unit.rb +17 -16
data/lib/chef/provider/user/mac.rb +3 -3
data/lib/chef/provider/yum_repository.rb +27 -43
data/lib/chef/provider/zypper_repository.rb +30 -34
data/lib/chef/provider.rb +26 -1
data/lib/chef/provider_resolver.rb +8 -2
data/lib/chef/providers.rb +1 -0
data/lib/chef/resource/alternatives.rb +5 -5
data/lib/chef/resource/apt_preference.rb +2 -2
data/lib/chef/resource/apt_repository.rb +2 -2
data/lib/chef/resource/apt_update.rb +4 -4
data/lib/chef/resource/build_essential.rb +1 -1
data/lib/chef/resource/chef_client_config.rb +10 -5
data/lib/chef/resource/chef_client_cron.rb +3 -3
data/lib/chef/resource/chef_client_launchd.rb +3 -3
data/lib/chef/resource/chef_client_scheduled_task.rb +15 -15
data/lib/chef/resource/chef_client_systemd_timer.rb +3 -3
data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
data/lib/chef/resource/chef_handler.rb +2 -2
data/lib/chef/resource/chef_sleep.rb +1 -1
data/lib/chef/resource/chef_vault_secret.rb +2 -2
data/lib/chef/resource/chocolatey_feature.rb +2 -2
data/lib/chef/resource/chocolatey_source.rb +1 -1
data/lib/chef/resource/cron/cron_d.rb +4 -6
data/lib/chef/resource/cron_access.rb +1 -1
data/lib/chef/resource/dmg_package.rb +1 -1
data/lib/chef/resource/dsc_resource.rb +1 -1
data/lib/chef/resource/execute.rb +5 -5
data/lib/chef/resource/gem_package.rb +2 -1
data/lib/chef/resource/group.rb +4 -4
data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
data/lib/chef/resource/habitat/habitat_package.rb +129 -0
data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
data/lib/chef/resource/habitat_config.rb +107 -0
data/lib/chef/resource/habitat_install.rb +247 -0
data/lib/chef/resource/habitat_service.rb +451 -0
data/lib/chef/resource/habitat_user_toml.rb +92 -0
data/lib/chef/resource/homebrew_cask.rb +18 -7
data/lib/chef/resource/homebrew_package.rb +1 -1
data/lib/chef/resource/homebrew_tap.rb +4 -3
data/lib/chef/resource/homebrew_update.rb +2 -2
data/lib/chef/resource/hostname.rb +49 -7
data/lib/chef/resource/inspec_waiver_file_entry.rb +8 -7
data/lib/chef/resource/kernel_module.rb +6 -6
data/lib/chef/resource/launchd.rb +3 -3
data/lib/chef/resource/locale.rb +1 -1
data/lib/chef/resource/lwrp_base.rb +1 -1
data/lib/chef/resource/macos_userdefaults.rb +2 -2
data/lib/chef/resource/ohai_hint.rb +2 -6
data/lib/chef/resource/openbsd_package.rb +17 -0
data/lib/chef/resource/openssl_dhparam.rb +1 -2
data/lib/chef/resource/openssl_ec_private_key.rb +1 -3
data/lib/chef/resource/openssl_ec_public_key.rb +1 -3
data/lib/chef/resource/openssl_rsa_private_key.rb +1 -3
data/lib/chef/resource/openssl_rsa_public_key.rb +1 -3
data/lib/chef/resource/openssl_x509_certificate.rb +1 -4
data/lib/chef/resource/openssl_x509_crl.rb +1 -3
data/lib/chef/resource/openssl_x509_request.rb +1 -3
data/lib/chef/resource/osx_profile.rb +3 -3
data/lib/chef/resource/plist.rb +1 -1
data/lib/chef/resource/powershell_package_source.rb +2 -4
data/lib/chef/resource/reboot.rb +38 -9
data/lib/chef/resource/remote_directory.rb +2 -2
data/lib/chef/resource/remote_file.rb +1 -1
data/lib/chef/resource/rhsm_errata.rb +0 -2
data/lib/chef/resource/rhsm_errata_level.rb +1 -5
data/lib/chef/resource/rhsm_repo.rb +15 -0
data/lib/chef/resource/rhsm_subscription.rb +5 -5
data/lib/chef/resource/ruby_block.rb +100 -0
data/lib/chef/resource/scm/subversion.rb +1 -1
data/lib/chef/resource/ssh_known_hosts_entry.rb +4 -7
data/lib/chef/resource/sudo.rb +2 -6
data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
data/lib/chef/resource/support/client.erb +8 -1
data/lib/chef/resource/support/sup.toml.erb +179 -0
data/lib/chef/resource/swap_file.rb +2 -6
data/lib/chef/resource/sysctl.rb +2 -2
data/lib/chef/resource/systemd_unit.rb +3 -3
data/lib/chef/resource/timezone.rb +1 -1
data/lib/chef/resource/user_ulimit.rb +2 -2
data/lib/chef/resource/windows_ad_join.rb +2 -2
data/lib/chef/resource/windows_audit_policy.rb +2 -2
data/lib/chef/resource/windows_auto_run.rb +2 -2
data/lib/chef/resource/windows_certificate.rb +1 -1
data/lib/chef/resource/windows_defender.rb +163 -0
data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
data/lib/chef/resource/windows_dfs_folder.rb +2 -2
data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
data/lib/chef/resource/windows_dns_record.rb +2 -2
data/lib/chef/resource/windows_dns_zone.rb +2 -2
data/lib/chef/resource/windows_feature.rb +3 -3
data/lib/chef/resource/windows_feature_dism.rb +3 -5
data/lib/chef/resource/windows_feature_powershell.rb +3 -3
data/lib/chef/resource/windows_firewall_profile.rb +2 -2
data/lib/chef/resource/windows_firewall_rule.rb +20 -6
data/lib/chef/resource/windows_font.rb +1 -1
data/lib/chef/resource/windows_pagefile.rb +103 -64
data/lib/chef/resource/windows_path.rb +2 -2
data/lib/chef/resource/windows_printer.rb +80 -61
data/lib/chef/resource/windows_printer_port.rb +48 -65
data/lib/chef/resource/windows_security_policy.rb +2 -2
data/lib/chef/resource/windows_share.rb +2 -2
data/lib/chef/resource/windows_shortcut.rb +1 -1
data/lib/chef/resource/windows_task.rb +1 -1
data/lib/chef/resource/windows_uac.rb +3 -5
data/lib/chef/resource/windows_update_settings.rb +259 -0
data/lib/chef/resource/windows_user_privilege.rb +2 -2
data/lib/chef/resource/windows_workgroup.rb +2 -2
data/lib/chef/resource/yum_package.rb +11 -15
data/lib/chef/resource/zypper_package.rb +4 -4
data/lib/chef/resource/zypper_repository.rb +28 -8
data/lib/chef/resource.rb +13 -17
data/lib/chef/resource_inspector.rb +6 -2
data/lib/chef/resource_reporter.rb +0 -1
data/lib/chef/resources.rb +12 -1
data/lib/chef/secret_fetcher/aws_secrets_manager.rb +65 -0
data/lib/chef/secret_fetcher/azure_key_vault.rb +78 -0
data/lib/chef/secret_fetcher/base.rb +76 -0
data/lib/chef/secret_fetcher/example.rb +46 -0
data/lib/chef/secret_fetcher.rb +55 -0
data/lib/chef/version.rb +1 -1
data/spec/functional/mixin/from_file_spec.rb +1 -1
data/spec/functional/resource/windows_hostname_spec.rb +91 -0
data/spec/functional/resource/windows_pagefile_spec.rb +98 -0
data/spec/integration/compliance/compliance_spec.rb +1 -0
data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
data/spec/integration/recipes/resource_action_spec.rb +6 -6
data/spec/support/shared/unit/provider/file.rb +2 -8
data/spec/unit/compliance/runner_spec.rb +46 -2
data/spec/unit/cookbook_version_spec.rb +52 -0
data/spec/unit/data_collector_spec.rb +47 -1
data/spec/unit/dsl/render_helpers_spec.rb +102 -0
data/spec/unit/dsl/secret_spec.rb +71 -0
data/spec/unit/formatters/doc_spec.rb +1 -1
data/spec/unit/handler_spec.rb +8 -2
data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
data/spec/unit/provider/apt_update_spec.rb +3 -1
data/spec/unit/provider/mount/aix_spec.rb +1 -1
data/spec/unit/provider/package/powershell_spec.rb +74 -12
data/spec/unit/provider/zypper_repository_spec.rb +3 -10
data/spec/unit/provider_spec.rb +23 -0
data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
data/spec/unit/resource/systemd_unit_spec.rb +1 -1
data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
data/spec/unit/resource/windows_defender_spec.rb +71 -0
data/spec/unit/resource/windows_firewall_rule_spec.rb +12 -7
data/spec/unit/resource/windows_pagefile_spec.rb +4 -9
data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
data/spec/unit/resource/zypper_repository_spec.rb +1 -1
data/spec/unit/resource_spec.rb +19 -8
data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +70 -0
data/spec/unit/secret_fetcher_spec.rb +82 -0
metadata +55 -7

data/spec/unit/resource/zypper_repository_spec.rb CHANGED Viewed

@@ -85,7 +85,7 @@ describe Chef::Resource::ZypperRepository do
   it "accepts the legacy 'key' property" do
     resource.key "foo"
-    expect(resource.gpgkey).to eql("foo")
+    expect(resource.gpgkey).to eql(["foo"])
   end
   it "accepts the legacy 'uri' property" do

data/spec/unit/resource_spec.rb CHANGED Viewed

@@ -1172,21 +1172,23 @@ describe Chef::Resource do
       action :base_action3, description: "unmodified base action 3 desc" do; end
     end
+    let(:resource_inst) { TestResource.new("TestResource", nil) }
     it "returns nil when no description was provided for the action" do
-      expect(TestResource.action_description(:base_action0)).to eql(nil)
+      expect(resource_inst.action_description(:base_action0)).to eql(nil)
     end
     context "when action definition is a string" do
       it "returns the description whether a symbol or string is used to look it up" do
-        expect(TestResource.action_description("string_action")).to eql("a string test")
-        expect(TestResource.action_description(:string_action)).to eql("a string test")
+        expect(resource_inst.action_description("string_action")).to eql("a string test")
+        expect(resource_inst.action_description(:string_action)).to eql("a string test")
       end
     end
     context "when action definition is a symbol" do
       it "returns the description whether a symbol or string is used to look up" do
-        expect(TestResource.action_description("symbol_action")).to eql("a symbol test")
-        expect(TestResource.action_description(:symbol_action)).to eql("a symbol test")
+        expect(resource_inst.action_description("symbol_action")).to eql("a symbol test")
+        expect(resource_inst.action_description(:symbol_action)).to eql("a symbol test")
       end
     end
@@ -1196,14 +1198,23 @@ describe Chef::Resource do
         action :base_action3 do; end
       end
+      class TestResourceChild2 < TestResource
+        # We should never see this description
+        action :base_action2, description: "if you see this in an error, TestResourceChild was polluted with this description" do; end
+      end
+      let(:resource_inst) { TestResourceChild.new("TestResource", nil) }
       it "returns original description when a described action is not overridden in child resource" do
-        expect(TestResourceChild.action_description(:base_action1)).to eq "unmodified base action 1 desc"
+        expect(resource_inst.action_description(:base_action1)).to eq "unmodified base action 1 desc"
       end
       it "returns original description when the child resource overrides an inherited action but NOT its description" do
-        expect(TestResourceChild.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+        expect(resource_inst.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+      end
+      it "returns new description when the child resource overrides an inherited action and its description" do
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
       it "returns new description when the child resource overrides an inherited action and its description" do
-        expect(TestResourceChild.action_description(:base_action2)).to eq "modified base action 2 desc"
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
     end
   end

data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb ADDED Viewed

@@ -0,0 +1,70 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+require_relative "../../spec_helper"
+require "chef/secret_fetcher/aws_secrets_manager"
+describe Chef::SecretFetcher::AWSSecretsManager do
+  let(:node) { {} }
+  let(:aws_global_config) { {} }
+  let(:fetcher_config) { {} }
+  let(:run_context) { double("run_context", node: node) }
+  let(:fetcher) {
+    Chef::SecretFetcher::AWSSecretsManager.new( fetcher_config, run_context )
+  }
+  before do
+    allow(Aws).to receive(:config).and_return(aws_global_config)
+  end
+  context "when region is provided" do
+    let(:fetcher_config) { { region: "region-from-caller" } }
+    it "uses the provided region" do
+      fetcher.validate!
+      expect(fetcher.config[:region]).to eq "region-from-caller"
+    end
+  end
+  context "when region is not provided" do
+    context "and no region exists in AWS config or node attributes" do
+      it "raises a ConfigurationInvalid error" do
+        expect { fetcher.validate! }.to raise_error Chef::Exceptions::Secret::ConfigurationInvalid
+      end
+    end
+    context "and region exists in AWS config and node attributes" do
+      let(:aws_global_config)  { { region: "region-from-aws-global-config" } }
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-aws-global-config"
+      end
+    end
+    context "and region exists only in node attributes" do
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-ohai-data"
+      end
+    end
+  end
+end

data/spec/unit/secret_fetcher/azure_key_vault_spec.rb ADDED Viewed

@@ -0,0 +1,70 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative "../../spec_helper"
+require "chef/secret_fetcher"
+require "chef/secret_fetcher/azure_key_vault"
+describe Chef::SecretFetcher::AzureKeyVault do
+  let(:config) { { vault: "my_vault" } }
+  let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config, nil) }
+  context "when performing a fetch" do
+    let(:body) { '{ "value" : "my secret value" }' }
+    let(:response_mock) { double("response", body: body) }
+    let(:http_mock) { double("http", :get => response_mock, :use_ssl= => nil) }
+    before do
+      allow(fetcher).to receive(:fetch_token).and_return "a token"
+      allow(Net::HTTP).to receive(:new).and_return(http_mock)
+    end
+    context "and vault name is only provided in the secret name" do
+      let(:body) { '{ "value" : "my secret value" }' }
+      let(:config) { {} }
+      it "fetches the value" do
+        expect(fetcher.fetch("my_vault/value")).to eq "my secret value"
+      end
+    end
+    context "and vault name is not provided in the secret name" do
+      context "and vault name is not provided in config" do
+        let(:config) { {} }
+        it "raises a ConfigurationInvalid exception" do
+          expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
+        end
+      end
+      context "and vault name is provided in config" do
+        let(:config) { { vault: "my_vault" } }
+        it "fetches the value" do
+          expect(fetcher.fetch("value")).to eq "my secret value"
+        end
+      end
+    end
+    context "and an error response is received in the body" do
+      let(:config) { { vault: "my_vault" } }
+      let(:body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
+      it "raises FetchFailed" do
+        expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
+      end
+    end
+  end
+end

data/spec/unit/secret_fetcher_spec.rb ADDED Viewed

@@ -0,0 +1,82 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require "chef/secret_fetcher"
+require "chef/secret_fetcher/example"
+class SecretFetcherImpl < Chef::SecretFetcher::Base
+  def do_fetch(name, version)
+    name
+  end
+  def validate!; end
+end
+describe Chef::SecretFetcher do
+  let(:fetcher_impl) { SecretFetcherImpl.new({}, nil) }
+  before do
+    allow(Chef::SecretFetcher::Example).to receive(:new).and_return fetcher_impl
+  end
+  context ".for_service" do
+    it "resolves the example fetcher without error" do
+      Chef::SecretFetcher.for_service(:example, {}, nil)
+    end
+    it "resolves the Azure Key Vault fetcher without error" do
+      Chef::SecretFetcher.for_service(:azure_key_vault, { vault: "invalid" }, nil)
+    end
+    it "resolves the AWS fetcher without error" do
+      Chef::SecretFetcher.for_service(:aws_secrets_manager, { region: "invalid" }, nil)
+    end
+    it "raises Chef::Exceptions::Secret::MissingFetcher when service is blank" do
+      expect { Chef::SecretFetcher.for_service(nil, {}, nil) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
+    end
+    it "raises Chef::Exceptions::Secret::MissingFetcher when service is nil" do
+      expect { Chef::SecretFetcher.for_service("", {}, nil) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
+    end
+    it "raises Chef::Exceptions::Secret::InvalidFetcher for an unknown fetcher" do
+      expect { Chef::SecretFetcher.for_service(:bad_example, {}, nil) }.to raise_error(Chef::Exceptions::Secret::InvalidFetcherService)
+    end
+    it "ensures fetcher configuration is valid by invoking validate!" do
+      expect(fetcher_impl).to receive(:validate!)
+      Chef::SecretFetcher.for_service(:example, {}, nil)
+    end
+  end
+  context "#fetch" do
+    let(:fetcher) {
+      Chef::SecretFetcher.for_service(:example, { "key1" => "value1" }, nil)
+    }
+    it "fetches from the underlying service when secret name is provided " do
+      expect(fetcher_impl).to receive(:fetch).with("key1", "v1")
+      fetcher.fetch("key1", "v1")
+    end
+    it "raises an error when the secret name is not provided" do
+      expect { fetcher.fetch(nil) }.to raise_error(Chef::Exceptions::Secret::MissingSecretName)
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 17.1.35
+  version: 17.4.38
 platform: universal-mingw32
 authors:
 - Adam Jacob
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-11 00:00:00.000000000 Z
+date: 2021-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.1.35
+        version: 17.4.38
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -440,6 +440,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-secretsmanager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.46'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.46'
 - !ruby/object:Gem::Dependency
   name: win32-api
   requirement: !ruby/object:Gem::Requirement
@@ -1407,7 +1421,10 @@ files:
 - lib/chef/dsl/reboot_pending.rb
 - lib/chef/dsl/recipe.rb
 - lib/chef/dsl/registry_helper.rb
+- lib/chef/dsl/render_helpers.rb
 - lib/chef/dsl/resources.rb
+- lib/chef/dsl/secret.rb
+- lib/chef/dsl/toml.rb
 - lib/chef/dsl/universal.rb
 - lib/chef/encrypted_data_bag_item.rb
 - lib/chef/encrypted_data_bag_item/assertions.rb
@@ -1460,6 +1477,7 @@ files:
 - lib/chef/handler.rb
 - lib/chef/handler/error_report.rb
 - lib/chef/handler/json_file.rb
+- lib/chef/handler/slow_report.rb
 - lib/chef/http.rb
 - lib/chef/http/api_versions.rb
 - lib/chef/http/auth_credentials.rb
@@ -1612,6 +1630,7 @@ files:
 - lib/chef/provider/package/freebsd/base.rb
 - lib/chef/provider/package/freebsd/pkgng.rb
 - lib/chef/provider/package/freebsd/port.rb
+- lib/chef/provider/package/habitat.rb
 - lib/chef/provider/package/homebrew.rb
 - lib/chef/provider/package/ips.rb
 - lib/chef/provider/package/macports.rb
@@ -1745,6 +1764,15 @@ files:
 - lib/chef/resource/freebsd_package.rb
 - lib/chef/resource/gem_package.rb
 - lib/chef/resource/group.rb
+- lib/chef/resource/habitat/_habitat_shared.rb
+- lib/chef/resource/habitat/habitat_package.rb
+- lib/chef/resource/habitat/habitat_sup.rb
+- lib/chef/resource/habitat/habitat_sup_systemd.rb
+- lib/chef/resource/habitat/habitat_sup_windows.rb
+- lib/chef/resource/habitat_config.rb
+- lib/chef/resource/habitat_install.rb
+- lib/chef/resource/habitat_service.rb
+- lib/chef/resource/habitat_user_toml.rb
 - lib/chef/resource/helpers/cron_validations.rb
 - lib/chef/resource/homebrew_cask.rb
 - lib/chef/resource/homebrew_package.rb
@@ -1815,11 +1843,13 @@ files:
 - lib/chef/resource/solaris_package.rb
 - lib/chef/resource/ssh_known_hosts_entry.rb
 - lib/chef/resource/sudo.rb
+- lib/chef/resource/support/HabService.dll.config.erb
 - lib/chef/resource/support/client.erb
 - lib/chef/resource/support/cron.d.erb
 - lib/chef/resource/support/cron_access.erb
 - lib/chef/resource/support/ssh_known_hosts.erb
 - lib/chef/resource/support/sudoer.erb
+- lib/chef/resource/support/sup.toml.erb
 - lib/chef/resource/support/ulimit.erb
 - lib/chef/resource/swap_file.rb
 - lib/chef/resource/sysctl.rb
@@ -1839,6 +1869,8 @@ files:
 - lib/chef/resource/windows_audit_policy.rb
 - lib/chef/resource/windows_auto_run.rb
 - lib/chef/resource/windows_certificate.rb
+- lib/chef/resource/windows_defender.rb
+- lib/chef/resource/windows_defender_exclusion.rb
 - lib/chef/resource/windows_dfs_folder.rb
 - lib/chef/resource/windows_dfs_namespace.rb
 - lib/chef/resource/windows_dfs_server.rb
@@ -1863,6 +1895,7 @@ files:
 - lib/chef/resource/windows_shortcut.rb
 - lib/chef/resource/windows_task.rb
 - lib/chef/resource/windows_uac.rb
+- lib/chef/resource/windows_update_settings.rb
 - lib/chef/resource/windows_user_privilege.rb
 - lib/chef/resource/windows_workgroup.rb
 - lib/chef/resource/yum_package.rb
@@ -1894,6 +1927,11 @@ files:
 - lib/chef/sandbox.rb
 - lib/chef/scan_access_control.rb
 - lib/chef/search/query.rb
+- lib/chef/secret_fetcher.rb
+- lib/chef/secret_fetcher/aws_secrets_manager.rb
+- lib/chef/secret_fetcher/azure_key_vault.rb
+- lib/chef/secret_fetcher/base.rb
+- lib/chef/secret_fetcher/example.rb
 - lib/chef/server_api.rb
 - lib/chef/server_api_versions.rb
 - lib/chef/shell.rb
@@ -2444,7 +2482,9 @@ files:
 - spec/functional/resource/windows_env_spec.rb
 - spec/functional/resource/windows_firewall_rule_spec.rb
 - spec/functional/resource/windows_font_spec.rb
+- spec/functional/resource/windows_hostname_spec.rb
 - spec/functional/resource/windows_package_spec.rb
+- spec/functional/resource/windows_pagefile_spec.rb
 - spec/functional/resource/windows_path_spec.rb
 - spec/functional/resource/windows_security_policy_spec.rb
 - spec/functional/resource/windows_share_spec.rb
@@ -2606,7 +2646,9 @@ files:
 - spec/unit/dsl/reboot_pending_spec.rb
 - spec/unit/dsl/recipe_spec.rb
 - spec/unit/dsl/registry_helper_spec.rb
+- spec/unit/dsl/render_helpers_spec.rb
 - spec/unit/dsl/resources_spec.rb
+- spec/unit/dsl/secret_spec.rb
 - spec/unit/encrypted_data_bag_item/check_encrypted_spec.rb
 - spec/unit/encrypted_data_bag_item_spec.rb
 - spec/unit/environment_spec.rb
@@ -2943,6 +2985,8 @@ files:
 - spec/unit/resource/windows_audit_policy_spec.rb
 - spec/unit/resource/windows_auto_run_spec.rb
 - spec/unit/resource/windows_certificate_spec.rb
+- spec/unit/resource/windows_defender_exclusion_spec.rb
+- spec/unit/resource/windows_defender_spec.rb
 - spec/unit/resource/windows_dfs_folder_spec.rb
 - spec/unit/resource/windows_dfs_namespace_spec.rb
 - spec/unit/resource/windows_dfs_server_spec.rb
@@ -2965,6 +3009,7 @@ files:
 - spec/unit/resource/windows_shortcut_spec.rb
 - spec/unit/resource/windows_task_spec.rb
 - spec/unit/resource/windows_uac_spec.rb
+- spec/unit/resource/windows_update_settings_spec.rb
 - spec/unit/resource/windows_user_privilege_spec.rb
 - spec/unit/resource/windows_workgroup_spec.rb
 - spec/unit/resource/yum_package_spec.rb
@@ -2994,6 +3039,9 @@ files:
 - spec/unit/runner_spec.rb
 - spec/unit/scan_access_control_spec.rb
 - spec/unit/search/query_spec.rb
+- spec/unit/secret_fetcher/aws_secrets_manager_spec.rb
+- spec/unit/secret_fetcher/azure_key_vault_spec.rb
+- spec/unit/secret_fetcher_spec.rb
 - spec/unit/server_api_spec.rb
 - spec/unit/server_api_versions_spec.rb
 - spec/unit/shell/model_wrapper_spec.rb
@@ -3050,7 +3098,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.22
 signing_key:
 specification_version: 4
 summary: A systems integration framework, built to bring the benefits of configuration