chef 17.1.35 → 17.4.38

data/lib/chef/resource/homebrew_cask.rb

@@ -34,7 +34,7 @@ class Chef
 
       property :cask_name, String,
         description: "An optional property to set the cask name if it differs from the resource block's name.",
-        regex: %r{^[\w/-]+$},
+        regex: %r{^[\w/\-@]+$},
         validation_message: "The provided Homebrew cask name is not valid. Cask names can contain alphanumeric characters, _, -, or / only!",
         name_property: true
 
@@ -51,10 +51,16 @@ class Chef
 
       property :owner, [String, Integer],
         description: "The owner of the Homebrew installation.",
-        default: lazy { find_homebrew_username }
-
-      action :install, description: "Install an application packaged as a Homebrew cask" do
-        homebrew_tap "homebrew/cask" if new_resource.install_cask
+        default: lazy { find_homebrew_username },
+        default_description: "Calculated default username"\
+
+      action :install, description: "Install an application that is packaged as a Homebrew cask." do
+        if new_resource.install_cask
+          homebrew_tap "homebrew/cask" do
+            homebrew_path new_resource.homebrew_path
+            owner new_resource.owner
+          end
+        end
 
         unless casked?
           converge_by("install cask #{new_resource.cask_name} #{new_resource.options}") do
@@ -66,8 +72,13 @@ class Chef
         end
       end
 
-      action :remove, description: "Remove an application packaged as a Homebrew cask" do
-        homebrew_tap "homebrew/cask" if new_resource.install_cask
+      action :remove, description: "Remove an application that is packaged as a Homebrew cask." do
+        if new_resource.install_cask
+          homebrew_tap "homebrew/cask" do
+            homebrew_path new_resource.homebrew_path
+            owner new_resource.owner
+          end
+        end
 
         if casked?
           converge_by("uninstall cask #{new_resource.cask_name}") do

data/lib/chef/resource/homebrew_package.rb

@@ -62,7 +62,7 @@ class Chef
       DOC
 
       property :homebrew_user, [ String, Integer ],
-        description: "The name or uid of the Homebrew owner to be used by #{ChefUtils::Dist::Infra::PRODUCT} when executing a command."
+        description: "The name or uid of the Homebrew owner to be used by #{ChefUtils::Dist::Infra::PRODUCT} when executing a command.\n\n#{ChefUtils::Dist::Infra::PRODUCT}, by default, will attempt to execute a Homebrew command as the owner of the `/usr/local/bin/brew` executable. If that executable does not exist, #{ChefUtils::Dist::Infra::PRODUCT} will attempt to find the user by executing `which brew`. If that executable cannot be found, #{ChefUtils::Dist::Infra::PRODUCT} will print an error message: `Could not find the 'brew' executable in /usr/local/bin or anywhere on the path.`.\n\nSet this property to specify the Homebrew owner for situations where Chef Infra Client cannot automatically detect the correct owner.'"
 
     end
   end

data/lib/chef/resource/homebrew_tap.rb

@@ -51,9 +51,10 @@ class Chef
 
       property :owner, String,
         description: "The owner of the Homebrew installation.",
-        default: lazy { find_homebrew_username }
+        default: lazy { find_homebrew_username },
+        default_description: "Calculated default username"
 
-      action :tap, description: "Add a Homebrew tap" do
+      action :tap, description: "Add a Homebrew tap." do
         unless tapped?(new_resource.tap_name)
           converge_by("tap #{new_resource.tap_name}") do
             shell_out!("#{new_resource.homebrew_path} tap #{new_resource.full ? "--full" : ""} #{new_resource.tap_name} #{new_resource.url || ""}",
@@ -64,7 +65,7 @@ class Chef
         end
       end
 
-      action :untap, description: "Remove a Homebrew tap" do
+      action :untap, description: "Remove a Homebrew tap." do
         if tapped?(new_resource.tap_name)
           converge_by("untap #{new_resource.tap_name}") do
             shell_out!("#{new_resource.homebrew_path} untap #{new_resource.tap_name}",

data/lib/chef/resource/homebrew_update.rb

@@ -88,7 +88,7 @@ class Chef
         end
       end
 
-      action :periodic do
+      action :periodic, description: "Run a periodic update based on the frequency property." do
         return unless macos?
 
         unless brew_up_to_date?
@@ -98,7 +98,7 @@ class Chef
         end
       end
 
-      action :update do
+      action :update, description: "Run an immediate update." do
         return unless macos?
 
         converge_by "force update new lists of packages" do

data/lib/chef/resource/hostname.rb

@@ -44,6 +44,24 @@ class Chef
           ipaddress '198.51.100.2'
         end
         ```
+
+        **Change the hostname of a Windows, Non-Domain joined node**:
+
+        ```ruby
+        hostname 'renaming a workgroup computer' do
+          hostname 'Foo'
+        end
+        ```
+
+        **Change the hostname of a Windows, Domain-joined node (new in 17.2)**:
+
+        ```ruby
+        hostname 'renaming a domain-joined computer' do
+          hostname 'Foo'
+          domain_user "Domain\\Someone"
+          domain_password 'SomePassword'
+        end
+        ```
       DOC
 
       property :hostname, String,
@@ -71,6 +89,15 @@ class Chef
         description: "Determines whether or not Windows should be reboot after changing the hostname, as this is required for the change to take effect.",
         default: true
 
+      property :domain_user, String,
+        description: "A domain account specified in the form of DOMAIN\\user used when renaming a domain-joined device",
+        introduced: "17.2"
+
+      property :domain_password, String,
+        description: "The password to accompany the domain_user parameter",
+        sensitive: true,
+        introduced: "17.2"
+
       action_class do
         def append_replacing_matching_lines(path, regex, string)
           text = IO.read(path).split("\n")
@@ -103,7 +130,11 @@ class Chef
         end
       end
 
-      action :set, description: "Sets the node's hostname" do
+      def is_domain_joined?
+        powershell_exec!("(Get-CIMInstance -Class Win32_ComputerSystem).PartofDomain").result
+      end
+
+      action :set, description: "Sets the node's hostname." do
         if !windows?
           ohai "reload hostname" do
             plugin "hostname"
@@ -243,13 +274,24 @@ class Chef
           end
 
           unless Socket.gethostbyname(Socket.gethostname).first == new_resource.hostname
-            converge_by "set hostname to #{new_resource.hostname}" do
-              powershell_exec! <<~EOH
-                $sysInfo = Get-WmiObject -Class Win32_ComputerSystem
-                $sysInfo.Rename("#{new_resource.hostname}")
-              EOH
+            if is_domain_joined?
+              if new_resource.domain_user.nil? || new_resource.domain_password.nil?
+                raise "The `domain_user` and `domain_password` properties are required to change the hostname of a domain-connected Windows system."
+              else
+                converge_by "set hostname to #{new_resource.hostname}" do
+                  powershell_exec! <<~EOH
+                    $user = #{new_resource.domain_user}
+                    $secure_password = #{new_resource.domain_password} | Convertto-SecureString -AsPlainText -Force
+                    $Credentials = New-Object System.Management.Automation.PSCredential -Argumentlist ($user, $secure_password)
+                    Rename-Computer -NewName #{new_resource.hostname} -DomainCredential $Credentials
+                  EOH
+                end
+              end
+            else
+              converge_by "set hostname to #{new_resource.hostname}" do
+                powershell_exec!("Rename-Computer -NewName #{new_resource.hostname}")
+              end
             end
-
             # reboot because $windows
             reboot "setting hostname" do
               reason "#{ChefUtils::Dist::Infra::PRODUCT} updated system hostname"

data/lib/chef/resource/inspec_waiver_file_entry.rb

@@ -16,8 +16,9 @@
 #
 
 require_relative "../resource"
-require "yaml"
+autoload :YAML, "yaml"
 require "date"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 
 class Chef
   class Resource
@@ -35,7 +36,7 @@ class Chef
           file_path 'C:\\chef\\inspec_waiver_file.yml'
           control 'my_inspec_control_01'
           run_test false
-          justification "The subject of this control is not managed by Chef on the systems in policy group \#{node['policy_group']}"
+          justification "The subject of this control is not managed by #{ChefUtils::Dist::Infra::PRODUCT} on the systems in policy group \#{node['policy_group']}"
           expiration '2022-01-01'
           action :add
         end
@@ -45,7 +46,7 @@ class Chef
 
       ```ruby
         inspec_waiver_file_entry 'my_inspec_control_01' do
-          justification "The subject of this control is not managed by Chef on the systems in policy group \#{node['policy_group']}"
+          justification "The subject of this control is not managed by #{ChefUtils::Dist::Infra::PRODUCT} on the systems in policy group \#{node['policy_group']}"
           action :add
         end
       ```
@@ -83,13 +84,13 @@ class Chef
         }
 
       property :run_test, [true, false],
-        description: "If present and true, the control will run and be reported, but failures in it won’t make the overall run fail. If absent or false, the control will not be run."
+        description: "If present and `true`, the control will run and be reported, but failures in it won’t make the overall run fail. If absent or `false`, the control will not be run."
 
       property :justification, String,
         description: "Can be any text you want and might include a reason for the waiver as well as who signed off on the waiver."
 
       property :backup, [false, Integer],
-        description: "The number of backups to be kept in /var/chef/backup (for UNIX- and Linux-based platforms) or C:/chef/backup (for the Microsoft Windows platform). Set to false to prevent backups from being kept.",
+        description: "The number of backups to be kept in `/var/chef/backup` (for UNIX- and Linux-based platforms) or `C:/chef/backup` (for the Microsoft Windows platform). Set to `false` to prevent backups from being kept.",
         default: false
 
       action :add do
@@ -110,7 +111,7 @@ class Chef
 
           file "Update Waiver File #{new_resource.file_path} to update waiver for control #{new_resource.control}" do
             path new_resource.file_path
-            content waiver_hash.to_yaml
+            content ::YAML.dump(waiver_hash)
             backup new_resource.backup
             action :create
           end
@@ -125,7 +126,7 @@ class Chef
           waiver_hash = waiver_hash.sort.to_h
           file "Update Waiver File #{new_resource.file_path} to remove waiver for control #{new_resource.control}" do
             path new_resource.file_path
-            content waiver_hash.to_yaml
+            content ::YAML.dump(waiver_hash)
             backup new_resource.backup
             action :create
           end

data/lib/chef/resource/kernel_module.rb

@@ -93,7 +93,7 @@ class Chef
         description: "The modprobe.d directory.",
         default: "/etc/modprobe.d"
 
-      action :install, description: "Load kernel module, and ensure it loads on reboot" do
+      action :install, description: "Load kernel module, and ensure it loads on reboot." do
         with_run_context :root do
           find_resource(:execute, "update initramfs") do
             command initramfs_command
@@ -121,7 +121,7 @@ class Chef
         end
       end
 
-      action :uninstall, description: "Unload a kernel module and remove module config, so it doesn't load on reboot" do
+      action :uninstall, description: "Unload a kernel module and remove module config, so it doesn't load on reboot." do
         with_run_context :root do
           find_resource(:execute, "update initramfs") do
             command initramfs_command
@@ -146,7 +146,7 @@ class Chef
         action_unload
       end
 
-      action :blacklist, description: "Blacklist a kernel module" do
+      action :blacklist, description: "Blacklist a kernel module." do
         with_run_context :root do
           find_resource(:execute, "update initramfs") do
             command initramfs_command
@@ -162,7 +162,7 @@ class Chef
         action_unload
       end
 
-      action :disable, description: "Disable a kernel module" do
+      action :disable, description: "Disable a kernel module. **New in Chef Infra Client 15.2.**" do
         with_run_context :root do
           find_resource(:execute, "update initramfs") do
             command initramfs_command
@@ -178,7 +178,7 @@ class Chef
         action_unload
       end
 
-      action :load, description: "Load a kernel module" do
+      action :load, description: "Load a kernel module." do
         unless module_loaded?
           converge_by("load kernel module #{new_resource.modname}") do
             shell_out!("modprobe #{new_resource.modname}")
@@ -186,7 +186,7 @@ class Chef
         end
       end
 
-      action :unload, description: "Unload kernel module" do
+      action :unload, description: "Unload kernel module." do
         if module_loaded?
           converge_by("unload kernel module #{new_resource.modname}") do
             shell_out!("modprobe -r #{new_resource.modname}")

data/lib/chef/resource/launchd.rb

@@ -36,7 +36,7 @@ class Chef
 
       property :backup, [Integer, FalseClass],
         desired_state: false,
-        description: "The number of backups to be kept in /var/chef/backup. Set to false to prevent backups from being kept."
+        description: "The number of backups to be kept in `/var/chef/backup`. Set to `false` to prevent backups from being kept."
 
       property :cookbook, String,
         desired_state: false,
@@ -197,10 +197,10 @@ class Chef
         description: "The intended purpose of the job: `Adaptive`, `Background`, `Interactive`, or `Standard`."
 
       property :program, String,
-        description: "The first argument of execvp, typically the file name associated with the file to be executed. This value must be specified if program_arguments is not specified, and vice-versa."
+        description: "The first argument of `execvp`, typically the file name associated with the file to be executed. This value must be specified if `program_arguments` is not specified, and vice-versa."
 
       property :program_arguments, Array,
-        description: "The second argument of execvp. If program is not specified, this property must be specified and will be handled as if it were the first argument."
+        description: "The second argument of `execvp`. If program is not specified, this property must be specified and will be handled as if it were the first argument."
 
       property :queue_directories, Array,
         description: "An array of non-empty directories which, if any are modified, will cause a job to be started."

data/lib/chef/resource/locale.rb

@@ -97,7 +97,7 @@ class Chef
         powershell_exec("Get-WinSystemLocale").result["Name"]
       end
 
-      action :update, description: "Update the system's locale" do
+      action :update, description: "Update the system's locale." do
         converge_if_changed do
           set_system_locale
         end

data/lib/chef/resource/lwrp_base.rb

@@ -37,7 +37,7 @@ class Chef
     class LWRPBase < Resource
 
       # Class methods
-      class <<self
+      class << self
 
         include Chef::Mixin::ConvertToClassName
         include Chef::Mixin::FromFile

data/lib/chef/resource/macos_userdefaults.rb

@@ -140,7 +140,7 @@ class Chef
         state_cmd
       end
 
-      action :write, description: "Write the value to the specified domain/key" do
+      action :write, description: "Write the value to the specified domain/key." do
         converge_if_changed do
           cmd = defaults_modify_cmd
           Chef::Log.debug("Updating defaults value by shelling out: #{cmd.join(" ")}")
@@ -149,7 +149,7 @@ class Chef
         end
       end
 
-      action :delete, description: "Delete a key from a domain" do
+      action :delete, description: "Delete a key from a domain." do
         # if it's not there there's nothing to remove
         return unless current_resource
 

data/lib/chef/resource/ohai_hint.rb

@@ -72,9 +72,7 @@ class Chef
         description: "Determines whether or not the resource is executed during the compile time phase.",
         default: true, desired_state: false
 
-      action :create do
-        description "Create an Ohai hint file."
-
+      action :create, description: "Create an Ohai hint file." do
         directory ::Ohai::Config.ohai.hints_path.first do
           action :create
           recursive true
@@ -86,9 +84,7 @@ class Chef
         end
       end
 
-      action :delete do
-        description "Delete an Ohai hint file."
-
+      action :delete, description: "Delete an Ohai hint file." do
         file ohai_hint_file_path(new_resource.hint_name) do
           action :delete
           notifies :reload, ohai[reload ohai post hint removal]

data/lib/chef/resource/openbsd_package.rb

@@ -31,6 +31,23 @@ class Chef
 
       description "Use the **openbsd_package** resource to manage packages for the OpenBSD platform."
       introduced "12.1"
+      examples <<~DOC
+        **Install a package**
+
+        ```ruby
+        openbsd_package 'name of package' do
+          action :install
+        end
+        ```
+
+        **Remove a package**
+
+        ```ruby
+        openbsd_package 'name of package' do
+          action :remove
+        end
+        ```
+      DOC
 
       property :package_name, String,
         description: "An optional property to set the package name if it differs from the resource block's name.",

data/lib/chef/resource/openssl_dhparam.rb

@@ -88,8 +88,7 @@ class Chef
         description: "The permission mode applied to all files created by the resource.",
         default: "0640"
 
-      action :create do
-        description "Create the dhparam file."
+      action :create, description: "Create the `dhparam.pem` file." do
         dhparam_content = nil
         unless dhparam_pem_valid?(new_resource.path)
           dhparam_content = gen_dhparam(new_resource.key_length, new_resource.generator).to_pem

data/lib/chef/resource/openssl_ec_private_key.rb

@@ -88,9 +88,7 @@ class Chef
         description: "Force creation of the key even if the same key already exists on the node.",
         default: false, desired_state: false
 
-      action :create do
-        description "Generate the ec private key"
-
+      action :create, description: "Generate the EC private key file." do
         unless new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
           converge_by("Create an EC private key #{new_resource.path}") do
             log "Generating an #{new_resource.key_curve} "\

data/lib/chef/resource/openssl_ec_public_key.rb

@@ -74,9 +74,7 @@ class Chef
         description: "The permission mode applied to all files created by the resource.",
         default: "0640"
 
-      action :create do
-        description "Generate the ec public key from a private key"
-
+      action :create, description: "Generate the EC public key file from a private key." do
         raise ArgumentError, "You cannot specify both 'private_key_path' and 'private_key_content' properties at the same time." if new_resource.private_key_path && new_resource.private_key_content
         raise ArgumentError, "You must specify the private key with either 'private_key_path' or 'private_key_content' properties." unless new_resource.private_key_path || new_resource.private_key_content
         raise "#{new_resource.private_key_path} not a valid private EC key or password is invalid" unless priv_key_file_valid?((new_resource.private_key_path || new_resource.private_key_content), new_resource.private_key_pass)

data/lib/chef/resource/openssl_rsa_private_key.rb

@@ -87,9 +87,7 @@ class Chef
         description: "Force creation of the key even if the same key already exists on the node.",
         default: false, desired_state: false
 
-      action :create do
-        description "Create the RSA private key."
-
+      action :create, description: "Create the RSA private key file." do
         return if new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
 
         converge_by("create #{new_resource.key_length} bit RSA key #{new_resource.path}") do