RubyGems - chef - Versions diffs - 17.10.0 → 18.0.169 - Mend

chef 17.10.0 → 18.0.169

Files changed (304) hide show

checksums.yaml +4 -4
data/Gemfile +16 -8
data/README.md +7 -7
data/Rakefile +5 -24
data/{chef-universal-mingw32.gemspec → chef-universal-mingw-ucrt.gemspec} +7 -6
data/chef.gemspec +13 -6
data/lib/chef/api_client_v1.rb +9 -1
data/lib/chef/application/exit_code.rb +3 -3
data/lib/chef/client.rb +167 -0
data/lib/chef/compliance/input.rb +1 -1
data/lib/chef/compliance/input_collection.rb +1 -1
data/lib/chef/compliance/profile.rb +1 -1
data/lib/chef/compliance/profile_collection.rb +1 -2
data/lib/chef/compliance/waiver.rb +1 -1
data/lib/chef/compliance/waiver_collection.rb +1 -1
data/lib/chef/cookbook/syntax_check.rb +2 -2
data/lib/chef/dsl/reader_helpers.rb +1 -1
data/lib/chef/dsl/rest_resource.rb +77 -0
data/lib/chef/dsl/secret.rb +113 -5
data/lib/chef/event_dispatch/base.rb +3 -0
data/lib/chef/exceptions.rb +8 -0
data/lib/chef/http/authenticator.rb +170 -3
data/lib/chef/http/ssl_policies.rb +3 -3
data/lib/chef/mixin/powershell_exec.rb +5 -28
data/lib/chef/mixin/properties.rb +6 -0
data/lib/chef/node/attribute.rb +20 -3
data/lib/chef/node/mixin/deep_merge_cache.rb +4 -4
data/lib/chef/node/mixin/immutablize_array.rb +1 -0
data/lib/chef/property.rb +5 -3
data/lib/chef/provider/group/windows.rb +1 -1
data/lib/chef/provider/http_request.rb +11 -9
data/lib/chef/provider/mount/linux.rb +5 -0
data/lib/chef/provider/mount/mount.rb +8 -0
data/lib/chef/provider/mount/windows.rb +1 -1
data/lib/chef/provider/package/powershell.rb +1 -1
data/lib/chef/provider/package/rubygems.rb +1 -1
data/lib/chef/provider/package/windows/msi.rb +2 -2
data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
data/lib/chef/provider/package/zypper/version.rb +60 -0
data/lib/chef/provider/package/zypper.rb +47 -3
data/lib/chef/provider/service/windows.rb +1 -1
data/lib/chef/provider/user/aix.rb +5 -0
data/lib/chef/provider/user/linux.rb +29 -0
data/lib/chef/provider/user/mac.rb +1 -1
data/lib/chef/provider/user.rb +45 -9
data/lib/chef/provider.rb +1 -1
data/lib/chef/recipe.rb +1 -1
data/lib/chef/resource/_rest_resource.rb +389 -0
data/lib/chef/resource/alternatives.rb +0 -1
data/lib/chef/resource/apt_package.rb +0 -1
data/lib/chef/resource/apt_preference.rb +0 -1
data/lib/chef/resource/apt_repository.rb +0 -1
data/lib/chef/resource/apt_update.rb +0 -1
data/lib/chef/resource/archive_file.rb +0 -1
data/lib/chef/resource/bash.rb +0 -1
data/lib/chef/resource/batch.rb +0 -1
data/lib/chef/resource/bff_package.rb +0 -1
data/lib/chef/resource/breakpoint.rb +0 -1
data/lib/chef/resource/build_essential.rb +0 -1
data/lib/chef/resource/cab_package.rb +0 -1
data/lib/chef/resource/chef_client_config.rb +17 -14
data/lib/chef/resource/chef_client_cron.rb +1 -2
data/lib/chef/resource/chef_client_launchd.rb +2 -2
data/lib/chef/resource/chef_client_scheduled_task.rb +3 -3
data/lib/chef/resource/chef_client_systemd_timer.rb +0 -1
data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
data/lib/chef/resource/chef_gem.rb +0 -1
data/lib/chef/resource/chef_handler.rb +0 -1
data/lib/chef/resource/chef_sleep.rb +1 -3
data/lib/chef/resource/chef_vault_secret.rb +0 -1
data/lib/chef/resource/chocolatey_config.rb +0 -1
data/lib/chef/resource/chocolatey_feature.rb +0 -1
data/lib/chef/resource/chocolatey_package.rb +0 -1
data/lib/chef/resource/chocolatey_source.rb +0 -1
data/lib/chef/resource/cookbook_file.rb +0 -1
data/lib/chef/resource/cron/_cron_shared.rb +0 -1
data/lib/chef/resource/cron/cron.rb +0 -1
data/lib/chef/resource/cron/cron_d.rb +15 -1
data/lib/chef/resource/cron_access.rb +0 -1
data/lib/chef/resource/csh.rb +0 -1
data/lib/chef/resource/directory.rb +0 -1
data/lib/chef/resource/dmg_package.rb +0 -1
data/lib/chef/resource/dnf_package.rb +0 -1
data/lib/chef/resource/dpkg_package.rb +0 -1
data/lib/chef/resource/dsc_resource.rb +0 -1
data/lib/chef/resource/dsc_script.rb +0 -1
data/lib/chef/resource/execute.rb +0 -1
data/lib/chef/resource/file.rb +0 -1
data/lib/chef/resource/freebsd_package.rb +0 -1
data/lib/chef/resource/gem_package.rb +0 -1
data/lib/chef/resource/group.rb +25 -2
data/lib/chef/resource/habitat/habitat_package.rb +0 -1
data/lib/chef/resource/habitat/habitat_sup.rb +6 -7
data/lib/chef/resource/habitat/habitat_sup_windows.rb +1 -1
data/lib/chef/resource/habitat_config.rb +0 -1
data/lib/chef/resource/habitat_install.rb +0 -1
data/lib/chef/resource/habitat_service.rb +0 -1
data/lib/chef/resource/habitat_user_toml.rb +0 -1
data/lib/chef/resource/homebrew_cask.rb +0 -1
data/lib/chef/resource/homebrew_package.rb +0 -1
data/lib/chef/resource/homebrew_tap.rb +0 -1
data/lib/chef/resource/homebrew_update.rb +0 -2
data/lib/chef/resource/hostname.rb +0 -1
data/lib/chef/resource/http_request.rb +0 -1
data/lib/chef/resource/ifconfig.rb +0 -1
data/lib/chef/resource/inspec_input.rb +0 -1
data/lib/chef/resource/inspec_waiver.rb +0 -1
data/lib/chef/resource/inspec_waiver_file_entry.rb +2 -3
data/lib/chef/resource/ips_package.rb +0 -1
data/lib/chef/resource/kernel_module.rb +0 -1
data/lib/chef/resource/ksh.rb +0 -1
data/lib/chef/resource/launchd.rb +0 -1
data/lib/chef/resource/link.rb +0 -1
data/lib/chef/resource/locale.rb +1 -2
data/lib/chef/resource/log.rb +0 -1
data/lib/chef/resource/lwrp_base.rb +0 -4
data/lib/chef/resource/macos_userdefaults.rb +0 -1
data/lib/chef/resource/macosx_service.rb +0 -1
data/lib/chef/resource/macports_package.rb +0 -1
data/lib/chef/resource/mdadm.rb +0 -1
data/lib/chef/resource/mount.rb +0 -1
data/lib/chef/resource/msu_package.rb +0 -1
data/lib/chef/resource/notify_group.rb +0 -2
data/lib/chef/resource/ohai.rb +0 -1
data/lib/chef/resource/ohai_hint.rb +0 -1
data/lib/chef/resource/openbsd_package.rb +0 -1
data/lib/chef/resource/openssl_dhparam.rb +0 -2
data/lib/chef/resource/openssl_ec_private_key.rb +0 -2
data/lib/chef/resource/openssl_ec_public_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_private_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_public_key.rb +0 -2
data/lib/chef/resource/openssl_x509_certificate.rb +0 -2
data/lib/chef/resource/openssl_x509_crl.rb +0 -2
data/lib/chef/resource/openssl_x509_request.rb +0 -2
data/lib/chef/resource/osx_profile.rb +0 -1
data/lib/chef/resource/package.rb +0 -1
data/lib/chef/resource/pacman_package.rb +0 -1
data/lib/chef/resource/paludis_package.rb +0 -1
data/lib/chef/resource/perl.rb +0 -1
data/lib/chef/resource/plist.rb +7 -3
data/lib/chef/resource/portage_package.rb +0 -1
data/lib/chef/resource/powershell_package.rb +0 -1
data/lib/chef/resource/powershell_package_source.rb +0 -1
data/lib/chef/resource/powershell_script.rb +0 -1
data/lib/chef/resource/python.rb +0 -1
data/lib/chef/resource/reboot.rb +0 -1
data/lib/chef/resource/registry_key.rb +0 -1
data/lib/chef/resource/remote_directory.rb +0 -1
data/lib/chef/resource/remote_file.rb +0 -1
data/lib/chef/resource/rhsm_errata.rb +0 -1
data/lib/chef/resource/rhsm_errata_level.rb +0 -1
data/lib/chef/resource/rhsm_register.rb +17 -1
data/lib/chef/resource/rhsm_repo.rb +0 -1
data/lib/chef/resource/rhsm_subscription.rb +0 -1
data/lib/chef/resource/route.rb +0 -1
data/lib/chef/resource/rpm_package.rb +0 -1
data/lib/chef/resource/ruby.rb +0 -1
data/lib/chef/resource/ruby_block.rb +0 -1
data/lib/chef/resource/scm/_scm.rb +0 -2
data/lib/chef/resource/scm/git.rb +0 -2
data/lib/chef/resource/scm/subversion.rb +0 -2
data/lib/chef/resource/script.rb +0 -1
data/lib/chef/resource/selinux/common_helpers.rb +47 -0
data/lib/chef/resource/selinux/selinux_debian.erb +18 -0
data/lib/chef/resource/selinux/selinux_default.erb +15 -0
data/lib/chef/resource/selinux_boolean.rb +101 -0
data/lib/chef/resource/selinux_fcontext.rb +160 -0
data/lib/chef/resource/selinux_install.rb +107 -0
data/lib/chef/resource/selinux_module.rb +143 -0
data/lib/chef/resource/selinux_permissive.rb +64 -0
data/lib/chef/resource/selinux_port.rb +118 -0
data/lib/chef/resource/selinux_state.rb +166 -0
data/lib/chef/resource/service.rb +0 -1
data/lib/chef/resource/smartos_package.rb +0 -1
data/lib/chef/resource/snap_package.rb +0 -1
data/lib/chef/resource/solaris_package.rb +0 -1
data/lib/chef/resource/ssh_known_hosts_entry.rb +0 -1
data/lib/chef/resource/sudo.rb +0 -1
data/lib/chef/resource/support/client.erb +3 -4
data/lib/chef/resource/swap_file.rb +0 -1
data/lib/chef/resource/sysctl.rb +1 -2
data/lib/chef/resource/systemd_unit.rb +0 -1
data/lib/chef/resource/template.rb +0 -1
data/lib/chef/resource/timezone.rb +0 -1
data/lib/chef/resource/user/aix_user.rb +0 -1
data/lib/chef/resource/user/linux_user.rb +0 -1
data/lib/chef/resource/user/mac_user.rb +0 -1
data/lib/chef/resource/user/pw_user.rb +0 -1
data/lib/chef/resource/user/solaris_user.rb +0 -1
data/lib/chef/resource/user/windows_user.rb +0 -1
data/lib/chef/resource/user.rb +10 -1
data/lib/chef/resource/user_ulimit.rb +0 -1
data/lib/chef/resource/whyrun_safe_ruby_block.rb +0 -1
data/lib/chef/resource/windows_ad_join.rb +0 -2
data/lib/chef/resource/windows_audit_policy.rb +0 -2
data/lib/chef/resource/windows_auto_run.rb +0 -1
data/lib/chef/resource/windows_certificate.rb +54 -43
data/lib/chef/resource/windows_defender.rb +0 -1
data/lib/chef/resource/windows_defender_exclusion.rb +0 -1
data/lib/chef/resource/windows_dfs_folder.rb +0 -1
data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
data/lib/chef/resource/windows_dfs_server.rb +0 -1
data/lib/chef/resource/windows_dns_record.rb +0 -1
data/lib/chef/resource/windows_dns_zone.rb +0 -1
data/lib/chef/resource/windows_env.rb +0 -1
data/lib/chef/resource/windows_feature.rb +0 -1
data/lib/chef/resource/windows_feature_dism.rb +0 -1
data/lib/chef/resource/windows_feature_powershell.rb +0 -1
data/lib/chef/resource/windows_firewall_profile.rb +0 -2
data/lib/chef/resource/windows_firewall_rule.rb +0 -1
data/lib/chef/resource/windows_font.rb +2 -3
data/lib/chef/resource/windows_package.rb +0 -1
data/lib/chef/resource/windows_pagefile.rb +27 -22
data/lib/chef/resource/windows_path.rb +0 -1
data/lib/chef/resource/windows_printer.rb +0 -1
data/lib/chef/resource/windows_printer_port.rb +0 -1
data/lib/chef/resource/windows_script.rb +0 -2
data/lib/chef/resource/windows_security_policy.rb +0 -1
data/lib/chef/resource/windows_service.rb +0 -1
data/lib/chef/resource/windows_share.rb +0 -1
data/lib/chef/resource/windows_shortcut.rb +1 -2
data/lib/chef/resource/windows_task.rb +0 -1
data/lib/chef/resource/windows_uac.rb +0 -1
data/lib/chef/resource/windows_update_settings.rb +0 -1
data/lib/chef/resource/windows_user_privilege.rb +36 -27
data/lib/chef/resource/windows_workgroup.rb +0 -1
data/lib/chef/resource/yum_package.rb +0 -1
data/lib/chef/resource/yum_repository.rb +0 -1
data/lib/chef/resource/zypper_package.rb +0 -1
data/lib/chef/resource/zypper_repository.rb +0 -1
data/lib/chef/resource.rb +13 -5
data/lib/chef/resources.rb +7 -0
data/lib/chef/run_context.rb +19 -3
data/lib/chef/secret_fetcher/azure_key_vault.rb +3 -3
data/lib/chef/secret_fetcher/hashi_vault.rb +1 -1
data/lib/chef/version.rb +1 -1
data/lib/chef/win32/handle.rb +6 -7
data/lib/chef/win32/registry.rb +7 -3
data/lib/chef/win32/version.rb +2 -1
data/spec/data/rubygems.org/sexp_processor-info +2 -1
data/spec/functional/resource/dsc_script_spec.rb +1 -1
data/spec/functional/resource/group_spec.rb +10 -6
data/spec/functional/resource/link_spec.rb +8 -8
data/spec/functional/resource/plist_spec.rb +25 -0
data/spec/functional/resource/user/linux_user_spec.rb +127 -0
data/spec/functional/resource/windows_certificate_spec.rb +15 -12
data/spec/functional/resource/windows_font_spec.rb +11 -8
data/spec/functional/resource/windows_pagefile_spec.rb +31 -4
data/spec/functional/resource/zypper_package_spec.rb +12 -0
data/spec/functional/shell_spec.rb +7 -2
data/spec/functional/version_spec.rb +1 -1
data/spec/integration/client/client_spec.rb +82 -3
data/spec/integration/client/exit_code_spec.rb +1 -1
data/spec/integration/client/ipv6_spec.rb +1 -1
data/spec/integration/compliance/compliance_spec.rb +1 -1
data/spec/integration/recipes/accumulator_spec.rb +1 -1
data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
data/spec/integration/recipes/lwrp_spec.rb +1 -1
data/spec/integration/recipes/notifies_spec.rb +1 -1
data/spec/integration/recipes/notifying_block_spec.rb +1 -1
data/spec/integration/recipes/remote_directory.rb +1 -1
data/spec/integration/recipes/unified_mode_spec.rb +1 -1
data/spec/integration/recipes/use_partial_spec.rb +2 -1
data/spec/integration/solo/solo_spec.rb +2 -2
data/spec/spec_helper.rb +1 -0
data/spec/support/platform_helpers.rb +4 -0
data/spec/support/ruby_installer.rb +1 -1
data/spec/support/shared/functional/windows_script.rb +2 -2
data/spec/unit/application/client_spec.rb +0 -10
data/spec/unit/client_spec.rb +54 -2
data/spec/unit/cookbook/syntax_check_spec.rb +3 -0
data/spec/unit/daemon_spec.rb +1 -5
data/spec/unit/dsl/secret_spec.rb +127 -23
data/spec/unit/http/authenticator_spec.rb +68 -0
data/spec/unit/mixin/powershell_exec_spec.rb +5 -5
data/spec/unit/platform/query_helpers_spec.rb +2 -17
data/spec/unit/provider/http_request_spec.rb +60 -72
data/spec/unit/provider/mount/linux_spec.rb +10 -0
data/spec/unit/provider/package/rubygems_spec.rb +2 -2
data/spec/unit/provider/package/zypper_spec.rb +32 -0
data/spec/unit/provider/user/linux_spec.rb +96 -1
data/spec/unit/provider/user_spec.rb +24 -6
data/spec/unit/resource/archive_file_spec.rb +1 -1
data/spec/unit/resource/chef_client_config_spec.rb +8 -0
data/spec/unit/resource/chef_client_cron_spec.rb +5 -0
data/spec/unit/resource/chef_client_launchd_spec.rb +5 -0
data/spec/unit/resource/chef_client_scheduled_task_spec.rb +5 -0
data/spec/unit/resource/chef_client_systemd_timer_spec.rb +1 -1
data/spec/unit/resource/cron_d_spec.rb +37 -1
data/spec/unit/resource/rest_resource_spec.rb +381 -0
data/spec/unit/resource/selinux_boolean_spec.rb +92 -0
data/spec/unit/resource/selinux_fcontext_spec.rb +65 -0
data/spec/unit/resource/selinux_install_spec.rb +60 -0
data/spec/unit/resource/selinux_module_spec.rb +55 -0
data/spec/unit/resource/selinux_permissive_spec.rb +39 -0
data/spec/unit/resource/selinux_port_spec.rb +42 -0
data/spec/unit/resource/selinux_state_spec.rb +46 -0
data/spec/unit/resource/sysctl_spec.rb +2 -2
data/spec/unit/resource/user/linux_user_spec.rb +42 -0
data/spec/unit/resource_spec.rb +21 -1
data/spec/unit/run_context_spec.rb +16 -0
data/spec/unit/util/dsc/local_configuration_manager_spec.rb +1 -1
data/tasks/rspec.rb +1 -1
metadata +85 -19

data/lib/chef/resource/openbsd_package.rb CHANGED Viewed

@@ -25,7 +25,6 @@ require_relative "../provider/package/openbsd"
 class Chef
   class Resource
     class OpenbsdPackage < Chef::Resource::Package
-      unified_mode true
       provides :openbsd_package
       provides :package, os: "openbsd"

data/lib/chef/resource/openssl_dhparam.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_dhparam) { true }
       description "Use the **openssl_dhparam** resource to generate `dhparam.pem` files. If a valid `dhparam.pem` file is found at the specified location, no new file will be created. If a file is found at the specified location but it is not a valid `dhparam.pem` file, it will be overwritten."

data/lib/chef/resource/openssl_ec_private_key.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_ec_private_key
       description "Use the **openssl_ec_private_key** resource to generate an elliptic curve (EC) private key file. If a valid EC key file can be opened at the specified location, no new file will be created. If the EC key file cannot be opened, either because it does not exist or because the password to the EC key file does not match the password in the recipe, then it will be overwritten."

data/lib/chef/resource/openssl_ec_public_key.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_ec_public_key
       description "Use the **openssl_ec_public_key** resource to generate elliptic curve (EC) public key files from a given EC private key."

data/lib/chef/resource/openssl_rsa_private_key.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_rsa_private_key) { true }
       provides(:openssl_rsa_key) { true } # legacy cookbook resource name

data/lib/chef/resource/openssl_rsa_public_key.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_rsa_public_key) { true }
       examples <<~DOC

data/lib/chef/resource/openssl_x509_certificate.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_certificate
       provides(:openssl_x509) { true } # legacy cookbook name.

data/lib/chef/resource/openssl_x509_crl.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_crl
       description "Use the **openssl_x509_crl** resource to generate PEM-formatted x509 certificate revocation list (CRL) files."

data/lib/chef/resource/openssl_x509_request.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_request
       description "Use the **openssl_x509_request** resource to generate PEM-formatted x509 certificates requests. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate."

data/lib/chef/resource/osx_profile.rb CHANGED Viewed

@@ -25,7 +25,6 @@ autoload :Plist, "plist"
 class Chef
   class Resource
     class OsxProfile < Chef::Resource
-      unified_mode true
       provides :osx_profile
       provides :osx_config_profile

data/lib/chef/resource/package.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class Package < Chef::Resource
-      unified_mode true
       provides :package
       description "Use the **package** resource to manage packages. When the package is"\

data/lib/chef/resource/pacman_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class PacmanPackage < Chef::Resource::Package
-      unified_mode true
       provides :pacman_package

data/lib/chef/resource/paludis_package.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../provider/package/paludis"
 class Chef
   class Resource
     class PaludisPackage < Chef::Resource::Package
-      unified_mode true
       provides :paludis_package

data/lib/chef/resource/perl.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "script"
 class Chef
   class Resource
     class Perl < Chef::Resource::Script
-      unified_mode true
       provides :perl

data/lib/chef/resource/plist.rb CHANGED Viewed

@@ -22,7 +22,6 @@ class Chef
   class Resource
     class PlistResource < Chef::Resource # we name this PlistResource to avoid confusion with Plist from the plist gem
-      unified_mode true
       provides :plist
@@ -85,7 +84,7 @@ class Chef
         converge_if_changed :path do
           converge_by "create new plist: '#{new_resource.path}'" do
             file new_resource.path do
-              content {}.to_plist
+              content({}.to_plist)
               owner new_resource.owner
               group new_resource.group
               mode new_resource.mode if property_is_set?(:mode)
@@ -189,7 +188,12 @@ class Chef
         sep = " "
         arg = case subcommand.to_s
               when "add"
-                type_to_commandline_string(value)
+                if value.is_a?(Hash)
+                  sep = ":"
+                  value.map { |k, v| "#{k} #{type_to_commandline_string(v)}" }
+                else
+                  type_to_commandline_string(value)
+                end
               when "set"
                 if value.is_a?(Hash)
                   sep = ":"

data/lib/chef/resource/portage_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class PortagePackage < Chef::Resource::Package
-      unified_mode true
       provides :portage_package

data/lib/chef/resource/powershell_package.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "package"
 class Chef
   class Resource
     class PowershellPackage < Chef::Resource::Package
-      unified_mode true
       provides :powershell_package

data/lib/chef/resource/powershell_package_source.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class PowershellPackageSource < Chef::Resource
-      unified_mode true
       provides :powershell_package_source

data/lib/chef/resource/powershell_script.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "windows_script"
 class Chef
   class Resource
     class PowershellScript < Chef::Resource::WindowsScript
-      unified_mode true
       set_guard_inherited_attributes(:interpreter)

data/lib/chef/resource/python.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "script"
 class Chef
   class Resource
     class Python < Chef::Resource::Script
-      unified_mode true
       provides :python

data/lib/chef/resource/reboot.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class Reboot < Chef::Resource
-      unified_mode true
       provides :reboot

data/lib/chef/resource/registry_key.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class RegistryKey < Chef::Resource
-      unified_mode true
       provides(:registry_key) { true }

data/lib/chef/resource/remote_directory.rb CHANGED Viewed

@@ -25,7 +25,6 @@ class Chef
   class Resource
     class RemoteDirectory < Chef::Resource::Directory
       include Chef::Mixin::Securable
-      unified_mode true
       provides :remote_directory

data/lib/chef/resource/remote_file.rb CHANGED Viewed

@@ -28,7 +28,6 @@ class Chef
   class Resource
     class RemoteFile < Chef::Resource::File
       include Chef::Mixin::Securable
-      unified_mode true
       provides :remote_file

data/lib/chef/resource/rhsm_errata.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrata < Chef::Resource
-      unified_mode true
       provides(:rhsm_errata) { true }
       description "Use the **rhsm_errata** resource to install packages associated with a given Red Hat Subscription Manager Errata ID. This is helpful if packages to mitigate a single vulnerability must be installed on your hosts."

data/lib/chef/resource/rhsm_errata_level.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrataLevel < Chef::Resource
-      unified_mode true
       provides(:rhsm_errata_level) { true }
       description "Use the **rhsm_errata_level** resource to install all packages of a specified errata level from the Red Hat Subscription Manager. For example, you can ensure that all packages associated with errata marked at a 'Critical' security level are installed."

data/lib/chef/resource/rhsm_register.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "shellwords" unless defined?(Shellwords)
 class Chef
   class Resource
     class RhsmRegister < Chef::Resource
-      unified_mode true
       provides(:rhsm_register) { true }
       description "Use the **rhsm_register** resource to register a node with the Red Hat Subscription Manager or a local Red Hat Satellite server."
@@ -118,12 +117,17 @@ class Chef
           end
         end
+        package flush_package_cache_name do
+          action :nothing
+        end
         execute "Register to RHSM" do
           sensitive new_resource.sensitive
           command register_command
           default_env true
           action :run
           not_if { registered_with_rhsm? } unless new_resource.force
+          notifies :flush_cache, "package[#{flush_package_cache_name}]", :immediately
         end
         if new_resource.install_katello_agent && !new_resource.satellite_host.nil?
@@ -132,11 +136,16 @@ class Chef
       end
       action :unregister, description: "Unregister the node from RHSM." do
+        package flush_package_cache_name do
+          action :nothing
+        end
         execute "Unregister from RHSM" do
           command "subscription-manager unregister"
           default_env true
           action :run
           only_if { registered_with_rhsm? }
+          notifies :flush_cache, "package[#{flush_package_cache_name}]", :immediately
           notifies :run, "execute[Clean RHSM Config]", :immediately
         end
@@ -148,6 +157,13 @@ class Chef
       end
       action_class do
+        #
+        # @return [String]
+        #
+        def flush_package_cache_name
+          "rhsm_register-#{new_resource.name}-flush_cache"
+        end
         #
         # @return [Symbol] dnf_package or yum_package depending on OS release
         #

data/lib/chef/resource/rhsm_repo.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmRepo < Chef::Resource
-      unified_mode true
       provides(:rhsm_repo) { true }

data/lib/chef/resource/rhsm_subscription.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmSubscription < Chef::Resource
-      unified_mode true
       provides(:rhsm_subscription) { true }

data/lib/chef/resource/route.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class Route < Chef::Resource
-      unified_mode true
       provides :route

data/lib/chef/resource/rpm_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class RpmPackage < Chef::Resource::Package
-      unified_mode true
       provides :rpm_package

data/lib/chef/resource/ruby.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "script"
 class Chef
   class Resource
     class Ruby < Chef::Resource::Script
-      unified_mode true
       provides :ruby

data/lib/chef/resource/ruby_block.rb CHANGED Viewed

@@ -24,7 +24,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class RubyBlock < Chef::Resource
-      unified_mode true
       provides :ruby_block, target_mode: true

data/lib/chef/resource/scm/_scm.rb CHANGED Viewed

@@ -16,8 +16,6 @@
 # limitations under the License.
 #
-unified_mode true
 default_action :sync
 allowed_actions :checkout, :export, :sync, :diff, :log

data/lib/chef/resource/scm/git.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
     class Git < Chef::Resource
       use "scm"
-      unified_mode true
       provides :git
       description "Use the **git** resource to manage source control resources that exist in a git repository. git version 1.6.5 (or higher) is required to use all of the functionality in the git resource."

data/lib/chef/resource/scm/subversion.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
     class Subversion < Chef::Resource
       use "scm"
-      unified_mode true
       provides :subversion
       description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository. Warning: The subversion resource has known bugs and may not work as expected. For more information see Chef GitHub issues, particularly [#4050](https://github.com/chef/chef/issues/4050) and [#4257](https://github.com/chef/chef/issues/4257)."

data/lib/chef/resource/script.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "execute"
 class Chef
   class Resource
     class Script < Chef::Resource::Execute
-      unified_mode true
       provides :script

data/lib/chef/resource/selinux/common_helpers.rb ADDED Viewed

@@ -0,0 +1,47 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class Chef
+  module SELinux
+    module CommonHelpers
+      def selinux_disabled?
+        selinux_state.eql?(:disabled)
+      end
+      def selinux_enforcing?
+        selinux_state.eql?(:enforcing)
+      end
+      def selinux_permissive?
+        selinux_state.eql?(:permissive)
+      end
+      def state_change_reboot_required?
+        (selinux_disabled? && %i{enforcing permissive}.include?(action)) || ((selinux_enforcing? || selinux_permissive?) && action == :disabled)
+      end
+      def selinux_state
+        state = shell_out!("getenforce").stdout.strip.downcase.to_sym
+        raise "Got unknown SELinux state #{state}" unless %i{disabled enforcing permissive}.include?(state)
+        state
+      end
+      def selinux_activate_required?
+        return false unless platform_family?("debian")
+        !File.read("/etc/default/grub").match?("security=selinux")
+      end
+    end
+  end
+end

data/lib/chef/resource/selinux/selinux_debian.erb ADDED Viewed

@@ -0,0 +1,18 @@
+# Generated by Chef for <%= node['fqdn'] %>
+# Do NOT modify this file by hand.
+#
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+# enforcing - SELinux security policy is enforced.
+# permissive - SELinux prints warnings instead of enforcing.
+# disabled - No SELinux policy is loaded.
+SELINUX=<%= @selinux %>
+# SELINUXTYPE= can take one of these three values:
+# default - equivalent to the old strict and targeted policies
+# mls     - Multi-Level Security (for military and educational use)
+# src     - Custom policy built from source
+SELINUXTYPE=<%= @selinuxtype %>
+# SETLOCALDEFS= Check local definition changes
+SETLOCALDEFS=0

data/lib/chef/resource/selinux/selinux_default.erb ADDED Viewed

@@ -0,0 +1,15 @@
+# Generated by Chef for <%= node['fqdn'] %>
+# Do NOT modify this file by hand.
+#
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#     enforcing - SELinux security policy is enforced.
+#     permissive - SELinux prints warnings instead of enforcing.
+#     disabled - No SELinux policy is loaded.
+SELINUX=<%= @selinux %>
+# SELINUXTYPE= can take one of these three values:
+#     targeted - Targeted processes are protected,
+#     minimum - Modification of targeted policy. Only selected processes are protected.
+#     mls - Multi Level Security protection.
+SELINUXTYPE=<%= @selinuxtype %>

data/lib/chef/resource/selinux_boolean.rb ADDED Viewed

@@ -0,0 +1,101 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative "../resource"
+require_relative "selinux/common_helpers"
+class Chef
+  class Resource
+    class SelinuxBoolean < Chef::Resource
+      unified_mode true
+      provides :selinux_boolean
+      description "Use **selinux_boolean** resource to set SELinux boolean values."
+      introduced "18.0"
+      examples <<~DOC
+      **Set ssh_keysign to true**:
+      ```ruby
+      selinux_boolean 'ssh_keysign' do
+        value true
+      end
+      ```
+      **Set ssh_sysadm_login to 'on'**:
+      ```ruby
+      selinux_boolean 'ssh_sysadm_login' do
+        value 'on'
+      end
+      ```
+      DOC
+      property :boolean, String,
+        name_property: true,
+        description: "SELinux boolean to set."
+      property :value, [Integer, String, true, false],
+        required: true,
+        equal_to: %w{on off},
+        coerce: proc { |p| selinux_bool(p) },
+        description: "SELinux boolean value."
+      property :persistent, [true, false],
+        default: true,
+        desired_state: false,
+        description: "Set to true for value setting to survive reboot."
+      load_current_value do |new_resource|
+        value shell_out!("getsebool", new_resource.boolean).stdout.split("-->").map(&:strip).last
+      end
+      action_class do
+        include Chef::SELinux::CommonHelpers
+      end
+      action :set , description: "Set the state of the boolean." do
+        if selinux_disabled?
+          Chef::Log.warn("Unable to set SELinux boolean #{new_resource.name} as SELinux is disabled")
+          return
+        end
+        converge_if_changed do
+          cmd = "setsebool"
+          cmd += " -P" if new_resource.persistent
+          cmd += " #{new_resource.boolean} #{new_resource.value}"
+          shell_out!(cmd)
+        end
+      end
+      private
+      #
+      # Validate and return input boolean value in required format
+      # @param bool [String, Integer, Boolean] Input boolean value in allowed formats
+      #
+      # @return [String] [description] Boolean value in required format
+      def selinux_bool(bool)
+        if ["on", "true", "1", true, 1].include?(bool)
+          "on"
+        elsif ["off", "false", "0", false, 0].include?(bool)
+          "off"
+        else
+          raise ArgumentError, "selinux_bool: Invalid selinux boolean value #{bool}"
+        end
+      end
+    end
+  end
+end