chef 17.3.48-universal-mingw32 → 17.6.15-universal-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/chef.gemspec +2 -0
- data/lib/chef/application/base.rb +11 -1
- data/lib/chef/application.rb +3 -1
- data/lib/chef/client.rb +1 -2
- data/lib/chef/compliance/default_attributes.rb +5 -3
- data/lib/chef/compliance/input.rb +115 -0
- data/lib/chef/compliance/input_collection.rb +139 -0
- data/lib/chef/compliance/profile.rb +122 -0
- data/lib/chef/compliance/profile_collection.rb +109 -0
- data/lib/chef/compliance/reporter/automate.rb +1 -1
- data/lib/chef/compliance/runner.rb +62 -6
- data/lib/chef/compliance/waiver.rb +115 -0
- data/lib/chef/compliance/waiver_collection.rb +143 -0
- data/lib/chef/dsl/compliance.rb +38 -0
- data/lib/chef/dsl/reader_helpers.rb +51 -0
- data/lib/chef/dsl/recipe.rb +4 -2
- data/lib/chef/dsl/secret.rb +5 -7
- data/lib/chef/dsl/universal.rb +2 -0
- data/lib/chef/event_dispatch/base.rb +44 -2
- data/lib/chef/exceptions.rb +0 -2
- data/lib/chef/formatters/doc.rb +60 -13
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/formatters/minimal.rb +6 -5
- data/lib/chef/http/basic_client.rb +15 -7
- data/lib/chef/http.rb +12 -8
- data/lib/chef/provider/execute.rb +1 -1
- data/lib/chef/provider/file.rb +2 -0
- data/lib/chef/provider/group/dscl.rb +1 -1
- data/lib/chef/provider/launchd.rb +6 -6
- data/lib/chef/provider/link.rb +2 -2
- data/lib/chef/provider/registry_key.rb +3 -2
- data/lib/chef/provider/remote_file/http.rb +1 -1
- data/lib/chef/provider/subversion.rb +4 -4
- data/lib/chef/provider/support/yum_repo.erb +1 -1
- data/lib/chef/provider/systemd_unit.rb +17 -16
- data/lib/chef/provider/template.rb +1 -1
- data/lib/chef/provider/user/mac.rb +3 -3
- data/lib/chef/provider/yum_repository.rb +27 -43
- data/lib/chef/provider/zypper_repository.rb +3 -3
- data/lib/chef/provider.rb +26 -1
- data/lib/chef/provider_resolver.rb +8 -2
- data/lib/chef/resource/archive_file.rb +17 -14
- data/lib/chef/resource/chef_client_scheduled_task.rb +45 -2
- data/lib/chef/resource/chocolatey_config.rb +13 -13
- data/lib/chef/resource/execute.rb +2 -2
- data/lib/chef/resource/file/verification/json.rb +50 -0
- data/lib/chef/resource/file/verification/yaml.rb +52 -0
- data/lib/chef/resource/homebrew_cask.rb +1 -1
- data/lib/chef/resource/inspec_input.rb +127 -0
- data/lib/chef/resource/inspec_waiver.rb +184 -0
- data/lib/chef/resource/inspec_waiver_file_entry.rb +2 -2
- data/lib/chef/resource/launchd.rb +3 -3
- data/lib/chef/resource/mount.rb +1 -1
- data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
- data/lib/chef/resource/powershell_package_source.rb +234 -70
- data/lib/chef/resource/registry_key.rb +36 -48
- data/lib/chef/resource/remote_file.rb +99 -3
- data/lib/chef/resource/rhsm_subscription.rb +5 -5
- data/lib/chef/resource/ruby_block.rb +100 -0
- data/lib/chef/resource/scm/subversion.rb +1 -1
- data/lib/chef/resource/sysctl.rb +2 -2
- data/lib/chef/resource/systemd_unit.rb +3 -3
- data/lib/chef/resource/timezone.rb +2 -2
- data/lib/chef/resource/user_ulimit.rb +1 -0
- data/lib/chef/resource/windows_printer.rb +1 -1
- data/lib/chef/resource/windows_uac.rb +3 -1
- data/lib/chef/resource/windows_user_privilege.rb +1 -1
- data/lib/chef/resource/yum_package.rb +1 -5
- data/lib/chef/resource.rb +13 -17
- data/lib/chef/resource_inspector.rb +6 -2
- data/lib/chef/resources.rb +2 -0
- data/lib/chef/run_context/cookbook_compiler.rb +112 -28
- data/lib/chef/run_context.rb +31 -1
- data/lib/chef/secret_fetcher/akeyless_vault.rb +57 -0
- data/lib/chef/secret_fetcher/aws_secrets_manager.rb +17 -5
- data/lib/chef/secret_fetcher/azure_key_vault.rb +32 -10
- data/lib/chef/secret_fetcher/base.rb +6 -2
- data/lib/chef/secret_fetcher/hashi_vault.rb +100 -0
- data/lib/chef/secret_fetcher.rb +13 -6
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/version.rb +2 -1
- data/spec/data/archive_file/test_archive.tar.gz +0 -0
- data/spec/functional/resource/archive_file_spec.rb +87 -0
- data/spec/functional/resource/group_spec.rb +5 -1
- data/spec/functional/resource/link_spec.rb +8 -0
- data/spec/functional/resource/powershell_package_source_spec.rb +5 -6
- data/spec/integration/compliance/compliance_spec.rb +61 -0
- data/spec/integration/recipes/resource_action_spec.rb +2 -2
- data/spec/spec_helper.rb +3 -0
- data/spec/support/platform_helpers.rb +4 -0
- data/spec/support/ruby_installer.rb +51 -0
- data/spec/unit/compliance/input_spec.rb +104 -0
- data/spec/unit/compliance/profile_spec.rb +120 -0
- data/spec/unit/compliance/runner_spec.rb +46 -2
- data/spec/unit/compliance/waiver_spec.rb +104 -0
- data/spec/unit/dsl/secret_spec.rb +8 -2
- data/spec/unit/formatters/doc_spec.rb +1 -1
- data/spec/unit/http/basic_client_spec.rb +30 -0
- data/spec/unit/http_spec.rb +8 -2
- data/spec/unit/provider/link_spec.rb +13 -7
- data/spec/unit/provider/remote_file/http_spec.rb +10 -0
- data/spec/unit/provider/template_spec.rb +2 -2
- data/spec/unit/provider_spec.rb +23 -0
- data/spec/unit/resource/archive_file_spec.rb +414 -3
- data/spec/unit/resource/chef_client_scheduled_task_spec.rb +69 -0
- data/spec/unit/resource/file/verification/json_spec.rb +72 -0
- data/spec/unit/resource/file/verification/yaml_spec.rb +67 -0
- data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
- data/spec/unit/resource/inspec_input_spec.rb +300 -0
- data/spec/unit/resource/inspec_waiver_spec.rb +312 -0
- data/spec/unit/resource/mount_spec.rb +10 -0
- data/spec/unit/resource/powershell_package_source_spec.rb +63 -62
- data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/user_ulimit_spec.rb +14 -1
- data/spec/unit/resource_spec.rb +19 -8
- data/spec/unit/secret_fetcher/akeyless_vault_spec.rb +37 -0
- data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
- data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +23 -16
- data/spec/unit/secret_fetcher/hashi_vault_spec.rb +80 -0
- data/spec/unit/secret_fetcher_spec.rb +9 -9
- data/tasks/rspec.rb +2 -1
- metadata +61 -6
data/lib/chef/formatters/doc.rb
CHANGED
@@ -41,10 +41,11 @@ class Chef
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def run_start(version, run_status)
|
44
|
-
puts_line "
|
44
|
+
puts_line "#{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
|
45
45
|
puts_line "Patents: #{ChefUtils::Dist::Org::PATENTS}"
|
46
|
-
puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
|
47
46
|
puts_line "OpenSSL FIPS 140 mode enabled" if Chef::Config[:fips]
|
47
|
+
puts_line "Infra Phase starting"
|
48
|
+
puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
|
48
49
|
end
|
49
50
|
|
50
51
|
def total_resources
|
@@ -79,18 +80,18 @@ class Chef
|
|
79
80
|
puts_line ""
|
80
81
|
end
|
81
82
|
if Chef::Config[:why_run]
|
82
|
-
puts_line "
|
83
|
+
puts_line "Infra Phase complete, #{@updated_resources}/#{total_resources} resources would have been updated"
|
83
84
|
else
|
84
|
-
puts_line "
|
85
|
+
puts_line "Infra Phase complete, #{@updated_resources}/#{total_resources} resources updated in #{pretty_elapsed_time}"
|
85
86
|
end
|
86
87
|
end
|
87
88
|
|
88
89
|
def run_failed(exception)
|
89
90
|
@end_time = Time.now
|
90
91
|
if Chef::Config[:why_run]
|
91
|
-
puts_line "
|
92
|
+
puts_line "Infra Phase failed. #{@updated_resources} resources would have been updated"
|
92
93
|
else
|
93
|
-
puts_line "
|
94
|
+
puts_line "Infra Phase failed. #{@updated_resources} resources updated in #{pretty_elapsed_time}"
|
94
95
|
end
|
95
96
|
end
|
96
97
|
|
@@ -119,12 +120,12 @@ class Chef
|
|
119
120
|
def node_load_completed(node, expanded_run_list, config); end
|
120
121
|
|
121
122
|
def policyfile_loaded(policy)
|
122
|
-
puts_line "Using
|
123
|
+
puts_line "Using Policyfile '#{policy["name"]}' at revision '#{policy["revision_id"]}'"
|
123
124
|
end
|
124
125
|
|
125
126
|
# Called before the cookbook collection is fetched from the server.
|
126
127
|
def cookbook_resolution_start(expanded_run_list)
|
127
|
-
puts_line "
|
128
|
+
puts_line "Resolving cookbooks for run list: #{expanded_run_list.inspect}"
|
128
129
|
end
|
129
130
|
|
130
131
|
# Called when there is an error getting the cookbook collection from the
|
@@ -149,7 +150,7 @@ class Chef
|
|
149
150
|
|
150
151
|
# Called before cookbook sync starts
|
151
152
|
def cookbook_sync_start(cookbook_count)
|
152
|
-
puts_line "Synchronizing
|
153
|
+
puts_line "Synchronizing cookbooks:"
|
153
154
|
indent
|
154
155
|
end
|
155
156
|
|
@@ -168,7 +169,7 @@ class Chef
|
|
168
169
|
|
169
170
|
# Called when starting to collect gems from the cookbooks
|
170
171
|
def cookbook_gem_start(gems)
|
171
|
-
puts_line "Installing
|
172
|
+
puts_line "Installing cookbook gem dependencies:"
|
172
173
|
indent
|
173
174
|
end
|
174
175
|
|
@@ -194,7 +195,7 @@ class Chef
|
|
194
195
|
|
195
196
|
# Called when cookbook loading starts.
|
196
197
|
def library_load_start(file_count)
|
197
|
-
puts_line "Compiling
|
198
|
+
puts_line "Compiling cookbooks..."
|
198
199
|
end
|
199
200
|
|
200
201
|
# Called after a file in a cookbook is loaded.
|
@@ -280,7 +281,7 @@ class Chef
|
|
280
281
|
end
|
281
282
|
|
282
283
|
def resource_bypassed(resource, action, provider)
|
283
|
-
puts " (Skipped:
|
284
|
+
puts " (Skipped: Why-Run not supported by provider #{provider.class.name})", stream: resource
|
284
285
|
unindent
|
285
286
|
end
|
286
287
|
|
@@ -317,7 +318,7 @@ class Chef
|
|
317
318
|
# Called when resource current state load is skipped due to the provider
|
318
319
|
# not supporting whyrun mode.
|
319
320
|
def resource_current_state_load_bypassed(resource, action, current_resource)
|
320
|
-
puts_line("*
|
321
|
+
puts_line("* Why-Run not supported for #{resource}, bypassing load.", :yellow)
|
321
322
|
end
|
322
323
|
|
323
324
|
def stream_output(stream, output, options = {})
|
@@ -362,6 +363,52 @@ class Chef
|
|
362
363
|
end
|
363
364
|
end
|
364
365
|
|
366
|
+
# Called when compliance profile loading starts
|
367
|
+
def profiles_load_start
|
368
|
+
puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} profile files:")
|
369
|
+
end
|
370
|
+
|
371
|
+
# Called when compliance input loading starts
|
372
|
+
def inputs_load_start
|
373
|
+
puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} input files:")
|
374
|
+
end
|
375
|
+
|
376
|
+
# Called when compliance waiver loading starts
|
377
|
+
def waivers_load_start
|
378
|
+
puts_line("Loading #{Inspec::Dist::PRODUCT_NAME} waiver files:")
|
379
|
+
end
|
380
|
+
|
381
|
+
# Called when a compliance profile is found in a cookbook by the cookbook_compiler
|
382
|
+
def compliance_profile_loaded(profile)
|
383
|
+
start_line(" - #{profile.cookbook_name}::#{profile.pathname}", :cyan)
|
384
|
+
puts " (#{profile.version})", :cyan if profile.version
|
385
|
+
end
|
386
|
+
|
387
|
+
# Called when a compliance waiver is found in a cookbook by the cookbook_compiler
|
388
|
+
def compliance_input_loaded(input)
|
389
|
+
puts_line(" - #{input.cookbook_name}::#{input.pathname}", :cyan)
|
390
|
+
end
|
391
|
+
|
392
|
+
# Called when a compliance waiver is found in a cookbook by the cookbook_compiler
|
393
|
+
def compliance_waiver_loaded(waiver)
|
394
|
+
puts_line(" - #{waiver.cookbook_name}::#{waiver.pathname}", :cyan)
|
395
|
+
end
|
396
|
+
|
397
|
+
# Called when a compliance profile is enabled (by include_profile)
|
398
|
+
def compliance_profile_enabled(profile)
|
399
|
+
# puts_line(" * FIXME", :cyan)
|
400
|
+
end
|
401
|
+
|
402
|
+
# Called when a compliance waiver is enabled (by include_waiver)
|
403
|
+
def compliance_waiver_enabled(waiver)
|
404
|
+
# puts_line(" * FIXME", :cyan)
|
405
|
+
end
|
406
|
+
|
407
|
+
# Called when a compliance input is enabled (by include_input)
|
408
|
+
def compliance_input_enabled(input)
|
409
|
+
# puts_line(" * FIXME", :cyan)
|
410
|
+
end
|
411
|
+
|
365
412
|
# (see Base#deprecation)
|
366
413
|
def deprecation(deprecation, _location = nil)
|
367
414
|
if Chef::Config[:treat_deprecation_warnings_as_errors]
|
@@ -27,7 +27,7 @@ class Chef
|
|
27
27
|
# Failed to register this client with the server.
|
28
28
|
def self.registration_failed(node_name, exception, config)
|
29
29
|
error_inspector = ErrorInspectors::RegistrationErrorInspector.new(node_name, exception, config)
|
30
|
-
headline = "Chef encountered an error attempting to create the client \"#{node_name}\""
|
30
|
+
headline = "Chef Infra Client encountered an error attempting to create the client \"#{node_name}\""
|
31
31
|
description = ErrorDescription.new(headline)
|
32
32
|
error_inspector.add_explanation(description)
|
33
33
|
description
|
@@ -35,7 +35,7 @@ class Chef
|
|
35
35
|
|
36
36
|
def self.node_load_failed(node_name, exception, config)
|
37
37
|
error_inspector = ErrorInspectors::NodeLoadErrorInspector.new(node_name, exception, config)
|
38
|
-
headline = "Chef encountered an error attempting to load the node data for \"#{node_name}\""
|
38
|
+
headline = "Chef Infra Client encountered an error attempting to load the node data for \"#{node_name}\""
|
39
39
|
description = ErrorDescription.new(headline)
|
40
40
|
error_inspector.add_explanation(description)
|
41
41
|
description
|
@@ -28,20 +28,21 @@ class Chef
|
|
28
28
|
|
29
29
|
# Called at the very start of a Chef Run
|
30
30
|
def run_start(version, run_status)
|
31
|
-
puts_line "
|
31
|
+
puts_line "#{ChefUtils::Dist::Infra::PRODUCT}, version #{version}"
|
32
32
|
puts_line "Patents: #{ChefUtils::Dist::Org::PATENTS}"
|
33
|
-
puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
|
34
33
|
puts_line "OpenSSL FIPS 140 mode enabled" if Chef::Config[:fips]
|
34
|
+
puts_line "Infra Phase starting"
|
35
|
+
puts_line "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
|
35
36
|
end
|
36
37
|
|
37
38
|
# Called at the end of the Chef run.
|
38
39
|
def run_completed(node)
|
39
|
-
puts "
|
40
|
+
puts "Infra phase complete, #{@updated_resources.size} resources updated"
|
40
41
|
end
|
41
42
|
|
42
43
|
# called at the end of a failed run
|
43
44
|
def run_failed(exception)
|
44
|
-
puts "
|
45
|
+
puts "Infra phase failed. #{@updated_resources.size} resources updated"
|
45
46
|
end
|
46
47
|
|
47
48
|
# Called right after ohai runs.
|
@@ -71,7 +72,7 @@ class Chef
|
|
71
72
|
|
72
73
|
# Called before the cookbook collection is fetched from the server.
|
73
74
|
def cookbook_resolution_start(expanded_run_list)
|
74
|
-
puts "
|
75
|
+
puts "Resolving cookbooks for run list: #{expanded_run_list.inspect}"
|
75
76
|
end
|
76
77
|
|
77
78
|
# Called when there is an error getting the cookbook collection from the
|
@@ -36,16 +36,18 @@ class Chef
|
|
36
36
|
attr_reader :url
|
37
37
|
attr_reader :ssl_policy
|
38
38
|
attr_reader :keepalives
|
39
|
+
attr_reader :nethttp_opts
|
39
40
|
|
40
41
|
# Instantiate a BasicClient.
|
41
42
|
# === Arguments:
|
42
43
|
# url:: An URI for the remote server.
|
43
44
|
# === Options:
|
44
45
|
# ssl_policy:: The SSL Policy to use, defaults to DefaultSSLPolicy
|
45
|
-
def initialize(url,
|
46
|
+
def initialize(url, ssl_policy: DefaultSSLPolicy, keepalives: false, nethttp_opts: {})
|
46
47
|
@url = url
|
47
|
-
@ssl_policy =
|
48
|
-
@keepalives =
|
48
|
+
@ssl_policy = ssl_policy
|
49
|
+
@keepalives = keepalives
|
50
|
+
@nethttp_opts = ChefUtils::Mash.new(nethttp_opts)
|
49
51
|
end
|
50
52
|
|
51
53
|
def http_client
|
@@ -118,8 +120,14 @@ class Chef
|
|
118
120
|
configure_ssl(http_client)
|
119
121
|
end
|
120
122
|
|
121
|
-
|
122
|
-
|
123
|
+
opts = nethttp_opts.dup
|
124
|
+
opts["read_timeout"] ||= config[:rest_timeout]
|
125
|
+
opts["open_timeout"] ||= config[:rest_timeout]
|
126
|
+
|
127
|
+
opts.each do |key, value|
|
128
|
+
http_client.send(:"#{key}=", value)
|
129
|
+
end
|
130
|
+
|
123
131
|
if keepalives
|
124
132
|
http_client.start
|
125
133
|
else
|
@@ -142,11 +150,11 @@ class Chef
|
|
142
150
|
end
|
143
151
|
|
144
152
|
def http_proxy_user(proxy_uri)
|
145
|
-
proxy_uri.user ||
|
153
|
+
proxy_uri.user || config["#{proxy_uri.scheme}_proxy_user"]
|
146
154
|
end
|
147
155
|
|
148
156
|
def http_proxy_pass(proxy_uri)
|
149
|
-
proxy_uri.password ||
|
157
|
+
proxy_uri.password || config["#{proxy_uri.scheme}_proxy_pass"]
|
150
158
|
end
|
151
159
|
|
152
160
|
def configure_ssl(http_client)
|
data/lib/chef/http.rb
CHANGED
@@ -82,6 +82,9 @@ class Chef
|
|
82
82
|
# [Boolean] if we're doing keepalives or not
|
83
83
|
attr_reader :keepalives
|
84
84
|
|
85
|
+
# @returns [Hash] options for Net::HTTP to be sent to setters on the object
|
86
|
+
attr_reader :nethttp_opts
|
87
|
+
|
85
88
|
# Create a HTTP client object. The supplied +url+ is used as the base for
|
86
89
|
# all subsequent requests. For example, when initialized with a base url
|
87
90
|
# http://localhost:4000, a call to +get+ with 'nodes' will make an
|
@@ -94,6 +97,7 @@ class Chef
|
|
94
97
|
@redirect_limit = 10
|
95
98
|
@keepalives = options[:keepalives] || false
|
96
99
|
@options = options
|
100
|
+
@nethttp_opts = options[:nethttp] || {}
|
97
101
|
|
98
102
|
@middlewares = []
|
99
103
|
self.class.middlewares.each do |middleware_class|
|
@@ -311,7 +315,7 @@ class Chef
|
|
311
315
|
|
312
316
|
SocketlessChefZeroClient.new(base_url)
|
313
317
|
else
|
314
|
-
BasicClient.new(base_url, ssl_policy: ssl_policy, keepalives: keepalives)
|
318
|
+
BasicClient.new(base_url, ssl_policy: ssl_policy, keepalives: keepalives, nethttp_opts: nethttp_opts)
|
315
319
|
end
|
316
320
|
end
|
317
321
|
|
@@ -423,7 +427,7 @@ class Chef
|
|
423
427
|
if response.is_a?(Net::HTTPServerError) && !Chef::Config.local_mode
|
424
428
|
if http_retry_count - http_attempts >= 0
|
425
429
|
sleep_time = 1 + (2**http_attempts) + rand(2**http_attempts)
|
426
|
-
Chef::Log.
|
430
|
+
Chef::Log.warn("Server returned error #{response.code} for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s") # Updated from error to warn
|
427
431
|
sleep(sleep_time)
|
428
432
|
redo
|
429
433
|
end
|
@@ -432,7 +436,7 @@ class Chef
|
|
432
436
|
end
|
433
437
|
rescue SocketError, Errno::ETIMEDOUT, Errno::ECONNRESET => e
|
434
438
|
if http_retry_count - http_attempts >= 0
|
435
|
-
Chef::Log.
|
439
|
+
Chef::Log.warn("Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}") # Updated from error to warn
|
436
440
|
sleep(http_retry_delay)
|
437
441
|
retry
|
438
442
|
end
|
@@ -440,21 +444,21 @@ class Chef
|
|
440
444
|
raise e
|
441
445
|
rescue Errno::ECONNREFUSED
|
442
446
|
if http_retry_count - http_attempts >= 0
|
443
|
-
Chef::Log.
|
447
|
+
Chef::Log.warn("Connection refused connecting to #{url}, retry #{http_attempts}/#{http_retry_count}") # Updated from error to warn
|
444
448
|
sleep(http_retry_delay)
|
445
449
|
retry
|
446
450
|
end
|
447
451
|
raise Errno::ECONNREFUSED, "Connection refused connecting to #{url}, giving up"
|
448
452
|
rescue Timeout::Error
|
449
453
|
if http_retry_count - http_attempts >= 0
|
450
|
-
Chef::Log.
|
454
|
+
Chef::Log.warn("Timeout connecting to #{url}, retry #{http_attempts}/#{http_retry_count}") # Updated from error to warn
|
451
455
|
sleep(http_retry_delay)
|
452
456
|
retry
|
453
457
|
end
|
454
458
|
raise Timeout::Error, "Timeout connecting to #{url}, giving up"
|
455
459
|
rescue OpenSSL::SSL::SSLError => e
|
456
460
|
if (http_retry_count - http_attempts >= 0) && !e.message.include?("certificate verify failed")
|
457
|
-
Chef::Log.
|
461
|
+
Chef::Log.warn("SSL Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}") # Updated from error to warn
|
458
462
|
sleep(http_retry_delay)
|
459
463
|
retry
|
460
464
|
end
|
@@ -468,12 +472,12 @@ class Chef
|
|
468
472
|
|
469
473
|
# @api private
|
470
474
|
def http_retry_delay
|
471
|
-
config[:http_retry_delay]
|
475
|
+
options[:http_retry_delay] || config[:http_retry_delay]
|
472
476
|
end
|
473
477
|
|
474
478
|
# @api private
|
475
479
|
def http_retry_count
|
476
|
-
config[:http_retry_count]
|
480
|
+
options[:http_retry_count] || config[:http_retry_count]
|
477
481
|
end
|
478
482
|
|
479
483
|
# @api private
|
data/lib/chef/provider/file.rb
CHANGED
@@ -27,6 +27,8 @@ require_relative "../scan_access_control"
|
|
27
27
|
require_relative "../mixin/checksum"
|
28
28
|
require_relative "../mixin/file_class"
|
29
29
|
require_relative "../mixin/enforce_ownership_and_permissions"
|
30
|
+
require_relative "../resource/file/verification/json"
|
31
|
+
require_relative "../resource/file/verification/yaml"
|
30
32
|
require_relative "../util/backup"
|
31
33
|
require_relative "../util/diff"
|
32
34
|
require_relative "../util/selinux"
|
@@ -158,7 +158,7 @@ class Chef
|
|
158
158
|
if new_resource.group_name && (current_resource.group_name != new_resource.group_name)
|
159
159
|
dscl_create_group
|
160
160
|
end
|
161
|
-
if new_resource.gid && (current_resource.gid != new_resource.gid)
|
161
|
+
if new_resource.gid && (current_resource.gid != new_resource.gid.to_s)
|
162
162
|
set_gid
|
163
163
|
end
|
164
164
|
if new_resource.members || new_resource.excluded_members
|
@@ -43,22 +43,22 @@ class Chef
|
|
43
43
|
types[type]
|
44
44
|
end
|
45
45
|
|
46
|
-
action :create do
|
46
|
+
action :create, description: "Create a launchd property list." do
|
47
47
|
manage_plist(:create)
|
48
48
|
end
|
49
49
|
|
50
|
-
action :create_if_missing do
|
50
|
+
action :create_if_missing, description: "Create a launchd property list, if it does not already exist." do
|
51
51
|
manage_plist(:create_if_missing)
|
52
52
|
end
|
53
53
|
|
54
|
-
action :delete do
|
54
|
+
action :delete, description: "Delete a launchd property list. This will unload a daemon or agent, if loaded." do
|
55
55
|
if ::File.exists?(path)
|
56
56
|
manage_service(:disable)
|
57
57
|
end
|
58
58
|
manage_plist(:delete)
|
59
59
|
end
|
60
60
|
|
61
|
-
action :enable do
|
61
|
+
action :enable, description: "Create a launchd property list, and then ensure that it is enabled. If a launchd property list already exists, but does not match, updates the property list to match, and then restarts the daemon or agent." do
|
62
62
|
manage_service(:nothing)
|
63
63
|
manage_plist(:create) do
|
64
64
|
notifies :restart, "macosx_service[#{label}]", :immediately
|
@@ -66,13 +66,13 @@ class Chef
|
|
66
66
|
manage_service(:enable)
|
67
67
|
end
|
68
68
|
|
69
|
-
action :disable do
|
69
|
+
action :disable, description: "Disable a launchd property list." do
|
70
70
|
return unless ::File.exist?(path)
|
71
71
|
|
72
72
|
manage_service(:disable)
|
73
73
|
end
|
74
74
|
|
75
|
-
action :restart do
|
75
|
+
action :restart, description: "Restart a launchd managed daemon or agent." do
|
76
76
|
manage_service(:restart)
|
77
77
|
end
|
78
78
|
|
data/lib/chef/provider/link.rb
CHANGED
@@ -43,8 +43,8 @@ class Chef
|
|
43
43
|
)
|
44
44
|
else
|
45
45
|
current_resource.link_type(:hard)
|
46
|
-
if ::File.
|
47
|
-
if ::File.
|
46
|
+
if ::File.exist?(current_resource.target_file)
|
47
|
+
if ::File.exist?(new_resource.to) &&
|
48
48
|
file_class.stat(current_resource.target_file).ino ==
|
49
49
|
file_class.stat(new_resource.to).ino
|
50
50
|
current_resource.to(canonicalize(new_resource.to))
|
@@ -19,7 +19,7 @@
|
|
19
19
|
|
20
20
|
require_relative "../config"
|
21
21
|
require_relative "../log"
|
22
|
-
require_relative "../resource/
|
22
|
+
require_relative "../resource/registry_key"
|
23
23
|
require_relative "../mixin/checksum"
|
24
24
|
require_relative "../provider"
|
25
25
|
require "etc" unless defined?(Etc)
|
@@ -50,7 +50,8 @@ class Chef
|
|
50
50
|
current_resource.architecture(new_resource.architecture)
|
51
51
|
current_resource.recursive(new_resource.recursive)
|
52
52
|
if registry.key_exists?(new_resource.key)
|
53
|
-
|
53
|
+
current_registry_values = registry.get_values(new_resource.key) || []
|
54
|
+
current_resource.values(current_registry_values)
|
54
55
|
end
|
55
56
|
values_to_hash(current_resource.unscrubbed_values)
|
56
57
|
current_resource
|
@@ -55,7 +55,7 @@ class Chef
|
|
55
55
|
end
|
56
56
|
end
|
57
57
|
|
58
|
-
action :checkout do
|
58
|
+
action :checkout, description: "Clone or check out the source. When a checkout is available, this provider does nothing." do
|
59
59
|
if target_dir_non_existent_or_empty?
|
60
60
|
converge_by("perform checkout of #{new_resource.repository} into #{new_resource.destination}") do
|
61
61
|
shell_out!(checkout_command, run_options)
|
@@ -65,7 +65,7 @@ class Chef
|
|
65
65
|
end
|
66
66
|
end
|
67
67
|
|
68
|
-
action :export do
|
68
|
+
action :export, description: "Export the source, excluding or removing any version control artifacts." do
|
69
69
|
if target_dir_non_existent_or_empty?
|
70
70
|
action_force_export
|
71
71
|
else
|
@@ -73,13 +73,13 @@ class Chef
|
|
73
73
|
end
|
74
74
|
end
|
75
75
|
|
76
|
-
action :force_export do
|
76
|
+
action :force_export, description: "Export the source, excluding or removing any version control artifacts and force an export of the source that is overwriting the existing copy (if it exists)." do
|
77
77
|
converge_by("export #{new_resource.repository} into #{new_resource.destination}") do
|
78
78
|
shell_out!(export_command, run_options)
|
79
79
|
end
|
80
80
|
end
|
81
81
|
|
82
|
-
action :sync do
|
82
|
+
action :sync, description: "Update the source to the specified version, or get a new clone or checkout. This action causes a hard reset of the index and working tree, discarding any uncommitted changes." do
|
83
83
|
assert_target_directory_valid!
|
84
84
|
if ::File.exist?(::File.join(new_resource.destination, ".svn"))
|
85
85
|
current_rev = find_current_revision
|
@@ -22,6 +22,7 @@ require_relative "../resource/file"
|
|
22
22
|
require_relative "../resource/file/verification/systemd_unit"
|
23
23
|
require "iniparse"
|
24
24
|
require "shellwords" unless defined?(Shellwords)
|
25
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
25
26
|
|
26
27
|
class Chef
|
27
28
|
class Provider
|
@@ -75,7 +76,7 @@ class Chef
|
|
75
76
|
end
|
76
77
|
end
|
77
78
|
|
78
|
-
action :create do
|
79
|
+
action :create, description: "Create a systemd unit file, if it does not already exist." do
|
79
80
|
if current_resource.content != new_resource.to_ini
|
80
81
|
converge_by("creating unit: #{new_resource.unit_name}") do
|
81
82
|
manage_unit_file(:create)
|
@@ -84,7 +85,7 @@ class Chef
|
|
84
85
|
end
|
85
86
|
end
|
86
87
|
|
87
|
-
action :delete do
|
88
|
+
action :delete, description: "Delete a systemd unit file, if it exists." do
|
88
89
|
if ::File.exist?(unit_path)
|
89
90
|
converge_by("deleting unit: #{new_resource.unit_name}") do
|
90
91
|
manage_unit_file(:delete)
|
@@ -93,19 +94,19 @@ class Chef
|
|
93
94
|
end
|
94
95
|
end
|
95
96
|
|
96
|
-
action :preset do
|
97
|
+
action :preset, description: "Restore the preset '`enable`/`disable`' configuration for a systemd unit. *New in #{ChefUtils::Dist::Infra::PRODUCT} 14.0.*" do
|
97
98
|
converge_by("restoring enable/disable preset configuration for unit: #{new_resource.unit_name}") do
|
98
99
|
systemctl_execute!(:preset, new_resource.unit_name)
|
99
100
|
end
|
100
101
|
end
|
101
102
|
|
102
|
-
action :revert do
|
103
|
+
action :revert, description: "Revert to a vendor's version of a systemd unit file. *New in #{ChefUtils::Dist::Infra::PRODUCT} 14.0.*" do
|
103
104
|
converge_by("reverting to vendor version of unit: #{new_resource.unit_name}") do
|
104
105
|
systemctl_execute!(:revert, new_resource.unit_name)
|
105
106
|
end
|
106
107
|
end
|
107
108
|
|
108
|
-
action :enable do
|
109
|
+
action :enable, description: "Ensure the unit will be started after the next system boot." do
|
109
110
|
if current_resource.static
|
110
111
|
logger.debug("#{new_resource.unit_name} is a static unit, enabling is a NOP.")
|
111
112
|
end
|
@@ -121,7 +122,7 @@ class Chef
|
|
121
122
|
end
|
122
123
|
end
|
123
124
|
|
124
|
-
action :disable do
|
125
|
+
action :disable, description: "Ensure the unit will not be started after the next system boot." do
|
125
126
|
if current_resource.static
|
126
127
|
logger.debug("#{new_resource.unit_name} is a static unit, disabling is a NOP.")
|
127
128
|
end
|
@@ -138,14 +139,14 @@ class Chef
|
|
138
139
|
end
|
139
140
|
end
|
140
141
|
|
141
|
-
action :reenable do
|
142
|
+
action :reenable, description: "Reenable a unit file. *New in #{ChefUtils::Dist::Infra::PRODUCT} 14.0.*" do
|
142
143
|
converge_by("reenabling unit: #{new_resource.unit_name}") do
|
143
144
|
systemctl_execute!(:reenable, new_resource.unit_name)
|
144
145
|
logger.info("#{new_resource} reenabled")
|
145
146
|
end
|
146
147
|
end
|
147
148
|
|
148
|
-
action :mask do
|
149
|
+
action :mask, description: "Ensure the unit will not start, even to satisfy dependencies." do
|
149
150
|
unless current_resource.masked
|
150
151
|
converge_by("masking unit: #{new_resource.unit_name}") do
|
151
152
|
systemctl_execute!(:mask, new_resource.unit_name)
|
@@ -154,7 +155,7 @@ class Chef
|
|
154
155
|
end
|
155
156
|
end
|
156
157
|
|
157
|
-
action :unmask do
|
158
|
+
action :unmask, description: "Stop the unit from being masked and cause it to start as specified." do
|
158
159
|
if current_resource.masked
|
159
160
|
converge_by("unmasking unit: #{new_resource.unit_name}") do
|
160
161
|
systemctl_execute!(:unmask, new_resource.unit_name)
|
@@ -163,7 +164,7 @@ class Chef
|
|
163
164
|
end
|
164
165
|
end
|
165
166
|
|
166
|
-
action :start do
|
167
|
+
action :start, description: "Start a systemd unit." do
|
167
168
|
unless current_resource.active
|
168
169
|
converge_by("starting unit: #{new_resource.unit_name}") do
|
169
170
|
systemctl_execute!(:start, new_resource.unit_name, default_env: false)
|
@@ -172,7 +173,7 @@ class Chef
|
|
172
173
|
end
|
173
174
|
end
|
174
175
|
|
175
|
-
action :stop do
|
176
|
+
action :stop, description: "Stop a running systemd unit." do
|
176
177
|
if current_resource.active
|
177
178
|
converge_by("stopping unit: #{new_resource.unit_name}") do
|
178
179
|
systemctl_execute!(:stop, new_resource.unit_name, default_env: false)
|
@@ -181,14 +182,14 @@ class Chef
|
|
181
182
|
end
|
182
183
|
end
|
183
184
|
|
184
|
-
action :restart do
|
185
|
+
action :restart, description: "Restart a systemd unit." do
|
185
186
|
converge_by("restarting unit: #{new_resource.unit_name}") do
|
186
187
|
systemctl_execute!(:restart, new_resource.unit_name, default_env: false)
|
187
188
|
logger.info("#{new_resource} restarted")
|
188
189
|
end
|
189
190
|
end
|
190
191
|
|
191
|
-
action :reload do
|
192
|
+
action :reload, description: "Reload the configuration file for a systemd unit." do
|
192
193
|
if current_resource.active
|
193
194
|
converge_by("reloading unit: #{new_resource.unit_name}") do
|
194
195
|
systemctl_execute!(:reload, new_resource.unit_name, default_env: false)
|
@@ -199,21 +200,21 @@ class Chef
|
|
199
200
|
end
|
200
201
|
end
|
201
202
|
|
202
|
-
action :try_restart do
|
203
|
+
action :try_restart, description: "Try to restart a systemd unit if the unit is running." do
|
203
204
|
converge_by("try-restarting unit: #{new_resource.unit_name}") do
|
204
205
|
systemctl_execute!("try-restart", new_resource.unit_name, default_env: false)
|
205
206
|
logger.info("#{new_resource} try-restarted")
|
206
207
|
end
|
207
208
|
end
|
208
209
|
|
209
|
-
action :reload_or_restart do
|
210
|
+
action :reload_or_restart, description: "For systemd units that are services, this action reloads the configuration of the service without restarting, if possible; otherwise, it will restart the service so the new configuration is applied." do
|
210
211
|
converge_by("reload-or-restarting unit: #{new_resource.unit_name}") do
|
211
212
|
systemctl_execute!("reload-or-restart", new_resource.unit_name, default_env: false)
|
212
213
|
logger.info("#{new_resource} reload-or-restarted")
|
213
214
|
end
|
214
215
|
end
|
215
216
|
|
216
|
-
action :reload_or_try_restart do
|
217
|
+
action :reload_or_try_restart, description: "For systemd units that are services, this action reloads the configuration of the service without restarting, if possible; otherwise, it will try to restart the service so the new configuration is applied." do
|
217
218
|
converge_by("reload-or-try-restarting unit: #{new_resource.unit_name}") do
|
218
219
|
systemctl_execute!("reload-or-try-restart", new_resource.unit_name, default_env: false)
|
219
220
|
logger.info("#{new_resource} reload-or-try-restarted")
|
@@ -39,7 +39,7 @@ class Chef
|
|
39
39
|
super
|
40
40
|
|
41
41
|
requirements.assert(:create, :create_if_missing) do |a|
|
42
|
-
a.assertion { ::File.
|
42
|
+
a.assertion { ::File.exist?(content.template_location) }
|
43
43
|
a.failure_message "Template source #{content.template_location} could not be found."
|
44
44
|
a.whyrun "Template source #{content.template_location} does not exist. Assuming it would have been created."
|
45
45
|
a.block_action!
|