chef 17.4.38-universal-mingw32 → 17.5.22-universal-mingw32

data/lib/chef/resource/registry_key.rb

@@ -18,6 +18,7 @@
 
 require_relative "../resource"
 require_relative "../digester"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 
 class Chef
   class Resource
@@ -26,7 +27,7 @@ class Chef
 
       provides(:registry_key) { true }
 
-      description "Use the **registry_key** resource to create and delete registry keys in Microsoft Windows."
+      description "Use the **registry_key** resource to create and delete registry keys in Microsoft Windows. Note: 64-bit versions of Microsoft Windows have a 32-bit compatibility layer in the registry that reflects and redirects certain keys (and their values) into specific locations (or logical views) of the registry hive.\n\n#{ChefUtils::Dist::Infra::PRODUCT} can access any reflected or redirected registry key. The machine architecture of the system on which #{ChefUtils::Dist::Infra::PRODUCT} is running is used as the default (non-redirected) location. Access to the SysWow64 location is redirected must be specified. Typically, this is only necessary to ensure compatibility with 32-bit applications that are running on a 64-bit operating system.\n\nFor more information, see: [Registry Reflection](https://docs.microsoft.com/en-us/windows/win32/winprog64/registry-reflection)."
       examples <<~'DOC'
       **Create a registry key**
 
@@ -66,7 +67,7 @@ class Chef
       end
       ```
 
-      **Set proxy settings to be the same as those used by Chef Infra Client**
+      **Set proxy settings to be the same as those used by #{ChefUtils::Dist::Infra::PRODUCT}**
 
       ```ruby
       proxy = URI.parse(Chef::Config[:http_proxy])
@@ -115,14 +116,42 @@ class Chef
       end
       ```
 
-      Note: Be careful when using the :delete_key action with the recursive attribute. This will delete the registry key, all of its values and all of the names, types, and data associated with them. This cannot be undone by Chef Infra Client.
+      Note: Be careful when using the :delete_key action with the recursive attribute. This will delete the registry key, all of its values and all of the names, types, and data associated with them. This cannot be undone by #{ChefUtils::Dist::Infra::PRODUCT}.
       DOC
 
-      state_attrs :values
-
       default_action :create
       allowed_actions :create, :create_if_missing, :delete, :delete_key
 
+      VALID_VALUE_HASH_KEYS = %i{name type data}.freeze
+
+      property :key, String, name_property: true
+      property :values, [Hash, Array],
+        default: [],
+        coerce: proc { |v|
+          @unscrubbed_values =
+            case v
+            when Hash
+              [ Mash.new(v).symbolize_keys ]
+            when Array
+              v.map { |value| Mash.new(value).symbolize_keys }
+            else
+              raise ArgumentError, "Bad type for RegistryKey resource, use Hash or Array"
+            end
+          scrub_values(@unscrubbed_values)
+        },
+        callbacks: {
+        "Missing name key in RegistryKey values hash" => lambda { |v| v.all? { |value| value.key?(:name) } },
+        "Bad key in RegistryKey values hash. Should be one of: #{VALID_VALUE_HASH_KEYS}" => lambda do |v|
+          v.all? do |value|
+            value.keys.all? { |key| VALID_VALUE_HASH_KEYS.include?(key) }
+          end
+        end,
+        "Type of name should be a string" => lambda { |v| v.all? { |value| value[:name].is_a?(String) } },
+        "Type of type should be a symbol" => lambda { |v| v.all? { |value| value[:type] ? value[:type].is_a?(Symbol) : true } },
+      }
+      property :recursive, [TrueClass, FalseClass], default: false
+      property :architecture, Symbol, default: :machine, equal_to: %i{machine x86_64 i386}
+
       # Some registry key data types may not be safely reported as json.
       # Example (CHEF-5323):
       #
@@ -152,51 +181,10 @@ class Chef
       # may want to extend the state_attrs API with the ability to rename POST'd attrs.
       #
       # See lib/chef/resource_reporter.rb for more information.
-      attr_reader :unscrubbed_values
-
-      def initialize(name, run_context = nil)
-        super
-        @values, @unscrubbed_values = [], []
-      end
-
-      property :key, String, name_property: true
-
-      VALID_VALUE_HASH_KEYS = %i{name type data}.freeze
-
-      def values(arg = nil)
-        if not arg.nil?
-          if arg.is_a?(Hash)
-            @values = [ Mash.new(arg).symbolize_keys ]
-          elsif arg.is_a?(Array)
-            @values = []
-            arg.each do |value|
-              @values << Mash.new(value).symbolize_keys
-            end
-          else
-            raise ArgumentError, "Bad type for RegistryKey resource, use Hash or Array"
-          end
-
-          @values.each do |v|
-            raise ArgumentError, "Missing name key in RegistryKey values hash" unless v.key?(:name)
-
-            v.each_key do |key|
-              raise ArgumentError, "Bad key #{key} in RegistryKey values hash" unless VALID_VALUE_HASH_KEYS.include?(key)
-            end
-            raise ArgumentError, "Type of name => #{v[:name]} should be string" unless v[:name].is_a?(String)
-
-            if v[:type]
-              raise ArgumentError, "Type of type => #{v[:type]} should be symbol" unless v[:type].is_a?(Symbol)
-            end
-          end
-          @unscrubbed_values = @values
-        elsif instance_variable_defined?(:@values)
-          scrub_values(@values)
-        end
+      def unscrubbed_values
+        @unscrubbed_values ||= []
       end
 
-      property :recursive, [TrueClass, FalseClass], default: false
-      property :architecture, Symbol, default: :machine, equal_to: %i{machine x86_64 i386}
-
       private
 
       def scrub_values(values)

data/lib/chef/resource/remote_file.rb

@@ -34,6 +34,78 @@ class Chef
 
       description "Use the **remote_file** resource to transfer a file from a remote location using file specificity. This resource is similar to the **file** resource. Note: Fetching files from the `files/` directory in a cookbook should be done with the **cookbook_file** resource."
 
+      examples <<~'DOC'
+      **Download a file without checking the checksum**:
+
+      ```ruby
+        remote_file '/tmp/remote.txt' do
+          source 'https://example.org/remote.txt'
+        end
+      ```
+
+      **Download a file with a checksum to validate**:
+
+      ```ruby
+        remote_file '/tmp/test_file' do
+          source 'http://www.example.com/tempfiles/test_file'
+          mode '0755'
+          checksum '3a7dac00b1' # A SHA256 (or portion thereof) of the file.
+        end
+      ```
+
+      **Download a file only if it's not already present**:
+
+      ```ruby
+        remote_file '/tmp/remote.txt' do
+          source 'https://example.org/remote.txt'
+          checksum '3a7dac00b1' # A SHA256 (or portion thereof) of the file.
+          action :create_if_missing
+        end
+      ```
+
+      **Using HTTP Basic Authentication in Headers**:
+
+      ```ruby
+        remote_file '/tmp/remote.txt' do
+          source 'https://example.org/remote.txt'
+          headers('Authorization' => "Basic #{Base64.encode64("USERNAME_VALUE:PASSWORD_VALUE").delete("\n")}")
+          checksum '3a7dac00b1' # A SHA256 (or portion thereof) of the file.
+          action :create_if_missing
+        end
+      ```
+
+      **Downloading a file to the Chef file cache dir for execution**:
+
+      ```ruby
+        remote_file '#{Chef::Config['file_cache_path']}/install.sh' do
+          source 'https://example.org/install.sh'
+          action :create_if_missing
+        end
+
+        execute '#{Chef::Config['file_cache_path']}/install.sh'
+      ```
+
+      **Specify advanced HTTP connection options including Net::HTTP (nethttp) options:**
+
+      ```ruby
+        remote_file '/tmp/remote.txt' do
+          source 'https://example.org/remote.txt'
+          http_options({
+            http_retry_delay: 0,
+            http_retry_count: 0,
+            keepalives: false,
+            nethttp: {
+              continue_timeout: 5,
+              max_retries: 5,
+              read_timeout: 5,
+              write_timeout: 5,
+              ssl_timeout: 5,
+            },
+          })
+        end
+      ```
+      DOC
+
       def initialize(name, run_context = nil)
         super
         @source = []
@@ -96,9 +168,29 @@ class Chef
         description: "Whether #{ChefUtils::Dist::Infra::PRODUCT} uses active or passive FTP. Set to `true` to use active FTP."
 
       property :headers, Hash, default: {},
-        description: "A Hash of custom HTTP headers."
+        description: <<~'DOCS'
+        A Hash of custom headers. For example:
+
+        ```ruby
+        headers({ "Cookie" => "user=some_user; pass=p@ssw0rd!" })
+        ```
 
-      property :show_progress, [ TrueClass, FalseClass ], default: false
+        or:
+
+        ```ruby
+        headers({ "Referer" => "#{header}" })
+        ```
+
+        or:
+
+        ```ruby
+        headers( "Authorization"=>"Basic #{ Base64.encode64("#{username}:#{password}").gsub("\n", "") }" )
+        ```
+        DOCS
+
+      property :show_progress, [ TrueClass, FalseClass ],
+        description: "Displays the progress of the file download.",
+        default: false
 
       property :ssl_verify_mode, Symbol, equal_to: %i{verify_none verify_peer},
         introduced: "16.2",
@@ -118,6 +210,10 @@ class Chef
 
       property :authentication, Symbol, equal_to: %i{remote local}, default: :remote
 
+      property :http_options, Hash, default: {},
+        introduced: "17.5",
+        description: "A Hash of custom HTTP options. For example: `http_options({ http_retry_count: 0, http_retry_delay: 2 })`"
+
       def after_created
         validate_identity_platform(remote_user, remote_password, remote_domain)
         identity = qualify_user(remote_user, remote_password, remote_domain)

data/lib/chef/resource/timezone.rb

@@ -38,7 +38,7 @@ class Chef
       **Set the timezone to America/Los_Angeles with a friendly resource name on Linux/macOS**
 
       ```ruby
-      timezone 'Set the host's timezone to America/Los_Angeles' do
+      timezone "Set the host's timezone to America/Los_Angeles" do
         timezone 'America/Los_Angeles'
       end
       ```
@@ -46,7 +46,7 @@ class Chef
       **Set the timezone to PST with a friendly resource name on Windows**
 
       ```ruby
-      timezone 'Set the host's timezone to PST' do
+      timezone "Set the host's timezone to PST" do
         timezone 'Pacific Standard time'
       end
       ```

data/lib/chef/resource/user_ulimit.rb

@@ -83,6 +83,7 @@ class Chef
           source ::File.expand_path("support/ulimit.erb", __dir__)
           local true
           mode "0644"
+          sensitive new_resource.sensitive
           variables(
             ulimit_user: new_resource.username,
             filehandle_limit: new_resource.filehandle_limit,

data/lib/chef/resource/windows_printer.rb

@@ -33,7 +33,7 @@ class Chef
 
       provides(:windows_printer) { true }
 
-      description "Use the **windows_printer** resource to setup Windows printers. This resource will automatically install the driver specified in the `driver_name` property and will automatically create a printer port using either the `ipv4_address` property or the `port_name property."
+      description "Use the **windows_printer** resource to setup Windows printers. This resource will automatically install the driver specified in the `driver_name` property and will automatically create a printer port using either the `ipv4_address` property or the `port_name` property."
       introduced "14.0"
       examples <<~DOC
       **Create a printer**:

data/lib/chef/resource/windows_uac.rb

@@ -104,7 +104,9 @@ class Chef
         #
         # @return [Integer]
         def consent_behavior_users_symbol_to_reg(sym)
-          %i{auto_deny secure_prompt_for_creds prompt_for_creds}.index(sym)
+          # Since 2 isn't a valid value for ConsentPromptBehaviorUser, assign the value at index as nil.
+          # https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings#registry-key-settings
+          [:auto_deny, :secure_prompt_for_creds, nil, :prompt_for_creds].index(sym)
         end
       end
     end

data/lib/chef/resource/windows_user_privilege.rb

@@ -139,7 +139,7 @@ class Chef
         coerce: proc { |v| Array(v) },
         callbacks: {
           "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? },
-        }
+        }, identity: true
 
       load_current_value do |new_resource|
         if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove))

data/lib/chef/resources.rb

@@ -73,6 +73,8 @@ require_relative "resource/homebrew_package"
 require_relative "resource/homebrew_tap"
 require_relative "resource/homebrew_update"
 require_relative "resource/ifconfig"
+require_relative "resource/inspec_input"
+require_relative "resource/inspec_waiver"
 require_relative "resource/inspec_waiver_file_entry"
 require_relative "resource/kernel_module"
 require_relative "resource/ksh"

data/lib/chef/run_context/cookbook_compiler.rb

@@ -32,6 +32,7 @@ class Chef
       attr_reader :events
       attr_reader :run_list_expansion
       attr_reader :logger
+      attr_reader :run_context
 
       def initialize(run_context, run_list_expansion, events)
         @run_context = run_context
@@ -43,23 +44,51 @@ class Chef
 
       # Chef::Node object for the current run.
       def node
-        @run_context.node
+        run_context.node
       end
 
       # Chef::CookbookCollection object for the current run
       def cookbook_collection
-        @run_context.cookbook_collection
+        run_context.cookbook_collection
       end
 
       # Resource Definitions from the compiled cookbooks. This is populated by
       # calling #compile_resource_definitions (which is called by #compile)
       def definitions
-        @run_context.definitions
+        run_context.definitions
+      end
+
+      # The global waiver_collection hanging off of the run_context, used by
+      # compile_compliance and the compliance phase that runs inspec
+      #
+      # @returns [Chef::Compliance::WaiverCollection]
+      #
+      def waiver_collection
+        run_context.waiver_collection
+      end
+
+      # The global input_collection hanging off of the run_context, used by
+      # compile_compliance and the compliance phase that runs inspec
+      #
+      # @returns [Chef::Compliance::inputCollection]
+      #
+      def input_collection
+        run_context.input_collection
+      end
+
+      # The global profile_collection hanging off of the run_context, used by
+      # compile_compliance and the compliance phase that runs inspec
+      #
+      # @returns [Chef::Compliance::ProfileCollection]
+      #
+      def profile_collection
+        run_context.profile_collection
       end
 
       # Run the compile phase of the chef run. Loads files in the following order:
       # * Libraries
       # * Ohai
+      # * Compliance Profiles/Waivers
       # * Attributes
       # * LWRPs
       # * Resource Definitions
@@ -73,6 +102,7 @@ class Chef
       def compile
         compile_libraries
         compile_ohai_plugins
+        compile_compliance
         compile_attributes
         compile_lwrps
         compile_resource_definitions
@@ -98,7 +128,7 @@ class Chef
 
       # Loads library files from cookbooks according to #cookbook_order.
       def compile_libraries
-        @events.library_load_start(count_files_by_segment(:libraries))
+        events.library_load_start(count_files_by_segment(:libraries))
         cookbook_order.each do |cookbook|
           eager_load_libraries = cookbook_collection[cookbook].metadata.eager_load_libraries
           if eager_load_libraries == true # actually true, not truthy
@@ -110,14 +140,14 @@ class Chef
             end
           end
         end
-        @events.library_load_complete
+        events.library_load_complete
       end
 
       # Loads Ohai Plugins from cookbooks, and ensure any old ones are
       # properly cleaned out
       def compile_ohai_plugins
         ohai_plugin_count = count_files_by_segment(:ohai)
-        @events.ohai_plugin_load_start(ohai_plugin_count)
+        events.ohai_plugin_load_start(ohai_plugin_count)
         FileUtils.rm_rf(Chef::Config[:ohai_segment_plugin_path])
 
         cookbook_order.each do |cookbook|
@@ -131,57 +161,81 @@ class Chef
           node.consume_ohai_data(ohai)
         end
 
-        @events.ohai_plugin_load_complete
+        events.ohai_plugin_load_complete
+      end
+
+      # Loads the compliance segment files from the cookbook into the collections
+      # hanging off of the run_context, for later use in the compliance phase
+      # inspec run.
+      #
+      def compile_compliance
+        events.compliance_load_start
+        events.profiles_load_start
+        cookbook_order.each do |cookbook|
+          load_profiles_from_cookbook(cookbook)
+        end
+        events.profiles_load_complete
+        events.inputs_load_start
+        cookbook_order.each do |cookbook|
+          load_inputs_from_cookbook(cookbook)
+        end
+        events.inputs_load_complete
+        events.waivers_load_start
+        cookbook_order.each do |cookbook|
+          load_waivers_from_cookbook(cookbook)
+        end
+        events.waivers_load_complete
+        events.compliance_load_complete
       end
 
       # Loads attributes files from cookbooks. Attributes files are loaded
       # according to #cookbook_order; within a cookbook, +default.rb+ is loaded
       # first, then the remaining attributes files in lexical sort order.
       def compile_attributes
-        @events.attribute_load_start(count_files_by_segment(:attributes, "attributes.rb"))
+        events.attribute_load_start(count_files_by_segment(:attributes, "attributes.rb"))
         cookbook_order.each do |cookbook|
           load_attributes_from_cookbook(cookbook)
         end
-        @events.attribute_load_complete
+        events.attribute_load_complete
       end
 
       # Loads LWRPs according to #cookbook_order. Providers are loaded before
       # resources on a cookbook-wise basis.
       def compile_lwrps
         lwrp_file_count = count_files_by_segment(:providers) + count_files_by_segment(:resources)
-        @events.lwrp_load_start(lwrp_file_count)
+        events.lwrp_load_start(lwrp_file_count)
         cookbook_order.each do |cookbook|
           load_lwrps_from_cookbook(cookbook)
         end
-        @events.lwrp_load_complete
+        events.lwrp_load_complete
       end
 
       # Loads resource definitions according to #cookbook_order
       def compile_resource_definitions
-        @events.definition_load_start(count_files_by_segment(:definitions))
+        events.definition_load_start(count_files_by_segment(:definitions))
         cookbook_order.each do |cookbook|
           load_resource_definitions_from_cookbook(cookbook)
         end
-        @events.definition_load_complete
+        events.definition_load_complete
       end
 
       # Iterates over the expanded run_list, loading each recipe in turn.
       def compile_recipes
-        @events.recipe_load_start(run_list_expansion.recipes.size)
+        events.recipe_load_start(run_list_expansion.recipes.size)
         run_list_expansion.recipes.each do |recipe|
 
           path = resolve_recipe(recipe)
-          @run_context.load_recipe(recipe)
-          @events.recipe_file_loaded(path, recipe)
+          run_context.load_recipe(recipe)
+          events.recipe_file_loaded(path, recipe)
         rescue Chef::Exceptions::RecipeNotFound => e
-          @events.recipe_not_found(e)
+          events.recipe_not_found(e)
           raise
         rescue Exception => e
-          @events.recipe_file_load_failed(path, e, recipe)
+          events.recipe_file_load_failed(path, e, recipe)
           raise
 
         end
-        @events.recipe_load_complete
+        events.recipe_load_complete
       end
 
       # Whether or not a cookbook is reachable from the set of cookbook given
@@ -225,7 +279,7 @@ class Chef
         attr_file_basename = ::File.basename(filename, ".rb")
         node.include_attribute("#{cookbook_name}::#{attr_file_basename}")
       rescue Exception => e
-        @events.attribute_file_load_failed(filename, e)
+        events.attribute_file_load_failed(filename, e)
         raise
       end
 
@@ -234,9 +288,9 @@ class Chef
 
           logger.trace("Loading cookbook #{cookbook_name}'s library file: #{filename}")
           Kernel.require(filename)
-          @events.library_file_loaded(filename)
+          events.library_file_loaded(filename)
         rescue Exception => e
-          @events.library_file_load_failed(filename, e)
+          events.library_file_load_failed(filename, e)
           raise
 
         end
@@ -260,18 +314,18 @@ class Chef
       def load_lwrp_provider(cookbook_name, filename)
         logger.trace("Loading cookbook #{cookbook_name}'s providers from #{filename}")
         Chef::Provider::LWRPBase.build_from_file(cookbook_name, filename, self)
-        @events.lwrp_file_loaded(filename)
+        events.lwrp_file_loaded(filename)
       rescue Exception => e
-        @events.lwrp_file_load_failed(filename, e)
+        events.lwrp_file_load_failed(filename, e)
         raise
       end
 
       def load_lwrp_resource(cookbook_name, filename)
         logger.trace("Loading cookbook #{cookbook_name}'s resources from #{filename}")
         Chef::Resource::LWRPBase.build_from_file(cookbook_name, filename, self)
-        @events.lwrp_file_loaded(filename)
+        events.lwrp_file_loaded(filename)
       rescue Exception => e
-        @events.lwrp_file_load_failed(filename, e)
+        events.lwrp_file_load_failed(filename, e)
         raise
       end
 
@@ -288,6 +342,36 @@ class Chef
         end
       end
 
+      # Load the compliance segment files from a single cookbook
+      #
+      def load_profiles_from_cookbook(cookbook_name)
+        # This identifies profiles by their inspec.yml file, we recurse into subdirs so the profiles may be deeply
+        # nested in a subdir structure for organization.  You could have profiles inside of profiles but
+        # since that is not coherently defined, you should not.
+        #
+        each_file_in_cookbook_by_segment(cookbook_name, :compliance, [ "profiles/**/inspec.{yml,yaml}" ]) do |filename|
+          profile_collection.from_file(filename, cookbook_name)
+        end
+      end
+
+      def load_waivers_from_cookbook(cookbook_name)
+        # This identifies waiver files as any yaml files under the waivers subdir.  We recurse into subdirs as well
+        # so that waivers may be nested in subdirs for organization.  Any other files are ignored.
+        #
+        each_file_in_cookbook_by_segment(cookbook_name, :compliance, [ "waivers/**/*.{yml,yaml}" ]) do |filename|
+          waiver_collection.from_file(filename, cookbook_name)
+        end
+      end
+
+      def load_inputs_from_cookbook(cookbook_name)
+        # This identifies input files as any yaml files under the inputs subdir.  We recurse into subdirs as well
+        # so that inputs may be nested in subdirs for organization.  Any other files are ignored.
+        #
+        each_file_in_cookbook_by_segment(cookbook_name, :compliance, [ "inputs/**/*.{yml,yaml}" ]) do |filename|
+          input_collection.from_file(filename, cookbook_name)
+        end
+      end
+
       def load_resource_definitions_from_cookbook(cookbook_name)
         files_in_cookbook_by_segment(cookbook_name, :definitions).each do |filename|
           next unless File.extname(filename) == ".rb"
@@ -300,9 +384,9 @@ class Chef
               logger.info("Overriding duplicate definition #{key}, new definition found in #{filename}")
               newval
             end
-            @events.definition_file_loaded(filename)
+            events.definition_file_loaded(filename)
           rescue Exception => e
-            @events.definition_file_load_failed(filename, e)
+            events.definition_file_load_failed(filename, e)
             raise
           end
         end

data/lib/chef/run_context.rb

@@ -25,6 +25,9 @@ require_relative "log"
 require_relative "recipe"
 require_relative "run_context/cookbook_compiler"
 require_relative "event_dispatch/events_output_stream"
+require_relative "compliance/input_collection"
+require_relative "compliance/waiver_collection"
+require_relative "compliance/profile_collection"
 require_relative "train_transport"
 require_relative "exceptions"
 require "forwardable" unless defined?(Forwardable)
@@ -120,10 +123,28 @@ class Chef
 
     # Handle to the global action_collection of executed actions for reporting / data_collector /etc
     #
-    # @return [Chef::ActionCollection
+    # @return [Chef::ActionCollection]
     #
     attr_accessor :action_collection
 
+    # Handle to the global profile_collection of inspec profiles for the compliance phase
+    #
+    # @return [Chef::Compliance::ProfileCollection]
+    #
+    attr_accessor :profile_collection
+
+    # Handle to the global waiver_collection of inspec waiver files for the compliance phase
+    #
+    # @return [Chef::Compliance::WaiverCollection]
+    #
+    attr_accessor :waiver_collection
+
+    # Handle to the global input_collection of inspec input files for the compliance phase
+    #
+    # @return [Chef::Compliance::inputCollection]
+    #
+    attr_accessor :input_collection
+
     # Pointer back to the Chef::Runner that created this
     #
     attr_accessor :runner
@@ -198,6 +219,9 @@ class Chef
       @loaded_attributes_hash = {}
       @reboot_info = {}
       @cookbook_compiler = nil
+      @input_collection = Chef::Compliance::InputCollection.new(events)
+      @waiver_collection = Chef::Compliance::WaiverCollection.new(events)
+      @profile_collection = Chef::Compliance::ProfileCollection.new(events)
 
       initialize_child_state
     end
@@ -674,6 +698,8 @@ class Chef
         events=
         has_cookbook_file_in_cookbook?
         has_template_in_cookbook?
+        input_collection
+        input_collection=
         load
         loaded_attribute
         loaded_attributes
@@ -688,6 +714,8 @@ class Chef
         node
         node=
         open_stream
+        profile_collection
+        profile_collection=
         reboot_info
         reboot_info=
         reboot_requested?
@@ -700,6 +728,8 @@ class Chef
         transport
         transport_connection
         unreachable_cookbook?
+        waiver_collection
+        waiver_collection=
       }
 
       def initialize(parent_run_context)