chef 17.6.18 → 17.9.18
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +5 -0
- data/chef.gemspec +1 -0
- data/lib/chef/application/base.rb +1 -1
- data/lib/chef/chef_fs/file_pattern.rb +1 -1
- data/lib/chef/chef_fs/path_utils.rb +1 -1
- data/lib/chef/compliance/default_attributes.rb +12 -2
- data/lib/chef/compliance/runner.rb +51 -5
- data/lib/chef/data_collector/run_end_message.rb +1 -1
- data/lib/chef/dsl/reboot_pending.rb +1 -1
- data/lib/chef/exceptions.rb +10 -0
- data/lib/chef/mixin/powershell_exec.rb +6 -5
- data/lib/chef/mixin/why_run.rb +8 -2
- data/lib/chef/powershell.rb +8 -6
- data/lib/chef/provider/cron.rb +6 -3
- data/lib/chef/provider/directory.rb +2 -2
- data/lib/chef/provider/git.rb +1 -1
- data/lib/chef/provider/ifconfig/debian.rb +1 -1
- data/lib/chef/provider/ifconfig.rb +4 -4
- data/lib/chef/provider/mount/linux.rb +16 -2
- data/lib/chef/provider/mount/mount.rb +1 -1
- data/lib/chef/provider/package/dnf.rb +1 -1
- data/lib/chef/provider/package/habitat.rb +1 -1
- data/lib/chef/provider/package/powershell.rb +13 -10
- data/lib/chef/provider/package/yum/python_helper.rb +81 -25
- data/lib/chef/provider/package/yum.rb +39 -12
- data/lib/chef/provider/package/zypper.rb +2 -0
- data/lib/chef/provider/package.rb +62 -27
- data/lib/chef/provider/subversion.rb +5 -5
- data/lib/chef/provider.rb +5 -2
- data/lib/chef/providers.rb +0 -1
- data/lib/chef/pwsh.rb +3 -2
- data/lib/chef/resource/apt_package.rb +2 -2
- data/lib/chef/resource/chef_client_config.rb +21 -1
- data/lib/chef/resource/chef_client_launchd.rb +1 -1
- data/lib/chef/resource/chef_client_trusted_certificate.rb +1 -0
- data/lib/chef/resource/chocolatey_config.rb +1 -1
- data/lib/chef/resource/chocolatey_feature.rb +1 -1
- data/lib/chef/resource/chocolatey_package.rb +3 -3
- data/lib/chef/resource/chocolatey_source.rb +24 -2
- data/lib/chef/resource/cron/cron.rb +75 -1
- data/lib/chef/resource/cron/cron_d.rb +2 -1
- data/lib/chef/resource/directory.rb +1 -1
- data/lib/chef/resource/dnf_package.rb +4 -6
- data/lib/chef/resource/dpkg_package.rb +5 -0
- data/lib/chef/resource/execute.rb +1 -4
- data/lib/chef/resource/habitat_install.rb +5 -5
- data/lib/chef/resource/homebrew_tap.rb +0 -4
- data/lib/chef/resource/inspec_waiver.rb +1 -1
- data/lib/chef/resource/inspec_waiver_file_entry.rb +1 -1
- data/lib/chef/resource/kernel_module.rb +27 -2
- data/lib/chef/resource/launchd.rb +0 -3
- data/lib/chef/resource/macos_userdefaults.rb +41 -131
- data/lib/chef/resource/powershell_package_source.rb +8 -8
- data/lib/chef/resource/rhsm_register.rb +31 -0
- data/lib/chef/resource/support/client.erb +7 -0
- data/lib/chef/resource/windows_auto_run.rb +1 -1
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
- data/lib/chef/resource/windows_feature_powershell.rb +8 -9
- data/lib/chef/resource/windows_task.rb +25 -10
- data/lib/chef/resource/windows_update_settings.rb +3 -3
- data/lib/chef/resource.rb +2 -2
- data/lib/chef/resource_reporter.rb +1 -1
- data/lib/chef/secret_fetcher/azure_key_vault.rb +64 -8
- data/lib/chef/secret_fetcher/hashi_vault.rb +37 -3
- data/lib/chef/secret_fetcher.rb +0 -1
- data/lib/chef/version.rb +1 -1
- data/spec/functional/dsl/reboot_pending_spec.rb +3 -3
- data/spec/functional/dsl/registry_helper_spec.rb +1 -1
- data/spec/functional/resource/dnf_package_spec.rb +138 -124
- data/spec/functional/resource/dpkg_package_spec.rb +16 -0
- data/spec/functional/resource/dsc_script_spec.rb +2 -2
- data/spec/functional/resource/macos_userdefaults_spec.rb +139 -0
- data/spec/functional/resource/registry_spec.rb +81 -81
- data/spec/functional/resource/yum_package_spec.rb +789 -129
- data/spec/functional/resource/zypper_package_spec.rb +7 -0
- data/spec/functional/win32/registry_spec.rb +8 -8
- data/spec/integration/client/client_spec.rb +31 -0
- data/spec/unit/application/base_spec.rb +40 -0
- data/spec/unit/compliance/runner_spec.rb +62 -1
- data/spec/unit/data_collector_spec.rb +24 -1
- data/spec/unit/dsl/reboot_pending_spec.rb +1 -1
- data/spec/unit/file_access_control_spec.rb +1 -1
- data/spec/unit/mixin/default_paths_spec.rb +1 -1
- data/spec/unit/mixin/securable_spec.rb +3 -3
- data/spec/unit/mixin/why_run_spec.rb +53 -0
- data/spec/unit/provider/cron_spec.rb +45 -0
- data/spec/unit/provider/group/groupadd_spec.rb +1 -0
- data/spec/unit/provider/group/usermod_spec.rb +2 -2
- data/spec/unit/provider/ifconfig_spec.rb +2 -0
- data/spec/unit/provider/mount/linux_spec.rb +16 -3
- data/spec/unit/provider/package/bff_spec.rb +1 -0
- data/spec/unit/provider/package/powershell_spec.rb +114 -114
- data/spec/unit/provider/package/rubygems_spec.rb +8 -5
- data/spec/unit/provider/package/solaris_spec.rb +1 -0
- data/spec/unit/provider/package/windows_spec.rb +1 -1
- data/spec/unit/provider/registry_key_spec.rb +4 -4
- data/spec/unit/provider/service/arch_service_spec.rb +2 -2
- data/spec/unit/provider/service/debian_service_spec.rb +1 -0
- data/spec/unit/provider/service/gentoo_service_spec.rb +1 -0
- data/spec/unit/provider/service/macosx_spec.rb +1 -0
- data/spec/unit/provider/service/redhat_spec.rb +4 -1
- data/spec/unit/provider/service/simple_service_spec.rb +6 -4
- data/spec/unit/provider/service/windows_spec.rb +5 -5
- data/spec/unit/provider/subversion_spec.rb +4 -4
- data/spec/unit/provider/user_spec.rb +2 -0
- data/spec/unit/provider/windows_env_spec.rb +1 -1
- data/spec/unit/provider/zypper_repository_spec.rb +1 -1
- data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +14 -0
- data/spec/unit/resource/chocolatey_config_spec.rb +1 -1
- data/spec/unit/resource/chocolatey_feature_spec.rb +1 -1
- data/spec/unit/resource/chocolatey_source_spec.rb +1 -1
- data/spec/unit/resource/dpkg_package_spec.rb +12 -0
- data/spec/unit/resource/kernel_module_spec.rb +2 -1
- data/spec/unit/resource/macos_user_defaults_spec.rb +36 -96
- data/spec/unit/resource/registry_key_spec.rb +10 -10
- data/spec/unit/resource/rhsm_register_spec.rb +42 -0
- data/spec/unit/resource/windows_auto_run_spec.rb +1 -1
- data/spec/unit/resource/windows_feature_powershell_spec.rb +1 -1
- data/spec/unit/resource/windows_firewall_rule_spec.rb +2 -2
- data/spec/unit/resource/windows_task_spec.rb +3 -3
- data/spec/unit/resource_reporter_spec.rb +2 -2
- data/spec/unit/resource_spec.rb +5 -0
- data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +99 -20
- data/spec/unit/secret_fetcher/hashi_vault_spec.rb +46 -0
- data/spec/unit/util/backup_spec.rb +1 -1
- data/spec/unit/win32/registry_spec.rb +3 -3
- metadata +24 -9
- data/lib/chef/provider/group/suse.rb +0 -82
- data/spec/unit/provider/group/suse_spec.rb +0 -90
@@ -20,7 +20,7 @@ class Chef
|
|
20
20
|
unified_mode true
|
21
21
|
provides :chocolatey_source
|
22
22
|
|
23
|
-
description "Use the **chocolatey_source** resource to add, remove, enable, or disable Chocolatey sources."
|
23
|
+
description "Use the **chocolatey_source** resource to add, remove, enable, or disable Chocolatey sources. Note: The Chocolatey package manager is not installed on Windows by default. You will need to install it prior to using this resource by adding the [Chocolatey cookbook](https://supermarket.chef.io/cookbooks/chocolatey/) to your node's run list."
|
24
24
|
introduced "14.3"
|
25
25
|
examples <<~DOC
|
26
26
|
**Add a Chocolatey source**
|
@@ -63,6 +63,22 @@ class Chef
|
|
63
63
|
|
64
64
|
property :disabled, [TrueClass, FalseClass], default: false, desired_state: false, skip_docs: true
|
65
65
|
|
66
|
+
property :username, String,
|
67
|
+
description: "The username to use when authenticating against the source",
|
68
|
+
introduced: "17.7"
|
69
|
+
|
70
|
+
property :password, String, sensitive: true, desired_state: false,
|
71
|
+
description: "The password to use when authenticating against the source",
|
72
|
+
introduced: "17.7"
|
73
|
+
|
74
|
+
property :cert, String,
|
75
|
+
description: "The certificate to use when authenticating against the source",
|
76
|
+
introduced: "17.7"
|
77
|
+
|
78
|
+
property :cert_password, String, sensitive: true, desired_state: false,
|
79
|
+
description: "The password for the certificate to use when authenticating against the source",
|
80
|
+
introduced: "17.7"
|
81
|
+
|
66
82
|
load_current_value do
|
67
83
|
element = fetch_source_element(source_name)
|
68
84
|
current_value_does_not_exist! if element.nil?
|
@@ -74,6 +90,8 @@ class Chef
|
|
74
90
|
allow_self_service element["selfService"] == "true"
|
75
91
|
priority element["priority"].to_i
|
76
92
|
disabled element["disabled"] == "true"
|
93
|
+
username element["user"]
|
94
|
+
cert element["certificate"]
|
77
95
|
end
|
78
96
|
|
79
97
|
# @param [String] id the source name
|
@@ -129,10 +147,14 @@ class Chef
|
|
129
147
|
def choco_cmd(action)
|
130
148
|
cmd = "#{ENV["ALLUSERSPROFILE"]}\\chocolatey\\bin\\choco source #{action} -n \"#{new_resource.source_name}\""
|
131
149
|
if action == "add"
|
132
|
-
cmd << "
|
150
|
+
cmd << " --source=\"#{new_resource.source}\" --priority=#{new_resource.priority}"
|
133
151
|
cmd << " --bypassproxy" if new_resource.bypass_proxy
|
134
152
|
cmd << " --allowselfservice" if new_resource.allow_self_service
|
135
153
|
cmd << " --adminonly" if new_resource.admin_only
|
154
|
+
cmd << " --user=\"#{new_resource.username}\"" if new_resource.username
|
155
|
+
cmd << " --password=\"#{new_resource.password}\"" if new_resource.password
|
156
|
+
cmd << " --cert=\"#{new_resource.cert}\"" if new_resource.cert
|
157
|
+
cmd << " --certpassword=\"#{new_resource.cert_password}\"" if new_resource.cert_password
|
136
158
|
end
|
137
159
|
cmd
|
138
160
|
end
|
@@ -20,6 +20,7 @@
|
|
20
20
|
require_relative "../../resource"
|
21
21
|
require_relative "../helpers/cron_validations"
|
22
22
|
require_relative "../../provider/cron" # do not remove. we actually need this below
|
23
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
23
24
|
|
24
25
|
class Chef
|
25
26
|
class Resource
|
@@ -30,7 +31,80 @@ class Chef
|
|
30
31
|
|
31
32
|
provides :cron
|
32
33
|
|
33
|
-
description "Use the **cron** resource to manage cron entries for time-based job scheduling. Properties for a schedule will default to * if not provided. The cron resource requires access to a crontab program, typically cron."
|
34
|
+
description "Use the **cron** resource to manage cron entries for time-based job scheduling. Properties for a schedule will default to * if not provided. The cron resource requires access to a crontab program, typically cron. Warning: The cron resource should only be used to modify an entry in a crontab file. The `cron_d` resource directly manages `cron.d` files. This resource ships in #{ChefUtils::Dist::Infra::PRODUCT} 14.4 or later and can also be found in the [cron](https://github.com/chef-cookbooks/cron) cookbook) for previous #{ChefUtils::Dist::Infra::PRODUCT} releases."
|
35
|
+
|
36
|
+
examples <<~'DOC'
|
37
|
+
**Run a program at a specified interval**
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
cron 'noop' do
|
41
|
+
hour '5'
|
42
|
+
minute '0'
|
43
|
+
command '/bin/true'
|
44
|
+
end
|
45
|
+
```
|
46
|
+
|
47
|
+
**Run an entry if a folder exists**
|
48
|
+
|
49
|
+
```ruby
|
50
|
+
cron 'ganglia_tomcat_thread_max' do
|
51
|
+
command "/usr/bin/gmetric
|
52
|
+
-n 'tomcat threads max'
|
53
|
+
-t uint32
|
54
|
+
-v '/usr/local/bin/tomcat-stat --thread-max'"
|
55
|
+
only_if { ::File.exist?('/home/jboss') }
|
56
|
+
end
|
57
|
+
```
|
58
|
+
|
59
|
+
**Run every Saturday, 8:00 AM**
|
60
|
+
|
61
|
+
The following example shows a schedule that will run every hour at 8:00 each Saturday morning, and will then send an email to “admin@example.com” after each run.
|
62
|
+
|
63
|
+
```ruby
|
64
|
+
cron 'name_of_cron_entry' do
|
65
|
+
minute '0'
|
66
|
+
hour '8'
|
67
|
+
weekday '6'
|
68
|
+
mailto 'admin@example.com'
|
69
|
+
action :create
|
70
|
+
end
|
71
|
+
```
|
72
|
+
|
73
|
+
**Run once a week**
|
74
|
+
|
75
|
+
```ruby
|
76
|
+
cron 'cookbooks_report' do
|
77
|
+
minute '0'
|
78
|
+
hour '0'
|
79
|
+
weekday '1'
|
80
|
+
user 'chefio'
|
81
|
+
mailto 'sysadmin@example.com'
|
82
|
+
home '/srv/supermarket/shared/system'
|
83
|
+
command %W{
|
84
|
+
cd /srv/supermarket/current &&
|
85
|
+
env RUBYLIB="/srv/supermarket/current/lib"
|
86
|
+
RAILS_ASSET_ID=`git rev-parse HEAD` RAILS_ENV="#{rails_env}"
|
87
|
+
bundle exec rake cookbooks_report
|
88
|
+
}.join(' ')
|
89
|
+
action :create
|
90
|
+
end
|
91
|
+
```
|
92
|
+
|
93
|
+
**Run only in November**
|
94
|
+
|
95
|
+
The following example shows a schedule that will run at 8:00 PM, every weekday (Monday through Friday), but only in November:
|
96
|
+
|
97
|
+
```ruby
|
98
|
+
cron 'name_of_cron_entry' do
|
99
|
+
minute '0'
|
100
|
+
hour '20'
|
101
|
+
day '*'
|
102
|
+
month '11'
|
103
|
+
weekday '1-5'
|
104
|
+
action :create
|
105
|
+
end
|
106
|
+
```
|
107
|
+
DOC
|
34
108
|
|
35
109
|
state_attrs :minute, :hour, :day, :month, :weekday, :user
|
36
110
|
|
@@ -18,6 +18,7 @@
|
|
18
18
|
require_relative "../../resource"
|
19
19
|
require_relative "../helpers/cron_validations"
|
20
20
|
require "shellwords" unless defined?(Shellwords)
|
21
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
21
22
|
|
22
23
|
class Chef
|
23
24
|
class Resource
|
@@ -29,7 +30,7 @@ class Chef
|
|
29
30
|
provides :cron_d
|
30
31
|
|
31
32
|
introduced "14.4"
|
32
|
-
description "Use the **cron_d** resource to manage cron job files in the `/etc/cron.d` directory.
|
33
|
+
description "Use the **cron_d** resource to manage cron job files in the `/etc/cron.d` directory. Warning: #{ChefUtils::Dist::Infra::PRODUCT} also ships with the **cron** resource for managing the monolithic `/etc/crontab` file on platforms that lack cron.d support. See the [cron resource](/resources/cron/) for information on using that resource."
|
33
34
|
examples <<~DOC
|
34
35
|
**Run a program on the fifth hour of the day**
|
35
36
|
|
@@ -46,7 +46,7 @@ class Chef
|
|
46
46
|
description: "The path to the directory. Using a fully qualified path is recommended, but is not always required."
|
47
47
|
|
48
48
|
property :recursive, [ TrueClass, FalseClass ],
|
49
|
-
description: "Create or delete
|
49
|
+
description: "Create parent directories recursively, or delete directory and all children recursively. For the owner, group, and mode properties, the value of this property applies only to the leaf directory.",
|
50
50
|
default: false
|
51
51
|
end
|
52
52
|
end
|
@@ -68,12 +68,10 @@ class Chef
|
|
68
68
|
end
|
69
69
|
}
|
70
70
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
true
|
76
|
-
end
|
71
|
+
property :allow_downgrade, [ TrueClass, FalseClass ],
|
72
|
+
description: "Allow downgrading a package to satisfy requested version requirements.",
|
73
|
+
default: true,
|
74
|
+
desired_state: false
|
77
75
|
end
|
78
76
|
end
|
79
77
|
end
|
@@ -37,6 +37,11 @@ class Chef
|
|
37
37
|
property :response_file_variables, Hash,
|
38
38
|
description: "A Hash of response file variables in the form of {'VARIABLE' => 'VALUE'}.",
|
39
39
|
default: {}, desired_state: false
|
40
|
+
|
41
|
+
property :allow_downgrade, [ TrueClass, FalseClass ],
|
42
|
+
description: "Allow downgrading a package to satisfy requested version requirements.",
|
43
|
+
default: true,
|
44
|
+
desired_state: false
|
40
45
|
end
|
41
46
|
end
|
42
47
|
end
|
@@ -346,7 +346,7 @@ class Chef
|
|
346
346
|
|
347
347
|
By default, notifications are `:delayed`, that is they are queued up as they are
|
348
348
|
triggered, and then executed at the very end of a Chef Infra Client run. To run
|
349
|
-
|
349
|
+
an action immediately, use `:immediately`:
|
350
350
|
|
351
351
|
```ruby
|
352
352
|
template '/etc/nagios3/configures-nagios.conf' do
|
@@ -517,9 +517,6 @@ class Chef
|
|
517
517
|
name_property: true,
|
518
518
|
description: "An optional property to set the command to be executed if it differs from the resource block's name. Note: Use the **execute** resource to run a single command. Use multiple **execute** resource blocks to run multiple commands."
|
519
519
|
|
520
|
-
property :umask, [ String, Integer ],
|
521
|
-
description: "The file mode creation mask, or umask."
|
522
|
-
|
523
520
|
property :creates, String,
|
524
521
|
description: "Prevent a command from creating a file when that file already exists."
|
525
522
|
|
@@ -52,8 +52,8 @@ class Chef
|
|
52
52
|
property :name, String, default: "install habitat",
|
53
53
|
description: "Name of the resource block. This has no impact other than logging."
|
54
54
|
|
55
|
-
property :install_url, String, default: "https://raw.githubusercontent.com/habitat-sh/habitat/
|
56
|
-
description: "URL to the install script, default is from the [habitat repo](https://raw.githubusercontent.com/habitat-sh/habitat/
|
55
|
+
property :install_url, String, default: "https://raw.githubusercontent.com/habitat-sh/habitat/main/components/hab/install.sh",
|
56
|
+
description: "URL to the install script, default is from the [habitat repo](https://raw.githubusercontent.com/habitat-sh/habitat/main/components/hab/install.sh) ."
|
57
57
|
|
58
58
|
property :bldr_url, String,
|
59
59
|
description: "Optional URL to an alternate Habitat Builder."
|
@@ -95,10 +95,10 @@ class Chef
|
|
95
95
|
path habfile
|
96
96
|
destination "#{Chef::Config[:file_cache_path]}/habitat"
|
97
97
|
action :extract
|
98
|
-
not_if { ::Dir.exist?(
|
98
|
+
not_if { ::Dir.exist?("c:\\habitat") }
|
99
99
|
end
|
100
100
|
|
101
|
-
directory
|
101
|
+
directory "c:\\habitat" do
|
102
102
|
notifies :run, "powershell_script[installing from archive]", :immediately
|
103
103
|
end
|
104
104
|
|
@@ -110,7 +110,7 @@ class Chef
|
|
110
110
|
end
|
111
111
|
|
112
112
|
# TODO: This won't self heal if missing until the next upgrade
|
113
|
-
windows_path
|
113
|
+
windows_path "C:\\habitat" do
|
114
114
|
action :add
|
115
115
|
end
|
116
116
|
else
|
@@ -41,10 +41,6 @@ class Chef
|
|
41
41
|
property :url, String,
|
42
42
|
description: "The URL of the tap."
|
43
43
|
|
44
|
-
property :full, [TrueClass, FalseClass],
|
45
|
-
description: "Perform a full clone on the tap, as opposed to a shallow clone.",
|
46
|
-
default: false
|
47
|
-
|
48
44
|
property :homebrew_path, String,
|
49
45
|
description: "The path to the Homebrew binary.",
|
50
46
|
default: "/usr/local/bin/brew"
|
@@ -116,7 +116,7 @@ class Chef
|
|
116
116
|
description: "The expiration date of the waiver - provided in YYYY-MM-DD format",
|
117
117
|
callbacks: {
|
118
118
|
"Expiration date should be a valid calendar date and match the following format: YYYY-MM-DD" => proc { |e|
|
119
|
-
re = Regexp.new(
|
119
|
+
re = Regexp.new("\\d{4}-\\d{2}-\\d{2}$").freeze
|
120
120
|
if re.match?(e)
|
121
121
|
Date.valid_date?(*e.split("-").map(&:to_i))
|
122
122
|
else
|
@@ -74,7 +74,7 @@ class Chef
|
|
74
74
|
description: "The expiration date of the given waiver - provided in YYYY-MM-DD format",
|
75
75
|
callbacks: {
|
76
76
|
"Expiration date should be a valid calendar date and match the following format: YYYY-MM-DD" => proc { |e|
|
77
|
-
re = Regexp.new(
|
77
|
+
re = Regexp.new("\\d{4}-\\d{2}-\\d{2}$").freeze
|
78
78
|
if re.match?(e)
|
79
79
|
Date.valid_date?(*e.split("-").map(&:to_i))
|
80
80
|
else
|
@@ -15,7 +15,7 @@ class Chef
|
|
15
15
|
|
16
16
|
provides :kernel_module
|
17
17
|
|
18
|
-
description "Use the **kernel_module** resource to manage kernel modules on Linux systems. This resource can load, unload, blacklist, disable, install, and uninstall modules."
|
18
|
+
description "Use the **kernel_module** resource to manage kernel modules on Linux systems. This resource can load, unload, blacklist, disable, enable, install, and uninstall modules."
|
19
19
|
introduced "14.3"
|
20
20
|
examples <<~DOC
|
21
21
|
Install and load a kernel module, and ensure it loads on reboot.
|
@@ -68,13 +68,21 @@ class Chef
|
|
68
68
|
end
|
69
69
|
```
|
70
70
|
|
71
|
-
Disable a kernel module.
|
71
|
+
Disable a kernel module so that it is not installable.
|
72
72
|
|
73
73
|
```ruby
|
74
74
|
kernel_module 'loop' do
|
75
75
|
action :disable
|
76
76
|
end
|
77
77
|
```
|
78
|
+
|
79
|
+
Enable a kernel module so that it is can be installed. Does not load or install.
|
80
|
+
|
81
|
+
```ruby
|
82
|
+
kernel_module 'loop' do
|
83
|
+
action :enable
|
84
|
+
end
|
85
|
+
```
|
78
86
|
DOC
|
79
87
|
|
80
88
|
property :modname, String,
|
@@ -101,6 +109,9 @@ class Chef
|
|
101
109
|
end
|
102
110
|
end
|
103
111
|
|
112
|
+
# Remove the "disable file" before trying to install
|
113
|
+
action_enable
|
114
|
+
|
104
115
|
# create options file before loading the module
|
105
116
|
unless new_resource.options.nil?
|
106
117
|
file "#{new_resource.unload_dir}/options_#{new_resource.modname}.conf" do
|
@@ -178,6 +189,20 @@ class Chef
|
|
178
189
|
action_unload
|
179
190
|
end
|
180
191
|
|
192
|
+
action :enable, description: "Enable a kernel module. Reverse :disable actions" do
|
193
|
+
with_run_context :root do
|
194
|
+
find_resource(:execute, "update initramfs") do
|
195
|
+
command initramfs_command
|
196
|
+
action :nothing
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
file "#{new_resource.unload_dir}/disable_#{new_resource.modname}.conf" do
|
201
|
+
action :delete
|
202
|
+
notifies :run, "execute[update initramfs]", :delayed
|
203
|
+
end
|
204
|
+
end
|
205
|
+
|
181
206
|
action :load, description: "Load a kernel module." do
|
182
207
|
unless module_loaded?
|
183
208
|
converge_by("load kernel module #{new_resource.modname}") do
|
@@ -238,9 +238,6 @@ class Chef
|
|
238
238
|
property :time_out, Integer,
|
239
239
|
description: "The amount of time (in seconds) a job may be idle before it times out. If no value is specified, the default timeout value for launchd will be used."
|
240
240
|
|
241
|
-
property :umask, Integer,
|
242
|
-
description: "A decimal value to pass to `umask` before running a job."
|
243
|
-
|
244
241
|
property :username, String,
|
245
242
|
description: "When launchd is run as the root user, the user to run the job as."
|
246
243
|
|
@@ -17,6 +17,7 @@
|
|
17
17
|
|
18
18
|
require_relative "../resource"
|
19
19
|
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
20
|
+
require "corefoundation" if RUBY_PLATFORM.match?(/darwin/)
|
20
21
|
autoload :Plist, "plist"
|
21
22
|
|
22
23
|
class Chef
|
@@ -78,173 +79,82 @@ class Chef
|
|
78
79
|
required: true
|
79
80
|
|
80
81
|
property :host, [String, Symbol],
|
81
|
-
description: "Set either :current or a hostname to set the user default at the host level.",
|
82
|
+
description: "Set either :current, :all or a hostname to set the user default at the host level.",
|
82
83
|
desired_state: false,
|
83
84
|
introduced: "16.3"
|
84
85
|
|
85
86
|
property :value, [Integer, Float, String, TrueClass, FalseClass, Hash, Array],
|
86
87
|
description: "The value of the key. Note: With the `type` property set to `bool`, `String` forms of Boolean true/false values that Apple accepts in the defaults command will be coerced: 0/1, 'TRUE'/'FALSE,' 'true'/false', 'YES'/'NO', or 'yes'/'no'.",
|
87
|
-
required: [:write]
|
88
|
-
coerce: proc { |v| v.is_a?(Hash) ? v.transform_keys(&:to_s) : v } # make sure keys are all strings for comparison
|
88
|
+
required: [:write]
|
89
89
|
|
90
90
|
property :type, String,
|
91
91
|
description: "The value type of the preference key.",
|
92
92
|
equal_to: %w{bool string int float array dict},
|
93
|
-
desired_state: false
|
93
|
+
desired_state: false,
|
94
|
+
deprecated: true
|
94
95
|
|
95
|
-
property :user, String,
|
96
|
-
description: "The system user that the default will be applied to.",
|
96
|
+
property :user, [String, Symbol],
|
97
|
+
description: "The system user that the default will be applied to. Set :current for current user, :all for all users or pass a valid username",
|
97
98
|
desired_state: false
|
98
99
|
|
99
100
|
property :sudo, [TrueClass, FalseClass],
|
100
101
|
description: "Set to true if the setting you wish to modify requires privileged access. This requires passwordless sudo for the `/usr/bin/defaults` command to be setup for the user running #{ChefUtils::Dist::Infra::PRODUCT}.",
|
101
102
|
default: false,
|
102
|
-
desired_state: false
|
103
|
+
desired_state: false,
|
104
|
+
deprecated: true
|
103
105
|
|
104
106
|
load_current_value do |new_resource|
|
105
|
-
Chef::Log.debug "#load_current_value:
|
106
|
-
state = shell_out(defaults_export_cmd(new_resource), user: new_resource.user)
|
107
|
-
|
108
|
-
if state.error? || state.stdout.empty?
|
109
|
-
Chef::Log.debug "#load_current_value: #{defaults_export_cmd(new_resource).join(" ")} returned stdout: #{state.stdout} and stderr: #{state.stderr}"
|
110
|
-
current_value_does_not_exist!
|
111
|
-
end
|
107
|
+
Chef::Log.debug "#load_current_value: attempting to read \"#{new_resource.domain}\" value from preferences to determine state"
|
112
108
|
|
113
|
-
|
109
|
+
pref = get_preference(new_resource)
|
110
|
+
current_value_does_not_exist! if pref.nil?
|
114
111
|
|
115
|
-
|
116
|
-
|
117
|
-
key new_resource.key
|
118
|
-
else
|
119
|
-
current_value_does_not_exist!
|
120
|
-
end
|
121
|
-
|
122
|
-
value plist_data[new_resource.key]
|
123
|
-
end
|
124
|
-
|
125
|
-
#
|
126
|
-
# The defaults command to export a domain
|
127
|
-
#
|
128
|
-
# @return [Array] defaults command
|
129
|
-
#
|
130
|
-
def defaults_export_cmd(resource)
|
131
|
-
state_cmd = ["/usr/bin/defaults"]
|
132
|
-
|
133
|
-
if resource.host == "current"
|
134
|
-
state_cmd.concat(["-currentHost"])
|
135
|
-
elsif resource.host # they specified a non-nil value, which is a hostname
|
136
|
-
state_cmd.concat(["-host", resource.host])
|
137
|
-
end
|
138
|
-
|
139
|
-
state_cmd.concat(["export", resource.domain, "-"])
|
140
|
-
state_cmd
|
112
|
+
key new_resource.key
|
113
|
+
value pref
|
141
114
|
end
|
142
115
|
|
143
116
|
action :write, description: "Write the value to the specified domain/key." do
|
144
117
|
converge_if_changed do
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
shell_out!(cmd, user: new_resource.user)
|
118
|
+
Chef::Log.debug("Updating defaults value for #{new_resource.key} in #{new_resource.domain}")
|
119
|
+
CF::Preferences.set!(new_resource.key, new_resource.value, new_resource.domain, to_cf_user(new_resource.user), to_cf_host(new_resource.host))
|
149
120
|
end
|
150
121
|
end
|
151
122
|
|
152
123
|
action :delete, description: "Delete a key from a domain." do
|
153
124
|
# if it's not there there's nothing to remove
|
154
|
-
return
|
125
|
+
return if current_resource.nil?
|
155
126
|
|
156
127
|
converge_by("delete domain:#{new_resource.domain} key:#{new_resource.key}") do
|
157
|
-
|
158
|
-
|
159
|
-
Chef::Log.debug("Removing defaults key by shelling out: #{cmd.join(" ")}")
|
160
|
-
|
161
|
-
shell_out!(cmd, user: new_resource.user)
|
128
|
+
Chef::Log.debug("Removing defaults key: #{new_resource.key}")
|
129
|
+
CF::Preferences.set!(new_resource.key, nil, new_resource.domain, to_cf_user(new_resource.user), to_cf_host(new_resource.host))
|
162
130
|
end
|
163
131
|
end
|
164
132
|
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
#
|
169
|
-
# @return [Array] Array representation of defaults command to run
|
170
|
-
#
|
171
|
-
def defaults_modify_cmd
|
172
|
-
cmd = ["/usr/bin/defaults"]
|
173
|
-
|
174
|
-
if new_resource.host == :current
|
175
|
-
cmd.concat(["-currentHost"])
|
176
|
-
elsif new_resource.host # they specified a non-nil value, which is a hostname
|
177
|
-
cmd.concat(["-host", new_resource.host])
|
178
|
-
end
|
179
|
-
|
180
|
-
cmd.concat([action.to_s, new_resource.domain, new_resource.key])
|
181
|
-
cmd.concat(processed_value) if action == :write
|
182
|
-
cmd.prepend("sudo") if new_resource.sudo
|
183
|
-
cmd
|
184
|
-
end
|
185
|
-
|
186
|
-
#
|
187
|
-
# convert the provided value into the format defaults expects
|
188
|
-
#
|
189
|
-
# @return [array] array of values starting with the type if applicable
|
190
|
-
#
|
191
|
-
def processed_value
|
192
|
-
type = new_resource.type || value_type(new_resource.value)
|
193
|
-
|
194
|
-
# when dict this creates an array of values ["Key1", "Value1", "Key2", "Value2" ...]
|
195
|
-
cmd_values = ["-#{type}"]
|
196
|
-
|
197
|
-
case type
|
198
|
-
when "dict"
|
199
|
-
cmd_values.concat(new_resource.value.flatten)
|
200
|
-
when "array"
|
201
|
-
cmd_values.concat(new_resource.value)
|
202
|
-
when "bool"
|
203
|
-
cmd_values.concat(bool_to_defaults_bool(new_resource.value))
|
204
|
-
else
|
205
|
-
cmd_values.concat([new_resource.value])
|
206
|
-
end
|
207
|
-
|
208
|
-
cmd_values
|
209
|
-
end
|
133
|
+
def get_preference(new_resource)
|
134
|
+
CF::Preferences.get(new_resource.key, new_resource.domain, to_cf_user(new_resource.user), to_cf_host(new_resource.host))
|
135
|
+
end
|
210
136
|
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
return ["FALSE"] if [false, "FALSE", "0", "false", "NO", "no"].include?(input)
|
221
|
-
|
222
|
-
# make sure it's very clear bad input was given
|
223
|
-
raise ArgumentError, "#{input} cannot be converted to a boolean value for use with Apple's defaults command. Acceptable values are: 'TRUE', 'YES', 'true, 'yes', '0', true, 'FALSE', 'false', 'NO', 'no', '1', or false."
|
137
|
+
# Return valid hostname based on the input from host property
|
138
|
+
def to_cf_host(value)
|
139
|
+
case value
|
140
|
+
when :all
|
141
|
+
CF::Preferences::ALL_HOSTS
|
142
|
+
when :current
|
143
|
+
CF::Preferences::CURRENT_HOST
|
144
|
+
else
|
145
|
+
value
|
224
146
|
end
|
147
|
+
end
|
225
148
|
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
when true, false
|
236
|
-
"bool"
|
237
|
-
when Integer
|
238
|
-
"int"
|
239
|
-
when Float
|
240
|
-
"float"
|
241
|
-
when Hash
|
242
|
-
"dict"
|
243
|
-
when Array
|
244
|
-
"array"
|
245
|
-
when String
|
246
|
-
"string"
|
247
|
-
end
|
149
|
+
# Return valid username based on the input from user property
|
150
|
+
def to_cf_user(value)
|
151
|
+
case value
|
152
|
+
when :all
|
153
|
+
CF::Preferences::ALL_USERS
|
154
|
+
when :current
|
155
|
+
CF::Preferences::CURRENT_USER
|
156
|
+
else
|
157
|
+
value
|
248
158
|
end
|
249
159
|
end
|
250
160
|
end
|
@@ -25,10 +25,10 @@ class Chef
|
|
25
25
|
|
26
26
|
provides :powershell_package_source
|
27
27
|
|
28
|
-
description "Use the **powershell_package_source** resource to register a PowerShell package source and a Powershell package provider. There are
|
28
|
+
description "Use the **powershell_package_source** resource to register a PowerShell package source and a Powershell package provider. There are two distinct objects we care about here. The first is a package source like a PowerShell repository or a NuGet Source. The second object is a provider that PowerShell uses to get to that source with, like PowerShellGet, NuGet, Chocolatey, etc."
|
29
29
|
introduced "14.3"
|
30
30
|
examples <<~DOC
|
31
|
-
**Add a new
|
31
|
+
**Add a new PowerShell repository that is not trusted and which requires credentials to connect to**:
|
32
32
|
|
33
33
|
```ruby
|
34
34
|
powershell_package_source 'PowerShellModules' do
|
@@ -43,7 +43,7 @@ class Chef
|
|
43
43
|
end
|
44
44
|
```
|
45
45
|
|
46
|
-
**Add a new
|
46
|
+
**Add a new package source that uses Chocolatey as the package provider**:
|
47
47
|
|
48
48
|
```ruby
|
49
49
|
powershell_package_source 'PowerShellModules' do
|
@@ -56,7 +56,7 @@ class Chef
|
|
56
56
|
end
|
57
57
|
```
|
58
58
|
|
59
|
-
**Add a new PowerShell
|
59
|
+
**Add a new PowerShell script source that is trusted**:
|
60
60
|
|
61
61
|
```ruby
|
62
62
|
powershell_package_source 'MyDodgyScript' do
|
@@ -68,7 +68,7 @@ class Chef
|
|
68
68
|
end
|
69
69
|
```
|
70
70
|
|
71
|
-
**Update
|
71
|
+
**Update an existing PowerShell repository to make it trusted**:
|
72
72
|
|
73
73
|
```ruby
|
74
74
|
powershell_package_source 'MyPSModule' do
|
@@ -137,7 +137,7 @@ class Chef
|
|
137
137
|
description: "The location where scripts will be published to for this source. Only valid if the provider is `PowerShellGet`."
|
138
138
|
|
139
139
|
property :trusted, [TrueClass, FalseClass],
|
140
|
-
description: "Whether or not to trust packages from this source. Used when creating a
|
140
|
+
description: "Whether or not to trust packages from this source. Used when creating a non-PowerShell repository package source.",
|
141
141
|
default: false
|
142
142
|
|
143
143
|
property :user, String,
|
@@ -151,7 +151,7 @@ class Chef
|
|
151
151
|
property :provider_name, String,
|
152
152
|
equal_to: %w{ Programs msi NuGet msu PowerShellGet psl chocolatey winget },
|
153
153
|
validation_message: "The following providers are supported: 'Programs', 'msi', 'NuGet', 'msu', 'PowerShellGet', 'psl', 'chocolatey' or 'winget'",
|
154
|
-
description: "The package management provider for the package source. The default is PowerShellGet
|
154
|
+
description: "The package management provider for the package source. The default is `PowerShellGet`. Only change this option in specific use cases.",
|
155
155
|
default: "NuGet"
|
156
156
|
|
157
157
|
load_current_value do
|
@@ -202,7 +202,7 @@ class Chef
|
|
202
202
|
end
|
203
203
|
end
|
204
204
|
|
205
|
-
action :set, description: "Updates an existing
|
205
|
+
action :set, description: "Updates an existing PowerShell repository or package source." do
|
206
206
|
package_details = get_package_source_details
|
207
207
|
output = package_details.result
|
208
208
|
if output == "PSRepository"
|