chef 17.8.25-universal-mingw32 → 17.9.18-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -216,8 +216,7 @@ class Chef
216
216
  def parsed_feature_list
217
217
  # Grab raw feature information from WindowsFeature
218
218
  raw_list_of_features = powershell_exec!("Get-WindowsFeature | Select-Object -Property Name,InstallState", timeout: new_resource.timeout).result
219
-
220
- Chef::JSONCompat.from_json(raw_list_of_features)
219
+ raw_list_of_features || []
221
220
  end
222
221
 
223
222
  # add the features values to the appropriate array
@@ -149,7 +149,6 @@ class Chef
149
149
  DOC
150
150
 
151
151
  allowed_actions :create, :delete, :run, :end, :enable, :disable, :change
152
- default_action :create
153
152
 
154
153
  property :task_name, String, regex: [%r{\A[^/\:\*\?\<\>\|]+\z}],
155
154
  description: "An optional property to set the task name if it differs from the resource block's name. Example: `Task Name` or `/Task Name`",
@@ -182,10 +181,19 @@ class Chef
182
181
  default: false
183
182
 
184
183
  property :frequency_modifier, [Integer, String],
185
- default: 1
184
+ default: 1,
185
+ description: <<~DOCS
186
+ * For frequency `:minute` valid values are 1 to 1439
187
+ * For frequency `:hourly` valid values are 1 to 23
188
+ * For frequency `:daily` valid values are 1 to 365
189
+ * For frequency `:weekly` valid values are 1 to 52
190
+ * For frequency `:monthly` valid values are `('FIRST', 'SECOND', 'THIRD', 'FOURTH', 'LAST')` OR `1-12`.
191
+ * e.g. If user want to run the task on `second week of the month` use `frequency_modifier` value as `SECOND`. Multiple values for weeks of the month should be comma separated e.g. `"FIRST, THIRD, LAST"`.
192
+ * To run task every (n) months use values 1 to 12.
193
+ DOCS
186
194
 
187
195
  property :frequency, Symbol, equal_to: %i{minute hourly daily weekly monthly once on_logon onstart on_idle none},
188
- description: "The frequency with which to run the task."
196
+ description: "The frequency with which to run the task. Note: This property is required in Chef Infra Client 14.1 or later. Note: The `:once` value requires the `start_time` property to be set."
189
197
 
190
198
  property :start_day, String,
191
199
  description: "Specifies the first date on which the task runs in **MM/DD/YYYY** format.",
@@ -195,7 +203,14 @@ class Chef
195
203
  description: "Specifies the start time to run the task, in **HH:mm** format."
196
204
 
197
205
  property :day, [String, Integer],
198
- description: "The day(s) on which the task runs."
206
+ description: <<~DOCS
207
+ The day(s) on which the task runs.
208
+ * Use this property when setting `frequency` to `:monthly` or `:weekly`.
209
+ * Valid values with frequency `:weekly` are `MON`-`SUN` or `*`.
210
+ * Valid values with frequency `:monthly` are `1-31`, `MON`-`SUN`, and `LASTDAY`.
211
+ * Use `MON`-`SUN` or `LASTDAY` if you are setting `frequency_modifier` as "FIRST, SECOND, THIRD etc." else use 1-31.
212
+ * Multiple days should be comma separated. e.g `1, 2, 3` or `MON, WED, FRI`.
213
+ DOCS
199
214
 
200
215
  property :months, String,
201
216
  description: "The Months of the year on which the task runs, such as: `JAN, FEB` or `*`. Multiple months should be comma delimited. e.g. `Jan, Feb, Mar, Dec`."
@@ -961,7 +976,7 @@ class Chef
961
976
  end
962
977
  end
963
978
 
964
- action :create do
979
+ action :create, description: "Creates a scheduled task, or updates an existing task if any property has changed." do
965
980
  set_command_and_arguments if new_resource.command
966
981
 
967
982
  if current_resource.exists
@@ -998,7 +1013,7 @@ class Chef
998
1013
  end
999
1014
  end
1000
1015
 
1001
- action :run do
1016
+ action :run, description: "Runs a scheduled task." do
1002
1017
  if current_resource.exists
1003
1018
  logger.trace "#{new_resource} task exists"
1004
1019
  if current_resource.task.status == "running"
@@ -1013,7 +1028,7 @@ class Chef
1013
1028
  end
1014
1029
  end
1015
1030
 
1016
- action :delete do
1031
+ action :delete, description: "Deletes a scheduled task." do
1017
1032
  if current_resource.exists
1018
1033
  logger.trace "#{new_resource} task exists"
1019
1034
  converge_by("delete scheduled task #{new_resource}") do
@@ -1026,7 +1041,7 @@ class Chef
1026
1041
  end
1027
1042
  end
1028
1043
 
1029
- action :end do
1044
+ action :end, description: "Ends a scheduled task." do
1030
1045
  if current_resource.exists
1031
1046
  logger.trace "#{new_resource} task exists"
1032
1047
  if current_resource.task.status != "running"
@@ -1041,7 +1056,7 @@ class Chef
1041
1056
  end
1042
1057
  end
1043
1058
 
1044
- action :enable do
1059
+ action :enable, description: "Enables a scheduled task." do
1045
1060
  if current_resource.exists
1046
1061
  logger.trace "#{new_resource} task exists"
1047
1062
  if current_resource.task.status == "not scheduled"
@@ -1058,7 +1073,7 @@ class Chef
1058
1073
  end
1059
1074
  end
1060
1075
 
1061
- action :disable do
1076
+ action :disable, description: "Disables a scheduled task." do
1062
1077
  if current_resource.exists
1063
1078
  logger.info "#{new_resource} task exists"
1064
1079
  if %w{ready running}.include?(current_resource.task.status)
@@ -1,5 +1,7 @@
1
1
  require_relative "base"
2
2
  require_relative "../exceptions"
3
+ require "json" unless defined?(JSON)
4
+ require "net/http" unless defined?(Net::HTTP)
3
5
  require "uri" unless defined?(URI)
4
6
 
5
7
  class Chef
@@ -31,6 +31,10 @@ class Chef
31
31
  # :auth_method - one of :iam_role, :token. default: :iam_role
32
32
  # :vault_addr - the address of a running Vault instance, eg https://vault.example.com:8200
33
33
  #
34
+ # For `:approle`: one of `:approle_name` or `:approle_id`
35
+ # `:approle_name`: The name of the approle to use for authentication. When specified, associated `:approle_id` will be found via query to Vault instance.
36
+ # `:approle_id`: The ID of the approle to use for authentication, requires `:approle_secret_id`
37
+ # `:approle_secret_id`: The Vault `secret_id` associated with the provided `:approle_name` or `:approle_id`. When specified, prevents need to create `:secret_id` with `:approle_name`.
34
38
  # For `:token` auth: `:token` - a Vault token valid for authentication.
35
39
  #
36
40
  # For `:iam_role`: `:role_name` - the name of the role in Vault that was created
@@ -47,14 +51,25 @@ class Chef
47
51
  #
48
52
  # @example
49
53
  #
50
- # fetcher = SecretFetcher.for_service(:hashi_vault, { role_name: "testing-role", vault_addr: https://localhost:8200}, run_context )
54
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :iam_role, role_name: "testing-role", vault_addr: https://localhost:8200}, run_context )
51
55
  # fetcher.fetch("secretkey1")
52
56
  #
53
57
  # @example
54
58
  #
55
- # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :token, token: "s.1234abcdef", vault_addr: https://localhost:8200}, run_context )
59
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :token, token: "s.1234abcdef", vault_addr: https://localhost:8200}, approle: 'approle_name', run_context )
56
60
  # fetcher.fetch("secretkey1")
57
- SUPPORTED_AUTH_TYPES = %i{iam_role token}.freeze
61
+ #
62
+ # @example
63
+ #
64
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :approle, approle_id: "11111111-abcd-1111-abcd-111111111111", approle_secret_id: "22222222-abcd-2222-abcd-222222222222", vault_addr: https://localhost:8200}, run_context )
65
+ # fetcher.fetch("secretkey1")
66
+ #
67
+ # @example
68
+ #
69
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :approle, approle_name: "testing-role", token: "s.1234abcdef", vault_addr: https://localhost:8200}, run_context )
70
+ # fetcher.fetch("secretkey1")
71
+ #
72
+ SUPPORTED_AUTH_TYPES = %i{approle iam_role token}.freeze
58
73
  class HashiVault < Base
59
74
 
60
75
  # Validate and authenticate the current session using the configured auth strategy and parameters
@@ -67,6 +82,25 @@ class Chef
67
82
  Vault.namespace = config[:namespace] unless config[:namespace].nil?
68
83
 
69
84
  case config[:auth_method]
85
+ when :approle
86
+ unless config[:approle_name] || config[:approle_id]
87
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the :approle_name or :approle_id in the configuration with :auth_method set to :approle")
88
+ end
89
+
90
+ # When :approle_id and :approle_secret_id are both specified, all pieces are present which are needed to authenticate using an approle.
91
+ # If either is missing, we need to authenticate to Vault to get the missing pieces with the :approle_name and optionally :token.
92
+ unless config[:approle_id] && config[:approle_secret_id]
93
+ if config[:approle_name].nil?
94
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the :approle_name in the configuration when :approle_id and :approle_secret_id are not both present with :auth_method set to :approle")
95
+ end
96
+
97
+ Vault.token = config[:token] unless config[:token].nil?
98
+ end
99
+
100
+ approle_id = config[:approle_id] || Vault.approle.role_id(config[:approle_name])
101
+ approle_secret_id = config[:approle_secret_id] || Vault.approle.create_secret_id(config[:approle_name]).data[:secret_id]
102
+
103
+ Vault.auth.approle(approle_id, approle_secret_id)
70
104
  when :token
71
105
  if config[:token].nil?
72
106
  raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the token in the configuration as :token")
data/lib/chef/version.rb CHANGED
@@ -23,7 +23,7 @@ require_relative "version_string"
23
23
 
24
24
  class Chef
25
25
  CHEF_ROOT = File.expand_path("..", __dir__)
26
- VERSION = Chef::VersionString.new("17.8.25")
26
+ VERSION = Chef::VersionString.new("17.9.18")
27
27
  end
28
28
 
29
29
  #