chef 17.9.42 → 17.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81905931cf4ca87528c65bb2be19f6656fcbf6754612da872f3c74e9c0e8753f
-  data.tar.gz: 75e630d0ac718daabb1854788c2428b765ea05229a25a21974812b5e4063a30a
+  metadata.gz: 6ac04518e7a36c9f65ca1a131832704645b078bf0290708683d6dd5cfeb8975c
+  data.tar.gz: 339602296915ea1c25bd3581db776b7478f109a1a6b0e6b1b887113357ebf0c9
 SHA512:
-  metadata.gz: db10283eb9a37f5b8dfd7223583eba74dc536277de8c5d424872c66b36102b505b07de211e9cd6022aa03d371339ebbc97846f5d3e534bbdf10896bde43fcb7a
-  data.tar.gz: 5bcaf6a2182e345138d53e67967a5b956c4bcdfd700f8c8b35994a15d71a0e5ed87a8327ccc6a7cb690b52c8c4043db1df65f16509b6268d7bc2a8169ef76875
+  metadata.gz: 1abbcfb133838d1b902a033589f24529331dea60e4da3c6678c1e1e666c29601175671ca837e23ea7e0a02ed327a1b7a8be0ee9bf73a62cf9a994634bf909ff0
+  data.tar.gz: 4bae17edf6da41be96f21055a3d9d456b57c75e04f4faeb9155af8ee23d5d43a6f3c6952c06131473a3818e461c941ddeb482f92cf46c7e18553bbef1f4ebc9f

data/chef-universal-mingw32.gemspec

@@ -14,7 +14,8 @@ gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0"
 gemspec.add_dependency "wmi-lite", "~> 1.0"
 gemspec.add_dependency "win32-taskscheduler", "~> 2.0"
 gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out
-gemspec.add_dependency "win32-certstore", "~> 0.6.2" # 0.5+ required for specifying user vs. system store
+gemspec.add_dependency "win32-certstore", "~> 0.6.2"
+gemspec.add_dependency "chef-powershell", "~> 1.0.12" # 0.5+ required for specifying user vs. system store
 gemspec.extensions << "ext/win32-eventlog/Rakefile"
 gemspec.files += Dir.glob("{distro,ext}/**/*")
 

data/chef.gemspec

@@ -42,7 +42,7 @@ Gem::Specification.new do |s|
   s.add_dependency "ffi-yajl", "~> 2.2"
   s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0" # remote_file resource
   s.add_dependency "erubis", "~> 2.7" # template resource / cookbook syntax check
-  s.add_dependency "diff-lcs", ">= 1.2.4", "< 1.4.0" # 1.4 breaks output. Used in lib/chef/util/diff
+  s.add_dependency "diff-lcs", ">= 1.2.4", "!= 1.4.0", "< 1.6.0" # 1.4 breaks output. Used in lib/chef/util/diff
   s.add_dependency "ffi-libarchive", "~> 1.0", ">= 1.0.3" # archive_file resource
   s.add_dependency "chef-zero", ">= 14.0.11"
   s.add_dependency "chef-vault" # chef-vault resources and helpers

data/lib/chef/api_client.rb

@@ -196,7 +196,7 @@ class Chef
     end
 
     def reregister
-      reregistered_self = http_api.put("clients/#{name}", { name: name, admin: admin, validator: validator, private_key: true })
+      reregistered_self = http_api.put("clients/#{name}", name: name, admin: admin, validator: validator, private_key: true )
       if reregistered_self.respond_to?(:[])
         private_key(reregistered_self["private_key"])
       else

data/lib/chef/compliance/default_attributes.rb

@@ -27,7 +27,7 @@ class Chef
 
       # Controls what is done with the resulting report after the Chef InSpec run.
       # Accepts a single string value or an array of multiple values.
-      # Accepted values: 'chef-server-automate', 'chef-automate', 'json-file', 'audit-enforcer', 'cli'
+      # Accepted values: 'chef-server-automate', 'chef-automate', 'json-file', 'audit-enforcer', 'compliance-enforcer', 'cli'
       "reporter" => nil,
 
       # Controls if Chef InSpec profiles should be fetched from Chef Automate or Chef Infra Server

data/lib/chef/compliance/reporter/compliance_enforcer.rb

@@ -1,7 +1,7 @@
 class Chef
   module Compliance
     module Reporter
-      class AuditEnforcer
+      class ComplianceEnforcer
         class ControlFailure < StandardError; end
 
         def send_report(report)

data/lib/chef/compliance/runner.rb

@@ -7,7 +7,7 @@ class Chef
     class Runner < EventDispatch::Base
       extend Forwardable
 
-      SUPPORTED_REPORTERS = %w{chef-automate chef-server-automate json-file audit-enforcer cli}.freeze
+      SUPPORTED_REPORTERS = %w{chef-automate chef-server-automate json-file audit-enforcer compliance-enforcer cli}.freeze
       SUPPORTED_FETCHERS = %w{chef-automate chef-server}.freeze
 
       attr_accessor :run_id
@@ -300,7 +300,7 @@ class Chef
           require_relative "reporter/json_file"
           path = node.dig("audit", "json_file", "location")
           Chef::Compliance::Reporter::JsonFile.new(file: path)
-        when "audit-enforcer"
+        when "audit-enforcer", "compliance-enforcer"
           require_relative "reporter/compliance_enforcer"
           Chef::Compliance::Reporter::ComplianceEnforcer.new
         when "cli"

data/lib/chef/policy_builder/expand_node_object.rb

@@ -248,8 +248,7 @@ class Chef
       end
 
       def api_service
-        @api_service ||= Chef::ServerAPI.new(config[:chef_server_url],
-          { version_class: Chef::CookbookManifestVersions })
+        @api_service ||= Chef::ServerAPI.new(config[:chef_server_url], version_class: Chef::CookbookManifestVersions )
       end
 
       def config

data/lib/chef/policy_builder/policyfile.rb

@@ -507,7 +507,7 @@ class Chef
       # @api private
       def api_service
         @api_service ||= Chef::ServerAPI.new(config[:chef_server_url],
-          { version_class: Chef::CookbookManifestVersions })
+          version_class: Chef::CookbookManifestVersions)
       end
 
       # @api private

data/lib/chef/provider/package/rubygems.rb

@@ -214,7 +214,7 @@ class Chef
           def install(gem_dependency, options = {})
             with_gem_sources(*options.delete(:sources)) do
               with_correct_verbosity do
-                dependency_installer(options).install(gem_dependency)
+                dependency_installer(**options).install(gem_dependency)
               end
             end
           end
@@ -228,7 +228,7 @@ class Chef
           def uninstall(gem_name, gem_version = nil, opts = {})
             gem_version ? opts[:version] = gem_version : opts[:all] = true
             with_correct_verbosity do
-              uninstaller(gem_name, opts).uninstall
+              uninstaller(gem_name, **opts).uninstall
             end
           end
 
@@ -240,12 +240,12 @@ class Chef
             yield
           end
 
-          def dependency_installer(opts = {})
-            Gem::DependencyInstaller.new(opts)
+          def dependency_installer(**opts)
+            Gem::DependencyInstaller.new(**opts)
           end
 
-          def uninstaller(gem_name, opts = {})
-            Gem::Uninstaller.new(gem_name, DEFAULT_UNINSTALLER_OPTS.merge(opts))
+          def uninstaller(gem_name, **opts)
+            Gem::Uninstaller.new(gem_name, **DEFAULT_UNINSTALLER_OPTS.merge(opts))
           end
 
           private

data/lib/chef/provider/package/yum/python_helper.rb

@@ -178,7 +178,20 @@ class Chef
           #
           # @api private
           def combine_args(provides, version, arch)
-            provides = provides.dup
+            provides = provides.to_s.strip
+            version = if !version.nil? && !version.empty?
+                        version.to_s.strip
+                      end
+            arch = if !arch.nil? && !arch.empty?
+                     arch.to_s.strip
+                   end
+            if version =~ /^[><=]/
+              if arch
+                return { "provides" => "#{provides}.#{arch} #{version}" }
+              else
+                return { "provides" => "#{provides} #{version}" }
+              end
+            end
             maybe_arch = provides.rpartition(".").last
             if is_arch?(maybe_arch)
               arch = maybe_arch

data/lib/chef/provider/service/windows.rb

@@ -183,7 +183,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
     end
 
     converge_by("create service #{new_resource.service_name}") do
-      Win32::Service.new(windows_service_config)
+      Win32::Service.new(**windows_service_config)
     end
 
     converge_delayed_start
@@ -209,7 +209,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
     converge_if_changed :service_type, :startup_type, :error_control,
       :binary_path_name, :load_order_group, :dependencies,
       :run_as_user, :display_name, :description do
-        Win32::Service.configure(windows_service_config(:configure))
+        Win32::Service.configure(**windows_service_config(:configure))
       end
 
     converge_delayed_start
@@ -268,7 +268,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
       password: new_resource.run_as_password,
     }.reject { |k, v| v.nil? || v.length == 0 }
 
-    Win32::Service.configure(new_config)
+    Win32::Service.configure(**new_config)
     logger.info "#{new_resource} configured."
 
     grant_service_logon(new_resource.run_as_user) if new_resource.run_as_user != "localsystem"
@@ -395,7 +395,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
       config[:service_name]  = new_resource.service_name
       config[:delayed_start] = new_resource.delayed_start ? 1 : 0
 
-      Win32::Service.configure(config)
+      Win32::Service.configure(**config)
     end
   end
 

data/lib/chef/provider/user/windows.rb

@@ -78,11 +78,11 @@ class Chef
         end
 
         def create_user
-          @net_user.add(set_options)
+          @net_user.add(**set_options)
         end
 
         def manage_user
-          @net_user.update(set_options)
+          @net_user.update(**set_options)
         end
 
         def remove_user

data/lib/chef/resource/archive_file.rb

@@ -20,6 +20,12 @@
 
 require_relative "../resource"
 require "fileutils" unless defined?(FileUtils)
+begin
+  # ffi-libarchive must be eager loaded see: https://github.com/chef/chef/issues/12228
+  require "ffi-libarchive" unless defined?(Archive::Reader)
+rescue LoadError
+  STDERR.puts "ffi-libarchive could not be loaded, libarchive is probably not installed on system, archive_file will not be available"
+end
 
 class Chef
   class Resource
@@ -92,8 +98,6 @@ class Chef
 
       action :extract, description: "Extract and archive file." do
 
-        require_libarchive
-
         unless ::File.exist?(new_resource.path)
           raise Errno::ENOENT, "No archive found at #{new_resource.path}! Cannot continue."
         end
@@ -131,10 +135,6 @@ class Chef
       end
 
       action_class do
-        def require_libarchive
-          require "ffi-libarchive"
-        end
-
         def define_resource_requirements
           if new_resource.mode.is_a?(Integer)
             Chef.deprecated(:archive_file_integer_file_mode, "The mode property should be passed to archive_file resources as a String and not an Integer to ensure the value is properly interpreted.")

data/lib/chef/resource.rb

@@ -341,6 +341,7 @@ class Chef
     def subscribes(action, resources, timing = :delayed)
       resources = [resources].flatten
       resources.each do |resource|
+        validate_resource_spec!(resource)
         if resource.is_a?(String)
           resource = UnresolvedSubscribes.new(resource, run_context)
         end

data/lib/chef/version.rb

@@ -23,7 +23,7 @@ require_relative "version_string"
 
 class Chef
   CHEF_ROOT = File.expand_path("..", __dir__)
-  VERSION = Chef::VersionString.new("17.9.42")
+  VERSION = Chef::VersionString.new("17.10.0")
 end
 
 #

data/spec/functional/resource/archive_file_spec.rb

@@ -18,8 +18,9 @@
 require "spec_helper"
 require "tmpdir"
 
-# Exclude this test on platforms where ffi-libarchive loading is broken
-describe Chef::Resource::ArchiveFile, :libarchive_loading_broken do
+# AIX is broken, see https://github.com/chef/omnibus-software/issues/1566
+# Windows tests are disbled since we'd need libarchive on windows testers in buildkite for PRs
+describe Chef::Resource::ArchiveFile, :not_supported_on_aix, :not_supported_on_windows do
   include RecipeDSLHelper
 
   let(:tmp_path) { Dir.mktmpdir }

data/spec/functional/resource/dnf_package_spec.rb

@@ -709,6 +709,21 @@ describe Chef::Resource::DnfPackage, :requires_root, external: exclude_test do
           action :install
         end.should_not_be_updated
       end
+
+      it "works with constraints in the version property" do
+        flush_cache
+        dnf_package "chef_rpm" do
+          version ">= 1.10"
+          options default_options
+          action :install
+        end.should_be_updated
+        expect_matching_installed_version("^chef_rpm-1.10-1.#{pkg_arch}$")
+        dnf_package "chef_rpm" do
+          version ">= 1.10"
+          options default_options
+          action :install
+        end.should_not_be_updated
+      end
     end
 
     context "with source arguments" do

data/spec/functional/resource/yum_package_spec.rb

@@ -754,6 +754,21 @@ describe Chef::Resource::YumPackage, :requires_root, external: exclude_test do
           action :install
         end.should_not_be_updated
       end
+
+      it "works with constraints in the version property" do
+        flush_cache
+        yum_package "chef_rpm" do
+          version ">= 1.10"
+          options default_options
+          action :install
+        end.should_be_updated
+        expect_matching_installed_version("^chef_rpm-1.10-1.#{pkg_arch}$")
+        yum_package "chef_rpm" do
+          version ">= 1.10"
+          options default_options
+          action :install
+        end.should_not_be_updated
+      end
     end
 
     context "with source arguments" do

data/spec/spec_helper.rb

@@ -187,8 +187,6 @@ RSpec.configure do |config|
   config.filter_run_excluding not_rhel7: true if rhel7?
   config.filter_run_excluding not_intel_64bit: true if intel_64bit?
 
-  config.filter_run_excluding libarchive_loading_broken: true if aix? || amazon_linux? || rhel7?
-
   # these let us use chef: ">= 13" or ruby: "~> 2.0.0" or any other Gem::Dependency-style constraint
   config.filter_run_excluding chef: DependencyProc.with(Chef::VERSION)
   config.filter_run_excluding ruby: DependencyProc.with(RUBY_VERSION)

data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb

@@ -1,8 +1,8 @@
 require "spec_helper"
 require "chef/compliance/reporter/compliance_enforcer"
 
-describe Chef::Compliance::Reporter::AuditEnforcer do
-  let(:reporter) { Chef::Compliance::Reporter::AuditEnforcer.new }
+describe Chef::Compliance::Reporter::ComplianceEnforcer do
+  let(:reporter) { Chef::Compliance::Reporter::ComplianceEnforcer.new }
 
   it "does not raise error for a successful InSpec report" do
     report = {
@@ -44,6 +44,6 @@ describe Chef::Compliance::Reporter::AuditEnforcer do
 
     expect {
       reporter.send_report(report)
-    }.to raise_error(Chef::Compliance::Reporter::AuditEnforcer::ControlFailure, "Audit c2 has failed. Aborting chef-client run.")
+    }.to raise_error(Chef::Compliance::Reporter::ComplianceEnforcer::ControlFailure, "Audit c2 has failed. Aborting chef-client run.")
   end
 end

data/spec/unit/resource/archive_file_spec.rb

@@ -29,8 +29,7 @@ rescue LoadError
   end
 end
 
-# Exclude this test on platforms where ffi-libarchive loading is broken
-describe Chef::Resource::ArchiveFile, :libarchive_loading_broken do
+describe Chef::Resource::ArchiveFile, :not_supported_on_aix do
   let(:node) { Chef::Node.new }
   let(:events) { Chef::EventDispatch::Dispatcher.new }
   let(:run_context) { Chef::RunContext.new(node, {}, events) }

data/spec/unit/resource_spec.rb

@@ -300,27 +300,35 @@ describe Chef::Resource do
   end
 
   describe "subscribes" do
+    context "with syntax error in resources parameter" do
+      it "raises an exception immediately" do
+        expect do
+          resource.subscribes(:run, "typo[missing-closing-bracket")
+        end.to raise_error(Chef::Exceptions::InvalidResourceSpecification)
+      end
+    end
+
     it "should make resources appear in the actions hash of subscribed nodes" do
-      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee")
+      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee", run_context)
       zr = run_context.resource_collection.find(zen_master: "coffee")
       resource.subscribes :reload, zr
       expect(zr.delayed_notifications.detect { |e| e.resource.name == "funk" && e.action == :reload }).not_to be_nil
     end
 
     it "should make resources appear in the actions hash of subscribed nodes" do
-      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee")
+      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee", run_context)
       zr = run_context.resource_collection.find(zen_master: "coffee")
       resource.subscribes :reload, zr
       expect(zr.delayed_notifications.detect { |e| e.resource.name == resource.name && e.action == :reload }).not_to be_nil
 
-      run_context.resource_collection << Chef::Resource::ZenMaster.new("bean")
+      run_context.resource_collection << Chef::Resource::ZenMaster.new("bean", run_context)
       zrb = run_context.resource_collection.find(zen_master: "bean")
       zrb.subscribes :reload, zr
       expect(zr.delayed_notifications.detect { |e| e.resource.name == resource.name && e.action == :reload }).not_to be_nil
     end
 
     it "should make subscribed resources be capable of acting immediately" do
-      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee")
+      run_context.resource_collection << Chef::Resource::ZenMaster.new("coffee", run_context)
       zr = run_context.resource_collection.find(zen_master: "coffee")
       resource.subscribes :reload, zr, :immediately
       expect(zr.immediate_notifications.detect { |e| e.resource.name == resource.name && e.action == :reload }).not_to be_nil

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 17.9.42
+  version: 17.10.0
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-01-28 00:00:00.000000000 Z
+date: 2022-03-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.9.42
+        version: 17.10.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.9.42
+        version: 17.10.0
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.9.42
+        version: 17.10.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.9.42
+        version: 17.10.0
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -289,9 +289,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.2.4
-    - - "<"
+    - - "!="
       - !ruby/object:Gem::Version
         version: 1.4.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -299,9 +302,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.2.4
-    - - "<"
+    - - "!="
       - !ruby/object:Gem::Version
         version: 1.4.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.6.0
 - !ruby/object:Gem::Dependency
   name: ffi-libarchive
   requirement: !ruby/object:Gem::Requirement