chef 17.9.52-universal-mingw32 → 17.10.68-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/Rakefile +2 -2
- data/chef-universal-mingw32.gemspec +2 -1
- data/chef.gemspec +5 -5
- data/lib/chef/api_client.rb +1 -1
- data/lib/chef/client.rb +17 -2
- data/lib/chef/compliance/input_collection.rb +1 -1
- data/lib/chef/compliance/profile_collection.rb +1 -1
- data/lib/chef/compliance/waiver_collection.rb +1 -1
- data/lib/chef/dsl/secret.rb +113 -5
- data/lib/chef/mixin/checksum.rb +6 -0
- data/lib/chef/node/attribute.rb +20 -3
- data/lib/chef/node/mixin/deep_merge_cache.rb +4 -4
- data/lib/chef/policy_builder/expand_node_object.rb +1 -2
- data/lib/chef/policy_builder/policyfile.rb +1 -1
- data/lib/chef/provider/file.rb +2 -2
- data/lib/chef/provider/package/powershell.rb +1 -1
- data/lib/chef/provider/package/rubygems.rb +6 -6
- data/lib/chef/provider/package/windows.rb +1 -1
- data/lib/chef/provider/package/yum/python_helper.rb +14 -1
- data/lib/chef/provider/service/windows.rb +4 -4
- data/lib/chef/provider/user/windows.rb +2 -2
- data/lib/chef/resource/chef_client_config.rb +5 -0
- data/lib/chef/resource/locale.rb +1 -1
- data/lib/chef/resource/rhsm_register.rb +19 -0
- data/lib/chef/resource/support/client.erb +1 -2
- data/lib/chef/resource/windows_certificate.rb +54 -43
- data/lib/chef/resource/windows_pagefile.rb +28 -21
- data/lib/chef/resource/windows_user_privilege.rb +36 -26
- data/lib/chef/run_context.rb +16 -0
- data/lib/chef/secret_fetcher/hashi_vault.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/version.rb +2 -1
- data/spec/data/trusted_certs/opscode.pem +33 -54
- data/spec/functional/resource/dnf_package_spec.rb +15 -0
- data/spec/functional/resource/windows_certificate_spec.rb +41 -13
- data/spec/functional/resource/windows_font_spec.rb +1 -1
- data/spec/functional/resource/windows_pagefile_spec.rb +31 -4
- data/spec/functional/resource/yum_package_spec.rb +15 -0
- data/spec/functional/shell_spec.rb +6 -0
- data/spec/unit/client_spec.rb +6 -3
- data/spec/unit/daemon_spec.rb +1 -5
- data/spec/unit/dsl/secret_spec.rb +127 -23
- data/spec/unit/mixin/checksum_spec.rb +28 -0
- data/spec/unit/provider/package/rubygems_spec.rb +1 -1
- data/spec/unit/resource/chef_client_config_spec.rb +8 -0
- data/spec/unit/run_context_spec.rb +16 -0
- metadata +43 -29
- /data/spec/functional/assets/yumrepo/repodata/{4632d67cb92636e7575d911c24f0e04d3505a944e97c483abe0c3e73a7c62d33-filelists.sqlite.bz2 → 01a3b-filelists.sqlite.bz2} +0 -0
- /data/spec/functional/assets/yumrepo/repodata/{bdb4f5f1492a3b9532f22c43110a81500dd744f23da0aec5c33b2a41317c737d-filelists.xml.gz → 401dc-filelists.xml.gz} +0 -0
- /data/spec/functional/assets/yumrepo/repodata/{a845d418f919d2115ab95a56b2c76f6825ad0d0bede49181a55c04f58995d057-primary.sqlite.bz2 → 5dc1e-primary.sqlite.bz2} +0 -0
- /data/spec/functional/assets/yumrepo/repodata/{74599b793e54d877323837d2d81a1c3c594c44e4335f9528234bb490f7b9b439-other.xml.gz → 6bf96-other.xml.gz} +0 -0
- /data/spec/functional/assets/yumrepo/repodata/{af9b7cf9ef23bd7b43068d74a460f3b5d06753d638e58e4a0c9edc35bfb9cdc4-other.sqlite.bz2 → 7c365-other.sqlite.bz2} +0 -0
- /data/spec/functional/assets/yumrepo/repodata/{c10d1d34ce99e02f12ec96ef68360543ab1bb7c3cb81a4a2bf78df7d8597e9df-primary.xml.gz → dabe2-primary.xml.gz} +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d9d9d9cbb55bb86e05548927fb83610a617358381e8c6c551a7329accdd98c0
|
4
|
+
data.tar.gz: 18a8c173eccb6630ca30587f7e2f73fb5fee8c42aed86eed1c5a1b4614f9173c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cd1e32e1784340c4aa1ebe99151a5a776e31fa44a674cfb2b7aa1f8bac146ee2d305d32f31447b310776cd8622252dc764fe86a31b4429026682fe71c4dad704
|
7
|
+
data.tar.gz: 343327a70c71c32574d040decaeebc44842386cd673890ef02db95337334a99c82f0e6cd8ee03e2f1c5cead88c1e0f43a27163e591d12252971d41d63b4a1256
|
data/Gemfile
CHANGED
@@ -15,12 +15,12 @@ else
|
|
15
15
|
gem "chef-bin" # rubocop:disable Bundler/DuplicatedGem
|
16
16
|
end
|
17
17
|
|
18
|
-
gem "cheffish", "~> 17.0"
|
18
|
+
gem "cheffish", "~> 17.0.0"
|
19
19
|
|
20
20
|
group(:omnibus_package) do
|
21
21
|
gem "appbundler"
|
22
22
|
gem "rb-readline"
|
23
|
-
gem "inspec-core-bin", "
|
23
|
+
gem "inspec-core-bin", ">= 4.24" # need to provide the binaries for inspec
|
24
24
|
gem "chef-vault"
|
25
25
|
end
|
26
26
|
|
data/Rakefile
CHANGED
@@ -70,7 +70,7 @@ Bundler::GemHelper.install_tasks name: gemspec
|
|
70
70
|
task :install do
|
71
71
|
chef_bin_path = ::File.join(::File.dirname(__FILE__), "chef-bin")
|
72
72
|
Dir.chdir(chef_bin_path) do
|
73
|
-
|
73
|
+
system "rake install:force"
|
74
74
|
end
|
75
75
|
end
|
76
76
|
|
@@ -80,7 +80,7 @@ namespace :install do
|
|
80
80
|
task :local do
|
81
81
|
chef_bin_path = ::File.join(::File.dirname(__FILE__), "chef-bin")
|
82
82
|
Dir.chdir(chef_bin_path) do
|
83
|
-
|
83
|
+
system "rake install:local"
|
84
84
|
end
|
85
85
|
end
|
86
86
|
end
|
@@ -14,7 +14,8 @@ gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0"
|
|
14
14
|
gemspec.add_dependency "wmi-lite", "~> 1.0"
|
15
15
|
gemspec.add_dependency "win32-taskscheduler", "~> 2.0"
|
16
16
|
gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out
|
17
|
-
gemspec.add_dependency "win32-certstore", "~> 0.6.
|
17
|
+
gemspec.add_dependency "win32-certstore", "~> 0.6.14"
|
18
|
+
gemspec.add_dependency "chef-powershell", "~> 1.0.12" # 0.5+ required for specifying user vs. system store
|
18
19
|
gemspec.extensions << "ext/win32-eventlog/Rakefile"
|
19
20
|
gemspec.files += Dir.glob("{distro,ext}/**/*")
|
20
21
|
|
data/chef.gemspec
CHANGED
@@ -22,11 +22,11 @@ Gem::Specification.new do |s|
|
|
22
22
|
s.email = "adam@chef.io"
|
23
23
|
s.homepage = "https://www.chef.io"
|
24
24
|
|
25
|
-
s.required_ruby_version = ">= 2.
|
25
|
+
s.required_ruby_version = ">= 2.7.0"
|
26
26
|
|
27
27
|
s.add_dependency "chef-config", "= #{Chef::VERSION}"
|
28
28
|
s.add_dependency "chef-utils", "= #{Chef::VERSION}"
|
29
|
-
s.add_dependency "train-core", "~> 3.
|
29
|
+
s.add_dependency "train-core", "~> 3.10" # 3.2.28 fixes sudo prompts. See https://github.com/chef/chef/pull/9635
|
30
30
|
s.add_dependency "train-winrm", ">= 0.2.5"
|
31
31
|
|
32
32
|
s.add_dependency "license-acceptance", ">= 1.0.5", "< 3"
|
@@ -36,13 +36,13 @@ Gem::Specification.new do |s|
|
|
36
36
|
s.add_dependency "mixlib-shellout", ">= 3.1.1", "< 4.0"
|
37
37
|
s.add_dependency "mixlib-archive", ">= 0.4", "< 2.0"
|
38
38
|
s.add_dependency "ohai", "~> 17.0"
|
39
|
-
s.add_dependency "inspec-core", "
|
39
|
+
s.add_dependency "inspec-core", ">= 4.23"
|
40
40
|
|
41
41
|
s.add_dependency "ffi", ">= 1.5.0"
|
42
42
|
s.add_dependency "ffi-yajl", "~> 2.2"
|
43
|
-
s.add_dependency "net-sftp", ">= 2.1.2", "<
|
43
|
+
s.add_dependency "net-sftp", ">= 2.1.2", "< 5.0" # remote_file resource
|
44
44
|
s.add_dependency "erubis", "~> 2.7" # template resource / cookbook syntax check
|
45
|
-
s.add_dependency "diff-lcs", ">= 1.2.4", "
|
45
|
+
s.add_dependency "diff-lcs", ">= 1.2.4", "!= 1.4.0", "< 1.6.0" # 1.4 breaks output. Used in lib/chef/util/diff
|
46
46
|
s.add_dependency "ffi-libarchive", "~> 1.0", ">= 1.0.3" # archive_file resource
|
47
47
|
s.add_dependency "chef-zero", ">= 14.0.11"
|
48
48
|
s.add_dependency "chef-vault" # chef-vault resources and helpers
|
data/lib/chef/api_client.rb
CHANGED
@@ -196,7 +196,7 @@ class Chef
|
|
196
196
|
end
|
197
197
|
|
198
198
|
def reregister
|
199
|
-
reregistered_self = http_api.put("clients/#{name}",
|
199
|
+
reregistered_self = http_api.put("clients/#{name}", name: name, admin: admin, validator: validator, private_key: true )
|
200
200
|
if reregistered_self.respond_to?(:[])
|
201
201
|
private_key(reregistered_self["private_key"])
|
202
202
|
else
|
data/lib/chef/client.rb
CHANGED
@@ -326,12 +326,27 @@ class Chef
|
|
326
326
|
def warn_if_eol
|
327
327
|
require_relative "version"
|
328
328
|
|
329
|
+
# New Date format is YYYY-MM-DD or false
|
330
|
+
new_date = eol_override
|
331
|
+
|
329
332
|
# We make a release every year so take the version you're on + 2006 and you get
|
330
333
|
# the year it goes EOL
|
331
334
|
eol_year = 2006 + Gem::Version.new(Chef::VERSION).segments.first
|
335
|
+
cut_off_date = !!new_date ? Time.parse(new_date) : Time.new(eol_year, 5, 01)
|
336
|
+
|
337
|
+
return if Time.now < cut_off_date
|
332
338
|
|
333
|
-
|
334
|
-
|
339
|
+
logger.warn("This release of #{ChefUtils::Dist::Infra::PRODUCT} became end of life (EOL) on #{cut_off_date.strftime("%b %d, %Y")}. Please update to a supported release to receive new features, bug fixes, and security updates.")
|
340
|
+
end
|
341
|
+
|
342
|
+
def eol_override
|
343
|
+
# If you want to override the existing EOL date, add a file in the root of Chef
|
344
|
+
# put a date in it in the form of YYYY-DD-MM.
|
345
|
+
override_file = "EOL_override"
|
346
|
+
if File.exist?(override_file)
|
347
|
+
File.read(File.expand_path(override_file)).strip
|
348
|
+
else
|
349
|
+
false
|
335
350
|
end
|
336
351
|
end
|
337
352
|
|
@@ -40,7 +40,7 @@ class Chef
|
|
40
40
|
def from_file(filename, cookbook_name)
|
41
41
|
new_input = Input.from_file(events, filename, cookbook_name)
|
42
42
|
self << new_input
|
43
|
-
events
|
43
|
+
events&.compliance_input_loaded(new_input)
|
44
44
|
end
|
45
45
|
|
46
46
|
# Add a input from a raw hash. This input will be enabled by default.
|
@@ -41,7 +41,7 @@ class Chef
|
|
41
41
|
def from_file(path, cookbook_name)
|
42
42
|
new_profile = Profile.from_file(events, path, cookbook_name)
|
43
43
|
self << new_profile
|
44
|
-
events
|
44
|
+
events&.compliance_profile_loaded(new_profile)
|
45
45
|
end
|
46
46
|
|
47
47
|
# @return [Boolean] if any of the profiles are enabled
|
@@ -40,7 +40,7 @@ class Chef
|
|
40
40
|
def from_file(filename, cookbook_name)
|
41
41
|
new_waiver = Waiver.from_file(events, filename, cookbook_name)
|
42
42
|
self << new_waiver
|
43
|
-
events
|
43
|
+
events&.compliance_waiver_loaded(new_waiver)
|
44
44
|
end
|
45
45
|
|
46
46
|
# Add a waiver from a raw hash. This waiver will be enabled by default.
|
data/lib/chef/dsl/secret.rb
CHANGED
@@ -21,6 +21,118 @@ class Chef
|
|
21
21
|
module DSL
|
22
22
|
module Secret
|
23
23
|
|
24
|
+
#
|
25
|
+
# This allows you to set the default secret service that is used when
|
26
|
+
# fetching secrets.
|
27
|
+
#
|
28
|
+
# @example
|
29
|
+
#
|
30
|
+
# default_secret_service :hashi_vault
|
31
|
+
# val1 = secret(name: "test1", config: { region: "us-west-1" })
|
32
|
+
#
|
33
|
+
# @example
|
34
|
+
#
|
35
|
+
# default_secret_service #=> nil
|
36
|
+
# default_secret_service :hashi_vault
|
37
|
+
# default_secret_service #=> :hashi_vault
|
38
|
+
#
|
39
|
+
# @param [Symbol] service default secret service to use when fetching secrets
|
40
|
+
# @return [Symbol, nil] default secret service to use when fetching secrets
|
41
|
+
#
|
42
|
+
def default_secret_service(service = nil)
|
43
|
+
return run_context.default_secret_service if service.nil?
|
44
|
+
raise Chef::Exceptions::Secret::InvalidFetcherService.new("Unsupported secret service: #{service.inspect}", Chef::SecretFetcher::SECRET_FETCHERS) unless Chef::SecretFetcher::SECRET_FETCHERS.include?(service)
|
45
|
+
|
46
|
+
run_context.default_secret_service = service
|
47
|
+
end
|
48
|
+
|
49
|
+
#
|
50
|
+
# This allows you to set the secret service for the scope of the block
|
51
|
+
# passed into this method.
|
52
|
+
#
|
53
|
+
# @example
|
54
|
+
#
|
55
|
+
# with_secret_service :hashi_vault do
|
56
|
+
# val1 = secret(name: "test1", config: { region: "us-west-1" })
|
57
|
+
# val2 = secret(name: "test2", config: { region: "us-west-1" })
|
58
|
+
# end
|
59
|
+
#
|
60
|
+
# @example Combine with #with_secret_config
|
61
|
+
#
|
62
|
+
# with_secret_service :hashi_vault do
|
63
|
+
# with_secret_config region: "us-west-1" do
|
64
|
+
# val1 = secret(name: "test1")
|
65
|
+
# val2 = secret(name: "test2")
|
66
|
+
# end
|
67
|
+
# end
|
68
|
+
#
|
69
|
+
# @param [Symbol] service The default secret service to use when fetching secrets
|
70
|
+
#
|
71
|
+
def with_secret_service(service)
|
72
|
+
raise ArgumentError, "You must pass a block to #with_secret_service" unless block_given?
|
73
|
+
|
74
|
+
begin
|
75
|
+
old_service = default_secret_service
|
76
|
+
# Use "public" API for input validation
|
77
|
+
default_secret_service(service)
|
78
|
+
yield
|
79
|
+
ensure
|
80
|
+
# Use "private" API so we can set back to nil
|
81
|
+
run_context.default_secret_service = old_service
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
#
|
86
|
+
# This allows you to set the default secret config that is used when
|
87
|
+
# fetching secrets.
|
88
|
+
#
|
89
|
+
# @example
|
90
|
+
#
|
91
|
+
# default_secret_config region: "us-west-1"
|
92
|
+
# val1 = secret(name: "test1", service: :hashi_vault)
|
93
|
+
#
|
94
|
+
# @example
|
95
|
+
#
|
96
|
+
# default_secret_config #=> {}
|
97
|
+
# default_secret_service region: "us-west-1"
|
98
|
+
# default_secret_service #=> { region: "us-west-1" }
|
99
|
+
#
|
100
|
+
# @param [Hash<Symbol,Object>] config The default configuration options to apply when fetching secrets
|
101
|
+
# @return [Hash<Symbol,Object>]
|
102
|
+
#
|
103
|
+
def default_secret_config(**config)
|
104
|
+
return run_context.default_secret_config if config.empty?
|
105
|
+
|
106
|
+
run_context.default_secret_config = config
|
107
|
+
end
|
108
|
+
|
109
|
+
#
|
110
|
+
# This allows you to set the secret config for the scope of the block
|
111
|
+
# passed into this method.
|
112
|
+
#
|
113
|
+
# @example
|
114
|
+
#
|
115
|
+
# with_secret_config region: "us-west-1" do
|
116
|
+
# val1 = secret(name: "test1", service: :hashi_vault)
|
117
|
+
# val2 = secret(name: "test2", service: :hashi_vault)
|
118
|
+
# end
|
119
|
+
#
|
120
|
+
# @param [Hash<Symbol,Object>] config The default configuration options to use when fetching secrets
|
121
|
+
#
|
122
|
+
def with_secret_config(**config)
|
123
|
+
raise ArgumentError, "You must pass a block to #with_secret_config" unless block_given?
|
124
|
+
|
125
|
+
begin
|
126
|
+
old_config = default_secret_config
|
127
|
+
# Use "public" API for input validation
|
128
|
+
default_secret_config(**config)
|
129
|
+
yield
|
130
|
+
ensure
|
131
|
+
# Use "private" API so we can set back to nil
|
132
|
+
run_context.default_secret_config = old_config
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
24
136
|
# Helper method which looks up a secret using the given service and configuration,
|
25
137
|
# and returns the retrieved secret value.
|
26
138
|
# This DSL providers a wrapper around [Chef::SecretFetcher]
|
@@ -49,11 +161,7 @@ class Chef
|
|
49
161
|
#
|
50
162
|
# value = secret(name: "test1", service: :aws_secrets_manager, version: "v1", config: { region: "us-west-1" })
|
51
163
|
# log "My secret is #{value}"
|
52
|
-
def secret(name: nil, version: nil, service:
|
53
|
-
Chef::Log.warn <<~EOM.gsub("\n", " ")
|
54
|
-
The secrets Chef Infra language helper is currently in beta. If you have feedback or you would
|
55
|
-
like to be part of the future design of this helper e-mail us at secrets_management_beta@progress.com"
|
56
|
-
EOM
|
164
|
+
def secret(name: nil, version: nil, service: default_secret_service, config: default_secret_config)
|
57
165
|
sensitive(true) if is_a?(Chef::Resource)
|
58
166
|
Chef::SecretFetcher.for_service(service, config, run_context).fetch(name, version)
|
59
167
|
end
|
data/lib/chef/mixin/checksum.rb
CHANGED
data/lib/chef/node/attribute.rb
CHANGED
@@ -452,17 +452,34 @@ class Chef
|
|
452
452
|
# method-style access to attributes (has to come after the prepended ImmutablizeHash)
|
453
453
|
|
454
454
|
def read(*path)
|
455
|
-
|
455
|
+
if path[0].nil?
|
456
|
+
Chef::Log.warn "Calling node.read() without any path argument is very slow, probably a bug, and should be avoided"
|
457
|
+
merged_attributes.read(*path) # re-merges everything, slow edge case
|
458
|
+
else
|
459
|
+
self[path[0]] unless path[0].nil? # force deep_merge_cache key construction if necessary
|
460
|
+
deep_merge_cache.read(*path)
|
461
|
+
end
|
456
462
|
end
|
457
463
|
|
458
464
|
alias :dig :read
|
459
465
|
|
460
466
|
def read!(*path)
|
461
|
-
|
467
|
+
if path[0].nil?
|
468
|
+
Chef::Log.warn "Calling node.read!() without any path argument is very slow, probably a bug, and should be avoided"
|
469
|
+
merged_attributes.read!(*path) # re-merges everything, slow edge case
|
470
|
+
else
|
471
|
+
self[path[0]] unless path[0].nil? # force deep_merge_cache key construction if necessary
|
472
|
+
deep_merge_cache.read!(*path)
|
473
|
+
end
|
462
474
|
end
|
463
475
|
|
464
476
|
def exist?(*path)
|
465
|
-
|
477
|
+
if path[0].nil?
|
478
|
+
true
|
479
|
+
else
|
480
|
+
self[path[0]] unless path[0].nil? # force deep_merge_cache key construction if necessary
|
481
|
+
deep_merge_cache.exist?(*path)
|
482
|
+
end
|
466
483
|
end
|
467
484
|
|
468
485
|
def write(level, *args, &block)
|
@@ -30,7 +30,7 @@ class Chef
|
|
30
30
|
@merged_attributes = nil
|
31
31
|
@combined_override = nil
|
32
32
|
@combined_default = nil
|
33
|
-
@deep_merge_cache =
|
33
|
+
@deep_merge_cache = Chef::Node::ImmutableMash.new
|
34
34
|
end
|
35
35
|
|
36
36
|
# Invalidate a key in the deep_merge_cache. If called with nil, or no arg, this will invalidate
|
@@ -39,9 +39,9 @@ class Chef
|
|
39
39
|
# must invalidate the entire cache and re-deep-merge the entire node object.
|
40
40
|
def reset_cache(path = nil)
|
41
41
|
if path.nil?
|
42
|
-
deep_merge_cache.
|
42
|
+
deep_merge_cache.regular_clear
|
43
43
|
else
|
44
|
-
deep_merge_cache.
|
44
|
+
deep_merge_cache.regular_delete(path.to_s)
|
45
45
|
end
|
46
46
|
end
|
47
47
|
|
@@ -53,7 +53,7 @@ class Chef
|
|
53
53
|
deep_merge_cache[key.to_s]
|
54
54
|
else
|
55
55
|
# save all the work of computing node[key]
|
56
|
-
deep_merge_cache
|
56
|
+
deep_merge_cache.internal_set(key.to_s, merged_attributes(key))
|
57
57
|
end
|
58
58
|
ret = ret.call while ret.is_a?(::Chef::DelayedEvaluator)
|
59
59
|
ret
|
@@ -248,8 +248,7 @@ class Chef
|
|
248
248
|
end
|
249
249
|
|
250
250
|
def api_service
|
251
|
-
@api_service ||= Chef::ServerAPI.new(config[:chef_server_url],
|
252
|
-
{ version_class: Chef::CookbookManifestVersions })
|
251
|
+
@api_service ||= Chef::ServerAPI.new(config[:chef_server_url], version_class: Chef::CookbookManifestVersions )
|
253
252
|
end
|
254
253
|
|
255
254
|
def config
|
@@ -507,7 +507,7 @@ class Chef
|
|
507
507
|
# @api private
|
508
508
|
def api_service
|
509
509
|
@api_service ||= Chef::ServerAPI.new(config[:chef_server_url],
|
510
|
-
|
510
|
+
version_class: Chef::CookbookManifestVersions)
|
511
511
|
end
|
512
512
|
|
513
513
|
# @api private
|
data/lib/chef/provider/file.rb
CHANGED
@@ -336,7 +336,7 @@ class Chef
|
|
336
336
|
end
|
337
337
|
|
338
338
|
def do_validate_content
|
339
|
-
if new_resource.checksum && tempfile && (
|
339
|
+
if new_resource.checksum && tempfile && !checksum_match?(new_resource.checksum, tempfile_checksum)
|
340
340
|
raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
|
341
341
|
end
|
342
342
|
|
@@ -450,7 +450,7 @@ class Chef
|
|
450
450
|
|
451
451
|
def contents_changed?
|
452
452
|
logger.trace "calculating checksum of #{tempfile.path} to compare with #{current_resource.checksum}"
|
453
|
-
tempfile_checksum
|
453
|
+
!checksum_match?(tempfile_checksum, current_resource.checksum)
|
454
454
|
end
|
455
455
|
|
456
456
|
def tempfile
|
@@ -56,7 +56,7 @@ class Chef
|
|
56
56
|
names.each_with_index do |name, index|
|
57
57
|
cmd = powershell_exec(build_powershell_package_command("Install-Package '#{name}'", versions[index]), timeout: new_resource.timeout)
|
58
58
|
next if cmd.nil?
|
59
|
-
raise Chef::Exceptions::PowershellCmdletException, "Failed to install package due to catalog signing error, use skip_publisher_check to force install" if /SkipPublisherCheck/.match?(cmd.error)
|
59
|
+
raise Chef::Exceptions::PowershellCmdletException, "Failed to install package due to catalog signing error, use skip_publisher_check to force install" if /SkipPublisherCheck/.match?(cmd.error!)
|
60
60
|
end
|
61
61
|
end
|
62
62
|
|
@@ -214,7 +214,7 @@ class Chef
|
|
214
214
|
def install(gem_dependency, options = {})
|
215
215
|
with_gem_sources(*options.delete(:sources)) do
|
216
216
|
with_correct_verbosity do
|
217
|
-
dependency_installer(options).install(gem_dependency)
|
217
|
+
dependency_installer(**options).install(gem_dependency)
|
218
218
|
end
|
219
219
|
end
|
220
220
|
end
|
@@ -228,7 +228,7 @@ class Chef
|
|
228
228
|
def uninstall(gem_name, gem_version = nil, opts = {})
|
229
229
|
gem_version ? opts[:version] = gem_version : opts[:all] = true
|
230
230
|
with_correct_verbosity do
|
231
|
-
uninstaller(gem_name, opts).uninstall
|
231
|
+
uninstaller(gem_name, **opts).uninstall
|
232
232
|
end
|
233
233
|
end
|
234
234
|
|
@@ -240,12 +240,12 @@ class Chef
|
|
240
240
|
yield
|
241
241
|
end
|
242
242
|
|
243
|
-
def dependency_installer(opts
|
244
|
-
Gem::DependencyInstaller.new(opts)
|
243
|
+
def dependency_installer(**opts)
|
244
|
+
Gem::DependencyInstaller.new(**opts)
|
245
245
|
end
|
246
246
|
|
247
|
-
def uninstaller(gem_name, opts
|
248
|
-
Gem::Uninstaller.new(gem_name, DEFAULT_UNINSTALLER_OPTS.merge(opts))
|
247
|
+
def uninstaller(gem_name, **opts)
|
248
|
+
Gem::Uninstaller.new(gem_name, **DEFAULT_UNINSTALLER_OPTS.merge(opts))
|
249
249
|
end
|
250
250
|
|
251
251
|
private
|
@@ -38,7 +38,7 @@ class Chef
|
|
38
38
|
def define_resource_requirements
|
39
39
|
if new_resource.checksum
|
40
40
|
requirements.assert(:install) do |a|
|
41
|
-
a.assertion { new_resource.checksum
|
41
|
+
a.assertion { checksum_match?(new_resource.checksum, checksum(source_location)) }
|
42
42
|
a.failure_message Chef::Exceptions::Package, "Checksum on resource (#{short_cksum(new_resource.checksum)}) does not match checksum on content (#{short_cksum(source_location)})"
|
43
43
|
end
|
44
44
|
end
|
@@ -178,7 +178,20 @@ class Chef
|
|
178
178
|
#
|
179
179
|
# @api private
|
180
180
|
def combine_args(provides, version, arch)
|
181
|
-
provides = provides.
|
181
|
+
provides = provides.to_s.strip
|
182
|
+
version = if !version.nil? && !version.empty?
|
183
|
+
version.to_s.strip
|
184
|
+
end
|
185
|
+
arch = if !arch.nil? && !arch.empty?
|
186
|
+
arch.to_s.strip
|
187
|
+
end
|
188
|
+
if version =~ /^[><=]/
|
189
|
+
if arch
|
190
|
+
return { "provides" => "#{provides}.#{arch} #{version}" }
|
191
|
+
else
|
192
|
+
return { "provides" => "#{provides} #{version}" }
|
193
|
+
end
|
194
|
+
end
|
182
195
|
maybe_arch = provides.rpartition(".").last
|
183
196
|
if is_arch?(maybe_arch)
|
184
197
|
arch = maybe_arch
|
@@ -183,7 +183,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
|
|
183
183
|
end
|
184
184
|
|
185
185
|
converge_by("create service #{new_resource.service_name}") do
|
186
|
-
Win32::Service.new(windows_service_config)
|
186
|
+
Win32::Service.new(**windows_service_config)
|
187
187
|
end
|
188
188
|
|
189
189
|
converge_delayed_start
|
@@ -209,7 +209,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
|
|
209
209
|
converge_if_changed :service_type, :startup_type, :error_control,
|
210
210
|
:binary_path_name, :load_order_group, :dependencies,
|
211
211
|
:run_as_user, :display_name, :description do
|
212
|
-
Win32::Service.configure(windows_service_config(:configure))
|
212
|
+
Win32::Service.configure(**windows_service_config(:configure))
|
213
213
|
end
|
214
214
|
|
215
215
|
converge_delayed_start
|
@@ -268,7 +268,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
|
|
268
268
|
password: new_resource.run_as_password,
|
269
269
|
}.reject { |k, v| v.nil? || v.length == 0 }
|
270
270
|
|
271
|
-
Win32::Service.configure(new_config)
|
271
|
+
Win32::Service.configure(**new_config)
|
272
272
|
logger.info "#{new_resource} configured."
|
273
273
|
|
274
274
|
grant_service_logon(new_resource.run_as_user) if new_resource.run_as_user != "localsystem"
|
@@ -395,7 +395,7 @@ class Chef::Provider::Service::Windows < Chef::Provider::Service
|
|
395
395
|
config[:service_name] = new_resource.service_name
|
396
396
|
config[:delayed_start] = new_resource.delayed_start ? 1 : 0
|
397
397
|
|
398
|
-
Win32::Service.configure(config)
|
398
|
+
Win32::Service.configure(**config)
|
399
399
|
end
|
400
400
|
end
|
401
401
|
|
@@ -209,6 +209,10 @@ class Chef
|
|
209
209
|
description: %q(An array of hashes that contain a report handler class and the arguments to pass to that class on initialization. The hash should include `class` and `argument` keys where `class` is a String and `argument` is an array of quoted String values. For example: `[{'class' => 'MyHandler', %w('"argument1"', '"argument2"')}]`),
|
210
210
|
default: []
|
211
211
|
|
212
|
+
property :rubygems_url, [String, Array],
|
213
|
+
description: "The location to source rubygems. It can be set to a string or array of strings for URIs to set as rubygems sources. This allows individuals to setup an internal mirror of rubygems for “airgapped” environments.",
|
214
|
+
introduced: "17.11"
|
215
|
+
|
212
216
|
property :exception_handlers, Array,
|
213
217
|
description: %q(An array of hashes that contain a exception handler class and the arguments to pass to that class on initialization. The hash should include `class` and `argument` keys where `class` is a String and `argument` is an array of quoted String values. For example: `[{'class' => 'MyHandler', %w('"argument1"', '"argument2"')}]`),
|
214
218
|
default: []
|
@@ -297,6 +301,7 @@ class Chef
|
|
297
301
|
policy_group: new_resource.policy_group,
|
298
302
|
policy_name: new_resource.policy_name,
|
299
303
|
report_handlers: format_handler(new_resource.report_handlers),
|
304
|
+
rubygems_url: new_resource.rubygems_url,
|
300
305
|
ssl_verify_mode: new_resource.ssl_verify_mode,
|
301
306
|
start_handlers: format_handler(new_resource.start_handlers),
|
302
307
|
additional_config: new_resource.additional_config,
|
data/lib/chef/resource/locale.rb
CHANGED
@@ -114,7 +114,7 @@ class Chef
|
|
114
114
|
|
115
115
|
requirements.assert(:all_actions) do |a|
|
116
116
|
# RHEL/CentOS type platforms don't have locale-gen
|
117
|
-
a.assertion {
|
117
|
+
a.assertion { which("locale-gen") }
|
118
118
|
a.failure_message(Chef::Exceptions::ProviderNotFound, "The locale resource requires the locale-gen tool")
|
119
119
|
end
|
120
120
|
end
|
@@ -118,12 +118,17 @@ class Chef
|
|
118
118
|
end
|
119
119
|
end
|
120
120
|
|
121
|
+
package flush_package_cache_name do
|
122
|
+
action :nothing
|
123
|
+
end
|
124
|
+
|
121
125
|
execute "Register to RHSM" do
|
122
126
|
sensitive new_resource.sensitive
|
123
127
|
command register_command
|
124
128
|
default_env true
|
125
129
|
action :run
|
126
130
|
not_if { registered_with_rhsm? } unless new_resource.force
|
131
|
+
notifies :flush_cache, "package[#{flush_package_cache_name}]", :immediately
|
127
132
|
end
|
128
133
|
|
129
134
|
if new_resource.install_katello_agent && !new_resource.satellite_host.nil?
|
@@ -132,11 +137,18 @@ class Chef
|
|
132
137
|
end
|
133
138
|
|
134
139
|
action :unregister, description: "Unregister the node from RHSM." do
|
140
|
+
description "Unregister the node from RHSM."
|
141
|
+
|
142
|
+
package flush_package_cache_name do
|
143
|
+
action :nothing
|
144
|
+
end
|
145
|
+
|
135
146
|
execute "Unregister from RHSM" do
|
136
147
|
command "subscription-manager unregister"
|
137
148
|
default_env true
|
138
149
|
action :run
|
139
150
|
only_if { registered_with_rhsm? }
|
151
|
+
notifies :flush_cache, "package[#{flush_package_cache_name}]", :immediately
|
140
152
|
notifies :run, "execute[Clean RHSM Config]", :immediately
|
141
153
|
end
|
142
154
|
|
@@ -148,6 +160,13 @@ class Chef
|
|
148
160
|
end
|
149
161
|
|
150
162
|
action_class do
|
163
|
+
#
|
164
|
+
# @return [String]
|
165
|
+
#
|
166
|
+
def flush_package_cache_name
|
167
|
+
"rhsm_register-#{new_resource.name}-flush_cache"
|
168
|
+
end
|
169
|
+
|
151
170
|
#
|
152
171
|
# @return [Symbol] dnf_package or yum_package depending on OS release
|
153
172
|
#
|
@@ -13,11 +13,10 @@
|
|
13
13
|
@minimal_ohai
|
14
14
|
@named_run_list
|
15
15
|
@no_proxy
|
16
|
-
@ohai_disabled_plugins
|
17
|
-
@ohai_optional_plugins
|
18
16
|
@pid_file
|
19
17
|
@policy_group
|
20
18
|
@policy_name
|
19
|
+
@rubygems_url
|
21
20
|
@ssl_verify_mode
|
22
21
|
@policy_persist_run_list).each do |prop| -%>
|
23
22
|
<% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
|