RubyGems - chef - Versions diffs - 17.9.52 → 18.0.169 - Mend

chef 17.9.52 → 18.0.169

Files changed (311) hide show

checksums.yaml +4 -4
data/Gemfile +16 -8
data/README.md +7 -7
data/Rakefile +5 -24
data/{chef-universal-mingw32.gemspec → chef-universal-mingw-ucrt.gemspec} +7 -5
data/chef.gemspec +14 -7
data/lib/chef/api_client.rb +1 -1
data/lib/chef/api_client_v1.rb +9 -1
data/lib/chef/application/exit_code.rb +3 -3
data/lib/chef/client.rb +167 -0
data/lib/chef/compliance/input.rb +1 -1
data/lib/chef/compliance/input_collection.rb +1 -1
data/lib/chef/compliance/profile.rb +1 -1
data/lib/chef/compliance/profile_collection.rb +1 -2
data/lib/chef/compliance/waiver.rb +1 -1
data/lib/chef/compliance/waiver_collection.rb +1 -1
data/lib/chef/cookbook/syntax_check.rb +2 -2
data/lib/chef/dsl/reader_helpers.rb +1 -1
data/lib/chef/dsl/rest_resource.rb +77 -0
data/lib/chef/dsl/secret.rb +113 -5
data/lib/chef/event_dispatch/base.rb +3 -0
data/lib/chef/exceptions.rb +8 -0
data/lib/chef/http/authenticator.rb +170 -3
data/lib/chef/http/ssl_policies.rb +3 -3
data/lib/chef/mixin/powershell_exec.rb +5 -28
data/lib/chef/mixin/properties.rb +6 -0
data/lib/chef/node/attribute.rb +20 -3
data/lib/chef/node/mixin/deep_merge_cache.rb +4 -4
data/lib/chef/node/mixin/immutablize_array.rb +1 -0
data/lib/chef/policy_builder/expand_node_object.rb +1 -2
data/lib/chef/policy_builder/policyfile.rb +1 -1
data/lib/chef/property.rb +5 -3
data/lib/chef/provider/group/windows.rb +1 -1
data/lib/chef/provider/http_request.rb +11 -9
data/lib/chef/provider/mount/linux.rb +5 -0
data/lib/chef/provider/mount/mount.rb +8 -0
data/lib/chef/provider/mount/windows.rb +1 -1
data/lib/chef/provider/package/powershell.rb +1 -1
data/lib/chef/provider/package/rubygems.rb +7 -7
data/lib/chef/provider/package/windows/msi.rb +2 -2
data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
data/lib/chef/provider/package/yum/python_helper.rb +14 -1
data/lib/chef/provider/package/zypper/version.rb +60 -0
data/lib/chef/provider/package/zypper.rb +47 -3
data/lib/chef/provider/service/windows.rb +5 -5
data/lib/chef/provider/user/aix.rb +5 -0
data/lib/chef/provider/user/linux.rb +29 -0
data/lib/chef/provider/user/mac.rb +1 -1
data/lib/chef/provider/user/windows.rb +2 -2
data/lib/chef/provider/user.rb +45 -9
data/lib/chef/provider.rb +1 -1
data/lib/chef/recipe.rb +1 -1
data/lib/chef/resource/_rest_resource.rb +389 -0
data/lib/chef/resource/alternatives.rb +0 -1
data/lib/chef/resource/apt_package.rb +0 -1
data/lib/chef/resource/apt_preference.rb +0 -1
data/lib/chef/resource/apt_repository.rb +0 -1
data/lib/chef/resource/apt_update.rb +0 -1
data/lib/chef/resource/archive_file.rb +0 -1
data/lib/chef/resource/bash.rb +0 -1
data/lib/chef/resource/batch.rb +0 -1
data/lib/chef/resource/bff_package.rb +0 -1
data/lib/chef/resource/breakpoint.rb +0 -1
data/lib/chef/resource/build_essential.rb +0 -1
data/lib/chef/resource/cab_package.rb +0 -1
data/lib/chef/resource/chef_client_config.rb +17 -14
data/lib/chef/resource/chef_client_cron.rb +1 -2
data/lib/chef/resource/chef_client_launchd.rb +2 -2
data/lib/chef/resource/chef_client_scheduled_task.rb +3 -3
data/lib/chef/resource/chef_client_systemd_timer.rb +0 -1
data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
data/lib/chef/resource/chef_gem.rb +0 -1
data/lib/chef/resource/chef_handler.rb +0 -1
data/lib/chef/resource/chef_sleep.rb +1 -3
data/lib/chef/resource/chef_vault_secret.rb +0 -1
data/lib/chef/resource/chocolatey_config.rb +0 -1
data/lib/chef/resource/chocolatey_feature.rb +0 -1
data/lib/chef/resource/chocolatey_package.rb +0 -1
data/lib/chef/resource/chocolatey_source.rb +0 -1
data/lib/chef/resource/cookbook_file.rb +0 -1
data/lib/chef/resource/cron/_cron_shared.rb +0 -1
data/lib/chef/resource/cron/cron.rb +0 -1
data/lib/chef/resource/cron/cron_d.rb +15 -1
data/lib/chef/resource/cron_access.rb +0 -1
data/lib/chef/resource/csh.rb +0 -1
data/lib/chef/resource/directory.rb +0 -1
data/lib/chef/resource/dmg_package.rb +0 -1
data/lib/chef/resource/dnf_package.rb +0 -1
data/lib/chef/resource/dpkg_package.rb +0 -1
data/lib/chef/resource/dsc_resource.rb +0 -1
data/lib/chef/resource/dsc_script.rb +0 -1
data/lib/chef/resource/execute.rb +0 -1
data/lib/chef/resource/file.rb +0 -1
data/lib/chef/resource/freebsd_package.rb +0 -1
data/lib/chef/resource/gem_package.rb +0 -1
data/lib/chef/resource/group.rb +25 -2
data/lib/chef/resource/habitat/habitat_package.rb +0 -1
data/lib/chef/resource/habitat/habitat_sup.rb +6 -7
data/lib/chef/resource/habitat/habitat_sup_windows.rb +1 -1
data/lib/chef/resource/habitat_config.rb +0 -1
data/lib/chef/resource/habitat_install.rb +0 -1
data/lib/chef/resource/habitat_service.rb +0 -1
data/lib/chef/resource/habitat_user_toml.rb +0 -1
data/lib/chef/resource/homebrew_cask.rb +0 -1
data/lib/chef/resource/homebrew_package.rb +0 -1
data/lib/chef/resource/homebrew_tap.rb +0 -1
data/lib/chef/resource/homebrew_update.rb +0 -2
data/lib/chef/resource/hostname.rb +0 -1
data/lib/chef/resource/http_request.rb +0 -1
data/lib/chef/resource/ifconfig.rb +0 -1
data/lib/chef/resource/inspec_input.rb +0 -1
data/lib/chef/resource/inspec_waiver.rb +0 -1
data/lib/chef/resource/inspec_waiver_file_entry.rb +2 -3
data/lib/chef/resource/ips_package.rb +0 -1
data/lib/chef/resource/kernel_module.rb +0 -1
data/lib/chef/resource/ksh.rb +0 -1
data/lib/chef/resource/launchd.rb +0 -1
data/lib/chef/resource/link.rb +0 -1
data/lib/chef/resource/locale.rb +1 -2
data/lib/chef/resource/log.rb +0 -1
data/lib/chef/resource/lwrp_base.rb +0 -4
data/lib/chef/resource/macos_userdefaults.rb +0 -1
data/lib/chef/resource/macosx_service.rb +0 -1
data/lib/chef/resource/macports_package.rb +0 -1
data/lib/chef/resource/mdadm.rb +0 -1
data/lib/chef/resource/mount.rb +0 -1
data/lib/chef/resource/msu_package.rb +0 -1
data/lib/chef/resource/notify_group.rb +0 -2
data/lib/chef/resource/ohai.rb +0 -1
data/lib/chef/resource/ohai_hint.rb +0 -1
data/lib/chef/resource/openbsd_package.rb +0 -1
data/lib/chef/resource/openssl_dhparam.rb +0 -2
data/lib/chef/resource/openssl_ec_private_key.rb +0 -2
data/lib/chef/resource/openssl_ec_public_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_private_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_public_key.rb +0 -2
data/lib/chef/resource/openssl_x509_certificate.rb +0 -2
data/lib/chef/resource/openssl_x509_crl.rb +0 -2
data/lib/chef/resource/openssl_x509_request.rb +0 -2
data/lib/chef/resource/osx_profile.rb +0 -1
data/lib/chef/resource/package.rb +0 -1
data/lib/chef/resource/pacman_package.rb +0 -1
data/lib/chef/resource/paludis_package.rb +0 -1
data/lib/chef/resource/perl.rb +0 -1
data/lib/chef/resource/plist.rb +7 -3
data/lib/chef/resource/portage_package.rb +0 -1
data/lib/chef/resource/powershell_package.rb +0 -1
data/lib/chef/resource/powershell_package_source.rb +0 -1
data/lib/chef/resource/powershell_script.rb +0 -1
data/lib/chef/resource/python.rb +0 -1
data/lib/chef/resource/reboot.rb +0 -1
data/lib/chef/resource/registry_key.rb +0 -1
data/lib/chef/resource/remote_directory.rb +0 -1
data/lib/chef/resource/remote_file.rb +0 -1
data/lib/chef/resource/rhsm_errata.rb +0 -1
data/lib/chef/resource/rhsm_errata_level.rb +0 -1
data/lib/chef/resource/rhsm_register.rb +17 -1
data/lib/chef/resource/rhsm_repo.rb +0 -1
data/lib/chef/resource/rhsm_subscription.rb +0 -1
data/lib/chef/resource/route.rb +0 -1
data/lib/chef/resource/rpm_package.rb +0 -1
data/lib/chef/resource/ruby.rb +0 -1
data/lib/chef/resource/ruby_block.rb +0 -1
data/lib/chef/resource/scm/_scm.rb +0 -2
data/lib/chef/resource/scm/git.rb +0 -2
data/lib/chef/resource/scm/subversion.rb +0 -2
data/lib/chef/resource/script.rb +0 -1
data/lib/chef/resource/selinux/common_helpers.rb +47 -0
data/lib/chef/resource/selinux/selinux_debian.erb +18 -0
data/lib/chef/resource/selinux/selinux_default.erb +15 -0
data/lib/chef/resource/selinux_boolean.rb +101 -0
data/lib/chef/resource/selinux_fcontext.rb +160 -0
data/lib/chef/resource/selinux_install.rb +107 -0
data/lib/chef/resource/selinux_module.rb +143 -0
data/lib/chef/resource/selinux_permissive.rb +64 -0
data/lib/chef/resource/selinux_port.rb +118 -0
data/lib/chef/resource/selinux_state.rb +166 -0
data/lib/chef/resource/service.rb +0 -1
data/lib/chef/resource/smartos_package.rb +0 -1
data/lib/chef/resource/snap_package.rb +0 -1
data/lib/chef/resource/solaris_package.rb +0 -1
data/lib/chef/resource/ssh_known_hosts_entry.rb +0 -1
data/lib/chef/resource/sudo.rb +0 -1
data/lib/chef/resource/support/client.erb +3 -4
data/lib/chef/resource/swap_file.rb +0 -1
data/lib/chef/resource/sysctl.rb +1 -2
data/lib/chef/resource/systemd_unit.rb +0 -1
data/lib/chef/resource/template.rb +0 -1
data/lib/chef/resource/timezone.rb +0 -1
data/lib/chef/resource/user/aix_user.rb +0 -1
data/lib/chef/resource/user/linux_user.rb +0 -1
data/lib/chef/resource/user/mac_user.rb +0 -1
data/lib/chef/resource/user/pw_user.rb +0 -1
data/lib/chef/resource/user/solaris_user.rb +0 -1
data/lib/chef/resource/user/windows_user.rb +0 -1
data/lib/chef/resource/user.rb +10 -1
data/lib/chef/resource/user_ulimit.rb +0 -1
data/lib/chef/resource/whyrun_safe_ruby_block.rb +0 -1
data/lib/chef/resource/windows_ad_join.rb +0 -2
data/lib/chef/resource/windows_audit_policy.rb +0 -2
data/lib/chef/resource/windows_auto_run.rb +0 -1
data/lib/chef/resource/windows_certificate.rb +54 -43
data/lib/chef/resource/windows_defender.rb +0 -1
data/lib/chef/resource/windows_defender_exclusion.rb +0 -1
data/lib/chef/resource/windows_dfs_folder.rb +0 -1
data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
data/lib/chef/resource/windows_dfs_server.rb +0 -1
data/lib/chef/resource/windows_dns_record.rb +0 -1
data/lib/chef/resource/windows_dns_zone.rb +0 -1
data/lib/chef/resource/windows_env.rb +0 -1
data/lib/chef/resource/windows_feature.rb +0 -1
data/lib/chef/resource/windows_feature_dism.rb +0 -1
data/lib/chef/resource/windows_feature_powershell.rb +0 -1
data/lib/chef/resource/windows_firewall_profile.rb +0 -2
data/lib/chef/resource/windows_firewall_rule.rb +0 -1
data/lib/chef/resource/windows_font.rb +2 -3
data/lib/chef/resource/windows_package.rb +0 -1
data/lib/chef/resource/windows_pagefile.rb +27 -22
data/lib/chef/resource/windows_path.rb +0 -1
data/lib/chef/resource/windows_printer.rb +0 -1
data/lib/chef/resource/windows_printer_port.rb +0 -1
data/lib/chef/resource/windows_script.rb +0 -2
data/lib/chef/resource/windows_security_policy.rb +0 -1
data/lib/chef/resource/windows_service.rb +0 -1
data/lib/chef/resource/windows_share.rb +0 -1
data/lib/chef/resource/windows_shortcut.rb +1 -2
data/lib/chef/resource/windows_task.rb +0 -1
data/lib/chef/resource/windows_uac.rb +0 -1
data/lib/chef/resource/windows_update_settings.rb +0 -1
data/lib/chef/resource/windows_user_privilege.rb +36 -27
data/lib/chef/resource/windows_workgroup.rb +0 -1
data/lib/chef/resource/yum_package.rb +0 -1
data/lib/chef/resource/yum_repository.rb +0 -1
data/lib/chef/resource/zypper_package.rb +0 -1
data/lib/chef/resource/zypper_repository.rb +0 -1
data/lib/chef/resource.rb +13 -5
data/lib/chef/resources.rb +7 -0
data/lib/chef/run_context.rb +19 -3
data/lib/chef/secret_fetcher/azure_key_vault.rb +3 -3
data/lib/chef/secret_fetcher/hashi_vault.rb +1 -1
data/lib/chef/version.rb +1 -1
data/lib/chef/win32/handle.rb +6 -7
data/lib/chef/win32/registry.rb +7 -3
data/lib/chef/win32/version.rb +2 -1
data/spec/data/rubygems.org/sexp_processor-info +2 -1
data/spec/functional/resource/dnf_package_spec.rb +15 -0
data/spec/functional/resource/dsc_script_spec.rb +1 -1
data/spec/functional/resource/group_spec.rb +10 -6
data/spec/functional/resource/link_spec.rb +8 -8
data/spec/functional/resource/plist_spec.rb +25 -0
data/spec/functional/resource/user/linux_user_spec.rb +127 -0
data/spec/functional/resource/windows_certificate_spec.rb +15 -12
data/spec/functional/resource/windows_font_spec.rb +11 -8
data/spec/functional/resource/windows_pagefile_spec.rb +31 -4
data/spec/functional/resource/yum_package_spec.rb +15 -0
data/spec/functional/resource/zypper_package_spec.rb +12 -0
data/spec/functional/shell_spec.rb +7 -2
data/spec/functional/version_spec.rb +1 -1
data/spec/integration/client/client_spec.rb +82 -3
data/spec/integration/client/exit_code_spec.rb +1 -1
data/spec/integration/client/ipv6_spec.rb +1 -1
data/spec/integration/compliance/compliance_spec.rb +1 -1
data/spec/integration/recipes/accumulator_spec.rb +1 -1
data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
data/spec/integration/recipes/lwrp_spec.rb +1 -1
data/spec/integration/recipes/notifies_spec.rb +1 -1
data/spec/integration/recipes/notifying_block_spec.rb +1 -1
data/spec/integration/recipes/remote_directory.rb +1 -1
data/spec/integration/recipes/unified_mode_spec.rb +1 -1
data/spec/integration/recipes/use_partial_spec.rb +2 -1
data/spec/integration/solo/solo_spec.rb +2 -2
data/spec/spec_helper.rb +1 -0
data/spec/support/platform_helpers.rb +4 -0
data/spec/support/ruby_installer.rb +1 -1
data/spec/support/shared/functional/windows_script.rb +2 -2
data/spec/unit/application/client_spec.rb +0 -10
data/spec/unit/client_spec.rb +54 -2
data/spec/unit/cookbook/syntax_check_spec.rb +3 -0
data/spec/unit/daemon_spec.rb +1 -5
data/spec/unit/dsl/secret_spec.rb +127 -23
data/spec/unit/http/authenticator_spec.rb +68 -0
data/spec/unit/mixin/powershell_exec_spec.rb +5 -5
data/spec/unit/platform/query_helpers_spec.rb +2 -17
data/spec/unit/provider/http_request_spec.rb +60 -72
data/spec/unit/provider/mount/linux_spec.rb +10 -0
data/spec/unit/provider/package/rubygems_spec.rb +2 -2
data/spec/unit/provider/package/zypper_spec.rb +32 -0
data/spec/unit/provider/user/linux_spec.rb +96 -1
data/spec/unit/provider/user_spec.rb +24 -6
data/spec/unit/resource/archive_file_spec.rb +1 -1
data/spec/unit/resource/chef_client_config_spec.rb +8 -0
data/spec/unit/resource/chef_client_cron_spec.rb +5 -0
data/spec/unit/resource/chef_client_launchd_spec.rb +5 -0
data/spec/unit/resource/chef_client_scheduled_task_spec.rb +5 -0
data/spec/unit/resource/chef_client_systemd_timer_spec.rb +1 -1
data/spec/unit/resource/cron_d_spec.rb +37 -1
data/spec/unit/resource/rest_resource_spec.rb +381 -0
data/spec/unit/resource/selinux_boolean_spec.rb +92 -0
data/spec/unit/resource/selinux_fcontext_spec.rb +65 -0
data/spec/unit/resource/selinux_install_spec.rb +60 -0
data/spec/unit/resource/selinux_module_spec.rb +55 -0
data/spec/unit/resource/selinux_permissive_spec.rb +39 -0
data/spec/unit/resource/selinux_port_spec.rb +42 -0
data/spec/unit/resource/selinux_state_spec.rb +46 -0
data/spec/unit/resource/sysctl_spec.rb +2 -2
data/spec/unit/resource/user/linux_user_spec.rb +42 -0
data/spec/unit/resource_spec.rb +21 -1
data/spec/unit/run_context_spec.rb +16 -0
data/spec/unit/util/dsc/local_configuration_manager_spec.rb +1 -1
data/tasks/rspec.rb +1 -1
metadata +93 -21

data/lib/chef/resource/windows_dfs_namespace.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDfsNamespace < Chef::Resource
-      unified_mode true
       provides :windows_dfs_namespace

data/lib/chef/resource/windows_dfs_server.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDfsServer < Chef::Resource
-      unified_mode true
       provides :windows_dfs_server

data/lib/chef/resource/windows_dns_record.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDnsRecord < Chef::Resource
-      unified_mode true
       provides :windows_dns_record

data/lib/chef/resource/windows_dns_zone.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDnsZone < Chef::Resource
-      unified_mode true
       provides :windows_dns_zone

data/lib/chef/resource/windows_env.rb CHANGED Viewed

@@ -24,7 +24,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class WindowsEnv < Chef::Resource
-      unified_mode true
       provides :windows_env
       provides :env # backwards compat with the pre-Chef 14 resource name

data/lib/chef/resource/windows_feature.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsFeature < Chef::Resource
-      unified_mode true
       provides(:windows_feature) { true }

data/lib/chef/resource/windows_feature_dism.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../platform/query_helpers"
 class Chef
   class Resource
     class WindowsFeatureDism < Chef::Resource
-      unified_mode true
       provides(:windows_feature_dism) { true }

data/lib/chef/resource/windows_feature_powershell.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require_relative "../platform/query_helpers"
 class Chef
   class Resource
     class WindowsFeaturePowershell < Chef::Resource
-      unified_mode true
       provides(:windows_feature_powershell) { true }

data/lib/chef/resource/windows_firewall_profile.rb CHANGED Viewed

@@ -58,8 +58,6 @@ class Chef
       ```
       DOC
-      unified_mode true
       property :profile, String,
         name_property: true,
         equal_to: %w{ Domain Public Private },

data/lib/chef/resource/windows_firewall_rule.rb CHANGED Viewed

@@ -22,7 +22,6 @@
 class Chef
   class Resource
     class WindowsFirewallRule < Chef::Resource
-      unified_mode true
       provides :windows_firewall_rule

data/lib/chef/resource/windows_font.rb CHANGED Viewed

@@ -21,7 +21,6 @@ class Chef
   class Resource
     class WindowsFont < Chef::Resource
       require_relative "../util/path_helper"
-      unified_mode true
       provides(:windows_font) { true }
@@ -83,7 +82,7 @@ class Chef
         # install the font into the appropriate fonts directory
         def install_font
-          require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw32|windows/)
+          require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
           fonts_dir = Chef::Util::PathHelper.join(ENV["windir"], "fonts")
           folder = WIN32OLE.new("Shell.Application").Namespace(fonts_dir)
           converge_by("install font #{new_resource.font_name} to #{fonts_dir}") do
@@ -95,7 +94,7 @@ class Chef
         #
         # @return [Boolean] Is the font is installed?
         def font_exists?
-          require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw32|windows/)
+          require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
           fonts_dir = WIN32OLE.new("WScript.Shell").SpecialFolders("Fonts")
           fonts_dir_local = Chef::Util::PathHelper.join(ENV["home"], "AppData/Local/Microsoft/Windows/fonts")
           logger.trace("Seeing if the font at #{Chef::Util::PathHelper.join(fonts_dir, new_resource.font_name)} exists")

data/lib/chef/resource/windows_package.rb CHANGED Viewed

@@ -26,7 +26,6 @@ class Chef
   class Resource
     class WindowsPackage < Chef::Resource::Package
       include Chef::Mixin::Uris
-      unified_mode true
       provides(:windows_package) { true }
       provides :package, os: "windows"

data/lib/chef/resource/windows_pagefile.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsPagefile < Chef::Resource
-      unified_mode true
       provides(:windows_pagefile) { true }
@@ -88,7 +87,7 @@ class Chef
         if automatic_managed
           set_automatic_managed unless automatic_managed?
         elsif automatic_managed == false
-          unset_automatic_managed if automatic_managed?
+          unset_automatic_managed
         else
           pagefile = clarify_pagefile_name
           initial_size = new_resource.initial_size
@@ -149,10 +148,12 @@ class Chef
         def exists?(pagefile)
           @exists ||= begin
             logger.trace("Checking if #{pagefile} exists by running: Get-CimInstance Win32_PagefileSetting | Where-Object { $_.name -eq $($pagefile)} ")
-            cmd =  "$page_file_name = '#{pagefile}';"
-            cmd << "$pagefile = Get-CimInstance Win32_PagefileSetting | Where-Object { $_.name -eq $($page_file_name)};"
-            cmd << "if ([string]::IsNullOrEmpty($pagefile)) { return $false } else { return $true }"
-            powershell_exec!(cmd).result
+            powershell_code = <<~CODE
+              $page_file_name = '#{pagefile}';
+              $pagefile = Get-CimInstance Win32_PagefileSetting | Where-Object { $_.name -eq $($page_file_name)}
+              if ([string]::IsNullOrEmpty($pagefile)) { return $false } else { return $true }
+            CODE
+            powershell_exec!(powershell_code).result
           end
         end
@@ -164,13 +165,16 @@ class Chef
         # @return [Boolean]
         def max_and_min_set?(pagefile, min, max)
           logger.trace("Checking if #{pagefile} has max and initial disk size values set")
-          cmd =  "$page_file = '#{pagefile}';"
-          cmd << "$driveLetter = $page_file.split(':')[0];"
-          cmd << "$page_file_settings = Get-CimInstance -ClassName Win32_PageFileSetting -Filter \"SettingID='pagefile.sys @ $($driveLetter):'\" -Property * -ErrorAction Stop;"
-          cmd << "if ($page_file_settings.InitialSize -eq #{min} -and $page_file_settings.MaximumSize -eq #{max})"
-          cmd << "{ return $true }"
-          cmd << "else { return $false }"
-          powershell_exec!(cmd).result
+          powershell_code = <<-CODE
+            $page_file = '#{pagefile}';
+            $driveLetter = $page_file.split(':')[0];
+            $page_file_settings = Get-CimInstance -ClassName Win32_PageFileSetting -Filter "SettingID='pagefile.sys @ $($driveLetter):'" -Property * -ErrorAction Stop;
+            if ($page_file_settings.InitialSize -eq #{min} -and $page_file_settings.MaximumSize -eq #{max})
+              { return $true }
+            else
+              { return $false }
+          CODE
+          powershell_exec!(powershell_code).result
         end
         # create a pagefile
@@ -225,12 +229,14 @@ class Chef
         # turn off automatic management of all pagefiles by Windows
         def unset_automatic_managed
-          converge_by("Turn off Automatically Managed on pagefiles") do
-            logger.trace("Running Set-CimInstance -InputObject $sys -Property @{AutomaticManagedPagefile=$false} -PassThru")
-            powershell_exec! <<~EOH
-              $sys = Get-CimInstance Win32_ComputerSystem -Property *
-              Set-CimInstance -InputObject $sys -Property @{AutomaticManagedPagefile=$false} -PassThru
-            EOH
+          if automatic_managed?
+            converge_by("Turn off Automatically Managed on pagefiles") do
+              logger.trace("Running Set-CimInstance -InputObject $sys -Property @{AutomaticManagedPagefile=$false} -PassThru")
+              powershell_exec! <<~EOH
+                $sys = Get-CimInstance Win32_ComputerSystem -Property *
+                Set-CimInstance -InputObject $sys -Property @{AutomaticManagedPagefile=$false} -PassThru
+              EOH
+            end
           end
         end
@@ -240,14 +246,13 @@ class Chef
         # @param [String] min the minimum size of the pagefile
         # @param [String] max the minimum size of the pagefile
         def set_custom_size(pagefile, min, max)
+          unset_automatic_managed
           converge_by("set #{pagefile} to InitialSize=#{min} & MaximumSize=#{max}") do
             logger.trace("Set-CimInstance -Property @{InitialSize = #{min} MaximumSize = #{max}")
             powershell_exec! <<~EOD
               $page_file = "#{pagefile}"
               $driveLetter = $page_file.split(':')[0]
-              Get-CimInstance -ClassName Win32_PageFileSetting -Filter "SettingID='pagefile.sys @ $($driveLetter):'" -ErrorAction Stop | Set-CimInstance -Property @{
-              InitialSize = #{min}
-              MaximumSize = #{max}}
+              Get-CimInstance -ClassName Win32_PageFileSetting -Filter "SettingID='pagefile.sys @ $($driveLetter):'" -ErrorAction Stop | Set-CimInstance -Property @{InitialSize = #{min}; MaximumSize = #{max};}
             EOD
           end
         end

data/lib/chef/resource/windows_path.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsPath < Chef::Resource
-      unified_mode true
       provides(:windows_path) { true }

data/lib/chef/resource/windows_printer.rb CHANGED Viewed

@@ -27,7 +27,6 @@ class Chef
     # 2. Fail with a warning if the port can't be found and create_port is false
     # 3. Fail with helpful messaging if the printer driver can't be installed
     class WindowsPrinter < Chef::Resource
-      unified_mode true
       autoload :Resolv, "resolv"

data/lib/chef/resource/windows_printer_port.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsPrinterPort < Chef::Resource
-      unified_mode true
       autoload :Resolv, "resolv"

data/lib/chef/resource/windows_script.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
     class WindowsScript < Chef::Resource::Script
       include Chef::Mixin::WindowsArchitectureHelper
-      unified_mode true
       # This is an abstract resource meant to be subclasses; thus no 'provides'
       set_guard_inherited_attributes(:architecture)

data/lib/chef/resource/windows_security_policy.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "tempfile" unless defined?(Tempfile)
 class Chef
   class Resource
     class WindowsSecurityPolicy < Chef::Resource
-      unified_mode true
       provides :windows_security_policy

data/lib/chef/resource/windows_service.rb CHANGED Viewed

@@ -23,7 +23,6 @@ class Chef
   class Resource
     class WindowsService < Chef::Resource::Service
       include Chef::Win32ServiceConstants
-      unified_mode true
       ALLOWED_START_TYPES = {
         automatic: SERVICE_AUTO_START,

data/lib/chef/resource/windows_share.rb CHANGED Viewed

@@ -25,7 +25,6 @@ require_relative "../util/path_helper"
 class Chef
   class Resource
     class WindowsShare < Chef::Resource
-      unified_mode true
       provides :windows_share

data/lib/chef/resource/windows_shortcut.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsShortcut < Chef::Resource
-      unified_mode true
       provides(:windows_shortcut) { true }
@@ -58,7 +57,7 @@ class Chef
         description: "Icon to use for the shortcut. Accepts the format of `path, index`, where index is the icon file to use. See Microsoft's [documentation](https://msdn.microsoft.com/en-us/library/3s9bx7at.aspx) for details"
       load_current_value do |new_resource|
-        require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw32|windows/)
+        require "win32ole" if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
         link = WIN32OLE.new("WScript.Shell").CreateShortcut(new_resource.shortcut_name)
         name new_resource.shortcut_name

data/lib/chef/resource/windows_task.rb CHANGED Viewed

@@ -27,7 +27,6 @@ require "win32/taskscheduler" if ChefUtils.windows_ruby?
 class Chef
   class Resource
     class WindowsTask < Chef::Resource
-      unified_mode true
       provides(:windows_task) { true }

data/lib/chef/resource/windows_uac.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsUac < Chef::Resource
-      unified_mode true
       provides :windows_uac

data/lib/chef/resource/windows_update_settings.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsUpdateSettings < Chef::Resource
-      unified_mode true
       provides :windows_update_settings

data/lib/chef/resource/windows_user_privilege.rb CHANGED Viewed

@@ -21,10 +21,9 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsUserPrivilege < Chef::Resource
-      unified_mode true
       provides :windows_user_privilege
-      description "The windows_user_privilege resource allows to add and set principal (User/Group) to the specified privilege.\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment"
+      description "The windows_user_privilege resource allows to add a privilege to a principal or (User/Group).\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment"
       introduced "16.0"
@@ -39,23 +38,32 @@ class Chef
       end
       ```
-      **Add the SeDenyRemoteInteractiveLogonRight Privilege to the Builtin Guests and Local Accounts User Groups**:
+      **Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**:
+      ```ruby
+      windows_user_privilege 'Create Pagefile' do
+        privilege      'SeCreatePagefilePrivilege'
+        users          ['BUILTIN\\Guests', 'BUILTIN\\Administrators']
+        action         :set
+      end
+      ```
+      **Add the SeDenyRemoteInteractiveLogonRight Privilege to the 'Remote interactive logon' principal**:
       ```ruby
       windows_user_privilege 'Remote interactive logon' do
         privilege      'SeDenyRemoteInteractiveLogonRight'
-        users          ['Builtin\\Guests', 'NT AUTHORITY\\Local Account']
         action         :add
       end
       ```
-      **Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**:
+      **Add to the Builtin Guests Group the SeCreatePageFile Privilege**:
       ```ruby
-      windows_user_privilege 'Create Pagefile' do
+      windows_user_privilege 'Guests add Create Pagefile' do
+        principal      'BUILTIN\\Guests'
         privilege      'SeCreatePagefilePrivilege'
-        users          ['BUILTIN\\Guests', 'BUILTIN\\Administrators']
-        action         :set
+        action         :add
       end
       ```
@@ -90,6 +98,7 @@ class Chef
                            SeCreateSymbolicLinkPrivilege
                            SeCreateTokenPrivilege
                            SeDebugPrivilege
+                           SeDelegateSessionUserImpersonatePrivilege
                            SeDenyBatchLogonRight
                            SeDenyInteractiveLogonRight
                            SeDenyNetworkLogonRight
@@ -126,20 +135,20 @@ class Chef
                           }.freeze
       property :principal, String,
-        description: "An optional property to add the user to the given privilege. Use only with add and remove action.",
-        name_property: true
+               description: "An optional property to add the privilege for given principal. Use only with add and remove action. Principal can either be a User/Group or one of special identities found here Ref: https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/special-identities",
+               name_property: true
       property :users, [Array, String],
-        description: "An optional property to set the privilege for given users. Use only with set action.",
-        coerce: proc { |v| Array(v) }
+               description: "An optional property to set the privilege for given users. Use only with set action.",
+               coerce: proc { |v| Array(v) }
       property :privilege, [Array, String],
-        description: "One or more privileges to set for users.",
-        required: true,
-        coerce: proc { |v| Array(v) },
-        callbacks: {
-          "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? },
-        }, identity: true
+               description: "One or more privileges to set for principal or users/groups. For more information on what each privilege does Ref: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment",
+               required: true,
+               coerce: proc { |v| Array(v) },
+               callbacks: {
+                 "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? },
+               }, identity: true
       load_current_value do |new_resource|
         if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove))
@@ -147,15 +156,15 @@ class Chef
         end
       end
-      action :add, description: "Add a user privilege." do
-        ([*new_resource.privilege] - [*current_resource.privilege]).each do |user_right|
-          converge_by("adding user '#{new_resource.principal}' privilege #{user_right}") do
-            Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal, user_right)
+      action :add, description: "Add a privileges to a principal." do
+        ([*new_resource.privilege] - [*current_resource.privilege]).each do |principal_right|
+          converge_by("adding principal '#{new_resource.principal}' privilege #{principal_right}") do
+            Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal, principal_right)
           end
         end
       end
-      action :set, description: "Set the privileges that are listed in the `privilege` property for only the users listed in the `users` property." do
+      action :set, description: "Set the privileges that are listed in the `privilege` property for only the users listed in the `users` property. All other users not listed with given privilege will be have the privilege removed." do
         if new_resource.users.nil? || new_resource.users.empty?
           raise Chef::Exceptions::ValidationFailed, "Users are required property with set action."
         end
@@ -204,7 +213,7 @@ class Chef
         end
       end
-      action :remove, description: "Remove a user privilege" do
+      action :remove, description: "Remove a principal privilege" do
         curr_res_privilege = current_resource.privilege
         missing_res_privileges = (new_resource.privilege - curr_res_privilege)
@@ -212,9 +221,9 @@ class Chef
           Chef::Log.info("User \'#{new_resource.principal}\' for Privilege: #{missing_res_privileges.join(", ")} not found. Nothing to remove.")
         end
-        (new_resource.privilege - missing_res_privileges).each do |user_right|
-          converge_by("removing user #{new_resource.principal} from privilege #{user_right}") do
-            Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal, user_right)
+        (new_resource.privilege - missing_res_privileges).each do |principal_right|
+          converge_by("removing principal #{new_resource.principal} from privilege #{principal_right}") do
+            Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal, principal_right)
           end
         end
       end

data/lib/chef/resource/windows_workgroup.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class WindowsWorkgroup < Chef::Resource
-      unified_mode true
       provides :windows_workgroup

data/lib/chef/resource/yum_package.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class YumPackage < Chef::Resource::Package
-      unified_mode true
       provides :yum_package
       provides :package, platform_family: "fedora_derived"

data/lib/chef/resource/yum_repository.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class YumRepository < Chef::Resource
-      unified_mode true
       provides(:yum_repository) { true }

data/lib/chef/resource/zypper_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class ZypperPackage < Chef::Resource::Package
-      unified_mode true
       provides :zypper_package
       provides :package, platform_family: "suse"

data/lib/chef/resource/zypper_repository.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class ZypperRepository < Chef::Resource
-      unified_mode true
       provides(:zypper_repository) { true }
       provides(:zypper_repo) { true } # legacy cookbook compatibility

data/lib/chef/resource.rb CHANGED Viewed

@@ -660,8 +660,8 @@ class Chef
       text << "#{resource_name}(\"#{name}\") do\n"
       all_props = {}
-      self.class.state_properties.map do |p|
+      self.class.sensitive_properties.map do |p|
         all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self))
       rescue Chef::Exceptions::ValidationFailed
         # This space left intentionally blank, the property was probably required or had an invalid default.
@@ -1498,10 +1498,18 @@ class Chef
     # @param partial [String] the code fragment to eval against the class
     #
     def self.use(partial)
-      dirname = ::File.dirname(partial)
-      basename = ::File.basename(partial, ".rb")
-      basename = basename[1..] if basename.start_with?("_")
-      class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.absolute_path)))
+      if partial =~ /^core::(.*)/
+        partial = $1
+        dirname = ::File.dirname(partial)
+        basename = ::File.basename(partial, ".rb")
+        basename = basename[1..] if basename.start_with?("_")
+        class_eval IO.read(::File.expand_path("resource/#{dirname}/_#{basename}.rb", __dir__))
+      else
+        dirname = ::File.dirname(partial)
+        basename = ::File.basename(partial, ".rb")
+        basename = basename[1..] if basename.start_with?("_")
+        class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.path)))
+      end
     end
     # The cookbook in which this Resource was defined (if any).

data/lib/chef/resources.rb CHANGED Viewed

@@ -124,6 +124,13 @@ require_relative "resource/route"
 require_relative "resource/ruby"
 require_relative "resource/ruby_block"
 require_relative "resource/script"
+require_relative "resource/selinux_boolean"
+require_relative "resource/selinux_fcontext"
+require_relative "resource/selinux_install"
+require_relative "resource/selinux_module"
+require_relative "resource/selinux_permissive"
+require_relative "resource/selinux_port"
+require_relative "resource/selinux_state"
 require_relative "resource/service"
 require_relative "resource/sudo"
 require_relative "resource/sysctl"

data/lib/chef/run_context.rb CHANGED Viewed

@@ -145,6 +145,16 @@ class Chef
     #
     attr_accessor :input_collection
+    #
+    # @return [Symbol, nil]
+    #
+    attr_accessor :default_secret_service
+    #
+    # @return [Hash<Symbol,Object>]
+    #
+    attr_accessor :default_secret_config
     # Pointer back to the Chef::Runner that created this
     #
     attr_accessor :runner
@@ -222,6 +232,8 @@ class Chef
       @input_collection = Chef::Compliance::InputCollection.new(events)
       @waiver_collection = Chef::Compliance::WaiverCollection.new(events)
       @profile_collection = Chef::Compliance::ProfileCollection.new(events)
+      @default_secret_service = nil
+      @default_secret_config = {}
       initialize_child_state
     end
@@ -401,9 +413,9 @@ class Chef
         logger.warn(<<~ERROR_MESSAGE)
           MissingCookbookDependency:
           Recipe `#{recipe_name}` is not in the run_list, and cookbook '#{cookbook_name}'
-          is not a dependency of any cookbook in the run_list.  To load this recipe,
-          first add a dependency on cookbook '#{cookbook_name}' in the cookbook you're
-          including it from in that cookbook's metadata.
+          is not a dependency of any cookbook in the run_list. To load this recipe,
+          first add a dependency of the cookbook '#{cookbook_name}' into the metadata
+		  of the cookbook which depends on '#{cookbook_name}'.
         ERROR_MESSAGE
       end
@@ -693,6 +705,10 @@ class Chef
         cookbook_collection
         cookbook_collection=
         cookbook_compiler
+        default_secret_config
+        default_secret_config=
+        default_secret_service
+        default_secret_service=
         definitions
         events
         events=

data/lib/chef/secret_fetcher/azure_key_vault.rb CHANGED Viewed

@@ -59,7 +59,7 @@ class Chef
       end
       def validate!
-        raise Chef::Exceptions::Secret::ConfigurationInvalid, "You may only specify one (these are mutually exclusive): :object_id, :client_id, or :mi_res_id" if [object_id, client_id, mi_res_id].count { |x| !x.nil? } > 1
+        raise Chef::Exceptions::Secret::ConfigurationInvalid, "You may only specify one (these are mutually exclusive): :object_id, :client_id, or :mi_res_id" if [config_object_id, client_id, mi_res_id].count { |x| !x.nil? } > 1
       end
       private
@@ -87,7 +87,7 @@ class Chef
         "https://vault.azure.net"
       end
-      def object_id
+      def config_object_id
         config[:object_id]
       end
@@ -104,7 +104,7 @@ class Chef
           p = {}
           p["api-version"] = api_version
           p["resource"] = resource
-          p["object_id"] = object_id if object_id
+          p["object_id"] = config_object_id if config_object_id
           p["client_id"] = client_id if client_id
           p["mi_res_id"] = mi_res_id if mi_res_id
           URI.encode_www_form(p)