chef 18.2.7 → 18.4.2

data/lib/chef/resource/sudo.rb

@@ -59,6 +59,41 @@ class Chef
         nopasswd true
       end
       ```
+
+      **Create command aliases and assign them to a group**
+
+      ```ruby
+      sudo 'webteam' do
+        command_aliases [
+          {
+            'name': 'WEBTEAM_SYSTEMD_JBOSS',
+            'command_list': [
+              '/usr/bin/systemctl start eap7-standalone.service',
+              '/usr/bin/systemctl start jbcs-httpd24-httpd.service', \
+              '/usr/bin/systemctl stop eap7-standalone.service', \
+              '/usr/bin/systemctl stop jbcs-httpd24-httpd.service', \
+              '/usr/bin/systemctl restart eap7-standalone.service', \
+              '/usr/bin/systemctl restart jbcs-httpd24-httpd.service', \
+              '/usr/bin/systemctl --full edit eap7-standalone.service', \
+              '/usr/bin/systemctl --full edit jbcs-httpd24-httpd.service', \
+              '/usr/bin/systemctl daemon-reload',
+            ]
+          },
+          {
+            'name': 'GENERIC_SYSTEMD',
+            'command_list': [
+              '/usr/sbin/systemctl list-unit-files',
+              '/usr/sbin/systemctl list-timers', \
+              '/usr/sbin/systemctl is-active *', \
+              '/usr/sbin/systemctl is-enabled *',
+              ]
+          }
+        ]
+        nopasswd true
+        users '%webteam'
+        commands [ 'WEBTEAM_SYSTEMD_JBOSS', 'GENERIC_SYSTEMD' ]
+      end
+      ```
       DOC
 
       # According to the sudo man pages sudo will ignore files in an include dir that have a `.` or `~`
@@ -79,7 +114,7 @@ class Chef
         coerce: proc { |x| coerce_groups(x) }
 
       property :commands, Array,
-        description: "An array of full paths to commands this sudoer can execute.",
+        description: "An array of full paths to commands and/or command aliases this sudoer can execute.",
         default: ["ALL"]
 
       property :host, String,
@@ -110,7 +145,7 @@ class Chef
         default: []
 
       property :command_aliases, Array,
-        description: "Command aliases that can be used as allowed commands later in the configuration.",
+        description: "Command aliases that can be used as allowed commands later in the configuration. The object represents an array of hashes in the following format: `[{'name':'ALIAS1','command_list': [ 'command1', 'command2' ] }, {'name':'Alias2','command_list: [ 'command3', 'command4 arg1 arg2' ]}]`",
         default: []
 
       property :setenv, [TrueClass, FalseClass],

data/lib/chef/resource/support/ulimit.erb

@@ -2,6 +2,18 @@
 
 # Limits settings for <%= @ulimit_user %>
 
+<% unless @as_limit.nil? -%>
+<%= @ulimit_user -%> - as <%= @as_limit %>
+<% else -%><% unless @as_soft_limit.nil? -%><%= @ulimit_user -%> soft as <%= @as_soft_limit %><% end -%>
+<% unless @as_hard_limit.nil? -%><%= @ulimit_user -%> hard as <%= @as_hard_limit %><% end -%>
+<% end -%>
+
+<% unless @cpu_limit.nil? -%>
+<%= @ulimit_user -%> - cpu <%= @cpu_limit %>
+<% else -%><% unless @cpu_soft_limit.nil? -%><%= @ulimit_user -%> soft cpu <%= @cpu_soft_limit %><% end -%>
+<% unless @cpu_hard_limit.nil? -%><%= @ulimit_user -%> hard cpu <%= @cpu_hard_limit %><% end -%>
+<% end -%>
+
 <% unless @filehandle_limit.nil? -%>
 <%= @ulimit_user -%> - nofile <%= @filehandle_limit %>
 <% else -%><% unless @filehandle_soft_limit.nil? -%><%= @ulimit_user -%> soft nofile <%= @filehandle_soft_limit %><% end -%>
@@ -14,22 +26,50 @@
 <% unless @process_hard_limit.nil? -%><%= @ulimit_user -%> hard nproc <%= @process_hard_limit %><% end -%>
 <% end -%>
 
+<% unless @locks_limit.nil? -%>
+<%= @ulimit_user -%> - locks <%= @locks_limit %>
+<% end -%>
+
 <% unless @memory_limit.nil? -%>
 <%= @ulimit_user -%> - memlock <%= @memory_limit %>
 <% end -%>
 
+<% unless @maxlogins_limit.nil? -%>
+<%= @ulimit_user -%> - maxlogins <%= @maxlogins_limit %>
+<% else -%><% unless @maxlogins_soft_limit.nil? -%><%= @ulimit_user -%> soft maxlogins <%= @maxlogins_soft_limit %><% end -%>
+<% unless @maxlogins_hard_limit.nil? -%><%= @ulimit_user -%> hard maxlogins <%= @maxlogins_hard_limit %><% end -%>
+<% end -%>
+
+<% unless @msgqueue_limit.nil? -%>
+<%= @ulimit_user -%> - msgqueue <%= @msgqueue_limit %>
+<% else -%><% unless @msgqueue_soft_limit.nil? -%><%= @ulimit_user -%> soft msgqueue <%= @msgqueue_soft_limit %><% end -%>
+<% unless @msgqueue_hard_limit.nil? -%><%= @ulimit_user -%> hard msgqueue <%= @msgqueue_hard_limit %><% end -%>
+<% end -%>
+
 <% unless @core_limit.nil? -%>
 <%= @ulimit_user -%> - core <%= @core_limit %>
 <% else -%><% unless @core_soft_limit.nil? -%><%= @ulimit_user -%> soft core <%= @core_soft_limit %><% end -%>
 <% unless @core_hard_limit.nil? -%><%= @ulimit_user -%> hard core <%= @core_hard_limit %><% end -%>
 <% end -%>
 
+<% unless @sigpending_limit.nil? -%>
+<%= @ulimit_user -%> - sigpending <%= @sigpending_limit %>
+<% else -%><% unless @sigpending_soft_limit.nil? -%><%= @ulimit_user -%> soft sigpending <%= @sigpending_soft_limit %><% end -%>
+<% unless @sigpending_hard_limit.nil? -%><%= @ulimit_user -%> hard sigpending <%= @sigpending_hard_limit %><% end -%>
+<% end -%>
+
 <% unless @stack_limit.nil? -%>
 <%= @ulimit_user -%> - stack <%= @stack_limit %>
 <% else -%><% unless @stack_soft_limit.nil? -%><%= @ulimit_user -%> soft stack <%= @stack_soft_limit %><% end -%>
 <% unless @stack_hard_limit.nil? -%><%= @ulimit_user -%> hard stack <%= @stack_hard_limit %><% end -%>
 <% end -%>
 
+<% unless @rss_limit.nil? -%>
+<%= @ulimit_user -%> - rss <%= @rss_limit %>
+<% else -%><% unless @rss_soft_limit.nil? -%><%= @ulimit_user -%> soft rss <%= @rss_soft_limit %><% end -%>
+<% unless @rss_hard_limit.nil? -%><%= @ulimit_user -%> hard rss <%= @rss_hard_limit %><% end -%>
+<% end -%>
+
 <% unless @rtprio_limit.nil? -%>
 <%= @ulimit_user -%> - rtprio <%= @rtprio_limit %>
 <% else -%><% unless @rtprio_soft_limit.nil? -%><%= @ulimit_user -%> soft rtprio <%= @rtprio_soft_limit %><% end -%>

data/lib/chef/resource/user_ulimit.rb

@@ -56,19 +56,38 @@ class Chef
       DOC
 
       property :username, String, name_property: true
+      property :as_limit, [String, Integer]
+      property :as_soft_limit, [String, Integer]
+      property :as_hard_limit, [String, Integer]
       property :filehandle_limit, [String, Integer]
       property :filehandle_soft_limit, [String, Integer]
       property :filehandle_hard_limit, [String, Integer]
       property :process_limit, [String, Integer]
       property :process_soft_limit, [String, Integer]
       property :process_hard_limit, [String, Integer]
+      property :locks_limit, [String, Integer]
       property :memory_limit, [String, Integer]
+      property :maxlogins_limit, [String, Integer]
+      property :maxlogins_soft_limit, [String, Integer]
+      property :maxlogins_hard_limit, [String, Integer]
+      property :msgqueue_limit, [String, Integer]
+      property :msgqueue_soft_limit, [String, Integer]
+      property :msgqueue_hard_limit, [String, Integer]
       property :core_limit, [String, Integer]
       property :core_soft_limit, [String, Integer]
       property :core_hard_limit, [String, Integer]
+      property :cpu_limit, [String, Integer]
+      property :cpu_soft_limit, [String, Integer]
+      property :cpu_hard_limit, [String, Integer]
+      property :sigpending_limit, [String, Integer]
+      property :sigpending_soft_limit, [String, Integer]
+      property :sigpending_hard_limit, [String, Integer]
       property :stack_limit, [String, Integer]
       property :stack_soft_limit, [String, Integer]
       property :stack_hard_limit, [String, Integer]
+      property :rss_limit, [String, Integer]
+      property :rss_soft_limit, [String, Integer]
+      property :rss_hard_limit, [String, Integer]
       property :rtprio_limit, [String, Integer]
       property :rtprio_soft_limit, [String, Integer]
       property :rtprio_hard_limit, [String, Integer]
@@ -85,19 +104,38 @@ class Chef
           sensitive new_resource.sensitive
           variables(
             ulimit_user: new_resource.username,
+            as_limit: new_resource.as_limit,
+            as_soft_limit: new_resource.as_soft_limit,
+            as_hard_limit: new_resource.as_hard_limit,
             filehandle_limit: new_resource.filehandle_limit,
             filehandle_soft_limit: new_resource.filehandle_soft_limit,
             filehandle_hard_limit: new_resource.filehandle_hard_limit,
             process_limit: new_resource.process_limit,
             process_soft_limit: new_resource.process_soft_limit,
             process_hard_limit: new_resource.process_hard_limit,
+            locks_limit: new_resource.locks_limit,
             memory_limit: new_resource.memory_limit,
+            maxlogins_limit: new_resource.maxlogins_limit,
+            maxlogins_soft_limit: new_resource.maxlogins_soft_limit,
+            maxlogins_hard_limit: new_resource.maxlogins_hard_limit,
+            msgqueue_limit: new_resource.msgqueue_limit,
+            msgqueue_soft_limit: new_resource.msgqueue_soft_limit,
+            msgqueue_hard_limit: new_resource.msgqueue_hard_limit,
             core_limit: new_resource.core_limit,
             core_soft_limit: new_resource.core_soft_limit,
             core_hard_limit: new_resource.core_hard_limit,
+            cpu_limit: new_resource.cpu_limit,
+            cpu_soft_limit: new_resource.cpu_soft_limit,
+            cpu_hard_limit: new_resource.cpu_hard_limit,
+            sigpending_limit: new_resource.sigpending_limit,
+            sigpending_soft_limit: new_resource.sigpending_soft_limit,
+            sigpending_hard_limit: new_resource.sigpending_hard_limit,
             stack_limit: new_resource.stack_limit,
             stack_soft_limit: new_resource.stack_soft_limit,
             stack_hard_limit: new_resource.stack_hard_limit,
+            rss_limit: new_resource.rss_limit,
+            rss_soft_limit: new_resource.rss_soft_limit,
+            rss_hard_limit: new_resource.rss_hard_limit,
             rtprio_limit: new_resource.rtprio_limit,
             rtprio_soft_limit: new_resource.rtprio_soft_limit,
             rtprio_hard_limit: new_resource.rtprio_hard_limit,

data/lib/chef/resource/windows_certificate.rb

@@ -440,7 +440,7 @@ class Chef
         def export_cert(cert_obj, output_path:, store_name:, store_location:, pfx_password:)
           # Delete the cert if it exists on disk already.
           # We want to ensure we're not randomly loading an old stinky cert.
-          if ::File.exists?(output_path)
+          if ::File.exist?(output_path)
             ::File.delete(output_path)
           end
 

data/lib/chef/resource/windows_security_policy.rb

@@ -118,13 +118,13 @@ class Chef
             file.write("[Unicode]\r\nUnicode=yes\r\n[System Access]\r\n#{policy_line}\r\n[Version]\r\nsignature=\"$CHICAGO$\"\r\nRevision=1\r\n")
             file.close
             file_path = file.path.tr("/", "\\")
-            cmd = "C:\\Windows\\System32\\secedit /configure /db C:\\windows\\security\\new.sdb /cfg #{file_path} /areas SECURITYPOLICY"
+            cmd = "C:\\Windows\\System32\\secedit /configure /db C:\\windows\\security\\new.sdb /cfg \"#{file_path}\" /areas SECURITYPOLICY"
           else
             policy_line = "#{security_option} = #{security_value}"
             file.write("[Unicode]\r\nUnicode=yes\r\n[System Access]\r\n#{policy_line}\r\n[Version]\r\nsignature=\"$CHICAGO$\"\r\nRevision=1\r\n")
             file.close
             file_path = file.path.tr("/", "\\")
-            cmd = "C:\\Windows\\System32\\secedit /configure /db C:\\windows\\security\\new.sdb /cfg #{file_path} /areas SECURITYPOLICY"
+            cmd = "C:\\Windows\\System32\\secedit /configure /db C:\\windows\\security\\new.sdb /cfg \"#{file_path}\" /areas SECURITYPOLICY"
           end
           shell_out!(cmd)
           file.unlink

data/lib/chef/resource.rb

@@ -1508,7 +1508,17 @@ class Chef
         dirname = ::File.dirname(partial)
         basename = ::File.basename(partial, ".rb")
         basename = basename[1..] if basename.start_with?("_")
-        class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.path)))
+
+        # Support recursive `use`
+        callers = caller_locations
+        used_from = if callers.first.label == "use"
+                      callers.detect { |caller| caller.label == "class_from_file" }.path
+                    else
+                      callers.first.path
+                    end
+
+        fullpath = ::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(used_from))
+        class_eval IO.read(fullpath)
       end
     end
 

data/lib/chef/resources.rb

@@ -39,6 +39,7 @@ require_relative "resource/chef_sleep"
 require_relative "resource/chef_vault_secret"
 require_relative "resource/chocolatey_config"
 require_relative "resource/chocolatey_feature"
+require_relative "resource/chocolatey_installer"
 require_relative "resource/chocolatey_package"
 require_relative "resource/chocolatey_source"
 require_relative "resource/cron/cron"
@@ -83,6 +84,7 @@ require_relative "resource/link"
 require_relative "resource/locale"
 require_relative "resource/log"
 require_relative "resource/macports_package"
+require_relative "resource/macos_pkg"
 require_relative "resource/macos_userdefaults"
 require_relative "resource/mdadm"
 require_relative "resource/mount"

data/lib/chef/version.rb

@@ -23,7 +23,7 @@ require_relative "version_string"
 
 class Chef
   CHEF_ROOT = File.expand_path("..", __dir__)
-  VERSION = Chef::VersionString.new("18.2.7")
+  VERSION = Chef::VersionString.new("18.4.2")
 end
 
 #

data/lib/chef/win32/security.rb

@@ -721,7 +721,13 @@ class Chef
         unless LogonUserW(username, domain, password, logon_type, logon_provider, token)
           Chef::ReservedNames::Win32::Error.raise!
         end
-        Token.new(Handle.new(token.read_pointer))
+
+        # originally this was .read_pointer, but that is interpreted as a non-primitive
+        # class (FFI::Pointer) and causes an ArgumentError (Invalid Memory Object) when
+        # compared to GetCurrentProcess(), which returns a HANDLE (void *). Since a
+        # HANDLE is not a pointer to allocated memory that Ruby C extensions can understand,
+        # the Invalid Memory Object error is raised.
+        Token.new(Handle.new(token.read_ulong))
       end
 
       def self.test_and_raise_lsa_nt_status(result)

data/spec/data/trusted_certs/example.crt

@@ -1,22 +1,31 @@
 -----BEGIN CERTIFICATE-----
-MIIDkjCCAnoCCQDihI8kxGYTFTANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-VVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMRAwDgYDVQQKEwdZb3VD
-b3JwMRMwEQYDVQQLEwpPcGVyYXRpb25zMRYwFAYDVQQDEw1leGFtcGxlLmxvY2Fs
-MR0wGwYJKoZIhvcNAQkBFg5tZUBleGFtcGxlLmNvbTAeFw0xMzEwMTcxODAxMzVa
-Fw0yMzEwMTUxODAxMzVaMIGKMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAO
-BgNVBAcTB1NlYXR0bGUxEDAOBgNVBAoTB1lvdUNvcnAxEzARBgNVBAsTCk9wZXJh
-dGlvbnMxFjAUBgNVBAMTDWV4YW1wbGUubG9jYWwxHTAbBgkqhkiG9w0BCQEWDm1l
-QGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKBo
-U+Bdni0xZK/NCzdLdi2X+TyW5eahbYMx+r1GDcVqCICvrthBCVLVFsQ8rvOHwTPi
-AxQJGxb9TLSXRgXQSlH6FLjIUceuOtpan3qYVJ1v7AxY4DgNvYBpbtJz5MQedJnT
-g2F+rXzkwaD6CWBqWHeGU0oP3r7bq1AMD6XEsK2w2/zHtG7TEnL45ARv1PsyrU5M
-ZAW/XyoMyq1k2Lpv7YR5kAvTq1+4RSt/it2RFE7R0AVbaQ0MeAnllfySiHHHlaOT
-FVd/qPSiGISxsUmmzA3Z08+0sfJwkrnJXbLscCBYndd7gMGgtczGjJtul0Ch3GFa
-/Pn5McjwF272+usJ1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCzPePWifWNECsG
-nL8on1AtFMkczE1/pdRS4YUl/Tc926MpezptSja8rL31+4Bom37/wYPG7HygtAQl
-R4FHpAtuqJKPOfjUmDNsIXRFnytrnflTpctDu/Nbj4PDCy01k/sTDUQt+s+lEBL8
-M8ArmfLZ8PCfAwnXmJQ5rggDFKqegjt6z1RsSglbMiASE7+KkpBnzaqH6fET6IQz
-WgAjv6WdRfwgfJjOTSX4XMpCSet9KaWmXExKrxiVng2Uu6E+ShVAyKaGMuc1B7VA
-oxnnVaVapFv5lOWucQr4KkC7EgaUZnyt8duOc8+Yvd+y3Xd2dcHUnmegRxly4jRV
-/lXbFAUb
+MIIFPTCCAyWgAwIBAgIUPv2sKSZA+KW0a4LxgUhiZG48AkswDQYJKoZIhvcNAQEL
+BQAwFzEVMBMGA1UEAwwMZXhhbXBsZS4uY29tMB4XDTIzMTAxNjE2MzM1M1oXDTMz
+MTAxMzE2MzM1M1owFzEVMBMGA1UEAwwMZXhhbXBsZS4uY29tMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEA1NKZJQY7B8xGnaERMX4laepq3u00q1nSDS6j
+03qd1zZkW+ofMFlH5plBvULNO1jdAH9WwyMAwLu87R1QOx9fEz06J81Wtu7jheOU
+EHzn6NwWkUaX+j1oaIHIXrYnrUn5sW8w2wFEky82gPEG5SiZ6otKV2whX1ckSa3W
+ReFihEO/2/zxOEA0QzfIxFDW92wyAMDNM2/O/AMQB2jVxtWhYiqePXVUfQrIrLW1
+ytNmIWl7hoIHfVPgEoGLRe7kbT/QMTCd/lNrzF/rxUo+Aohq3WmVOdUCL4KdDnKS
+tlQFf8L4+9t19KiM9xX4GRMk9WWONk8rHln842ziv00bgD0rB3yZHlHJfGpkLdKv
+VZgcMHp31ZqVFzHapqHmXBVyEqxRIZSkZX4PN5bEdigz3Exf/vys+NAZKyJw35tn
+kF0+V/+vLlbvqZz98DDj+/KGgy7vaF3tBYBAC4px5yvnicDlBZS0GlrF1fufWQRQ
+94n8LVcG47XjaEOufpzj5Xm6ZzTYDyiqO1+mszU6BQH8W8N+sZ+q7hPBkgRZ/WJF
+gXzNh5KPeDv47oXadYXOqNzXR7wkC11H5hmgQFrDCjuc0zTi/y7Iq+NxpkuQJIDD
+/4yNVTHM6GZSeBDH7rpkjL6coShU6fu2QxSofltpz4QxNtbquRtt3A2Se7obhC9g
+OeZfIqsCAwEAAaOBgDB+MB0GA1UdDgQWBBQ8JrC+u1bsL4QTJuIkH4MyZ2+ZWzAf
+BgNVHSMEGDAWgBQ8JrC+u1bsL4QTJuIkH4MyZ2+ZWzAPBgNVHRMBAf8EBTADAQH/
+MCsGA1UdEQQkMCKCC2V4YW1wbGUuY29tgg0qLmV4YW1wbGUuY29thwQKAAABMA0G
+CSqGSIb3DQEBCwUAA4ICAQAVFkQdpfoxzNu2VyhCtrCT8a1PA7Ko+ziPR0GWBxag
+kB3NRGzCVXENuX8OjLAsBRrYDTeUwIZJD2MWLqkhqs+8Bw08c9jdyezeWmgAL0I8
+aTiPET3CwVME78JPvxAJjmdayYFanniAbE3GMk+Bf2pvFTdPI8etY6Brv+uqBbyb
+9pFspp2U05KRqTukVW2YJnWKfMR4VIBzOEA1maGwVMgnC3YPm3qsYqxXqr/jLDCg
+/EFoozne5/mNmvhSKWOUB1gsuv+3wiUOL6aZETY7RJPQADpHhJntCSeapb5DWhyr
+ZzUPGHbAyWqbfwmt7b9Pga4fQOihxi4Nf2ZnnMy32HQVqz2sOU7Fo/5rfejEQfGP
+jxt9b69Hydc3MQJF+eQVYS+NzaZyCX05kLqcGmIP4WKhjx3BkMaZVwjmYfE9WgKR
+Lcwq0aoz4Guh7Q0yICUc0PvxWLAkiXYFhthg05ZplTd+HgY3XCdO4DyG7lgL4b9t
+T6oqZv/7ivJbwTrvQXr6gGPhVq+120/mEw2qsdaQAp8v1ac5UgdCTViDkT45Ivox
+dS8VaqlVymvnLWAXtN92kQeb7bAhRmMZMNpFicFm8VS+alfijQDwhW5kOGpqtCrO
+f3QWYOehrqmHIuKw4ZhCYIy/OWkHR2j5iiZl8RFN2KhHZwLcmQTyxLaBk3SX1kCl
+qA==
 -----END CERTIFICATE-----

data/spec/data/trusted_certs/example_no_cn.crt

@@ -1,36 +1,32 @@
 -----BEGIN CERTIFICATE-----
-MIIGPzCCBCegAwIBAgIJAKwtLqBeqNzfMA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMH
-WW91Q29ycDETMBEGA1UECxMKT3BlcmF0aW9uczEdMBsGCSqGSIb3DQEJARYObWVA
-ZXhhbXBsZS5jb20wHhcNMTYxMDMxMTkxMzQ2WhcNMjYxMDI5MTkxMzQ2WjByMQsw
-CQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxEDAOBgNV
-BAoTB1lvdUNvcnAxEzARBgNVBAsTCk9wZXJhdGlvbnMxHTAbBgkqhkiG9w0BCQEW
-Dm1lQGV4YW1wbGUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
-s1OiWnMV3shxVccqzenDBww5rSou9Ab/VqujKisJ54dXyHukYMxh9MJwlRDsy0FB
-uKRAyNfhM43hSMYhtF7NS//D1lI/LDvIQkBaH8R834bvK102Avmsx7zKPOo/CUkd
-g7uuL2eRzRszEuAREH1E7/PpTj11CjirG9i7FlbKj7vDA1Nqvtb0kHdiQuH2Cojy
-Uf1uVFyE5UliFXtePDrxpOAfJUbcSdOLsK8olKHGCb0cfN/tCfbyEY8rHGsAUK2A
-afuHRTR7pRQwfqJ5EK3DBbbFz+GSi+9zWFOudfqTsczS/HtpMbF8HBwqBAa+mpU/
-UjmhpTYQ+rgVtWtEcttboeK6jvFBFLyQ6VRcrDi/8lmAnm1Q+RZk5g3GwZMhIMNU
-5XQZf6jsUsIFBuOaRyLn9dXkgyO7gOy8n8Yw+YdIFt29kaqZ6pu9kpS0jquxzSKj
-MVS4OrThLwgazfQu/BlOvJpQfcNPI/VP9c41yHKpeoIh6oxNDc/212/wwgwPgD83
-8YXddupaSuE++h9Z10CCZgwux8deTlMjzETIMiIo8R3KV0pJgZ11akeJ8USr+QQ2
-+fO/GdpNUa5nNTgF3t4zTF3DPToqj6KDgxLhUdXopF1hLYgwr8FKOtn9KXP+I0hz
-hWzZoX9gwFLEPrUy265Gpw8TVTmNuSiiZtgJDSDKTBcCAwEAAaOB1zCB1DAdBgNV
-HQ4EFgQUr5Y6dxhyVxfhwFsEKLDIXxQ2zBswgaQGA1UdIwSBnDCBmYAUr5Y6dxhy
-VxfhwFsEKLDIXxQ2zBuhdqR0MHIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQ
-MA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMHWW91Q29ycDETMBEGA1UECxMKT3Bl
-cmF0aW9uczEdMBsGCSqGSIb3DQEJARYObWVAZXhhbXBsZS5jb22CCQCsLS6gXqjc
-3zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQBYXgqXAnocH6i8o47c
-BZPMGO9y4LCB4YNIrZPKRNFvRl2aolA5KiBxr6WJp1iczxVA4lCmXU1LGfvRPHec
-nHtVax3+Q1JCZhBSv/txQTjgn72qoJyCsPmjyWifbE1jFdRj0g74/Eu/0ku3L0vV
-jTlqzJXQIzRkQm+Y5OrZo92tXaOgO+C0qdd6gaEaIIya6bzrBpW95NtVymhXi2Qf
-7G7Z/yw8XhoQiDJaPHF6XavC3dYvi51cehnPR4E6Jok23kbJEe3Qw5Yh747JjSsS
-Sz07CKqTFcFjHI2f1sFdDjw34lj5mtOf3pEpRGGmvzkF8zm/sVQQ2rCKnqEe7zPy
-Bg9guzVpORG+g76hGFZcYnz78LLNrIYcuYoLcbbZh404wjmifVKO5OC1dRgmJTuc
-VnJe92568Y9cUAjrLztxp5gwXgYUllsXweJ2UGiHxSBqUfCCGG5vK5sYs52HR6wJ
-wRSvwk/VHifYPxJ54RRB51ebYjmD1j41tRseHdFq21qpXSvr9DFLUJBvdN9zA/6t
-xCBlXAdYxD0n0/bruUYNoXBeMhLp+WKSAQvTlVIyqoNQCo1OBBzBVNg9otl3jw5d
-1QOhodRqmS5UQAJptuXtk8WN8OZqMCCeogIfdpa5tJG+/fxFML9EvqedS4c05Wf/
-oYdVLVWSjyoA2l4Xb4LdexAgCg==
+MIIFkzCCA3ugAwIBAgIUFwXNNBdNYJ9+hvGdKqTqEF+XwiMwDQYJKoZIhvcNAQEL
+BQAwQjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkZMMRQwEgYDVQQKDAtFeGFtcGxl
+IENvbTEQMA4GA1UECwwHVW5rbm93bjAeFw0yMzEwMTYxNjQ1NTlaFw0zMzEwMTMx
+NjQ1NTlaMEIxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJGTDEUMBIGA1UECgwLRXhh
+bXBsZSBDb20xEDAOBgNVBAsMB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQC+Hzs1xpvg7sPFIry6LO0IIvERaP2ncmQd3lPhQ1nRHqAv2Tkq
+dSNxJ0kadXw015Ze6n7+L5o8PXqPwFooaFLHqJv/iBWQvEBBCoaRoKF1mNMaaQ7c
+dD22bSeG5R01Silnewzt6fG2TdQ3hVjLMsApLEzYCUpqWXvYy/+Aqixfg9nTN+sH
+3xHTibNS69LDD+xDQ3q1IDAqLxvF7zBir5UQ7XbK2D2QrgEQ+OM5rXbkcM3KFIh0
+bGKN7NyP202drGwcTy3DDq5ojfyC9fIRT2YuAAAZO6UFRmc9Dr59F1ukGe6m4lxq
+4u4Pj0LlLdB8ufbCb5wr7bRXuGCWfwGAQrK9z5YlTxoCb9wmA80spM7xSQRewAb6
+ibJB9FwdjItwZf2YkMmSy3lt63HunN62DvlfvHzQBd5sfNSOX09i/VCxuy2xget2
+F2ToOyWpjLt/+Vqni8S8ZiD9M8X0lWApwtkDWDxFMFPSAPlerqCcQANhGN3PKSMj
+jHxU20oNxs6LkxQJPLJZCkBz2Y2ND6dXY0B9UuxM5HsFQb6CdYhsdWUPYUXMf1Jy
+zlXHb6j6XCFvrx9Wf5WVw1ubEWMVBZEqHpLsR4p0gnHwcZFGa0PcQj2LncevRglt
+qTWfHnupxlzAjkZefahG9Lp0WJgG3y2kMiTIL2sSsJGvybbatAvw83RBrwIDAQAB
+o4GAMH4wHQYDVR0OBBYEFEhnFG/xXEKQa/jFbs4EZKh2r1vCMB8GA1UdIwQYMBaA
+FEhnFG/xXEKQa/jFbs4EZKh2r1vCMA8GA1UdEwEB/wQFMAMBAf8wKwYDVR0RBCQw
+IoILZXhhbXBsZS5jb22CDSouZXhhbXBsZS5jb22HBAoAAAEwDQYJKoZIhvcNAQEL
+BQADggIBAFItDIIoQLS377pgmAcTMADW4b4T5SL7cqhukgvg81l0hAJLzE5cCdqu
+8UTR3N+uvwVq0SnP5fuNoyBfcL52NeCaQZMO8N4IEd1VDjwu1XXxav+AbWwaT4Yo
+OPDWIGGjkCtf2xZsXWFQ0xW+68bZvD6hN9yKp+W2bu1UFqcKCiY/Klhol+2t3eLX
+xP/fM4nMo6iMZhY4FQCWI/NKbuFPwzHLtrrBURCoX50+fvekOdfRHq771mJvzZKE
+AAIKAvYoYdFfeuaX5N9/UNjMhZ92mw1IIsdbmsCxvHrWsrczmXeP3u1lvxQnkjWL
+vg3Zpdv2a0vpYx6nSunko0XA7qnoE+0gdP/uRhMaGiE9QCu3KdZji62gKHuxgc+u
+/i23kmyqOTC36o/a725eb6fMnGFVSxQ0DXlPSPQnJ2tsGMAM37fxoPfF9IamrmdD
+Q0Usia+XzBckD0sSG8j50x2of9NS3vFFgWM1Cas55XWzlkDGbIJMlrKOj01bUYNq
+ltmMfavmpMPA86p8QHRmWlQhtgu+OK/8RxmGtQdtBi8Gdk3mNMkokSQCVcDWvNhX
+pVFCGya51orBgbWqxbAsIeiv7Pl85edXm8KolJ389xkXqFvX31hme5KnyBhCcRrv
+EZbXRhY3O58t7SlKWVCnx/JmEkJcRJtZaEReF1LbBayExYNnj/sD
 -----END CERTIFICATE-----

data/spec/functional/resource/chocolatey_package_spec.rb

@@ -22,8 +22,16 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
   include Chef::Mixin::ShellOut
 
   let(:package_name) { "test-A" }
-  let(:package_list) { proc { shell_out!("choco list -lo -r #{Array(package_name).join(" ")}").stdout.chomp } }
   let(:package_source) { File.join(CHEF_SPEC_ASSETS, "chocolatey_feed") }
+  let(:package_list) do
+    if provider.query_command == "list"
+      # using result of query_command because that indicates which "search" command to use
+      # which coincides with the package list output
+      proc { shell_out!("choco search -lo #{Array(package_name).join(" ")}").stdout.chomp }
+    else
+      proc { shell_out!("choco list #{Array(package_name).join(" ")}").stdout.chomp }
+    end
+  end
 
   let(:run_context) do
     Chef::RunContext.new(Chef::Node.new, {}, Chef::EventDispatch::Dispatcher.new)
@@ -54,12 +62,16 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     ENV["Path"] = ENV.delete("Path")
   end
 
+  after(:each) do
+    provider.instance_variable_set(:@get_choco_version, nil)
+  end
+
   context "installing a package" do
     after { remove_package }
 
     it "installs the latest version" do
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
 
     it "does not install if already installed" do
@@ -69,19 +81,19 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     end
 
     it "installs version given" do
-      subject.version "1.0"
+      subject.version "1.0.0"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|1.0")
+      expect(package_list.call).to match(/^#{package_name}|1.0.0$/)
     end
 
     it "installs new version if one is already installed" do
-      subject.version "1.0"
+      subject.version "1.0.0"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|1.0")
+      expect(package_list.call).to match(/^#{package_name}|1.0.0$/)
 
-      subject.version "2.0"
+      subject.version "2.0.0"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
 
     context "installing multiple packages" do
@@ -89,7 +101,7 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
 
       it "installs both packages" do
         subject.run_action(:install)
-        expect(package_list.call).to eq("test-A|2.0\r\ntest-B|1.0")
+        expect(package_list.call).to match(/^test-A|2.0.0\r\ntest-B|1.0.0$/)
       end
     end
 
@@ -101,13 +113,13 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     it "installs with an option as a string" do
       subject.options "--force --confirm"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
 
     it "installs with multiple options as a string" do
       subject.options "--force --confirm"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
 
     context "when multiple options passed as string" do
@@ -137,7 +149,7 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     it "installs with multiple options as an array" do
       subject.options [ "--force", "--confirm" ]
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
   end
 
@@ -145,24 +157,24 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     after { remove_package }
 
     it "upgrades to a specific version" do
-      subject.version "1.0"
+      subject.version "1.0.0"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|1.0")
+      expect(package_list.call).to match(/^#{package_name}|1.0.0$/)
 
-      subject.version "1.5"
+      subject.version "1.5.0"
       subject.run_action(:upgrade)
-      expect(package_list.call).to eq("#{package_name}|1.5")
+      expect(package_list.call).to match(/^#{package_name}|1.5.0$/)
     end
 
     it "upgrades to the latest version if no version given" do
-      subject.version "1.0"
+      subject.version "1.0.0"
       subject.run_action(:install)
-      expect(package_list.call).to eq("#{package_name}|1.0")
+      expect(package_list.call).to match(/^#{package_name}|1.0.0$/)
 
       subject2 = Chef::Resource::ChocolateyPackage.new("test-A", run_context)
       subject2.source package_source
       subject2.run_action(:upgrade)
-      expect(package_list.call).to eq("#{package_name}|2.0")
+      expect(package_list.call).to match(/^#{package_name}|2.0.0$/)
     end
   end
 
@@ -170,7 +182,7 @@ describe Chef::Resource::ChocolateyPackage, :windows_only, :choco_installed do
     it "removes an installed package" do
       subject.run_action(:install)
       remove_package
-      expect(package_list.call).to eq("")
+      expect(package_list.call).to match(/0 packages installed/)
     end
   end
 

data/spec/functional/resource/execute_spec.rb

@@ -62,7 +62,7 @@ describe Chef::Resource::Execute do
   end
 
   describe "when parent resource sets :cwd" do
-    let(:guard) { %{ruby -e 'exit 1 unless File.exists?("./nested.json")'} }
+    let(:guard) { %{ruby -e 'exit 1 unless File.exist?("./nested.json")'} }
 
     it "guard inherits :cwd from resource and runs" do
       resource.cwd CHEF_SPEC_DATA

data/spec/functional/resource/windows_certificate_spec.rb

@@ -56,6 +56,30 @@ describe Chef::Resource::WindowsCertificate, :windows_only do
   let(:store) { "Chef-Functional-Test" }
   let(:store_name) { "MY" }
   let(:store_location) { "LocalMachine" }
+  let(:test_cert_body) do
+    <<~CERT
+-----BEGIN CERTIFICATE-----
+MIIDQTCCAimgAwIBAgIQX3zqNCJbsKlEvzCz3Z9aNDANBgkqhkiG9w0BAQsFADAh
+MR8wHQYDVQQDDBZ3d3cuZHVtbXljaGVmdGVzdHMuY29tMCAXDTIwMDMwNTEwMjcw
+NVoYDzIxMjAwMzA1MTAzNzA2WjAhMR8wHQYDVQQDDBZ3d3cuZHVtbXljaGVmdGVz
+dHMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuYKDb6woWIH
+HPPOrcVpgJFVxbkjgk+tsYwbIiqR9jtRaKE6nM/awOgn9/dFF4k8KB8Em0sUx7Vq
+J3YhK2N2cAacgP2Frqqf5znpNBBOg968RoZzGx0EiXFvLsqC4y8ggApWTbMXPRk4
+1a7GlpUpSqI3y5cLeEbzwGQKu8I1I+v7P2fTlnJPHarM7sBbL8bieukkFHYu78iV
+u1wpKOCCfs5DTmJu8WN+z1Mar9vyrWMBlt2wBBgNHPz5mcXUzJHTzaI/D9RGgBgF
+V0IkNqISx/IzR62jjj2g6MgTH4G/0mM6O5sxduM4yGmWZNZpVzh0yMLgH619MZlj
+SMQIN3U/SQIDAQABo3MwcTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMBMCEGA1UdEQQaMBiCFnd3dy5kdW1teWNoZWZ0ZXN0cy5j
+b20wHQYDVR0OBBYEFHwS3gs03m6RcpR+66u4OqGiZdYnMA0GCSqGSIb3DQEBCwUA
+A4IBAQCFHqMjHUfBZahIsKHQIcFCbC1NFh1ZHlJKZzrRBRwRzX19OttHGMyLpDd6
+tM9Ac6LLR8S4QIWg+HF3IrkN+vfTRDZAccj+tIwBRstmdsEz/rAJ79Vb/00mXZQx
+0FPiBDR3hE7On2oo24DU8kJP3v6TrunwtIomVGqrrkwZzvxqyW+WJMB2shGNFw5J
+mKYBiiXsHl4Bi7V4zhXssrLp877sqpNLeXloXBmAlT39SwQTP9ImZaV5R6udqlvo
+Gfgm5PH/WeK6MV3n5ik0v1rS0LwR2o82WlIB6a4iSEbzY3qSLsWOwt8o5QjAVzCR
+tNdbdS3U8nrG73iA2clmF57ARQWC
+-----END CERTIFICATE-----
+    CERT
+  end
   let(:download_cert_url) { "https://testingchef.blob.core.windows.net/files/test.cer" }
   let(:cert_output_path) { ::File.join(Chef::Config[:file_cache_path], "output.cer") }
   let(:pfx_output_path) { ::File.join(Chef::Config[:file_cache_path], "output.pfx") }
@@ -128,6 +152,7 @@ describe Chef::Resource::WindowsCertificate, :windows_only do
     end
 
     it "can add a certificate from a valid url" do
+      stub_request(:get, download_cert_url).to_return(body: test_cert_body)
       resource.source = download_cert_url
       resource.run_action(:create)
 

data/spec/functional/resource/zypper_package_spec.rb

@@ -189,6 +189,15 @@ describe Chef::Resource::ZypperPackage, :requires_root, :suse_only do
         expect(zypper_package.updated_by_last_action?).to be true
         expect(shell_out("rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n' chef_rpm").stdout.chomp).to match("^package chef_rpm is not installed$")
       end
+
+      context "Package doesn't exist" do
+        let(:package_name) { "nonexistent_repo" }
+        it "does nothing if the package is not installed" do
+          zypper_package.run_action(:remove)
+          expect(zypper_package.updated_by_last_action?).to be false
+        end
+
+      end
     end
 
     context "with no available version" do
@@ -259,6 +268,7 @@ describe Chef::Resource::ZypperPackage, :requires_root, :suse_only do
       expect(shell_out("zypper locks | grep chef_rpm_provides").stdout.chomp).not_to match("chef_rpm_provides")
     end
   end
+
   def remove_package
     pkg_to_remove = Chef::Resource::ZypperPackage.new(package_name, run_context)
     pkg_to_remove.run_action(:remove)

data/spec/unit/client_spec.rb

@@ -119,8 +119,8 @@ shared_context "a client run" do
     #   Make sure Client#register thinks the client key doesn't
     #   exist, so it tries to register and create one.
     allow(Chef::HTTP::Authenticator).to receive(:detect_certificate_key).with(fqdn).and_return(false)
-    allow(File).to receive(:exists?).and_call_original
-    expect(File).to receive(:exists?)
+    allow(File).to receive(:exist?).and_call_original
+    expect(File).to receive(:exist?)
       .with(Chef::Config[:client_key])
       .exactly(:once)
       .and_return(api_client_exists?)