chef 18.4.2 → 18.5.0

data/lib/chef/resource/selinux_permissive.rb

@@ -18,7 +18,7 @@ class Chef
     class SelinuxPermissive < Chef::Resource
       unified_mode true
 
-      provides :selinux_permissive
+      provides :selinux_permissive, target_mode: true
 
       description "Use the **selinux_permissive** resource to allow some domains to misbehave without stopping them. This is not as good as setting specific policies, but better than disabling SELinux entirely."
       introduced "18.0"
@@ -61,4 +61,4 @@ class Chef
       end
     end
   end
-end
+end

data/lib/chef/resource/selinux_port.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxPort < Chef::Resource
       unified_mode true
 
-      provides :selinux_port
+      provides :selinux_port, target_mode: true
 
       description "Use the **selinux_port** resource to assign a network port to a specific SELinux context. For example, running a web server on a non-standard port."
       introduced "18.0"
@@ -115,4 +115,4 @@ class Chef
 
     end
   end
-end
+end

data/lib/chef/resource/selinux_state.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxState < Chef::Resource
       unified_mode true
 
-      provides :selinux_state
+      provides :selinux_state, target_mode: true
 
       description "Use **selinux_state** resource to manages the SELinux state on the system. It does this by using the `setenforce` command and rendering the `/etc/selinux/config` file from a template."
       introduced "18.0"
@@ -163,4 +163,4 @@ class Chef
       end
     end
   end
-end
+end

data/lib/chef/resource/selinux_user.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxUser < Chef::Resource
       unified_mode true
 
-      provides :selinux_user
+      provides :selinux_user, target_mode: true
 
       description "Use the **selinux_user** resource to add, update, or remove SELinux users."
       introduced "18.1"

data/lib/chef/resource/smartos_package.rb

@@ -22,8 +22,8 @@ class Chef
   class Resource
     class SmartosPackage < Chef::Resource::Package
 
-      provides :smartos_package
-      provides :package, platform_family: "smartos"
+      provides :smartos_package, target_mode: true
+      provides :package, platform_family: "smartos", target_mode: true
 
       description "Use the **smartos_package** resource to manage packages for the SmartOS platform."
 

data/lib/chef/resource/snap_package.rb

@@ -22,10 +22,33 @@ class Chef
   class Resource
     class SnapPackage < Chef::Resource::Package
 
-      provides :snap_package
+      provides :snap_package, target_mode: true
 
       description "Use the **snap_package** resource to manage snap packages on Debian and Ubuntu platforms."
       introduced "15.0"
+      examples <<~DOC
+      **Install a package**
+
+      ```ruby
+      snap_package 'hello'
+      ```
+
+      **Upgrade a package**
+
+      ```ruby
+      snap_package 'hello' do
+        action :upgrade
+      end
+      ```
+
+      **Install a package with classic confinement**
+
+      ```ruby
+      snap_package 'hello' do
+        options 'classic'
+      end
+      ```
+      DOC
 
       allowed_actions :install, :upgrade, :remove, :purge
 

data/lib/chef/resource/solaris_package.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class SolarisPackage < Chef::Resource::Package
 
-      provides :solaris_package
+      provides :solaris_package, target_mode: true
 
       description "Use the **solaris_package** resource to manage packages on the Solaris platform."
 

data/lib/chef/resource/ssh_known_hosts_entry.rb

@@ -24,7 +24,7 @@ class Chef
   class Resource
     class SshKnownHostsEntry < Chef::Resource
 
-      provides :ssh_known_hosts_entry
+      provides :ssh_known_hosts_entry, target_mode: true
 
       description "Use the **ssh_known_hosts_entry** resource to add an entry for the specified host in /etc/ssh/ssh_known_hosts or a user's known hosts file if specified."
       introduced "14.3"

data/lib/chef/resource/sudo.rb

@@ -25,7 +25,7 @@ class Chef
   class Resource
     class Sudo < Chef::Resource
 
-      provides(:sudo) { true }
+      provides(:sudo, target_mode: true) { true }
 
       description "Use the **sudo** resource to add or remove individual sudo entries using sudoers.d files."\
                   " Sudo version 1.7.2 or newer is required to use the sudo resource, as it relies on the"\
@@ -216,11 +216,11 @@ class Chef
         target = "#{new_resource.config_prefix}/sudoers.d/"
         directory(target)
 
-        Chef::Log.warn("#{new_resource.filename} will be rendered, but will not take effect because the #{new_resource.config_prefix}/sudoers config lacks the includedir directive that loads configs from #{new_resource.config_prefix}/sudoers.d/!") if ::File.readlines("#{new_resource.config_prefix}/sudoers").grep(/includedir/).empty?
+        Chef::Log.warn("#{new_resource.filename} will be rendered, but will not take effect because the #{new_resource.config_prefix}/sudoers config lacks the includedir directive that loads configs from #{new_resource.config_prefix}/sudoers.d/!") if ::TargetIO::File.readlines("#{new_resource.config_prefix}/sudoers").grep(/includedir/).empty?
         file_path = "#{target}#{new_resource.filename}"
 
         if new_resource.template
-          logger.trace("Template property provided, all other properties ignored.")
+          Chef::Log.trace("Template property provided, all other properties ignored.")
 
           template file_path do
             source new_resource.template
@@ -279,13 +279,13 @@ class Chef
         end
 
         def visudo_present?
-          return true if ::File.exist?(new_resource.visudo_binary)
+          return true if ::TargetIO::File.exist?(new_resource.visudo_binary)
 
           Chef::Log.warn("The visudo binary cannot be found at '#{new_resource.visudo_binary}'. Skipping sudoer file validation. If visudo is on this system you can specify the path using the 'visudo_binary' property.")
         end
 
         def visudo_content(path)
-          if ::File.exist?(path)
+          if ::TargetIO::File.exist?(path)
             "cat #{new_resource.config_prefix}/sudoers | #{new_resource.visudo_binary} -cf - && #{new_resource.visudo_binary} -cf %{path}"
           else
             "cat #{new_resource.config_prefix}/sudoers %{path} | #{new_resource.visudo_binary} -cf -"

data/lib/chef/resource/support/client.erb

@@ -10,7 +10,6 @@
       @https_proxy
       @ftp_proxy
       @log_level
-      @minimal_ohai
       @named_run_list
       @no_proxy
       @pid_file
@@ -22,6 +21,7 @@
 <% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
 <%=prop.delete_prefix("@") %> <%= instance_variable_get(prop).inspect %>
 <% end -%>
+minimal_ohai <%= @minimal_ohai.inspect %>
 <%# ohai_disabled_plugins and ohai_optional_plugins properties don't match the config value perfectly-%>
 <% %w(@ohai_disabled_plugins
       @ohai_optional_plugins).each do |prop| -%>

data/lib/chef/resource/swap_file.rb

@@ -21,7 +21,7 @@ class Chef
   class Resource
     class SwapFile < Chef::Resource
 
-      provides(:swap_file) { true }
+      provides(:swap_file, target_mode: true) { true }
 
       description "Use the **swap_file** resource to create or delete swap files on Linux systems, and optionally to manage the swappiness configuration for a host."
       introduced "14.0"
@@ -84,7 +84,7 @@ class Chef
 
       action :remove, description: "Remove a swapfile and disable swap." do
         swapoff if swap_enabled?
-        remove_swapfile if ::File.exist?(new_resource.path)
+        remove_swapfile if ::TargetIO::File.exist?(new_resource.path)
       end
 
       action_class do
@@ -129,7 +129,7 @@ class Chef
 
         def remove_swapfile
           converge_by "remove swap file #{new_resource.path}" do
-            ::FileUtils.rm(new_resource.path)
+            ::TargetIO::FileUtils.rm(new_resource.path)
           end
         end
 
@@ -186,7 +186,7 @@ class Chef
         def compatible_kernel
           fallocate_location = shell_out("which fallocate").stdout
           Chef::Log.debug("#{new_resource} fallocate location is '#{fallocate_location}'")
-          ::File.exist?(fallocate_location.chomp)
+          ::TargetIO::File.exist?(fallocate_location.chomp)
         end
 
         def compatible_filesystem?
@@ -205,7 +205,7 @@ class Chef
 
         def persist
           fstab = "/etc/fstab"
-          contents = ::File.readlines(fstab)
+          contents = ::TargetIO::File.readlines(fstab)
           addition = "#{new_resource.path} swap swap defaults 0 0"
 
           if contents.any? { |line| line.strip == addition }
@@ -214,7 +214,7 @@ class Chef
             Chef::Log.info("#{new_resource} adding entry to #{fstab} for #{new_resource.path}")
 
             contents << "#{addition}\n"
-            ::File.open(fstab, "w") { |f| f.write(contents.join("")) }
+            ::TargetIO::File.open(fstab, "w") { |f| f.write(contents.join("")) }
           end
         end
       end

data/lib/chef/resource/sysctl.rb

@@ -21,8 +21,8 @@ class Chef
   class Resource
     class Sysctl < Chef::Resource
 
-      provides(:sysctl) { true }
-      provides(:sysctl_param) { true }
+      provides(:sysctl, target_mode: true) { true }
+      provides(:sysctl_param, target_mode: true) { true }
 
       description "Use the **sysctl** resource to set or remove kernel parameters using the `sysctl` command line tool and configuration files in the system's `sysctl.d` directory. Configuration files managed by this resource are named `99-chef-KEYNAME.conf`."
       examples <<~DOC
@@ -103,6 +103,7 @@ class Chef
       property :comment, [Array, String],
         description: "Comments, placed above the resource setting in the generated file. For multi-line comments, use an array of strings, one per line.",
         default: [],
+        desired_state: false,
         introduced: "15.8"
 
       property :conf_dir, String,
@@ -151,7 +152,7 @@ class Chef
 
       action :remove, description: "Remove the kernel parameter and update the `sysctl` settings." do
         # only converge the resource if the file actually exists to delete
-        if ::File.exist?("#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf")
+        if ::TargetIO::File.exist?("#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf")
           converge_by "removing sysctl config at #{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf" do
             file "#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf" do
               action :delete
@@ -215,9 +216,9 @@ class Chef
       # return the value. Raise in case this conf file needs to be created
       # or updated
       def get_sysctld_value(key)
-        raise unless ::File.exist?("/etc/sysctl.d/99-chef-#{key.tr("/", ".")}.conf")
+        raise unless ::TargetIO::File.exist?("/etc/sysctl.d/99-chef-#{key.tr("/", ".")}.conf")
 
-        k, v = ::File.read("/etc/sysctl.d/99-chef-#{key.tr("/", ".")}.conf").match(/(.*) = (.*)/).captures
+        k, v = ::Target_IO::File.read("/etc/sysctl.d/99-chef-#{key.tr("/", ".")}.conf").match(/(.*) = (.*)/).captures
         raise "Unknown sysctl key!" if k.nil?
         raise "Unknown sysctl value!" if v.nil?
 

data/lib/chef/resource/systemd_unit.rb

@@ -24,7 +24,7 @@ class Chef
   class Resource
     class SystemdUnit < Chef::Resource
 
-      provides(:systemd_unit) { true }
+      provides(:systemd_unit, target_mode: true) { true }
 
       description "Use the **systemd_unit** resource to create, manage, and run [systemd units](https://www.freedesktop.org/software/systemd/man/systemd.html#Concepts)."
       introduced "12.11"

data/lib/chef/resource/template.rb

@@ -35,7 +35,7 @@ class Chef
     # template resource follow the same file specificity rules as the remote_file and file resources.
     class Template < Chef::Resource::File
 
-      provides :template
+      provides :template, target_mode: true
 
       include Chef::Mixin::Securable
 

data/lib/chef/resource/timezone.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class Timezone < Chef::Resource
 
-      provides :timezone
+      provides :timezone, target_mode: true
 
       description "Use the **timezone** resource to change the system timezone on Windows, Linux, and macOS hosts. Timezones are specified in tz database format, with a complete list of available TZ values for Linux and macOS here: <https://en.wikipedia.org/wiki/List_of_tz_database_time_zones>. On Windows systems run `tzutil /l` for a complete list of valid timezones."
       introduced "14.6"
@@ -96,10 +96,10 @@ class Chef
       # @since 16.5
       # @return [String] timezone id
       def current_rhel_tz
-        return nil unless ::File.exist?("/etc/sysconfig/clock")
+        return nil unless ::TargetIO::File.exist?("/etc/sysconfig/clock")
 
         # https://rubular.com/r/aoj01L3bKBM7wh
-        /ZONE="(.*)"/.match(::File.read("/etc/sysconfig/clock"))[1]
+        /ZONE="(.*)"/.match(::TargetIO::File.read("/etc/sysconfig/clock"))[1]
       end
 
       load_current_value do
@@ -155,13 +155,13 @@ class Chef
                 execute "tzdata-update" do
                   command "/usr/sbin/tzdata-update"
                   action :nothing
-                  only_if { ::File.executable?("/usr/sbin/tzdata-update") }
+                  only_if { ::TargetIO::File.executable?("/usr/sbin/tzdata-update") }
                   subscribes :run, "file[/etc/sysconfig/clock]", :immediately
                 end
 
                 link "/etc/localtime" do
                   to "/usr/share/zoneinfo/#{new_resource.timezone}"
-                  not_if { ::File.executable?("/usr/sbin/tzdata-update") }
+                  not_if { ::TargetIO::File.executable?("/usr/sbin/tzdata-update") }
                 end
               when "mac_os_x"
                 shell_out!(["sudo", "systemsetup", "-settimezone", new_resource.timezone])

data/lib/chef/resource/user/aix_user.rb

@@ -22,8 +22,8 @@ class Chef
     class User
       class AixUser < Chef::Resource::User
 
-        provides :aix_user
-        provides :user, os: "aix"
+        provides :aix_user, target_mode: true
+        provides :user, os: "aix", target_mode: true
       end
     end
   end

data/lib/chef/resource/user/linux_user.rb

@@ -22,8 +22,8 @@ class Chef
     class User
       class LinuxUser < Chef::Resource::User
 
-        provides :linux_user
-        provides :user, os: "linux"
+        provides :linux_user, target_mode: true
+        provides :user, os: "linux", target_mode: true
 
       end
     end

data/lib/chef/resource/user/pw_user.rb

@@ -22,8 +22,8 @@ class Chef
     class User
       class PwUser < Chef::Resource::User
 
-        provides :pw_user
-        provides :user, os: "freebsd"
+        provides :pw_user, target_mode: true
+        provides :user, os: "freebsd", target_mode: true
       end
     end
   end

data/lib/chef/resource/user/solaris_user.rb

@@ -22,8 +22,8 @@ class Chef
     class User
       class SolarisUser < Chef::Resource::User
 
-        provides :solaris_user
-        provides :user, os: %w{omnios solaris2}
+        provides :solaris_user, target_mode: true
+        provides :user, os: %w{omnios solaris2}, target_mode: true
       end
     end
   end

data/lib/chef/resource/user_ulimit.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class UserUlimit < Chef::Resource
 
-      provides :user_ulimit
+      provides :user_ulimit, target_mode: true
 
       description "Use the **user_ulimit** resource to create individual ulimit files that are installed into the `/etc/security/limits.d/` directory."
       introduced "16.0"

data/lib/chef/resource/yum_repository.rb

@@ -22,7 +22,7 @@ class Chef
   class Resource
     class YumRepository < Chef::Resource
 
-      provides(:yum_repository) { true }
+      provides(:yum_repository, target_mode: true) { true }
 
       description "Use the **yum_repository** resource to manage a Yum repository configuration file located at `/etc/yum.repos.d/repositoryid.repo` on the local machine. This configuration file specifies which repositories to reference, how to handle cached data, etc."
       introduced "12.14"

data/lib/chef/resource/zypper_package.rb

@@ -22,8 +22,8 @@ class Chef
   class Resource
     class ZypperPackage < Chef::Resource::Package
 
-      provides :zypper_package
-      provides :package, platform_family: "suse"
+      provides :zypper_package, target_mode: true
+      provides :package, platform_family: "suse", target_mode: true
 
       description "Use the **zypper_package** resource to install, upgrade, and remove packages with Zypper for the SUSE Enterprise and openSUSE platforms."
       examples <<~DOC

data/lib/chef/resource/zypper_repository.rb

@@ -22,8 +22,8 @@ class Chef
   class Resource
     class ZypperRepository < Chef::Resource
 
-      provides(:zypper_repository) { true }
-      provides(:zypper_repo) { true } # legacy cookbook compatibility
+      provides(:zypper_repository, target_mode: true) { true }
+      provides(:zypper_repo, target_mode: true) { true } # legacy cookbook compatibility
 
       description "Use the **zypper_repository** resource to create Zypper package repositories on SUSE Enterprise Linux and openSUSE systems. This resource maintains full compatibility with the **zypper_repository** resource in the existing **zypper** cookbook."
       introduced "13.3"

data/lib/chef/run_lock.rb

@@ -151,6 +151,9 @@ class Chef
         # will return false
         if runlock.flock(File::LOCK_NB | File::LOCK_EX) == 0
           true
+        # Target mode does not have run locks, because concurrency is intended
+        elsif Chef::Config.target_mode?
+          true
         else
           false
         end

data/lib/chef/scan_access_control.rb

@@ -46,7 +46,7 @@ class Chef
 
     # Modifies @current_resource, setting the current access control state.
     def set_all!
-      if ::File.exist?(new_resource.path)
+      if ::TargetIO::File.exist?(new_resource.path)
         set_owner
         set_group
         set_mode
@@ -76,7 +76,7 @@ class Chef
     end
 
     def lookup_uid
-      unless (pwent = Etc.getpwuid(stat.uid)).nil?
+      unless (pwent = TargetIO::Etc.getpwuid(stat.uid)).nil?
         pwent.name
       else
         stat.uid
@@ -103,7 +103,7 @@ class Chef
     end
 
     def lookup_gid
-      unless (pwent = Etc.getgrgid(stat.gid)).nil?
+      unless (pwent = TargetIO::Etc.getgrgid(stat.gid)).nil?
         pwent.name
       else
         stat.gid
@@ -128,10 +128,10 @@ class Chef
 
     def stat
       @stat ||= if @new_resource.instance_of?(Chef::Resource::Link)
-                  ::File.lstat(@new_resource.path)
+                  ::TargetIO::File.lstat(@new_resource.path)
                 else
-                  realpath = ::File.realpath(@new_resource.path)
-                  ::File.stat(realpath)
+                  realpath = ::TargetIO::File.realpath(@new_resource.path)
+                  ::TargetIO::File.stat(realpath)
                 end
     end
   end

data/lib/chef/target_io/dir.rb

@@ -0,0 +1,12 @@
+module TargetIO
+  class Dir
+    class << self
+      def method_missing(m, *args, **kwargs, &block)
+        Chef::Log.debug format("Dir::%s(%s)", m.to_s, args.join(", "))
+
+        backend = ChefConfig::Config.target_mode? ? TrainCompat::Dir : ::Dir
+        backend.send(m, *args, **kwargs, &block)
+      end
+    end
+  end
+end

data/lib/chef/target_io/etc.rb

@@ -0,0 +1,16 @@
+module TargetIO
+  class Etc
+    class << self
+      def method_missing(m, *args, **kwargs, &block)
+        Chef::Log.debug format("Etc::%s(%s)", m.to_s, args.join(", "))
+
+        if ChefConfig::Config.target_mode? && !Chef.run_context.transport_connection.os.unix?
+          raise "Etc support only on Unix, this is " + Chef.run_context.transport_connection.platform.title
+        end
+
+        backend = ChefConfig::Config.target_mode? ? TrainCompat::Etc : ::Etc
+        backend.send(m, *args, **kwargs, &block)
+      end
+    end
+  end
+end

data/lib/chef/target_io/file.rb

@@ -0,0 +1,12 @@
+module TargetIO
+  class File
+    class << self
+      def method_missing(m, *args, **kwargs, &block)
+        Chef::Log.debug format("File::%s(%s)", m.to_s, args.join(", "))
+
+        backend = ChefConfig::Config.target_mode? ? TrainCompat::File : ::File
+        backend.send(m, *args, **kwargs, &block)
+      end
+    end
+  end
+end

data/lib/chef/target_io/fileutils.rb

@@ -0,0 +1,12 @@
+module TargetIO
+  class FileUtils
+    class << self
+      def method_missing(m, *args, **kwargs, &block)
+        Chef::Log.debug format("FileUtils::%s(%s)", m.to_s, args.join(", "))
+
+        backend = ChefConfig::Config.target_mode? ? TrainCompat::FileUtils : ::FileUtils
+        backend.send(m, *args, **kwargs, &block)
+      end
+    end
+  end
+end

data/lib/chef/target_io/http.rb

@@ -0,0 +1,22 @@
+require "forwardable" unless defined?(Forwardable)
+
+require_relative "../http/simple"
+require_relative "train/http"
+
+module TargetIO
+  class HTTP
+    extend Forwardable
+    def_delegators :@http_class, :get, :head, :patch, :post, :put, :delete
+
+    # Only for Chef::Provider::RemoteFile::HTTP
+    def_delegators :@http_class, :streaming_request, :streaming_request_with_progress, :last_response
+
+    def initialize(url, http_client_opts = {})
+      if ::ChefConfig::Config.target_mode?
+        @http_class = TargetIO::TrainCompat::HTTP.new(url, http_client_opts)
+      else
+        @http_class = Chef::HTTP::Simple.new(url, http_client_opts)
+      end
+    end
+  end
+end

data/lib/chef/target_io/io.rb

@@ -0,0 +1,12 @@
+module TargetIO
+  class IO
+    class << self
+      def method_missing(m, *args, **kwargs, &block)
+        Chef::Log.debug format("IO::%s(%s)", m.to_s, args.join(", "))
+
+        backend = ChefConfig::Config.target_mode? ? TrainCompat::IO : ::IO
+        backend.send(m, *args, **kwargs, &block)
+      end
+    end
+  end
+end

data/lib/chef/target_io/shadow.rb

@@ -0,0 +1,44 @@
+module TargetIO
+  module Shadow
+    # sp_namp - pointer to null-terminated user name.
+    # sp_pwdp - pointer to null-terminated password.
+    # sp_lstchg - days  since  Jan  1,  1970 password was last
+    #             changed.
+    # sp_min - days before which password may not be changed.
+    # sp_max - days after which password must be changed.
+    # sp_warn - days before password is to expire that  user  is
+    #           warned of pending password expiration.
+    # sp_inact  -  days  after  password expires that account is
+    #              considered inactive and disabled.
+    # sp_expire - days since Jan 1, 1970 when  account  will  be
+    #             disabled
+    # sp_loginclass - pointer to null-terminated user login class.
+    Entry = Struct.new(
+      :sp_namp,
+      :sp_pwdp,
+      :sp_lstchg,
+      :sp_min,
+      :sp_max,
+      :sp_warn,
+      :sp_inact,
+      :sp_expire,
+      :sp_loginclass
+    )
+
+    class Passwd
+      class << self
+
+        def method_missing(m, *args, **kwargs, &block)
+          Chef::Log.debug format("Shadow::Passwd::%s(%s)", m.to_s, args.join(", "))
+
+          if ChefConfig::Config.target_mode? && !Chef.run_context.transport_connection.os.unix?
+            raise "Shadow support only on Unix, this is " + Chef.run_context.transport_connection.platform.title
+          end
+
+          backend = ChefConfig::Config.target_mode? ? TrainCompat::Shadow::Passwd : ::Shadow::Passwd
+          backend.send(m, *args, **kwargs, &block)
+        end
+      end
+    end
+  end
+end