chef 11.12.0.alpha.1 → 11.12.0.rc.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (121) hide show
  1. checksums.yaml +4 -4
  2. data/lib/chef/api_client/registration.rb +46 -9
  3. data/lib/chef/application.rb +1 -0
  4. data/lib/chef/application/client.rb +25 -24
  5. data/lib/chef/client.rb +34 -0
  6. data/lib/chef/config.rb +11 -0
  7. data/lib/chef/cookbook/chefignore.rb +10 -2
  8. data/lib/chef/cookbook/metadata.rb +31 -3
  9. data/lib/chef/cookbook/synchronizer.rb +2 -2
  10. data/lib/chef/cookbook/syntax_check.rb +4 -4
  11. data/lib/chef/encrypted_data_bag_item.rb +37 -1
  12. data/lib/chef/exceptions.rb +1 -0
  13. data/lib/chef/guard_interpreter/default_guard_interpreter.rb +42 -0
  14. data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +122 -0
  15. data/lib/chef/http.rb +0 -1
  16. data/lib/chef/http/decompressor.rb +7 -4
  17. data/lib/chef/http/simple.rb +5 -0
  18. data/lib/chef/http/validate_content_length.rb +28 -12
  19. data/lib/chef/knife.rb +1 -0
  20. data/lib/chef/knife/client_bulk_delete.rb +48 -9
  21. data/lib/chef/knife/client_delete.rb +4 -4
  22. data/lib/chef/knife/cookbook_bulk_delete.rb +1 -1
  23. data/lib/chef/knife/cookbook_upload.rb +17 -7
  24. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  25. data/lib/chef/knife/core/ui.rb +42 -5
  26. data/lib/chef/knife/node_run_list_add.rb +31 -2
  27. data/lib/chef/knife/ssh.rb +44 -31
  28. data/lib/chef/knife/ssl_check.rb +213 -0
  29. data/lib/chef/knife/ssl_fetch.rb +145 -0
  30. data/lib/chef/mixin/deep_merge.rb +13 -5
  31. data/lib/chef/mixin/shell_out.rb +9 -3
  32. data/lib/chef/node.rb +23 -4
  33. data/lib/chef/node/immutable_collections.rb +32 -0
  34. data/lib/chef/platform/provider_mapping.rb +21 -18
  35. data/lib/chef/platform/query_helpers.rb +10 -2
  36. data/lib/chef/policy_builder/expand_node_object.rb +3 -6
  37. data/lib/chef/provider/cron.rb +25 -3
  38. data/lib/chef/provider/mount/mount.rb +1 -1
  39. data/lib/chef/provider/package/dpkg.rb +2 -1
  40. data/lib/chef/provider/package/windows.rb +80 -0
  41. data/lib/chef/provider/package/windows/msi.rb +69 -0
  42. data/lib/chef/provider/powershell_script.rb +19 -6
  43. data/lib/chef/provider/service/solaris.rb +11 -7
  44. data/lib/chef/resource.rb +18 -5
  45. data/lib/chef/resource/conditional.rb +20 -7
  46. data/lib/chef/resource/cron.rb +18 -2
  47. data/lib/chef/resource/execute.rb +0 -2
  48. data/lib/chef/resource/powershell_script.rb +23 -1
  49. data/lib/chef/resource/script.rb +25 -0
  50. data/lib/chef/resource/subversion.rb +4 -0
  51. data/lib/chef/resource/windows_package.rb +79 -0
  52. data/lib/chef/resource/windows_script.rb +0 -5
  53. data/lib/chef/resources.rb +1 -0
  54. data/lib/chef/rest.rb +6 -1
  55. data/lib/chef/run_context.rb +22 -2
  56. data/lib/chef/run_context/cookbook_compiler.rb +12 -0
  57. data/lib/chef/util/editor.rb +92 -0
  58. data/lib/chef/util/file_edit.rb +22 -54
  59. data/lib/chef/version.rb +2 -2
  60. data/lib/chef/win32/api/installer.rb +166 -0
  61. data/lib/chef/win32/version.rb +8 -0
  62. data/spec/data/standalone_cookbook/Gemfile +1 -0
  63. data/spec/data/standalone_cookbook/chefignore +9 -0
  64. data/spec/data/standalone_cookbook/recipes/default.rb +3 -0
  65. data/spec/data/standalone_cookbook/vendor/bundle/ruby/2.0.0/gems/multi_json-1.9.0/lib/multi_json.rb +1 -0
  66. data/spec/functional/resource/powershell_spec.rb +262 -1
  67. data/spec/functional/win32/versions_spec.rb +3 -3
  68. data/spec/integration/knife/chefignore_spec.rb +1 -2
  69. data/spec/integration/knife/raw_spec.rb +8 -13
  70. data/spec/integration/knife/redirection_spec.rb +6 -14
  71. data/spec/integration/solo/solo_spec.rb +19 -0
  72. data/spec/support/shared/functional/windows_script.rb +1 -1
  73. data/spec/support/shared/integration/app_server_support.rb +42 -0
  74. data/spec/support/shared/integration/integration_helper.rb +1 -0
  75. data/spec/support/shared/unit/script_resource.rb +38 -0
  76. data/spec/unit/api_client/registration_spec.rb +109 -38
  77. data/spec/unit/application/client_spec.rb +48 -1
  78. data/spec/unit/cookbook/chefignore_spec.rb +10 -0
  79. data/spec/unit/cookbook/metadata_spec.rb +45 -1
  80. data/spec/unit/cookbook/syntax_check_spec.rb +28 -0
  81. data/spec/unit/cookbook_spec.rb +0 -10
  82. data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +56 -0
  83. data/spec/unit/http/simple_spec.rb +32 -0
  84. data/spec/unit/http/validate_content_length_spec.rb +187 -0
  85. data/spec/unit/knife/bootstrap_spec.rb +13 -4
  86. data/spec/unit/knife/client_bulk_delete_spec.rb +123 -38
  87. data/spec/unit/knife/client_delete_spec.rb +4 -4
  88. data/spec/unit/knife/cookbook_upload_spec.rb +181 -88
  89. data/spec/unit/knife/core/bootstrap_context_spec.rb +11 -1
  90. data/spec/unit/knife/core/ui_spec.rb +109 -38
  91. data/spec/unit/knife/node_run_list_add_spec.rb +24 -1
  92. data/spec/unit/knife/ssh_spec.rb +17 -6
  93. data/spec/unit/knife/ssl_check_spec.rb +187 -0
  94. data/spec/unit/knife/ssl_fetch_spec.rb +151 -0
  95. data/spec/unit/mixin/deep_merge_spec.rb +17 -0
  96. data/spec/unit/node/immutable_collections_spec.rb +55 -0
  97. data/spec/unit/node_spec.rb +9 -0
  98. data/spec/unit/platform/query_helpers_spec.rb +32 -0
  99. data/spec/unit/platform_spec.rb +193 -175
  100. data/spec/unit/policy_builder/expand_node_object_spec.rb +1 -1
  101. data/spec/unit/provider/cron_spec.rb +175 -1
  102. data/spec/unit/provider/mount/mount_spec.rb +33 -3
  103. data/spec/unit/provider/package/dpkg_spec.rb +4 -0
  104. data/spec/unit/provider/package/windows/msi_spec.rb +60 -0
  105. data/spec/unit/provider/package/windows_spec.rb +80 -0
  106. data/spec/unit/provider/service/macosx_spec.rb +3 -3
  107. data/spec/unit/provider/service/solaris_smf_service_spec.rb +35 -10
  108. data/spec/unit/pure_application_spec.rb +32 -0
  109. data/spec/unit/recipe_spec.rb +4 -0
  110. data/spec/unit/resource/conditional_spec.rb +13 -12
  111. data/spec/unit/resource/cron_spec.rb +7 -2
  112. data/spec/unit/resource/powershell_spec.rb +85 -2
  113. data/spec/unit/resource/subversion_spec.rb +5 -0
  114. data/spec/unit/resource/windows_package_spec.rb +74 -0
  115. data/spec/unit/resource_spec.rb +23 -1
  116. data/spec/unit/rest_spec.rb +15 -0
  117. data/spec/unit/run_context/cookbook_compiler_spec.rb +12 -0
  118. data/spec/unit/run_context_spec.rb +7 -0
  119. data/spec/unit/util/editor_spec.rb +152 -0
  120. data/spec/unit/util/file_edit_spec.rb +37 -1
  121. metadata +41 -30
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9898c6f7591ed887a6598b3d69e579eb80e91219
4
- data.tar.gz: a149ede107dbfe06de90825b9fc14f17eda23117
3
+ metadata.gz: 60391bafa32bf5cc32d6e20d2d7e4d73851b4831
4
+ data.tar.gz: 35fe3189610b04474bf26cf2e4b6d6f3285c383e
5
5
  SHA512:
6
- metadata.gz: 91da0bbf0cf8981e3300510bb4b8c7e8479f9624c37e4d3d0abb3398fe5dff5692f2cfdb8a7b47362d139e215b52111f29346a5504a187c0a8f39ecb67fd20cd
7
- data.tar.gz: fe75d1790cd62872a44c86c9801919f3e3479c47e5389e03d5f95fbbe3292a4e4461759744b2cc2b54cf07cfbb90eb45f702e92c3dd529caec97abe94f66eb10
6
+ metadata.gz: a1b8ef49c08c01859feaf9dbe315fa7d6be0e9c8c27db37008fd725ee84e96685180db220612289cec70b2757ba61a810f56380016db5529a4b37037fdb349e3
7
+ data.tar.gz: 24f43562e5917d82395fd74f9a5ef307890f3496264ace9369ef5f12ab82cd03809a1a86b7c4e26a5bb2a1b58cf4ab4ae3fdc5c11a5f581cfdb37c2d809678b9
@@ -30,14 +30,13 @@ class Chef
30
30
  # a new client/node identity by borrowing the validator client identity
31
31
  # when creating a new client.
32
32
  class Registration
33
- attr_reader :private_key
34
33
  attr_reader :destination
35
34
  attr_reader :name
36
35
 
37
36
  def initialize(name, destination)
38
37
  @name = name
39
38
  @destination = destination
40
- @private_key = nil
39
+ @server_generated_private_key = nil
41
40
  end
42
41
 
43
42
  # Runs the client registration process, including creating the client on
@@ -90,29 +89,67 @@ class Chef
90
89
  end
91
90
 
92
91
  def create
93
- response = http_api.post("clients", :name => name, :admin => false)
94
- @private_key = response["private_key"]
92
+ response = http_api.post("clients", post_data)
93
+ @server_generated_private_key = response["private_key"]
95
94
  response
96
95
  end
97
96
 
98
97
  def update
99
- response = http_api.put("clients/#{name}", :name => name,
100
- :admin => false,
101
- :private_key => true)
98
+ response = http_api.put("clients/#{name}", put_data)
102
99
  if response.respond_to?(:private_key) # Chef 11
103
- @private_key = response.private_key
100
+ @server_generated_private_key = response.private_key
104
101
  else # Chef 10
105
- @private_key = response["private_key"]
102
+ @server_generated_private_key = response["private_key"]
106
103
  end
107
104
  response
108
105
  end
109
106
 
107
+ def put_data
108
+ base_put_data = { :name => name, :admin => false }
109
+ if self_generate_keys?
110
+ base_put_data[:public_key] = generated_public_key
111
+ else
112
+ base_put_data[:private_key] = true
113
+ end
114
+ base_put_data
115
+ end
116
+
117
+ def post_data
118
+ post_data = { :name => name, :admin => false }
119
+ post_data[:public_key] = generated_public_key if self_generate_keys?
120
+ post_data
121
+ end
122
+
123
+
110
124
  def http_api
111
125
  @http_api_as_validator ||= Chef::REST.new(Chef::Config[:chef_server_url],
112
126
  Chef::Config[:validation_client_name],
113
127
  Chef::Config[:validation_key])
114
128
  end
115
129
 
130
+ # Whether or not to generate keys locally and post the public key to the
131
+ # server. Delegates to `Chef::Config.local_key_generation`. Servers
132
+ # before 11.0 do not support this feature.
133
+ def self_generate_keys?
134
+ Chef::Config.local_key_generation
135
+ end
136
+
137
+ def private_key
138
+ if self_generate_keys?
139
+ generated_private_key.to_pem
140
+ else
141
+ @server_generated_private_key
142
+ end
143
+ end
144
+
145
+ def generated_private_key
146
+ @generated_key ||= OpenSSL::PKey::RSA.generate(2048)
147
+ end
148
+
149
+ def generated_public_key
150
+ generated_private_key.public_key.to_pem
151
+ end
152
+
116
153
  def file_flags
117
154
  base_flags = File::CREAT|File::TRUNC|File::RDWR
118
155
  # Windows doesn't have symlinks, so it doesn't have NOFOLLOW
@@ -19,6 +19,7 @@
19
19
  require 'pp'
20
20
  require 'socket'
21
21
  require 'chef/config'
22
+ require 'chef/config_fetcher'
22
23
  require 'chef/exceptions'
23
24
  require 'chef/log'
24
25
  require 'chef/platform'
@@ -25,7 +25,6 @@ require 'chef/log'
25
25
  require 'chef/config_fetcher'
26
26
  require 'chef/handler/error_report'
27
27
 
28
-
29
28
  class Chef::Application::Client < Chef::Application
30
29
 
31
30
  # Mimic self_pipe sleep from Unicorn to capture signals safely
@@ -228,12 +227,10 @@ class Chef::Application::Client < Chef::Application
228
227
  :boolean => true
229
228
  end
230
229
 
231
- attr_reader :chef_client_json
230
+ IMMEDIATE_RUN_SIGNAL = "1".freeze
231
+ GRACEFUL_EXIT_SIGNAL = "2".freeze
232
232
 
233
- def initialize
234
- super
235
- @exit_gracefully = false
236
- end
233
+ attr_reader :chef_client_json
237
234
 
238
235
  # Reconfigure the chef client
239
236
  # Re-open the JSON attributes and load them into the node
@@ -295,13 +292,12 @@ class Chef::Application::Client < Chef::Application
295
292
 
296
293
  trap("USR1") do
297
294
  Chef::Log.info("SIGUSR1 received, waking up")
298
- SELF_PIPE[1].putc('.') # wakeup master process from select
295
+ SELF_PIPE[1].putc(IMMEDIATE_RUN_SIGNAL) # wakeup master process from select
299
296
  end
300
297
 
301
298
  trap("TERM") do
302
299
  Chef::Log.info("SIGTERM received, exiting gracefully")
303
- @exit_gracefully = true
304
- SELF_PIPE[1].putc('.')
300
+ SELF_PIPE[1].putc(GRACEFUL_EXIT_SIGNAL)
305
301
  end
306
302
  end
307
303
 
@@ -313,23 +309,24 @@ class Chef::Application::Client < Chef::Application
313
309
  Chef::Daemon.daemonize("chef-client")
314
310
  end
315
311
 
312
+ signal = nil
313
+
316
314
  loop do
317
315
  begin
318
- Chef::Application.exit!("Exiting", 0) if @exit_gracefully
319
- if Chef::Config[:splay]
316
+ Chef::Application.exit!("Exiting", 0) if signal == GRACEFUL_EXIT_SIGNAL
317
+
318
+ if Chef::Config[:splay] and signal != IMMEDIATE_RUN_SIGNAL
320
319
  splay = rand Chef::Config[:splay]
321
320
  Chef::Log.debug("Splay sleep #{splay} seconds")
322
321
  sleep splay
323
322
  end
323
+
324
+ signal = nil
324
325
  run_chef_client(Chef::Config[:specific_recipes])
326
+
325
327
  if Chef::Config[:interval]
326
328
  Chef::Log.debug("Sleeping for #{Chef::Config[:interval]} seconds")
327
- unless SELF_PIPE.empty?
328
- client_sleep Chef::Config[:interval]
329
- else
330
- # Windows
331
- sleep Chef::Config[:interval]
332
- end
329
+ signal = interval_sleep
333
330
  else
334
331
  Chef::Application.exit! "Exiting", 0
335
332
  end
@@ -339,12 +336,7 @@ class Chef::Application::Client < Chef::Application
339
336
  if Chef::Config[:interval]
340
337
  Chef::Log.error("#{e.class}: #{e}")
341
338
  Chef::Log.error("Sleeping for #{Chef::Config[:interval]} seconds before trying again")
342
- unless SELF_PIPE.empty?
343
- client_sleep Chef::Config[:interval]
344
- else
345
- # Windows
346
- sleep Chef::Config[:interval]
347
- end
339
+ signal = interval_sleep
348
340
  retry
349
341
  else
350
342
  Chef::Application.fatal!("#{e.class}: #{e.message}", 1)
@@ -355,8 +347,17 @@ class Chef::Application::Client < Chef::Application
355
347
 
356
348
  private
357
349
 
350
+ def interval_sleep
351
+ unless SELF_PIPE.empty?
352
+ client_sleep Chef::Config[:interval]
353
+ else
354
+ # Windows
355
+ sleep Chef::Config[:interval]
356
+ end
357
+ end
358
+
358
359
  def client_sleep(sec)
359
360
  IO.select([ SELF_PIPE[0] ], nil, nil, sec) or return
360
- SELF_PIPE[0].getc
361
+ SELF_PIPE[0].getc.chr
361
362
  end
362
363
  end
@@ -401,6 +401,9 @@ class Chef
401
401
  # don't add code that may fail before entering this section to be sure to release lock
402
402
  begin
403
403
  runlock.save_pid
404
+
405
+ check_ssl_config
406
+
404
407
  request_id = Chef::RequestID.instance.request_id
405
408
  run_context = nil
406
409
  @events.run_start(Chef::VERSION)
@@ -489,6 +492,37 @@ class Chef
489
492
  Chef::ReservedNames::Win32::Security.has_admin_privileges?
490
493
  end
491
494
 
495
+ def check_ssl_config
496
+ if Chef::Config[:ssl_verify_mode] == :verify_none and !Chef::Config[:verify_api_cert]
497
+ Chef::Log.warn(<<-WARN)
498
+
499
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
500
+ SSL validation of HTTPS requests is disabled. HTTPS connections are still
501
+ encrypted, but chef is not able to detect forged replies or man in the middle
502
+ attacks.
503
+
504
+ To fix this issue add an entry like this to your configuration file:
505
+
506
+ ```
507
+ # Verify all HTTPS connections (recommended)
508
+ ssl_verify_mode :verify_peer
509
+
510
+ # OR, Verify only connections to chef-server
511
+ verify_api_cert true
512
+ ```
513
+
514
+ To check your SSL configuration, or troubleshoot errors, you can use the
515
+ `knife ssl check` command like so:
516
+
517
+ ```
518
+ knife ssl check -c #{Chef::Config.config_file}
519
+ ```
520
+
521
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
522
+ WARN
523
+ end
524
+ end
525
+
492
526
  end
493
527
  end
494
528
 
@@ -432,6 +432,17 @@ class Chef
432
432
  default(:validation_key) { chef_zero.enabled ? nil : platform_specific_path("/etc/chef/validation.pem") }
433
433
  default :validation_client_name, "chef-validator"
434
434
 
435
+ # When creating a new client via the validation_client account, Chef 11
436
+ # servers allow the client to generate a key pair locally and sent the
437
+ # public key to the server. This is more secure and helps offload work from
438
+ # the server, enhancing scalability. If enabled and the remote server
439
+ # implements only the Chef 10 API, client registration will not work
440
+ # properly.
441
+ #
442
+ # The default value is `false` (Server generates client keys). Set to
443
+ # `true` to enable client-side key generation.
444
+ default(:local_key_generation) { false }
445
+
435
446
  # Zypper package provider gpg checks. Set to true to enable package
436
447
  # gpg signature checking. This will be default in the
437
448
  # future. Setting to false disables the warnings.
@@ -25,7 +25,11 @@ class Chef
25
25
  attr_reader :ignores
26
26
 
27
27
  def initialize(ignore_file_or_repo)
28
+ # Check the 'ignore_file_or_repo' path first and then look in the parent directory
29
+ # to handle both the chef repo cookbook layout and a standalone cookbook
28
30
  @ignore_file = find_ignore_file(ignore_file_or_repo)
31
+ @ignore_file = find_ignore_file(File.dirname(ignore_file_or_repo)) unless readable_file_or_symlink?(@ignore_file)
32
+
29
33
  @ignores = parse_ignore_file
30
34
  end
31
35
 
@@ -43,8 +47,7 @@ class Chef
43
47
 
44
48
  def parse_ignore_file
45
49
  ignore_globs = []
46
- if File.exist?(@ignore_file) && File.readable?(@ignore_file) &&
47
- (File.file?(@ignore_file) || File.symlink?(@ignore_file))
50
+ if readable_file_or_symlink?(@ignore_file)
48
51
  File.foreach(@ignore_file) do |line|
49
52
  ignore_globs << line.strip unless line =~ COMMENTS_AND_WHITESPACE
50
53
  end
@@ -61,6 +64,11 @@ class Chef
61
64
  File.join(path, 'chefignore')
62
65
  end
63
66
  end
67
+
68
+ def readable_file_or_symlink?(path)
69
+ File.exist?(@ignore_file) && File.readable?(@ignore_file) &&
70
+ (File.file?(@ignore_file) || File.symlink?(@ignore_file))
71
+ end
64
72
  end
65
73
  end
66
74
  end
@@ -391,14 +391,14 @@ class Chef
391
391
  :description => { :kind_of => String },
392
392
  :choice => { :kind_of => [ Array ], :default => [] },
393
393
  :calculated => { :equal_to => [ true, false ], :default => false },
394
- :type => { :equal_to => [ "string", "array", "hash", "symbol" ], :default => "string" },
394
+ :type => { :equal_to => [ "string", "array", "hash", "symbol", "boolean", "numeric" ], :default => "string" },
395
395
  :required => { :equal_to => [ "required", "recommended", "optional", true, false ], :default => "optional" },
396
396
  :recipes => { :kind_of => [ Array ], :default => [] },
397
- :default => { :kind_of => [ String, Array, Hash ] }
397
+ :default => { :kind_of => [ String, Array, Hash, Symbol, Numeric, TrueClass, FalseClass ] }
398
398
  }
399
399
  )
400
400
  options[:required] = remap_required_attribute(options[:required]) unless options[:required].nil?
401
- validate_string_array(options[:choice])
401
+ validate_choice_array(options)
402
402
  validate_calculated_default_rule(options)
403
403
  validate_choice_default_rule(options)
404
404
 
@@ -546,6 +546,34 @@ INVALID
546
546
  end
547
547
  end
548
548
 
549
+ # Validate the choice of the options hash
550
+ #
551
+ # Raise an exception if the members of the array do not match the defaults
552
+ # === Parameters
553
+ # opts<Hash>:: The options hash
554
+ def validate_choice_array(opts)
555
+ if opts[:choice].kind_of?(Array)
556
+ case opts[:type]
557
+ when "string"
558
+ validator = [ String ]
559
+ when "array"
560
+ validator = [ Array ]
561
+ when "hash"
562
+ validator = [ Hash ]
563
+ when "symbol"
564
+ validator = [ Symbol ]
565
+ when "boolean"
566
+ validator = [ TrueClass, FalseClass ]
567
+ when "numeric"
568
+ validator = [ Numeric ]
569
+ end
570
+
571
+ opts[:choice].each do |choice|
572
+ validate( {:choice => choice}, {:choice => {:kind_of => validator}} )
573
+ end
574
+ end
575
+ end
576
+
549
577
  # For backwards compatibility, remap Boolean values to String
550
578
  # true is mapped to "required"
551
579
  # false is mapped to "optional"
@@ -92,7 +92,7 @@ class Chef
92
92
  # === Returns
93
93
  # true:: Always returns true
94
94
  def sync_cookbooks
95
- Chef::Log.info("Loading cookbooks [#{cookbook_names.sort.join(', ')}]")
95
+ Chef::Log.info("Loading cookbooks [#{cookbooks.map {|ckbk| ckbk.name + '@' + ckbk.version}.join(', ')}]")
96
96
  Chef::Log.debug("Cookbooks detail: #{cookbooks.inspect}")
97
97
 
98
98
  clear_obsoleted_cookbooks
@@ -136,7 +136,7 @@ class Chef
136
136
  # valid_cache_entries<Hash>:: Out-param; Added to this hash are the files that
137
137
  # were referred to by this cookbook
138
138
  def sync_cookbook(cookbook)
139
- Chef::Log.debug("Synchronizing cookbook #{cookbook.name}")
139
+ Chef::Log.debug("Synchronizing cookbook #{cookbook.name} #{cookbook.version}")
140
140
 
141
141
  # files and templates are lazily loaded, and will be done later.
142
142
 
@@ -77,6 +77,8 @@ class Chef
77
77
  # validated.
78
78
  attr_reader :validated_files
79
79
 
80
+ attr_reader :chefignore
81
+
80
82
  # Creates a new SyntaxCheck given the +cookbook_name+ and a +cookbook_path+.
81
83
  # If no +cookbook_path+ is given, +Chef::Config.cookbook_path+ is used.
82
84
  def self.for_cookbook(cookbook_name, cookbook_path=nil)
@@ -92,11 +94,9 @@ class Chef
92
94
  # cookbook_path::: the (on disk) path to the cookbook
93
95
  def initialize(cookbook_path)
94
96
  @cookbook_path = cookbook_path
95
- @validated_files = PersistentSet.new
96
- end
97
+ @chefignore ||= Chefignore.new(cookbook_path)
97
98
 
98
- def chefignore
99
- @chefignore ||= Chefignore.new(File.dirname(cookbook_path))
99
+ @validated_files = PersistentSet.new
100
100
  end
101
101
 
102
102
  def remove_ignored_files(file_list)
@@ -26,7 +26,7 @@ require 'open-uri'
26
26
  # all values, except for the value associated with the id key, have
27
27
  # been encrypted.
28
28
  #
29
- # EncrypedDataBagItem can be used in recipes to decrypt data bag item
29
+ # EncryptedDataBagItem can be used in recipes to decrypt data bag item
30
30
  # members.
31
31
  #
32
32
  # Data bag item values are assumed to have been encrypted using the
@@ -49,6 +49,22 @@ require 'open-uri'
49
49
  class Chef::EncryptedDataBagItem
50
50
  ALGORITHM = 'aes-256-cbc'
51
51
 
52
+ #
53
+ # === Synopsis
54
+ #
55
+ # EncryptedDataBagItem.new(hash, secret)
56
+ #
57
+ # === Args
58
+ #
59
+ # +enc_hash+::
60
+ # The encrypted hash to be decrypted
61
+ # +secret+::
62
+ # The raw secret key
63
+ #
64
+ # === Description
65
+ #
66
+ # Create a new encrypted data bag item for reading (decryption)
67
+ #
52
68
  def initialize(enc_hash, secret)
53
69
  @enc_hash = enc_hash
54
70
  @secret = secret
@@ -82,6 +98,26 @@ class Chef::EncryptedDataBagItem
82
98
  end
83
99
  end
84
100
 
101
+ #
102
+ # === Synopsis
103
+ #
104
+ # EncryptedDataBagItem.load(data_bag, name, secret = nil)
105
+ #
106
+ # === Args
107
+ #
108
+ # +data_bag+::
109
+ # The name of the data bag to fetch
110
+ # +name+::
111
+ # The name of the data bag item to fetch
112
+ # +secret+::
113
+ # The raw secret key. If the +secret+ is nil, the value of the file at
114
+ # +Chef::Config[:encrypted_data_bag_secret]+ is loaded. See +load_secret+
115
+ # for more information.
116
+ #
117
+ # === Description
118
+ #
119
+ # Loads and decrypts the data bag item with the given name.
120
+ #
85
121
  def self.load(data_bag, name, secret = nil)
86
122
  raw_hash = Chef::DataBagItem.load(data_bag, name)
87
123
  secret = secret || self.load_secret