chef 16.10.17-universal-mingw32 → 16.11.7-universal-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +1 -1
- data/lib/chef/compliance/default_attributes.rb +6 -2
- data/lib/chef/compliance/runner.rb +6 -1
- data/lib/chef/provider/package/dnf/dnf_helper.py +4 -0
- data/lib/chef/provider/package/yum/yum_helper.py +4 -0
- data/lib/chef/resource/chef_client_cron.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +2 -1
- data/spec/unit/compliance/runner_spec.rb +54 -5
- data/spec/unit/resource/chef_client_cron_spec.rb +8 -8
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1ff4cbdb2ed3ab0adba5e92095f8ba416211c2a8fccab691ad89655487dc6f71
|
4
|
+
data.tar.gz: a605de0ed32367778265e601fc8737819910b264a90675040f20e10733c4e1d6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 281d36ebbd20f5d6cc2c7bfbf0e4c93217c7fd4830222a1e494f2b8eba3c8e70897fca8c55bec8912f490b6ee93363a8f0b8769a0f83ead58857be8a1e4ff9ed
|
7
|
+
data.tar.gz: ba9da1ff38d23204d7de940462987f9ed5899bcfbae0e4c5c56fe5ff95124d39420cf555d556d6440c19140941e896a49d424f98115c3225ad89c90f27277108
|
data/Gemfile
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
source "https://rubygems.org"
|
2
2
|
|
3
|
-
#
|
4
|
-
gem "ffi", "
|
3
|
+
# 1.15+ is required for M1 mac builds
|
4
|
+
gem "ffi", ">=1.15"
|
5
5
|
|
6
6
|
# Note we do not use the gemspec DSL which restricts to the
|
7
7
|
# gemspec for the current platform and filters out other platforms
|
@@ -14,7 +14,7 @@ gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0"
|
|
14
14
|
gemspec.add_dependency "wmi-lite", "~> 1.0"
|
15
15
|
gemspec.add_dependency "win32-taskscheduler", "~> 2.0"
|
16
16
|
gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out
|
17
|
-
gemspec.add_dependency "win32-certstore", "~> 0.5" # 0.5+ required for specifying user vs. system store
|
17
|
+
gemspec.add_dependency "win32-certstore", "~> 0.5.0" # 0.5+ required for specifying user vs. system store
|
18
18
|
gemspec.extensions << "ext/win32-eventlog/Rakefile"
|
19
19
|
gemspec.files += Dir.glob("{distro,ext}/**/*")
|
20
20
|
|
data/chef.gemspec
CHANGED
@@ -44,7 +44,7 @@ Gem::Specification.new do |s|
|
|
44
44
|
s.add_dependency "net-ssh-multi", "~> 1.2", ">= 1.2.1"
|
45
45
|
s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0"
|
46
46
|
s.add_dependency "ed25519", "~> 1.2" # ed25519 ssh key support
|
47
|
-
s.add_dependency "bcrypt_pbkdf", "
|
47
|
+
s.add_dependency "bcrypt_pbkdf", "~> 1.1" # ed25519 ssh key support
|
48
48
|
s.add_dependency "highline", ">= 1.6.9", "< 3"
|
49
49
|
s.add_dependency "tty-prompt", "~> 0.21" # knife ui.ask prompt
|
50
50
|
s.add_dependency "tty-screen", "~> 0.6" # knife list
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# Author:: Stephan Renatus <srenatus@chef.io>
|
2
|
-
# Copyright:: (c)
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc. <legal@chef.io>
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -87,7 +87,11 @@ class Chef
|
|
87
87
|
|
88
88
|
# If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
|
89
89
|
# named `chef_node`.
|
90
|
-
"chef_node_attribute_enabled" => false
|
90
|
+
"chef_node_attribute_enabled" => false,
|
91
|
+
|
92
|
+
# Should the built-in compliance phase run. True and false force the behavior. Nil does magic based on if you have
|
93
|
+
# profiles defined but do not have the audit cookbook enabled.
|
94
|
+
"compliance_phase" => false
|
91
95
|
)
|
92
96
|
end
|
93
97
|
end
|
@@ -22,8 +22,13 @@ class Chef
|
|
22
22
|
|
23
23
|
logger.debug("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
|
24
24
|
logger.debug("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
|
25
|
+
logger.debug("#{self.class}##{__method__}: compliance phase attr? #{node["audit"]["compliance_phase"]}")
|
25
26
|
|
26
|
-
|
27
|
+
if node["audit"]["compliance_phase"].nil?
|
28
|
+
inspec_profiles.any? && !audit_cookbook_present
|
29
|
+
else
|
30
|
+
node["audit"]["compliance_phase"]
|
31
|
+
end
|
27
32
|
end
|
28
33
|
|
29
34
|
def node=(node)
|
@@ -213,7 +213,7 @@ class Chef
|
|
213
213
|
#
|
214
214
|
def log_command
|
215
215
|
if new_resource.append_log_file
|
216
|
-
"
|
216
|
+
">> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
217
217
|
else
|
218
218
|
"> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
219
219
|
end
|
data/lib/chef/version.rb
CHANGED
@@ -4,7 +4,7 @@ require "support/shared/integration/integration_helper"
|
|
4
4
|
require "chef/mixin/shell_out"
|
5
5
|
require "chef-utils/dist"
|
6
6
|
|
7
|
-
describe "chef-client with
|
7
|
+
describe "chef-client with compliance phase" do
|
8
8
|
|
9
9
|
include IntegrationSupport
|
10
10
|
include Chef::Mixin::ShellOut
|
@@ -46,6 +46,7 @@ describe "chef-client with audit mode" do
|
|
46
46
|
file "attributes.json", <<~FILE
|
47
47
|
{
|
48
48
|
"audit": {
|
49
|
+
"compliance_phase": true,
|
49
50
|
"json_file": {
|
50
51
|
"location": "#{report_file}"
|
51
52
|
},
|
@@ -13,36 +13,85 @@ describe Chef::Compliance::Runner do
|
|
13
13
|
|
14
14
|
describe "#enabled?" do
|
15
15
|
|
16
|
-
it "is true if the node attributes have audit profiles and the audit cookbook is not present" do
|
16
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is nil" do
|
17
17
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
18
|
+
node.normal["audit"]["compliance_phase"] = nil
|
18
19
|
|
19
20
|
expect(runner).to be_enabled
|
20
21
|
end
|
21
22
|
|
22
|
-
it "is
|
23
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is true" do
|
24
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
25
|
+
node.normal["audit"]["compliance_phase"] = true
|
26
|
+
|
27
|
+
expect(runner).to be_enabled
|
28
|
+
end
|
29
|
+
|
30
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is false" do
|
31
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
32
|
+
node.normal["audit"]["compliance_phase"] = false
|
33
|
+
|
34
|
+
expect(runner).not_to be_enabled
|
35
|
+
end
|
36
|
+
|
37
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
23
38
|
stub_const("::Reporter::ChefAutomate", true)
|
24
39
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
40
|
+
node.normal["audit"]["compliance_phase"] = nil
|
25
41
|
|
26
42
|
expect(runner).not_to be_enabled
|
27
43
|
end
|
28
44
|
|
29
|
-
it "is
|
45
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
46
|
+
stub_const("::Reporter::ChefAutomate", true)
|
47
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
48
|
+
node.normal["audit"]["compliance_phase"] = true
|
49
|
+
|
50
|
+
expect(runner).to be_enabled
|
51
|
+
end
|
52
|
+
|
53
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is nil" do
|
30
54
|
node.normal["audit"]["profiles"] = {}
|
55
|
+
node.normal["audit"]["compliance_phase"] = nil
|
31
56
|
|
32
57
|
expect(runner).not_to be_enabled
|
33
58
|
end
|
34
59
|
|
35
|
-
it "is false if the node attributes do not have audit profiles and the audit cookbook is present" do
|
60
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
36
61
|
stub_const("::Reporter::ChefAutomate", true)
|
37
62
|
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
63
|
+
node.normal["audit"]["compliance_phase"] = nil
|
38
64
|
|
39
65
|
expect(runner).not_to be_enabled
|
40
66
|
end
|
41
67
|
|
42
|
-
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present" do
|
68
|
+
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is nil" do
|
43
69
|
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
70
|
+
node.normal["audit"]["compliance_phase"] = nil
|
71
|
+
|
44
72
|
expect(runner).not_to be_enabled
|
45
73
|
end
|
74
|
+
|
75
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is true" do
|
76
|
+
node.normal["audit"]["profiles"] = {}
|
77
|
+
node.normal["audit"]["compliance_phase"] = true
|
78
|
+
|
79
|
+
expect(runner).to be_enabled
|
80
|
+
end
|
81
|
+
|
82
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
83
|
+
stub_const("::Reporter::ChefAutomate", true)
|
84
|
+
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
85
|
+
node.normal["audit"]["compliance_phase"] = true
|
86
|
+
|
87
|
+
expect(runner).to be_enabled
|
88
|
+
end
|
89
|
+
|
90
|
+
it "is true if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is true" do
|
91
|
+
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
92
|
+
node.normal["audit"]["compliance_phase"] = true
|
93
|
+
expect(runner).to be_enabled
|
94
|
+
end
|
46
95
|
end
|
47
96
|
|
48
97
|
describe "#inspec_profiles" do
|
@@ -93,41 +93,41 @@ describe Chef::Resource::ChefClientCron do
|
|
93
93
|
|
94
94
|
it "creates a valid command if using all default properties" do
|
95
95
|
expect(provider.client_command).to eql(
|
96
|
-
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path}
|
96
|
+
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
|
97
97
|
)
|
98
98
|
end
|
99
99
|
|
100
100
|
it "uses daemon_options if set" do
|
101
101
|
resource.daemon_options ["--foo 1", "--bar 2"]
|
102
102
|
expect(provider.client_command).to eql(
|
103
|
-
"/bin/sleep 123; /opt/chef/bin/chef-client --foo 1 --bar 2 -c #{root_path}
|
103
|
+
"/bin/sleep 123; /opt/chef/bin/chef-client --foo 1 --bar 2 -c #{root_path} >> /var/log/chef/client.log 2>&1"
|
104
104
|
)
|
105
105
|
end
|
106
106
|
|
107
107
|
it "uses custom config dir if set" do
|
108
108
|
resource.config_directory "/etc/some_other_dir"
|
109
|
-
expect(provider.client_command).to eql("/bin/sleep 123; /opt/chef/bin/chef-client -c /etc/some_other_dir/client.rb
|
109
|
+
expect(provider.client_command).to eql("/bin/sleep 123; /opt/chef/bin/chef-client -c /etc/some_other_dir/client.rb >> /var/log/chef/client.log 2>&1")
|
110
110
|
end
|
111
111
|
|
112
112
|
it "uses custom log files / paths if set" do
|
113
113
|
resource.log_file_name "my-client.log"
|
114
114
|
resource.log_directory "/var/log/my-chef/"
|
115
115
|
expect(provider.client_command).to eql(
|
116
|
-
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path}
|
116
|
+
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/my-chef/my-client.log 2>&1"
|
117
117
|
)
|
118
118
|
end
|
119
119
|
|
120
120
|
it "uses mailto if set" do
|
121
121
|
resource.mailto "bob@example.com"
|
122
122
|
expect(provider.client_command).to eql(
|
123
|
-
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path}
|
123
|
+
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1 || echo \"Chef Infra Client execution failed\""
|
124
124
|
)
|
125
125
|
end
|
126
126
|
|
127
127
|
it "uses custom chef-client binary if set" do
|
128
128
|
resource.chef_binary_path "/usr/local/bin/chef-client"
|
129
129
|
expect(provider.client_command).to eql(
|
130
|
-
"/bin/sleep 123; /usr/local/bin/chef-client -c #{root_path}
|
130
|
+
"/bin/sleep 123; /usr/local/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
|
131
131
|
)
|
132
132
|
end
|
133
133
|
|
@@ -141,7 +141,7 @@ describe Chef::Resource::ChefClientCron do
|
|
141
141
|
it "sets the license acceptance flag if set" do
|
142
142
|
resource.accept_chef_license true
|
143
143
|
expect(provider.client_command).to eql(
|
144
|
-
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} --chef-license accept
|
144
|
+
"/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} --chef-license accept >> /var/log/chef/client.log 2>&1"
|
145
145
|
)
|
146
146
|
end
|
147
147
|
|
@@ -149,7 +149,7 @@ describe Chef::Resource::ChefClientCron do
|
|
149
149
|
allow(provider).to receive(:which).with("nice").and_return("/usr/bin/nice")
|
150
150
|
resource.nice(-15)
|
151
151
|
expect(provider.client_command).to eql(
|
152
|
-
"/bin/sleep 123; /usr/bin/nice -n -15 /opt/chef/bin/chef-client -c #{root_path}
|
152
|
+
"/bin/sleep 123; /usr/bin/nice -n -15 /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
|
153
153
|
)
|
154
154
|
end
|
155
155
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chef
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 16.
|
4
|
+
version: 16.11.7
|
5
5
|
platform: universal-mingw32
|
6
6
|
authors:
|
7
7
|
- Adam Jacob
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-03-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: chef-config
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 16.
|
19
|
+
version: 16.11.7
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 16.
|
26
|
+
version: 16.11.7
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: chef-utils
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 16.
|
33
|
+
version: 16.11.7
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 16.
|
40
|
+
version: 16.11.7
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: train-core
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -326,16 +326,16 @@ dependencies:
|
|
326
326
|
name: bcrypt_pbkdf
|
327
327
|
requirement: !ruby/object:Gem::Requirement
|
328
328
|
requirements:
|
329
|
-
- -
|
329
|
+
- - "~>"
|
330
330
|
- !ruby/object:Gem::Version
|
331
|
-
version: 1.1
|
331
|
+
version: '1.1'
|
332
332
|
type: :runtime
|
333
333
|
prerelease: false
|
334
334
|
version_requirements: !ruby/object:Gem::Requirement
|
335
335
|
requirements:
|
336
|
-
- -
|
336
|
+
- - "~>"
|
337
337
|
- !ruby/object:Gem::Version
|
338
|
-
version: 1.1
|
338
|
+
version: '1.1'
|
339
339
|
- !ruby/object:Gem::Dependency
|
340
340
|
name: highline
|
341
341
|
requirement: !ruby/object:Gem::Requirement
|
@@ -756,14 +756,14 @@ dependencies:
|
|
756
756
|
requirements:
|
757
757
|
- - "~>"
|
758
758
|
- !ruby/object:Gem::Version
|
759
|
-
version:
|
759
|
+
version: 0.5.0
|
760
760
|
type: :runtime
|
761
761
|
prerelease: false
|
762
762
|
version_requirements: !ruby/object:Gem::Requirement
|
763
763
|
requirements:
|
764
764
|
- - "~>"
|
765
765
|
- !ruby/object:Gem::Version
|
766
|
-
version:
|
766
|
+
version: 0.5.0
|
767
767
|
description: A systems integration framework, built to bring the benefits of configuration
|
768
768
|
management to your entire infrastructure.
|
769
769
|
email: adam@chef.io
|