mixlib-install 3.4.0 → 3.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 330f993cfb69a22e018ecffd2993b74619945cb9
-  data.tar.gz: d80c5194651fb543c57cdec4a8c3366b290842ee
+  metadata.gz: 8cbca7cb9a853574779432ba1d0e08f2444bf925
+  data.tar.gz: 01151257065ddfdd27a4665198c35781727bcc01
 SHA512:
-  metadata.gz: fa96263fded01b16629164a336182234331bfa905a80bf16bd91aa40f0efd1c6b3ba1c6e68a576fb5657a48821107e308dc1da66a1efef8b3d77226e83bc8fde
-  data.tar.gz: 86c5bf3ff6611fbd1282c50e2998b5c43efecbb6752c7eb29f2703d1f7dc366c06e6c34e03e013c9d53d3882424eacd4a45f14dfacd6c3d0ac041eab98ffa772
+  metadata.gz: a0f8a54590f1f33f8e45ffc4d73925e435cf1c229ce6778960251811e3c3ca60465693e7bb08c70a1f76006ca8e09262a78a642530a985202ba43b83cb0d682d
+  data.tar.gz: 0e2b10d4207acf6ee5fcc551f1011d4cc927a9dc1ff511c1437f8bbf4b9209866353b6c994ba87131e88befe2ae8f6e227fb7d249784cc889daafdf645abf7e1

data/.travis.yml

@@ -37,6 +37,8 @@ matrix:
     env: SUITE=ubuntu
   - rvm: 2.3
     env: SUITE=windows-server
+  - rvm: 2.3
+    env: SUITE=centos
 
 before_script:
   - ci/before-script.sh

data/CHANGELOG.md

@@ -1,11 +1,17 @@
 # Mixlib::Install Changes
 
-<!-- latest_release 3.4.0 -->
+<!-- latest_release unreleased -->
+## Unreleased
+
+#### Merged Pull Requests
+- v3.5.0 [#239](https://github.com/chef/mixlib-install/pull/239) ([wrightp](https://github.com/wrightp))
+- download url override and checksum updates [#237](https://github.com/chef/mixlib-install/pull/237) ([wrightp](https://github.com/wrightp))
+<!-- latest_release -->
+
 ## [v3.4.0](https://github.com/chef/mixlib-install/tree/v3.4.0) (2017-08-22)
 
 #### Merged Pull Requests
 - Add install_strategy option to bootstrap install scripts [#232](https://github.com/chef/mixlib-install/pull/232) ([wrightp](https://github.com/wrightp))
-<!-- latest_release -->
 
 ## [v3.3.4](https://github.com/chef/mixlib-install/tree/v3.3.4) (2017-08-10)
 
@@ -190,4 +196,4 @@
 
 ## [1.0.0]
 - Ability to query product artifacts from multiple channels
-- Ability to generate installation scripts for `sh` and `ps1`
+- Ability to generate installation scripts for `sh` and `ps1`

data/README.md

@@ -175,7 +175,7 @@ options = {
 Collecting software dependencies and license content for ArtifactInfo instances
 requires additional requests to the repository server. By default, collection is disabled.
 To return data for instance methods `software_dependencies` and `license_content`, the `include_metadata` option must be enabled.
-```
+```ruby
 options = {
   channel: :current,
   product_name: 'chef',
@@ -197,6 +197,32 @@ artifact.software_dependencies.class
 
 ```
 
+
+### Install Scripts
+mixlib-install generates the bootstrap installation scripts known as install.sh and install.ps1. The associated install script will be returned when calling `#install_command` on the Mixlib::Install instance.
+
+Mixlib::Install instantiation option `install_command_options` can accept variables (bourne) or parameters (powershell) to modify the behavior of the install scripts.
+
+Some of the more common options include:
+
+`download_url_override`: Use the provided URL instead of fetching the metadata URL from Chef Software Inc's software distribution systems.  
+`checksum`: SHA256 value associated to the directed file for the download_url_override option. This setting is optional. Not setting this will download the file even if a cached file is detected.  
+`install_strategy`: Set to "once" to have the script exit if the product being installed is detected.  
+
+```ruby
+options = {
+  product_name: 'chef',
+  install_command_options: {
+    download_url_override: "https://file/path",
+    checksum: "OPTIONAL",
+    install_strategy: "once",
+  }
+}
+
+Mixlib::Install.new(options).install_command
+```
+
+
 ## Development
 VCR is a tool that helps cache and replay http responses. When these responses change or when you add more tests you might need to update cached responses. Check out [spec_helper.rb](https://github.com/chef/mixlib-install/blob/master/spec/spec_helper.rb) for instructions on how to do this.
 

data/VERSION

@@ -1 +1 @@
-3.4.0
+3.5.0

data/acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/.gitignore

@@ -0,0 +1,8 @@
+nodes/
+tmp/
+
+# Terraform
+*.tfstate
+*.tfstate.backup
+*_override.tf
+

data/acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/recipes/provision.rb

@@ -0,0 +1,24 @@
+# Generate install script then write to disk for terraform to copy to the instance for execution
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.2.20/ubuntu/14.04/chef_13.2.20-1_amd64.deb', cmdline_dl_dir: '/tmp/checksum'}).install_command\" > ../.acceptance_data/ubuntu_install_url.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.2.20/ubuntu/14.04/chef_13.2.20-1_amd64.deb', checksum: '88cd274a694bfe23d255937794744d50af972097958fa681a544479e2bfb7f6b', cmdline_dl_dir: '/tmp/checksum'}).install_command\" > ../.acceptance_data/ubuntu_install_checksum.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {cmdline_dl_dir: '/tmp/metadata'}).install_command\" > ../.acceptance_data/ubuntu_install_metadata.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.2.20/ubuntu/14.04/chef_13.2.20-1_amd64.deb', checksum: 'FOOOOOOOOOOOOOO', cmdline_dl_dir: '/tmp/bad'}).install_command\" > ../.acceptance_data/ubuntu_install_bad.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "terraform plan" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end
+
+execute "terraform apply" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end

data/acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/recipes/verify.rb

@@ -0,0 +1,11 @@
+ruby_block "get ip" do
+  block do
+    tf_state = JSON.parse(File.read("#{node['chef-acceptance']['suite-dir']}/terraform/terraform.tfstate"))
+    node.default["ip"] = tf_state["modules"].first["resources"]["aws_instance.mixlib_install_sh"]["primary"]["attributes"]["public_ip"]
+  end
+end
+
+execute "run inspec" do
+  command lazy { "inspec exec verify.rb -t ssh://ubuntu@#{node['ip']} -i ~/.ssh/es-infrastructure.pem" }
+  cwd "#{node['chef-acceptance']['suite-dir']}/inspec"
+end

data/acceptance/.suites/ubuntu_install_checksum/inspec/verify.rb

@@ -0,0 +1,78 @@
+# Uncomment when re-running for local development
+describe command("sudo rm -rf /tmp/metadata /tmp/checksum /tmp/bad; sudo dpkg -r chef") do
+  its("exit_status") { should eq 0 }
+end
+
+#
+# DOWNLOAD URL TESTS
+#
+# No checksum provided
+describe command("sudo /tmp/install.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /tmp\/checksum\/chef.* not found/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Running same script again
+describe command("sudo /tmp/install.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum not specified/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Now with a valid checksum
+describe command("sudo /tmp/install_checksum.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum match/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Corrupt the file we just downloaded
+describe command("sudo chown ubuntu /tmp/checksum; sudo chown ubuntu /tmp/checksum/*; for i in /tmp/checksum/*; do echo 'oops'>>$i; done;") do
+  its("exit_status") { should eq 0 }
+end
+
+# Run with checksum and it should download and re-verify the checksum
+describe command("sudo /tmp/install_checksum.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum mismatch/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# clean up
+describe command("sudo dpkg -r chef") do
+  its("stdout") { should match /Removing chef/ }
+end
+
+#
+# METADATA URL TESTS
+#
+# Default behavior when specifying a download location (otherwise caching is unavailable)
+describe command("sudo /tmp/install_metadata.sh") do
+  its("stdout") { should_not match /tmp\/metadata\/chef.* exists/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Running same script again
+describe command("sudo /tmp/install_metadata.sh") do
+  its("stdout") { should match /tmp\/metadata\/chef.* exists/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# clean up
+describe command("sudo dpkg -r chef") do
+  its("stdout") { should match /Removing chef/ }
+end
+
+#
+# DOWNLOAD URL BAD CHECKSUM TESTS
+#
+describe command("sudo /tmp/install_bad.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /tmp\/bad\/chef.* not found/ }
+  its("stdout") { should match /Package checksum mismatch/ }
+  its("exit_status") { should eq 1 }
+end

data/acceptance/.suites/ubuntu_install_checksum/terraform/application.tf

@@ -0,0 +1,95 @@
+data "aws_ami" "ubuntu_14_ami" {
+  most_recent = true
+
+  filter {
+    name   = "owner-id"
+    values = ["099720109477"]
+  }
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/*/ubuntu-*-14.04-*-server-*"]
+  }
+
+  filter {
+    name   = "architecture"
+    values = ["x86_64"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  filter {
+    name   = "block-device-mapping.volume-type"
+    values = ["standard"]
+  }
+
+  filter {
+    name   = "image-type"
+    values = ["machine"]
+  }
+}
+
+resource "aws_instance" "mixlib_install_sh" {
+  count = 1
+
+  ami           = "${data.aws_ami.ubuntu_14_ami.id}"
+  instance_type = "${var.aws_instance_type}"
+  key_name      = "es-infrastructure"
+
+  associate_public_ip_address = true
+
+  subnet_id         = "subnet-11ac0174" # Planet Releng Public Subnet
+  source_dest_check = false
+
+  vpc_security_group_ids = [
+    "sg-96274af3",
+  ]
+
+  connection {
+    user        = "ubuntu"
+    private_key = "${file("${var.connection_private_key}")}"
+    agent       = "${var.connection_agent}"
+    timeout     = "10m"
+  }
+
+  tags {
+    # ChefOps's AWS standard tags:
+    X-Dept        = "EngServ"
+    X-Contact     = "pwright"
+    X-Production  = "false"
+    X-Environment = "acceptance"
+    X-Application = "mixlib-install"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/ubuntu_install_url.sh"
+    destination = "/tmp/install.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/ubuntu_install_checksum.sh"
+    destination = "/tmp/install_checksum.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/ubuntu_install_metadata.sh"
+    destination = "/tmp/install_metadata.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/ubuntu_install_bad.sh"
+    destination = "/tmp/install_bad.sh"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "chmod +x /tmp/install.sh",
+      "chmod +x /tmp/install_checksum.sh",
+      "chmod +x /tmp/install_metadata.sh",
+      "chmod +x /tmp/install_bad.sh",
+    ]
+  }
+}

data/acceptance/.suites/ubuntu_install_checksum/terraform/variables.tf

@@ -0,0 +1,27 @@
+# Region to create infrastructure in
+variable "aws_region" {
+  type    = "string"
+  default = "us-west-2"
+}
+
+variable "aws_instance_type" {
+  type    = "string"
+  default = "t2.micro"
+}
+
+# Used to indicidate whether the environment should be treated as "prod"
+# This is mainly used for the `X-Production` AWS tag.
+variable "production" {
+  default = "false"
+}
+
+# SSH Connection info used for remote provisioning instances
+variable "connection_agent" {
+  description = "Set to false to disable using ssh-agent to authenticate"
+  default     = false
+}
+
+variable "connection_private_key" {
+  description = "File path to AWS keypair private key to provision with"
+  default     = "~/.ssh/es-infrastructure.pem"
+}

data/acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/.gitignore

@@ -0,0 +1,8 @@
+nodes/
+tmp/
+
+# Terraform
+*.tfstate
+*.tfstate.backup
+*_override.tf
+

data/acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/metadata.rb

@@ -0,0 +1,2 @@
+name 'acceptance-cookbook'
+

data/acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/destroy.rb

@@ -0,0 +1,3 @@
+execute "terraform destroy -force" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end

data/acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/provision.rb

@@ -0,0 +1,24 @@
+# Generate install script then write to disk for terraform to copy to the instance for execution
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.3.42/el/7/chef-13.3.42-1.el7.x86_64.rpm', cmdline_dl_dir: '/tmp/checksum'}).install_command\" > ../.acceptance_data/centos_install_url.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.3.42/el/7/chef-13.3.42-1.el7.x86_64.rpm', checksum: 'fe051b504856a74ccce1fd23ff92c296506cb8292a3933c71069ae915e7a4a00', cmdline_dl_dir: '/tmp/checksum'}).install_command\" > ../.acceptance_data/centos_install_checksum.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {cmdline_dl_dir: '/tmp/metadata'}).install_command\" > ../.acceptance_data/centos_install_metadata.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.new(product_name: 'chef', product_version: :latest, channel: :stable, install_command_options: {download_url_override: 'https://packages.chef.io/files/stable/chef/13.3.42/el/7/chef-13.3.42-1.el7.x86_64.rpm', checksum: 'FOOOOOOOOOOOOOO', cmdline_dl_dir: '/tmp/bad'}).install_command\" > ../.acceptance_data/centos_install_bad.sh" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "terraform plan" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end
+
+execute "terraform apply" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end

data/acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/verify.rb

@@ -0,0 +1,11 @@
+ruby_block "get ip" do
+  block do
+    tf_state = JSON.parse(File.read("#{node['chef-acceptance']['suite-dir']}/terraform/terraform.tfstate"))
+    node.default["ip"] = tf_state["modules"].first["resources"]["aws_instance.mixlib_install_sh"]["primary"]["attributes"]["public_ip"]
+  end
+end
+
+execute "run inspec" do
+  command lazy { "inspec exec verify.rb -t ssh://centos@#{node['ip']} -i ~/.ssh/es-infrastructure.pem" }
+  cwd "#{node['chef-acceptance']['suite-dir']}/inspec"
+end

data/acceptance/centos_install_checksum/inspec/verify.rb

@@ -0,0 +1,78 @@
+# Uncomment when re-running for local development
+describe command("sudo rm -rf /tmp/metadata /tmp/checksum /tmp/bad; sudo yum remove chef -y") do
+  its("exit_status") { should eq 0 }
+end
+
+#
+# DOWNLOAD URL TESTS
+#
+# No checksum provided
+describe command("sudo /tmp/install.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /tmp\/checksum\/chef.* not found/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Running same script again
+describe command("sudo /tmp/install.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum not specified/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Now with a valid checksum
+describe command("sudo /tmp/install_checksum.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum match/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Corrupt the file we just downloaded
+describe command("sudo chown centos /tmp/checksum; sudo chown centos /tmp/checksum/*; for i in /tmp/checksum/*; do echo 'oops'>>$i; done;") do
+  its("exit_status") { should eq 0 }
+end
+
+# Run with checksum and it should download and re-verify the checksum
+describe command("sudo /tmp/install_checksum.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /Verifying local file/ }
+  its("stdout") { should match /Checksum mismatch/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# clean up
+describe command("sudo yum remove chef -y") do
+  its("stdout") { should match /Complete!/ }
+end
+
+#
+# METADATA URL TESTS
+#
+# Default behavior when specifying a download location (otherwise caching is unavailable)
+describe command("sudo /tmp/install_metadata.sh") do
+  its("stdout") { should_not match /tmp\/metadata\/chef.* exists/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# Running same script again
+describe command("sudo /tmp/install_metadata.sh") do
+  its("stdout") { should match /tmp\/metadata\/chef.* exists/ }
+  its("stdout") { should match /Thank you/ }
+end
+
+# clean up
+describe command("sudo yum remove chef -y") do
+  its("stdout") { should match /Complete!/ }
+end
+
+#
+# DOWNLOAD URL BAD CHECKSUM TESTS
+#
+describe command("sudo /tmp/install_bad.sh") do
+  its("stdout") { should match /Download URL override specified/ }
+  its("stdout") { should match /tmp\/bad\/chef.* not found/ }
+  its("stdout") { should match /Package checksum mismatch/ }
+  its("exit_status") { should eq 1 }
+end

data/acceptance/centos_install_checksum/terraform/application.tf

@@ -0,0 +1,95 @@
+data "aws_ami" "centos_7_ami" {
+  most_recent = true
+
+  filter {
+    name   = "owner-id"
+    values = ["679593333241"]
+  }
+
+  filter {
+    name   = "name"
+    values = ["CentOS Linux 7*"]
+  }
+
+  filter {
+    name   = "architecture"
+    values = ["x86_64"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  filter {
+    name   = "block-device-mapping.volume-type"
+    values = ["standard"]
+  }
+
+  filter {
+    name   = "image-type"
+    values = ["machine"]
+  }
+}
+
+resource "aws_instance" "mixlib_install_sh" {
+  count = 1
+
+  ami           = "${data.aws_ami.centos_7_ami.id}"
+  instance_type = "${var.aws_instance_type}"
+  key_name      = "es-infrastructure"
+
+  associate_public_ip_address = true
+
+  subnet_id         = "subnet-11ac0174" # Planet Releng Public Subnet
+  source_dest_check = false
+
+  vpc_security_group_ids = [
+    "sg-96274af3",
+  ]
+
+  connection {
+    user        = "centos"
+    private_key = "${file("${var.connection_private_key}")}"
+    agent       = "${var.connection_agent}"
+    timeout     = "10m"
+  }
+
+  tags {
+    # ChefOps's AWS standard tags:
+    X-Dept        = "EngServ"
+    X-Contact     = "pwright"
+    X-Production  = "false"
+    X-Environment = "acceptance"
+    X-Application = "mixlib-install"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/centos_install_url.sh"
+    destination = "/tmp/install.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/centos_install_checksum.sh"
+    destination = "/tmp/install_checksum.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/centos_install_metadata.sh"
+    destination = "/tmp/install_metadata.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/centos_install_bad.sh"
+    destination = "/tmp/install_bad.sh"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "chmod +x /tmp/install.sh",
+      "chmod +x /tmp/install_checksum.sh",
+      "chmod +x /tmp/install_metadata.sh",
+      "chmod +x /tmp/install_bad.sh",
+    ]
+  }
+}

data/acceptance/centos_install_checksum/terraform/aws.tf

@@ -0,0 +1,8 @@
+# Restrict operation of terraform to chef-es profile so that
+# we do not create resources in other aws profiles.
+# We assume user has configured standard aws credentials
+# under ~/.aws/credentials or with $AWS_SHARED_CREDENTIALS_FILE
+provider "aws" {
+  region  = "${var.aws_region}"
+  profile = "chef-aws"
+}

data/acceptance/centos_install_checksum/terraform/variables.tf

@@ -0,0 +1,27 @@
+# Region to create infrastructure in
+variable "aws_region" {
+  type    = "string"
+  default = "us-west-2"
+}
+
+variable "aws_instance_type" {
+  type    = "string"
+  default = "t2.micro"
+}
+
+# Used to indicidate whether the environment should be treated as "prod"
+# This is mainly used for the `X-Production` AWS tag.
+variable "production" {
+  default = "false"
+}
+
+# SSH Connection info used for remote provisioning instances
+variable "connection_agent" {
+  description = "Set to false to disable using ssh-agent to authenticate"
+  default     = false
+}
+
+variable "connection_private_key" {
+  description = "File path to AWS keypair private key to provision with"
+  default     = "~/.ssh/es-infrastructure.pem"
+}

data/acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/metadata.rb

@@ -0,0 +1,2 @@
+name 'acceptance-cookbook'
+

data/acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/recipes/destroy.rb

@@ -0,0 +1,3 @@
+execute "terraform destroy -force" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end

data/acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/recipes/provision.rb

@@ -0,0 +1,22 @@
+# Nothing to see here...
+
+install_url = "install -download_url_override https://packages.chef.io/files/stable/chef/13.2.20/windows/2012r2/chef-client-13.2.20-1-x64.msi"
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.install_ps1, '#{install_url}'\" > ../.acceptance_data/powershell_install_url.ps1" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+install_checksum = "#{install_url} -checksum 82772d31ad110b7a584492f3a51358a56f4d706a41920c0d441b87c94b71336c -verbose"
+
+execute "bundle exec ruby -e \"require 'mixlib/install'; puts Mixlib::Install.install_ps1, '#{install_checksum}'\" > ../.acceptance_data/powershell_install_checksum.ps1" do
+  cwd node['chef-acceptance']['suite-dir']
+end
+
+execute "terraform plan" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end
+
+execute "terraform apply" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end
+

data/acceptance/windows-server-2012r2-checksum/inspec/verify.rb

@@ -0,0 +1,21 @@
+describe package("Chef Client v13*") do
+  it { should be_installed }
+  its("version") { should match /13.2.20/ }
+end
+
+# redirect verbose output
+describe command("powershell.exe -file /tmp/install_with_checksum.ps1 *>&1") do
+  its("stdout") { should match /Found existing installer/ }
+  its("stdout") { should match /Checksum verified, using existing installer/ }
+end
+
+# corrupt the file
+describe powershell("Out-File -filepath C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\chef-client-13.2.20-1-x64.msi") do
+  its("exit_status") { should eq 0 }
+end
+
+# redirect verbose output
+describe command("powershell.exe -file /tmp/install_with_checksum.ps1 *>&1") do
+  its("stdout") { should match /Found existing installer/ }
+  its("stdout") { should match /Checksum mismatch/ }
+end

data/acceptance/windows-server-2012r2-checksum/terraform/application.tf

@@ -0,0 +1,94 @@
+data "aws_ami" "windows_ami" {
+  most_recent = true
+
+  filter {
+    name   = "owner-alias"
+    values = ["amazon"]
+  }
+
+  filter {
+    name   = "name"
+    values = ["Windows_Server-2012-R2*-English-*-Base-*"]
+  }
+
+  filter {
+    name   = "architecture"
+    values = ["x86_64"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  filter {
+    name   = "block-device-mapping.volume-type"
+    values = ["gp2"]
+  }
+
+  filter {
+    name   = "image-type"
+    values = ["machine"]
+  }
+}
+
+resource "aws_instance" "mixlib_install_ps1" {
+  count = 1
+
+  ami           = "${data.aws_ami.windows_ami.id}"
+  instance_type = "${var.aws_instance_type}"
+  key_name      = "es-infrastructure"
+
+  associate_public_ip_address = true
+
+  subnet_id         = "subnet-11ac0174" # Planet Releng Public Subnet
+  source_dest_check = false
+
+  vpc_security_group_ids = [
+    "sg-96274af3",
+  ]
+
+  connection {
+    type     = "winrm"
+    user     = "Administrator"
+    password = "${var.admin_password}"
+    timeout  = "10m"
+  }
+
+  user_data = <<EOF
+<script>
+  winrm quickconfig -q & winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"} & winrm set winrm/config @{MaxTimeoutms="1800000"} & winrm set winrm/config/service @{AllowUnencrypted="true"} & winrm set winrm/config/service/auth @{Basic="true"}
+</script>
+<powershell>
+  Set-ExecutionPolicy -ExecutionPolicy Bypass
+  netsh advfirewall firewall add rule name="WinRM in" protocol=TCP dir=in profile=any localport=5985 remoteip=any localip=any action=allow
+  $admin = [adsi]("WinNT://./administrator, user")
+  $admin.psbase.invoke("SetPassword", "${var.admin_password}")
+</powershell>
+EOF
+
+  tags {
+    # ChefOps's AWS standard tags:
+    X-Dept        = "EngServ"
+    X-Contact     = "pwright"
+    X-Production  = "false"
+    X-Environment = "acceptance"
+    X-Application = "mixlib-install"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/powershell_install_url.ps1"
+    destination = "/tmp/install.ps1"
+  }
+
+  provisioner "file" {
+    source      = "../../.acceptance_data/powershell_install_checksum.ps1"
+    destination = "/tmp/install_with_checksum.ps1"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "powershell.exe -file /tmp/install.ps1",
+    ]
+  }
+}

data/acceptance/windows-server-2012r2-checksum/terraform/aws.tf

@@ -0,0 +1,8 @@
+# Restrict operation of terraform to chef-es profile so that
+# we do not create resources in other aws profiles.
+# We assume user has configured standard aws credentials
+# under ~/.aws/credentials or with $AWS_SHARED_CREDENTIALS_FILE
+provider "aws" {
+  region  = "${var.aws_region}"
+  profile = "chef-aws"
+}

data/acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/.gitignore

@@ -0,0 +1,2 @@
+nodes/
+tmp/

data/acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/metadata.rb

@@ -0,0 +1,2 @@
+name 'acceptance-cookbook'
+

data/acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/recipes/destroy.rb

@@ -0,0 +1,3 @@
+execute "terraform destroy -force" do
+  cwd "#{node['chef-acceptance']['suite-dir']}/terraform"
+end

data/acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/recipes/verify.rb

@@ -0,0 +1,14 @@
+ruby_block "get ip" do
+  block do
+    tf_state = JSON.parse(File.read("#{node['chef-acceptance']['suite-dir']}/terraform/terraform.tfstate"))
+    node.default["ip"] = tf_state["modules"].first["resources"]["aws_instance.mixlib_install_ps1"]["primary"]["attributes"]["public_ip"]
+  end
+end
+
+execute "run inspec" do
+  command lazy { "inspec exec verify.rb -t winrm://Administrator@#{node['ip']} --password $WINDOWS_PASSWORD" }
+  cwd "#{node['chef-acceptance']['suite-dir']}/inspec"
+  environment(
+    "WINDOWS_PASSWORD" => ENV["TF_VAR_admin_password"] || "Pas5w0rD"
+  )
+end

data/acceptance/windows-server-2012r2-ps1/terraform/aws.tf

@@ -0,0 +1,8 @@
+# Restrict operation of terraform to chef-es profile so that
+# we do not create resources in other aws profiles.
+# We assume user has configured standard aws credentials
+# under ~/.aws/credentials or with $AWS_SHARED_CREDENTIALS_FILE
+provider "aws" {
+  region  = "${var.aws_region}"
+  profile = "chef-aws"
+}

data/acceptance/windows-server-2012r2-ps1/terraform/variables.tf

@@ -0,0 +1,16 @@
+# Region to create infrastructure in
+variable "aws_region" {
+  type    = "string"
+  default = "us-west-2"
+}
+
+variable "aws_instance_type" {
+  type    = "string"
+  default = "t2.micro"
+}
+
+variable "admin_password" {
+  description = "Set Windows Administrator password"
+  type        = "string"
+  default     = "Pas5w0rD"
+}

data/lib/mixlib/install/generator/bourne/scripts/fetch_metadata.sh.erb

@@ -43,7 +43,8 @@ if test "x$download_url_override" = "x"; then
   sha256=`awk '$1 == "sha256" { print $2 }' "$metadata_filename"`
 else
   download_url=$download_url_override
-  sha256=$checksum
+  # Set sha256 to empty string if checksum not set
+  sha256=${checksum=""}
 fi
 
 ############

data/lib/mixlib/install/generator/bourne/scripts/fetch_package.sh

@@ -31,20 +31,54 @@ download_dir=`dirname $download_filename`
 (umask 077 && mkdir -p $download_dir) || exit 1
 
 # check if we have that file locally available and if so verify the checksum
+# Use cases
+# 1) metadata - new download
+# 2) metadata - cached download when cmdline_dl_dir set
+# 3) url override - no checksum new download
+# 4) url override - with checksum new download
+# 5) url override - with checksum cached download when cmdline_dl_dir set
+
 cached_file_available="false"
+verify_checksum="true"
+
 if test -f $download_filename; then
-  echo "$download_filename already exists, verifiying checksum..."
-  if do_checksum "$download_filename" "$sha256"; then
-    echo "checksum compare succeeded, using existing file!"
-    cached_file_available="true"
+  echo "$download_filename exists"
+  cached_file_available="true"
+fi
+
+if test "x$download_url_override" != "x"; then
+  echo "Download URL override specified"
+  if test "x$cached_file_available" = "xtrue"; then
+    echo "Verifying local file"
+    if test "x$sha256" = "x"; then
+      echo "Checksum not specified, ignoring existing file"
+      cached_file_available="false" # download new file
+      verify_checksum="false" # no checksum to compare after download
+    elif do_checksum "$download_filename" "$sha256"; then
+      echo "Checksum match, using existing file"
+      cached_file_available="true" # don't need to download file
+      verify_checksum="false" # don't need to checksum again
+    else
+      echo "Checksum mismatch, ignoring existing file"
+      cached_file_available="false" # download new file
+      verify_checksum="true" # checksum new downloaded file
+    fi
   else
-    echo "checksum mismatch, downloading latest version of the file"
+    echo "$download_filename not found"
+    cached_file_available="false" # download new file
+    if test "x$sha256" = "x"; then
+      verify_checksum="false" # no checksum to compare after download
+    else
+      verify_checksum="true" # checksum new downloaded file
+    fi
   fi
 fi
 
-# download if no local version of the file available
 if test "x$cached_file_available" != "xtrue"; then
-  do_download "$download_url"  "$download_filename"
+  do_download "$download_url" "$download_filename"
+fi
+
+if test "x$verify_checksum" = "xtrue"; then
   do_checksum "$download_filename" "$sha256" || checksum_mismatch
 fi
 

data/lib/mixlib/install/generator/bourne/scripts/script_cli_parameters.sh

@@ -10,13 +10,15 @@
 # $cmdline_filename: Name of the package downloaded on local disk.
 # $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk.
 # $install_strategy: Method of package installations. default strategy is to always install upon exec. Set to "once" to skip if project is installed
+# $download_url_override: Install package downloaded from a direct URL.
+# $checksum: SHA256 for download_url_override file (optional)
 ############
 
 # Defaults
 channel="stable"
 project="chef"
 
-while getopts pnv:c:f:P:d:s opt
+while getopts pnv:c:f:P:d:s:l:a opt
 do
   case "$opt" in
 
@@ -28,9 +30,11 @@ do
     P)  project="$OPTARG";;
     d)  cmdline_dl_dir="$OPTARG";;
     s)  install_strategy="$OPTARG";;
+    l)  download_url_override="$OPTARG";;
+    a)  checksum="$OPTARG";;
     \?)   # unknown flag
       echo >&2 \
-      "usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir] [-s install_strategy]"
+      "usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir] [-s install_strategy] [-l download_url_override] [-a checksum]"
       exit 1;;
   esac
 done

data/lib/mixlib/install/generator/powershell/scripts/install_project.ps1

@@ -48,11 +48,10 @@ function Install-Project {
     $daemon = 'auto',
     [string]
     $http_proxy,
-    # Specify an alternate download url, must also include checksum
+    # Specify an alternate download url
     [string]
     $download_url_override,
-    # SHA256 checksum of the download file
-    # Must be present when using download_url_override
+    # SHA256 checksum to verify cached files (optional)
     [string]
     $checksum,
     # Set to 'once' to skip install if project is detected
@@ -71,6 +70,9 @@ function Install-Project {
   if(-not [string]::IsNullOrEmpty($http_proxy)) {
     $env:http_proxy = $http_proxy
   }
+
+  $cached_installer_available = $false
+  $verify_checksum = $true
   
   if (-not [string]::IsNullOrEmpty($download_url_override)) {
     $download_url = $download_url_override
@@ -97,41 +99,60 @@ function Install-Project {
   if (-not (test-path $download_directory)) {
     mkdir $download_directory
   }
+
   $download_directory = (resolve-path $download_directory).providerpath
   $download_destination = join-path $download_directory $filename
 
-  if ((test-path $download_destination) -and
-    (Test-ProjectPackage -Path $download_destination -Algorithm 'SHA256' -Hash $sha256 -ea SilentlyContinue)){
-    Write-Verbose "Found existing valid installer at $download_destination."
+  if ((test-path $download_destination)) {
+    Write-Verbose "Found existing installer at $download_destination."
+    if (-not [string]::IsNullOrEmpty($sha256)) {
+      Write-Verbose "Checksum specified"
+      $valid_checksum = Test-ProjectPackage -Path $download_destination -Algorithm 'SHA256' -Hash $sha256
+      if ($valid_checksum -eq $true) {
+        Write-Verbose "Checksum verified, using existing installer."
+        $cached_installer_available=$true # local file OK
+        $verify_checksum = $false # no need to re-verify checksums
+      }
+      else {
+        Write-Verbose "Checksum mismatch, ignoring existing installer."
+        $cached_installer_available=$false # bad local file
+        $verify_checksum = $false # re-verify checksums
+      }
+    }
+    else {
+      Write-Verbose "Checksum not specified, existing installer ignored."
+      $cached_installer_available=$false # ignore local file
+      $verify_checksum = $false # no checksum to compare
+    }
   }
-  else {
+
+  if (-not ($cached_installer_available)) {
     if ($pscmdlet.ShouldProcess("$($download_url)", "Download $project")) {
       Write-Verbose "Downloading $project from $($download_url) to $download_destination."
       Get-WebContent $download_url -filepath $download_destination
     }
   }
 
-  if ($pscmdlet.ShouldProcess("$download_destination", "Installing")){
-    if (Test-ProjectPackage -Path $download_destination -Algorithm 'SHA256' -Hash $sha256) {
-      Write-Host "Installing $project from $download_destination"
-      $installingProject = $True
-      $installAttempts = 0
-      while ($installingProject) {
-        $installAttempts++
-        $result = $false
-        if($download_destination.EndsWith(".appx")) {
-          $result = Install-ChefAppx $download_destination $project
-        }
-        else {
-          $result = Install-ChefMsi $download_destination $daemon
-        }
-        if(!$result) { continue }
-        $installingProject = $False
-      }
-    }
-    else {
+  if ($pscmdlet.ShouldProcess("$download_destination", "Installing")) {
+    if (($verify_checksum) -and (-not (Test-ProjectPackage -Path $download_destination -Algorithm 'SHA256' -Hash $sha256))) {
       throw "Failed to validate the downloaded installer for $project."
     }
+
+    Write-Host "Installing $project from $download_destination"
+    $installingProject = $True
+    $installAttempts = 0
+    while ($installingProject) {
+      $installAttempts++
+      $result = $false
+      if($download_destination.EndsWith(".appx")) {
+        $result = Install-ChefAppx $download_destination $project
+      }
+      else {
+        $result = Install-ChefMsi $download_destination $daemon
+      }
+      if(!$result) { continue }
+      $installingProject = $False
+    }
   }
 }
 set-alias install -value Install-Project

data/lib/mixlib/install/version.rb

@@ -1,5 +1,5 @@
 module Mixlib
   class Install
-    VERSION = "3.4.0"
+    VERSION = "3.5.0"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mixlib-install
 version: !ruby/object:Gem::Version
-  version: 3.4.0
+  version: 3.5.0
 platform: ruby
 authors:
 - Thom May
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-22 00:00:00.000000000 Z
+date: 2017-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mixlib-shellout
@@ -79,8 +79,37 @@ files:
 - Rakefile
 - VERSION
 - acceptance/.gitignore
+- acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/.gitignore
+- acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/metadata.rb
+- acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/recipes/destroy.rb
+- acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/recipes/provision.rb
+- acceptance/.suites/ubuntu_install_checksum/.acceptance/acceptance-cookbook/recipes/verify.rb
+- acceptance/.suites/ubuntu_install_checksum/inspec/verify.rb
+- acceptance/.suites/ubuntu_install_checksum/terraform/application.tf
+- acceptance/.suites/ubuntu_install_checksum/terraform/aws.tf
+- acceptance/.suites/ubuntu_install_checksum/terraform/terraform.tfstate
+- acceptance/.suites/ubuntu_install_checksum/terraform/variables.tf
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/.gitignore
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/libraries/chef_extentions.rb
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/metadata.rb
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/recipes/destroy.rb
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/recipes/provision.rb
+- acceptance/.suites/windows-nano/.acceptance/acceptance-cookbook/recipes/verify.rb
+- acceptance/.suites/windows-nano/inspec/verify.rb
+- acceptance/.suites/windows-nano/terraform/application.tf
+- acceptance/.suites/windows-nano/terraform/aws.tf
+- acceptance/.suites/windows-nano/terraform/variables.tf
 - acceptance/Gemfile
 - acceptance/README.md
+- acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/.gitignore
+- acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/metadata.rb
+- acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/destroy.rb
+- acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/provision.rb
+- acceptance/centos_install_checksum/.acceptance/acceptance-cookbook/recipes/verify.rb
+- acceptance/centos_install_checksum/inspec/verify.rb
+- acceptance/centos_install_checksum/terraform/application.tf
+- acceptance/centos_install_checksum/terraform/aws.tf
+- acceptance/centos_install_checksum/terraform/variables.tf
 - acceptance/ubuntu_install_command/.acceptance/acceptance-cookbook/.gitignore
 - acceptance/ubuntu_install_command/.acceptance/acceptance-cookbook/metadata.rb
 - acceptance/ubuntu_install_command/.acceptance/acceptance-cookbook/recipes/destroy.rb
@@ -108,16 +137,15 @@ files:
 - acceptance/ubuntu_install_sh/terraform/application.tf
 - acceptance/ubuntu_install_sh/terraform/aws.tf
 - acceptance/ubuntu_install_sh/terraform/variables.tf
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/.gitignore
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/libraries/chef_extentions.rb
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/metadata.rb
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/recipes/destroy.rb
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/recipes/provision.rb
-- acceptance/windows-nano/.acceptance/acceptance-cookbook/recipes/verify.rb
-- acceptance/windows-nano/inspec/verify.rb
-- acceptance/windows-nano/terraform/application.tf
-- acceptance/windows-nano/terraform/aws.tf
-- acceptance/windows-nano/terraform/variables.tf
+- acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/.gitignore
+- acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/metadata.rb
+- acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/recipes/destroy.rb
+- acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/recipes/provision.rb
+- acceptance/windows-server-2012r2-checksum/.acceptance/acceptance-cookbook/recipes/verify.rb
+- acceptance/windows-server-2012r2-checksum/inspec/verify.rb
+- acceptance/windows-server-2012r2-checksum/terraform/application.tf
+- acceptance/windows-server-2012r2-checksum/terraform/aws.tf
+- acceptance/windows-server-2012r2-checksum/terraform/variables.tf
 - acceptance/windows-server-2012r2-fips/.acceptance/acceptance-cookbook/.gitignore
 - acceptance/windows-server-2012r2-fips/.acceptance/acceptance-cookbook/metadata.rb
 - acceptance/windows-server-2012r2-fips/.acceptance/acceptance-cookbook/recipes/destroy.rb
@@ -136,15 +164,15 @@ files:
 - acceptance/windows-server-2012r2-once/terraform/application.tf
 - acceptance/windows-server-2012r2-once/terraform/aws.tf
 - acceptance/windows-server-2012r2-once/terraform/variables.tf
-- acceptance/windows-server-2012r2/.acceptance/acceptance-cookbook/.gitignore
-- acceptance/windows-server-2012r2/.acceptance/acceptance-cookbook/metadata.rb
-- acceptance/windows-server-2012r2/.acceptance/acceptance-cookbook/recipes/destroy.rb
-- acceptance/windows-server-2012r2/.acceptance/acceptance-cookbook/recipes/provision.rb
-- acceptance/windows-server-2012r2/.acceptance/acceptance-cookbook/recipes/verify.rb
-- acceptance/windows-server-2012r2/inspec/verify.rb
-- acceptance/windows-server-2012r2/terraform/application.tf
-- acceptance/windows-server-2012r2/terraform/aws.tf
-- acceptance/windows-server-2012r2/terraform/variables.tf
+- acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/.gitignore
+- acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/metadata.rb
+- acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/recipes/destroy.rb
+- acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/recipes/provision.rb
+- acceptance/windows-server-2012r2-ps1/.acceptance/acceptance-cookbook/recipes/verify.rb
+- acceptance/windows-server-2012r2-ps1/inspec/verify.rb
+- acceptance/windows-server-2012r2-ps1/terraform/application.tf
+- acceptance/windows-server-2012r2-ps1/terraform/aws.tf
+- acceptance/windows-server-2012r2-ps1/terraform/variables.tf
 - bin/mixlib-install
 - ci/before-script.sh
 - ci/es-infrastructure.pem.enc