ohai 16.8.1 → 16.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 168be10defab5e91f8da06ce4d101a461ed13a2051d4b6901c3039571c7a3066
-  data.tar.gz: 8783ddbdc49208974d09cfc7e708760402248719baaf2a1a8dce28e8a14902bc
+  metadata.gz: 67ffbc76e1366d1413aa7f01ac2e8f4ff22b89f8a9fa8568b348a441c284b8f9
+  data.tar.gz: 59e0790fc0ee8182982c63f1d495c89a974fec9950a0843ac46d2eeb9dea6baf
 SHA512:
-  metadata.gz: 5781908ba60b11f68397c10693d6c084e1eb021dc5a6b1348448b712225322295cc5b510dc41e9feecbf1a463d23f47773428ce540c138b43a2c6fd9ced079a4
-  data.tar.gz: 50a9ba71dca6681a84536c1f443653dc4d78172ded2fffa9022ad8ed8e577a0dc3e1bc6329b021438fe3ee6d2d62d1154093928fb3fb53957df38363f0bf92c2
+  metadata.gz: 867b388ecf15e49431eaea7b315411522d8d57e2e4310cf867048dcadde9832dc94a02710c99ef332b8f51f4e9fe88db0bb00e47ac3505bc911a2ca3763a3a0e
+  data.tar.gz: 4c0d991e9d1b3b92f705611f54af8f826ecd866cbc7f8b65d4ad70fb879f4a1501a2e1a38a908e4e6b4c3d0367e4b16167d843ba5840d64f9b41a68aae448f33

data/Gemfile

@@ -4,19 +4,19 @@ source "https://rubygems.org"
 gemspec
 
 # pull these gems from master of chef/chef so that we're testing against what we will release
-gem "chef-config", git: "https://github.com/chef/chef", glob: "chef-config/chef-config.gemspec"
-gem "chef-utils", git: "https://github.com/chef/chef", glob: "chef-utils/chef-utils.gemspec"
+gem "chef-config", git: "https://github.com/chef/chef", branch: "chef-16", glob: "chef-config/chef-config.gemspec"
+gem "chef-utils", git: "https://github.com/chef/chef", branch: "chef-16", glob: "chef-utils/chef-utils.gemspec"
 
 # NOTE: do not submit PRs to add pry as a dep, add to your Gemfile.local
 group :development do
-  gem "chefstyle", git: "https://github.com/chef/chefstyle.git", branch: "master"
+  gem "chefstyle", "1.6.2"
   gem "ipaddr_extensions"
   gem "rake", ">= 10.1.0"
   gem "rspec-collection_matchers", "~> 1.0"
   gem "rspec-core", "~> 3.0"
   gem "rspec-expectations", "~> 3.0"
   gem "rspec-mocks", "~> 3.0"
-  gem "rubocop-performance", "1.9.0"
+  gem "rubocop-performance", "1.9.2"
   gem "rubocop-rspec"
 end
 

data/lib/ohai/mixin/ec2_metadata.rb

@@ -43,15 +43,23 @@ module Ohai
       EC2_METADATA_ADDR ||= "169.254.169.254"
       EC2_SUPPORTED_VERSIONS ||= %w{ 1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15
                                      2008-02-01 2008-09-01 2009-04-04 2011-01-01 2011-05-01 2012-01-12
-                                     2014-02-25 2014-11-05 2015-10-20 2016-04-19 2016-06-30 2016-09-02 }.freeze
+                                     2014-02-25 2014-11-05 2015-10-20 2016-04-19 2016-06-30 2016-09-02
+                                     2016-11-30 2018-08-17 2018-11-29 2019-10-01 2020-08-24 2020-11-01 }.freeze
       EC2_ARRAY_VALUES ||= %w{security-groups local_ipv4s}.freeze
       EC2_ARRAY_DIR    ||= %w{network/interfaces/macs}.freeze
       EC2_JSON_DIR     ||= %w{iam}.freeze
 
+      #
+      # The latest metadata version in EC2_SUPPORTED_VERSIONS that this instance supports
+      # in AWS supported metadata versions are determined at instance start so we need to be
+      # cautious here in case an instance has been running for a long time
+      #
+      # @return [String] the version
+      #
       def best_api_version
         @api_version ||= begin
           logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/ to determine the latest supported metadata release")
-          response = http_client.get("/")
+          response = http_client.get("/", { 'X-aws-ec2-metadata-token': v2_token })
           if response.code == "404"
             logger.trace("Mixin EC2: Received HTTP 404 from metadata server while determining API version, assuming 'latest'")
             return "latest"
@@ -84,6 +92,23 @@ module Ohai
         end
       end
 
+      #
+      # Fetch an API token for use querying AWS IMDSv2 or return nil if no token if found
+      # AWS like systems (think OpenStack) will not respond with a token here
+      #
+      # @return [NilClass, String] API token or nil
+      #
+      def v2_token
+        @v2_token ||= begin
+            request = http_client.put("/latest/api/token", nil, { 'X-aws-ec2-metadata-token-ttl-seconds': "60" })
+            if request.code == "404" # not on AWS
+              nil
+            else
+              request.body
+            end
+          end
+      end
+
       # Get metadata for a given path and API version
       #
       # Typically, a 200 response is expected for valid metadata.
@@ -93,7 +118,7 @@ module Ohai
       def metadata_get(id, api_version)
         path = "/#{api_version}/meta-data/#{id}"
         logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}#{path}")
-        response = http_client.get(path)
+        response = http_client.get(path, { 'X-aws-ec2-metadata-token': v2_token })
         case response.code
         when "200"
           response.body
@@ -174,13 +199,13 @@ module Ohai
 
       def fetch_userdata
         logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/#{best_api_version}/user-data/")
-        response = http_client.get("/#{best_api_version}/user-data/")
+        response = http_client.get("/#{best_api_version}/user-data/", { 'X-aws-ec2-metadata-token': v2_token })
         response.code == "200" ? response.body : nil
       end
 
       def fetch_dynamic_data
         @fetch_dynamic_data ||= begin
-          response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/")
+          response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/", { 'X-aws-ec2-metadata-token': v2_token })
 
           if json?(response.body) && response.code == "200"
             FFI_Yajl::Parser.parse(response.body)

data/lib/ohai/plugins/chef.rb

@@ -20,9 +20,19 @@
 Ohai.plugin(:Chef) do
   provides "chef_packages/chef"
 
+  def chef_effortless?
+    # Determine if client is being run as a Habitat package.
+    if Chef::CHEF_ROOT.include?("hab/pkgs/chef/chef")
+      # Determine if client is running in zero mode which would show it is using the Effortless pattern.
+      # Explicitly set response to true or nil, not false
+      ChefConfig::Config["chef_server_url"].include?("chefzero://")
+    end
+  end
+
   collect_data(:default, :target) do
     begin
       require "chef/version"
+      require "chef-config/config" unless defined?(ChefConfig::Config)
     rescue Gem::LoadError
       logger.trace("Plugin Chef: Unable to load the chef gem to determine the version")
       # this catches when you've done a major version bump of ohai, but
@@ -35,5 +45,6 @@ Ohai.plugin(:Chef) do
     chef_packages[:chef] = Mash.new
     chef_packages[:chef][:version] = Chef::VERSION
     chef_packages[:chef][:chef_root] = Chef::CHEF_ROOT
+    chef_packages[:chef][:chef_effortless] = chef_effortless?
   end
 end

data/lib/ohai/plugins/ec2.rb

@@ -121,6 +121,9 @@ Ohai.plugin(:EC2) do
       logger.trace("Plugin EC2: looks_like_ec2? == true")
       ec2 Mash.new
       fetch_metadata.each do |k, v|
+        # this includes sensitive data we don't want to store on the node
+        next if k == "identity_credentials_ec2_security_credentials_ec2_instance"
+
         # fetch_metadata returns IAM security credentials, including the IAM user's
         # secret access key. We'd rather not have ohai send this information
         # to the server. If the instance is associated with an IAM role we grab

data/lib/ohai/plugins/eucalyptus.rb

@@ -29,7 +29,7 @@ Ohai.plugin(:Eucalyptus) do
   provides "eucalyptus"
   depends "network/interfaces"
 
-  MAC_MATCH = /^[dD]0:0[dD]:/.freeze
+  MAC_MATCH = /^[dD]0:0[dD]:/.freeze unless defined?(MAC_MATCH)
 
   # returns the mac address from the collection of all address types
   def get_mac_address(addresses)

data/lib/ohai/plugins/linux/network.rb

@@ -273,6 +273,30 @@ Ohai.plugin(:Network) do
     iface
   end
 
+  # determine pause parameters for the interface using ethtool
+  def ethernet_pause_parameters(iface)
+    return iface unless ethtool_binary_path
+
+    iface.each_key do |tmp_int|
+      next unless iface[tmp_int][:encapsulation] == "Ethernet"
+
+      so = shell_out("#{ethtool_binary_path} -a #{tmp_int}")
+      logger.trace("Plugin Network: Parsing ethtool output: #{so.stdout}")
+      iface[tmp_int]["pause_params"] = {}
+      so.stdout.lines.each do |line|
+        next if line.start_with?("Pause parameters for")
+        next if line.strip.nil?
+
+        key, val = line.split(/:\s+/)
+        if val
+          pause_key = "#{key.downcase.tr(" ", "_")}"
+          iface[tmp_int]["pause_params"][pause_key] = val.strip.eql? "on"
+        end
+      end
+    end
+    iface
+  end
+
   # determine driver info for the interface using ethtool
   def ethernet_driver_info(iface)
     return iface unless ethtool_binary_path
@@ -385,7 +409,7 @@ Ohai.plugin(:Network) do
     if line =~ IPROUTE_INT_REGEX
       cint = $2
       iface[cint] = Mash.new
-      if cint =~ /^(\w+)(\d+.*)/
+      if cint =~ /^(\w+?)(\d+.*)/
         iface[cint][:type] = $1
         iface[cint][:number] = $2
       end
@@ -696,7 +720,7 @@ Ohai.plugin(:Network) do
         if line =~ /^([0-9a-zA-Z@\.\:\-_]+)\s+/
           cint = $1
           iface[cint] = Mash.new
-          if cint =~ /^(\w+)(\d+.*)/
+          if cint =~ /^(\w+?)(\d+.*)/
             iface[cint][:type] = $1
             iface[cint][:number] = $2
           end
@@ -770,6 +794,7 @@ Ohai.plugin(:Network) do
     iface = ethernet_channel_parameters(iface)
     iface = ethernet_coalesce_parameters(iface)
     iface = ethernet_driver_info(iface)
+    iface = ethernet_pause_parameters(iface)
     counters[:network][:interfaces] = net_counters
     network["interfaces"] = iface
   end

data/lib/ohai/plugins/linux/os_release.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+#
+# Author:: Lance Albertson (lance@osuosl.org>)
+# Copyright:: Copyright (c) 2021 Oregon State University
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+Ohai.plugin(:OsRelease) do
+  provides "os_release"
+
+  collect_data(:linux) do
+    os_release Mash.new unless os_release
+
+    # https://www.freedesktop.org/software/systemd/man/os-release.html
+    if file_exist?("/etc/os-release")
+      file_read("/etc/os-release").each_line do |line|
+        key, value = line.split("=")
+        if key == "ID_LIKE"
+          os_release[key.downcase] = value.chomp.gsub(/\A"|"\Z/, "").split(" ") if value
+        else
+          os_release[key.downcase] = value.chomp.gsub(/\A"|"\Z/, "") if value
+        end
+      end
+    end
+  end
+end

data/lib/ohai/plugins/linux/platform.rb

@@ -112,15 +112,16 @@ Ohai.plugin(:Platform) do
     # ohai uses. If you're adding a new platform here and you want to change the name
     # you'll want to add it here and then add a spec for the platform_id_remap method
     {
-      "rhel" => "redhat",
+      "alinux" => "alibabalinux",
       "amzn" => "amazon",
+      "archarm" => "arch",
+      "cumulus-linux" => "cumulus",
       "ol" => "oracle",
-      "sles" => "suse",
-      "sles_sap" => "suse",
       "opensuse-leap" => "opensuseleap",
+      "rhel" => "redhat",
+      "sles_sap" => "suse",
+      "sles" => "suse",
       "xenenterprise" => "xenserver",
-      "cumulus-linux" => "cumulus",
-      "archarm" => "arch",
     }[id] || id
   end
 
@@ -136,7 +137,7 @@ Ohai.plugin(:Platform) do
     when /debian/, /ubuntu/, /linuxmint/, /raspbian/, /cumulus/, /kali/, /pop/
       # apt-get+dpkg almost certainly goes here
       "debian"
-    when /oracle/, /centos/, /redhat/, /scientific/, /enterpriseenterprise/, /xcp/, /xenserver/, /cloudlinux/, /ibm_powerkvm/, /parallels/, /nexus_centos/, /clearos/, /bigip/ # Note that 'enterpriseenterprise' is oracle's LSB "distributor ID"
+    when /oracle/, /centos/, /redhat/, /almalinux/, /scientific/, /enterpriseenterprise/, /xcp/, /xenserver/, /cloudlinux/, /ibm_powerkvm/, /parallels/, /nexus_centos/, /clearos/, /bigip/, /alibabalinux/, /sangoma/ # Note that 'enterpriseenterprise' is oracle's LSB "distributor ID"
       # NOTE: "rhel" should be reserved exclusively for recompiled rhel versions that are nearly perfectly compatible down to the platform_version.
       # The operating systems that are "rhel" should all be as compatible as rhel7 = centos7 = oracle7 = scientific7 (98%-ish core RPM version compatibility
       # and the version numbers MUST track the upstream). The appropriate EPEL version repo should work nearly perfectly.  Some variation like the
@@ -287,6 +288,9 @@ Ohai.plugin(:Platform) do
     # centos only includes the major version in os-release for some reason
     if os_release_info["ID"] == "centos"
       get_redhatish_version(file_read("/etc/redhat-release").chomp)
+    # debian testing and unstable don't have VERSION_ID set
+    elsif os_release_info["ID"] == "debian"
+      os_release_info["VERSION_ID"] || file_read("/etc/debian_version").chomp
     else
       os_release_info["VERSION_ID"] || shell_out("/bin/uname -r").stdout.strip
     end

data/lib/ohai/plugins/linux/virtualization.rb

@@ -225,7 +225,11 @@ Ohai.plugin(:Virtualization) do
         # If so, we may need to look further for a differentiator (OHAI-573)
         virtualization[:systems][:lxc] = "host"
       end
-    elsif file_exist?("/.dockerenv") || file_exist?("/.dockerinit")
+    end
+
+    # regardless of what we found above, if we're a docker container inside
+    # of the above, lets report as a docker container
+    if file_exist?("/.dockerenv") || file_exist?("/.dockerinit")
       logger.trace("Plugin Virtualization: .dockerenv or .dockerinit exist. Detecting as docker guest")
       virtualization[:system] = "docker"
       virtualization[:role] = "guest"

data/lib/ohai/plugins/packages.rb

@@ -106,7 +106,7 @@ Ohai.plugin(:Packages) do
     end
   end
 
-  def collect_programs_from_registry_key(key_path)
+  def collect_programs_from_registry_key(repo, key_path)
     # from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx
     if ::RbConfig::CONFIG["target_cpu"] == "i386"
       reg_type = Win32::Registry::KEY_READ | 0x100
@@ -115,7 +115,7 @@ Ohai.plugin(:Packages) do
     else
       reg_type = Win32::Registry::KEY_READ
     end
-    Win32::Registry::HKEY_LOCAL_MACHINE.open(key_path, reg_type) do |reg|
+    repo.open(key_path, reg_type) do |reg|
       reg.each_key do |key, _wtime|
         pkg = reg.open(key)
         name = pkg["DisplayName"] rescue nil
@@ -133,9 +133,10 @@ Ohai.plugin(:Packages) do
   collect_data(:windows) do
     require "win32/registry" unless defined?(Win32::Registry)
     packages Mash.new
-    collect_programs_from_registry_key('Software\Microsoft\Windows\CurrentVersion\Uninstall')
+    collect_programs_from_registry_key(Win32::Registry::HKEY_LOCAL_MACHINE, 'Software\Microsoft\Windows\CurrentVersion\Uninstall')
+    collect_programs_from_registry_key(Win32::Registry::HKEY_CURRENT_USER, 'Software\Microsoft\Windows\CurrentVersion\Uninstall')
+    collect_programs_from_registry_key(Win32::Registry::HKEY_LOCAL_MACHINE, 'Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall')
     # on 64 bit systems, 32 bit programs are stored here
-    collect_programs_from_registry_key('Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall')
   end
 
   collect_data(:aix) do

data/lib/ohai/plugins/rackspace.rb

@@ -162,8 +162,8 @@ Ohai.plugin(:Rackspace) do
       unless rackspace[:public_ip].nil?
         rackspace[:public_hostname] = begin
           Resolv.getname(rackspace[:public_ip])
-        rescue Resolv::ResolvError, Resolv::ResolvTimeout
-          rackspace[:public_ip]
+                                      rescue Resolv::ResolvError, Resolv::ResolvTimeout
+                                        rackspace[:public_ip]
         end
       end
       rackspace[:local_ipv4] = rackspace[:private_ip]

data/lib/ohai/version.rb

@@ -19,5 +19,5 @@
 
 module Ohai
   OHAI_ROOT = File.expand_path(__dir__)
-  VERSION = "16.8.1"
+  VERSION = "16.13.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ohai
 version: !ruby/object:Gem::Version
-  version: 16.8.1
+  version: 16.13.0
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-04 00:00:00.000000000 Z
+date: 2021-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -305,6 +305,7 @@ files:
 - lib/ohai/plugins/linux/mdadm.rb
 - lib/ohai/plugins/linux/memory.rb
 - lib/ohai/plugins/linux/network.rb
+- lib/ohai/plugins/linux/os_release.rb
 - lib/ohai/plugins/linux/platform.rb
 - lib/ohai/plugins/linux/selinux.rb
 - lib/ohai/plugins/linux/sessions.rb
@@ -391,7 +392,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Ohai profiles your system and emits JSON