diff options
| author | Gene Wood <gene_wood@cementhorizon.com> | 2022-08-23 13:34:16 -0700 |
|---|---|---|
| committer | Gene Wood <gene_wood@cementhorizon.com> | 2022-08-23 13:34:16 -0700 |
| commit | 9e6c10160e87bedb703e2409776cd08011798210 (patch) | |
| tree | c29e7ba0b477d674814dbf77443e111d87d74e9b | |
| parent | ef5229ecadba3dc0b37825232267568c274119bd (diff) | |
| parent | 964236952f9fad2398a6a3a2501774e430b17b6d (diff) | |
| download | chef-9e6c10160e87bedb703e2409776cd08011798210.tar.gz | |
Merge remote-tracking branch 'upstream/main' into fix_install_snaps_call
Signed-off-by: Gene Wood <gene_wood@cementhorizon.com>
41 files changed, 247 insertions, 76 deletions
diff --git a/.expeditor/config.yml b/.expeditor/config.yml index 2409d405c3..d249264afa 100644 --- a/.expeditor/config.yml +++ b/.expeditor/config.yml @@ -20,9 +20,15 @@ rubygems: # At the given time, trigger the following scheduled workloads # https://expeditor.chef.io/docs/getting-started/subscriptions/#scheduling-workloads schedules: - - name: nightly_build + - name: nightly_build_main description: "Run a nightly build in the Buildkite pipeline" cronline: "0 6 * * *" + - name: nightly_build_chef_17 + description: "Run a nightly build in the Buildkite pipeline" + cronline: "30 9 * * 2,4" + - name: nightly_build_chef_16 + description: "Run a nightly build in the Buildkite pipeline" + cronline: "30 2 * * 2" pipelines: - verify: @@ -265,6 +271,12 @@ subscriptions: - workload: ruby_gem_published:train-winrm-* actions: - bash:.expeditor/update_dep.sh - - workload: schedule_triggered:chef/chef-server:main:nightly_build:* + - workload: schedule_triggered:chef/chef:main:nightly_build_main:* + actions: + - trigger_pipeline:omnibus/adhoc + - workload: schedule_triggered:chef/chef:chef-17:nightly_build_chef_17:* + actions: + - trigger_pipeline:omnibus/adhoc + - workload: schedule_triggered:chef/chef:chef-16:nightly_build_chef_16:* actions: - trigger_pipeline:omnibus/adhoc diff --git a/.expeditor/release.omnibus.yml b/.expeditor/release.omnibus.yml index 803798b7ae..1a2b43ea60 100644 --- a/.expeditor/release.omnibus.yml +++ b/.expeditor/release.omnibus.yml @@ -14,6 +14,7 @@ builder-to-testers-map: aix-7.1-powerpc: - aix-7.1-powerpc - aix-7.2-powerpc + - aix-7.3-powerpc amazon-2022-aarch64: - amazon-2022-aarch64 amazon-2022-x86_64: @@ -90,3 +91,4 @@ builder-to-testers-map: - windows-8-x86_64 - windows-10-x86_64 - windows-11-x86_64 + diff --git a/CHANGELOG.md b/CHANGELOG.md index d1ed6c431d..167498bb0a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,17 +1,34 @@ <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ --> This changelog lists individual merged pull requests to Chef Infra Client and geared towards developers. For a list of significant changes per release see the [Chef Infra Client Release Notes](https://docs.chef.io/release_notes_client/). -<!-- latest_release 18.0.124 --> -## [v18.0.124](https://github.com/chef/chef/tree/v18.0.124) (2022-06-25) +<!-- latest_release 18.0.141 --> +## [v18.0.141](https://github.com/chef/chef/tree/v18.0.141) (2022-08-16) #### Merged Pull Requests -- AdHoc Pipeline Windows PageFile Test errors [#13009](https://github.com/chef/chef/pull/13009) ([johnmccrae](https://github.com/johnmccrae)) +- Add newline to end of sysctl files [#13118](https://github.com/chef/chef/pull/13118) ([tmccombs](https://github.com/tmccombs)) <!-- latest_release --> <!-- release_rollup since=17.9.26 --> ### Changes not yet released to stable #### Merged Pull Requests +- Add newline to end of sysctl files [#13118](https://github.com/chef/chef/pull/13118) ([tmccombs](https://github.com/tmccombs)) <!-- 18.0.141 --> +- fix chef_client_scheduled_task splay to accept 0 [#13095](https://github.com/chef/chef/pull/13095) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.140 --> +- add url for principal names [#13104](https://github.com/chef/chef/pull/13104) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.139 --> +- Added how to doc with details about documentation for infra client resources [#13046](https://github.com/chef/chef/pull/13046) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.138 --> +- Wording change in error for missing recipe dependency ("Obvious Fix") [#13061](https://github.com/chef/chef/pull/13061) ([c-drive](https://github.com/c-drive)) <!-- 18.0.137 --> +- Require etc library [#13068](https://github.com/chef/chef/pull/13068) ([curzonj](https://github.com/curzonj)) <!-- 18.0.136 --> +- Bump omnibus-software from `a9b13a0` to `1d540dc` in /omnibus [#13089](https://github.com/chef/chef/pull/13089) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.135 --> +- Re add: Use new msys2 based devkit for windows"" [#13097](https://github.com/chef/chef/pull/13097) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.134 --> +- Skip tests on FreeBSD-13 [#13079](https://github.com/chef/chef/pull/13079) ([poorndm](https://github.com/poorndm)) <!-- 18.0.133 --> +- Add AIX-7.3 to Build Matrix [#13058](https://github.com/chef/chef/pull/13058) ([poorndm](https://github.com/poorndm)) <!-- 18.0.132 --> +- update property DSL docs [#13093](https://github.com/chef/chef/pull/13093) ([jasonwbarnett](https://github.com/jasonwbarnett)) <!-- 18.0.131 --> +- Revert "Use new msys2 based devkit for windows" [#13063](https://github.com/chef/chef/pull/13063) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.130 --> +- Fixed sensitive properties unsuppressed content issue [#13014](https://github.com/chef/chef/pull/13014) ([blabade](https://github.com/blabade)) <!-- 18.0.129 --> +- Fix issue in adhoc nightly builds [#13059](https://github.com/chef/chef/pull/13059) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.128 --> +- Use new msys2 based devkit for windows [#13038](https://github.com/chef/chef/pull/13038) ([mwrock](https://github.com/mwrock)) <!-- 18.0.127 --> +- Use dist constant when invoking knife configure [#12926](https://github.com/chef/chef/pull/12926) ([ramereth](https://github.com/ramereth)) <!-- 18.0.126 --> +- Add nightlies for chef-17 to run every Tue, Thu and chef-16 to run every Tue [#13018](https://github.com/chef/chef/pull/13018) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.125 --> - AdHoc Pipeline Windows PageFile Test errors [#13009](https://github.com/chef/chef/pull/13009) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.124 --> - Fix fedora kitchen test failure [#13020](https://github.com/chef/chef/pull/13020) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.123 --> - Refactored tests for older Windows versions [#13019](https://github.com/chef/chef/pull/13019) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.122 --> diff --git a/Gemfile.lock b/Gemfile.lock index 763f9c7bbf..e96b11286f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -42,12 +42,12 @@ GIT PATH remote: . specs: - chef (18.0.124) + chef (18.0.141) addressable aws-sdk-s3 (~> 1.91) aws-sdk-secretsmanager (~> 1.46) - chef-config (= 18.0.124) - chef-utils (= 18.0.124) + chef-config (= 18.0.141) + chef-utils (= 18.0.141) chef-vault chef-zero (>= 14.0.11) corefoundation (~> 0.3.4) @@ -76,13 +76,13 @@ PATH unf_ext (< 0.0.8.1) uuidtools (>= 2.1.5, < 3.0) vault (~> 0.16) - chef (18.0.124-universal-mingw32) + chef (18.0.141-universal-mingw32) addressable aws-sdk-s3 (~> 1.91) aws-sdk-secretsmanager (~> 1.46) - chef-config (= 18.0.124) + chef-config (= 18.0.141) chef-powershell (~> 1.0.12) - chef-utils (= 18.0.124) + chef-utils (= 18.0.141) chef-vault chef-zero (>= 14.0.11) corefoundation (~> 0.3.4) @@ -126,15 +126,15 @@ PATH PATH remote: chef-bin specs: - chef-bin (18.0.124) - chef (= 18.0.124) + chef-bin (18.0.141) + chef (= 18.0.141) PATH remote: chef-config specs: - chef-config (18.0.124) + chef-config (18.0.141) addressable - chef-utils (= 18.0.124) + chef-utils (= 18.0.141) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) @@ -143,7 +143,7 @@ PATH PATH remote: chef-utils specs: - chef-utils (18.0.124) + chef-utils (18.0.141) concurrent-ruby GEM @@ -156,13 +156,13 @@ GEM mixlib-shellout (>= 2.0, < 4.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.601.0) - aws-sdk-core (3.131.2) + aws-partitions (1.619.0) + aws-sdk-core (3.132.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.57.0) + aws-sdk-kms (1.58.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-s3 (1.114.0) @@ -172,7 +172,7 @@ GEM aws-sdk-secretsmanager (1.64.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sigv4 (1.5.0) + aws-sigv4 (1.5.1) aws-eventstream (~> 1, >= 1.0.2) binding_of_caller (1.0.0) debug_inspector (>= 0.0.1) @@ -208,7 +208,7 @@ GEM domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) ed25519 (1.3.0) - erubi (1.10.0) + erubi (1.11.0) erubis (2.7.0) faraday (1.4.3) faraday-em_http (~> 1.0) @@ -1 +1 @@ -18.0.124
\ No newline at end of file +18.0.141
\ No newline at end of file diff --git a/chef-bin/lib/chef-bin/version.rb b/chef-bin/lib/chef-bin/version.rb index 3eb13734f2..4832995802 100644 --- a/chef-bin/lib/chef-bin/version.rb +++ b/chef-bin/lib/chef-bin/version.rb @@ -21,7 +21,7 @@ module ChefBin CHEFBIN_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.124".freeze + VERSION = "18.0.141".freeze end # diff --git a/chef-config/lib/chef-config/version.rb b/chef-config/lib/chef-config/version.rb index 06ffd927fc..3eb6379bd5 100644 --- a/chef-config/lib/chef-config/version.rb +++ b/chef-config/lib/chef-config/version.rb @@ -15,5 +15,5 @@ module ChefConfig CHEFCONFIG_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.124".freeze + VERSION = "18.0.141".freeze end diff --git a/chef-config/lib/chef-config/workstation_config_loader.rb b/chef-config/lib/chef-config/workstation_config_loader.rb index ea42211120..a77670ddb2 100644 --- a/chef-config/lib/chef-config/workstation_config_loader.rb +++ b/chef-config/lib/chef-config/workstation_config_loader.rb @@ -17,6 +17,7 @@ # require "chef-utils" unless defined?(ChefUtils::CANARY) +require "etc" unless defined?(Etc) require_relative "config" require_relative "exceptions" require_relative "logger" diff --git a/chef-utils/lib/chef-utils/version.rb b/chef-utils/lib/chef-utils/version.rb index f9b73168a0..92f9234bbf 100644 --- a/chef-utils/lib/chef-utils/version.rb +++ b/chef-utils/lib/chef-utils/version.rb @@ -16,5 +16,5 @@ module ChefUtils CHEFUTILS_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.124" + VERSION = "18.0.141" end diff --git a/cspell.json b/cspell.json index 5d62456013..5216cdb1d6 100644 --- a/cspell.json +++ b/cspell.json @@ -394,6 +394,7 @@ "fmri", "fname", "foorb", + "FORCECLOSEAPPLICATIONS", "FORCEMINIMIZE", "FORCEOFFFEEDBACK", "FORCEONFEEDBACK", @@ -991,6 +992,7 @@ "PRINTPROCESSOR", "PRINTQ", "PROCNUM", + "processname", "procs", "progname", "PROMPTSTRUCT", @@ -1214,6 +1216,7 @@ "signedheaderauth", "SIGQUIT", "SIGUSR", + "silentlycontinue", "SINGLELINE", "singleline", "Singleuser", @@ -1371,6 +1374,7 @@ "unformatter", "unhold", "unignored", + "unins", "uninst", "unintuitive", "unixy", diff --git a/docs/dev/how_to/adding_documentation_to_infra_resources.md b/docs/dev/how_to/adding_documentation_to_infra_resources.md new file mode 100644 index 0000000000..7a333fa35f --- /dev/null +++ b/docs/dev/how_to/adding_documentation_to_infra_resources.md @@ -0,0 +1,29 @@ +# Adding documentation to resources: +The documentation for Infra Client resources resides at [chef-wed-docs repository](https://github.com/chef/chef-web-docs/). +Currently in order to reflect the documentation added to Infra Client resources on the [website](https://docs.chef.io/) we need to follow some manual steps. + +# Prerequisite: +Clone [chef-wed-docs repository](https://github.com/chef/chef-web-docs/). Install Hugo, npm, go. + +`brew tap go-swagger/go-swagger && brew install go-swagger hugo node go jq` + +# Generating YAML files: +The YAML data is generated using a [rake](https://github.com/chef/chef/blob/main/tasks/docs.rb) task in the `chef/chef` repository. + +`rake docs_site:resources` + +The YAML files will be created under `docs_site` directory. Copy the corresponding file(s) for the resource(s) for which documentation is updated to [chef-web-docs/data/infra/resources](https://github.com/chef/chef-web-docs/tree/main/data/infra/resources). +(NOTE: The data file(.yaml) should be verified and edited manually to remove any inaccuracies.) + +# Generating mark down(.md) files: +Go to the [chef-web-docs](https://github.com/chef/chef-web-docs/) repository, where we copied the YAML file(s). +Using the YAML file(s) create corresponding markdown(.md) file(s). + +`hugo new -k resource content/resources/RESOURCE_NAME.md` + +# Verifying changes locally: +Run server locally and verify the changes in your browser at http://localhost:1313 + +`make serve` + +Once changes are verified, create a PR at [chef-web-docs](https://github.com/chef/chef-web-docs/) repository.
\ No newline at end of file diff --git a/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb b/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb index e719a01837..e085519c4a 100644 --- a/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb +++ b/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb @@ -1,10 +1,10 @@ chef_client_trusted_certificate "self-signed.badssl.com" do certificate <<~CERT -----BEGIN CERTIFICATE----- -MIIDeTCCAmGgAwIBAgIJALvxdCPEMG1VMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV +MIIDeTCCAmGgAwIBAgIJAMtEwC/G1C5xMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp c2NvMQ8wDQYDVQQKDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTAeFw0y -MjA1MTcyMTE1MjVaFw0yNDA1MTYyMTE1MjVaMGIxCzAJBgNVBAYTAlVTMRMwEQYD +MjA4MTIxNTU5MTBaFw0yNDA4MTExNTU5MTBaMGIxCzAJBgNVBAYTAlVTMRMwEQYD VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK DAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2 @@ -14,12 +14,12 @@ xPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqve ww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SY QCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaMyMDAwCQYDVR0T BAIwADAjBgNVHREEHDAaggwqLmJhZHNzbC5jb22CCmJhZHNzbC5jb20wDQYJKoZI -hvcNAQELBQADggEBAI8cPgdGNaXwomKxzksJPMCHQC3zkTKQBqGAk4yWp3w7/WHV -1dTz/ezCH1UpxRUqTIZ/jS7OwrERRJCw6wr84WrKj0TKgZI00LEoRg3eK+U5QJj1 -4HZ8UTVkYL7OhPBanGgACw0eOvFtLdwizBTAw+B79Uzx0j84babX8HFq8UJR997H -FN+Fo9w4+ObXiA6BB9+fsqhRKPcIvt4HI6eQ4S/5lBkZbhHIPSR5oy4y7AsnZeb8 -hFNhP/WPdRvk4za0cAkuhoY5/3A/U4eFrXYL4N8mhqiRWvqbSaBT2YnlbSVxEDQM -CJWRCL+Lq4ZHGYgXSi1T0/LJHSlOa1F5qhZpk9A= +hvcNAQELBQADggEBAKgnD+Ak7ttVfKvriYAsf4ttTYfOuyLfAr4hTTSXLN2u1ySD +fIpqSyeOkiEwfD5Bt7C/muEXEIyG/y6/C/ozb5JBvdd8c7zicLmaHtZtZbj4+H1b +/gqaBHuvWxiRR91bbgNaKsPMGCWiAvUt4/+y8z6xefUS+aKeFNhYjdwyFIr17j3Q +gxGpgCbYLLIoewP+Oj6xvZgGl6vj0xW9a4144xjFo1o1vqWkj+3IZGmnZ/jyznWd +5XzZCUaM9z6nn7NVxQZEelk885Q3oUxY96rRO+IUA8Vnk3iEtOdZPbNBaZwvgkfz +4vhvM8gKbdeeWoOAJDLzDZiDrUpKtIkBcLuJ7Cw= -----END CERTIFICATE----- CERT end diff --git a/kitchen-tests/cookbooks/end_to_end/recipes/linux.rb b/kitchen-tests/cookbooks/end_to_end/recipes/linux.rb index 5a4f0646c6..4968c26d32 100644 --- a/kitchen-tests/cookbooks/end_to_end/recipes/linux.rb +++ b/kitchen-tests/cookbooks/end_to_end/recipes/linux.rb @@ -44,10 +44,13 @@ include_recipe "::_chef_gem" include_recipe "ntp" unless fedora? # fedora 34+ doesn't have NTP -resolver_config "/etc/resolv.conf" do - nameservers [ "8.8.8.8", "8.8.4.4" ] - search [ "chef.io" ] -end +# FIXME linux docker images seem to produce +# EBUSY errors on moving or writing to /etc/resolv.conf +# +# resolver_config "/etc/resolv.conf" do +# nameservers [ "8.8.8.8", "8.8.4.4" ] +# search [ "chef.io" ] +# end users_from_databag = search("users", "*:*") diff --git a/kitchen-tests/cookbooks/end_to_end/recipes/windows.rb b/kitchen-tests/cookbooks/end_to_end/recipes/windows.rb index d37174edd2..0c60bf1b0f 100644 --- a/kitchen-tests/cookbooks/end_to_end/recipes/windows.rb +++ b/kitchen-tests/cookbooks/end_to_end/recipes/windows.rb @@ -13,6 +13,59 @@ chef_sleep "2" execute "dir" +execute "Print git version" do + command "git --version & git --exec-path" + live_stream true +end + +# FIXME Uninstall git using powershell +# this is a temporary band-aid due to the fallback git version in +# https://github.com/sous-chefs/git defaulting to an older version of git +# than will be installed on the current image this runs in for GitHub Actions +powershell_script "uninstall_git" do + code <<-EOH + $possibleInstalledPaths = @("C:/Program Files/Git/", "C:/Program Files (x64)/Git/", "c:/git/") + $foundAnInstallation = $false + ### For all places where Git "could" be. + foreach ($installPath in $possibleInstalledPaths) + { + ### If the path where Git could exist + if (Test-Path($installPath)) + { + ## Some Git stuff might be running.. kill them. + Stop-Process -processname Bash -erroraction 'silentlycontinue' + Stop-Process -processname Putty* -erroraction 'silentlycontinue' + + $foundAnInstallation = $true + Write-Host "Removing Git from " $installPath + + ### Find if there's an uninstaller in the folder. + $uninstallers = Get-ChildItem $installPath"unins*.exe" + + ### In reality, there should only be just one that matches. + foreach ($uninstaller in $uninstallers) + { + ### Invoke the uninstaller. + $uninstallerCommandLineOptions = "/SP- /VERYSILENT /SUPPRESSMSGBOXES /FORCECLOSEAPPLICATIONS" + Start-Process -Wait -FilePath $uninstaller -ArgumentList $uninstallerCommandLineOptions + } + + ### Remove the folder if it didn't clean up properly. + if (Test-Path($installPath)) + { + Remove-Item -Recurse -Force $installPath + } + } + } + + if (!($foundAnInstallation)) + { + Write-Host "No git installation found. Nothing to uninstall" + } + EOH + live_stream true +end + powershell_script "sleep 1 second" do code "Start-Sleep -s 1" live_stream true diff --git a/knife/lib/chef/knife/configure.rb b/knife/lib/chef/knife/configure.rb index 9c806b4af6..e49a01277c 100644 --- a/knife/lib/chef/knife/configure.rb +++ b/knife/lib/chef/knife/configure.rb @@ -138,7 +138,7 @@ class Chef # @return [String] the path to the user's .chef directory def chef_config_path - @chef_config_path ||= ChefConfig::PathHelper.home(".chef") + @chef_config_path ||= ChefConfig::PathHelper.home(ChefUtils::Dist::Infra::USER_CONF_DIR) end # @return [String] the full path to the config file (credential file) diff --git a/knife/lib/chef/knife/version.rb b/knife/lib/chef/knife/version.rb index 709c78e18b..41828ba094 100644 --- a/knife/lib/chef/knife/version.rb +++ b/knife/lib/chef/knife/version.rb @@ -17,7 +17,7 @@ class Chef class Knife KNIFE_ROOT = File.expand_path("../..", __dir__) - VERSION = "18.0.124".freeze + VERSION = "18.0.141".freeze end end diff --git a/knife/spec/support/platform_helpers.rb b/knife/spec/support/platform_helpers.rb index 4d3acbcb33..1f36a0fbcc 100644 --- a/knife/spec/support/platform_helpers.rb +++ b/knife/spec/support/platform_helpers.rb @@ -127,6 +127,10 @@ def freebsd? RUBY_PLATFORM.include?("freebsd") end +def freebsd_gte_12_3? + RUBY_PLATFORM.include?("freebsd") && !!(ohai[:platform_version].to_f >= 12.3) +end + def intel_64bit? !!(ohai[:kernel][:machine] == "x86_64") end diff --git a/lib/chef/mixin/properties.rb b/lib/chef/mixin/properties.rb index c42e3889b0..4e00a09002 100644 --- a/lib/chef/mixin/properties.rb +++ b/lib/chef/mixin/properties.rb @@ -274,6 +274,12 @@ class Chef result end + # This method returns list of sensitive properties + # @return [Array<Property>] All sensitive properties. + def sensitive_properties + properties.values.empty? ? [] : properties.values.select(&:sensitive?) + end + # Returns the name of the name property. Returns nil if there is no name property. # # @return [Symbol] the name property for this resource diff --git a/lib/chef/property.rb b/lib/chef/property.rb index 0813005845..1d91495397 100644 --- a/lib/chef/property.rb +++ b/lib/chef/property.rb @@ -113,9 +113,11 @@ class Chef # and the transformed value returned as output. Lazy values will *not* # be passed to this method until after they are evaluated. Called in the # context of the resource (meaning you can access other properties). - # @option options [Boolean] :required `true` if this property - # must be present; `false` otherwise. This is checked after the resource - # is fully initialized. + # @option options [Boolean, Array<Symbol>] :required `true` if this property + # must be present for *all* actions; `false` otherwise. Alternatively + # you may specify a list of actions the property is required for, when + # the property is only required for a subset of actions. This is checked + # after the resource is fully initialized. # @option options [String] :deprecated If set, this property is deprecated and # will create a deprecation warning. # diff --git a/lib/chef/resource.rb b/lib/chef/resource.rb index d6c5fe7cdf..c9776fe346 100644 --- a/lib/chef/resource.rb +++ b/lib/chef/resource.rb @@ -660,8 +660,8 @@ class Chef text << "#{resource_name}(\"#{name}\") do\n" all_props = {} - self.class.state_properties.map do |p| + self.class.sensitive_properties.map do |p| all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self)) rescue Chef::Exceptions::ValidationFailed # This space left intentionally blank, the property was probably required or had an invalid default. diff --git a/lib/chef/resource/chef_client_cron.rb b/lib/chef/resource/chef_client_cron.rb index 26894c5ae3..b5014a368d 100644 --- a/lib/chef/resource/chef_client_cron.rb +++ b/lib/chef/resource/chef_client_cron.rb @@ -98,7 +98,7 @@ class Chef property :splay, [Integer, String], default: 300, coerce: proc { |x| Integer(x) }, - callbacks: { "should be a positive number" => proc { |v| v > 0 } }, + callbacks: { "should be a positive number" => proc { |v| v >= 0 } }, description: "A random number of seconds between 0 and X to add to interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time." property :mailto, String, diff --git a/lib/chef/resource/chef_client_launchd.rb b/lib/chef/resource/chef_client_launchd.rb index 1016ea4d49..035f2353b7 100644 --- a/lib/chef/resource/chef_client_launchd.rb +++ b/lib/chef/resource/chef_client_launchd.rb @@ -60,7 +60,7 @@ class Chef property :splay, [Integer, String], default: 300, coerce: proc { |x| Integer(x) }, - callbacks: { "should be a positive number" => proc { |v| v > 0 } }, + callbacks: { "should be a positive number" => proc { |v| v >= 0 } }, description: "A random number of seconds between 0 and X to add to interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time." property :accept_chef_license, [true, false], diff --git a/lib/chef/resource/chef_client_scheduled_task.rb b/lib/chef/resource/chef_client_scheduled_task.rb index 422881deb8..f04598cdc6 100644 --- a/lib/chef/resource/chef_client_scheduled_task.rb +++ b/lib/chef/resource/chef_client_scheduled_task.rb @@ -107,7 +107,7 @@ class Chef property :splay, [Integer, String], coerce: proc { |x| Integer(x) }, - callbacks: { "should be a positive number" => proc { |v| v > 0 } }, + callbacks: { "should be a positive number" => proc { |v| v >= 0 } }, description: "A random number of seconds between 0 and X to add to interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time.", default: 300 diff --git a/lib/chef/resource/sysctl.rb b/lib/chef/resource/sysctl.rb index 97f919fbc9..61f3686ccc 100644 --- a/lib/chef/resource/sysctl.rb +++ b/lib/chef/resource/sysctl.rb @@ -187,7 +187,7 @@ class Chef sysctl_lines << "#{new_resource.key} = #{new_resource.value}" - sysctl_lines.join("\n") + sysctl_lines.join("\n") + "\n" end end diff --git a/lib/chef/resource/windows_user_privilege.rb b/lib/chef/resource/windows_user_privilege.rb index e4679f50b9..251382e46f 100644 --- a/lib/chef/resource/windows_user_privilege.rb +++ b/lib/chef/resource/windows_user_privilege.rb @@ -23,7 +23,7 @@ class Chef class WindowsUserPrivilege < Chef::Resource provides :windows_user_privilege - description "The windows_user_privilege resource allows to add and set principal (User/Group) to the specified privilege.\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment" + description "The windows_user_privilege resource allows to add and set principal (User/Group) to the specified privilege.\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment\n For list of principals to use with :add action Ref: https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/special-identities" introduced "16.0" diff --git a/lib/chef/run_context.rb b/lib/chef/run_context.rb index ce4d545aa4..11bfc6e3c6 100644 --- a/lib/chef/run_context.rb +++ b/lib/chef/run_context.rb @@ -413,9 +413,9 @@ class Chef logger.warn(<<~ERROR_MESSAGE) MissingCookbookDependency: Recipe `#{recipe_name}` is not in the run_list, and cookbook '#{cookbook_name}' - is not a dependency of any cookbook in the run_list. To load this recipe, - first add a dependency on cookbook '#{cookbook_name}' in the cookbook you're - including it from in that cookbook's metadata. + is not a dependency of any cookbook in the run_list. To load this recipe, + first add a dependency of the cookbook '#{cookbook_name}' into the metadata + of the cookbook which depends on '#{cookbook_name}'. ERROR_MESSAGE end diff --git a/lib/chef/version.rb b/lib/chef/version.rb index 8e07067d85..8bae4c3fa8 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require_relative "version_string" class Chef CHEF_ROOT = File.expand_path("..", __dir__) - VERSION = Chef::VersionString.new("18.0.124") + VERSION = Chef::VersionString.new("18.0.141") end # diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock index 784153a17e..4c542ecf1e 100644 --- a/omnibus/Gemfile.lock +++ b/omnibus/Gemfile.lock @@ -1,6 +1,6 @@ GIT remote: https://github.com/chef/omnibus-software.git - revision: a9b13a09c2f89e4618225dd41b2fd08f2150a1ba + revision: 1d540dcdefae0fa75eb832590e85294e7c26660a branch: main specs: omnibus-software (4.0.0) @@ -17,7 +17,7 @@ GIT chef-utils (>= 15.4) contracts (>= 0.16.0, < 0.17.0) ffi-yajl (~> 2.2) - license_scout (~> 1.3) + license_scout (~> 1.0) mixlib-shellout (>= 2.0, < 4.0) mixlib-versioning ohai (>= 15, < 18) @@ -34,13 +34,13 @@ GEM artifactory (3.0.15) awesome_print (1.9.2) aws-eventstream (1.2.0) - aws-partitions (1.594.0) - aws-sdk-core (3.131.1) + aws-partitions (1.608.0) + aws-sdk-core (3.131.3) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.57.0) + aws-sdk-kms (1.58.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-s3 (1.114.0) @@ -264,7 +264,7 @@ GEM mixlib-log mixlib-authentication (3.0.10) mixlib-cli (2.1.8) - mixlib-config (3.0.9) + mixlib-config (3.0.27) tomlrb mixlib-install (3.12.16) mixlib-shellout @@ -286,7 +286,7 @@ GEM mixlib-versioning (1.2.12) molinillo (0.8.0) multi_json (1.15.0) - multipart-post (2.1.1) + multipart-post (2.2.3) net-scp (3.0.0) net-ssh (>= 2.6.5, < 7.0.0) net-sftp (3.0.0) @@ -381,10 +381,10 @@ GEM winrm-elevated (~> 1.0) winrm-fs (~> 1.1) thor (1.2.1) - toml-rb (2.1.2) + toml-rb (2.2.0) citrus (~> 3.0, > 3.0) tomlrb (1.3.0) - train-core (3.9.2) + train-core (3.10.1) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) diff --git a/omnibus/config/projects/chef.rb b/omnibus/config/projects/chef.rb index dd22f4654c..94c0236841 100644 --- a/omnibus/config/projects/chef.rb +++ b/omnibus/config/projects/chef.rb @@ -62,11 +62,7 @@ dependency "version-manifest" dependency "openssl-customization" # devkit needs to come dead last these days so we do not use it to compile any gems -if windows? - override :"ruby-windows-devkit", version: "4.5.2-20111229-1559" if windows_arch_i386? - dependency "ruby-windows-devkit" - dependency "ruby-windows-devkit-bash" -end +dependency "ruby-msys2-devkit" if windows? dependency "ruby-cleanup" diff --git a/omnibus/omnibus-test.ps1 b/omnibus/omnibus-test.ps1 index 3b7c99c434..2c4331ff2f 100644 --- a/omnibus/omnibus-test.ps1 +++ b/omnibus/omnibus-test.ps1 @@ -69,7 +69,9 @@ If ($lastexitcode -ne 0) { Throw $lastexitcode } & $embedded_bin_dir\rspec.bat --version If ($lastexitcode -ne 0) { Throw $lastexitcode } -$Env:PATH = "C:\opscode\chef\bin;C:\opscode\chef\embedded\bin;$Env:PATH" +# We add C:\Program Files\Git\bin to the path to ensure the git bash shell is included +# Omnibus puts C:\Program Files\Git\mingw64\bin which has git.exe but not bash.exe +$Env:PATH = "C:\opscode\chef\bin;C:\opscode\chef\embedded\bin;C:\Program Files\Git\bin;$Env:PATH" # Test against the vendored chef gem (cd into the output of "gem which chef") $chefdir = gem which chef diff --git a/omnibus_overrides.rb b/omnibus_overrides.rb index b0a85b5b34..af1f086ba8 100644 --- a/omnibus_overrides.rb +++ b/omnibus_overrides.rb @@ -21,7 +21,7 @@ override "nokogiri", version: "1.13.1" override "openssl", version: mac_os_x? ? "1.1.1m" : "1.0.2zb" override "pkg-config-lite", version: "0.28-1" override "ruby", version: "3.0.3" -override "ruby-windows-devkit-bash", version: "3.1.23-4-msys-1.0.18" +override "ruby-msys2-devkit", version: "3.0.3-1" override "util-macros", version: "1.19.0" override "xproto", version: "7.0.28" override "zlib", version: "1.2.11" diff --git a/spec/functional/resource/group_spec.rb b/spec/functional/resource/group_spec.rb index 87953455b9..9360020537 100644 --- a/spec/functional/resource/group_spec.rb +++ b/spec/functional/resource/group_spec.rb @@ -425,7 +425,7 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do end end - describe "when there is a group" do + describe "when there is a group", :not_supported_on_freebsd_gte_12_3 do it_behaves_like "correct group management" end @@ -463,7 +463,7 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do end end - describe "when there is a group" do + describe "when there is a group", :not_supported_on_freebsd_gte_12_3 do it_behaves_like "correct group management" end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 2aa3b2a1cd..bbf52b95fd 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -144,6 +144,7 @@ RSpec.configure do |config| config.filter_run_excluding macos_only: true unless macos? config.filter_run_excluding not_macos_gte_11: true if macos_gte_11? config.filter_run_excluding not_supported_on_aix: true if aix? + config.filter_run_excluding not_supported_on_freebsd_gte_12_3: true if freebsd_gte_12_3? config.filter_run_excluding not_supported_on_solaris: true if solaris? config.filter_run_excluding not_supported_on_gce: true if gce? config.filter_run_excluding win2012r2_only: true unless windows_2012r2? diff --git a/spec/support/platform_helpers.rb b/spec/support/platform_helpers.rb index 430d9b055f..6ed0945286 100644 --- a/spec/support/platform_helpers.rb +++ b/spec/support/platform_helpers.rb @@ -127,6 +127,10 @@ def freebsd? RUBY_PLATFORM.include?("freebsd") end +def freebsd_gte_12_3? + RUBY_PLATFORM.include?("freebsd") && !!(ohai[:platform_version].to_f >= 12.3) +end + def intel_64bit? !!(ohai[:kernel][:machine] == "x86_64") end diff --git a/spec/support/shared/functional/windows_script.rb b/spec/support/shared/functional/windows_script.rb index 151ad2387c..1db85e35f5 100644 --- a/spec/support/shared/functional/windows_script.rb +++ b/spec/support/shared/functional/windows_script.rb @@ -163,7 +163,7 @@ shared_context Chef::Resource::WindowsScript do describe "when the run action is invoked on Windows" do it "executes the script code" do - resource.code("whoami > \"#{script_output_path}\"") + resource.code("chcp > \"#{script_output_path}\"") resource.returns(0) resource.run_action(:run) end @@ -199,7 +199,7 @@ shared_context Chef::Resource::WindowsScript do end it "executes the script code" do - resource.code("whoami > \"#{script_output_path}\"") + resource.code("chcp > \"#{script_output_path}\"") resource.returns(0) resource.run_action(:run) end diff --git a/spec/unit/resource/chef_client_cron_spec.rb b/spec/unit/resource/chef_client_cron_spec.rb index b738a20a3a..cc72c38a39 100644 --- a/spec/unit/resource/chef_client_cron_spec.rb +++ b/spec/unit/resource/chef_client_cron_spec.rb @@ -43,6 +43,11 @@ describe Chef::Resource::ChefClientCron do expect { resource.splay("-10") }.to raise_error(Chef::Exceptions::ValidationFailed) end + it "set splay to 0" do + resource.splay "0" + expect(resource.splay).to eql(0) + end + it "builds a default value for chef_binary_path dist values" do expect(resource.chef_binary_path).to eql("/opt/chef/bin/chef-client") end diff --git a/spec/unit/resource/chef_client_launchd_spec.rb b/spec/unit/resource/chef_client_launchd_spec.rb index 1d0015cb0d..93d56a784e 100644 --- a/spec/unit/resource/chef_client_launchd_spec.rb +++ b/spec/unit/resource/chef_client_launchd_spec.rb @@ -43,6 +43,11 @@ describe Chef::Resource::ChefClientLaunchd do expect { resource.splay("-10") }.to raise_error(Chef::Exceptions::ValidationFailed) end + it "set splay to 0" do + resource.splay "0" + expect(resource.splay).to eql(0) + end + it "builds a default value for chef_binary_path dist values" do expect(resource.chef_binary_path).to eql("/opt/chef/bin/chef-client") end diff --git a/spec/unit/resource/chef_client_scheduled_task_spec.rb b/spec/unit/resource/chef_client_scheduled_task_spec.rb index bf165d4b70..45ed8c0602 100644 --- a/spec/unit/resource/chef_client_scheduled_task_spec.rb +++ b/spec/unit/resource/chef_client_scheduled_task_spec.rb @@ -43,6 +43,11 @@ describe Chef::Resource::ChefClientScheduledTask do expect { resource.splay("-10") }.to raise_error(Chef::Exceptions::ValidationFailed) end + it "set splay to 0" do + resource.splay "0" + expect(resource.splay).to eql(0) + end + it "coerces frequency_modifier to an Integer" do resource.frequency_modifier "10" expect(resource.frequency_modifier).to eql(10) diff --git a/spec/unit/resource/chef_client_systemd_timer_spec.rb b/spec/unit/resource/chef_client_systemd_timer_spec.rb index dfe01973fb..5fe4e80146 100644 --- a/spec/unit/resource/chef_client_systemd_timer_spec.rb +++ b/spec/unit/resource/chef_client_systemd_timer_spec.rb @@ -105,4 +105,4 @@ describe Chef::Resource::ChefClientSystemdTimer do expect(provider.service_content["Service"]["CPUQuota"]).to eq(50) end end -end
\ No newline at end of file +end diff --git a/spec/unit/resource/sysctl_spec.rb b/spec/unit/resource/sysctl_spec.rb index 47556f5ee8..42b0c77d83 100644 --- a/spec/unit/resource/sysctl_spec.rb +++ b/spec/unit/resource/sysctl_spec.rb @@ -62,14 +62,14 @@ describe Chef::Resource::Sysctl do context "when comment is a String" do it "Returns content for use with a file resource" do resource.comment("This sets foo / bar on our system") - expect(provider.contruct_sysctl_content).to eql("# This sets foo / bar on our system\nfoo = bar") + expect(provider.contruct_sysctl_content).to eql("# This sets foo / bar on our system\nfoo = bar\n") end end context "when comment is an Array" do it "Returns content for use with a file resource" do resource.comment(["This sets foo / bar on our system", "We need for baz"]) - expect(provider.contruct_sysctl_content).to eql("# This sets foo / bar on our system\n# We need for baz\nfoo = bar") + expect(provider.contruct_sysctl_content).to eql("# This sets foo / bar on our system\n# We need for baz\nfoo = bar\n") end end end diff --git a/spec/unit/resource_spec.rb b/spec/unit/resource_spec.rb index f0a624d5db..db355d44fa 100644 --- a/spec/unit/resource_spec.rb +++ b/spec/unit/resource_spec.rb @@ -371,6 +371,9 @@ describe Chef::Resource do end describe "to_text" do + + let(:sensitive_property_masked_value) { "sensitive value suppressed" } + it "prints nice message" do resource_class = Class.new(Chef::Resource) { property :foo, String } resource = resource_class.new("sensitive_property_tests") @@ -383,7 +386,24 @@ describe Chef::Resource do resource_class = Class.new(Chef::Resource) { property :foo, String, sensitive: true } resource = resource_class.new("sensitive_property_tests") resource.foo = "some value" - expect(resource.to_text).to match(/foo "\*sensitive value suppressed\*"/) + expect(resource.to_text).to match(/foo "\*#{sensitive_property_masked_value}\*"/) + end + it "suppresses that properties value irrespective of desired state (false) " do + resource_class = Class.new(Chef::Resource) { + property :suppressed_content, String, sensitive: true, desired_state: false + } + resource = resource_class.new("desired_state_property_tests") + resource.suppressed_content = "some value" + expect(resource.to_text).to match(/suppressed_content "\*#{sensitive_property_masked_value}\*"/) + end + + it "suppresses that properties value irrespective of desired state (true) " do + resource_class = Class.new(Chef::Resource) { + property :desired_state_content, String, sensitive: true, desired_state: true + } + resource = resource_class.new("desired_state_property_tests") + resource.desired_state_content = "some value" + expect(resource.to_text).to match(/desired_state_content "\*#{sensitive_property_masked_value}\*"/) end end |