diff options
author | John McCrae <john.mccrae@progress.com> | 2022-11-28 23:10:28 +0600 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-28 23:10:28 +0600 |
commit | 77d42ff9f688eb3ea56aa44451707b884f03130b (patch) | |
tree | bd9d822e4cb2daa762e157d2d09c729bd4c5f223 | |
parent | 82b3a502f2f1e6bf7403da05fa63a636617b1e23 (diff) | |
parent | 32d94dffcf69712023d8f3922b3b9f3a3d732f3a (diff) | |
download | chef-77d42ff9f688eb3ea56aa44451707b884f03130b.tar.gz |
Merge branch 'main' into jfm/chef18_version
-rw-r--r-- | CHANGELOG.md | 48 | ||||
-rw-r--r-- | Dockerfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 62 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | chef-bin/lib/chef-bin/version.rb | 2 | ||||
-rw-r--r-- | chef-config/lib/chef-config/version.rb | 2 | ||||
-rw-r--r-- | chef-utils/lib/chef-utils/version.rb | 2 | ||||
-rw-r--r-- | knife/Gemfile.lock | 4 | ||||
-rw-r--r-- | knife/lib/chef/knife/version.rb | 2 | ||||
-rw-r--r-- | lib/chef/property.rb | 11 | ||||
-rw-r--r-- | lib/chef/version.rb | 2 | ||||
-rw-r--r-- | spec/integration/client/fips_spec.rb | 20 | ||||
-rw-r--r-- | spec/spec_helper.rb | 4 | ||||
-rw-r--r-- | spec/support/platform_helpers.rb | 4 | ||||
-rw-r--r-- | spec/unit/property/validation_spec.rb | 30 |
15 files changed, 156 insertions, 41 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index fc57e7fb99..cfcfa29d90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,36 +1,43 @@ <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ --> This changelog lists individual merged pull requests to Chef Infra Client and geared towards developers. For a list of significant changes per release see the [Chef Infra Client Release Notes](https://docs.chef.io/release_notes_client/). -<!-- latest_release 18.0.185 --> -## [v18.0.185](https://github.com/chef/chef/tree/v18.0.185) (2022-11-15) +<!-- latest_release 18.0.187 --> +## [v18.0.187](https://github.com/chef/chef/tree/v18.0.187) (2022-11-28) #### Merged Pull Requests -- Add recipients of Awesome Chef Awards 2021/2022 [#13285](https://github.com/chef/chef/pull/13285) ([tnir](https://github.com/tnir)) +- Update omnibus-software for FIPS issues [#13375](https://github.com/chef/chef/pull/13375) ([tpowell-progress](https://github.com/tpowell-progress)) <!-- latest_release --> -<!-- release_rollup since=18.0.169 --> +<!-- release_rollup since=18.0.185 --> ### Changes not yet released to stable #### Merged Pull Requests -- Add recipients of Awesome Chef Awards 2021/2022 [#13285](https://github.com/chef/chef/pull/13285) ([tnir](https://github.com/tnir)) <!-- 18.0.185 --> -- Add allowed_actions for each package type [#13166](https://github.com/chef/chef/pull/13166) ([gene1wood](https://github.com/gene1wood)) <!-- 18.0.184 --> -- Adding TLS for Habitat-test.ps1 under Windows PowerShell [#13361](https://github.com/chef/chef/pull/13361) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.183 --> -- fix bug in chef_client_config resource [#13349](https://github.com/chef/chef/pull/13349) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.182 --> -- Updating the Hab installer and gems [#13340](https://github.com/chef/chef/pull/13340) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.181 --> -- Update GitHub Actions to address deprecated actions in workflows [#13344](https://github.com/chef/chef/pull/13344) ([gene1wood](https://github.com/gene1wood)) <!-- 18.0.180 --> -- fix knife train-core dep for latest supporting net-ssh 7.x dep [#13338](https://github.com/chef/chef/pull/13338) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.179 --> -- Fix false updates on cron resource when using integers [#13147](https://github.com/chef/chef/pull/13147) ([kimbernator](https://github.com/kimbernator)) <!-- 18.0.178 --> -- Remove "free" command from buildkite run as it's not supported [#13315](https://github.com/chef/chef/pull/13315) ([gene1wood](https://github.com/gene1wood)) <!-- 18.0.177 --> -- adding choco function to test if it exists already [#13330](https://github.com/chef/chef/pull/13330) ([sean-simmons-progress](https://github.com/sean-simmons-progress)) <!-- 18.0.176 --> -- Fix call to install_snaps which is missing an argument [#13025](https://github.com/chef/chef/pull/13025) ([gene1wood](https://github.com/gene1wood)) <!-- 18.0.175 --> -- Fix windows habitat git [#13316](https://github.com/chef/chef/pull/13316) ([mwrock](https://github.com/mwrock)) <!-- 18.0.174 --> -- Bump deps for net-ssh 7.x for RHEL 9 and Ubuntu 22.04 ssh [#13284](https://github.com/chef/chef/pull/13284) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.173 --> -- Bugfix: checksum validation [#13210](https://github.com/chef/chef/pull/13210) ([decoyjoe](https://github.com/decoyjoe)) <!-- 18.0.172 --> -- Docs: Fix windows package docs examples [#13211](https://github.com/chef/chef/pull/13211) ([decoyjoe](https://github.com/decoyjoe)) <!-- 18.0.171 --> -- Update the badssl cert to fix kitchen tests [#13311](https://github.com/chef/chef/pull/13311) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.170 --> +- Update omnibus-software for FIPS issues [#13375](https://github.com/chef/chef/pull/13375) ([tpowell-progress](https://github.com/tpowell-progress)) <!-- 18.0.187 --> +- Res validation should be aware of action prop reqs. [#13069](https://github.com/chef/chef/pull/13069) ([sabat](https://github.com/sabat)) <!-- 18.0.186 --> <!-- release_rollup --> <!-- latest_stable_release --> +## [v18.0.185](https://github.com/chef/chef/tree/v18.0.185) (2022-11-17) + +#### Merged Pull Requests +- Update the badssl cert to fix kitchen tests [#13311](https://github.com/chef/chef/pull/13311) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) +- Docs: Fix windows package docs examples [#13211](https://github.com/chef/chef/pull/13211) ([decoyjoe](https://github.com/decoyjoe)) +- Bugfix: checksum validation [#13210](https://github.com/chef/chef/pull/13210) ([decoyjoe](https://github.com/decoyjoe)) +- Bump deps for net-ssh 7.x for RHEL 9 and Ubuntu 22.04 ssh [#13284](https://github.com/chef/chef/pull/13284) ([Stromweld](https://github.com/Stromweld)) +- Fix windows habitat git [#13316](https://github.com/chef/chef/pull/13316) ([mwrock](https://github.com/mwrock)) +- Fix call to install_snaps which is missing an argument [#13025](https://github.com/chef/chef/pull/13025) ([gene1wood](https://github.com/gene1wood)) +- adding choco function to test if it exists already [#13330](https://github.com/chef/chef/pull/13330) ([sean-simmons-progress](https://github.com/sean-simmons-progress)) +- Remove "free" command from buildkite run as it's not supported [#13315](https://github.com/chef/chef/pull/13315) ([gene1wood](https://github.com/gene1wood)) +- Fix false updates on cron resource when using integers [#13147](https://github.com/chef/chef/pull/13147) ([kimbernator](https://github.com/kimbernator)) +- fix knife train-core dep for latest supporting net-ssh 7.x dep [#13338](https://github.com/chef/chef/pull/13338) ([Stromweld](https://github.com/Stromweld)) +- Update GitHub Actions to address deprecated actions in workflows [#13344](https://github.com/chef/chef/pull/13344) ([gene1wood](https://github.com/gene1wood)) +- Updating the Hab installer and gems [#13340](https://github.com/chef/chef/pull/13340) ([johnmccrae](https://github.com/johnmccrae)) +- fix bug in chef_client_config resource [#13349](https://github.com/chef/chef/pull/13349) ([Stromweld](https://github.com/Stromweld)) +- Adding TLS for Habitat-test.ps1 under Windows PowerShell [#13361](https://github.com/chef/chef/pull/13361) ([johnmccrae](https://github.com/johnmccrae)) +- Add allowed_actions for each package type [#13166](https://github.com/chef/chef/pull/13166) ([gene1wood](https://github.com/gene1wood)) +- Add recipients of Awesome Chef Awards 2021/2022 [#13285](https://github.com/chef/chef/pull/13285) ([tnir](https://github.com/tnir)) +<!-- latest_stable_release --> + ## [v18.0.169](https://github.com/chef/chef/tree/v18.0.169) (2022-10-27) #### Merged Pull Requests @@ -205,7 +212,6 @@ This changelog lists individual merged pull requests to Chef Infra Client and ge - INFC-321 Uncomment "Upgrade Chef/Ohai Appbundler" build stage in kitchen tests [#13286](https://github.com/chef/chef/pull/13286) ([tpowell-progress](https://github.com/tpowell-progress)) - Fix missing require and small error in REST implementation [#13066](https://github.com/chef/chef/pull/13066) ([tecracer-theinen](https://github.com/tecracer-theinen)) - Point berkshelf spec at chef/berkshelf [#13295](https://github.com/chef/chef/pull/13295) ([tpowell-progress](https://github.com/tpowell-progress)) -<!-- latest_stable_release --> ## [v17.9.26](https://github.com/chef/chef/tree/v17.9.26) (2022-01-05) diff --git a/Dockerfile b/Dockerfile index c37c58b2f7..5a2477a4e2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ FROM busybox LABEL maintainer="Chef Software, Inc. <docker@chef.io>" ARG CHANNEL=stable -ARG VERSION=18.0.169 +ARG VERSION=18.0.185 ARG ARCH=x86_64 ARG PKG_VERSION=6 diff --git a/Gemfile.lock b/Gemfile.lock index 258f408b8d..7f2d22ea8d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -45,12 +45,12 @@ GIT PATH remote: . specs: - chef (18.0.185) + chef (18.0.187) addressable aws-sdk-s3 (~> 1.91) aws-sdk-secretsmanager (~> 1.46) - chef-config (= 18.0.185) - chef-utils (= 18.0.185) + chef-config (= 18.0.187) + chef-utils (= 18.0.187) chef-vault chef-zero (>= 14.0.11) corefoundation (~> 0.3.4) @@ -79,19 +79,65 @@ PATH unf_ext (>= 0.0.8.2) uuidtools (>= 2.1.5, < 3.0) vault (~> 0.16) + chef (18.0.187-x64-mingw-ucrt) + addressable + aws-sdk-s3 (~> 1.91) + aws-sdk-secretsmanager (~> 1.46) + chef-config (= 18.0.187) + chef-powershell (~> 1.0.12) + chef-utils (= 18.0.187) + chef-vault + chef-zero (>= 14.0.11) + corefoundation (~> 0.3.4) + diff-lcs (>= 1.2.4, < 1.6.0, != 1.4.0) + erubis (~> 2.7) + ffi (>= 1.15.5) + ffi-libarchive (~> 1.0, >= 1.0.3) + ffi-yajl (~> 2.2) + iniparse (~> 1.4) + inspec-core (>= 5) + iso8601 (>= 0.12.1, < 0.14) + license-acceptance (>= 1.0.5, < 3) + mixlib-archive (>= 0.4, < 2.0) + mixlib-authentication (>= 2.1, < 4) + mixlib-cli (>= 2.1.1, < 3.0) + mixlib-log (>= 2.0.3, < 4.0) + mixlib-shellout (>= 3.1.1, < 4.0) + net-ftp + net-sftp (>= 2.1.2, < 5.0) + ohai (~> 18.0) + plist (~> 3.2) + proxifier (~> 1.0) + syslog-logger (~> 1.6) + train-core (~> 3.10) + train-rest (>= 0.4.1) + train-winrm (>= 0.2.5) + unf_ext (>= 0.0.8.2) + uuidtools (>= 2.1.5, < 3.0) + vault (~> 0.16) + win32-api (~> 1.10.0) + win32-certstore (~> 0.6.15) + win32-event (~> 0.6.1) + win32-eventlog (= 0.6.3) + win32-mmap (~> 0.4.1) + win32-mutex (~> 0.4.2) + win32-process (~> 0.9) + win32-service (>= 2.1.5, < 3.0) + win32-taskscheduler (~> 2.0) + wmi-lite (~> 1.0) PATH remote: chef-bin specs: - chef-bin (18.0.185) - chef (= 18.0.185) + chef-bin (18.0.187) + chef (= 18.0.187) PATH remote: chef-config specs: - chef-config (18.0.185) + chef-config (18.0.187) addressable - chef-utils (= 18.0.185) + chef-utils (= 18.0.187) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) @@ -100,7 +146,7 @@ PATH PATH remote: chef-utils specs: - chef-utils (18.0.185) + chef-utils (18.0.187) concurrent-ruby GEM @@ -1 +1 @@ -18.0.185
\ No newline at end of file +18.0.187
\ No newline at end of file diff --git a/chef-bin/lib/chef-bin/version.rb b/chef-bin/lib/chef-bin/version.rb index 8c73a47971..6c7f92a4c0 100644 --- a/chef-bin/lib/chef-bin/version.rb +++ b/chef-bin/lib/chef-bin/version.rb @@ -21,7 +21,7 @@ module ChefBin CHEFBIN_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.185".freeze + VERSION = "18.0.187".freeze end # diff --git a/chef-config/lib/chef-config/version.rb b/chef-config/lib/chef-config/version.rb index 7a8f8a2088..a31f2508dc 100644 --- a/chef-config/lib/chef-config/version.rb +++ b/chef-config/lib/chef-config/version.rb @@ -15,5 +15,5 @@ module ChefConfig CHEFCONFIG_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.185".freeze + VERSION = "18.0.187".freeze end diff --git a/chef-utils/lib/chef-utils/version.rb b/chef-utils/lib/chef-utils/version.rb index 650636995d..7a70ccb928 100644 --- a/chef-utils/lib/chef-utils/version.rb +++ b/chef-utils/lib/chef-utils/version.rb @@ -16,5 +16,5 @@ module ChefUtils CHEFUTILS_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.185" + VERSION = "18.0.187" end diff --git a/knife/Gemfile.lock b/knife/Gemfile.lock index 316c3f8c5e..b5293c93e4 100644 --- a/knife/Gemfile.lock +++ b/knife/Gemfile.lock @@ -1,8 +1,8 @@ PATH remote: .. specs: - chef (18.0.185) - chef (18.0.185-x64-mingw-ucrt) + chef (18.0.187) + chef (18.0.187-x64-mingw-ucrt) PLATFORMS ruby diff --git a/knife/lib/chef/knife/version.rb b/knife/lib/chef/knife/version.rb index b64e851d33..eb7ef2936a 100644 --- a/knife/lib/chef/knife/version.rb +++ b/knife/lib/chef/knife/version.rb @@ -17,7 +17,7 @@ class Chef class Knife KNIFE_ROOT = File.expand_path("../..", __dir__) - VERSION = "18.0.185".freeze + VERSION = "18.0.187".freeze end end diff --git a/lib/chef/property.rb b/lib/chef/property.rb index 1d91495397..b111a56f5c 100644 --- a/lib/chef/property.rb +++ b/lib/chef/property.rb @@ -307,7 +307,7 @@ class Chef # def required?(action = nil) if !action.nil? && options[:required].is_a?(Array) - options[:required].include?(action) + (options[:required] & Array(action)).any? else !!options[:required] end @@ -426,7 +426,7 @@ class Chef end end - if value.nil? && required? + if value.nil? && required?(resource_action(resource)) raise Chef::Exceptions::ValidationFailed, "#{name} is a required property" else value @@ -455,7 +455,7 @@ class Chef Chef.deprecated(:property, options[:deprecated]) end - if value.nil? && required? + if value.nil? && required?(resource_action(resource)) raise Chef::Exceptions::ValidationFailed, "#{name} is a required property" else value @@ -768,5 +768,10 @@ class Chef end visitor.call(value) end + + # action from resource, if available + def resource_action(resource) + resource.action if resource.respond_to?(:action) + end end end diff --git a/lib/chef/version.rb b/lib/chef/version.rb index cf24f3ee91..d7bb3e9fbe 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require_relative "version_string" class Chef CHEF_ROOT = File.expand_path("..", __dir__) - VERSION = Chef::VersionString.new("18.0.185") + VERSION = Chef::VersionString.new("18.0.187") end # diff --git a/spec/integration/client/fips_spec.rb b/spec/integration/client/fips_spec.rb new file mode 100644 index 0000000000..1afb7b2874 --- /dev/null +++ b/spec/integration/client/fips_spec.rb @@ -0,0 +1,20 @@ +require "spec_helper" + +describe "chef-client fips" do + def enable_fips + OpenSSL.fips_mode = true + end + + # All tests assume fips mode is off at present + after { OpenSSL.fips_mode = false } + + # For non-FIPS OSes/builds of Ruby, enabling FIPS should error + example "Error enabling fips_mode if FIPS not linked", fips_mode: false do + expect { enable_fips }.to raise_error(OpenSSL::OpenSSLError) + end + + # For FIPS OSes/builds of Ruby, enabling FIPS should not error + example "Do not error enabling fips_mode if FIPS linked", fips_mode: true do + expect { enable_fips }.not_to raise_error + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index bbf52b95fd..1d040b0f1f 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -138,6 +138,10 @@ RSpec.configure do |config| config.filter_run_excluding skip_buildkite: true if ENV["BUILDKITE"] + config.filter_run_excluding fips_mode: !fips_mode_build? unless opensuse? + # RubyDistros OpenSUSE docker images have a broken fips + config.filter_run_excluding :fips_mode if opensuse? + config.filter_run_excluding windows_only: true unless windows? config.filter_run_excluding not_supported_on_windows: true if windows? config.filter_run_excluding not_supported_on_macos: true if macos? diff --git a/spec/support/platform_helpers.rb b/spec/support/platform_helpers.rb index 6ed0945286..ef7af98bad 100644 --- a/spec/support/platform_helpers.rb +++ b/spec/support/platform_helpers.rb @@ -223,6 +223,10 @@ def aes_256_gcm? OpenSSL::Cipher.ciphers.include?("aes-256-gcm") end +def fips_mode_build? + OpenSSL::OPENSSL_FIPS +end + def fips? ENV["CHEF_FIPS"] == "1" end diff --git a/spec/unit/property/validation_spec.rb b/spec/unit/property/validation_spec.rb index c8daee1580..215dd0cc7f 100644 --- a/spec/unit/property/validation_spec.rb +++ b/spec/unit/property/validation_spec.rb @@ -600,6 +600,36 @@ describe "Chef::Resource.property validation" do it "does not fail if it is not specified, on running the doit2 action" do expect { resource.run_action(:doit2) }.not_to raise_error end + + context "when an action does not require it" do + before do + resource.action(:doit2) + end + + it "retrieval succeeds if x is not set when resource uses the doit2 action" do + expect { resource.x }.not_to raise_error + end + + it "succeeds with set to nil when resource uses the doit2 action" do + expect { resource.x nil }.not_to raise_error + end + end + + context "when an action requires it" do + before do + # NOTE: this is already the default action, but it doesn't + # hurt to be clear about the situation. + resource.action(:doit) + end + + it "if x is not specified, retrieval fails for the doit action" do + expect { resource.x }.to raise_error Chef::Exceptions::ValidationFailed + end + + it "value nil is not valid for the doit action (required means 'not nil')" do + expect { resource.x nil }.to raise_error Chef::Exceptions::ValidationFailed + end + end end with_property ":x, String, required: true" do |