diff options
author | Dmitry Shestoperov <dmitrys@northernlight.com> | 2017-11-29 14:06:20 -0500 |
---|---|---|
committer | Dmitry Shestoperov <dmitrys@northernlight.com> | 2017-11-29 14:06:20 -0500 |
commit | b61c20a6789c8436883f06f216f8dbaa4a81197c (patch) | |
tree | 0cb317be1c3e4eccc3c862020179bf18b2e30ab5 | |
parent | 6377c9f91c05a2282f825934b15020736aa8e32e (diff) | |
parent | 55884f989a01f0ec950fe7c9521c31aaf94226b5 (diff) | |
download | chef-b61c20a6789c8436883f06f216f8dbaa4a81197c.tar.gz |
Merge branch 'master' of https://github.com/chef/chef into fix_for_6242
32 files changed, 279 insertions, 243 deletions
diff --git a/.travis.yml b/.travis.yml index c4562a808e..80effc9fcf 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ language: ruby -sudo: false +sudo: required cache: bundler dist: trusty @@ -217,24 +217,24 @@ matrix: env: - CENTOS=7 - KITCHEN_YAML=.kitchen.travis.yml -# - rvm: 2.4.2 -# services: docker -# sudo: required -# gemfile: kitchen-tests/Gemfile -# before_install: -# - gem update --system $(grep rubygems omnibus_overrides.rb | cut -d'"' -f2) -# - gem install bundler -v $(grep bundler omnibus_overrides.rb | cut -d'"' -f2) -# bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen -# before_script: -# - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) -# - cd kitchen-tests -# script: -# - bundle exec kitchen test base-fedora-latest -# after_failure: -# - cat .kitchen/logs/kitchen.log -# env: -# - FEDORA=latest -# - KITCHEN_YAML=.kitchen.travis.yml + - rvm: 2.4.2 + services: docker + sudo: required + gemfile: kitchen-tests/Gemfile + before_install: + - gem update --system $(grep rubygems omnibus_overrides.rb | cut -d'"' -f2) + - gem install bundler -v $(grep bundler omnibus_overrides.rb | cut -d'"' -f2) + bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen + before_script: + - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) + - cd kitchen-tests + script: + - bundle exec kitchen test base-fedora-latest + after_failure: + - cat .kitchen/logs/kitchen.log + env: + - FEDORA=latest + - KITCHEN_YAML=.kitchen.travis.yml # - rvm: 2.4.2 # services: docker # sudo: required diff --git a/CHANGELOG.md b/CHANGELOG.md index 66ca41ce14..2cf13f7fd6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,15 +1,27 @@ <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ --> -<!-- latest_release 13.6.7 --> -## [v13.6.7](https://github.com/chef/chef/tree/v13.6.7) (2017-11-15) +<!-- latest_release 13.6.19 --> +## [v13.6.19](https://github.com/chef/chef/tree/v13.6.19) (2017-11-29) #### Merged Pull Requests -- Change a useradd_spec test for RHEL >= 6.8 and >= 7.3 [#6555](https://github.com/chef/chef/pull/6555) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) +- fix NodeMap to not throw exceptions on platform_versions [#6608](https://github.com/chef/chef/pull/6608) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- latest_release --> <!-- release_rollup since=13.6.4 --> ### Changes since 13.6.4 release #### Merged Pull Requests +- fix NodeMap to not throw exceptions on platform_versions [#6608](https://github.com/chef/chef/pull/6608) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 13.6.19 --> +- Enable Fedora integration testing in Travis [#6523](https://github.com/chef/chef/pull/6523) ([tas50](https://github.com/tas50)) <!-- 13.6.18 --> +- Only warn if a secret was actually given [#6605](https://github.com/chef/chef/pull/6605) ([coderanger](https://github.com/coderanger)) <!-- 13.6.17 --> +- Makes life easier for hook authors switching from the older report handler syntax [#6574](https://github.com/chef/chef/pull/6574) ([coderanger](https://github.com/coderanger)) <!-- 13.6.16 --> +- [MSYS-688] Fixed invalid date and Invalid starttime error [#6544](https://github.com/chef/chef/pull/6544) ([NimishaS](https://github.com/NimishaS)) <!-- 13.6.15 --> +- Selinux shellout fix (#6346) [#6567](https://github.com/chef/chef/pull/6567) ([deltamualpha](https://github.com/deltamualpha)) <!-- 13.6.14 --> +- Switch from the Travis container to the VM [#6600](https://github.com/chef/chef/pull/6600) ([btm](https://github.com/btm)) <!-- 13.6.13 --> +- Don't try to uninstall bundler on appveyor [#6597](https://github.com/chef/chef/pull/6597) ([btm](https://github.com/btm)) <!-- 13.6.12 --> +- Fix variable name in solaris service provider [#6596](https://github.com/chef/chef/pull/6596) ([jaymalasinha](https://github.com/jaymalasinha)) <!-- 13.6.11 --> +- Revert "add missing functional tests for users" [#6588](https://github.com/chef/chef/pull/6588) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 13.6.10 --> +- Filter out periods from tmux session name [#6593](https://github.com/chef/chef/pull/6593) ([afn](https://github.com/afn)) <!-- 13.6.9 --> +- Fix mount test, also update ifconfig to work with both common versions. [#6587](https://github.com/chef/chef/pull/6587) ([scotthain](https://github.com/scotthain)) <!-- 13.6.8 --> - Change a useradd_spec test for RHEL >= 6.8 and >= 7.3 [#6555](https://github.com/chef/chef/pull/6555) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) <!-- 13.6.7 --> - replace deprecated Dir.exists? with Dir.exist? [#6583](https://github.com/chef/chef/pull/6583) ([thomasdziedzic](https://github.com/thomasdziedzic)) <!-- 13.6.6 --> - Add ohai_time to minimal_ohai filter [#6584](https://github.com/chef/chef/pull/6584) ([btm](https://github.com/btm)) <!-- 13.6.5 --> diff --git a/Gemfile.lock b/Gemfile.lock index 9f22780e2c..884f3683b7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -17,10 +17,10 @@ GIT PATH remote: . specs: - chef (13.6.7) + chef (13.6.19) addressable bundler (>= 1.10) - chef-config (= 13.6.7) + chef-config (= 13.6.19) chef-zero (>= 13.0) diff-lcs (~> 1.2, >= 1.2.4) erubis (~> 2.7) @@ -47,10 +47,10 @@ PATH specinfra (~> 2.10) syslog-logger (~> 1.6) uuidtools (~> 2.1.5) - chef (13.6.7-universal-mingw32) + chef (13.6.19-universal-mingw32) addressable bundler (>= 1.10) - chef-config (= 13.6.7) + chef-config (= 13.6.19) chef-zero (>= 13.0) diff-lcs (~> 1.2, >= 1.2.4) erubis (~> 2.7) @@ -92,7 +92,7 @@ PATH PATH remote: chef-config specs: - chef-config (13.6.7) + chef-config (13.6.19) addressable fuzzyurl mixlib-config (~> 2.0) @@ -160,7 +160,7 @@ GEM builder (>= 2.1.2) hashdiff (0.3.7) hashie (3.5.6) - highline (1.7.8) + highline (1.7.10) htmlentities (4.3.4) httpclient (2.8.3) iniparse (1.4.4) @@ -1 +1 @@ -13.6.7
\ No newline at end of file +13.6.19
\ No newline at end of file diff --git a/appveyor.yml b/appveyor.yml index de947203c1..959c8e616c 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -28,10 +28,7 @@ install: - echo %OMNIBUS_BUNDLER% - ruby --version - gem --version - - bundler --version - - gem uninstall bundler -a -x - gem update --system %OMNIBUS_RUBYGEMS% || gem update --system %OMNIBUS_RUBYGEMS% || gem update --system %OMNIBUS_RUBYGEMS% - - gem install bundler -v %OMNIBUS_BUNDLER% --quiet --no-ri --no-rdoc || gem install bundler -v %OMNIBUS_BUNDLER% --quiet --no-ri --no-rdoc || gem install bundler -v %OMNIBUS_BUNDLER% --quiet --no-ri --no-rdoc - gem --version - bundler --version - SET BUNDLE_WITHOUT=server:docgen:maintenance:pry:travis:integration:ci diff --git a/chef-config/lib/chef-config/version.rb b/chef-config/lib/chef-config/version.rb index 71a7611ca1..e4ad17a1c5 100644 --- a/chef-config/lib/chef-config/version.rb +++ b/chef-config/lib/chef-config/version.rb @@ -21,7 +21,7 @@ module ChefConfig CHEFCONFIG_ROOT = File.expand_path("../..", __FILE__) - VERSION = "13.6.7" + VERSION = "13.6.19" end # diff --git a/kitchen-tests/.kitchen.travis.yml b/kitchen-tests/.kitchen.travis.yml index 720f034cb5..7c00fdaeed 100644 --- a/kitchen-tests/.kitchen.travis.yml +++ b/kitchen-tests/.kitchen.travis.yml @@ -61,9 +61,6 @@ platforms: intermediate_instructions: - RUN yum -y install sudo - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers - attributes: - chef_client: - init_style: init - name: centos-7 driver: diff --git a/kitchen-tests/.kitchen.yml b/kitchen-tests/.kitchen.yml index 4e570b125e..bb9791de90 100644 --- a/kitchen-tests/.kitchen.yml +++ b/kitchen-tests/.kitchen.yml @@ -17,7 +17,6 @@ provisioner: github_repo: "chef" ohai_refname: "master" refname: <%= %x(git rev-parse HEAD) %> - data_path: test/fixtures client_rb: diff_disabled: true diff --git a/kitchen-tests/Berksfile.lock b/kitchen-tests/Berksfile.lock index 6cd1308fcd..98eaf17ca3 100644 --- a/kitchen-tests/Berksfile.lock +++ b/kitchen-tests/Berksfile.lock @@ -22,24 +22,23 @@ GRAPH build-essential (8.0.3) mingw (>= 1.1) seven_zip (>= 0.0.0) - chef-client (8.1.8) - cron (>= 2.0.0) + chef-client (9.0.2) + cron (>= 4.2.0) logrotate (>= 1.9.0) windows (>= 2.0.0) chef_hostname (0.6.1) compat_resource (12.19.0) - cron (4.1.3) - compat_resource (>= 0.0.0) - iptables (4.2.1) + cron (5.0.1) + iptables (4.3.1) logrotate (2.2.0) mingw (2.0.1) seven_zip (>= 0.0.0) multipackage (4.0.0) compat_resource (>= 0.0.0) nscd (5.0.0) - ntp (3.5.2) + ntp (3.5.4) ohai (5.2.0) - openssh (2.5.0) + openssh (2.6.0) iptables (>= 1.0) resolver (2.0.1) selinux (2.1.0) @@ -48,6 +47,6 @@ GRAPH sudo (3.5.3) ubuntu (2.0.1) apt (>= 0.0.0) - users (5.1.0) - windows (3.1.2) + users (5.2.1) + windows (3.4.0) ohai (>= 4.0.0) diff --git a/kitchen-tests/cookbooks/audit_test/.gitignore b/kitchen-tests/cookbooks/audit_test/.gitignore deleted file mode 100644 index 1e074046f0..0000000000 --- a/kitchen-tests/cookbooks/audit_test/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -.vagrant -*~ -*# -.#* -\#*# -.*.sw[a-z] -*.un~ - -# Bundler -Gemfile.lock -bin/* -.bundle/* - -.kitchen/ -.kitchen.local.yml diff --git a/kitchen-tests/cookbooks/audit_test/chefignore b/kitchen-tests/cookbooks/audit_test/chefignore deleted file mode 100644 index 80dc2d20ef..0000000000 --- a/kitchen-tests/cookbooks/audit_test/chefignore +++ /dev/null @@ -1,95 +0,0 @@ -# Put files/directories that should be ignored in this file when uploading -# or sharing to the community site. -# Lines that start with '# ' are comments. - -# OS generated files # -###################### -.DS_Store -Icon? -nohup.out -ehthumbs.db -Thumbs.db - -# SASS # -######## -.sass-cache - -# EDITORS # -########### -\#* -.#* -*~ -*.sw[a-z] -*.bak -REVISION -TAGS* -tmtags -*_flymake.* -*_flymake -*.tmproj -.project -.settings -mkmf.log - -## COMPILED ## -############## -a.out -*.o -*.pyc -*.so -*.com -*.class -*.dll -*.exe -*/rdoc/ - -# Testing # -########### -.watchr -.rspec -spec/* -spec/fixtures/* -test/* -features/* -Guardfile -Procfile - -# SCM # -####### -.git -*/.git -.gitignore -.gitmodules -.gitconfig -.gitattributes -.svn -*/.bzr/* -*/.hg/* -*/.svn/* - -# Berkshelf # -############# -Berksfile -Berksfile.lock -cookbooks/* -tmp - -# Cookbooks # -############# -CONTRIBUTING - -# Strainer # -############ -Colanderfile -Strainerfile -.colander -.strainer - -# Vagrant # -########### -.vagrant -Vagrantfile - -# Travis # -########## -.travis.yml diff --git a/kitchen-tests/cookbooks/base/attributes/default.rb b/kitchen-tests/cookbooks/base/attributes/default.rb index 75e57cb27b..e22dfa9fae 100644 --- a/kitchen-tests/cookbooks/base/attributes/default.rb +++ b/kitchen-tests/cookbooks/base/attributes/default.rb @@ -43,7 +43,6 @@ default["openssh"]["server"]["challenge_response_authentication"] = "no" default["openssh"]["server"]["kerberos_authentication"] = "no" # tcp keepalives are useful to keep connections up through VPNs and firewalls default["openssh"]["server"]["tcp_keepalive"] = "yes" -default["openssh"]["server"]["use_privilege_separation"] = "yes" default["openssh"]["server"]["max_start_ups"] = "10" # PAM (i think) already prints the motd on login default["openssh"]["server"]["print_motd"] = "no" diff --git a/lib/chef/client.rb b/lib/chef/client.rb index 1211e9425e..786ed2c4fc 100644 --- a/lib/chef/client.rb +++ b/lib/chef/client.rb @@ -299,7 +299,7 @@ class Chef run_status.stop_clock Chef::Log.info("Chef Run complete in #{run_status.elapsed_time} seconds") run_completed_successfully - events.run_completed(node) + events.run_completed(node, run_status) # keep this inside the main loop to get exception backtraces end_profiling @@ -315,7 +315,7 @@ class Chef run_status.exception = run_error run_failed end - events.run_failed(run_error) + events.run_failed(run_error, run_status) ensure Chef::RequestID.instance.reset_request_id @run_status = nil diff --git a/lib/chef/event_dispatch/base.rb b/lib/chef/event_dispatch/base.rb index 0f8013f114..0886d63152 100644 --- a/lib/chef/event_dispatch/base.rb +++ b/lib/chef/event_dispatch/base.rb @@ -36,11 +36,11 @@ class Chef end # Called at the end a successful Chef run. - def run_completed(node) + def run_completed(node, run_status) end # Called at the end of a failed Chef run. - def run_failed(exception) + def run_failed(exception, run_status) end # Called right after ohai runs. diff --git a/lib/chef/knife/data_bag_show.rb b/lib/chef/knife/data_bag_show.rb index ea9c390f19..5df0561276 100644 --- a/lib/chef/knife/data_bag_show.rb +++ b/lib/chef/knife/data_bag_show.rb @@ -51,7 +51,7 @@ class Chef ui.warn("Encrypted data bag detected, but no secret provided for decoding. Displaying encrypted data.") format_for_display(raw_data) else - ui.warn("Unencrypted data bag detected, ignoring any provided secret options.") + ui.warn("Unencrypted data bag detected, ignoring any provided secret options.") if secret format_for_display(raw_data) end diff --git a/lib/chef/knife/ssh.rb b/lib/chef/knife/ssh.rb index ae14ce9954..f4a025dba3 100644 --- a/lib/chef/knife/ssh.rb +++ b/lib/chef/knife/ssh.rb @@ -461,7 +461,7 @@ class Chef end.join(" \\; ") end - tmux_name = "'knife ssh #{@name_args[0].tr(':', '=')}'" + tmux_name = "'knife ssh #{@name_args[0].tr(':.', '=-')}'" begin server = session.servers_for.first cmd = ["tmux new-session -d -s #{tmux_name}", diff --git a/lib/chef/node_map.rb b/lib/chef/node_map.rb index 7a1a09ae24..25b1f57d44 100644 --- a/lib/chef/node_map.rb +++ b/lib/chef/node_map.rb @@ -143,7 +143,7 @@ class Chef filter_values.empty? || Array(filter_values).any? do |v| - Chef::VersionConstraint::Platform.new(v).include?(value) + Gem::Requirement.new(v).satisfied_by?(Gem::Version.new(value)) end end diff --git a/lib/chef/provider/ifconfig.rb b/lib/chef/provider/ifconfig.rb index 16bbe8124b..5008d7877a 100644 --- a/lib/chef/provider/ifconfig.rb +++ b/lib/chef/provider/ifconfig.rb @@ -57,30 +57,98 @@ class Chef @ifconfig_success = true @interfaces = {} - @status = shell_out("ifconfig") - @status.stdout.each_line do |line| - if !line[0..9].strip.empty? - @int_name = line[0..9].strip - @interfaces[@int_name] = { "hwaddr" => (line =~ /(HWaddr)/ ? ($') : "nil").strip.chomp } - else - @interfaces[@int_name]["inet_addr"] = (line =~ /inet addr:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /inet addr:/ - @interfaces[@int_name]["bcast"] = (line =~ /Bcast:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Bcast:/ - @interfaces[@int_name]["mask"] = (line =~ /Mask:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Mask:/ - @interfaces[@int_name]["mtu"] = (line =~ /MTU:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /MTU:/ - @interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Metric:/ + @ifconfig_version = nil + + @net_tools_version = shell_out("ifconfig --version") + @net_tools_version.stderr.each_line do |line| + if line =~ /^net-tools (\d+.\d+)/ + @ifconfig_version = line.match(/^net-tools (\d+.\d+)/)[1] + end + end + + if @ifconfig_version.nil? + raise "net-tools not found - this is required for ifconfig" + elsif @ifconfig_version.to_f < 2.0 + # Example output for 1.60 is as follows: (sanitized but format intact) + # eth0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 + # inet addr:192.168.1.1 Bcast:192.168.0.1 Mask:255.255.248.0 + # inet6 addr: 0000::00:0000:0000:0000/64 Scope:Link + # UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + # RX packets:65158911 errors:0 dropped:0 overruns:0 frame:0 + # TX packets:41723949 errors:0 dropped:0 overruns:0 carrier:0 + # collisions:0 txqueuelen:1000 + # RX bytes:42664658792 (39.7 GiB) TX bytes:52722603938 (49.1 GiB) + # Interrupt:30 + @status = shell_out("ifconfig") + @status.stdout.each_line do |line| + if !line[0..9].strip.empty? + @int_name = line[0..9].strip + @interfaces[@int_name] = { "hwaddr" => (line =~ /(HWaddr)/ ? ($') : "nil").strip.chomp } + else + @interfaces[@int_name]["inet_addr"] = (line =~ /inet addr:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /inet addr:/ + @interfaces[@int_name]["bcast"] = (line =~ /Bcast:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Bcast:/ + @interfaces[@int_name]["mask"] = (line =~ /Mask:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Mask:/ + @interfaces[@int_name]["mtu"] = (line =~ /MTU:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /MTU:/ + @interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Metric:/ + end + + next unless @interfaces.key?(new_resource.device) + @interface = @interfaces.fetch(new_resource.device) + + current_resource.target(new_resource.target) + current_resource.device(new_resource.device) + current_resource.inet_addr(@interface["inet_addr"]) + current_resource.hwaddr(@interface["hwaddr"]) + current_resource.bcast(@interface["bcast"]) + current_resource.mask(@interface["mask"]) + current_resource.mtu(@interface["mtu"]) + current_resource.metric(@interface["metric"]) end + elsif @ifconfig_version.to_f >= 2.0 + # Example output for 2.10-alpha is as follows: (sanitized but format intact) + # eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 + # inet 192.168.1.1 netmask 255.255.240.0 broadcast 192.168.0.1 + # inet6 0000::0000:000:0000:0000 prefixlen 64 scopeid 0x20<link> + # ether 00:00:00:00:00:00 txqueuelen 1000 (Ethernet) + # RX packets 2383836 bytes 1642630840 (1.5 GiB) + # RX errors 0 dropped 0 overruns 0 frame 0 + # TX packets 1244218 bytes 977339327 (932.0 MiB) + # TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 + @status = shell_out("ifconfig") + @status.stdout.each_line do |line| + addr_regex = /^(\w+):?(\d*):?\ .+$/ + if line =~ addr_regex + if line.match(addr_regex).nil? + @int_name = "nil" + elsif line.match(addr_regex)[2] == "" + @int_name = line.match(addr_regex)[1] + @interfaces[@int_name] = Hash.new + @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /mtu/ && @interfaces[@int_name]["mtu"].nil? + else + @int_name = "#{line.match(addr_regex)[1]}:#{line.match(addr_regex)[2]}" + @interfaces[@int_name] = Hash.new + @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /mtu/ && @interfaces[@int_name]["mtu"].nil? + end + else + @interfaces[@int_name]["inet_addr"] = (line =~ /inet (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /inet/ && @interfaces[@int_name]["inet_addr"].nil? + @interfaces[@int_name]["bcast"] = (line =~ /broadcast (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /broadcast/ && @interfaces[@int_name]["bcast"].nil? + @interfaces[@int_name]["mask"] = (line =~ /netmask (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /netmask/ && @interfaces[@int_name]["mask"].nil? + @interfaces[@int_name]["hwaddr"] = (line =~ /ether (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /ether/ && @interfaces[@int_name]["hwaddr"].nil? + @interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Metric:/ && @interfaces[@int_name]["metric"].nil? + end - next unless @interfaces.key?(new_resource.device) - @interface = @interfaces.fetch(new_resource.device) - - current_resource.target(new_resource.target) - current_resource.device(new_resource.device) - current_resource.inet_addr(@interface["inet_addr"]) - current_resource.hwaddr(@interface["hwaddr"]) - current_resource.bcast(@interface["bcast"]) - current_resource.mask(@interface["mask"]) - current_resource.mtu(@interface["mtu"]) - current_resource.metric(@interface["metric"]) + next unless @interfaces.key?(new_resource.device) + @interface = @interfaces.fetch(new_resource.device) + + current_resource.target(new_resource.target) + current_resource.device(new_resource.device) + current_resource.inet_addr(@interface["inet_addr"]) + current_resource.hwaddr(@interface["hwaddr"]) + current_resource.bcast(@interface["bcast"]) + current_resource.mask(@interface["mask"]) + current_resource.mtu(@interface["mtu"]) + current_resource.metric(@interface["metric"]) + end end current_resource end diff --git a/lib/chef/provider/service/solaris.rb b/lib/chef/provider/service/solaris.rb index 9c85fda05f..70b40f11ca 100644 --- a/lib/chef/provider/service/solaris.rb +++ b/lib/chef/provider/service/solaris.rb @@ -31,7 +31,7 @@ class Chef super @init_command = "/usr/sbin/svcadm" @status_command = "/bin/svcs" - @maintenace = false + @maintenance = false end def load_current_resource @@ -101,7 +101,6 @@ class Chef end # check service state - @maintenance = false case status["state"] when "online" @current_resource.enabled(true) diff --git a/lib/chef/provider/windows_task.rb b/lib/chef/provider/windows_task.rb index 588a731767..2aad02564c 100644 --- a/lib/chef/provider/windows_task.rb +++ b/lib/chef/provider/windows_task.rb @@ -79,10 +79,19 @@ class Chef Chef::Log.info "#{new_resource} task already exists - nothing to do" return end - # To merge current resource and new resource attributes + # Setting the attributes of new_resource as current_resource. + # This is required to maintain idempotency when the user is not passing start_day and start_time + # because SCHTASK.exe sets them by default as the current time and day. + # So the current_resource will always have start_time and start_days set for an existing task, + # even though the user didn't pass it. So we set the new_resource attributes as the current_resource attributes resource_attributes.each do |attribute| new_resource_attribute = new_resource.send(attribute) current_resource_attribute = current_resource.send(attribute) + # We accept start_day in mm/dd/yyyy format only. Hence while copying the start_day from system to new_resource.start_day, + # we are converting from system date format to mm/dd/yyyy + current_resource_attribute = convert_system_date_to_mm_dd_yyyy(current_resource_attribute) if attribute == "start_day" + # Convert start_time into 24hr time format + current_resource_attribute = DateTime.parse(current_resource_attribute).strftime("%H:%M") if attribute == "start_time" new_resource.send("#{attribute}=", current_resource_attribute ) if current_resource_attribute && new_resource_attribute.nil? end end @@ -274,6 +283,14 @@ class Chef @system_short_date_format end + def convert_system_date_to_mm_dd_yyyy(system_date) + system_date_format = convert_system_date_format_to_ruby_date_format + unless system_date_format == "%m/%d/%Y" + system_date = Date.strptime(system_date, system_date_format).strftime("%m/%d/%Y") + end + system_date + end + def update_task_xml(options = []) # random_delay xml element is different for different frequencies random_delay_xml_element = { diff --git a/lib/chef/util/selinux.rb b/lib/chef/util/selinux.rb index 0ff76c6407..8b4c38754c 100644 --- a/lib/chef/util/selinux.rb +++ b/lib/chef/util/selinux.rb @@ -48,10 +48,11 @@ class Chef def restore_security_context(file_path, recursive = false) if restorecon_path - restorecon_command = recursive ? "#{restorecon_path} -R -r" : "#{restorecon_path} -R" - restorecon_command += " \"#{file_path}\"" - Chef::Log.debug("Restoring selinux security content with #{restorecon_command}") - shell_out!(restorecon_command) + restorecon_flags = [ "-R" ] + restorecon_flags << "-r" if recursive + restorecon_flags << file_path + Chef::Log.debug("Restoring selinux security content with #{restorecon_path}") + shell_out_compact!(restorecon_path, restorecon_flags) else Chef::Log.warn "Can not find 'restorecon' on the system. Skipping selinux security context restore." end diff --git a/lib/chef/version.rb b/lib/chef/version.rb index 33f8b0cf00..51655c48db 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require "chef/version_string" class Chef CHEF_ROOT = File.expand_path("../..", __FILE__) - VERSION = Chef::VersionString.new("13.6.7") + VERSION = Chef::VersionString.new("13.6.19") end # diff --git a/spec/functional/resource/ifconfig_spec.rb b/spec/functional/resource/ifconfig_spec.rb index 0298dbcf45..fbb8995d52 100644 --- a/spec/functional/resource/ifconfig_spec.rb +++ b/spec/functional/resource/ifconfig_spec.rb @@ -20,7 +20,7 @@ require "functional/resource/base" require "chef/mixin/shell_out" # run this test only for following platforms. -include_flag = !(%w{ubuntu centos aix}.include?(ohai[:platform])) +include_flag = !(%w{amazon debian aix}.include?(ohai[:platform_family]) || (ohai[:platform_family] == "rhel" && ohai[:platform_version].to_i < 7)) describe Chef::Resource::Ifconfig, :requires_root, :skip_travis, :external => include_flag do # This test does not work in travis because there is no eth0 diff --git a/spec/functional/resource/mount_spec.rb b/spec/functional/resource/mount_spec.rb index c756b0d3d4..c98d6cec25 100644 --- a/spec/functional/resource/mount_spec.rb +++ b/spec/functional/resource/mount_spec.rb @@ -22,7 +22,7 @@ require "chef/mixin/shell_out" require "tmpdir" # run this test only for following platforms. -include_flag = !(%w{ubuntu centos aix solaris2}.include?(ohai[:platform])) +include_flag = !(%w{debian rhel amazon aix solaris2}.include?(ohai[:platform_family])) describe Chef::Resource::Mount, :requires_root, :skip_travis, :external => include_flag do # Disabled in travis because it refuses to let us mount a ramdisk. /dev/ramX does not @@ -35,15 +35,19 @@ describe Chef::Resource::Mount, :requires_root, :skip_travis, :external => inclu def setup_device_for_mount # use ramdisk for creating a test device for mount. # This can cleaner if we have chef resource/provider for ramdisk. - case ohai[:platform] + case ohai[:platform_family] when "aix" # On AIX, we can't create a ramdisk inside a WPAR, so we use # a "namefs" mount against / to test # https://www-304.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.performance/namefs_file_sys.htm device = "/" fstype = "namefs" - when "ubuntu", "centos" + when "debian", "rhel", "amazon" device = "/dev/ram1" + unless File.exist?(device) + shell_out("mknod -m 660 #{device} b 1 0") + shell_out("chown root:disk #{device}") + end shell_out("ls -1 /dev/ram*").stdout.each_line do |d| if shell_out("mount | grep #{d}").exitstatus == "1" # this device is not mounted, so use it. diff --git a/spec/functional/win32/security_spec.rb b/spec/functional/win32/security_spec.rb index f3faf24c52..40ae99bfa4 100644 --- a/spec/functional/win32/security_spec.rb +++ b/spec/functional/win32/security_spec.rb @@ -17,8 +17,6 @@ # require "spec_helper" -require "mixlib/shellout" -require "chef/mixin/user_context" if Chef::Platform.windows? require "chef/win32/security" end @@ -28,37 +26,13 @@ describe "Chef::Win32::Security", :windows_only do expect(Chef::ReservedNames::Win32::Security.has_admin_privileges?).to eq(true) end - describe "running as non admin user" do - include Chef::Mixin::UserContext - let(:user) { "security_user" } - let(:password) { "Security@123" } - - let(:domain) do - whoami = Mixlib::ShellOut.new("whoami") - whoami.run_command - whoami.error! - whoami.stdout.split("\\")[0] - end - before do - allow_any_instance_of(Chef::Mixin::UserContext).to receive(:node).and_return({ "platform_family" => "windows" }) - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(false) - allow(Chef::ReservedNames::Win32::Security).to receive(:OpenProcessToken).and_return(true) - add_user = Mixlib::ShellOut.new("net user #{user} #{password} /ADD") - add_user.run_command - add_user.error! - end - - after do - delete_user = Mixlib::ShellOut.new("net user #{user} /delete") - delete_user.run_command - delete_user.error! - end - it "has_admin_privileges? returns false" do - has_admin_privileges = with_user_context(user, password, domain) do - Chef::ReservedNames::Win32::Security.has_admin_privileges? - end - expect(has_admin_privileges).to eq(false) - end + # We've done some investigation adding a negative test and it turned + # out to be a lot of work since mixlib-shellout doesn't have user + # support for windows. + # + # TODO - Add negative tests once mixlib-shellout has user support + it "has_admin_privileges? returns false when running as non-admin" do + skip "requires user support in mixlib-shellout" end describe "get_file_security" do diff --git a/spec/integration/knife/data_bag_show_spec.rb b/spec/integration/knife/data_bag_show_spec.rb index 22381adb9e..38dfd8730d 100644 --- a/spec/integration/knife/data_bag_show_spec.rb +++ b/spec/integration/knife/data_bag_show_spec.rb @@ -44,7 +44,7 @@ EOM end it "with a single item" do - knife("data bag show rocket falcon9").should_succeed <<EOM, stderr: "WARNING: Unencrypted data bag detected, ignoring any provided secret options.\n" + knife("data bag show rocket falcon9").should_succeed <<EOM heavy: true id: falcon9 EOM diff --git a/spec/unit/knife/data_bag_show_spec.rb b/spec/unit/knife/data_bag_show_spec.rb index ece7f5bf78..8dd0669993 100644 --- a/spec/unit/knife/data_bag_show_spec.rb +++ b/spec/unit/knife/data_bag_show_spec.rb @@ -91,12 +91,11 @@ qux: http://localhost:4000/data/bag_o_data/qux} context "Data bag to show is not encrypted" do before do allow(knife).to receive(:encrypted?).and_return(false) - expect(knife).to receive(:read_secret).exactly(0).times end it "displays the data bag" do + expect(knife).to receive(:read_secret).exactly(0).times expect(Chef::DataBagItem).to receive(:load).with(bag_name, item_name).and_return(data_bag) - expect(knife.ui).to receive(:warn).with("Unencrypted data bag detected, ignoring any provided secret options.") expected = %q{baz: http://localhost:4000/data/bag_o_data/baz id: id @@ -104,6 +103,21 @@ qux: http://localhost:4000/data/bag_o_data/qux} knife.run expect(stdout.string.strip).to eq(expected) end + + context "when a secret is given" do + it "displays the data bag" do + expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(true) + expect(knife).to receive(:read_secret).and_return(secret) + expect(Chef::DataBagItem).to receive(:load).with(bag_name, item_name).and_return(data_bag) + expect(knife.ui).to receive(:warn).with("Unencrypted data bag detected, ignoring any provided secret options.") + + expected = %q{baz: http://localhost:4000/data/bag_o_data/baz +id: id +qux: http://localhost:4000/data/bag_o_data/qux} + knife.run + expect(stdout.string.strip).to eq(expected) + end + end end it "displays the list of items in the data bag when only one @name_arg is provided" do diff --git a/spec/unit/knife/ssh_spec.rb b/spec/unit/knife/ssh_spec.rb index e15ca8a7f0..815995b687 100644 --- a/spec/unit/knife/ssh_spec.rb +++ b/spec/unit/knife/ssh_spec.rb @@ -295,6 +295,23 @@ describe Chef::Knife::Ssh do end end + describe "#tmux" do + before do + ssh_config = { :timeout => 50, :user => "locutus", :port => 23, :keepalive => true, :keepalive_interval => 60 } + allow(Net::SSH).to receive(:configuration_for).with("foo.example.org", true).and_return(ssh_config) + @query = Chef::Search::Query.new + expect(@query).to receive(:search).and_yield(@node_foo) + allow(Chef::Search::Query).to receive(:new).and_return(@query) + allow(@knife).to receive(:exec).and_return(0) + end + + it "filters out invalid characters from tmux session name" do + @knife.name_args = ["name:foo.example.org", "tmux"] + expect(@knife).to receive(:shell_out!).with("tmux new-session -d -s 'knife ssh name=foo-example-org' -n 'foo.example.org' 'ssh locutus@foo.example.org' ") + @knife.run + end + end + describe "#run" do before do @query = Chef::Search::Query.new diff --git a/spec/unit/node_map_spec.rb b/spec/unit/node_map_spec.rb index 822f689eab..64106323c2 100644 --- a/spec/unit/node_map_spec.rb +++ b/spec/unit/node_map_spec.rb @@ -101,6 +101,24 @@ describe Chef::NodeMap do end end + describe "platform version checks" do + before do + node_map.set(:thing, :foo, platform_family: "rhel", platform_version: ">= 7") + end + + it "handles non-x.y.z platform versions without throwing an exception" do + allow(node).to receive(:[]).with(:platform_family).and_return("rhel") + allow(node).to receive(:[]).with(:platform_version).and_return("7.19.2.2F") + expect(node_map.get(node, :thing)).to eql(:foo) + end + + it "handles non-x.y.z platform versions without throwing an exception when the match fails" do + allow(node).to receive(:[]).with(:platform_family).and_return("rhel") + allow(node).to receive(:[]).with(:platform_version).and_return("4.19.2.2F") + expect(node_map.get(node, :thing)).to eql(nil) + end + end + describe "with a block doing platform_version checks" do before do node_map.set(:thing, :foo, platform_family: "rhel") do |node| diff --git a/spec/unit/provider/ifconfig_spec.rb b/spec/unit/provider/ifconfig_spec.rb index da27d647ee..3732d75cc9 100644 --- a/spec/unit/provider/ifconfig_spec.rb +++ b/spec/unit/provider/ifconfig_spec.rb @@ -38,12 +38,19 @@ describe Chef::Provider::Ifconfig do status = double("Status", exitstatus: 0) @provider.instance_variable_set("@status", status) @provider.current_resource = @current_resource - end + describe Chef::Provider::Ifconfig, "load_current_resource" do + let(:net_tools_version) { StringIO.new <<-EOS } +net-tools 1.60 +ifconfig 1.42 (2001-04-13) +EOS + before do - @status = double(stdout: "", exitstatus: 1) - allow(@provider).to receive(:shell_out).and_return(@status) + ifconfig = double(stdout: "", exitstatus: 1) + allow(@provider).to receive(:shell_out).and_return(ifconfig) + ifconfig_version = double(stdout: "", stderr: net_tools_version, exitstatus: 4) + allow(@provider).to receive(:shell_out).with("ifconfig --version").and_return(ifconfig_version) @provider.load_current_resource end it "should track state of ifconfig failure" do diff --git a/spec/unit/provider/windows_task_spec.rb b/spec/unit/provider/windows_task_spec.rb index 55a1e77e4e..d45531f3dc 100644 --- a/spec/unit/provider/windows_task_spec.rb +++ b/spec/unit/provider/windows_task_spec.rb @@ -110,6 +110,33 @@ describe Chef::Provider::WindowsTask do expect(new_resource).not_to be_updated_by_last_action end + it "sets the start_time in 24hr format while updating an existing task" do + # task_hash has start_time = "1:12:00 PM" + allow(provider).to receive(:load_task_hash).and_return(task_hash) + provider.load_current_resource + allow(provider).to receive(:task_need_update?).and_return(true) + allow(provider).to receive(:convert_system_date_to_mm_dd_yyyy).and_return("03/30/2017") + allow(provider).to receive(:run_schtasks) + provider.run_action(:create) + # start_time gets set in 24hr format for new_resource + expect(new_resource.start_time).to eq("13:12") + expect(new_resource).to be_updated_by_last_action + end + + it "sets the start_day in mm/dd/yyyy format while updating an existing task" do + # start_day in yyyy-MM-dd format + task_hash[:StartDate] = "2017-03-30" + allow(provider).to receive(:load_task_hash).and_return(task_hash) + current_resource = provider.load_current_resource + allow(provider).to receive(:task_need_update?).and_return(true) + allow(provider).to receive(:convert_system_date_format_to_ruby_date_format).and_return("%Y-%m-%d") + allow(provider).to receive(:run_schtasks) + provider.run_action(:create) + # start_day gets set in mm/dd/yyyy format for new_resource + expect(new_resource.start_day).to eq("03/30/2017") + expect(new_resource).to be_updated_by_last_action + end + context "when task is not existing" do before do allow(provider).to receive(:load_task_hash) diff --git a/spec/unit/util/selinux_spec.rb b/spec/unit/util/selinux_spec.rb index 751092bc9a..5081281cf4 100644 --- a/spec/unit/util/selinux_spec.rb +++ b/spec/unit/util/selinux_spec.rb @@ -124,24 +124,21 @@ describe Chef::Util::Selinux do end it "should call restorecon non-recursive by default" do - restorecon_command = "#{@restorecon_enabled_path} -R \"#{path}\"" - expect(@test_instance).to receive(:shell_out!).twice.with(restorecon_command) + expect(@test_instance).to receive(:shell_out_compact!).twice.with(@restorecon_enabled_path, [ "-R", path ]) @test_instance.restore_security_context(path) expect(File).not_to receive(:executable?) @test_instance.restore_security_context(path) end it "should call restorecon recursive when recursive is set" do - restorecon_command = "#{@restorecon_enabled_path} -R -r \"#{path}\"" - expect(@test_instance).to receive(:shell_out!).twice.with(restorecon_command) + expect(@test_instance).to receive(:shell_out_compact!).twice.with(@restorecon_enabled_path, [ "-R", "-r", path ]) @test_instance.restore_security_context(path, true) expect(File).not_to receive(:executable?) @test_instance.restore_security_context(path, true) end it "should call restorecon non-recursive when recursive is not set" do - restorecon_command = "#{@restorecon_enabled_path} -R \"#{path}\"" - expect(@test_instance).to receive(:shell_out!).twice.with(restorecon_command) + expect(@test_instance).to receive(:shell_out_compact!).twice.with(@restorecon_enabled_path, [ "-R", path ]) @test_instance.restore_security_context(path) expect(File).not_to receive(:executable?) @test_instance.restore_security_context(path) |