Adding in the license-acceptance flow

This adds a new feature to chef-client where users must accept the
EULA before using the product. Users can accept the license by
passing '--chef-license accept', setting ENV[CHEF_LICENSE]=accept or by
running 'chef-client' and following the interactive prompt.

Signed-off-by: tyler-ball <tball@chef.io>

11 files changed, 59 insertions, 11 deletions

diff --git a/.travis.yml b/.travis.yml
index 627ea6f726..4ec7b0b003 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -30,6 +30,7 @@ branches:
 env:
   global:
     - FORCE_FFI_YAJL=ext
+    - CHEF_LICENSE=accept-no-persist
 
 matrix:
   include:
diff --git a/Gemfile.lock b/Gemfile.lock
index b203c06f50..4de140b9ee 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,6 +1,6 @@
 GIT
   remote: https://github.com/chef/chefstyle.git
-  revision: 97710fcf8164ce11c64bf0d524e75eadca8c0c75
+  revision: 0f3c0afe4e875c8c17627b8986f23bd4e4dc75cb
   branch: master
   specs:
     chefstyle (0.12.0)
@@ -8,10 +8,10 @@ GIT
 
 GIT
   remote: https://github.com/chef/ohai.git
-  revision: 05e507952d8dbff8e31528f1ebcab72664e99aa2
+  revision: 7582a96b976bfb529c3c05f1a7bbc867f2d316f0
   branch: master
   specs:
-    ohai (15.0.30)
+    ohai (15.0.31)
       chef-config (>= 12.8, < 16)
       ffi (~> 1.9)
       ffi-yajl (~> 2.2)
@@ -39,6 +39,7 @@ PATH
       ffi-yajl (~> 2.2)
       highline (~> 1.6, >= 1.6.9)
       iniparse (~> 1.4)
+      license-acceptance (~> 0.2)
       mixlib-archive (>= 0.4, < 2.0)
       mixlib-authentication (~> 2.1)
       mixlib-cli (>= 1.7, < 3.0)
@@ -65,6 +66,7 @@ PATH
       highline (~> 1.6, >= 1.6.9)
       iniparse (~> 1.4)
       iso8601 (~> 0.12.1)
+      license-acceptance (~> 0.2)
       mixlib-archive (>= 0.4, < 2.0)
       mixlib-authentication (~> 2.1)
       mixlib-cli (>= 1.7, < 3.0)
@@ -179,6 +181,11 @@ GEM
     jaro_winkler (1.5.2)
     json (2.2.0)
     libyajl2 (1.2.0)
+    license-acceptance (0.2.6)
+      pastel (~> 0.7)
+      tomlrb (~> 1.2)
+      tty-box (~> 0.3)
+      tty-prompt (~> 0.18)
     method_source (0.9.2)
     mixlib-archive (1.0.1)
       mixlib-log
@@ -207,7 +214,7 @@ GEM
     octokit (4.14.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     parallel (1.17.0)
-    parser (2.6.2.0)
+    parser (2.6.2.1)
       ast (~> 2.4.0)
     parslet (1.8.2)
     pastel (0.7.2)
@@ -242,7 +249,7 @@ GEM
     rspec-expectations (3.8.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
-    rspec-its (1.2.0)
+    rspec-its (1.3.0)
       rspec-core (>= 3.0.0)
       rspec-expectations (>= 3.0.0)
     rspec-mocks (3.8.0)
@@ -293,6 +300,10 @@ GEM
     train-core (1.7.6)
       json (>= 1.8, < 3.0)
       mixlib-shellout (~> 2.0)
+    tty-box (0.3.0)
+      pastel (~> 0.7.2)
+      strings (~> 0.1.4)
+      tty-cursor (~> 0.6.0)
     tty-color (0.4.3)
     tty-cursor (0.6.1)
     tty-prompt (0.18.1)
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 5ff8b9528c..89ff5366ca 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -6,6 +6,19 @@ Chef 15 release notes will be added here as development progresses.
 
 ## New Features / Functionality
 
+### Chef EULA
+
+Chef Client requires a EULA to be accepted by users before it can run. Users can accept the EULA in a variety of ways:
+
+`chef-client --chef-license accept`
+`chef-client --chef-license accept-no-persist`
+`CHEF_LICENSE=accept chef-client`
+`CHEF_LICENSE=accept-no-persist chef-client`
+
+Finally, if users run `chef-client` without any of these options they will receive an interactive prompt asking for
+license acceptance. If the license is accepted a marker file will be written to the filesystem (unless `no-persist` is
+specified). Once this file is persisted users no longer need to set any of these flags.
+
 ### Allow Using --delete-entire-chef-repo in Chef Local Mode
 
 ### Data Collection Ground-Up Refactor
diff --git a/chef.gemspec b/chef.gemspec
index f6d8e93ab7..0a5e2b1b91 100644
--- a/chef.gemspec
+++ b/chef.gemspec
@@ -17,6 +17,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency "chef-config", "= #{Chef::VERSION}"
 
+  s.add_dependency "license-acceptance", "~> 0.2"
   s.add_dependency "mixlib-cli", ">= 1.7", "< 3.0"
   s.add_dependency "mixlib-log", ">= 2.0.3", "< 4.0"
   s.add_dependency "mixlib-authentication", "~> 2.1"
diff --git a/lib/chef/application.rb b/lib/chef/application.rb
index 817cdf051d..b4e56a55b3 100644
--- a/lib/chef/application.rb
+++ b/lib/chef/application.rb
@@ -28,6 +28,7 @@ require "mixlib/cli"
 require "tmpdir"
 require "rbconfig"
 require "chef/application/exit_code"
+require "license_acceptance/acceptor"
 
 class Chef
   class Application
@@ -63,6 +64,7 @@ class Chef
       setup_signal_handlers
       reconfigure
       setup_application
+      check_license_acceptance
       run_application
     end
 
@@ -247,6 +249,10 @@ class Chef
       raise Chef::Exceptions::Application, "#{self}: you must override setup_application"
     end
 
+    def check_license_acceptance
+      LicenseAcceptance::Acceptor.check_and_persist!("chef-client", Chef::VERSION.to_s, logger: logger)
+    end
+
     # Actually run the application
     def run_application
       raise Chef::Exceptions::Application, "#{self}: you must override run_application"
diff --git a/lib/chef/application/client.rb b/lib/chef/application/client.rb
index 789b938213..784a8f3b00 100644
--- a/lib/chef/application/client.rb
+++ b/lib/chef/application/client.rb
@@ -29,10 +29,12 @@ require "chef/mixin/shell_out"
 require "chef-config/mixin/dot_d"
 require "mixlib/archive"
 require "uri"
+require "license_acceptance/cli_flags/mixlib_cli"
 
 class Chef::Application::Client < Chef::Application
   include Chef::Mixin::ShellOut
   include ChefConfig::Mixin::DotD
+  include LicenseAcceptance::CLIFlags::MixlibCLI
 
   # Mimic self_pipe sleep from Unicorn to capture signals safely
   SELF_PIPE = [] # rubocop:disable Style/MutableConstant
@@ -219,6 +221,7 @@ class Chef::Application::Client < Chef::Application
         Chef::RunList::RunListItem.new(item)
       end
     }
+
   option :why_run,
     short: "-W",
     long: "--why-run",
diff --git a/lib/chef/application/knife.rb b/lib/chef/application/knife.rb
index 76dd5707fe..26b84d0be3 100644
--- a/lib/chef/application/knife.rb
+++ b/lib/chef/application/knife.rb
@@ -20,8 +20,10 @@ require "chef/application"
 require "mixlib/log"
 require "ohai/config"
 require "chef/monkey_patches/net_http.rb"
+require "license_acceptance/cli_flags/mixlib_cli"
 
 class Chef::Application::Knife < Chef::Application
+  include LicenseAcceptance::CLIFlags::MixlibCLI
 
   NO_COMMAND_GIVEN = "You need to pass a sub-command (e.g., knife SUB-COMMAND)\n".freeze
 
@@ -158,6 +160,7 @@ class Chef::Application::Knife < Chef::Application
     Mixlib::Log::Formatter.show_time = false
     validate_and_parse_options
     quiet_traps
+    check_license_acceptance
     Chef::Knife.run(ARGV, options)
     exit 0
   end
diff --git a/spec/integration/client/client_spec.rb b/spec/integration/client/client_spec.rb
index 006839be3f..e97cbbda0f 100644
--- a/spec/integration/client/client_spec.rb
+++ b/spec/integration/client/client_spec.rb
@@ -66,6 +66,8 @@ describe "chef-client" do
       file "config/client.rb", <<~EOM
         local_mode true
         cookbook_path "#{path_to('cookbooks')}"
+        # One environment variable we DO need to prevent hanging
+        ENV["CHEF_LICENSE"] = "accept-no-persist"
       EOM
 
       begin
diff --git a/spec/unit/application/knife_spec.rb b/spec/unit/application/knife_spec.rb
index 8a574b4d0f..f5ede6318b 100644
--- a/spec/unit/application/knife_spec.rb
+++ b/spec/unit/application/knife_spec.rb
@@ -45,6 +45,7 @@ describe Chef::Application::Knife do
     @knife = Chef::Application::Knife.new
     allow(@knife).to receive(:puts)
     allow(@knife).to receive(:trap)
+    allow(@knife).to receive(:check_license_acceptance)
     allow(Chef::Knife).to receive(:list_commands)
   end
 
@@ -65,6 +66,7 @@ describe Chef::Application::Knife do
     with_argv(*%w{noop knife command with some args}) do
       knife = double(Chef::Knife)
       expect(Chef::Knife).to receive(:run).with(ARGV, @knife.options).and_return(knife)
+      expect(@knife).to receive(:check_license_acceptance)
       expect(@knife).to receive(:exit).with(0)
       @knife.run
     end
@@ -75,11 +77,7 @@ describe Chef::Application::Knife do
       expect(@knife).to receive(:exit).with(0)
       @knife.run
     end
-    if windows?
-      expect(Chef::Config[:color]).to be_truthy
-    else
-      expect(Chef::Config[:color]).to be_truthy
-    end
+    expect(Chef::Config[:color]).to be_truthy
   end
 
   context "when given fips flags" do
diff --git a/spec/unit/application_spec.rb b/spec/unit/application_spec.rb
index ef28dbb21b..b8150d797f 100644
--- a/spec/unit/application_spec.rb
+++ b/spec/unit/application_spec.rb
@@ -72,6 +72,7 @@ describe Chef::Application do
       describe "run" do
         before do
           allow(@app).to receive(:setup_application).and_return(true)
+          allow(@app).to receive(:check_license_acceptance)
           allow(@app).to receive(:run_application).and_return(true)
           allow(@app).to receive(:configure_chef).and_return(true)
           allow(@app).to receive(:configure_logging).and_return(true)
@@ -87,6 +88,11 @@ describe Chef::Application do
           @app.run
         end
 
+        it "should check the license acceptance" do
+          expect(@app).to receive(:check_license_acceptance)
+          @app.run
+        end
+
         it "should run the actual application" do
           expect(@app).to receive(:run_application).and_return(true)
           @app.run
diff --git a/tasks/bin/run_external_test b/tasks/bin/run_external_test
index 5f1ac8f210..04fe5343ba 100755
--- a/tasks/bin/run_external_test
+++ b/tasks/bin/run_external_test
@@ -13,7 +13,11 @@ git_thing = ARGV.shift
 
 build_dir = File.expand_path(ENV["TRAVIS_BUILD_DIR"] || Dir.pwd)
 
-env = { "GEMFILE_MOD" => "gem 'chef', path: '#{build_dir}'; gem 'ohai', git: 'https://github.com/chef/ohai.git', branch: 'master'" }
+env = {
+  "GEMFILE_MOD" => "gem 'chef', path: '#{build_dir}'; " \
+    "gem 'ohai', git: 'https://github.com/chef/ohai.git'",
+  "CHEF_LICENSE" => "accept-no-persist",
+}
 
 Dir.mktmpdir("chef-external-test") do |dir|
   git_url = "https://github.com/#{github_repo}"