diff options
author | tyler-ball <tball@chef.io> | 2018-12-19 16:17:14 -0700 |
---|---|---|
committer | tyler-ball <tball@chef.io> | 2019-04-15 17:34:41 -0600 |
commit | a2e224fea5903faa84c7f3237c4d637a3048de24 (patch) | |
tree | 6176ac55a8adaefbdda82547c27d699bee2132a2 | |
parent | 62ea7382021593d117a78a0d5f60e39722c2e4d4 (diff) | |
download | chef-a2e224fea5903faa84c7f3237c4d637a3048de24.tar.gz |
Adding in the license-acceptance flow
This adds a new feature to chef-client where users must accept the
EULA before using the product. Users can accept the license by
passing '--chef-license accept', setting ENV[CHEF_LICENSE]=accept or by
running 'chef-client' and following the interactive prompt.
Signed-off-by: tyler-ball <tball@chef.io>
-rw-r--r-- | .travis.yml | 1 | ||||
-rw-r--r-- | Gemfile.lock | 21 | ||||
-rw-r--r-- | RELEASE_NOTES.md | 13 | ||||
-rw-r--r-- | chef.gemspec | 1 | ||||
-rw-r--r-- | lib/chef/application.rb | 6 | ||||
-rw-r--r-- | lib/chef/application/client.rb | 3 | ||||
-rw-r--r-- | lib/chef/application/knife.rb | 3 | ||||
-rw-r--r-- | spec/integration/client/client_spec.rb | 2 | ||||
-rw-r--r-- | spec/unit/application/knife_spec.rb | 8 | ||||
-rw-r--r-- | spec/unit/application_spec.rb | 6 | ||||
-rwxr-xr-x | tasks/bin/run_external_test | 6 |
11 files changed, 59 insertions, 11 deletions
diff --git a/.travis.yml b/.travis.yml index 627ea6f726..4ec7b0b003 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,6 +30,7 @@ branches: env: global: - FORCE_FFI_YAJL=ext + - CHEF_LICENSE=accept-no-persist matrix: include: diff --git a/Gemfile.lock b/Gemfile.lock index b203c06f50..4de140b9ee 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,6 @@ GIT remote: https://github.com/chef/chefstyle.git - revision: 97710fcf8164ce11c64bf0d524e75eadca8c0c75 + revision: 0f3c0afe4e875c8c17627b8986f23bd4e4dc75cb branch: master specs: chefstyle (0.12.0) @@ -8,10 +8,10 @@ GIT GIT remote: https://github.com/chef/ohai.git - revision: 05e507952d8dbff8e31528f1ebcab72664e99aa2 + revision: 7582a96b976bfb529c3c05f1a7bbc867f2d316f0 branch: master specs: - ohai (15.0.30) + ohai (15.0.31) chef-config (>= 12.8, < 16) ffi (~> 1.9) ffi-yajl (~> 2.2) @@ -39,6 +39,7 @@ PATH ffi-yajl (~> 2.2) highline (~> 1.6, >= 1.6.9) iniparse (~> 1.4) + license-acceptance (~> 0.2) mixlib-archive (>= 0.4, < 2.0) mixlib-authentication (~> 2.1) mixlib-cli (>= 1.7, < 3.0) @@ -65,6 +66,7 @@ PATH highline (~> 1.6, >= 1.6.9) iniparse (~> 1.4) iso8601 (~> 0.12.1) + license-acceptance (~> 0.2) mixlib-archive (>= 0.4, < 2.0) mixlib-authentication (~> 2.1) mixlib-cli (>= 1.7, < 3.0) @@ -179,6 +181,11 @@ GEM jaro_winkler (1.5.2) json (2.2.0) libyajl2 (1.2.0) + license-acceptance (0.2.6) + pastel (~> 0.7) + tomlrb (~> 1.2) + tty-box (~> 0.3) + tty-prompt (~> 0.18) method_source (0.9.2) mixlib-archive (1.0.1) mixlib-log @@ -207,7 +214,7 @@ GEM octokit (4.14.0) sawyer (~> 0.8.0, >= 0.5.3) parallel (1.17.0) - parser (2.6.2.0) + parser (2.6.2.1) ast (~> 2.4.0) parslet (1.8.2) pastel (0.7.2) @@ -242,7 +249,7 @@ GEM rspec-expectations (3.8.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) - rspec-its (1.2.0) + rspec-its (1.3.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) rspec-mocks (3.8.0) @@ -293,6 +300,10 @@ GEM train-core (1.7.6) json (>= 1.8, < 3.0) mixlib-shellout (~> 2.0) + tty-box (0.3.0) + pastel (~> 0.7.2) + strings (~> 0.1.4) + tty-cursor (~> 0.6.0) tty-color (0.4.3) tty-cursor (0.6.1) tty-prompt (0.18.1) diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 5ff8b9528c..89ff5366ca 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -6,6 +6,19 @@ Chef 15 release notes will be added here as development progresses. ## New Features / Functionality +### Chef EULA + +Chef Client requires a EULA to be accepted by users before it can run. Users can accept the EULA in a variety of ways: + +`chef-client --chef-license accept` +`chef-client --chef-license accept-no-persist` +`CHEF_LICENSE=accept chef-client` +`CHEF_LICENSE=accept-no-persist chef-client` + +Finally, if users run `chef-client` without any of these options they will receive an interactive prompt asking for +license acceptance. If the license is accepted a marker file will be written to the filesystem (unless `no-persist` is +specified). Once this file is persisted users no longer need to set any of these flags. + ### Allow Using --delete-entire-chef-repo in Chef Local Mode ### Data Collection Ground-Up Refactor diff --git a/chef.gemspec b/chef.gemspec index f6d8e93ab7..0a5e2b1b91 100644 --- a/chef.gemspec +++ b/chef.gemspec @@ -17,6 +17,7 @@ Gem::Specification.new do |s| s.add_dependency "chef-config", "= #{Chef::VERSION}" + s.add_dependency "license-acceptance", "~> 0.2" s.add_dependency "mixlib-cli", ">= 1.7", "< 3.0" s.add_dependency "mixlib-log", ">= 2.0.3", "< 4.0" s.add_dependency "mixlib-authentication", "~> 2.1" diff --git a/lib/chef/application.rb b/lib/chef/application.rb index 817cdf051d..b4e56a55b3 100644 --- a/lib/chef/application.rb +++ b/lib/chef/application.rb @@ -28,6 +28,7 @@ require "mixlib/cli" require "tmpdir" require "rbconfig" require "chef/application/exit_code" +require "license_acceptance/acceptor" class Chef class Application @@ -63,6 +64,7 @@ class Chef setup_signal_handlers reconfigure setup_application + check_license_acceptance run_application end @@ -247,6 +249,10 @@ class Chef raise Chef::Exceptions::Application, "#{self}: you must override setup_application" end + def check_license_acceptance + LicenseAcceptance::Acceptor.check_and_persist!("chef-client", Chef::VERSION.to_s, logger: logger) + end + # Actually run the application def run_application raise Chef::Exceptions::Application, "#{self}: you must override run_application" diff --git a/lib/chef/application/client.rb b/lib/chef/application/client.rb index 789b938213..784a8f3b00 100644 --- a/lib/chef/application/client.rb +++ b/lib/chef/application/client.rb @@ -29,10 +29,12 @@ require "chef/mixin/shell_out" require "chef-config/mixin/dot_d" require "mixlib/archive" require "uri" +require "license_acceptance/cli_flags/mixlib_cli" class Chef::Application::Client < Chef::Application include Chef::Mixin::ShellOut include ChefConfig::Mixin::DotD + include LicenseAcceptance::CLIFlags::MixlibCLI # Mimic self_pipe sleep from Unicorn to capture signals safely SELF_PIPE = [] # rubocop:disable Style/MutableConstant @@ -219,6 +221,7 @@ class Chef::Application::Client < Chef::Application Chef::RunList::RunListItem.new(item) end } + option :why_run, short: "-W", long: "--why-run", diff --git a/lib/chef/application/knife.rb b/lib/chef/application/knife.rb index 76dd5707fe..26b84d0be3 100644 --- a/lib/chef/application/knife.rb +++ b/lib/chef/application/knife.rb @@ -20,8 +20,10 @@ require "chef/application" require "mixlib/log" require "ohai/config" require "chef/monkey_patches/net_http.rb" +require "license_acceptance/cli_flags/mixlib_cli" class Chef::Application::Knife < Chef::Application + include LicenseAcceptance::CLIFlags::MixlibCLI NO_COMMAND_GIVEN = "You need to pass a sub-command (e.g., knife SUB-COMMAND)\n".freeze @@ -158,6 +160,7 @@ class Chef::Application::Knife < Chef::Application Mixlib::Log::Formatter.show_time = false validate_and_parse_options quiet_traps + check_license_acceptance Chef::Knife.run(ARGV, options) exit 0 end diff --git a/spec/integration/client/client_spec.rb b/spec/integration/client/client_spec.rb index 006839be3f..e97cbbda0f 100644 --- a/spec/integration/client/client_spec.rb +++ b/spec/integration/client/client_spec.rb @@ -66,6 +66,8 @@ describe "chef-client" do file "config/client.rb", <<~EOM local_mode true cookbook_path "#{path_to('cookbooks')}" + # One environment variable we DO need to prevent hanging + ENV["CHEF_LICENSE"] = "accept-no-persist" EOM begin diff --git a/spec/unit/application/knife_spec.rb b/spec/unit/application/knife_spec.rb index 8a574b4d0f..f5ede6318b 100644 --- a/spec/unit/application/knife_spec.rb +++ b/spec/unit/application/knife_spec.rb @@ -45,6 +45,7 @@ describe Chef::Application::Knife do @knife = Chef::Application::Knife.new allow(@knife).to receive(:puts) allow(@knife).to receive(:trap) + allow(@knife).to receive(:check_license_acceptance) allow(Chef::Knife).to receive(:list_commands) end @@ -65,6 +66,7 @@ describe Chef::Application::Knife do with_argv(*%w{noop knife command with some args}) do knife = double(Chef::Knife) expect(Chef::Knife).to receive(:run).with(ARGV, @knife.options).and_return(knife) + expect(@knife).to receive(:check_license_acceptance) expect(@knife).to receive(:exit).with(0) @knife.run end @@ -75,11 +77,7 @@ describe Chef::Application::Knife do expect(@knife).to receive(:exit).with(0) @knife.run end - if windows? - expect(Chef::Config[:color]).to be_truthy - else - expect(Chef::Config[:color]).to be_truthy - end + expect(Chef::Config[:color]).to be_truthy end context "when given fips flags" do diff --git a/spec/unit/application_spec.rb b/spec/unit/application_spec.rb index ef28dbb21b..b8150d797f 100644 --- a/spec/unit/application_spec.rb +++ b/spec/unit/application_spec.rb @@ -72,6 +72,7 @@ describe Chef::Application do describe "run" do before do allow(@app).to receive(:setup_application).and_return(true) + allow(@app).to receive(:check_license_acceptance) allow(@app).to receive(:run_application).and_return(true) allow(@app).to receive(:configure_chef).and_return(true) allow(@app).to receive(:configure_logging).and_return(true) @@ -87,6 +88,11 @@ describe Chef::Application do @app.run end + it "should check the license acceptance" do + expect(@app).to receive(:check_license_acceptance) + @app.run + end + it "should run the actual application" do expect(@app).to receive(:run_application).and_return(true) @app.run diff --git a/tasks/bin/run_external_test b/tasks/bin/run_external_test index 5f1ac8f210..04fe5343ba 100755 --- a/tasks/bin/run_external_test +++ b/tasks/bin/run_external_test @@ -13,7 +13,11 @@ git_thing = ARGV.shift build_dir = File.expand_path(ENV["TRAVIS_BUILD_DIR"] || Dir.pwd) -env = { "GEMFILE_MOD" => "gem 'chef', path: '#{build_dir}'; gem 'ohai', git: 'https://github.com/chef/ohai.git', branch: 'master'" } +env = { + "GEMFILE_MOD" => "gem 'chef', path: '#{build_dir}'; " \ + "gem 'ohai', git: 'https://github.com/chef/ohai.git'", + "CHEF_LICENSE" => "accept-no-persist", +} Dir.mktmpdir("chef-external-test") do |dir| git_url = "https://github.com/#{github_repo}" |