diff options
| author | Gene Wood <gene_wood@cementhorizon.com> | 2022-11-01 13:08:24 -0700 |
|---|---|---|
| committer | Gene Wood <gene_wood@cementhorizon.com> | 2022-11-01 13:08:24 -0700 |
| commit | 2f172c45785e09625d6b79425fe3ea227b1992d6 (patch) | |
| tree | 21298ee1706f3c7722d2960a8187c7a5ed099f3a | |
| parent | 428a95b5212c2cc3ddc233a9078e34f94bc0791e (diff) | |
| parent | 2775983b7003933dd3e952680f0ef836e65e30d4 (diff) | |
| download | chef-2f172c45785e09625d6b79425fe3ea227b1992d6.tar.gz | |
Merge branch 'main' into fix_package_allowed_actions
46 files changed, 773 insertions, 337 deletions
diff --git a/.expeditor/config.yml b/.expeditor/config.yml index 18f4d859df..d1466484ff 100644 --- a/.expeditor/config.yml +++ b/.expeditor/config.yml @@ -33,6 +33,8 @@ schedules: pipelines: - verify: public: true + env: + - IGNORE_ARTIFACTORY_RUBY_PROXY: true # Artifactory is throwing 500's when downloading some gems. - docker/build: definition: .expeditor/docker-build.pipeline.yml trigger: default @@ -43,17 +45,20 @@ pipelines: - omnibus/release: env: - IGNORE_CACHE: true # caching causes constant build failures + - IGNORE_ARTIFACTORY_RUBY_PROXY: true - omnibus/adhoc: definition: .expeditor/release.omnibus.yml env: - ADHOC: true - IGNORE_CACHE: true # caching causes constant build failures + - IGNORE_ARTIFACTORY_RUBY_PROXY: true # the adhoc-canary pipeline is used to test new omnibus workers - omnibus/adhoc-canary: canary: true definition: .expeditor/adhoc-canary.omnibus.yml env: - ADHOC: true + - IGNORE_ARTIFACTORY_RUBY_PROXY: true - macos_universal_package: description: Builds universal macos package using arch specific packages definition: .expeditor/macos_universal_package.pipeline.yml diff --git a/.expeditor/publish-release-notes.sh b/.expeditor/publish-release-notes.sh index 6f5f232301..d45cace20f 100755 --- a/.expeditor/publish-release-notes.sh +++ b/.expeditor/publish-release-notes.sh @@ -2,15 +2,17 @@ set -eou pipefail +rm -rf chef.wiki + git clone https://x-access-token:${GITHUB_TOKEN}@github.com/chef/chef.wiki.git pushd ./chef.wiki # Publish release notes to S3 - aws s3 cp Pending-Release-Notes.md "s3://chef-automate-artifacts/release-notes/${EXPEDITOR_PRODUCT_KEY}/${EXPEDITOR_VERSION}.md" --acl public-read --content-type "text/plain" --profile chef-cd - aws s3 cp Pending-Release-Notes.md "s3://chef-automate-artifacts/${EXPEDITOR_CHANNEL}/latest/${EXPEDITOR_PRODUCT_KEY}/release-notes.md" --acl public-read --content-type "text/plain" --profile chef-cd + aws s3 cp Pending-Release-Notes-18.md "s3://chef-automate-artifacts/release-notes/${EXPEDITOR_PRODUCT_KEY}/${EXPEDITOR_VERSION}.md" --acl public-read --content-type "text/plain" --profile chef-cd + aws s3 cp Pending-Release-Notes-18.md "s3://chef-automate-artifacts/${EXPEDITOR_CHANNEL}/latest/${EXPEDITOR_PRODUCT_KEY}/release-notes.md" --acl public-read --content-type "text/plain" --profile chef-cd # Reset "Stable Release Notes" wiki page - cat >./Pending-Release-Notes.md <<EOH + cat >./Pending-Release-Notes-18.md <<EOH ## Compliance Phase Improvements ## New Resources diff --git a/.expeditor/release.omnibus.yml b/.expeditor/release.omnibus.yml index 35be8a9ec8..bb44478a33 100644 --- a/.expeditor/release.omnibus.yml +++ b/.expeditor/release.omnibus.yml @@ -87,7 +87,6 @@ builder-to-testers-map: - windows-2016-x86_64 - windows-2019-x86_64 - windows-2022-x86_64 - # - windows-8-x86_64 - windows-10-x86_64 - windows-11-x86_64 diff --git a/.expeditor/update_version.sh b/.expeditor/update_version.sh index c8e71e5983..18599cc18a 100755 --- a/.expeditor/update_version.sh +++ b/.expeditor/update_version.sh @@ -27,5 +27,8 @@ sed -i -r "s/(^\s+chef-bin\s+.+)${ORIGINAL_VERSION}(.+)/\1${VERSION}\2/" Gemfile sed -i -r "s/(^\s+chef-config\s+.+)${ORIGINAL_VERSION}(.+)/\1${VERSION}\2/" Gemfile.lock sed -i -r "s/(^\s+chef-utils\s+.+)${ORIGINAL_VERSION}(.+)/\1${VERSION}\2/" Gemfile.lock +#Update the version in knife/Gemfile.lock +sed -i -r "s/(^\s+chef\s+.+)${ORIGINAL_VERSION}(.+)/\1${VERSION}\2/" knife/Gemfile.lock + # Once Expeditor finishes executing this script, it will commit the changes and push # the commit as a new tag corresponding to the value in the VERSION file. diff --git a/.expeditor/verify.pipeline.yml b/.expeditor/verify.pipeline.yml index e8833be063..7ab1ea33cd 100644 --- a/.expeditor/verify.pipeline.yml +++ b/.expeditor/verify.pipeline.yml @@ -146,6 +146,7 @@ steps: - label: "Integration openSUSE 15 :ruby: 3.1" commands: - /workdir/.expeditor/scripts/bk_container_prep.sh + - zypper addrepo --check --priority 50 --refresh --name "Chefzypper-repo" "https://mirror.fcix.net/opensuse/distribution/leap/15.3/repo/oss/" "chefzypper" - zypper install -y cron insserv-compat - cd /workdir; bundle config set --local without omnibus_package - bundle config set --local path 'vendor/bundle' @@ -160,6 +161,7 @@ steps: - label: "Functional openSUSE 15 :ruby: 3.1" commands: - /workdir/.expeditor/scripts/bk_container_prep.sh + - zypper addrepo --check --priority 50 --refresh --name "Chefzypper-repo" "https://mirror.fcix.net/opensuse/distribution/leap/15.3/repo/oss/" "chefzypper" - zypper install -y cronie insserv-compat - zypper install -y libarchive-devel - cd /workdir; bundle config set --local without omnibus_package @@ -175,6 +177,7 @@ steps: - label: "Unit openSUSE 15 :ruby: 3.1" commands: - /workdir/.expeditor/scripts/bk_container_prep.sh + - zypper addrepo --check --priority 50 --refresh --name "Chefzypper-repo" "https://mirror.fcix.net/opensuse/distribution/leap/15.3/repo/oss/" "chefzypper" - zypper install -y cron insserv-compat libarchive-devel - bundle config set --local without omnibus_package - bundle config set --local path 'vendor/bundle' @@ -332,7 +335,7 @@ steps: - apt-get install -y graphviz - bundle config set --local without omnibus_package - bundle install --jobs=3 --retry=3 - - bundle exec tasks/bin/run_external_test berkshelf/berkshelf main rake + - bundle exec tasks/bin/run_external_test chef/berkshelf main rake expeditor: executor: docker: diff --git a/.github/workflows/kitchen.yml b/.github/workflows/kitchen.yml index 00e564709f..7844ebe111 100644 --- a/.github/workflows/kitchen.yml +++ b/.github/workflows/kitchen.yml @@ -71,28 +71,35 @@ jobs: ohai -v rake --version bundle -v - # - name: 'Upgrade Chef/Ohai via Appbundler' - # id: upgrade - # run: | - # $env:PATH = "C:\opscode\chef\bin;C:\opscode\chef\embedded\bin;" + $env:PATH - # $env:OHAI_VERSION = ( Select-String -Path .\Gemfile.lock -Pattern '(?<=ohai \()\d.*(?=\))' | ForEach-Object { $_.Matches[0].Value } ) + - name: 'Upgrade Chef/Ohai via Appbundler' + id: upgrade + run: | + $env:PATH = "C:\opscode\chef\bin;C:\opscode\chef\embedded\bin;" + $env:PATH + $env:OHAI_VERSION = ( Select-String -Path .\Gemfile.lock -Pattern '(?<=ohai \()\d.*(?=\))' | ForEach-Object { $_.Matches[0].Value } ) + + # The chef-client installer does not put the file 'ansidecl.h' down in the correct location + # This leads to failures during testing. Moving that file to its correct position here. + # Another example of 'bad' that needs to be corrected + $output = gci -path C:\opscode\ -file ansidecl.h -Recurse + + # As of Ruby 3.1, there are 3 ansidecl.h files found in the opscode path + # Grabbing the first (and shortest) path found is a bit of a :fingers-crossed: but + # making the leap that ansidecl.h isn't going to vary in a way that will fail + # subtly. + if ($output -is [Array]) { $output = $output[0] } - # # The chef-client installer does not put the file 'ansidecl.h' down in the correct location - # # This leads to failures during testing. Moving that file to its correct position here. - # # Another example of 'bad' that needs to be corrected - # $output = gci -path C:\opscode\ -file ansidecl.h -Recurse - # $target_path = $($output.Directory.Parent.FullName + "\x86_64-w64-mingw32\include") - # Move-Item -Path $output.FullName -Destination $target_path + $target_path = $($output.Directory.Parent.FullName + "\x86_64-w64-mingw32\include") + Move-Item -Path $output.FullName -Destination $target_path - # gem install appbundler appbundle-updater --no-doc - # If ($lastexitcode -ne 0) { Exit $lastexitcode } - # appbundle-updater chef chef $env:GITHUB_SHA --tarball --github $env:GITHUB_REPOSITORY - # If ($lastexitcode -ne 0) { Exit $lastexitcode } - # Write-Output "Installed Chef / Ohai release:" - # chef-client -v - # If ($lastexitcode -ne 0) { Exit $lastexitcode } - # ohai -v - # If ($lastexitcode -ne 0) { Exit $lastexitcode } + gem install appbundler appbundle-updater --no-doc + If ($lastexitcode -ne 0) { Exit $lastexitcode } + appbundle-updater chef chef $env:GITHUB_SHA --tarball --github $env:GITHUB_REPOSITORY + If ($lastexitcode -ne 0) { Exit $lastexitcode } + Write-Output "Installed Chef / Ohai release:" + chef-client -v + If ($lastexitcode -ne 0) { Exit $lastexitcode } + ohai -v + If ($lastexitcode -ne 0) { Exit $lastexitcode } - name: 'Run end_to_end::default recipe' id: run run: | @@ -211,8 +218,6 @@ jobs: ruby -v echo "Which ruby are we using?" which ruby - sudo mv /home/runner/work/chef/chef /home/runner/work/chef/chef17 - git clone https://github.com/chef/chef.git /home/runner/work/chef/chef cd /home/runner/work/chef/chef bundle install gem install kitchen diff --git a/.gitignore b/.gitignore index 0bb2f93da8..91ab9d6c77 100644 --- a/.gitignore +++ b/.gitignore @@ -81,7 +81,7 @@ chef-utils/pkg # knife knife/.bundle -knife/Gemfile.lock +#knife/Gemfile.lock We need this lockfile (for now) so that chef gets installed with windows gemspec under knife on windows platforms. knife/pkg knife/spec/data/test-dir knife/spec/data/nodes diff --git a/CHANGELOG.md b/CHANGELOG.md index 56cb6e9d04..8071092279 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,166 +1,199 @@ <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ --> This changelog lists individual merged pull requests to Chef Infra Client and geared towards developers. For a list of significant changes per release see the [Chef Infra Client Release Notes](https://docs.chef.io/release_notes_client/). -<!-- latest_release 18.0.144 --> -## [v18.0.144](https://github.com/chef/chef/tree/v18.0.144) (2022-09-09) +<!-- latest_release 18.0.172 --> +## [v18.0.172](https://github.com/chef/chef/tree/v18.0.172) (2022-11-01) #### Merged Pull Requests -- Move Gemfile.locks to 2.3.7 and disable .github kitchen install of 2.3.18 [#13176](https://github.com/chef/chef/pull/13176) ([tpowell-progress](https://github.com/tpowell-progress)) +- Bugfix: checksum validation [#13210](https://github.com/chef/chef/pull/13210) ([decoyjoe](https://github.com/decoyjoe)) <!-- latest_release --> -<!-- release_rollup since=17.9.26 --> +<!-- release_rollup since=18.0.169 --> ### Changes not yet released to stable #### Merged Pull Requests -- Move Gemfile.locks to 2.3.7 and disable .github kitchen install of 2.3.18 [#13176](https://github.com/chef/chef/pull/13176) ([tpowell-progress](https://github.com/tpowell-progress)) <!-- 18.0.144 --> -- The worker container for expeditor needs to use Ruby 3.1.0 [#13171](https://github.com/chef/chef/pull/13171) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.143 --> -- Add empty pipeline for macos universal package [#13152](https://github.com/chef/chef/pull/13152) ([vkarve-chef](https://github.com/vkarve-chef)) <!-- 18.0.142 --> -- Add newline to end of sysctl files [#13118](https://github.com/chef/chef/pull/13118) ([tmccombs](https://github.com/tmccombs)) <!-- 18.0.141 --> -- fix chef_client_scheduled_task splay to accept 0 [#13095](https://github.com/chef/chef/pull/13095) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.140 --> -- add url for principal names [#13104](https://github.com/chef/chef/pull/13104) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.139 --> -- Added how to doc with details about documentation for infra client resources [#13046](https://github.com/chef/chef/pull/13046) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.138 --> -- Wording change in error for missing recipe dependency ("Obvious Fix") [#13061](https://github.com/chef/chef/pull/13061) ([c-drive](https://github.com/c-drive)) <!-- 18.0.137 --> -- Require etc library [#13068](https://github.com/chef/chef/pull/13068) ([curzonj](https://github.com/curzonj)) <!-- 18.0.136 --> -- Bump omnibus-software from `a9b13a0` to `1d540dc` in /omnibus [#13089](https://github.com/chef/chef/pull/13089) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.135 --> -- Re add: Use new msys2 based devkit for windows"" [#13097](https://github.com/chef/chef/pull/13097) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.134 --> -- Skip tests on FreeBSD-13 [#13079](https://github.com/chef/chef/pull/13079) ([poorndm](https://github.com/poorndm)) <!-- 18.0.133 --> -- Add AIX-7.3 to Build Matrix [#13058](https://github.com/chef/chef/pull/13058) ([poorndm](https://github.com/poorndm)) <!-- 18.0.132 --> -- update property DSL docs [#13093](https://github.com/chef/chef/pull/13093) ([jasonwbarnett](https://github.com/jasonwbarnett)) <!-- 18.0.131 --> -- Revert "Use new msys2 based devkit for windows" [#13063](https://github.com/chef/chef/pull/13063) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.130 --> -- Fixed sensitive properties unsuppressed content issue [#13014](https://github.com/chef/chef/pull/13014) ([blabade](https://github.com/blabade)) <!-- 18.0.129 --> -- Fix issue in adhoc nightly builds [#13059](https://github.com/chef/chef/pull/13059) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.128 --> -- Use new msys2 based devkit for windows [#13038](https://github.com/chef/chef/pull/13038) ([mwrock](https://github.com/mwrock)) <!-- 18.0.127 --> -- Use dist constant when invoking knife configure [#12926](https://github.com/chef/chef/pull/12926) ([ramereth](https://github.com/ramereth)) <!-- 18.0.126 --> -- Add nightlies for chef-17 to run every Tue, Thu and chef-16 to run every Tue [#13018](https://github.com/chef/chef/pull/13018) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.125 --> -- AdHoc Pipeline Windows PageFile Test errors [#13009](https://github.com/chef/chef/pull/13009) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.124 --> -- Fix fedora kitchen test failure [#13020](https://github.com/chef/chef/pull/13020) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.123 --> -- Refactored tests for older Windows versions [#13019](https://github.com/chef/chef/pull/13019) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.122 --> -- Correcting Cert creation for rspec tests [#13010](https://github.com/chef/chef/pull/13010) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.121 --> -- Updated Ruby version in omnibus_overrides [#12995](https://github.com/chef/chef/pull/12995) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.120 --> -- Fix documentation for chef_client_scheduled_task [#12917](https://github.com/chef/chef/pull/12917) ([williamtheaker](https://github.com/williamtheaker)) <!-- 18.0.119 --> -- Zypper package source property addition [#12182](https://github.com/chef/chef/pull/12182) ([manick-vel-11](https://github.com/manick-vel-11)) <!-- 18.0.118 --> -- Smriti/3884 mounting cifs shares with spaces [#11626](https://github.com/chef/chef/pull/11626) ([msys-sgarg](https://github.com/msys-sgarg)) <!-- 18.0.117 --> -- Fix cron_d job name character set [#12377](https://github.com/chef/chef/pull/12377) ([hamarituc](https://github.com/hamarituc)) <!-- 18.0.116 --> -- Add CONTAINER_IMAGE dist constant [#12806](https://github.com/chef/chef/pull/12806) ([jakauppila](https://github.com/jakauppila)) <!-- 18.0.115 --> -- Stop executing locale-gen on every chef run by adding -h flag [#12833](https://github.com/chef/chef/pull/12833) ([hrak](https://github.com/hrak)) <!-- 18.0.114 --> -- KTLO - Updating authenticator.rb to correct for random password creation failures [#12980](https://github.com/chef/chef/pull/12980) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.113 --> -- refactoring the version check [#12988](https://github.com/chef/chef/pull/12988) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.112 --> -- Bumping license_scout version [#12992](https://github.com/chef/chef/pull/12992) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.111 --> -- Adjusting cert creation for older Windows platforms [#12965](https://github.com/chef/chef/pull/12965) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.110 --> -- Bump ohai to 18.0.14 [#12973](https://github.com/chef/chef/pull/12973) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.109 --> -- Update the command to enable adhoc jobs for chef/chef main pipeline [#12979](https://github.com/chef/chef/pull/12979) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.108 --> -- Fix error 'error validating X-Vault-AWS-IAM-Server-ID header: missing header X-Vault-AWS-IAM-Server-ID' in Hashi Vault secret manager for AWS IAM auth method [#12956](https://github.com/chef/chef/pull/12956) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.107 --> -- Add nightly builds for chef/chef:main [#12971](https://github.com/chef/chef/pull/12971) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.106 --> -- Remove the beta feature warning which shows up when using Secret Manager [#12925](https://github.com/chef/chef/pull/12925) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.105 --> -- adding UCRT support to the build pipelines [#12959](https://github.com/chef/chef/pull/12959) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.104 --> -- Updated ncurses and gems [#12953](https://github.com/chef/chef/pull/12953) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.103 --> -- Updated files to account for pem storage in the Certificate Store [#12910](https://github.com/chef/chef/pull/12910) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.102 --> -- updated version data to properly account for Windows 11 and its assoc… [#12919](https://github.com/chef/chef/pull/12919) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.101 --> -- Knife upload: bad error message when a recipe has a syntax error [#11678](https://github.com/chef/chef/pull/11678) ([snehaldwivedi](https://github.com/snehaldwivedi)) <!-- 18.0.100 --> -- updating throw statement to only execute on non-zero exit codes [#12918](https://github.com/chef/chef/pull/12918) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.99 --> -- Refactoring Windows certificate code and tests to reflect updates in the win32-certstore gem [#12859](https://github.com/chef/chef/pull/12859) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.98 --> -- flush package cache after registering via rhsm_register [#12828](https://github.com/chef/chef/pull/12828) ([jasonwbarnett](https://github.com/jasonwbarnett)) <!-- 18.0.97 --> -- handling exception for compliance phase error during chef spec run [#12830](https://github.com/chef/chef/pull/12830) ([i5pranay93](https://github.com/i5pranay93)) <!-- 18.0.96 --> -- Renamed private method as conflicting to inbuilt method and getting warning [#12849](https://github.com/chef/chef/pull/12849) ([sanga1794](https://github.com/sanga1794)) <!-- 18.0.95 --> -- Bump berkshelf from 7.2.2 to 8.0.0 in /omnibus [#12837](https://github.com/chef/chef/pull/12837) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.94 --> -- add expire and inactive options to linux user resource [#11659](https://github.com/chef/chef/pull/11659) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.93 --> -- Fix chef_client_config template rendering [#12817](https://github.com/chef/chef/pull/12817) ([jasonwbarnett](https://github.com/jasonwbarnett)) <!-- 18.0.92 --> -- main - Update bundle [#12788](https://github.com/chef/chef/pull/12788) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.91 --> -- Updates for the chef_client_config resource [#12732](https://github.com/chef/chef/pull/12732) ([chef-davin](https://github.com/chef-davin)) <!-- 18.0.90 --> -- SELinux integration to infra client [#12694](https://github.com/chef/chef/pull/12694) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.89 --> -- Updating For Ruby 3.1 [#12769](https://github.com/chef/chef/pull/12769) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.88 --> -- Updating gemfile.locks [#12751](https://github.com/chef/chef/pull/12751) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.87 --> -- Rest Resource Support [#12755](https://github.com/chef/chef/pull/12755) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.86 --> -- Bump omnibus-software in Gemfile.lock [#12754](https://github.com/chef/chef/pull/12754) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) <!-- 18.0.85 --> -- Bump libxslt to 1.1.35 [#12752](https://github.com/chef/chef/pull/12752) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) <!-- 18.0.84 --> -- Fix attribute performance issues in node.read [#12742](https://github.com/chef/chef/pull/12742) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.83 --> -- Add rubygems_url property to chef_client_config resource [#12724](https://github.com/chef/chef/pull/12724) ([DecoyJoe](https://github.com/DecoyJoe)) <!-- 18.0.82 --> -- Bump libxml2 to 2.9.13 [#12739](https://github.com/chef/chef/pull/12739) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.81 --> -- avoid coercion to block for new plist file content, fix adding a new dictionary [#12680](https://github.com/chef/chef/pull/12680) ([jazaval](https://github.com/jazaval)) <!-- 18.0.80 --> -- Add support for default secret service and config [#12140](https://github.com/chef/chef/pull/12140) ([jasonwbarnett](https://github.com/jasonwbarnett)) <!-- 18.0.79 --> -- Client code to put a certificate into the certstore and then retrieve it later during a chef-run. Unit tests included [#12640](https://github.com/chef/chef/pull/12640) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.78 --> -- update libxml2 to 2.9.12 [#12730](https://github.com/chef/chef/pull/12730) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.77 --> -- Package resource was calling a non-existent error method [#12722](https://github.com/chef/chef/pull/12722) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.76 --> -- update chef client launchd to run at load [#12706](https://github.com/chef/chef/pull/12706) ([rishichawda](https://github.com/rishichawda)) <!-- 18.0.75 --> -- Enable ruby 3.1 testing on verify pipeline for unix, fix breakage [#12695](https://github.com/chef/chef/pull/12695) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.74 --> -- Use the latest libarchive (3.6.0) [#12648](https://github.com/chef/chef/pull/12648) ([tas50](https://github.com/tas50)) <!-- 18.0.73 --> -- Ruby 3.1 fixes [#12696](https://github.com/chef/chef/pull/12696) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.72 --> -- Chef-18: Enable unifed_mode by default [#12692](https://github.com/chef/chef/pull/12692) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.71 --> -- Fix windows kitchen tests [#12693](https://github.com/chef/chef/pull/12693) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.70 --> -- Fix PEM file generation when user is created [#12619](https://github.com/chef/chef/pull/12619) ([sanjain-progress](https://github.com/sanjain-progress)) <!-- 18.0.69 --> -- Bump omnibus-software from `f64a223` to `5947560` in /omnibus [#12670](https://github.com/chef/chef/pull/12670) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.68 --> -- Modernize the http_request resource code and specs [#12682](https://github.com/chef/chef/pull/12682) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.67 --> -- Updated Rspec to add verbose logging [#12683](https://github.com/chef/chef/pull/12683) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.66 --> -- turn off caching for adhoc pipelines [#12661](https://github.com/chef/chef/pull/12661) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.65 --> -- Add OMNITRUCK_URL dist constant [#12654](https://github.com/chef/chef/pull/12654) ([ramereth](https://github.com/ramereth)) <!-- 18.0.64 --> -- Update to libffi 3.4.2 [#12658](https://github.com/chef/chef/pull/12658) ([tas50](https://github.com/tas50)) <!-- 18.0.63 --> -- Update nokogiri to 1.13.1 [#12649](https://github.com/chef/chef/pull/12649) ([tas50](https://github.com/tas50)) <!-- 18.0.62 --> -- Fix multiple regressions in yum_package provider [#12657](https://github.com/chef/chef/pull/12657) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.61 --> -- Stop cleaning the dokken sandbox [#12656](https://github.com/chef/chef/pull/12656) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.60 --> -- Bump train-rest to 0.4.2 [#12653](https://github.com/chef/chef/pull/12653) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.59 --> -- Bump chef/ohai to 77929155a6f82b7e65db624b37766bf9fb5f81fb [#12638](https://github.com/chef/chef/pull/12638) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.57 --> -- Bump chef/ohai to 58462789693e00c45c422f347c64d612862c104e [#12637](https://github.com/chef/chef/pull/12637) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.56 --> -- Add train-rest as a dep for target mode [#12633](https://github.com/chef/chef/pull/12633) ([tas50](https://github.com/tas50)) <!-- 18.0.55 --> -- Add --always-dump-stacktrace to integration tests that use chef-client [#12615](https://github.com/chef/chef/pull/12615) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.54 --> -- Bump omnibus-software from `eb3cc77` to `d5ff796` in /omnibus [#12628](https://github.com/chef/chef/pull/12628) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.52 --> -- Loosen the win32-api dep to allow for the latest releases [#12614](https://github.com/chef/chef/pull/12614) ([tas50](https://github.com/tas50)) <!-- 18.0.51 --> -- Bump chef/ohai to 594372d3a48ccea6d2eddd173bc1281f314f0f09 [#12616](https://github.com/chef/chef/pull/12616) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.50 --> -- More ruby 3.0 fixes [#12621](https://github.com/chef/chef/pull/12621) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.49 --> -- Disable knife gem install in kitchen tests [#12618](https://github.com/chef/chef/pull/12618) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.46 --> -- Bump chef/chefstyle to 8459a2f943dcef42a27518563eaf0b2dad3b4972 [#12611](https://github.com/chef/chef/pull/12611) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.45 --> -- fixes for #12589 for compliance audit-enforcer reporter [#12595](https://github.com/chef/chef/pull/12595) ([collinmcneese](https://github.com/collinmcneese)) <!-- 18.0.44 --> -- Bump omnibus-software from `a4f4849` to `d602268` in /omnibus [#12592](https://github.com/chef/chef/pull/12592) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.43 --> -- Pin openssl to 1.1.1m [#12598](https://github.com/chef/chef/pull/12598) ([jayashrig158](https://github.com/jayashrig158)) <!-- 18.0.42 --> -- Validate resource spec passed to subscribes [#12525](https://github.com/chef/chef/pull/12525) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.41 --> -- Avoid calculating etc_chef_dir multiple times on startup [#12581](https://github.com/chef/chef/pull/12581) ([neha-p6](https://github.com/neha-p6)) <!-- 18.0.40 --> -- Bump omnibus-software from `91c1297` to `a4f4849` in /omnibus [#12585](https://github.com/chef/chef/pull/12585) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.39 --> -- Bump omnibus from `55e74ac` to `cf9ef0a` in /omnibus [#12584](https://github.com/chef/chef/pull/12584) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.38 --> -- Fix windows hab builds with rake install:local [#12579](https://github.com/chef/chef/pull/12579) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.37 --> -- Bump omnibus-software from `c7a43ec` to `91c1297` in /omnibus [#12576](https://github.com/chef/chef/pull/12576) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.35 --> -- Bump corefoundation to 0.3.13 [#12574](https://github.com/chef/chef/pull/12574) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.34 --> -- Make sure network scripts dir exists on alma [#12565](https://github.com/chef/chef/pull/12565) ([tas50](https://github.com/tas50)) <!-- 18.0.33 --> -- net-ftp isn't bundled in Ruby 3.1 anymore so dep on it [#12399](https://github.com/chef/chef/pull/12399) ([tas50](https://github.com/tas50)) <!-- 18.0.32 --> -- Switch from centos-8 to almalinux-8 [#12544](https://github.com/chef/chef/pull/12544) ([tas50](https://github.com/tas50)) <!-- 18.0.31 --> -- Eager load ffi-libarchive to resolve centos-7 failures [#12552](https://github.com/chef/chef/pull/12552) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.31 --> -- Relax dep on diff-lcs now that 1.4.0 regression is fixed [#12534](https://github.com/chef/chef/pull/12534) ([tas50](https://github.com/tas50)) <!-- 18.0.30 --> -- Bump pedump from 0.6.3 to 0.6.4 in /omnibus [#12536](https://github.com/chef/chef/pull/12536) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.29 --> -- Bump omnibus-software from `1c00b6d` to `791cc46` in /omnibus [#12550](https://github.com/chef/chef/pull/12550) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.28 --> -- Add constant for ChefServer system user [#12513](https://github.com/chef/chef/pull/12513) ([aleksey-hariton](https://github.com/aleksey-hariton)) <!-- 18.0.27 --> -- Updated the chef client to retrieve certs from the Windows Cert store. [#12426](https://github.com/chef/chef/pull/12426) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.26 --> -- Adding support to move the client.pem to secure storage [#12518](https://github.com/chef/chef/pull/12518) ([johnmccrae](https://github.com/johnmccrae)) <!-- 18.0.25 --> -- Chef 18 - Added constant with Server`s docs url [#12539](https://github.com/chef/chef/pull/12539) ([aleksey-hariton](https://github.com/aleksey-hariton)) <!-- 18.0.24 --> -- Fix inspec waivers in compliance mode [#12523](https://github.com/chef/chef/pull/12523) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.23 --> -- Bump omnibus from `201afa9` to `55e74ac` in /omnibus [#12529](https://github.com/chef/chef/pull/12529) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.22 --> -- Bump omnibus-software from `aa02d49` to `1c00b6d` in /omnibus [#12528](https://github.com/chef/chef/pull/12528) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.21 --> -- Bump fauxhai-ng to 9.3.0 [#12516](https://github.com/chef/chef/pull/12516) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.20 --> -- Suppress deprecation warning for chef-client-updater cookbook [#12502](https://github.com/chef/chef/pull/12502) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.18 --> -- Bump omnibus from `9c83f73` to `201afa9` in /omnibus [#12508](https://github.com/chef/chef/pull/12508) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.17 --> -- Bump omnibus-software from `c2fb9a4` to `aa02d49` in /omnibus [#12504](https://github.com/chef/chef/pull/12504) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.16 --> -- Add an expeditor corefoundation subscription [#12498](https://github.com/chef/chef/pull/12498) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.15 --> -- replace links in resource doc examples [#12482](https://github.com/chef/chef/pull/12482) ([IanMadd](https://github.com/IanMadd)) <!-- 18.0.14 --> -- Bump omnibus-software from `dd555fa` to `c2fb9a4` in /omnibus [#12484](https://github.com/chef/chef/pull/12484) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.13 --> -- Bump omnibus from `7c5db7e` to `9c83f73` in /omnibus [#12485](https://github.com/chef/chef/pull/12485) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.12 --> -- Bump omnibus from `2bf77bb` to `7c5db7e` in /omnibus [#12481](https://github.com/chef/chef/pull/12481) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.11 --> -- Bump package gems and omnibus gems [#12457](https://github.com/chef/chef/pull/12457) ([lamont-granquist](https://github.com/lamont-granquist)) <!-- 18.0.10 --> -- Bump chef/ohai to ad16192e00b4fa686756a72f081d3496d33a1698 [#12449](https://github.com/chef/chef/pull/12449) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.9 --> -- Bump omnibus-software from `2e637bf` to `16e5ae5` in /omnibus [#12451](https://github.com/chef/chef/pull/12451) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.8 --> -- Bump chef/chefstyle to d2ab8682d167351e5c5d864700a6bc4dac4ddf46 [#12452](https://github.com/chef/chef/pull/12452) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 18.0.7 --> -- user: handle nil home dirs on macOS [#12443](https://github.com/chef/chef/pull/12443) ([tas50](https://github.com/tas50)) <!-- 18.0.6 --> -- chef_client_config: ensure config property directories exist [#12416](https://github.com/chef/chef/pull/12416) ([Stromweld](https://github.com/Stromweld)) <!-- 18.0.5 --> -- Bump omnibus-software from `94ef29b` to `2e637bf` in /omnibus [#12439](https://github.com/chef/chef/pull/12439) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 18.0.4 --> -- fix typo in chef-sleep resource documentation example block [#12441](https://github.com/chef/chef/pull/12441) ([JHBoricua](https://github.com/JHBoricua)) <!-- 18.0.3 --> -- Fix ruby cleanup breaking builds [#12440](https://github.com/chef/chef/pull/12440) ([tas50](https://github.com/tas50)) <!-- 18.0.2 --> -- Add Amazon 2022 to our pipeline [#12437](https://github.com/chef/chef/pull/12437) ([tas50](https://github.com/tas50)) <!-- 18.0.1 --> -- Bump version to 18.0 and fix master references [#12432](https://github.com/chef/chef/pull/12432) ([tas50](https://github.com/tas50)) <!-- 18.0.0 --> -- Bump omnibus-software from `b6dd27a` to `94ef29b` in /omnibus [#12429](https://github.com/chef/chef/pull/12429) ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 17.9.32 --> -- Bump chef/ohai to fc48360746fa102f1c46ed1aee82896d94a3d4a3 [#12427](https://github.com/chef/chef/pull/12427) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) <!-- 17.9.31 --> -- Resolve Performance/RegexpMatch warnings [#12411](https://github.com/chef/chef/pull/12411) ([tas50](https://github.com/tas50)) <!-- 17.9.27 --> -- Resolve Performance/Count warning [#12410](https://github.com/chef/chef/pull/12410) ([tas50](https://github.com/tas50)) <!-- 17.9.28 --> -- Reduce 213 requires from each knife call [#12409](https://github.com/chef/chef/pull/12409) ([tas50](https://github.com/tas50)) <!-- 17.9.29 --> -- Simplify file reads [#12386](https://github.com/chef/chef/pull/12386) ([tas50](https://github.com/tas50)) <!-- 17.9.30 --> +- Bugfix: checksum validation [#13210](https://github.com/chef/chef/pull/13210) ([decoyjoe](https://github.com/decoyjoe)) <!-- 18.0.172 --> +- Docs: Fix windows package docs examples [#13211](https://github.com/chef/chef/pull/13211) ([decoyjoe](https://github.com/decoyjoe)) <!-- 18.0.171 --> +- Update the badssl cert to fix kitchen tests [#13311](https://github.com/chef/chef/pull/13311) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) <!-- 18.0.170 --> <!-- release_rollup --> <!-- latest_stable_release --> +## [v18.0.169](https://github.com/chef/chef/tree/v18.0.169) (2022-10-27) + +#### Merged Pull Requests +- Simplify file reads [#12386](https://github.com/chef/chef/pull/12386) ([tas50](https://github.com/tas50)) +- Reduce 213 requires from each knife call [#12409](https://github.com/chef/chef/pull/12409) ([tas50](https://github.com/tas50)) +- Resolve Performance/Count warning [#12410](https://github.com/chef/chef/pull/12410) ([tas50](https://github.com/tas50)) +- Resolve Performance/RegexpMatch warnings [#12411](https://github.com/chef/chef/pull/12411) ([tas50](https://github.com/tas50)) +- Bump chef/ohai to fc48360746fa102f1c46ed1aee82896d94a3d4a3 [#12427](https://github.com/chef/chef/pull/12427) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump omnibus-software from `b6dd27a` to `94ef29b` in /omnibus [#12429](https://github.com/chef/chef/pull/12429) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump version to 18.0 and fix master references [#12432](https://github.com/chef/chef/pull/12432) ([tas50](https://github.com/tas50)) +- Add Amazon 2022 to our pipeline [#12437](https://github.com/chef/chef/pull/12437) ([tas50](https://github.com/tas50)) +- Fix ruby cleanup breaking builds [#12440](https://github.com/chef/chef/pull/12440) ([tas50](https://github.com/tas50)) +- fix typo in chef-sleep resource documentation example block [#12441](https://github.com/chef/chef/pull/12441) ([JHBoricua](https://github.com/JHBoricua)) +- Bump omnibus-software from `94ef29b` to `2e637bf` in /omnibus [#12439](https://github.com/chef/chef/pull/12439) ([dependabot[bot]](https://github.com/dependabot[bot])) +- chef_client_config: ensure config property directories exist [#12416](https://github.com/chef/chef/pull/12416) ([Stromweld](https://github.com/Stromweld)) +- user: handle nil home dirs on macOS [#12443](https://github.com/chef/chef/pull/12443) ([tas50](https://github.com/tas50)) +- Bump chef/chefstyle to d2ab8682d167351e5c5d864700a6bc4dac4ddf46 [#12452](https://github.com/chef/chef/pull/12452) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump omnibus-software from `2e637bf` to `16e5ae5` in /omnibus [#12451](https://github.com/chef/chef/pull/12451) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump chef/ohai to ad16192e00b4fa686756a72f081d3496d33a1698 [#12449](https://github.com/chef/chef/pull/12449) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump package gems and omnibus gems [#12457](https://github.com/chef/chef/pull/12457) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump omnibus from `2bf77bb` to `7c5db7e` in /omnibus [#12481](https://github.com/chef/chef/pull/12481) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump omnibus from `7c5db7e` to `9c83f73` in /omnibus [#12485](https://github.com/chef/chef/pull/12485) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump omnibus-software from `dd555fa` to `c2fb9a4` in /omnibus [#12484](https://github.com/chef/chef/pull/12484) ([dependabot[bot]](https://github.com/dependabot[bot])) +- replace links in resource doc examples [#12482](https://github.com/chef/chef/pull/12482) ([IanMadd](https://github.com/IanMadd)) +- Add an expeditor corefoundation subscription [#12498](https://github.com/chef/chef/pull/12498) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump omnibus-software from `c2fb9a4` to `aa02d49` in /omnibus [#12504](https://github.com/chef/chef/pull/12504) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump omnibus from `9c83f73` to `201afa9` in /omnibus [#12508](https://github.com/chef/chef/pull/12508) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Suppress deprecation warning for chef-client-updater cookbook [#12502](https://github.com/chef/chef/pull/12502) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump fauxhai-ng to 9.3.0 [#12516](https://github.com/chef/chef/pull/12516) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump omnibus-software from `aa02d49` to `1c00b6d` in /omnibus [#12528](https://github.com/chef/chef/pull/12528) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump omnibus from `201afa9` to `55e74ac` in /omnibus [#12529](https://github.com/chef/chef/pull/12529) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Fix inspec waivers in compliance mode [#12523](https://github.com/chef/chef/pull/12523) ([lamont-granquist](https://github.com/lamont-granquist)) +- Chef 18 - Added constant with Server`s docs url [#12539](https://github.com/chef/chef/pull/12539) ([aleksey-hariton](https://github.com/aleksey-hariton)) +- Adding support to move the client.pem to secure storage [#12518](https://github.com/chef/chef/pull/12518) ([johnmccrae](https://github.com/johnmccrae)) +- Updated the chef client to retrieve certs from the Windows Cert store. [#12426](https://github.com/chef/chef/pull/12426) ([johnmccrae](https://github.com/johnmccrae)) +- Add constant for ChefServer system user [#12513](https://github.com/chef/chef/pull/12513) ([aleksey-hariton](https://github.com/aleksey-hariton)) +- Bump omnibus-software from `1c00b6d` to `791cc46` in /omnibus [#12550](https://github.com/chef/chef/pull/12550) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump pedump from 0.6.3 to 0.6.4 in /omnibus [#12536](https://github.com/chef/chef/pull/12536) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Relax dep on diff-lcs now that 1.4.0 regression is fixed [#12534](https://github.com/chef/chef/pull/12534) ([tas50](https://github.com/tas50)) +- Eager load ffi-libarchive to resolve centos-7 failures [#12552](https://github.com/chef/chef/pull/12552) ([lamont-granquist](https://github.com/lamont-granquist)) +- Switch from centos-8 to almalinux-8 [#12544](https://github.com/chef/chef/pull/12544) ([tas50](https://github.com/tas50)) +- net-ftp isn't bundled in Ruby 3.1 anymore so dep on it [#12399](https://github.com/chef/chef/pull/12399) ([tas50](https://github.com/tas50)) +- Make sure network scripts dir exists on alma [#12565](https://github.com/chef/chef/pull/12565) ([tas50](https://github.com/tas50)) +- Bump corefoundation to 0.3.13 [#12574](https://github.com/chef/chef/pull/12574) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump omnibus-software from `c7a43ec` to `91c1297` in /omnibus [#12576](https://github.com/chef/chef/pull/12576) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Fix windows hab builds with rake install:local [#12579](https://github.com/chef/chef/pull/12579) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump omnibus from `55e74ac` to `cf9ef0a` in /omnibus [#12584](https://github.com/chef/chef/pull/12584) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Bump omnibus-software from `91c1297` to `a4f4849` in /omnibus [#12585](https://github.com/chef/chef/pull/12585) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Avoid calculating etc_chef_dir multiple times on startup [#12581](https://github.com/chef/chef/pull/12581) ([neha-p6](https://github.com/neha-p6)) +- Validate resource spec passed to subscribes [#12525](https://github.com/chef/chef/pull/12525) ([neha-p6](https://github.com/neha-p6)) +- Pin openssl to 1.1.1m [#12598](https://github.com/chef/chef/pull/12598) ([jayashrig158](https://github.com/jayashrig158)) +- Bump omnibus-software from `a4f4849` to `d602268` in /omnibus [#12592](https://github.com/chef/chef/pull/12592) ([dependabot[bot]](https://github.com/dependabot[bot])) +- fixes for #12589 for compliance audit-enforcer reporter [#12595](https://github.com/chef/chef/pull/12595) ([collinmcneese](https://github.com/collinmcneese)) +- Bump chef/chefstyle to 8459a2f943dcef42a27518563eaf0b2dad3b4972 [#12611](https://github.com/chef/chef/pull/12611) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Disable knife gem install in kitchen tests [#12618](https://github.com/chef/chef/pull/12618) ([lamont-granquist](https://github.com/lamont-granquist)) +- More ruby 3.0 fixes [#12621](https://github.com/chef/chef/pull/12621) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump chef/ohai to 594372d3a48ccea6d2eddd173bc1281f314f0f09 [#12616](https://github.com/chef/chef/pull/12616) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Loosen the win32-api dep to allow for the latest releases [#12614](https://github.com/chef/chef/pull/12614) ([tas50](https://github.com/tas50)) +- Bump omnibus-software from `eb3cc77` to `d5ff796` in /omnibus [#12628](https://github.com/chef/chef/pull/12628) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Add --always-dump-stacktrace to integration tests that use chef-client [#12615](https://github.com/chef/chef/pull/12615) ([neha-p6](https://github.com/neha-p6)) +- Add train-rest as a dep for target mode [#12633](https://github.com/chef/chef/pull/12633) ([tas50](https://github.com/tas50)) +- Bump chef/ohai to 58462789693e00c45c422f347c64d612862c104e [#12637](https://github.com/chef/chef/pull/12637) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump chef/ohai to 77929155a6f82b7e65db624b37766bf9fb5f81fb [#12638](https://github.com/chef/chef/pull/12638) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Bump train-rest to 0.4.2 [#12653](https://github.com/chef/chef/pull/12653) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Stop cleaning the dokken sandbox [#12656](https://github.com/chef/chef/pull/12656) ([lamont-granquist](https://github.com/lamont-granquist)) +- Fix multiple regressions in yum_package provider [#12657](https://github.com/chef/chef/pull/12657) ([lamont-granquist](https://github.com/lamont-granquist)) +- Update nokogiri to 1.13.1 [#12649](https://github.com/chef/chef/pull/12649) ([tas50](https://github.com/tas50)) +- Update to libffi 3.4.2 [#12658](https://github.com/chef/chef/pull/12658) ([tas50](https://github.com/tas50)) +- Add OMNITRUCK_URL dist constant [#12654](https://github.com/chef/chef/pull/12654) ([ramereth](https://github.com/ramereth)) +- turn off caching for adhoc pipelines [#12661](https://github.com/chef/chef/pull/12661) ([lamont-granquist](https://github.com/lamont-granquist)) +- Updated Rspec to add verbose logging [#12683](https://github.com/chef/chef/pull/12683) ([johnmccrae](https://github.com/johnmccrae)) +- Modernize the http_request resource code and specs [#12682](https://github.com/chef/chef/pull/12682) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump omnibus-software from `f64a223` to `5947560` in /omnibus [#12670](https://github.com/chef/chef/pull/12670) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Fix PEM file generation when user is created [#12619](https://github.com/chef/chef/pull/12619) ([sanjain-progress](https://github.com/sanjain-progress)) +- Fix windows kitchen tests [#12693](https://github.com/chef/chef/pull/12693) ([lamont-granquist](https://github.com/lamont-granquist)) +- Chef-18: Enable unifed_mode by default [#12692](https://github.com/chef/chef/pull/12692) ([lamont-granquist](https://github.com/lamont-granquist)) +- Ruby 3.1 fixes [#12696](https://github.com/chef/chef/pull/12696) ([lamont-granquist](https://github.com/lamont-granquist)) +- Use the latest libarchive (3.6.0) [#12648](https://github.com/chef/chef/pull/12648) ([tas50](https://github.com/tas50)) +- Enable ruby 3.1 testing on verify pipeline for unix, fix breakage [#12695](https://github.com/chef/chef/pull/12695) ([lamont-granquist](https://github.com/lamont-granquist)) +- update chef client launchd to run at load [#12706](https://github.com/chef/chef/pull/12706) ([rishichawda](https://github.com/rishichawda)) +- Package resource was calling a non-existent error method [#12722](https://github.com/chef/chef/pull/12722) ([johnmccrae](https://github.com/johnmccrae)) +- update libxml2 to 2.9.12 [#12730](https://github.com/chef/chef/pull/12730) ([johnmccrae](https://github.com/johnmccrae)) +- Client code to put a certificate into the certstore and then retrieve it later during a chef-run. Unit tests included [#12640](https://github.com/chef/chef/pull/12640) ([johnmccrae](https://github.com/johnmccrae)) +- Add support for default secret service and config [#12140](https://github.com/chef/chef/pull/12140) ([jasonwbarnett](https://github.com/jasonwbarnett)) +- avoid coercion to block for new plist file content, fix adding a new dictionary [#12680](https://github.com/chef/chef/pull/12680) ([jazaval](https://github.com/jazaval)) +- Bump libxml2 to 2.9.13 [#12739](https://github.com/chef/chef/pull/12739) ([johnmccrae](https://github.com/johnmccrae)) +- Add rubygems_url property to chef_client_config resource [#12724](https://github.com/chef/chef/pull/12724) ([DecoyJoe](https://github.com/DecoyJoe)) +- Fix attribute performance issues in node.read [#12742](https://github.com/chef/chef/pull/12742) ([lamont-granquist](https://github.com/lamont-granquist)) +- Bump libxslt to 1.1.35 [#12752](https://github.com/chef/chef/pull/12752) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) +- Bump omnibus-software in Gemfile.lock [#12754](https://github.com/chef/chef/pull/12754) ([jeremiahsnapp](https://github.com/jeremiahsnapp)) +- Rest Resource Support [#12755](https://github.com/chef/chef/pull/12755) ([lamont-granquist](https://github.com/lamont-granquist)) +- Updating gemfile.locks [#12751](https://github.com/chef/chef/pull/12751) ([johnmccrae](https://github.com/johnmccrae)) +- Updating For Ruby 3.1 [#12769](https://github.com/chef/chef/pull/12769) ([johnmccrae](https://github.com/johnmccrae)) +- SELinux integration to infra client [#12694](https://github.com/chef/chef/pull/12694) ([neha-p6](https://github.com/neha-p6)) +- Updates for the chef_client_config resource [#12732](https://github.com/chef/chef/pull/12732) ([chef-davin](https://github.com/chef-davin)) +- main - Update bundle [#12788](https://github.com/chef/chef/pull/12788) ([neha-p6](https://github.com/neha-p6)) +- Fix chef_client_config template rendering [#12817](https://github.com/chef/chef/pull/12817) ([jasonwbarnett](https://github.com/jasonwbarnett)) +- add expire and inactive options to linux user resource [#11659](https://github.com/chef/chef/pull/11659) ([Stromweld](https://github.com/Stromweld)) +- Bump berkshelf from 7.2.2 to 8.0.0 in /omnibus [#12837](https://github.com/chef/chef/pull/12837) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Renamed private method as conflicting to inbuilt method and getting warning [#12849](https://github.com/chef/chef/pull/12849) ([sanga1794](https://github.com/sanga1794)) +- handling exception for compliance phase error during chef spec run [#12830](https://github.com/chef/chef/pull/12830) ([i5pranay93](https://github.com/i5pranay93)) +- flush package cache after registering via rhsm_register [#12828](https://github.com/chef/chef/pull/12828) ([jasonwbarnett](https://github.com/jasonwbarnett)) +- Refactoring Windows certificate code and tests to reflect updates in the win32-certstore gem [#12859](https://github.com/chef/chef/pull/12859) ([johnmccrae](https://github.com/johnmccrae)) +- updating throw statement to only execute on non-zero exit codes [#12918](https://github.com/chef/chef/pull/12918) ([johnmccrae](https://github.com/johnmccrae)) +- Knife upload: bad error message when a recipe has a syntax error [#11678](https://github.com/chef/chef/pull/11678) ([snehaldwivedi](https://github.com/snehaldwivedi)) +- updated version data to properly account for Windows 11 and its assoc… [#12919](https://github.com/chef/chef/pull/12919) ([johnmccrae](https://github.com/johnmccrae)) +- Updated files to account for pem storage in the Certificate Store [#12910](https://github.com/chef/chef/pull/12910) ([johnmccrae](https://github.com/johnmccrae)) +- Updated ncurses and gems [#12953](https://github.com/chef/chef/pull/12953) ([johnmccrae](https://github.com/johnmccrae)) +- adding UCRT support to the build pipelines [#12959](https://github.com/chef/chef/pull/12959) ([johnmccrae](https://github.com/johnmccrae)) +- Remove the beta feature warning which shows up when using Secret Manager [#12925](https://github.com/chef/chef/pull/12925) ([neha-p6](https://github.com/neha-p6)) +- Add nightly builds for chef/chef:main [#12971](https://github.com/chef/chef/pull/12971) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) +- Fix error 'error validating X-Vault-AWS-IAM-Server-ID header: missing header X-Vault-AWS-IAM-Server-ID' in Hashi Vault secret manager for AWS IAM auth method [#12956](https://github.com/chef/chef/pull/12956) ([neha-p6](https://github.com/neha-p6)) +- Update the command to enable adhoc jobs for chef/chef main pipeline [#12979](https://github.com/chef/chef/pull/12979) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) +- Bump ohai to 18.0.14 [#12973](https://github.com/chef/chef/pull/12973) ([chef-expeditor[bot]](https://github.com/chef-expeditor[bot])) +- Adjusting cert creation for older Windows platforms [#12965](https://github.com/chef/chef/pull/12965) ([johnmccrae](https://github.com/johnmccrae)) +- Bumping license_scout version [#12992](https://github.com/chef/chef/pull/12992) ([johnmccrae](https://github.com/johnmccrae)) +- refactoring the version check [#12988](https://github.com/chef/chef/pull/12988) ([johnmccrae](https://github.com/johnmccrae)) +- KTLO - Updating authenticator.rb to correct for random password creation failures [#12980](https://github.com/chef/chef/pull/12980) ([johnmccrae](https://github.com/johnmccrae)) +- Stop executing locale-gen on every chef run by adding -h flag [#12833](https://github.com/chef/chef/pull/12833) ([hrak](https://github.com/hrak)) +- Add CONTAINER_IMAGE dist constant [#12806](https://github.com/chef/chef/pull/12806) ([jakauppila](https://github.com/jakauppila)) +- Fix cron_d job name character set [#12377](https://github.com/chef/chef/pull/12377) ([hamarituc](https://github.com/hamarituc)) +- Smriti/3884 mounting cifs shares with spaces [#11626](https://github.com/chef/chef/pull/11626) ([msys-sgarg](https://github.com/msys-sgarg)) +- Zypper package source property addition [#12182](https://github.com/chef/chef/pull/12182) ([manick-vel-11](https://github.com/manick-vel-11)) +- Fix documentation for chef_client_scheduled_task [#12917](https://github.com/chef/chef/pull/12917) ([williamtheaker](https://github.com/williamtheaker)) +- Updated Ruby version in omnibus_overrides [#12995](https://github.com/chef/chef/pull/12995) ([johnmccrae](https://github.com/johnmccrae)) +- Correcting Cert creation for rspec tests [#13010](https://github.com/chef/chef/pull/13010) ([johnmccrae](https://github.com/johnmccrae)) +- Refactored tests for older Windows versions [#13019](https://github.com/chef/chef/pull/13019) ([johnmccrae](https://github.com/johnmccrae)) +- Fix fedora kitchen test failure [#13020](https://github.com/chef/chef/pull/13020) ([neha-p6](https://github.com/neha-p6)) +- AdHoc Pipeline Windows PageFile Test errors [#13009](https://github.com/chef/chef/pull/13009) ([johnmccrae](https://github.com/johnmccrae)) +- Add nightlies for chef-17 to run every Tue, Thu and chef-16 to run every Tue [#13018](https://github.com/chef/chef/pull/13018) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) +- Use dist constant when invoking knife configure [#12926](https://github.com/chef/chef/pull/12926) ([ramereth](https://github.com/ramereth)) +- Use new msys2 based devkit for windows [#13038](https://github.com/chef/chef/pull/13038) ([mwrock](https://github.com/mwrock)) +- Fix issue in adhoc nightly builds [#13059](https://github.com/chef/chef/pull/13059) ([neha-p6](https://github.com/neha-p6)) +- Fixed sensitive properties unsuppressed content issue [#13014](https://github.com/chef/chef/pull/13014) ([blabade](https://github.com/blabade)) +- Revert "Use new msys2 based devkit for windows" [#13063](https://github.com/chef/chef/pull/13063) ([neha-p6](https://github.com/neha-p6)) +- update property DSL docs [#13093](https://github.com/chef/chef/pull/13093) ([jasonwbarnett](https://github.com/jasonwbarnett)) +- Add AIX-7.3 to Build Matrix [#13058](https://github.com/chef/chef/pull/13058) ([poorndm](https://github.com/poorndm)) +- Skip tests on FreeBSD-13 [#13079](https://github.com/chef/chef/pull/13079) ([poorndm](https://github.com/poorndm)) +- Re add: Use new msys2 based devkit for windows"" [#13097](https://github.com/chef/chef/pull/13097) ([neha-p6](https://github.com/neha-p6)) +- Bump omnibus-software from `a9b13a0` to `1d540dc` in /omnibus [#13089](https://github.com/chef/chef/pull/13089) ([dependabot[bot]](https://github.com/dependabot[bot])) +- Require etc library [#13068](https://github.com/chef/chef/pull/13068) ([curzonj](https://github.com/curzonj)) +- Wording change in error for missing recipe dependency ("Obvious Fix") [#13061](https://github.com/chef/chef/pull/13061) ([c-drive](https://github.com/c-drive)) +- Added how to doc with details about documentation for infra client resources [#13046](https://github.com/chef/chef/pull/13046) ([neha-p6](https://github.com/neha-p6)) +- add url for principal names [#13104](https://github.com/chef/chef/pull/13104) ([Stromweld](https://github.com/Stromweld)) +- fix chef_client_scheduled_task splay to accept 0 [#13095](https://github.com/chef/chef/pull/13095) ([Stromweld](https://github.com/Stromweld)) +- Add newline to end of sysctl files [#13118](https://github.com/chef/chef/pull/13118) ([tmccombs](https://github.com/tmccombs)) +- Add empty pipeline for macos universal package [#13152](https://github.com/chef/chef/pull/13152) ([vkarve-chef](https://github.com/vkarve-chef)) +- The worker container for expeditor needs to use Ruby 3.1.0 [#13171](https://github.com/chef/chef/pull/13171) ([PrajaktaPurohit](https://github.com/PrajaktaPurohit)) +- Move Gemfile.locks to 2.3.7 and disable .github kitchen install of 2.3.18 [#13176](https://github.com/chef/chef/pull/13176) ([tpowell-progress](https://github.com/tpowell-progress)) +- Tweaking env variables in the config.yml file [#13178](https://github.com/chef/chef/pull/13178) ([johnmccrae](https://github.com/johnmccrae)) +- Force omnibus version [#13193](https://github.com/chef/chef/pull/13193) ([tpowell-progress](https://github.com/tpowell-progress)) +- Update omnibus gem hash as well [#13198](https://github.com/chef/chef/pull/13198) ([tpowell-progress](https://github.com/tpowell-progress)) +- Remove the chef17 git clone step [#13197](https://github.com/chef/chef/pull/13197) ([tpowell-progress](https://github.com/tpowell-progress)) +- Windows Verify Plan fails during "Rake Install rest-client" [#13199](https://github.com/chef/chef/pull/13199) ([johnmccrae](https://github.com/johnmccrae)) +- Separate gemspec for windows [#13202](https://github.com/chef/chef/pull/13202) ([neha-p6](https://github.com/neha-p6)) +- Update Chef version in Gemfile.lock under knife [#13203](https://github.com/chef/chef/pull/13203) ([neha-p6](https://github.com/neha-p6)) +- Permit ruby 3.0 for AIX [#13207](https://github.com/chef/chef/pull/13207) ([marcparadise](https://github.com/marcparadise)) +- Allow user providers to declare no support for ruby-shadow [#13213](https://github.com/chef/chef/pull/13213) ([marcparadise](https://github.com/marcparadise)) +- Update to latest omnibus [#13216](https://github.com/chef/chef/pull/13216) ([marcparadise](https://github.com/marcparadise)) +- Disable platforms still under development [#13218](https://github.com/chef/chef/pull/13218) ([marcparadise](https://github.com/marcparadise)) +- On AIX, add delay to ensure members added to group are visible to tests [#13220](https://github.com/chef/chef/pull/13220) ([neha-p6](https://github.com/neha-p6)) +- Fix term and privilege related broken tests in Solaris build [#13230](https://github.com/chef/chef/pull/13230) ([tpowell-progress](https://github.com/tpowell-progress)) +- Do not raise if we can't close win resource handle [#13229](https://github.com/chef/chef/pull/13229) ([marcparadise](https://github.com/marcparadise)) +- Reenable Solaris build/release [#13232](https://github.com/chef/chef/pull/13232) ([tpowell-progress](https://github.com/tpowell-progress)) +- updating builders to add server 2012 back in [#13235](https://github.com/chef/chef/pull/13235) ([johnmccrae](https://github.com/johnmccrae)) +- Adding a new repository to ensure images match the cache [#13237](https://github.com/chef/chef/pull/13237) ([johnmccrae](https://github.com/johnmccrae)) +- Updated release notes to consider cookstyle verification point [#13225](https://github.com/chef/chef/pull/13225) ([blabade](https://github.com/blabade)) +- Fixes bug in compare_user on Linux systems [#13223](https://github.com/chef/chef/pull/13223) ([fretb](https://github.com/fretb)) +- Add linux_only: true to new linux user specs [#13252](https://github.com/chef/chef/pull/13252) ([tpowell-progress](https://github.com/tpowell-progress)) +- better clarify user and principal in windows_user_privilege resource [#13250](https://github.com/chef/chef/pull/13250) ([Stromweld](https://github.com/Stromweld)) +- Bump omnibus from `5bc091a` to `d1fe3bb` in /omnibus [#13273](https://github.com/chef/chef/pull/13273) ([dependabot[bot]](https://github.com/dependabot[bot])) +- INFC-321 Uncomment "Upgrade Chef/Ohai Appbundler" build stage in kitchen tests [#13286](https://github.com/chef/chef/pull/13286) ([tpowell-progress](https://github.com/tpowell-progress)) +- Fix missing require and small error in REST implementation [#13066](https://github.com/chef/chef/pull/13066) ([tecracer-theinen](https://github.com/tecracer-theinen)) +- Point berkshelf spec at chef/berkshelf [#13295](https://github.com/chef/chef/pull/13295) ([tpowell-progress](https://github.com/tpowell-progress)) +<!-- latest_stable_release --> + ## [v17.9.26](https://github.com/chef/chef/tree/v17.9.26) (2022-01-05) #### Merged Pull Requests @@ -173,7 +206,6 @@ This changelog lists individual merged pull requests to Chef Infra Client and ge - Resolve Performance/StringIdentifierArgument warnings [#12414](https://github.com/chef/chef/pull/12414) ([tas50](https://github.com/tas50)) - Resolve Performance/RedundantSortBlock warnings [#12413](https://github.com/chef/chef/pull/12413) ([tas50](https://github.com/tas50)) - Resolve all Performance/RedundantEqualityComparisonBlock warnings [#12412](https://github.com/chef/chef/pull/12412) ([tas50](https://github.com/tas50)) -<!-- latest_stable_release --> ## [v17.9.18](https://github.com/chef/chef/tree/v17.9.18) (2021-12-23) diff --git a/CHEF_MVPS.md b/CHEF_MVPS.md index 98e0351c76..65696d54ab 100644 --- a/CHEF_MVPS.md +++ b/CHEF_MVPS.md @@ -24,7 +24,7 @@ Each year at ChefConf, a number of individuals are awarded the Awesome Community - [Bastien Jove](https://github.com/tensibai) - [Lance Albertson](https://github.com/ramereth) - [Marc Chamberland](https://github.com/bobchaos) -- [2019][USA](https://blog.chef.io/congratulations-to-our-2019-awesome-community-chefs/), [Europe](https://blog.chef.io/congratulations-to-our-chefconf-london-2019-award-winners/) +- 2019 [USA](https://blog.chef.io/congratulations-to-our-2019-awesome-community-chefs/), [Europe](https://blog.chef.io/congratulations-to-our-chefconf-london-2019-award-winners/) - [Graham Weldon](https://github.com/predominant) - [Jason Field](https://github.com/xorima) - [Joshua Basch](https://github.com/HT154) @@ -73,6 +73,7 @@ After receiving three MVP awards, we add someone to the hall of fame. We want to - Bryan Berry - Bryan McLellan - Jeff Blaine +- Phil Dibowitz ## The MVP recipients diff --git a/Dockerfile b/Dockerfile index 0a7459defc..c37c58b2f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ FROM busybox LABEL maintainer="Chef Software, Inc. <docker@chef.io>" ARG CHANNEL=stable -ARG VERSION=17.9.26 +ARG VERSION=18.0.169 ARG ARCH=x86_64 ARG PKG_VERSION=6 diff --git a/Gemfile.lock b/Gemfile.lock index 8a6505af0f..a806e00219 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -19,7 +19,7 @@ GIT GIT remote: https://github.com/chef/rest-client - revision: f3e30a17e5dd826b5f5dce82edcecc52464548e3 + revision: badd0bea3c31a2ed1f49590760d2e4b665ecbce3 branch: jfm/ucrt_update1 specs: rest-client (2.1.0) @@ -27,13 +27,12 @@ GIT http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - -GIT - remote: https://github.com/chef/ruby-proxifier - revision: 8b87d0b5b469adbd93eabc0d20f3e47007aef743 - branch: lcg/ruby-3 - specs: - proxifier (1.0.3) + rest-client (2.1.0-x64-mingw-ucrt) + ffi (~> 1.15) + http-accept (>= 1.7.0, < 2.0) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) GIT remote: https://github.com/chef/ruby-shadow @@ -42,15 +41,57 @@ GIT specs: ruby-shadow (2.5.0) +GIT + remote: https://github.com/chef/ruby-proxifier + revision: 8b87d0b5b469adbd93eabc0d20f3e47007aef743 + branch: lcg/ruby-3 + specs: + proxifier (1.0.3) + PATH remote: . specs: - chef (18.0.144) + chef (18.0.172) + addressable + aws-sdk-s3 (~> 1.91) + aws-sdk-secretsmanager (~> 1.46) + chef-config (= 18.0.172) + chef-utils (= 18.0.172) + chef-vault + chef-zero (>= 14.0.11) + corefoundation (~> 0.3.4) + diff-lcs (>= 1.2.4, < 1.6.0, != 1.4.0) + erubis (~> 2.7) + ffi (>= 1.15.5) + ffi-libarchive (~> 1.0, >= 1.0.3) + ffi-yajl (~> 2.2) + iniparse (~> 1.4) + inspec-core (>= 5) + license-acceptance (>= 1.0.5, < 3) + mixlib-archive (>= 0.4, < 2.0) + mixlib-authentication (>= 2.1, < 4) + mixlib-cli (>= 2.1.1, < 3.0) + mixlib-log (>= 2.0.3, < 4.0) + mixlib-shellout (>= 3.1.1, < 4.0) + net-ftp + net-sftp (>= 2.1.2, < 4.0) + ohai (~> 18.0) + plist (~> 3.2) + proxifier (~> 1.0) + syslog-logger (~> 1.6) + train-core (~> 3.10, >= 3.2.28) + train-rest (>= 0.4.1) + train-winrm (>= 0.2.5) + unf_ext (>= 0.0.8.2) + uuidtools (>= 2.1.5, < 3.0) + vault (~> 0.16) + chef (18.0.172-x64-mingw-ucrt) addressable aws-sdk-s3 (~> 1.91) aws-sdk-secretsmanager (~> 1.46) - chef-config (= 18.0.144) - chef-utils (= 18.0.144) + chef-config (= 18.0.172) + chef-powershell (~> 1.0.12) + chef-utils (= 18.0.172) chef-vault chef-zero (>= 14.0.11) corefoundation (~> 0.3.4) @@ -61,6 +102,7 @@ PATH ffi-yajl (~> 2.2) iniparse (~> 1.4) inspec-core (>= 5) + iso8601 (>= 0.12.1, < 0.14) license-acceptance (>= 1.0.5, < 3) mixlib-archive (>= 0.4, < 2.0) mixlib-authentication (>= 2.1, < 4) @@ -76,22 +118,32 @@ PATH train-core (~> 3.10, >= 3.2.28) train-rest (>= 0.4.1) train-winrm (>= 0.2.5) - unf_ext (< 0.0.8.1) + unf_ext (>= 0.0.8.2) uuidtools (>= 2.1.5, < 3.0) vault (~> 0.16) + win32-api (~> 1.10.0) + win32-certstore (~> 0.6.15) + win32-event (~> 0.6.1) + win32-eventlog (= 0.6.3) + win32-mmap (~> 0.4.1) + win32-mutex (~> 0.4.2) + win32-process (~> 0.9) + win32-service (>= 2.1.5, < 3.0) + win32-taskscheduler (~> 2.0) + wmi-lite (~> 1.0) PATH remote: chef-bin specs: - chef-bin (18.0.144) - chef (= 18.0.144) + chef-bin (18.0.172) + chef (= 18.0.172) PATH remote: chef-config specs: - chef-config (18.0.144) + chef-config (18.0.172) addressable - chef-utils (= 18.0.144) + chef-utils (= 18.0.172) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) @@ -100,7 +152,7 @@ PATH PATH remote: chef-utils specs: - chef-utils (18.0.144) + chef-utils (18.0.172) concurrent-ruby GEM @@ -135,6 +187,9 @@ GEM debug_inspector (>= 0.0.1) builder (3.2.4) byebug (11.1.3) + chef-powershell (1.0.13) + ffi (~> 1.15) + ffi-yajl (~> 2.4) chef-telemetry (1.1.1) chef-config concurrent-ruby (~> 1.0) @@ -230,6 +285,7 @@ GEM inspec-core-bin (5.18.14) inspec-core (= 5.18.14) ipaddress (0.8.3) + iso8601 (0.13.0) jmespath (1.6.1) json (2.6.2) libyajl2 (2.1.0) @@ -335,6 +391,7 @@ GEM unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) + structured_warnings (0.4.0) syslog-logger (1.6.8) thor (1.2.1) time (0.2.0) @@ -376,7 +433,8 @@ GEM tty-screen (~> 0.8) unf (0.1.4) unf_ext - unf_ext (0.0.8) + unf_ext (0.0.8.2) + unf_ext (0.0.8.2-x64-mingw-ucrt) unicode-display_width (2.2.0) unicode_utils (1.4.0) uuidtools (2.2.0) @@ -387,8 +445,28 @@ GEM crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) webrick (1.7.0) + win32-api (1.10.1) + win32-certstore (0.6.15) + chef-powershell (>= 1.0.12) + ffi + win32-event (0.6.3) + win32-ipc (>= 0.6.0) + win32-eventlog (0.6.3) + ffi + win32-ipc (0.7.0) + ffi + win32-mmap (0.4.2) + ffi + win32-mutex (0.4.3) + win32-ipc (>= 0.6.0) win32-process (0.10.0) ffi (>= 1.0.0) + win32-service (2.3.2) + ffi + ffi-win32-extensions + win32-taskscheduler (2.0.4) + ffi + structured_warnings winrm (2.3.6) builder (>= 2.1.2) erubi (~> 1.8) @@ -1 +1 @@ -18.0.144
\ No newline at end of file +18.0.172
\ No newline at end of file diff --git a/chef-bin/lib/chef-bin/version.rb b/chef-bin/lib/chef-bin/version.rb index 6c954e842d..a7e4641814 100644 --- a/chef-bin/lib/chef-bin/version.rb +++ b/chef-bin/lib/chef-bin/version.rb @@ -21,7 +21,7 @@ module ChefBin CHEFBIN_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.144".freeze + VERSION = "18.0.172".freeze end # diff --git a/chef-config/lib/chef-config/version.rb b/chef-config/lib/chef-config/version.rb index cedcc7450d..fad6f9e3f6 100644 --- a/chef-config/lib/chef-config/version.rb +++ b/chef-config/lib/chef-config/version.rb @@ -15,5 +15,5 @@ module ChefConfig CHEFCONFIG_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.144".freeze + VERSION = "18.0.172".freeze end diff --git a/chef-universal-mingw-ucrt.gemspec b/chef-universal-mingw-ucrt.gemspec index 8e472ccdda..2edfd751f9 100644 --- a/chef-universal-mingw-ucrt.gemspec +++ b/chef-universal-mingw-ucrt.gemspec @@ -2,22 +2,22 @@ gemspec = instance_eval(File.read(File.expand_path("chef.gemspec", __dir__))) gemspec.platform = Gem::Platform.new(%w{x64-mingw-ucrt}) -# gemspec.add_dependency "win32-api", "~> 1.10.0" -# gemspec.add_dependency "win32-event", "~> 0.6.1" +gemspec.add_dependency "win32-api", "~> 1.10.0" +gemspec.add_dependency "win32-event", "~> 0.6.1" # TODO: Relax this pin and make the necessary updaets. The issue originally # leading to this pin has been fixed in 0.6.5. -# gemspec.add_dependency "win32-eventlog", "0.6.3" -# gemspec.add_dependency "win32-mmap", "~> 0.4.1" -# gemspec.add_dependency "win32-mutex", "~> 0.4.2" -# gemspec.add_dependency "win32-process", "~> 0.9" -# gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0" -# gemspec.add_dependency "wmi-lite", "~> 1.0" -# gemspec.add_dependency "win32-taskscheduler", "~> 2.0" -# gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out -# gemspec.add_dependency "win32-certstore", "~> 0.6.15" # 0.5+ required for specifying user vs. system store -# gemspec.add_dependency "chef-powershell", "~> 1.0.12" # The guts of the powershell_exec code have been moved to its own gem, chef-powershell. It's part of the chef-powershell-shim repo. +gemspec.add_dependency "win32-eventlog", "0.6.3" +gemspec.add_dependency "win32-mmap", "~> 0.4.1" +gemspec.add_dependency "win32-mutex", "~> 0.4.2" +gemspec.add_dependency "win32-process", "~> 0.9" +gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0" +gemspec.add_dependency "wmi-lite", "~> 1.0" +gemspec.add_dependency "win32-taskscheduler", "~> 2.0" +gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out +gemspec.add_dependency "win32-certstore", "~> 0.6.15" # 0.5+ required for specifying user vs. system store +gemspec.add_dependency "chef-powershell", "~> 1.0.12" # The guts of the powershell_exec code have been moved to its own gem, chef-powershell. It's part of the chef-powershell-shim repo. + gemspec.extensions << "ext/win32-eventlog/Rakefile" gemspec.files += Dir.glob("{distro,ext}/**/*") -gemspec.required_ruby_version = ">= 3.1.2" -gemspec +gemspec
\ No newline at end of file diff --git a/chef-utils/lib/chef-utils/version.rb b/chef-utils/lib/chef-utils/version.rb index 736fec9545..3a13a136df 100644 --- a/chef-utils/lib/chef-utils/version.rb +++ b/chef-utils/lib/chef-utils/version.rb @@ -16,5 +16,5 @@ module ChefUtils CHEFUTILS_ROOT = File.expand_path("..", __dir__) - VERSION = "18.0.144" + VERSION = "18.0.172" end diff --git a/chef.gemspec b/chef.gemspec index fa9d620938..a9ea748b65 100644 --- a/chef.gemspec +++ b/chef.gemspec @@ -22,23 +22,10 @@ Gem::Specification.new do |s| s.email = "adam@chef.io" s.homepage = "https://www.chef.io" - s.required_ruby_version = ">= 3.1.0" - - # Adding Windows support in here - if RUBY_PLATFORM == "x64-mingw-ucrt" - s.add_dependency "win32-mmap", "~> 0.4.1" - s.add_dependency "win32-mutex", "~> 0.4.2" - s.add_dependency "chef-powershell", "~> 1.0.12" - s.add_dependency "win32-api", "~> 1.10.0" - s.add_dependency "win32-service", ">= 2.1.5", "< 3.0" - s.add_dependency "win32-event", "~> 0.6.1" - s.add_dependency "win32-taskscheduler", "~> 2.0" - s.add_dependency "win32-eventlog", "0.6.3" - s.add_dependency "win32-process", "~> 0.10" - s.add_dependency "wmi-lite", "~> 1.0" - s.add_dependency "iso8601", ">= 0.12.1", "< 0.14" - s.add_dependency "win32-certstore", "~> 0.6.15" - s.extensions << "ext/win32-eventlog/Rakefile" + if RUBY_PLATFORM =~ /aix/ + s.required_ruby_version = ">= 3.0.3" + else + s.required_ruby_version = ">= 3.1.0" end s.add_dependency "chef-config", "= #{Chef::VERSION}" @@ -71,7 +58,7 @@ Gem::Specification.new do |s| s.add_dependency "addressable" s.add_dependency "syslog-logger", "~> 1.6" s.add_dependency "uuidtools", ">= 2.1.5", "< 3.0" # osx_profile resource - s.add_dependency "unf_ext", "< 0.0.8.1" # temporary until it loads properly on Windows + s.add_dependency "unf_ext", ">= 0.0.8.2" # This is ruby31 compatible ucrt gem version s.add_dependency "corefoundation", "~> 0.3.4" # macos_userdefaults resource s.add_dependency "proxifier", "~> 1.0" diff --git a/docs/dev/how_to/releasing_chef_infra.md b/docs/dev/how_to/releasing_chef_infra.md index d6318880eb..f3fad5656b 100644 --- a/docs/dev/how_to/releasing_chef_infra.md +++ b/docs/dev/how_to/releasing_chef_infra.md @@ -62,6 +62,10 @@ Once this is updated, you'll need to build / push the artifact to the Chocolatey Note: In order to push the artifact, you will need to be added as a maintainer on [Chocolatey.org](https://chocolatey.org/). +### Cookstyle Verification +Please make sure cookstyle is working properly & auto correcting detected offenses for any of the cookbooks you are trying to test against the newer version of Chef Infra Client +Reference doc - https://github.com/chef/cookstyle#usage + ### Relax You're done. You have a month to relax. diff --git a/habitat/plan.ps1 b/habitat/plan.ps1 index 4b37b27e59..83312c4345 100644 --- a/habitat/plan.ps1 +++ b/habitat/plan.ps1 @@ -96,7 +96,17 @@ function Invoke-Build { try { Push-Location $git_gem Write-BuildLine " -- installing $git_gem" - rake install $git_gem --trace=stdout # this needs to NOT be 'bundle exec'd else bundler complains about dev deps not being installed + # The rest client doesn't have an 'Install' task so it bombs out when we call Rake Install for it + # Happily, its Rakefile ultimately calls 'gem build' to build itself with. We're doing that here. + if ($git_gem -match "rest-client"){ + $gemspec_path = $git_gem.ToString() + "\rest-client.windows.gemspec" + gem build $gemspec_path + $gem_path = $git_gem.ToString() + "\rest-client*.gem" + gem install $gem_path + } + else { + rake install $git_gem --trace=stdout # this needs to NOT be 'bundle exec'd else bundler complains about dev deps not being installed + } if (-not $?) { throw "unable to install $($git_gem) as a plain old gem" } } finally { Pop-Location diff --git a/kitchen-tests/Gemfile b/kitchen-tests/Gemfile index d3ac792ffc..d9fbeb026a 100644 --- a/kitchen-tests/Gemfile +++ b/kitchen-tests/Gemfile @@ -4,7 +4,7 @@ gem "rake" # required to build some native extensions gem "chef", path: ".." gem "knife", path: "../knife" gem "ohai", git: "https://github.com/chef/ohai.git", branch: "main" # avoids failures when we bump chef major -gem "berkshelf", git: "https://github.com/berkshelf/berkshelf.git", branch: "main" +gem "berkshelf", git: "https://github.com/chef/berkshelf.git", branch: "main" gem "kitchen-dokken", ">= 2.0" gem "kitchen-vagrant", ">= 1.0" gem "kitchen-inspec" diff --git a/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb b/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb index e085519c4a..663b6e83bc 100644 --- a/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb +++ b/kitchen-tests/cookbooks/end_to_end/recipes/_chef_client_trusted_certificate.rb @@ -1,10 +1,10 @@ chef_client_trusted_certificate "self-signed.badssl.com" do certificate <<~CERT -----BEGIN CERTIFICATE----- -MIIDeTCCAmGgAwIBAgIJAMtEwC/G1C5xMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV +MIIDeTCCAmGgAwIBAgIJAJWlQWpveElqMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp c2NvMQ8wDQYDVQQKDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTAeFw0y -MjA4MTIxNTU5MTBaFw0yNDA4MTExNTU5MTBaMGIxCzAJBgNVBAYTAlVTMRMwEQYD +MjEwMjcxOTA5MTBaFw0yNDEwMjYxOTA5MTBaMGIxCzAJBgNVBAYTAlVTMRMwEQYD VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK DAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2 @@ -14,12 +14,12 @@ xPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqve ww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SY QCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaMyMDAwCQYDVR0T BAIwADAjBgNVHREEHDAaggwqLmJhZHNzbC5jb22CCmJhZHNzbC5jb20wDQYJKoZI -hvcNAQELBQADggEBAKgnD+Ak7ttVfKvriYAsf4ttTYfOuyLfAr4hTTSXLN2u1ySD -fIpqSyeOkiEwfD5Bt7C/muEXEIyG/y6/C/ozb5JBvdd8c7zicLmaHtZtZbj4+H1b -/gqaBHuvWxiRR91bbgNaKsPMGCWiAvUt4/+y8z6xefUS+aKeFNhYjdwyFIr17j3Q -gxGpgCbYLLIoewP+Oj6xvZgGl6vj0xW9a4144xjFo1o1vqWkj+3IZGmnZ/jyznWd -5XzZCUaM9z6nn7NVxQZEelk885Q3oUxY96rRO+IUA8Vnk3iEtOdZPbNBaZwvgkfz -4vhvM8gKbdeeWoOAJDLzDZiDrUpKtIkBcLuJ7Cw= +hvcNAQELBQADggEBAHOCRfreG+y9q2jxDTYOYESH+SIOPh1a4TDKfWMGQ5shdW7Q +qlsRHqXmENFAalhHlNqGms1n77IdkIocygP9ZNZocyGwyLCDNn7YGdxCG4AlW2Lo +NW7Bs86GUhUrWtahHpOnmrjQ/zzDH1T9pBxUQwA72x3SdgvfFu+WuAU2Dg/X6Ely +IQ3a4/xy5NzlWsXBRvt67+uI2Fg3PGMenpWLD6SSLQzjjtEDXwv0dfBsYIt+m3QZ +gOHdx459vr8bpqjBz09izM2W/uYHcjixXQVpKujN9AA6a7c5hiGpfXPdhiUmaHup +CkR+c/8O1yyxkBMbttbp7VdUIXYAmB8yJuGoqe8= -----END CERTIFICATE----- CERT end diff --git a/knife/Gemfile.lock b/knife/Gemfile.lock new file mode 100644 index 0000000000..d77cc40290 --- /dev/null +++ b/knife/Gemfile.lock @@ -0,0 +1,37 @@ +PATH + remote: .. + specs: + chef (18.0.172) + chef (18.0.172-x64-mingw-ucrt) + +PLATFORMS + ruby + x64-mingw-ucrt + +DEPENDENCIES + appbundler + chef! + chef-bin! + chef-config! + chef-utils! + chef-vault + cheffish (>= 17) + chefstyle + ed25519 (~> 1.2) + fauxhai-ng + ffi (>= 1.15.5) + inspec-core-bin (>= 5) + ohai! + proxifier! + pry (= 0.13.0) + pry-byebug + pry-stack_explorer + rake + rb-readline + rest-client! + rspec + ruby-shadow! + webmock + +BUNDLED WITH + 2.3.18
\ No newline at end of file diff --git a/knife/lib/chef/knife/version.rb b/knife/lib/chef/knife/version.rb index 6528bfa904..7bda8fd5f0 100644 --- a/knife/lib/chef/knife/version.rb +++ b/knife/lib/chef/knife/version.rb @@ -17,7 +17,7 @@ class Chef class Knife KNIFE_ROOT = File.expand_path("../..", __dir__) - VERSION = "18.0.144".freeze + VERSION = "18.0.172".freeze end end diff --git a/lib/chef/dsl/rest_resource.rb b/lib/chef/dsl/rest_resource.rb index 96eba24eac..2c435930e9 100644 --- a/lib/chef/dsl/rest_resource.rb +++ b/lib/chef/dsl/rest_resource.rb @@ -31,13 +31,20 @@ class Chef # URL to collection def rest_api_collection(rest_api_collection = NOT_PASSED) - @rest_api_collection = rest_api_collection if rest_api_collection != NOT_PASSED + if rest_api_collection != NOT_PASSED + raise ArgumentError, "You must pass an absolute path to rest_api_collection" unless rest_api_collection.start_with? "/" + + @rest_api_collection = rest_api_collection + end + @rest_api_collection end # RFC6570-Templated URL to document def rest_api_document(rest_api_document = NOT_PASSED, first_element_only: false) if rest_api_document != NOT_PASSED + raise ArgumentError, "You must pass an absolute path to rest_api_document" unless rest_api_document.start_with? "/" + @rest_api_document = rest_api_document @rest_api_document_first_element_only = first_element_only end diff --git a/lib/chef/mixin/checksum.rb b/lib/chef/mixin/checksum.rb index 083e524d63..10ecac0b36 100644 --- a/lib/chef/mixin/checksum.rb +++ b/lib/chef/mixin/checksum.rb @@ -31,6 +31,12 @@ class Chef checksum.slice(0, 6) end + + def checksum_match?(ref_checksum, diff_checksum) + return false if ref_checksum.nil? || diff_checksum.nil? + + ref_checksum.casecmp?(diff_checksum) + end end end end diff --git a/lib/chef/provider/file.rb b/lib/chef/provider/file.rb index 4ac86a6c8a..02611af4eb 100644 --- a/lib/chef/provider/file.rb +++ b/lib/chef/provider/file.rb @@ -336,7 +336,7 @@ class Chef end def do_validate_content - if new_resource.checksum && tempfile && ( new_resource.checksum != tempfile_checksum ) + if new_resource.checksum && tempfile && !checksum_match?(new_resource.checksum, tempfile_checksum) raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum)) end @@ -450,7 +450,7 @@ class Chef def contents_changed? logger.trace "calculating checksum of #{tempfile.path} to compare with #{current_resource.checksum}" - tempfile_checksum != current_resource.checksum + !checksum_match?(tempfile_checksum, current_resource.checksum) end def tempfile diff --git a/lib/chef/provider/package/windows.rb b/lib/chef/provider/package/windows.rb index 4350eb6d12..5581469062 100644 --- a/lib/chef/provider/package/windows.rb +++ b/lib/chef/provider/package/windows.rb @@ -38,7 +38,7 @@ class Chef def define_resource_requirements if new_resource.checksum requirements.assert(:install) do |a| - a.assertion { new_resource.checksum == checksum(source_location) } + a.assertion { checksum_match?(new_resource.checksum, checksum(source_location)) } a.failure_message Chef::Exceptions::Package, "Checksum on resource (#{short_cksum(new_resource.checksum)}) does not match checksum on content (#{short_cksum(source_location)})" end end diff --git a/lib/chef/provider/user.rb b/lib/chef/provider/user.rb index 2abd7f5f3c..3d18c0df82 100644 --- a/lib/chef/provider/user.rb +++ b/lib/chef/provider/user.rb @@ -72,7 +72,18 @@ class Chef @shadow_lib_ok = false else @shadow_info = Shadow::Passwd.getspnam(new_resource.username) - current_resource.password(@shadow_info.sp_pwdp) if new_resource.password && current_resource.password == "x" + # This conditional remains in place until we can sort out whether we need it. + # Currently removing it causes tests to fail, but that /seems/ to be mocking/setup issues. + # Some notes for context: + # 1. Ruby's ETC.getpwnam makes use of /etc/passwd file (https://github.com/ruby/etc/blob/master/ext/etc/etc.c), + # which returns "x" for a nil password. on AIX it returns a "*" + # (https://www.ibm.com/docs/bg/aix/7.2?topic=passwords-using-etcpasswd-file) + # 2. On AIX platforms ruby_shadow does not work as it does not + # store encrypted passwords in the /etc/passwd file but in /etc/security/passwd file. + # The AIX provider for user currently declares it does not support ruby-shadow. + if new_resource.password && current_resource.password == "x" + current_resource.password(@shadow_info.sp_pwdp) + end end convert_group_name if new_resource.gid @@ -81,6 +92,13 @@ class Chef current_resource end + # An overridable for platforms that do not support ruby shadow. This way we + # can verify that the platform supports ruby shadow before requiring that + # it be available. + def supports_ruby_shadow? + true + end + def load_shadow_options unless @shadow_info.nil? current_resource.inactive(@shadow_info.sp_inact&.to_i) @@ -102,7 +120,7 @@ class Chef a.whyrun "group name #{new_resource.gid} does not exist. This will cause group assignment to fail. Assuming this group will have been created previously." end requirements.assert(:all_actions) do |a| - a.assertion { @shadow_lib_ok } + a.assertion { !supports_ruby_shadow? || @shadow_lib_ok } a.failure_message Chef::Exceptions::MissingLibrary, "You must have ruby-shadow installed for password support!" a.whyrun "ruby-shadow is not installed. Attempts to set user password will cause failure. Assuming that this gem will have been previously installed." \ "Note that user update converge may report false-positive on the basis of mismatched password. " diff --git a/lib/chef/provider/user/aix.rb b/lib/chef/provider/user/aix.rb index 740f9943d3..997bd6bac5 100644 --- a/lib/chef/provider/user/aix.rb +++ b/lib/chef/provider/user/aix.rb @@ -23,6 +23,11 @@ class Chef provides :user, os: "aix" provides :aix_user + # The ruby-shadow gem is not supported on aix. + def supports_ruby_shadow? + false + end + def create_user shell_out!("useradd", universal_options, useradd_options, new_resource.username) add_password diff --git a/lib/chef/provider/user/linux.rb b/lib/chef/provider/user/linux.rb index ab411d769a..7ef2f79eed 100644 --- a/lib/chef/provider/user/linux.rb +++ b/lib/chef/provider/user/linux.rb @@ -29,7 +29,10 @@ class Chef end def compare_user - super + user_changed = super + + @change_desc ||= [] + %i{expire_date inactive}.each do |user_attrib| new_val = new_resource.send(user_attrib) cur_val = current_resource.send(user_attrib) @@ -37,6 +40,8 @@ class Chef @change_desc << "change #{user_attrib} from #{cur_val} to #{new_val}" end end + + user_changed || !@change_desc.empty? end def create_user diff --git a/lib/chef/resource/_rest_resource.rb b/lib/chef/resource/_rest_resource.rb index f14e586eb2..8e72073b88 100644 --- a/lib/chef/resource/_rest_resource.rb +++ b/lib/chef/resource/_rest_resource.rb @@ -15,6 +15,7 @@ # limitations under the License. # +require "addressable/template" unless defined?(Addressable::Template) require "rest-client" unless defined?(RestClient) require "jmespath" unless defined?(JMESPath) require "chef/dsl/rest_resource" unless defined?(Chef::DSL::RestResource) @@ -221,7 +222,9 @@ action_class do response = rest_postprocess(response) first_only = current_resource.class.rest_api_document_first_element_only - first_only && response.is_a?(Array) ? response.first : response + response.data = response.data.first if first_only && response.data.is_a?(Array) + + response rescue RestClient::Exception => e rest_errorhandler(e) end diff --git a/lib/chef/resource/windows_package.rb b/lib/chef/resource/windows_package.rb index 2e10dde43d..8aab488eb4 100644 --- a/lib/chef/resource/windows_package.rb +++ b/lib/chef/resource/windows_package.rb @@ -78,7 +78,7 @@ class Chef ```ruby windows_package '7zip' do source 'http://www.7-zip.org/a/7z938-x64.msi' - checksum '7c8e873991c82ad9cfc123415254ea6101e9a645e12977dcd518979e50fdedf3' + checksum '7c8e873991c82ad9cfcdbdf45254ea6101e9a645e12977dcd518979e50fdedf3' end ``` @@ -91,7 +91,7 @@ class Chef source 'http://www.7-zip.org/a/7z938-x64.msi' remote_file_attributes ({ :path => 'C:\\7zip.msi', - :checksum => '7c8e873991c82ad9cfc123415254ea6101e9a645e12977dcd518979e50fdedf3' + :checksum => '7c8e873991c82ad9cfcdbdf45254ea6101e9a645e12977dcd518979e50fdedf3' }) end ``` @@ -100,7 +100,7 @@ class Chef ```ruby windows_package 'Mercurial 3.6.1 (64-bit)' do - source 'http://mercurial.selenic.com/release/windows/Mercurial-3.6.1-x64.exe' + source 'https://www.mercurial-scm.org/release/windows/Mercurial-3.6.1-x64.exe' checksum 'febd29578cb6736163d232708b834a2ddd119aa40abc536b2c313fc5e1b5831d' end ``` diff --git a/lib/chef/resource/windows_user_privilege.rb b/lib/chef/resource/windows_user_privilege.rb index 251382e46f..ac017a1599 100644 --- a/lib/chef/resource/windows_user_privilege.rb +++ b/lib/chef/resource/windows_user_privilege.rb @@ -23,7 +23,7 @@ class Chef class WindowsUserPrivilege < Chef::Resource provides :windows_user_privilege - description "The windows_user_privilege resource allows to add and set principal (User/Group) to the specified privilege.\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment\n For list of principals to use with :add action Ref: https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/special-identities" + description "The windows_user_privilege resource allows to add a privilege to a principal or (User/Group).\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment" introduced "16.0" @@ -38,23 +38,32 @@ class Chef end ``` - **Add the SeDenyRemoteInteractiveLogonRight Privilege to the Builtin Guests and Local Accounts User Groups**: + **Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**: + + ```ruby + windows_user_privilege 'Create Pagefile' do + privilege 'SeCreatePagefilePrivilege' + users ['BUILTIN\\Guests', 'BUILTIN\\Administrators'] + action :set + end + ``` + + **Add the SeDenyRemoteInteractiveLogonRight Privilege to the 'Remote interactive logon' principal**: ```ruby windows_user_privilege 'Remote interactive logon' do privilege 'SeDenyRemoteInteractiveLogonRight' - users ['Builtin\\Guests', 'NT AUTHORITY\\Local Account'] action :add end ``` - **Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**: + **Add to the Builtin Guests Group the SeCreatePageFile Privilege**: ```ruby - windows_user_privilege 'Create Pagefile' do + windows_user_privilege 'Guests add Create Pagefile' do + principal 'BUILTIN\\Guests' privilege 'SeCreatePagefilePrivilege' - users ['BUILTIN\\Guests', 'BUILTIN\\Administrators'] - action :set + action :add end ``` @@ -89,6 +98,7 @@ class Chef SeCreateSymbolicLinkPrivilege SeCreateTokenPrivilege SeDebugPrivilege + SeDelegateSessionUserImpersonatePrivilege SeDenyBatchLogonRight SeDenyInteractiveLogonRight SeDenyNetworkLogonRight @@ -125,20 +135,20 @@ class Chef }.freeze property :principal, String, - description: "An optional property to add the user to the given privilege. Use only with add and remove action.", - name_property: true + description: "An optional property to add the privilege for given principal. Use only with add and remove action. Principal can either be a User/Group or one of special identities found here Ref: https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/special-identities", + name_property: true property :users, [Array, String], - description: "An optional property to set the privilege for given users. Use only with set action.", - coerce: proc { |v| Array(v) } + description: "An optional property to set the privilege for given users. Use only with set action.", + coerce: proc { |v| Array(v) } property :privilege, [Array, String], - description: "One or more privileges to set for users.", - required: true, - coerce: proc { |v| Array(v) }, - callbacks: { - "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? }, - }, identity: true + description: "One or more privileges to set for principal or users/groups. For more information on what each privilege does Ref: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment", + required: true, + coerce: proc { |v| Array(v) }, + callbacks: { + "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? }, + }, identity: true load_current_value do |new_resource| if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove)) @@ -146,15 +156,15 @@ class Chef end end - action :add, description: "Add a user privilege." do - ([*new_resource.privilege] - [*current_resource.privilege]).each do |user_right| - converge_by("adding user '#{new_resource.principal}' privilege #{user_right}") do - Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal, user_right) + action :add, description: "Add a privileges to a principal." do + ([*new_resource.privilege] - [*current_resource.privilege]).each do |principal_right| + converge_by("adding principal '#{new_resource.principal}' privilege #{principal_right}") do + Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal, principal_right) end end end - action :set, description: "Set the privileges that are listed in the `privilege` property for only the users listed in the `users` property." do + action :set, description: "Set the privileges that are listed in the `privilege` property for only the users listed in the `users` property. All other users not listed with given privilege will be have the privilege removed." do if new_resource.users.nil? || new_resource.users.empty? raise Chef::Exceptions::ValidationFailed, "Users are required property with set action." end @@ -203,7 +213,7 @@ class Chef end end - action :remove, description: "Remove a user privilege" do + action :remove, description: "Remove a principal privilege" do curr_res_privilege = current_resource.privilege missing_res_privileges = (new_resource.privilege - curr_res_privilege) @@ -211,9 +221,9 @@ class Chef Chef::Log.info("User \'#{new_resource.principal}\' for Privilege: #{missing_res_privileges.join(", ")} not found. Nothing to remove.") end - (new_resource.privilege - missing_res_privileges).each do |user_right| - converge_by("removing user #{new_resource.principal} from privilege #{user_right}") do - Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal, user_right) + (new_resource.privilege - missing_res_privileges).each do |principal_right| + converge_by("removing principal #{new_resource.principal} from privilege #{principal_right}") do + Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal, principal_right) end end end diff --git a/lib/chef/version.rb b/lib/chef/version.rb index 69ed8c0242..75c998e853 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require_relative "version_string" class Chef CHEF_ROOT = File.expand_path("..", __dir__) - VERSION = Chef::VersionString.new("18.0.144") + VERSION = Chef::VersionString.new("18.0.172") end # diff --git a/lib/chef/win32/handle.rb b/lib/chef/win32/handle.rb index 1b0257ed68..a677b4021e 100644 --- a/lib/chef/win32/handle.rb +++ b/lib/chef/win32/handle.rb @@ -26,10 +26,6 @@ class Chef class Handle extend Chef::ReservedNames::Win32::API::Process - # See http://msdn.microsoft.com/en-us/library/windows/desktop/ms683179(v=vs.85).aspx - # The handle value returned by the GetCurrentProcess function is the pseudo handle (HANDLE)-1 (which is 0xFFFFFFFF) - CURRENT_PROCESS_HANDLE = 4294967295 - def initialize(handle) @handle = handle ObjectSpace.define_finalizer(self, Handle.close_handle_finalizer(handle)) @@ -38,13 +34,16 @@ class Chef attr_reader :handle def self.close_handle_finalizer(handle) + proc { close_handle(handle) } + end + + def self.close_handle(handle) # According to http://msdn.microsoft.com/en-us/library/windows/desktop/ms683179(v=vs.85).aspx, it is not necessary # to close the pseudo handle returned by the GetCurrentProcess function. The docs also say that it doesn't hurt to call # CloseHandle on it. However, doing so from inside of Ruby always seems to produce an invalid handle error. - proc { close_handle(handle) unless handle == CURRENT_PROCESS_HANDLE } - end + # The recommendation is to use GetCurrentProcess instead of the const (HANDLE)-1, to ensure we're making the correct comparison. + return if handle == GetCurrentProcess() - def self.close_handle(handle) unless CloseHandle(handle) Chef::ReservedNames::Win32::Error.raise! end diff --git a/omnibus/Gemfile b/omnibus/Gemfile index 77f27b82ab..a8d16ac939 100644 --- a/omnibus/Gemfile +++ b/omnibus/Gemfile @@ -2,9 +2,7 @@ source "https://rubygems.org" gem "omnibus", github: ENV.fetch("OMNIBUS_GITHUB_REPO", "chef/omnibus"), branch: ENV.fetch("OMNIBUS_GITHUB_BRANCH", "main") -# FIXME temporarily forcing builds through jfm/ucrt_update brance for omnibus-software -# gem "omnibus-software", github: ENV.fetch("OMNIBUS_SOFTWARE_GITHUB_REPO", "chef/omnibus-software"), branch: ENV.fetch("OMNIBUS_SOFTWARE_GITHUB_BRANCH", "main") -gem "omnibus-software", github: ENV.fetch("OMNIBUS_SOFTWARE_GITHUB_REPO", "chef/omnibus-software"), branch: "jfm/ucrt_update" +gem "omnibus-software", github: ENV.fetch("OMNIBUS_SOFTWARE_GITHUB_REPO", "chef/omnibus-software"), branch: ENV.fetch("OMNIBUS_SOFTWARE_GITHUB_BRANCH", "main") gem "artifactory" diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock index 0edc35475a..f3b842efc6 100644 --- a/omnibus/Gemfile.lock +++ b/omnibus/Gemfile.lock @@ -1,17 +1,17 @@ GIT remote: https://github.com/chef/omnibus-software.git - revision: 8b1efa78a0aad9574512253c7082a83fe4070819 - branch: jfm/ucrt_update + revision: fc901c6446e6354058133b89a29a6ef8e2995b3d + branch: main specs: omnibus-software (4.0.0) omnibus (>= 9.0.0) GIT remote: https://github.com/chef/omnibus.git - revision: 83d8428abde4cb289a161f736822ba02563a884c + revision: d1fe3bbba0bf8c6cbc0e9d75bfcc8216e4345078 branch: main specs: - omnibus (9.0.3) + omnibus (9.0.8) aws-sdk-s3 (~> 1) chef-cleanroom (~> 1.0) chef-utils (>= 15.4) @@ -29,13 +29,13 @@ GIT GEM remote: https://rubygems.org/ specs: - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) artifactory (3.0.15) awesome_print (1.9.2) aws-eventstream (1.2.0) - aws-partitions (1.610.0) - aws-sdk-core (3.131.3) + aws-partitions (1.648.0) + aws-sdk-core (3.162.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) @@ -43,14 +43,14 @@ GEM aws-sdk-kms (1.58.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.114.0) + aws-sdk-s3 (1.115.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) aws-sdk-secretsmanager (1.64.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sigv4 (1.5.1) + aws-sigv4 (1.5.2) aws-eventstream (~> 1, >= 1.0.2) bcrypt_pbkdf (1.1.0) berkshelf (8.0.2) @@ -324,7 +324,7 @@ GEM pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (4.0.7) + public_suffix (5.0.0) rack (2.2.4) rainbow (3.1.1) retryable (3.0.5) @@ -382,13 +382,13 @@ GEM toml-rb (2.2.0) citrus (~> 3.0, > 3.0) tomlrb (1.3.0) - train-core (3.10.1) + train-core (3.10.7) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) mixlib-shellout (>= 2.0, < 4.0) - net-scp (>= 1.2, < 4.0) - net-ssh (>= 2.9, < 7.0) + net-scp (>= 1.2, < 5.0) + net-ssh (>= 2.9, < 8.0) train-winrm (0.2.13) winrm (>= 2.3.6, < 3.0) winrm-elevated (~> 1.2.2) diff --git a/spec/functional/resource/group_spec.rb b/spec/functional/resource/group_spec.rb index 9360020537..6e074a3e44 100644 --- a/spec/functional/resource/group_spec.rb +++ b/spec/functional/resource/group_spec.rb @@ -44,10 +44,10 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do members.shift # Get rid of GroupMembership: string members.include?(user) else - # TODO For some reason our temporary AIX 7.2 system does not correctly report group membership immediately after changes have been made. - # Adding a 2 second delay for this platform is enough to get correct results. - # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617 - sleep 2 if aix? && (ohai[:platform_version] == "7.2") + # NOTE: For some reason our temporary AIX 7.x systems do not correctly report group membership immediately after changes have been made. + # Adding a delay for this platform is enough to get correct results. + # reference: https://github.com/chef/release-engineering/issues/1617 + sleep 3 if aix? Etc.getgrnam(group_name).mem.include?(user) end end @@ -133,6 +133,10 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do temp_resource.append(true) temp_resource.run_action(:modify) members.each do |member| + # NOTE For some reason our temporary AIX 7.x systems do not correctly report group membership immediately after changes have been made. + # Adding a delay for this platform is enough to get correct results. + # reference: https://github.com/chef/release-engineering/issues/1617 + sleep 3 if aix? expect(user_exist_in_group?(member)).to eq(true) end end diff --git a/spec/functional/resource/link_spec.rb b/spec/functional/resource/link_spec.rb index 4637896fd7..480c2df92f 100644 --- a/spec/functional/resource/link_spec.rb +++ b/spec/functional/resource/link_spec.rb @@ -345,17 +345,17 @@ describe Chef::Resource::Link do let(:test_user) { "test-link-user" } before do user(test_user).run_action(:create) - # TODO For some reason our temporary AIX 7.2 system does not correctly report user existence immediately after changes have been made. - # Adding a 2 second delay for this platform is enough to get correct results. - # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617 - sleep 2 if aix? && (ohai[:platform_version] == "7.2") + # NOTE: For some reason our temporary AIX 7.x systems do not correctly report user existence immediately after changes have been made. + # Adding a delay for this platform is enough to get correct results. + # reference: https://github.com/chef/release-engineering/issues/1617 + sleep 3 if aix? end after do user(test_user).run_action(:remove) - # TODO For some reason our temporary AIX 7.2 system does not correctly report user existence immediately after changes have been made. - # Adding a 2 second delay for this platform is enough to get correct results. - # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617 - sleep 2 if aix? && (ohai[:platform_version] == "7.2") + # TODO For some reason our temporary AIX 7.x systems do not correctly report user existence immediately after changes have been made. + # Adding a delay for this platform is enough to get correct results. + # reference: https://github.com/chef/release-engineering/issues/1617 + sleep 3 if aix? end before(:each) do resource.owner(test_user) diff --git a/spec/functional/resource/user/linux_user_spec.rb b/spec/functional/resource/user/linux_user_spec.rb new file mode 100644 index 0000000000..e77ada103c --- /dev/null +++ b/spec/functional/resource/user/linux_user_spec.rb @@ -0,0 +1,127 @@ +# +# Copyright:: Copyright (c) Chef Software Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require "spec_helper" +require "chef/mixin/shell_out" + +metadata = { + requires_root: true, + linux_only: true, +} + +describe "Chef::Resource::User with Chef::Provider::User::LinuxUser provider", metadata do + include Chef::Mixin::ShellOut + + def clean_user + shell_out!("/usr/sbin/userdel #{username}") + rescue Mixlib::ShellOut::ShellCommandFailed + # Raised when the user is already cleaned + end + + def ensure_file_cache_path_exists + path = Chef::Config["file_cache_path"] + FileUtils.mkdir_p(path) unless File.directory?(path) + end + + def user_should_exist + expect(shell_out("grep -q #{username} /etc/passwd").error?).to be(false) + end + + def check_password(pass, user) + expect(shell_out("grep ^#{user}: /etc/shadow | cut -d: -f2 | grep ^#{pass}$").exitstatus).to eq(0) + end + + let(:node) do + n = Chef::Node.new + n.consume_external_attrs(OHAI_SYSTEM.data.dup, {}) + n + end + + let(:events) do + Chef::EventDispatch::Dispatcher.new + end + + let(:run_context) do + Chef::RunContext.new(node, {}, events) + end + + let(:username) do + "greatchef" + end + + let(:uid) { nil } + let(:gid) do + # SLES 15 doesn't have the "20" group and + # so lets just pick the last group... no, + # Etc.group.map(&:gid).last does not work + Etc.enum_for(:group).map(&:gid).last + end + let(:home) { nil } + let(:manage_home) { false } + let(:password) { "XXXYYYZZZ" } + let(:comment) { "Great Chef" } + let(:shell) { "/bin/bash" } + let(:salt) { nil } + + let(:user_resource) do + r = Chef::Resource::User::LinuxUser.new("TEST USER RESOURCE", run_context) + r.username(username) + r.uid(uid) + r.gid(gid) + + r.home(home) + r.shell(shell) + r.comment(comment) + r.manage_home(manage_home) + r.password(password) + r.salt(salt) + r + end + + before do + clean_user + ensure_file_cache_path_exists + end + + after(:each) do + clean_user + end + + describe "action :create" do + it "should create the user" do + user_resource.run_action(:create) + user_should_exist + check_password(password, username) + end + end + + describe "when user exists" do + before do + existing_resource = user_resource.dup + existing_resource.run_action(:create) + user_should_exist + end + + describe "when password is updated" do + it "should update the password of the user" do + user_resource.password("mykitchen") + user_resource.run_action(:create) + check_password("mykitchen", username) + end + end + end +end diff --git a/spec/functional/shell_spec.rb b/spec/functional/shell_spec.rb index 203b6346b2..9430970552 100644 --- a/spec/functional/shell_spec.rb +++ b/spec/functional/shell_spec.rb @@ -78,8 +78,13 @@ describe Shell do def run_chef_shell_with(options) # Windows ruby installs don't (always?) have PTY, # so hide the require here - require "pty" + + # FIXME this is temporary... Solaris envs have TERM set to unknown + # and the value isn't propagating from the build environment TERM + # variable + ENV["TERM"] = "vt100" if ["", "unknown"].include?(ENV["TERM"].to_s) + config = File.expand_path("shef-config.rb", CHEF_SPEC_DATA) reader, writer, pid = PTY.spawn("bundle exec #{ChefUtils::Dist::Infra::SHELL} --no-multiline --no-singleline --no-colorize -c #{config} #{options}") read_until(reader, "chef (#{Chef::VERSION})>") diff --git a/spec/unit/daemon_spec.rb b/spec/unit/daemon_spec.rb index f91210277b..05a09a5857 100644 --- a/spec/unit/daemon_spec.rb +++ b/spec/unit/daemon_spec.rb @@ -170,11 +170,7 @@ describe Chef::Daemon do it "should log an appropriate error message and fail miserably" do allow(Process).to receive(:initgroups).and_raise(Errno::EPERM) - error = "Operation not permitted" - if RUBY_PLATFORM.match("solaris2") || RUBY_PLATFORM.match("aix") - error = "Not owner" - end - expect(Chef::Application).to receive(:fatal!).with("Permission denied when trying to change 999:999 to 501:20. #{error}") + expect(Chef::Application).to receive(:fatal!).with(/Permission denied when trying to change 999:999 to 501:20/) Chef::Daemon._change_privilege(testuser) end end diff --git a/spec/unit/mixin/checksum_spec.rb b/spec/unit/mixin/checksum_spec.rb index e8fb1ed4dc..9c1e19769d 100644 --- a/spec/unit/mixin/checksum_spec.rb +++ b/spec/unit/mixin/checksum_spec.rb @@ -51,4 +51,32 @@ describe Chef::Mixin::Checksum do end end + describe "checksum_match?" do + context "when checksum cases match" do + it "returns true" do + expect(@checksum_user.checksum_match?("u7ghbxikk3i9blsimmy2y2ionmxx", "u7ghbxikk3i9blsimmy2y2ionmxx")).to be true + end + end + + context "when one checksum is uppercase and other is lowercase" do + it "returns true" do + expect(@checksum_user.checksum_match?("U7GHBXIKK3I9BLSIMMY2Y2IONMXX", "u7ghbxikk3i9blsimmy2y2ionmxx")).to be true + end + end + + context "when checksums do not match" do + it "returns false" do + expect(@checksum_user.checksum_match?("u7ghbxikk3i9blsimmy2y2ionmxx", "09ee9c8cc70501763563bcf9c218")).to be false + end + end + + context "when checksum is nil" do + it "returns false" do + expect(@checksum_user.checksum_match?("u7ghbxikk3i9blsimmy2y2ionmxx", nil)).to be false + expect(@checksum_user.checksum_match?(nil, "09ee9c8cc70501763563bcf9c218")).to be false + expect(@checksum_user.checksum_match?(nil, nil)).to be false + end + end + end + end diff --git a/spec/unit/platform/query_helpers_spec.rb b/spec/unit/platform/query_helpers_spec.rb index 424bd6348b..0671d98476 100644 --- a/spec/unit/platform/query_helpers_spec.rb +++ b/spec/unit/platform/query_helpers_spec.rb @@ -41,12 +41,8 @@ end describe "Chef::Platform#dsc_refresh_mode_disabled?", :windows_only do let(:node) { instance_double("Chef::Node") } - let(:powershell) { Class.new { include ChefPowerShell::ChefPowerShellModule::PowerShellExec } } - subject(:object) { powershell.new } it "returns true when RefreshMode is Disabled" do - execution = object.powershell_exec("Get-DscLocalConfigurationManager", :powershell, timeout: -1) - expect(execution.result["RefreshMode"]).to eq "PUSH" expect(Chef::Platform.dsc_refresh_mode_disabled?(node)).to be false end end diff --git a/spec/unit/provider/user/linux_spec.rb b/spec/unit/provider/user/linux_spec.rb index 1fc8e3c6a1..27b226773d 100644 --- a/spec/unit/provider/user/linux_spec.rb +++ b/spec/unit/provider/user/linux_spec.rb @@ -20,7 +20,7 @@ require "spec_helper" -describe Chef::Provider::User::Linux do +describe Chef::Provider::User::Linux, linux_only: true do subject(:provider) do p = described_class.new(@new_resource, @run_context) @@ -120,4 +120,49 @@ describe Chef::Provider::User::Linux do expect( provider.universal_options ).to eql(["-f", 90]) end end + + describe "compare_user_linux" do + before(:each) do + @new_resource = Chef::Resource::User::LinuxUser.new("notarealuser") + @current_resource = Chef::Resource::User::LinuxUser.new("notarealuser") + end + + let(:mapping) do + { + "username" => %w{notarealuser notarealuser}, + "comment" => ["Nota Realuser", "Not a Realuser"], + "uid" => [1000, 1001], + "gid" => [1000, 1001], + "home" => ["/home/notarealuser", "/Users/notarealuser"], + "shell" => ["/usr/bin/zsh", "/bin/bash"], + "password" => %w{abcd 12345}, + } + end + + %w{uid gid comment home shell password}.each do |property| + it "should return true if #{property} doesn't match" do + @new_resource.send(property, mapping[property][0]) + @current_resource.send(property, mapping[property][1]) + expect(provider.compare_user).to eql(true) + end + end + + %w{uid gid}.each do |property| + it "should return false if string #{property} matches fixnum" do + @new_resource.send(property, "100") + @current_resource.send(property, 100) + expect(provider.compare_user).to eql(false) + end + end + + it "should return false if the objects are identical" do + expect(provider.compare_user).to eql(false) + end + + it "should ignore differences in trailing slash in home paths" do + @new_resource.home "/home/notarealuser" + @current_resource.home "/home/notarealuser/" + expect(provider.compare_user).to eql(false) + end + end end diff --git a/spec/unit/provider/user_spec.rb b/spec/unit/provider/user_spec.rb index c8ad656f06..67cb2debf8 100644 --- a/spec/unit/provider/user_spec.rb +++ b/spec/unit/provider/user_spec.rb @@ -178,12 +178,30 @@ describe Chef::Provider::User do end end - it "should fail assertions when ruby-shadow cannot be loaded" do - expect(@provider).to receive(:require).with("shadow") { raise LoadError } - @provider.load_current_resource - @provider.action = :create - @provider.define_resource_requirements - expect { @provider.process_resource_requirements }.to raise_error Chef::Exceptions::MissingLibrary + context "when ruby-shadow is supported on the platform" do + before do + allow(@provider).to receive(:supports_ruby_shadow?).and_return true + end + it "should fail assertions when ruby-shadow cannot be loaded" do + expect(@provider).to receive(:require).with("shadow") { raise LoadError } + @provider.load_current_resource + @provider.action = :create + @provider.define_resource_requirements + expect { @provider.process_resource_requirements }.to raise_error Chef::Exceptions::MissingLibrary + end + end + + context "when ruby-shadow is not supported on the platform" do + before do + allow(@provider).to receive(:supports_ruby_shadow?).and_return false + end + it "should not fail any assertions when ruby-shadow cannot be loaded" do + expect(@provider).to receive(:require).with("shadow") { raise LoadError } + @provider.load_current_resource + @provider.action = :create + @provider.define_resource_requirements + @provider.process_resource_requirements + end end end |