diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/chef/application.rb | 5 | ||||
| -rw-r--r-- | lib/chef/provider/package/zypper.rb | 14 | ||||
| -rw-r--r-- | lib/chef/resource/zypper_package.rb | 2 |
3 files changed, 9 insertions, 12 deletions
diff --git a/lib/chef/application.rb b/lib/chef/application.rb index 86078300c2..eba0d48e57 100644 --- a/lib/chef/application.rb +++ b/lib/chef/application.rb @@ -48,6 +48,7 @@ class Chef configure_chef configure_logging configure_encoding + emit_warnings end # Get this party started @@ -79,6 +80,10 @@ class Chef end end + def emit_warnings + Chef::Log.warn "Chef::Config[:zypper_check_gpg] is set to false which disables security checking on zypper packages" unless Chef::Config[:zypper_check_gpg] + end + # Parse configuration (options and config file) def configure_chef parse_options diff --git a/lib/chef/provider/package/zypper.rb b/lib/chef/provider/package/zypper.rb index 45c6c91f60..7b8fd6c426 100644 --- a/lib/chef/provider/package/zypper.rb +++ b/lib/chef/provider/package/zypper.rb @@ -2,7 +2,7 @@ # # Authors:: Adam Jacob (<adam@chef.io>) # Ionuț Arțăriși (<iartarisi@suse.cz>) -# Copyright:: Copyright 2008-2016, Chef Software, Inc. +# Copyright:: Copyright 2008-2017, Chef Software Inc. # Copyright 2013-2016, SUSE Linux GmbH # License:: Apache License, Version 2.0 # @@ -145,17 +145,7 @@ class Chef end def gpg_checks - case Chef::Config[:zypper_check_gpg] - when true - nil - when false - "--no-gpg-checks" - when nil - Chef::Log.warn("Chef::Config[:zypper_check_gpg] was not set. " \ - "All packages will be installed without gpg signature checks. " \ - "This is a security hazard.") - "--no-gpg-checks" - end + "--no-gpg-checks" unless new_resource.gpg_check end end end diff --git a/lib/chef/resource/zypper_package.rb b/lib/chef/resource/zypper_package.rb index f9e3eef49e..6c6e308159 100644 --- a/lib/chef/resource/zypper_package.rb +++ b/lib/chef/resource/zypper_package.rb @@ -23,6 +23,8 @@ class Chef class ZypperPackage < Chef::Resource::Package resource_name :zypper_package provides :package, platform_family: "suse" + + property :gpg_check, [ TrueClass, FalseClass ], default: lazy { Chef::Config[:zypper_check_gpg] } end end end |