Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Rename not_fips rspec filter to no_supported_under_fipsjdm/fix-fips-filter | Jay Mundrawala | 2016-01-27 | 2 | -2/+2 |
| | |||||
* | Fix inverted filter logic for not_fips rspec filter | Jay Mundrawala | 2016-01-27 | 1 | -1/+1 |
| | |||||
* | Merge pull request #4470 from chef/jdm/fix2-pipeline | Jay Mundrawala | 2016-01-27 | 1 | -1/+1 |
|\ | | | | | Fix sh spacing issues | ||||
| * | Fix sh spacing issues | Jay Mundrawala | 2016-01-27 | 1 | -1/+1 |
|/ | | | | The if statement was always being evaluated to true. | ||||
* | Merge pull request #4434 from chef/lcg/better-eof-errors | Lamont Granquist | 2016-01-27 | 7 | -10/+77 |
|\ | | | | | adds EOFError message to handlers | ||||
| * | explicit specs for EOFErrorslcg/better-eof-errors | Lamont Granquist | 2016-01-26 | 2 | -6/+29 |
| | | |||||
| * | adds EOFError message to handlers | Lamont Granquist | 2016-01-19 | 6 | -7/+51 |
| | | | | | | | | | | | | i think this still misses the biggest EOFError culprit which is the node.save at the end, but we don't seem to have a node_save_failed event to hook. | ||||
* | | Merge pull request #4466 from chef/jdm/fix-pipeline | Thom May | 2016-01-27 | 1 | -3/+4 |
|\ \ | | | | | | | Fix bug in sh script that runs test in jenkins | ||||
| * | | Fix bug in sh script that runs test in jenkinsjdm/fix-pipeline | Jay Mundrawala | 2016-01-26 | 1 | -3/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some testers fail with ``` ci/verify-chef.sh: test: ] missing` ``` This regression was introduced by https://github.com/chef/chef/commit/2bcb7d06dcb49c953b9e666b24c8bd3cb56da2c5 | ||||
* | | | Merge pull request #4422 from chef/tm/apt_update | Thom May | 2016-01-27 | 6 | -0/+264 |
|\ \ \ | | | | | | | | | Add an apt_update resource | ||||
| * | | | fix style nittm/apt_update | Thom May | 2016-01-22 | 1 | -1/+1 |
| | | | | |||||
| * | | | respond to review comments | Thom May | 2016-01-22 | 4 | -2/+30 |
| | | | | |||||
| * | | | Dependency inject file locations | Thom May | 2016-01-21 | 2 | -19/+54 |
| | | | | |||||
| * | | | ensure that periodic files are created first | Thom May | 2016-01-20 | 1 | -8/+18 |
| | | | | |||||
| * | | | Add periodic action as the default | Thom May | 2016-01-20 | 3 | -3/+47 |
| | | | | |||||
| * | | | Add an apt_update resource | Thom May | 2016-01-20 | 6 | -0/+147 |
| | | | | |||||
* | | | | Derive repo path from cookbook_artifact pathenable-policies-in-local-mode-by-default | danielsdeleo | 2016-01-26 | 2 | -8/+23 |
| | | | | | | | | | | | | | | | | | | | | Allows you to run local mode with autodetected paths using native policyfile objects only. | ||||
* | | | | Add test coverage for chef_repo_path | danielsdeleo | 2016-01-26 | 1 | -0/+45 |
| | | | | |||||
* | | | | Add test for repo_mode behavior | danielsdeleo | 2016-01-26 | 2 | -3/+44 |
| | | | | |||||
* | | | | Enable Chef 12 mode for local mode by default | danielsdeleo | 2016-01-26 | 4 | -235/+474 |
| | | | | |||||
* | | | | Fix ambiguous argument warnings | danielsdeleo | 2016-01-26 | 1 | -2/+2 |
| | | | | |||||
* | | | | Explain the various ChefFS modes | danielsdeleo | 2016-01-26 | 1 | -3/+31 |
| |/ / |/| | | |||||
* | | | Merge pull request #4287 from chef/jdm/1.3-fips | Jay Mundrawala | 2016-01-26 | 24 | -54/+120 |
|\ \ \ | | | | | | | | | Default Chef with FIPS OpenSSL to use sign v1.3 | ||||
| * | | | Fix client_specjdm/1.3-fips | Jay Mundrawala | 2016-01-26 | 1 | -2/+6 |
| | | | | |||||
| * | | | Point chef at local_source for chef-fips | Jay Mundrawala | 2016-01-25 | 1 | -1/+1 |
| | | | | |||||
| * | | | Fixup quotes in chef-config | Jay Mundrawala | 2016-01-25 | 1 | -7/+7 |
| | | | | |||||
| * | | | Do openssl initialization in chef-fips test pipeline | Jay Mundrawala | 2016-01-25 | 1 | -0/+4 |
| | | | | |||||
| * | | | export CHEF_FIPS=1 in the chef-fips jenkins pipeline | Jay Mundrawala | 2016-01-25 | 2 | -1/+9 |
| | | | | |||||
| * | | | Modify registration_spec to work when fips is enabled in openssl | Jay Mundrawala | 2016-01-25 | 1 | -6/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | We need to ask openssl for the pem whenever we have a private key so that it returns the same format of key (PKCS#1 vs PKCS#8) that openssl generates | ||||
| * | | | Allow setting fips through environment variable | Jay Mundrawala | 2016-01-25 | 1 | -1/+1 |
| | | | | |||||
| * | | | Skip Version0 encrypted databag tests when in fips mode | Jay Mundrawala | 2016-01-25 | 4 | -2/+7 |
| | | | | | | | | | | | | | | | | | | | | | | | | aes-256-cbc does not seem to work when openssl is in fips mode. The only other reference I could find to this was: https://access.redhat.com/solutions/176633 | ||||
| * | | | Don't check the key for auth_credentials_spec | Jay Mundrawala | 2016-01-25 | 1 | -32/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The AuthCredentials class does not do anything special with regards to the key. We should only need to check that the one we passed in, not that it's pem representation. The reason for removing this extra (unneeded) check is because it breaks when openssl is in fips mode. When in that mode, openssl with generate a PKCS#8 pem representation, while the thing that we checked against was a PKCS#1 pem representation. | ||||
| * | | | Allow chef-client --fips | Jay Mundrawala | 2016-01-25 | 1 | -0/+7 |
| | | | | |||||
| * | | | Rename openssl-fips to fips and add messages | Jay Mundrawala | 2016-01-25 | 7 | -15/+15 |
| | | | | |||||
| * | | | Add fips mode line to Starting chef client run | Jay Mundrawala | 2016-01-25 | 2 | -2/+4 |
| | | | | |||||
| * | | | Add --openssl-fips to knife bootstrap | Jay Mundrawala | 2016-01-25 | 2 | -0/+9 |
| | | | | |||||
| * | | | Do openssl initialization from applications | Jay Mundrawala | 2016-01-25 | 6 | -1/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some notes: * Add module overrides for fips We need to use the SHA1 module under OpenSSL because the openssl functions called by Digest::SHA1 cause openssl to crash the process. We use the Digest::MD5 over the OpenSSL::MD5 module because md5 is not allowed when in fips mode and causes the process to crash. While we work through these issues, we're going to allow it to pass by compiling the ruby md5 implementation. * Use OpenSSL::Digest::SHA256 instead of Digest::SHA256 Digest::SHA256 is broken in fips mode because it uses unapproved APIs. They cause the process to terminate. | ||||
| * | | | Use sign v1.3 when fips mode is selected | Jay Mundrawala | 2016-01-25 | 2 | -4/+28 |
| | | | | |||||
| * | | | Pass headers to mixlib-authentication | Jay Mundrawala | 2016-01-25 | 2 | -5/+12 |
| | | | | |||||
| * | | | Use mixlib-auth to version 1.4 | Kartik Null Cating-Subramanian | 2016-01-25 | 1 | -1/+1 |
| | | | | |||||
* | | | | Merge pull request #4461 from chef/lcg/remove-debain-6 | Lamont Granquist | 2016-01-26 | 1 | -12/+0 |
|\ \ \ \ | | | | | | | | | | | debian-6 is EOL next month | ||||
| * | | | | debian-6 is EOL next month | Lamont Granquist | 2016-01-26 | 1 | -12/+0 |
|/ / / / | | | | | | | | | | | | | t1.micros are also beyond terrible for performance. | ||||
* | | | | Merge branch 'jk/acceptance-spinup' | John Keiser | 2016-01-26 | 13 | -6/+456 |
|\ \ \ \ | |||||
| * | | | | Remove OS's we don't support in chef | John Keiser | 2016-01-26 | 2 | -53/+54 |
| | | | | | |||||
| * | | | | Review comments | John Keiser | 2016-01-26 | 4 | -1/+8 |
| | | | | | |||||
| * | | | | Add acceptance test to run git cookbook | John Keiser | 2016-01-26 | 13 | -6/+448 |
|/ / / / | |||||
* | | | | Merge pull request #4460 from chef/jdm/aix-system-user-spec | Bryan McLellan | 2016-01-26 | 1 | -3/+3 |
|\ \ \ \ | | | | | | | | | | | Set range of system user/group id to max of 200 on AIX | ||||
| * | | | | Set range of system user/group id to max of 200 | Jay Mundrawala | 2016-01-26 | 1 | -3/+3 |
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://abcofaix.wordpress.com/tag/usermod/, the value can be up to 200. We were seeing tests on our aix testers fail with ``` 1) Chef::Provider::User::Useradd action :create when the user does not exist beforehand when a system user is specified ensures the user has the properties of a system user Failure/Error: expect(pw_entry.uid.to_i).to be < uid_min.to_i expected: < 100 got: 101 # ./spec/functional/resource/user/useradd_spec.rb:306:in `block (5 levels) in <top (required)>' ``` | ||||
* | | | | Merge pull request #4453 from chef/fix_cbgb_typo | Lamont Granquist | 2016-01-25 | 2 | -2/+2 |
|\ \ \ \ | | | | | | | | | | | Governers -> Governors | ||||
| * | | | | Governers -> Governorsfix_cbgb_typo | Nathen Harvey | 2016-01-23 | 2 | -2/+2 |
| |/ / / | | | | | | | | | | | | | thanks @juliandunn |