summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Rename not_fips rspec filter to no_supported_under_fipsjdm/fix-fips-filterJay Mundrawala2016-01-272-2/+2
|
* Fix inverted filter logic for not_fips rspec filterJay Mundrawala2016-01-271-1/+1
|
* Merge pull request #4470 from chef/jdm/fix2-pipelineJay Mundrawala2016-01-271-1/+1
|\ | | | | Fix sh spacing issues
| * Fix sh spacing issuesJay Mundrawala2016-01-271-1/+1
|/ | | | The if statement was always being evaluated to true.
* Merge pull request #4434 from chef/lcg/better-eof-errorsLamont Granquist2016-01-277-10/+77
|\ | | | | adds EOFError message to handlers
| * explicit specs for EOFErrorslcg/better-eof-errorsLamont Granquist2016-01-262-6/+29
| |
| * adds EOFError message to handlersLamont Granquist2016-01-196-7/+51
| | | | | | | | | | | | i think this still misses the biggest EOFError culprit which is the node.save at the end, but we don't seem to have a node_save_failed event to hook.
* | Merge pull request #4466 from chef/jdm/fix-pipelineThom May2016-01-271-3/+4
|\ \ | | | | | | Fix bug in sh script that runs test in jenkins
| * | Fix bug in sh script that runs test in jenkinsjdm/fix-pipelineJay Mundrawala2016-01-261-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some testers fail with ``` ci/verify-chef.sh: test: ] missing` ``` This regression was introduced by https://github.com/chef/chef/commit/2bcb7d06dcb49c953b9e666b24c8bd3cb56da2c5
* | | Merge pull request #4422 from chef/tm/apt_updateThom May2016-01-276-0/+264
|\ \ \ | | | | | | | | Add an apt_update resource
| * | | fix style nittm/apt_updateThom May2016-01-221-1/+1
| | | |
| * | | respond to review commentsThom May2016-01-224-2/+30
| | | |
| * | | Dependency inject file locationsThom May2016-01-212-19/+54
| | | |
| * | | ensure that periodic files are created firstThom May2016-01-201-8/+18
| | | |
| * | | Add periodic action as the defaultThom May2016-01-203-3/+47
| | | |
| * | | Add an apt_update resourceThom May2016-01-206-0/+147
| | | |
* | | | Derive repo path from cookbook_artifact pathenable-policies-in-local-mode-by-defaultdanielsdeleo2016-01-262-8/+23
| | | | | | | | | | | | | | | | | | | | Allows you to run local mode with autodetected paths using native policyfile objects only.
* | | | Add test coverage for chef_repo_pathdanielsdeleo2016-01-261-0/+45
| | | |
* | | | Add test for repo_mode behaviordanielsdeleo2016-01-262-3/+44
| | | |
* | | | Enable Chef 12 mode for local mode by defaultdanielsdeleo2016-01-264-235/+474
| | | |
* | | | Fix ambiguous argument warningsdanielsdeleo2016-01-261-2/+2
| | | |
* | | | Explain the various ChefFS modesdanielsdeleo2016-01-261-3/+31
| |/ / |/| |
* | | Merge pull request #4287 from chef/jdm/1.3-fipsJay Mundrawala2016-01-2624-54/+120
|\ \ \ | | | | | | | | Default Chef with FIPS OpenSSL to use sign v1.3
| * | | Fix client_specjdm/1.3-fipsJay Mundrawala2016-01-261-2/+6
| | | |
| * | | Point chef at local_source for chef-fipsJay Mundrawala2016-01-251-1/+1
| | | |
| * | | Fixup quotes in chef-configJay Mundrawala2016-01-251-7/+7
| | | |
| * | | Do openssl initialization in chef-fips test pipelineJay Mundrawala2016-01-251-0/+4
| | | |
| * | | export CHEF_FIPS=1 in the chef-fips jenkins pipelineJay Mundrawala2016-01-252-1/+9
| | | |
| * | | Modify registration_spec to work when fips is enabled in opensslJay Mundrawala2016-01-251-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | We need to ask openssl for the pem whenever we have a private key so that it returns the same format of key (PKCS#1 vs PKCS#8) that openssl generates
| * | | Allow setting fips through environment variableJay Mundrawala2016-01-251-1/+1
| | | |
| * | | Skip Version0 encrypted databag tests when in fips modeJay Mundrawala2016-01-254-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | aes-256-cbc does not seem to work when openssl is in fips mode. The only other reference I could find to this was: https://access.redhat.com/solutions/176633
| * | | Don't check the key for auth_credentials_specJay Mundrawala2016-01-251-32/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The AuthCredentials class does not do anything special with regards to the key. We should only need to check that the one we passed in, not that it's pem representation. The reason for removing this extra (unneeded) check is because it breaks when openssl is in fips mode. When in that mode, openssl with generate a PKCS#8 pem representation, while the thing that we checked against was a PKCS#1 pem representation.
| * | | Allow chef-client --fipsJay Mundrawala2016-01-251-0/+7
| | | |
| * | | Rename openssl-fips to fips and add messagesJay Mundrawala2016-01-257-15/+15
| | | |
| * | | Add fips mode line to Starting chef client runJay Mundrawala2016-01-252-2/+4
| | | |
| * | | Add --openssl-fips to knife bootstrapJay Mundrawala2016-01-252-0/+9
| | | |
| * | | Do openssl initialization from applicationsJay Mundrawala2016-01-256-1/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some notes: * Add module overrides for fips We need to use the SHA1 module under OpenSSL because the openssl functions called by Digest::SHA1 cause openssl to crash the process. We use the Digest::MD5 over the OpenSSL::MD5 module because md5 is not allowed when in fips mode and causes the process to crash. While we work through these issues, we're going to allow it to pass by compiling the ruby md5 implementation. * Use OpenSSL::Digest::SHA256 instead of Digest::SHA256 Digest::SHA256 is broken in fips mode because it uses unapproved APIs. They cause the process to terminate.
| * | | Use sign v1.3 when fips mode is selectedJay Mundrawala2016-01-252-4/+28
| | | |
| * | | Pass headers to mixlib-authenticationJay Mundrawala2016-01-252-5/+12
| | | |
| * | | Use mixlib-auth to version 1.4Kartik Null Cating-Subramanian2016-01-251-1/+1
| | | |
* | | | Merge pull request #4461 from chef/lcg/remove-debain-6Lamont Granquist2016-01-261-12/+0
|\ \ \ \ | | | | | | | | | | debian-6 is EOL next month
| * | | | debian-6 is EOL next monthLamont Granquist2016-01-261-12/+0
|/ / / / | | | | | | | | | | | | t1.micros are also beyond terrible for performance.
* | | | Merge branch 'jk/acceptance-spinup'John Keiser2016-01-2613-6/+456
|\ \ \ \
| * | | | Remove OS's we don't support in chefJohn Keiser2016-01-262-53/+54
| | | | |
| * | | | Review commentsJohn Keiser2016-01-264-1/+8
| | | | |
| * | | | Add acceptance test to run git cookbookJohn Keiser2016-01-2613-6/+448
|/ / / /
* | | | Merge pull request #4460 from chef/jdm/aix-system-user-specBryan McLellan2016-01-261-3/+3
|\ \ \ \ | | | | | | | | | | Set range of system user/group id to max of 200 on AIX
| * | | | Set range of system user/group id to max of 200Jay Mundrawala2016-01-261-3/+3
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://abcofaix.wordpress.com/tag/usermod/, the value can be up to 200. We were seeing tests on our aix testers fail with ``` 1) Chef::Provider::User::Useradd action :create when the user does not exist beforehand when a system user is specified ensures the user has the properties of a system user Failure/Error: expect(pw_entry.uid.to_i).to be < uid_min.to_i expected: < 100 got: 101 # ./spec/functional/resource/user/useradd_spec.rb:306:in `block (5 levels) in <top (required)>' ```
* | | | Merge pull request #4453 from chef/fix_cbgb_typoLamont Granquist2016-01-252-2/+2
|\ \ \ \ | | | | | | | | | | Governers -> Governors
| * | | | Governers -> Governorsfix_cbgb_typoNathen Harvey2016-01-232-2/+2
| |/ / / | | | | | | | | | | | | thanks @juliandunn
View Lorry Controller Status