diff --git a/Berksfile b/Berksfile index cb3314d..a884cb4 100644 --- a/Berksfile +++ b/Berksfile @@ -2,56 +2,38 @@ source 'https://supermarket.chef.io' -cookbook 'mediawiki', - git: 'https://github.com/67P/mediawiki-cookbook.git', - ref: 'nginx' -cookbook 'redis', - git: 'https://github.com/phlipper/chef-redis.git', - ref: 'v0.5.6' -cookbook 'redisio', '= 5.0.0' # TODO upgrade to 6.x when we use Chef 16 -cookbook 'postfix', '= 5.0.2' -cookbook 'php', '~> 8.0.0' -cookbook 'composer', '~> 2.7.0' -cookbook 'poise-ruby-build', '~> 1.1.0' -cookbook 'application', '~> 5.2.0' -cookbook 'application_javascript', '~> 1.0.0' -cookbook 'application_git', '= 1.1.0' # 1.2.0 doesn't work with knife-solo -cookbook 'poise', '~> 2.8.2' -cookbook 'poise-languages', '~> 2.1.1' -cookbook 'poise-javascript', git: 'https://github.com/67p/poise-javascript.git', - ref: 'e5fff15' -cookbook 'poise-archive', '~> 1.5.0' -cookbook 'poise-service', '~> 1.5.2' -cookbook 'users', '~> 5.3.1' -cookbook 'hostname', '= 0.4.2' -cookbook 'firewall', '~> 2.6.3' -cookbook 'nginx', '= 9.0.0' -cookbook 'fail2ban', '~> 7.0.4' -# Remove when cookbooks stop depending on it, the build_essential resource is -# part of Chef 14 (https://docs.chef.io/resource_build_essential.html) -cookbook 'build-essential', '~> 8.2.1' -cookbook 'mysql', '~> 8.7.3' -# cookbook 'postgresql', '= 7.1.8' -cookbook 'apt', '~> 7.3.0' -cookbook 'git', '~> 10.0.0' -cookbook 'hostsfile', '~> 3.0.1' -cookbook 'ohai', '~> 5.2.5' -cookbook 'nodejs', '~> 7.3.1' -cookbook 'timezone_iii', '= 1.0.4' -cookbook 'ark', '>= 5.0.0' -cookbook 'logrotate', '= 2.2.0' -cookbook 'openssl', '~> 8.5.5' -cookbook 'ntp', '= 3.4.0' -cookbook 'apache2', '= 3.3.0' -cookbook 'chef-sugar', '= 3.3.0' -cookbook 'compat_resource', '= 12.19.0' -cookbook 'homebrew', '= 3.0.0' -cookbook 'mariadb', '= 0.3.1' +cookbook 'elasticsearch', '~> 5.1.3' +cookbook 'firewall', '~> 6.2.16' +cookbook 'redisio', '~> 6.4.1' +cookbook 'ruby_build', '~> 2.5.0' + cookbook 'ipfs', git: 'https://gitea.kosmos.org/kosmos/ipfs-cookbook.git', ref: 'v0.7.0' -cookbook 'elasticsearch', '= 4.3.0' -cookbook 'java', '~> 4.3.0' -cookbook 'ulimit', '~> 1.0.0' +cookbook 'mediawiki', + git: 'https://github.com/67P/mediawiki-cookbook.git', + ref: 'nginx' + +cookbook 'apache2', '= 3.3.0' +cookbook 'apt', '~> 7.3.0' +cookbook 'ark', '>= 5.0.0' +cookbook 'composer', '~> 2.7.0' +cookbook 'fail2ban', '~> 7.0.4' +cookbook 'git', '~> 10.0.0' cookbook 'golang', '~> 5.3.1' +cookbook 'hostname', '= 0.4.2' +cookbook 'hostsfile', '~> 3.0.1' +cookbook 'java', '~> 4.3.0' +cookbook 'logrotate', '= 2.2.0' +cookbook 'mysql', '~> 8.7.3' +cookbook 'nginx', '= 9.0.0' +cookbook 'nodejs', '~> 7.3.1' +cookbook 'ntp', '= 3.4.0' +cookbook 'ohai', '~> 5.2.5' +cookbook 'openssl', '~> 8.5.5' +cookbook 'php', '~> 8.0.0' +cookbook 'postfix', '= 5.0.2' +cookbook 'timezone_iii', '= 1.0.4' +cookbook 'ulimit', '~> 1.0.0' +cookbook 'users', '~> 5.3.1' cookbook 'zerotier', '~> 1.0.7' diff --git a/Berksfile.lock b/Berksfile.lock index 09d3998..cc81edd 100644 --- a/Berksfile.lock +++ b/Berksfile.lock @@ -1,20 +1,13 @@ DEPENDENCIES apache2 (= 3.3.0) - application (~> 5.2.0) - application_git (= 1.1.0) - application_javascript (~> 1.0.0) apt (~> 7.3.0) ark (>= 5.0.0) - build-essential (~> 8.2.1) - chef-sugar (= 3.3.0) - compat_resource (= 12.19.0) composer (~> 2.7.0) - elasticsearch (= 4.3.0) + elasticsearch (~> 5.1.3) fail2ban (~> 7.0.4) - firewall (~> 2.6.3) + firewall (~> 6.2.16) git (~> 10.0.0) golang (~> 5.3.1) - homebrew (= 3.0.0) hostname (= 0.4.2) hostsfile (~> 3.0.1) ipfs @@ -23,7 +16,6 @@ DEPENDENCIES ref: v0.7.0 java (~> 4.3.0) logrotate (= 2.2.0) - mariadb (= 0.3.1) mediawiki git: https://github.com/67P/mediawiki-cookbook.git revision: 78641e53635ba6cbd4a2a51fd597adb8fef1e8ad @@ -35,21 +27,9 @@ DEPENDENCIES ohai (~> 5.2.5) openssl (~> 8.5.5) php (~> 8.0.0) - poise (~> 2.8.2) - poise-archive (~> 1.5.0) - poise-javascript - git: https://github.com/67p/poise-javascript.git - revision: e5fff15098ac80c2a625b8d77d4eaf39d48f7ba7 - ref: e5fff15 - poise-languages (~> 2.1.1) - poise-ruby-build (~> 1.1.0) - poise-service (~> 1.5.2) postfix (= 5.0.2) - redis - git: https://github.com/phlipper/chef-redis.git - revision: 7476279fc9c8727f082b8d77b5e1922dc2ef437b - ref: v0.5.6 - redisio (= 5.0.0) + redisio (~> 6.4.1) + ruby_build (~> 2.5.0) timezone_iii (= 1.0.4) ulimit (~> 1.0.0) users (~> 5.3.1) @@ -57,44 +37,26 @@ DEPENDENCIES GRAPH apache2 (3.3.0) - application (5.2.0) - poise (~> 2.4) - poise-service (~> 1.0) - application_git (1.1.0) - application (~> 5.0) - git (>= 0.0.0) - poise (~> 2.0) - application_javascript (1.0.0) - application (~> 5.0) - poise (~> 2.0) - poise-javascript (~> 1.0) - poise-service (~> 1.0) apt (7.3.0) ark (6.0.3) seven_zip (>= 3.1) build-essential (8.2.1) mingw (>= 1.1) seven_zip (>= 0.0.0) - chef-sugar (3.3.0) chocolatey (3.0.0) - compat_resource (12.19.0) composer (2.7.0) apt (>= 0.0.0) php (>= 0.0.0) windows (>= 0.0.0) - elasticsearch (4.3.0) - apt (>= 0.0.0) + elasticsearch (5.1.3) ark (>= 0.0.0) - chef-sugar (>= 0.0.0) - yum (>= 0.0.0) fail2ban (7.0.4) yum-epel (>= 0.0.0) - firewall (2.6.5) - chef-sugar (>= 0.0.0) + firewall (6.2.16) git (10.0.0) golang (5.3.1) ark (>= 6.0) - homebrew (3.0.0) + homebrew (5.4.1) hostname (0.4.2) hostsfile (>= 0.0.0) hostsfile (3.0.1) @@ -104,15 +66,11 @@ GRAPH homebrew (>= 0.0.0) windows (>= 0.0.0) logrotate (2.2.0) - mariadb (0.3.1) - apt (>= 0.0.0) - yum (>= 0.0.0) - yum-epel (>= 0.0.0) mediawiki (0.5.0) apache2 (>= 0.0.0) nginx (>= 0.0.0) php (>= 0.0.0) - mingw (2.1.3) + mingw (2.1.7) seven_zip (>= 0.0.0) mysql (8.7.4) nginx (9.0.0) @@ -127,43 +85,18 @@ GRAPH openssl (8.5.5) php (8.0.1) yum-epel (>= 0.0.0) - poise (2.8.2) - poise-archive (1.5.0) - poise (~> 2.6) - poise-build-essential (1.0.0) - poise (~> 2.6) - poise-git (1.0.0) - poise (~> 2.6) - poise-languages (~> 2.1) - poise-javascript (1.2.1) - poise (~> 2.0) - poise-languages (~> 2.0) - poise-languages (2.1.2) - poise (~> 2.5) - poise-archive (~> 1.0) - poise-ruby (2.4.0) - poise (~> 2.0) - poise-languages (~> 2.0) - poise-ruby-build (1.1.0) - poise (~> 2.0) - poise-build-essential (~> 1.0) - poise-git (~> 1.0) - poise-ruby (~> 2.1) - poise-service (1.5.2) - poise (~> 2.0) postfix (5.0.2) - redis (0.5.6) - apt (>= 0.0.0) - redisio (5.0.0) - selinux_policy (>= 2.2.0) - ulimit (>= 0.1.2) - selinux_policy (2.4.3) + redisio (6.4.1) + selinux (>= 0.0.0) + ruby_build (2.5.0) + homebrew (>= 0.0.0) + yum-epel (>= 0.0.0) + selinux (6.1.12) seven_zip (4.2.2) timezone_iii (1.0.4) ulimit (1.0.0) users (5.3.1) windows (7.0.2) - yum (7.2.0) yum-epel (4.2.3) zerotier (1.0.7) ohai (>= 0.0.0) diff --git a/cookbooks/application/CHANGELOG.md b/cookbooks/application/CHANGELOG.md deleted file mode 100644 index 74c8643..0000000 --- a/cookbooks/application/CHANGELOG.md +++ /dev/null @@ -1,101 +0,0 @@ -# Application Changelog - -## v5.2.0 - -* Add `application_directory` resource. -* Chef 13 compatibility. - -## v5.1.0 - -* Add `application_cookbook_file`, `application_file`, and `application_template` resources. - -## v5.0.0 - -* Massive rewrite on top of newer Chef patterns. See the 5.0 README for details. - -## v4.1.6 - -* Support for Chef 12. -* Add `strict_ssh` option to enable host key checking. -* Add `keep_releases` option to control number of releases to keep. -* Allow passing a path to a file for `deploy_key`. - -## v4.1.4 - -* [COOK-3343](https://tickets.opscode.com/browse/COOK-3343) - Can't parse release candidate version number. - -## v4.1.2 - -* [COOK-3343](https://tickets.opscode.com/browse/COOK-3343) - Can't parse release candidate version number. - -## v4.1.0 - -* [COOK-3343] - Can't parse release candidate version number. - -## v4.0.0 - -* Removes compatability with Chef 10. -* [COOK-3564](https://tickets.opscode.com/browse/COOK-3564) - Replace calls to `Chef::Mixin::RecipeDefinitionDSLCore`. - -## v3.0.0 - -* [COOK-3306]: Multiple Memory Leaks in Application Cookbook. - -## v2.0.4 - -* [COOK-2812]: application cookbook doesn't allow to specify a block as `restart_command`. - -## v2.0.2 - -* [COOK-2537]: Provide proper `respond_to` behavior when using `method_missing`. -* [COOK-2713]: application resource should Allow sub-resource attributes to propogate up. - -### Improvement -* [COOK-2597]: Allow customization for `shallow_clone` when doing a git deploy. - -## v2.0.0 - -This release is incompatible with previous releases (hence major version change). The recipes used in older versions are deprecated and completely removed. See README.md for further detail. - -* [COOK-1673] - `deploy_revision` in the application cookbook gives an argument error. -* [COOK-1820] - Application cookbook: remove deprecated recipes. - -## v1.0.4 - -* [COOK-1567] - Add git submodules to application cookbook. - -## v1.0.2 - -* [COOK-1312] - string callbacks fail with method not found (really included this time). -* [COOK-1332] - add `release_path` and `shared_path` methods. -* [COOK-1333] - add example for running migrations. -* [COOK-1360] - fix minor typos in README. -* [COOK-1374] - use runit attributes in unicorn run script. - -## v1.0.0 - -This release introduces the LWRP for application deployment, as well as other improvements. The recipes will be deprecated in August 2012 as indicated by their warning messages and in the README.md. - -* [COOK-634] - Implement LWRP for application deployment. -* [COOK-1116] - use other SCMs than git. -* [COOK-1252] - add `:force_deploy` that maps to corresponding action of deploy resource. -* [COOK-1253] - fix rollback error. -* [COOK-1312] - string callbacks fail with method not found. -* [COOK-1313] - implicit file based hooks aren't invoked. -* [COOK-1318] - Create `to_ary` method to resolve issue in resources() lookup on "application[foo]" resources. - -## v0.99.14 - -* [COOK-1065] - use pip in virtualenv during deploy. - -## v0.99.12 - -* [COOK-606] application cookbook deployment recipes should use ipaddress instead of fqdn. - -## v0.99.11 - -* make the `_default` `chef_environment` look like production rails env. - -## v0.99.10 - -* Use Chef 0.10's `node.chef_environment` instead of `node['app_environment']`. diff --git a/cookbooks/application/README.md b/cookbooks/application/README.md deleted file mode 100644 index 3696a6e..0000000 --- a/cookbooks/application/README.md +++ /dev/null @@ -1,260 +0,0 @@ -# Application cookbook - -[![Build Status](https://img.shields.io/travis/poise/application.svg)](https://travis-ci.org/poise/application) -[![Gem Version](https://img.shields.io/gem/v/poise-application.svg)](https://rubygems.org/gems/poise-application) -[![Cookbook Version](https://img.shields.io/cookbook/v/application.svg)](https://supermarket.chef.io/cookbooks/application) -[![Coverage](https://img.shields.io/codeclimate/coverage/github/poise/application.svg)](https://codeclimate.com/github/poise/application) -[![Gemnasium](https://img.shields.io/gemnasium/poise/application.svg)](https://gemnasium.com/poise/application) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to deploy applications. - -## Getting Started - -The application cookbook provides a central framework to deploy applications -using Chef. Generally this will be web applications using things like Rails, -Django, or NodeJS, but the framework makes no specific assumptions. The core -`application` resource provides DSL support and helpers, but the heavy lifting -is all done in specific plugins detailed below. Each deployment starts with -an `application` resource: - -```ruby -application '/path/to/deploy' do - owner 'root' - group 'root' - - # ... -end -``` - -The `application` resource uses the Poise subresource system for plugins. This -means you configure the steps of the deployment like normal recipe code inside -the `application` resource, with a few special additions: - -```ruby -application '/path/to/deploy' do - # Application resource properties. - owner 'root' - group 'root' - - # Subresources, like normal recipe code. - package 'ruby' - git '/path/to/deploy' do - repository 'https://github.com/example/myapp.git' - end - application_rails '/path/to/deploy' do - database 'mysql://dbhost/myapp' - end -end -``` - -When evaluating the recipe inside the `application` resource, it first checks -for `application_#{resource}`, as well as looking for an LWRP of the same name -in any cookbook starting with `application_`. This means that a resource named -`application_foo` can be used as `foo` inside the `application` resource: - -```ruby -application '/path/to/deploy' do - owner 'root' - group 'root' - - rails '/path/to/deploy' do - database 'mysql://dbhost/myapp' - end -end -``` - -Additionally if a resource inside the `application` block doesn't have a name, -it uses the same name as the application resource itself: - -```ruby -application '/path/to/deploy' do - owner 'root' - group 'root' - - rails do - database 'mysql://dbhost/myapp' - end -end -``` - -Other than those two special features, the recipe code inside the `application` -resource is processed just like any other recipe. - -## Available Plugins - -* [`application_git`](https://github.com/poise/application_git) – Deploy - application code from a git repository. -* [`application_ruby`](https://github.com/poise/application_ruby) – Manage Ruby - deployments, such as Rails or Sinatra applications. -* [`application_python`](https://github.com/poise/application_python) – Manage - Python deployments, such as Django or Flask applications. -* [`application_javascript`](https://github.com/poise/application_javascript) – - Manage server-side JavaScript deployments using Node.js or io.js. -* `application_java` – *Coming soon!* -* `application_go` – *Coming soon!* -* `application_erlang` – *Coming soon!* - -## Requirements - -Chef 12 or newer is required. - -## Resources - -### `application` - -The `application` resource has top-level configuration properties for each -deployment and acts as a container for other deployment plugin resources. - -```ruby -application '/opt/test_sinatra' do - git 'https://github.com/example/my_sinatra_app.git' - bundle_install do - deployment true - end - unicorn do - port 9000 - end -end -``` - -#### Actions - -* `:deploy` – Deploy the application. *(default)* -* `:start` - Run `:start` on all subresources that support it. -* `:stop` - Run `:stop` on all subresources that support it. -* `:restart` - Run `:restart` on all subresources that support it. -* `:reload` - Run `:reload` on all subresources that support it. - -#### Properties - -* `path` – Path to deploy the application to. *(name attribute)* -* `environment` – Environment variables for all application deployment steps. -* `group` – System group to deploy the application as. -* `owner` – System user to deploy the application as. -* `action_on_update` – Action to run on the application resource when any - subresource is updated. *(default: restart)* -* `action_on_update_immediately` – Run the `action_on_update` notification with - `:immediately`. *(default: false)* - -### `application_cookbook_file`, `application_directory`, `application_file`, `application_template` - -The `application_cookbook_file`, `application_directory`, `application_file`, and `application_template` -resources extend the core Chef resources to take some application-level -configuration in to account: - -```ruby -application '/opt/myapp' do - template 'myapp.conf' do - source 'myapp.conf.erb' - end - directory 'logs' -end -``` - -If the resource name is a relative path, it will be expanded relative to the -application path. If an owner or group is declared for the application, those -will be the default user and group for the resource. - -All other actions and properties are the same as the similar resource in core Chef. - -## Examples - -Some test recipes are available as examples for common application frameworks: - -* [Sinatra](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/sinatra.rb) -* [Rails](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/rails.rb) -* [Flask](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/flask.rb) -* [Django](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/django.rb) -* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbook/recipes/express.rb) - -## Upgrading From 4.x - -While the overall design of the revamped application resource is similar to the -4.x version, some changes will need to be made. The `name` property no longer -exists, with the name attribute being used as the path to the deployment. -The `packages` property has been removed as this is more easily handled via -normal recipe code. - -The SCM-related properties like `repository` and `revision` are now handled by -normal plugins. If you were deploying from a private git repository you will -likely want to use the `application_git` cookbook, otherwise just use the -built-in `git` or `svn` resources as per normal. - -The properties related to the `deploy` resource like `strategy` and `symlinks` -have been removed. The `deploy` resource is no longer used so these aren't -relevant. As a side effect of this, you'll likely want to point the upgraded -deployment at a new folder or manually clean the `current` and `shared` folders -from the existing folder. The pseudo-Capistrano layout used by the `deploy` -resource has few benefits in a config-managed world and introduced a lot of -complexity and moving pieces that are no longer required. - -With the removal of the `deploy` resource, the callback properties and commands -are no longer used as well. Subresources no longer use the complex -actions-as-callbacks arrangement as existed before, instead following normal -Chef recipe flow. Individual subresources may need to be tweaked to work with -newer versions of the cookbooks they come from, though most have stayed similar -in overall approach. - -## Database Migrations and Chef - -Several of the web application deployment plugins include optional support to -run database migrations from Chef. For "toy" applications where the app and -database run together on a single machine, this is fine and is a nice time -saver. For anything more complex I highly recommend not running database -migrations from Chef. Some initial operations like creating the database and/or -database user are more reasonable as they tend to be done only once and by their -nature the application does not yet have users so some level of eventual -consistency is more acceptable. With migrations on a production application, I -encourage using Chef and the application cookbooks to handle deploying the code -and writing configuration files, but use something more specific to run the -actual migration task. [Fabric](http://www.fabfile.org/), -[Capistrano](http://capistranorb.com/), and [Rundeck](http://rundeck.org/) are -all good choices for this orchestration tooling. - -Migrations can generally be applied idempotently but they have unique -constraints (pun definitely intended) that make them tricky in a Chef-like, -convergence-based system. First and foremost is that many table alterations -lock the table for updating for at least some period of time. That can mean that -while staging the new code or configuration data can happen within a window, the -migration itself needs to be run in careful lockstep with the rest of the -deployment process (eg. moving things in and out of load balancers). Beyond -that, while most web frameworks have internal idempotence checks for migrations, -running the process on two servers at the same time can have unexpected effects. - -Overall migrations are best thought of as a procedural step rather than a -declaratively modeled piece of the system. - -## Application Signals and Updates - -The `application` resource exposes `start`, `stop`, `restart`, and `reload` -actions which will dispatch to any subresources attached to the application. -This allows for generic application-level restart or reload signals that will -work with any type of deployment. - -Additionally the `action_on_update` property is used to set a default -notification so any subresource that updates will trigger an application -restart or reload. This can be disabled by setting `action_on_update false` if -you want to take manual control of service restarts. - -## Sponsors - -Development sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2016, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/application/files/halite_gem/poise_application.rb b/cookbooks/application/files/halite_gem/poise_application.rb deleted file mode 100644 index 8d771c4..0000000 --- a/cookbooks/application/files/halite_gem/poise_application.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseApplication - autoload :AppMixin, 'poise_application/app_mixin' - autoload :Error, 'poise_application/error' - autoload :Resources, 'poise_application/resources' - autoload :ServiceMixin, 'poise_application/service_mixin' - autoload :Utils, 'poise_application/utils' - autoload :VERSION, 'poise_application/version' -end diff --git a/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb deleted file mode 100644 index 8ad14a9..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' - -require 'poise_application/app_mixin' - - -module PoiseApplication - # A helper mixin for `file`-like resources to make them take application - # resource data. Relative paths are expanded against the application path and - # the app owner/group are the default user/group for the resource. - # - # @api private - # @since 5.1.0 - module AppFileMixin - include Poise::Utils::ResourceProviderMixin - - module Resource - include PoiseApplication::AppMixin - - def initialize(*) - super - # So our lazy default below can work. Not needed on 12.7+. - remove_instance_variable(:@path) if instance_variable_defined?(:@path) - end - - # @!attribute path - # Override the default path to be relative to the app path. - # @return [String] - attribute(:path, kind_of: String, default: lazy { parent ? ::File.expand_path(name, parent.path) : name }) - - # @!attribute group - # Override the default group to be the app group if unspecified. - # @return [String, Integer] - attribute(:group, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.group }) - - # @!attribute owner - # Override the default user to be the app owner if unspecified. - # @return [String, Integer] - attribute(:owner, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.owner }) - - # For the forgetful. - alias_method :user, :owner - end - - module Provider - include PoiseApplication::AppMixin - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb deleted file mode 100644 index 611d1f8..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mash' -require 'poise/provider' -require 'poise/resource' -require 'poise/utils' - - -module PoiseApplication - # A helper mixin for application resources and providers. These are things - # intended to be used as subresources of the `application` resource. - # - # @since 5.0.0 - module AppMixin - include Poise::Utils::ResourceProviderMixin - - # A helper mixin for application resources. - module Resource - include Poise::Resource - - # Set the parent type and optional flag. - poise_subresource(:application, true) - - # @!attribute path - # Base path for the application. - # @return [String] - attribute(:path, kind_of: String, name_attribute: true) - - # A delegator for accessing the application state. If no application - # parent is found, the state will be tracked internally within the - # resource. - # - # @return [Hash] - def app_state - if parent - parent.app_state - else - # If there isn't a parent, just track within the resource. - @local_app_state ||= Mash.new - end - end - - # Environment variables stored in the application state. - # - # @return [Hash] - def app_state_environment - app_state[:environment] ||= Mash.new - end - end - - module Provider - include Poise::Provider - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/cheftie.rb b/cookbooks/application/files/halite_gem/poise_application/cheftie.rb deleted file mode 100644 index 52e47b2..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/cheftie.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/resources' diff --git a/cookbooks/application/files/halite_gem/poise_application/error.rb b/cookbooks/application/files/halite_gem/poise_application/error.rb deleted file mode 100644 index ed43760..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/error.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseApplication - # Base exception class for poise-application errors. - # - # @since 5.0.0 - class Error < Exception - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources.rb b/cookbooks/application/files/halite_gem/poise_application/resources.rb deleted file mode 100644 index 31129bd..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources.rb +++ /dev/null @@ -1,30 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/resources/application' -require 'poise_application/resources/application_cookbook_file' -require 'poise_application/resources/application_directory' -require 'poise_application/resources/application_file' -require 'poise_application/resources/application_template' - - -module PoiseApplication - # Chef resources and providers for poise-application. - # - # @since 5.0.0 - module Resources - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application.rb deleted file mode 100644 index 524a124..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application.rb +++ /dev/null @@ -1,259 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/dsl/recipe' # On 12.4+ this will pull in chef/dsl/resources. -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseApplication - module Resources - # (see Application::Resource) - # @since 5.0.0 - module Application - # An `application` resource to manage application deployment. - # - # @since 5.0.0 - # @provides application - # @action deploy - # @action start - # @action stop - # @action restart - # @action reload - # @example - # application '/srv/myapp' do - # git '...' - # poise_service 'myapp' do - # command '/srv/myapp/main' - # end - # end - class Resource < Chef::Resource - include Poise(container: true, container_namespace: false) - provides(:application) - actions(:deploy, :start, :stop, :restart, :reload) - - # @!attribute path - # Application base path. - # @return [String] - attribute(:path, kind_of: String, name_attribute: true) - # @!attribute environment - # Environment variables to set for the whole application. - # @return [Hash] - attribute(:environment, kind_of: Hash, default: lazy { Mash.new }) - # @!attribute owner - # System user that will own the application. This can be overriden in - # individual subresources. - # @return [String] - attribute(:owner, kind_of: String) - # @!attribute group - # System group that will own the application. This can be overriden in - # individual subresources. - # @return [String] - attribute(:group, kind_of: String) - # @!attribute action_on_update - # Action to run when any subresource is updated. Defaults to `:restart`. - # @return [String, Symbol, nil, false] - attribute(:action_on_update, kind_of: [Symbol, String, NilClass, FalseClass], default: :restart) - # @!attribute action_on_update_immediately - # Run the {#action_on_update} notification with `:immediately`. - # @return [Boolean] - attribute(:action_on_update_immediately, equal_to: [true, false], default: false) - - # Run the DSL rewire when the resource object is created. - # @api private - def initialize(*args) - super - _rewire_dsl! if node - end - - # Application-specific state values used as a way to communicate between - # subresources. - # - # @return [Mash] - # @example - # if new_resource.parent && new_resource.parent.app_state['gemfile_path'] - def app_state - @app_state ||= Mash.new(environment: environment) - end - - # Override Container#register_subresource to add our action_on_update. - # - # @api private - def register_subresource(resource) - super.tap do |added| - if added && action_on_update - Chef::Log.debug("[#{self}] Registering #{action_on_update_immediately ? 'immediate ' : ''}#{action_on_update} notification from #{resource}") - resource.notifies action_on_update.to_sym, self, (action_on_update_immediately ? :immediately : :delayed) - end - end - end - - private - - # Find all resources that need to be rewired. This is anything with a - # name starting with application_. - # - # @return [Array] - def _rewire_resources - if defined?(Chef::DSL::Resources) - # Chef >= 12.4. - Chef::DSL::Resources.instance_methods - else - # Chef < 12.4 >= 12.0. - Chef::Resource.descendants.map do |klass| - klass.node_map.instance_variable_get(:@map).keys + if klass.dsl_name.include?('::') - # Probably not valid. - # :nocov: - [] - # :nocov: - else - # Needed for things that don't call provides(). - [klass.dsl_name] - end - end.flatten - end.map {|name| name.to_s }.select {|name| name.start_with?('application_') }.uniq - end - - # Find all cookbooks that might contain LWRPs matching our name scheme. - # - # @return [Array] - def _rewire_cookbooks - # Run context might be unset during test setup. - if run_context - run_context.cookbook_collection.keys.select {|cookbook_name| cookbook_name.start_with?('application_') } - else - [] - end - end - - # Build the mapping of new_name => old_name for each resource to rewire. - # - # @return [Hash] - def _rewire_map - application_cookbooks = _rewire_cookbooks - _rewire_resources.inject({}) do |memo, name| - # Grab the resource class to check if it is an LWRP. - klass = Chef::Resource.resource_for_node(name.to_sym, node) - # Find the part to trim. Check for LWRP first, then just application_. - trim = if klass < Chef::Resource::LWRPBase - application_cookbooks.find {|cookbook_name| name.start_with?(cookbook_name) && name != cookbook_name } || 'application' - else - # Non-LWRPs are assumed to have a better name. - 'application' - end - # Map trimmed to untrimmed. - memo[name[trim.length+1..-1]] = name - memo - end - end - - # Build new DSL methods to implement the foo -> application_foo behavior. - # - # @return [void] - def _rewire_dsl! - # Generate stub methods for all the rewiring. - _rewire_map.each do |new_name, old_name| - # This is defined as a singleton method on self so it looks like - # the DSL but is scoped to just this context. - define_singleton_method(new_name) do |name=nil, *args, &block| - # Store the caller to correct the source_line. - created_at = caller[0] - public_send(old_name, name, *args) do - # Set the declared type to be the native name. - self.declared_type = self.class.resource_name - # Fix the source location. For Chef 12.4 we could do this with the - # declared_at parameter on the initial send. - self.source_line = created_at - # Run the original block. - instance_exec(&block) if block - end - end - end - end - end - - # Provider for `application`. - # - # @since 5.0.0 - # @see Resource - # @provides application - class Provider < Chef::Provider - include Poise - provides(:application) - - # `deploy` action for `application`. Creates the application base folder. - # - # @return [void] - def action_deploy - notifying_block do - directory new_resource.path do - owner new_resource.owner - group new_resource.group - mode '755' - end - end - end - - # `start` action for `application`. Proxies to subresources. - # - # @return [void] - def action_start - proxy_action(:start) - end - - # `stop` action for `application`. Proxies to subresources. - # - # @return [void] - def action_stop - proxy_action(:stop) - end - - # `restart` action for `application`. Proxies to subresources. - # - # @return [void] - def action_restart - proxy_action(:restart) - end - - # `reload` action for `application`. Proxies to subresources. - # - # @return [void] - def action_reload - proxy_action(:reload) - end - - private - - # Proxy an action to any subresources that support it. - # - # @param action [Symbol] Action to proxy. - # @return [void] - def proxy_action(action) - Chef::Log.debug("[#{new_resource} Running proxied #{action} action") - new_resource.subresources.each do |r| - begin - r.run_action(action) if r.allowed_actions.include?(action) - rescue Chef::Exceptions::UnsupportedAction - # Don't care, just move on. - end - end - end - - end - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb deleted file mode 100644 index aeb6ead..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb +++ /dev/null @@ -1,54 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/app_file_mixin' - - -module PoiseApplication - module Resources - # (see ApplicationCookbookFile::Resource) - # @since 5.1.0 - module ApplicationCookbookFile - # An `application_cookbook_file` resource to manage Chef cookbook_files inside and - # Application cookbook deployment. - # - # @provides application_cookbook_file - # @action create - # @action create_if_missing - # @action delete - # @action touch - # @example - # application '/srv/myapp' do - # cookbook_file 'myapp.conf' do - # source 'myapp.conf' - # end - # end - class Resource < Chef::Resource::CookbookFile - include PoiseApplication::AppFileMixin - provides(:application_cookbook_file) - actions(:create, :create_if_missing, :delete, :touch) - subclass_providers! - - def initialize(*args) - super - # For older Chef. - @resource_name = :application_cookbook_file - end - end - - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb deleted file mode 100644 index a32bef5..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb +++ /dev/null @@ -1,50 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/app_file_mixin' - - -module PoiseApplication - module Resources - # (see ApplicationDirectory::Resource) - # @since 5.1.0 - module ApplicationDirectory - # An `application_directory` resource to manage Chef files inside and - # Application cookbook deployment. - # - # @provides application_directory - # @action create - # @action delete - # @example - # application '/srv/myapp' do - # directory 'logs' - # end - class Resource < Chef::Resource::Directory - include PoiseApplication::AppFileMixin - provides(:application_directory) - actions(:create, :delete) - subclass_providers! - - def initialize(*args) - super - # For older Chef. - @resource_name = :application_directory - end - end - - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb deleted file mode 100644 index 95eac83..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb +++ /dev/null @@ -1,54 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/app_file_mixin' - - -module PoiseApplication - module Resources - # (see ApplicationFile::Resource) - # @since 5.1.0 - module ApplicationFile - # An `application_file` resource to manage Chef files inside and - # Application cookbook deployment. - # - # @provides application_file - # @action create - # @action create_if_missing - # @action delete - # @action touch - # @example - # application '/srv/myapp' do - # file 'myapp.conf' do - # source 'myapp.conf.erb' - # end - # end - class Resource < Chef::Resource::File - include PoiseApplication::AppFileMixin - provides(:application_file) - actions(:create, :create_if_missing, :delete, :touch) - subclass_providers! - - def initialize(*args) - super - # For older Chef. - @resource_name = :application_file - end - end - - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb deleted file mode 100644 index dff0151..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb +++ /dev/null @@ -1,54 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/app_file_mixin' - - -module PoiseApplication - module Resources - # (see ApplicationTemplate::Resource) - # @since 5.1.0 - module ApplicationTemplate - # An `application_template` resource to manage Chef templates inside and - # Application cookbook deployment. - # - # @provides application_template - # @action create - # @action create_if_missing - # @action delete - # @action touch - # @example - # application '/srv/myapp' do - # template 'myapp.conf' do - # source 'myapp.conf.erb' - # end - # end - class Resource < Chef::Resource::Template - include PoiseApplication::AppFileMixin - provides(:application_template) - actions(:create, :create_if_missing, :delete, :touch) - subclass_providers! - - def initialize(*args) - super - # For older Chef. - @resource_name = :application_template - end - end - - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb deleted file mode 100644 index 0649159..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb +++ /dev/null @@ -1,116 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise/utils' -require 'poise_service/service_mixin' -require 'poise_service/utils' - -require 'poise_application/app_mixin' -require 'poise_application/utils' - - -module PoiseApplication - # Mixin for application services. This is any resource that will be part of - # an application deployment and involves running a persistent service. - # - # @api public - # @since 5.0.0 - # @example - # module MyApp - # class Resource < Chef::Resource - # include Poise - # provides(:my_app) - # include PoiseApplication::ServiceMixin - # end - # - # class Provider < Chef::Provider - # include Poise - # provides(:my_app) - # include PoiseApplication::ServiceMixin - # - # def action_enable - # notifying_block do - # template '/etc/myapp.conf' do - # # ... - # end - # end - # super - # end - # - # def service_options(r) - # super - # r.command('myapp --serve') - # end - # end - # end - module ServiceMixin - include Poise::Utils::ResourceProviderMixin - - # Mixin for application service resources. - # - # @see ServiceMixin - module Resource - include PoiseService::ServiceMixin::Resource - include PoiseApplication::AppMixin::Resource - - module ClassMethods - # @api private - def included(klass) - super - klass.extend(ClassMethods) - klass.class_exec do - attribute(:path, kind_of: String, name_attribute: true) - # Redefines from the PoiseService version so we get a better default. - attribute(:service_name, kind_of: String, default: lazy { PoiseService::Utils.parse_service_name(path) }) - attribute(:user, kind_of: [String, Integer], default: lazy { parent ? parent.owner : 'root' }) - end - end - end - - extend ClassMethods - end - - # Mixin for application service providers. - # - # @see ServiceMixin - module Provider - include PoiseService::ServiceMixin::Provider - include PoiseApplication::AppMixin::Provider - - private - - # Abstract hook to set parameters on {#service_resource} when it is - # created. This is required to set at least `resource.command`. - # - # @api public - # @param resource [Chef::Resource] Resource instance to set parameters on. - # @return [void] - # @example - # def service_options(resource) - # super - # resource.command('myapp --serve') - # end - def service_options(resource) - super - resource.directory(new_resource.path) - resource.user(new_resource.user) - resource.environment.update(new_resource.app_state_environment) if new_resource.parent - end - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/utils.rb b/cookbooks/application/files/halite_gem/poise_application/utils.rb deleted file mode 100644 index 0a93c77..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/utils.rb +++ /dev/null @@ -1,51 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'etc' - - -module PoiseApplication - # Utility methods for PoiseApplication. - # - # @api public - # @since 5.0.0 - module Utils - # Methods are also available as module-level methods as well as a mixin. - extend self - - # Try to find the primary group name for a given user. - # - # @param user [String, Integer] User to check, if given as an integer this - # is used as a UID, otherwise it is the username. - # @return [String] - # @example - # attribute(:group, kind_of: [String, Integer], default: lazy { PoiseApplication::Utils.primary_group_for(user) }) - def primary_group_for(user) - # Force a reload in case any users were created earlier in the run. - Etc.endpwent - Etc.endgrent - user = if user.is_a?(Integer) - Etc.getpwuid(user) - else - Etc.getpwnam(user.to_s) - end - Etc.getgrgid(user.gid).name - rescue ArgumentError - # One of the get* calls exploded. ¯\_(ツ)_/¯ - user.to_s - end - end -end diff --git a/cookbooks/application/files/halite_gem/poise_application/version.rb b/cookbooks/application/files/halite_gem/poise_application/version.rb deleted file mode 100644 index 02c4411..0000000 --- a/cookbooks/application/files/halite_gem/poise_application/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseApplication - VERSION = '5.2.0' -end diff --git a/cookbooks/application/libraries/default.rb b/cookbooks/application/libraries/default.rb deleted file mode 100644 index 21614d8..0000000 --- a/cookbooks/application/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_application/cheftie" diff --git a/cookbooks/application/metadata.json b/cookbooks/application/metadata.json deleted file mode 100644 index 02fb71f..0000000 --- a/cookbooks/application/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"application","version":"5.2.0","description":"A Chef cookbook for deploying application code.","long_description":"# Application cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application.svg)](https://travis-ci.org/poise/application)\n[![Gem Version](https://img.shields.io/gem/v/poise-application.svg)](https://rubygems.org/gems/poise-application)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application.svg)](https://supermarket.chef.io/cookbooks/application)\n[![Coverage](https://img.shields.io/codeclimate/coverage/github/poise/application.svg)](https://codeclimate.com/github/poise/application)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application.svg)](https://gemnasium.com/poise/application)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to deploy applications.\n\n## Getting Started\n\nThe application cookbook provides a central framework to deploy applications\nusing Chef. Generally this will be web applications using things like Rails,\nDjango, or NodeJS, but the framework makes no specific assumptions. The core\n`application` resource provides DSL support and helpers, but the heavy lifting\nis all done in specific plugins detailed below. Each deployment starts with\nan `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n # ...\nend\n```\n\nThe `application` resource uses the Poise subresource system for plugins. This\nmeans you configure the steps of the deployment like normal recipe code inside\nthe `application` resource, with a few special additions:\n\n```ruby\napplication '/path/to/deploy' do\n # Application resource properties.\n owner 'root'\n group 'root'\n\n # Subresources, like normal recipe code.\n package 'ruby'\n git '/path/to/deploy' do\n repository 'https://github.com/example/myapp.git'\n end\n application_rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nWhen evaluating the recipe inside the `application` resource, it first checks\nfor `application_#{resource}`, as well as looking for an LWRP of the same name\nin any cookbook starting with `application_`. This means that a resource named\n`application_foo` can be used as `foo` inside the `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nAdditionally if a resource inside the `application` block doesn't have a name,\nit uses the same name as the application resource itself:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nOther than those two special features, the recipe code inside the `application`\nresource is processed just like any other recipe.\n\n## Available Plugins\n\n* [`application_git`](https://github.com/poise/application_git) – Deploy\n application code from a git repository.\n* [`application_ruby`](https://github.com/poise/application_ruby) – Manage Ruby\n deployments, such as Rails or Sinatra applications.\n* [`application_python`](https://github.com/poise/application_python) – Manage\n Python deployments, such as Django or Flask applications.\n* [`application_javascript`](https://github.com/poise/application_javascript) –\n Manage server-side JavaScript deployments using Node.js or io.js.\n* `application_java` – *Coming soon!*\n* `application_go` – *Coming soon!*\n* `application_erlang` – *Coming soon!*\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application`\n\nThe `application` resource has top-level configuration properties for each\ndeployment and acts as a container for other deployment plugin resources.\n\n```ruby\napplication '/opt/test_sinatra' do\n git 'https://github.com/example/my_sinatra_app.git'\n bundle_install do\n deployment true\n end\n unicorn do\n port 9000\n end\nend\n```\n\n#### Actions\n\n* `:deploy` – Deploy the application. *(default)*\n* `:start` - Run `:start` on all subresources that support it.\n* `:stop` - Run `:stop` on all subresources that support it.\n* `:restart` - Run `:restart` on all subresources that support it.\n* `:reload` - Run `:reload` on all subresources that support it.\n\n#### Properties\n\n* `path` – Path to deploy the application to. *(name attribute)*\n* `environment` – Environment variables for all application deployment steps.\n* `group` – System group to deploy the application as.\n* `owner` – System user to deploy the application as.\n* `action_on_update` – Action to run on the application resource when any\n subresource is updated. *(default: restart)*\n* `action_on_update_immediately` – Run the `action_on_update` notification with\n `:immediately`. *(default: false)*\n\n### `application_cookbook_file`, `application_directory`, `application_file`, `application_template`\n\nThe `application_cookbook_file`, `application_directory`, `application_file`, and `application_template`\nresources extend the core Chef resources to take some application-level\nconfiguration in to account:\n\n```ruby\napplication '/opt/myapp' do\n template 'myapp.conf' do\n source 'myapp.conf.erb'\n end\n directory 'logs'\nend\n```\n\nIf the resource name is a relative path, it will be expanded relative to the\napplication path. If an owner or group is declared for the application, those\nwill be the default user and group for the resource.\n\nAll other actions and properties are the same as the similar resource in core Chef.\n\n## Examples\n\nSome test recipes are available as examples for common application frameworks:\n\n* [Sinatra](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/sinatra.rb)\n* [Rails](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/rails.rb)\n* [Flask](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/flask.rb)\n* [Django](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/django.rb)\n* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbook/recipes/express.rb)\n\n## Upgrading From 4.x\n\nWhile the overall design of the revamped application resource is similar to the\n4.x version, some changes will need to be made. The `name` property no longer\nexists, with the name attribute being used as the path to the deployment.\nThe `packages` property has been removed as this is more easily handled via\nnormal recipe code.\n\nThe SCM-related properties like `repository` and `revision` are now handled by\nnormal plugins. If you were deploying from a private git repository you will\nlikely want to use the `application_git` cookbook, otherwise just use the\nbuilt-in `git` or `svn` resources as per normal.\n\nThe properties related to the `deploy` resource like `strategy` and `symlinks`\nhave been removed. The `deploy` resource is no longer used so these aren't\nrelevant. As a side effect of this, you'll likely want to point the upgraded\ndeployment at a new folder or manually clean the `current` and `shared` folders\nfrom the existing folder. The pseudo-Capistrano layout used by the `deploy`\nresource has few benefits in a config-managed world and introduced a lot of\ncomplexity and moving pieces that are no longer required.\n\nWith the removal of the `deploy` resource, the callback properties and commands\nare no longer used as well. Subresources no longer use the complex\nactions-as-callbacks arrangement as existed before, instead following normal\nChef recipe flow. Individual subresources may need to be tweaked to work with\nnewer versions of the cookbooks they come from, though most have stayed similar\nin overall approach.\n\n## Database Migrations and Chef\n\nSeveral of the web application deployment plugins include optional support to\nrun database migrations from Chef. For \"toy\" applications where the app and\ndatabase run together on a single machine, this is fine and is a nice time\nsaver. For anything more complex I highly recommend not running database\nmigrations from Chef. Some initial operations like creating the database and/or\ndatabase user are more reasonable as they tend to be done only once and by their\nnature the application does not yet have users so some level of eventual\nconsistency is more acceptable. With migrations on a production application, I\nencourage using Chef and the application cookbooks to handle deploying the code\nand writing configuration files, but use something more specific to run the\nactual migration task. [Fabric](http://www.fabfile.org/),\n[Capistrano](http://capistranorb.com/), and [Rundeck](http://rundeck.org/) are\nall good choices for this orchestration tooling.\n\nMigrations can generally be applied idempotently but they have unique\nconstraints (pun definitely intended) that make them tricky in a Chef-like,\nconvergence-based system. First and foremost is that many table alterations\nlock the table for updating for at least some period of time. That can mean that\nwhile staging the new code or configuration data can happen within a window, the\nmigration itself needs to be run in careful lockstep with the rest of the\ndeployment process (eg. moving things in and out of load balancers). Beyond\nthat, while most web frameworks have internal idempotence checks for migrations,\nrunning the process on two servers at the same time can have unexpected effects.\n\nOverall migrations are best thought of as a procedural step rather than a\ndeclaratively modeled piece of the system.\n\n## Application Signals and Updates\n\nThe `application` resource exposes `start`, `stop`, `restart`, and `reload`\nactions which will dispatch to any subresources attached to the application.\nThis allows for generic application-level restart or reload signals that will\nwork with any type of deployment.\n\nAdditionally the `action_on_update` property is used to set a default\nnotification so any subresource that updates will trigger an application\nrestart or reload. This can be disabled by setting `action_on_update false` if\nyou want to take manual control of service restarts.\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"aix":">= 0.0.0","amazon":">= 0.0.0","arch":">= 0.0.0","centos":">= 0.0.0","chefspec":">= 0.0.0","debian":">= 0.0.0","dragonfly4":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","gentoo":">= 0.0.0","ios_xr":">= 0.0.0","mac_os_x":">= 0.0.0","nexus":">= 0.0.0","omnios":">= 0.0.0","openbsd":">= 0.0.0","opensuse":">= 0.0.0","oracle":">= 0.0.0","raspbian":">= 0.0.0","redhat":">= 0.0.0","slackware":">= 0.0.0","smartos":">= 0.0.0","solaris2":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{"poise":"~> 2.4","poise-service":"~> 1.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/application","issues_url":"https://github.com/poise/application/issues","chef_version":[["< 14",">= 12"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/application_git/CHANGELOG.md b/cookbooks/application_git/CHANGELOG.md deleted file mode 100644 index 2cba57d..0000000 --- a/cookbooks/application_git/CHANGELOG.md +++ /dev/null @@ -1,10 +0,0 @@ -# Application_Git Changelog - -## v1.1.0 - -* [#2](https://github.com/poise/application_git/issues/2) – Inherit user and group values from the parent `application` resource. -* [#3](https://github.com/poise/application_git/issues/3) – Fix usage with users created during the current Chef run. - -## v1.0.0 - -* Initial release. diff --git a/cookbooks/application_git/README.md b/cookbooks/application_git/README.md deleted file mode 100644 index 932fd3a..0000000 --- a/cookbooks/application_git/README.md +++ /dev/null @@ -1,108 +0,0 @@ -# Application_Git Cookbook - -[![Build Status](https://img.shields.io/travis/poise/application_git.svg)](https://travis-ci.org/poise/application_git) -[![Gem Version](https://img.shields.io/gem/v/poise-application-git.svg)](https://rubygems.org/gems/poise-application-git) -[![Cookbook Version](https://img.shields.io/cookbook/v/application_git.svg)](https://supermarket.chef.io/cookbooks/application_git) -[![Coverage](https://img.shields.io/codecov/c/github/poise/application_git.svg)](https://codecov.io/github/poise/application_git) -[![Gemnasium](https://img.shields.io/gemnasium/poise/application_git.svg)](https://gemnasium.com/poise/application_git) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to handle deploying code from git when -using the [application cookbook](https://github.com/poise/application). - -## Quick Start - -To deploy from a private GitHub repository: - -```ruby -application '/srv/myapp' do - git 'git@github.com:example/myapp.git' do - deploy_key chef_vault_item('deploy_keys', 'myapp')['key'] - end -end -``` - -## Requirements - -Chef 12 or newer is required. - -## Resources - -### `application_git` - -The `application_git` resource deploys code from git. It extends the core `git` -resource to support deploy keys and disabling strict host key verification. - -```ruby -application '/srv/myapp' do - git 'git@github.com:example/myapp.git' -end -``` - -#### Actions - -All actions work the same as the core `git` resource. - -* `:sync` – Clone and checkout the requested revision *(default)* -* `:checkout` – Checkout the request revision. If the repository isn't already - cloned, this action does nothing. -* `:export` – Export the repository without the `.git` folder. - -#### Properties - -All properties from the core `git` resource work the same way with the following -additions: - -* `deploy_key` – SSH key to use with git. Can be specified either as a path to - key file already created or as a string value containing the key directly. -* `strict_ssh` – Enable strict SSH host key checking. *(default: false)* - -### DSL Usage - -The `application_git` resource can be used directly as a replacement for the -core `git` resource: - -```ruby -application_git '/srv/myapp' do - repository 'git@github.com:example/myapp.git' - deploy_key chef_vault_item('deploy_keys', 'myapp')['key'] -end -``` - -Within the `application` resource, a simplified DSL is available. As with other -`application` plugins, the default name of the resource if unspecified is the -application path. The following two examples are equivalent: - -```ruby -application '/srv/myapp' do - git do - repository 'git@github.com:example/myapp.git' - end -end - -application '/srv/myapp' do - git 'git@github.com:example/myapp.git' -end -``` - -## Sponsors - -Development sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2016, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/application_git/files/halite_gem/poise-application-git.rb b/cookbooks/application_git/files/halite_gem/poise-application-git.rb deleted file mode 100644 index bc97c9f..0000000 --- a/cookbooks/application_git/files/halite_gem/poise-application-git.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application_git' diff --git a/cookbooks/application_git/files/halite_gem/poise_application_git.rb b/cookbooks/application_git/files/halite_gem/poise_application_git.rb deleted file mode 100644 index 56cb8bb..0000000 --- a/cookbooks/application_git/files/halite_gem/poise_application_git.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application_git/resource' - - -module PoiseApplicationGit -end diff --git a/cookbooks/application_git/files/halite_gem/poise_application_git/cheftie.rb b/cookbooks/application_git/files/halite_gem/poise_application_git/cheftie.rb deleted file mode 100644 index 6fcd9c3..0000000 --- a/cookbooks/application_git/files/halite_gem/poise_application_git/cheftie.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application_git/resource' diff --git a/cookbooks/application_git/files/halite_gem/poise_application_git/resource.rb b/cookbooks/application_git/files/halite_gem/poise_application_git/resource.rb deleted file mode 100644 index ffcf3c2..0000000 --- a/cookbooks/application_git/files/halite_gem/poise_application_git/resource.rb +++ /dev/null @@ -1,204 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'zlib' - -require 'chef/provider' -require 'chef/resource' -require 'poise_application/app_mixin' -require 'poise_application/resources/application' - -require 'poise_application_git/safe_string' - - -module PoiseApplicationGit - # An `application_git` resource to clone application code from git. - # - # @since 1.0.0 - # @provides application_git - # @action sync - # @action checkout - # @action export - # @example - # application '/srv/myapp' do - # git 'git@github.com:example/myapp.git' do - # deploy_key data_bag_item('deploy_keys', 'myapp')['key'] - # end - # end - class Resource < Chef::Resource::Git - include PoiseApplication::AppMixin - provides(:application_git) - - # @api private - def initialize(*args) - super - # Because the superclass declares this, we have to as well. Should be - # removable at some point when Chef makes everything use the provider - # resolver system instead. - @resource_name = :application_git - @provider = PoiseApplicationGit::Provider - # Clear defaults in older versions of Chef. - remove_instance_variable(:@group) if instance_variable_defined?(:@group) - remove_instance_variable(:@user) if instance_variable_defined?(:@user) - end - - # @!attribute group - # Group to run git as. Defaults to the application group. - # @return [String, Integer, nil, false] - attribute(:group, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.group }) - # @!attribute strict_ssh - # Enable strict SSH host key checking. Defaults to false. - # @return [Boolean] - attribute(:strict_ssh, equal_to: [true, false], default: false) - # @!attribute user - # User to run git as. Defaults to the application owner. - # @return [String, Integer, nil, false] - attribute(:user, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.owner }) - - # @api private - def after_created - # Allow using the repository as the name in an application block. - if parent && !repository - destination(parent.path) - repository(name) - end - end - - # @!attribute deploy_key - # SSH deploy key as either a string value or a path to a key file. - # @return [String] - def deploy_key(val=nil) - # Use a SafeString for literal deploy keys so they aren't shown. - val = SafeString.new(val) if val && !deploy_key_is_local?(val) - set_or_return(:deploy_key, val, kind_of: String) - end - - # Default SSH wrapper path. - # - # @api private - # @return [String] - def ssh_wrapper_path - @ssh_wrapper_path ||= ::File.expand_path("~#{user}/.ssh/ssh_wrapper_#{Zlib.crc32(name)}") - end - - # Guess if the deploy key is a local path or literal value. - # - # @api private - # @param key [String, nil] Key value to check. Defaults to self.key. - # @return [Boolean] - def deploy_key_is_local?(key=nil) - key ||= deploy_key - key && key[0] == '/' - end - - # Path to deploy key. - # - # @api private - # @return [String] - def deploy_key_path - @deploy_key_path ||= if deploy_key_is_local? - deploy_key - else - ::File.expand_path("~#{user}/.ssh/id_deploy_#{Zlib.crc32(name)}") - end - end - end - - # Provider for `application_git`. - # - # @since 1.0.0 - # @see Resource - # @provides application_git - class Provider < Chef::Provider::Git - include PoiseApplication::AppMixin - provides(:application_git) - - # @api private - def initialize(*args) - super - # Set the SSH wrapper path in a late-binding kind of way. This better - # supports situations where the user doesn't exist until Chef converges. - new_resource.ssh_wrapper(new_resource.ssh_wrapper_path) if new_resource.deploy_key - end - - # @api private - def whyrun_supported? - false # Just not dealing with this right now - end - - # Hack our special login in before load_current_resource runs because that - # needs access to the git remote. - # - # @api private - def load_current_resource - include_recipe('git') - notifying_block do - create_dotssh - write_deploy_key - write_ssh_wrapper - end if new_resource.deploy_key - super - end - - private - - # Create a .ssh folder for the user. - # - # @return [void] - def create_dotssh - directory ::File.expand_path("~#{new_resource.user}/.ssh") do - owner new_resource.user - group new_resource.group - mode '755' - end - end - - # Copy the deploy key to a file if needed. - # - # @return [void] - def write_deploy_key - # Check if we have a local path or some actual content - return if new_resource.deploy_key_is_local? - file new_resource.deploy_key_path do - owner new_resource.user - group new_resource.group - mode '600' - content new_resource.deploy_key - sensitive true - end - end - - # Create the SSH wrapper script. - # - # @return [void] - def write_ssh_wrapper - # Write out the GIT_SSH script, it should already be enabled above - file new_resource.ssh_wrapper_path do - owner new_resource.user - group new_resource.group - mode '700' - content %Q{#!/bin/sh\n/usr/bin/env ssh #{'-o "StrictHostKeyChecking=no" ' unless new_resource.strict_ssh}-i "#{new_resource.deploy_key_path}" $@\n} - end - end - - # Patch back in the `#git` from the git provider. This otherwise conflicts - # with the `#git` defined by the DSL, which gets included in such a way - # that the DSL takes priority. - def git(*args, &block) - Chef::Provider::Git.instance_method(:git).bind(self).call(*args, &block) - end - end -end diff --git a/cookbooks/application_git/files/halite_gem/poise_application_git/safe_string.rb b/cookbooks/application_git/files/halite_gem/poise_application_git/safe_string.rb deleted file mode 100644 index c975c49..0000000 --- a/cookbooks/application_git/files/halite_gem/poise_application_git/safe_string.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseApplicationGit - # A string that won't be shown in Chef error output - class SafeString < String - def to_text - '"suppressed sensitive value"' - end - end -end diff --git a/cookbooks/application_git/libraries/default.rb b/cookbooks/application_git/libraries/default.rb deleted file mode 100644 index 868f2a0..0000000 --- a/cookbooks/application_git/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_application_git/cheftie" diff --git a/cookbooks/application_git/metadata.json b/cookbooks/application_git/metadata.json deleted file mode 100644 index 32b4027..0000000 --- a/cookbooks/application_git/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"application_git","version":"1.1.0","description":"A plugin for poise-application to deploy applications from git.","long_description":"# Application_Git Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application_git.svg)](https://travis-ci.org/poise/application_git)\n[![Gem Version](https://img.shields.io/gem/v/poise-application-git.svg)](https://rubygems.org/gems/poise-application-git)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application_git.svg)](https://supermarket.chef.io/cookbooks/application_git)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/application_git.svg)](https://codecov.io/github/poise/application_git)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application_git.svg)](https://gemnasium.com/poise/application_git)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to handle deploying code from git when\nusing the [application cookbook](https://github.com/poise/application).\n\n## Quick Start\n\nTo deploy from a private GitHub repository:\n\n```ruby\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git' do\n deploy_key chef_vault_item('deploy_keys', 'myapp')['key']\n end\nend\n```\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application_git`\n\nThe `application_git` resource deploys code from git. It extends the core `git`\nresource to support deploy keys and disabling strict host key verification.\n\n```ruby\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git'\nend\n```\n\n#### Actions\n\nAll actions work the same as the core `git` resource.\n\n* `:sync` – Clone and checkout the requested revision *(default)*\n* `:checkout` – Checkout the request revision. If the repository isn't already\n cloned, this action does nothing.\n* `:export` – Export the repository without the `.git` folder.\n\n#### Properties\n\nAll properties from the core `git` resource work the same way with the following\nadditions:\n\n* `deploy_key` – SSH key to use with git. Can be specified either as a path to\n key file already created or as a string value containing the key directly.\n* `strict_ssh` – Enable strict SSH host key checking. *(default: false)*\n\n### DSL Usage\n\nThe `application_git` resource can be used directly as a replacement for the\ncore `git` resource:\n\n```ruby\napplication_git '/srv/myapp' do\n repository 'git@github.com:example/myapp.git'\n deploy_key chef_vault_item('deploy_keys', 'myapp')['key']\nend\n```\n\nWithin the `application` resource, a simplified DSL is available. As with other\n`application` plugins, the default name of the resource if unspecified is the\napplication path. The following two examples are equivalent:\n\n```ruby\napplication '/srv/myapp' do\n git do\n repository 'git@github.com:example/myapp.git'\n end\nend\n\napplication '/srv/myapp' do\n git 'git@github.com:example/myapp.git'\nend\n```\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"git":">= 0.0.0","poise":"~> 2.0","application":"~> 5.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file diff --git a/cookbooks/application_javascript/CHANGELOG.md b/cookbooks/application_javascript/CHANGELOG.md deleted file mode 100644 index ed8506a..0000000 --- a/cookbooks/application_javascript/CHANGELOG.md +++ /dev/null @@ -1,5 +0,0 @@ -# Application_Javascript Changelog - -## v1.0.0 - -Initial release! diff --git a/cookbooks/application_javascript/README.md b/cookbooks/application_javascript/README.md deleted file mode 100644 index 57745f0..0000000 --- a/cookbooks/application_javascript/README.md +++ /dev/null @@ -1,132 +0,0 @@ -# Application_Javascript Cookbook - -[![Build Status](https://img.shields.io/travis/poise/application_javascript.svg)](https://travis-ci.org/poise/application_javascript) -[![Gem Version](https://img.shields.io/gem/v/poise-application-javascript.svg)](https://rubygems.org/gems/poise-application-javascript) -[![Cookbook Version](https://img.shields.io/cookbook/v/application_javascript.svg)](https://supermarket.chef.io/cookbooks/application_javascript) -[![Coverage](https://img.shields.io/codecov/c/github/poise/application_javascript.svg)](https://codecov.io/github/poise/application_javascript) -[![Gemnasium](https://img.shields.io/gemnasium/poise/application_javascript.svg)](https://gemnasium.com/poise/application_javascript) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to deploy server-side JavaScript -applications using Node.js or io.js. - -## Quick Start - -To deploy an Express application from git: - -```ruby -application '/srv/myapp' do - git 'https://github.com/example/myapp.git' - npm_install - npm_start -end -``` - -## Requirements - -Chef 12 or newer is required. - -## Resources - -### `application_javascript` - -The `application_javascript` resource installs a JavaScript runtime for the -deployment. - -```ruby -application '/srv/myapp' do - javascript '3' -end -``` - -All actions and properties are the same as the [`javascript_runtime` resource](https://github.com/poise/poise-javascript#javascript_runtime). - -### `application_javascript_service` - -The `application_javascript_javascript_service` resource creates a service for a -JavaScript command. - -```ruby -application '/srv/myapp' do - javascript_service 'main.js' -end -``` - -#### Actions - -* `:enable` – Create, enable and start the service. *(default)* -* `:disable` – Stop, disable, and destroy the service. -* `:start` – Start the service. -* `:stop` – Stop the service. -* `:restart` – Stop and then start the service. -* `:reload` – Send the configured reload signal to the service. - -#### Properties - -* `command` – Command to run. *(name attribute)* -* `path` – Base path for the application. *(default: application path)* -* `service_name` – Name of the service to create. *(default: auto-detect)* -# `user` – User to run the service as. *(default: application owner)* - -### `application_node_package` - -The `application_node_package` resource installs NPM packages for the deployment. - -```ruby -application '/srv/myapp' do - node_package 'grunt-cli' -end -``` - -All actions and properties are the same as the [`node_package` resource](https://github.com/poise/poise-javascript#node_package), -except that the `group` and `user` properties default to the application-level -data if not specified. - -### `application_npm_start` - -The `application_npm_start` resource creates a service for a JavaScript -application using `npm start`. - -```ruby -application '/srv/myapp' do - npm_start -end -``` - -#### Actions - -* `:enable` – Create, enable and start the service. *(default)* -* `:disable` – Stop, disable, and destroy the service. -* `:start` – Start the service. -* `:stop` – Stop the service. -* `:restart` – Stop and then start the service. -* `:reload` – Send the configured reload signal to the service. - -#### Properties - -* `path` – Base path for the application. *(default: name attribute)* -* `command` – NPM subcommand to run. *(default: start)* -* `service_name` – Name of the service to create. *(default: auto-detect)* -# `user` – User to run the service as. *(default: application owner)* - -## Sponsors - -Development sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript.rb deleted file mode 100644 index d481a29..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript.rb +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseApplicationJavascript - autoload :AppMixin, 'poise_application_javascript/app_mixin' - autoload :Error, 'poise_application_javascript/error' - autoload :Resources, 'poise_application_javascript/resources' - autoload :VERSION, 'poise_application_javascript/version' -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/app_mixin.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/app_mixin.rb deleted file mode 100644 index 06d4705..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/app_mixin.rb +++ /dev/null @@ -1,67 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/backports' -require 'poise/utils' -require 'poise_application/app_mixin' -require 'poise_javascript/javascript_command_mixin' - - -module PoiseApplicationJavascript - # A helper mixin for Javascript application resources and providers. - # - # @since 4.0.0 - module AppMixin - include Poise::Utils::ResourceProviderMixin - - # A helper mixin for Javascript application resources. - module Resource - include PoiseApplication::AppMixin::Resource - include PoiseJavascript::JavascriptCommandMixin::Resource - - # @!attribute parent_javascript - # Override the #parent_javascript from JavascriptCommandMixin to grok the - # application level parent as a default value. - # @return [PoiseJavascript::Resources::JavascriptRuntime::Resource, nil] - parent_attribute(:javascript, type: :javascript_runtime, optional: true, default: lazy { app_state_javascript.equal?(self) ? nil : app_state_javascript }) - - # @attribute app_state_javascript - # The application-level Javascript parent. - # @return [PoiseJavascript::Resources::JavascriptRuntime::Resource, nil] - def app_state_javascript(javascript=Poise::NOT_PASSED) - unless javascript == Poise::NOT_PASSED - app_state[:javascript] = javascript - end - app_state[:javascript] - end - - # A merged hash of environment variables for both the application state - # and parent javascript. - # - # @return [Hash] - def app_state_environment_javascript - env = app_state_environment - env = env.merge(parent_javascript.javascript_environment) if parent_javascript - env - end - end - - # A helper mixin for Javascript application providers. - module Provider - include PoiseApplication::AppMixin::Provider - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/cheftie.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/cheftie.rb deleted file mode 100644 index 01a8f69..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/cheftie.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application_javascript/resources' diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/error.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/error.rb deleted file mode 100644 index 71fba33..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/error.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application/error' - -module PoiseApplicationJavascript - # Base exception class for poise-application-javascript errors. - # - # @since 1.0.0 - class Error < PoiseApplication::Error - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources.rb deleted file mode 100644 index 32a7cd3..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_application_javascript/resources/javascript' -require 'poise_application_javascript/resources/javascript_execute' -require 'poise_application_javascript/resources/javascript_service' -require 'poise_application_javascript/resources/node_package' -require 'poise_application_javascript/resources/npm_install' -require 'poise_application_javascript/resources/npm_start' diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript.rb deleted file mode 100644 index e52aabd..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources/javascript_runtime' - -require 'poise_application_javascript/app_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see Javascript::Resource) - # @since 1.0.0 - module Javascript - # An `application_javascript` resource to manage Javascript runtimes - # inside an Application cookbook deployment. - # - # @provides application_javascript - # @provides application_javascript_runtime - # @action install - # @action uninstall - # @example - # application '/app' do - # javascript '3' - # end - class Resource < PoiseJavascript::Resources::JavascriptRuntime::Resource - include PoiseApplicationJavascript::AppMixin - provides(:application_javascript) - # Need the double javascript for application resource rewriting. - provides(:application_javascript_runtime) - container_default(false) - subclass_providers! - - # We want to run the base class version of this, not the one from the - # mixin. HULK SMASH. - def npm_binary - self.class.superclass.instance_method(:npm_binary).bind(self).call - end - - # Set this resource as the app_state's parent javascript. - # - # @api private - def after_created - super.tap do |val| - app_state_javascript(self) - end - end - - end - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_execute.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_execute.rb deleted file mode 100644 index f2d6656..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_execute.rb +++ /dev/null @@ -1,88 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources/javascript_execute' - -require 'poise_application_javascript/app_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see JavascriptExecute::Resource) - # @since 1.0.0 - module JavascriptExecute - # An `application_javascript_execute` resource to run Javascript commands inside an - # Application cookbook deployment. - # - # @provides application_javascript_execute - # @action run - # @example - # application '/srv/myapp' do - # javascript_execute 'setup.py install' - # end - class Resource < PoiseJavascript::Resources::JavascriptExecute::Resource - include PoiseApplicationJavascript::AppMixin - provides(:application_javascript_execute) - def initialize(*args) - super - # Clear some instance variables so my defaults work. - remove_instance_variable(:@cwd) - remove_instance_variable(:@group) - remove_instance_variable(:@user) - end - - # #!attribute cwd - # Override the default directory to be the app path if unspecified. - # @return [String] - attribute(:cwd, kind_of: [String, NilClass, FalseClass], default: lazy { parent && parent.path }) - - # #!attribute group - # Override the default group to be the app group if unspecified. - # @return [String, Integer] - attribute(:group, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.group }) - - # #!attribute user - # Override the default user to be the app owner if unspecified. - # @return [String, Integer] - attribute(:user, kind_of: [String, Integer, NilClass, FalseClass], default: lazy { parent && parent.owner }) - end - - # The default provider for `application_javascript_execute`. - # - # @see Resource - # @provides application_javascript_execute - class Provider < PoiseJavascript::Resources::JavascriptExecute::Provider - provides(:application_javascript_execute) - - private - - # Override environment to add the application envivonrment instead. - # - # @return [Hash] - def environment - super.tap do |environment| - # Don't use the app_state_environment_javascript because we already have - # those values in place. - environment.update(new_resource.app_state_environment) - # Re-apply the resource environment for correct ordering. - environment.update(new_resource.environment) if new_resource.environment - end - end - end - - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_service.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_service.rb deleted file mode 100644 index 614b561..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/javascript_service.rb +++ /dev/null @@ -1,59 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'chef/resource' -require 'poise' - -require 'poise_application_javascript/service_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see JavascriptService::Resource) - # @since 1.0.0 - module JavascriptService - class Resource < Chef::Resource - include PoiseApplicationJavascript::ServiceMixin - provides(:application_javascript_service) - - # @!attribute command - # Command to run. - # @return [String] - attribute(:command, kind_of: String, name_attribute: true) - # @!attribute path - # Override {PoiseApplicationJavascript::ServiceMixin#path} to make it - # not the name_attribute. - # @return [String] - attribute(:path, kind_of: String, default: lazy { parent && parent.path }) - end - - class Provider < Chef::Provider - include PoiseApplicationJavascript::ServiceMixin - provides(:application_javascript_service) - - private - - # (see PoiseApplication::ServiceMixin#service_options) - def service_options(resource) - super - resource.javascript_command(new_resource.command) - end - - end - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/node_package.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/node_package.rb deleted file mode 100644 index 6cad223..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/node_package.rb +++ /dev/null @@ -1,63 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources/node_package' - -require 'poise_application_javascript/app_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see NodePackage::Resource) - # @since 1.0.0 - module NodePackage - # An `application_node_package` resource to install NPM packages inside - # an Application cookbook deployment. - # - # @provides application_node_package - # @action install - # @action upgrade - # @action remove - # @example - # application '/app' do - # node_package %w{grunt-cli gulp} - # end - class Resource < PoiseJavascript::Resources::NodePackage::Resource - include PoiseApplicationJavascript::AppMixin - provides(:application_node_package) - subclass_providers! - - def initialize(*args) - super - # For older Chef. - @resource_name = :application_node_package - end - - # #!attribute group - # Override the default group to be the app group if unspecified. - # @return [String, Integer] - attribute(:group, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.group }) - - # #!attribute user - # Override the default user to be the app owner if unspecified. - # @return [String, Integer] - attribute(:user, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.owner }) - - # @todo This should handle relative paths against parent.path. - end - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_install.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_install.rb deleted file mode 100644 index 4527df0..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_install.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources/npm_install' - -require 'poise_application_javascript/app_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see NpmInstall::Resource) - # @since 1.0.0 - module NpmInstall - # An `application_npm_install` resource to install package - # dependencies inside an Application cookbook deployment. - # - # @provides application_npm_install - # @action install - # @example - # application '/app' do - # npm_install - # end - class Resource < PoiseJavascript::Resources::NpmInstall::Resource - include PoiseApplicationJavascript::AppMixin - provides(:application_npm_install) - subclass_providers! - - # @todo This should handle relative paths against parent.path. - end - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_start.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_start.rb deleted file mode 100644 index 0cf803b..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/resources/npm_start.rb +++ /dev/null @@ -1,78 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'shellwords' - -require 'chef/provider' -require 'chef/resource' -require 'poise' - -require 'poise_application_javascript/service_mixin' - - -module PoiseApplicationJavascript - module Resources - # (see NpmStart::Resource) - # @since 1.0.0 - module NpmStart - # An `application_npm_start` resource to create a service for a Javascript - # application using `npm start`. - # - # @provides application_npm_start - # @action enable - # @action disable - # @action start - # @action stop - # @action restart - # @action reload - # @example - # application '/app' do - # npm_start - # end - class Resource < Chef::Resource - include PoiseApplicationJavascript::ServiceMixin - provides(:application_npm_start) - - # @!attribute command - # NPM sub-command to run. Defaults to `start`. - # @return [String, Array] - attribute(:command, kind_of: [String, Array], default: 'start') - end - - # The default provider for `application_npm_start`. - # - # @see Resource - # @provides application_npm_start - class Provider < Chef::Provider - include PoiseApplicationJavascript::ServiceMixin - provides(:application_npm_start) - - private - - # (see PoiseApplication::ServiceMixin#service_options) - def service_options(resource) - super - npm_cmd = [new_resource.npm_binary] + Array(new_resource.command) - resource.javascript_command(Shellwords.join(npm_cmd)) - # Make sure node is on $PATH because grrr. - new_path = [::File.dirname(new_resource.javascript), (new_resource.app_state_environment_javascript['PATH'] || ENV['PATH']).to_s].join(::File::PATH_SEPARATOR) - resource.environment['PATH'] = new_path - end - - end - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/service_mixin.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/service_mixin.rb deleted file mode 100644 index f4359a1..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/service_mixin.rb +++ /dev/null @@ -1,57 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' -require 'poise_application/service_mixin' -require 'poise_languages/utils' - -require 'poise_application_javascript/app_mixin' - - -module PoiseApplicationJavascript - # A helper mixin for Javascript service resources and providers. - # - # @since 1.0.0 - module ServiceMixin - include Poise::Utils::ResourceProviderMixin - - # A helper mixin for Javascript service resources. - module Resource - include PoiseApplication::ServiceMixin::Resource - include PoiseApplicationJavascript::AppMixin::Resource - end - - # A helper mixin for Javascript service providers. - module Provider - include PoiseApplication::ServiceMixin::Provider - include PoiseApplicationJavascript::AppMixin::Provider - - # Set up the service for running Javascript stuff. - def service_options(resource) - super - # Closure scoping for #javascript_command below. - self_ = self - # Create a new singleton method that fills in `node` for you. - resource.define_singleton_method(:javascript_command) do |val| - resource.command("#{self_.new_resource.javascript} #{PoiseLanguages::Utils.absolute_command(val, path: self_.new_resource.app_state_environment_javascript['PATH'])}") - end - # Include env vars as needed. - resource.environment.update(new_resource.parent_javascript.javascript_environment) if new_resource.parent_javascript - end - - end - end -end diff --git a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/version.rb b/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/version.rb deleted file mode 100644 index 4162872..0000000 --- a/cookbooks/application_javascript/files/halite_gem/poise_application_javascript/version.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -module PoiseApplicationJavascript - VERSION = '1.0.0' -end diff --git a/cookbooks/application_javascript/libraries/default.rb b/cookbooks/application_javascript/libraries/default.rb deleted file mode 100644 index 2c3ee48..0000000 --- a/cookbooks/application_javascript/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_application_javascript/cheftie" diff --git a/cookbooks/application_javascript/metadata.json b/cookbooks/application_javascript/metadata.json deleted file mode 100644 index c09bcbe..0000000 --- a/cookbooks/application_javascript/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"application_javascript","version":"1.0.0","description":"A Chef cookbook for deploying server-side JavaScript application code.","long_description":"# Application_Javascript Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application_javascript.svg)](https://travis-ci.org/poise/application_javascript)\n[![Gem Version](https://img.shields.io/gem/v/poise-application-javascript.svg)](https://rubygems.org/gems/poise-application-javascript)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application_javascript.svg)](https://supermarket.chef.io/cookbooks/application_javascript)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/application_javascript.svg)](https://codecov.io/github/poise/application_javascript)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application_javascript.svg)](https://gemnasium.com/poise/application_javascript)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to deploy server-side JavaScript\napplications using Node.js or io.js.\n\n## Quick Start\n\nTo deploy an Express application from git:\n\n```ruby\napplication '/srv/myapp' do\n git 'https://github.com/example/myapp.git'\n npm_install\n npm_start\nend\n```\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application_javascript`\n\nThe `application_javascript` resource installs a JavaScript runtime for the\ndeployment.\n\n```ruby\napplication '/srv/myapp' do\n javascript '3'\nend\n```\n\nAll actions and properties are the same as the [`javascript_runtime` resource](https://github.com/poise/poise-javascript#javascript_runtime).\n\n### `application_javascript_service`\n\nThe `application_javascript_javascript_service` resource creates a service for a\nJavaScript command.\n\n```ruby\napplication '/srv/myapp' do\n javascript_service 'main.js'\nend\n```\n\n#### Actions\n\n* `:enable` – Create, enable and start the service. *(default)*\n* `:disable` – Stop, disable, and destroy the service.\n* `:start` – Start the service.\n* `:stop` – Stop the service.\n* `:restart` – Stop and then start the service.\n* `:reload` – Send the configured reload signal to the service.\n\n#### Properties\n\n* `command` – Command to run. *(name attribute)*\n* `path` – Base path for the application. *(default: application path)*\n* `service_name` – Name of the service to create. *(default: auto-detect)*\n# `user` – User to run the service as. *(default: application owner)*\n\n### `application_node_package`\n\nThe `application_node_package` resource installs NPM packages for the deployment.\n\n```ruby\napplication '/srv/myapp' do\n node_package 'grunt-cli'\nend\n```\n\nAll actions and properties are the same as the [`node_package` resource](https://github.com/poise/poise-javascript#node_package),\nexcept that the `group` and `user` properties default to the application-level\ndata if not specified.\n\n### `application_npm_start`\n\nThe `application_npm_start` resource creates a service for a JavaScript\napplication using `npm start`.\n\n```ruby\napplication '/srv/myapp' do\n npm_start\nend\n```\n\n#### Actions\n\n* `:enable` – Create, enable and start the service. *(default)*\n* `:disable` – Stop, disable, and destroy the service.\n* `:start` – Start the service.\n* `:stop` – Stop the service.\n* `:restart` – Stop and then start the service.\n* `:reload` – Send the configured reload signal to the service.\n\n#### Properties\n\n* `path` – Base path for the application. *(default: name attribute)*\n* `command` – NPM subcommand to run. *(default: start)*\n* `service_name` – Name of the service to create. *(default: auto-detect)*\n# `user` – User to run the service as. *(default: application owner)*\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"YOUR_COMPANY_NAME","maintainer_email":"YOUR_EMAIL","license":"none","platforms":{},"dependencies":{"poise":"~> 2.0","application":"~> 5.0","poise-javascript":"~> 1.0","poise-service":"~> 1.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file diff --git a/cookbooks/chef-sugar/CHANGELOG.md b/cookbooks/chef-sugar/CHANGELOG.md deleted file mode 100644 index 1925309..0000000 --- a/cookbooks/chef-sugar/CHANGELOG.md +++ /dev/null @@ -1,189 +0,0 @@ -Chef Sugar Changelog -========================= -This file is used to list changes made in each version of the chef-sugar cookbook and gem. - -v3.3.0 (2016-01-11) -------------------- -### Improvements -- Break up `Chef::Sugar::Constraints` into a class and a dsl file -- Add `platform_version` method with full constraints comparison support - -v3.2.0 (2015-12-10) -------------------- -### Improvements -- Add platform matchers for `debian` and `fedora` -- Add `openvz` support under virtualization -- Add init system detection support -- Add support for `nexus`, `ios_xr` platforms and `wrlinux` platform_family -- Add additional `aix` helpers - -### Bug Fixes -- Properly expose `Architecture#i386?` in the DSL - -v3.1.1 (2015-06-23) -------------------- -### Improvements -- Update Intel CPU types based on existing Fauxhai data -- Update SPARC logic and 32/64-bit logic for x86 and i386 - -### Bug Fixes -- Fix 32-bit logic -- Fix default behavior to include chef-sugar at compile time -- Fix Chef 12.1.0 warnings for chef_gem compile time install -- Fix `redhat_enterprise_linux?` matcher - -v3.0.2 (2015-03-26) -------------------- -### Improvements -- Add helpers for `ppc64` and `ppc64le` architecture - -### Bug Fixes -- Adjustments to error message - -v3.0.1 (2015-03-20) -------------------- -### Breaking Changes -- Rename `compile_time` `to at_compile_time` - if your recipes are affected by - this breaking change, your Chef Client run will produce a verbose error - message with details on how to fix the error. - -v3.0.0 (2015-03-17) -------------------- -### Breaking Changes -- Drop support for Ruby 1.9 (it might still work, but it is no longer officially supported) - -### Improvements -- Remove accidentially committed gem source -- Bump development dependencies -- Add `digitalocean?` matcher -- Expose the `rhel` platform as `el` -- Add `ppc64le` platform -- Add helper for determining if architecture is SPARC -- Add helper for determining if architecture is Intel -- Add dynamic platform/version matchers for Solaris - -### Bug Fixes -- Reset namespace_options when reaching top-level resources - -v2.5.0 (2015-01-05) -------------------- -### Improvements -- Add `data_bag_item_for_environment` function -- Add `kvm?` matcher -- Add `virtualbox?` matcher - -### Bug Fixes -- Use `.key?` to check for hash key presence, raising an `AttributeDoesNotExist` - error sooner - -v2.4.1 (2014-10-12) -------------------- -- No changes from v2.4.0 - forced a new version upload to the Chef Supermarket - -v2.4.0 (2014-10-12) -------------------- -### Improvements -- Add `docker?` matcher - -v2.3.2 (2014-10-07) -------------------- -### Big Fixues -- Include `amd64` in `_64_bit?` check - -v2.3.1 (2014-10-07) -------------------- -### Improvements -- Check all 64-bit architectures that may be reported by Ohai - -### Bug Fixes -- Be more tolerant of `nil` values return from sub functions -- Check to make sure `node['domain']` is not `nil` before calling `#include?` - -v2.3.0 (2014-09-24) -------------------- -### Improvements -- Add `vmware?` matcher -- Allow the attribute DSL to access parent attributes - -### Bug Fixes -- Return `true` or `false` from all Boolean methods (instead of `nil` or truthy values) - -v2.2.0 (2014-08-20) -------------------- -### Improvements -- Add `smartos?` matcher -- Add `omnios?` matcher - -v2.1.0 (2014-06-26) -------------------- -### Improvements -- Add `solaris2?` matcher -- Add `aix?` matcher -- Add 'lxc?' matcher - -### Bug Fixes -- Fix a bug in namespace memoization during attribute initialization - -v2.0.0 (2014-06-16) -------------------- -### Breaking -- Remove `not_linux?` method -- Remove `not_windows?` method - -### Improvements -- Miscellaneous spelling fixes -- Update a failing unit test for `installed?` -- Add Mac OS X to the list of platforms (Yosemite) -- Upgrade to RSpec 3 -- Fix `which` (and `installed?` and `installed_at_version?`) when given an absolute path -- Fix `linux?` check to only return true on real linuxes - -v1.3.0 (2014-05-05) -------------------- -- Check both `$stdout` and `$stderr` in `version_for` -- Add additional platform versions -- Make `includes_recipe?` a top-level API (instead of just Node) -- Match on the highest version number instead of direct equality checking on platform versions -- Define `Object#blank?` as a core extension -- Define `String#flush` as a core extension -- Remove Stove - -v1.2.6 (2014-03-16) -------------------- -- Fix a bug in `vagrant?` returning false on newer Vagrant versions -- Remove Coveralls - -v1.2.4 (2014-03-13) -------------------- -- See (1.2.2), but I botched the release - -v1.2.2 (2014-03-13) -------------------- -- Fix a critical bug with `encrypted_data_bag_item` using the wrong key - -v1.2.0 (2014-03-09) -------------------- -- Add `namespace` functionality for specifying attributes in a DSL -- Add constraints helpers for comparing version strings -- Add `require_chef_gem` to safely require and degrade if a gem is not installed -- Add `deep_fetch` and `deep_fetch!` to fetch deeply nested keys -- Accept an optional secret key in `encrypted_data_bag_item` helper and raise a helpful error if one is not set (NOTE: this changes the airity of the method, but it's backward-compatible because Ruby is magic) -- Add Stove for releasing -- Updated copyrights for 2014 - -v1.1.0 (2013-12-10) -------------------- -- Add `cloudstack?` helper -- Add data bag helpers -- Remove foodcritic checks -- Upgrade development gem versions -- Randomize spec order - -v1.0.1 (2013-10-15) -------------------- -- Add development recipe -- Add `compile_time`, `before`, and `after` filters - -v1.0.0 (2013-10-15) -------------------- -- First public release diff --git a/cookbooks/chef-sugar/CONTRIBUTING.md b/cookbooks/chef-sugar/CONTRIBUTING.md deleted file mode 100644 index fffb47e..0000000 --- a/cookbooks/chef-sugar/CONTRIBUTING.md +++ /dev/null @@ -1,20 +0,0 @@ -Contributing to Chef Sugar -=============================== -The process for contributing to Chef sugar is rather straight-forward. It is unlikely that you'll need to modify the actual Chef recipe, so it's assumed that you want to work on the Gem itself. - -1. Fork the repository on GitHub. -2. Clone your fork. -3. Create a new, semantically-named branch: - - $ git checkout -b my_feature_branch - -4. Make any changes, ensuring you write adequate test coverage. -5. Document your changes (YARD). -6. Run the tests (make sure they pass). -7. Submit a Pull Request on GitHub. -8. (optional) Ping me on Twitter (@sethvargo) - -Additionally, please **DO NOT**: -- Modify the version of the cookbook or gem. -- Update the CHANGELOG -- Make unnecessary changes to the gemspec diff --git a/cookbooks/chef-sugar/README.md b/cookbooks/chef-sugar/README.md deleted file mode 100644 index fd9785a..0000000 --- a/cookbooks/chef-sugar/README.md +++ /dev/null @@ -1,495 +0,0 @@ -Chef Sugar -========== -[![Gem Version](http://img.shields.io/gem/v/chef-sugar.svg?style=flat-square)][gem] -[![Build Status](http://img.shields.io/travis/sethvargo/chef-sugar.svg?style=flat-square)][travis] - -[gem]: https://rubygems.org/gems/chef-sugar -[travis]: http://travis-ci.org/sethvargo/chef-sugar - -Chef Sugar is a Gem & Chef Recipe that includes series of helpful sugar of the Chef core and other resources to make a cleaner, more lean recipe DSL, enforce DRY principles, and make writing Chef recipes an awesome experience! - - -Installation ------------- -If you want to develop/hack on chef-sugar, please see the Contributing.md. - -If you are using Berkshelf, add `chef-sugar` to your `Berksfile`: - -```ruby -cookbook 'chef-sugar' -``` - -Otherwise, you can use `knife` or download the tarball directly from the community site: - -```ruby -knife cookbook site install chef-sugar -``` - - -Usage ------ -In order to use Chef Sugar in your Chef Recipes, you'll first need to include it: - -```ruby -include_recipe 'chef-sugar::default' -``` - -Alternatively you can put it in a base role or recipe and it will be included subsequently. - -Requiring the Chef Sugar Gem will automatically extend the Recipe DSL, `Chef::Resource`, and `Chef::Provider` with helpful convenience methods. - -### Module Method -If you are working outside of the Recipe DSL, you can use the module methods instead of the Recipe DSL. In general, the module methods have the same name as their Recipe-DSL counterparts, but require the node object as a parameter. For example: - -In a Recipe: - -```ruby -# cookbook/recipes/default.rb -do_something if windows? -``` - -In a Library as a singleton: - -```ruby -# cookbook/libraries/default.rb -def only_on_windows(&block) - yield if Chef::Sugar::PlatformFamily.windows?(@node) -end -``` - -In a Library as a Mixin: - -```ruby -# cookbook/libraries/default.rb -include Chef::Sugar::PlatformFamily - -def only_on_windows(&block) - yield if windows?(@node) -end -``` - - -API ---- -**Note:** For the most extensive API documentation, please see the YARD documentation. - -### Architecture -**Note:** Some of the architecture commands begin with an underscore (`_`) because Ruby does not permit methods to start with a numeric. - -- `_64_bit?` -- `_32_bit?` -- `intel?` -- `sparc?` -- `ppc64?` -- `ppc64le?` -- `powerpc?` - -#### Examples -```ruby -execute 'build[my binary]' do - command '...' - not_if { _64_bit? } -end -``` - -### Cloud -- `azure?` -- `cloud?` -- `digitalocean?` -- `ec2?` -- `eucalyptus?` -- `gce?` -- `linode?` -- `openstack?` -- `cloudstack?` -- `rackspace?` - -#### Examples -```ruby -template '/tmp/config' do - variables( - # See also: best_ip_for - ipaddress: cloud? ? node['local_ipv4'] : node['public_ipv4'] - ) -end -``` - -### Core Extensions -**Note:** Core extensions are **not** included by default. You must require the `chef/sugar/core_extensions` module manually to gain access to these APIs: - -```ruby -require 'chef/sugar/core_extensions' -``` - -- `String#satisfies?` -- `String#satisfied_by?` -- `Array#satisfied_by?` -- `Object#blank?` - -#### Examples -```ruby -# Checking version constraints -'1.0.0'.satisfies?('~> 1.0') #=> true -'~> 1.0'.satisfied_by?('1.0') #=> true -``` - -```ruby -# Check for an object's presence -''.blank? #=> true -['hello'].blank? #=> false -``` - -### Data Bag -- `encrypted_data_bag_item` - a handy DSL method for loading encrypted data bag items the same way you load a regular data bag item; this requires `Chef::Config[:encrypted_data_bag_secret]` is set! -- `encrypted_data_bag_item_for_environment` - find the encrypted data bag entry for the current node's Chef environment. -- `data_bag_item_for_environment` - find the data bag entry for the current node's Chef environment. - -#### Examples -```ruby -encrypted_data_bag_item('accounts', 'hipchat') -``` - -```ruby -encrypted_data_bag_item_for_environment('accounts', 'github') -``` - -```ruby -data_bag_item_for_environment('accounts', 'github') -``` - -### Docker -Chef Sugar looks for hints to see if the node being converged is a Docker container. When [Ohai supports checking other nodes](https://github.com/opscode/ohai/pull/428), Chef Sugar will automatically pick up the information. - -- `docker?` - -#### Examples -```ruby -template '/runme' do - only_if { docker?(node) } -end -``` - -### Attributes -Chef Sugar adds more Chef-like DSL to attribute definitions. Instead of using the Ruby hash syntax, you can define attributes using nested namespaces. This DSL may be more friendly to non-Ruby developers. It can safely be mixed-and-matched with the standard syntax. - -```ruby -# This is functionally the same as default['apache2']['config']['root'] = '/var/www' -namespace 'apache2' do - namespace 'config' do - root '/var/www' - end -end -``` - -```ruby -# Specify multiple keys instead of nesting namespaces -namespace 'apache2', 'config' do - root '/var/www' -end -``` - -```ruby -# Specify different nested precedence levels -namespace 'apache2', precedence: normal do - namespace 'config', precedence: override do - root '/var/www' #=> override['apache2']['config']['root'] = '/var/www' - end -end -``` - -### Constraints -- `constraints` - create a new constraint (or requirement) that can be used to test version validations. -- `chef_version` - (DSL only) a wrapper for `version(Chef::VERSION)` -- `version` - create a new version that can be used to test constraint validation. - -#### Examples -```ruby -# Check if a version is satisfied by a constraint -version('1.2.3').satisfies?('~> 1.2.0') -``` - -```ruby -# Check if a constraint is satisfied by a version -constraint('~> 1.2.0').satisfied_by?('1.2.3') -``` - -```ruby -# Support multiple constraints -version('1.2.3').satisfies?('> 1.2', '< 2.0') -constraint('> 1.2', '< 2.0').satisfied_by?('1.2.3') -``` - -```ruby -# Only perform an operation if Chef is at a certain version -package 'apache2' do - not_if { chef_version.satisfies?('~> 11.0') } # Ignore Chef 11 -end -``` - -### Kernel -- `require_chef_gem` - "safely" require a gem. Loading a gem with Chef is sometimes difficult and confusing. The errors that Chef produces are also sometimes not very intuitive. In the event you require a gem to exist on the system, you can use `require_chef_gem`, which will attempt to require the gem and then produce helpful output if the gem is not installed: - - Chef could not load the gem `#{name}'! You may need to install the gem - manually with `gem install #{name}', or include a recipe before you can - use this resource. Please consult the documentation for this cookbook - for proper usage. - -#### Examples -```ruby -# LWRP -require_chef_gem 'pry' -``` - -```ruby -class Chef - class Provider - class MyProvider > Provider - require_chef_gem 'pry' - end - end -end -``` - -### Init -- `systemd?` - detect if init system is systemd -- `upstart?` - detect if init system is upstart -- `runit?` - detect if init system is runit - -#### Examples -```ruby -systemd_service 'my-service' do - description 'My Service' - install do - wanted_by 'multi-user.target' - end - service do - exec_start '/usr/bin/myserviced' - end - action [:create, :enable, :start] - only_if { systemd? } -end - -cookbook_file '/etc/init/my-service.conf' do - source 'my-service.conf' - only_if { upstart? } -end -``` - -### IP -- `best_ip_for` - determine the best IP address for the given "other" node, preferring local IP addresses over public ones. - -#### Examples -```ruby -redis = search('node', 'role:redis').first - -template '/tmp/config' do - variables( - ipaddress: best_ip_for(redis) - ) -end -``` - -### Node - -Additional methods for the `node` object - -- `deep_fetch` - safely fetch a nested attribute. -- `deep_fetch!` - fetch a nested attribute, raising a more semantic error if the key does not exist. -- `in?` - determine if the node is in the given Chef environment. - -#### Examples -```ruby -credentials = if node.in?('production') - Chef::EncryptedDataBag.new('...') - else - data_bag('...') - end -``` - -```ruby -node.deep_fetch('apache2', 'config', 'root') => node['apache2']['config']['root'] -``` - -### Platform -- `amazon_linux?` -- `centos?` -- `linux_mint?` -- `oracle_linux?` -- `redhat_enterprise_linux?` -- `scientific_linux?` -- `ubuntu?` -- `solaris2?` -- `aix?` -- `smartos?` -- `omnios?` -- `raspbian?` -- `nexus?` -- `ios_xr?` - -There are also a series of dynamically defined matchers that map named operating system release versions and comparison operators in the form "#{platform}\_#{operator}\_#{name}?". For example: - -- `debian_after_squeeze?` -- `linuxmint_after_or_at_olivia?` -- `mac_os_x_lion?` -- `ubuntu_before_lucid?` -- `ubuntu_before_or_at_maverick?` -- `solaris_10?` -- `solaris_11?` - -To get a full list, run the following in IRB: - -```ruby -require 'chef/sugar' -puts Chef::Sugar::Platform.instance_methods -``` - -#### Examples -```ruby -if ubuntu? - execute 'apt-get update' -end -``` - -### Platform Family -- `arch_linux?` -- `debian?` -- `fedora?` -- `freebsd?` -- `gentoo?` -- `linux?` -- `mac_os_x?` -- `openbsd?` -- `rhel?` -- `slackware?` -- `suse?` -- `windows?` -- `wrlinux?` - -#### Examples -```ruby -node['attribute'] = if windows? - 'C:\Foo\BarDrive' - else - '/foo/bar_drive' - end -``` - -### Ruby -**Note:** The applies to the Ruby found at `node['languages']['ruby']`. - -- `ruby_20?` -- `ruby_19?` - -#### Examples -```ruby -log 'This has been known to fail on Ruby 2.0' if ruby_20? -``` - -### Run Context -- `includes_recipe?` - determines if the current run context includes the recipe - -```ruby -if includes_recipe?('apache2::default') - apache_module 'my_module' do - # ... - end -end -``` - -### Shell -- `which` -- `dev_null` -- `installed?` -- `installed_at_version?` -- `version_for` - -#### Examples -```ruby -log "Using `mongo` at `#{which('mongo')}`" - -if installed?('apt') - execute 'apt-get update' -end - -execute 'install[thing]' do - command "... 2>&1 #{dev_null}" - not_if { installed_at_version?('thing', node['thing']['version']) } -end - -log "Skipping git install, version is at #{version_for('mongo', '-v')}" -``` - -### Vagrant -- `vagrant?` - -#### Examples -```ruby -http_request 'http://...' do - not_if { vagrant? } -end -``` - -### Virtualization -- `kvm?` -- `lxc?` -- `virtualbox?` -- `vmware?` -- `openvz?` - -#### Examples -```ruby -service 'ntpd' do - action [:enable, :start] - not_if { lxc? } -end -``` - -### Filters -- `at_compile_time` - accepts a block of resources to run at compile time -- `before` - insert resource in the collection before the given resource -- `after` - insert resource in the collection after the given resource - -#### Examples -```ruby -at_compile_time do - package 'apache2' -end - -# This is equivalent to -package 'apache2' do - action :nothing -end.run_action(:install) -``` - -```ruby -before 'service[apache2]' do - log 'I am before the apache 2 service fires!' -end -``` - -```ruby -after 'service[apache2]' do - log 'I am after the apache 2 service fires!' -end -``` - - -License & Authors ------------------ -- Author: Seth Vargo (sethvargo@gmail.com) - -```text -Copyright 2013-2015 Seth Vargo - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/chef-sugar/metadata.json b/cookbooks/chef-sugar/metadata.json deleted file mode 100644 index 21028c7..0000000 --- a/cookbooks/chef-sugar/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"chef-sugar","version":"3.3.0","description":"Installs chef-sugar. Please see the chef-sugar Ruby gem for more information.","long_description":"Chef Sugar is a Gem & Chef Recipe that includes series of helpful syntactic\nsugars on top of the Chef core and other resources to make a cleaner, more lean\nrecipe DSL, enforce DRY principles, and make writing Chef recipes an awesome and\nfun experience!\n\nFor the most up-to-date information and documentation, please visit the [Chef\nSugar project page on GitHub](https://github.com/sethvargo/chef-sugar).\n","maintainer":"Seth Vargo","maintainer_email":"sethvargo@gmail.com","license":"Apache 2.0","platforms":{},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file diff --git a/cookbooks/chef-sugar/recipes/default.rb b/cookbooks/chef-sugar/recipes/default.rb deleted file mode 100644 index 93256c7..0000000 --- a/cookbooks/chef-sugar/recipes/default.rb +++ /dev/null @@ -1,34 +0,0 @@ -# -# Cookbook Name:: chef-sugar -# Recipe:: default -# -# Copyright 2013-2015, Seth Vargo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -gem_version = run_context.cookbook_collection[cookbook_name].metadata.version - -if Chef::Resource::ChefGem.instance_methods(false).include?(:compile_time) - chef_gem 'chef-sugar' do - version gem_version - compile_time true - end -else - chef_gem 'chef-sugar' do - version gem_version - action :nothing - end.run_action(:install) -end - -require 'chef/sugar' diff --git a/cookbooks/compat_resource/CHANGELOG.md b/cookbooks/compat_resource/CHANGELOG.md deleted file mode 100644 index 7908196..0000000 --- a/cookbooks/compat_resource/CHANGELOG.md +++ /dev/null @@ -1,53 +0,0 @@ -# compat_resource Cookbook CHANGELOG - -This file is used to list changes made in each version of the compat_resource cookbook. - -## 12.19.0 (2017-04-17) - -- Suppress warning already initialized constant -- Backport yum/apt changes from 12.19 - -## 12.16.2 (2016-11-09) - -- Sync chef-client changes from Chef 12.16.42 - -## 12.16.1 (2016-10-20) - -- add delayed_action helper - -## 12.16.0 (2016-10-19) - -- Sync chef-client changes from Chef 12.16.14 - -## 12.14.7 (2016-09-26) - -- Update to 12.14.89 Chef -- Fix autoload by applying fix from #106 - -## 12.14.6 (2016-09-20) - -- Update backported codebase to Chef 12.14.77 which brings in yum_repository updates and why-run enabled by default in custom resources - -## 12.14.5 (2016-09-19) - -- Prevent spamming messages in Chefspec runs for cookbooks that depend on compat_resource - -## 12.14.4 (2016-09-19) - -- Fix delayed notifications cloning - -## 12.14.3 (2016-09-12) - -- Fix subscribes notifications - -## 12.14.2 (2016-09-09) - -- Improve documentation -- keep ChefCompat::Resource defined even if we don't load - -## 12.14.1 (2016-09-07) - -- add yum_repository resource from Chef 12.14 -- Update the minimum chef version in the metadata to 12.1 -- Added maintainers files -- suppress constant redef warnings when running chefspec diff --git a/cookbooks/compat_resource/CONTRIBUTING.md b/cookbooks/compat_resource/CONTRIBUTING.md deleted file mode 100644 index ef2f2b8..0000000 --- a/cookbooks/compat_resource/CONTRIBUTING.md +++ /dev/null @@ -1,2 +0,0 @@ -Please refer to -https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD diff --git a/cookbooks/compat_resource/MAINTAINERS.md b/cookbooks/compat_resource/MAINTAINERS.md deleted file mode 100644 index 5ae0806..0000000 --- a/cookbooks/compat_resource/MAINTAINERS.md +++ /dev/null @@ -1,16 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Lamont Granquist](https://github.com/lamont-granquist) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) -* [Lamont Granquist](https://github.com/lamont-granquist) diff --git a/cookbooks/compat_resource/README.md b/cookbooks/compat_resource/README.md deleted file mode 100644 index f5c17e5..0000000 --- a/cookbooks/compat_resource/README.md +++ /dev/null @@ -1,60 +0,0 @@ -# compat_resource cookbook - -[![Build Status](https://travis-ci.org/chef-cookbooks/compat_resource.svg?branch=master)](https://travis-ci.org/chef-cookbooks/compat_resource) [![Cookbook Version](https://img.shields.io/cookbook/v/compat_resource.svg)](https://supermarket.chef.io/cookbooks/compat_resource) - -This cookbook backports functionality introduced in the latest chef-client releases to any chef-client from 12.1 onwards. This includes [Custom Resource](https://docs.chef.io/custom_resources.html) functionality, notification improvements, as well as new resources added to core chef. It allows for the usage of these new resources in cookbooks without requiring the very latest Chef client release. - -## Backported functionality - -- [Custom Resources](https://docs.chef.io/custom_resources.html) -- [apt_repository](https://docs.chef.io/resource_apt_repository.html) -- [apt_update](https://docs.chef.io/resource_apt_update.html) -- [systemd_unit](https://docs.chef.io/resource_systemd_unit.html) -- [yum_repository](https://docs.chef.io/resource_yum_repository.html) -- [:before notifications](https://docs.chef.io/resources.html#timers) - -## Requirements - -### Platforms - -- All platforms supported by Chef - -### Chef - -- Chef 12.1+ - -### Cookbooks - -- none - -## Usage - -To use this cookbook, put `depends 'compat_resource'` in the metadata.rb of your cookbook. Once this is done, you can use all the new custom resource features to define resources. It Just Works. - -## Custom Resources? - -Curious about how to use custom resources? - -- Docs: -- Slides: - -## License & Authors - -- Author:: Lamont Granquist ([lamont@chef.io](mailto:lamont@chef.io)) -- Author:: John Keiser ([jkeiser@chef.io](mailto:jkeiser@chef.io)) - -```text -Copyright:: 2015-2016 Chef Software, Inc. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef.rb deleted file mode 100644 index 219b05b..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef.rb +++ /dev/null @@ -1,29 +0,0 @@ -module ChefCompat - module CopiedFromChef - def self.extend_chef_module(chef_module, target) - target.instance_eval do - include chef_module - @chef_module = chef_module - def self.method_missing(name, *args, &block) - @chef_module.send(name, *args, &block) - end - def self.const_missing(name) - @chef_module.const_get(name) - end - end - end - - # This patch to CopiedFromChef's ActionClass is necessary for the include to work - require 'chef/resource' - class Chef < ::Chef - class Resource < ::Chef::Resource - module ActionClass - def self.use_inline_resources - end - def self.include_resource_dsl(include_resource_dsl) - end - end - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/constants.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/constants.rb deleted file mode 100644 index 4acd742..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/constants.rb +++ /dev/null @@ -1,47 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/constants' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: John Keiser -# Copyright:: Copyright 2015-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -class Chef < (defined?(::Chef) ? ::Chef : Object) - NOT_PASSED = Object.new - def NOT_PASSED.to_s - "NOT_PASSED" - end - - def NOT_PASSED.inspect - to_s - end - NOT_PASSED.freeze -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/delayed_evaluator.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/delayed_evaluator.rb deleted file mode 100644 index 4fb687e..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/delayed_evaluator.rb +++ /dev/null @@ -1,40 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/delayed_evaluator' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: John Keiser -# Copyright:: Copyright 2015-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class DelayedEvaluator < (defined?(::Chef::DelayedEvaluator) ? ::Chef::DelayedEvaluator : Proc) - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/core.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/core.rb deleted file mode 100644 index 8e30d30..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/core.rb +++ /dev/null @@ -1,73 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/dsl/core' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -#-- -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Copyright:: Copyright 2008-2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/dsl/declare_resource" -require "chef_compat/copied_from_chef/chef/dsl/universal" -require "chef_compat/copied_from_chef/chef/mixin/notifying_block" -require "chef_compat/copied_from_chef/chef/mixin/lazy_module_include" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module DSL - CopiedFromChef.extend_chef_module(::Chef::DSL, self) if defined?(::Chef::DSL) - # Part of a family of DSL mixins. - # - # Chef::DSL::Recipe mixes into Recipes and LWRP Providers. - # - this does not target core chef resources and providers. - # - this is restricted to recipe/resource/provider context where a resource collection exists. - # - cookbook authors should typically include modules into here. - # - # Chef::DSL::Core mixes into Recipes, LWRP Providers and Core Providers - # - this adds cores providers on top of the Recipe DSL. - # - this is restricted to recipe/resource/provider context where a resource collection exists. - # - core chef authors should typically include modules into here. - # - # Chef::DSL::Universal mixes into Recipes, LWRP Resources+Providers, Core Resources+Providers, and Attributes files. - # - this adds resources and attributes files. - # - do not add helpers which manipulate the resource collection. - # - this is for general-purpose stuff that is useful nearly everywhere. - # - it also pollutes the namespace of nearly every context, watch out. - # - module Core - CopiedFromChef.extend_chef_module(::Chef::DSL::Core, self) if defined?(::Chef::DSL::Core) - include Chef::DSL::Universal - include Chef::DSL::DeclareResource - include Chef::Mixin::NotifyingBlock - extend Chef::Mixin::LazyModuleInclude - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/declare_resource.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/declare_resource.rb deleted file mode 100644 index 45e69dc..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/declare_resource.rb +++ /dev/null @@ -1,315 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/dsl/declare_resource' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -#-- -# Author:: Adam Jacob () -# Author:: Christopher Walters -# Copyright:: Copyright 2008-2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module DSL - CopiedFromChef.extend_chef_module(::Chef::DSL, self) if defined?(::Chef::DSL) - module DeclareResource - CopiedFromChef.extend_chef_module(::Chef::DSL::DeclareResource, self) if defined?(::Chef::DSL::DeclareResource) - - # Helper for switching run_contexts. Allows for using :parent or :root in place of - # passing the run_context. Executes the block in the run_context. Returns the return - # value of the passed block. - # - # @param rc [Chef::RunContext,Symbol] Either :root, :parent or a Chef::RunContext - # - # @return return value of the block - # - # @example - # # creates/returns a 'service[foo]' resource in the root run_context - # resource = with_run_context(:root) - # edit_resource(:service, "foo") do - # action :nothing - # end - # end - # - def with_run_context(rc) - raise ArgumentError, "with_run_context is useless without a block" unless block_given? - old_run_context = @run_context - @run_context = - case rc - when Chef::RunContext - rc - when :root - run_context.root_run_context - when :parent - run_context.parent_run_context - else - raise ArgumentError, "bad argument to run_context helper, must be :root, :parent, or a Chef::RunContext" - end - yield - ensure - @run_context = old_run_context - end - - # Lookup a resource in the resource collection by name and delete it. This - # will raise Chef::Exceptions::ResourceNotFound if the resource is not found. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # - # @return [Chef::Resource] The resource - # - # @example - # delete_resource!(:template, '/x/y.txy') - # - def delete_resource!(type, name, run_context: self.run_context) - run_context.resource_collection.delete("#{type}[#{name}]").tap do |resource| - # Purge any pending notifications too. This will not raise an exception - # if there are no notifications. - if resource - run_context.before_notification_collection.delete(resource.declared_key) - run_context.immediate_notification_collection.delete(resource.declared_key) - run_context.delayed_notification_collection.delete(resource.declared_key) - end - end - end - - # Lookup a resource in the resource collection by name and delete it. Returns - # nil if the resource is not found and should not fail. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # - # @return [Chef::Resource] The resource - # - # @example - # delete_resource(:template, '/x/y.txy') - # - def delete_resource(type, name, run_context: self.run_context) - delete_resource!(type, name, run_context: run_context) - rescue Chef::Exceptions::ResourceNotFound - nil - end - - # Lookup a resource in the resource collection by name and edit the resource. If the resource is not - # found this will raise Chef::Exceptions::ResourceNotFound. This is the correct API to use for - # "chef_rewind" functionality. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # @param resource_attrs_block A block that lets you set attributes of the - # resource (it is instance_eval'd on the resource instance). - # - # @return [Chef::Resource] The updated resource - # - # @example - # edit_resource!(:template, '/x/y.txy') do - # cookbook_name: cookbook_name - # end - # - def edit_resource!(type, name, created_at = nil, run_context: self.run_context, &resource_attrs_block) - resource = find_resource!(type, name, run_context: run_context) - if resource_attrs_block - if defined?(new_resource) - resource.instance_exec(new_resource, &resource_attrs_block) - else - resource.instance_exec(&resource_attrs_block) - end - end - resource - end - - # Lookup a resource in the resource collection by name. If it exists, - # return it. If it does not exist, create it. This is a useful function - # for accumulator patterns. In CRUD terminology this is an "upsert" operation and is - # used to assert that the resource must exist with the specified properties. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param created_at [String] The caller of the resource. Use `caller[0]` - # to get the caller of your function. Defaults to the caller of this - # function. - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # @param resource_attrs_block A block that lets you set attributes of the - # resource (it is instance_eval'd on the resource instance). - # - # @return [Chef::Resource] The updated or created resource - # - # @example - # resource = edit_resource(:template, '/x/y.txy') do - # source "y.txy.erb" - # variables {} - # end - # resource.variables.merge!({ home: "/home/klowns" }) - # - def edit_resource(type, name, created_at = nil, run_context: self.run_context, &resource_attrs_block) - edit_resource!(type, name, created_at, run_context: run_context, &resource_attrs_block) - rescue Chef::Exceptions::ResourceNotFound - declare_resource(type, name, created_at, run_context: run_context, &resource_attrs_block) - end - - # Lookup a resource in the resource collection by name. If the resource is not - # found this will raise Chef::Exceptions::ResourceNotFound. This API is identical to the - # resources() call and while it is a synonym it is not intended to deprecate that call. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # - # @return [Chef::Resource] The updated resource - # - # @example - # resource = find_resource!(:template, '/x/y.txy') - # - def find_resource!(type, name, run_context: self.run_context) - raise ArgumentError, "find_resource! does not take a block" if block_given? - run_context.resource_collection.find(type => name) - end - - # Lookup a resource in the resource collection by name. If the resource is not found - # the will be no exception raised and the call will return nil. If a block is given and - # no resource is found it will create the resource using the block, if the resource is - # found then the block will not be applied. The block version is similar to create_if_missing - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # - # @return [Chef::Resource] The updated resource - # - # @example - # if ( find_resource(:template, '/x/y.txy') ) - # # do something - # else - # # don't worry about the error - # end - # - # @example - # # this API can be used to return a resource from an outer run context, and will only create - # # an action :nothing service if one does not already exist. - # resource = with_run_context(:root) do - # find_resource(:service, 'whatever') do - # action :nothing - # end - # end - # - def find_resource(type, name, created_at: nil, run_context: self.run_context, &resource_attrs_block) - find_resource!(type, name, run_context: run_context) - rescue Chef::Exceptions::ResourceNotFound - if resource_attrs_block - declare_resource(type, name, created_at, run_context: run_context, &resource_attrs_block) - end # returns nil otherwise - end - - # Instantiates a resource (via #build_resource), then adds it to the - # resource collection. Note that resource classes are looked up directly, - # so this will create the resource you intended even if the method name - # corresponding to that resource has been overridden. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param created_at [String] The caller of the resource. Use `caller[0]` - # to get the caller of your function. Defaults to the caller of this - # function. - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # @param resource_attrs_block A block that lets you set attributes of the - # resource (it is instance_eval'd on the resource instance). - # - # @return [Chef::Resource] The new resource. - # - # @example - # declare_resource(:file, '/x/y.txy', caller[0]) do - # action :delete - # end - # # Equivalent to - # file '/x/y.txt' do - # action :delete - # end - # - def declare_resource(type, name, created_at = nil, run_context: self.run_context, create_if_missing: false, &resource_attrs_block) - created_at ||= caller[0] - - if create_if_missing - Chef::Log.deprecation "build_resource with a create_if_missing flag is deprecated, use edit_resource instead" - # midly goofy since we call edit_resource only to re-call ourselves, but that's why its deprecated... - return edit_resource(type, name, created_at, run_context: run_context, &resource_attrs_block) - end - - resource = build_resource(type, name, created_at, &resource_attrs_block) - - run_context.resource_collection.insert(resource, resource_type: type, instance_name: name) - resource - end - - # Instantiate a resource of the given +type+ with the given +name+ and - # attributes as given in the +resource_attrs_block+. - # - # The resource is NOT added to the resource collection. - # - # @param type [Symbol] The type of resource (e.g. `:file` or `:package`) - # @param name [String] The name of the resource (e.g. '/x/y.txt' or 'apache2') - # @param created_at [String] The caller of the resource. Use `caller[0]` - # to get the caller of your function. Defaults to the caller of this - # function. - # @param run_context [Chef::RunContext] the run_context of the resource collection to operate on - # @param resource_attrs_block A block that lets you set attributes of the - # resource (it is instance_eval'd on the resource instance). - # - # @return [Chef::Resource] The new resource. - # - # @example - # build_resource(:file, '/x/y.txy', caller[0]) do - # action :delete - # end - # - def build_resource(type, name, created_at = nil, run_context: self.run_context, &resource_attrs_block) - created_at ||= caller[0] - - # this needs to be lazy in order to avoid circular dependencies since ResourceBuilder - # will requires the entire provider+resolver universe - require "chef_compat/copied_from_chef/chef/resource_builder" unless defined?(Chef::ResourceBuilder) - - Chef::ResourceBuilder.new( - type: type, - name: name, - created_at: created_at, - params: @params, - run_context: run_context, - cookbook_name: cookbook_name, - recipe_name: recipe_name, - enclosing_provider: self.is_a?(Chef::Provider) ? self : nil - ).build(&resource_attrs_block) - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/platform_introspection.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/platform_introspection.rb deleted file mode 100644 index 7886000..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/platform_introspection.rb +++ /dev/null @@ -1,292 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/dsl/platform_introspection' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Adam Jacob () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module DSL - CopiedFromChef.extend_chef_module(::Chef::DSL, self) if defined?(::Chef::DSL) - - # == Chef::DSL::PlatformIntrospection - # Provides the DSL for platform-dependent switch logic, such as - # #value_for_platform. - module PlatformIntrospection - CopiedFromChef.extend_chef_module(::Chef::DSL::PlatformIntrospection, self) if defined?(::Chef::DSL::PlatformIntrospection) - - # Implementation class for determining platform dependent values - class PlatformDependentValue < (defined?(::Chef::DSL::PlatformIntrospection::PlatformDependentValue) ? ::Chef::DSL::PlatformIntrospection::PlatformDependentValue : Object) - - # Create a platform dependent value object. - # === Arguments - # platform_hash (Hash) a hash of the same structure as Chef::Platform, - # like this: - # { - # :debian => {:default => 'the value for all debian'} - # [:centos, :redhat, :fedora] => {:default => "value for all EL variants"} - # :ubuntu => { :default => "default for ubuntu", '10.04' => "value for 10.04 only"}, - # :default => "the default when nothing else matches" - # } - # * platforms can be specified as Symbols or Strings - # * multiple platforms can be grouped by using an Array as the key - # * values for platforms need to be Hashes of the form: - # {platform_version => value_for_that_version} - # * the exception to the above is the default value, which is given as - # :default => default_value - def initialize(platform_hash) -super if defined?(::Chef::DSL::PlatformIntrospection::PlatformDependentValue) - @values = {} - platform_hash.each { |platforms, value| set(platforms, value) } - end - - def value_for_node(node) - platform, version = node[:platform].to_s, node[:platform_version].to_s - # Check if we match a version constraint via Chef::VersionConstraint::Platform and Chef::Version::Platform - matched_value = match_versions(node) - if @values.key?(platform) && @values[platform].key?(version) - @values[platform][version] - elsif matched_value - matched_value - elsif @values.key?(platform) && @values[platform].key?("default") - @values[platform]["default"] - elsif @values.key?("default") - @values["default"] - else - nil - end - end - - private - - def match_versions(node) - begin - platform, version = node[:platform].to_s, node[:platform_version].to_s - return nil unless @values.key?(platform) - node_version = Chef::Version::Platform.new(version) - key_matches = [] - keys = @values[platform].keys - keys.each do |k| - begin - if Chef::VersionConstraint::Platform.new(k).include?(node_version) - key_matches << k - end - rescue Chef::Exceptions::InvalidVersionConstraint => e - Chef::Log.debug "Caught InvalidVersionConstraint. This means that a key in value_for_platform cannot be interpreted as a Chef::VersionConstraint::Platform." - Chef::Log.debug(e) - end - end - return @values[platform][version] if key_matches.include?(version) - case key_matches.length - when 0 - return nil - when 1 - return @values[platform][key_matches.first] - else - raise "Multiple matches detected for #{platform} with values #{@values}. The matches are: #{key_matches}" - end - rescue Chef::Exceptions::InvalidCookbookVersion => e - # Lets not break because someone passes a weird string like 'default' :) - Chef::Log.debug(e) - Chef::Log.debug "InvalidCookbookVersion exceptions are common and expected here: the generic constraint matcher attempted to match something which is not a constraint. Moving on to next version or constraint" - return nil - rescue Chef::Exceptions::InvalidPlatformVersion => e - Chef::Log.debug "Caught InvalidPlatformVersion, this means that Chef::Version::Platform does not know how to turn #{node_version} into an x.y.z format" - Chef::Log.debug(e) - return nil - end - end - - def set(platforms, value) - if platforms.to_s == "default" - @values["default"] = value - else - assert_valid_platform_values!(platforms, value) - Array(platforms).each { |platform| @values[platform.to_s] = normalize_keys(value) } - value - end - end - - def normalize_keys(hash) - hash.inject({}) do |h, key_value| - keys, value = *key_value - Array(keys).each do |key| - h[key.to_s] = value - end - h - end - end - - def assert_valid_platform_values!(platforms, value) - unless value.kind_of?(Hash) - msg = "platform dependent values must be specified in the format :platform => {:version => value} " - msg << "you gave a value #{value.inspect} for platform(s) #{platforms}" - raise ArgumentError, msg - end - end - end - - # Given a hash similar to the one we use for Platforms, select a value from the hash. Supports - # per platform defaults, along with a single base default. Arrays may be passed as hash keys and - # will be expanded. - # - # === Parameters - # platform_hash:: A platform-style hash. - # - # === Returns - # value:: Whatever the most specific value of the hash is. - def value_for_platform(platform_hash) - PlatformDependentValue.new(platform_hash).value_for_node(node) - end - - # Given a list of platforms, returns true if the current recipe is being run on a node with - # that platform, false otherwise. - # - # === Parameters - # args:: A list of platforms. Each platform can be in string or symbol format. - # - # === Returns - # true:: If the current platform is in the list - # false:: If the current platform is not in the list - def platform?(*args) - has_platform = false - - args.flatten.each do |platform| - has_platform = true if platform.to_s == node[:platform] - end - - has_platform - end - - # Implementation class for determining platform family dependent values - class PlatformFamilyDependentValue < (defined?(::Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue) ? ::Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue : Object) - - # Create a platform family dependent value object. - # === Arguments - # platform_family_hash (Hash) a map of platform families to values. - # like this: - # { - # :rhel => "value for all EL variants" - # :fedora => "value for fedora variants fedora and amazon" , - # [:fedora, :rhel] => "value for all known redhat variants" - # :debian => "value for debian variants including debian, ubuntu, mint" , - # :default => "the default when nothing else matches" - # } - # * platform families can be specified as Symbols or Strings - # * multiple platform families can be grouped by using an Array as the key - # * values for platform families can be any object, with no restrictions. Some examples: - # - [:stop, :start] - # - "mysql-devel" - # - { :key => "value" } - def initialize(platform_family_hash) -super if defined?(::Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue) - @values = {} - @values["default"] = nil - platform_family_hash.each { |platform_families, value| set(platform_families, value) } - end - - def value_for_node(node) - if node.key?(:platform_family) - platform_family = node[:platform_family].to_s - if @values.key?(platform_family) - @values[platform_family] - else - @values["default"] - end - else - @values["default"] - end - end - - private - - def set(platform_family, value) - if platform_family.to_s == "default" - @values["default"] = value - else - Array(platform_family).each { |family| @values[family.to_s] = value } - value - end - end - end - - # Given a hash mapping platform families to values, select a value from the hash. Supports a single - # base default if platform family is not in the map. Arrays may be passed as hash keys and will be - # expanded - # - # === Parameters - # platform_family_hash:: A hash in the form { platform_family_name => value } - # - # === Returns - # value:: Whatever the most specific value of the hash is. - def value_for_platform_family(platform_family_hash) - PlatformFamilyDependentValue.new(platform_family_hash).value_for_node(node) - end - - # Given a list of platform families, returns true if the current recipe is being run on a - # node within that platform family, false otherwise. - # - # === Parameters - # args:: A list of platform families. Each platform family can be in string or symbol format. - # - # === Returns - # true:: if the current node platform family is in the list. - # false:: if the current node platform family is not in the list. - def platform_family?(*args) - args.flatten.any? do |platform_family| - platform_family.to_s == node[:platform_family] - end - end - - # Shamelessly stolen from https://github.com/sethvargo/chef-sugar/blob/master/lib/chef/sugar/docker.rb - # Given a node object, returns whether the node is a docker container. - # - # === Parameters - # node:: [Chef::Node] The node to check. - # - # === Returns - # true:: if the current node is a docker container - # false:: if the current node is not a docker container - def docker?(node = run_context.nil? ? nil : run_context.node) - # Using "File.exist?('/.dockerinit') || File.exist?('/.dockerenv')" makes Travis sad, - # and that makes us sad too. - node && node[:virtualization] && node[:virtualization][:systems] && - node[:virtualization][:systems][:docker] && node[:virtualization][:systems][:docker] == "guest" - end - - end - end -end - -# **DEPRECATED** -# This used to be part of chef/mixin/language. Load the file to activate the deprecation code. -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/recipe.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/recipe.rb deleted file mode 100644 index f896ec7..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/recipe.rb +++ /dev/null @@ -1,37 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/dsl/recipe' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -require "chef_compat/copied_from_chef/chef/dsl/core" -require "chef_compat/copied_from_chef/chef/mixin/lazy_module_include" -class Chef < (defined?(::Chef) ? ::Chef : Object) - module DSL - CopiedFromChef.extend_chef_module(::Chef::DSL, self) if defined?(::Chef::DSL) - module Recipe - CopiedFromChef.extend_chef_module(::Chef::DSL::Recipe, self) if defined?(::Chef::DSL::Recipe) - include Chef::DSL::Core - extend Chef::Mixin::LazyModuleInclude - module FullDSL - CopiedFromChef.extend_chef_module(::Chef::DSL::Recipe::FullDSL, self) if defined?(::Chef::DSL::Recipe::FullDSL) - include Chef::DSL::Recipe - extend Chef::Mixin::LazyModuleInclude - end - end - end -end -require "chef_compat/copied_from_chef/chef/resource" -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/universal.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/universal.rb deleted file mode 100644 index 7f529f1..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/dsl/universal.rb +++ /dev/null @@ -1,70 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/dsl/universal' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -#-- -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Copyright:: Copyright 2008-2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/dsl/platform_introspection" -require "chef_compat/copied_from_chef/chef/mixin/powershell_out" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module DSL - CopiedFromChef.extend_chef_module(::Chef::DSL, self) if defined?(::Chef::DSL) - # Part of a family of DSL mixins. - # - # Chef::DSL::Recipe mixes into Recipes and LWRP Providers. - # - this does not target core chef resources and providers. - # - this is restricted to recipe/resource/provider context where a resource collection exists. - # - cookbook authors should typically include modules into here. - # - # Chef::DSL::Core mixes into Recipes, LWRP Providers and Core Providers - # - this adds cores providers on top of the Recipe DSL. - # - this is restricted to recipe/resource/provider context where a resource collection exists. - # - core chef authors should typically include modules into here. - # - # Chef::DSL::Universal mixes into Recipes, LWRP Resources+Providers, Core Resources+Providers, and Attributes files. - # - this adds resources and attributes files. - # - do not add helpers which manipulate the resource collection. - # - this is for general-purpose stuff that is useful nearly everywhere. - # - it also pollutes the namespace of nearly every context, watch out. - # - module Universal - CopiedFromChef.extend_chef_module(::Chef::DSL::Universal, self) if defined?(::Chef::DSL::Universal) - include Chef::DSL::PlatformIntrospection - include Chef::Mixin::PowershellOut - include Chef::Mixin::ShellOut - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/lazy_module_include.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/lazy_module_include.rb deleted file mode 100644 index a6b5244..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/lazy_module_include.rb +++ /dev/null @@ -1,98 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/mixin/lazy_module_include' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Copyright:: Copyright 2011-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module Mixin - CopiedFromChef.extend_chef_module(::Chef::Mixin, self) if defined?(::Chef::Mixin) - # If you have: - # - # module A - # extend LazyModuleInclude - # end - # - # module B - # include A - # end - # - # module C - # include B - # end - # - # module Monkeypatches - # def monkey - # puts "monkey!" - # end - # end - # - # A.send(:include, Monkeypatches) - # - # Then B and C and any classes that they're included in will also get the #monkey method patched into them. - # - module LazyModuleInclude - CopiedFromChef.extend_chef_module(::Chef::Mixin::LazyModuleInclude, self) if defined?(::Chef::Mixin::LazyModuleInclude) - - # Most of the magick is in this hook which creates a closure over the parent class and then builds an - # "infector" module which infects all descendants and which is responsible for updating the list of - # descendants in the parent class. - def included(klass) - super - parent_klass = self - infector = Module.new do - define_method(:included) do |subklass| - super(subklass) - subklass.extend(infector) - parent_klass.descendants.push(subklass) - end - end - klass.extend(infector) - parent_klass.descendants.push(klass) - end - - def descendants - @descendants ||= [] - end - - def include(*classes) - super - classes.each do |klass| - descendants.each do |descendant| - descendant.send(:include, klass) - end - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/notifying_block.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/notifying_block.rb deleted file mode 100644 index 0b90e27..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/notifying_block.rb +++ /dev/null @@ -1,74 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/mixin/notifying_block' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -#-- -# Author:: Lamont Granquist -# Copyright:: Copyright 2010-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module Mixin - CopiedFromChef.extend_chef_module(::Chef::Mixin, self) if defined?(::Chef::Mixin) - module NotifyingBlock - CopiedFromChef.extend_chef_module(::Chef::Mixin::NotifyingBlock, self) if defined?(::Chef::Mixin::NotifyingBlock) - - def notifying_block(&block) - begin - subcontext = subcontext_block(&block) - Chef::Runner.new(subcontext).converge - ensure - # recipes don't have a new_resource - if respond_to?(:new_resource) - if subcontext && subcontext.resource_collection.any?(&:updated?) - new_resource.updated_by_last_action(true) - end - end - end - end - - def subcontext_block(parent_context = nil, &block) - parent_context ||= @run_context - sub_run_context = parent_context.create_child - - begin - outer_run_context = @run_context - @run_context = sub_run_context - instance_eval(&block) - ensure - @run_context = outer_run_context - end - - sub_run_context - end - - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/params_validate.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/params_validate.rb deleted file mode 100644 index 0a16147..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/params_validate.rb +++ /dev/null @@ -1,510 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/mixin/params_validate' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Adam Jacob () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require "chef_compat/copied_from_chef/chef/constants" -require "chef_compat/copied_from_chef/chef/property" -require "chef_compat/copied_from_chef/chef/delayed_evaluator" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module Mixin - CopiedFromChef.extend_chef_module(::Chef::Mixin, self) if defined?(::Chef::Mixin) - module ParamsValidate - CopiedFromChef.extend_chef_module(::Chef::Mixin::ParamsValidate, self) if defined?(::Chef::Mixin::ParamsValidate) - # Takes a hash of options, along with a map to validate them. Returns the original - # options hash, plus any changes that might have been made (through things like setting - # default values in the validation map) - # - # For example: - # - # validate({ :one => "neat" }, { :one => { :kind_of => String }}) - # - # Would raise an exception if the value of :one above is not a kind_of? string. Valid - # map options are: - # - # @param opts [Hash] Validation opts. - # @option opts [Object,Array] :is An object, or list of - # objects, that must match the value using Ruby's `===` operator - # (`opts[:is].any? { |v| v === value }`). (See #_pv_is.) - # @option opts [Object,Array] :equal_to An object, or list - # of objects, that must be equal to the value using Ruby's `==` - # operator (`opts[:is].any? { |v| v == value }`) (See #_pv_equal_to.) - # @option opts [Regexp,Array] :regex An object, or - # list of objects, that must match the value with `regex.match(value)`. - # (See #_pv_regex) - # @option opts [Class,Array] :kind_of A class, or - # list of classes, that the value must be an instance of. (See - # #_pv_kind_of.) - # @option opts [Hash] :callbacks A hash of - # messages -> procs, all of which match the value. The proc must - # return a truthy or falsey value (true means it matches). (See - # #_pv_callbacks.) - # @option opts [Symbol,Array] :respond_to A method - # name, or list of method names, the value must respond to. (See - # #_pv_respond_to.) - # @option opts [Symbol,Array] :cannot_be A property, - # or a list of properties, that the value cannot have (such as `:nil` or - # `:empty`). The method with a questionmark at the end is called on the - # value (e.g. `value.empty?`). If the value does not have this method, - # it is considered valid (i.e. if you don't respond to `empty?` we - # assume you are not empty). (See #_pv_cannot_be.) - # @option opts [Proc] :coerce A proc which will be called to - # transform the user input to canonical form. The value is passed in, - # and the transformed value returned as output. Lazy values will *not* - # be passed to this method until after they are evaluated. Called in the - # context of the resource (meaning you can access other properties). - # (See #_pv_coerce.) (See #_pv_coerce.) - # @option opts [Boolean] :required `true` if this property - # must be present and not `nil`; `false` otherwise. This is checked - # after the resource is fully initialized. (See #_pv_required.) - # @option opts [Boolean] :name_property `true` if this - # property defaults to the same value as `name`. Equivalent to - # `default: lazy { name }`, except that #property_is_set? will - # return `true` if the property is set *or* if `name` is set. (See - # #_pv_name_property.) - # @option opts [Boolean] :name_attribute Same as `name_property`. - # @option opts [Object] :default The value this property - # will return if the user does not set one. If this is `lazy`, it will - # be run in the context of the instance (and able to access other - # properties). (See #_pv_default.) - # - def validate(opts, map) - map = map.validation_options if map.is_a?(Property) - - #-- - # validate works by taking the keys in the validation map, assuming it's a hash, and - # looking for _pv_:symbol as methods. Assuming it find them, it calls the right - # one. - #++ - raise ArgumentError, "Options must be a hash" unless opts.kind_of?(Hash) - raise ArgumentError, "Validation Map must be a hash" unless map.kind_of?(Hash) - - map.each do |key, validation| - unless key.kind_of?(Symbol) || key.kind_of?(String) - raise ArgumentError, "Validation map keys must be symbols or strings!" - end - case validation - when true - _pv_required(opts, key) - when false - true - when Hash - validation.each do |check, carg| - check_method = "_pv_#{check}" - if self.respond_to?(check_method, true) - self.send(check_method, opts, key, carg) - else - raise ArgumentError, "Validation map has unknown check: #{check}" - end - end - end - end - opts - end - - def lazy(&block) - DelayedEvaluator.new(&block) - end - - def set_or_return(symbol, value, validation) - property = SetOrReturnProperty.new(name: symbol, **validation) - property.call(self, value) - end - - private - - def explicitly_allows_nil?(key, validation) - validation.has_key?(:is) && _pv_is({ key => nil }, key, validation[:is], raise_error: false) - end - - # Return the value of a parameter, or nil if it doesn't exist. - def _pv_opts_lookup(opts, key) - if opts.has_key?(key.to_s) - opts[key.to_s] - elsif opts.has_key?(key.to_sym) - opts[key.to_sym] - else - nil - end - end - - # Raise an exception if the parameter is not found. - def _pv_required(opts, key, is_required = true, explicitly_allows_nil = false) - if is_required - return true if opts.has_key?(key.to_s) && (explicitly_allows_nil || !opts[key.to_s].nil?) - return true if opts.has_key?(key.to_sym) && (explicitly_allows_nil || !opts[key.to_sym].nil?) - raise Exceptions::ValidationFailed, "Required argument #{key.inspect} is missing!" - end - true - end - - # - # List of things values must be equal to. - # - # Uses Ruby's `==` to evaluate (equal_to == value). At least one must - # match for the value to be valid. - # - # `nil` passes this validation automatically. - # - # @return [Array,nil] List of things values must be equal to, or nil if - # equal_to is unspecified. - # - def _pv_equal_to(opts, key, to_be) - value = _pv_opts_lookup(opts, key) - unless value.nil? - to_be = Array(to_be) - to_be.each do |tb| - return true if value == tb - end - raise Exceptions::ValidationFailed, "Option #{key} must be equal to one of: #{to_be.join(", ")}! You passed #{value.inspect}." - end - end - - # - # List of things values must be instances of. - # - # Uses value.kind_of?(kind_of) to evaluate. At least one must match for - # the value to be valid. - # - # `nil` automatically passes this validation. - # - def _pv_kind_of(opts, key, to_be) - value = _pv_opts_lookup(opts, key) - unless value.nil? - to_be = Array(to_be) - to_be.each do |tb| - return true if value.kind_of?(tb) - end - raise Exceptions::ValidationFailed, "Option #{key} must be a kind of #{to_be}! You passed #{value.inspect}." - end - end - - # - # List of method names values must respond to. - # - # Uses value.respond_to?(respond_to) to evaluate. At least one must match - # for the value to be valid. - # - def _pv_respond_to(opts, key, method_name_list) - value = _pv_opts_lookup(opts, key) - unless value.nil? - Array(method_name_list).each do |method_name| - unless value.respond_to?(method_name) - raise Exceptions::ValidationFailed, "Option #{key} must have a #{method_name} method!" - end - end - end - end - - # - # List of things that must not be true about the value. - # - # Calls `value.?` All responses must be false for the value to be - # valid. - # Values which do not respond to ? are considered valid (because if - # a value doesn't respond to `:readable?`, then it probably isn't - # readable.) - # - # @example - # ```ruby - # property :x, cannot_be: [ :nil, :empty ] - # x [ 1, 2 ] #=> valid - # x 1 #=> valid - # x [] #=> invalid - # x nil #=> invalid - # ``` - # - def _pv_cannot_be(opts, key, predicate_method_base_name) - value = _pv_opts_lookup(opts, key) - if !value.nil? - Array(predicate_method_base_name).each do |method_name| - predicate_method = :"#{method_name}?" - - if value.respond_to?(predicate_method) - if value.send(predicate_method) - raise Exceptions::ValidationFailed, "Option #{key} cannot be #{predicate_method_base_name}" - end - end - end - end - end - - # - # The default value for a property. - # - # When the property is not assigned, this will be used. - # - # If this is a lazy value, it will either be passed the resource as a value, - # or if the lazy proc does not take parameters, it will be run in the - # context of the instance with instance_eval. - # - # @example - # ```ruby - # property :x, default: 10 - # ``` - # - # @example - # ```ruby - # property :x - # property :y, default: lazy { x+2 } - # ``` - # - # @example - # ```ruby - # property :x - # property :y, default: lazy { |r| r.x+2 } - # ``` - # - def _pv_default(opts, key, default_value) - value = _pv_opts_lookup(opts, key) - if value.nil? - default_value = default_value.freeze if !default_value.is_a?(DelayedEvaluator) - opts[key] = default_value - end - end - - # - # List of regexes values that must match. - # - # Uses regex.match() to evaluate. At least one must match for the value to - # be valid. - # - # `nil` passes regex validation automatically. - # - # @example - # ```ruby - # property :x, regex: [ /abc/, /xyz/ ] - # ``` - # - def _pv_regex(opts, key, regex) - value = _pv_opts_lookup(opts, key) - if !value.nil? - Array(regex).flatten.each do |r| - return true if r.match(value.to_s) - end - raise Exceptions::ValidationFailed, "Option #{key}'s value #{value} does not match regular expression #{regex.inspect}" - end - end - - # - # List of procs we pass the value to. - # - # All procs must return true for the value to be valid. If any procs do - # not return true, the key will be used for the message: `"Property x's - # value :y "`. - # - # @example - # ```ruby - # property :x, callbacks: { "is bigger than 10" => proc { |v| v <= 10 }, "is not awesome" => proc { |v| !v.awesome }} - # ``` - # - def _pv_callbacks(opts, key, callbacks) - raise ArgumentError, "Callback list must be a hash!" unless callbacks.kind_of?(Hash) - value = _pv_opts_lookup(opts, key) - if !value.nil? - callbacks.each do |message, zeproc| - unless zeproc.call(value) - raise Exceptions::ValidationFailed, "Option #{key}'s value #{value} #{message}!" - end - end - end - end - - # - # Allows a parameter to default to the value of the resource name. - # - # @example - # ```ruby - # property :x, name_property: true - # ``` - # - def _pv_name_property(opts, key, is_name_property = true) - if is_name_property - if opts[key].nil? - raise CannotValidateStaticallyError, "name_property cannot be evaluated without a resource." if self == Chef::Mixin::ParamsValidate - opts[key] = self.instance_variable_get(:"@name") - end - end - end - alias :_pv_name_attribute :_pv_name_property - - # - # List of valid things values can be. - # - # Uses Ruby's `===` to evaluate (is === value). At least one must match - # for the value to be valid. - # - # If a proc is passed, it is instance_eval'd in the resource, passed the - # value, and must return a truthy or falsey value. - # - # @example Class - # ```ruby - # property :x, String - # x 'valid' #=> valid - # x 1 #=> invalid - # x nil #=> invalid - # - # @example Value - # ```ruby - # property :x, [ :a, :b, :c, nil ] - # x :a #=> valid - # x nil #=> valid - # ``` - # - # @example Regex - # ```ruby - # property :x, /bar/ - # x 'foobar' #=> valid - # x 'foo' #=> invalid - # x nil #=> invalid - # ``` - # - # @example Proc - # ```ruby - # property :x, proc { |x| x > y } - # property :y, default: 2 - # x 3 #=> valid - # x 1 #=> invalid - # ``` - # - # @example Property - # ```ruby - # type = Property.new(is: String) - # property :x, type - # x 'foo' #=> valid - # x 1 #=> invalid - # x nil #=> invalid - # ``` - # - # @example RSpec Matcher - # ```ruby - # include RSpec::Matchers - # property :x, a_string_matching /bar/ - # x 'foobar' #=> valid - # x 'foo' #=> invalid - # x nil #=> invalid - # ``` - # - def _pv_is(opts, key, to_be, raise_error: true) - return true if !opts.has_key?(key.to_s) && !opts.has_key?(key.to_sym) - value = _pv_opts_lookup(opts, key) - to_be = [ to_be ].flatten(1) - errors = [] - passed = to_be.any? do |tb| - case tb - when Proc - raise CannotValidateStaticallyError, "is: proc { } must be evaluated once for each resource" if self == Chef::Mixin::ParamsValidate - instance_exec(value, &tb) - when Property - begin - validate(opts, { key => tb.validation_options }) - true - rescue Exceptions::ValidationFailed - # re-raise immediately if there is only one "is" so we get a better stack - raise if to_be.size == 1 - errors << $! - false - end - else - tb === value - end - end - if passed - true - else - message = "Property #{key} must be one of: #{to_be.map { |v| v.inspect }.join(", ")}! You passed #{value.inspect}." - unless errors.empty? - message << " Errors:\n#{errors.map { |m| "- #{m}" }.join("\n")}" - end - raise Exceptions::ValidationFailed, message - end - end - - # - # Method to mess with a value before it is validated and stored. - # - # Allows you to transform values into a canonical form that is easy to - # work with. - # - # This is passed the value to transform, and is run in the context of the - # instance (so it has access to other resource properties). It must return - # the value that will be stored in the instance. - # - # @example - # ```ruby - # property :x, Integer, coerce: { |v| v.to_i } - # ``` - # - def _pv_coerce(opts, key, coercer) - if opts.has_key?(key.to_s) - raise CannotValidateStaticallyError, "coerce must be evaluated for each resource." if self == Chef::Mixin::ParamsValidate - opts[key.to_s] = instance_exec(opts[key], &coercer) - elsif opts.has_key?(key.to_sym) - raise CannotValidateStaticallyError, "coerce must be evaluated for each resource." if self == Chef::Mixin::ParamsValidate - opts[key.to_sym] = instance_exec(opts[key], &coercer) - end - end - - # We allow Chef::Mixin::ParamsValidate.validate(), but we will raise an - # error if you try to do anything requiring there to be an actual resource. - # This way, you can statically validate things if you have constant validation - # (which is the norm). - extend self - - # Used by #set_or_return to avoid emitting a deprecation warning for - # "value nil" and to keep default stickiness working exactly the same - # @api private - class SetOrReturnProperty < (defined?(::Chef::Mixin::ParamsValidate::SetOrReturnProperty) ? ::Chef::Mixin::ParamsValidate::SetOrReturnProperty : Chef::Property) - def get(resource, nil_set: false) - value = super - # All values are sticky, frozen or not - if !is_set?(resource) - set_value(resource, value) - end - value - end - - def call(resource, value = NOT_PASSED) - # setting to nil does a get - if value.nil? && !explicitly_accepts_nil?(resource) - get(resource, nil_set: true) - else - super - end - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/powershell_out.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/powershell_out.rb deleted file mode 100644 index b6b56f9..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/powershell_out.rb +++ /dev/null @@ -1,117 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/mixin/powershell_out' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -#-- -# Copyright:: Copyright 2015-2016, Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module Mixin - CopiedFromChef.extend_chef_module(::Chef::Mixin, self) if defined?(::Chef::Mixin) - module PowershellOut - CopiedFromChef.extend_chef_module(::Chef::Mixin::PowershellOut, self) if defined?(::Chef::Mixin::PowershellOut) - include Chef::Mixin::ShellOut - include Chef::Mixin::WindowsArchitectureHelper - - # Run a command under powershell with the same API as shell_out. The - # options hash is extended to take an "architecture" flag which - # can be set to :i386 or :x86_64 to force the windows architecture. - # - # @param script [String] script to run - # @param options [Hash] options hash - # @return [Mixlib::Shellout] mixlib-shellout object - def powershell_out(*command_args) - script = command_args.first - options = command_args.last.is_a?(Hash) ? command_args.last : nil - - run_command_with_os_architecture(script, options) - end - - # Run a command under powershell with the same API as shell_out! - # (raises exceptions on errors) - # - # @param script [String] script to run - # @param options [Hash] options hash - # @return [Mixlib::Shellout] mixlib-shellout object - def powershell_out!(*command_args) - cmd = powershell_out(*command_args) - cmd.error! - cmd - end - - private - - # Helper function to run shell_out and wrap it with the correct - # flags to possibly disable WOW64 redirection (which we often need - # because chef-client runs as a 32-bit app on 64-bit windows). - # - # @param script [String] script to run - # @param options [Hash] options hash - # @return [Mixlib::Shellout] mixlib-shellout object - def run_command_with_os_architecture(script, options) - options ||= {} - options = options.dup - arch = options.delete(:architecture) - - with_os_architecture(nil, architecture: arch) do - shell_out( - build_powershell_command(script), - options - ) - end - end - - # Helper to build a powershell command around the script to run. - # - # @param script [String] script to run - # @retrurn [String] powershell command to execute - def build_powershell_command(script) - flags = [ - # Hides the copyright banner at startup. - "-NoLogo", - # Does not present an interactive prompt to the user. - "-NonInteractive", - # Does not load the Windows PowerShell profile. - "-NoProfile", - # always set the ExecutionPolicy flag - # see http://technet.microsoft.com/en-us/library/ee176961.aspx - "-ExecutionPolicy Unrestricted", - # Powershell will hang if STDIN is redirected - # http://connect.microsoft.com/PowerShell/feedback/details/572313/powershell-exe-can-hang-if-stdin-is-redirected - "-InputFormat None", - ] - - "powershell.exe #{flags.join(' ')} -Command \"#{script.gsub('"', '\"')}\"" - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/properties.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/properties.rb deleted file mode 100644 index bdf9f7e..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/mixin/properties.rb +++ /dev/null @@ -1,328 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/mixin/properties' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -require "chef_compat/copied_from_chef/chef/delayed_evaluator" -require "chef_compat/copied_from_chef/chef/mixin/params_validate" -require "chef_compat/copied_from_chef/chef/property" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - module Mixin - CopiedFromChef.extend_chef_module(::Chef::Mixin, self) if defined?(::Chef::Mixin) - module Properties - CopiedFromChef.extend_chef_module(::Chef::Mixin::Properties, self) if defined?(::Chef::Mixin::Properties) - module ClassMethods - CopiedFromChef.extend_chef_module(::Chef::Mixin::Properties::ClassMethods, self) if defined?(::Chef::Mixin::Properties::ClassMethods) - # - # The list of properties defined on this resource. - # - # Everything defined with `property` is in this list. - # - # @param include_superclass [Boolean] `true` to include properties defined - # on superclasses; `false` or `nil` to return the list of properties - # directly on this class. - # - # @return [Hash] The list of property names and types. - # - def properties(include_superclass = true) - if include_superclass - result = {} - ancestors.reverse_each { |c| result.merge!(c.properties(false)) if c.respond_to?(:properties) } - result - else - @properties ||= {} - end - end - - # - # Create a property on this resource class. - # - # If a superclass has this property, or if this property has already been - # defined by this resource, this will *override* the previous value. - # - # @param name [Symbol] The name of the property. - # @param type [Object,Array] The type(s) of this property. - # If present, this is prepended to the `is` validation option. - # @param options [Hash] Validation options. - # @option options [Object,Array] :is An object, or list of - # objects, that must match the value using Ruby's `===` operator - # (`options[:is].any? { |v| v === value }`). - # @option options [Object,Array] :equal_to An object, or list - # of objects, that must be equal to the value using Ruby's `==` - # operator (`options[:is].any? { |v| v == value }`) - # @option options [Regexp,Array] :regex An object, or - # list of objects, that must match the value with `regex.match(value)`. - # @option options [Class,Array] :kind_of A class, or - # list of classes, that the value must be an instance of. - # @option options [Hash] :callbacks A hash of - # messages -> procs, all of which match the value. The proc must - # return a truthy or falsey value (true means it matches). - # @option options [Symbol,Array] :respond_to A method - # name, or list of method names, the value must respond to. - # @option options [Symbol,Array] :cannot_be A property, - # or a list of properties, that the value cannot have (such as `:nil` or - # `:empty`). The method with a questionmark at the end is called on the - # value (e.g. `value.empty?`). If the value does not have this method, - # it is considered valid (i.e. if you don't respond to `empty?` we - # assume you are not empty). - # @option options [Proc] :coerce A proc which will be called to - # transform the user input to canonical form. The value is passed in, - # and the transformed value returned as output. Lazy values will *not* - # be passed to this method until after they are evaluated. Called in the - # context of the resource (meaning you can access other properties). - # @option options [Boolean] :required `true` if this property - # must be present; `false` otherwise. This is checked after the resource - # is fully initialized. - # @option options [Boolean] :name_property `true` if this - # property defaults to the same value as `name`. Equivalent to - # `default: lazy { name }`, except that #property_is_set? will - # return `true` if the property is set *or* if `name` is set. - # @option options [Boolean] :name_attribute Same as `name_property`. - # @option options [Object] :default The value this property - # will return if the user does not set one. If this is `lazy`, it will - # be run in the context of the instance (and able to access other - # properties). - # @option options [Boolean] :desired_state `true` if this property is - # part of desired state. Defaults to `true`. - # @option options [Boolean] :identity `true` if this property - # is part of object identity. Defaults to `false`. - # @option options [Boolean] :sensitive `true` if this property could - # contain sensitive information and whose value should be redacted - # in any resource reporting / auditing output. Defaults to `false`. - # - # @example Bare property - # property :x - # - # @example With just a type - # property :x, String - # - # @example With just options - # property :x, default: 'hi' - # - # @example With type and options - # property :x, String, default: 'hi' - # - def property(name, type = NOT_PASSED, **options) - name = name.to_sym - - options = options.inject({}) { |memo, (key, value)| memo[key.to_sym] = value; memo } - - options[:instance_variable_name] = :"@#{name}" if !options.has_key?(:instance_variable_name) - options[:name] = name - options[:declared_in] = self - - if type == NOT_PASSED - # If a type is not passed, the property derives from the - # superclass property (if any) - if properties.has_key?(name) - property = properties[name].derive(**options) - else - property = property_type(**options) - end - - # If a Property is specified, derive a new one from that. - elsif type.is_a?(Property) || (type.is_a?(Class) && type <= Property) - property = type.derive(**options) - - # If a primitive type was passed, combine it with "is" - else - if options[:is] - options[:is] = ([ type ] + [ options[:is] ]).flatten(1) - else - options[:is] = type - end - property = property_type(**options) - end - - local_properties = properties(false) - local_properties[name] = property - - property.emit_dsl - end - - # - # Create a reusable property type that can be used in multiple properties - # in different resources. - # - # @param options [Hash] Validation options. see #property for - # the list of options. - # - # @example - # property_type(default: 'hi') - # - def property_type(**options) - Property.derive(**options) - end - - # - # Create a lazy value for assignment to a default value. - # - # @param block The block to run when the value is retrieved. - # - # @return [Chef::DelayedEvaluator] The lazy value - # - def lazy(&block) - DelayedEvaluator.new(&block) - end - - # - # Get or set the list of desired state properties for this resource. - # - # State properties are properties that describe the desired state - # of the system, such as file permissions or ownership. - # In general, state properties are properties that could be populated by - # examining the state of the system (e.g., File.stat can tell you the - # permissions on an existing file). Contrarily, properties that are not - # "state properties" usually modify the way Chef itself behaves, for example - # by providing additional options for a package manager to use when - # installing a package. - # - # This list is used by the Chef client auditing system to extract - # information from resources to describe changes made to the system. - # - # This method is unnecessary when declaring properties with `property`; - # properties are added to state_properties by default, and can be turned off - # with `desired_state: false`. - # - # ```ruby - # property :x # part of desired state - # property :y, desired_state: false # not part of desired state - # ``` - # - # @param names [Array] A list of property names to set as desired - # state. - # - # @return [Array] All properties in desired state. - # - def state_properties(*names) - if !names.empty? - names = names.map { |name| name.to_sym }.uniq - - local_properties = properties(false) - # Add new properties to the list. - names.each do |name| - property = properties[name] - if !property - self.property name, instance_variable_name: false, desired_state: true - elsif !property.desired_state? - self.property name, desired_state: true - end - end - - # If state_attrs *excludes* something which is currently desired state, - # mark it as desired_state: false. - local_properties.each do |name, property| - if property.desired_state? && !names.include?(name) - self.property name, desired_state: false - end - end - end - - properties.values.select { |property| property.desired_state? } - end - - # - # Set the identity of this resource to a particular set of properties. - # - # This drives #identity, which returns data that uniquely refers to a given - # resource on the given node (in such a way that it can be correlated - # across Chef runs). - # - # This method is unnecessary when declaring properties with `property`; - # properties can be added to identity during declaration with - # `identity: true`. - # - # ```ruby - # property :x, identity: true # part of identity - # property :y # not part of identity - # ``` - # - # If no properties are marked as identity, "name" is considered the identity. - # - # @param names [Array] A list of property names to set as the identity. - # - # @return [Array] All identity properties. - # - def identity_properties(*names) - if !names.empty? - names = names.map { |name| name.to_sym } - - # Add or change properties that are not part of the identity. - names.each do |name| - property = properties[name] - if !property - self.property name, instance_variable_name: false, identity: true - elsif !property.identity? - self.property name, identity: true - end - end - - # If identity_properties *excludes* something which is currently part of - # the identity, mark it as identity: false. - properties.each do |name, property| - if property.identity? && !names.include?(name) - - self.property name, identity: false - end - end - end - - result = properties.values.select { |property| property.identity? } - result = [ properties[:name] ] if result.empty? - result - end - - def included(other) - other.extend ClassMethods - end - end - - def self.included(other) - other.extend ClassMethods - end - - include Chef::Mixin::ParamsValidate - - # - # Whether this property has been set (or whether it has a default that has - # been retrieved). - # - # @param name [Symbol] The name of the property. - # @return [Boolean] `true` if the property has been set. - # - def property_is_set?(name) - property = self.class.properties[name.to_sym] - raise ArgumentError, "Property #{name} is not defined in class #{self}" if !property - property.is_set?(self) - end - - # - # Clear this property as if it had never been set. It will thereafter return - # the default. - # been retrieved). - # - # @param name [Symbol] The name of the property. - # - def reset_property(name) - property = self.class.properties[name.to_sym] - raise ArgumentError, "Property #{name} is not defined in class #{self}" if !property - property.reset(self) - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/property.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/property.rb deleted file mode 100644 index 3399596..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/property.rb +++ /dev/null @@ -1,713 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/property' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: John Keiser -# Copyright:: Copyright 2015-2016, John Keiser. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/delayed_evaluator" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - # - # Type and validation information for a property on a resource. - # - # A property named "x" manipulates the "@x" instance variable on a - # resource. The *presence* of the variable (`instance_variable_defined?(@x)`) - # tells whether the variable is defined; it may have any actual value, - # constrained only by validation. - # - # Properties may have validation, defaults, and coercion, and have full - # support for lazy values. - # - # @see Chef::Resource.property - # @see Chef::DelayedEvaluator - # - class Property < (defined?(::Chef::Property) ? ::Chef::Property : Object) - # - # Create a reusable property type that can be used in multiple properties - # in different resources. - # - # @param options [Hash] Validation options. See Chef::Resource.property for - # the list of options. - # - # @example - # Property.derive(default: 'hi') - # - def self.derive(**options) - new(**options) - end - - # - # Create a new property. - # - # @param options [Hash] Property options, including - # control options here, as well as validation options (see - # Chef::Mixin::ParamsValidate#validate for a description of validation - # options). - # @option options [Symbol] :name The name of this property. - # @option options [Class] :declared_in The class this property comes from. - # @option options [Symbol] :instance_variable_name The instance variable - # tied to this property. Must include a leading `@`. Defaults to `@`. - # `nil` means the property is opaque and not tied to a specific instance - # variable. - # @option options [Boolean] :desired_state `true` if this property is part of desired - # state. Defaults to `true`. - # @option options [Boolean] :identity `true` if this property is part of object - # identity. Defaults to `false`. - # @option options [Boolean] :name_property `true` if this - # property defaults to the same value as `name`. Equivalent to - # `default: lazy { name }`, except that #property_is_set? will - # return `true` if the property is set *or* if `name` is set. - # @option options [Boolean] :nillable `true` opt-in to Chef-13 style behavior where - # attempting to set a nil value will really set a nil value instead of issuing - # a warning and operating like a getter - # @option options [Object] :default The value this property - # will return if the user does not set one. If this is `lazy`, it will - # be run in the context of the instance (and able to access other - # properties) and cached. If not, the value will be frozen with Object#freeze - # to prevent users from modifying it in an instance. - # @option options [Proc] :coerce A proc which will be called to - # transform the user input to canonical form. The value is passed in, - # and the transformed value returned as output. Lazy values will *not* - # be passed to this method until after they are evaluated. Called in the - # context of the resource (meaning you can access other properties). - # @option options [Boolean] :required `true` if this property - # must be present; `false` otherwise. This is checked after the resource - # is fully initialized. - # - def initialize(**options) -super if defined?(::Chef::Property) - options = options.inject({}) { |memo, (key, value)| memo[key.to_sym] = value; memo } - @options = options - options[:name] = options[:name].to_sym if options[:name] - options[:instance_variable_name] = options[:instance_variable_name].to_sym if options[:instance_variable_name] - - # Replace name_attribute with name_property - if options.has_key?(:name_attribute) - # If we have both name_attribute and name_property and they differ, raise an error - if options.has_key?(:name_property) - raise ArgumentError, "Cannot specify both name_property and name_attribute together on property #{self}." - end - # replace name_property with name_attribute in place - options = Hash[options.map { |k, v| k == :name_attribute ? [ :name_property, v ] : [ k, v ] }] - @options = options - end - - # Only pick the first of :default, :name_property and :name_attribute if - # more than one is specified. - if options.has_key?(:default) && options[:name_property] - if options[:default].nil? || options.keys.index(:name_property) < options.keys.index(:default) - options.delete(:default) - preferred_default = :name_property - else - options.delete(:name_property) - preferred_default = :default - end - Chef.log_deprecation("Cannot specify both default and name_property together on property #{self}. Only one (#{preferred_default}) will be obeyed. In Chef 13, this will become an error. Please remove one or the other from the property.") - end - - # Validate the default early, so the user gets a good error message, and - # cache it so we don't do it again if so - begin - # If we can validate it all the way to output, do it. - @stored_default = input_to_stored_value(nil, default, is_default: true) - rescue Chef::Exceptions::CannotValidateStaticallyError - # If the validation is not static (i.e. has procs), we will have to - # coerce and validate the default each time we run - end - end - - def to_s - "#{name || ""}#{declared_in ? " of resource #{declared_in.resource_name}" : ""}" - end - - # - # The name of this property. - # - # @return [String] - # - def name - options[:name] - end - - # - # The class this property was defined in. - # - # @return [Class] - # - def declared_in - options[:declared_in] - end - - # - # The instance variable associated with this property. - # - # Defaults to `@` - # - # @return [Symbol] - # - def instance_variable_name - if options.has_key?(:instance_variable_name) - options[:instance_variable_name] - elsif name - :"@#{name}" - end - end - - # - # The raw default value for this resource. - # - # Does not coerce or validate the default. Does not evaluate lazy values. - # - # Defaults to `lazy { name }` if name_property is true; otherwise defaults to - # `nil` - # - def default - return options[:default] if options.has_key?(:default) - return Chef::DelayedEvaluator.new { name } if name_property? - nil - end - - # - # Whether this is part of the resource's natural identity or not. - # - # @return [Boolean] - # - def identity? - options[:identity] - end - - # - # Whether this is part of desired state or not. - # - # Defaults to true. - # - # @return [Boolean] - # - def desired_state? - return true if !options.has_key?(:desired_state) - options[:desired_state] - end - - # - # Whether this is name_property or not. - # - # @return [Boolean] - # - def name_property? - options[:name_property] - end - - # - # Whether this property has a default value. - # - # @return [Boolean] - # - def has_default? - options.has_key?(:default) || name_property? - end - - # - # Whether this property is required or not. - # - # @return [Boolean] - # - def required? - options[:required] - end - - # - # Whether this property is sensitive or not. - # - # Defaults to false. - # - # @return [Boolean] - # - def sensitive? - options.fetch(:sensitive, false) - end - - # - # Validation options. (See Chef::Mixin::ParamsValidate#validate.) - # - # @return [Hash] - # - def validation_options - @validation_options ||= options.reject do |k, v| - [:declared_in, :name, :instance_variable_name, :desired_state, :identity, :default, :name_property, :coerce, :required, :nillable, :sensitive].include?(k) - end - end - - # - # Handle the property being called. - # - # The base implementation does the property get-or-set: - # - # ```ruby - # resource.myprop # get - # resource.myprop value # set - # ``` - # - # Subclasses may implement this with any arguments they want, as long as - # the corresponding DSL calls it correctly. - # - # @param resource [Chef::Resource] The resource to get the property from. - # @param value The value to set (or NOT_PASSED if it is a get). - # - # @return The current value of the property. If it is a `set`, lazy values - # will be returned without running, validating or coercing. If it is a - # `get`, the non-lazy, coerced, validated value will always be returned. - # - def call(resource, value = NOT_PASSED) - if value == NOT_PASSED - return get(resource) - end - - if value.nil? && !nillable? - # In Chef 12, value(nil) does a *get* instead of a set, so we - # warn if the value would have been changed. In Chef 13, it will be - # equivalent to value = nil. - result = get(resource, nil_set: true) - - # Warn about this becoming a set in Chef 13. - begin - input_to_stored_value(resource, value) - # If nil is valid, and it would change the value, warn that this will change to a set. - if !result.nil? - Chef.log_deprecation("An attempt was made to change #{name} from #{result.inspect} to nil by calling #{name}(nil). In Chef 12, this does a get rather than a set. In Chef 13, this will change to set the value to nil.") - end - rescue Chef::Exceptions::DeprecatedFeatureError - raise - rescue - # If nil is invalid, warn that this will become an error. - Chef.log_deprecation("nil is an invalid value for #{self}. In Chef 13, this warning will change to an error. Error: #{$!}") - end - - result - else - # Anything else, such as myprop(value) is a set - set(resource, value) - end - end - - # - # Get the property value from the resource, handling lazy values, - # defaults, and validation. - # - # - If the property's value is lazy, it is evaluated, coerced and validated. - # - If the property has no value, and is required, raises ValidationFailed. - # - If the property has no value, but has a lazy default, it is evaluated, - # coerced and validated. If the evaluated value is frozen, the resulting - # - If the property has no value, but has a default, the default value - # will be returned and frozen. If the default value is lazy, it will be - # evaluated, coerced and validated, and the result stored in the property. - # - If the property has no value, but is name_property, `resource.name` - # is retrieved, coerced, validated and stored in the property. - # - Otherwise, `nil` is returned. - # - # @param resource [Chef::Resource] The resource to get the property from. - # - # @return The value of the property. - # - # @raise Chef::Exceptions::ValidationFailed If the value is invalid for - # this property, or if the value is required and not set. - # - def get(resource, nil_set: false) - # If it's set, return it (and evaluate any lazy values) - if is_set?(resource) - value = get_value(resource) - value = stored_value_to_output(resource, value) - - else - # We are getting the default value. - - # If the user does something like this: - # - # ``` - # class MyResource < Chef::Resource - # property :content - # action :create do - # file '/x.txt' do - # content content - # end - # end - # end - # ``` - # - # It won't do what they expect. This checks whether you try to *read* - # `content` while we are compiling the resource. - if !nil_set && - resource.respond_to?(:resource_initializing) && - resource.resource_initializing && - resource.respond_to?(:enclosing_provider) && - resource.enclosing_provider && - resource.enclosing_provider.new_resource && - resource.enclosing_provider.new_resource.respond_to?(name) - Chef::Log.warn("#{Chef::Log.caller_location}: property #{name} is declared in both #{resource} and #{resource.enclosing_provider}. Use new_resource.#{name} instead. At #{Chef::Log.caller_location}") - end - - if has_default? - # If we were able to cache the stored_default, grab it. - if defined?(@stored_default) - value = @stored_default - else - # Otherwise, we have to validate it now. - value = input_to_stored_value(resource, default, is_default: true) - end - value = stored_value_to_output(resource, value, is_default: true) - - # If the value is mutable (non-frozen), we set it on the instance - # so that people can mutate it. (All constant default values are - # frozen.) - if !value.frozen? && !value.nil? - set_value(resource, value) - end - - value - - elsif required? - raise Chef::Exceptions::ValidationFailed, "#{name} is required" - end - end - end - - # - # Set the value of this property in the given resource. - # - # Non-lazy values are coerced and validated before being set. Coercion - # and validation of lazy values is delayed until they are first retrieved. - # - # @param resource [Chef::Resource] The resource to set this property in. - # @param value The value to set. - # - # @return The value that was set, after coercion (if lazy, still returns - # the lazy value) - # - # @raise Chef::Exceptions::ValidationFailed If the value is invalid for - # this property. - # - def set(resource, value) - set_value(resource, input_to_stored_value(resource, value)) - end - - # - # Find out whether this property has been set. - # - # This will be true if: - # - The user explicitly set the value - # - The property has a default, and the value was retrieved. - # - # From this point of view, it is worth looking at this as "what does the - # user think this value should be." In order words, if the user grabbed - # the value, even if it was a default, they probably based calculations on - # it. If they based calculations on it and the value changes, the rest of - # the world gets inconsistent. - # - # @param resource [Chef::Resource] The resource to get the property from. - # - # @return [Boolean] - # - def is_set?(resource) - value_is_set?(resource) - end - - # - # Reset the value of this property so that is_set? will return false and the - # default will be returned in the future. - # - # @param resource [Chef::Resource] The resource to get the property from. - # - def reset(resource) - reset_value(resource) - end - - # - # Coerce an input value into canonical form for the property. - # - # After coercion, the value is suitable for storage in the resource. - # You must validate values after coercion, however. - # - # Does no special handling for lazy values. - # - # @param resource [Chef::Resource] The resource we're coercing against - # (to provide context for the coerce). - # @param value The value to coerce. - # - # @return The coerced value. - # - # @raise Chef::Exceptions::ValidationFailed If the value is invalid for - # this property. - # - def coerce(resource, value) - if options.has_key?(:coerce) - # If we have no default value, `nil` is never coerced or validated - unless !has_default? && value.nil? - value = exec_in_resource(resource, options[:coerce], value) - end - end - value - end - - # - # Validate a value. - # - # Calls Chef::Mixin::ParamsValidate#validate with #validation_options as - # options. - # - # @param resource [Chef::Resource] The resource we're validating against - # (to provide context for the validate). - # @param value The value to validate. - # - # @raise Chef::Exceptions::ValidationFailed If the value is invalid for - # this property. - # - def validate(resource, value) - # If we have no default value, `nil` is never coerced or validated - unless value.nil? && !has_default? - if resource - resource.validate({ name => value }, { name => validation_options }) - else - name = self.name || :property_type - Chef::Mixin::ParamsValidate.validate({ name => value }, { name => validation_options }) - end - end - end - - # - # Derive a new Property that is just like this one, except with some added or - # changed options. - # - # @param options [Hash] List of options that would be passed - # to #initialize. - # - # @return [Property] The new property type. - # - def derive(**modified_options) - # Since name_property, name_attribute and default override each other, - # if you specify one of them in modified_options it overrides anything in - # the original options. - options = self.options - if modified_options.has_key?(:name_property) || - modified_options.has_key?(:name_attribute) || - modified_options.has_key?(:default) - options = options.reject { |k, v| k == :name_attribute || k == :name_property || k == :default } - end - self.class.new(options.merge(modified_options)) - end - - # - # Emit the DSL for this property into the resource class (`declared_in`). - # - # Creates a getter and setter for the property. - # - def emit_dsl - # We don't create the getter/setter if it's a custom property; we will - # be using the existing getter/setter to manipulate it instead. - return if !instance_variable_name - - # We prefer this form because the property name won't show up in the - # stack trace if you use `define_method`. - declared_in.class_eval <<-EOM, __FILE__, __LINE__ + 1 - def #{name}(value=NOT_PASSED) - raise "Property `#{name}` of `\#{self}` was incorrectly passed a block. Possible property-resource collision. To call a resource named `#{name}` either rename the property or else use `declare_resource(:#{name}, ...)`" if block_given? - self.class.properties[#{name.inspect}].call(self, value) - end - def #{name}=(value) - raise "Property `#{name}` of `\#{self}` was incorrectly passed a block. Possible property-resource collision. To call a resource named `#{name}` either rename the property or else use `declare_resource(:#{name}, ...)`" if block_given? - self.class.properties[#{name.inspect}].set(self, value) - end - EOM - rescue SyntaxError - # If the name is not a valid ruby name, we use define_method. - declared_in.define_method(name) do |value = NOT_PASSED, &block| - raise "Property `#{name}` of `#{self}` was incorrectly passed a block! Possible property-resource collision. To call a resource named `#{name}` either rename the property or else use `declare_resource(:#{name}, ...)`" if block - self.class.properties[name].call(self, value) - end - declared_in.define_method("#{name}=") do |value, &block| - raise "Property `#{name}` of `#{self}` was incorrectly passed a block! Possible property-resource collision. To call a resource named `#{name}` either rename the property or else use `declare_resource(:#{name}, ...)`" if block - self.class.properties[name].set(self, value) - end - end - - # - # The options this Property will use for get/set behavior and validation. - # - # @see #initialize for a list of valid options. - # - attr_reader :options - - # - # Find out whether this type accepts nil explicitly. - # - # A type accepts nil explicitly if "is" allows nil, it validates as nil, *and* is not simply - # an empty type. - # - # A type is presumed to accept nil if it does coercion (which must handle nil). - # - # These examples accept nil explicitly: - # ```ruby - # property :a, [ String, nil ] - # property :a, [ String, NilClass ] - # property :a, [ String, proc { |v| v.nil? } ] - # ``` - # - # This does not (because the "is" doesn't exist or doesn't have nil): - # - # ```ruby - # property :x, String - # ``` - # - # These do not, even though nil would validate fine (because they do not - # have "is"): - # - # ```ruby - # property :a - # property :a, equal_to: [ 1, 2, 3, nil ] - # property :a, kind_of: [ String, NilClass ] - # property :a, respond_to: [ ] - # property :a, callbacks: { "a" => proc { |v| v.nil? } } - # ``` - # - # @param resource [Chef::Resource] The resource we're coercing against - # (to provide context for the coerce). - # - # @return [Boolean] Whether this value explicitly accepts nil. - # - # @api private - def explicitly_accepts_nil?(resource) - options.has_key?(:coerce) || - (options.has_key?(:is) && resource.send(:_pv_is, { name => nil }, name, options[:is], raise_error: false)) - end - - # @api private - def get_value(resource) - if instance_variable_name - resource.instance_variable_get(instance_variable_name) - else - resource.send(name) - end - end - - # @api private - def set_value(resource, value) - if instance_variable_name - resource.instance_variable_set(instance_variable_name, value) - else - resource.send(name, value) - end - end - - # @api private - def value_is_set?(resource) - if instance_variable_name - resource.instance_variable_defined?(instance_variable_name) - else - true - end - end - - # @api private - def reset_value(resource) - if instance_variable_name - if value_is_set?(resource) - resource.remove_instance_variable(instance_variable_name) - end - else - raise ArgumentError, "Property #{name} has no instance variable defined and cannot be reset" - end - end - - private - - def exec_in_resource(resource, proc, *args) - if resource - if proc.arity > args.size - value = proc.call(resource, *args) - else - value = resource.instance_exec(*args, &proc) - end - else - # If we don't have a resource yet, we can't exec in resource! - raise Chef::Exceptions::CannotValidateStaticallyError, "Cannot validate or coerce without a resource" - end - end - - def input_to_stored_value(resource, value, is_default: false) - unless value.is_a?(DelayedEvaluator) - value = coerce_and_validate(resource, value, is_default: is_default) - end - value - end - - def stored_value_to_output(resource, value, is_default: false) - # Crack open lazy values before giving the result to the user - if value.is_a?(DelayedEvaluator) - value = exec_in_resource(resource, value) - value = coerce_and_validate(resource, value, is_default: is_default) - end - value - end - - # Coerces and validates the value. If the value is a default, it will warn - # the user that invalid defaults are bad mmkay, and return it as if it were - # valid. - def coerce_and_validate(resource, value, is_default: false) - result = coerce(resource, value) - begin - # If the input is from a default, we need to emit an invalid default warning on validate. - validate(resource, result) - rescue Chef::Exceptions::CannotValidateStaticallyError - # This one gets re-raised - raise - rescue - # Anything else is just an invalid default: in those cases, we just - # warn and return the (possibly coerced) value to the user. - if is_default - if value.nil? - Chef.log_deprecation("Default value nil is invalid for property #{self}. Possible fixes: 1. Remove 'default: nil' if nil means 'undefined'. 2. Set a valid default value if there is a reasonable one. 3. Allow nil as a valid value of your property (for example, 'property #{name.inspect}, [ String, nil ], default: nil'). Error: #{$!}") - else - Chef.log_deprecation("Default value #{value.inspect} is invalid for property #{self}. In Chef 13 this will become an error: #{$!}.") - end - else - raise - end - end - - result - end - - def nillable? - !!options[:nillable] - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider.rb deleted file mode 100644 index 7ccf87b..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider.rb +++ /dev/null @@ -1,164 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -require "chef_compat/copied_from_chef/chef/dsl/core" -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - include Chef::DSL::Core - attr_accessor :action - def initialize(new_resource, run_context) -super if defined?(::Chef::Provider) - @new_resource = new_resource - @action = action - @current_resource = nil - @run_context = run_context - @converge_actions = nil - - @recipe_name = nil - @cookbook_name = nil - self.class.include_resource_dsl_module(new_resource) - end - def converge_if_changed(*properties, &converge_block) - if !converge_block - raise ArgumentError, "converge_if_changed must be passed a block!" - end - - properties = new_resource.class.state_properties.map { |p| p.name } if properties.empty? - properties = properties.map { |p| p.to_sym } - if current_resource - # Collect the list of modified properties - specified_properties = properties.select { |property| new_resource.property_is_set?(property) } - modified = specified_properties.select { |p| new_resource.send(p) != current_resource.send(p) } - if modified.empty? - properties_str = if sensitive - specified_properties.join(", ") - else - specified_properties.map { |p| "#{p}=#{new_resource.send(p).inspect}" }.join(", ") - end - Chef::Log.debug("Skipping update of #{new_resource}: has not changed any of the specified properties #{properties_str}.") - return false - end - - # Print the pretty green text and run the block - property_size = modified.map { |p| p.size }.max - modified.map! do |p| - properties_str = if sensitive - "(suppressed sensitive property)" - else - "#{new_resource.send(p).inspect} (was #{current_resource.send(p).inspect})" - end - " set #{p.to_s.ljust(property_size)} to #{properties_str}" - end - converge_by([ "update #{current_resource.identity}" ] + modified, &converge_block) - - else - # The resource doesn't exist. Mark that we are *creating* this, and - # write down any properties we are setting. - property_size = properties.map { |p| p.size }.max - created = properties.map do |property| - default = " (default value)" unless new_resource.property_is_set?(property) - properties_str = if sensitive - "(suppressed sensitive property)" - else - new_resource.send(property).inspect - end - " set #{property.to_s.ljust(property_size)} to #{properties_str}#{default}" - end - - converge_by([ "create #{new_resource.identity}" ] + created, &converge_block) - end - true - end - def self.include_resource_dsl(include_resource_dsl) - @include_resource_dsl = include_resource_dsl - end - def self.include_resource_dsl_module(resource) - if @include_resource_dsl && !defined?(@included_resource_dsl_module) - provider_class = self - @included_resource_dsl_module = Module.new do - extend Forwardable - define_singleton_method(:to_s) { "forwarder module for #{provider_class}" } - define_singleton_method(:inspect) { to_s } - # Add a delegator for each explicit property that will get the *current* value - # of the property by default instead of the *actual* value. - resource.class.properties.each do |name, property| - class_eval(<<-EOM, __FILE__, __LINE__) - def #{name}(*args, &block) - # If no arguments were passed, we process "get" by defaulting - # the value to current_resource, not new_resource. This helps - # avoid issues where resources accidentally overwrite perfectly - # valid stuff with default values. - if args.empty? && !block - if !new_resource.property_is_set?(__method__) && current_resource - return current_resource.public_send(__method__) - end - end - new_resource.public_send(__method__, *args, &block) - end - EOM - end - dsl_methods = - resource.class.public_instance_methods + - resource.class.protected_instance_methods - - provider_class.instance_methods - - resource.class.properties.keys - def_delegators(:new_resource, *dsl_methods) - end - include @included_resource_dsl_module - end - end - def self.use_inline_resources - extend InlineResources::ClassMethods - include InlineResources - end - module InlineResources - CopiedFromChef.extend_chef_module(::Chef::Provider::InlineResources, self) if defined?(::Chef::Provider::InlineResources) - def compile_and_converge_action(&block) - old_run_context = run_context - @run_context = run_context.create_child - return_value = instance_eval(&block) - Chef::Runner.new(run_context).converge - return_value - ensure - if run_context.resource_collection.any? { |r| r.updated? } - new_resource.updated_by_last_action(true) - end - @run_context = old_run_context - end - module ClassMethods - CopiedFromChef.extend_chef_module(::Chef::Provider::InlineResources::ClassMethods, self) if defined?(::Chef::Provider::InlineResources::ClassMethods) - def action(name, &block) - # We need the block directly in a method so that `super` works - define_method("compile_action_#{name}", &block) - # We try hard to use `def` because define_method doesn't show the method name in the stack. - begin - class_eval <<-EOM - def action_#{name} - compile_and_converge_action { compile_action_#{name} } - end - EOM - rescue SyntaxError - define_method("action_#{name}") { send("compile_action_#{name}") } - end - end - end - end - protected - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_repository.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_repository.rb deleted file mode 100644 index ccc07c4..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_repository.rb +++ /dev/null @@ -1,269 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider/apt_repository' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" -require "chef_compat/copied_from_chef/chef/dsl/declare_resource" -require "chef_compat/copied_from_chef/chef/provider/noop" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - class AptRepository < (defined?(::Chef::Provider::AptRepository) ? ::Chef::Provider::AptRepository : Chef::Provider) - use_inline_resources - - include Chef::Mixin::ShellOut - extend Chef::Mixin::Which - - provides :apt_repository do - which("apt-get") - end - - def whyrun_supported? - true - end - - def load_current_resource - end - - action :add do - unless new_resource.key.nil? - if is_key_id?(new_resource.key) && !has_cookbook_file?(new_resource.key) - install_key_from_keyserver - else - install_key_from_uri - end - end - - declare_resource(:execute, "apt-cache gencaches") do - ignore_failure true - action :nothing - end - - declare_resource(:apt_update, new_resource.name) do - ignore_failure true - action :nothing - end - - components = if is_ppa_url?(new_resource.uri) && new_resource.components.empty? - "main" - else - new_resource.components - end - - repo = build_repo( - new_resource.uri, - new_resource.distribution, - components, - new_resource.trusted, - new_resource.arch, - new_resource.deb_src - ) - - declare_resource(:file, "/etc/apt/sources.list.d/#{new_resource.name}.list") do - owner "root" - group "root" - mode "0644" - content repo - sensitive new_resource.sensitive - action :create - notifies :run, "execute[apt-cache gencaches]", :immediately - notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild - end - end - - action :remove do - if ::File.exist?("/etc/apt/sources.list.d/#{new_resource.name}.list") - converge_by "Removing #{new_resource.name} repository from /etc/apt/sources.list.d/" do - declare_resource(:file, "/etc/apt/sources.list.d/#{new_resource.name}.list") do - sensitive new_resource.sensitive - action :delete - notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild - end - - declare_resource(:apt_update, new_resource.name) do - ignore_failure true - action :nothing - end - - end - end - end - - def is_key_id?(id) - id = id[2..-1] if id.start_with?("0x") - id =~ /^\h+$/ && [8, 16, 40].include?(id.length) - end - - def extract_fingerprints_from_cmd(cmd) - so = shell_out(cmd) - so.run_command - so.stdout.split(/\n/).map do |t| - if z = t.match(/^ +Key fingerprint = ([0-9A-F ]+)/) - z[1].split.join - end - end.compact - end - - def key_is_valid?(cmd, key) - valid = true - - so = shell_out(cmd) - so.run_command - so.stdout.split(/\n/).map do |t| - if t =~ %r{^\/#{key}.*\[expired: .*\]$} - Chef::Log.debug "Found expired key: #{t}" - valid = false - break - end - end - - Chef::Log.debug "key #{key} #{valid ? "is valid" : "is not valid"}" - valid - end - - def cookbook_name - new_resource.cookbook || new_resource.cookbook_name - end - - def has_cookbook_file?(fn) - run_context.has_cookbook_file_in_cookbook?(cookbook_name, fn) - end - - def no_new_keys?(file) - installed_keys = extract_fingerprints_from_cmd("apt-key finger") - proposed_keys = extract_fingerprints_from_cmd("gpg --with-fingerprint #{file}") - (installed_keys & proposed_keys).sort == proposed_keys.sort - end - - def install_key_from_uri - key_name = new_resource.key.gsub(/[^0-9A-Za-z\-]/, "_") - cached_keyfile = ::File.join(Chef::Config[:file_cache_path], key_name) - type = if new_resource.key.start_with?("http") - :remote_file - elsif has_cookbook_file?(new_resource.key) - :cookbook_file - else - raise Chef::Exceptions::FileNotFound, "Cannot locate key file" - end - - declare_resource(type, cached_keyfile) do - source new_resource.key - mode "0644" - sensitive new_resource.sensitive - action :create - end - - raise "The key #{cached_keyfile} is invalid and cannot be used to verify an apt repository." unless key_is_valid?("gpg #{cached_keyfile}", "") - - declare_resource(:execute, "apt-key add #{cached_keyfile}") do - sensitive new_resource.sensitive - action :run - not_if do - no_new_keys?(cached_keyfile) - end - notifies :run, "execute[apt-cache gencaches]", :immediately - end - end - - def install_key_from_keyserver(key = new_resource.key, keyserver = new_resource.keyserver) - cmd = "apt-key adv --recv" - cmd << " --keyserver-options http-proxy=#{new_resource.key_proxy}" if new_resource.key_proxy - cmd << " --keyserver " - cmd << if keyserver.start_with?("hkp://") - keyserver - else - "hkp://#{keyserver}:80" - end - - cmd << " #{key}" - - declare_resource(:execute, "install-key #{key}") do - command cmd - sensitive new_resource.sensitive - not_if do - present = extract_fingerprints_from_cmd("apt-key finger").any? do |fp| - fp.end_with? key.upcase - end - present && key_is_valid?("apt-key list", key.upcase) - end - notifies :run, "execute[apt-cache gencaches]", :immediately - end - - raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?("apt-key list", key.upcase) - end - - def install_ppa_key(owner, repo) - url = "https://launchpad.net/api/1.0/~#{owner}/+archive/#{repo}" - key_id = Chef::HTTP::Simple.new(url).get("signing_key_fingerprint").delete('"') - install_key_from_keyserver(key_id, "keyserver.ubuntu.com") - rescue Net::HTTPServerException => e - raise "Could not access Launchpad ppa API: #{e.message}" - end - - def is_ppa_url?(url) - url.start_with?("ppa:") - end - - def make_ppa_url(ppa) - return unless is_ppa_url?(ppa) - owner, repo = ppa[4..-1].split("/") - repo ||= "ppa" - - install_ppa_key(owner, repo) - "http://ppa.launchpad.net/#{owner}/#{repo}/ubuntu" - end - - def build_repo(uri, distribution, components, trusted, arch, add_src = false) - uri = make_ppa_url(uri) if is_ppa_url?(uri) - - uri = '"' + uri + '"' unless uri.start_with?("'", '"') - components = Array(components).join(" ") - options = [] - options << "arch=#{arch}" if arch - options << "trusted=yes" if trusted - optstr = unless options.empty? - "[" + options.join(" ") + "]" - end - info = [ optstr, uri, distribution, components ].compact.join(" ") - repo = "deb #{info}\n" - repo << "deb-src #{info}\n" if add_src - repo - end - end - end -end - -Chef::Provider::Noop.provides :apt_repository -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_update.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_update.rb deleted file mode 100644 index 677cb57..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/apt_update.rb +++ /dev/null @@ -1,105 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider/apt_update' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/provider" -require "chef_compat/copied_from_chef/chef/provider/noop" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - class AptUpdate < (defined?(::Chef::Provider::AptUpdate) ? ::Chef::Provider::AptUpdate : Chef::Provider) - use_inline_resources - - extend Chef::Mixin::Which - - provides :apt_update do - which("apt-get") - end - - APT_CONF_DIR = "/etc/apt/apt.conf.d" - STAMP_DIR = "/var/lib/apt/periodic" - - def whyrun_supported? - true - end - - def load_current_resource - end - - action :periodic do - if !apt_up_to_date? - converge_by "update new lists of packages" do - do_update - end - end - end - - action :update do - converge_by "force update new lists of packages" do - do_update - end - end - - private - - # Determines whether we need to run `apt-get update` - # - # @return [Boolean] - def apt_up_to_date? - ::File.exist?("#{STAMP_DIR}/update-success-stamp") && - ::File.mtime("#{STAMP_DIR}/update-success-stamp") > Time.now - new_resource.frequency - end - - def do_update - [STAMP_DIR, APT_CONF_DIR].each do |d| - declare_resource(:directory, d) do - recursive true - end - end - - declare_resource(:file, "#{APT_CONF_DIR}/15update-stamp") do - content "APT::Update::Post-Invoke-Success {\"touch #{STAMP_DIR}/update-success-stamp 2>/dev/null || true\";};\n" - action :create_if_missing - end - - declare_resource(:execute, "apt-get -q update") - end - - end - end -end - -Chef::Provider::Noop.provides :apt_update -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/noop.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/noop.rb deleted file mode 100644 index 87c34e6..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/noop.rb +++ /dev/null @@ -1,56 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider/noop' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - class Noop < (defined?(::Chef::Provider::Noop) ? ::Chef::Provider::Noop : Chef::Provider) - def load_current_resource; end - - def respond_to_missing?(method_sym, include_private = false) - method_sym.to_s.start_with?("action_") || super - end - - def method_missing(method_sym, *arguments, &block) - if method_sym.to_s =~ /^action_/ - Chef::Log.debug("NoOp-ing for #{method_sym}") - else - super - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/support/yum_repo.erb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/support/yum_repo.erb deleted file mode 100644 index 6f13255..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/support/yum_repo.erb +++ /dev/null @@ -1,132 +0,0 @@ -# This file was generated by Chef -# Do NOT modify this file by hand. - -[<%= @config.repositoryid %>] -name=<%= @config.description %> -<% if @config.baseurl %> -baseurl=<%= case @config.baseurl - when Array - @config.baseurl.join("\n") - else - @config.baseurl - end %> -<% end -%> -<% if @config.cost %> -cost=<%= @config.cost %> -<% end %> -<% if @config.enabled %> -enabled=1 -<% else %> -enabled=0 -<% end %> -<% if @config.enablegroups %> -enablegroups=1 -<% end %> -<% if @config.exclude %> -exclude=<%= @config.exclude %> -<% end %> -<% if @config.failovermethod %> -failovermethod=<%= @config.failovermethod %> -<% end %> -<% if @config.fastestmirror_enabled %> -fastestmirror_enabled=1 -<% else %> -fastestmirror_enabled=0 -<% end %> -<% if @config.gpgcheck %> -gpgcheck=1 -<% else %> -gpgcheck=0 -<% end %> -<% if @config.gpgkey %> -gpgkey=<%= case @config.gpgkey - when Array - @config.gpgkey.join("\n ") - else - @config.gpgkey - end %> -<% end -%> -<% if @config.http_caching %> -http_caching=<%= @config.http_caching %> -<% end %> -<% if @config.include_config %> -include=<%= @config.include_config %> -<% end %> -<% if @config.includepkgs %> -includepkgs=<%= @config.includepkgs %> -<% end %> -<% if @config.keepalive %> -keepalive=1 -<% end %> -<% if @config.metadata_expire %> -metadata_expire=<%= @config.metadata_expire %> -<% end %> -<% if @config.mirrorlist %> -mirrorlist=<%= @config.mirrorlist %> -<% end %> -<% if @config.mirror_expire %> -mirror_expire=<%= @config.mirror_expire %> -<% end %> -<% if @config.mirrorlist_expire %> -mirrorlist_expire=<%= @config.mirrorlist_expire %> -<% end %> -<% if @config.priority %> -priority=<%= @config.priority %> -<% end %> -<% if @config.proxy %> -proxy=<%= @config.proxy %> -<% end %> -<% if @config.proxy_username %> -proxy_username=<%= @config.proxy_username %> -<% end %> -<% if @config.proxy_password %> -proxy_password=<%= @config.proxy_password %> -<% end %> -<% if @config.username %> -username=<%= @config.username %> -<% end %> -<% if @config.password %> -password=<%= @config.password %> -<% end %> -<% if @config.repo_gpgcheck %> -repo_gpgcheck=1 -<% end %> -<% if @config.max_retries %> -retries=<%= @config.max_retries %> -<% end %> -<% if @config.report_instanceid %> -report_instanceid=<%= @config.report_instanceid %> -<% end %> -<% if @config.skip_if_unavailable %> -skip_if_unavailable=1 -<% end %> -<% if @config.sslcacert %> -sslcacert=<%= @config.sslcacert %> -<% end %> -<% if @config.sslclientcert %> -sslclientcert=<%= @config.sslclientcert %> -<% end %> -<% if @config.sslclientkey %> -sslclientkey=<%= @config.sslclientkey %> -<% end %> -<% unless @config.sslverify.nil? %> -sslverify=<%= ( @config.sslverify ) ? 'true' : 'false' %> -<% end %> -<% if @config.timeout %> -timeout=<%= @config.timeout %> -<% end %> -<% if @config.options -%> -<% @config.options.each do |key, value| -%> -<%= key %>=<%= - case value - when Array - value.join("\n ") - when TrueClass - '1' - when FalseClass - '0' - else - value - end %> -<% end -%> -<% end -%> diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/systemd_unit.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/systemd_unit.rb deleted file mode 100644 index 1024cb8..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/systemd_unit.rb +++ /dev/null @@ -1,253 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider/systemd_unit' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Nathan Williams () -# Copyright:: Copyright 2016, Nathan Williams -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/provider" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - class SystemdUnit < (defined?(::Chef::Provider::SystemdUnit) ? ::Chef::Provider::SystemdUnit : Chef::Provider) - include Chef::Mixin::Which - include Chef::Mixin::ShellOut - - provides :systemd_unit, os: "linux" - - def load_current_resource - @current_resource = Chef::Resource::SystemdUnit.new(new_resource.name) - - current_resource.content(::File.read(unit_path)) if ::File.exist?(unit_path) - current_resource.user(new_resource.user) - current_resource.enabled(enabled?) - current_resource.active(active?) - current_resource.masked(masked?) - current_resource.static(static?) - current_resource.triggers_reload(new_resource.triggers_reload) - - current_resource - end - - def define_resource_requirements - super - - requirements.assert(:create) do |a| - a.assertion { IniParse.parse(new_resource.to_ini) } - a.failure_message "Unit content is not valid INI text" - end - end - - def action_create - if current_resource.content != new_resource.to_ini - converge_by("creating unit: #{new_resource.name}") do - manage_unit_file(:create) - daemon_reload if new_resource.triggers_reload - end - end - end - - def action_delete - if ::File.exist?(unit_path) - converge_by("deleting unit: #{new_resource.name}") do - manage_unit_file(:delete) - daemon_reload if new_resource.triggers_reload - end - end - end - - def action_enable - if current_resource.static - Chef::Log.debug("#{new_resource.name} is a static unit, enabling is a NOP.") - end - - unless current_resource.enabled || current_resource.static - converge_by("enabling unit: #{new_resource.name}") do - systemctl_execute!(:enable, new_resource.name) - end - end - end - - def action_disable - if current_resource.static - Chef::Log.debug("#{new_resource.name} is a static unit, disabling is a NOP.") - end - - if current_resource.enabled && !current_resource.static - converge_by("disabling unit: #{new_resource.name}") do - systemctl_execute!(:disable, new_resource.name) - end - end - end - - def action_mask - unless current_resource.masked - converge_by("masking unit: #{new_resource.name}") do - systemctl_execute!(:mask, new_resource.name) - end - end - end - - def action_unmask - if current_resource.masked - converge_by("unmasking unit: #{new_resource.name}") do - systemctl_execute!(:unmask, new_resource.name) - end - end - end - - def action_start - unless current_resource.active - converge_by("starting unit: #{new_resource.name}") do - systemctl_execute!(:start, new_resource.name) - end - end - end - - def action_stop - if current_resource.active - converge_by("stopping unit: #{new_resource.name}") do - systemctl_execute!(:stop, new_resource.name) - end - end - end - - def action_restart - converge_by("restarting unit: #{new_resource.name}") do - systemctl_execute!(:restart, new_resource.name) - end - end - - def action_reload - if current_resource.active - converge_by("reloading unit: #{new_resource.name}") do - systemctl_execute!(:reload, new_resource.name) - end - else - Chef::Log.debug("#{new_resource.name} is not active, skipping reload.") - end - end - - def action_try_restart - converge_by("try-restarting unit: #{new_resource.name}") do - systemctl_execute!("try-restart", new_resource.name) - end - end - - def action_reload_or_restart - converge_by("reload-or-restarting unit: #{new_resource.name}") do - systemctl_execute!("reload-or-restart", new_resource.name) - end - end - - def action_reload_or_try_restart - converge_by("reload-or-try-restarting unit: #{new_resource.name}") do - systemctl_execute!("reload-or-try-restart", new_resource.name) - end - end - - def active? - systemctl_execute("is-active", new_resource.name).exitstatus == 0 - end - - def enabled? - systemctl_execute("is-enabled", new_resource.name).exitstatus == 0 - end - - def masked? - systemctl_execute(:status, new_resource.name).stdout.include?("masked") - end - - def static? - systemctl_execute("is-enabled", new_resource.name).stdout.include?("static") - end - - private - - def unit_path - if new_resource.user - "/etc/systemd/user/#{new_resource.name}" - else - "/etc/systemd/system/#{new_resource.name}" - end - end - - def manage_unit_file(action = :nothing) - Chef::Resource::File.new(unit_path, run_context).tap do |f| - f.owner "root" - f.group "root" - f.mode "0644" - f.content new_resource.to_ini - end.run_action(action) - end - - def daemon_reload - shell_out_with_systems_locale!("#{systemctl_path} daemon-reload") - end - - def systemctl_execute!(action, unit) - shell_out_with_systems_locale!("#{systemctl_cmd} #{action} #{unit}", systemctl_opts) - end - - def systemctl_execute(action, unit) - shell_out("#{systemctl_cmd} #{action} #{unit}", systemctl_opts) - end - - def systemctl_cmd - @systemctl_cmd ||= "#{systemctl_path} #{systemctl_args}" - end - - def systemctl_path - @systemctl_path ||= which("systemctl") - end - - def systemctl_args - @systemctl_args ||= new_resource.user ? "--user" : "--system" - end - - def systemctl_opts - @systemctl_opts ||= - if new_resource.user - { - :user => new_resource.user, - :environment => { - "DBUS_SESSION_BUS_ADDRESS" => "unix:path=/run/user/#{node['etc']['passwd'][new_resource.user]['uid']}/bus", - }, - } - else - {} - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/yum_repository.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/yum_repository.rb deleted file mode 100644 index 51453d2..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/provider/yum_repository.rb +++ /dev/null @@ -1,136 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/provider/yum_repository' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" -require "chef_compat/copied_from_chef/chef/dsl/declare_resource" -require "chef_compat/copied_from_chef/chef/provider/noop" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Provider < (defined?(::Chef::Provider) ? ::Chef::Provider : Object) - class YumRepository < (defined?(::Chef::Provider::YumRepository) ? ::Chef::Provider::YumRepository : Chef::Provider) - use_inline_resources - - extend Chef::Mixin::Which - - provides :yum_repository do - which "yum" - end - - def whyrun_supported?; true; end - - def load_current_resource; end - - action :create do - declare_resource(:template, "/etc/yum.repos.d/#{new_resource.repositoryid}.repo") do - if template_available?(new_resource.source) - source new_resource.source - else - source ::File.expand_path("../support/yum_repo.erb", __FILE__) - local true - end - sensitive new_resource.sensitive - variables(config: new_resource) - mode new_resource.mode - if new_resource.make_cache - notifies :run, "execute[yum clean metadata #{new_resource.repositoryid}]", :immediately if new_resource.clean_metadata || new_resource.clean_headers - notifies :run, "execute[yum-makecache-#{new_resource.repositoryid}]", :immediately - notifies :create, "ruby_block[yum-cache-reload-#{new_resource.repositoryid}]", :immediately - end - end - - declare_resource(:execute, "yum clean metadata #{new_resource.repositoryid}") do - command "yum clean metadata --disablerepo=* --enablerepo=#{new_resource.repositoryid}" - action :nothing - end - - # get the metadata for this repo only - declare_resource(:execute, "yum-makecache-#{new_resource.repositoryid}") do - command "yum -q -y makecache --disablerepo=* --enablerepo=#{new_resource.repositoryid}" - action :nothing - only_if { new_resource.enabled } - end - - # reload internal Chef yum cache - declare_resource(:ruby_block, "yum-cache-reload-#{new_resource.repositoryid}") do - block { Chef::Provider::Package::Yum::YumCache.instance.reload } - action :nothing - end - end - - action :delete do - # clean the repo cache first - declare_resource(:execute, "yum clean all #{new_resource.repositoryid}") do - command "yum clean all --disablerepo=* --enablerepo=#{new_resource.repositoryid}" - only_if "yum repolist all | grep -P '^#{new_resource.repositoryid}([ \t]|$)'" - end - - declare_resource(:file, "/etc/yum.repos.d/#{new_resource.repositoryid}.repo") do - action :delete - notifies :create, "ruby_block[yum-cache-reload-#{new_resource.repositoryid}]", :immediately - end - - declare_resource(:ruby_block, "yum-cache-reload-#{new_resource.repositoryid}") do - block { Chef::Provider::Package::Yum::YumCache.instance.reload } - action :nothing - end - end - - action :makecache do - declare_resource(:execute, "yum-makecache-#{new_resource.repositoryid}") do - command "yum -q -y makecache --disablerepo=* --enablerepo=#{new_resource.repositoryid}" - action :run - only_if { new_resource.enabled } - end - - declare_resource(:ruby_block, "yum-cache-reload-#{new_resource.repositoryid}") do - block { Chef::Provider::Package::Yum::YumCache.instance.reload } - action :run - end - end - - alias_method :action_add, :action_create - alias_method :action_remove, :action_delete - - def template_available?(path) - !path.nil? && run_context.has_template_in_cookbook?(new_resource.cookbook_name, path) - end - - end - end -end - -Chef::Provider::Noop.provides :yum_repository -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource.rb deleted file mode 100644 index e5c9a14..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource.rb +++ /dev/null @@ -1,214 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -require "chef_compat/copied_from_chef/chef/resource/action_class" -require "chef_compat/copied_from_chef/chef/provider" -require "chef_compat/copied_from_chef/chef/mixin/properties" -require "chef_compat/copied_from_chef/chef/dsl/universal" -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Resource < (defined?(::Chef::Resource) ? ::Chef::Resource : Object) - include Chef::Mixin::Properties - property :name, String, coerce: proc { |v| v.is_a?(Array) ? v.join(", ") : v.to_s }, desired_state: false - def initialize(name, run_context = nil) -super if defined?(::Chef::Resource) - name(name) unless name.nil? - @run_context = run_context - @noop = nil - @before = nil - @params = Hash.new - @provider = nil - @allowed_actions = self.class.allowed_actions.to_a - @action = self.class.default_action - @updated = false - @updated_by_last_action = false - @supports = {} - @ignore_failure = false - @retries = 0 - @retry_delay = 2 - @not_if = [] - @only_if = [] - @source_line = nil - # We would like to raise an error when the user gives us a guard - # interpreter and a ruby_block to the guard. In order to achieve this - # we need to understand when the user overrides the default guard - # interpreter. Therefore we store the default separately in a different - # attribute. - @guard_interpreter = nil - @default_guard_interpreter = :default - @elapsed_time = 0 - @sensitive = false - end - def action(arg = nil) - if arg - arg = Array(arg).map(&:to_sym) - arg.each do |action| - validate( - { action: action }, - { action: { kind_of: Symbol, equal_to: allowed_actions } } - ) - end - @action = arg - else - @action - end - end - alias_method :action=, :action - class UnresolvedSubscribes < (defined?(::Chef::Resource::UnresolvedSubscribes) ? ::Chef::Resource::UnresolvedSubscribes : self) - alias_method :to_s, :name - alias_method :declared_key, :name - end - def state_for_resource_reporter - state = {} - state_properties = self.class.state_properties - state_properties.each do |property| - if property.identity? || property.is_set?(self) - state[property.name] = property.sensitive? ? "*sensitive value suppressed*" : send(property.name) - end - end - state - end - alias_method :state, :state_for_resource_reporter - def identity - result = {} - identity_properties = self.class.identity_properties - identity_properties.each do |property| - result[property.name] = send(property.name) - end - return result.values.first if identity_properties.size == 1 - result - end - attr_reader :resource_initializing - def resource_initializing=(value) - if value - @resource_initializing = true - else - remove_instance_variable(:@resource_initializing) - end - end - def to_hash - # Grab all current state, then any other ivars (backcompat) - result = {} - self.class.state_properties.each do |p| - result[p.name] = p.get(self) - end - safe_ivars = instance_variables.map { |ivar| ivar.to_sym } - FORBIDDEN_IVARS - safe_ivars.each do |iv| - key = iv.to_s.sub(/^@/, "").to_sym - next if result.has_key?(key) - result[key] = instance_variable_get(iv) - end - result - end - def self.identity_property(name = nil) - result = identity_properties(*Array(name)) - if result.size > 1 - raise Chef::Exceptions::MultipleIdentityError, "identity_property cannot be called on an object with more than one identity property (#{result.map { |r| r.name }.join(", ")})." - end - result.first - end - attr_accessor :allowed_actions - def allowed_actions(value = NOT_PASSED) - if value != NOT_PASSED - self.allowed_actions = value - end - @allowed_actions - end - def resource_name - @resource_name || self.class.resource_name - end - def self.use_automatic_resource_name - automatic_name = convert_to_snake_case(self.name.split("::")[-1]) - resource_name automatic_name - end - def self.allowed_actions(*actions) - @allowed_actions ||= - if superclass.respond_to?(:allowed_actions) - superclass.allowed_actions.dup - else - [ :nothing ] - end - @allowed_actions |= actions.flatten - end - def self.allowed_actions=(value) - @allowed_actions = value.uniq - end - def self.default_action(action_name = NOT_PASSED) - unless action_name.equal?(NOT_PASSED) - @default_action = Array(action_name).map(&:to_sym) - self.allowed_actions |= @default_action - end - - if @default_action - @default_action - elsif superclass.respond_to?(:default_action) - superclass.default_action - else - [:nothing] - end - end - def self.default_action=(action_name) - default_action action_name - end - def self.action(action, &recipe_block) - action = action.to_sym - declare_action_class - action_class.action(action, &recipe_block) - self.allowed_actions += [ action ] - default_action action if Array(default_action) == [:nothing] - end - def self.load_current_value(&load_block) - define_method(:load_current_value!, &load_block) - end - def current_value_does_not_exist! - raise Chef::Exceptions::CurrentValueDoesNotExist - end - def self.action_class(&block) - return @action_class if @action_class && !block - # If the superclass needed one, then we need one as well. - if block || (superclass.respond_to?(:action_class) && superclass.action_class) - @action_class = declare_action_class(&block) - end - @action_class - end - def self.declare_action_class(&block) - @action_class ||= begin - if superclass.respond_to?(:action_class) - base_provider = superclass.action_class - end - base_provider ||= Chef::Provider - - resource_class = self - Class.new(base_provider) do - include ActionClass - self.resource_class = resource_class - end - end - @action_class.class_eval(&block) if block - @action_class - end - FORBIDDEN_IVARS = [:@run_context, :@not_if, :@only_if, :@enclosing_provider] - HIDDEN_IVARS = [:@allowed_actions, :@resource_name, :@source_line, :@run_context, :@name, :@not_if, :@only_if, :@elapsed_time, :@enclosing_provider] - class << self - end - @@sorted_descendants = nil - module DeprecatedLWRPClass - CopiedFromChef.extend_chef_module(::Chef::Resource::DeprecatedLWRPClass, self) if defined?(::Chef::Resource::DeprecatedLWRPClass) - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/action_class.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/action_class.rb deleted file mode 100644 index 20ff8e5..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/action_class.rb +++ /dev/null @@ -1,114 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource/action_class' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: John Keiser ("} action #{action ? action.inspect : ""}" - end - - def whyrun_supported? - true - end - - # - # If load_current_value! is defined on the resource, use that. - # - def load_current_resource - if new_resource.respond_to?(:load_current_value!) - # dup the resource and then reset desired-state properties. - current_resource = new_resource.dup - - # We clear desired state in the copy, because it is supposed to be actual state. - # We keep identity properties and non-desired-state, which are assumed to be - # "control" values like `recurse: true` - current_resource.class.properties.each do |name, property| - if property.desired_state? && !property.identity? && !property.name_property? - property.reset(current_resource) - end - end - - # Call the actual load_current_value! method. If it raises - # CurrentValueDoesNotExist, set current_resource to `nil`. - begin - # If the user specifies load_current_value do |desired_resource|, we - # pass in the desired resource as well as the current one. - if current_resource.method(:load_current_value!).arity > 0 - current_resource.load_current_value!(new_resource) - else - current_resource.load_current_value! - end - rescue Chef::Exceptions::CurrentValueDoesNotExist - current_resource = nil - end - end - - @current_resource = current_resource - end - - def self.included(other) - other.extend(ClassMethods) - other.use_inline_resources - other.include_resource_dsl true - end - - module ClassMethods - CopiedFromChef.extend_chef_module(::Chef::Resource::ActionClass::ClassMethods, self) if defined?(::Chef::Resource::ActionClass::ClassMethods) - # - # The Chef::Resource class this ActionClass was declared against. - # - # @return [Class] The Chef::Resource class this ActionClass was declared against. - # - attr_accessor :resource_class - - def to_s - "#{resource_class} action provider" - end - - def inspect - to_s - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_repository.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_repository.rb deleted file mode 100644 index bedfd3e..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_repository.rb +++ /dev/null @@ -1,65 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource/apt_repository' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Resource < (defined?(::Chef::Resource) ? ::Chef::Resource : Object) - class AptRepository < (defined?(::Chef::Resource::AptRepository) ? ::Chef::Resource::AptRepository : Chef::Resource) - resource_name :apt_repository - provides :apt_repository - - property :repo_name, String, name_property: true - property :uri, String - property :distribution, [ String, nil, false ], default: lazy { node["lsb"]["codename"] }, nillable: true, coerce: proc { |x| x ? x : nil } - property :components, Array, default: [] - property :arch, [String, nil, false], default: nil, nillable: true, coerce: proc { |x| x ? x : nil } - property :trusted, [TrueClass, FalseClass], default: false - # whether or not to add the repository as a source repo, too - property :deb_src, [TrueClass, FalseClass], default: false - property :keyserver, [String, nil, false], default: "keyserver.ubuntu.com", nillable: true, coerce: proc { |x| x ? x : nil } - property :key, [String, nil, false], default: nil, nillable: true, coerce: proc { |x| x ? x : nil } - property :key_proxy, [String, nil, false], default: nil, nillable: true, coerce: proc { |x| x ? x : nil } - - property :cookbook, [String, nil, false], default: nil, desired_state: false, nillable: true, coerce: proc { |x| x ? x : nil } - property :cache_rebuild, [TrueClass, FalseClass], default: true, desired_state: false - - default_action :add - allowed_actions :add, :remove - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_update.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_update.rb deleted file mode 100644 index 9acd9ae..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/apt_update.rb +++ /dev/null @@ -1,52 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource/apt_update' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Resource < (defined?(::Chef::Resource) ? ::Chef::Resource : Object) - class AptUpdate < (defined?(::Chef::Resource::AptUpdate) ? ::Chef::Resource::AptUpdate : Chef::Resource) - resource_name :apt_update - provides :apt_update - - property :frequency, Integer, default: 86_400 - - default_action :periodic - allowed_actions :update, :periodic - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/systemd_unit.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/systemd_unit.rb deleted file mode 100644 index 5f9f458..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/systemd_unit.rb +++ /dev/null @@ -1,81 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource/systemd_unit' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Nathan Williams () -# Copyright:: Copyright 2016, Nathan Williams -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Resource < (defined?(::Chef::Resource) ? ::Chef::Resource : Object) - class SystemdUnit < (defined?(::Chef::Resource::SystemdUnit) ? ::Chef::Resource::SystemdUnit : Chef::Resource) - resource_name :systemd_unit - - default_action :nothing - allowed_actions :create, :delete, - :enable, :disable, - :mask, :unmask, - :start, :stop, - :restart, :reload, - :try_restart, :reload_or_restart, - :reload_or_try_restart - - property :enabled, [TrueClass, FalseClass] - property :active, [TrueClass, FalseClass] - property :masked, [TrueClass, FalseClass] - property :static, [TrueClass, FalseClass] - property :user, String, desired_state: false - property :content, [String, Hash] - property :triggers_reload, [TrueClass, FalseClass], - default: true, desired_state: false - - def to_ini - case content - when Hash - IniParse.gen do |doc| - content.each_pair do |sect, opts| - doc.section(sect) do |section| - opts.each_pair do |opt, val| - section.option(opt, val) - end - end - end - end.to_s - else - content.to_s - end - end - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/yum_repository.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/yum_repository.rb deleted file mode 100644 index 97cf23a..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource/yum_repository.rb +++ /dev/null @@ -1,97 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource/yum_repository' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Thom May () -# Copyright:: Copyright (c) 2016 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef_compat/copied_from_chef/chef/resource" - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class Resource < (defined?(::Chef::Resource) ? ::Chef::Resource : Object) - class YumRepository < (defined?(::Chef::Resource::YumRepository) ? ::Chef::Resource::YumRepository : Chef::Resource) - resource_name :yum_repository - provides :yum_repository - - # http://linux.die.net/man/5/yum.conf - property :baseurl, [String, Array], regex: /.*/ - property :cost, String, regex: /^\d+$/ - property :clean_headers, [TrueClass, FalseClass], default: false # deprecated - property :clean_metadata, [TrueClass, FalseClass], default: true - property :description, String, regex: /.*/, default: "Yum Repository" - property :enabled, [TrueClass, FalseClass], default: true - property :enablegroups, [TrueClass, FalseClass] - property :exclude, String, regex: /.*/ - property :failovermethod, String, equal_to: %w{priority roundrobin} - property :fastestmirror_enabled, [TrueClass, FalseClass] - property :gpgcheck, [TrueClass, FalseClass], default: true - property :gpgkey, [String, Array], regex: /.*/ - property :http_caching, String, equal_to: %w{packages all none} - property :include_config, String, regex: /.*/ - property :includepkgs, String, regex: /.*/ - property :keepalive, [TrueClass, FalseClass] - property :make_cache, [TrueClass, FalseClass], default: true - property :max_retries, [String, Integer] - property :metadata_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/, /never/] - property :mirrorexpire, String, regex: /.*/ - property :mirrorlist, String, regex: /.*/ - property :mirror_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/] - property :mirrorlist_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/] - property :mode, default: "0644" - property :priority, String, regex: /^(\d?[0-9]|[0-9][0-9])$/ - property :proxy, String, regex: /.*/ - property :proxy_username, String, regex: /.*/ - property :proxy_password, String, regex: /.*/ - property :username, String, regex: /.*/ - property :password, String, regex: /.*/ - property :repo_gpgcheck, [TrueClass, FalseClass] - property :report_instanceid, [TrueClass, FalseClass] - property :repositoryid, String, regex: /.*/, name_property: true - property :skip_if_unavailable, [TrueClass, FalseClass] - property :source, String, regex: /.*/ - property :sslcacert, String, regex: /.*/ - property :sslclientcert, String, regex: /.*/ - property :sslclientkey, String, regex: /.*/ - property :sslverify, [TrueClass, FalseClass] - property :timeout, String, regex: /^\d+$/ - property :options, Hash - - default_action :create - allowed_actions :create, :remove, :makecache, :add, :delete - - # provide compatibility with the yum cookbook < 3.0 properties - alias_method :url, :baseurl - alias_method :keyurl, :gpgkey - end - end -end -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource_builder.rb b/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource_builder.rb deleted file mode 100644 index 688e856..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/copied_from_chef/chef/resource_builder.rb +++ /dev/null @@ -1,174 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -begin - require 'chef/resource_builder' -rescue LoadError; end - -require 'chef_compat/copied_from_chef' -class Chef -module ::ChefCompat -module CopiedFromChef -# -# Author:: Lamont Granquist () -# Copyright:: Copyright 2015-2016, Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# NOTE: this was extracted from the Recipe DSL mixin, relevant specs are in spec/unit/recipe_spec.rb - -class Chef < (defined?(::Chef) ? ::Chef : Object) - class ResourceBuilder < (defined?(::Chef::ResourceBuilder) ? ::Chef::ResourceBuilder : Object) - attr_reader :type - attr_reader :name - attr_reader :created_at - attr_reader :params - attr_reader :run_context - attr_reader :cookbook_name - attr_reader :recipe_name - attr_reader :enclosing_provider - attr_reader :resource - - # FIXME (ruby-2.1 syntax): most of these are mandatory - def initialize(type: nil, name: nil, created_at: nil, params: nil, run_context: nil, cookbook_name: nil, recipe_name: nil, enclosing_provider: nil) -super if defined?(::Chef::ResourceBuilder) - @type = type - @name = name - @created_at = created_at - @params = params - @run_context = run_context - @cookbook_name = cookbook_name - @recipe_name = recipe_name - @enclosing_provider = enclosing_provider - end - - def build(&block) - raise ArgumentError, "You must supply a name when declaring a #{type} resource" if name.nil? - - @resource = resource_class.new(name, run_context) - if resource.resource_name.nil? - raise Chef::Exceptions::InvalidResourceSpecification, "#{resource}.resource_name is `nil`! Did you forget to put `provides :blah` or `resource_name :blah` in your resource class?" - end - resource.source_line = created_at - resource.declared_type = type - - # If we have a resource like this one, we want to steal its state - # This behavior is very counter-intuitive and should be removed. - # See CHEF-3694, https://tickets.opscode.com/browse/CHEF-3694 - # Moved to this location to resolve CHEF-5052, https://tickets.opscode.com/browse/CHEF-5052 - if prior_resource - resource.load_from(prior_resource) - end - - resource.cookbook_name = cookbook_name - resource.recipe_name = recipe_name - # Determine whether this resource is being created in the context of an enclosing Provider - resource.enclosing_provider = enclosing_provider - - # XXX: this is required for definition params inside of the scope of a - # subresource to work correctly. - resource.params = params - - # Evaluate resource attribute DSL - if block_given? - resource.resource_initializing = true - begin - resource.instance_eval(&block) - ensure - resource.resource_initializing = false - end - end - - # emit a cloned resource warning if it is warranted - if prior_resource - if is_trivial_resource?(prior_resource) && identicalish_resources?(prior_resource, resource) - emit_harmless_cloning_debug - else - emit_cloned_resource_warning - end - end - - # Run optional resource hook - resource.after_created - - resource - end - - private - - def resource_class - # Checks the new platform => short_name => resource mapping initially - # then fall back to the older approach (Chef::Resource.const_get) for - # backward compatibility - @resource_class ||= Chef::Resource.resource_for_node(type, run_context.node) - end - - def is_trivial_resource?(resource) - trivial_resource = resource_class.new(name, run_context) - # force un-lazy the name property on the created trivial resource - name_property = resource_class.properties.find { |sym, p| p.name_property? } - trivial_resource.send(name_property[0]) unless name_property.nil? - identicalish_resources?(trivial_resource, resource) - end - - # this is an equality test specific to checking for 3694 cloning warnings - def identicalish_resources?(first, second) - skipped_ivars = [ :@source_line, :@cookbook_name, :@recipe_name, :@params, :@elapsed_time, :@declared_type ] - checked_ivars = ( first.instance_variables | second.instance_variables ) - skipped_ivars - non_matching_ivars = checked_ivars.reject do |iv| - if iv == :@action && ( [first.instance_variable_get(iv)].flatten == [:nothing] || [second.instance_variable_get(iv)].flatten == [:nothing] ) - # :nothing action on either side of the comparison always matches - true - else - first.instance_variable_get(iv) == second.instance_variable_get(iv) - end - end - Chef::Log.debug("ivars which did not match with the prior resource: #{non_matching_ivars}") - non_matching_ivars.empty? - end - - def emit_cloned_resource_warning - message = "Cloning resource attributes for #{resource} from prior resource (CHEF-3694)" - message << "\nPrevious #{prior_resource}: #{prior_resource.source_line}" if prior_resource.source_line - message << "\nCurrent #{resource}: #{resource.source_line}" if resource.source_line - Chef.log_deprecation(message) - end - - def emit_harmless_cloning_debug - Chef::Log.debug("Harmless resource cloning from #{prior_resource}:#{prior_resource.source_line} to #{resource}:#{resource.source_line}") - end - - def prior_resource - @prior_resource ||= - begin - key = "#{type}[#{name}]" - run_context.resource_collection.lookup_local(key) - rescue Chef::Exceptions::ResourceNotFound - nil - end - end - - end -end - -require "chef_compat/copied_from_chef/chef/resource" -end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/mixin/properties.rb b/cookbooks/compat_resource/files/lib/chef_compat/mixin/properties.rb deleted file mode 100644 index a3920d1..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/mixin/properties.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'chef_compat/monkeypatches' -require 'chef_compat/copied_from_chef/chef/mixin/properties' - -module ChefCompat - module Mixin - Properties = ChefCompat::CopiedFromChef::Chef::Mixin::Properties - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches.rb deleted file mode 100644 index 9ac83e8..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches.rb +++ /dev/null @@ -1,41 +0,0 @@ -class Chef - class RunContext - class ChildRunContext < RunContext - # magic that lets us re-parse the ChildRunContext without erroring due to - # cheffish and chef-provisioning hooks having been loaded (on old versions of - # chef-client without the lazy hooks for those gems) - @__skip_method_checking = true - end - end -end - -# fix to quiet constant redefined warnings -if defined?(Chef::RunContext::ChildRunContext::CHILD_STATE) - Chef::RunContext::ChildRunContext.send(:remove_const, :CHILD_STATE) -end - -require 'chef_compat/monkeypatches/chef' -require 'chef_compat/monkeypatches/chef/exceptions' -require 'chef_compat/monkeypatches/chef/log' -require 'chef_compat/monkeypatches/chef/node' -require 'chef_compat/monkeypatches/chef/mixin/params_validate' -require 'chef_compat/monkeypatches/chef/property' -require 'chef_compat/monkeypatches/chef/provider' -require 'chef_compat/monkeypatches/chef/recipe' # copied from chef -require 'chef_compat/monkeypatches/chef/recipe_hook' -require 'chef_compat/monkeypatches/chef/resource' -require 'chef_compat/monkeypatches/chef/resource_builder' -require 'chef_compat/monkeypatches/chef/resource/lwrp_base' -require 'chef_compat/monkeypatches/chef/resource_collection' -require 'chef_compat/monkeypatches/chef/resource_collection/resource_list' -require 'chef_compat/monkeypatches/chef/resource_collection/resource_set' -require 'chef_compat/monkeypatches/chef/run_context' # copied from chef -require 'chef_compat/monkeypatches/chef/runner' # copied from chef - -# fix for Chef::RunContext instance that has already been created -ObjectSpace.each_object(Chef::RunContext) do |run_context| - run_context.node.run_context = run_context - run_context.instance_variable_set(:@loaded_recipes_hash, {}) - run_context.instance_variable_set(:@loaded_attributes_hash, {}) - run_context.initialize_child_state -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef.rb deleted file mode 100644 index 9669f6a..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef.rb +++ /dev/null @@ -1,33 +0,0 @@ -class Chef - NOT_PASSED = Object.new if !defined?(NOT_PASSED) - # Earlier versions of Chef didn't have this message - module ChefCompatDeprecation - def log_deprecation(message, location=nil) - if !location - # Pick the first caller that is *not* part of the Chef or ChefCompat gem, - # that's the thing the user wrote. - chef_compat_gem_path = File.expand_path("../../..", __FILE__) - chef_gem_path = File.expand_path("../..",::Chef::Resource.instance_method(:initialize).source_location[0]) - caller(0..10).each do |c| - if !c.start_with?(chef_gem_path) && !c.start_with?(chef_compat_gem_path) - location = c - break - end - end - end - - begin - super - # Bleagh. `super_method` doesn't exist on older rubies and I haven't - # figured out a way to check for its existence otherwise. - rescue NoMethodError - Chef::Log.warn(message) - end - end - end - - class<= 12.5 && Chef::VERSION.to_f <= 12.8 - require 'chef/mixin/params_validate' - class Chef - module Mixin - module ParamsValidate - class SetOrReturnProperty < Chef::Property - # 12.9 introduced a new optional parameter to `get()` to avoid a nil-set warning. - # When their method gets called with 2 args, we need to ignore and call with 1. - alias_method :_original_get2, :get - def get(resource, *args) - _original_get2(resource) - end - end - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/node.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/node.rb deleted file mode 100644 index 93379b0..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/node.rb +++ /dev/null @@ -1,9 +0,0 @@ -class Chef - class Node - unless method_defined?(:set_cookbook_attribute) - def set_cookbook_attribute - # this implementation deliberately left blank - we don't need to do anything we just need to not fail - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/property.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/property.rb deleted file mode 100644 index 2308d32..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/property.rb +++ /dev/null @@ -1,15 +0,0 @@ -# 12.9 introduced a new optional parameter to `get()` to avoid a nil-set warning. -# We need to mimick it here. -if Chef::VERSION.to_f >= 12.5 && Chef::VERSION.to_f <= 12.8 - require 'chef/property' - class Chef - class Property - # 12.9 introduced a new optional parameter to `get()` to avoid a nil-set warning. - # When their method gets called with 2 args, we need to ignore and call with 1. - alias_method :_original_get, :get - def get(resource, *args) - _original_get(resource) - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/provider.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/provider.rb deleted file mode 100644 index 591cedb..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/provider.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'chef/provider' -require 'chef/provider/lwrp_base' - -class Chef::Provider - if !defined?(InlineResources) - InlineResources = Chef::Provider::LWRPBase::InlineResources - end - module InlineResources - require 'chef/dsl/recipe' - require 'chef/dsl/platform_introspection' - require 'chef/dsl/data_query' - require 'chef/dsl/include_recipe' - include Chef::DSL::Recipe - include Chef::DSL::PlatformIntrospection - include Chef::DSL::DataQuery - include Chef::DSL::IncludeRecipe - - unless Chef::Provider::InlineResources::ClassMethods.instance_method(:action).source_location[0] =~ /chefspec/ - # Don't override action if chefspec is doing its thing - module ::ChefCompat - module Monkeypatches - module InlineResources - module ClassMethods - def action(name, &block) - super(name) { send("compile_action_#{name}") } - # We put the action in its own method so that super() works. - define_method("compile_action_#{name}", &block) - end - end - end - end - end - module ClassMethods - prepend ChefCompat::Monkeypatches::InlineResources::ClassMethods - end - end - end -end - - -class Chef - class Provider - class LWRPBase < Provider - if defined?(InlineResources) - module InlineResources - # since we upgrade the Chef::Runner and Chef::RunContext globally to >= 12.14 style classes, we need to also - # fix the use_inline_resources LWRPBase wrapper that creates a sub-resource collection with the ugpraded code - # from the Chef::Provider subclasses that do similar things in post-12.5 chef. - def recipe_eval_with_update_check(&block) - old_run_context = run_context - @run_context = run_context.create_child - return_value = instance_eval(&block) - Chef::Runner.new(run_context).converge - return_value - ensure - if run_context.resource_collection.any? { |r| r.updated? } - new_resource.updated_by_last_action(true) - end - @run_context = old_run_context - end - end - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe.rb deleted file mode 100644 index 7c4c8be..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe.rb +++ /dev/null @@ -1,118 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -if Gem::Requirement.new('< 12.16.42').satisfied_by?(Gem::Version.new(Chef::VERSION)) -#-- -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef/dsl/recipe" -require "chef/mixin/from_file" -require "chef/mixin/deprecation" - -class Chef - # == Chef::Recipe - # A Recipe object is the context in which Chef recipes are evaluated. - class Recipe - attr_accessor :cookbook_name, :recipe_name, :recipe, :params, :run_context - - include Chef::DSL::Recipe - - include Chef::Mixin::FromFile - include Chef::Mixin::Deprecation - - # Parses a potentially fully-qualified recipe name into its - # cookbook name and recipe short name. - # - # For example: - # "aws::elastic_ip" returns [:aws, "elastic_ip"] - # "aws" returns [:aws, "default"] - # "::elastic_ip" returns [ current_cookbook, "elastic_ip" ] - #-- - # TODO: Duplicates functionality of RunListItem - def self.parse_recipe_name(recipe_name, current_cookbook: nil) - case recipe_name - when /(.+?)::(.+)/ - [ $1.to_sym, $2 ] - when /^::(.+)/ - raise "current_cookbook is nil, cannot resolve #{recipe_name}" if current_cookbook.nil? - [ current_cookbook.to_sym, $1 ] - else - [ recipe_name.to_sym, "default" ] - end - end - - def initialize(cookbook_name, recipe_name, run_context) - @cookbook_name = cookbook_name - @recipe_name = recipe_name - @run_context = run_context - # TODO: 5/19/2010 cw/tim: determine whether this can be removed - @params = Hash.new - end - - # Used in DSL mixins - def node - run_context.node - end - - # Used by the DSL to look up resources when executing in the context of a - # recipe. - def resources(*args) - run_context.resource_collection.find(*args) - end - - # This was moved to Chef::Node#tag, redirecting here for compatibility - def tag(*tags) - run_context.node.tag(*tags) - end - - # Returns true if the node is tagged with *all* of the supplied +tags+. - # - # === Parameters - # tags:: A list of tags - # - # === Returns - # true:: If all the parameters are present - # false:: If any of the parameters are missing - def tagged?(*tags) - tags.each do |tag| - return false unless run_context.node.tags.include?(tag) - end - true - end - - # Removes the list of tags from the node. - # - # === Parameters - # tags:: A list of tags - # - # === Returns - # tags:: The current list of run_context.node.tags - def untag(*tags) - tags.each do |tag| - run_context.node.tags.delete(tag) - end - end - end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe_hook.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe_hook.rb deleted file mode 100644 index 24aa20f..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/recipe_hook.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'chef/recipe' -require 'chef_compat/recipe' - -class Chef::Recipe - # If the cookbook depends on compat_resource, create a ChefCompat::Recipe object - # instead of Chef::Recipe, for the extra goodies. - def self.new(cookbook_name, recipe_name, run_context) - if run_context && - cookbook_name && - recipe_name && - run_context.cookbook_collection && - run_context.cookbook_collection[cookbook_name] && - run_context.cookbook_collection[cookbook_name].metadata.dependencies.has_key?('compat_resource') && - self != ::ChefCompat::Recipe - ::ChefCompat::Recipe.new(cookbook_name, recipe_name, run_context) - else - super - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource.rb deleted file mode 100644 index d61b60b..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource.rb +++ /dev/null @@ -1,156 +0,0 @@ -# this is NOT an AUTOGENERATED file - -require 'chef/resource' - -class Chef - class Resource - - class UnresolvedSubscribes < self - # The full key ise given as the name in {Resource#subscribes} - alias_method :to_s, :name - alias_method :declared_key, :name - end - - # - # Force a delayed notification into this resource's run_context. - # - # This should most likely be paired with action :nothing - # - # @param arg [Array[Symbol], Symbol] A list of actions (e.g. `:create`) - # - def delayed_action(arg) - arg = Array(arg).map(&:to_sym) - arg.map do |action| - validate( - { action: action }, - { action: { kind_of: Symbol, equal_to: allowed_actions } } - ) - # the resource effectively sends a delayed notification to itself - run_context.add_delayed_action(Notification.new(self, action, self)) - end - end - - def subscribes(action, resources, timing = :delayed) - resources = [resources].flatten - resources.each do |resource| - if resource.is_a?(String) - resource = UnresolvedSubscribes.new(resource, run_context) - end - if resource.run_context.nil? - resource.run_context = run_context - end - resource.notifies(action, self, timing) - end - true - end - - def notifies(action, resource_spec, timing = :delayed) - # when using old-style resources(:template => "/foo.txt") style, you - # could end up with multiple resources. - validate_resource_spec!(resource_spec) - - resources = [ resource_spec ].flatten - resources.each do |resource| - - case timing.to_s - when "delayed" - notifies_delayed(action, resource) - when "immediate", "immediately" - notifies_immediately(action, resource) - when "before" - notifies_before(action, resource) - else - raise ArgumentError, "invalid timing: #{timing} for notifies(#{action}, #{resources.inspect}, #{timing}) resource #{self} "\ - "Valid timings are: :delayed, :immediate, :immediately, :before" - end - end - - true - end - - # - # Iterates over all immediate and delayed notifications, calling - # resolve_resource_reference on each in turn, causing them to - # resolve lazy/forward references. - def resolve_notification_references - run_context.before_notifications(self).each { |n| - n.resolve_resource_reference(run_context.resource_collection) - } - run_context.immediate_notifications(self).each { |n| - n.resolve_resource_reference(run_context.resource_collection) - } - run_context.delayed_notifications(self).each {|n| - n.resolve_resource_reference(run_context.resource_collection) - } - end - - # Helper for #notifies - def notifies_before(action, resource_spec) - run_context.notifies_before(Notification.new(resource_spec, action, self)) - end - - # Helper for #notifies - def notifies_immediately(action, resource_spec) - run_context.notifies_immediately(Notification.new(resource_spec, action, self)) - end - - # Helper for #notifies - def notifies_delayed(action, resource_spec) - run_context.notifies_delayed(Notification.new(resource_spec, action, self)) - end - - # - # Get the current actual value of this resource. - # - # This does not cache--a new value will be returned each time. - # - # @return A new copy of the resource, with values filled in from the actual - # current value. - # - def current_value - provider = provider_for_action(Array(action).first) - if provider.whyrun_mode? && !provider.whyrun_supported? - raise "Cannot retrieve #{self.class.current_resource} in why-run mode: #{provider} does not support why-run" - end - provider.load_current_resource - provider.current_resource - end - - # These methods are necessary for new resources to initialize old ones properly - attr_reader :resource_initializing - def resource_initializing=(value) - if value - @resource_initializing = value - else - remove_instance_variable(:@resource_initializing) - end - end - - if !respond_to?(:resource_name) - def self.resource_name(name=Chef::NOT_PASSED) - # Setter - if name != Chef::NOT_PASSED - # remove_canonical_dsl - - # Set the resource_name and call provides - if name - name = name.to_sym - # If our class is not already providing this name, provide it. - # Commented out: use of resource_name and provides will need to be - # mutually exclusive in this world, generally. - # if !Chef::ResourceResolver.includes_handler?(name, self) - provides name#, canonical: true - # end - @resource_name = name - else - @resource_name = nil - end - end - @resource_name - end - def self.resource_name=(name) - resource_name(name) - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource/lwrp_base.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource/lwrp_base.rb deleted file mode 100644 index 5f098fd..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource/lwrp_base.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'chef_compat/resource/lwrp_base' -require 'chef/resource/lwrp_base' - -module ChefCompat - module Monkeypatches - # - # NOTE: LOTS OF METAPROGRAMMING HERE. NOT FOR FAINT OF HEART. - # - - # Add an empty module to Class so we can temporarily override it in build_from_file - module Class - end - class<<::Class - prepend(ChefCompat::Monkeypatches::Class) - end - - module Chef - module Resource - module LWRPBase - def build_from_file(cookbook_name, filename, run_context) - # If the cookbook this LWRP is from depends on compat_resource, fix its LWRPs up real good - if run_context.cookbook_collection[cookbook_name].metadata.dependencies.has_key?('compat_resource') - # All cookbooks do Class.new(Chef::Resource::LWRPBase). Change Class.new - # temporarily to translate Chef::Resource::LWRPBase to ChefCompat::Resource - ChefCompat::Monkeypatches::Class.module_eval do - def new(*args, &block) - # Trick it! Use ChefCompat::Resource instead of Chef::Resource::LWRPBase - if args == [ ::Chef::Resource::LWRPBase ] - ChefCompat::Monkeypatches::Class.module_eval do - remove_method(:new) if method_defined?(:new) - end - args = [ ChefCompat::Resource::LWRPBase ] - end - super(*args, &block) - end - end - - begin - - # Call the actual build_from_file - super - - ensure - class<) -# Copyright:: Copyright 2015-2016, Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# XXX: we now have two copies of this file in the compat_resource cookbook. I'm uncertain if this is a -# bug or a feature, and I suspect it is actually a feature. The point of this file is that for all -# resources and cookbooks the global Chef::ResourceBuilder class must be upgraded to at least the -# 12.10.24 version. The point of the other copy is that for compat_resource cookbooks all their -# resources should be using the lastest version that has been sync'd. So these two files should -# diverge as times goes on. I believe that is the correct behavior and that we want to have both -# files in this cookbook. - -# NOTE: this was extracted from the Recipe DSL mixin, relevant specs are in spec/unit/recipe_spec.rb - -if Gem::Requirement.new("< 12.10.24").satisfied_by?(Gem::Version.new(Chef::VERSION)) - begin - require 'chef/resource_builder' - # we use the LoadError this creates on early 12.x to not monkeypatch chef client versions that don't have Chef::ResourceBuilder - # (it is lazily included and doesn't appear until compile time so we can't resolve the symbol during library loading) - - class Chef - class ResourceBuilder - attr_reader :type - attr_reader :name - attr_reader :created_at - attr_reader :params - attr_reader :run_context - attr_reader :cookbook_name - attr_reader :recipe_name - attr_reader :enclosing_provider - attr_reader :resource - - # FIXME (ruby-2.1 syntax): most of these are mandatory - def initialize(type:nil, name:nil, created_at: nil, params: nil, run_context: nil, cookbook_name: nil, recipe_name: nil, enclosing_provider: nil) - @type = type - @name = name - @created_at = created_at - @params = params - @run_context = run_context - @cookbook_name = cookbook_name - @recipe_name = recipe_name - @enclosing_provider = enclosing_provider - end - - def build(&block) - raise ArgumentError, "You must supply a name when declaring a #{type} resource" if name.nil? - - @resource = resource_class.new(name, run_context) - if resource.resource_name.nil? - raise Chef::Exceptions::InvalidResourceSpecification, "#{resource}.resource_name is `nil`! Did you forget to put `provides :blah` or `resource_name :blah` in your resource class?" - end - resource.source_line = created_at - resource.declared_type = type - - # If we have a resource like this one, we want to steal its state - # This behavior is very counter-intuitive and should be removed. - # See CHEF-3694, https://tickets.opscode.com/browse/CHEF-3694 - # Moved to this location to resolve CHEF-5052, https://tickets.opscode.com/browse/CHEF-5052 - if prior_resource - resource.load_from(prior_resource) - end - - resource.cookbook_name = cookbook_name - resource.recipe_name = recipe_name - # Determine whether this resource is being created in the context of an enclosing Provider - resource.enclosing_provider = enclosing_provider - - # XXX: this is required for definition params inside of the scope of a - # subresource to work correctly. - resource.params = params - - # Evaluate resource attribute DSL - if block_given? - resource.resource_initializing = true - begin - resource.instance_eval(&block) - ensure - resource.resource_initializing = false - end - end - - # emit a cloned resource warning if it is warranted - if prior_resource - if is_trivial_resource?(prior_resource) && identicalish_resources?(prior_resource, resource) - emit_harmless_cloning_debug - else - emit_cloned_resource_warning - end - end - - # Run optional resource hook - resource.after_created - - resource - end - - private - - def resource_class - # Checks the new platform => short_name => resource mapping initially - # then fall back to the older approach (Chef::Resource.const_get) for - # backward compatibility - @resource_class ||= Chef::Resource.resource_for_node(type, run_context.node) - end - - def is_trivial_resource?(resource) - identicalish_resources?(resource_class.new(name, run_context), resource) - end - - # this is an equality test specific to checking for 3694 cloning warnings - def identicalish_resources?(first, second) - skipped_ivars = [ :@source_line, :@cookbook_name, :@recipe_name, :@params, :@elapsed_time, :@declared_type ] - checked_ivars = ( first.instance_variables | second.instance_variables ) - skipped_ivars - non_matching_ivars = checked_ivars.reject do |iv| - if iv == :@action && ( [first.instance_variable_get(iv)].flatten == [:nothing] || [second.instance_variable_get(iv)].flatten == [:nothing] ) - # :nothing action on either side of the comparison always matches - true - else - first.instance_variable_get(iv) == second.instance_variable_get(iv) - end - end - Chef::Log.debug("ivars which did not match with the prior resource: #{non_matching_ivars}") - non_matching_ivars.empty? - end - - def emit_cloned_resource_warning - Chef::Log.warn("Cloning resource attributes for #{resource} from prior resource (CHEF-3694)") - Chef::Log.warn("Previous #{prior_resource}: #{prior_resource.source_line}") if prior_resource.source_line - Chef::Log.warn("Current #{resource}: #{resource.source_line}") if resource.source_line - end - - def emit_harmless_cloning_debug - Chef::Log.debug("Harmless resource cloning from #{prior_resource}:#{prior_resource.source_line} to #{resource}:#{resource.source_line}") - end - - def prior_resource - @prior_resource ||= - begin - key = "#{type}[#{name}]" - run_context.resource_collection.lookup_local(key) - rescue Chef::Exceptions::ResourceNotFound - nil - end - end - - end - end - rescue LoadError - # cool we're just on early chef 12.x, nothing to do -- we don't have to worry because there's also not parent_run_context pointer, so we don't have to - # use lookup_local to avoid resource cloning shit out of the parent run_context. the resource collection's lookup() method will always use lookup_local - # over lookup_recursive. - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection.rb deleted file mode 100644 index 4f07489..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection.rb +++ /dev/null @@ -1,103 +0,0 @@ -# -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef/resource_collection/resource_set" -require "chef/resource_collection/resource_list" -require "chef/resource_collection" -require "chef/exceptions" - -module ChefCompat - module Monkeypatches - module Chef - module ResourceCollection - module RecursiveNotificationLookup - # - # Copied verbatim from Chef 12.10.24 - # - attr_accessor :run_context - - def initialize(run_context = nil) - super() - @run_context = run_context - end - - def lookup_local(key) - resource_set.lookup(key) - end - - def find_local(*args) - resource_set.find(*args) - end - - def lookup(key) - if run_context.nil? - lookup_local(key) - else - lookup_recursive(run_context, key) - end - end - - def find(*args) - if run_context.nil? - find_local(*args) - else - find_recursive(run_context, *args) - end - end - - private - - def lookup_recursive(rc, key) - rc.resource_collection.send(:resource_set).lookup(key) - rescue ::Chef::Exceptions::ResourceNotFound - raise if !rc.respond_to?(:parent_run_context) || rc.parent_run_context.nil? - lookup_recursive(rc.parent_run_context, key) - end - - def find_recursive(rc, *args) - rc.resource_collection.send(:resource_set).find(*args) - rescue ::Chef::Exceptions::ResourceNotFound - raise if !rc.respond_to?(:parent_run_context) || rc.parent_run_context.nil? - find_recursive(rc.parent_run_context, *args) - end - end - - module DeleteResources - # - # Copied verbatim from Chef 12.10.24 - # - def delete(key) - resource_list.delete(key) - resource_set.delete(key) - end - end - end - end - end -end - - -class Chef::ResourceCollection - unless method_defined?(:lookup_local) - prepend ChefCompat::Monkeypatches::Chef::ResourceCollection::RecursiveNotificationLookup - end - unless method_defined?(:delete) - prepend ChefCompat::Monkeypatches::Chef::ResourceCollection::DeleteResources - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_list.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_list.rb deleted file mode 100644 index dfbd442..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_list.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Author:: Tyler Ball () -# Copyright:: Copyright 2014-2016, Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef/resource_collection/resource_list" -require "chef/exceptions" - -module ChefCompat - module Monkeypatches - module Chef - module ResourceCollection - module ResourceList - module DeleteResource - # Copied verbatim from Chef 12.10.4 - def delete(key) - raise ArgumentError, "Must pass a Chef::Resource or String to delete" unless key.is_a?(String) || key.is_a?(Chef::Resource) - key = key.to_s - ret = @resources.reject! { |r| r.to_s == key } - if ret.nil? - raise ::Chef::Exceptions::ResourceNotFound, "Cannot find a resource matching #{key} (did you define it first?)" - end - ret - end - end - end - end - end - end -end - -class Chef::ResourceCollection::ResourceList - unless method_defined?(:delete) - prepend ChefCompat::Monkeypatches::Chef::ResourceCollection::ResourceList::DeleteResource - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_set.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_set.rb deleted file mode 100644 index bcead10..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/resource_collection/resource_set.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Author:: Tyler Ball () -# Copyright:: Copyright 2014-2016, Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef/resource_collection/resource_list" -require "chef/exceptions" - -module ChefCompat - module Monkeypatches - module Chef - module ResourceCollection - module ResourceSet - module DeleteResource - def delete(key) - raise ArgumentError, "Must pass a Chef::Resource or String to delete" unless key.is_a?(String) || key.is_a?(Chef::Resource) - key = key.to_s - res = @resources_by_key.delete(key) - - if res == @resources_by_key.default - raise Chef::Exceptions::ResourceNotFound, "Cannot find a resource matching #{key} (did you define it first?)" - end - res - end - end - end - end - end - end -end - -class Chef::ResourceCollection::ResourceSet - unless method_defined?(:delete) - prepend ChefCompat::Monkeypatches::Chef::ResourceCollection::ResourceSet::DeleteResource - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/run_context.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/run_context.rb deleted file mode 100644 index 03c9d60..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/run_context.rb +++ /dev/null @@ -1,691 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -if Gem::Requirement.new('< 12.16.42').satisfied_by?(Gem::Version.new(Chef::VERSION)) -# -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Author:: Tim Hinderliter () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require "chef/resource_collection" -require "chef/cookbook_version" -require "chef/node" -require "chef/role" -require "chef/log" -require "chef/recipe" -require "chef/run_context/cookbook_compiler" -require "chef/event_dispatch/events_output_stream" -require "forwardable" - -class Chef - - # == Chef::RunContext - # Value object that loads and tracks the context of a Chef run - class RunContext - # - # Global state - # - - # - # The node for this run - # - # @return [Chef::Node] - # - attr_reader :node - - # - # The set of cookbooks involved in this run - # - # @return [Chef::CookbookCollection] - # - attr_reader :cookbook_collection - - # - # Resource Definitions for this run. Populated when the files in - # +definitions/+ are evaluated (this is triggered by #load). - # - # @return [Array[Chef::ResourceDefinition]] - # - attr_reader :definitions - - # - # Event dispatcher for this run. - # - # @return [Chef::EventDispatch::Dispatcher] - # - attr_reader :events - - # - # Hash of factoids for a reboot request. - # - # @return [Hash] - # - attr_accessor :reboot_info - - # - # Scoped state - # - - # - # The parent run context. - # - # @return [Chef::RunContext] The parent run context, or `nil` if this is the - # root context. - # - attr_reader :parent_run_context - - # - # The root run context. - # - # @return [Chef::RunContext] The root run context. - # - def root_run_context - rc = self - rc = rc.parent_run_context until rc.parent_run_context.nil? - rc - end - - # - # The collection of resources intended to be converged (and able to be - # notified). - # - # @return [Chef::ResourceCollection] - # - # @see CookbookCompiler - # - attr_reader :resource_collection - - # - # The list of control groups to execute during the audit phase - # - attr_reader :audits - - # - # Notification handling - # - - # - # A Hash containing the before notifications triggered by resources - # during the converge phase of the chef run. - # - # @return [Hash[String, Array[Chef::Resource::Notification]]] A hash from - # => - # - attr_reader :before_notification_collection - - # - # A Hash containing the immediate notifications triggered by resources - # during the converge phase of the chef run. - # - # @return [Hash[String, Array[Chef::Resource::Notification]]] A hash from - # => - # - attr_reader :immediate_notification_collection - - # - # A Hash containing the delayed (end of run) notifications triggered by - # resources during the converge phase of the chef run. - # - # @return [Hash[String, Array[Chef::Resource::Notification]]] A hash from - # => - # - attr_reader :delayed_notification_collection - - # - # An Array containing the delayed (end of run) notifications triggered by - # resources during the converge phase of the chef run. - # - # @return [Array[Chef::Resource::Notification]] An array of notification objects - # - attr_reader :delayed_actions - - # Creates a new Chef::RunContext object and populates its fields. This object gets - # used by the Chef Server to generate a fully compiled recipe list for a node. - # - # @param node [Chef::Node] The node to run against. - # @param cookbook_collection [Chef::CookbookCollection] The cookbooks - # involved in this run. - # @param events [EventDispatch::Dispatcher] The event dispatcher for this - # run. - # - def initialize(node, cookbook_collection, events) - @node = node - @cookbook_collection = cookbook_collection - @events = events - - node.run_context = self - node.set_cookbook_attribute - - @definitions = Hash.new - @loaded_recipes_hash = {} - @loaded_attributes_hash = {} - @reboot_info = {} - @cookbook_compiler = nil - @delayed_actions = [] - - initialize_child_state - end - - # - # Triggers the compile phase of the chef run. - # - # @param run_list_expansion [Chef::RunList::RunListExpansion] The run list. - # @see Chef::RunContext::CookbookCompiler - # - def load(run_list_expansion) - @cookbook_compiler = CookbookCompiler.new(self, run_list_expansion, events) - cookbook_compiler.compile - end - - # - # Initialize state that applies to both Chef::RunContext and Chef::ChildRunContext - # - def initialize_child_state - @audits = {} - @resource_collection = Chef::ResourceCollection.new(self) - @before_notification_collection = Hash.new { |h, k| h[k] = [] } - @immediate_notification_collection = Hash.new { |h, k| h[k] = [] } - @delayed_notification_collection = Hash.new { |h, k| h[k] = [] } - @delayed_actions = [] - end - - # - # Adds an before notification to the +before_notification_collection+. - # - # @param [Chef::Resource::Notification] The notification to add. - # - def notifies_before(notification) - # Note for the future, notification.notifying_resource may be an instance - # of Chef::Resource::UnresolvedSubscribes when calling {Resource#subscribes} - # with a string value. - before_notification_collection[notification.notifying_resource.declared_key] << notification - end - - # - # Adds an immediate notification to the +immediate_notification_collection+. - # - # @param [Chef::Resource::Notification] The notification to add. - # - def notifies_immediately(notification) - # Note for the future, notification.notifying_resource may be an instance - # of Chef::Resource::UnresolvedSubscribes when calling {Resource#subscribes} - # with a string value. - immediate_notification_collection[notification.notifying_resource.declared_key] << notification - end - - # - # Adds a delayed notification to the +delayed_notification_collection+. - # - # @param [Chef::Resource::Notification] The notification to add. - # - def notifies_delayed(notification) - # Note for the future, notification.notifying_resource may be an instance - # of Chef::Resource::UnresolvedSubscribes when calling {Resource#subscribes} - # with a string value. - delayed_notification_collection[notification.notifying_resource.declared_key] << notification - end - - # - # Adds a delayed action to the +delayed_actions+. - # - def add_delayed_action(notification) - if delayed_actions.any? { |existing_notification| existing_notification.duplicates?(notification) } - Chef::Log.info( "#{notification.notifying_resource} not queuing delayed action #{notification.action} on #{notification.resource}"\ - " (delayed), as it's already been queued") - else - delayed_actions << notification - end - end - - # - # Get the list of before notifications sent by the given resource. - # - # @return [Array[Notification]] - # - def before_notifications(resource) - return before_notification_collection[resource.declared_key] - end - - # - # Get the list of immediate notifications sent by the given resource. - # - # @return [Array[Notification]] - # - def immediate_notifications(resource) - return immediate_notification_collection[resource.declared_key] - end - - # - # Get the list of delayed (end of run) notifications sent by the given - # resource. - # - # @return [Array[Notification]] - # - def delayed_notifications(resource) - return delayed_notification_collection[resource.declared_key] - end - - # - # Cookbook and recipe loading - # - - # - # Evaluates the recipes +recipe_names+. Used by DSL::IncludeRecipe - # - # @param recipe_names [Array[String]] The list of recipe names (e.g. - # 'my_cookbook' or 'my_cookbook::my_resource'). - # @param current_cookbook The cookbook we are currently running in. - # - # @see DSL::IncludeRecipe#include_recipe - # - def include_recipe(*recipe_names, current_cookbook: nil) - result_recipes = Array.new - recipe_names.flatten.each do |recipe_name| - if result = load_recipe(recipe_name, current_cookbook: current_cookbook) - result_recipes << result - end - end - result_recipes - end - - # - # Evaluates the recipe +recipe_name+. Used by DSL::IncludeRecipe - # - # TODO I am sort of confused why we have both this and include_recipe ... - # I don't see anything different beyond accepting and returning an - # array of recipes. - # - # @param recipe_names [Array[String]] The recipe name (e.g 'my_cookbook' or - # 'my_cookbook::my_resource'). - # @param current_cookbook The cookbook we are currently running in. - # - # @return A truthy value if the load occurred; `false` if already loaded. - # - # @see DSL::IncludeRecipe#load_recipe - # - def load_recipe(recipe_name, current_cookbook: nil) - Chef::Log.debug("Loading recipe #{recipe_name} via include_recipe") - - cookbook_name, recipe_short_name = Chef::Recipe.parse_recipe_name(recipe_name, current_cookbook: current_cookbook) - - if unreachable_cookbook?(cookbook_name) # CHEF-4367 - Chef::Log.warn(<<-ERROR_MESSAGE) -MissingCookbookDependency: -Recipe `#{recipe_name}` is not in the run_list, and cookbook '#{cookbook_name}' -is not a dependency of any cookbook in the run_list. To load this recipe, -first add a dependency on cookbook '#{cookbook_name}' in the cookbook you're -including it from in that cookbook's metadata. -ERROR_MESSAGE - end - - if loaded_fully_qualified_recipe?(cookbook_name, recipe_short_name) - Chef::Log.debug("I am not loading #{recipe_name}, because I have already seen it.") - false - else - loaded_recipe(cookbook_name, recipe_short_name) - node.loaded_recipe(cookbook_name, recipe_short_name) - cookbook = cookbook_collection[cookbook_name] - cookbook.load_recipe(recipe_short_name, self) - end - end - - # - # Load the given recipe from a filename. - # - # @param recipe_file [String] The recipe filename. - # - # @return [Chef::Recipe] The loaded recipe. - # - # @raise [Chef::Exceptions::RecipeNotFound] If the file does not exist. - # - def load_recipe_file(recipe_file) - if !File.exist?(recipe_file) - raise Chef::Exceptions::RecipeNotFound, "could not find recipe file #{recipe_file}" - end - - Chef::Log.debug("Loading recipe file #{recipe_file}") - recipe = Chef::Recipe.new("@recipe_files", recipe_file, self) - recipe.from_file(recipe_file) - recipe - end - - # - # Look up an attribute filename. - # - # @param cookbook_name [String] The cookbook name of the attribute file. - # @param attr_file_name [String] The attribute file's name (not path). - # - # @return [String] The filename. - # - # @see DSL::IncludeAttribute#include_attribute - # - # @raise [Chef::Exceptions::CookbookNotFound] If the cookbook could not be found. - # @raise [Chef::Exceptions::AttributeNotFound] If the attribute file could not be found. - # - def resolve_attribute(cookbook_name, attr_file_name) - cookbook = cookbook_collection[cookbook_name] - raise Chef::Exceptions::CookbookNotFound, "could not find cookbook #{cookbook_name} while loading attribute #{name}" unless cookbook - - attribute_filename = cookbook.attribute_filenames_by_short_filename[attr_file_name] - raise Chef::Exceptions::AttributeNotFound, "could not find filename for attribute #{attr_file_name} in cookbook #{cookbook_name}" unless attribute_filename - - attribute_filename - end - - # - # A list of all recipes that have been loaded. - # - # This is stored internally as a Hash, so ordering is predictable. - # - # TODO is the above statement true in a 1.9+ ruby world? Is it relevant? - # - # @return [Array[String]] A list of recipes in fully qualified form, e.g. - # the recipe "nginx" will be given as "nginx::default". - # - # @see #loaded_recipe? To determine if a particular recipe has been loaded. - # - def loaded_recipes - loaded_recipes_hash.keys - end - - # - # A list of all attributes files that have been loaded. - # - # Stored internally using a Hash, so order is predictable. - # - # TODO is the above statement true in a 1.9+ ruby world? Is it relevant? - # - # @return [Array[String]] A list of attribute file names in fully qualified - # form, e.g. the "nginx" will be given as "nginx::default". - # - def loaded_attributes - loaded_attributes_hash.keys - end - - # - # Find out if a given recipe has been loaded. - # - # @param cookbook [String] Cookbook name. - # @param recipe [String] Recipe name. - # - # @return [Boolean] `true` if the recipe has been loaded, `false` otherwise. - # - def loaded_fully_qualified_recipe?(cookbook, recipe) - loaded_recipes_hash.has_key?("#{cookbook}::#{recipe}") - end - - # - # Find out if a given recipe has been loaded. - # - # @param recipe [String] Recipe name. "nginx" and "nginx::default" yield - # the same results. - # - # @return [Boolean] `true` if the recipe has been loaded, `false` otherwise. - # - def loaded_recipe?(recipe) - cookbook, recipe_name = Chef::Recipe.parse_recipe_name(recipe) - loaded_fully_qualified_recipe?(cookbook, recipe_name) - end - - # - # Mark a given recipe as having been loaded. - # - # @param cookbook [String] Cookbook name. - # @param recipe [String] Recipe name. - # - def loaded_recipe(cookbook, recipe) - loaded_recipes_hash["#{cookbook}::#{recipe}"] = true - end - - # - # Find out if a given attribute file has been loaded. - # - # @param cookbook [String] Cookbook name. - # @param attribute_file [String] Attribute file name. - # - # @return [Boolean] `true` if the recipe has been loaded, `false` otherwise. - # - def loaded_fully_qualified_attribute?(cookbook, attribute_file) - loaded_attributes_hash.has_key?("#{cookbook}::#{attribute_file}") - end - - # - # Mark a given attribute file as having been loaded. - # - # @param cookbook [String] Cookbook name. - # @param attribute_file [String] Attribute file name. - # - def loaded_attribute(cookbook, attribute_file) - loaded_attributes_hash["#{cookbook}::#{attribute_file}"] = true - end - - ## - # Cookbook File Introspection - - # - # Find out if the cookbook has the given template. - # - # @param cookbook [String] Cookbook name. - # @param template_name [String] Template name. - # - # @return [Boolean] `true` if the template is in the cookbook, `false` - # otherwise. - # @see Chef::CookbookVersion#has_template_for_node? - # - def has_template_in_cookbook?(cookbook, template_name) - cookbook = cookbook_collection[cookbook] - cookbook.has_template_for_node?(node, template_name) - end - - # - # Find out if the cookbook has the given file. - # - # @param cookbook [String] Cookbook name. - # @param cb_file_name [String] File name. - # - # @return [Boolean] `true` if the file is in the cookbook, `false` - # otherwise. - # @see Chef::CookbookVersion#has_cookbook_file_for_node? - # - def has_cookbook_file_in_cookbook?(cookbook, cb_file_name) - cookbook = cookbook_collection[cookbook] - cookbook.has_cookbook_file_for_node?(node, cb_file_name) - end - - # - # Find out whether the given cookbook is in the cookbook dependency graph. - # - # @param cookbook_name [String] Cookbook name. - # - # @return [Boolean] `true` if the cookbook is reachable, `false` otherwise. - # - # @see Chef::CookbookCompiler#unreachable_cookbook? - def unreachable_cookbook?(cookbook_name) - cookbook_compiler.unreachable_cookbook?(cookbook_name) - end - - # - # Open a stream object that can be printed into and will dispatch to events - # - # @param name [String] The name of the stream. - # @param options [Hash] Other options for the stream. - # - # @return [EventDispatch::EventsOutputStream] The created stream. - # - # @yield If a block is passed, it will be run and the stream will be closed - # afterwards. - # @yieldparam stream [EventDispatch::EventsOutputStream] The created stream. - # - def open_stream(name: nil, **options) - stream = EventDispatch::EventsOutputStream.new(events, name: name, **options) - if block_given? - begin - yield stream - ensure - stream.close - end - else - stream - end - end - - # there are options for how to handle multiple calls to these functions: - # 1. first call always wins (never change reboot_info once set). - # 2. last call always wins (happily change reboot_info whenever). - # 3. raise an exception on the first conflict. - # 4. disable reboot after this run if anyone ever calls :cancel. - # 5. raise an exception on any second call. - # 6. ? - def request_reboot(reboot_info) - Chef::Log.info "Changing reboot status from #{self.reboot_info.inspect} to #{reboot_info.inspect}" - @reboot_info = reboot_info - end - - def cancel_reboot - Chef::Log.info "Changing reboot status from #{reboot_info.inspect} to {}" - @reboot_info = {} - end - - def reboot_requested? - reboot_info.size > 0 - end - - # - # Create a child RunContext. - # - def create_child - ChildRunContext.new(self) - end - - # @api private - attr_writer :resource_collection - - protected - - attr_reader :cookbook_compiler - attr_reader :loaded_attributes_hash - attr_reader :loaded_recipes_hash - - module Deprecated - ### - # These need to be settable so deploy can run a resource_collection - # independent of any cookbooks via +recipe_eval+ - def audits=(value) - Chef.log_deprecation("Setting run_context.audits will be removed in a future Chef. Use run_context.create_child to create a new RunContext instead.") - @audits = value - end - - def immediate_notification_collection=(value) - Chef.log_deprecation("Setting run_context.immediate_notification_collection will be removed in a future Chef. Use run_context.create_child to create a new RunContext instead.") - @immediate_notification_collection = value - end - - def delayed_notification_collection=(value) - Chef.log_deprecation("Setting run_context.delayed_notification_collection will be removed in a future Chef. Use run_context.create_child to create a new RunContext instead.") - @delayed_notification_collection = value - end - end - prepend Deprecated - - # - # A child run context. Delegates all root context calls to its parent. - # - # @api private - # - class ChildRunContext < RunContext - extend Forwardable - def_delegators :parent_run_context, *%w{ - cancel_reboot - config - cookbook_collection - cookbook_compiler - definitions - events - has_cookbook_file_in_cookbook? - has_template_in_cookbook? - load - loaded_attribute - loaded_attributes - loaded_attributes_hash - loaded_fully_qualified_attribute? - loaded_fully_qualified_recipe? - loaded_recipe - loaded_recipe? - loaded_recipes - loaded_recipes_hash - node - open_stream - reboot_info - reboot_info= - reboot_requested? - request_reboot - resolve_attribute - unreachable_cookbook? - } - - def initialize(parent_run_context) - @parent_run_context = parent_run_context - - # We don't call super, because we don't bother initializing stuff we're - # going to delegate to the parent anyway. Just initialize things that - # every instance needs. - initialize_child_state - end - - CHILD_STATE = %w{ - audits - audits= - create_child - add_delayed_action - delayed_actions - delayed_notification_collection - delayed_notification_collection= - delayed_notifications - immediate_notification_collection - immediate_notification_collection= - immediate_notifications - before_notification_collection - before_notifications - include_recipe - initialize_child_state - load_recipe - load_recipe_file - notifies_before - notifies_immediately - notifies_delayed - parent_run_context - root_run_context - resource_collection - resource_collection= - }.map { |x| x.to_sym } - - # Verify that we didn't miss any methods - unless @__skip_method_checking # hook specifically for compat_resource - missing_methods = superclass.instance_methods(false) - instance_methods(false) - CHILD_STATE - if !missing_methods.empty? - raise "ERROR: not all methods of RunContext accounted for in ChildRunContext! All methods must be marked as child methods with CHILD_STATE or delegated to the parent_run_context. Missing #{missing_methods.join(", ")}." - end - end - end - end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/runner.rb b/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/runner.rb deleted file mode 100644 index 9add7a8..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/monkeypatches/chef/runner.rb +++ /dev/null @@ -1,153 +0,0 @@ -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# -# THIS IS A FILE AUTOGENERATED BY 'rake update' DO NOT EDIT!!!! -# -# NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE -# - -if Gem::Requirement.new('< 12.16.42').satisfied_by?(Gem::Version.new(Chef::VERSION)) -#-- -# Author:: Adam Jacob () -# Author:: Christopher Walters () -# Author:: Tim Hinderliter () -# Copyright:: Copyright 2008-2016, Chef Software Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "chef/exceptions" -require "chef/mixin/params_validate" -require "chef/node" -require "chef/resource_collection" - -class Chef - # == Chef::Runner - # This class is responsible for executing the steps in a Chef run. - class Runner - - attr_reader :run_context - - include Chef::Mixin::ParamsValidate - - def initialize(run_context) - @run_context = run_context - end - - def delayed_actions - @run_context.delayed_actions - end - - def events - @run_context.events - end - - # Determine the appropriate provider for the given resource, then - # execute it. - def run_action(resource, action, notification_type = nil, notifying_resource = nil) - # If there are any before notifications, why-run the resource - # and notify anyone who needs notifying - before_notifications = run_context.before_notifications(resource) || [] - unless before_notifications.empty? - forced_why_run do - Chef::Log.info("#{resource} running why-run #{action} action to support before action") - resource.run_action(action, notification_type, notifying_resource) - end - - if resource.updated_by_last_action? - before_notifications.each do |notification| - Chef::Log.info("#{resource} sending #{notification.action} action to #{notification.resource} (before)") - run_action(notification.resource, notification.action, :before, resource) - end - resource.updated_by_last_action(false) - end - end - - # Actually run the action for realsies - resource.run_action(action, notification_type, notifying_resource) - - # Execute any immediate and queue up any delayed notifications - # associated with the resource, but only if it was updated *this time* - # we ran an action on it. - if resource.updated_by_last_action? - run_context.immediate_notifications(resource).each do |notification| - Chef::Log.info("#{resource} sending #{notification.action} action to #{notification.resource} (immediate)") - run_action(notification.resource, notification.action, :immediate, resource) - end - - run_context.delayed_notifications(resource).each do |notification| - # send the notification to the run_context of the receiving resource - notification.resource.run_context.add_delayed_action(notification) - end - end - end - - # Iterates over the +resource_collection+ in the +run_context+ calling - # +run_action+ for each resource in turn. - def converge - # Resolve all lazy/forward references in notifications - run_context.resource_collection.each do |resource| - resource.resolve_notification_references - end - - # Execute each resource. - run_context.resource_collection.execute_each_resource do |resource| - Array(resource.action).each { |action| run_action(resource, action) } - end - - rescue Exception => e - Chef::Log.info "Running queued delayed notifications before re-raising exception" - run_delayed_notifications(e) - else - run_delayed_notifications(nil) - true - end - - private - - # Run all our :delayed actions - def run_delayed_notifications(error = nil) - collected_failures = Exceptions::MultipleFailures.new - collected_failures.client_run_failure(error) unless error.nil? - delayed_actions.each do |notification| - result = run_delayed_notification(notification) - if result.kind_of?(Exception) - collected_failures.notification_failure(result) - end - end - collected_failures.raise! - end - - def run_delayed_notification(notification) - Chef::Log.info( "#{notification.notifying_resource} sending #{notification.action}"\ - " action to #{notification.resource} (delayed)") - # Struct of resource/action to call - run_action(notification.resource, notification.action, :delayed) - true - rescue Exception => e - e - end - - # helper to run a block of code with why_run forced to true and then restore it correctly - def forced_why_run - saved = Chef::Config[:why_run] - Chef::Config[:why_run] = true - yield - ensure - Chef::Config[:why_run] = saved - end - - end -end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/property.rb b/cookbooks/compat_resource/files/lib/chef_compat/property.rb deleted file mode 100644 index be21113..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/property.rb +++ /dev/null @@ -1,6 +0,0 @@ -require 'chef_compat/copied_from_chef/chef/property' - -module ChefCompat - class Property < ChefCompat::CopiedFromChef::Chef::Property - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/recipe.rb b/cookbooks/compat_resource/files/lib/chef_compat/recipe.rb deleted file mode 100644 index 86e39d9..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/recipe.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'chef/recipe' -require 'chef_compat/copied_from_chef/chef/dsl/recipe' - -module ChefCompat - class Recipe < Chef::Recipe - include ChefCompat::CopiedFromChef::Chef::DSL::Recipe::FullDSL - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/resource.rb b/cookbooks/compat_resource/files/lib/chef_compat/resource.rb deleted file mode 100644 index bcf0fdb..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/resource.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'chef_compat/monkeypatches' -require 'chef_compat/copied_from_chef/chef/resource' - -# We do NOT want action defined if chefspec is engaged -if Chef::Provider::InlineResources::ClassMethods.instance_method(:action).source_location[0] =~ /chefspec/ - ChefCompat::CopiedFromChef::Chef::Provider::InlineResources::ClassMethods.instance_eval do - remove_method(:action) - end -end - -module ChefCompat - class Resource < ChefCompat::CopiedFromChef::Chef::Resource - def initialize(*args, &block) - super - # @resource_name is used in earlier Chef versions - @resource_name = self.class.resource_name - end - # Things we'll need to define ourselves: - # 1. provider - # 2. resource_name - - def provider(*args, &block) - super || self.class.action_class - end - def provider=(arg) - provider(arg) - end - - if !respond_to?(:resource_name) - def self.resource_name(name=Chef::NOT_PASSED) - # Setter - if name != Chef::NOT_PASSED - # remove_canonical_dsl - - # Set the resource_name and call provides - if name - name = name.to_sym - # If our class is not already providing this name, provide it. - # Commented out: use of resource_name and provides will need to be - # mutually exclusive in this world, generally. - # if !Chef::ResourceResolver.includes_handler?(name, self) - provides name#, canonical: true - # end - @resource_name = name - else - @resource_name = nil - end - end - @resource_name - end - def self.resource_name=(name) - resource_name(name) - end - end - end -end diff --git a/cookbooks/compat_resource/files/lib/chef_compat/resource/lwrp_base.rb b/cookbooks/compat_resource/files/lib/chef_compat/resource/lwrp_base.rb deleted file mode 100644 index 2ebb98f..0000000 --- a/cookbooks/compat_resource/files/lib/chef_compat/resource/lwrp_base.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'chef_compat/resource' -require 'chef_compat/copied_from_chef/chef/resource' -require 'chef/mixin/convert_to_class_name' -require 'chef/mixin/from_file' - -module ChefCompat - class Resource < ChefCompat::CopiedFromChef::Chef::Resource - class LWRPBase < ChefCompat::Resource - class<= 12.0").satisfied_by?(Gem::Version.new(Chef::VERSION)) - - require 'chef_compat/resource' - require 'chef_compat/property' - require 'chef_compat/mixin/properties' - - resources_dir = File.expand_path("chef_compat/copied_from_chef/chef/resource", File.dirname(__FILE__)) - providers_dir = File.expand_path("chef_compat/copied_from_chef/chef/provider", File.dirname(__FILE__)) - Dir["#{resources_dir}/*.rb"].each {|file| require file } - Dir["#{providers_dir}/*.rb"].each {|file| require file } -else - - class Chef - class Resource - def self.property(args, &block) - raise_chef_11_error - end - - def self.resource_name(args, &block) - raise_chef_11_error - end - - def self.action(args, &block) - raise_chef_11_error - end - - def self.raise_chef_11_error - raise "This resource is written with Chef 12.5 custom resources, and requires at least Chef 12.0 used with the compat_resource cookbook, it will not work with Chef 11.x clients, and those users must pin their cookbooks to older versions or upgrade." - end - end - end - -end diff --git a/cookbooks/compat_resource/libraries/autoload.rb b/cookbooks/compat_resource/libraries/autoload.rb deleted file mode 100644 index db52cfc..0000000 --- a/cookbooks/compat_resource/libraries/autoload.rb +++ /dev/null @@ -1,31 +0,0 @@ -unless Gem::Requirement.new(">= 12.0").satisfied_by?(Gem::Version.new(Chef::VERSION)) - raise "This resource is written with Chef 12.5 custom resources, and requires at least Chef 12.0 used with the compat_resource cookbook, it will not work with Chef 11.x clients, and those users must pin their cookbooks to older versions or upgrade." -end - -# If users are on old verisons of ChefDK which activates an (old) gem via cheffish before this cookbook loads, then -# we just try to monkeypatch over the top of a monkeypatch. Its possible that we have checks in this cookbook which -# will defeat that purpose and fail to monkeypatch on top of monkeypatches -- in which case those checks should be -# removed -- this cookbook needs to win when it gets into a fight with the old gem versions. -if Gem.loaded_specs["compat_resource"] - Chef.log_deprecation "using compat_resource as a gem is deprecated; please update cheffish and chef-provisioning gems (or use the latest Chef/ChefDK packages) or else manually pin your compat_resource cookbook version to the same version as the gem you are using to remove this warning" -end - -# we want to not pollute the libpath with our files until after we've done the version check -require_relative '../files/lib/chef_upstream_version' - -# on any chef client later than the one we were based off of we just turn into a no-op -if Gem::Requirement.new("< #{ChefCompat::CHEF_UPSTREAM_VERSION}").satisfied_by?(Gem::Version.new(Chef::VERSION)) - Chef::Log.debug "loading compat_resource based on chef-version #{ChefCompat::CHEF_UPSTREAM_VERSION} over chef version #{Gem::Version.new(Chef::VERSION)}" - $LOAD_PATH.unshift(File.expand_path("../files/lib", File.dirname(__FILE__))) - require 'compat_resource' -else - Chef::Log.debug "NOT LOADING compat_resource based on chef-version #{ChefCompat::CHEF_UPSTREAM_VERSION} over chef version #{Gem::Version.new(Chef::VERSION)}" - unless defined?(ChefCompat::Resource) && defined?(ChefCompat::Mixin::Properties) - module ChefCompat - Resource = Chef::Resource - module Mixin - Properties = Chef::Mixin::Properties - end - end - end -end diff --git a/cookbooks/compat_resource/metadata.json b/cookbooks/compat_resource/metadata.json deleted file mode 100644 index 1df2f5d..0000000 --- a/cookbooks/compat_resource/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"compat_resource","version":"12.19.0","description":"Backports functionality introduced in the latest chef-client releases to any chef-client from 12.1 onwards","long_description":"# compat_resource cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/compat_resource.svg?branch=master)](https://travis-ci.org/chef-cookbooks/compat_resource) [![Cookbook Version](https://img.shields.io/cookbook/v/compat_resource.svg)](https://supermarket.chef.io/cookbooks/compat_resource)\n\nThis cookbook backports functionality introduced in the latest chef-client releases to any chef-client from 12.1 onwards. This includes [Custom Resource](https://docs.chef.io/custom_resources.html) functionality, notification improvements, as well as new resources added to core chef. It allows for the usage of these new resources in cookbooks without requiring the very latest Chef client release.\n\n## Backported functionality\n\n- [Custom Resources](https://docs.chef.io/custom_resources.html)\n- [apt_repository](https://docs.chef.io/resource_apt_repository.html)\n- [apt_update](https://docs.chef.io/resource_apt_update.html)\n- [systemd_unit](https://docs.chef.io/resource_systemd_unit.html)\n- [yum_repository](https://docs.chef.io/resource_yum_repository.html)\n- [:before notifications](https://docs.chef.io/resources.html#timers)\n\n## Requirements\n\n### Platforms\n\n- All platforms supported by Chef\n\n### Chef\n\n- Chef 12.1+\n\n### Cookbooks\n\n- none\n\n## Usage\n\nTo use this cookbook, put `depends 'compat_resource'` in the metadata.rb of your cookbook. Once this is done, you can use all the new custom resource features to define resources. It Just Works.\n\n## Custom Resources?\n\nCurious about how to use custom resources?\n\n- Docs: \n- Slides: \n\n## License & Authors\n\n- Author:: Lamont Granquist ([lamont@chef.io](mailto:lamont@chef.io))\n- Author:: John Keiser ([jkeiser@chef.io](mailto:jkeiser@chef.io))\n\n```text\nCopyright:: 2015-2016 Chef Software, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Lamont Granquist","maintainer_email":"lamont@chef.io","license":"Apache 2.0","platforms":{},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/compat_resource","issues_url":"https://github.com/chef-cookbooks/compat_resource/issues","chef_version":[[">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/elasticsearch/.foodcritic b/cookbooks/elasticsearch/.foodcritic deleted file mode 100644 index cf9e43e..0000000 --- a/cookbooks/elasticsearch/.foodcritic +++ /dev/null @@ -1 +0,0 @@ -~FC057 diff --git a/cookbooks/elasticsearch/.markdownlint-cli2.yaml b/cookbooks/elasticsearch/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/elasticsearch/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/elasticsearch/CHANGELOG.md b/cookbooks/elasticsearch/CHANGELOG.md index bcfa959..3f2fe83 100644 --- a/cookbooks/elasticsearch/CHANGELOG.md +++ b/cookbooks/elasticsearch/CHANGELOG.md @@ -1,13 +1,76 @@ -# Change Log +# elasticsearch Cookbook Changelog + +## 5.1.3 - *2023-05-17* + +## 5.1.2 - *2023-05-03* + +## 5.1.1 - *2023-04-07* + +Standardise files with files in sous-chefs/repo-management + +## 5.1.0 - *2023-04-04* + +## 5.0.0 - *2023-03-25* + +See below for possible breaking changes. + +- Sous-Chefs Adoption +- Default download to 7.17.9 which is supported until v9 is released +- Remove load_platform_properties and suport test files that were no longer up to date or used +- Remove rubocop ignore files +- Remove the test that checked if a recipe was run +- Update Chef spec tested platforms to: + - Ubuntu: 18.04, 20.04 + - CentOS: 7.8.2003, 8 +- Sous-Chefs standardization + - Change test cookbook name to test + - Add GitHub Actions pipelines + - Add Dokken configuration + - Add support for testing on non-EOL Operating systems + - Update Chef ignore + - Update .gitignore + - Update CHANGELOG format + - Update CONTRIBUTING format + - Add renovate configuration + - **[BREAKING] Support Chef 15.3+** + - Remove Rakefile + - Remove Gemfile (replaced by Chef Workstation) + - Move rspec files from test/unit/spec to spec + - Remove: .rubocop.yml exceptions + - Remove Rakefile, Gemfile, and Gemfile.lock + - Move .kitchen.yml to kitchen.yml + - Change test cookbook name to test + - Add Dangerfile +- Migrate library files to custom resources +- **[BREAKING] Remove default recipe** +- **[BREAKING] Remove default attributes** + - For usage please see testing cookbook +- **[BREAKING] Remove support for tarball installation** + - Tarball installation does not support running in systemd +- Use the Elasticsearch public key to verify the package rather than downloading the key from the internet on every run +- Use the execute resource over shellout where possible. As this correctly triggers notifications +- Stop depending on yum and apt cookbooks as they are not required +- Remove dertime_download_url helper method and replace with default_downoad_url from Elasticsearch::VersionHelpers +- Remove determine_download_checksum and replace with default_download_checksum from Elasticsearch::VersionHelpers +- Move documentation for resources to the documentation folder +- Split the install resources into multiple resources for clarity +- Move common properties into `partials` + +## 4.3.1 - *2023-03-23* + +- Standardise files with files in sous-chefs/repo-management ## [v4.3.0](https://github.com/elastic/cookbook-elasticsearch/tree/v4.3.0) (2019-12-30) + - Default to Elasticsearch 7.4.2 -## [v4.2.0](https://github.com/elastic/cookbook-elasticsearch/tree/v4.2.0) (2019-08-02) +## [v4.2.0](https://github.com/sous-chefs/elasticsearch/tree/v4.2.0) (2019-08-02) + - Default to Elasticsearch 7.3.0 - Some fixes for the version logic when selecting v7 or higher ES -## [v4.1.0](https://github.com/elastic/cookbook-elasticsearch/tree/v4.1.0) (2019-08-02) +## [v4.1.0](https://github.com/sous-chefs/elasticsearch/tree/v4.1.0) (2019-08-02) + - Added support for ES 6.8.1, 6.8.2 and new default of 6.8.2 - Added support for ES v7, with 7.0.0, 7.0.1, 7.1.0, 7.2.0, 7.2.1, 7.3.0 - New URL format for ES v7 introduced, taught lib/helpers how to use it @@ -15,27 +78,34 @@ - Modified testing with test-kitchen to stop using x-pack as a test plugin, now using analysis-icu - Some minor tweaks to get chefspec tests working again -## [v4.0.6](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.6) (2019-05-22) +## [v4.0.6](https://github.com/sous-chefs/elasticsearch/tree/v4.0.6) (2019-05-22) + - Lots of new hashes of more recent releases of ES, see PRs for full list (#715, #713, #710, #709, #705, #704, #701). - Get Travis building again (#714). -## [v4.0.5](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.5) (2019-01-02) +## [v4.0.5](https://github.com/sous-chefs/elasticsearch/tree/v4.0.5) (2019-01-02) + - Add hashes for 6.5.4 (#699), 6.5.3 (#697) -## [v4.0.4](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.4) (2018-11-06) +## [v4.0.4](https://github.com/sous-chefs/elasticsearch/tree/v4.0.4) (2018-11-06) + - Add hashes for 6.4.2 (#687) -## [v4.0.3](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.3) (2018-09-24) +## [v4.0.3](https://github.com/sous-chefs/elasticsearch/tree/v4.0.3) (2018-09-24) + - Add hashes for 6.4.1 (#682) -## [v4.0.2](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.2) (2018-09-17) +## [v4.0.2](https://github.com/sous-chefs/elasticsearch/tree/v4.0.2) (2018-09-17) + - Add hashes for 6.3.0 (#669), 6.3.1 (#673), 6.4.0 (#677) -## [v4.0.1](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.1) (2018-06-01) +## [v4.0.1](https://github.com/sous-chefs/elasticsearch/tree/v4.0.1) (2018-06-01) + - Add hashes for 6.2.4 (#665) - Improve ES_USER / ES_GROUP logic for init script and package installs (#647) -## [v4.0.0](https://github.com/elastic/cookbook-elasticsearch/tree/v4.0.0) (2018-03-25) +## [v4.0.0](https://github.com/sous-chefs/elasticsearch/tree/v4.0.0) (2018-03-25) + - Default to 6.0.0 and add sha256 checksums, drop old 5.x hashes - Point to 6.x yum repo - Introduce 6.0.0's JVM options for ES 6 @@ -45,60 +115,76 @@ - Remove path.conf reference after testing - Stop testing on Ubuntu 12.04 and earlier -## [v3.4.5](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.5) (2018-03-25) +## [v3.4.5](https://github.com/sous-chefs/elasticsearch/tree/v3.4.5) (2018-03-25) + - Add documentation for Java "trust anchors" problem (#646) - Add hashes for 5.6.8 (#649) -## [v3.4.4](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.4) (2018-02-01) +## [v3.4.4](https://github.com/sous-chefs/elasticsearch/tree/v3.4.4) (2018-02-01) + - Add hashes for ES 5.6.6 (#638) and ES 5.6.7 (#640) -## [v3.4.3](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.3) (2018-01-03) +## [v3.4.3](https://github.com/sous-chefs/elasticsearch/tree/v3.4.3) (2018-01-03) + - Add hashes for ES 5.6.5 (#632) -## [v3.4.2](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.2) (2017-12-03) +## [v3.4.2](https://github.com/sous-chefs/elasticsearch/tree/v3.4.2) (2017-12-03) + - Add hashes for ES 5.6.4 (#622) -## [v3.4.1](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.1) (2017-10-18) +## [v3.4.1](https://github.com/sous-chefs/elasticsearch/tree/v3.4.1) (2017-10-18) + - Add hashes for ES 5.6.3 (#616) -## [v3.4.0](https://github.com/elastic/cookbook-elasticsearch/tree/v3.4.0) (2017-09-28) +## [v3.4.0](https://github.com/sous-chefs/elasticsearch/tree/v3.4.0) (2017-09-28) + - Add hashes for ES 5.6.1 and 5.6.2 (#613) - Add the latest init scripts from .deb, .rpm, and systemd -## [v3.3.1](https://github.com/elastic/cookbook-elasticsearch/tree/v3.3.1) (2017-09-15) +## [v3.3.1](https://github.com/sous-chefs/elasticsearch/tree/v3.3.1) (2017-09-15) + - Add hashes for ES 5.6.0 and 5.5.3 (#610) - Workaround for support 'amazon' platform_family (#609) -## [v3.3.0](https://github.com/elastic/cookbook-elasticsearch/tree/v3.3.0) (2017-08-30) +## [v3.3.0](https://github.com/sous-chefs/elasticsearch/tree/v3.3.0) (2017-08-30) + - nil templates skip startup scripts (#585) -## [v3.2.2](https://github.com/elastic/cookbook-elasticsearch/tree/v3.2.2) (2017-08-29) +## [v3.2.2](https://github.com/sous-chefs/elasticsearch/tree/v3.2.2) (2017-08-29) + - Bump ES version to 5.5.2 (#606) -## [v3.2.1](https://github.com/elastic/cookbook-elasticsearch/tree/v3.2.1) (2017-07-17) +## [v3.2.1](https://github.com/sous-chefs/elasticsearch/tree/v3.2.1) (2017-07-17) + - Bump ES version to 5.5.0, add 5.4.2 and 5.4.3 as well (#594) -## [v3.2.0](https://github.com/elastic/cookbook-elasticsearch/tree/v3.2.0) (2017-05-21) +## [v3.2.0](https://github.com/sous-chefs/elasticsearch/tree/v3.2.0) (2017-05-21) + - Provide additional documentation about logging options, update template (#577) - Allow others to read elasticsearch log dir (#570) - Bump ES version to 5.4.0 (#569) -## [v3.1.1](https://github.com/elastic/cookbook-elasticsearch/tree/v3.1.1) (2017-05-01) +## [v3.1.1](https://github.com/sous-chefs/elasticsearch/tree/v3.1.1) (2017-05-01) + - Add hashes for ES 5.3.1 (#562) - Add hashes for ES 5.3.2 (#567) -## [v3.1.0](https://github.com/elastic/cookbook-elasticsearch/tree/v3.1.0) (2017-04-18) +## [v3.1.0](https://github.com/sous-chefs/elasticsearch/tree/v3.1.0) (2017-04-18) + - Add Chef 13.x support for this cookbook (#561) - Reintroduce chef_proxy settings (#557) -## [v3.0.5](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.5) (2017-04-06) +## [v3.0.5](https://github.com/sous-chefs/elasticsearch/tree/v3.0.5) (2017-04-06) + - Bump ES version to 5.3.0 (#550) - Fix permissions for elasticsearch.yml and log4j2.properties (#555) -## [v3.0.4](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.4) (2017-03-02) +## [v3.0.4](https://github.com/sous-chefs/elasticsearch/tree/v3.0.4) (2017-03-02) + - Bump ES version to 5.2.2 (#550) -## [v3.0.3](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.3) (2017-02-09) +## [v3.0.3](https://github.com/sous-chefs/elasticsearch/tree/v3.0.3) (2017-02-09) + - Fix URL support for plugins (#525) - Add support for versions 5.0.2, 5.1.1, 5.1.2, 5.2.0 - Make 5.2.0 the default version @@ -107,25 +193,26 @@ - Fix ruby version build on travis - remove tarball directory recursively -## [v3.0.2](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.2) (2016-11-29) +## [v3.0.2](https://github.com/sous-chefs/elasticsearch/tree/v3.0.2) (2016-11-29) - Ensure bin/elasticsearch-plugin uses the proper environment (#523) - Bump default Elasticsearch version from v5.0.0 to v5.0.1 -## [v3.0.1](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.1) (2016-11-09) +## [v3.0.1](https://github.com/sous-chefs/elasticsearch/tree/v3.0.1) (2016-11-09) - Fix incorrect MAX_MAP_COUNT default to be '262144' to match init scripts (#516) -## [v3.0.0](https://github.com/elastic/cookbook-elasticsearch/tree/v3.0.0) (2016-11-07) +## [v3.0.0](https://github.com/sous-chefs/elasticsearch/tree/v3.0.0) (2016-11-07) Breaking changes that were needed for v5.0.0 support (#497, #512, #424, #478, #503): - - We dropped the fancy logic for figuring out the requested version of Elasticsearch to be installed. You should pass it on the resource or in the recipe, but we no longer do a bunch of logic to figure out what you meant -- we favor being explicit now. - - We now start the service by default, instead of only `:enable` but not `:start`. - - Dropped `gc_options` parameter of elasticsearch_configure, and now have `jvm.options`. We've also dropped thread_stack_size and env_options, as they aren't used in the upstream packaging as defaults anymore. - - Install the tarball and package files into the same locations. There's no more `/usr/local`. - - Install types are now 'strings', not :symbols. `node['elasticsearch'][][]` sets any `elasticsearch::default` recipe. -For more on breaking changes, read [3aa8740](https://github.com/elastic/cookbook-elasticsearch/commit/3aa8740da5182f4a29761e0ea350048764bc0752) and [1ccd013](https://github.com/elastic/cookbook-elasticsearch/commit/1ccd013821cbfe83197c1ebba7fdb3acadc3d88f). +- We dropped the fancy logic for figuring out the requested version of Elasticsearch to be installed. You should pass it on the resource or in the recipe, but we no longer do a bunch of logic to figure out what you meant -- we favor being explicit now. +- We now start the service by default, instead of only `:enable` but not `:start`. +- Dropped `gc_options` parameter of elasticsearch_configure, and now have `jvm.options`. We've also dropped thread_stack_size and env_options, as they aren't used in the upstream packaging as defaults anymore. +- Install the tarball and package files into the same locations. There's no more `/usr/local`. +- Install types are now 'strings', not :symbols. `node['elasticsearch'][][]` sets any `elasticsearch::default` recipe. + +For more on breaking changes, read [3aa8740](https://github.com/sous-chefs/elasticsearch/commit/3aa8740da5182f4a29761e0ea350048764bc0752) and [1ccd013](https://github.com/sous-chefs/elasticsearch/commit/1ccd013821cbfe83197c1ebba7fdb3acadc3d88f). - Switch to the `manage_home false` property of newer Chef versions (#406) - Use YAML library directly from now on for elasticsearch.yml (#470) @@ -136,455 +223,455 @@ For more on breaking changes, read [3aa8740](https://github.com/elastic/cookbook - Add Java 8 testing by default (#510), bump newer Chef versions (#503, #505) - Start using exact plugin names, case sensitive (#485) -## [v2.4.0](https://github.com/elastic/cookbook-elasticsearch/tree/v2.4.0) (2016-09-15) +## [v2.4.0](https://github.com/sous-chefs/elasticsearch/tree/v2.4.0) (2016-09-15) -- Update attributes for 2.3.5 and 2.4.0 versions. Use 2.4.0 version as default for installation and tests. [\#496](https://github.com/elastic/cookbook-elasticsearch/issues/496) and [\#490](https://github.com/elastic/cookbook-elasticsearch/issues/490) +- Update attributes for 2.3.5 and 2.4.0 versions. Use 2.4.0 version as default for installation and tests. [\#496](https://github.com/sous-chefs/elasticsearch/issues/496) and [\#490](https://github.com/sous-chefs/elasticsearch/issues/490) - Added a LICENSE file (Apache 2), metadata, and linting -- Remove chef 11 compatibility from metadata, update cookstyle and Berkshelf, various Chef standards [\#481](https://github.com/elastic/cookbook-elasticsearch/issues/481) -- Improve environment file formatting: Remove quotes from vars that don't need it, strip superfluous spaces from ES_JAVA_OPTS [\#477](https://github.com/elastic/cookbook-elasticsearch/issues/477) - -## [v2.3.2](https://github.com/elastic/cookbook-elasticsearch/tree/v2.3.2) (2016-06-17) - -- Update init scripts and configs to latest [\#461](https://github.com/elastic/cookbook-elasticsearch/issues/461) -- Don't make environment file executable [\#474](https://github.com/elastic/cookbook-elasticsearch/issues/474) -- Don't make config YAML file executable [\#465](https://github.com/elastic/cookbook-elasticsearch/issues/465) -- Make latest Foodcritic rules pass [\#466](https://github.com/elastic/cookbook-elasticsearch/issues/466) -- ES 2.3.3 SHA256 sums and default version [\#464](https://github.com/elastic/cookbook-elasticsearch/issues/464) -- Point to determine_download_url instead of non-existent get_package_url [\#463](https://github.com/elastic/cookbook-elasticsearch/issues/463) - -## [v2.3.1](https://github.com/elastic/cookbook-elasticsearch/tree/v2.3.1) (2016-05-06) - -- Update documentation for dir in elasticsearch_install [\#453](https://github.com/elastic/cookbook-elasticsearch/issues/453) -- Define custom matchers helpers for notification testing [\#458](https://github.com/elastic/cookbook-elasticsearch/issues/458) -- Add checksums for version 2.3.2 [\#457](https://github.com/elastic/cookbook-elasticsearch/issues/457) -- Default ES version bump to 2.3.2 [\#459](https://github.com/elastic/cookbook-elasticsearch/issues/459) -- Fix quoting bug in plugin remove action [\#455](https://github.com/elastic/cookbook-elasticsearch/issues/455) -- Fix typo in README [\#456](https://github.com/elastic/cookbook-elasticsearch/issues/456) - -## [v2.3.0](https://github.com/elastic/cookbook-elasticsearch/tree/v2.3.0) (2016-04-07) - -- Add checksums for 2.3.1 [\#451](https://github.com/elastic/cookbook-elasticsearch/issues/451) - -## [v2.2.2](https://github.com/elastic/cookbook-elasticsearch/tree/v2.2.2) (2016-03-22) - -- elasticsearch_configure provider should not modify default resource parameters [\#445](https://github.com/elastic/cookbook-elasticsearch/issues/445) - -## [v2.2.1](https://github.com/elastic/cookbook-elasticsearch/tree/v2.2.1) (2016-03-04) - -- Incorrectly setting allocated memory in the `ES\_JAVA\_OPTS` variable [\#434](https://github.com/elastic/cookbook-elasticsearch/issues/434) -- elasticsearch_service/service_actions accepts (but does not support) Symbols [\#438](https://github.com/elastic/cookbook-elasticsearch/issues/438) - -## [v2.2.0](https://github.com/elastic/cookbook-elasticsearch/tree/v2.2.0) (2016-02-08) - -- Max heap size is too large [\#427](https://github.com/elastic/cookbook-elasticsearch/issues/427) -- How to define discovery.zen.ping.unicast.hosts [\#426](https://github.com/elastic/cookbook-elasticsearch/issues/426) -- elasticsearch\_plugin install lacks proxy support [\#415](https://github.com/elastic/cookbook-elasticsearch/issues/415) -- Default ES version needs upgrading \(2.1.0 \> 2.1.1\) [\#411](https://github.com/elastic/cookbook-elasticsearch/issues/411) -- config dirs/files and install dirs/files should be owned by root, not es\_user [\#405](https://github.com/elastic/cookbook-elasticsearch/issues/405) -- Reinstalls elasticserach every chef run [\#404](https://github.com/elastic/cookbook-elasticsearch/issues/404) -- Permission problem when installing Watcher or Shield [\#423](https://github.com/elastic/cookbook-elasticsearch/issues/423) -- Installing shield and watcher plugins fail with AccessDeniedException [\#421](https://github.com/elastic/cookbook-elasticsearch/issues/421) -- Plugin removal is broken [\#418](https://github.com/elastic/cookbook-elasticsearch/issues/418) -- elasticsearch\_configure documentation example missing path\_home [\#413](https://github.com/elastic/cookbook-elasticsearch/issues/413) -- Init script can't start [\#390](https://github.com/elastic/cookbook-elasticsearch/issues/390) -- ruby command not found [\#378](https://github.com/elastic/cookbook-elasticsearch/issues/378) -- ES 2.2.0 installation fails [\#429](https://github.com/elastic/cookbook-elasticsearch/issues/429) -- Can't install plugin twice [\#408](https://github.com/elastic/cookbook-elasticsearch/issues/408) -- Error running recipe on AWS Opsworks [\#403](https://github.com/elastic/cookbook-elasticsearch/issues/403) -- ES 2.1.0 support [\#402](https://github.com/elastic/cookbook-elasticsearch/issues/402) -- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/elastic/cookbook-elasticsearch/issues/401) -- gateway.expected\_nodes default should be 0 [\#399](https://github.com/elastic/cookbook-elasticsearch/issues/399) -- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/elastic/cookbook-elasticsearch/issues/398) -- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/elastic/cookbook-elasticsearch/issues/397) -- What is supposed to happen when a config file is changed? [\#394](https://github.com/elastic/cookbook-elasticsearch/issues/394) -- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/elastic/cookbook-elasticsearch/issues/393) -- Plugin install isn't idempotent [\#392](https://github.com/elastic/cookbook-elasticsearch/issues/392) -- Question - Are custom configs required everywhere? [\#391](https://github.com/elastic/cookbook-elasticsearch/issues/391) -- Is :tarball or :package the preferred installation type? [\#389](https://github.com/elastic/cookbook-elasticsearch/issues/389) -- Support Amazon platform for init scripts [\#387](https://github.com/elastic/cookbook-elasticsearch/issues/387) -- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/elastic/cookbook-elasticsearch/issues/386) -- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/elastic/cookbook-elasticsearch/issues/385) -- Support ES 2.0 [\#384](https://github.com/elastic/cookbook-elasticsearch/issues/384) -- plugin install does not work [\#382](https://github.com/elastic/cookbook-elasticsearch/issues/382) -- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/elastic/cookbook-elasticsearch/issues/379) -- Allow template cookbook override in \_configure [\#376](https://github.com/elastic/cookbook-elasticsearch/issues/376) -- 1.0.2 Issues with pid files [\#374](https://github.com/elastic/cookbook-elasticsearch/issues/374) -- Consider using the resource name as a common shared set of resources [\#373](https://github.com/elastic/cookbook-elasticsearch/issues/373) -- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/elastic/cookbook-elasticsearch/issues/371) -- Compile Error [\#370](https://github.com/elastic/cookbook-elasticsearch/issues/370) -- wrong number of arguments \(1 for 0\) [\#369](https://github.com/elastic/cookbook-elasticsearch/issues/369) -- fixes typo in readme [\#428](https://github.com/elastic/cookbook-elasticsearch/pull/428) ([spuder](https://github.com/spuder)) -- Plugin removal functionality restored [\#420](https://github.com/elastic/cookbook-elasticsearch/pull/420) ([dbaggott](https://github.com/dbaggott)) -- Update to ES 2.1.1 [\#412](https://github.com/elastic/cookbook-elasticsearch/pull/412) ([dbaggott](https://github.com/dbaggott)) -- Makes code examples have color [\#396](https://github.com/elastic/cookbook-elasticsearch/pull/396) ([spuder](https://github.com/spuder)) -- Updates docs to show package are now default install [\#395](https://github.com/elastic/cookbook-elasticsearch/pull/395) ([spuder](https://github.com/spuder)) -- Update the README to remove a typo [\#381](https://github.com/elastic/cookbook-elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) -- Correct the full changelog links [\#375](https://github.com/elastic/cookbook-elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) -- add missing matchers [\#368](https://github.com/elastic/cookbook-elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) - -## [v2.1.1](https://github.com/elastic/cookbook-elasticsearch/tree/v2.1.1) (2016-01-08) - -- elasticsearch\_plugin install lacks proxy support [\#415](https://github.com/elastic/cookbook-elasticsearch/issues/415) -- Default ES version needs upgrading \(2.1.0 \> 2.1.1\) [\#411](https://github.com/elastic/cookbook-elasticsearch/issues/411) -- Reinstalls elasticserach every chef run [\#404](https://github.com/elastic/cookbook-elasticsearch/issues/404) -- Installing shield and watcher plugins fail with AccessDeniedException [\#421](https://github.com/elastic/cookbook-elasticsearch/issues/421) -- Plugin removal is broken [\#418](https://github.com/elastic/cookbook-elasticsearch/issues/418) -- elasticsearch\_configure documentation example missing path\_home [\#413](https://github.com/elastic/cookbook-elasticsearch/issues/413) -- Init script can't start [\#390](https://github.com/elastic/cookbook-elasticsearch/issues/390) -- ruby command not found [\#378](https://github.com/elastic/cookbook-elasticsearch/issues/378) -- Can't install plugin twice [\#408](https://github.com/elastic/cookbook-elasticsearch/issues/408) -- Error running recipe on AWS Opsworks [\#403](https://github.com/elastic/cookbook-elasticsearch/issues/403) -- ES 2.1.0 support [\#402](https://github.com/elastic/cookbook-elasticsearch/issues/402) -- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/elastic/cookbook-elasticsearch/issues/401) -- gateway.expected\_nodes default should be 0 [\#399](https://github.com/elastic/cookbook-elasticsearch/issues/399) -- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/elastic/cookbook-elasticsearch/issues/398) -- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/elastic/cookbook-elasticsearch/issues/397) -- What is supposed to happen when a config file is changed? [\#394](https://github.com/elastic/cookbook-elasticsearch/issues/394) -- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/elastic/cookbook-elasticsearch/issues/393) -- Plugin install isn't idempotent [\#392](https://github.com/elastic/cookbook-elasticsearch/issues/392) -- Question - Are custom configs required everywhere? [\#391](https://github.com/elastic/cookbook-elasticsearch/issues/391) -- Is :tarball or :package the preferred installation type? [\#389](https://github.com/elastic/cookbook-elasticsearch/issues/389) -- Support Amazon platform for init scripts [\#387](https://github.com/elastic/cookbook-elasticsearch/issues/387) -- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/elastic/cookbook-elasticsearch/issues/386) -- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/elastic/cookbook-elasticsearch/issues/385) -- Support ES 2.0 [\#384](https://github.com/elastic/cookbook-elasticsearch/issues/384) -- plugin install does not work [\#382](https://github.com/elastic/cookbook-elasticsearch/issues/382) -- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/elastic/cookbook-elasticsearch/issues/379) -- Allow template cookbook override in \_configure [\#376](https://github.com/elastic/cookbook-elasticsearch/issues/376) -- 1.0.2 Issues with pid files [\#374](https://github.com/elastic/cookbook-elasticsearch/issues/374) -- Consider using the resource name as a common shared set of resources [\#373](https://github.com/elastic/cookbook-elasticsearch/issues/373) -- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/elastic/cookbook-elasticsearch/issues/371) -- Compile Error [\#370](https://github.com/elastic/cookbook-elasticsearch/issues/370) -- wrong number of arguments \(1 for 0\) [\#369](https://github.com/elastic/cookbook-elasticsearch/issues/369) -- missing chef resource expectations in specs in 1.0.1 [\#367](https://github.com/elastic/cookbook-elasticsearch/issues/367) -- Use predictable attributes/values for version, download URL, and checksum [\#366](https://github.com/elastic/cookbook-elasticsearch/issues/366) -- Rubocop & foodcritic cleanup [\#365](https://github.com/elastic/cookbook-elasticsearch/issues/365) -- elasticsearch\_plugin installs plugins with the wrong permissions [\#363](https://github.com/elastic/cookbook-elasticsearch/issues/363) -- Double-dependency on curl [\#360](https://github.com/elastic/cookbook-elasticsearch/issues/360) -- OS X Support [\#358](https://github.com/elastic/cookbook-elasticsearch/issues/358) -- Plugin removal functionality restored [\#420](https://github.com/elastic/cookbook-elasticsearch/pull/420) ([dbaggott](https://github.com/dbaggott)) -- Update to ES 2.1.1 [\#412](https://github.com/elastic/cookbook-elasticsearch/pull/412) ([dbaggott](https://github.com/dbaggott)) -- Makes code examples have color [\#396](https://github.com/elastic/cookbook-elasticsearch/pull/396) ([spuder](https://github.com/spuder)) -- Updates docs to show package are now default install [\#395](https://github.com/elastic/cookbook-elasticsearch/pull/395) ([spuder](https://github.com/spuder)) -- Update the README to remove a typo [\#381](https://github.com/elastic/cookbook-elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) -- Correct the full changelog links [\#375](https://github.com/elastic/cookbook-elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) -- add missing matchers [\#368](https://github.com/elastic/cookbook-elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) -- Adds integration test for plugins in default environment [\#361](https://github.com/elastic/cookbook-elasticsearch/pull/361) ([bwvoss](https://github.com/bwvoss)) - -## [2.1.0](https://github.com/elastic/cookbook-elasticsearch/tree/v2.1.0) (2015-12-01) - -- ES 2.1.0 support [\#402](https://github.com/elastic/cookbook-elasticsearch/issues/402) - -## [2.0.1](https://github.com/elastic/cookbook-elasticsearch/tree/v2.0.1) (2015-12-01) - -- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/elastic/cookbook-elasticsearch/issues/401) -- gateway.expected\_nodes default should be 0 [\#399](https://github.com/elastic/cookbook-elasticsearch/issues/399) -- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/elastic/cookbook-elasticsearch/issues/398) - -## [2.0.0](https://github.com/elastic/cookbook-elasticsearch/tree/v2.0.0) (2015-11-23) - -- Upgrading by package needs cleanup [\#331](https://github.com/elastic/cookbook-elasticsearch/issues/331) -- Minimal init scripts, preferrably from the packaged versions of ES [\#321](https://github.com/elastic/cookbook-elasticsearch/issues/321) -- Remove extra env file, or follow packaged conventions [\#320](https://github.com/elastic/cookbook-elasticsearch/issues/320) -- Remove system limit adjustments [\#319](https://github.com/elastic/cookbook-elasticsearch/issues/319) -- Init script can't start [\#390](https://github.com/elastic/cookbook-elasticsearch/issues/390) -- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/elastic/cookbook-elasticsearch/issues/397) -- What is supposed to happen when a config file is changed? [\#394](https://github.com/elastic/cookbook-elasticsearch/issues/394) -- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/elastic/cookbook-elasticsearch/issues/393) -- Plugin install isn't idempotent [\#392](https://github.com/elastic/cookbook-elasticsearch/issues/392) -- Question - Are custom configs required everywhere? [\#391](https://github.com/elastic/cookbook-elasticsearch/issues/391) -- Is :tarball or :package the preferred installation type? [\#389](https://github.com/elastic/cookbook-elasticsearch/issues/389) -- Support Amazon platform for init scripts [\#387](https://github.com/elastic/cookbook-elasticsearch/issues/387) -- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/elastic/cookbook-elasticsearch/issues/386) -- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/elastic/cookbook-elasticsearch/issues/385) -- plugin install does not work [\#382](https://github.com/elastic/cookbook-elasticsearch/issues/382) -- Allow template cookbook override in \_configure [\#376](https://github.com/elastic/cookbook-elasticsearch/issues/376) -- Consider using the resource name as a common shared set of resources [\#373](https://github.com/elastic/cookbook-elasticsearch/issues/373) -- Recreate deploying-elasticsearch-with-chef tutorial [\#293](https://github.com/elastic/cookbook-elasticsearch/issues/293) -- Makes code examples have color [\#396](https://github.com/elastic/cookbook-elasticsearch/pull/396) ([spuder](https://github.com/spuder)) -- Updates docs to show package are now default install [\#395](https://github.com/elastic/cookbook-elasticsearch/pull/395) ([spuder](https://github.com/spuder)) - -## [1.2.0](https://github.com/elastic/cookbook-elasticsearch/tree/v1.2.0) (2015-10-16) - -- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/elastic/cookbook-elasticsearch/issues/379) -- OS X Support [\#358](https://github.com/elastic/cookbook-elasticsearch/issues/358) -- Dealing with plugin versions that don't match, Elasticsearch failing to start [\#330](https://github.com/elastic/cookbook-elasticsearch/issues/330) -- ruby command not found [\#378](https://github.com/elastic/cookbook-elasticsearch/issues/378) -- Update the README to remove a typo [\#381](https://github.com/elastic/cookbook-elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) -- Correct the full changelog links [\#375](https://github.com/elastic/cookbook-elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) - -## [1.0.3](https://github.com/elastic/cookbook-elasticsearch/tree/v1.0.3) (2015-09-20) - -- 1.0.2 Issues with pid files [\#374](https://github.com/elastic/cookbook-elasticsearch/issues/374) - -## [1.0.2](https://github.com/elastic/cookbook-elasticsearch/tree/v1.0.2) (2015-09-20) - -- enhancement : attribut path\_xxx and path.xxx [\#352](https://github.com/elastic/cookbook-elasticsearch/issues/352) -- It would be nice to be able to pass options to elasticsearch\_service [\#334](https://github.com/elastic/cookbook-elasticsearch/issues/334) -- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/elastic/cookbook-elasticsearch/issues/371) -- Compile Error [\#370](https://github.com/elastic/cookbook-elasticsearch/issues/370) -- wrong number of arguments \(1 for 0\) [\#369](https://github.com/elastic/cookbook-elasticsearch/issues/369) -- missing chef resource expectations in specs in 1.0.1 [\#367](https://github.com/elastic/cookbook-elasticsearch/issues/367) -- Rubocop & foodcritic cleanup [\#365](https://github.com/elastic/cookbook-elasticsearch/issues/365) -- add missing matchers [\#368](https://github.com/elastic/cookbook-elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) - -## [1.0.1](https://github.com/elastic/cookbook-elasticsearch/tree/v1.0.1) (2015-09-15) - -- Plugin resource's plugin\_dir should have a sensible default [\#345](https://github.com/elastic/cookbook-elasticsearch/issues/345) -- Elasticsearch user homedir deleted [\#328](https://github.com/elastic/cookbook-elasticsearch/issues/328) -- Use predictable attributes/values for version, download URL, and checksum [\#366](https://github.com/elastic/cookbook-elasticsearch/issues/366) -- elasticsearch\_plugin installs plugins with the wrong permissions [\#363](https://github.com/elastic/cookbook-elasticsearch/issues/363) -- Double-dependency on curl [\#360](https://github.com/elastic/cookbook-elasticsearch/issues/360) -- poise dependency not found [\#356](https://github.com/elastic/cookbook-elasticsearch/issues/356) -- Documentation for using JSON node configuration [\#355](https://github.com/elastic/cookbook-elasticsearch/issues/355) -- Hardcoded checksums in library helpers [\#350](https://github.com/elastic/cookbook-elasticsearch/issues/350) -- Document default values for all resources [\#348](https://github.com/elastic/cookbook-elasticsearch/issues/348) -- 1.0 should have sensible documentation [\#344](https://github.com/elastic/cookbook-elasticsearch/issues/344) -- Adds integration test for plugins in default environment [\#361](https://github.com/elastic/cookbook-elasticsearch/pull/361) ([bwvoss](https://github.com/bwvoss)) -- Clarify when overriding plugin\_dir is necessary [\#349](https://github.com/elastic/cookbook-elasticsearch/pull/349) ([michaelklishin](https://github.com/michaelklishin)) -- Remove duplicate node.max\_local\_storage\_nodes setting from the config template [\#346](https://github.com/elastic/cookbook-elasticsearch/pull/346) ([eheydrick](https://github.com/eheydrick)) - -## [v1.0.0](https://github.com/elastic/cookbook-elasticsearch/tree/v1.0.0) (2015-07-16) - -- Rename source method of install [\#332](https://github.com/elastic/cookbook-elasticsearch/issues/332) -- NEXT: Document the process for submitting PRs [\#270](https://github.com/elastic/cookbook-elasticsearch/issues/270) -- Travis CI not running on PRs from local branches [\#337](https://github.com/elastic/cookbook-elasticsearch/issues/337) -- Error executing action `install` on resource 'elasticsearch\_install' [\#335](https://github.com/elastic/cookbook-elasticsearch/issues/335) -- Document requirement on Chef 12+ [\#338](https://github.com/elastic/cookbook-elasticsearch/issues/338) -- Add lots of additional documentation [\#343](https://github.com/elastic/cookbook-elasticsearch/pull/343) ([martinb3](https://github.com/martinb3)) -- Add contribution guidelines [\#342](https://github.com/elastic/cookbook-elasticsearch/pull/342) ([martinb3](https://github.com/martinb3)) -- Run CI on master branch again, after rename [\#341](https://github.com/elastic/cookbook-elasticsearch/pull/341) ([martinb3](https://github.com/martinb3)) -- Rename provider source to tarball [\#340](https://github.com/elastic/cookbook-elasticsearch/pull/340) ([martinb3](https://github.com/martinb3)) - -## [v0.3.14](https://github.com/elastic/cookbook-elasticsearch/tree/v0.3.14) (2015-07-16) - -- NEXT: Model YML config after 'trim' config [\#322](https://github.com/elastic/cookbook-elasticsearch/issues/322) -- NEXT: Create a user resource and provider [\#269](https://github.com/elastic/cookbook-elasticsearch/issues/269) -- If bootstrap.mlockall is true, MAX\_LOCKED\_MEMORY should be set to unlimited in elasticsearch-env.sh [\#266](https://github.com/elastic/cookbook-elasticsearch/issues/266) -- Installation enhancement [\#222](https://github.com/elastic/cookbook-elasticsearch/issues/222) -- Plugins defined in databag do not get installed [\#89](https://github.com/elastic/cookbook-elasticsearch/issues/89) -- There is no customize recipe [\#326](https://github.com/elastic/cookbook-elasticsearch/issues/326) -- ES not starting when setting version to 1.5.2 or 1.6.0 [\#325](https://github.com/elastic/cookbook-elasticsearch/issues/325) -- Question - Does cookbook support rolling restarts? [\#315](https://github.com/elastic/cookbook-elasticsearch/issues/315) -- Loading attributes from the data DBI [\#313](https://github.com/elastic/cookbook-elasticsearch/issues/313) -- 0.3.13: service doesn't successfully start [\#312](https://github.com/elastic/cookbook-elasticsearch/issues/312) -- Restart doesn't work the first time if a stale PID exists [\#310](https://github.com/elastic/cookbook-elasticsearch/issues/310) -- Cannot install plugin 2.4.1 [\#308](https://github.com/elastic/cookbook-elasticsearch/issues/308) -- Proxy recipe should include nginx only based on configurabe attribute [\#307](https://github.com/elastic/cookbook-elasticsearch/issues/307) -- Queue capacity [\#301](https://github.com/elastic/cookbook-elasticsearch/issues/301) -- strange behavior with docker :bug: [\#300](https://github.com/elastic/cookbook-elasticsearch/issues/300) -- Vagrant: Undefined method 'provider' [\#298](https://github.com/elastic/cookbook-elasticsearch/issues/298) -- Error after upgrading the cookbook [\#297](https://github.com/elastic/cookbook-elasticsearch/issues/297) -- Setting version triggers java.lang.NoClassDefFoundError [\#296](https://github.com/elastic/cookbook-elasticsearch/issues/296) -- Elasticsearch running but not from service [\#290](https://github.com/elastic/cookbook-elasticsearch/issues/290) -- Elasticsearch throws ElasticsearchIllegalStateException on boot \(time based instance\) [\#288](https://github.com/elastic/cookbook-elasticsearch/issues/288) -- Prefix Definitions [\#285](https://github.com/elastic/cookbook-elasticsearch/issues/285) -- strange thinks happend if I override elasticsearch version [\#283](https://github.com/elastic/cookbook-elasticsearch/issues/283) -- Chef::Mixin::Template::TemplateError on new ssl attributes [\#281](https://github.com/elastic/cookbook-elasticsearch/issues/281) -- The 0.3.13 release is missing the metadata.rb file [\#279](https://github.com/elastic/cookbook-elasticsearch/issues/279) -- berks upload fails due to .DS\_Store files found in 0.3.12 package on supermarket.chef.io [\#278](https://github.com/elastic/cookbook-elasticsearch/issues/278) -- 0.3.11 release [\#277](https://github.com/elastic/cookbook-elasticsearch/issues/277) -- Berkshelf treats 'recommends' as 'depends' [\#275](https://github.com/elastic/cookbook-elasticsearch/issues/275) -- Init Script + Existing PID File [\#274](https://github.com/elastic/cookbook-elasticsearch/issues/274) -- Version change doesn't work [\#273](https://github.com/elastic/cookbook-elasticsearch/issues/273) -- Please add an option to specify the desired shell to pass to the su command [\#260](https://github.com/elastic/cookbook-elasticsearch/issues/260) -- Attaching EBS takes a very long time and doesn't finish? [\#259](https://github.com/elastic/cookbook-elasticsearch/issues/259) -- 1.3.4 startup hangs for 10min and fails [\#257](https://github.com/elastic/cookbook-elasticsearch/issues/257) -- Plugin installation skipping [\#252](https://github.com/elastic/cookbook-elasticsearch/issues/252) -- Can't get Rake task to work \(either dependencies or installing Berkshelf\) [\#244](https://github.com/elastic/cookbook-elasticsearch/issues/244) -- Don't include build-essential just to be sure apt is up to date [\#241](https://github.com/elastic/cookbook-elasticsearch/issues/241) -- how to specify max\_map\_count? [\#239](https://github.com/elastic/cookbook-elasticsearch/issues/239) -- Nginx HTTP, Basic Auth and multiple nodes [\#238](https://github.com/elastic/cookbook-elasticsearch/issues/238) -- Installing Marvel [\#237](https://github.com/elastic/cookbook-elasticsearch/issues/237) -- Need help with creating EBS Volume [\#223](https://github.com/elastic/cookbook-elasticsearch/issues/223) -- If elasticsearch fails to extract, it won't be installed later [\#221](https://github.com/elastic/cookbook-elasticsearch/issues/221) -- uninitialized constant Extensions during Vagrant provisioning [\#212](https://github.com/elastic/cookbook-elasticsearch/issues/212) -- config.vm.provider not recognised using Vagrant 1.5.4 [\#207](https://github.com/elastic/cookbook-elasticsearch/issues/207) -- The Vagrant installation instructions are outdated [\#206](https://github.com/elastic/cookbook-elasticsearch/issues/206) -- How to specify path.data and path.logs? [\#202](https://github.com/elastic/cookbook-elasticsearch/issues/202) -- Cannot upgrade from 0.0.92 to 1.0.1 [\#197](https://github.com/elastic/cookbook-elasticsearch/issues/197) -- install\_plugin fails to run on initial install [\#176](https://github.com/elastic/cookbook-elasticsearch/issues/176) -- EBS volume clean up [\#172](https://github.com/elastic/cookbook-elasticsearch/issues/172) -- Cookbook default attributes get lifted to normal priority [\#168](https://github.com/elastic/cookbook-elasticsearch/issues/168) -- Fog doesn't respect "delete\_on\_termination" option in elasticsearch::ebs [\#146](https://github.com/elastic/cookbook-elasticsearch/issues/146) -- Use package options on both providers [\#336](https://github.com/elastic/cookbook-elasticsearch/pull/336) ([martinb3](https://github.com/martinb3)) -- allow options passing to package provider [\#329](https://github.com/elastic/cookbook-elasticsearch/pull/329) ([scalp42](https://github.com/scalp42)) -- set default resource actions [\#327](https://github.com/elastic/cookbook-elasticsearch/pull/327) ([nathwill](https://github.com/nathwill)) -- Add a note about `next` branch [\#324](https://github.com/elastic/cookbook-elasticsearch/pull/324) ([martinb3](https://github.com/martinb3)) -- Introduce provider and resource for configure [\#316](https://github.com/elastic/cookbook-elasticsearch/pull/316) ([martinb3](https://github.com/martinb3)) -- First pass at install resource and two providers [\#309](https://github.com/elastic/cookbook-elasticsearch/pull/309) ([martinb3](https://github.com/martinb3)) - -## [v0.3.13](https://github.com/elastic/cookbook-elasticsearch/tree/v0.3.13) (2015-01-13) - -## [0.3.12](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.12) (2015-01-13) - -- Guidance On Upgrading A Running ES Installation [\#271](https://github.com/elastic/cookbook-elasticsearch/issues/271) -- Supermarket release? [\#262](https://github.com/elastic/cookbook-elasticsearch/issues/262) -- version check always adds '-d' flag incorrectly. [\#255](https://github.com/elastic/cookbook-elasticsearch/issues/255) -- Version 0.3.11 not available on supermarket [\#250](https://github.com/elastic/cookbook-elasticsearch/issues/250) -- Missed multicast settings in template [\#248](https://github.com/elastic/cookbook-elasticsearch/issues/248) -- Data bags for test? [\#246](https://github.com/elastic/cookbook-elasticsearch/issues/246) -- Introduce user provider and resource [\#268](https://github.com/elastic/cookbook-elasticsearch/pull/268) ([martinb3](https://github.com/martinb3)) -- First pass at framework with testing, rake, etc [\#249](https://github.com/elastic/cookbook-elasticsearch/pull/249) ([martinb3](https://github.com/martinb3)) - -## [0.3.11](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.11) (2014-10-13) - -- The init script should use the Chef embedded Ruby? [\#215](https://github.com/elastic/cookbook-elasticsearch/issues/215) -- Quick Fix for version update issues [\#178](https://github.com/elastic/cookbook-elasticsearch/issues/178) -- Don't seem to be able to change the version [\#100](https://github.com/elastic/cookbook-elasticsearch/issues/100) -- Multiple EBS mounting [\#232](https://github.com/elastic/cookbook-elasticsearch/issues/232) -- Just changing elasticsearch version attribute doesn't install intended version [\#225](https://github.com/elastic/cookbook-elasticsearch/issues/225) -- plugins not being loaded [\#171](https://github.com/elastic/cookbook-elasticsearch/issues/171) - -## [0.3.10](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.10) (2014-06-19) - -- Single node cofiguration [\#220](https://github.com/elastic/cookbook-elasticsearch/issues/220) -- can we use apt\_repository resource to install a particular version [\#217](https://github.com/elastic/cookbook-elasticsearch/issues/217) -- Version attribute effect on download\_url is misleading [\#214](https://github.com/elastic/cookbook-elasticsearch/issues/214) -- Make config template configurable [\#153](https://github.com/elastic/cookbook-elasticsearch/issues/153) - -## [0.3.9](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.9) (2014-05-22) - -- 1.1.1 doesn't work [\#210](https://github.com/elastic/cookbook-elasticsearch/issues/210) -- Why does this cookbook set the es max heap size to 60% of available memory? [\#209](https://github.com/elastic/cookbook-elasticsearch/issues/209) -- Failure when adding elasticsearch service [\#204](https://github.com/elastic/cookbook-elasticsearch/issues/204) -- New release? [\#203](https://github.com/elastic/cookbook-elasticsearch/issues/203) - -## [0.3.8](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.8) (2014-03-27) - -- Avoid using `recommends "monit"` in metadata.rb [\#162](https://github.com/elastic/cookbook-elasticsearch/issues/162) -- Problem with ownership of pid in /var/run/ on restart of ubuntu [\#108](https://github.com/elastic/cookbook-elasticsearch/issues/108) -- SSL support with Nginx proxy [\#226](https://github.com/elastic/cookbook-elasticsearch/issues/226) -- Compatibility with 1.0.1 [\#195](https://github.com/elastic/cookbook-elasticsearch/issues/195) -- pid\_path is owned by elasticsearch [\#193](https://github.com/elastic/cookbook-elasticsearch/issues/193) -- \[Install plugin: merge!\] \(elasticsearch::plugins line 35\) [\#187](https://github.com/elastic/cookbook-elasticsearch/issues/187) -- Cookbook doesn't work with 1.0.0RCx versions - Startup broken based on behavior change [\#185](https://github.com/elastic/cookbook-elasticsearch/issues/185) -- Failure to locate 'elasticsearch.conf.erb' template [\#184](https://github.com/elastic/cookbook-elasticsearch/issues/184) -- Question on attributes "methodology" [\#180](https://github.com/elastic/cookbook-elasticsearch/issues/180) -- print\_value docs don't mention elasticsearch [\#169](https://github.com/elastic/cookbook-elasticsearch/issues/169) -- update readme file with default attributes [\#166](https://github.com/elastic/cookbook-elasticsearch/issues/166) -- Index template config files [\#164](https://github.com/elastic/cookbook-elasticsearch/issues/164) -- Issues configuring unicast cluster [\#158](https://github.com/elastic/cookbook-elasticsearch/issues/158) -- elasticsearch default /usr/local/elasticsearch is no good for elasticsearch-env.sh [\#157](https://github.com/elastic/cookbook-elasticsearch/issues/157) - -## [0.3.7](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.7) (2013-10-28) - -## [0.3.5](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.5) (2013-10-27) - -- ES Logging Not Working [\#151](https://github.com/elastic/cookbook-elasticsearch/issues/151) -- Adding Debian specific init script [\#98](https://github.com/elastic/cookbook-elasticsearch/pull/98) ([remkade](https://github.com/remkade)) - -## [0.3.4](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.4) (2013-10-01) - -- first install with plugins fails [\#138](https://github.com/elastic/cookbook-elasticsearch/issues/138) -- Custom Params for init.d start [\#134](https://github.com/elastic/cookbook-elasticsearch/issues/134) -- elasticsearch-cloud-aws plugin - fails to install, restarts service anyway [\#131](https://github.com/elastic/cookbook-elasticsearch/issues/131) -- init script - improvements needed [\#130](https://github.com/elastic/cookbook-elasticsearch/issues/130) -- Configure HTTP port range [\#129](https://github.com/elastic/cookbook-elasticsearch/issues/129) -- Elasticsearch fails to start with 0.90.3 and cloud-aws 1.12.0 [\#126](https://github.com/elastic/cookbook-elasticsearch/issues/126) -- Install plugin failure does not stop script execution [\#124](https://github.com/elastic/cookbook-elasticsearch/issues/124) -- search\_discovery causes unnecessary restarts [\#122](https://github.com/elastic/cookbook-elasticsearch/issues/122) -- chef-solo needs the 'cookbook' folder to have the same name as the cookbook [\#121](https://github.com/elastic/cookbook-elasticsearch/issues/121) -- Plugins not working if aws recipe is used [\#105](https://github.com/elastic/cookbook-elasticsearch/issues/105) - -## [0.3.3](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.3) (2013-08-01) - -- BREAKING: Fog version does not create EBS volumes properly [\#94](https://github.com/elastic/cookbook-elasticsearch/issues/94) -- ulimit settings not used with start-stop-daemon [\#109](https://github.com/elastic/cookbook-elasticsearch/issues/109) -- mismatch in aws endpoint attributes [\#106](https://github.com/elastic/cookbook-elasticsearch/issues/106) -- Elasticsearch service restart at each chef run [\#104](https://github.com/elastic/cookbook-elasticsearch/issues/104) -- Installation fails: Error executing action `start` on resource 'service\[elasticsearch\]' [\#96](https://github.com/elastic/cookbook-elasticsearch/issues/96) +- Remove chef 11 compatibility from metadata, update cookstyle and Berkshelf, various Chef standards [\#481](https://github.com/sous-chefs/elasticsearch/issues/481) +- Improve environment file formatting: Remove quotes from vars that don't need it, strip superfluous spaces from ES_JAVA_OPTS [\#477](https://github.com/sous-chefs/elasticsearch/issues/477) + +## [v2.3.2](https://github.com/sous-chefs/elasticsearch/tree/v2.3.2) (2016-06-17) + +- Update init scripts and configs to latest [\#461](https://github.com/sous-chefs/elasticsearch/issues/461) +- Don't make environment file executable [\#474](https://github.com/sous-chefs/elasticsearch/issues/474) +- Don't make config YAML file executable [\#465](https://github.com/sous-chefs/elasticsearch/issues/465) +- Make latest Foodcritic rules pass [\#466](https://github.com/sous-chefs/elasticsearch/issues/466) +- ES 2.3.3 SHA256 sums and default version [\#464](https://github.com/sous-chefs/elasticsearch/issues/464) +- Point to determine_download_url instead of non-existent get_package_url [\#463](https://github.com/sous-chefs/elasticsearch/issues/463) + +## [v2.3.1](https://github.com/sous-chefs/elasticsearch/tree/v2.3.1) (2016-05-06) + +- Update documentation for dir in elasticsearch_install [\#453](https://github.com/sous-chefs/elasticsearch/issues/453) +- Define custom matchers helpers for notification testing [\#458](https://github.com/sous-chefs/elasticsearch/issues/458) +- Add checksums for version 2.3.2 [\#457](https://github.com/sous-chefs/elasticsearch/issues/457) +- Default ES version bump to 2.3.2 [\#459](https://github.com/sous-chefs/elasticsearch/issues/459) +- Fix quoting bug in plugin remove action [\#455](https://github.com/sous-chefs/elasticsearch/issues/455) +- Fix typo in README [\#456](https://github.com/sous-chefs/elasticsearch/issues/456) + +## [v2.3.0](https://github.com/sous-chefs/elasticsearch/tree/v2.3.0) (2016-04-07) + +- Add checksums for 2.3.1 [\#451](https://github.com/sous-chefs/elasticsearch/issues/451) + +## [v2.2.2](https://github.com/sous-chefs/elasticsearch/tree/v2.2.2) (2016-03-22) + +- elasticsearch_configure provider should not modify default resource parameters [\#445](https://github.com/sous-chefs/elasticsearch/issues/445) + +## [v2.2.1](https://github.com/sous-chefs/elasticsearch/tree/v2.2.1) (2016-03-04) + +- Incorrectly setting allocated memory in the `ES\_JAVA\_OPTS` variable [\#434](https://github.com/sous-chefs/elasticsearch/issues/434) +- elasticsearch_service/service_actions accepts (but does not support) Symbols [\#438](https://github.com/sous-chefs/elasticsearch/issues/438) + +## [v2.2.0](https://github.com/sous-chefs/elasticsearch/tree/v2.2.0) (2016-02-08) + +- Max heap size is too large [\#427](https://github.com/sous-chefs/elasticsearch/issues/427) +- How to define discovery.zen.ping.unicast.hosts [\#426](https://github.com/sous-chefs/elasticsearch/issues/426) +- elasticsearch\_plugin install lacks proxy support [\#415](https://github.com/sous-chefs/elasticsearch/issues/415) +- Default ES version needs upgrading \(2.1.0 \> 2.1.1\) [\#411](https://github.com/sous-chefs/elasticsearch/issues/411) +- config dirs/files and install dirs/files should be owned by root, not es\_user [\#405](https://github.com/sous-chefs/elasticsearch/issues/405) +- Reinstalls elasticserach every chef run [\#404](https://github.com/sous-chefs/elasticsearch/issues/404) +- Permission problem when installing Watcher or Shield [\#423](https://github.com/sous-chefs/elasticsearch/issues/423) +- Installing shield and watcher plugins fail with AccessDeniedException [\#421](https://github.com/sous-chefs/elasticsearch/issues/421) +- Plugin removal is broken [\#418](https://github.com/sous-chefs/elasticsearch/issues/418) +- elasticsearch\_configure documentation example missing path\_home [\#413](https://github.com/sous-chefs/elasticsearch/issues/413) +- Init script can't start [\#390](https://github.com/sous-chefs/elasticsearch/issues/390) +- ruby command not found [\#378](https://github.com/sous-chefs/elasticsearch/issues/378) +- ES 2.2.0 installation fails [\#429](https://github.com/sous-chefs/elasticsearch/issues/429) +- Can't install plugin twice [\#408](https://github.com/sous-chefs/elasticsearch/issues/408) +- Error running recipe on AWS Opsworks [\#403](https://github.com/sous-chefs/elasticsearch/issues/403) +- ES 2.1.0 support [\#402](https://github.com/sous-chefs/elasticsearch/issues/402) +- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/sous-chefs/elasticsearch/issues/401) +- gateway.expected\_nodes default should be 0 [\#399](https://github.com/sous-chefs/elasticsearch/issues/399) +- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/sous-chefs/elasticsearch/issues/398) +- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/sous-chefs/elasticsearch/issues/397) +- What is supposed to happen when a config file is changed? [\#394](https://github.com/sous-chefs/elasticsearch/issues/394) +- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/sous-chefs/elasticsearch/issues/393) +- Plugin install isn't idempotent [\#392](https://github.com/sous-chefs/elasticsearch/issues/392) +- Question - Are custom configs required everywhere? [\#391](https://github.com/sous-chefs/elasticsearch/issues/391) +- Is :tarball or :package the preferred installation type? [\#389](https://github.com/sous-chefs/elasticsearch/issues/389) +- Support Amazon platform for init scripts [\#387](https://github.com/sous-chefs/elasticsearch/issues/387) +- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/sous-chefs/elasticsearch/issues/386) +- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/sous-chefs/elasticsearch/issues/385) +- Support ES 2.0 [\#384](https://github.com/sous-chefs/elasticsearch/issues/384) +- plugin install does not work [\#382](https://github.com/sous-chefs/elasticsearch/issues/382) +- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/sous-chefs/elasticsearch/issues/379) +- Allow template cookbook override in \_configure [\#376](https://github.com/sous-chefs/elasticsearch/issues/376) +- 1.0.2 Issues with pid files [\#374](https://github.com/sous-chefs/elasticsearch/issues/374) +- Consider using the resource name as a common shared set of resources [\#373](https://github.com/sous-chefs/elasticsearch/issues/373) +- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/sous-chefs/elasticsearch/issues/371) +- Compile Error [\#370](https://github.com/sous-chefs/elasticsearch/issues/370) +- wrong number of arguments \(1 for 0\) [\#369](https://github.com/sous-chefs/elasticsearch/issues/369) +- fixes typo in readme [\#428](https://github.com/sous-chefs/elasticsearch/pull/428) ([spuder](https://github.com/spuder)) +- Plugin removal functionality restored [\#420](https://github.com/sous-chefs/elasticsearch/pull/420) ([dbaggott](https://github.com/dbaggott)) +- Update to ES 2.1.1 [\#412](https://github.com/sous-chefs/elasticsearch/pull/412) ([dbaggott](https://github.com/dbaggott)) +- Makes code examples have color [\#396](https://github.com/sous-chefs/elasticsearch/pull/396) ([spuder](https://github.com/spuder)) +- Updates docs to show package are now default install [\#395](https://github.com/sous-chefs/elasticsearch/pull/395) ([spuder](https://github.com/spuder)) +- Update the README to remove a typo [\#381](https://github.com/sous-chefs/elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) +- Correct the full changelog links [\#375](https://github.com/sous-chefs/elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) +- add missing matchers [\#368](https://github.com/sous-chefs/elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) + +## [v2.1.1](https://github.com/sous-chefs/elasticsearch/tree/v2.1.1) (2016-01-08) + +- elasticsearch\_plugin install lacks proxy support [\#415](https://github.com/sous-chefs/elasticsearch/issues/415) +- Default ES version needs upgrading \(2.1.0 \> 2.1.1\) [\#411](https://github.com/sous-chefs/elasticsearch/issues/411) +- Reinstalls elasticserach every chef run [\#404](https://github.com/sous-chefs/elasticsearch/issues/404) +- Installing shield and watcher plugins fail with AccessDeniedException [\#421](https://github.com/sous-chefs/elasticsearch/issues/421) +- Plugin removal is broken [\#418](https://github.com/sous-chefs/elasticsearch/issues/418) +- elasticsearch\_configure documentation example missing path\_home [\#413](https://github.com/sous-chefs/elasticsearch/issues/413) +- Init script can't start [\#390](https://github.com/sous-chefs/elasticsearch/issues/390) +- ruby command not found [\#378](https://github.com/sous-chefs/elasticsearch/issues/378) +- Can't install plugin twice [\#408](https://github.com/sous-chefs/elasticsearch/issues/408) +- Error running recipe on AWS Opsworks [\#403](https://github.com/sous-chefs/elasticsearch/issues/403) +- ES 2.1.0 support [\#402](https://github.com/sous-chefs/elasticsearch/issues/402) +- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/sous-chefs/elasticsearch/issues/401) +- gateway.expected\_nodes default should be 0 [\#399](https://github.com/sous-chefs/elasticsearch/issues/399) +- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/sous-chefs/elasticsearch/issues/398) +- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/sous-chefs/elasticsearch/issues/397) +- What is supposed to happen when a config file is changed? [\#394](https://github.com/sous-chefs/elasticsearch/issues/394) +- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/sous-chefs/elasticsearch/issues/393) +- Plugin install isn't idempotent [\#392](https://github.com/sous-chefs/elasticsearch/issues/392) +- Question - Are custom configs required everywhere? [\#391](https://github.com/sous-chefs/elasticsearch/issues/391) +- Is :tarball or :package the preferred installation type? [\#389](https://github.com/sous-chefs/elasticsearch/issues/389) +- Support Amazon platform for init scripts [\#387](https://github.com/sous-chefs/elasticsearch/issues/387) +- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/sous-chefs/elasticsearch/issues/386) +- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/sous-chefs/elasticsearch/issues/385) +- Support ES 2.0 [\#384](https://github.com/sous-chefs/elasticsearch/issues/384) +- plugin install does not work [\#382](https://github.com/sous-chefs/elasticsearch/issues/382) +- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/sous-chefs/elasticsearch/issues/379) +- Allow template cookbook override in \_configure [\#376](https://github.com/sous-chefs/elasticsearch/issues/376) +- 1.0.2 Issues with pid files [\#374](https://github.com/sous-chefs/elasticsearch/issues/374) +- Consider using the resource name as a common shared set of resources [\#373](https://github.com/sous-chefs/elasticsearch/issues/373) +- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/sous-chefs/elasticsearch/issues/371) +- Compile Error [\#370](https://github.com/sous-chefs/elasticsearch/issues/370) +- wrong number of arguments \(1 for 0\) [\#369](https://github.com/sous-chefs/elasticsearch/issues/369) +- missing chef resource expectations in specs in 1.0.1 [\#367](https://github.com/sous-chefs/elasticsearch/issues/367) +- Use predictable attributes/values for version, download URL, and checksum [\#366](https://github.com/sous-chefs/elasticsearch/issues/366) +- Rubocop & foodcritic cleanup [\#365](https://github.com/sous-chefs/elasticsearch/issues/365) +- elasticsearch\_plugin installs plugins with the wrong permissions [\#363](https://github.com/sous-chefs/elasticsearch/issues/363) +- Double-dependency on curl [\#360](https://github.com/sous-chefs/elasticsearch/issues/360) +- OS X Support [\#358](https://github.com/sous-chefs/elasticsearch/issues/358) +- Plugin removal functionality restored [\#420](https://github.com/sous-chefs/elasticsearch/pull/420) ([dbaggott](https://github.com/dbaggott)) +- Update to ES 2.1.1 [\#412](https://github.com/sous-chefs/elasticsearch/pull/412) ([dbaggott](https://github.com/dbaggott)) +- Makes code examples have color [\#396](https://github.com/sous-chefs/elasticsearch/pull/396) ([spuder](https://github.com/spuder)) +- Updates docs to show package are now default install [\#395](https://github.com/sous-chefs/elasticsearch/pull/395) ([spuder](https://github.com/spuder)) +- Update the README to remove a typo [\#381](https://github.com/sous-chefs/elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) +- Correct the full changelog links [\#375](https://github.com/sous-chefs/elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) +- add missing matchers [\#368](https://github.com/sous-chefs/elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) +- Adds integration test for plugins in default environment [\#361](https://github.com/sous-chefs/elasticsearch/pull/361) ([bwvoss](https://github.com/bwvoss)) + +## [2.1.0](https://github.com/sous-chefs/elasticsearch/tree/v2.1.0) (2015-12-01) + +- ES 2.1.0 support [\#402](https://github.com/sous-chefs/elasticsearch/issues/402) + +## [2.0.1](https://github.com/sous-chefs/elasticsearch/tree/v2.0.1) (2015-12-01) + +- Any provision to make it Chef 11.10 compatible? [\#401](https://github.com/sous-chefs/elasticsearch/issues/401) +- gateway.expected\_nodes default should be 0 [\#399](https://github.com/sous-chefs/elasticsearch/issues/399) +- Add the defaults for slowlogs in logging.yml [\#398](https://github.com/sous-chefs/elasticsearch/issues/398) + +## [2.0.0](https://github.com/sous-chefs/elasticsearch/tree/v2.0.0) (2015-11-23) + +- Upgrading by package needs cleanup [\#331](https://github.com/sous-chefs/elasticsearch/issues/331) +- Minimal init scripts, preferrably from the packaged versions of ES [\#321](https://github.com/sous-chefs/elasticsearch/issues/321) +- Remove extra env file, or follow packaged conventions [\#320](https://github.com/sous-chefs/elasticsearch/issues/320) +- Remove system limit adjustments [\#319](https://github.com/sous-chefs/elasticsearch/issues/319) +- Init script can't start [\#390](https://github.com/sous-chefs/elasticsearch/issues/390) +- elasticsearch\_service resource doesn't work with short syntax [\#397](https://github.com/sous-chefs/elasticsearch/issues/397) +- What is supposed to happen when a config file is changed? [\#394](https://github.com/sous-chefs/elasticsearch/issues/394) +- Doc request - how to create data nodes vs master nodes [\#393](https://github.com/sous-chefs/elasticsearch/issues/393) +- Plugin install isn't idempotent [\#392](https://github.com/sous-chefs/elasticsearch/issues/392) +- Question - Are custom configs required everywhere? [\#391](https://github.com/sous-chefs/elasticsearch/issues/391) +- Is :tarball or :package the preferred installation type? [\#389](https://github.com/sous-chefs/elasticsearch/issues/389) +- Support Amazon platform for init scripts [\#387](https://github.com/sous-chefs/elasticsearch/issues/387) +- "ArgumentError: wrong number of arguments \(1 for 0\)" at resource\_configure.rb [\#386](https://github.com/sous-chefs/elasticsearch/issues/386) +- Do I need to do a Java Installation myself for this to work? [\#385](https://github.com/sous-chefs/elasticsearch/issues/385) +- plugin install does not work [\#382](https://github.com/sous-chefs/elasticsearch/issues/382) +- Allow template cookbook override in \_configure [\#376](https://github.com/sous-chefs/elasticsearch/issues/376) +- Consider using the resource name as a common shared set of resources [\#373](https://github.com/sous-chefs/elasticsearch/issues/373) +- Recreate deploying-elasticsearch-with-chef tutorial [\#293](https://github.com/sous-chefs/elasticsearch/issues/293) +- Makes code examples have color [\#396](https://github.com/sous-chefs/elasticsearch/pull/396) ([spuder](https://github.com/spuder)) +- Updates docs to show package are now default install [\#395](https://github.com/sous-chefs/elasticsearch/pull/395) ([spuder](https://github.com/spuder)) + +## [1.2.0](https://github.com/sous-chefs/elasticsearch/tree/v1.2.0) (2015-10-16) + +- Compile error w/ 1.0.3 and Chef Server 12 [\#379](https://github.com/sous-chefs/elasticsearch/issues/379) +- OS X Support [\#358](https://github.com/sous-chefs/elasticsearch/issues/358) +- Dealing with plugin versions that don't match, Elasticsearch failing to start [\#330](https://github.com/sous-chefs/elasticsearch/issues/330) +- ruby command not found [\#378](https://github.com/sous-chefs/elasticsearch/issues/378) +- Update the README to remove a typo [\#381](https://github.com/sous-chefs/elasticsearch/pull/381) ([jtwarren](https://github.com/jtwarren)) +- Correct the full changelog links [\#375](https://github.com/sous-chefs/elasticsearch/pull/375) ([eheydrick](https://github.com/eheydrick)) + +## [1.0.3](https://github.com/sous-chefs/elasticsearch/tree/v1.0.3) (2015-09-20) + +- 1.0.2 Issues with pid files [\#374](https://github.com/sous-chefs/elasticsearch/issues/374) + +## [1.0.2](https://github.com/sous-chefs/elasticsearch/tree/v1.0.2) (2015-09-20) + +- enhancement : attribut path\_xxx and path.xxx [\#352](https://github.com/sous-chefs/elasticsearch/issues/352) +- It would be nice to be able to pass options to elasticsearch\_service [\#334](https://github.com/sous-chefs/elasticsearch/issues/334) +- elasticsearch\_install broken with v1.0.1 [\#371](https://github.com/sous-chefs/elasticsearch/issues/371) +- Compile Error [\#370](https://github.com/sous-chefs/elasticsearch/issues/370) +- wrong number of arguments \(1 for 0\) [\#369](https://github.com/sous-chefs/elasticsearch/issues/369) +- missing chef resource expectations in specs in 1.0.1 [\#367](https://github.com/sous-chefs/elasticsearch/issues/367) +- Rubocop & foodcritic cleanup [\#365](https://github.com/sous-chefs/elasticsearch/issues/365) +- add missing matchers [\#368](https://github.com/sous-chefs/elasticsearch/pull/368) ([thomasdziedzic](https://github.com/thomasdziedzic)) + +## [1.0.1](https://github.com/sous-chefs/elasticsearch/tree/v1.0.1) (2015-09-15) + +- Plugin resource's plugin\_dir should have a sensible default [\#345](https://github.com/sous-chefs/elasticsearch/issues/345) +- Elasticsearch user homedir deleted [\#328](https://github.com/sous-chefs/elasticsearch/issues/328) +- Use predictable attributes/values for version, download URL, and checksum [\#366](https://github.com/sous-chefs/elasticsearch/issues/366) +- elasticsearch\_plugin installs plugins with the wrong permissions [\#363](https://github.com/sous-chefs/elasticsearch/issues/363) +- Double-dependency on curl [\#360](https://github.com/sous-chefs/elasticsearch/issues/360) +- poise dependency not found [\#356](https://github.com/sous-chefs/elasticsearch/issues/356) +- Documentation for using JSON node configuration [\#355](https://github.com/sous-chefs/elasticsearch/issues/355) +- Hardcoded checksums in library helpers [\#350](https://github.com/sous-chefs/elasticsearch/issues/350) +- Document default values for all resources [\#348](https://github.com/sous-chefs/elasticsearch/issues/348) +- 1.0 should have sensible documentation [\#344](https://github.com/sous-chefs/elasticsearch/issues/344) +- Adds integration test for plugins in default environment [\#361](https://github.com/sous-chefs/elasticsearch/pull/361) ([bwvoss](https://github.com/bwvoss)) +- Clarify when overriding plugin\_dir is necessary [\#349](https://github.com/sous-chefs/elasticsearch/pull/349) ([michaelklishin](https://github.com/michaelklishin)) +- Remove duplicate node.max\_local\_storage\_nodes setting from the config template [\#346](https://github.com/sous-chefs/elasticsearch/pull/346) ([eheydrick](https://github.com/eheydrick)) + +## [v1.0.0](https://github.com/sous-chefs/elasticsearch/tree/v1.0.0) (2015-07-16) + +- Rename source method of install [\#332](https://github.com/sous-chefs/elasticsearch/issues/332) +- NEXT: Document the process for submitting PRs [\#270](https://github.com/sous-chefs/elasticsearch/issues/270) +- Travis CI not running on PRs from local branches [\#337](https://github.com/sous-chefs/elasticsearch/issues/337) +- Error executing action `install` on resource 'elasticsearch\_install' [\#335](https://github.com/sous-chefs/elasticsearch/issues/335) +- Document requirement on Chef 12+ [\#338](https://github.com/sous-chefs/elasticsearch/issues/338) +- Add lots of additional documentation [\#343](https://github.com/sous-chefs/elasticsearch/pull/343) ([martinb3](https://github.com/martinb3)) +- Add contribution guidelines [\#342](https://github.com/sous-chefs/elasticsearch/pull/342) ([martinb3](https://github.com/martinb3)) +- Run CI on master branch again, after rename [\#341](https://github.com/sous-chefs/elasticsearch/pull/341) ([martinb3](https://github.com/martinb3)) +- Rename provider source to tarball [\#340](https://github.com/sous-chefs/elasticsearch/pull/340) ([martinb3](https://github.com/martinb3)) + +## [v0.3.14](https://github.com/sous-chefs/elasticsearch/tree/v0.3.14) (2015-07-16) + +- NEXT: Model YML config after 'trim' config [\#322](https://github.com/sous-chefs/elasticsearch/issues/322) +- NEXT: Create a user resource and provider [\#269](https://github.com/sous-chefs/elasticsearch/issues/269) +- If bootstrap.mlockall is true, MAX\_LOCKED\_MEMORY should be set to unlimited in elasticsearch-env.sh [\#266](https://github.com/sous-chefs/elasticsearch/issues/266) +- Installation enhancement [\#222](https://github.com/sous-chefs/elasticsearch/issues/222) +- Plugins defined in databag do not get installed [\#89](https://github.com/sous-chefs/elasticsearch/issues/89) +- There is no customize recipe [\#326](https://github.com/sous-chefs/elasticsearch/issues/326) +- ES not starting when setting version to 1.5.2 or 1.6.0 [\#325](https://github.com/sous-chefs/elasticsearch/issues/325) +- Question - Does cookbook support rolling restarts? [\#315](https://github.com/sous-chefs/elasticsearch/issues/315) +- Loading attributes from the data DBI [\#313](https://github.com/sous-chefs/elasticsearch/issues/313) +- 0.3.13: service doesn't successfully start [\#312](https://github.com/sous-chefs/elasticsearch/issues/312) +- Restart doesn't work the first time if a stale PID exists [\#310](https://github.com/sous-chefs/elasticsearch/issues/310) +- Cannot install plugin 2.4.1 [\#308](https://github.com/sous-chefs/elasticsearch/issues/308) +- Proxy recipe should include nginx only based on configurabe attribute [\#307](https://github.com/sous-chefs/elasticsearch/issues/307) +- Queue capacity [\#301](https://github.com/sous-chefs/elasticsearch/issues/301) +- strange behavior with docker :bug: [\#300](https://github.com/sous-chefs/elasticsearch/issues/300) +- Vagrant: Undefined method 'provider' [\#298](https://github.com/sous-chefs/elasticsearch/issues/298) +- Error after upgrading the cookbook [\#297](https://github.com/sous-chefs/elasticsearch/issues/297) +- Setting version triggers java.lang.NoClassDefFoundError [\#296](https://github.com/sous-chefs/elasticsearch/issues/296) +- Elasticsearch running but not from service [\#290](https://github.com/sous-chefs/elasticsearch/issues/290) +- Elasticsearch throws ElasticsearchIllegalStateException on boot \(time based instance\) [\#288](https://github.com/sous-chefs/elasticsearch/issues/288) +- Prefix Definitions [\#285](https://github.com/sous-chefs/elasticsearch/issues/285) +- strange thinks happend if I override elasticsearch version [\#283](https://github.com/sous-chefs/elasticsearch/issues/283) +- Chef::Mixin::Template::TemplateError on new ssl attributes [\#281](https://github.com/sous-chefs/elasticsearch/issues/281) +- The 0.3.13 release is missing the metadata.rb file [\#279](https://github.com/sous-chefs/elasticsearch/issues/279) +- berks upload fails due to .DS\_Store files found in 0.3.12 package on supermarket.chef.io [\#278](https://github.com/sous-chefs/elasticsearch/issues/278) +- 0.3.11 release [\#277](https://github.com/sous-chefs/elasticsearch/issues/277) +- Berkshelf treats 'recommends' as 'depends' [\#275](https://github.com/sous-chefs/elasticsearch/issues/275) +- Init Script + Existing PID File [\#274](https://github.com/sous-chefs/elasticsearch/issues/274) +- Version change doesn't work [\#273](https://github.com/sous-chefs/elasticsearch/issues/273) +- Please add an option to specify the desired shell to pass to the su command [\#260](https://github.com/sous-chefs/elasticsearch/issues/260) +- Attaching EBS takes a very long time and doesn't finish? [\#259](https://github.com/sous-chefs/elasticsearch/issues/259) +- 1.3.4 startup hangs for 10min and fails [\#257](https://github.com/sous-chefs/elasticsearch/issues/257) +- Plugin installation skipping [\#252](https://github.com/sous-chefs/elasticsearch/issues/252) +- Can't get Rake task to work \(either dependencies or installing Berkshelf\) [\#244](https://github.com/sous-chefs/elasticsearch/issues/244) +- Don't include build-essential just to be sure apt is up to date [\#241](https://github.com/sous-chefs/elasticsearch/issues/241) +- how to specify max\_map\_count? [\#239](https://github.com/sous-chefs/elasticsearch/issues/239) +- Nginx HTTP, Basic Auth and multiple nodes [\#238](https://github.com/sous-chefs/elasticsearch/issues/238) +- Installing Marvel [\#237](https://github.com/sous-chefs/elasticsearch/issues/237) +- Need help with creating EBS Volume [\#223](https://github.com/sous-chefs/elasticsearch/issues/223) +- If elasticsearch fails to extract, it won't be installed later [\#221](https://github.com/sous-chefs/elasticsearch/issues/221) +- uninitialized constant Extensions during Vagrant provisioning [\#212](https://github.com/sous-chefs/elasticsearch/issues/212) +- config.vm.provider not recognised using Vagrant 1.5.4 [\#207](https://github.com/sous-chefs/elasticsearch/issues/207) +- The Vagrant installation instructions are outdated [\#206](https://github.com/sous-chefs/elasticsearch/issues/206) +- How to specify path.data and path.logs? [\#202](https://github.com/sous-chefs/elasticsearch/issues/202) +- Cannot upgrade from 0.0.92 to 1.0.1 [\#197](https://github.com/sous-chefs/elasticsearch/issues/197) +- install\_plugin fails to run on initial install [\#176](https://github.com/sous-chefs/elasticsearch/issues/176) +- EBS volume clean up [\#172](https://github.com/sous-chefs/elasticsearch/issues/172) +- Cookbook default attributes get lifted to normal priority [\#168](https://github.com/sous-chefs/elasticsearch/issues/168) +- Fog doesn't respect "delete\_on\_termination" option in elasticsearch::ebs [\#146](https://github.com/sous-chefs/elasticsearch/issues/146) +- Use package options on both providers [\#336](https://github.com/sous-chefs/elasticsearch/pull/336) ([martinb3](https://github.com/martinb3)) +- allow options passing to package provider [\#329](https://github.com/sous-chefs/elasticsearch/pull/329) ([scalp42](https://github.com/scalp42)) +- set default resource actions [\#327](https://github.com/sous-chefs/elasticsearch/pull/327) ([nathwill](https://github.com/nathwill)) +- Add a note about `next` branch [\#324](https://github.com/sous-chefs/elasticsearch/pull/324) ([martinb3](https://github.com/martinb3)) +- Introduce provider and resource for configure [\#316](https://github.com/sous-chefs/elasticsearch/pull/316) ([martinb3](https://github.com/martinb3)) +- First pass at install resource and two providers [\#309](https://github.com/sous-chefs/elasticsearch/pull/309) ([martinb3](https://github.com/martinb3)) + +## [v0.3.13](https://github.com/sous-chefs/elasticsearch/tree/v0.3.13) (2015-01-13) + +## [0.3.12](https://github.com/sous-chefs/elasticsearch/tree/0.3.12) (2015-01-13) + +- Guidance On Upgrading A Running ES Installation [\#271](https://github.com/sous-chefs/elasticsearch/issues/271) +- Supermarket release? [\#262](https://github.com/sous-chefs/elasticsearch/issues/262) +- version check always adds '-d' flag incorrectly. [\#255](https://github.com/sous-chefs/elasticsearch/issues/255) +- Version 0.3.11 not available on supermarket [\#250](https://github.com/sous-chefs/elasticsearch/issues/250) +- Missed multicast settings in template [\#248](https://github.com/sous-chefs/elasticsearch/issues/248) +- Data bags for test? [\#246](https://github.com/sous-chefs/elasticsearch/issues/246) +- Introduce user provider and resource [\#268](https://github.com/sous-chefs/elasticsearch/pull/268) ([martinb3](https://github.com/martinb3)) +- First pass at framework with testing, rake, etc [\#249](https://github.com/sous-chefs/elasticsearch/pull/249) ([martinb3](https://github.com/martinb3)) + +## [0.3.11](https://github.com/sous-chefs/elasticsearch/tree/0.3.11) (2014-10-13) + +- The init script should use the Chef embedded Ruby? [\#215](https://github.com/sous-chefs/elasticsearch/issues/215) +- Quick Fix for version update issues [\#178](https://github.com/sous-chefs/elasticsearch/issues/178) +- Don't seem to be able to change the version [\#100](https://github.com/sous-chefs/elasticsearch/issues/100) +- Multiple EBS mounting [\#232](https://github.com/sous-chefs/elasticsearch/issues/232) +- Just changing elasticsearch version attribute doesn't install intended version [\#225](https://github.com/sous-chefs/elasticsearch/issues/225) +- plugins not being loaded [\#171](https://github.com/sous-chefs/elasticsearch/issues/171) + +## [0.3.10](https://github.com/sous-chefs/elasticsearch/tree/0.3.10) (2014-06-19) + +- Single node cofiguration [\#220](https://github.com/sous-chefs/elasticsearch/issues/220) +- can we use apt\_repository resource to install a particular version [\#217](https://github.com/sous-chefs/elasticsearch/issues/217) +- Version attribute effect on download\_url is misleading [\#214](https://github.com/sous-chefs/elasticsearch/issues/214) +- Make config template configurable [\#153](https://github.com/sous-chefs/elasticsearch/issues/153) + +## [0.3.9](https://github.com/sous-chefs/elasticsearch/tree/0.3.9) (2014-05-22) + +- 1.1.1 doesn't work [\#210](https://github.com/sous-chefs/elasticsearch/issues/210) +- Why does this cookbook set the es max heap size to 60% of available memory? [\#209](https://github.com/sous-chefs/elasticsearch/issues/209) +- Failure when adding elasticsearch service [\#204](https://github.com/sous-chefs/elasticsearch/issues/204) +- New release? [\#203](https://github.com/sous-chefs/elasticsearch/issues/203) + +## [0.3.8](https://github.com/sous-chefs/elasticsearch/tree/0.3.8) (2014-03-27) + +- Avoid using `recommends "monit"` in metadata.rb [\#162](https://github.com/sous-chefs/elasticsearch/issues/162) +- Problem with ownership of pid in /var/run/ on restart of ubuntu [\#108](https://github.com/sous-chefs/elasticsearch/issues/108) +- SSL support with Nginx proxy [\#226](https://github.com/sous-chefs/elasticsearch/issues/226) +- Compatibility with 1.0.1 [\#195](https://github.com/sous-chefs/elasticsearch/issues/195) +- pid\_path is owned by elasticsearch [\#193](https://github.com/sous-chefs/elasticsearch/issues/193) +- \[Install plugin: merge!\] \(elasticsearch::plugins line 35\) [\#187](https://github.com/sous-chefs/elasticsearch/issues/187) +- Cookbook doesn't work with 1.0.0RCx versions - Startup broken based on behavior change [\#185](https://github.com/sous-chefs/elasticsearch/issues/185) +- Failure to locate 'elasticsearch.conf.erb' template [\#184](https://github.com/sous-chefs/elasticsearch/issues/184) +- Question on attributes "methodology" [\#180](https://github.com/sous-chefs/elasticsearch/issues/180) +- print\_value docs don't mention elasticsearch [\#169](https://github.com/sous-chefs/elasticsearch/issues/169) +- update readme file with default attributes [\#166](https://github.com/sous-chefs/elasticsearch/issues/166) +- Index template config files [\#164](https://github.com/sous-chefs/elasticsearch/issues/164) +- Issues configuring unicast cluster [\#158](https://github.com/sous-chefs/elasticsearch/issues/158) +- elasticsearch default /usr/local/elasticsearch is no good for elasticsearch-env.sh [\#157](https://github.com/sous-chefs/elasticsearch/issues/157) + +## [0.3.7](https://github.com/sous-chefs/elasticsearch/tree/0.3.7) (2013-10-28) + +## [0.3.5](https://github.com/sous-chefs/elasticsearch/tree/0.3.5) (2013-10-27) + +- ES Logging Not Working [\#151](https://github.com/sous-chefs/elasticsearch/issues/151) +- Adding Debian specific init script [\#98](https://github.com/sous-chefs/elasticsearch/pull/98) ([remkade](https://github.com/remkade)) + +## [0.3.4](https://github.com/sous-chefs/elasticsearch/tree/0.3.4) (2013-10-01) + +- first install with plugins fails [\#138](https://github.com/sous-chefs/elasticsearch/issues/138) +- Custom Params for init.d start [\#134](https://github.com/sous-chefs/elasticsearch/issues/134) +- elasticsearch-cloud-aws plugin - fails to install, restarts service anyway [\#131](https://github.com/sous-chefs/elasticsearch/issues/131) +- init script - improvements needed [\#130](https://github.com/sous-chefs/elasticsearch/issues/130) +- Configure HTTP port range [\#129](https://github.com/sous-chefs/elasticsearch/issues/129) +- Elasticsearch fails to start with 0.90.3 and cloud-aws 1.12.0 [\#126](https://github.com/sous-chefs/elasticsearch/issues/126) +- Install plugin failure does not stop script execution [\#124](https://github.com/sous-chefs/elasticsearch/issues/124) +- search\_discovery causes unnecessary restarts [\#122](https://github.com/sous-chefs/elasticsearch/issues/122) +- chef-solo needs the 'cookbook' folder to have the same name as the cookbook [\#121](https://github.com/sous-chefs/elasticsearch/issues/121) +- Plugins not working if aws recipe is used [\#105](https://github.com/sous-chefs/elasticsearch/issues/105) + +## [0.3.3](https://github.com/sous-chefs/elasticsearch/tree/0.3.3) (2013-08-01) + +- BREAKING: Fog version does not create EBS volumes properly [\#94](https://github.com/sous-chefs/elasticsearch/issues/94) +- ulimit settings not used with start-stop-daemon [\#109](https://github.com/sous-chefs/elasticsearch/issues/109) +- mismatch in aws endpoint attributes [\#106](https://github.com/sous-chefs/elasticsearch/issues/106) +- Elasticsearch service restart at each chef run [\#104](https://github.com/sous-chefs/elasticsearch/issues/104) +- Installation fails: Error executing action `start` on resource 'service\[elasticsearch\]' [\#96](https://github.com/sous-chefs/elasticsearch/issues/96) -## [0.3.2](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.2) (2013-08-01) +## [0.3.2](https://github.com/sous-chefs/elasticsearch/tree/0.3.2) (2013-08-01) -- role attributes ignored? [\#112](https://github.com/elastic/cookbook-elasticsearch/issues/112) -- Mismatched Data Dir permissions [\#111](https://github.com/elastic/cookbook-elasticsearch/issues/111) -- Changing nofile attribute is not idempotent [\#101](https://github.com/elastic/cookbook-elasticsearch/issues/101) -- Configure unicast\_hosts dynamically on non-AWS clusters via `search` [\#40](https://github.com/elastic/cookbook-elasticsearch/issues/40) +- role attributes ignored? [\#112](https://github.com/sous-chefs/elasticsearch/issues/112) +- Mismatched Data Dir permissions [\#111](https://github.com/sous-chefs/elasticsearch/issues/111) +- Changing nofile attribute is not idempotent [\#101](https://github.com/sous-chefs/elasticsearch/issues/101) +- Configure unicast\_hosts dynamically on non-AWS clusters via `search` [\#40](https://github.com/sous-chefs/elasticsearch/issues/40) -## [0.3.1](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.1) (2013-06-18) +## [0.3.1](https://github.com/sous-chefs/elasticsearch/tree/0.3.1) (2013-06-18) -## [0.3.0](https://github.com/elastic/cookbook-elasticsearch/tree/0.3.0) (2013-06-10) +## [0.3.0](https://github.com/sous-chefs/elasticsearch/tree/0.3.0) (2013-06-10) -- Fog \>= 1.11.0 breaks run with elasticsearch::ebs [\#93](https://github.com/elastic/cookbook-elasticsearch/issues/93) -- elasticsearch::ebs fails if apt package cache is out of date [\#88](https://github.com/elastic/cookbook-elasticsearch/issues/88) -- Document bare minimum configuration for default recipe [\#87](https://github.com/elastic/cookbook-elasticsearch/issues/87) -- Centos 5 / RHEL 5 Support [\#86](https://github.com/elastic/cookbook-elasticsearch/issues/86) -- Proxy recipe has hardcoded localhost which fails if elasticsearch is not bound to that IP [\#85](https://github.com/elastic/cookbook-elasticsearch/issues/85) -- AJAX requests and nginx proxy [\#84](https://github.com/elastic/cookbook-elasticsearch/issues/84) -- Readme link to Chef-solo+elasticsearch tutorial doesn't work [\#83](https://github.com/elastic/cookbook-elasticsearch/issues/83) -- You must set ES\_CLASSPATH var [\#82](https://github.com/elastic/cookbook-elasticsearch/issues/82) -- Setting a custom installation directory doesn't work [\#79](https://github.com/elastic/cookbook-elasticsearch/issues/79) +- Fog \>= 1.11.0 breaks run with elasticsearch::ebs [\#93](https://github.com/sous-chefs/elasticsearch/issues/93) +- elasticsearch::ebs fails if apt package cache is out of date [\#88](https://github.com/sous-chefs/elasticsearch/issues/88) +- Document bare minimum configuration for default recipe [\#87](https://github.com/sous-chefs/elasticsearch/issues/87) +- Centos 5 / RHEL 5 Support [\#86](https://github.com/sous-chefs/elasticsearch/issues/86) +- Proxy recipe has hardcoded localhost which fails if elasticsearch is not bound to that IP [\#85](https://github.com/sous-chefs/elasticsearch/issues/85) +- AJAX requests and nginx proxy [\#84](https://github.com/sous-chefs/elasticsearch/issues/84) +- Readme link to Chef-solo+elasticsearch tutorial doesn't work [\#83](https://github.com/sous-chefs/elasticsearch/issues/83) +- You must set ES\_CLASSPATH var [\#82](https://github.com/sous-chefs/elasticsearch/issues/82) +- Setting a custom installation directory doesn't work [\#79](https://github.com/sous-chefs/elasticsearch/issues/79) -## [0.2.7](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.7) (2013-03-18) +## [0.2.7](https://github.com/sous-chefs/elasticsearch/tree/0.2.7) (2013-03-18) -## [0.2.6](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.6) (2013-03-08) +## [0.2.6](https://github.com/sous-chefs/elasticsearch/tree/0.2.6) (2013-03-08) -- Broken attempted aws plugin installation by default [\#76](https://github.com/elastic/cookbook-elasticsearch/issues/76) -- Using setup with ELB [\#70](https://github.com/elastic/cookbook-elasticsearch/issues/70) +- Broken attempted aws plugin installation by default [\#76](https://github.com/sous-chefs/elasticsearch/issues/76) +- Using setup with ELB [\#70](https://github.com/sous-chefs/elasticsearch/issues/70) -## [0.2.5](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.5) (2013-03-01) +## [0.2.5](https://github.com/sous-chefs/elasticsearch/tree/0.2.5) (2013-03-01) -- Elasticsearch with node.client set to true [\#71](https://github.com/elastic/cookbook-elasticsearch/issues/71) +- Elasticsearch with node.client set to true [\#71](https://github.com/sous-chefs/elasticsearch/issues/71) -## [0.2.4](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.4) (2013-02-27) +## [0.2.4](https://github.com/sous-chefs/elasticsearch/tree/0.2.4) (2013-02-27) -## [0.2.3](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.3) (2013-02-27) +## [0.2.3](https://github.com/sous-chefs/elasticsearch/tree/0.2.3) (2013-02-27) -- When updating versions, the wrong version can be installed unless you manually clear node attributes \(chef server only\) [\#69](https://github.com/elastic/cookbook-elasticsearch/issues/69) -- The version of elasticsearch can only be set via elasticsearch/settings databag [\#68](https://github.com/elastic/cookbook-elasticsearch/issues/68) +- When updating versions, the wrong version can be installed unless you manually clear node attributes \(chef server only\) [\#69](https://github.com/sous-chefs/elasticsearch/issues/69) +- The version of elasticsearch can only be set via elasticsearch/settings databag [\#68](https://github.com/sous-chefs/elasticsearch/issues/68) -## [0.2.2](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.2) (2013-02-26) +## [0.2.2](https://github.com/sous-chefs/elasticsearch/tree/0.2.2) (2013-02-26) -## [0.2.1](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.1) (2013-02-26) +## [0.2.1](https://github.com/sous-chefs/elasticsearch/tree/0.2.1) (2013-02-26) -- Unable to change elasticsearch version via role and version tag [\#61](https://github.com/elastic/cookbook-elasticsearch/issues/61) -- Creating new ebs volume is taking forever [\#60](https://github.com/elastic/cookbook-elasticsearch/issues/60) +- Unable to change elasticsearch version via role and version tag [\#61](https://github.com/sous-chefs/elasticsearch/issues/61) +- Creating new ebs volume is taking forever [\#60](https://github.com/sous-chefs/elasticsearch/issues/60) -## [0.2.0](https://github.com/elastic/cookbook-elasticsearch/tree/0.2.0) (2013-02-01) +## [0.2.0](https://github.com/sous-chefs/elasticsearch/tree/0.2.0) (2013-02-01) -- Failing installation test on master [\#56](https://github.com/elastic/cookbook-elasticsearch/issues/56) -- Error message when running start script [\#48](https://github.com/elastic/cookbook-elasticsearch/issues/48) +- Failing installation test on master [\#56](https://github.com/sous-chefs/elasticsearch/issues/56) +- Error message when running start script [\#48](https://github.com/sous-chefs/elasticsearch/issues/48) -## [0.1.0](https://github.com/elastic/cookbook-elasticsearch/tree/0.1.0) (2013-01-28) +## [0.1.0](https://github.com/sous-chefs/elasticsearch/tree/0.1.0) (2013-01-28) -## [0.0.1](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.1) (2013-01-28) +## [0.0.1](https://github.com/sous-chefs/elasticsearch/tree/0.0.1) (2013-01-28) -- Update Gists for Ark change [\#28](https://github.com/elastic/cookbook-elasticsearch/issues/28) -- Conflict with nginx cookbook [\#46](https://github.com/elastic/cookbook-elasticsearch/issues/46) -- version bump the metadata [\#42](https://github.com/elastic/cookbook-elasticsearch/issues/42) -- elasticsearch::test doesn't work in ec2 with chef server [\#41](https://github.com/elastic/cookbook-elasticsearch/issues/41) -- Nginx rpm install doesn't support chunkin module [\#38](https://github.com/elastic/cookbook-elasticsearch/issues/38) +- Update Gists for Ark change [\#28](https://github.com/sous-chefs/elasticsearch/issues/28) +- Conflict with nginx cookbook [\#46](https://github.com/sous-chefs/elasticsearch/issues/46) +- version bump the metadata [\#42](https://github.com/sous-chefs/elasticsearch/issues/42) +- elasticsearch::test doesn't work in ec2 with chef server [\#41](https://github.com/sous-chefs/elasticsearch/issues/41) +- Nginx rpm install doesn't support chunkin module [\#38](https://github.com/sous-chefs/elasticsearch/issues/38) -## [0.0.6](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.6) (2013-01-15) +## [0.0.6](https://github.com/sous-chefs/elasticsearch/tree/0.0.6) (2013-01-15) -- Cannot find a resource for create\_ebs on amazon version 2012.09 [\#44](https://github.com/elastic/cookbook-elasticsearch/issues/44) +- Cannot find a resource for create\_ebs on amazon version 2012.09 [\#44](https://github.com/sous-chefs/elasticsearch/issues/44) -## [0.0.5](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.5) (2012-12-20) +## [0.0.5](https://github.com/sous-chefs/elasticsearch/tree/0.0.5) (2012-12-20) -- Add `discovery.ec2.tag` and similar to elasticsearch.yml [\#36](https://github.com/elastic/cookbook-elasticsearch/issues/36) -- Add support for setting cloud.aws.region using node.json [\#33](https://github.com/elastic/cookbook-elasticsearch/issues/33) -- Elasticsearch doesn't start after run 'sudo chef-client' over knife ssh [\#32](https://github.com/elastic/cookbook-elasticsearch/issues/32) -- Can't find Monit template? [\#29](https://github.com/elastic/cookbook-elasticsearch/issues/29) -- Monit doesn't start after machine reboot [\#14](https://github.com/elastic/cookbook-elasticsearch/issues/14) -- Probable bugs in install\_plugin.rb [\#12](https://github.com/elastic/cookbook-elasticsearch/issues/12) +- Add `discovery.ec2.tag` and similar to elasticsearch.yml [\#36](https://github.com/sous-chefs/elasticsearch/issues/36) +- Add support for setting cloud.aws.region using node.json [\#33](https://github.com/sous-chefs/elasticsearch/issues/33) +- Elasticsearch doesn't start after run 'sudo chef-client' over knife ssh [\#32](https://github.com/sous-chefs/elasticsearch/issues/32) +- Can't find Monit template? [\#29](https://github.com/sous-chefs/elasticsearch/issues/29) +- Monit doesn't start after machine reboot [\#14](https://github.com/sous-chefs/elasticsearch/issues/14) +- Probable bugs in install\_plugin.rb [\#12](https://github.com/sous-chefs/elasticsearch/issues/12) -## [0.0.4](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.4) (2012-10-15) +## [0.0.4](https://github.com/sous-chefs/elasticsearch/tree/0.0.4) (2012-10-15) -## [0.0.3](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.3) (2012-10-14) +## [0.0.3](https://github.com/sous-chefs/elasticsearch/tree/0.0.3) (2012-10-14) -- min\_mem should be the same as max\_mem [\#35](https://github.com/elastic/cookbook-elasticsearch/issues/35) -- The `elasticsearch::proxy\_nginx` should declare dependency on `nginx` cookbook [\#24](https://github.com/elastic/cookbook-elasticsearch/issues/24) -- Appears to install nginx even in cases when it's not requested \(no proxy\) [\#23](https://github.com/elastic/cookbook-elasticsearch/issues/23) +- min\_mem should be the same as max\_mem [\#35](https://github.com/sous-chefs/elasticsearch/issues/35) +- The `elasticsearch::proxy\_nginx` should declare dependency on `nginx` cookbook [\#24](https://github.com/sous-chefs/elasticsearch/issues/24) +- Appears to install nginx even in cases when it's not requested \(no proxy\) [\#23](https://github.com/sous-chefs/elasticsearch/issues/23) -## [0.0.2](https://github.com/elastic/cookbook-elasticsearch/tree/0.0.2) (2012-08-18) +## [0.0.2](https://github.com/sous-chefs/elasticsearch/tree/0.0.2) (2012-08-18) -- -Xss128k is too low [\#25](https://github.com/elastic/cookbook-elasticsearch/issues/25) -- Ubuntu Tests Failing [\#22](https://github.com/elastic/cookbook-elasticsearch/issues/22) -- getting an error trying to install plugin [\#21](https://github.com/elastic/cookbook-elasticsearch/issues/21) -- you must set ES\_CLASSPATH [\#20](https://github.com/elastic/cookbook-elasticsearch/issues/20) -- Need a more comprehensive max\_mem calculation [\#15](https://github.com/elastic/cookbook-elasticsearch/issues/15) -- Missing support for status command of the elasticsearch service [\#11](https://github.com/elastic/cookbook-elasticsearch/issues/11) -- Discovery settings in elasticsearch.yml.erb [\#9](https://github.com/elastic/cookbook-elasticsearch/issues/9) -- Monit issues \(template file name, internal issues\) [\#8](https://github.com/elastic/cookbook-elasticsearch/issues/8) -- Align elasticsearch-env.sh.erb with elasticsearch.in.sh [\#3](https://github.com/elastic/cookbook-elasticsearch/issues/3) +- -Xss128k is too low [\#25](https://github.com/sous-chefs/elasticsearch/issues/25) +- Ubuntu Tests Failing [\#22](https://github.com/sous-chefs/elasticsearch/issues/22) +- getting an error trying to install plugin [\#21](https://github.com/sous-chefs/elasticsearch/issues/21) +- you must set ES\_CLASSPATH [\#20](https://github.com/sous-chefs/elasticsearch/issues/20) +- Need a more comprehensive max\_mem calculation [\#15](https://github.com/sous-chefs/elasticsearch/issues/15) +- Missing support for status command of the elasticsearch service [\#11](https://github.com/sous-chefs/elasticsearch/issues/11) +- Discovery settings in elasticsearch.yml.erb [\#9](https://github.com/sous-chefs/elasticsearch/issues/9) +- Monit issues \(template file name, internal issues\) [\#8](https://github.com/sous-chefs/elasticsearch/issues/8) +- Align elasticsearch-env.sh.erb with elasticsearch.in.sh [\#3](https://github.com/sous-chefs/elasticsearch/issues/3) diff --git a/cookbooks/elasticsearch/CONTRIBUTING.md b/cookbooks/elasticsearch/CONTRIBUTING.md deleted file mode 100644 index 8085cc4..0000000 --- a/cookbooks/elasticsearch/CONTRIBUTING.md +++ /dev/null @@ -1,111 +0,0 @@ -Contributing to cookbook-elasticsearch -====================================== - -### General philosophy - -We try, as much as possible, to mirror the upstream experience of installing, configuring, and running Elasticsearch. Sometimes, the upstream project won't expose certain settings, or provide defaults that everyone agrees with. Wherever possible, we will: - -- follow the upstream standards for specific config files -- include any files shipped with packages upstream in this cookbook as-is -- expose a template and cookbook setting for any file that you might want to modify -- recommend major changes to standard files be sent upstream first -- minimize the number of exceptions and maintained "workarounds" in this cookbook - -### Workflow for contributing - -1. Create a branch directly in this repo or a fork (if you don't have push access). Please name branches within this repository `/`. For example, something like karmi/install_from_deb. - -1. Create an issue or open a PR. If you aren't sure your PR will solve the issue, or may be controversial, we commend opening an issue separately and linking to it in your PR, so that if the PR is not accepted, the issue will remain and be tracked. - -1. Close (and reference) issues by the `closes #XXX` or `fixes #XXX` notation in the commit message. Please use a descriptive, useful commit message that could be used to understand why a particular change was made. - -1. Keep pushing commits to the initial branch, `--amend`-ing if necessary. Please don't mix fixing unrelated issues in a single branch. - -1. When everything is ready for merge, clean up the branch (rebase with master to synchronize, squash, edit commits, etc) to prepare for it to be merged. - -### Merging contributions - -1. After reviewing commits for documentation, passing CI tests, and good descriptive commit messages, merge it with --no-ff switch, so it's indicated in the Git history - -1. Do not use the Github "merge button", since it doesn't do a fast-forward merge (see previous item). - -### Testing - -This cookbook is equipped with both unit tests (chefspec) and integration tests -(test-kitchen and serverspec). It also comes with rubocop and foodcritic tasks -in the supplied Rakefile. Contributions to this cookbook should include tests -for new features or bugfixes, with a preference for unit tests over integration -tests to ensure speedy testing runs. ***All tests and most other commands here -should be run using bundler*** and our standard Gemfile. This ensures that -contributions and changes are made in a standardized way against the same -versions of gems. We recommend installing rubygems-bundler so that bundler is -automatically inserting `bundle exec` in front of commands run in a directory -that contains a Gemfile. - -A full test run of all tests and style checks would look like: -```bash -$ bundle exec rake style -$ bundle exec rake spec -$ bundle exec rake integration -$ bundle exec rake destroy -``` -The final destroy is intended to clean up any systems that failed a test, and is -mostly useful when running with kitchen drivers for cloud providers, so that no -machines are left orphaned and costing you money. - -#### Fixtures - -This cookbook supplies a few different test fixtures (under `test/fixtures/`) -that can be shared amongst any number of unit or integration tests: cookbooks, -environments, and nodes. Environments and nodes are automatically loaded into -chef-zero for both chefspec tests that run locally and serverspec tests that run -from test-kitchen. - -It also contains 'platform data' that can be used to drive unit testing, for -example, you might read `httpd` for some platforms and `apache2` for others, -allowing you to write a single test for the Apache webserver. Unfortunately, -without further modifications to `busser` and `busser-serverspec`, the platform -data will not be available to serverspec tests. - -#### Style and Best Practices - -Rubocop and Foodcritic evaluations may be made by running `rake style`. There -are no overrides for foodcritic rules, however the adjustments to -rubocop are made using the supplied `.rubocop.yml` file and have been documented -by comments within. Most notably, rubocop has been restricted to only apply to -`.rb` files. - -Rubocop and foodcritic tests can be executed using `rake style`. - -#### Unit testing - -Unit testing is done using the latest versions of Chefspec. The current default -test layout includes running against all supported platforms, as well as -stubbing data into chef-zero. This allows us to also test against chef search. -As is currently a best practice in the community, we will avoid the use of -chef-solo, but not create barriers to explicitly fail for chef-solo. - -Unit tests can be executed using `rake spec`. - -#### Integration testing - -Integration testing is accomplished using the latest versions of test-kitchen -and serverspec. Currently, this cookbook uses the busser-serverspec plugin for -copying serverspec files to the system being tested. There is some debate in the -community about whether this should be done using busser-rspec instead, and each -busser plugin has a slightly different feature set. - -While the default test-kitchen configuration uses the vagrant driver, you may -override this using `~/.kitchen/config.yml` or by placing a `.kitchen.local.yml` -in the current directory. This allows you to run these integration tests using -any supported test-kitchen driver (ec2, rackspace, docker, etc). - -Integration tests can be executed using `rake integration` or `kitchen test`. - -### Releasing - -1. Create/update the changelog. We are using the `github_changelog_generator` -gem. - -1. We highly recommend using the `stove` project, which pushes cookbooks to -Supermarket and tags to Github. diff --git a/cookbooks/elasticsearch/FAQ.md b/cookbooks/elasticsearch/FAQ.md new file mode 100644 index 0000000..e275e62 --- /dev/null +++ b/cookbooks/elasticsearch/FAQ.md @@ -0,0 +1,137 @@ +# Frequently asked questions + +## Versions and Support + +### Does this cookbook install [Java](https://www.java.com/en/)? What version? + +This cookbook requires java, but does not provide it. Please install Java before using any recipe in this cookbook. Please also note that Elasticsearch itself has [specific minimum Java version requirements](https://www.elastic.co/guide/en/elasticsearch/reference/current/setup.html#jvm-version). We recommend [this cookbook](https://github.com/agileorbit-cookbooks/java) to install Java. + +### What version of [Chef](https://www.chef.io/) does this cookbook require/support? + +This cookbook follows the [recommended Chef community cookbook policy](https://github.com/chef/chef-rfc/blob/master/rfc092-dependency-update-cadence.md#cookbook-and-ecosystem-tooling-support) regarding Chef support; specifically, we support at least the last 6 months of Chef Client versions. We explicitly don't support anything less than Chef 12.5 and greater. We run CI as well as testing with chefspec and test-kitchen. + +### What versions of [Elasticsearch](https://www.elastic.co/products/elasticsearch) does this cookbook support? + +This cookbook is being written and tested to support Elasticsearch 6.x and greater. If you must have a cookbook that works with older versions of Elasticsearch, please test and then pin to a specific, older `major.minor` version of this cookbook and only leave the patch release to float. Older versions can be found via [Git tags](https://github.com/elastic/cookbook-elasticsearch/tags) or on [Chef Supermarket](https://supermarket.chef.io/cookbooks/elasticsearch). We also maintain bugfix branches for major released lines (0.x, 1.x, 2.x, 3.x) of this cookbook so that we can still release fixes for older cookbooks. Previous versions of this cookbook may be found using the git tags on this repository. + +## How do I + +### How do I set the JVM heap size? + +The [allocated_memory](https://github.com/elastic/cookbook-elasticsearch/blob/master/libraries/provider_configure.rb#L27-L32) parameter controls this. +If you do not set this parameter, the heap size will be set to 50% of system memory or 31g, whatever is smaller. + +### How should I discover other Elasticsearch nodes? + +We recommend using [chef search](https://docs.chef.io/chef_search.html) in your wrapper cookbook, or using one of the contributing plugins that leverage cloud-specific features (e.g. `discovery-ec2`). + +### How do I create EBS block devices or other block devices? + +We recommend [the aws cookbook](https://github.com/chef-cookbooks/aws). + +### How do I upgrade Elasticsearch in place? + +Upgrading Elasticsearch in place is not recommended, and generally not supported by this cookbook. We strongly recommend you pin versions of Elasticsearch and spin up new servers to migrate to a new version, one node at a time. This cookbook does not generally set destructive options like asking the package manager to overwrite configuration files without prompting, either. + +See also: + +### How do I override settings in the systemd unit file? + +If you'd like to modify the system unit file, you have two supported options: + +1. [Specify a different source template](https://github.com/elastic/cookbook-elasticsearch/blob/master/libraries/resource_service.rb#L26-L27) +1. Use an override file (see "Unit File Load Path" in the [systemd documentation](https://www.freedesktop.org/software/systemd/man/systemd.unit.html)) + +Typically, the override file should go in something like: `/etc/systemd/system/elasticsearch.service.d/elasticsearch.conf`. + +Check out for more information. + +### How do I avoid running various elasticsearch_* resource? + +If you're running this cookbook inside docker, or manually performing some of the steps to install, configure, or run Elasticsearch, you will notice immediately that this cookbook complains about any missing resources. In order to provide the cookbook will appropriate settings (some resources _need_ information from others, e.g. configuring elasticsearch requires knowing where it is installed), you should simply use the missing resource but specify `action :none`. See #573 for more information + +For example, `elasticsearch_plugin` needs to source the environment file used by `elasticsearch_service` in order to be sure it uses the same settings. If you're running in a container, you may not want to use a service. Therefore, do something like this: + +```ruby +elasticsearch_service 'elasticsearch' do + args '-d' # let other resources know we need to use -d, but don't touch the service + action :none +end +``` + +## Specific errors and messages + +### Elasticsearch complains about data paths on startup + +Per 5.3.1 release notes, Elasticsearch now fails to start if you provide default.path.data and an array of path.data in order to correct a bug from 5.3.0 that merged the default into the array instead of ignoring it. However, default values for cookbook attributes that set those values are also preventing ES from starting, even though path.data isn't an array. + +TL;DR -- you should upgrade and get the bugfix (of the original bugfix). See for more information. + +### Java "trust anchors" error when installing Elasticseach plugins + +If you're using OpenJDK, installing Elasticsearch plugins might fail with a Java SSL exception: + +```text +Exception in thread "main" javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty +``` + +This can be fixed by running the configuration for the `ca-certificates-java` package before installing any plugins: + +```ruby +# http://phutchins.com/blog/2017/03/14/java-trust-anchors-error-when-installing-es-plugins/ +execute "ca-certificates-configure" do + command "sudo /var/lib/dpkg/info/ca-certificates-java.postinst configure" +end +``` + +See [this article](http://phutchins.com/blog/2017/03/14/java-trust-anchors-error-when-installing-es-plugins/) for more details. + +### Chef::Exceptions::Package: Installed package is newer than candidate package + +You may be trying to downgrade Elasticsearch, or the newer package has gone missing from their repos. Depending on what you'd like to do next, you may [provide package_options arguments](https://github.com/elastic/cookbook-elasticsearch/blob/master/libraries/resource_install.rb#L27) to yum or apt to tell it what you'd like to do more specifically. In #571, someone else has figured out how to direct apt/dpkg to upgrade the way they want, but we didn't want to prescribe what end users want their package manager to do. + +Alternately, you can add some logic to skip the install if the correct version is already installed (e.g. add `not_if "rpm -qa | grep -s elasticsearch"` to your `elasticsearch_install` resource). + +### Elasticsearch is installed in the wrong directory name; the version is incorrect + +If you install by URL, and don't provide the version attribute to the `elasticsearch_install` resource, this cookbook can't tell what version you've provided (any arbitrary filename works, so there's no guarantee we can even figure it out). You will get the default version included in the directory name in this case, unless you specify which version you're installing as well. See #535 for more information. + +### Elasticsearch won't start with configuration it doesn't recognize + +There's a chicken-and-egg issue with installing a plugin and then configuring it. It would be nice if Elasticsearch allowed configuration settings that didn't do anything, and emitted a warning instead of a fatal error. + +You have two options to workaround this -- (a) Don't start Elasticsearch until the plugin is installed; in other words, use one elasticsearch_configure and don't issue a :start action to elasticsearch_service until the plugin resource runs its own actions. Alternately, (b) check for whether or not x-pack is installed at the start of a Chef run, and don't configure any x-pack settings unless it's installed (this will require 2 chef runs to fully configure x-pack, as the ::File.exists? is evaluated very early in the Chef run), e.g.: + +```ruby +x_pack_installed = ::File.exists?("#{es_conf.path_plugins}/x-pack") + +settings = { + 'http.port' => port, + 'cluster.name' => cluster_name, + 'node.name' => node_name, + 'bootstrap.memory_lock' => false, + 'discovery.zen.minimum_master_nodes' => 1 +} + +if x_pack_installed + settings['xpack.monitoring.enabled'] = true + ... +end + +es_conf = elasticsearch_configure 'elasticsearch' do + allocated_memory '512m' + configuration settings +end +es_conf.path_data data_location if data_location + +... +``` + +### .deb package installs fail inside containers + +This is a known issue upstream and the packaging folks have been working to resolve it. You can follow along at: + + +### How do I test multiple Elasticsearch nodes in test-kitchen? + +Check out for an example of one possible solution. diff --git a/cookbooks/elasticsearch/LICENSE b/cookbooks/elasticsearch/LICENSE new file mode 100644 index 0000000..0a04d00 --- /dev/null +++ b/cookbooks/elasticsearch/LICENSE @@ -0,0 +1,15 @@ +This software is licensed under the Apache 2 license, quoted below. + + Copyright (c) 2015 Elasticsearch + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/cookbooks/elasticsearch/README.md b/cookbooks/elasticsearch/README.md index 82aa963..e62e9c8 100644 --- a/cookbooks/elasticsearch/README.md +++ b/cookbooks/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch Chef Cookbook -[![Build Status](https://travis-ci.org/elastic/cookbook-elasticsearch.svg?branch=master)](https://travis-ci.org/elastic/cookbook-elasticsearch) [![Cookbook Version](https://img.shields.io/cookbook/v/elasticsearch.svg)](https://supermarket.chef.io/cookbooks/elasticsearch)[![Build Status](https://jenkins-01.eastus.cloudapp.azure.com/job/elasticsearch-cookbook/badge/icon)](https://jenkins-01.eastus.cloudapp.azure.com/job/elasticsearch-cookbook/) +[![Cookbook Version](https://img.shields.io/cookbook/v/elasticsearch.svg)](https://supermarket.chef.io/cookbooks/elasticsearch) **Please** review the [frequently asked questions](FAQ.md) and [contributing guidelines](CONTRIBUTING.md) before opening issues or submitting pull requests. @@ -8,59 +8,6 @@ Please [check out the previous 3.x.x releases](https://github.com/elastic/cookbook-elasticsearch/tree/3.x.x) of this cookbook. Please consider pinning your cookbook to '~> 3.0' for support for Elasticsearch 6 and earlier, or '~> 4.0' release for Elasticsearch 6 and beyond. -## Attributes - -Please consult [attributes/default.rb](attributes/default.rb) for a large list -of checksums for many different archives and package files of different -elasticsearch versions. Both recipes and resources/providers here use those -default values. - -You may use `%s` in your URL and this cookbook will use sprintf/format to insert -the version parameter as a string into your download_url. - -|Name|Default|Other values| -|----|-------|------------| -| For Elasticsearch < 7: || -|`default['elasticsearch']['download_urls']['debian']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| -|`default['elasticsearch']['download_urls']['rhel']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| -|`default['elasticsearch']['download_urls']['tarball']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| -| For Elasticsearch >= 7: || -|`default['elasticsearch']['download_urls_v7']['debian']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| -|`default['elasticsearch']['download_urls_v7']['rhel']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| -|`default['elasticsearch']['download_urls_v7']['tarball']`|[See values](attributes/default.rb).|`%s` will be replaced with the version attribute above| - -This cookbook's `elasticsearch::default` recipe also supports setting any `elasticsearch_` resource using attributes: - -``` -default['elasticsearch']['user'] = {} -default['elasticsearch']['install'] = {} -default['elasticsearch']['configure'] = {} -default['elasticsearch']['service'] = {} -default['elasticsearch']['plugin'] = {} -``` - -For example, this will pass a username 'foo' to `elasticsearch_user` and set a uid to `1234`: -``` -default['elasticsearch']['user']['username'] = 'foo' -default['elasticsearch']['user']['uid'] = '1234' -``` - -## Recipes - -Resources are the intended way to consume this cookbook, however we have -provided a single recipe that configures Elasticsearch by downloading an archive -containing a distribution of Elasticsearch, and extracting that into `/usr/share`. - -See the attributes section above to for what defaults you can adjust. - -### default - -The default recipe creates an elasticsearch user, group, package installation, -configuration files, and service with all of the default options. - -Please note that there are [additional examples within the test fixtures](test/fixtures/cookbooks/elasticsearch_test), -including a demonstration of how to configure two instances of Elasticsearch on a single server. - ## Resources ## Notifications and Service Start/Restart @@ -72,8 +19,6 @@ actions to the underlying service resource if you wish to notify it. You **must** supply your desired notifications when using each resource if you want Chef to automatically restart services. Again, we don't recommend this unless you know what you're doing. -We are supporting whyrun mode in this cookbook, simply because we're using all builtin resources from core Chef, and these also already support whyrun. If you contribute to this cookbook, please be sure to maintain that or guard dangerous Ruby code with something like `if !whyrun_mode? || nested_resource.whyrun_supported?`. - ### Resource names Many of the resources provided in this cookbook need to share configuration @@ -103,6 +48,7 @@ elasticsearch_plugin 'x-pack' ``` ### elasticsearch_user + Actions: `:create`, `:remove` Creates a user and group on the system for use by elasticsearch. Here is an @@ -127,6 +73,7 @@ end ``` ### elasticsearch_install + Actions: `:install`, `:remove` Downloads the elasticsearch software, and unpacks it on the system. There are @@ -155,29 +102,29 @@ elasticsearch_install 'elasticsearch' ```ruby elasticsearch_install 'my_es_installation' do - type 'package' # type of install - version '7.4.2' - action :install # could be :remove as well + type 'package' + version '7.8.0' + action :install end ``` ```ruby elasticsearch_install 'my_es_installation' do - type 'tarball' # type of install + type 'tarball' dir '/usr/local' # where to install download_url "https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.7.2.tar.gz" # sha256 download_checksum "6f81935e270c403681e120ec4395c28b2ddc87e659ff7784608b86beb5223dd2" - action :install # could be :remove as well + action :install end ``` ```ruby elasticsearch_install 'my_es_installation' do - type 'tarball' # type of install - version '7.4.2' + type 'tarball' + version '7.8.0' action :install # could be :remove as well end ``` @@ -194,6 +141,7 @@ end ``` ### elasticsearch_configure + Actions: `:manage`, `:remove` Configures an elasticsearch instance; creates directories for configuration, @@ -205,7 +153,7 @@ which is a hash of any elasticsearch configuration directives. The other important attribute is `default_configuration` -- this contains the minimal set of required defaults. -Note that these are both _not_ a Chef mash, everything must be in a single level +Note that these are both *not* a Chef mash, everything must be in a single level of keys and values. Any settings you pass in configuration will be merged into (and potentially overwrite) any default settings. @@ -215,11 +163,13 @@ for more. Examples: With all defaults - + ```ruby elasticsearch_configure 'elasticsearch' ``` With mostly defaults - + ```ruby elasticsearch_configure 'elasticsearch' do allocated_memory '512m' @@ -232,6 +182,7 @@ end ``` Very complicated - + ```ruby elasticsearch_configure 'my_elasticsearch' do # if you override one of these, you probably want to override all @@ -269,6 +220,7 @@ end ``` ### elasticsearch_service + Actions: `:configure`, `:remove` Writes out a system service configuration of the appropriate type, and enables @@ -286,6 +238,7 @@ entirely skip trying to setup those scripts. Combined with changing the default service actions, this will have the same effect as `action :nothing`. ### elasticsearch_plugin + Actions: `:install`, `:remove` Installs or removes a plugin to a given elasticsearch instance and plugin @@ -295,7 +248,7 @@ Furthermore, there isn't a way to determine if a plugin is compatible with ES or even what version it is. So once we install a plugin to a directory, we generally assume that is the desired one and we don't touch it further. -See https://github.com/elastic/cookbook-elasticsearch/issues/264 for more info. +See for more info. NB: You [may encounter issues on certain distros](http://blog.backslasher.net/java-ssl-crash.html) with NSS 3.16.1 and OpenJDK 7.x. Officially supported or commercial plugins require just the plugin name: @@ -324,6 +277,7 @@ end ``` Plugins from Maven Central or Sonatype require 'groupId/artifactId/version': + ```ruby elasticsearch_plugin 'mapper-attachments' do url 'org.elasticsearch/elasticsearch-mapper-attachments/2.6.0' @@ -332,6 +286,7 @@ end ``` Plugins can be installed from a custom URL or file location as follows: + ```ruby elasticsearch_plugin 'mapper-attachments' do url 'http://some.domain.name//my-plugin-1.0.0.zip' @@ -347,6 +302,7 @@ end The plugin resource respects the `https_proxy` or `http_proxy` (non-SSL) [Chef settings](https://docs.chef.io/config_rb_client.html) unless explicitly disabled using `chef_proxy false`: + ```ruby elasticsearch_plugin 'kopf' do url 'lmenezes/elasticsearch-kopf' @@ -377,6 +333,7 @@ end ## License +```text This software is licensed under the Apache 2 license, quoted below. Copyright (c) 2015 Elasticsearch @@ -392,3 +349,4 @@ This software is licensed under the Apache 2 license, quoted below. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. +``` diff --git a/cookbooks/elasticsearch/attributes/default.rb b/cookbooks/elasticsearch/attributes/default.rb deleted file mode 100644 index c15f2d0..0000000 --- a/cookbooks/elasticsearch/attributes/default.rb +++ /dev/null @@ -1,213 +0,0 @@ -# empty settings (populate these for the elasticsearch::default recipe) -# see the resources or README.md to see what you can pass here. -default['elasticsearch']['user'] = {} -default['elasticsearch']['install'] = {} -default['elasticsearch']['configure'] = {} -default['elasticsearch']['service'] = {} -default['elasticsearch']['plugin'] = {} - -# platform_family keyed download URLs -default['elasticsearch']['download_urls'] = { - 'debian' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s.deb', - 'rhel' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s.rpm', - 'tarball' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s.tar.gz', -} - -default['elasticsearch']['download_urls_v7'] = { - 'debian' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s-amd64.deb', - 'rhel' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s-x86_64.rpm', - 'tarball' => 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-%s-linux-x86_64.tar.gz', -} - -# platform_family keyed download sha256 checksums -default['elasticsearch']['checksums']['6.0.0']['debian'] = '28f38779156387c1db274d8d733429e574b54b4f518da6f0741f6276f8229939' -default['elasticsearch']['checksums']['6.0.0']['rhel'] = '823fa8aa24e9948dea30f0a468f0403b34a62180e02ed752443d5964334c29a1' -default['elasticsearch']['checksums']['6.0.0']['tarball'] = '0420e877a8b986485244f603770737e9e4e47186fdfa1093768a11e391e3d9f4' - -default['elasticsearch']['checksums']['6.0.1']['debian'] = 'ebe6c14638a4909155fe409fb46a7f52bcd3ad2151bfd2f400ab6f8f61c45b3e' -default['elasticsearch']['checksums']['6.0.1']['rhel'] = '25e7a8b152ea85886688398f48bc995d47cd2a12a7d98487748c6166f0732b85' -default['elasticsearch']['checksums']['6.0.1']['tarball'] = 'efaf32aba41e1b7fd086639c0f062c39e1f28b360a78d5c2b8deed797a4c5c57' - -default['elasticsearch']['checksums']['6.1.0']['debian'] = '102be4439b1df7f7606003b3c839dbf69d3827c3e996563c98c0d54560b4fc16' -default['elasticsearch']['checksums']['6.1.0']['rhel'] = 'ebac1b4e1fc8ae3f7266cba93ef113510cba13435ada2c92480506d16cf6b865' -default['elasticsearch']['checksums']['6.1.0']['tarball'] = 'c879fe2698635a2f132db4a02d84f657bc0ccdb5c5f68dda5102f9b2afa508d7' - -default['elasticsearch']['checksums']['6.1.1']['debian'] = '8b6e65dce742c733aa61da24f9c8c0d4d4b7f53ae11d7f4168e98b5a0ed58b45' -default['elasticsearch']['checksums']['6.1.1']['rhel'] = '9820555c72b61b54686bcf0697cdabace28b02315bb5a156999495a16b103d5a' -default['elasticsearch']['checksums']['6.1.1']['tarball'] = '0cadc90c2ab1bd941e3965eef96fbc2c08b12b832ae81f5882e81505333b74b6' - -default['elasticsearch']['checksums']['6.1.2']['debian'] = '64d8bd2bd895904bb91daff656764b10da93531f2011c94d7c779124e53dd5f5' -default['elasticsearch']['checksums']['6.1.2']['rhel'] = 'bfa6809ac94bda92a4ec1bf601c8266f82a4c7842a7702da4dede8f7d5c6a2ec' -default['elasticsearch']['checksums']['6.1.2']['tarball'] = '9c0eae0bdab78c59dac0ba3a9c054e6785dc0f5ce4666e284f42010a326abc0f' - -default['elasticsearch']['checksums']['6.2.0']['debian'] = 'eeb974247ea4360e37798888a5f49227d5ea33e11665a060c9b01b25140f9554' -default['elasticsearch']['checksums']['6.2.0']['rhel'] = '869b6506a35aad6b6d82fe987130402cef9b40c33ff7d98eeaa186eb2a628964' -default['elasticsearch']['checksums']['6.2.0']['tarball'] = '7be4a6580aca7d17b2fe1a1e589aa0a005b6240ef5dce6a5288a56f68021f8f6' - -default['elasticsearch']['checksums']['6.2.1']['debian'] = '2b145aa11bccd2fe99256b9715ff665fe091b62fc699bc77cd07c528dcbf2391' -default['elasticsearch']['checksums']['6.2.1']['rhel'] = '47b97342821cbd1805826a18a7559a59bd045b9aef66e45c3b293b02aeaaeba8' -default['elasticsearch']['checksums']['6.2.1']['tarball'] = '0ccd13c53d23dcb2aea5c0f71dcbe81283e1e31d6ae5d40dec03656852cb468b' - -default['elasticsearch']['checksums']['6.2.2']['debian'] = 'e0a694dcbbac993a4039978ca60e6c05b0bd78ec7eef20a1e95b98979579a47a' -default['elasticsearch']['checksums']['6.2.2']['rhel'] = 'a31277bb89b93da510bf40261882f710a448178ec5430c7a78ac77e91f733cf9' -default['elasticsearch']['checksums']['6.2.2']['tarball'] = 'b26e3546784b39ce3eacc10411e68ada427c5764bcda3064e9bb284eca907983' - -default['elasticsearch']['checksums']['6.2.3']['debian'] = 'b54a1b685656a1424d4956e48daed923752fc268b79bb1b8616cc91f6a78e3bb' -default['elasticsearch']['checksums']['6.2.3']['rhel'] = 'd513a6f82436914c35e774529686e5fdfed1af77264e39228e5d64eee22c78ce' -default['elasticsearch']['checksums']['6.2.3']['tarball'] = '01dd8dec5f0acf04336721e404bf4d075675a3acae9f2a9fdcdbb5ca11baca76' - -default['elasticsearch']['checksums']['6.2.4']['debian'] = 'f9c889bf1e2e897a881f624dab6a4aa3be5ec1f9d65b6d115021095496351969' -default['elasticsearch']['checksums']['6.2.4']['rhel'] = '9c13e0fb8bc90b7bd6e09c8ba922c2d89c2183bb6161047ec6549c0cbcccee72' -default['elasticsearch']['checksums']['6.2.4']['tarball'] = '91e6f1ea1e1dd39011e7a703d2751ca46ee374665b08b0bfe17e0c0c27000e8e' - -default['elasticsearch']['checksums']['6.3.0']['debian'] = '659c3f9a90ae5fe4568d5103de3bbd37e8a03143447118ee61fe72d514b8f4d6' -default['elasticsearch']['checksums']['6.3.0']['rhel'] = 'b6d7951b8ad72c06e7a23263227e1b90b8aa6e5d5ee798a6c849934516121109' -default['elasticsearch']['checksums']['6.3.0']['tarball'] = '0464127140820d82b24bd2830232131ea85bcd49267a8bc7365e4fa391dee2a3' - -default['elasticsearch']['checksums']['6.3.1']['debian'] = '350cc95201814ec39b1c80bbb8329faf1dae20a3386b28b626144c6f67ced333' -default['elasticsearch']['checksums']['6.3.1']['rhel'] = '073e2bc52a82bc099cca1534391a057c6506dbcb06e849e24ff4d60187ade4b3' -default['elasticsearch']['checksums']['6.3.1']['tarball'] = '0b4d1c3c66894c9bf54284b53c1448d0e6def89a09c9fe4446e7167e51b8040e' - -default['elasticsearch']['checksums']['6.4.0']['debian'] = 'dc7b4b5583ad4689f57369fb8bf8c9b708cfc278701c895762378b010460f658' -default['elasticsearch']['checksums']['6.4.0']['rhel'] = 'b7b8e6265ec4a3aec509fe1e3fb054e6c64256ce7f4ab64d1d5b1629b24883c2' -default['elasticsearch']['checksums']['6.4.0']['tarball'] = 'e9786efb5cecd12adee2807c7640ba9a1ab3b484d2e87497bb8d0b6df0e24f01' - -default['elasticsearch']['checksums']['6.4.1']['debian'] = 'ba71dbe16bfb6111dbe7d49ffd447ed1092a754636b30214067d31ff3059e100' -default['elasticsearch']['checksums']['6.4.1']['rhel'] = '2d63f9814ff67edc5c8a8e247ed359a8ef7e23cfbe3a438041a72b44b0be09b2' -default['elasticsearch']['checksums']['6.4.1']['tarball'] = '6fce529465975b2cd2f5aef09b459006636e4b903e623fd6361ae9feeebf1542' - -default['elasticsearch']['checksums']['6.4.2']['debian'] = '4ca2cc982db8e46743a98e2c3d678e60c24331b28f79ea424bb8a323e611f678' -default['elasticsearch']['checksums']['6.4.2']['rhel'] = '8987285d92d0d94f0e842e51ba8ed04fb9ad5e078cc68f63ef2ff8ca1986ad08' -default['elasticsearch']['checksums']['6.4.2']['tarball'] = '32a9c0305faed1cbd4e22c85a8c333ca2b6704f1d0006e92709fada10cec3f45' - -default['elasticsearch']['checksums']['6.4.3']['debian'] = 'cbf62cf228e556ca89d94562cb747127da69f5a4a04198d1a19230455671d0d4' -default['elasticsearch']['checksums']['6.4.3']['rhel'] = 'd059c695eadefc26788106a7d3d4c6b300bc50ede36dfbcb04b1caa9211d5bff' -default['elasticsearch']['checksums']['6.4.3']['tarball'] = '861bc4d4188ce65df34a8876f104bbb2cddff3586990e57233e0847eb961b15e' - -default['elasticsearch']['checksums']['6.5.0']['debian'] = '5fddd2759f7a96f884b0bfb863e04624ba50db39fa6455a87bef2b7bc4bff16e' -default['elasticsearch']['checksums']['6.5.0']['rhel'] = 'b78a6d3ddb59d086f0da28a2e25d9e5f0b5af61f0fd2898ce972f7ca9e84f961' -default['elasticsearch']['checksums']['6.5.0']['tarball'] = 'b158c02dddccc265d25855282015a7b09207c216be99c08114514ed283969b81' - -default['elasticsearch']['checksums']['6.5.1']['debian'] = '7de183122a9dbb7b07ee56e18edf0365dc27e413a5962363b944a9aa63ffbb4a' -default['elasticsearch']['checksums']['6.5.1']['rhel'] = 'fc38dcce176a96665c0801054794f62d8a9a23c9f930919248cfbe2622c7255e' -default['elasticsearch']['checksums']['6.5.1']['tarball'] = '17cf2f58c7cbb36c4419a8143321660defe2c492b3a6eaa9a6dcd5e36347d124' - -default['elasticsearch']['checksums']['6.5.2']['debian'] = '9cb0997dc6d2be16c988c0ee43ccafd19a8b2e757326af84f4cead40f74c614f' -default['elasticsearch']['checksums']['6.5.2']['rhel'] = 'ddab10c3be94fb89bc7057bdb20624b5e65e3ba8244d655e243119a5103e07c7' -default['elasticsearch']['checksums']['6.5.2']['tarball'] = 'b7b73b871957bdcff75d333eba8c1c6adf3731470f943b159365bde413e45dfc' - -default['elasticsearch']['checksums']['6.5.3']['debian'] = '38b30461201fe8d126d124f04d961e7c037bea7a6fb9ca485c08e681d8d30456' -default['elasticsearch']['checksums']['6.5.3']['rhel'] = '2f3eb7682e06211061bea90a0314a515f0c4ef683f45c8e57bfb1dfb14679c3a' -default['elasticsearch']['checksums']['6.5.3']['tarball'] = 'cee4340dfaadf27d73ccaef5a8019e177021e1ffea3b7e622ca5ab9267725cac' - -default['elasticsearch']['checksums']['6.5.4']['debian'] = 'c0a062ffb45f989cd3091c66f62605178c41c3735991d95506a6986a90924833' -default['elasticsearch']['checksums']['6.5.4']['rhel'] = 'aa4006f754bd1a0bfaa338ba40d93a1762917c1862951577c62b1f073026b5ba' -default['elasticsearch']['checksums']['6.5.4']['tarball'] = '762e25c036fa2e882cb7e91d83868fa15a1cad8549d279a8c5826a005bb31877' - -default['elasticsearch']['checksums']['6.6.0']['debian'] = '0f34cd050bc2a6b4f3a4a8ea71755a03c638e1d929141424a246792e067534a9' -default['elasticsearch']['checksums']['6.6.0']['rhel'] = '8fdaaefa22cef3370bdf353df09bf07695d0e3764ac0c9b6ad8a1412076f9566' -default['elasticsearch']['checksums']['6.6.0']['tarball'] = '4993a17b88268a053042510404bcb808f86d6438fec458be4e0ef1c412681655' - -default['elasticsearch']['checksums']['6.6.1']['debian'] = '505d5aae1c2ba66e36be41fe94ec9e4c444cbdd7926aaaa9392356a2c40d2102' -default['elasticsearch']['checksums']['6.6.1']['rhel'] = '3ba9ef562c951eccd070704db498dcf703f05b567d459f93f144e9189e1ee21a' -default['elasticsearch']['checksums']['6.6.1']['tarball'] = 'a4fd359facf03272013e3f2bffc846c1e1f8c60b7fb0daf856831f14947ed297' - -default['elasticsearch']['checksums']['6.6.2']['debian'] = 'e5aa8b1449fb08b56ec5d9a52324cadd7439c29533fa7662badede051a9a9778' -default['elasticsearch']['checksums']['6.6.2']['rhel'] = '8a42533764f0332e09cb6d2ed2af02a641766d73a3669458b20fe37615047872' -default['elasticsearch']['checksums']['6.6.2']['tarball'] = 'f32d6fa73b466e29f30a5b6e0bcc6352a5508329f765c948c80c242ddfb97770' - -default['elasticsearch']['checksums']['6.7.0']['debian'] = 'fdf31c8774b779cf5bf3c3f6e01371d11b5a3889ca3d9c3dbd2dc6142d96a633' -default['elasticsearch']['checksums']['6.7.0']['rhel'] = 'e09010ab7cbf5c81f8821e25a6617de29bcc658a3c79750e337471ef4711d8b4' -default['elasticsearch']['checksums']['6.7.0']['tarball'] = 'bed3587b892319d2e6b25d68c03930c95cf6d74210e3b368a638ca9f837a2315' - -default['elasticsearch']['checksums']['6.7.1']['debian'] = '807223a278ffd29630f01a1c21ff268aa5b51ff36c66a2c56a7a8e275d102831' -default['elasticsearch']['checksums']['6.7.1']['rhel'] = '88b6f4de17ea943ac996648783cd07471ee37b894d17bf17939d9a0cedb30237' -default['elasticsearch']['checksums']['6.7.1']['tarball'] = '7be3f94882130c769e5a6b95dbccdc3cab9f101cbc68edfa661f7188c78f06e2' - -default['elasticsearch']['checksums']['6.7.2']['debian'] = '8ad69655c22eabe94295ffb23434ae26ef4d839555ee9cb65261a6fe48e0dc12' -default['elasticsearch']['checksums']['6.7.2']['rhel'] = 'aabd389a4098fb99113907ae9665d454291dd32641cd33056f26ec713d017972' -default['elasticsearch']['checksums']['6.7.2']['tarball'] = 'd0ed638c825914d3c5fd8b34f69b5bcf9cfa5cf85af25145ea7a910ea8f708a9' - -default['elasticsearch']['checksums']['6.8.0']['debian'] = 'cb5556c6b75ef2e2d3b0399625aaabae0bbd84229ffc08e8475fdbec1e1b66c0' -default['elasticsearch']['checksums']['6.8.0']['rhel'] = '702bde8def4d51788b49477225d345b693e34ede35c1fbf6fd1421860d3451f5' -default['elasticsearch']['checksums']['6.8.0']['tarball'] = '92c67cf48a145a60579857f190ed03a56e3ae42e599d0c84fed0747af866fffd' - -default['elasticsearch']['checksums']['6.8.1']['debian'] = 'e7711bfb68e82f4538067da03634ef1937d71a1ab448d7d4eb3f20bc1c4854d1' -default['elasticsearch']['checksums']['6.8.1']['rhel'] = '4663f759cade5d1613842f86af3f78d064ce3c8e81de9615a353cc2eb413aed0' -default['elasticsearch']['checksums']['6.8.1']['tarball'] = 'ad33d463884acde2d8682cb46927f03603ea66133b84c12f53dc9edbc02447e3' - -default['elasticsearch']['checksums']['6.8.2']['debian'] = '9e6b591bef75d042abb4888d914e37aab19bf8afb6eda9efaa6b270ac7edd151' -default['elasticsearch']['checksums']['6.8.2']['rhel'] = '3561e6c1bbac324448928e752b9d6c0d2a413c569993625f6dd255b343f61a6c' -default['elasticsearch']['checksums']['6.8.2']['tarball'] = '2dc3107475659dfd21afa74612a43d5ccbcf4942ab679e8e4e77167cafe27c94' - -default['elasticsearch']['checksums']['6.8.3']['debian'] = '65220ba62793445dc0a6fc41078f6020dcfe5b3c9d5ee2ba75d17866b5e09d40' -default['elasticsearch']['checksums']['6.8.3']['rhel'] = '9c3c7d18f12db3e27fb8c751ffae1c5a5dd8db59266a5ebb69d620e3ae363de2' -default['elasticsearch']['checksums']['6.8.3']['tarball'] = '824078e421c9f7e5ab9c875e4019d9ebfe3ada99db286b54dec090f97d1cbe25' - -default['elasticsearch']['checksums']['6.8.4']['debian'] = '55b4248b38c72d254230c8469847649489fe4abf1b2e14e3a82f6ae5214f8a8f' -default['elasticsearch']['checksums']['6.8.4']['rhel'] = '1d618c51a263984da1992230d35611b012aff8ade4fee0a16338f9919a9a4a9b' -default['elasticsearch']['checksums']['6.8.4']['tarball'] = 'b8a545cc6d5fc3bd4be7adbe7057faa68fc548cf1923b30a2d90f328c6da96c9' - -default['elasticsearch']['checksums']['6.8.5']['debian'] = '115e5649962793fbcc628b0eb660eafe570ff67676ca88cf98e7cec830fd1dd4' -default['elasticsearch']['checksums']['6.8.5']['rhel'] = '96520e7c3b49bdad753ccfad76ce2899dbcecf6a1531f20a59b5087305a1c557' -default['elasticsearch']['checksums']['6.8.5']['tarball'] = '5fe84fa84a0ca0136aad9bbdfc2053f8dda9a3e166ddf34e947bb1fe24e4ce6d' - -default['elasticsearch']['checksums']['6.8.6']['debian'] = '82dce29bb3c9108f44e936c3fc6200ce7264bb1a27c1a1cc6dde39b6eac03487' -default['elasticsearch']['checksums']['6.8.6']['rhel'] = '4880396d1a78046efe4a6ec45c1cc2f1f9f0d328466aa32355e95f9834d9d0af' -default['elasticsearch']['checksums']['6.8.6']['tarball'] = '67b9b07a649831eb30779cf8264548a0828414ba9abb1be7bc592a8db91fdf7c' - -default['elasticsearch']['checksums']['7.0.0']['debian'] = '491d36af33bc896f8c44c46e1ed550e304220c9eedee991091864f5f3434e2f4' -default['elasticsearch']['checksums']['7.0.0']['rhel'] = '99ed1d22c128189ccb07c99babe7f437180e42c94af15782acf4b80d2520abc4' -default['elasticsearch']['checksums']['7.0.0']['tarball'] = '68deee5e9c961ad48cc83859970ac7a79029fe5f5e6de7e58ea0f7c7713f25ba' - -default['elasticsearch']['checksums']['7.0.1']['debian'] = 'b84419e213539f5af2a0b3d73ebc11cf2da7e7061e6308e83333a9282bf920e4' -default['elasticsearch']['checksums']['7.0.1']['rhel'] = '52aba98ea0165492fa899ed8487af5cab10f5e452611995ebac31b5f44facd50' -default['elasticsearch']['checksums']['7.0.1']['tarball'] = '33866cbc61383d1ead01622ff54cadacec0b9fe81224af9b77104be614a56eca' - -default['elasticsearch']['checksums']['7.1.0']['debian'] = '9cdb867ebfda5550590e2dc98e37020d9aa6bfd508b1b8be9f11f5683c807349' -default['elasticsearch']['checksums']['7.1.0']['rhel'] = '3facf261e9cbb88c8d792d2ff97e2aeb79c44d2df5fd83591ce4f2d5378eb7a4' -default['elasticsearch']['checksums']['7.1.0']['tarball'] = '91b4bd3722086e83dbe5ee7abf179de19b0cf9dc8a639438bde2721f184cc42e' - -default['elasticsearch']['checksums']['7.1.1']['debian'] = '2ef15cb7e37d32b93c51ad537959831bd72cac2627f255d22cc574cec5de6aef' -default['elasticsearch']['checksums']['7.1.1']['rhel'] = '7950c7d97407d8948ca164d81866b389fe734e3ec775452a3e407e49cbd0d5ed' -default['elasticsearch']['checksums']['7.1.1']['tarball'] = 'd8cd7df1232d931b9ff8fda1e960d94b03db21b7f33162d6865ebcbe69a45f95' - -default['elasticsearch']['checksums']['7.2.0']['debian'] = '1ff7b88c4bc38438a67719df499b17d4f7082a77eda89f39016f83414554ea95' -default['elasticsearch']['checksums']['7.2.0']['rhel'] = 'a854decb443631a0031a9492c1d5acbed00222381cb63cba68ae6d5deee3994c' -default['elasticsearch']['checksums']['7.2.0']['tarball'] = '24a2c31ff3ef34624752f266c39e40e84b103ab529dae7e062f1cb4b614cd1c5' - -default['elasticsearch']['checksums']['7.2.1']['debian'] = '41f507b83fc49a3da5109afd18cc626ec5458acf567f00a80ac3f1c34b6d4b7f' -default['elasticsearch']['checksums']['7.2.1']['rhel'] = '96fdac0a8e6c74182d920b39e3f4830b722731a646126222c189e12a95302e6e' -default['elasticsearch']['checksums']['7.2.1']['tarball'] = 'd5d660895a39755ad6af16ec32cff5e2b645d5faf7150c69acc0fe013c604ae7' - -default['elasticsearch']['checksums']['7.3.0']['debian'] = '72ae24cf0f5d97a307f35d116a41e1165e80f58f08b0ca4e6de3ec5228f06f9c' -default['elasticsearch']['checksums']['7.3.0']['rhel'] = 'f49dc809cf48369b70546f13dfb28b43e1a07387b681ca786c794762d52847ca' -default['elasticsearch']['checksums']['7.3.0']['tarball'] = '6cddb4d9a3c5e730f8e35e2155937c069d057129808ea135d31f0ed5f7f2ea22' - -default['elasticsearch']['checksums']['7.3.1']['debian'] = '570af7456603fd103408ed61ccec4473302976d46e1ff845b74a881122977e02' -default['elasticsearch']['checksums']['7.3.1']['rhel'] = '240f93d16da4c20d2cc377b7c6a61dbf4fb9634d74829ccb5f7cd42c023bc967' -default['elasticsearch']['checksums']['7.3.1']['tarball'] = '69864bcbca495603004c6c4e6f5d69bce4dc89cd6d672d1ebc7f5387a3d13c74' - -default['elasticsearch']['checksums']['7.3.2']['debian'] = '690e98653b3dc50ec5f8e65c480ec41c8c4db0d2c63b5ed3f25fef53d6aaaa55' -default['elasticsearch']['checksums']['7.3.2']['rhel'] = 'bdada0a4c7b5574c41726154212b6b25373e2b4d7d2a64e24238b206ad422ecd' -default['elasticsearch']['checksums']['7.3.2']['tarball'] = '8254dc2d98959cb7964a523a7abab3cd40362dde694ce020ae1efd554efb8e82' - -default['elasticsearch']['checksums']['7.4.0']['debian'] = '3edf17d9d63a08a0f7eb7d9727a1737e1c770277f64fe44342115e62f752cc51' -default['elasticsearch']['checksums']['7.4.0']['rhel'] = '1bfae41734c77af3bc66084ac0cc04add1190f9311b045d3c184ea7b3e688334' -default['elasticsearch']['checksums']['7.4.0']['tarball'] = 'b712ced4a7feae46c3f966d52ac24f1b3418ee3ffbf0495a97f27ccf40878873' - -default['elasticsearch']['checksums']['7.4.1']['debian'] = '55a92288e81856e9bb6c36c0f7149b24cf36432527ca809fc48e25775b0cf584' -default['elasticsearch']['checksums']['7.4.1']['rhel'] = '8ec30fbd95235cb15d0f27cd40f75a43f640f5832e2ee2d44fe8d2983cd5724f' -default['elasticsearch']['checksums']['7.4.1']['tarball'] = '39be609b1051bc92dc8a9481d47c4c16c9efd77e8a423eca97eb45fec5d4d156' - -default['elasticsearch']['checksums']['7.4.2']['debian'] = '514a8e21e173481edb9130ebbf33f15209b467df5c2222632d63c4527c16abc6' -default['elasticsearch']['checksums']['7.4.2']['rhel'] = 'af616eed2cd30411f400dee0c993eb8fccd55e510548697d7cc0eb178ac4adec' -default['elasticsearch']['checksums']['7.4.2']['tarball'] = 'f54475eafbf3384f4378002d87badf013018a9238937a4bd780e71271c670772' - -default['elasticsearch']['checksums']['7.5.0']['debian'] = '5b167d15461049f6aa58a96d805c9bcd297ad19467392eea125ce91c5eaaf908' -default['elasticsearch']['checksums']['7.5.0']['rhel'] = 'a8e802c74c3163272fb7119a9d23c1e8f7bbe76e6502a3fcc30709705bc57f4a' -default['elasticsearch']['checksums']['7.5.0']['tarball'] = '1e183717071e329591c109a8560a90b66ddd55958a68cc83385ae123d680b4ca' - -default['elasticsearch']['checksums']['7.5.1']['debian'] = 'e566a88e15d8f85cf793c8f971b51eeae6465a0aa73f968ae4b1ee6aa71e4c20' -default['elasticsearch']['checksums']['7.5.1']['rhel'] = 'e6202bba2bd8644d23dcbef9ad7780c847dfe4ee699d3dc1804f6f62eed59c2d' -default['elasticsearch']['checksums']['7.5.1']['tarball'] = '37c317efaacf33a1bae250a59e822864750fddd8caf08c4b6a6c235ffa5f47e8' diff --git a/cookbooks/yum/chefignore b/cookbooks/elasticsearch/chefignore similarity index 98% rename from cookbooks/yum/chefignore rename to cookbooks/elasticsearch/chefignore index cc170ea..a27b0b2 100644 --- a/cookbooks/yum/chefignore +++ b/cookbooks/elasticsearch/chefignore @@ -61,7 +61,7 @@ Dangerfile examples/* features/* Guardfile -kitchen.yml* +kitchen*.yml mlc_config.json Procfile Rakefile diff --git a/cookbooks/elasticsearch/files/elasticsearch.asc b/cookbooks/elasticsearch/files/elasticsearch.asc new file mode 100644 index 0000000..1b50dcc --- /dev/null +++ b/cookbooks/elasticsearch/files/elasticsearch.asc @@ -0,0 +1,31 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.14 (GNU/Linux) + +mQENBFI3HsoBCADXDtbNJnxbPqB1vDNtCsqhe49vFYsZN9IOZsZXgp7aHjh6CJBD +A+bGFOwyhbd7at35jQjWAw1O3cfYsKAmFy+Ar3LHCMkV3oZspJACTIgCrwnkic/9 +CUliQe324qvObU2QRtP4Fl0zWcfb/S8UYzWXWIFuJqMvE9MaRY1bwUBvzoqavLGZ +j3SF1SPO+TB5QrHkrQHBsmX+Jda6d4Ylt8/t6CvMwgQNlrlzIO9WT+YN6zS+sqHd +1YK/aY5qhoLNhp9G/HxhcSVCkLq8SStj1ZZ1S9juBPoXV1ZWNbxFNGwOh/NYGldD +2kmBf3YgCqeLzHahsAEpvAm8TBa7Q9W21C8vABEBAAG0RUVsYXN0aWNzZWFyY2gg +KEVsYXN0aWNzZWFyY2ggU2lnbmluZyBLZXkpIDxkZXZfb3BzQGVsYXN0aWNzZWFy +Y2gub3JnPokBOAQTAQIAIgUCUjceygIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgEC +F4AACgkQ0n1mbNiOQrRzjAgAlTUQ1mgo3nK6BGXbj4XAJvuZDG0HILiUt+pPnz75 +nsf0NWhqR4yGFlmpuctgCmTD+HzYtV9fp9qW/bwVuJCNtKXk3sdzYABY+Yl0Cez/ +7C2GuGCOlbn0luCNT9BxJnh4mC9h/cKI3y5jvZ7wavwe41teqG14V+EoFSn3NPKm +TxcDTFrV7SmVPxCBcQze00cJhprKxkuZMPPVqpBS+JfDQtzUQD/LSFfhHj9eD+Xe +8d7sw+XvxB2aN4gnTlRzjL1nTRp0h2/IOGkqYfIG9rWmSLNlxhB2t+c0RsjdGM4/ +eRlPWylFbVMc5pmDpItrkWSnzBfkmXL3vO2X3WvwmSFiQbkBDQRSNx7KAQgA5JUl +zcMW5/cuyZR8alSacKqhSbvoSqqbzHKcUQZmlzNMKGTABFG1yRx9r+wa/fvqP6OT +RzRDvVS/cycws8YX7Ddum7x8uI95b9ye1/Xy5noPEm8cD+hplnpU+PBQZJ5XJ2I+ +1l9Nixx47wPGXeClLqcdn0ayd+v+Rwf3/XUJrvccG2YZUiQ4jWZkoxsA07xx7Bj+ +Lt8/FKG7sHRFvePFU0ZS6JFx9GJqjSBbHRRkam+4emW3uWgVfZxuwcUCn1ayNgRt +KiFv9jQrg2TIWEvzYx9tywTCxc+FFMWAlbCzi+m4WD+QUWWfDQ009U/WM0ks0Kww +EwSk/UDuToxGnKU2dQARAQABiQEfBBgBAgAJBQJSNx7KAhsMAAoJENJ9ZmzYjkK0 +c3MIAIE9hAR20mqJWLcsxLtrRs6uNF1VrpB+4n/55QU7oxA1iVBO6IFu4qgsF12J +TavnJ5MLaETlggXY+zDef9syTPXoQctpzcaNVDmedwo1SiL03uMoblOvWpMR/Y0j +6rm7IgrMWUDXDPvoPGjMl2q1iTeyHkMZEyUJ8SKsaHh4jV9wp9KmC8C+9CwMukL7 +vM5w8cgvJoAwsp3Fn59AxWthN3XJYcnMfStkIuWgR7U2r+a210W6vnUxU4oN0PmM +cursYPyeV0NX/KQeUeNMwGTFB6QHS/anRaGQewijkrYYoTNtfllxIu9XYmiBERQ/ +qPDlGRlOgVTd9xUfHFkzB52c70E= +=92oX +-----END PGP PUBLIC KEY BLOCK----- diff --git a/cookbooks/elasticsearch/libraries/helpers.rb b/cookbooks/elasticsearch/libraries/helpers.rb index b0af256..089df99 100644 --- a/cookbooks/elasticsearch/libraries/helpers.rb +++ b/cookbooks/elasticsearch/libraries/helpers.rb @@ -6,16 +6,32 @@ module ElasticsearchCookbook instance_name = resource.instance_name # if we are truly given a specific name to find - name_match = find_exact_resource(run_context, resource_type, resource_name) rescue nil + name_match = begin + find_exact_resource(run_context, resource_type, resource_name) + rescue + nil + end return name_match if name_match # first try by instance name attribute - name_instance = find_instance_name_resource(run_context, resource_type, instance_name) rescue nil + name_instance = begin + find_instance_name_resource(run_context, resource_type, instance_name) + rescue + nil + end return name_instance if name_instance # otherwise try the defaults - name_default = find_exact_resource(run_context, resource_type, 'default') rescue nil - name_elasticsearch = find_exact_resource(run_context, resource_type, 'elasticsearch') rescue nil + name_default = begin + find_exact_resource(run_context, resource_type, 'default') + rescue + nil + end + name_elasticsearch = begin + find_exact_resource(run_context, resource_type, 'elasticsearch') + rescue + nil + end # if we found exactly one default name that matched return name_default if name_default && !name_elasticsearch @@ -58,58 +74,7 @@ module ElasticsearchCookbook return results.first end - nil # falsey - end - - def determine_download_url(new_resource, node) - platform_family = node['platform_family'] - - version_key = 'download_urls' - if Gem::Version.new(new_resource.version) >= Gem::Version.new('7.0.0') - version_key = 'download_urls_v7' - end - - url_string = nil - if new_resource.download_url - url_string = new_resource.download_url - elsif new_resource.type == 'tarball' - url_string = node['elasticsearch'][version_key]['tarball'] - elsif new_resource.type == 'package' && node['elasticsearch']['download_urls'][platform_family] - url_string = node['elasticsearch'][version_key][platform_family] - end - - if url_string && new_resource.version - return format(url_string, new_resource.version) - elsif url_string - return url_string - end - end - - def determine_download_checksum(new_resource, node) - platform_family = node['platform_family'] - - # for the sake of finding correct attribute data, use rhel for amazon too - # See https://github.com/elastic/cookbook-elasticsearch/issues/609 - platform_family = 'rhel' if platform_family == 'amazon' - - install_type = new_resource.type - version = new_resource.version - - if new_resource.download_checksum - new_resource.download_checksum - elsif install_type == 'tarball' - node && version && - node['elasticsearch'] && - node['elasticsearch']['checksums'] && - node['elasticsearch']['checksums'][version] && - node['elasticsearch']['checksums'][version]['tarball'] - elsif install_type == 'package' && node['elasticsearch']['checksums'][version] && node['elasticsearch']['checksums'][version][platform_family] - node && version && platform_family && - node['elasticsearch'] && - node['elasticsearch']['checksums'] && - node['elasticsearch']['checksums'][version] && - node['elasticsearch']['checksums'][version][platform_family] - end + nil end # proxy helper for chef sets JVM 8 proxy options @@ -134,6 +99,10 @@ module ElasticsearchCookbook end end + def es_user + find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) + end + class HashAndMashBlender attr_accessor :target def initialize(hash_or_mash_or_whatever) diff --git a/cookbooks/elasticsearch/libraries/matchers.rb b/cookbooks/elasticsearch/libraries/matchers.rb deleted file mode 100644 index 51e532f..0000000 --- a/cookbooks/elasticsearch/libraries/matchers.rb +++ /dev/null @@ -1,73 +0,0 @@ -# ChefSpec is a tool to unit test cookbooks in conjunction with rspec -# Learn more on the README or at https://github.com/sethvargo/chefspec. -if defined?(ChefSpec) - ChefSpec.define_matcher(:elasticsearch_configure) - ChefSpec.define_matcher(:elasticsearch_install) - ChefSpec.define_matcher(:elasticsearch_plugin) - ChefSpec.define_matcher(:elasticsearch_service) - ChefSpec.define_matcher(:elasticsearch_user) - - def create_elasticsearch_user(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_user, :create, resource_name) - end - - def remove_elasticsearch_user(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_user, :remove, resource_name) - end - - def install_elasticsearch(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_install, :install, resource_name) - end - - def remove_elasticsearch(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_install, :remove, resource_name) - end - - def manage_elasticsearch_configure(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_configure, :manage, resource_name) - end - - def remove_elasticsearch_configure(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_configure, :remove, resource_name) - end - - def configure_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :configure, resource_name) - end - - def remove_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :remove, resource_name) - end - - def enable_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :enable, resource_name) - end - - def disable_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :disable, resource_name) - end - - def start_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :start, resource_name) - end - - def stop_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :stop, resource_name) - end - - def restart_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :restart, resource_name) - end - - def status_elasticsearch_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_service, :status, resource_name) - end - - def install_elasticsearch_plugin(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_plugin, :install, resource_name) - end - - def remove_elasticsearch_plugin(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:elasticsearch_plugin, :remove, resource_name) - end -end diff --git a/cookbooks/elasticsearch/libraries/provider_configure.rb b/cookbooks/elasticsearch/libraries/provider_configure.rb deleted file mode 100644 index 1abfa3d..0000000 --- a/cookbooks/elasticsearch/libraries/provider_configure.rb +++ /dev/null @@ -1,164 +0,0 @@ -# Chef Provider for configuring an elasticsearch instance -class ElasticsearchCookbook::ConfigureProvider < Chef::Provider::LWRPBase - include ElasticsearchCookbook::Helpers - - provides :elasticsearch_configure - - def whyrun_supported? - true # we only use core Chef resources that also support whyrun - end - - def action_manage - # lookup existing ES resources - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - es_svc = find_es_resource(Chef.run_context, :elasticsearch_service, new_resource) - es_install = find_es_resource(Chef.run_context, :elasticsearch_install, new_resource) - - default_configuration = new_resource.default_configuration.dup - # if a subdir parameter is missing but dir is set, infer the subdir name - # then go and be sure it's also set in the YML hash if it wasn't given there - if new_resource.path_data && default_configuration['path.data'].nil? - default_configuration['path.data'] = new_resource.path_data - end - - if new_resource.path_logs && default_configuration['path.logs'].nil? - default_configuration['path.logs'] = new_resource.path_logs - end - - # calculation for memory allocation; 50% or 31g, whatever is smaller - unless new_resource.allocated_memory - half = ((node['memory']['total'].to_i * 0.5).floor / 1024) - malloc_str = (half > 30_500 ? '30500m' : "#{half}m") - new_resource.allocated_memory malloc_str - end - - # Create ES directories - # - [new_resource.path_conf, "#{new_resource.path_conf}/scripts"].each do |path| - d = directory path do - owner es_user.username - group es_user.groupname - mode '0750' - recursive true - action :nothing - end - d.run_action(:create) - new_resource.updated_by_last_action(true) if d.updated_by_last_action? - end - - # Create data path directories - # - data_paths = new_resource.path_data.is_a?(Array) ? new_resource.path_data : new_resource.path_data.split(',') - data_paths = data_paths << new_resource.path_logs - - data_paths.each do |path| - d = directory path.strip do - owner es_user.username - group es_user.groupname - mode '0755' - recursive true - action :nothing - end - d.run_action(:create) - new_resource.updated_by_last_action(true) if d.updated_by_last_action? - end - - # Create elasticsearch shell variables file - # - # Valid values in /etc/sysconfig/elasticsearch or /etc/default/elasticsearch - # ES_HOME JAVA_HOME ES_PATH_CONF DATA_DIR LOG_DIR PID_DIR ES_JAVA_OPTS - # RESTART_ON_UPGRADE ES_USER ES_GROUP ES_STARTUP_SLEEP_TIME MAX_OPEN_FILES - # MAX_LOCKED_MEMORY MAX_MAP_COUNT - # - # We provide these values as resource attributes/parameters directly - - params = {} - params[:ES_HOME] = new_resource.path_home - params[:JAVA_HOME] = new_resource.java_home - params[:ES_PATH_CONF] = new_resource.path_conf - params[:DATA_DIR] = new_resource.path_data - params[:LOG_DIR] = new_resource.path_logs - params[:PID_DIR] = new_resource.path_pid - params[:RESTART_ON_UPGRADE] = new_resource.restart_on_upgrade - params[:ES_USER] = es_user.username if es_install.type == 'tarball' - params[:ES_GROUP] = es_user.groupname if es_install.type == 'tarball' - params[:ES_STARTUP_SLEEP_TIME] = new_resource.startup_sleep_seconds.to_s - params[:MAX_OPEN_FILES] = new_resource.nofile_limit - params[:MAX_LOCKED_MEMORY] = new_resource.memlock_limit - params[:MAX_MAP_COUNT] = new_resource.max_map_count - - default_config_name = es_svc.service_name || es_svc.instance_name || new_resource.instance_name || 'elasticsearch' - - shell_template = template "elasticsearch.in.sh-#{default_config_name}" do - path %w[rhel amazon].include?(node['platform_family']) ? "/etc/sysconfig/#{default_config_name}" : "/etc/default/#{default_config_name}" - source new_resource.template_elasticsearch_env - cookbook new_resource.cookbook_elasticsearch_env - mode '0644' - variables(params: params) - action :nothing - end - shell_template.run_action(:create) - new_resource.updated_by_last_action(true) if shell_template.updated_by_last_action? - - # Create jvm.options file - # - jvm_options_template = template "jvm_options-#{default_config_name}" do - path "#{new_resource.path_conf}/jvm.options" - source new_resource.template_jvm_options - cookbook new_resource.cookbook_jvm_options - owner es_user.username - group es_user.groupname - mode '0644' - variables(jvm_options: [ - "-Xms#{new_resource.allocated_memory}", - "-Xmx#{new_resource.allocated_memory}", - new_resource.jvm_options, - ].flatten.join("\n")) - action :nothing - end - jvm_options_template.run_action(:create) - new_resource.updated_by_last_action(true) if jvm_options_template.updated_by_last_action? - - # Create ES logging file - # - logging_template = template "log4j2_properties-#{default_config_name}" do - path "#{new_resource.path_conf}/log4j2.properties" - source new_resource.template_log4j2_properties - cookbook new_resource.cookbook_log4j2_properties - owner es_user.username - group es_user.groupname - mode '0640' - variables(logging: new_resource.logging) - action :nothing - end - logging_template.run_action(:create) - new_resource.updated_by_last_action(true) if logging_template.updated_by_last_action? - - # Create ES elasticsearch.yml file - # - merged_configuration = default_configuration.merge(new_resource.configuration.dup) - - # warn if someone is using symbols. we don't support. - found_symbols = merged_configuration.keys.select { |s| s.is_a?(Symbol) } - unless found_symbols.empty? - Chef::Log.warn("Please change the following to strings in order to work with this Elasticsearch cookbook: #{found_symbols.join(',')}") - end - - # workaround for https://github.com/elastic/cookbook-elasticsearch/issues/590 - config_vars = ElasticsearchCookbook::HashAndMashBlender.new(merged_configuration).to_hash - - yml_template = template "elasticsearch.yml-#{default_config_name}" do - path "#{new_resource.path_conf}/elasticsearch.yml" - source new_resource.template_elasticsearch_yml - cookbook new_resource.cookbook_elasticsearch_yml - owner es_user.username - group es_user.groupname - mode '0640' - helpers(ElasticsearchCookbook::Helpers) - variables(config: config_vars) - action :nothing - end - yml_template.run_action(:create) - new_resource.updated_by_last_action(true) if yml_template.updated_by_last_action? - end -end diff --git a/cookbooks/elasticsearch/libraries/provider_install.rb b/cookbooks/elasticsearch/libraries/provider_install.rb deleted file mode 100644 index bd2e2ac..0000000 --- a/cookbooks/elasticsearch/libraries/provider_install.rb +++ /dev/null @@ -1,238 +0,0 @@ -# Chef Provider for installing or removing Elasticsearch from package or tarball -# downloaded from elasticsearch.org and installed by package manager or ark resource -class ElasticsearchCookbook::InstallProvider < Chef::Provider::LWRPBase - include ElasticsearchCookbook::Helpers - include Chef::DSL::IncludeRecipe - provides :elasticsearch_install - - def whyrun_supported? - true # we only use core Chef resources that also support whyrun - end - - def action_install - if new_resource.type == 'tarball' - install_tarball_wrapper_action - elsif new_resource.type == 'package' - install_package_wrapper_action - elsif new_resource.type == 'repository' - install_repo_wrapper_action - else - raise "#{install_type} is not a valid install type" - end - end - - def action_remove - if new_resource.type == 'tarball' - remove_tarball_wrapper_action - elsif new_resource.type == 'package' - remove_package_wrapper_action - elsif new_resource.type == 'repository' - remove_repo_wrapper_action - else - raise "#{install_type} is not a valid install type" - end - end - - protected - - def install_repo_wrapper_action - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - unless es_user && es_user.username == 'elasticsearch' && es_user.groupname == 'elasticsearch' - raise 'Custom usernames/group names is not supported in Elasticsearch 6+ repository installation' - end - - if new_resource.enable_repository_actions - if node['platform_family'] == 'debian' - apt_r = apt_repo_resource - apt_r.run_action(:add) - new_resource.updated_by_last_action(true) if apt_r.updated_by_last_action? - else - yr_r = yum_repo_resource - yr_r.run_action(:create) - new_resource.updated_by_last_action(true) if yr_r.updated_by_last_action? - end - end - - if !new_resource.version.nil? && %w[rhel amazon].include?(node['platform_family']) && !new_resource.version.include?('-') - # NB: yum repo packages are broken in Chef if you don't specify a release - # https://github.com/chef/chef/issues/4103 - new_resource.version = "#{new_resource.version}-1" - end - - pkg_r = package 'elasticsearch' do - options new_resource.package_options - version new_resource.version - action :nothing - end - - pkg_r.run_action(:install) - new_resource.updated_by_last_action(true) if pkg_r.updated_by_last_action? - end - - def remove_repo_wrapper_action - if new_resource.enable_repository_actions - if node['platform_family'] == 'debian' - apt_r = apt_repo_resource - apt_r.run_action(:remove) - new_resource.updated_by_last_action(true) if apt_r.updated_by_last_action? - else - yr_r = yum_repo_resource - yr_r.run_action(:delete) - new_resource.updated_by_last_action(true) if yr_r.updated_by_last_action? - end - end - - pkg_r = package 'elasticsearch' do - options new_resource.package_options - version new_resource.version - action :nothing - end - pkg_r.run_action(:remove) - new_resource.updated_by_last_action(true) if pkg_r.updated_by_last_action? - end - - def install_package_wrapper_action - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - unless es_user && es_user.username == 'elasticsearch' && es_user.groupname == 'elasticsearch' - raise 'Custom usernames/group names is not supported in Elasticsearch 6+ package installation' - end - - found_download_url = determine_download_url(new_resource, node) - unless found_download_url - raise 'Could not determine download url for package on this platform' - end - - filename = found_download_url.split('/').last - checksum = determine_download_checksum(new_resource, node) - package_options = new_resource.package_options - - unless checksum - Chef::Log.warn("No checksum was provided for #{found_download_url}, this may download a new package on every chef run!") - end - - remote_file_r = remote_file "#{Chef::Config[:file_cache_path]}/#{filename}" do - source found_download_url - checksum checksum - mode '0644' - action :nothing - end - remote_file_r.run_action(:create) - new_resource.updated_by_last_action(true) if remote_file_r.updated_by_last_action? - - pkg_r = if node['platform_family'] == 'debian' - dpkg_package "#{Chef::Config[:file_cache_path]}/#{filename}" do - options package_options - action :nothing - end - else - package "#{Chef::Config[:file_cache_path]}/#{filename}" do - options package_options - action :nothing - end - end - - pkg_r.run_action(:install) - new_resource.updated_by_last_action(true) if pkg_r.updated_by_last_action? - end - - def remove_package_wrapper_action - package_url = determine_download_url(new_resource, node) - filename = package_url.split('/').last - - pkg_r = if node['platform_family'] == 'debian' - dpkg_package "#{Chef::Config[:file_cache_path]}/#{filename}" do - action :nothing - end - else - package "#{Chef::Config[:file_cache_path]}/#{filename}" do - action :nothing - end - end - - pkg_r.run_action(:remove) - new_resource.updated_by_last_action(true) if pkg_r.updated_by_last_action? - end - - def install_tarball_wrapper_action - include_recipe 'ark' - - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - found_download_url = determine_download_url(new_resource, node) - unless found_download_url - raise 'Could not determine download url for tarball on this platform' - end - - ark_r = ark 'elasticsearch' do - url found_download_url - owner es_user.username - group es_user.groupname - version new_resource.version - has_binaries ['bin/elasticsearch', 'bin/elasticsearch-plugin'] - checksum determine_download_checksum(new_resource, node) - prefix_root new_resource.dir - prefix_home new_resource.dir - - not_if do - link = "#{new_resource.dir}/elasticsearch" - target = "#{new_resource.dir}/elasticsearch-#{new_resource.version}" - binary = "#{target}/bin/elasticsearch" - - ::File.directory?(link) && ::File.symlink?(link) && ::File.readlink(link) == target && ::File.exist?(binary) - end - action :nothing - end - ark_r.run_action(:install) - new_resource.updated_by_last_action(true) if ark_r.updated_by_last_action? - - # destroy the sample config directory for tarball installs, or it will - # take precedence beyond the default stuff in /etc/elasticsearch and within - # /etc/sysconfig or /etc/default - sample_r = directory "#{new_resource.dir}/elasticsearch/config" do - action :nothing - recursive true - end - sample_r.run_action(:delete) - new_resource.updated_by_last_action(true) if sample_r.updated_by_last_action? - end - - def remove_tarball_wrapper_action - # remove the symlink to this version - link_r = link "#{new_resource.dir}/elasticsearch" do - only_if do - link = "#{new_resource.dir}/elasticsearch" - target = "#{new_resource.dir}/elasticsearch-#{new_resource.version}" - - ::File.directory?(link) && ::File.symlink?(link) && ::File.readlink(link) == target - end - action :nothing - end - link_r.run_action(:delete) - new_resource.updated_by_last_action(true) if link_r.updated_by_last_action? - - # remove the specific version - d_r = directory "#{new_resource.dir}/elasticsearch-#{new_resource.version}" do - recursive true - action :nothing - end - d_r.run_action(:delete) - new_resource.updated_by_last_action(true) if d_r.updated_by_last_action? - end - - def yum_repo_resource - yum_repository "elastic-#{new_resource.version.to_i}.x" do - baseurl "https://artifacts.elastic.co/packages/#{new_resource.version.to_i}.x/yum" - gpgkey 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' - action :nothing # :add, remove - end - end - - def apt_repo_resource - apt_repository "elastic-#{new_resource.version.to_i}.x" do - uri "https://artifacts.elastic.co/packages/#{new_resource.version.to_i}.x/apt" - key 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' - components ['main'] - distribution 'stable' - action :nothing # :create, :delete - end - end -end diff --git a/cookbooks/elasticsearch/libraries/provider_plugin.rb b/cookbooks/elasticsearch/libraries/provider_plugin.rb deleted file mode 100644 index 4f7e32e..0000000 --- a/cookbooks/elasticsearch/libraries/provider_plugin.rb +++ /dev/null @@ -1,108 +0,0 @@ -# Chef Provider for installing an elasticsearch plugin -class ElasticsearchCookbook::PluginProvider < Chef::Provider::LWRPBase - include ElasticsearchCookbook::Helpers - include Chef::Mixin::ShellOut - - provides :elasticsearch_plugin - - def whyrun_supported? - true # we only use core Chef resources that also support whyrun, or guard - end - - def action_install - return if plugin_exists(new_resource.plugin_name) - - # since install can take a URL argument instead - url_or_name = new_resource.url || new_resource.plugin_name - manage_plugin("install #{url_or_name}") - end # action - - def action_remove - return unless plugin_exists(new_resource.plugin_name) - - manage_plugin("remove #{new_resource.plugin_name}") - end # action - - def manage_plugin(arguments) - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - es_install = find_es_resource(Chef.run_context, :elasticsearch_install, new_resource) - es_conf = find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) - - assert_state_is_valid(es_user, es_install, es_conf) unless whyrun_mode? - - # shell_out! automatically raises on error, logs command output - # required for package installs that show up with parent dir owned by root - plugin_dir_exists = ::File.exist?(es_conf.path_plugins) - unless plugin_dir_exists - cmd_str = "mkdir -p #{es_conf.path_plugins}" - if whyrun_mode? - Chef::Log.info("Would run command: #{cmd_str}") - else - shell_out_as_user!(cmd_str, Chef.run_context) - new_resource.updated_by_last_action(true) - end - end - - unless plugin_exists(new_resource.plugin_name) - cmd_str = "#{es_conf.path_bin}/elasticsearch-plugin #{arguments.chomp(' ')} #{new_resource.options}".chomp(' ') - if whyrun_mode? - Chef::Log.info("Would run command: #{cmd_str}") - else - command_array = cmd_str.split(' ') - shell_out_as_user!(command_array, Chef.run_context) - new_resource.updated_by_last_action(true) - end - end - end - - def plugin_exists(name) - es_conf = find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) - path = es_conf.path_plugins - - Dir.entries(path).any? do |plugin| - next if plugin =~ /^\./ - name == plugin - end - rescue - false - end - - def assert_state_is_valid(_es_user, _es_install, es_conf) - unless es_conf.path_plugins # we do not check existence (may not exist if no plugins installed) - raise "Could not determine the plugin directory (#{es_conf.path_plugins}). Please check elasticsearch_configure[#{es_conf.name}]." - end - - unless es_conf.path_bin && ::File.exist?(es_conf.path_bin) - raise "Could not determine the binary directory (#{es_conf.path_bin}). Please check elasticsearch_configure[#{es_conf.name}]." - end - - true - end - - def shell_out_as_user!(command, run_ctx) - es_install = find_es_resource(run_ctx, :elasticsearch_install, new_resource) - es_conf = find_es_resource(run_ctx, :elasticsearch_configure, new_resource) - es_svc = find_es_resource(run_ctx, :elasticsearch_service, new_resource) - - # we need to figure out the env file path to set environment for plugins - default_config_name = es_svc.service_name || es_svc.instance_name || es_conf.instance_name || 'elasticsearch' - include_file_resource = find_exact_resource(run_ctx, :template, "elasticsearch.in.sh-#{default_config_name}") - env = { 'ES_INCLUDE' => include_file_resource.path } - - # Add HTTP Proxy vars unless explicitly told not to - if new_resource.chef_proxy - env['ES_JAVA_OPTS'] = "#{ENV['ES_JAVA_OPTS']} #{get_java_proxy_arguments}" - end - - # See this link for an explanation: - # https://www.elastic.co/guide/en/elasticsearch/plugins/2.1/plugin-management.html - if es_install.type == 'package' || es_install.type == 'repository' - # package installations should install plugins as root - shell_out!(command, :env => env, :timeout => 1200) - else - # non-package installations should install plugins as the ES user - es_user = find_es_resource(run_ctx, :elasticsearch_user, new_resource) - shell_out!(command, user: es_user.username, group: es_user.groupname, :env => env, :timeout => 1200) - end - end -end # provider diff --git a/cookbooks/elasticsearch/libraries/provider_service.rb b/cookbooks/elasticsearch/libraries/provider_service.rb deleted file mode 100644 index e834d90..0000000 --- a/cookbooks/elasticsearch/libraries/provider_service.rb +++ /dev/null @@ -1,140 +0,0 @@ -# Chef Provider for configuring an elasticsearch service in the init system -class ElasticsearchCookbook::ServiceProvider < Chef::Provider::LWRPBase - provides :elasticsearch_service - include ElasticsearchCookbook::Helpers - - def whyrun_supported? - true # we only use core Chef resources that also support whyrun - end - - def action_remove - raise "#{new_resource} remove not currently implemented" - end - - def action_configure - es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) - es_install = find_es_resource(Chef.run_context, :elasticsearch_install, new_resource) - es_conf = find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) - default_config_name = new_resource.service_name || new_resource.instance_name || es_conf.instance_name || 'elasticsearch' - - d_r = directory "#{es_conf.path_pid}-#{default_config_name}" do - path es_conf.path_pid - owner es_user.username - group es_user.groupname - mode '0755' - recursive true - action :nothing - end - d_r.run_action(:create) - new_resource.updated_by_last_action(true) if d_r.updated_by_last_action? - - # Create service for init and systemd - # - if new_resource.init_source - init_r = template "/etc/init.d/#{new_resource.service_name}" do - source new_resource.init_source - cookbook new_resource.init_cookbook - owner 'root' - mode '0755' - variables( - # we need to include something about #{progname} fixed in here. - program_name: new_resource.service_name, - install_type: es_install.type - ) - only_if { ::File.exist?('/etc/init.d') } - action :nothing - end - init_r.run_action(:create) - new_resource.updated_by_last_action(true) if init_r.updated_by_last_action? - end - - if new_resource.systemd_source - systemd_parent_r = directory "/usr/lib/systemd/system-#{default_config_name}" do - path '/usr/lib/systemd/system' - action :nothing - only_if { ::File.exist?('/usr/lib/systemd') } - end - systemd_parent_r.run_action(:create) - new_resource.updated_by_last_action(true) if systemd_parent_r.updated_by_last_action? - - default_conf_dir = %w[rhel amazon].include?(node['platform_family']) ? '/etc/sysconfig' : '/etc/default' - systemd_r = template "/usr/lib/systemd/system/#{new_resource.service_name}.service" do - source new_resource.systemd_source - cookbook new_resource.systemd_cookbook - owner 'root' - mode '0644' - variables( - # we need to include something about #{progname} fixed in here. - program_name: new_resource.service_name, - default_dir: default_conf_dir, - path_home: es_conf.path_home, - es_user: es_user.username, - es_group: es_user.groupname, - nofile_limit: es_conf.nofile_limit, - install_type: es_install.type - ) - only_if 'which systemctl' - action :nothing - end - systemd_r.run_action(:create) - # special case here -- must reload unit files if we modified one - if systemd_r.updated_by_last_action? - new_resource.updated_by_last_action(systemd_r.updated_by_last_action?) - - reload_r = execute "reload-systemd-#{new_resource.service_name}" do - command 'systemctl daemon-reload' - action :nothing - only_if 'which systemctl' - end - reload_r.run_action(:run) - end - end - - # flatten in an array here, in case the service_actions are a symbol vs. array - [new_resource.service_actions].flatten.each do |act| - passthrough_action(act) - end - end - - # Passthrough actions to service[service_name] - # - def action_enable - passthrough_action(:enable) - end - - def action_disable - passthrough_action(:disable) - end - - def action_start - passthrough_action(:start) - end - - def action_stop - passthrough_action(:stop) - end - - def action_restart - passthrough_action(:restart) - end - - def action_status - passthrough_action(:status) - end - - def passthrough_action(action) - svc_r = lookup_service_resource - svc_r.run_action(action) - new_resource.updated_by_last_action(true) if svc_r.updated_by_last_action? - end - - def lookup_service_resource - rc = Chef.run_context.resource_collection - rc.find("service[#{new_resource.service_name}]") - rescue - service new_resource.service_name do - supports status: true, restart: true - action :nothing - end - end -end diff --git a/cookbooks/elasticsearch/libraries/provider_user.rb b/cookbooks/elasticsearch/libraries/provider_user.rb deleted file mode 100644 index 59d4087..0000000 --- a/cookbooks/elasticsearch/libraries/provider_user.rb +++ /dev/null @@ -1,48 +0,0 @@ -# Chef Provider for creating a user and group for Elasticsearch -class ElasticsearchCookbook::UserProvider < Chef::Provider::LWRPBase - include ElasticsearchCookbook::Helpers - - provides :elasticsearch_user - - def whyrun_supported? - true # we only use core Chef resources that also support whyrun - end - - def action_create - group_r = group new_resource.groupname do - gid new_resource.gid - action :nothing - system true - end - group_r.run_action(:create) - new_resource.updated_by_last_action(true) if group_r.updated_by_last_action? - - user_r = user new_resource.username do - comment new_resource.comment - shell new_resource.shell - uid new_resource.uid - gid new_resource.groupname - - manage_home false - action :nothing - system true - end - user_r.run_action(:create) - new_resource.updated_by_last_action(true) if user_r.updated_by_last_action? - end - - def action_remove - # delete user before deleting the group - user_r = user new_resource.username do - action :nothing - end - user_r.run_action(:remove) - new_resource.updated_by_last_action(true) if user_r.updated_by_last_action? - - group_r = group new_resource.groupname do - action :nothing - end - group_r.run_action(:remove) - new_resource.updated_by_last_action(true) if group_r.updated_by_last_action? - end -end diff --git a/cookbooks/elasticsearch/libraries/resource_configure.rb b/cookbooks/elasticsearch/libraries/resource_configure.rb deleted file mode 100644 index 7062490..0000000 --- a/cookbooks/elasticsearch/libraries/resource_configure.rb +++ /dev/null @@ -1,92 +0,0 @@ -# Chef Resource for configuring an Elasticsearch node -class ElasticsearchCookbook::ConfigureResource < Chef::Resource::LWRPBase - resource_name :elasticsearch_configure - provides :elasticsearch_configure - - actions(:manage, :remove) - default_action :manage - - # this is what helps the various resources find each other - attribute(:instance_name, kind_of: String, default: nil) - - # if you override one of these, you should probably override them all - attribute(:path_home, kind_of: String, default: '/usr/share/elasticsearch') - attribute(:path_conf, kind_of: String, default: '/etc/elasticsearch') - attribute(:path_data, kind_of: String, default: '/var/lib/elasticsearch') - attribute(:path_logs, kind_of: String, default: '/var/log/elasticsearch') - attribute(:path_pid, kind_of: String, default: '/var/run/elasticsearch') - attribute(:path_plugins, kind_of: String, default: '/usr/share/elasticsearch/plugins') - attribute(:path_bin, kind_of: String, default: '/usr/share/elasticsearch/bin') - - attribute(:template_elasticsearch_env, kind_of: String, default: 'elasticsearch.in.sh.erb') - attribute(:cookbook_elasticsearch_env, kind_of: String, default: 'elasticsearch') - - attribute(:template_jvm_options, kind_of: String, default: 'jvm_options.erb') - attribute(:cookbook_jvm_options, kind_of: String, default: 'elasticsearch') - - attribute(:template_elasticsearch_yml, kind_of: String, default: 'elasticsearch.yml.erb') - attribute(:cookbook_elasticsearch_yml, kind_of: String, default: 'elasticsearch') - - attribute(:template_log4j2_properties, kind_of: String, default: 'log4j2.properties.erb') - attribute(:cookbook_log4j2_properties, kind_of: String, default: 'elasticsearch') - - attribute(:logging, kind_of: Hash, default: {}.freeze) - attribute(:java_home, kind_of: String, default: nil) - - # other settings in /etc/default or /etc/sysconfig - attribute(:memlock_limit, kind_of: String, default: 'unlimited') - attribute(:max_map_count, kind_of: String, default: '262144') - attribute(:nofile_limit, kind_of: String, default: '65536') - attribute(:startup_sleep_seconds, kind_of: [String, Integer], default: 5) - attribute(:restart_on_upgrade, kind_of: [TrueClass, FalseClass], default: false) - - # Calculations for this are done in the provider, as we can't do them in the - # resource definition. default is 50% of RAM or 31GB, which ever is smaller. - attribute(:allocated_memory, kind_of: String) - - attribute(:jvm_options, kind_of: Array, default: - %w( - -XX:+UseConcMarkSweepGC - -XX:CMSInitiatingOccupancyFraction=75 - -XX:+UseCMSInitiatingOccupancyOnly - -XX:+AlwaysPreTouch - -server - -Xss1m - -Djava.awt.headless=true - -Dfile.encoding=UTF-8 - -Djna.nosys=true - -XX:-OmitStackTraceInFastThrow - -Dio.netty.noUnsafe=true - -Dio.netty.noKeySetOptimization=true - -Dio.netty.recycler.maxCapacityPerThread=0 - -Dlog4j.shutdownHookEnabled=false - -Dlog4j2.disable.jmx=true - -XX:+HeapDumpOnOutOfMemoryError - ).freeze) - - # These are the default settings. Most of the time, you want to override - # the `configuration` attribute below. If you do override the defaults, you - # must supply ALL needed defaults, and don't use nil as a value in the hash. - attribute(:default_configuration, kind_of: Hash, default: { - # === NAMING - 'cluster.name' => 'elasticsearch', - # can't access node.name, so expect to have to set set this - 'node.name' => Chef::Config[:node_name], - - # if omitted or nil, these will be populated from attributes above - 'path.data' => nil, # see path_data above - 'path.logs' => nil, # see path_logs above - - # Refer to ES documentation on how to configure these to a - # specific node role/type instead of using the defaults - # - # 'node.data' => ?, - # 'node.master' => ?, - }.freeze) - - # These settings are merged with the `default_configuration` attribute, - # allowing you to override and set specific settings. Unless you intend to - # wipe out all default settings, your configuration items should go here. - # - attribute(:configuration, kind_of: Hash, default: {}.freeze) -end diff --git a/cookbooks/elasticsearch/libraries/resource_install.rb b/cookbooks/elasticsearch/libraries/resource_install.rb deleted file mode 100644 index c6ae796..0000000 --- a/cookbooks/elasticsearch/libraries/resource_install.rb +++ /dev/null @@ -1,31 +0,0 @@ -# Chef Resource for installing or removing Elasticsearch from package or source -class ElasticsearchCookbook::InstallResource < Chef::Resource::LWRPBase - resource_name :elasticsearch_install - provides :elasticsearch_install - - actions(:install, :remove) - default_action :install - - # this is what helps the various resources find each other - attribute(:instance_name, kind_of: String) - - # if this version parameter is not set by the caller, we look at - # `attributes/default.rb` for a default value to use, or we raise - attribute(:version, kind_of: String, default: '7.4.2') - - # we allow a string or symbol for this value - attribute(:type, kind_of: String, equal_to: %w(package tarball repository), default: 'repository') - - # these use `attributes/default.rb` for default values per platform and install type - attribute(:download_url, kind_of: String) - attribute(:download_checksum, kind_of: String) # sha256 - - # where to install? - attribute(:dir, kind_of: String, default: '/usr/share') - - # attributes used by the package-flavor provider - attribute(:package_options, kind_of: String) - - # attributes for the repository-option install - attribute(:enable_repository_actions, kind_of: [TrueClass, FalseClass], default: true) -end diff --git a/cookbooks/elasticsearch/libraries/resource_plugin.rb b/cookbooks/elasticsearch/libraries/resource_plugin.rb deleted file mode 100644 index cf3e353..0000000 --- a/cookbooks/elasticsearch/libraries/resource_plugin.rb +++ /dev/null @@ -1,19 +0,0 @@ -# Chef Resource for installing an elasticsearch plugin -class ElasticsearchCookbook::PluginResource < Chef::Resource::LWRPBase - resource_name :elasticsearch_plugin - provides :elasticsearch_plugin - - include ElasticsearchCookbook::Helpers - - actions(:install, :remove) - default_action :install - - # if the name or url are different from the resource name - attribute(:plugin_name, kind_of: String, name_attribute: true) - attribute(:url, kind_of: String, default: nil) - attribute(:chef_proxy, kind_of: [TrueClass, FalseClass], default: false) - attribute(:options, kind_of: String, default: '') - - # this is what helps the various resources find each other - attribute(:instance_name, kind_of: String, default: nil) -end diff --git a/cookbooks/elasticsearch/libraries/resource_service.rb b/cookbooks/elasticsearch/libraries/resource_service.rb deleted file mode 100644 index a73c529..0000000 --- a/cookbooks/elasticsearch/libraries/resource_service.rb +++ /dev/null @@ -1,28 +0,0 @@ -# Chef Resource for declaring a service for Elasticsearch -class ElasticsearchCookbook::ServiceResource < Chef::Resource::LWRPBase - resource_name :elasticsearch_service - provides :elasticsearch_service - - actions( - :configure, :remove, # our custom actions - :enable, :disable, :start, :stop, :restart, :status # passthrough to service resource - ) - default_action :configure - - # this is what helps the various resources find each other - attribute(:instance_name, kind_of: String, default: nil) - - attribute(:service_name, kind_of: String, name_attribute: true) - attribute(:args, kind_of: String, default: '-d') - - # service actions - attribute(:service_actions, kind_of: [Symbol, String, Array], default: [:enable, :start].freeze) - - # allow overridable init script - attribute(:init_source, kind_of: String, default: 'initscript.erb') - attribute(:init_cookbook, kind_of: String, default: 'elasticsearch') - - # allow overridable systemd unit - attribute(:systemd_source, kind_of: String, default: 'systemd_unit.erb') - attribute(:systemd_cookbook, kind_of: String, default: 'elasticsearch') -end diff --git a/cookbooks/elasticsearch/libraries/resource_user.rb b/cookbooks/elasticsearch/libraries/resource_user.rb deleted file mode 100644 index dbba0a3..0000000 --- a/cookbooks/elasticsearch/libraries/resource_user.rb +++ /dev/null @@ -1,19 +0,0 @@ -# Chef Resource for declaring a user and group for Elasticsearch -class ElasticsearchCookbook::UserResource < Chef::Resource::LWRPBase - resource_name :elasticsearch_user - provides :elasticsearch_user - - actions(:create, :remove) - default_action :create - - # this is what helps the various resources find each other - attribute(:instance_name, kind_of: String, default: nil) - - attribute(:username, kind_of: String, name_attribute: true) # default to resource name - attribute(:uid, kind_of: Integer) - attribute(:shell, kind_of: String, default: '/bin/bash') - attribute(:comment, kind_of: String, default: 'Elasticsearch User') - - attribute(:groupname, kind_of: String, name_attribute: true) # default to resource name - attribute(:gid, kind_of: Integer) -end diff --git a/cookbooks/elasticsearch/libraries/versions.rb b/cookbooks/elasticsearch/libraries/versions.rb new file mode 100644 index 0000000..6fef8f1 --- /dev/null +++ b/cookbooks/elasticsearch/libraries/versions.rb @@ -0,0 +1,220 @@ +module ElasticsearchCookbook + module VersionHelpers + def default_download_url(version) + platform_family = node['platform_family'] + machine = node['kernel']['machine'] + + case platform_family + when 'debian' + arch = machine.include?('x86_64') ? 'amd64' : 'arm64' + file_type = 'deb' + when 'rhel', 'fedora', 'amazon' + arch = machine.include?('x86_64') ? 'x86_64' : 'aarch64' + file_type = 'rpm' + else + raise "Unsupported platform family: #{platform_family}" + end + + base_url = 'https://artifacts.elastic.co/downloads/elasticsearch' + "#{base_url}/elasticsearch-#{version}-#{arch}.#{file_type}" + end + + def checksum_platform + platform_family = node['platform_family'] + arch = if arm? + platform_family == 'debian' ? 'arm64' : 'aarch64' + else + 'x86_64' + end + + "#{platform_family == 'debian' ? 'debian' : 'rpm'}_#{arch}" + end + + def default_download_checksum(version) + case version + when '6.5.0' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.5.1' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.5.2' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => '9cb0997dc6d2be16c988c0ee43ccafd19a8b2e757326af84f4cead40f74c614f', + } + when '6.5.3' + { + 'rpm_x86_64' => '2f3eb7682e06211061bea90a0314a515f0c4ef683f45c8e57bfb1dfb14679c3a', + 'debian_x86_64' => '38b30461201fe8d126d124f04d961e7c037bea7a6fb9ca485c08e681d8d30456', + } + when '6.5.4' + { + 'rpm_x86_64' => 'aa4006f754bd1a0bfaa338ba40d93a1762917c1862951577c62b1f073026b5ba', + 'debian_x86_64' => 'c0a062ffb45f989cd3091c66f62605178c41c3735991d95506a6986a90924833', + } + when '6.6.0' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.6.1' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.6.2' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.7.0' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.7.1' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.7.2' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.8.2' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.8.3' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.8.4' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.8.5' + { + 'rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '6.8.6' + { + 'rpm_x86_64' => '4880396d1a78046efe4a6ec45c1cc2f1f9f0d328466aa32355e95f9834d9d0af', + 'debian_x86_64' => '82dce29bb3c9108f44e936c3fc6200ce7264bb1a27c1a1cc6dde39b6eac03487', + } + when '7.0.1' + { + 'x86_64rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_arm64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '7.1.0' + { + 'debian_arm64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'x86_64rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + } + when '7.1.1' + { + 'x86_64rpm_x86_64' => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', + 'debian_arm64' => '2ef15cb7e37d32b93c51ad537959831bd72cac2627f255d22cc574cec5de6aef', + } + when '7.2.0' + { + 'debian_x86_64' => '1ff7b88c4bc38438a67719df499b17d4f7082a77eda89f39016f83414554ea95', + 'rpm_x86_64' => 'a854decb443631a0031a9492c1d5acbed00222381cb63cba68ae6d5deee3994c', + } + when '7.2.1' + { + 'debian_x86_64' => '41f507b83fc49a3da5109afd18cc626ec5458acf567f00a80ac3f1c34b6d4b7f', + 'rpm_x86_64' => '96fdac0a8e6c74182d920b39e3f4830b722731a646126222c189e12a95302e6e', + } + when '7.3.0' + { + 'debian_x86_64' => '72ae24cf0f5d97a307f35d116a41e1165e80f58f08b0ca4e6de3ec5228f06f9c', + 'rpm_x86_64' => 'f49dc809cf48369b70546f13dfb28b43e1a07387b681ca786c794762d52847ca', + } + when '7.3.1' + { + 'debian_x86_64' => '570af7456603fd103408ed61ccec4473302976d46e1ff845b74a881122977e02', + 'rpm_x86_64' => '240f93d16da4c20d2cc377b7c6a61dbf4fb9634d74829ccb5f7cd42c023bc967', + } + when '7.3.2' + { + 'debian_x86_64' => '690e98653b3dc50ec5f8e65c480ec41c8c4db0d2c63b5ed3f25fef53d6aaaa55', + 'rpm_x86_64' => 'bdada0a4c7b5574c41726154212b6b25373e2b4d7d2a64e24238b206ad422ecd', + } + when '7.4.0' + { + 'debian_x86_64' => '3edf17d9d63a08a0f7eb7d9727a1737e1c770277f64fe44342115e62f752cc51', + 'rpm_x86_64' => '1bfae41734c77af3bc66084ac0cc04add1190f9311b045d3c184ea7b3e688334', + } + when '7.4.1' + { + 'debian_x86_64' => '55a92288e81856e9bb6c36c0f7149b24cf36432527ca809fc48e25775b0cf584', + 'rpm_x86_64' => '8ec30fbd95235cb15d0f27cd40f75a43f640f5832e2ee2d44fe8d2983cd5724f', + } + when '7.4.2' + { + 'debian_x86_64' => '514a8e21e173481edb9130ebbf33f15209b467df5c2222632d63c4527c16abc6', + 'rpm_x86_64' => 'af616eed2cd30411f400dee0c993eb8fccd55e510548697d7cc0eb178ac4adec', + } + when '7.5.0' + { + 'debian_x86_64' => '5b167d15461049f6aa58a96d805c9bcd297ad19467392eea125ce91c5eaaf908', + 'rpm_x86_64' => 'a8e802c74c3163272fb7119a9d23c1e8f7bbe76e6502a3fcc30709705bc57f4a', + } + when '7.5.1' + { + 'debian_x86_64' => 'e566a88e15d8f85cf793c8f971b51eeae6465a0aa73f968ae4b1ee6aa71e4c20', + 'rpm_x86_64' => 'e6202bba2bd8644d23dcbef9ad7780c847dfe4ee699d3dc1804f6f62eed59c2d', + } + when '7.16.3' + { + 'debian_x86_64' => '03992d97930b734155981076b3cd250c22742f3876f5f135f374940d1cb3ae2e', + 'debian_arm64' => 'c383e5b45eb070e1b6d53b9dc56218634794e2e0b27ea42a7d4a12650eec2b70', + 'rpm_aarch64' => 'f833e86db87240bcdc822ea40fc6103f019c35bafcfd7ac6063ef01d5b588e1c', + 'rpm_x86_64' => '9edf142b9a25b9000a9bf8638bc0590916f367b66e4abb3ce80d8f00f9de0c9c', + } + when '7.17.8' + { + 'debian_x86_64' => 'd4875477129214519f6150aaf35374103f075886913307d6ed7c138d04ae6fa1', + 'debian_arm64' => '7dd69704b8d6d71aa58bb05f86d63fb34c00f2fcabdff244e9dab37226ca48af', + 'rpm_aarch64' => 'bb151d40c7979e5c5c6b9b1a227d494bb463642af938a6b21ae46a4eae767c74', + 'rpm_x86_64' => 'd1d1cf15143029c658224d39ebf174f8da802bb26800cd88f974ad2a0ee16484', + } + when '7.17.9' + { + 'debian_x86_64' => '7832e13c0b67239370058b729d321af1a12f0b329c0a3828c57d2fd4a9cb6555', + 'debian_arm64' => 'ec7064982bd3601280478b5d1ea01b8b8d95cbaaffad441e7bef194c53e8cccd', + 'rpm_aarch64' => '16a6e97440b0a4542d9d69168287fe143d40db138e9a3fd3e6348e60abe77175', + 'rpm_x86_64' => '751beebbe28ebefcd451796c1075208421b109bdae752383122142fd00a04559', + } + when '8.6.1' + { + 'debian_x86_64' => 'a4ea8a7409a9c32752688f03f1df628624fa48a1c38bc5d0eee21883d5b34083', + 'debian_arm64' => '84fbd0d36e98aff028eac5027e4bcc2cc8b84bf63dc175fc72e4ea3649c5c8b7', + 'rpm_aarch64' => '39e80fe8cc3b864601848e008cf8a0b45b76076408abac093bedc14d0c1328bf', + 'rpm_x86_64' => '939daa9480693df658d75bd38c75c2cbf5876e31ff74a543ef8a9d45a81ac728', + } + when '8.6.2' + { + 'debian_x86_64' => '8bd0b859e7fa7df8d9e632120c327530f088c5b564cd3b5538eda1b92a181676', + 'debian_arm64' => '6e0088c9ac8c2d51f3d60360607f344b6511feaf5d0f3931a4c9d81448757ba9', + 'rpm_aarch64' => 'f20a70195e807e1b2981ec37960df8fffef5412f89936b0834d9e8d64d2c8cc1', + 'rpm_x86_64' => '5fc28cdfd3aeeeb746778ca873ce47d9836eb6d26746a562b98650c655bb8a3b', + } + else + raise "Unsupported version #{version}" + end + end + end +end diff --git a/cookbooks/elasticsearch/metadata.json b/cookbooks/elasticsearch/metadata.json index 21d45f1..ee16b42 100644 --- a/cookbooks/elasticsearch/metadata.json +++ b/cookbooks/elasticsearch/metadata.json @@ -1 +1,41 @@ -{"name":"elasticsearch","version":"4.3.0","description":"Installs and configures Elasticsearch","long_description":"","maintainer":"Karel Minarik","maintainer_email":"karel.minarik@elasticsearch.org","license":"Apache-2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","redhat":">= 0.0.0","ubuntu":">= 0.0.0"},"dependencies":{"apt":">= 0.0.0","yum":">= 0.0.0","chef-sugar":">= 0.0.0","ark":">= 0.0.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/elastic/cookbook-elasticsearch","issues_url":"https://github.com/elastic/cookbook-elasticsearch/issues","chef_version":[[">= 12.5"]],"ohai_version":[]} \ No newline at end of file +{ + "name": "elasticsearch", + "description": "Installs and configures Elasticsearch", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "amazon": ">= 0.0.0", + "centos": ">= 0.0.0", + "debian": ">= 0.0.0", + "fedora": ">= 0.0.0", + "redhat": ">= 0.0.0", + "ubuntu": ">= 0.0.0" + }, + "dependencies": { + "ark": ">= 0.0.0" + }, + "providing": { + + }, + "recipes": { + + }, + "version": "5.1.3", + "source_url": "https://github.com/sous-chefs/elasticsearch", + "issues_url": "https://github.com/sous-chefs/elasticsearch/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 15.3" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/elasticsearch/metadata.rb b/cookbooks/elasticsearch/metadata.rb index a7eec6d..30d05a6 100644 --- a/cookbooks/elasticsearch/metadata.rb +++ b/cookbooks/elasticsearch/metadata.rb @@ -1,24 +1,18 @@ -# Encoding: utf-8 name 'elasticsearch' -maintainer 'Karel Minarik' -maintainer_email 'karel.minarik@elasticsearch.org' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' license 'Apache-2.0' description 'Installs and configures Elasticsearch' -version '4.3.0' +version '5.1.3' +issues_url 'https://github.com/sous-chefs/elasticsearch/issues' +source_url 'https://github.com/sous-chefs/elasticsearch' +chef_version '>= 15.3' -supports 'amazon' -supports 'centos' -supports 'debian' -supports 'fedora' -supports 'redhat' -supports 'ubuntu' +supports 'amazon' +supports 'centos' +supports 'debian' +supports 'fedora' +supports 'redhat' +supports 'ubuntu' -depends 'apt' -depends 'yum' -depends 'chef-sugar' -depends 'ark' - -issues_url 'https://github.com/elastic/cookbook-elasticsearch/issues' -source_url 'https://github.com/elastic/cookbook-elasticsearch' - -chef_version '>= 12.5' if respond_to?(:chef_version) +depends 'ark' diff --git a/cookbooks/elasticsearch/recipes/default.rb b/cookbooks/elasticsearch/recipes/default.rb deleted file mode 100644 index efc7a15..0000000 --- a/cookbooks/elasticsearch/recipes/default.rb +++ /dev/null @@ -1,46 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: elasticsearch -# Recipe:: default -# - -include_recipe 'chef-sugar' - -# see README.md and test/fixtures/cookbooks for more examples! -elasticsearch_user 'elasticsearch' do - node['elasticsearch']['user'].each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end -end - -elasticsearch_install 'elasticsearch' do - node['elasticsearch']['install'].each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end -end - -elasticsearch_configure 'elasticsearch' do - node['elasticsearch']['configure'].each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end -end - -elasticsearch_service 'elasticsearch' do - node['elasticsearch']['service'].each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end -end - -# by default, no plugins -node['elasticsearch']['plugin'].each do |plugin_name, plugin_value| - elasticsearch_plugin plugin_name do - plugin_value.each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end - end -end diff --git a/cookbooks/elasticsearch/renovate.json b/cookbooks/elasticsearch/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/elasticsearch/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/elasticsearch/resources/configure.rb b/cookbooks/elasticsearch/resources/configure.rb new file mode 100644 index 0000000..b977919 --- /dev/null +++ b/cookbooks/elasticsearch/resources/configure.rb @@ -0,0 +1,230 @@ +unified_mode true +# this is what helps the various resources find each other +property :instance_name, String + +# If you override one of these, you should probably override them all +property :path_home, String, default: '/usr/share/elasticsearch' +property :path_conf, String, default: '/etc/elasticsearch' +property :path_data, [String, Array], default: '/var/lib/elasticsearch' +property :path_logs, String, default: '/var/log/elasticsearch' +property :path_pid, String, default: '/var/run/elasticsearch' +property :path_plugins, String, default: '/usr/share/elasticsearch/plugins' +property :path_bin, String, default: '/usr/share/elasticsearch/bin' + +property :template_elasticsearch_env, String, default: 'elasticsearch.in.sh.erb' +property :cookbook_elasticsearch_env, String, default: 'elasticsearch' + +property :template_jvm_options, String, default: 'jvm_options.erb' +property :cookbook_jvm_options, String, default: 'elasticsearch' + +property :template_elasticsearch_yml, String, default: 'elasticsearch.yml.erb' +property :cookbook_elasticsearch_yml, String, default: 'elasticsearch' + +property :template_log4j2_properties, String, default: 'log4j2.properties.erb' +property :cookbook_log4j2_properties, String, default: 'elasticsearch' + +property :logging, Hash, default: {}.freeze +property :java_home, String + +# other settings in /etc/default or /etc/sysconfig +property :memlock_limit, String, default: 'unlimited' +property :max_map_count, String, default: '262144' +property :nofile_limit, String, default: '65535' +property :startup_sleep_seconds, [String, Integer], default: 5 +property :restart_on_upgrade, [true, false], default: false + +# Calculations for this are done in the provider, as we can't do them in the +# resource definition. default is 50% of RAM or 31GB, which ever is smaller. +property :allocated_memory, String + +property :jvm_options, Array, default: + %w( + 8-13:-XX:+UseConcMarkSweepGC + 8-13:-XX:CMSInitiatingOccupancyFraction=75 + 8-13:-XX:+UseCMSInitiatingOccupancyOnly + 14-:-XX:+UseG1GC + -Djava.io.tmpdir=${ES_TMPDIR} + -XX:+HeapDumpOnOutOfMemoryError + 9-:-XX:+ExitOnOutOfMemoryError + -XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log + 8:-XX:+PrintGCDetails + 8:-XX:+PrintGCDateStamps + 8:-XX:+PrintTenuringDistribution + 8:-XX:+PrintGCApplicationStoppedTime + 8:-Xloggc:/var/log/elasticsearch/gc.log + 8:-XX:+UseGCLogFileRotation + 8:-XX:NumberOfGCLogFiles=32 + 8:-XX:GCLogFileSize=64m + 9-:-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m + ).freeze + +# These are the default settings. Most of the time, you want to override +# the `configuration` attribute below. If you do override the defaults, you +# must supply ALL needed defaults, and don't use nil as a value in the hash. +property :default_configuration, Hash, default: { + 'cluster.name' => 'elasticsearch', + 'node.name' => Chef::Config[:node_name], +} + +# These settings are merged with the `default_configuration` attribute, +# allowing you to override and set specific settings. Unless you intend to +# wipe out all default settings, your configuration items should go here. +# +property :configuration, Hash, default: {} + +include ElasticsearchCookbook::Helpers + +action :manage do + # lookup existing ES resources + es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) + es_svc = find_es_resource(Chef.run_context, :elasticsearch_service, new_resource) + es_install = find_es_resource(Chef.run_context, :elasticsearch_install, new_resource) + + default_configuration = new_resource.default_configuration.dup + # if a subdir parameter is missing but dir is set, infer the subdir name + # then go and be sure it's also set in the YML hash if it wasn't given there + if new_resource.path_data && default_configuration['path.data'].nil? + default_configuration['path.data'] = new_resource.path_data + end + + if new_resource.path_logs && default_configuration['path.logs'].nil? + default_configuration['path.logs'] = new_resource.path_logs + end + + # Calculation for memory allocation; 50% or 31g, whatever is smaller + # + unless new_resource.allocated_memory + half = ((node['memory']['total'].to_i * 0.5).floor / 1024) + malloc_str = (half > 30_500 ? '30500m' : "#{half}m") + new_resource.allocated_memory malloc_str + end + + # Create ES directories + # + [new_resource.path_conf, "#{new_resource.path_conf}/scripts"].each do |path| + directory path do + owner es_user.username + group es_user.groupname + mode '0750' + recursive true + action :create + end + end + + directory new_resource.path_logs do + owner es_user.username + group es_user.groupname + mode '0750' + recursive true + action :create + end + + if new_resource.path_data.is_a?(String) + directory new_resource.path_data do + owner es_user.username + group es_user.groupname + mode '0750' + recursive true + action :create + end + else + new_resource.path_data.each do |path| + directory path.strip do + owner es_user.username + group es_user.groupname + mode '0750' + recursive true + action :create + end + end + end + + # Create elasticsearch shell variables file + # + # Valid values in /etc/sysconfig/elasticsearch or /etc/default/elasticsearch + # ES_HOME JAVA_HOME ES_PATH_CONF DATA_DIR LOG_DIR PID_DIR ES_JAVA_OPTS + # RESTART_ON_UPGRADE ES_USER ES_GROUP ES_STARTUP_SLEEP_TIME MAX_OPEN_FILES + # MAX_LOCKED_MEMORY MAX_MAP_COUNT + # + # We provide these values as resource attributes/parameters directly + params = {} + params[:ES_HOME] = new_resource.path_home + params[:JAVA_HOME] = new_resource.java_home + params[:ES_PATH_CONF] = new_resource.path_conf + params[:DATA_DIR] = new_resource.path_data + params[:LOG_DIR] = new_resource.path_logs + params[:PID_DIR] = new_resource.path_pid + params[:RESTART_ON_UPGRADE] = new_resource.restart_on_upgrade + params[:ES_USER] = es_user.username if es_install.type == 'tarball' + params[:ES_GROUP] = es_user.groupname if es_install.type == 'tarball' + params[:ES_STARTUP_SLEEP_TIME] = new_resource.startup_sleep_seconds.to_s + params[:MAX_OPEN_FILES] = new_resource.nofile_limit + params[:MAX_LOCKED_MEMORY] = new_resource.memlock_limit + params[:MAX_MAP_COUNT] = new_resource.max_map_count + + default_config_name = es_svc.service_name || es_svc.instance_name || new_resource.instance_name || 'elasticsearch' + + with_run_context :root do + template "elasticsearch.in.sh-#{default_config_name}" do + path platform_family?('rhel', 'amazon') ? "/etc/sysconfig/#{default_config_name}" : "/etc/default/#{default_config_name}" + source new_resource.template_elasticsearch_env + cookbook new_resource.cookbook_elasticsearch_env + mode '0644' + variables(params: params) + action :create + end + end + + template "jvm_options-#{default_config_name}" do + path "#{new_resource.path_conf}/jvm.options" + source new_resource.template_jvm_options + cookbook new_resource.cookbook_jvm_options + owner es_user.username + group es_user.groupname + mode '0644' + variables(jvm_options: [ + "-Xms#{new_resource.allocated_memory}", + "-Xmx#{new_resource.allocated_memory}", + new_resource.jvm_options, + ].flatten.join("\n")) + action :create + end + + template "log4j2_properties-#{default_config_name}" do + path "#{new_resource.path_conf}/log4j2.properties" + source new_resource.template_log4j2_properties + cookbook new_resource.cookbook_log4j2_properties + owner es_user.username + group es_user.groupname + mode '0640' + variables(logging: new_resource.logging) + action :create + end + + # Create ES elasticsearch.yml file + # + merged_configuration = default_configuration.merge(new_resource.configuration.dup) + + # Warn if someone is using symbols. We don't support. + found_symbols = merged_configuration.keys.select { |s| s.is_a?(Symbol) } + unless found_symbols.empty? + Chef::Log.warn("Please change the following to strings in order to work with this Elasticsearch cookbook: #{found_symbols.join(',')}") + end + + # workaround for https://github.com/sous-chefs/elasticsearch/issues/590 + config_vars = ElasticsearchCookbook::HashAndMashBlender.new(merged_configuration).to_hash + + with_run_context :root do + template "elasticsearch.yml-#{default_config_name}" do + path "#{new_resource.path_conf}/elasticsearch.yml" + source new_resource.template_elasticsearch_yml + cookbook new_resource.cookbook_elasticsearch_yml + owner es_user.username + group es_user.groupname + mode '0640' + helpers(ElasticsearchCookbook::Helpers) + variables(config: config_vars) + action :create + end + end +end diff --git a/cookbooks/elasticsearch/resources/install.rb b/cookbooks/elasticsearch/resources/install.rb new file mode 100644 index 0000000..4e9525b --- /dev/null +++ b/cookbooks/elasticsearch/resources/install.rb @@ -0,0 +1,47 @@ +unified_mode true +use 'partial/_common' +use 'partial/_package' +use 'partial/_repository' + +property :type, + String, + equal_to: %w(package tarball repository), + default: 'repository' + +action :install do + case new_resource.type + when 'tarball' + raise 'Tarball method is not currently supported, due to no supporting systemd service' + when 'package' + elasticsearch_install_package "ElasticSearch #{new_resource.version}" do + version new_resource.version + instance_name new_resource.instance_name + download_url download_url + download_checksum download_checksum + end + when 'repository' + elasticsearch_install_repository "ElasticSearch #{new_resource.version}" do + version new_resource.version + instance_name new_resource.instance_name + enable_repository_actions new_resource.enable_repository_actions + package_options new_resource.package_options + end + else + raise "#{new_resource.type} is not a valid install type" + end +end + +action :remove do + case new_resource.type + when 'package' + elasticsearch_install_package "ElasticSearch #{new_resource.version}" do + action :remove + end + when 'repository' + elasticsearch_install_repository "ElasticSearch #{new_resource.version}" do + action :remove + end + else + raise "#{install_type} is not a valid install type" + end +end diff --git a/cookbooks/elasticsearch/resources/install_package.rb b/cookbooks/elasticsearch/resources/install_package.rb new file mode 100644 index 0000000..54148e4 --- /dev/null +++ b/cookbooks/elasticsearch/resources/install_package.rb @@ -0,0 +1,41 @@ +include ElasticsearchCookbook::Helpers +unified_mode true +use 'partial/_common' +use 'partial/_package' + +action :install do + remote_file "#{Chef::Config[:file_cache_path]}/#{filename_from_url}" do + source new_resource.download_url + checksum new_resource.download_checksum + mode '0644' + action :create + end + + if platform_family?('debian') + dpkg_package filename_from_url do + options new_resource.package_options + source "#{Chef::Config[:file_cache_path]}/#{filename_from_url}" + action :install + end + else + package filename_from_url do + options new_resource.package_options + source "#{Chef::Config[:file_cache_path]}/#{filename_from_url}" + action :install + end + end +end + +action :remove do + package "#{Chef::Config[:file_cache_path]}/#{filename_from_url}" do + action :temove + end +end + +action_class do + include ElasticsearchCookbook::Helpers + + def filename_from_url + new_resource.download_url.split('/').last + end +end diff --git a/cookbooks/elasticsearch/resources/install_repository.rb b/cookbooks/elasticsearch/resources/install_repository.rb new file mode 100644 index 0000000..2f3946f --- /dev/null +++ b/cookbooks/elasticsearch/resources/install_repository.rb @@ -0,0 +1,63 @@ +unified_mode true +use 'partial/_common' +use 'partial/_repository' + +include ElasticsearchCookbook::Helpers + +action :install do + major_version = new_resource.version.split('.')[0] + + es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) + + unless es_user && es_user.username == 'elasticsearch' && es_user.groupname == 'elasticsearch' + raise 'Custom usernames/group names is not supported in Elasticsearch 6+ repository installation' + end + + if new_resource.enable_repository_actions + if platform_family?('debian') + apt_repository "elastic-#{major_version}.x" do + uri 'https://artifacts.elastic.co/packages/7.x/apt' + key 'elasticsearch.asc' + cookbook 'elasticsearch' + components ['main'] + distribution 'stable' + end + else + yum_repository "elastic-#{major_version}.x" do + baseurl "https://artifacts.elastic.co/packages/#{major_version}.x/yum" + gpgkey 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' + action :create + end + end + end + + package 'elasticsearch' do + options new_resource.package_options + version new_resource.version + action :install + end +end + +action :remove do + if new_resource.enable_repository_actions + if platform_family?('debian') + apt_repository "elastic-#{new_resource.version}.x" do + action :remove + end + else + yum_repository "elastic-#{new_resource.version}.x" do + action :remove + end + end + end + + package 'elasticsearch' do + options new_resource.package_options + version new_resource.version + action :remove + end +end + +action_class do + include ElasticsearchCookbook::Helpers +end diff --git a/cookbooks/elasticsearch/resources/partial/_common.rb b/cookbooks/elasticsearch/resources/partial/_common.rb new file mode 100644 index 0000000..55d5c6e --- /dev/null +++ b/cookbooks/elasticsearch/resources/partial/_common.rb @@ -0,0 +1,12 @@ +include ElasticsearchCookbook::Helpers +include ElasticsearchCookbook::VersionHelpers + +property :instance_name, + String + +property :version, + String, + default: '7.17.9' + +property :package_options, + String diff --git a/cookbooks/elasticsearch/resources/partial/_package.rb b/cookbooks/elasticsearch/resources/partial/_package.rb new file mode 100644 index 0000000..b742e42 --- /dev/null +++ b/cookbooks/elasticsearch/resources/partial/_package.rb @@ -0,0 +1,7 @@ +property :download_url, + String, + default: lazy { default_download_url(new_resource.version) } + +property :download_checksum, + String, + default: lazy { default_download_checksum(new_resource.version)[checksum_platform] } diff --git a/cookbooks/elasticsearch/resources/partial/_repository.rb b/cookbooks/elasticsearch/resources/partial/_repository.rb new file mode 100644 index 0000000..a0db1a1 --- /dev/null +++ b/cookbooks/elasticsearch/resources/partial/_repository.rb @@ -0,0 +1,3 @@ +property :enable_repository_actions, + [true, false], + default: true diff --git a/cookbooks/elasticsearch/resources/plugin.rb b/cookbooks/elasticsearch/resources/plugin.rb new file mode 100644 index 0000000..559acff --- /dev/null +++ b/cookbooks/elasticsearch/resources/plugin.rb @@ -0,0 +1,84 @@ +unified_mode true + +include ElasticsearchCookbook::Helpers + +property :plugin_name, + String, + name_property: true + +property :url, + String + +property :options, + String, + default: '' + +# this is what helps the various resources find each other +property :instance_name, + String + +action :install do + execute "Install plugin #{new_resource.plugin_name}" do + command "#{es_conf.path_bin}/elasticsearch-plugin install #{new_resource.options} #{config[:plugin_name]}".chomp(' ') + not_if { plugin_exists? } + environment env + user config[:user] unless config[:install_type] == 'package' || config[:install_type] == 'repository' + group config[:group] unless config[:install_type] == 'package' || config[:install_type] == 'repository' + end +end + +action :remove do + execute "Remove plugin #{new_resource.plugin_name}" do + command "#{es_conf.path_bin}/elasticsearch-plugin remove #{new_resource.options} #{config[:plugin_name]}".chomp(' ') + only_if { plugin_exists? } + environment env + user config[:user] unless config[:install_type] == 'package' || config[:install_type] == 'repository' + group config[:group] unless config[:install_type] == 'package' || config[:install_type] == 'repository' + end +end + +action_class do + def es_user + find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) + end + + def es_install + find_es_resource(Chef.run_context, :elasticsearch_install, new_resource) + end + + def es_conf + find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) + end + + def env + include_file_resource = find_exact_resource(Chef.run_context, :template, "elasticsearch.in.sh-#{config[:name]}") + { 'ES_INCLUDE' => include_file_resource.path } + end + + def config + { + name: new_resource.instance_name || es_conf.instance_name || 'elasticsearch', + plugin_name: new_resource.url || new_resource.plugin_name, + install_type: es_install.type, + user: es_user.username, + group: es_user.groupname, + path_conf: es_conf.path_conf, + path_plugins: es_conf.path_plugins, + path_bin: es_conf.path_bin, + } + end + + def plugin_exists? + # This is quicker than shelling out to the plugin list command + # The plugin install command checks for the existsance of the plugin directory anyway + es_conf = find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) + path = es_conf.path_plugins + + Dir.entries(path).any? do |plugin| + next if plugin =~ /^\./ + config[:plugin_name] == plugin + end + rescue + false + end +end diff --git a/cookbooks/elasticsearch/resources/service.rb b/cookbooks/elasticsearch/resources/service.rb new file mode 100644 index 0000000..207f92f --- /dev/null +++ b/cookbooks/elasticsearch/resources/service.rb @@ -0,0 +1,126 @@ +unified_mode true + +include ElasticsearchCookbook::Helpers + +# this is what helps the various resources find each other +property :instance_name, + String + +property :service_name, + String, + name_property: true + +property :service_actions, + [Symbol, String, Array], + default: [:enable, :start] + +action :configure do + es_user = find_es_resource(Chef.run_context, :elasticsearch_user, new_resource) + es_conf = find_es_resource(Chef.run_context, :elasticsearch_configure, new_resource) + default_config_name = new_resource.service_name || new_resource.instance_name || es_conf.instance_name || 'elasticsearch' + + directory "#{es_conf.path_pid}-#{default_config_name}" do + path es_conf.path_pid + owner es_user.username + group es_user.groupname + mode '0755' + recursive true + action :create + end + + default_conf_dir = platform_family?('rhel', 'amazon') ? '/etc/sysconfig' : '/etc/default' + + systemd_unit new_resource.service_name do + content( + Unit: { + Description: 'Elasticsearch', + Documentation: 'https://www.elastic.co', + Wants: 'network-online.target', + After: 'network-online.target', + }, + Service: { + Type: 'notify', + RuntimeDirectory: 'elasticsearch', + PrivateTmp: 'true', + Environment: [ + "ES_HOME=#{es_conf.path_home}", + 'ES_PATH_CONF=/etc/elasticsearch', + "PID_DIR=#{es_conf.path_pid}", + 'ES_SD_NOTIFY=true', + ], + EnvironmentFile: "-#{default_conf_dir}/#{new_resource.service_name}", + WorkingDirectory: "#{es_conf.path_home}", + User: es_user.username, + Group: es_user.groupname, + ExecStart: "#{es_conf.path_home}/bin/systemd-entrypoint -p ${PID_DIR}/elasticsearch.pid --quiet", + StandardOutput: 'journal', + StandardError: 'inherit', + LimitNOFILE: '65535', + LimitNPROC: '4096', + LimitAS: 'infinity', + LimitFSIZE: 'infinity', + TimeoutStopSec: '0', + KillSignal: 'SIGTERM', + KillMode: 'process', + SendSIGKILL: 'no', + SuccessExitStatus: '143', + TimeoutStartSec: '900', + }, + Install: { + WantedBy: 'multi-user.target', + } + ) + verify false + action :create + unit_name "#{new_resource.service_name}.service" + end + + # flatten in an array here, in case the service_actions are a symbol vs. array + [new_resource.service_actions].flatten.each do |act| + passthrough_action(act) + end +end + +# Passthrough actions to service[service_name] +# +action :enable do + passthrough_action(:enable) +end + +action :disable do + passthrough_action(:disable) +end + +action :start do + passthrough_action(:start) +end + +action :stop do + passthrough_action(:stop) +end + +action :restart do + passthrough_action(:restart) +end + +action :status do + passthrough_action(:status) +end + +action_class do + def passthrough_action(action) + svc_r = lookup_service_resource + svc_r.run_action(action) + new_resource.updated_by_last_action(true) if svc_r.updated_by_last_action? + end + + def lookup_service_resource + rc = Chef.run_context.resource_collection + rc.find("service[#{new_resource.service_name}]") + rescue + service new_resource.service_name do + supports status: true, restart: true + action :nothing + end + end +end diff --git a/cookbooks/elasticsearch/resources/user.rb b/cookbooks/elasticsearch/resources/user.rb new file mode 100644 index 0000000..f7cd616 --- /dev/null +++ b/cookbooks/elasticsearch/resources/user.rb @@ -0,0 +1,73 @@ +include ElasticsearchCookbook::Helpers + +unified_mode true + +property :instance_name, + String + +property :username, + String, + name_property: true + +property :groupname, + String, + default: lazy { username } + +property :shell, + String, + default: '/bin/bash' + +property :uid, + Integer + +property :comment, + String, + default: 'Elasticsearch User' + +property :gid, + Integer + +action :create do + group_r = group new_resource.groupname do + gid new_resource.gid + action :nothing + system true + end + + group_r.run_action(:create) + + new_resource.updated_by_last_action(true) if group_r.updated_by_last_action? + + user_r = user new_resource.username do + comment new_resource.comment + shell new_resource.shell + uid new_resource.uid + gid new_resource.groupname + + manage_home false + action :nothing + system true + end + + user_r.run_action(:create) + + new_resource.updated_by_last_action(true) if user_r.updated_by_last_action? +end + +action :remove do + user_r = user new_resource.username do + action :nothing + end + + user_r.run_action(:remove) + + new_resource.updated_by_last_action(true) if user_r.updated_by_last_action? + + group_r = group new_resource.groupname do + action :nothing + end + + group_r.run_action(:remove) + + new_resource.updated_by_last_action(true) if group_r.updated_by_last_action? +end diff --git a/cookbooks/elasticsearch/templates/amazon/initscript.erb b/cookbooks/elasticsearch/templates/amazon/initscript.erb index 27ffdaa..352a3e5 100644 --- a/cookbooks/elasticsearch/templates/amazon/initscript.erb +++ b/cookbooks/elasticsearch/templates/amazon/initscript.erb @@ -33,7 +33,7 @@ fi # Sets the default values for elasticsearch variables used in this script ES_HOME="/usr/share/elasticsearch" -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 MAX_MAP_COUNT=262144 ES_PATH_CONF="/etc/elasticsearch" @@ -69,21 +69,7 @@ if [ ! -x "$exec" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - start() { - checkJava [ -x $exec ] || exit 5 if [ -n "$MAX_OPEN_FILES" ]; then @@ -92,7 +78,7 @@ start() { if [ -n "$MAX_LOCKED_MEMORY" ]; then ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/elasticsearch/templates/centos/initscript.erb b/cookbooks/elasticsearch/templates/centos/initscript.erb index 27ffdaa..352a3e5 100755 --- a/cookbooks/elasticsearch/templates/centos/initscript.erb +++ b/cookbooks/elasticsearch/templates/centos/initscript.erb @@ -33,7 +33,7 @@ fi # Sets the default values for elasticsearch variables used in this script ES_HOME="/usr/share/elasticsearch" -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 MAX_MAP_COUNT=262144 ES_PATH_CONF="/etc/elasticsearch" @@ -69,21 +69,7 @@ if [ ! -x "$exec" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - start() { - checkJava [ -x $exec ] || exit 5 if [ -n "$MAX_OPEN_FILES" ]; then @@ -92,7 +78,7 @@ start() { if [ -n "$MAX_LOCKED_MEMORY" ]; then ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/elasticsearch/templates/debian/initscript.erb b/cookbooks/elasticsearch/templates/debian/initscript.erb index c149ebb..e783dce 100644 --- a/cookbooks/elasticsearch/templates/debian/initscript.erb +++ b/cookbooks/elasticsearch/templates/debian/initscript.erb @@ -39,7 +39,7 @@ ES_HOME=/usr/share/$NAME #ES_JAVA_OPTS= # Maximum number of open files -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 # Maximum amount of locked memory #MAX_LOCKED_MEMORY= @@ -82,22 +82,8 @@ if [ ! -x "$DAEMON" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - case "$1" in start) - checkJava log_daemon_msg "Starting $DESC" @@ -124,7 +110,7 @@ case "$1" in ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/elasticsearch/templates/default/log4j2.properties.erb b/cookbooks/elasticsearch/templates/default/log4j2.properties.erb index b84cb77..913870d 100644 --- a/cookbooks/elasticsearch/templates/default/log4j2.properties.erb +++ b/cookbooks/elasticsearch/templates/default/log4j2.properties.erb @@ -7,14 +7,16 @@ logger.action.level = debug appender.console.type = Console appender.console.name = console appender.console.layout.type = PatternLayout -appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n +appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n +######## Server JSON ############################ appender.rolling.type = RollingFile appender.rolling.name = rolling -appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log -appender.rolling.layout.type = PatternLayout -appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.-10000m%n -appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.log.gz +appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_server.json +appender.rolling.layout.type = ESJsonLayout +appender.rolling.layout.type_name = server + +appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.json.gz appender.rolling.policies.type = Policies appender.rolling.policies.time.type = TimeBasedTriggeringPolicy appender.rolling.policies.time.interval = 1 @@ -29,60 +31,147 @@ appender.rolling.strategy.action.condition.type = IfFileName appender.rolling.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-* appender.rolling.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize appender.rolling.strategy.action.condition.nested_condition.exceeds = 2GB +################################################ +######## Server - old style pattern ########### +appender.rolling_old.type = RollingFile +appender.rolling_old.name = rolling_old +appender.rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log +appender.rolling_old.layout.type = PatternLayout +appender.rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n + +appender.rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.log.gz +appender.rolling_old.policies.type = Policies +appender.rolling_old.policies.time.type = TimeBasedTriggeringPolicy +appender.rolling_old.policies.time.interval = 1 +appender.rolling_old.policies.time.modulate = true +appender.rolling_old.policies.size.type = SizeBasedTriggeringPolicy +appender.rolling_old.policies.size.size = 128MB +appender.rolling_old.strategy.type = DefaultRolloverStrategy +appender.rolling_old.strategy.fileIndex = nomax +appender.rolling_old.strategy.action.type = Delete +appender.rolling_old.strategy.action.basepath = ${sys:es.logs.base_path} +appender.rolling_old.strategy.action.condition.type = IfFileName +appender.rolling_old.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-* +appender.rolling_old.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize +appender.rolling_old.strategy.action.condition.nested_condition.exceeds = 2GB +################################################ rootLogger.level = info rootLogger.appenderRef.console.ref = console rootLogger.appenderRef.rolling.ref = rolling +rootLogger.appenderRef.rolling_old.ref = rolling_old +######## Deprecation JSON ####################### appender.deprecation_rolling.type = RollingFile appender.deprecation_rolling.name = deprecation_rolling -appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log -appender.deprecation_rolling.layout.type = PatternLayout -appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.-10000m%n -appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.log.gz +appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.json +appender.deprecation_rolling.layout.type = ESJsonLayout +appender.deprecation_rolling.layout.type_name = deprecation +appender.deprecation_rolling.layout.esmessagefields=x-opaque-id + +appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.json.gz appender.deprecation_rolling.policies.type = Policies appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy appender.deprecation_rolling.policies.size.size = 1GB appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy appender.deprecation_rolling.strategy.max = 4 +################################################# +######## Deprecation - old style pattern ####### +appender.deprecation_rolling_old.type = RollingFile +appender.deprecation_rolling_old.name = deprecation_rolling_old +appender.deprecation_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log +appender.deprecation_rolling_old.layout.type = PatternLayout +appender.deprecation_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n +appender.deprecation_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _deprecation-%i.log.gz +appender.deprecation_rolling_old.policies.type = Policies +appender.deprecation_rolling_old.policies.size.type = SizeBasedTriggeringPolicy +appender.deprecation_rolling_old.policies.size.size = 1GB +appender.deprecation_rolling_old.strategy.type = DefaultRolloverStrategy +appender.deprecation_rolling_old.strategy.max = 4 +################################################# logger.deprecation.name = org.elasticsearch.deprecation logger.deprecation.level = warn logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling +logger.deprecation.appenderRef.deprecation_rolling_old.ref = deprecation_rolling_old logger.deprecation.additivity = false +######## Search slowlog JSON #################### appender.index_search_slowlog_rolling.type = RollingFile appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling -appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog.log -appender.index_search_slowlog_rolling.layout.type = PatternLayout -appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.-10000m%n -appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog-%d{yyyy-MM-dd}.log -appender.index_search_slowlog_rolling.policies.type = Policies -appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_search_slowlog_rolling.policies.time.interval = 1 -appender.index_search_slowlog_rolling.policies.time.modulate = true +appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\ + .cluster_name}_index_search_slowlog.json +appender.index_search_slowlog_rolling.layout.type = ESJsonLayout +appender.index_search_slowlog_rolling.layout.type_name = index_search_slowlog +appender.index_search_slowlog_rolling.layout.esmessagefields=message,took,took_millis,total_hits,types,stats,search_type,total_shards,source,id +appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs\ + .cluster_name}_index_search_slowlog-%i.json.gz +appender.index_search_slowlog_rolling.policies.type = Policies +appender.index_search_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy +appender.index_search_slowlog_rolling.policies.size.size = 1GB +appender.index_search_slowlog_rolling.strategy.type = DefaultRolloverStrategy +appender.index_search_slowlog_rolling.strategy.max = 4 +################################################# +######## Search slowlog - old style pattern #### +appender.index_search_slowlog_rolling_old.type = RollingFile +appender.index_search_slowlog_rolling_old.name = index_search_slowlog_rolling_old +appender.index_search_slowlog_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_search_slowlog.log +appender.index_search_slowlog_rolling_old.layout.type = PatternLayout +appender.index_search_slowlog_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n + +appender.index_search_slowlog_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_search_slowlog-%i.log.gz +appender.index_search_slowlog_rolling_old.policies.type = Policies +appender.index_search_slowlog_rolling_old.policies.size.type = SizeBasedTriggeringPolicy +appender.index_search_slowlog_rolling_old.policies.size.size = 1GB +appender.index_search_slowlog_rolling_old.strategy.type = DefaultRolloverStrategy +appender.index_search_slowlog_rolling_old.strategy.max = 4 +################################################# logger.index_search_slowlog_rolling.name = index.search.slowlog logger.index_search_slowlog_rolling.level = trace logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling +logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling_old.ref = index_search_slowlog_rolling_old logger.index_search_slowlog_rolling.additivity = false +######## Indexing slowlog JSON ################## appender.index_indexing_slowlog_rolling.type = RollingFile appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling -appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog.log -appender.index_indexing_slowlog_rolling.layout.type = PatternLayout -appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.-10000m%n -appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog-%d{yyyy-MM-dd}.log +appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_indexing_slowlog.json +appender.index_indexing_slowlog_rolling.layout.type = ESJsonLayout +appender.index_indexing_slowlog_rolling.layout.type_name = index_indexing_slowlog +appender.index_indexing_slowlog_rolling.layout.esmessagefields=message,took,took_millis,doc_type,id,routing,source + +appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_indexing_slowlog-%i.json.gz appender.index_indexing_slowlog_rolling.policies.type = Policies -appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.index_indexing_slowlog_rolling.policies.time.interval = 1 -appender.index_indexing_slowlog_rolling.policies.time.modulate = true +appender.index_indexing_slowlog_rolling.policies.size.type = SizeBasedTriggeringPolicy +appender.index_indexing_slowlog_rolling.policies.size.size = 1GB +appender.index_indexing_slowlog_rolling.strategy.type = DefaultRolloverStrategy +appender.index_indexing_slowlog_rolling.strategy.max = 4 +################################################# +######## Indexing slowlog - old style pattern ## +appender.index_indexing_slowlog_rolling_old.type = RollingFile +appender.index_indexing_slowlog_rolling_old.name = index_indexing_slowlog_rolling_old +appender.index_indexing_slowlog_rolling_old.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_indexing_slowlog.log +appender.index_indexing_slowlog_rolling_old.layout.type = PatternLayout +appender.index_indexing_slowlog_rolling_old.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n + +appender.index_indexing_slowlog_rolling_old.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}\ + _index_indexing_slowlog-%i.log.gz +appender.index_indexing_slowlog_rolling_old.policies.type = Policies +appender.index_indexing_slowlog_rolling_old.policies.size.type = SizeBasedTriggeringPolicy +appender.index_indexing_slowlog_rolling_old.policies.size.size = 1GB +appender.index_indexing_slowlog_rolling_old.strategy.type = DefaultRolloverStrategy +appender.index_indexing_slowlog_rolling_old.strategy.max = 4 +################################################# logger.index_indexing_slowlog.name = index.indexing.slowlog.index logger.index_indexing_slowlog.level = trace logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling +logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling_old.ref = index_indexing_slowlog_rolling_old logger.index_indexing_slowlog.additivity = false - -<% @logging.each do |k,v| %> -<%= k %>=<%= v %> -<% end %> diff --git a/cookbooks/elasticsearch/templates/default/systemd_unit.erb b/cookbooks/elasticsearch/templates/default/systemd_unit.erb index 8919a92..60f1fb2 100644 --- a/cookbooks/elasticsearch/templates/default/systemd_unit.erb +++ b/cookbooks/elasticsearch/templates/default/systemd_unit.erb @@ -1,20 +1,23 @@ [Unit] Description=Elasticsearch -Documentation=http://www.elastic.co +Documentation=https://www.elastic.co Wants=network-online.target After=network-online.target [Service] +Type=notify RuntimeDirectory=elasticsearch +PrivateTmp=true Environment=ES_HOME=/usr/share/elasticsearch Environment=ES_PATH_CONF=/etc/elasticsearch Environment=PID_DIR=/var/run/elasticsearch +Environment=ES_SD_NOTIFY=true EnvironmentFile=-<%= @default_dir %>/<%= @program_name %> WorkingDirectory=<%= @path_home %> -User=elasticsearch -Group=elasticsearch +User=<%= @es_user %> +Group=<%= @es_group %> ExecStart=<%= @path_home %>/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet @@ -28,7 +31,7 @@ StandardOutput=journal StandardError=inherit # Specifies the maximum file descriptor number that can be opened by this process -LimitNOFILE=65536 +LimitNOFILE=65535 # Specifies the maximum number of processes LimitNPROC=4096 @@ -57,4 +60,4 @@ SuccessExitStatus=143 [Install] WantedBy=multi-user.target -# Built for distribution-6.0.0 (distribution) +# Built by elasticsearch chef cookbook for elasticsearch version <%= @version %> diff --git a/cookbooks/elasticsearch/templates/oracle/initscript.erb b/cookbooks/elasticsearch/templates/oracle/initscript.erb index 27ffdaa..352a3e5 100755 --- a/cookbooks/elasticsearch/templates/oracle/initscript.erb +++ b/cookbooks/elasticsearch/templates/oracle/initscript.erb @@ -33,7 +33,7 @@ fi # Sets the default values for elasticsearch variables used in this script ES_HOME="/usr/share/elasticsearch" -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 MAX_MAP_COUNT=262144 ES_PATH_CONF="/etc/elasticsearch" @@ -69,21 +69,7 @@ if [ ! -x "$exec" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - start() { - checkJava [ -x $exec ] || exit 5 if [ -n "$MAX_OPEN_FILES" ]; then @@ -92,7 +78,7 @@ start() { if [ -n "$MAX_LOCKED_MEMORY" ]; then ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/elasticsearch/templates/redhat/initscript.erb b/cookbooks/elasticsearch/templates/redhat/initscript.erb index 27ffdaa..352a3e5 100644 --- a/cookbooks/elasticsearch/templates/redhat/initscript.erb +++ b/cookbooks/elasticsearch/templates/redhat/initscript.erb @@ -33,7 +33,7 @@ fi # Sets the default values for elasticsearch variables used in this script ES_HOME="/usr/share/elasticsearch" -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 MAX_MAP_COUNT=262144 ES_PATH_CONF="/etc/elasticsearch" @@ -69,21 +69,7 @@ if [ ! -x "$exec" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - start() { - checkJava [ -x $exec ] || exit 5 if [ -n "$MAX_OPEN_FILES" ]; then @@ -92,7 +78,7 @@ start() { if [ -n "$MAX_LOCKED_MEMORY" ]; then ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/elasticsearch/templates/ubuntu/initscript.erb b/cookbooks/elasticsearch/templates/ubuntu/initscript.erb index c149ebb..e783dce 100755 --- a/cookbooks/elasticsearch/templates/ubuntu/initscript.erb +++ b/cookbooks/elasticsearch/templates/ubuntu/initscript.erb @@ -39,7 +39,7 @@ ES_HOME=/usr/share/$NAME #ES_JAVA_OPTS= # Maximum number of open files -MAX_OPEN_FILES=65536 +MAX_OPEN_FILES=65535 # Maximum amount of locked memory #MAX_LOCKED_MEMORY= @@ -82,22 +82,8 @@ if [ ! -x "$DAEMON" ]; then exit 1 fi -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - case "$1" in start) - checkJava log_daemon_msg "Starting $DESC" @@ -124,7 +110,7 @@ case "$1" in ulimit -l $MAX_LOCKED_MEMORY fi - if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ]; then + if [ -n "$MAX_MAP_COUNT" -a -f /proc/sys/vm/max_map_count ] && [ "$MAX_MAP_COUNT" -gt $(cat /proc/sys/vm/max_map_count) ]; then sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT fi diff --git a/cookbooks/firewall/.foodcritic b/cookbooks/firewall/.foodcritic deleted file mode 100644 index b56b353..0000000 --- a/cookbooks/firewall/.foodcritic +++ /dev/null @@ -1,3 +0,0 @@ -~FC001 -~FC057 -~FC019 diff --git a/cookbooks/firewall/.markdownlint-cli2.yaml b/cookbooks/firewall/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/firewall/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/firewall/CHANGELOG.md b/cookbooks/firewall/CHANGELOG.md index 92cd7f7..1517fbe 100644 --- a/cookbooks/firewall/CHANGELOG.md +++ b/cookbooks/firewall/CHANGELOG.md @@ -1,291 +1,458 @@ -firewall Cookbook CHANGELOG -======================= +# firewall Cookbook CHANGELOG + This file is used to list changes made in each version of the firewall cookbook. +## 6.2.16 - *2023-05-17* + +## 6.2.15 - *2023-04-26* + +Update CI runner to MacOS 12 + +## 6.2.14 - *2023-04-17* + +## 6.2.13 - *2023-04-11* + +Fix documentation to pass markdown lint + +## 6.2.12 - *2023-04-07* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.11 - *2023-04-04* + +Fixed a typo in the readme + +## 6.2.10 - *2023-04-01* + +## 6.2.9 - *2023-04-01* + +## 6.2.8 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +Standardise files with files in sous-chefs/repo-management + +## 6.2.7 - *2023-03-02* + +## 6.2.6 - *2023-02-23* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.5 - *2023-02-16* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.4 - *2023-02-15* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.3 - *2022-12-08* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.2 - *2022-12-08* + +Standardise files with files in sous-chefs/repo-management + +## 6.2.1 - *2022-12-02* + +## 6.2.0 - *2022-12-02* + +- Add support for for the description attribute when using UFW + +## 6.1.0 - *2022-09-15* + +- Add filepath selection based on OS for nftables.conf + +## 6.0.2 - *2022-05-15* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.1 - *2022-05-13* + +- Standardise files with files in sous-chefs/repo-management + +## 6.0.0 - *2022-05-09* + +- Values for firewalld resources must be specified as one would + specify them to `firewall-cmd`. +- Do not use begin/rescue blocks when adding firewalld-objects, as + that resulted in errors being logged by firewalld. +- Various bug fixes that were found along the way. + +## 5.1.0 - *2022-05-07* + +- Add new providers for firewalld using the dbus-interface of firewalld. + +## 5.0.0 - *2022-04-20* + +- Add support for nftables + +## 4.0.3 - *2022-04-11* + +- Use resuable workflows instead of Chef Delivery + +## 4.0.2 - *2022-02-17* + +- Standardise files with files in sous-chefs/repo-management +- Remove delivery folder + +## 4.0.1 - *2022-01-07* + +- Remove extraneous task file that's no longer needed + +## 4.0.0 - *2021-09-09* + +- Remove dependency on chef-sugar cookbook +- Bump to require Chef Infra Client >= 15.5 for chef-utils +- Update metadata and README to Sous Chefs + +## 3.0.2 - *2021-08-30* + +- Standardise files with files in sous-chefs/repo-management + +## 3.0.1 - *2021-07-08* + +- Restart netfilter service in iptables mode after updating firewall rules + +## 3.0.0 - *2021-06-14* + +- Add Amazon Linux support +- Fix firewall resource actions list +- First attempt to modernize testing +- Various Cookstyle fixes + +## 2.7.1 - *2021-06-01* + +- resolved cookstyle error: libraries/helpers_windows.rb:47:9 convention: `Style/RedundantAssignment` +- resolved cookstyle error: libraries/helpers_windows.rb:48:9 convention: `Layout/IndentationWidth` +- resolved cookstyle error: libraries/helpers_windows.rb:49:16 convention: `Layout/ElseAlignment` +- resolved cookstyle error: libraries/helpers_windows.rb:50:9 convention: `Layout/IndentationWidth` +- resolved cookstyle error: libraries/helpers_windows.rb:51:16 warning: `Layout/EndAlignment` +- resolved cookstyle error: libraries/helpers_windows.rb:52:1 convention: `Layout/EmptyLinesAroundMethodBody` +- resolved cookstyle error: libraries/helpers_windows.rb:52:1 convention: `Layout/TrailingWhitespace` +- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:30:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:54:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:114:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:136:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_firewalld.rb:149:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables.rb:33:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables.rb:63:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables.rb:112:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables.rb:134:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:34:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:67:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:133:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu.rb:156:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:34:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:67:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:133:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_iptables_ubuntu1404.rb:156:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_rule.rb:24:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_ufw.rb:32:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_ufw.rb:61:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_ufw.rb:102:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_ufw.rb:115:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_windows.rb:29:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_windows.rb:42:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_windows.rb:97:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: libraries/provider_firewall_windows.rb:118:5 refactor: `ChefModernize/ActionMethodInResource` +- resolved cookstyle error: attributes/iptables.rb:8:54 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:8:54 convention: `Style/StringLiteralsInInterpolation` +- resolved cookstyle error: attributes/iptables.rb:8:63 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:8:64 convention: `Style/StringLiteralsInInterpolation` +- resolved cookstyle error: attributes/iptables.rb:9:56 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:9:56 convention: `Style/StringLiteralsInInterpolation` +- resolved cookstyle error: attributes/iptables.rb:9:65 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:9:66 convention: `Style/StringLiteralsInInterpolation` +- resolved cookstyle error: attributes/iptables.rb:10:55 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:10:55 convention: `Style/StringLiteralsInInterpolation` +- resolved cookstyle error: attributes/iptables.rb:10:64 refactor: `ChefStyle/AttributeKeys` +- resolved cookstyle error: attributes/iptables.rb:10:65 convention: `Style/StringLiteralsInInterpolation` + +## 2.7.0 (2018-12-19) + +- Nominal support for Debian 9 (#202) + ## 2.6.5 (2018-07-24) - use platform_family instead of platform to include all rhels -v2.6.4 (2018-07-01) -------------------- -* Stop including chef-sugar when it's >= 4.0.0 (#197) +## v2.6.4 (2018-07-01) -v2.6.3 (2018-02-01) -------------------- -* Fix issue with deep merging of hashes and arrays in recent chef release (#185) +- Stop including chef-sugar when it's >= 4.0.0 (#197) -v2.6.2 (2017-06-01) -------------------- -* Incorrect file checking on Ubuntu, double file write (#173) -* Added testing on CentOS 6.9 -* Clarify metadata that we're not working on Amazon Linux (#172) +## v2.6.3 (2018-02-01) -v2.6.1 (2017-04-21) -------------------- -* Add recipe to disable firewall (#164) +- Fix issue with deep merging of hashes and arrays in recent chef release (#185) -v2.6.0 (2017-04-17) -------------------- -* Initial Chef 13.x support (#160, #159) -* Allow loopback and icmp, when enabled (#161) -* Address various newer rubocop and foodcritic complaints -* Convert rule provider away from DSL (#159) +## v2.6.2 (2017-06-01) -v2.5.4 (2017-02-13) -------------------- -* Update Test Kitchen platforms to the latest -* Update copyright headers -* Allow package options to be passed through to the package install for firewall -* Define policy for Windows Firewall and use the attributes to set desired policy +- Incorrect file checking on Ubuntu, double file write (#173) +- Added testing on CentOS 6.9 +- Clarify metadata that we're not working on Amazon Linux (#172) -v2.5.3 (2016-10-26) -------------------- -* Don't show firewall resource as updated (#133) -* Add :off as a valid logging level (#129) -* Add support for Ubuntu 16.04 (#149) +## v2.6.1 (2017-04-21) -v2.5.2 (2016-06-02) -------------------- -* Don't issue commands when firewalld isn't active (#140) -* Install iptables-services on CentOS >= 7 (#131) -* Update Ruby version on Travis for listen gem +- Add recipe to disable firewall (#164) -v2.5.1 (2016-05-31) -------------------- -* Protocol guard incorrectly prevents "none" protocol type on UFW helper (#128) -* Fix wrongly ordered conditional for converting ports to strings using port_to_s -* Fix notify_firewall attribute crashing firewall_rule provider (#130) -* Add warning if firewall rule opens all traffic (#132) -* Add ipv6 attribute respect to Ubuntu iptables (#138) +## v2.6.0 (2017-04-17) -v2.5.0 (2016-03-08) -------------------- -* Don't modify parameter for port (#120) -* Remove a reference to the wrong variable name under windows (#123) -* Add support for mobile shell default firewall rule (#121) -* New rubocop rules and style fixes -* Correct a README.md example for `action :allow` +- Initial Chef 13.x support (#160, #159) +- Allow loopback and icmp, when enabled (#161) +- Address various newer rubocop and foodcritic complaints +- Convert rule provider away from DSL (#159) -v2.4.0 (2016-01-28) -------------------- -* Expose default iptables ruleset so that raw rules can be used in conjunction -with rulesets for other tables (#101). +## v2.5.4 (2017-02-13) -v2.3.1 (2016-01-08) -------------------- -* Add raw rule support to the ufw firewall provider (#113). +- Update Test Kitchen platforms to the latest +- Update copyright headers +- Allow package options to be passed through to the package install for firewall +- Define policy for Windows Firewall and use the attributes to set desired policy -v2.3.0 (2015-12-23) -------------------- -* Refactor logic so that firewall rules don't add a string rule to the firewall -when their actions run. Just run the action once on the firewall itself. This is -designed to prevent partial application of rules (#106) +## v2.5.3 (2016-10-26) -* Switch to "enabled" (positive logic) instead of "disabled" (negative logic) on -the firewall resource. It was difficult to reason with "disabled false" for some -complicated recipes using firewall downstream. `disabled` is now deprecated. +- Don't show firewall resource as updated (#133) +- Add :off as a valid logging level (#129) +- Add support for Ubuntu 16.04 (#149) -* Add proper Windows testing and serverspec tests back into this cookbook. +## v2.5.2 (2016-06-02) -* Fix the `port_to_s` function so it also works for Windows (#111) +- Don't issue commands when firewalld isn't active (#140) +- Install iptables-services on CentOS >= 7 (#131) +- Update Ruby version on Travis for listen gem -* Fix typo checking action instead of command in iptables helper (#112) +## v2.5.1 (2016-05-31) -* Remove testing ranges of ports on CentOS 5.x, as it's broken there. +- Protocol guard incorrectly prevents "none" protocol type on UFW helper (#128) +- Fix wrongly ordered conditional for converting ports to strings using port_to_s +- Fix notify_firewall attribute crashing firewall_rule provider (#130) +- Add warning if firewall rule opens all traffic (#132) +- Add ipv6 attribute respect to Ubuntu iptables (#138) + +## v2.5.0 (2016-03-08) + +- Don't modify parameter for port (#120) +- Remove a reference to the wrong variable name under windows (#123) +- Add support for mobile shell default firewall rule (#121) +- New rubocop rules and style fixes +- Correct a README.md example for `action :allow` + +## v2.4.0 (2016-01-28) + +- Expose default iptables ruleset so that raw rules can be used in conjunction with rulesets for other tables (#101). + +## v2.3.1 (2016-01-08) + +- Add raw rule support to the ufw firewall provider (#113). + +## v2.3.0 (2015-12-23) + +- Refactor logic so that firewall rules don't add a string rule to the firewall when their actions run. Just run the action once on the firewall itself. This is designed to prevent partial application of rules (#106) + +- Switch to "enabled" (positive logic) instead of "disabled" (negative logic) on the firewall resource. It was difficult to reason with "disabled false" for some complicated recipes using firewall downstream. `disabled` is now deprecated. + +- Add proper Windows testing and serverspec tests back into this cookbook. + +- Fix the `port_to_s` function so it also works for Windows (#111) + +- Fix typo checking action instead of command in iptables helper (#112) + +- Remove testing ranges of ports on CentOS 5.x, as it's broken there. + +## v2.2.0 (2015-11-02) -v2.2.0 (2015-11-02) -------------------- Added permanent as default option for RHEL 7 based systems using firewall-cmd. This defaults to turned off, but it will be enabled by default on the next major version bump. -v2.1.0 (2015-10-15) -------------------- +## v2.1.0 (2015-10-15) + Minor feature release. -* Ensure ICMPv6 is open when `['firewall']['allow_established']` is set to true (the default). ICMPv6 is critical for most IPv6 operations. -v2.0.5 (2015-10-05) -------------------- +- Ensure ICMPv6 is open when `['firewall']['allow_established']` is set to true (the default). ICMPv6 is critical for most IPv6 operations. + +## v2.0.5 (2015-10-05) + Minor bugfix release. -* Ensure provider filtering always yields 1 and only 1 provider, #97 & #98 -* Documentation update #96 -v2.0.4 (2015-09-23) -------------------- +- Ensure provider filtering always yields 1 and only 1 provider, #97 & #98 +- Documentation update #96 + +## v2.0.4 (2015-09-23) + Minor bugfix release. -* Allow override of filter chain policies, #94 -* Fix foodcrtitic and chefspec errors -v2.0.3 (2015-09-14) -------------------- +- Allow override of filter chain policies, #94 +- Fix foodcrtitic and chefspec errors + +## v2.0.3 (2015-09-14) + Minor bugfix release. -* Fix wrong conditional for firewalld ports, #93 -* Fix ipv6 command logic under iptables, #91 -v2.0.2 (2015-09-08) -------------------- -* Release with working CI, Chefspec matchers. +- Fix wrong conditional for firewalld ports, #93 +- Fix ipv6 command logic under iptables, #91 -v2.0.1 (2015-09-01) -------------------- -* Add default related/established rule for iptables +## v2.0.2 (2015-09-08) -v2.0.0 (2015-08-31) -------------------- -* #84, major rewrite: - - Allow relative positioning of rules - - Use delayed notifications to create one firewall ruleset instead of incremental changes - - Remove poise dependency -* #82 - Introduce Windows firewall support and test-kitchen platform. -* #73 - Add the option to disable ipv6 commands on iptables -* #78 - Use Chef-12 style `provides` to address provider mapping issues -* Rubocop and foodcritic cleanup +- Release with working CI, Chefspec matchers. -v1.6.1 (2015-07-24) -------------------- -* #80 - Remove an extra space in port range +## v2.0.1 (2015-09-01) -v1.6.0 (2015-07-15) -------------------- -* #68 - Install firewalld when it does not exist -* #72 - Fix symbol that was a string, breaking comparisons +- Add default related/established rule for iptables -v1.5.2 (2015-07-15) -------------------- -* #75 - Use correct service in iptables save action, Add serverspec tests for iptables suite +## v2.0.0 (2015-08-31) -v1.5.1 (2015-07-13) -------------------- -* #74 - add :save matcher for Chefspec +- 84, major rewrite + - Allow relative positioning of rules + - Use delayed notifications to create one firewall ruleset instead of incremental changes + - Remove poise dependency +- #82 - Introduce Windows firewall support and test-kitchen platform +- #73 - Add the option to disable ipv6 commands on iptables +- #78 - Use Chef-12 style `provides` to address provider mapping issues +- Rubocop and foodcritic cleanup -v1.5.0 (2015-07-06) -------------------- +## v1.6.1 (2015-07-24) -* #70 - Add chef service resource to ensure firewall-related services are enabled/disabled -* - Add testing and support for iptables on ubuntu in iptables provider +- 80 - Remove an extra space in port range -v1.4.0 (2015-06-30) -------------------- +## v1.6.0 (2015-07-15) -* #69 - Support for CentOS/RHEL 5.x +- 68 - Install firewalld when it does not exist +- 72 - Fix symbol that was a string, breaking comparisons -v1.3.0 (2015-06-09) -------------------- -* #63 - Add support for protocol numbers +## v1.5.2 (2015-07-15) -v1.2.0 (2015-05-28) -------------------- -* #64 - Support the newer version of poise +- 75 - Use correct service in iptables save action, Add serverspec tests for iptables suite -v1.1.2 (2015-05-19) -------------------- -* #60 - Always add /32 or /128 to ipv4 or ipv6 addresses, respectively. +## v1.5.1 (2015-07-13) + +- 74 - add :save matcher for Chefspec + +## v1.5.0 (2015-07-06) + +- 70 - Add chef service resource to ensure firewall-related services are enabled/disabled + - Add testing and support for iptables on ubuntu in iptables provider + +## v1.4.0 (2015-06-30) + +- 69 - Support for CentOS/RHEL 5.x + +## v1.3.0 (2015-06-09) + +- 63 - Add support for protocol numbers + +## v1.2.0 (2015-05-28) + +- 64 - Support the newer version of poise + +## v1.1.2 (2015-05-19) + +- 60 - Always add /32 or /128 to ipv4 or ipv6 addresses, respectively - Make comment quoting optional; iptables on Ubuntu strips quotes on strings without any spaces -v1.1.1 (2015-05-11) -------------------- -* #57 - Suppress warning: already initialized constant XXX while Chefspec +## v1.1.1 (2015-05-11) -v1.1.0 (2015-04-27) -------------------- -* #56 - Better ipv6 support for firewalld and iptables -* #54 - Document raw parameter +- 57 - Suppress warning: already initialized constant XXX while Chefspec -v1.0.2 (2015-04-03) -------------------- -* #52 - Typo in :masquerade action name +## v1.1.0 (2015-04-27) -v1.0.1 (2015-03-28) -------------------- -* #49 - Fix position attribute of firewall_rule providers to be correctly used as a string in commands +- 56 - Better ipv6 support for firewalld and iptables +- 54 - Document raw parameter -v1.0.0 (2015-03-25) -------------------- -* Major upgrade and rewrite as HWRP using poise -* Adds support for iptables and firewalld -* Modernize tests and other files -* Fix many bugs from ufw defaults to multiport suppot +## v1.0.2 (2015-04-03) -v0.11.8 (2014-05-20) --------------------- -* Corrects issue where on a secondary converge would not distinguish between inbound and outbound rules +- 52 - Typo in :masquerade action name +## v1.0.1 (2015-03-28) + +- 49 - Fix position attribute of firewall_rule providers to be correctly used as a string in commands + +## v1.0.0 (2015-03-25) + +- Major upgrade and rewrite as HWRP using poise +- Adds support for iptables and firewalld +- Modernize tests and other files +- Fix many bugs from ufw defaults to multiport suppot + +## v0.11.8 (2014-05-20) + +- Corrects issue where on a secondary converge would not distinguish between inbound and outbound rules + +## v0.11.6 (2014-02-28) -v0.11.6 (2014-02-28) --------------------- [COOK-4385] - UFW provider is broken +## v0.11.4 (2014-02-25) -v0.11.4 (2014-02-25) --------------------- [COOK-4140] Only notify when a rule is actually added +## v0.11.2 -v0.11.2 -------- ### Bug -- **[COOK-3615](https://tickets.opscode.com/browse/COOK-3615)** - Install required UFW package on Debian -v0.11.0 -------- +- [COOK-3615]: Install required UFW package on Debian + +## v0.11.0 + ### Improvement + - [COOK-2932]: ufw providers work on debian but cannot be used -v0.10.2 -------- +## v0.10.2 + - [COOK-2250] - improve readme -v0.10.0 ------- +## v0.10.0 + - [COOK-1234] - allow multiple ports per rule -v0.9.2 ------- +## v0.9.2 + - [COOK-1615] - Firewall example docs have incorrect direction syntax -v0.9.0 ------- +## v0.9.0 + The default action for firewall LWRP is now :enable, the default action for firewall_rule LWRP is now :reject. This is in line with a "default deny" policy. - [COOK-1429] - resolve foodcritic warnings -v0.8.0 ------- +## v0.8.0 + - refactor all resources and providers into LWRPs - removed :reset action from firewall resource (couldn't find a good way to make it idempotent) - removed :logging action from firewall resource...just set desired level via the log_level attribute -v0.6.0 ------- +## v0.6.0 + - [COOK-725] Firewall cookbook firewall_rule LWRP needs to support logging attribute. - Firewall cookbook firewall LWRP needs to support :logging -v0.5.7 ------- +## v0.5.7 + - [COOK-696] Firewall cookbook firewall_rule LWRP needs to support interface - [COOK-697] Firewall cookbook firewall_rule LWRP needs to support the direction for the rules -v0.5.6 ------- +## v0.5.6 + - [COOK-695] Firewall cookbook firewall_rule LWRP needs to support destination port -v0.5.5 ------- +## v0.5.5 + - [COOK-709] fixed :nothing action for the 'firewall_rule' resource. -v0.5.4 ------- +## v0.5.4 + - [COOK-694] added :reject action to the 'firewall_rule' resource. -v0.5.3 ------- +## v0.5.3 + - [COOK-698] added :reset action to the 'firewall' resource. -v0.5.2 ------- -- Add missing 'requires' statements. fixes 'NameError: uninitialized constant' error. -thanks to Ernad Husremović for the fix. +## v0.5.2 + +- Add missing 'requires' statements. fixes 'NameError: uninitialized constant' error. Thanks to Ernad Husremović for the fix. + +## v0.5.0 -v0.5.0 ------- - [COOK-686] create firewall and firewall_rule resources - [COOK-687] create UFW providers for all resources diff --git a/cookbooks/firewall/CONTRIBUTING.md b/cookbooks/firewall/CONTRIBUTING.md deleted file mode 100644 index ef2f2b8..0000000 --- a/cookbooks/firewall/CONTRIBUTING.md +++ /dev/null @@ -1,2 +0,0 @@ -Please refer to -https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD diff --git a/cookbooks/yum/LICENSE b/cookbooks/firewall/LICENSE similarity index 100% rename from cookbooks/yum/LICENSE rename to cookbooks/firewall/LICENSE diff --git a/cookbooks/firewall/MAINTAINERS.md b/cookbooks/firewall/MAINTAINERS.md deleted file mode 100644 index 5db5fac..0000000 --- a/cookbooks/firewall/MAINTAINERS.md +++ /dev/null @@ -1,19 +0,0 @@ - - -# Maintainers -This file lists how this cookbook project is maintained. When making changes to the system, this -file tells you who needs to review your patch - you need a simple majority of maintainers -for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need -to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) -for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Martin Smith](https://github.com/martinb3) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) -* [Martin Smith](https://github.com/martinb3) diff --git a/cookbooks/firewall/README.md b/cookbooks/firewall/README.md index 4a12805..3f6df01 100644 --- a/cookbooks/firewall/README.md +++ b/cookbooks/firewall/README.md @@ -1,59 +1,79 @@ -firewall Cookbook -================= +# firewall Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/firewall.svg?branch=master)](http://travis-ci.org/chef-cookbooks/firewall) [![Cookbook Version](https://img.shields.io/cookbook/v/firewall.svg)](https://supermarket.chef.io/cookbooks/firewall) +[![CI State](https://github.com/sous-chefs/firewall/workflows/ci/badge.svg)](https://github.com/sous-chefs/firewall/actions?query=workflow%3Aci) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) Provides a set of primitives for managing firewalls and associated rules. PLEASE NOTE - The resource/providers in this cookbook are under heavy development. An attempt is being made to keep the resource simple/stupid by starting with less sophisticated firewall implementations first and refactor/vet the resource definition with each successive provider. -Requirements ------------- -**Chef 12.5.x+** is required. We are currently testing against Chef 13. If you need Chef 11 support, please try pinning back to a version less than 2.0, e.g.: -``` -depends 'firewall', '< 2.0' +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + +## Requirements + +- Chef Infra Client 15.5+ + +```ruby +depends 'firewall' ``` ### Supported firewalls and platforms -* UFW - Ubuntu, Debian -* IPTables - Red Hat & CentOS, Ubuntu -* FirewallD - Red Hat & CentOS >= 7.0 (IPv4 only support, [needs contributions/testing](https://github.com/chef-cookbooks/firewall/issues/86)) -* Windows Advanced Firewall - 2012 R2 + +- UFW - Ubuntu, Debian (except 9) +- IPTables - Red Hat & CentOS, Ubuntu +- FirewallD - Red Hat & CentOS >= 7.0 (IPv4 only support, [needs contributions/testing](https://github.com/chef-cookbooks/firewall/issues/86)) +- Windows Advanced Firewall - 2012 R2 +- nftables Tested on: -* Ubuntu 14.04, 16.04 with iptables, ufw -* Debian 7, 8 with ufw -* CentOS 6 with iptables -* CentOS 7.1 with firewalld -* Windows Server 2012r2 with Windows Advanced Firewall + +- Ubuntu 16.04 with iptables, ufw +- Debian 9 with iptables +- Debian 11 with nftables +- Debian 11 with new resources for firewalld +- CentOS 6 with iptables +- CentOS 7.1 with firewalld +- Oracle 8 with nftables +- Windows Server 2012r2 with Windows Advanced Firewall By default, Ubuntu chooses ufw. To switch to iptables, set this in an attribute file: -``` + +```ruby default['firewall']['ubuntu_iptables'] = true ``` By default, Red Hat & CentOS >= 7.0 chooses firewalld. To switch to iptables, set this in an attribute file: -``` + +```ruby default['firewall']['redhat7_iptables'] = true ``` -# Considerations that apply to all firewall providers and resources +In order to use nftables, just use the resource `nftables` and +`nftables_rule`. These resources are written in more modern design +styles and are not configurable by node attributes. + +## Considerations that apply to all firewall providers and resources This cookbook comes with two resources, firewall and firewall rule. The typical usage scenario is as follows: - run the `:install` action on the `firewall` resource named 'default', which installs appropriate packages and configures services to start on boot and starts them - - run the `:create` action on every `firewall_rule` resource, which adds to the list of rules that should be configured on the firewall. `firewall_rule` then automatically sends a delayed notification to the `firewall['default']` resource to run the `:restart` action. - - run the delayed notification with action `:restart` on the `firewall` resource. if any rules are different than the last run, the provider will update the current state of the firewall rules to match the expected rules. There is a fundamental mismatch between the idea of a chef action and the action that should be taken on a firewall rule. For this reason, the chef action for a firewall_rule may be `:nothing` (the rule should not be present in the firewall) or `:create` (the rule should be present in the firewall), but the action taken on a packet in a firewall (`DROP`, `ACCEPT`, etc) is denoted as a `command` parameter on the `firewall_rule` resource. -# iptables considerations +The same points hold for the `nftables`- and `nftables_rule`-resources. + +## iptables considerations If you need to use a table other than `*filter`, the best way to do so is like so: -``` + +```ruby node.default['firewall']['iptables']['defaults'][:ruleset] = { '*filter' => 1, ':INPUT DROP' => 2, @@ -71,7 +91,8 @@ node.default['firewall']['iptables']['defaults'][:ruleset] = { Note -- in order to support multiple hash keys containing the same rule, anything found after the underscore will be stripped for: `:OUTPUT :INPUT :POSTROUTING :PREROUTING COMMIT`. This allows an example like the above to be reduced to just repeated lines of `COMMIT` and `:OUTPUT ACCEPT` while still avoiding duplication of other things. Then it's trivial to add additional rules to the `*nat` table using the raw parameter: -``` + +```ruby firewall_rule "postroute" do raw "-A POSTROUTING -o eth1 -p tcp -d 172.28.128.21 -j SNAT --to-source 172.28.128.6" position 150 @@ -81,42 +102,48 @@ end Note that any line starting with `COMMIT` will become just `COMMIT`, as hash keys must be unique but we need multiple commit lines. -# Recipes +## nftables + +Please read the documentation for the +[`nftables` resource](documentation/resource_nftables.md) and the +[`nftables_rule` resource](documentation/resource_nftables_rule.md) + +## Recipes ### default + The default recipe creates a firewall resource with action install. ### disable_firewall + Used to disable platform specific firewall. Many clouds have their own firewall configured outside of the OS instance such as AWS Security Groups. -# Attributes +## Attributes -* `default['firewall']['allow_ssh'] = false`, set true to open port 22 for SSH when the default recipe runs -* `default['firewall']['allow_mosh'] = false`, set to true to open UDP ports 60000 - 61000 for [Mosh][0] when the default recipe runs -* `default['firewall']['allow_winrm'] = false`, set true to open port 5989 for WinRM when the default recipe runs -* `default['firewall']['allow_loopback'] = false`, set to true to allow all traffic on the loopback interface -* `default['firewall']['allow_icmp'] = false`, set true to allow icmp protocol on supported OSes (note: ufw and windows implementations don't support this) +- `default['firewall']['allow_ssh'] = false`, set true to open port 22 for SSH when the default recipe runs +- `default['firewall']['allow_mosh'] = false`, set to true to open UDP ports 60000 - 61000 for [Mosh][0] when the default recipe runs +- `default['firewall']['allow_winrm'] = false`, set true to open port 5989 for WinRM when the default recipe runs +- `default['firewall']['allow_loopback'] = false`, set to true to allow all traffic on the loopback interface +- `default['firewall']['allow_icmp'] = false`, set true to allow icmp protocol on supported OSes (note: ufw and windows implementations don't support this) +- `default['firewall']['ubuntu_iptables'] = false`, set to true to use iptables on Ubuntu / Debian when using the default recipe +- `default['firewall']['redhat7_iptables'] = false`, set to true to use iptables on Red Hat / CentOS 7 when using the default recipe +- `default['firewall']['ufw']['defaults']` hash for template `/etc/default/ufw` +- `default['firewall']['iptables']['defaults']` hash for default policies for 'filter' table's chains` +- `default['firewall']['windows']['defaults']` hash to define inbound / outbound firewall policy on Windows platform +- `default['firewall']['allow_established'] = true`, set to false if you don't want a related/established default rule on iptables +- `default['firewall']['ipv6_enabled'] = true`, set to false if you don't want IPv6 related/established default rule on iptables (this enables ICMPv6, which is required for much of IPv6 communication) +- `default['firewall']['firewalld']['permanent'] = false`, set to true if you want firewalld rules to be added with `--permanent` so they survive a reboot. This will be changed to `true` by default in a future major version release. -* `default['firewall']['ubuntu_iptables'] = false`, set to true to use iptables on Ubuntu / Debian when using the default recipe -* `default['firewall']['redhat7_iptables'] = false`, set to true to use iptables on Red Hat / CentOS 7 when using the default recipe +## Resources -* `default['firewall']['ufw']['defaults']` hash for template `/etc/default/ufw` -* `default['firewall']['iptables']['defaults']` hash for default policies for 'filter' table's chains` - -* `default['firewall']['windows']['defaults']` hash to define inbound / outbound firewall policy on Windows platform - -* `default['firewall']['allow_established'] = true`, set to false if you don't want a related/established default rule on iptables -* `default['firewall']['ipv6_enabled'] = true`, set to false if you don't want IPv6 related/established default rule on iptables (this enables ICMPv6, which is required for much of IPv6 communication) - -* `default['firewall']['firewalld']['permanent'] = false`, set to true if you want firewalld rules to be added with `--permanent` so they survive a reboot. This will be changed to `true` by default in a future major version release. - -# Resources +There is a separate folder for [`firewalld` resources](documentation/README.md). ### firewall ***NB***: The name 'default' of this resource is important as it is used for firewall_rule providers to locate the firewall resource. If you change it, you must also supply the same value to any firewall_rule resources using the `firewall_name` parameter. #### Actions + - `:install` (*default action*): Install and Enable the firewall. This will ensure the appropriate packages are installed and that any services have been started. - `:disable`: Disable the firewall. Drop any rules and put the node in an unprotected state. Flush all current rules. Also erase any internal state used to detect when rules should be applied. - `:flush`: Flush all current rules. Also erase any internal state used to detect when rules should be applied. @@ -132,8 +159,6 @@ Used to disable platform specific firewall. Many clouds have their own firewall - `enabled_zone` (firewalld only): The zone to set on firewalld when the firewall should be enabled. Can be any string in symbol form, e.g. :public, :drop, etc. Defaults to `:drop.` - `package_options`: Used to pass options to the package install of firewall -#### Examples - ```ruby # all defaults firewall 'default' @@ -153,55 +178,36 @@ end ### firewall_rule #### Actions -- `:create` (_default action_): If a firewall_rule runs this action, the rule will be recorded in a chef resource's internal state, and applied when providers automatically notify the firewall resource with action `:reload`. The notification happens automatically. + +- `:create` (*default action*): If a firewall_rule runs this action, the rule will be recorded in a chef resource's internal state, and applied when providers automatically notify the firewall resource with action `:reload`. The notification happens automatically. #### Parameters - `firewall_name`: the matching firewall resource that this rule applies to. Default value: `default` - - `raw`: Used to pass an entire rule as a string, omitting all other parameters. This line will be directly loaded by `iptables-restore`, fed directly into `ufw` on the command line, or run using `firewall-cmd`. - -- `description` (_default: same as rule name_): Used to provide a comment that will be included when adding the firewall rule. - -- `include_comment` (_default: true_): Used to optionally exclude the comment in the rule. - -- `position` (_default: 50_): **relative** position to insert rule at. Position may be any integer between 0 < n < 100 (exclusive), and more than one rule may specify the same position. - +- `description` (*default: same as rule name*): Used to provide a comment that will be included when adding the firewall rule. +- `include_comment` (*default: true*): Used to optionally exclude the comment in the rule. +- `position` (*default: 50*): **relative** position to insert rule at. Position may be any integer between 0 < n < 100 (exclusive), and more than one rule may specify the same position. - `command`: What action to take on a particular packet - - - `:allow` (_default action_): the rule should allow matching packets - - `:deny`: the rule should deny matching packets - - `:reject`: the rule should reject matching packets - - `:masqerade`: Masquerade the matching packets - - `:redirect`: Redirect the matching packets - - `:log`: Configure logging - + - `:allow` (*default action*): the rule should allow matching packets + - `:deny`: the rule should deny matching packets + - `:reject`: the rule should reject matching packets + - `:masquerade`: Masquerade the matching packets + - `:redirect`: Redirect the matching packets + - `:log`: Configure logging - `stateful`: a symbol or array of symbols, such as ``[:related, :established]` that will be passed to the state module in iptables or firewalld. - -- `protocol`: `:tcp` (_default_), `:udp`, `:icmp`, `:none` or protocol number. Using protocol numbers is not supported using the ufw provider (default for debian/ubuntu systems). - -- `direction`: For ufw, direction of the rule. valid values are: `:in` (_default_), `:out`, `:pre`, `:post`. - -- `source` (_Default is `0.0.0.0/0` or `Anywhere`_): source ip address or subnet to filter. - -- `source_port` (_Default is nil_): source port for filtering packets. - +- `protocol`: `:tcp` (*default*), `:udp`, `:icmp`, `:none` or protocol number. Using protocol numbers is not supported using the ufw provider (default for debian/ubuntu systems). +- `direction`: For ufw, direction of the rule. valid values are: `:in` (*default*), `:out`, `:pre`, `:post`. +- `source` (*Default is `0.0.0.0/0` or `Anywhere`*): source ip address or subnet to filter. +- `source_port` (*Default is nil*): source port for filtering packets. - `destination`: ip address or subnet to filter on packet destination, must be a valid IP - - `port` or `dest_port`: target port number (ie. 22 to allow inbound SSH), or an array of incoming port numbers (ie. [80,443] to allow inbound HTTP & HTTPS). - - NOTE: `protocol` attribute is required with multiple ports, or a range of incoming port numbers (ie. 60000..61000 to allow inbound mobile-shell. NOTE: `protocol`, or an attribute is required with a range of ports. - + NOTE: `protocol` attribute is required with multiple ports, or a range of incoming port numbers (ie. 60000..61000 to allow inbound mobile-shell. NOTE: `protocol`, or an attribute is required with a range of ports. - `interface`: (source) interface to apply rule (ie. `eth0`). - - `dest_interface`: interface where packets may be destined to go - - `redirect_port`: redirected port for rules with command `:redirect` - - `logging`: may be added to enable logging for a particular rule. valid values are: `:connections`, `:packets`. In the ufw provider, `:connections` logs new connections while `:packets` logs all packets. -#### Examples - ```ruby # open standard ssh port firewall_rule 'ssh' do @@ -245,7 +251,7 @@ firewall_rule "VRRP" do raw "allow to 224.0.0.18" end -# open UDP ports 60000..61000 for mobile shell (mosh.mit.edu), note +# open UDP ports 60000..61000 for mobile shell (mosh.org), note # that the protocol attribute is required when using port_range firewall_rule 'mosh' do protocol :udp @@ -273,66 +279,71 @@ end Different providers will determine the current state of the rules differently -- parsing the output of a command, maintaining the state in a file, or some other way. If the firewall is adjusted from outside of chef (non-idempotent), it's possible that chef may be caught unaware of the current state of the firewall. The best workaround is to add a `:flush` action to the firewall resource as early as possible in the chef run, if you plan to modify the firewall state outside of chef. -# Troubleshooting +## Troubleshooting To figure out what the position values are for current rules, print the hash that contains the weights: -``` + +```ruby require pp default_firewall = resources(:firewall, 'default') pp default_firewall.rules ``` -# Development +## Development + This section details "quick development" steps. For a detailed explanation, see [[Contributing.md]]. 1. Clone this repository from GitHub: - $ git clone git@github.com:chef-cookbooks/firewall.git +`$ git clone git@github.com:chef-cookbooks/firewall.git` -2. Create a git branch +1. Create a git branch - $ git checkout -b my_bug_fix +`$ git checkout -b my_bug_fix` -3. Install dependencies: +1. Install dependencies: - $ bundle install +`$ bundle install` -4. Make your changes/patches/fixes, committing appropiately -5. **Write tests** -6. Run the tests: - - `bundle exec foodcritic -f any .` - - `bundle exec rspec` - - `bundle exec rubocop` - - `bundle exec kitchen test` +1. Make your changes/patches/fixes, committing appropiately +1. **Write tests** +1. Run the tests: - In detail: - - Foodcritic will catch any Chef-specific style errors - - RSpec will run the unit tests - - Rubocop will check for Ruby-specific style errors - - Test Kitchen will run and converge the recipes +- `bundle exec foodcritic -f any .` +- `bundle exec rspec` +- `bundle exec rubocop` +- `bundle exec kitchen test` +In detail: -# License & Authors - -- Author:: Seth Chisamore () -- Author:: Ronald Doorn () -- Author:: Martin Smith () -- Author:: Sander van Harmelen () +- Foodcritic will catch any Chef-specific style errors +- RSpec will run the unit tests +- Rubocop will check for Ruby-specific style errors +- Test Kitchen will run and converge the recipes -```text -Copyright:: 2011-2015, Chef Software, Inc +## Contributors -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) - http://www.apache.org/licenses/LICENSE-2.0 +### Backers -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +Thank you to all our backers! -[0]: https://mosh.mit.edu/ +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) + +### Sponsors + +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) + +[0]: https://mosh.org diff --git a/cookbooks/firewall/TODO.md b/cookbooks/firewall/TODO.md new file mode 100644 index 0000000..34997ff --- /dev/null +++ b/cookbooks/firewall/TODO.md @@ -0,0 +1,6 @@ +# TODO + +- update for rhel-8+ nftables, RHEL docs recommend nftables for new firewalls +- fix windows tests +- iptables' `-S` not supported in libraries/provider_firewall_iptables.rb +- save action might not make sense for firewalls diff --git a/cookbooks/firewall/attributes/iptables.rb b/cookbooks/firewall/attributes/iptables.rb index f26ac55..551916a 100644 --- a/cookbooks/firewall/attributes/iptables.rb +++ b/cookbooks/firewall/attributes/iptables.rb @@ -5,9 +5,9 @@ default['firewall']['iptables']['defaults'][:policy] = { } default['firewall']['iptables']['defaults'][:ruleset] = { '*filter' => 1, - ":INPUT #{node['firewall']['iptables']['defaults'][:policy][:input]}" => 2, - ":FORWARD #{node['firewall']['iptables']['defaults'][:policy][:forward]}" => 3, - ":OUTPUT #{node['firewall']['iptables']['defaults'][:policy][:output]}" => 4, + ":INPUT #{node['firewall']['iptables']['defaults']['policy']['input']}" => 2, + ":FORWARD #{node['firewall']['iptables']['defaults']['policy']['forward']}" => 3, + ":OUTPUT #{node['firewall']['iptables']['defaults']['policy']['output']}" => 4, 'COMMIT_FILTER' => 100, } diff --git a/cookbooks/firewall/chefignore b/cookbooks/firewall/chefignore new file mode 100644 index 0000000..a27b0b2 --- /dev/null +++ b/cookbooks/firewall/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen*.yml +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/firewall/libraries/helpers.rb b/cookbooks/firewall/libraries/helpers.rb index 38a8fad..497c586 100644 --- a/cookbooks/firewall/libraries/helpers.rb +++ b/cookbooks/firewall/libraries/helpers.rb @@ -67,8 +67,8 @@ module FirewallCookbook end end - def ubuntu?(current_node) - current_node['platform'] == 'ubuntu' + def debian?(current_node) + current_node['platform_family'] == 'debian' end def build_rule_file(rules) @@ -96,5 +96,10 @@ module FirewallCookbook false end + + def default_description(new_resource) + new_resource.description || + "Generated by chef from #{cookbook_name}[#{recipe_name}] by #{new_resource}" + end end end diff --git a/cookbooks/firewall/libraries/helpers_firewalld.rb b/cookbooks/firewall/libraries/helpers_firewalld.rb index ceb8bd2..5deb402 100644 --- a/cookbooks/firewall/libraries/helpers_firewalld.rb +++ b/cookbooks/firewall/libraries/helpers_firewalld.rb @@ -21,7 +21,7 @@ module FirewallCookbook return false unless firewalld_active? cmd = shell_out('firewall-cmd', '--get-default-zone') - cmd.stdout =~ /^#{z.to_s}$/ + cmd.stdout =~ /^#{z}$/ end def firewalld_default_zone!(z) diff --git a/cookbooks/firewall/libraries/helpers_firewalld_dbus.rb b/cookbooks/firewall/libraries/helpers_firewalld_dbus.rb new file mode 100644 index 0000000..c78b904 --- /dev/null +++ b/cookbooks/firewall/libraries/helpers_firewalld_dbus.rb @@ -0,0 +1,72 @@ +module FirewallCookbook + module Helpers + module FirewalldDBus + def firewalld(system_bus) + system_bus['org.fedoraproject.FirewallD1'] + end + + def firewalld_object(system_bus) + firewalld(system_bus)['/org/fedoraproject/FirewallD1'] + end + + def firewalld_interface(system_bus) + firewalld_object(system_bus)['org.fedoraproject.FirewallD1'] + end + + def config_object(system_bus) + firewalld(system_bus)['/org/fedoraproject/FirewallD1/config'] + end + + def config_interface(system_bus) + config_object(system_bus)['org.fedoraproject.FirewallD1.config'] + end + + def icmptype_interface(dbus, icmptype_path) + icmptype_object = firewalld(dbus)[icmptype_path] + icmptype_object['org.fedoraproject.FirewallD1.config.icmptype'] + end + + def ipset_interface(dbus, ipset_path) + ipset_object = firewalld(dbus)[ipset_path] + ipset_object['org.fedoraproject.FirewallD1.config.ipset'] + end + + def helper_interface(dbus, helper_path) + helper_object = firewalld(dbus)[helper_path] + helper_object['org.fedoraproject.FirewallD1.config.helper'] + end + + def service_interface(dbus, service_path) + service_object = firewalld(dbus)[service_path] + service_object['org.fedoraproject.FirewallD1.config.service'] + end + + def policy_interface(dbus, policy_path) + policy_object = firewalld(dbus)[policy_path] + policy_object['org.fedoraproject.FirewallD1.config.policy'] + end + + def zone_interface(dbus, zone_path) + zone_object = firewalld(dbus)[zone_path] + zone_object['org.fedoraproject.FirewallD1.config.zone'] + end + + # port=portid[-portid]:proto=protocol[:toport=portid[-portid]][:toaddr=address[/mask]] + def parse_forward_ports(forward_ports) + port_regex = %r{port=([\w-]+):proto=([\w]+)(:toport=([\w-]+)|)(:toaddr=([\d\./]+)|)} + captures = forward_ports.match(port_regex).captures + captures.delete_at(4) + captures.delete_at(2) + captures.map { |e| e || '' } + end + + def forward_ports_to_dbus(new_resource) + fwp = new_resource.forward_ports.map do |e| + parse_forward_ports(e) + end + new_resource.forward_ports = fwp + DBus.variant('a(ssss)', new_resource.forward_ports) + end + end + end +end diff --git a/cookbooks/firewall/libraries/helpers_iptables.rb b/cookbooks/firewall/libraries/helpers_iptables.rb index 9f6ea49..3771414 100644 --- a/cookbooks/firewall/libraries/helpers_iptables.rb +++ b/cookbooks/firewall/libraries/helpers_iptables.rb @@ -49,14 +49,14 @@ module FirewallCookbook end def iptables_packages(new_resource) - packages = if ipv6_enabled?(new_resource) + packages = if ipv6_enabled?(new_resource) && !amazon_linux? && node['platform_version'].to_i < 8 %w(iptables iptables-ipv6) else %w(iptables) end # centos 7 requires extra service - if !ubuntu?(node) && node['platform_version'].to_i >= 7 + if (!debian?(node) && node['platform_version'].to_i >= 7) || amazon_linux? packages << %w(iptables-services) end diff --git a/cookbooks/firewall/libraries/helpers_nftables.rb b/cookbooks/firewall/libraries/helpers_nftables.rb new file mode 100644 index 0000000..eeba4e2 --- /dev/null +++ b/cookbooks/firewall/libraries/helpers_nftables.rb @@ -0,0 +1,170 @@ +module FirewallCookbook + module Helpers + module Nftables + include FirewallCookbook::Helpers + + CHAIN ||= { + in: 'INPUT', + out: 'OUTPUT', + pre: 'PREROUTING', + post: 'POSTROUTING', + forward: 'FORWARD', + }.freeze + + TARGET ||= { + accept: 'accept', + allow: 'accept', + counter: 'counter', + deny: 'drop', + drop: 'drop', + log: 'log', + masquerade: 'masquerade', + redirect: 'redirect', + reject: 'reject', + }.freeze + + def port_to_s(ports) + case ports + when String + ports + when Integer + ports.to_s + when Array + p_strings = ports.map { |o| port_to_s(o) } + "{#{p_strings.sort.join(',')}}" + when Range + "#{ports.first}-#{ports.last}" + else + raise "unknown class of port definition: #{ports.class}" + end + end + + def nftables_command_log(rule_resource) + log_prefix = 'prefix ' + log_prefix << if rule_resource.log_prefix.nil? + "\"#{CHAIN[rule_resource.direction]}:\"" + else + "\"#{rule_resource.log_prefix}\"" + end + log_group = if rule_resource.log_group.nil? + nil + else + "group #{rule_resource.log_group} " + end + "log #{log_prefix} #{log_group}" + end + + def nftables_command_redirect(rule_resource) + if rule_resource.redirect_port.nil? + raise 'Specify redirect_port when using :redirect as commmand' + end + + "redirect to #{rule_resource.redirect_port} " + end + + def nftables_commands(rule_resource) + firewall_rule = '' + Array(rule_resource.command).each do |command| + begin + target = TARGET.fetch(command) + rescue KeyError + raise "Invalid command: #{command.inspect}. Use one of #{TARGET.keys}" + end + firewall_rule << case target + when 'log' + nftables_command_log(rule_resource) + when 'redirect' + nftables_command_redirect(rule_resource) + else + "#{TARGET[command.to_sym]} " + end + end + firewall_rule + end + + def build_firewall_rule(rule_resource) + return rule_resource.raw.strip if rule_resource.raw + + ip = ipv6_rule?(rule_resource) ? 'ip6' : 'ip' + table = if [:pre, :post].include?(rule_resource.direction) + 'nat' + else + 'filter' + end + firewall_rule = if table == 'nat' + "add rule #{ip} #{table} " + else + "add rule inet #{table} " + end + firewall_rule << "#{CHAIN.fetch(rule_resource.direction.to_sym, 'FORWARD')} " + + firewall_rule << "iif #{rule_resource.interface} " if rule_resource.interface + firewall_rule << "oif #{rule_resource.outerface} " if rule_resource.outerface + + if rule_resource.source + source_with_mask = ip_with_mask(rule_resource, rule_resource.source) + if source_with_mask != '0.0.0.0/0' && source_with_mask != '::/128' + firewall_rule << "#{ip} saddr #{source_with_mask} " + end + end + firewall_rule << "#{ip} daddr #{rule_resource.destination} " if rule_resource.destination + + case rule_resource.protocol + when :icmp + firewall_rule << 'icmp type echo-request ' + when :'ipv6-icmp', :icmpv6 + firewall_rule << 'icmpv6 type { echo-request, nd-router-solicit, nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ' + when :tcp, :udp + firewall_rule << "#{rule_resource.protocol} sport #{port_to_s(rule_resource.sport)} " if rule_resource.sport + firewall_rule << "#{rule_resource.protocol} dport #{port_to_s(rule_resource.dport)} " if rule_resource.dport + when :esp, :ah + firewall_rule << "#{ip} #{ip == 'ip6' ? 'nexthdr' : 'protocol'} #{rule_resource.protocol} " + when :ipv6, :none + # nothing to do + end + + firewall_rule << "ct state #{Array(rule_resource.stateful).join(',').downcase} " if rule_resource.stateful + firewall_rule << nftables_commands(rule_resource) + firewall_rule << "comment \"#{rule_resource.description}\" " if rule_resource.include_comment + firewall_rule.strip! + firewall_rule + end + + def default_ruleset(new_resource) + rules = { + 'add table inet filter' => 1, + "add chain inet filter INPUT { type filter hook input priority 0 ; policy #{new_resource.input_policy}; }" => 2, + "add chain inet filter OUTPUT { type filter hook output priority 0 ; policy #{new_resource.output_policy}; }" => 2, + "add chain inet filter FOWARD { type filter hook forward priority 0 ; policy #{new_resource.forward_policy}; }" => 2, + } + if new_resource.table_ip_nat + rules['add table ip nat'] = 1 + rules['add chain ip nat POSTROUTING { type nat hook postrouting priority 100 ;}'] = 2 + rules['add chain ip nat PREROUTING { type nat hook prerouting priority -100 ;}'] = 2 + end + if new_resource.table_ip6_nat + rules['add table ip6 nat'] = 1 + rules['add chain ip6 nat POSTROUTING { type nat hook postrouting priority 100 ;}'] = 2 + rules['add chain ip6 nat PREROUTING { type nat hook prerouting priority -100 ;}'] = 2 + end + rules + end + + def ensure_default_rules_exist(new_resource) + input = new_resource.rules || {} + input.merge!(default_ruleset(new_resource)) + end + + def default_nftables_conf_path + case node['platform_family'] + when 'rhel' + '/etc/sysconfig/nftables.conf' + when 'debian' + '/etc/nftables.conf' + else + raise "default_nftables_conf_path: Unsupported platform_family #{node['platform_family']}." + end + end + end + end +end diff --git a/cookbooks/firewall/libraries/helpers_ufw.rb b/cookbooks/firewall/libraries/helpers_ufw.rb index 9e035c5..5152f64 100644 --- a/cookbooks/firewall/libraries/helpers_ufw.rb +++ b/cookbooks/firewall/libraries/helpers_ufw.rb @@ -74,6 +74,7 @@ module FirewallCookbook rule << rule_proto(new_resource) rule << rule_dest_port(new_resource) rule << rule_source_port(new_resource) + rule << rule_description(new_resource) rule = rule.strip if rule == 'ufw allow in proto tcp to any from any' @@ -97,6 +98,12 @@ module FirewallCookbook rule end + def rule_description(new_resource) + rule = '' + rule << "comment \"#{new_resource.description}\" " if new_resource.description && new_resource.include_comment + rule + end + def rule_dest_port(new_resource) rule = if new_resource.destination "to #{new_resource.destination} " diff --git a/cookbooks/firewall/libraries/helpers_windows.rb b/cookbooks/firewall/libraries/helpers_windows.rb index 391581b..4cb47ac 100644 --- a/cookbooks/firewall/libraries/helpers_windows.rb +++ b/cookbooks/firewall/libraries/helpers_windows.rb @@ -44,12 +44,11 @@ module FirewallCookbook def to_type(new_resource) cmd = new_resource.command - type = if cmd == :reject || cmd == :deny - :block - else - :allow - end - type + if cmd == :reject || cmd == :deny + :block + else + :allow + end end def build_rule(new_resource) @@ -66,13 +65,13 @@ module FirewallCookbook if new_resource.direction.to_sym == :out parameters['localip'] = new_resource.source ? fixup_cidr(new_resource.source) : 'any' parameters['localport'] = new_resource.source_port ? port_to_s(new_resource.source_port) : 'any' - parameters['interfacetype'] = new_resource.interface ? new_resource.interface : 'any' + parameters['interfacetype'] = new_resource.interface || 'any' parameters['remoteip'] = new_resource.destination ? fixup_cidr(new_resource.destination) : 'any' parameters['remoteport'] = new_resource.dest_port ? port_to_s(new_resource.dest_port) : 'any' else - parameters['localip'] = new_resource.destination ? new_resource.destination : 'any' + parameters['localip'] = new_resource.destination || 'any' parameters['localport'] = dport_calc(new_resource) ? port_to_s(dport_calc(new_resource)) : 'any' - parameters['interfacetype'] = new_resource.dest_interface ? new_resource.dest_interface : 'any' + parameters['interfacetype'] = new_resource.dest_interface || 'any' parameters['remoteip'] = new_resource.source ? fixup_cidr(new_resource.source) : 'any' parameters['remoteport'] = new_resource.source_port ? port_to_s(new_resource.source_port) : 'any' end diff --git a/cookbooks/firewall/libraries/matchers.rb b/cookbooks/firewall/libraries/matchers.rb deleted file mode 100644 index 474b3c2..0000000 --- a/cookbooks/firewall/libraries/matchers.rb +++ /dev/null @@ -1,30 +0,0 @@ -if defined?(ChefSpec) - ChefSpec.define_matcher(:firewall) - ChefSpec.define_matcher(:firewall_rule) - - # actions(:install, :restart, :disable, :flush, :save) - - def install_firewall(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall, :install, resource) - end - - def restart_firewall(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall, :restart, resource) - end - - def disable_firewall(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall, :disable, resource) - end - - def flush_firewall(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall, :flush, resource) - end - - def save_firewall(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall, :save, resource) - end - - def create_firewall_rule(resource) - ChefSpec::Matchers::ResourceMatcher.new(:firewall_rule, :create, resource) - end -end diff --git a/cookbooks/firewall/libraries/provider_firewall_firewalld.rb b/cookbooks/firewall/libraries/provider_firewall_firewalld.rb index b8fc8c5..82056d8 100644 --- a/cookbooks/firewall/libraries/provider_firewall_firewalld.rb +++ b/cookbooks/firewall/libraries/provider_firewall_firewalld.rb @@ -19,15 +19,15 @@ class Chef class Provider::FirewallFirewalld < Chef::Provider::LWRPBase include FirewallCookbook::Helpers::Firewalld - provides :firewall, os: 'linux', platform_family: %w(rhel fedora) do |node| - node['platform_version'].to_f >= 7.0 && !node['firewall']['redhat7_iptables'] + provides :firewall, os: 'linux', platform_family: %w(rhel fedora amazon) do |node| + (node['platform_version'].to_i == 7 && !node['firewall']['redhat7_iptables']) || (amazon_linux? && !node['firewall']['redhat7_iptables']) end def whyrun_supported? false end - def action_install + action :install do return if disabled?(new_resource) firewalld_package = package 'firewalld' do @@ -51,7 +51,7 @@ class Chef end end - def action_restart + action :restart do return if disabled?(new_resource) # ensure it's initialized @@ -111,7 +111,7 @@ class Chef new_resource.updated_by_last_action(true) end - def action_disable + action :disable do return if disabled?(new_resource) if firewalld_active? @@ -133,7 +133,7 @@ class Chef new_resource.updated_by_last_action(rules_file.updated_by_last_action?) end - def action_flush + action :flush do return if disabled?(new_resource) return unless firewalld_active? @@ -146,7 +146,7 @@ class Chef new_resource.updated_by_last_action(rules_file.updated_by_last_action?) end - def action_save + action :save do return if disabled?(new_resource) return if firewalld_all_rules_permanent! diff --git a/cookbooks/firewall/libraries/provider_firewall_iptables.rb b/cookbooks/firewall/libraries/provider_firewall_iptables.rb index 6c1cb81..1878861 100644 --- a/cookbooks/firewall/libraries/provider_firewall_iptables.rb +++ b/cookbooks/firewall/libraries/provider_firewall_iptables.rb @@ -3,7 +3,7 @@ # Cookbook:: firewall # Resource:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,15 +22,15 @@ class Chef include FirewallCookbook::Helpers include FirewallCookbook::Helpers::Iptables - provides :firewall, os: 'linux', platform_family: %w(rhel fedora) do |node| - node['platform_version'].to_f < 7.0 || node['firewall']['redhat7_iptables'] + provides :firewall, os: 'linux', platform_family: %w(rhel fedora amazon) do |node| + (node['platform_version'].to_i < 7 && !amazon_linux?) || node['platform_version'].to_i >= 8 || node['firewall']['redhat7_iptables'] end def whyrun_supported? false end - def action_install + action :install do return if disabled?(new_resource) # Ensure the package is installed @@ -60,7 +60,7 @@ class Chef end end - def action_restart + action :restart do return if disabled?(new_resource) # prints all the firewall rules @@ -104,12 +104,12 @@ class Chef next unless iptables_file.updated_by_last_action? iptables_service = lookup_or_create_service(iptables_type) - new_resource.notifies(:restart, iptables_service, :delayed) + iptables_service.run_action(:restart) new_resource.updated_by_last_action(true) end end - def action_disable + action :disable do return if disabled?(new_resource) iptables_flush!(new_resource) @@ -131,7 +131,7 @@ class Chef end end - def action_flush + action :flush do return if disabled?(new_resource) iptables_flush!(new_resource) diff --git a/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb b/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb index d6be1cd..35a3173 100644 --- a/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb +++ b/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu.rb @@ -3,7 +3,7 @@ # Cookbook:: firewall # Resource:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,14 +23,15 @@ class Chef include FirewallCookbook::Helpers::Iptables provides :firewall, os: 'linux', platform_family: %w(debian) do |node| - node['platform_version'].to_f > 14.04 && node['firewall'] && node['firewall']['ubuntu_iptables'] + node['firewall'] && node['firewall']['ubuntu_iptables'] && + node['platform_version'].to_f > (node['platform'] == 'ubuntu' ? 14.04 : 7) end def whyrun_supported? false end - def action_install + action :install do return if disabled?(new_resource) # Ensure the package is installed @@ -63,7 +64,7 @@ class Chef end end - def action_restart + action :restart do return if disabled?(new_resource) # prints all the firewall rules @@ -97,6 +98,8 @@ class Chef end end + restart_service = false + rule_files = %w(iptables) rule_files << 'ip6tables' if ipv6_enabled?(new_resource) @@ -119,17 +122,19 @@ class Chef iptables_file.run_action(:create) # if the file was changed, restart iptables - next unless iptables_file.updated_by_last_action? + restart_service = true if iptables_file.updated_by_last_action? + end + + if restart_service service_affected = service 'netfilter-persistent' do action :nothing end - - new_resource.notifies(:restart, service_affected, :delayed) + service_affected.run_action(:restart) new_resource.updated_by_last_action(true) end end - def action_disable + action :disable do return if disabled?(new_resource) iptables_flush!(new_resource) @@ -152,7 +157,7 @@ class Chef end end - def action_flush + action :flush do return if disabled?(new_resource) iptables_flush!(new_resource) diff --git a/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb b/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb index d2c3d74..b8b277a 100644 --- a/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb +++ b/cookbooks/firewall/libraries/provider_firewall_iptables_ubuntu1404.rb @@ -1,9 +1,9 @@ # # Author:: Seth Chisamore () -# Cookbook Name:: firewall +# Cookbook:: firewall # Resource:: default # -# Copyright:: 2011, Opscode, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,14 +23,15 @@ class Chef include FirewallCookbook::Helpers::Iptables provides :firewall, os: 'linux', platform_family: %w(debian) do |node| - node['platform_version'].to_f <= 14.04 && node['firewall'] && node['firewall']['ubuntu_iptables'] + node['firewall'] && node['firewall']['ubuntu_iptables'] && + node['platform_version'].to_f <= (node['platform'] == 'ubuntu' ? 14.04 : 7) end def whyrun_supported? false end - def action_install + action :install do return if disabled?(new_resource) # Ensure the package is installed @@ -63,7 +64,7 @@ class Chef end end - def action_restart + action :restart do return if disabled?(new_resource) # prints all the firewall rules @@ -97,6 +98,8 @@ class Chef end end + restart_service = false + rule_files = %w(iptables) rule_files << 'ip6tables' if ipv6_enabled?(new_resource) @@ -119,17 +122,19 @@ class Chef iptables_file.run_action(:create) # if the file was changed, restart iptables - next unless iptables_file.updated_by_last_action? + restart_service = true if iptables_file.updated_by_last_action? + end + + if restart_service service_affected = service 'iptables-persistent' do action :nothing end - - new_resource.notifies(:restart, service_affected, :delayed) + service_affected.run_action(:restart) new_resource.updated_by_last_action(true) end end - def action_disable + action :disable do return if disabled?(new_resource) iptables_flush!(new_resource) @@ -152,7 +157,7 @@ class Chef end end - def action_flush + action :flush do return if disabled?(new_resource) iptables_flush!(new_resource) diff --git a/cookbooks/firewall/libraries/provider_firewall_rule.rb b/cookbooks/firewall/libraries/provider_firewall_rule.rb index 85a27c5..2352cbc 100644 --- a/cookbooks/firewall/libraries/provider_firewall_rule.rb +++ b/cookbooks/firewall/libraries/provider_firewall_rule.rb @@ -21,7 +21,7 @@ class Chef class Provider::FirewallRuleGeneric < Chef::Provider::LWRPBase provides :firewall_rule - def action_create + action :create do return unless new_resource.notify_firewall firewall_resource = Chef.run_context.resource_collection.find(firewall: new_resource.firewall_name) diff --git a/cookbooks/firewall/libraries/provider_firewall_ufw.rb b/cookbooks/firewall/libraries/provider_firewall_ufw.rb index cc1aeb7..ce05904 100644 --- a/cookbooks/firewall/libraries/provider_firewall_ufw.rb +++ b/cookbooks/firewall/libraries/provider_firewall_ufw.rb @@ -3,7 +3,7 @@ # Cookbook:: firewall # Resource:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,7 +29,7 @@ class Chef false end - def action_install + action :install do return if disabled?(new_resource) pkg_ufw = package 'ufw' do @@ -58,7 +58,7 @@ class Chef new_resource.updated_by_last_action(true) if ufw_file.updated_by_last_action? end - def action_restart + action :restart do return if disabled?(new_resource) # ensure it's initialized @@ -99,7 +99,7 @@ class Chef new_resource.updated_by_last_action(true) end - def action_disable + action :disable do return if disabled?(new_resource) ufw_file = lookup_or_create_rulesfile @@ -112,7 +112,7 @@ class Chef new_resource.updated_by_last_action(true) end - def action_flush + action :flush do return if disabled?(new_resource) ufw_reset! diff --git a/cookbooks/firewall/libraries/provider_firewall_windows.rb b/cookbooks/firewall/libraries/provider_firewall_windows.rb index d261f03..a886ec3 100644 --- a/cookbooks/firewall/libraries/provider_firewall_windows.rb +++ b/cookbooks/firewall/libraries/provider_firewall_windows.rb @@ -26,7 +26,7 @@ class Chef false end - def action_install + action :install do return if disabled?(new_resource) svc = service 'MpsSvc' do @@ -39,7 +39,7 @@ class Chef end end - def action_restart + action :restart do return if disabled?(new_resource) # ensure it's initialized @@ -94,7 +94,7 @@ class Chef new_resource.updated_by_last_action(true) end - def action_disable + action :disable do return if disabled?(new_resource) if active? @@ -115,7 +115,7 @@ class Chef end end - def action_flush + action :flush do return if disabled?(new_resource) reset! diff --git a/cookbooks/firewall/libraries/resource_firewall_rule.rb b/cookbooks/firewall/libraries/resource_firewall_rule.rb index 575deef..045a295 100644 --- a/cookbooks/firewall/libraries/resource_firewall_rule.rb +++ b/cookbooks/firewall/libraries/resource_firewall_rule.rb @@ -6,7 +6,6 @@ class Chef resource_name(:firewall_rule) provides(:firewall_rule) - actions(:create) default_action(:create) attribute(:firewall_name, kind_of: String, default: 'default') @@ -20,12 +19,12 @@ class Chef attribute(:direction, kind_of: Symbol, equal_to: [:in, :out, :pre, :post], default: :in) attribute(:logging, kind_of: Symbol, equal_to: [:connections, :packets]) - attribute(:source, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } }) + attribute(:source, kind_of: String, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } }) attribute(:source_port, kind_of: [Integer, Array, Range]) # source port attribute(:interface, kind_of: String) attribute(:port, kind_of: [Integer, Array, Range]) # shorthand for dest_port - attribute(:destination, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } }) + attribute(:destination, kind_of: String, callbacks: { 'must be a valid ip address' => ->(ip) { !!IPAddr.new(ip) } }) attribute(:dest_port, kind_of: [Integer, Array, Range]) attribute(:dest_interface, kind_of: String) diff --git a/cookbooks/firewall/metadata.json b/cookbooks/firewall/metadata.json index f58eaa1..bc10ea3 100644 --- a/cookbooks/firewall/metadata.json +++ b/cookbooks/firewall/metadata.json @@ -1 +1,40 @@ -{"name":"firewall","version":"2.6.5","description":"Provides a set of primitives for managing firewalls and associated rules.","long_description":"firewall Cookbook\n=================\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/firewall.svg?branch=master)](http://travis-ci.org/chef-cookbooks/firewall)\n[![Cookbook Version](https://img.shields.io/cookbook/v/firewall.svg)](https://supermarket.chef.io/cookbooks/firewall)\n\nProvides a set of primitives for managing firewalls and associated rules.\n\nPLEASE NOTE - The resource/providers in this cookbook are under heavy development. An attempt is being made to keep the resource simple/stupid by starting with less sophisticated firewall implementations first and refactor/vet the resource definition with each successive provider.\n\nRequirements\n------------\n**Chef 12.5.x+** is required. We are currently testing against Chef 13. If you need Chef 11 support, please try pinning back to a version less than 2.0, e.g.:\n```\ndepends 'firewall', '< 2.0'\n```\n\n### Supported firewalls and platforms\n* UFW - Ubuntu, Debian\n* IPTables - Red Hat & CentOS, Ubuntu\n* FirewallD - Red Hat & CentOS >= 7.0 (IPv4 only support, [needs contributions/testing](https://github.com/chef-cookbooks/firewall/issues/86))\n* Windows Advanced Firewall - 2012 R2\n\nTested on:\n* Ubuntu 14.04, 16.04 with iptables, ufw\n* Debian 7, 8 with ufw\n* CentOS 6 with iptables\n* CentOS 7.1 with firewalld\n* Windows Server 2012r2 with Windows Advanced Firewall\n\nBy default, Ubuntu chooses ufw. To switch to iptables, set this in an attribute file:\n```\ndefault['firewall']['ubuntu_iptables'] = true\n```\n\nBy default, Red Hat & CentOS >= 7.0 chooses firewalld. To switch to iptables, set this in an attribute file:\n```\ndefault['firewall']['redhat7_iptables'] = true\n```\n\n# Considerations that apply to all firewall providers and resources\n\nThis cookbook comes with two resources, firewall and firewall rule. The typical usage scenario is as follows:\n\n- run the `:install` action on the `firewall` resource named 'default', which installs appropriate packages and configures services to start on boot and starts them\n\n- run the `:create` action on every `firewall_rule` resource, which adds to the list of rules that should be configured on the firewall. `firewall_rule` then automatically sends a delayed notification to the `firewall['default']` resource to run the `:restart` action.\n\n- run the delayed notification with action `:restart` on the `firewall` resource. if any rules are different than the last run, the provider will update the current state of the firewall rules to match the expected rules.\n\nThere is a fundamental mismatch between the idea of a chef action and the action that should be taken on a firewall rule. For this reason, the chef action for a firewall_rule may be `:nothing` (the rule should not be present in the firewall) or `:create` (the rule should be present in the firewall), but the action taken on a packet in a firewall (`DROP`, `ACCEPT`, etc) is denoted as a `command` parameter on the `firewall_rule` resource.\n\n# iptables considerations\n\nIf you need to use a table other than `*filter`, the best way to do so is like so:\n```\nnode.default['firewall']['iptables']['defaults'][:ruleset] = {\n '*filter' => 1,\n ':INPUT DROP' => 2,\n ':FORWARD DROP' => 3,\n ':OUTPUT ACCEPT_FILTER' => 4,\n 'COMMIT_FILTER' => 100,\n '*nat' => 101,\n ':PREROUTING DROP' => 102,\n ':POSTROUTING DROP' => 103,\n ':OUTPUT ACCEPT_NAT' => 104,\n 'COMMIT_NAT' => 200\n}\n```\n\nNote -- in order to support multiple hash keys containing the same rule, anything found after the underscore will be stripped for: `:OUTPUT :INPUT :POSTROUTING :PREROUTING COMMIT`. This allows an example like the above to be reduced to just repeated lines of `COMMIT` and `:OUTPUT ACCEPT` while still avoiding duplication of other things.\n\nThen it's trivial to add additional rules to the `*nat` table using the raw parameter:\n```\nfirewall_rule \"postroute\" do\n raw \"-A POSTROUTING -o eth1 -p tcp -d 172.28.128.21 -j SNAT --to-source 172.28.128.6\"\n position 150\nend\n```\n\nNote that any line starting with `COMMIT` will become just `COMMIT`, as hash\nkeys must be unique but we need multiple commit lines.\n\n# Recipes\n\n### default\nThe default recipe creates a firewall resource with action install.\n\n### disable_firewall\nUsed to disable platform specific firewall. Many clouds have their own firewall configured outside of the OS instance such as AWS Security Groups.\n\n# Attributes\n\n* `default['firewall']['allow_ssh'] = false`, set true to open port 22 for SSH when the default recipe runs\n* `default['firewall']['allow_mosh'] = false`, set to true to open UDP ports 60000 - 61000 for [Mosh][0] when the default recipe runs\n* `default['firewall']['allow_winrm'] = false`, set true to open port 5989 for WinRM when the default recipe runs\n* `default['firewall']['allow_loopback'] = false`, set to true to allow all traffic on the loopback interface\n* `default['firewall']['allow_icmp'] = false`, set true to allow icmp protocol on supported OSes (note: ufw and windows implementations don't support this)\n\n* `default['firewall']['ubuntu_iptables'] = false`, set to true to use iptables on Ubuntu / Debian when using the default recipe\n* `default['firewall']['redhat7_iptables'] = false`, set to true to use iptables on Red Hat / CentOS 7 when using the default recipe\n\n* `default['firewall']['ufw']['defaults']` hash for template `/etc/default/ufw`\n* `default['firewall']['iptables']['defaults']` hash for default policies for 'filter' table's chains`\n\n* `default['firewall']['windows']['defaults']` hash to define inbound / outbound firewall policy on Windows platform\n\n* `default['firewall']['allow_established'] = true`, set to false if you don't want a related/established default rule on iptables\n* `default['firewall']['ipv6_enabled'] = true`, set to false if you don't want IPv6 related/established default rule on iptables (this enables ICMPv6, which is required for much of IPv6 communication)\n\n* `default['firewall']['firewalld']['permanent'] = false`, set to true if you want firewalld rules to be added with `--permanent` so they survive a reboot. This will be changed to `true` by default in a future major version release.\n\n# Resources\n\n### firewall\n\n***NB***: The name 'default' of this resource is important as it is used for firewall_rule providers to locate the firewall resource. If you change it, you must also supply the same value to any firewall_rule resources using the `firewall_name` parameter.\n\n#### Actions\n- `:install` (*default action*): Install and Enable the firewall. This will ensure the appropriate packages are installed and that any services have been started.\n- `:disable`: Disable the firewall. Drop any rules and put the node in an unprotected state. Flush all current rules. Also erase any internal state used to detect when rules should be applied.\n- `:flush`: Flush all current rules. Also erase any internal state used to detect when rules should be applied.\n- `:save`: Ensure all rules are added permanently under firewalld using `--permanent`. Not supported on ufw, iptables. You must notify this action at the end of the chef run if you want permanent firewalld rules (they are not persistent by default).\n\n#### Parameters\n\n- `disabled` (default to `false`): If set to true, all actions will no-op on this resource. This is a way to prevent included cookbooks from configuring a firewall.\n- `ipv6_enabled` (default to `true`): If set to false, firewall will not perform any ipv6 related work. Currently only supported in iptables.\n- `log_level`: UFW only. Level of verbosity the firewall should log at. valid values are: :low, :medium, :high, :full, :off. default is :low.\n- `rules`: This is used internally for firewall_rule resources to append their rules. You should NOT touch this value unless you plan to supply an entire firewall ruleset at once, and skip using firewall_rule resources.\n- `disabled_zone` (firewalld only): The zone to set on firewalld when the firewall should be disabled. Can be any string in symbol form, e.g. :public, :drop, etc. Defaults to `:public.`\n- `enabled_zone` (firewalld only): The zone to set on firewalld when the firewall should be enabled. Can be any string in symbol form, e.g. :public, :drop, etc. Defaults to `:drop.`\n- `package_options`: Used to pass options to the package install of firewall\n\n#### Examples\n\n```ruby\n# all defaults\nfirewall 'default'\n\n# enable platform default firewall\nfirewall 'default' do\n action :install\nend\n\n# increase logging past default of 'low'\nfirewall 'default' do\n log_level :high\n action :install\nend\n```\n\n### firewall_rule\n\n#### Actions\n- `:create` (_default action_): If a firewall_rule runs this action, the rule will be recorded in a chef resource's internal state, and applied when providers automatically notify the firewall resource with action `:reload`. The notification happens automatically.\n\n#### Parameters\n\n- `firewall_name`: the matching firewall resource that this rule applies to. Default value: `default`\n\n- `raw`: Used to pass an entire rule as a string, omitting all other parameters. This line will be directly loaded by `iptables-restore`, fed directly into `ufw` on the command line, or run using `firewall-cmd`.\n\n- `description` (_default: same as rule name_): Used to provide a comment that will be included when adding the firewall rule.\n\n- `include_comment` (_default: true_): Used to optionally exclude the comment in the rule.\n\n- `position` (_default: 50_): **relative** position to insert rule at. Position may be any integer between 0 < n < 100 (exclusive), and more than one rule may specify the same position.\n\n- `command`: What action to take on a particular packet\n\n - `:allow` (_default action_): the rule should allow matching packets\n - `:deny`: the rule should deny matching packets\n - `:reject`: the rule should reject matching packets\n - `:masqerade`: Masquerade the matching packets\n - `:redirect`: Redirect the matching packets\n - `:log`: Configure logging\n\n- `stateful`: a symbol or array of symbols, such as ``[:related, :established]` that will be passed to the state module in iptables or firewalld.\n\n- `protocol`: `:tcp` (_default_), `:udp`, `:icmp`, `:none` or protocol number. Using protocol numbers is not supported using the ufw provider (default for debian/ubuntu systems).\n\n- `direction`: For ufw, direction of the rule. valid values are: `:in` (_default_), `:out`, `:pre`, `:post`.\n\n- `source` (_Default is `0.0.0.0/0` or `Anywhere`_): source ip address or subnet to filter.\n\n- `source_port` (_Default is nil_): source port for filtering packets.\n\n- `destination`: ip address or subnet to filter on packet destination, must be a valid IP\n\n- `port` or `dest_port`: target port number (ie. 22 to allow inbound SSH), or an array of incoming port numbers (ie. [80,443] to allow inbound HTTP & HTTPS).\n\n NOTE: `protocol` attribute is required with multiple ports, or a range of incoming port numbers (ie. 60000..61000 to allow inbound mobile-shell. NOTE: `protocol`, or an attribute is required with a range of ports.\n\n- `interface`: (source) interface to apply rule (ie. `eth0`).\n\n- `dest_interface`: interface where packets may be destined to go\n\n- `redirect_port`: redirected port for rules with command `:redirect`\n\n- `logging`: may be added to enable logging for a particular rule. valid values are: `:connections`, `:packets`. In the ufw provider, `:connections` logs new connections while `:packets` logs all packets.\n\n#### Examples\n\n```ruby\n# open standard ssh port\nfirewall_rule 'ssh' do\n port 22\n command :allow\nend\n\n# open standard http port to tcp traffic only; insert as first rule\nfirewall_rule 'http' do\n port 80\n protocol :tcp\n position 1\n command :allow\nend\n\n# restrict port 13579 to 10.0.111.0/24 on eth0\nfirewall_rule 'myapplication' do\n port 13579\n source '10.0.111.0/24'\n direction :in\n interface 'eth0'\n command :allow\nend\n\n# specify a protocol number (supported on centos/redhat)\nfirewall_rule 'vrrp' do\n protocol 112\n command :allow\nend\n\n# use the iptables provider to specify protocol number on debian/ubuntu\nfirewall_rule 'vrrp' do\n provider Chef::Provider::FirewallRuleIptables\n protocol 112\n command :allow\nend\n\n# can use :raw command with UFW provider for VRRP\nfirewall_rule \"VRRP\" do\n command :allow\n raw \"allow to 224.0.0.18\"\nend\n\n# open UDP ports 60000..61000 for mobile shell (mosh.mit.edu), note\n# that the protocol attribute is required when using port_range\nfirewall_rule 'mosh' do\n protocol :udp\n port 60000..61000\n command :allow\nend\n\n# open multiple ports for http/https, note that the protocol\n# attribute is required when using ports\nfirewall_rule 'http/https' do\n protocol :tcp\n port [80, 443]\n command :allow\nend\n\nfirewall 'default' do\n enabled false\n action :nothing\nend\n```\n\n#### Providers\n\n- See `libraries/z_provider_mapping.rb` for a full list of providers for each platform and version.\n\nDifferent providers will determine the current state of the rules differently -- parsing the output of a command, maintaining the state in a file, or some other way. If the firewall is adjusted from outside of chef (non-idempotent), it's possible that chef may be caught unaware of the current state of the firewall. The best workaround is to add a `:flush` action to the firewall resource as early as possible in the chef run, if you plan to modify the firewall state outside of chef.\n\n# Troubleshooting\n\nTo figure out what the position values are for current rules, print the hash that contains the weights:\n```\nrequire pp\ndefault_firewall = resources(:firewall, 'default')\npp default_firewall.rules\n```\n\n# Development\nThis section details \"quick development\" steps. For a detailed explanation, see [[Contributing.md]].\n\n1. Clone this repository from GitHub:\n\n $ git clone git@github.com:chef-cookbooks/firewall.git\n\n2. Create a git branch\n\n $ git checkout -b my_bug_fix\n\n3. Install dependencies:\n\n $ bundle install\n\n4. Make your changes/patches/fixes, committing appropiately\n5. **Write tests**\n6. Run the tests:\n - `bundle exec foodcritic -f any .`\n - `bundle exec rspec`\n - `bundle exec rubocop`\n - `bundle exec kitchen test`\n\n In detail:\n - Foodcritic will catch any Chef-specific style errors\n - RSpec will run the unit tests\n - Rubocop will check for Ruby-specific style errors\n - Test Kitchen will run and converge the recipes\n\n\n# License & Authors\n\n- Author:: Seth Chisamore ()\n- Author:: Ronald Doorn ()\n- Author:: Martin Smith ()\n- Author:: Sander van Harmelen ()\n\n```text\nCopyright:: 2011-2015, Chef Software, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n\n[0]: https://mosh.mit.edu/\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"centos":">= 0.0.0","debian":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{"chef-sugar":">= 0.0.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/firewall","issues_url":"https://github.com/chef-cookbooks/firewall/issues","chef_version":[[">= 12.5"]],"ohai_version":[]} \ No newline at end of file +{ + "name": "firewall", + "description": "Provides a set of primitives for managing firewalls and associated rules.", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "amazon": ">= 0.0.0", + "centos": ">= 0.0.0", + "debian": ">= 0.0.0", + "ubuntu": ">= 0.0.0", + "windows": ">= 0.0.0" + }, + "dependencies": { + + }, + "providing": { + + }, + "recipes": { + + }, + "version": "6.2.16", + "source_url": "https://github.com/sous-chefs/firewall", + "issues_url": "https://github.com/sous-chefs/firewall/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 15.5" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/firewall/metadata.rb b/cookbooks/firewall/metadata.rb new file mode 100644 index 0000000..297ffa4 --- /dev/null +++ b/cookbooks/firewall/metadata.rb @@ -0,0 +1,15 @@ +name 'firewall' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Provides a set of primitives for managing firewalls and associated rules.' +version '6.2.16' +source_url 'https://github.com/sous-chefs/firewall' +issues_url 'https://github.com/sous-chefs/firewall/issues' +chef_version '>= 15.5' + +supports 'amazon' +supports 'centos' +supports 'debian' +supports 'ubuntu' +supports 'windows' diff --git a/cookbooks/firewall/recipes/default.rb b/cookbooks/firewall/recipes/default.rb index e301313..f992794 100644 --- a/cookbooks/firewall/recipes/default.rb +++ b/cookbooks/firewall/recipes/default.rb @@ -2,7 +2,7 @@ # Cookbook:: firewall # Recipe:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,17 +17,13 @@ # limitations under the License. # -chef_sugar_cookbook_version = Gem::Version.new(run_context.cookbook_collection['chef-sugar'].metadata.version) - -include_recipe 'chef-sugar' if chef_sugar_cookbook_version < Gem::Version.new('4.0.0') - firewall 'default' do ipv6_enabled node['firewall']['ipv6_enabled'] action :install end # create a variable to use as a condition on some rules that follow -iptables_firewall = rhel? || node['firewall']['ubuntu_iptables'] +iptables_firewall = rhel? || amazon_linux? || node['firewall']['ubuntu_iptables'] firewall_rule 'allow loopback' do interface 'lo' @@ -41,7 +37,7 @@ firewall_rule 'allow icmp' do command :allow # debian ufw doesn't allow 'icmp' protocol, but does open # icmp by default, so we skip it in default recipe - only_if { (!debian? || iptables_firewall) && node['firewall']['allow_icmp'] } + only_if { iptables_firewall && node['firewall']['allow_icmp'] } end firewall_rule 'allow world to ssh' do diff --git a/cookbooks/firewall/recipes/disable_firewall.rb b/cookbooks/firewall/recipes/disable_firewall.rb index 330953d..a9cc127 100644 --- a/cookbooks/firewall/recipes/disable_firewall.rb +++ b/cookbooks/firewall/recipes/disable_firewall.rb @@ -2,7 +2,7 @@ # Cookbook:: firewall # Recipe:: disable_firewall # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/firewall/renovate.json b/cookbooks/firewall/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/firewall/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/firewall/resources/firewalld.rb b/cookbooks/firewall/resources/firewalld.rb new file mode 100644 index 0000000..c805ea7 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld.rb @@ -0,0 +1,28 @@ +unified_mode true + +provides :firewalld, + os: 'linux' + +action :install do + chef_gem 'ruby-dbus' + require 'dbus' + package 'firewalld' +end + +action :reload do + service 'firewalld' do + action :reload + end +end + +action :restart do + service 'firewalld' do + action :restart + end +end + +action :disable do + service 'firewalld' do + action [:disable, :stop] + end +end diff --git a/cookbooks/firewall/resources/firewalld_config.rb b/cookbooks/firewall/resources/firewalld_config.rb new file mode 100644 index 0000000..4860a42 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_config.rb @@ -0,0 +1,39 @@ +unified_mode true + +provides :firewalld_config, + os: 'linux' + +property :default_zone, + String, + description: 'Set default zone for connections and interfaces where no zone has been selected to zone. Setting the default zone changes the zone for the connections or interfaces, that are using the default zone.' +property :log_denied, + String, + equal_to: %w(all unicast broadcast multicast off), + description: 'Set LogDenied value to value. If LogDenied is enabled, then logging rules are added right before reject and drop rules in the INPUT, FORWARD and OUTPUT chains for the default rules and also final reject and drop rules in zones.' + +load_current_value do |_new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1'] + interface = firewalld_object['org.fedoraproject.FirewallD1'] + + default_zone interface.getDefaultZone + log_denied interface.getLogDenied +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + + converge_if_changed :default_zone do + fw.setDefaultZone new_resource.default_zone + end + + converge_if_changed :log_denied do + fw.setLogDenied new_resource.log_denied + end +end + +action_class do + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_helpers.rb b/cookbooks/firewall/resources/firewalld_helpers.rb new file mode 100644 index 0000000..44fdeb9 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_helpers.rb @@ -0,0 +1,106 @@ +unified_mode true + +provides :firewalld_helper, + os: 'linux' + +property :version, + String, + default: '', + description: 'see version attribute of helper tag in firewalld.helper(5).' +property :short, + String, + name_property: true, + description: 'see short tag in firewalld.helper(5).' +property :description, + String, + description: 'see description tag in firewalld.helper(5).' +property :family, + String, + equal_to: %w(ipv4 ipv6), + default: 'ipv4', + description: 'see family tag in firewalld.helper(5).' +property :nf_module, + String, + description: 'see module tag in firewalld.helper(5).' +property :ports, + [Array, String], + default: [], + description: 'array of port and protocol pairs. See port tag in firewalld.helper(5).', + coerce: proc { |o| Array(o) } + +load_current_value do |new_resource| + dbus = DBus.system_bus + firewalld_service = dbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getHelperNames.include?(new_resource.short) + helper_path = fw_config.getHelperByName(new_resource.short) + object = firewalld_service[helper_path] + config_helper = object['org.fedoraproject.FirewallD1.config.helper'] + settings = config_helper.getSettings + version settings[0] + # short settings[1] + description settings[2] + family settings[3] + nf_module settings[4] + ports settings[5] + else + Chef::Log.info "Helper #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + fw_config = config_interface(dbus) + helper_names = fw_config.getHelperNames + reload = false + if !helper_names.include?(new_resource.short) + values = [ + new_resource.version, + new_resource.short, + default_description(new_resource), + new_resource.family, + new_resource.nf_module, + new_resource.ports.map { |e| e.split('/') }, + ] + converge_by "Add Helper #{new_resource.short}" do + fw_config.addHelper(new_resource.short, values) + end + reload = true + else + helper_path = fw_config.getHelperByName(new_resource.short) + helper = helper_interface(dbus, helper_path) + converge_if_changed :version do + helper.setVersion new_resource.version + reload = true + end + converge_if_changed :description do + helper.setDescription default_description(new_resource) + reload = true + end + converge_if_changed :family do + helper.setFamily new_resource.family + reload = true + end + converge_if_changed :nf_module do + helper.setModule new_resource.nf_module + reload = true + end + converge_if_changed :ports do + helper.setPorts new_resource.ports.map { |e| e.split('/') } + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_icmptype.rb b/cookbooks/firewall/resources/firewalld_icmptype.rb new file mode 100644 index 0000000..73f83dd --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_icmptype.rb @@ -0,0 +1,88 @@ +unified_mode true + +provides :firewalld_icmptype, + os: 'linux' + +property :version, + String, + default: '', + description: 'see version attribute of icmptype tag in firewalld.icmptype(5).' +property :short, + String, + name_property: true, + description: 'see short tag in firewalld.icmptype(5).' +property :description, + String, + description: 'see description tag in firewalld.icmptype(5).' +property :destinations, + Array, + equal_to: [['ipv4'], ['ipv6'], %w(ipv4 ipv6)], + default: 'ipv4', + description: 'array, either empty or containing strings \'ipv4\' and/or \'ipv6\', see destination tag in firewalld.icmptype(5).', + coerce: proc { |o| Array(o) } + +load_current_value do |new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getIcmpTypeNames.include?(new_resource.short) + icmptype_path = fw_config.getIcmpTypeByName(new_resource.short) + object = firewalld_service[icmptype_path] + config_icmptype = object['org.fedoraproject.FirewallD1.config.icmptype'] + settings = config_icmptype.getSettings + version settings[0] + # short settings[1] + description settings[2] + destinations settings[3] + else + Chef::Log.info "IcmpType #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw_config = config_interface(dbus) + fw = firewalld_interface(dbus) + reload = false + icmptype_names = fw_config.getIcmpTypeNames + if !icmptype_names.include?(new_resource.short) + values = [ + new_resource.version, + new_resource.short, + default_description(new_resource), + new_resource.destinations, + ] + + converge_by "Add IcmpType #{new_resource.short}" do + fw_config.addIcmpType(new_resource.short, values) + end + reload = true + else + icmptype_path = fw_config.getIcmpTypeByName(new_resource.short) + icmptype = icmptype_interface(dbus, icmptype_path) + converge_if_changed :version do + icmptype.setVersion new_resource.version + reload = true + end + converge_if_changed :description do + icmptype.setDescription default_description(new_resource) + reload = true + end + converge_if_changed :destinations do + icmptype.setDestinations new_resource.destinations + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_ipset.rb b/cookbooks/firewall/resources/firewalld_ipset.rb new file mode 100644 index 0000000..afea626 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_ipset.rb @@ -0,0 +1,104 @@ +unified_mode true + +provides :firewalld_ipset, + os: 'linux' + +property :version, + String, + description: 'see version attribute of ipset tag in firewalld.ipset(5).' +property :short, + String, + name_property: true, + description: 'see short tag in firewalld.ipset(5).' +property :description, + String, + description: 'see description tag in firewalld.ipset(5).' +property :type, + String, + default: 'hash:ip', + description: 'see type attribute of ipset tag in firewalld.ipset(5).', + equal_to: + %w(hash:ip hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net hash:mac hash:net hash:net,iface hash:net,net hash:net,port hash:net,port,net) +property :options, + Hash, + description: 'hash of {option : value} . See options tag in firewalld.ipset(5).' +property :entries, + [Array, String], + description: 'array of entries, see entry tag in firewalld.ipset(5).', + coerce: proc { |o| Array(o) } + +load_current_value do |new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getIPSetNames.include?(new_resource.short) + ipset_path = fw_config.getIPSetByName(new_resource.short) + object = firewalld_service[ipset_path] + config_ipset = object['org.fedoraproject.FirewallD1.config.ipset'] + settings = config_ipset.getSettings + version settings[0] + # short settings[1] + description settings[2] + type settings[3] + options settings[4] + entries settings[5] + else + Chef::Log.info "Ipset #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + fw_config = config_interface(dbus) + reload = false + if !fw_config.getIPSetNames.include?(new_resource.short) + values = [ + new_resource.version || '', + new_resource.short, + default_description(new_resource), + new_resource.type, + new_resource.options || {}, + new_resource.entries, + ] + converge_by "Add ipset #{new_resource.short}" do + fw_config.addIPSet(new_resource.short, values) + end + reload = true + else + ipset_path = fw_config.getIPSetByName(new_resource.short) + ipset = ipset_interface(dbus, ipset_path) + converge_if_changed :version do + ipset.setVersion new_resource.version + reload = true + end + converge_if_changed :description do + ipset.setDescriptions default_description(new_resource) + reload = true + end + converge_if_changed :type do + ipset.setType new_resource.type + reload = true + end + converge_if_changed :options do + ipset.setOptions(new_resource.options || {}) + reload = true + end + converge_if_changed :entries do + ipset.setEntries new_resource.entries + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_policy.rb b/cookbooks/firewall/resources/firewalld_policy.rb new file mode 100644 index 0000000..985d29c --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_policy.rb @@ -0,0 +1,115 @@ +unified_mode true + +provides :firewalld_policy, + os: 'linux' + +property :description, + String, + description: 'see description tag in firewalld.policy(5).' +property :egress_zones, + [Array, String], + description: 'array of zone names. See egress-zone tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :forward_ports, + [Array, String], + description: 'array of `portid[-portid]:proto=protocol[:toport=portid[-portid]][:toaddr=address[/mask]]`. See forward-port tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :icmp_blocks, + [Array, String], + description: 'array of icmp-blocks. See icmp-block tag in firewalld.policy(5).' +property :ingress_zones, + [Array, String], + description: 'array of zone names. See ingress-zone tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :masquerade, + [true, false], + description: 'see masquerade tag in firewalld.policy(5).' +property :ports, + [Array, String], + description: 'array of port and protocol pairs. See port tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :priority, + Integer, + description: 'see priority tag in firewalld.policy(5).' +property :protocols, + [Array, String], + description: 'array of protocols, see protocol tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :rich_rules, + [Array, String], + description: 'array of rich-language rules. See rule tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :services, + [Array, String], + description: 'array of service names, see service tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :short, + String, + description: 'see short tag in firewalld.policy(5).', + name_property: true +property :source_ports, + [Array, String], + description: 'array of port and protocol pairs. See source-port tag in firewalld.policy(5).', + coerce: proc { |o| Array(o) } +property :target, + String, + description: 'see target attribute of policy tag in firewalld.policy(5).' +property :version, + String, + description: 'see version attribute of policy tag in firewalld.policy(5).' + +load_current_value do |new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getPolicyNames.include?(new_resource.short) + policy_path = fw_config.getPolicyByName(new_resource.short) + object = firewalld_service[policy_path] + config_policy = object['org.fedoraproject.FirewallD1.config.policy'] + config_policy.getSettings.each do |k, v| + send(k, v) + end + else + Chef::Log.info "Zone #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + fw_config = config_interface(dbus) + reload = false + + unless fw_config.getPolicyNames.include?(new_resource.short) + fw_config.addPolicy(new_resource.short, {}) + end + policy_path = fw_config.getPolicyByName(new_resource.short) + policy = policy_interface(dbus, policy_path) + properties = new_resource.class.state_properties.map(&:name) + properties.each do |property| + new_value = new_resource.send(property) + next if new_value.nil? + if [:ports, :source_ports].include?(property) + new_value = DBus.variant('a(ss)', new_value.map { |e| e.split('/') }) + elsif [:forward_ports].include?(property) + new_value = forward_ports_to_dbus(new_resource) + elsif [:priority].include?(property) + new_value = DBus.variant('i', new_value) + end + converge_if_changed property do + policy.update({ property.to_s => new_value }) + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_service.rb b/cookbooks/firewall/resources/firewalld_service.rb new file mode 100644 index 0000000..4479125 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_service.rb @@ -0,0 +1,98 @@ +unified_mode true + +provides :firewalld_service, + os: 'linux' + +property :version, + String, + description: 'see version attribute of service tag in firewalld.service(5).' +property :short, + String, + name_property: true, + description: 'see short tag in firewalld.service(5).' +property :description, + String, + description: 'see description tag in firewalld.service(5).' +property :ports, + [Array, String], + description: 'array of port and protocol pairs. See port tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } +property :module_names, + [Array, String], + description: 'array of kernel netfilter helpers, see module tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } +property :destination, + Hash, + description: 'hash of {IP family : IP address} where \'IP family\' key can be either \'ipv4\' or \'ipv6\'. See destination tag in firewalld.service(5).' +property :protocols, + [Array, String], + description: 'array of protocols, see protocol tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } +property :source_ports, + [Array, String], + description: 'array of port and protocol pairs. See source-port tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } +property :includes, + [Array, String], + description: 'array of service includes, see include tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } +property :helpers, + [Array, String], + description: 'array of service helpers, see helper tag in firewalld.service(5).', + coerce: proc { |o| Array(o) } + +load_current_value do |new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getServiceNames.include?(new_resource.short) + service_path = fw_config.getServiceByName(new_resource.short) + object = firewalld_service[service_path] + config_service = object['org.fedoraproject.FirewallD1.config.service'] + config_service.getSettings2.each do |k, v| + send(k, v) + end + else + Chef::Log.info "Service #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + fw_config = config_interface(dbus) + reload = false + unless fw_config.getServiceNames.include?(new_resource.short) + fw_config.addService2(new_resource.short, {}) + end + + service_path = fw_config.getServiceByName(new_resource.short) + service = service_interface(dbus, service_path) + properties = new_resource.class.state_properties.map(&:name) + properties.each do |property| + new_value = new_resource.send(property) + next unless new_value + if [:ports, :source_ports].include?(property) + new_value = DBus.variant('a(ss)', new_value.map { |e| e.split('/') }) + elsif property == :description + new_value = default_description(new_resource) + end + converge_if_changed property do + key = property == :short ? 'name' : property.to_s + service.update2({ key => new_value }) + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/firewalld_zone.rb b/cookbooks/firewall/resources/firewalld_zone.rb new file mode 100644 index 0000000..d484172 --- /dev/null +++ b/cookbooks/firewall/resources/firewalld_zone.rb @@ -0,0 +1,118 @@ +unified_mode true + +provides :firewalld_zone, + os: 'linux' + +property :description, + String, + description: 'see description tag in firewalld.zone(5).' +property :forward, + [true, false], + description: 'see forward tag in firewalld.zone(5).' +property :forward_ports, + [Array, String], + description: 'array of (port, protocol, to-port, to-addr). See forward-port tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :icmp_block_inversion, + [true, false], + description: 'see icmp-block-inversion tag in firewalld.zone(5).' +property :icmp_blocks, + [Array, String], + description: 'array of icmp-blocks. See icmp-block tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :interfaces, + [Array, String], + description: 'array of interfaces. See interface tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :masquerade, + [true, false], + description: 'see masquerade tag in firewalld.zone(5).' +property :ports, + [Array, String], + description: 'array of port and protocol pairs. See port tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :protocols, + [Array, String], + description: 'array of protocols, see protocol tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :rules_str, + [Array, String], + description: 'array of rich-language rules. See rule tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :services, + [Array, String], + description: 'array of service names, see service tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :short, + String, + name_property: true, + description: 'see short tag in firewalld.zone(5).' +property :source_ports, + [Array, String], + description: 'array of port and protocol pairs. See source-port tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :sources, + [Array, String], + description: 'array of source addresses. See source tag in firewalld.zone(5).', + coerce: proc { |o| Array(o) } +property :target, + String, + description: 'see target attribute of zone tag in firewalld.zone(5).' +property :version, + String, + description: 'see version attribute of zone tag in firewalld.zone(5).' + +load_current_value do |new_resource| + sysbus = DBus.system_bus + firewalld_service = sysbus['org.fedoraproject.FirewallD1'] + firewalld_object = firewalld_service['/org/fedoraproject/FirewallD1/config'] + fw_config = firewalld_object['org.fedoraproject.FirewallD1.config'] + if fw_config.getZoneNames.include?(new_resource.short) + zone_path = fw_config.getZoneByName(new_resource.short) + object = firewalld_service[zone_path] + config_zone = object['org.fedoraproject.FirewallD1.config.zone'] + config_zone.getSettings2.each do |k, v| + send(k, v) + end + else + Chef::Log.info "Zone #{new_resource.short} does not exist. Will be created." + end +end + +action :update do + dbus = DBus.system_bus + fw = firewalld_interface(dbus) + fw_config = config_interface(dbus) + + unless fw_config.getZoneNames.include?(new_resource.short) + fw_config.addZone2(new_resource.short, {}) + end + zone_path = fw_config.getZoneByName(new_resource.short) + zone = zone_interface(dbus, zone_path) + + reload = false + properties = new_resource.class.state_properties.map(&:name) + properties.each do |property| + new_value = new_resource.send(property) + next unless new_value + if [:ports, :source_ports].include?(property) + new_value = DBus.variant('a(ss)', new_value.map { |e| e.split('/') }) + elsif [:forward_ports].include?(property) + new_value = forward_ports_to_dbus(new_resource) + end + converge_if_changed property do + zone.update2({ property.to_s => new_value }) + reload = true + end + end + + if reload + converge_by ['reload permanent configuration of firewalld'] do + fw.reload + end + end +end + +action_class do + include FirewallCookbook::Helpers::FirewalldDBus +end diff --git a/cookbooks/firewall/resources/nftables.rb b/cookbooks/firewall/resources/nftables.rb new file mode 100644 index 0000000..7ddb3a2 --- /dev/null +++ b/cookbooks/firewall/resources/nftables.rb @@ -0,0 +1,71 @@ +unified_mode true + +include FirewallCookbook::Helpers +include FirewallCookbook::Helpers::Nftables + +provides :nftables, + os: 'linux' + +property :rules, + Hash, + default: {} +property :input_policy, + String, + equal_to: %w(drop accept), + default: 'accept' +property :output_policy, + String, + equal_to: %w(drop accept), + default: 'accept' +property :forward_policy, + String, + equal_to: %w(drop accept), + default: 'accept' +property :table_ip_nat, + [true, false], + default: false +property :table_ip6_nat, + [true, false], + default: false +property :nftables_conf_path, String, + description: 'nftables.conf filepath', + default: lazy { default_nftables_conf_path } + +action :install do + package 'nftables' do + action :install + notifies :rebuild, "nftables[#{new_resource.name}]" + end +end + +action :rebuild do + ensure_default_rules_exist(new_resource) + + file new_resource.nftables_conf_path do + content <<~NFT + #!/usr/sbin/nft -f + flush ruleset + #{build_rule_file(new_resource.rules)} + NFT + mode '0750' + owner 'root' + group 'root' + notifies :restart, 'service[nftables]' + end + + service 'nftables' do + action [:enable, :start] + end +end + +action :restart do + service 'nftables' do + action :restart + end +end + +action :disable do + service 'nftables' do + action [:disable, :stop] + end +end diff --git a/cookbooks/firewall/resources/nftables_rule.rb b/cookbooks/firewall/resources/nftables_rule.rb new file mode 100644 index 0000000..89c12a8 --- /dev/null +++ b/cookbooks/firewall/resources/nftables_rule.rb @@ -0,0 +1,113 @@ +unified_mode true + +require 'ipaddr' + +action_class do + include FirewallCookbook::Helpers + include FirewallCookbook::Helpers::Nftables + + def return_early?(new_resource) + !new_resource.notify_firewall || + !(new_resource.action.include?(:create) && + !new_resource.should_skip?(:create)) + end +end + +provides :nftables_rule +default_action :create + +property :firewall_name, + String, + default: 'default' +property :command, + [Array, Symbol], + default: :accept +property :protocol, + [Integer, Symbol], + default: :tcp, + callbacks: { + 'must be either :tcp, :udp, :icmp, :\'ipv6-icmp\', :icmpv6, :none, or a valid IP protocol number' => lambda do |p| + %i(udp tcp icmp icmpv6 ipv6-icmp esp ah ipv6 none).include?(p) || (0..142).include?(p) + end, + } +property :direction, + Symbol, + equal_to: [:in, :out, :pre, :post, :forward], + default: :in +# nftables handles ip6 and ip simultaneously. Except for directions +# :pre and :post, where where either :ip6 or :ip must be specified. +# callback should prevent from mixing that up. +property :family, + Symbol, + equal_to: [:ip6, :ip], + default: :ip +property :source, + [String, Array], + callbacks: { + 'must be a valid ip address' => lambda do |ips| + Array(ips).inject(false) do |a, ip| + a || !!IPAddr.new(ip) + end + end, + } +property :sport, + [Integer, String, Array, Range] +property :interface, + String + +property :dport, + [Integer, String, Array, Range] +property :destination, + [String, Array], + callbacks: { + 'must be a valid ip address' => lambda do |ips| + Array(ips).inject(false) do |a, ip| + a || !!IPAddr.new(ip) + end + end, + } +property :outerface, + String + +property :position, + Integer, + default: 50 +property :stateful, + [Symbol, Array] +property :redirect_port, + Integer +property :description, + String, + name_property: true +property :include_comment, + [true, false], + default: true +property :log_prefix, + String +property :log_group, + Integer +# for when you just want to pass a raw rule +property :raw, + String + +# do you want this rule to notify the firewall to recalculate +# (and potentially reapply) the firewall_rule(s) it finds? +property :notify_firewall, + [true, false], + default: true + +action :create do + return if return_early?(new_resource) + fwr = build_firewall_rule(new_resource) + + with_run_context :root do + edit_resource!('nftables', new_resource.firewall_name) do |fw_rule| + r = rules.dup || {} + r.merge!({ + fwr => fw_rule.position, + }) + rules(r) + delayed_action :rebuild + end + end +end diff --git a/cookbooks/homebrew/.markdownlint-cli2.yaml b/cookbooks/homebrew/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/homebrew/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/homebrew/CHANGELOG.md b/cookbooks/homebrew/CHANGELOG.md index b63b898..d179af1 100644 --- a/cookbooks/homebrew/CHANGELOG.md +++ b/cookbooks/homebrew/CHANGELOG.md @@ -2,6 +2,177 @@ This file is used to list changes made in each version of the homebrew cookbook. +## 5.4.1 - *2023-06-01* + +## 5.4.0 - *2023-04-24* + +- Add temporary sudoers entry to fix homebrew installation + +## 5.3.8 - *2023-04-16* + +Standardise files with files in sous-chefs/repo-management + +## 5.3.7 - *2023-04-04* + +- Sous Chefs adoption +- Update lint-unit workflow to 2.0.2 +- Set unified_mode for all resources + - Require Chef 15.3+ for unified_mode +- Standardise files with files in sous-chefs/repo-management + +## 5.3.6 - *2023-04-01* + +- Standardise files with files in sous-chefs/repo-management + +## 5.3.5 - *2023-03-02* + +- Standardise files with files in sous-chefs/repo-management + +## 5.3.4 - *2023-02-20* + +- Standardise files with files in sous-chefs/repo-management + +## 5.3.4 - *2023-02-20* + +- Standardise files with files in sous-chefs/repo-management + +## 5.3.3 - *2023-02-14* + +- Standardise files with files in sous-chefs/repo-management + +## 5.3.2 - *2022-12-15* + +- Standardise files with files in sous-chefs/repo-management +- Fix workflow CI + +## 5.3.1 - *2022-02-10* + +- Standardise files with files in sous-chefs/repo-management +- Remove delivery folder + +## 5.3.0 - *2021-12-21* + +- Update to support Apple M1 silicon (arm64) Homebrew install location (`/opt/homebrew`) + - Add HomebrewWrapper.repository_path() for homebrew_tap resource idempotency + - Add HomebrewWrapper.repository_path() helper for Apple M1 silicon (arm64) + - Remove deprecated `--full` option for Homebrew (Breaking upstream CLI change!) + - Add chefspec tests for Apple M1 silicon Homebrew path helper + - Add InSpec tests for macOS M1 / arm64 and x86_64 + - Set `use_sudo: false` for InSpec tests to work properly + - Convert hardcoded /usr/local to use install_path() for M1 /opt/homebrew support + - Add Homebrew.install_path() helper for Apple M1 silicon (arm64) + +## 5.2.2 - *2021-08-30* + +- Standardise files with files in sous-chefs/repo-management + +## 5.2.1 - *2021-06-01* + +- Standardise files with files in sous-chefs/repo-management + +## 5.2.0 - *2021-01-24* + +- Sous Chefs Adoption +- Standardise files with files in sous-chefs/repo-management + +## 5.1.1 (2021-01-04) + +- Update to use --cask instead of cask command for compatibility with newer homebrew releases- [@tas50](https://github.com/tas50) +- resolved cookstyle error: resources/cask.rb:23:1 warning: `ChefDeprecations/ResourceUsesOnlyResourceName` +- resolved cookstyle error: resources/tap.rb:23:1 warning: `ChefDeprecations/ResourceUsesOnlyResourceName` + +## 5.1.0 (2020-05-15) + +- Rename the kitchen config - [@tas50](https://github.com/tas50) +- Cookstyle fixes - [@tas50](https://github.com/tas50) +- OS X -> macOS in the readme - [@tas50](https://github.com/tas50) +- Require Chef 12.15+ - [@tas50](https://github.com/tas50) +- Update default install script from ruby to bash - [@bbros-dev](https://github.com/bbros-dev) +- Resole chefspec failures - [@tas50](https://github.com/tas50) + +## 5.0.8 (2018-10-04) + +- Updates homebrew cask tap to homebrew/cask +- Updates URLs to the homebrew cask repository + +## 5.0.7 (2018-09-26) + +- Fix cask resource running each chef-client run + +## 5.0.6 (2018-09-26) + +- Avoid CHEF-25 Deprecation warnings by making the tap/cask resources no-ops on modern chef-client releases + +## 5.0.5 (2018-09-04) + +- Update name of macos in kitchen config +- Add deprecation notice for the homebrew_tap and homebrew_cask resources. These resources are now built into Chef 14 and they will be removed from this cookbook when Chef 13 goes EOL, April 2019. + +## 5.0.4 (2018-03-16) + +- Fix backwards logic in the cask install action + +## 5.0.3 (2018-03-09) + +- Resolve method missing errors in the library + +## 5.0.2 (2018-03-09) + +- Remove some legacy logic around the Chef Homebrew user module +- Use lazy to prevent compilation failures on non-macOS platforms + +## 5.0.1 (2018-03-08) + +- Added a cask_name and tap_name property to the cask/tap resources. These are name_properties which allow you to set the tap/cask name to something other than the resources name. Handy for avoiding resource cloning. + +## 5.0.0 (2018-03-08) + +- Added a new homebrew_path property to cask/tap for the homebrew binary +- Added a new owner property to cash/tap for setting the homebrew owner +- Converted execute resources in the resources to converge_by and shellout to provide better converge messaging in line with other core Chef resources= +- Renamed the :uninstall action in the cask resource to :remove. This aligns with other chef package resources. The previous action will continue to function. +- Fully documented the resource actions and properties in the readme +- Removed deprecated taps out of the test recipe +- Removed the ChefSpec matchers that are now autogenerated by ChefSpec in modern releases of ChefDK. If this causes failures you need to upgrade ChefDK + +## 4.3.0 (2018-01-13) + +- Allow Cask name to be scoped to tap +- Disable Foodcrtiic's FC108 since it doesn't apply here +- Automatically install caskroom/cask in the cask resource. This eliminates the need for the cask recipe. +- Resolve Chef 14 deprecation warnings + +## 4.2.2 (2018-01-13) + +- Fix failures in the cask resource +- Improve inspec output for file mode test + +## 4.2.1 (2018-01-13) + +- Remove double shellout from a bad merge +- Test on modern macOS releases +- Use full file modes throughout the recipes +- Add 2 retries for downloading the homebrew script in case it fails + +## 4.2.0 (2017-05-30) + +- Remove class_eval and require Chef 12.7+ + +## 4.1.0 (2017-04-25) + +- Extend the tap resource to use the --full option. See the readme for details and examples + +## 4.0.0 (2017-04-19) + +- Convert the tap and cask resources from LWRPs to custom resources which simplifies the code and fixes an incompatibility with Chef 13 +- Uses the homebrew_owner as the user to check if a cask has been casked +- Fixed the location of the tap dir to properly prevent trying to install a tap twice +- Refactor the mixin to be a simpler helper that is easier to test +- Resolved failures in the Chefspecs on Travis +- Test with Local Delivery and not Rake +- Use standardize Apache 2 license string +- Only check if homebrew exists once in the default recipe + ## 3.0.0 (2016-12-19) - The homebrew package provider has been removed from this cookbook. It ships with Chef 12.0+. This cookbook now requires a minimum of Chef 12.1 or later. @@ -134,7 +305,7 @@ Bug Fixes: ## v1.7.0 (2014-06-26) -# 38 - Add homebrew::cask recipe +- Add homebrew::cask recipe (#38) ## v1.6.6 (2014-05-29) @@ -169,13 +340,13 @@ Bug Fixes: ### Bug -- **[COOK-3589](https://tickets.chef.io/browse/COOK-3589)** - Add homebrew as the default package manager on OS X Server +- [COOK-3589] - Add homebrew as the default package manager on OS X Server ## v1.4.0 ### Bug -- **[COOK-3283](https://tickets.chef.io/browse/COOK-3283)** - Support running homebrew cookbook as root user, with sudo, or a non-privileged user +- [COOK-3283] - Support running homebrew cookbook as root user, with sudo, or a non-privileged user ## v1.3.2 diff --git a/cookbooks/homebrew/CONTRIBUTING.md b/cookbooks/homebrew/CONTRIBUTING.md deleted file mode 100644 index ef2f2b8..0000000 --- a/cookbooks/homebrew/CONTRIBUTING.md +++ /dev/null @@ -1,2 +0,0 @@ -Please refer to -https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD diff --git a/cookbooks/homebrew/LICENSE b/cookbooks/homebrew/LICENSE new file mode 100644 index 0000000..8f71f43 --- /dev/null +++ b/cookbooks/homebrew/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/cookbooks/homebrew/MAINTAINERS.md b/cookbooks/homebrew/MAINTAINERS.md deleted file mode 100644 index 645ed14..0000000 --- a/cookbooks/homebrew/MAINTAINERS.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Tim Smith](https://github.com/tas50) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) diff --git a/cookbooks/homebrew/README.md b/cookbooks/homebrew/README.md index b87382a..fe82ad7 100644 --- a/cookbooks/homebrew/README.md +++ b/cookbooks/homebrew/README.md @@ -1,9 +1,19 @@ # Homebrew Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/homebrew.svg?branch=master)](http://travis-ci.org/chef-cookbooks/homebrew) [![Cookbook Version](https://img.shields.io/cookbook/v/homebrew.svg)](https://supermarket.chef.io/cookbooks/homebrew) +[![Cookbook Version](https://img.shields.io/cookbook/v/homebrew.svg)](https://supermarket.chef.io/cookbooks/homebrew) +[![CI State](https://github.com/sous-chefs/homebrew/workflows/ci/badge.svg)](https://github.com/sous-chefs/homebrew/actions?query=workflow%3Aci) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) This cookbook installs [Homebrew](http://brew.sh/) and provides resources for working with taps and casks +Note: The `homebrew_tap` and `homebrew_cask` resources shipped in Chef 14.0. When Chef 15.0 is released in April 2019 these resources will be removed from this cookbook as all users should be on 14.0 or later. + +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + ## Requirements ### Platforms @@ -12,59 +22,52 @@ This cookbook installs [Homebrew](http://brew.sh/) and provides resources for wo ### Chef -- Chef 12.1+ +- Chef 12.7+ ### Cookbooks - none -## Attributes - -- `node['homebrew']['owner']` - The user that will own the Homebrew installation and packages. Setting this will override the default behavior which is to use the non-privileged user that has invoked the Chef run (or the `SUDO_USER` if invoked with sudo). The default is `nil`. -- `node['homebrew']['auto-update']` - Whether the default recipe should automatically update Homebrew each run or not. The default is `true` to maintain compatibility. Set to false or nil to disable. Note that disabling this feature may cause formula to not work. -- `node['homebrew']['formulas']` - An Array of formula that should be installed using Homebrew by default, used only in the `homebrew::install_formulas` recipe. - - - To install the most recent version, include just the recipe name: `- simple_formula` - - To install a specific version, specify both its name and version: - - ``` - - name: special-version-formula - version: 1.2.3 - ``` - - - To install the HEAD of a formula, specify both its name and `head: true`: - - ``` - - name: head-tracking-formula - head: true - ``` - - - To provide other options, specify both its name and options - - ``` - - name: formula-with-options - options: --with-option-1 --with-other-option - ``` - -- `node['homebrew']['casks']` - An Array of casks that should be installed using brew cask by default, used only in the `homebrew::install_casks` recipe. - -- `node['homebrew']['taps']` - An Array of taps that should be installed using brew tap by default, used only in the `homebrew::install_taps` recipe. - -## Resources (provider) +## Resources ### homebrew_tap -LWRP for `brew tap`, a Homebrew command used to add additional formula repositories. From the `brew` man page: +Resource for `brew tap`, a Homebrew command used to add additional formula repositories. From the `brew` man page: ```text -tap [tap] - Tap a new formula repository from GitHub, or list existing taps. +brew tap [--full] user/repo [URL] + Tap a formula repository. - tap is of the form user/repo, e.g. brew tap homebrew/dupes. + With URL unspecified, taps a formula repository from GitHub using HTTPS. + Since so many taps are hosted on GitHub, this command is a shortcut for + tap user/repo https://github.com/user/homebrew-repo. + + With URL specified, taps a formula repository from anywhere, using + any transport protocol that git handles. The one-argument form of tap + simplifies but also limits. This two-argument command makes no + assumptions, so taps can be cloned from places other than GitHub and + using protocols other than HTTPS, e.g., SSH, GIT, HTTP, FTP(S), RSYNC. + + By default, the repository is cloned as a shallow copy (--depth=1), but + if --full is passed, a full clone will be used. To convert a shallow copy + to a full copy, you can retap passing --full without first untapping. ``` Default action is `:tap` which enables the repository. Use `:untap` to disable a tapped repository. +#### Actions + +- `:tap` (default) - Add a tap +- `:untap` - Remove a tap + +#### Properties + +- `:tap_name` - Optional name property to override the resource name value +- `:url` - Optional URL to the tap +- `:full` - Perform a full clone rather than a shallow clone on the tap (default: false) +- `:homebrew_path` - the path to the homebrew binary (default: '/opt/homebrew/bin/brew') +- `:owner` - the owner of the homebrew installation (default: calculated based on existing files) + #### Examples ```ruby @@ -73,75 +76,114 @@ homebrew_tap 'homebrew/dupes' homebrew_tap 'homebrew/dupes' do action :untap end + +homebrew_tap "Let's install homebrew/dupes" do + tap_name 'homebrew/dupes' + url 'https://github.com/homebrew/homebrew-dupes.git' + full true +end ``` ### homebrew_cask -LWRP for `brew cask`, a Homebrew-style CLI workflow for the administration of Mac applications distributed as binaries. It's implemented as a homebrew "external command" called cask. +Resource for `brew cask`, a Homebrew-style CLI workflow for the administration of Mac applications distributed as binaries. It's implemented as a homebrew "external command" called cask. -[homebrew-cask on GitHub](https://github.com/caskroom/homebrew-cask) +[homebrew-cask on GitHub](https://github.com/Homebrew/homebrew-cask) -#### Prerequisites +#### Actions -You must have the homebrew-cask repository tapped. +- `:install` (default) - install an Application +- `:remove` - remove an Application. + +#### Properties + +- `:cask_name` - Optional name property to override the resource name value +- `:options` - options to pass to the brew CLI during installation +- `:install_cask` - auto install cask tap if necessary (default: true) +- `:homebrew_path` - the path to the homebrew binary (default: '/opt/homebrew/bin/brew') +- `:owner` - the owner of the homebrew installation (default: calculated based on existing files) + +#### Examples ```ruby -homebrew_tap 'caskroom/cask' -``` +homebrew_cask 'google-chrome' -And then install the homebrew cask package before using this LWRP. - -```ruby -package "brew-cask" do - action :install - end -``` - -You can include the `homebrew::cask` recipe to do this. - -### Examples - -```ruby -homebrew_cask "google-chrome" - -homebrew_cask "google-chrome" do - action :uncask +homebrew_cask "Let's remove google-chrome" do + cask_name 'google-chrome' + install_cask false + action :remove end ``` -Default action is `:cask` which installs the Application binary . Use `:uncask` to uninstall a an Application. +[View the list of available Casks](https://github.com/Homebrew/homebrew-cask/tree/master/Casks) -[View the list of available Casks](https://github.com/caskroom/homebrew-cask/tree/master/Casks) +## Attributes -# Usage +- `node['homebrew']['owner']` - The user that will own the Homebrew installation and packages. Setting this will override the default behavior which is to use the non-privileged user that has invoked the Chef run (or the `SUDO_USER` if invoked with sudo). The default is `nil`. +- `node['homebrew']['auto-update']` - Whether the default recipe should automatically update Homebrew each run or not. The default is `true` to maintain compatibility. Set to false or nil to disable. Note that disabling this feature may cause formula to not work. +- `node['homebrew']['formulas']` - An Array of formula that should be installed using Homebrew by default, used only in the `homebrew::install_formulas` recipe. -We strongly recommend that you put "recipe[homebrew]" in your node's run list, to ensure that it is available on the system and that Homebrew itself gets installed. Putting an explicit dependency in the metadata will cause the cookbook to be downloaded and the library loaded, thus resulting in changing the package provider on Mac OS X, so if you have systems you want to use the default (Mac Ports), they would be changed to Homebrew. + - To install the most recent version, include just the recipe name: `- simple_formula` + - To install a specific version, specify both its name and version: -The default recipe also ensures that Homebrew is installed and up to date if the auto update attribute (above) is true (default). + ```yaml + - name: special-version-formula + version: 1.2.3 + ``` -## License and Authors + - To install the HEAD of a formula, specify both its name and `head: true`: -This cookbook is maintained by CHEF. The original author, maintainer and copyright holder is Graeme Mathieson. The cookbook remains licensed under the Apache License version 2. + ```yaml + - name: head-tracking-formula + head: true + ``` -[Original blog post by Graeme](https://woss.name/articles/converging-your-home-directory-with-chef/) + - To provide other options, specify both its name and options -Author:: Graeme Mathieson ([mathie@woss.name](mailto:mathie@woss.name)) + ```yaml + - name: formula-with-options + options: --with-option-1 --with-other-option + ``` -Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io)) +- `node['homebrew']['casks']` - An Array of casks that should be installed using brew cask by default, used only in the `homebrew::install_casks` recipe. -```text -Copyright:: 2011, Graeme Mathieson -Copyright:: 2012-2016, Chef Software, Inc. +- `node['homebrew']['taps']` - An Array of taps that should be installed using brew tap by default, used only in the `homebrew::install_taps` recipe. For example: -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + ```ruby + [ + 'homebrew/science', + # 'tap' is the only required key for the Hash + { 'tap' => 'homebrew/dupes', 'url' => 'https://github.com', 'full' => true } + ] + ``` - http://www.apache.org/licenses/LICENSE-2.0 +## Usage -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +We strongly recommend that you put "recipe[homebrew]" in your node's run list, to ensure that it is available on the system and that Homebrew itself gets installed. Putting an explicit dependency in the metadata will cause the cookbook to be downloaded and the library loaded, thus resulting in changing the package provider on macOS, so if you have systems you want to use the default (Mac Ports), they would be changed to Homebrew. + +The default recipe also ensures that Homebrew is installed and up to date if the auto-update attribute (above) is true (default). + +## Contributors + +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) + +### Backers + +Thank you to all our backers! + +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) + +### Sponsors + +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/cookbooks/homebrew/attributes/default.rb b/cookbooks/homebrew/attributes/default.rb index 67245a6..e60aca7 100644 --- a/cookbooks/homebrew/attributes/default.rb +++ b/cookbooks/homebrew/attributes/default.rb @@ -4,7 +4,7 @@ # Cookbook:: homebrew # Attributes:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,6 +24,6 @@ default['homebrew']['auto-update'] = true default['homebrew']['casks'] = [] default['homebrew']['formulas'] = node['homebrew']['formula'] || [] default['homebrew']['taps'] = [] -default['homebrew']['installer']['url'] = 'https://raw.githubusercontent.com/Homebrew/install/master/install' +default['homebrew']['installer']['url'] = 'https://raw.githubusercontent.com/Homebrew/install/master/install.sh' default['homebrew']['installer']['checksum'] = nil default['homebrew']['enable-analytics'] = true diff --git a/cookbooks/homebrew/chefignore b/cookbooks/homebrew/chefignore new file mode 100644 index 0000000..a27b0b2 --- /dev/null +++ b/cookbooks/homebrew/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen*.yml +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/homebrew/libraries/helpers.rb b/cookbooks/homebrew/libraries/helpers.rb new file mode 100644 index 0000000..1699163 --- /dev/null +++ b/cookbooks/homebrew/libraries/helpers.rb @@ -0,0 +1,99 @@ +# +# Author:: Joshua Timberman () +# Author:: Graeme Mathieson () +# Cookbook:: homebrew +# Library:: helpers +# +# Copyright:: 2011-2019, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +class HomebrewUserWrapper + require 'chef/mixin/homebrew_user' + include Chef::Mixin::HomebrewUser +end + +module Homebrew + extend self + + require 'mixlib/shellout' + include Chef::Mixin::ShellOut + + def self.included(base) + base.extend(Homebrew) + end + + def install_path + arm64_test = shell_out('sysctl -n hw.optional.arm64') + if arm64_test.stdout.chomp == '1' + '/opt/homebrew' + else + '/usr/local' + end + end + + def repository_path + arm64_test = shell_out('sysctl -n hw.optional.arm64') + if arm64_test.stdout.chomp == '1' + '/opt/homebrew' + else + '/usr/local/Homebrew' + end + end + + def exist? + Chef::Log.debug('Checking to see if the homebrew binary exists') + ::File.exist?("#{HomebrewWrapper.new.install_path}/bin/brew") + end + + def owner + @owner ||= begin + # once we only support 14.0 we can switch this to find_homebrew_username + require 'etc' + ::Etc.getpwuid(HomebrewUserWrapper.new.find_homebrew_uid).name + rescue Chef::Exceptions::CannotDetermineHomebrewOwner + calculate_owner + end.tap do |owner| + Chef::Log.debug("Homebrew owner is #{owner}") + end + end + + private + + def calculate_owner + owner = homebrew_owner_attr || sudo_user || current_user + if owner == 'root' + raise Chef::Exceptions::User, + "Homebrew owner is 'root' which is not supported. " \ + "To set an explicit owner, please set node['homebrew']['owner']." + end + owner + end + + def homebrew_owner_attr + Chef.node['homebrew']['owner'] + end + + def sudo_user + ENV['SUDO_USER'] + end + + def current_user + ENV['USER'] + end +end unless defined?(Homebrew) + +class HomebrewWrapper + include Homebrew +end diff --git a/cookbooks/homebrew/libraries/homebrew_mixin.rb b/cookbooks/homebrew/libraries/homebrew_mixin.rb deleted file mode 100644 index e292214..0000000 --- a/cookbooks/homebrew/libraries/homebrew_mixin.rb +++ /dev/null @@ -1,63 +0,0 @@ -# -# Author:: Joshua Timberman () -# Author:: Graeme Mathieson () -# Cookbook:: homebrew -# Libraries:: homebrew_mixin -# -# Copyright:: 2011-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef12HomebrewUser - include Chef::Mixin::HomebrewUser -end - -module Homebrew - # Homebrew - module Mixin - def homebrew_owner - require 'etc' - @homebrew_owner ||= ::Etc.getpwuid(Chef12HomebrewUser.new.find_homebrew_uid).name - rescue Chef::Exceptions::CannotDetermineHomebrewOwner - @homebrew_owner ||= calculate_owner - end - - private - - def calculate_owner - owner = homebrew_owner_attr || sudo_user || current_user - if owner == 'root' - raise Chef::Exceptions::User, - "Homebrew owner is 'root' which is not supported. " \ - "To set an explicit owner, please set node['homebrew']['owner']." - end - owner - end - - def homebrew_owner_attr - node['homebrew']['owner'] - end - - def sudo_user - ENV['SUDO_USER'] - end - - def current_user - ENV['USER'] - end - end -end - -Chef::Resource.send(:include, Homebrew::Mixin) -Chef::Recipe.send(:include, Homebrew::Mixin) diff --git a/cookbooks/homebrew/libraries/matchers.rb b/cookbooks/homebrew/libraries/matchers.rb deleted file mode 100644 index 67d1d88..0000000 --- a/cookbooks/homebrew/libraries/matchers.rb +++ /dev/null @@ -1,28 +0,0 @@ -if defined?(ChefSpec) - ChefSpec.define_matcher :homebrew_package - - def tap_homebrew_tap(tap) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_tap, :tap, tap) - end - - def untap_homebrew_tap(tap) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_tap, :untap, tap) - end - - def cask_homebrew_cask(cask) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_cask, :cask, cask) - end - - def uncask_homebrew_cask(cask) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_cask, :uncask, cask) - end - - def install_homebrew_cask(cask) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_cask, :install, cask) - end - - def uninstall_homebrew_cask(cask) - ChefSpec::Matchers::ResourceMatcher.new(:homebrew_cask, :uninstall, cask) - end - -end diff --git a/cookbooks/homebrew/metadata.json b/cookbooks/homebrew/metadata.json index e69fd81..8ea519a 100644 --- a/cookbooks/homebrew/metadata.json +++ b/cookbooks/homebrew/metadata.json @@ -1 +1,36 @@ -{"name":"homebrew","version":"3.0.0","description":"Install Homebrew and includes resources for working with taps and casks","long_description":"# Homebrew Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/homebrew.svg?branch=master)](http://travis-ci.org/chef-cookbooks/homebrew) [![Cookbook Version](https://img.shields.io/cookbook/v/homebrew.svg)](https://supermarket.chef.io/cookbooks/homebrew)\n\nThis cookbook installs [Homebrew](http://brew.sh/) and provides resources for working with taps and casks\n\n## Requirements\n\n### Platforms\n\n- macOS\n\n### Chef\n\n- Chef 12.1+\n\n### Cookbooks\n\n- none\n\n## Attributes\n\n- `node['homebrew']['owner']` - The user that will own the Homebrew installation and packages. Setting this will override the default behavior which is to use the non-privileged user that has invoked the Chef run (or the `SUDO_USER` if invoked with sudo). The default is `nil`.\n- `node['homebrew']['auto-update']` - Whether the default recipe should automatically update Homebrew each run or not. The default is `true` to maintain compatibility. Set to false or nil to disable. Note that disabling this feature may cause formula to not work.\n- `node['homebrew']['formulas']` - An Array of formula that should be installed using Homebrew by default, used only in the `homebrew::install_formulas` recipe.\n\n - To install the most recent version, include just the recipe name: `- simple_formula`\n - To install a specific version, specify both its name and version:\n\n ```\n - name: special-version-formula\n version: 1.2.3\n ```\n\n - To install the HEAD of a formula, specify both its name and `head: true`:\n\n ```\n - name: head-tracking-formula\n head: true\n ```\n\n - To provide other options, specify both its name and options\n\n ```\n - name: formula-with-options\n options: --with-option-1 --with-other-option\n ```\n\n- `node['homebrew']['casks']` - An Array of casks that should be installed using brew cask by default, used only in the `homebrew::install_casks` recipe.\n\n- `node['homebrew']['taps']` - An Array of taps that should be installed using brew tap by default, used only in the `homebrew::install_taps` recipe.\n\n## Resources (provider)\n\n### homebrew_tap\n\nLWRP for `brew tap`, a Homebrew command used to add additional formula repositories. From the `brew` man page:\n\n```text\ntap [tap]\n Tap a new formula repository from GitHub, or list existing taps.\n\n tap is of the form user/repo, e.g. brew tap homebrew/dupes.\n```\n\nDefault action is `:tap` which enables the repository. Use `:untap` to disable a tapped repository.\n\n#### Examples\n\n```ruby\nhomebrew_tap 'homebrew/dupes'\n\nhomebrew_tap 'homebrew/dupes' do\n action :untap\nend\n```\n\n### homebrew_cask\n\nLWRP for `brew cask`, a Homebrew-style CLI workflow for the administration of Mac applications distributed as binaries. It's implemented as a homebrew \"external command\" called cask.\n\n[homebrew-cask on GitHub](https://github.com/caskroom/homebrew-cask)\n\n#### Prerequisites\n\nYou must have the homebrew-cask repository tapped.\n\n```ruby\nhomebrew_tap 'caskroom/cask'\n```\n\nAnd then install the homebrew cask package before using this LWRP.\n\n```ruby\npackage \"brew-cask\" do\n action :install\n end\n```\n\nYou can include the `homebrew::cask` recipe to do this.\n\n### Examples\n\n```ruby\nhomebrew_cask \"google-chrome\"\n\nhomebrew_cask \"google-chrome\" do\n action :uncask\nend\n```\n\nDefault action is `:cask` which installs the Application binary . Use `:uncask` to uninstall a an Application.\n\n[View the list of available Casks](https://github.com/caskroom/homebrew-cask/tree/master/Casks)\n\n# Usage\n\nWe strongly recommend that you put \"recipe[homebrew]\" in your node's run list, to ensure that it is available on the system and that Homebrew itself gets installed. Putting an explicit dependency in the metadata will cause the cookbook to be downloaded and the library loaded, thus resulting in changing the package provider on Mac OS X, so if you have systems you want to use the default (Mac Ports), they would be changed to Homebrew.\n\nThe default recipe also ensures that Homebrew is installed and up to date if the auto update attribute (above) is true (default).\n\n## License and Authors\n\nThis cookbook is maintained by CHEF. The original author, maintainer and copyright holder is Graeme Mathieson. The cookbook remains licensed under the Apache License version 2.\n\n[Original blog post by Graeme](https://woss.name/articles/converging-your-home-directory-with-chef/)\n\nAuthor:: Graeme Mathieson ([mathie@woss.name](mailto:mathie@woss.name))\n\nAuthor:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))\n\n```text\nCopyright:: 2011, Graeme Mathieson\nCopyright:: 2012-2016, Chef Software, Inc. \n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"mac_os_x":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"homebrew":"Install Homebrew"}} \ No newline at end of file +{ + "name": "homebrew", + "description": "Install Homebrew and includes resources for working with taps and casks", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "mac_os_x": ">= 0.0.0" + }, + "dependencies": { + + }, + "providing": { + + }, + "recipes": { + + }, + "version": "5.4.1", + "source_url": "https://github.com/sous-chefs/homebrew", + "issues_url": "https://github.com/sous-chefs/homebrew/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 15.3" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/homebrew/metadata.rb b/cookbooks/homebrew/metadata.rb new file mode 100644 index 0000000..9af47f4 --- /dev/null +++ b/cookbooks/homebrew/metadata.rb @@ -0,0 +1,11 @@ +name 'homebrew' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Install Homebrew and includes resources for working with taps and casks' +version '5.4.1' +supports 'mac_os_x' + +source_url 'https://github.com/sous-chefs/homebrew' +issues_url 'https://github.com/sous-chefs/homebrew/issues' +chef_version '>= 15.3' diff --git a/cookbooks/homebrew/providers/cask.rb b/cookbooks/homebrew/providers/cask.rb deleted file mode 100644 index dc7126a..0000000 --- a/cookbooks/homebrew/providers/cask.rb +++ /dev/null @@ -1,47 +0,0 @@ -# -# Cookbook:: homebrew -# Providers:: cask -# -# Copyright:: 2011-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include ::Homebrew::Mixin - -use_inline_resources - -def whyrun_supported? - true -end - -action :install do - execute "installing cask #{new_resource.name}" do - command "/usr/local/bin/brew cask install #{new_resource.name} #{new_resource.options}" - user homebrew_owner - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - not_if { new_resource.casked? } - end -end - -action :uninstall do - execute "uninstalling cask #{new_resource.name}" do - command "/usr/local/bin/brew cask uninstall #{new_resource.name}" - user homebrew_owner - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - only_if { new_resource.casked? } - end -end - -alias_method :action_cask, :action_install -alias_method :action_uncask, :action_uninstall diff --git a/cookbooks/homebrew/providers/tap.rb b/cookbooks/homebrew/providers/tap.rb deleted file mode 100644 index fd04df8..0000000 --- a/cookbooks/homebrew/providers/tap.rb +++ /dev/null @@ -1,58 +0,0 @@ -# -# Author:: Joshua Timberman () -# Author:: Graeme Mathieson () -# Cookbook:: homebrew -# Providers:: tap -# -# Copyright:: 2011-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include ::Homebrew::Mixin - -use_inline_resources - -def load_current_resource - @tap = Chef::Resource::HomebrewTap.new(new_resource.name) - tap_dir = @tap.name.gsub('/', '/homebrew-') - - Chef::Log.debug("Checking whether we've already tapped #{new_resource.name}") - if ::File.directory?("/usr/local/Library/Taps/#{tap_dir}") - @tap.tapped true - else - @tap.tapped false - end -end - -action :tap do - unless @tap.tapped - execute "tapping #{new_resource.name}" do - command "/usr/local/bin/brew tap #{new_resource.name}" - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - not_if "/usr/local/bin/brew tap | grep #{new_resource.name}" - user homebrew_owner - end - end -end - -action :untap do - if @tap.tapped - execute "untapping #{new_resource.name}" do - command "/usr/local/bin/brew untap #{new_resource.name}" - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - only_if "/usr/local/bin/brew tap | grep #{new_resource.name}" - user homebrew_owner - end - end -end diff --git a/cookbooks/homebrew/recipes/cask.rb b/cookbooks/homebrew/recipes/cask.rb index 38148e6..9f61a08 100644 --- a/cookbooks/homebrew/recipes/cask.rb +++ b/cookbooks/homebrew/recipes/cask.rb @@ -2,7 +2,7 @@ # Cookbook:: homebrew # Recipes:: cask # -# Copyright:: 2014-2016, Chef Software, Inc +# Copyright:: 2014-2019, Chef Software, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,10 +17,10 @@ # limitations under the License. # -homebrew_tap 'caskroom/cask' +homebrew_tap 'homebrew/cask' directory '/Library/Caches/Homebrew/Casks' do - owner homebrew_owner - mode '775' + owner Homebrew.owner + mode '0775' only_if { ::Dir.exist?('/Library/Caches/Homebrew') } end diff --git a/cookbooks/homebrew/recipes/default.rb b/cookbooks/homebrew/recipes/default.rb index feab10e..39c0aab 100644 --- a/cookbooks/homebrew/recipes/default.rb +++ b/cookbooks/homebrew/recipes/default.rb @@ -4,7 +4,7 @@ # Cookbook:: homebrew # Recipe:: default # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,29 +19,50 @@ # limitations under the License. # -homebrew_go = "#{Chef::Config[:file_cache_path]}/homebrew_go" +unless Homebrew.exist? + homebrew_go = "#{Chef::Config[:file_cache_path]}/homebrew_go" -Chef::Log.debug("Homebrew owner is '#{homebrew_owner}'") + # Grant Homebrew install script permission to execute + # without passing a sudo password. Deletes itself at + # the end of a successful run. + sudo 'nopasswd_homebrew_installer' do + user Homebrew.owner + commands [ + homebrew_go, + '/bin/chmod', + '/bin/mkdir', + '/bin/rm', + '/usr/bin/chgrp', + '/usr/bin/install', + '/usr/bin/touch', + '/usr/bin/xcode-select', + '/usr/sbin/chown', + '/usr/sbin/softwareupdate', + ] + nopasswd true + action :create + notifies :delete, 'sudo[nopasswd_homebrew_installer]', :delayed + end -remote_file homebrew_go do - source node['homebrew']['installer']['url'] - checksum node['homebrew']['installer']['checksum'] unless node['homebrew']['installer']['checksum'].nil? - mode '755' - not_if { ::File.exist? '/usr/local/bin/brew' } -end + remote_file homebrew_go do + source node['homebrew']['installer']['url'] + checksum node['homebrew']['installer']['checksum'] unless node['homebrew']['installer']['checksum'].nil? + mode '0755' + retries 2 + end -execute 'install homebrew' do - command homebrew_go - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - user homebrew_owner - not_if { ::File.exist? '/usr/local/bin/brew' } + execute 'install homebrew' do + command homebrew_go + environment lazy { { 'HOME' => ::Dir.home(Homebrew.owner), 'USER' => Homebrew.owner, 'NONINTERACTIVE' => '1' } } + user Homebrew.owner + end end execute 'set analytics' do - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - user homebrew_owner - command "/usr/local/bin/brew analytics #{node['homebrew']['enable-analytics'] ? 'on' : 'off'}" - only_if { shell_out('/usr/local/bin/brew analytics state', user: homebrew_owner).stdout.include?('enabled') != node['homebrew']['enable-analytics'] } + environment lazy { { 'HOME' => ::Dir.home(Homebrew.owner), 'USER' => Homebrew.owner } } + user Homebrew.owner + command lazy { "#{HomebrewWrapper.new.install_path}/bin/brew analytics #{node['homebrew']['enable-analytics'] ? 'on' : 'off'}" } + only_if { shell_out("#{HomebrewWrapper.new.install_path}/bin/brew analytics state", user: Homebrew.owner).stdout.include?('enabled') != node['homebrew']['enable-analytics'] } end if node['homebrew']['auto-update'] @@ -50,8 +71,8 @@ if node['homebrew']['auto-update'] end execute 'update homebrew from github' do - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - user homebrew_owner - command '/usr/local/bin/brew update || true' + environment lazy { { 'HOME' => ::Dir.home(Homebrew.owner), 'USER' => Homebrew.owner } } + user Homebrew.owner + command lazy { "#{HomebrewWrapper.new.install_path}/bin/brew update || true" } end end diff --git a/cookbooks/homebrew/recipes/install_casks.rb b/cookbooks/homebrew/recipes/install_casks.rb index 3635e17..f66941c 100644 --- a/cookbooks/homebrew/recipes/install_casks.rb +++ b/cookbooks/homebrew/recipes/install_casks.rb @@ -2,7 +2,7 @@ # Cookbook:: homebrew # Recipe:: install_casks # -# Copyright:: 2014-2016, Chef Software, Inc +# Copyright:: 2014-2019, Chef Software, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,8 +17,6 @@ # limitations under the License. # -include_recipe 'homebrew::cask' - node['homebrew']['casks'].each do |cask| homebrew_cask cask end diff --git a/cookbooks/homebrew/recipes/install_formulas.rb b/cookbooks/homebrew/recipes/install_formulas.rb index ca13679..4e7db79 100644 --- a/cookbooks/homebrew/recipes/install_formulas.rb +++ b/cookbooks/homebrew/recipes/install_formulas.rb @@ -2,7 +2,7 @@ # Cookbook:: homebrew # Recipes:: install_casks # -# Copyright:: 2014-2016, Chef Software, Inc +# Copyright:: 2014-2019, Chef Software, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/homebrew/recipes/install_taps.rb b/cookbooks/homebrew/recipes/install_taps.rb index 950165c..7cb4d0d 100644 --- a/cookbooks/homebrew/recipes/install_taps.rb +++ b/cookbooks/homebrew/recipes/install_taps.rb @@ -2,7 +2,7 @@ # Cookbook:: homebrew # Recipes:: install_taps # -# Copyright:: 2015-2016, Chef Software, Inc +# Copyright:: 2015-2019, Chef Software, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,5 +20,14 @@ include_recipe 'homebrew' node['homebrew']['taps'].each do |tap| - homebrew_tap tap + if tap.is_a?(String) + homebrew_tap tap + elsif tap.is_a?(Hash) + raise unless tap.key?('tap') + homebrew_tap tap['tap'] do + url tap['url'] if tap.key?('url') + end + else + raise + end end diff --git a/cookbooks/homebrew/renovate.json b/cookbooks/homebrew/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/homebrew/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/homebrew/resources/cask.rb b/cookbooks/homebrew/resources/cask.rb index 797a0d9..c4d2053 100644 --- a/cookbooks/homebrew/resources/cask.rb +++ b/cookbooks/homebrew/resources/cask.rb @@ -1,14 +1,68 @@ -actions :cask, :uncask, :install, :uninstall -default_action :install +# +# Author:: Joshua Timberman () +# Author:: Graeme Mathieson () +# Cookbook:: homebrew +# Resources:: cask +# +# Copyright:: 2011-2019, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# -attribute :name, - name_attribute: true, - kind_of: String, - regex: /^[\w-]+$/ +chef_version_for_provides '< 14.0' if respond_to?(:chef_version_for_provides) -attribute :options, - kind_of: String +property :cask_name, String, regex: %r{^[\w/-]+$}, name_property: true +property :options, String +property :install_cask, [true, false], default: true +property :homebrew_path, String, default: lazy { "#{HomebrewWrapper.new.install_path}/bin/brew" } +property :owner, String, default: lazy { Homebrew.owner } # lazy to prevent breaking compilation on non-macOS platforms -def casked? - shell_out('/usr/local/bin/brew cask list 2>/dev/null').stdout.split.include?(name) +action :install do + homebrew_tap 'homebrew/cask' if new_resource.install_cask + + unless casked? + converge_by("install cask #{new_resource.name} #{new_resource.options}") do + shell_out!("#{new_resource.homebrew_path} install --cask #{new_resource.name} #{new_resource.options}", + user: new_resource.owner, + env: { 'HOME' => ::Dir.home(new_resource.owner), 'USER' => new_resource.owner }, + cwd: ::Dir.home(new_resource.owner)) + end + end +end + +action :remove do + homebrew_tap 'homebrew/cask' if new_resource.install_cask + + if casked? + converge_by("uninstall cask #{new_resource.name}") do + shell_out!("#{new_resource.homebrew_path} uninstall --cask #{new_resource.name}", + user: new_resource.owner, + env: { 'HOME' => ::Dir.home(new_resource.owner), 'USER' => new_resource.owner }, + cwd: ::Dir.home(new_resource.owner)) + end + end +end + +action_class do + alias_method :action_cask, :action_install + alias_method :action_uncask, :action_remove + alias_method :action_uninstall, :action_remove + + def casked? + unscoped_name = new_resource.name.split('/').last + shell_out!("#{new_resource.homebrew_path} list --cask 2>/dev/null", + user: new_resource.owner, + env: { 'HOME' => ::Dir.home(new_resource.owner), 'USER' => new_resource.owner }, + cwd: ::Dir.home(new_resource.owner)).stdout.split.include?(unscoped_name) + end end diff --git a/cookbooks/homebrew/resources/tap.rb b/cookbooks/homebrew/resources/tap.rb index f7a8c99..8f67124 100644 --- a/cookbooks/homebrew/resources/tap.rb +++ b/cookbooks/homebrew/resources/tap.rb @@ -4,7 +4,7 @@ # Cookbook:: homebrew # Resources:: tap # -# Copyright:: 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,13 +19,37 @@ # limitations under the License. # -actions :tap, :untap -default_action :tap +chef_version_for_provides '< 14.0' if respond_to?(:chef_version_for_provides) -attribute :name, - name_attribute: true, - kind_of: String, - regex: %r{^[\w-]+(?:\/[\w-]+)+$} +property :tap_name, String, name_property: true, regex: %r{^[\w-]+(?:\/[\w-]+)+$} +property :url, String +property :full, [true, false], default: false +property :homebrew_path, String, default: lazy { "#{HomebrewWrapper.new.install_path}/bin/brew" } +property :owner, String, default: lazy { Homebrew.owner } # lazy to prevent breaking compilation on non-macOS platforms -attribute :tapped, - kind_of: [TrueClass, FalseClass] +action :tap do + unless tapped?(new_resource.name) + converge_by("tap #{new_resource.name}") do + shell_out!("#{new_resource.homebrew_path} tap #{new_resource.full ? '--full' : ''} #{new_resource.name} #{new_resource.url || ''}", + user: new_resource.owner, + env: { 'HOME' => ::Dir.home(new_resource.owner), 'USER' => new_resource.owner }, + cwd: ::Dir.home(new_resource.owner)) + end + end +end + +action :untap do + if tapped?(new_resource.name) + converge_by("untap #{new_resource.name}") do + shell_out!("#{new_resource.homebrew_path} untap #{new_resource.name}", + user: new_resource.owner, + env: { 'HOME' => ::Dir.home(new_resource.owner), 'USER' => new_resource.owner }, + cwd: ::Dir.home(new_resource.owner)) + end + end +end + +def tapped?(name) + tap_dir = name.gsub('/', '/homebrew-') + ::File.directory?("#{HomebrewWrapper.new.repository_path}/Library/Taps/#{tap_dir}") +end diff --git a/cookbooks/mariadb/CHANGELOG.md b/cookbooks/mariadb/CHANGELOG.md deleted file mode 100644 index d19b938..0000000 --- a/cookbooks/mariadb/CHANGELOG.md +++ /dev/null @@ -1,132 +0,0 @@ -mariadb CHANGELOG -================= - -This file is used to list changes made in each version of the mariadb cookbook. - -0.3.1 ------ -- [BUG #76] - Service is restarted every run if not localhost -- [BUG #73] - Fix directory permissions regression -- [BUG #69] - Update repository.rb to be able to manage Scientific Linux -- [BUG #57] - Add user and password to correct debian-grants -- [ENH #71] - Add xtrabackup-v2 support for SST Method -- [ENH #62] - Allow Galera cluster nodes to be configured when using Chef Solo -- [ENH #64] - Add a vagrant config to test a galera cluster -- [BUG #66] - mariadb_configuration template uses current cookbook as template source -- [BUG #68] - Correct service name inconsistency on CentOS 7 - -0.3.0 ------- -- [ENH] - Add support for using operating system shipped mariadb packages - -0.2.12 ------- -- [BUG #39] - Push gpg key adds through http/80 - Helps with firewalled installs -- [ENH #46] - Add cookbook attribute on configuration lwrp -- [ENH #47] - Allow to pass true for unary options -- [BUG #48] - Load the needed plugins at startup - -0.2.11 ------- -- [ENH #38] - Add CentOS support -- [ENH #40] - Add sensitive flag to resource that deal with passwords -- [BUG #43] - Fix convert TypeError in the replication provider - -0.2.10 ------- -- [BUG] - Audit Plugin test and installation - Correct bad notifies, and stdout test - -0.2.9 ------ -- [BUG #36] - Audit plugin installation can crash mariadb server - -0.2.8 ------ -- [BUG #30] - When using galera, nodes were not sorted, applying configuration change too often -- [BUG #31] - ChefSpec coverage was not 100% -- [BUG #28] - Remove the only_if to mysql service -- [BUG #29] - Add a switch to not launch audit plugin install, when already installed -- [ENH] - Add a switch to separate server install and audit install when needed -- [ENH] - Add a rule to authorize line length to be 120 characters long - -0.2.7 ------ -- [BUG #24] - Fix convert TypeError in the replication provider -- [BUG #25] - Data are now moved when default datadir is changed -- [ENH #21] - Add audit_plugin management - -0.2.6 ------ -- [BUG #18] - Fix provider mariadb_replication compilation error -- [DOCS] - Complete Changelog, and correct README - -0.2.5 ------ -- [ENH #16] - Add a LWRP to manage replication slave -- [ENH #17] - Be able to not install development files within client recipe -- [ENH #11] - Fix the galera root password preseed -- [BUG #12] - Fix the debian-sys-maint user creation/password change -- [BUG #6] - Can change the apt repository base_url when the default one fail -- [TEST] - Add new tests for the new features (galera,development files install,replication LWRP) -- [DOCS] - Complete Changelog, and add new features explanations into README - -0.2.4 ------ -- [BUG #10] - Correct a FC004 broken rule -- [BUG #9] - Correct foodcritic tests (add --epic-fail any to be sure it fails when a broken rule is detected) - -0.2.3 ------ -- [BUG #4] - Add a real management of mysql root password -- [ENH #5] - Now restart mysql service when port is changed -- [ENH #7] - Remove or add root remote access via attribute -- [DOCS] - Complete documentations -- [TEST] - Add a lot of chefspec and kitchen/serverspec tests - -0.2.2 ------ -- [sinfomicien] - Correct repository install under debian family -- [sinfomicien] - Correct client install to add dev files -- [sinfomicien] - Correct and add multiples tests - -0.2.1 ------ -- [sinfomicien] - Use stove to package (remove PaxHeaders.*) - -0.2.0 ------ -- [sinfomicien] - Add rpm/yum management -- [sinfomicien] - Refactor the whole recipes list and management to ease it -- [sinfomicien] - Correct the Documentation -- [sinfomicien] - Rename the provider (from extraconf to configuration), and add matchers to it -- [sinfomicien] - Add a recipe to manage client only installation -- [sinfomicien] - Refactor all tests to manage new platform (centos/redhat/fedora) - -0.1.8 ------ -- [sinfomicien] - Add ignore-failure to debian grants correct, as it can break on initial setup - -0.1.7 ------ -- [sinfomicien] - Correct a typo (unnecessary call to run_command) - -0.1.6 ------ -- [sinfomicien] - improve Galera configuration management -- [sinfomicien] - Add new rspec tests -- [sinfomicien] - Create Kitchen test suite - -0.1.5 ------ -- [sinfomicien] - improve attributes management - -0.1.4 ------ -- [sinfomicien] - adapt galera55 recipe to use a generic galera recipe -- [sinfomicien] - use a generic galera recipe to create the galera10 recipe -- [sinfomicien] - Improve documentation - - -0.1.0 ------ -- [sinfomicien] - Initial release of mariadb diff --git a/cookbooks/mariadb/README.md b/cookbooks/mariadb/README.md deleted file mode 100644 index 01fdaea..0000000 --- a/cookbooks/mariadb/README.md +++ /dev/null @@ -1,207 +0,0 @@ -MariaDB Cookbook -================ - -[![Build Status](https://travis-ci.org/sinfomicien/mariadb.png)](https://travis-ci.org/sinfomicien/mariadb) - -Description ------------ - -This cookbook contains all the stuffs to install and configure a mariadb server on a dpkg/apt compliant system (typically debian), or a rpm/yum compliant system (typically centos) - - -Requirements ------------- - -#### repository -- `mariadb` - This cookbook need that you have a valid apt repository installed with the mariadb official packages - -#### packages -- `percona-xtrabackup` - if you want to use the xtrabckup SST Auth for galera cluster. -- `socat` - if you want to use the xtrabckup SST Auth for galera cluster. -- `rsync` - if you want to use the rsync SST Auth for galera cluster. -- `debconf-utils` - if you use debian platform family. - -#### operating system -- `debian` - this cookbook is fully tested on debian -- `ubuntu` - not fully tested on ubuntu, but should work -- `centos` - not fully tested on centos, but should work - -Attributes ----------- - -#### mariadb::default - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescriptionDefault
['mariadb']['install']['version']StringVersion to install (currently 10.0 et 5.5)10.0
['mariadb']['use_default_repository']BooleanWether to install MariaDB default repository or not. If you don't have a local repo containing packages, put it to truefalse
['mariadb']['server_root_password']Stringlocal root password
['mariadb']['forbid_remote_root']BooleanWether to activate root remote accesstrue
['mariadb']['allow_root_pass_change']BooleanWether to allow the recipe to change root password after the first installfalse
['mariadb']['client']['development_files']BooleanWether to install development files in client recipetrue
['mariadb']['apt_repository']['base_url']StringThe http base url to use when installing from default repository'ftp.igh.cnrs.fr/pub/mariadb/repo'
['mariadb']['install']['prefer_os_package']BooleanIndicator for preferring use packages shipped by running osfalse
- -Usage ------ - -To install a default server for mariadb choose the version you want (MariaDB 5.5 or 10, galera or not), then call the recipe accordingly. - -List of availables recipes: - -- mariadb::default (just call server recipe with default options) -- mariadb::server -- mariadb::galera -- mariadb::client - -Please be ware that by default, the root password is empty! If you want have changed it use the `node['mariadb']['server_root_password']` attribute to put a correct value. And by default the remote root access is not activated. Use `node['mariadb']['forbid_remote_root']` attribute to change it. - -Sometimes, the default apt repository used for apt does not work (see issue #6). In this case, you need to choose another mirror which worki (pick it from mariadb website), and put the http base url in the attribute `node['mariadb']['apt_repository']['base_url']`. - -#### mariadb::galera - -When installing the mariadb::galera on debian recipe, You have to take care of one specific attribute: -`node['mariadb']['debian']['password']` which default to 'please-change-me' -As wee need to have the same password for this user on the whole cluster nodes... We will change the default install one by the content of this attribute. - -#### mariadb::client - -By default this recipe install the client, and all needed packages to develop client application. If you do not want to install development files when installing client package, -set the attribute `node['mariadb']['client']['development_files']` to false. - -Providers ----------- - -This recipe define 2 providers: -- `Chef::Provider::Mariadb::Configuration` shortcut resource `mariadb_configuration` -- `Chef::Provider::Mariadb::Replication` shortcut resource `mariadb_replication` - -#### mariadb_configuration - -Mainly use for internal purpose. You can use it to create a new configuration file into configuration dir. You have to define 2 variables `section` and `option`. -Where `section` is the configuration section, and `option` is a hash of key/value. The name of the resource is used as base for the filename. - -Example: -```ruby -mariadb_configuration 'fake' do - section 'mysqld' - option {foo: 'bar'} -end -``` -will become the file fake.cnf in the include dir (depend on your platform), which contain: -``` -[mysqld] -foo=bar -``` - -If the value start with a '#', then it's considered as a comment, and the value is printed as is (without the key) - -Example: -```ruby -mariadb_configuration 'fake' do - section 'mysqld' - option {comment1: '# Here i am', foo: bar} -end -``` -will become the file fake.cnf in the include dir (depend on your platform), which contain: -``` -[mysqld] -# Here i am -foo=bar -``` - -#### mariadb_replication - -This LWRP is used to manage replication setup on a host. To use this LWRP, the node need to have the mysql binary installed (via the mariadb::client or mariadb::server or mariadb::galera recipe). -It have 4 actions: -- add - to add a new replication setup (become a slave) -- stop - to stop the slave replication -- start - to start the slave replication -- remove - to remove the slave replication configuration - -The resource name need to be 'default' if your don't want to use a named connection (multi source replication in MariaDB 10). - -So by default the provider try to use the local instance of mysql, with the current user and no password. If you want to change, you have to define `host`, `port`, `user` or `password` - -```ruby -mariadb_replication 'default' do - user 'root' - password 'fakepass' - host 'fakehost' - action :stop -end -``` -will stop the replication on the host `fakehost` using the user `root` and password `fakepass` to connect to. - -When you add a replication configuration, you have to define at least 4 values `master_host`, `master_user`, `master_password` and `master_use_gtid`. And if you don't want the GTID support, you have to define also `master_log_file` and `master_log_pos` - -Example: -```ruby -mariadb_replication 'usefull_conn_name' do - master_host 'server1' - master_user 'slave_user' - master_password 'slave_password' - master_use_gtid 'current_pos' - action :add -end -``` - -Contributing ------------- - -1. Fork the repository on Github -2. Create a named feature branch (like `add_component_x`) -3. Write your change -4. Write tests for your change (if applicable) -5. Run the tests, ensuring they all pass -6. Submit a Pull Request using Github - -License and Authors -------------------- -Authors: -Nicolas Blanc diff --git a/cookbooks/mariadb/attributes/default.rb b/cookbooks/mariadb/attributes/default.rb deleted file mode 100644 index 7523035..0000000 --- a/cookbooks/mariadb/attributes/default.rb +++ /dev/null @@ -1,164 +0,0 @@ -# platform dependent attributes -case node['platform'] -when 'redhat', 'centos', 'fedora', 'scientific', 'amazon' - default['mariadb']['configuration']['path'] = '/etc' - default['mariadb']['configuration']['includedir'] = '/etc/my.cnf.d' - default['mariadb']['mysqld']['socket'] = '/var/lib/mysql/mysql.sock' - default['mariadb']['client']['socket'] = '/var/lib/mysql/mysql.sock' - default['mariadb']['mysqld_safe']['socket'] = '/var/lib/mysql/mysql.sock' -else - default['mariadb']['configuration']['path'] = '/etc/mysql' - default['mariadb']['configuration']['includedir'] = '/etc/mysql/conf.d' - default['mariadb']['mysqld']['socket'] = '/var/run/mysqld/mysqld.sock' - default['mariadb']['mysqld']['pid_file'] = '/var/run/mysqld/mysqld.pid' - default['mariadb']['client']['socket'] = '/var/run/mysqld/mysqld.sock' - default['mariadb']['mysqld_safe']['socket'] = '/var/run/mysqld/mysqld.sock' -end - -# -# mysqld default configuration -# -default['mariadb']['forbid_remote_root'] = true -default['mariadb']['server_root_password'] = '' -default['mariadb']['allow_root_pass_change'] = false -if node['platform'] == 'centos' - default['mariadb']['mysqld']['service_name'] = 'mariadb' -else - default['mariadb']['mysqld']['service_name'] = 'mysql' -end -default['mariadb']['mysqld']['user'] = 'mysql' -default['mariadb']['mysqld']['port'] = '3306' -default['mariadb']['mysqld']['basedir'] = '/usr' -default['mariadb']['mysqld']['default_datadir'] = '/var/lib/mysql' -# if different from previous value, datadir will be moved after install -default['mariadb']['mysqld']['datadir'] = '/var/lib/mysql' -default['mariadb']['mysqld']['tmpdir'] = '/var/tmp' -default['mariadb']['mysqld']['lc_messages_dir'] = '/usr/share/mysql' -default['mariadb']['mysqld']['lc_messages'] = 'en_US' -default['mariadb']['mysqld']['skip_external_locking'] = 'true' -default['mariadb']['mysqld']['bind_address'] = '127.0.0.1' -default['mariadb']['mysqld']['max_connections'] = '100' -default['mariadb']['mysqld']['connect_timeout'] = '5' -default['mariadb']['mysqld']['wait_timeout'] = '600' -default['mariadb']['mysqld']['max_allowed_packet'] = '16M' -default['mariadb']['mysqld']['thread_cache_size'] = '128' -default['mariadb']['mysqld']['sort_buffer_size'] = '4M' -default['mariadb']['mysqld']['bulk_insert_buffer_size'] = '16M' -default['mariadb']['mysqld']['tmp_table_size'] = '32M' -default['mariadb']['mysqld']['max_heap_table_size'] = '32M' -default['mariadb']['mysqld']['myisam_recover'] = 'BACKUP' -default['mariadb']['mysqld']['key_buffer_size'] = '128M' -# if not defined default is 2000 -default['mariadb']['mysqld']['open_files_limit'] = '' -default['mariadb']['mysqld']['table_open_cache'] = '400' -default['mariadb']['mysqld']['myisam_sort_buffer_size'] = '512M' -default['mariadb']['mysqld']['concurrent_insert'] = '2' -default['mariadb']['mysqld']['read_buffer_size'] = '2M' -default['mariadb']['mysqld']['read_rnd_buffer_size'] = '1M' -default['mariadb']['mysqld']['query_cache_limit'] = '128K' -default['mariadb']['mysqld']['query_cache_size'] = '64M' -# if not defined default is ON -default['mariadb']['mysqld']['query_cache_type'] = '' -default['mariadb']['mysqld']['default_storage_engine'] = 'InnoDB' -default['mariadb']['mysqld']['options'] = {} - -# -# InnoDB default configuration -# -# if not defined default is 50M -default['mariadb']['innodb']['log_file_size'] = '' -default['mariadb']['innodb']['bps_percentage_memory'] = false -default['mariadb']['innodb']['buffer_pool_size'] = '256M' -default['mariadb']['innodb']['log_buffer_size'] = '8M' -default['mariadb']['innodb']['file_per_table'] = '1' -default['mariadb']['innodb']['open_files'] = '400' -default['mariadb']['innodb']['io_capacity'] = '400' -default['mariadb']['innodb']['flush_method'] = 'O_DIRECT' -default['mariadb']['innodb']['options'] = {} - -# -# Galera default configuration -# -default['mariadb']['galera']['cluster_name'] = 'galera_cluster' -default['mariadb']['galera']['cluster_search_query'] = '' -default['mariadb']['galera']['wsrep_sst_method'] = 'rsync' -default['mariadb']['galera']['wsrep_provider'] = \ - '/usr/lib/galera/libgalera_smm.so' -default['mariadb']['galera']['options'] = {} - -# Node format: [{ :name => "mariadb_1", fqdn: "33.33.33.11"}] -default['mariadb']['galera']['cluster_nodes'] = [] - -# -# Replication default configuration -# -default['mariadb']['replication']['server_id'] = '' -default['mariadb']['replication']['log_bin'] = \ - '/var/log/mysql/mariadb-bin' -default['mariadb']['replication']['log_bin_index'] = \ - '/var/log/mysql/mariadb-bin.index' -default['mariadb']['replication']['expire_logs_days'] = '10' -default['mariadb']['replication']['max_binlog_size'] = '100M' -default['mariadb']['replication']['options'] = {} - -# -# mysqldump default configuration -# -default['mariadb']['mysqldump']['quick'] = 'true' -default['mariadb']['mysqldump']['quote_names'] = 'true' -default['mariadb']['mysqldump']['max_allowed_packet'] = '16M' - -# -# isamchk default configuration -default['mariadb']['isamchk']['key_buffer'] = '16M' - -# -# mysqld_safe default configuration -# -default['mariadb']['mysqld_safe']['options'] = {} - -# -# client default configuration -# -default['mariadb']['client']['port'] = 3306 -default['mariadb']['client']['options'] = {} -default['mariadb']['client']['development_files'] = true - -# -# debian specific configuration -# -default['mariadb']['debian']['user'] = 'debian-sys-maint' -default['mariadb']['debian']['password'] = 'please-change-me' -default['mariadb']['debian']['host'] = 'localhost' - -# -# mariadb default install configuration -# -# install valid value is 'package', -# hope to have 'from_source' in the near future -default['mariadb']['install']['type'] = 'package' -default['mariadb']['install']['version'] = '10.0' -default['mariadb']['install']['prefer_os_package'] = false - -# -# package(apt or yum) default configuration -# -default['mariadb']['use_default_repository'] = false -default['mariadb']['apt_repository']['base_url'] = \ - 'ftp.igh.cnrs.fr/pub/mariadb/repo' - -# -# MariaDB Plugins enabling -# -default['mariadb']['plugins_options']['auto_install'] = true -# Enabling Plugin Installation -default['mariadb']['plugins']['audit'] = false -# Load Plugins in .cnf (plugin-loadi variable) -default['mariadb']['plugins_loading']['audit'] = 'server_audit=server_audit.so' - -# Default Configuration -default['mariadb']['audit_plugin']['server_audit_events'] = '' -default['mariadb']['audit_plugin']['server_audit_output_type'] = 'file' -# Syslog (require server_audit_output_type = syslog) -default['mariadb']['audit_plugin']['server_audit_syslog_facility'] = 'LOG_USER' -default['mariadb']['audit_plugin']['server_audit_syslog_priority'] = 'LOG_INFO' diff --git a/cookbooks/mariadb/libraries/mariadb_helper.rb b/cookbooks/mariadb/libraries/mariadb_helper.rb deleted file mode 100644 index 8e8e706..0000000 --- a/cookbooks/mariadb/libraries/mariadb_helper.rb +++ /dev/null @@ -1,78 +0,0 @@ -# MariaDB is a module containing mariadb cookbook helper -module MariaDB - # Helper module for mariadb cookbook - module Helper - require 'socket' - require 'timeout' - - def do_port_connect(ip, port) - s = TCPSocket.new(ip, port) - s.close - true - rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH - false - end - - def port_open?(ip, port) - begin - Timeout.timeout(5) do - return do_port_connect(ip, port) - end - rescue Timeout::Error - false - end - false - end - - # Trying to determine if we need to restart the mysql service - def mariadb_service_restart_required?(ip, port, _socket) - restart = false - restart = true unless port_open?(ip, port) - restart - end - - # Helper to determine if running operating system shipped a package for - # mariadb server & client. No galera shipped in any os yet. - # @param [String] os_platform Indicate operating system type, e.g. centos - # @param [String] os_version Indicate operating system version, e.g. 7.0 - def os_package_provided?(os_platform, os_version) - package_provided = false - case os_platform - when 'centos', 'redhat' - package_provided = true if os_version.to_i == 7 - when 'fedora' - package_provided = true if os_version.to_i >= 19 - end - package_provided - end - - # Helper to determine mariadb server service name shipped by native package - # If no native package available on this platform, return nil - # @param [String] os_platform Indicate operating system type, e.g. centos - # @param [String] os_version Indicate operating system version, e.g. 7.0 - def os_service_name(os_platform, os_version) - return nil unless os_package_provided?(os_platform, os_version) - service_name = 'mariadb' - if os_platform == 'fedora' && os_version.to_i >= 19 - service_name = 'mysqld' - end - service_name - end - - # Helper to determine whether to use os native package - # @param [Boolean] prefer_os Indicate whether to prefer os native package - # @param [String] os_platform Indicate operating system type, e.g. centos - # @param [String] os_version Indicate operating system version, e.g. 7.0 - def use_os_native_package?(prefer_os, os_platform, os_version) - return false unless prefer_os - if os_package_provided?(os_platform, os_version) - true - else - Chef::Log.warn 'prefer_os_package detected, but no native mariadb'\ - " package available on #{os_platform}-#{os_version}."\ - ' Fall back to use community package.' - false - end - end - end -end diff --git a/cookbooks/mariadb/libraries/matchers.rb b/cookbooks/mariadb/libraries/matchers.rb deleted file mode 100644 index 91f1cc1..0000000 --- a/cookbooks/mariadb/libraries/matchers.rb +++ /dev/null @@ -1,21 +0,0 @@ -if defined?(ChefSpec) - def add_mariadb_configuration(resource_name) - ChefSpec::Matchers::ResourceMatcher - .new(:mariadb_configuration, :add, resource_name) - end - - def remove_mariadb_configuration(resource_name) - ChefSpec::Matchers::ResourceMatcher - .new(:mariadb_configuration, :remove, resource_name) - end - - def add_mariadb_replication(resource_name) - ChefSpec::Matchers::ResourceMatcher - .new(:mariadb_replication, :add, resource_name) - end - - def remove_mariadb_replication(resource_name) - ChefSpec::Matchers::ResourceMatcher - .new(:mariadb_replication, :remove, resource_name) - end -end diff --git a/cookbooks/mariadb/metadata.json b/cookbooks/mariadb/metadata.json deleted file mode 100644 index 049ad57..0000000 --- a/cookbooks/mariadb/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"mariadb","version":"0.3.1","description":"Installs/Configures MariaDB","long_description":"MariaDB Cookbook\n================\n\n[![Build Status](https://travis-ci.org/sinfomicien/mariadb.png)](https://travis-ci.org/sinfomicien/mariadb)\n\nDescription\n-----------\n\nThis cookbook contains all the stuffs to install and configure a mariadb server on a dpkg/apt compliant system (typically debian), or a rpm/yum compliant system (typically centos)\n\n\nRequirements\n------------\n\n#### repository\n- `mariadb` - This cookbook need that you have a valid apt repository installed with the mariadb official packages\n\n#### packages\n- `percona-xtrabackup` - if you want to use the xtrabckup SST Auth for galera cluster.\n- `socat` - if you want to use the xtrabckup SST Auth for galera cluster.\n- `rsync` - if you want to use the rsync SST Auth for galera cluster.\n- `debconf-utils` - if you use debian platform family.\n\n#### operating system\n- `debian` - this cookbook is fully tested on debian\n- `ubuntu` - not fully tested on ubuntu, but should work\n- `centos` - not fully tested on centos, but should work\n\nAttributes\n----------\n\n#### mariadb::default\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
KeyTypeDescriptionDefault
['mariadb']['install']['version']StringVersion to install (currently 10.0 et 5.5)10.0
['mariadb']['use_default_repository']BooleanWether to install MariaDB default repository or not. If you don't have a local repo containing packages, put it to truefalse
['mariadb']['server_root_password']Stringlocal root password
['mariadb']['forbid_remote_root']BooleanWether to activate root remote accesstrue
['mariadb']['allow_root_pass_change']BooleanWether to allow the recipe to change root password after the first installfalse
['mariadb']['client']['development_files']BooleanWether to install development files in client recipetrue
['mariadb']['apt_repository']['base_url']StringThe http base url to use when installing from default repository'ftp.igh.cnrs.fr/pub/mariadb/repo'
['mariadb']['install']['prefer_os_package']BooleanIndicator for preferring use packages shipped by running osfalse
\n\nUsage\n-----\n\nTo install a default server for mariadb choose the version you want (MariaDB 5.5 or 10, galera or not), then call the recipe accordingly.\n\nList of availables recipes:\n\n- mariadb::default (just call server recipe with default options)\n- mariadb::server\n- mariadb::galera\n- mariadb::client\n\nPlease be ware that by default, the root password is empty! If you want have changed it use the `node['mariadb']['server_root_password']` attribute to put a correct value. And by default the remote root access is not activated. Use `node['mariadb']['forbid_remote_root']` attribute to change it.\n\nSometimes, the default apt repository used for apt does not work (see issue #6). In this case, you need to choose another mirror which worki (pick it from mariadb website), and put the http base url in the attribute `node['mariadb']['apt_repository']['base_url']`.\n\n#### mariadb::galera\n\nWhen installing the mariadb::galera on debian recipe, You have to take care of one specific attribute:\n`node['mariadb']['debian']['password']` which default to 'please-change-me'\nAs wee need to have the same password for this user on the whole cluster nodes... We will change the default install one by the content of this attribute.\n\n#### mariadb::client\n\nBy default this recipe install the client, and all needed packages to develop client application. If you do not want to install development files when installing client package,\nset the attribute `node['mariadb']['client']['development_files']` to false. \n\nProviders\n----------\n\nThis recipe define 2 providers:\n- `Chef::Provider::Mariadb::Configuration` shortcut resource `mariadb_configuration`\n- `Chef::Provider::Mariadb::Replication` shortcut resource `mariadb_replication`\n\n#### mariadb_configuration\n\nMainly use for internal purpose. You can use it to create a new configuration file into configuration dir. You have to define 2 variables `section` and `option`.\nWhere `section` is the configuration section, and `option` is a hash of key/value. The name of the resource is used as base for the filename.\n\nExample:\n```ruby\nmariadb_configuration 'fake' do\n section 'mysqld'\n option {foo: 'bar'}\nend\n```\nwill become the file fake.cnf in the include dir (depend on your platform), which contain:\n```\n[mysqld]\nfoo=bar\n```\n\nIf the value start with a '#', then it's considered as a comment, and the value is printed as is (without the key)\n\nExample:\n```ruby\nmariadb_configuration 'fake' do\n section 'mysqld'\n option {comment1: '# Here i am', foo: bar}\nend\n```\nwill become the file fake.cnf in the include dir (depend on your platform), which contain:\n```\n[mysqld]\n# Here i am\nfoo=bar\n```\n\n#### mariadb_replication\n\nThis LWRP is used to manage replication setup on a host. To use this LWRP, the node need to have the mysql binary installed (via the mariadb::client or mariadb::server or mariadb::galera recipe).\nIt have 4 actions:\n- add - to add a new replication setup (become a slave)\n- stop - to stop the slave replication\n- start - to start the slave replication\n- remove - to remove the slave replication configuration\n\nThe resource name need to be 'default' if your don't want to use a named connection (multi source replication in MariaDB 10).\n\nSo by default the provider try to use the local instance of mysql, with the current user and no password. If you want to change, you have to define `host`, `port`, `user` or `password`\n\n```ruby\nmariadb_replication 'default' do\n user 'root'\n password 'fakepass'\n host 'fakehost'\n action :stop\nend\n```\nwill stop the replication on the host `fakehost` using the user `root` and password `fakepass` to connect to.\n\nWhen you add a replication configuration, you have to define at least 4 values `master_host`, `master_user`, `master_password` and `master_use_gtid`. And if you don't want the GTID support, you have to define also `master_log_file` and `master_log_pos`\n\nExample:\n```ruby\nmariadb_replication 'usefull_conn_name' do\n master_host 'server1'\n master_user 'slave_user'\n master_password 'slave_password'\n master_use_gtid 'current_pos'\n action :add\nend\n```\n\nContributing\n------------\n\n1. Fork the repository on Github\n2. Create a named feature branch (like `add_component_x`)\n3. Write your change\n4. Write tests for your change (if applicable)\n5. Run the tests, ensuring they all pass\n6. Submit a Pull Request using Github\n\nLicense and Authors\n-------------------\nAuthors:\nNicolas Blanc \n","maintainer":"Nicolas Blanc","maintainer_email":"sinfomicien@gmail.com","license":"Apache 2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 7.0","centos":">= 6.4","redhat":">= 7.0"},"dependencies":{"apt":">= 0.0.0","yum":">= 0.0.0","yum-epel":">= 0.0.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file diff --git a/cookbooks/mariadb/providers/configuration.rb b/cookbooks/mariadb/providers/configuration.rb deleted file mode 100644 index 46adea3..0000000 --- a/cookbooks/mariadb/providers/configuration.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Cookbook Name:: mariadb -# Provider:: configuration -# - -use_inline_resources if defined?(use_inline_resources) - -def whyrun_supported? - true -end - -action :add do - variables_hash = { - section: new_resource.section, - options: new_resource.option - } - template node['mariadb']['configuration']['includedir'] + \ - '/' + new_resource.name + '.cnf' do - source 'conf.d.generic.erb' - owner 'root' - group 'mysql' - mode '0640' - cookbook 'mariadb' - variables variables_hash - end -end - -action :remove do - if ::File.exist?(node['mariadb']['configuration']['includedir'] + \ - '/' + new_resource.name + '.cnf') - Chef::Log.info "Removing #{new_resource.name} repository from " + \ - node['mariadb']['configuration']['includedir'] - file node['mariadb']['configuration']['includedir'] + \ - '/' + new_resource.name + '.cnf' do - action :delete - end - end -end diff --git a/cookbooks/mariadb/providers/replication.rb b/cookbooks/mariadb/providers/replication.rb deleted file mode 100644 index 6470023..0000000 --- a/cookbooks/mariadb/providers/replication.rb +++ /dev/null @@ -1,105 +0,0 @@ -# -# Cookbook Name:: mariadb -# Provider:: replication -# - -use_inline_resources if defined?(use_inline_resources) - -def whyrun_supported? - true -end - -def get_mysql_command(host, port, user, password) - mysql_command = '/usr/bin/mysql' - mysql_command += ' -h ' + host unless host.nil? - mysql_command += ' -P ' + port unless port.nil? - mysql_command += ' -u ' + user unless user.nil? - mysql_command += ' -p' + password unless password.nil? - mysql_command -end - -action :add do - if new_resource.master_host.nil? || new_resource.master_user.nil? || - new_resource.master_password.nil? - fail '[ERROR] When adding a slave, you have to define master_host' \ - ' master_user and master_password !' - end - sql_string = 'CHANGE MASTER ' - sql_string += '\'' + new_resource.name + \ - '\' ' if new_resource.name != 'default' - sql_string += 'TO ' - sql_string += 'MASTER_HOST=\'' + new_resource.master_host + '\', ' - sql_string += 'MASTER_PORT=' + new_resource.master_port.to_s + \ - ', ' unless new_resource.master_port.nil? - sql_string += 'MASTER_USER=\'' + new_resource.master_user + '\', ' - sql_string += 'MASTER_PASSWORD=\'' + new_resource.master_password + '\'' - if new_resource.master_use_gtid == 'no' - # Use non GTID replication setup - if new_resource.master_log_file.nil? || new_resource.master_log_pos.nil? - fail '[ERROR] When adding a slave without GTID, you have to' \ - 'define master_log_file and master_log_pos !' - end - unless new_resource.master_log_file.nil? - sql_string += ', MASTER_LOG_FILE=\'' + \ - new_resource.master_log_file + '\'' - sql_string += ', MASTER_LOG_POS=' + new_resource.master_log_pos.to_s - end - else - # Use GTID replication - sql_string += ', MASTER_USE_GTID=' + new_resource.master_use_gtid + ';' - end - execute 'add_replication_from_master_' + new_resource.name do - # Add sensitive true when foodcritic #233 fixed - command '/bin/echo "' + sql_string + '" | ' + get_mysql_command( - new_resource.host, - new_resource.port, - new_resource.user, - new_resource.password - ) - action :run - end -end - -action :remove do - execute 'remove_replication_from_master_' + new_resource.name do - # Add sensitive true when foodcritic #233 fixed - command '/bin/echo "STOP SLAVE \'' + new_resource.name + '\'; ' \ - 'RESET SLAVE \'' + new_resource.name + '\' ALL' \ - ';" | ' + get_mysql_command( - new_resource.host, - new_resource.port, - new_resource.user, - new_resource.password - ) - end -end - -action :start do - command_master_connection = ' \'' + new_resource.name + \ - '\'' unless new_resource.name == 'default' - execute 'start_replication_from_master_' + new_resource.name do - # Add sensitive true when foodcritic #233 fixed - command '/bin/echo "START SLAVE' + command_master_connection + ';' \ - '" | ' + get_mysql_command( - new_resource.host, - new_resource.port, - new_resource.user, - new_resource.password - ) - end -end - -action :stop do - command_master_connection = ' \'' + new_resource.name + \ - '\'' unless new_resource.name == 'default' - execute 'start_replication_from_master_' + new_resource.name do - # Add sensitive true when foodcritic #233 fixed - command '/bin/echo "STOP SLAVE' + command_master_connection + ';' \ - '" | ' + get_mysql_command( - new_resource.host, - new_resource.port, - new_resource.user, - new_resource.password - ) - end -end diff --git a/cookbooks/mariadb/recipes/_audit_plugin.rb b/cookbooks/mariadb/recipes/_audit_plugin.rb deleted file mode 100644 index 9b8d030..0000000 --- a/cookbooks/mariadb/recipes/_audit_plugin.rb +++ /dev/null @@ -1,53 +0,0 @@ -# Prepare Configuration File -audit_plugin_options = {} - -audit_plugin_options['comment1'] = '#' -audit_plugin_options['comment2'] = '# * MariaDB Audit Plugin' -audit_plugin_options['comment3'] = '#' - -audit_plugin_options['server_audit_events'] = \ - node['mariadb']['audit_plugin']['server_audit_events'] -audit_plugin_options['server_audit_output_type'] = \ - node['mariadb']['audit_plugin']['server_audit_output_type'] -audit_plugin_options['server_audit_syslog_facility'] = \ - node['mariadb']['audit_plugin']['server_audit_syslog_facility'] -audit_plugin_options['server_audit_syslog_priority'] = \ - node['mariadb']['audit_plugin']['server_audit_syslog_priority'] - -audit_plugin_options['enable'] = '#server_audit_logging = ON' - -# Install the MariaDB Audit Plugin -execute 'install_mariadb_audit_plugin' do - command '/usr/bin/mysql -e "INSTALL PLUGIN server_audit '\ - 'SONAME \'server_audit\';"' - notifies :run, 'execute[configure_mariadb_audit_plugin]', :immediately - not_if do - cmd = Mixlib::ShellOut.new('/usr/bin/mysql -u root -B -N -e "SELECT 1 '\ - 'FROM information_schema.plugins '\ - 'WHERE PLUGIN_NAME = \'SERVER_AUDIT\''\ - 'AND PLUGIN_STATUS = \'ACTIVE\';"') - cmd.run_command - cmd.stdout.to_i == 1 - end -end - -# Configure (Dynamic) -execute 'configure_mariadb_audit_plugin' do - command 'echo "SET GLOBAL server_audit_events=\'' + \ - node['mariadb']['audit_plugin']['server_audit_events'] + '\';' \ - 'SET GLOBAL server_audit_output_type=\'' + \ - node['mariadb']['audit_plugin']['server_audit_output_type'] + '\';' \ - 'SET GLOBAL server_audit_syslog_facility=\'' + \ - node['mariadb']['audit_plugin']['server_audit_syslog_facility'] + '\';' \ - 'SET GLOBAL server_audit_syslog_priority=\'' + \ - node['mariadb']['audit_plugin']['server_audit_syslog_priority'] + '\';"' \ - '| /usr/bin/mysql' - action :nothing -end - -# Create Configuration File -mariadb_configuration 'audit_plugin' do - section 'mysqld' - option audit_plugin_options - action :add -end diff --git a/cookbooks/mariadb/recipes/_debian_galera.rb b/cookbooks/mariadb/recipes/_debian_galera.rb deleted file mode 100644 index 63531ea..0000000 --- a/cookbooks/mariadb/recipes/_debian_galera.rb +++ /dev/null @@ -1,55 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: _debian_galera -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# To be sure that debconf is installed -package 'debconf-utils' do - action :install -end - -# Preseed Debian Package -# (but test for resource, as it can be declared by apt recipe) -begin - resources(directory: '/var/cache/local/preseeding') -rescue Chef::Exceptions::ResourceNotFound - directory '/var/cache/local/preseeding' do - owner 'root' - group 'root' - mode '0755' - recursive true - end -end - -template '/var/cache/local/preseeding/mariadb-galera-server.seed' do - source 'mariadb-server.seed.erb' - owner 'root' - group 'root' - mode '0600' - variables(package_name: 'mariadb-galera-server') - notifies :run, 'execute[preseed mariadb-galera-server]', :immediately -end - -execute 'preseed mariadb-galera-server' do - command '/usr/bin/debconf-set-selections ' \ - '/var/cache/local/preseeding/mariadb-galera-server.seed' - action :nothing -end - -package "mariadb-galera-server-#{node['mariadb']['install']['version']}" do - action :install -end diff --git a/cookbooks/mariadb/recipes/_debian_server.rb b/cookbooks/mariadb/recipes/_debian_server.rb deleted file mode 100644 index 4c17531..0000000 --- a/cookbooks/mariadb/recipes/_debian_server.rb +++ /dev/null @@ -1,55 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: _debian_server -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# To be sure that debconf is installed -package 'debconf-utils' do - action :install -end - -# Preseed Debian Package -# (but test for resource, as it can be declared by apt recipe) -begin - resources(directory: '/var/cache/local/preseeding') -rescue Chef::Exceptions::ResourceNotFound - directory '/var/cache/local/preseeding' do - owner 'root' - group 'root' - mode '0755' - recursive true - end -end - -template '/var/cache/local/preseeding/mariadb-server.seed' do - source 'mariadb-server.seed.erb' - owner 'root' - group 'root' - mode '0600' - variables(package_name: 'mariadb-server') - notifies :run, 'execute[preseed mariadb-server]', :immediately -end - -execute 'preseed mariadb-server' do - command '/usr/bin/debconf-set-selections ' \ - '/var/cache/local/preseeding/mariadb-server.seed' - action :nothing -end - -package "mariadb-server-#{node['mariadb']['install']['version']}" do - action :install -end diff --git a/cookbooks/mariadb/recipes/_redhat_galera.rb b/cookbooks/mariadb/recipes/_redhat_galera.rb deleted file mode 100644 index 8d725db..0000000 --- a/cookbooks/mariadb/recipes/_redhat_galera.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: _redhat_galera -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# To force removing of mariadb-libs on CentOS >= 7 -package 'MariaDB-shared' do - action :install -end - -package 'MariaDB-Galera-server' do - action :install - notifies :create, 'directory[/var/log/mysql]', :immediately - notifies :start, 'service[mysql]', :immediately - notifies :run, 'execute[change first install root password]', :immediately -end - -directory '/var/log/mysql' do - action :nothing - user 'mysql' - group 'mysql' - mode '0755' -end - -service 'mysql' do - action :nothing -end - -execute 'change first install root password' do - # Add sensitive true when foodcritic #233 fixed - command '/usr/bin/mysqladmin -u root password \'' + \ - node['mariadb']['server_root_password'] + '\'' - action :nothing - not_if { node['mariadb']['server_root_password'].empty? } -end diff --git a/cookbooks/mariadb/recipes/_redhat_server.rb b/cookbooks/mariadb/recipes/_redhat_server.rb deleted file mode 100644 index 4c0805a..0000000 --- a/cookbooks/mariadb/recipes/_redhat_server.rb +++ /dev/null @@ -1,48 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: _redhat_server -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# To force removing of mariadb-libs on CentOS >= 7 -package 'MariaDB-shared' do - action :install -end - -package 'MariaDB-server' do - action :install - notifies :create, 'directory[/var/log/mysql]', :immediately - notifies :start, 'service[mysql]', :immediately - notifies :run, 'execute[change first install root password]', :immediately -end - -directory '/var/log/mysql' do - action :nothing - user 'mysql' - group 'mysql' - mode '0755' -end - -execute 'change first install root password' do - # Add sensitive true when foodcritic #233 fixed - command '/usr/bin/mysqladmin -u root password \'' + \ - node['mariadb']['server_root_password'] + '\'' - action :nothing - not_if { node['mariadb']['server_root_password'].empty? } -end - -# Default policy for RH and fedora is to name it mysql -node.set['mariadb']['mysqld']['service_name'] = 'mysql' diff --git a/cookbooks/mariadb/recipes/_redhat_server_native.rb b/cookbooks/mariadb/recipes/_redhat_server_native.rb deleted file mode 100644 index 527a371..0000000 --- a/cookbooks/mariadb/recipes/_redhat_server_native.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: _redhat_server_native -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# This recipe is for install and configure os shipped mariadb package - -Chef::Recipe.send(:include, MariaDB::Helper) - -service_name = os_service_name(node['platform'], node['platform_version']) -node.set['mariadb']['mysqld']['service_name'] = service_name\ - unless service_name.nil? - -package 'mariadb-server' do - action :install - notifies :enable, 'service[mysql]' -end - -directory '/var/log/mysql' do - action :create - user 'mysql' - group 'mysql' - mode '0755' - notifies :start, 'service[mysql]', :immediately - notifies :run, 'execute[change first install root password]', :immediately -end - -execute 'change first install root password' do - # Add sensitive true when foodcritic #233 fixed - command '/usr/bin/mysqladmin -u root password \'' + \ - node['mariadb']['server_root_password'] + '\'' - action :nothing - not_if { node['mariadb']['server_root_password'].empty? } -end diff --git a/cookbooks/mariadb/recipes/client.rb b/cookbooks/mariadb/recipes/client.rb deleted file mode 100644 index a1296d2..0000000 --- a/cookbooks/mariadb/recipes/client.rb +++ /dev/null @@ -1,89 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: client -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -Chef::Recipe.send(:include, MariaDB::Helper) -case node['mariadb']['install']['type'] -when 'package' - use_os_package = use_os_native_package?( - node['mariadb']['install']['prefer_os_package'], - node['platform'], - node['platform_version']) - - include_recipe "#{cookbook_name}::repository" unless use_os_package - - case node['platform_family'] - when 'rhel' - # On CentOS at least, there's a conflict between MariaDB and mysql-libs - package 'mysql-libs' do - action :remove - not_if { use_os_package } - end - - # rubocop:disable BlockNesting - if use_os_package - if node['mariadb']['client']['development_files'] - node.default['mariadb']['client']['packages'] = \ - %w(mariadb mariadb-devel) - else - node.default['mariadb']['client']['packages'] = \ - %w(mariadb) - end - else - if node['mariadb']['client']['development_files'] - node.default['mariadb']['client']['packages'] = \ - %w(MariaDB-client MariaDB-devel) - else - node.default['mariadb']['client']['packages'] = \ - %w(MariaDB-client) - end - end - # rubocop:enable BlockNesting - when 'fedora' - if node['mariadb']['client']['development_files'] - node.default['mariadb']['client']['packages'] = \ - %w(mariadb mariadb-devel) - else - node.default['mariadb']['client']['packages'] = \ - %w(mariadb) - end - when 'suse' - if node['mariadb']['client']['development_files'] - node.default['mariadb']['client']['packages'] = \ - %w(mariadb-community-server-client libmariadbclient-devel) - else - node.default['mariadb']['client']['packages'] = \ - %w(mariadb-community-server-client) - end - when 'debian' - if node['mariadb']['client']['development_files'] - node.default['mariadb']['client']['packages'] = \ - %W(mariadb-client-#{node['mariadb']['install']['version']} - libmariadbclient-dev) - else - node.default['mariadb']['client']['packages'] = \ - %W(mariadb-client-#{node['mariadb']['install']['version']}) - end - end - - node['mariadb']['client']['packages'].each do |name| - package name - end -when 'from_source' - # To be filled as soon as possible -end diff --git a/cookbooks/mariadb/recipes/config.rb b/cookbooks/mariadb/recipes/config.rb deleted file mode 100644 index 33ce0e1..0000000 --- a/cookbooks/mariadb/recipes/config.rb +++ /dev/null @@ -1,95 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: config -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -template node['mariadb']['configuration']['path'] + '/my.cnf' do - source 'my.cnf.erb' - owner 'root' - group 'root' - mode '0644' -end - -innodb_options = {} - -innodb_options['comment1'] = '#' -innodb_options['comment2'] = '# * InnoDB' -innodb_options['comment3'] = '#' -innodb_options['comment4'] = '# InnoDB is enabled by default with a 10MB ' \ - 'datafile in /var/lib/mysql/.' -innodb_options['comment5'] = '# Read the manual for more InnoDB ' \ - 'related options. There are many!' - -innodb_options['innodb_log_file_size_comment1'] = '# you can\'t just ' \ - 'change log file size, ' \ - 'requires special procedure' -if node['mariadb']['innodb']['log_file_size'].empty? - innodb_options['innodb_log_file_size'] = '#innodb_log_file_size = 50M' -else - innodb_options['innodb_log_file_size'] = \ - node['mariadb']['innodb']['log_file_size'] -end -if node['mariadb']['innodb']['bps_percentage_memory'] - innodb_options['innodb_buffer_pool_size'] = ( - ( - node['mariadb']['innodb']['buffer_pool_size'].to_f * - (node['memory']['total'][0..-3].to_i / 1024) - ).round).to_s + 'M' -else - innodb_options['innodb_buffer_pool_size'] = \ - node['mariadb']['innodb']['buffer_pool_size'] -end -innodb_options['innodb_log_buffer_size'] = \ - node['mariadb']['innodb']['log_buffer_size'] -innodb_options['innodb_file_per_table'] = \ - node['mariadb']['innodb']['file_per_table'] -innodb_options['innodb_open_files'] = node['mariadb']['innodb']['open_files'] -innodb_options['innodb_io_capacity'] = \ - node['mariadb']['innodb']['io_capacity'] -innodb_options['innodb_flush_method'] = \ - node['mariadb']['innodb']['flush_method'] -node['mariadb']['innodb']['options'].each do |key, value| - innodb_options[key] = value -end - -mariadb_configuration 'innodb' do - section 'mysqld' - option innodb_options - action :add -end - -replication_opts = {} - -replication_opts['log_bin'] = node['mariadb']['replication']['log_bin'] -replication_opts['log_bin_index'] = \ - node['mariadb']['replication']['log_bin_index'] -replication_opts['expire_logs_days'] = \ - node['mariadb']['replication']['expire_logs_days'] -replication_opts['max_binlog_size'] = \ - node['mariadb']['replication']['max_binlog_size'] -unless node['mariadb']['replication']['server_id'].empty? - replication_opts['server-id'] = node['mariadb']['replication']['server_id'] -end -node['mariadb']['replication']['options'].each do |key, value| - replication_opts[key] = value -end - -mariadb_configuration 'replication' do - section 'mysqld' - option replication_opts - action :add -end diff --git a/cookbooks/mariadb/recipes/galera.rb b/cookbooks/mariadb/recipes/galera.rb deleted file mode 100644 index df98265..0000000 --- a/cookbooks/mariadb/recipes/galera.rb +++ /dev/null @@ -1,179 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: galera -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -case node['mariadb']['install']['type'] -when 'package' - # include MariaDB repositories - include_recipe "#{cookbook_name}::repository" - - case node['platform'] - when 'debian', 'ubuntu' - include_recipe "#{cookbook_name}::_debian_galera" - when 'redhat', 'centos', 'fedora', 'scientific', 'amazon' - include_recipe "#{cookbook_name}::_redhat_galera" - end -when 'from_source' - # To be filled as soon as possible -end - -if node['mariadb']['galera']['wsrep_sst_method'] == 'rsync' - package 'rsync' do - action :install - end -else - if node['mariadb']['galera']['wsrep_sst_method'] =~ /^xtrabackup(-v2)?/ - package 'percona-xtrabackup' do - action :install - end - - package 'socat' do - action :install - end - end -end - -include_recipe "#{cookbook_name}::config" - -galera_cluster_nodes = [] -if !node['mariadb'].attribute?('rspec') && Chef::Config[:solo] - if node['mariadb']['galera']['cluster_nodes'].empty? - Chef::Log.warn('By default this recipe uses search (unsupported by Chef Solo).' \ - ' Nodes may manually be configured as attributes.') - else - galera_cluster_nodes = node['mariadb']['galera']['cluster_nodes'] - end -else - if node['mariadb']['galera']['cluster_search_query'].empty? - galera_cluster_nodes = search( - :node, \ - "mariadb_galera_cluster_name:#{node['mariadb']['galera']['cluster_name']}" - ) - else - galera_cluster_nodes = search 'node', node['mariadb']['galera']['cluster_search_query'] - log 'Chef search results' do - message "Searching for \"#{node['mariadb']['galera']['cluster_search_query']}\" \ - resulted in \"#{galera_cluster_nodes}\" ..." - end - end - # Sort Nodes by fqdn - galera_cluster_nodes.sort! { |x, y| x[:fqdn] <=> y[:fqdn] } -end - -first = true -gcomm = 'gcomm://' -galera_cluster_nodes.each do |lnode| - next unless lnode.name != node.name - gcomm += ',' unless first - gcomm += lnode['fqdn'] - first = false -end - -galera_options = {} - -galera_options['wsrep_cluster_address'] = gcomm -galera_options['wsrep_cluster_name'] = \ - node['mariadb']['galera']['cluster_name'] -galera_options['wsrep_sst_method'] = \ - node['mariadb']['galera']['wsrep_sst_method'] -if node['mariadb']['galera'].attribute?('wsrep_sst_auth') - galera_options['wsrep_sst_auth'] = \ - node['mariadb']['galera']['wsrep_sst_auth'] -end -galera_options['wsrep_provider'] = \ - node['mariadb']['galera']['wsrep_provider'] -galera_options['wsrep_slave_threads'] = node['cpu']['total'] * 4 -node['mariadb']['galera']['options'].each do |key, value| - galera_options[key] = value -end - -mariadb_configuration 'galera' do - section 'mysqld' - option galera_options - action :add -end - -# -# Under debian system we have to change the debian-sys-maint default password. -# This password is the same for the overall cluster. -# -if platform?('debian', 'ubuntu') - template '/etc/mysql/debian.cnf' do - sensitive true - source 'debian.cnf.erb' - owner 'root' - group 'root' - mode '0600' - end - - grants_command = 'mysql -r -B -N -u root ' - - if node['mariadb']['server_root_password'].is_a?(String) - grants_command += '--password=\'' + \ - node['mariadb']['server_root_password'] + '\' ' - end - - grants_command += '-e "GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ' \ - 'DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, ' \ - 'INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY ' \ - 'TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, ' \ - 'REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ' \ - 'ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON ' \ - ' *.* TO \'' + node['mariadb']['debian']['user'] + \ - '\'@\'' + node['mariadb']['debian']['host'] + '\' ' \ - 'IDENTIFIED BY \'' + \ - node['mariadb']['debian']['password'] + '\' WITH GRANT ' \ - 'OPTION"' - - execute 'correct-debian-grants' do - # Add sensitive true when foodcritic #233 fixed - command grants_command - action :run - only_if do - cmd = Mixlib::ShellOut.new("/usr/bin/mysql --user=\"" + \ - node['mariadb']['debian']['user'] + \ - "\" --password=\"" + node['mariadb']['debian']['password'] + \ - "\" -r -B -N -e \"SELECT 1\"") - cmd.run_command - cmd.error? - end - ignore_failure true - end -end - -# -# NOTE: You cannot use the following code to restart Mariadb when in Galera mode. -# When your SST is longer than a chef run... -# ==> chef-client try to restart the service each time it run <== -# - -# restart the service if needed -# workaround idea from https://github.com/stissot -# -# Chef::Resource::Execute.send(:include, MariaDB::Helper) -# execute 'mariadb-service-restart-needed' do -# command 'true' -# only_if do -# mariadb_service_restart_required?( -# node['mariadb']['mysqld']['bind-address'], -# node['mariadb']['mysqld']['port'], -# node['mariadb']['mysqld']['socket'] -# ) -# end -# notifies :restart, 'service[mysql]', :immediately -# end diff --git a/cookbooks/mariadb/recipes/plugins.rb b/cookbooks/mariadb/recipes/plugins.rb deleted file mode 100644 index 5a722bc..0000000 --- a/cookbooks/mariadb/recipes/plugins.rb +++ /dev/null @@ -1,3 +0,0 @@ -node['mariadb']['plugins'].each do |plugin, enable| - include_recipe "#{cookbook_name}::_" + plugin + '_plugin' if enable -end diff --git a/cookbooks/mariadb/recipes/repository.rb b/cookbooks/mariadb/recipes/repository.rb deleted file mode 100644 index e8081eb..0000000 --- a/cookbooks/mariadb/recipes/repository.rb +++ /dev/null @@ -1,42 +0,0 @@ -case node['platform'] -when 'debian', 'ubuntu' - install_method = 'apt' -when 'redhat', 'centos', 'fedora', 'scientific', 'amazon' - install_method = 'yum' -end - -if node['mariadb']['use_default_repository'] - case install_method - when 'apt' - include_recipe 'apt::default' - - apt_repository "mariadb-#{node['mariadb']['install']['version']}" do - uri 'http://' + node['mariadb']['apt_repository']['base_url'] + '/' + \ - node['mariadb']['install']['version'] + '/' + node['platform'] - distribution node['lsb']['codename'] - components ['main'] - keyserver 'hkp://keyserver.ubuntu.com:80' - key '0xcbcb082a1bb943db' - end - when 'yum' - include_recipe 'yum::default' - - if node['platform'] == 'redhat' || node['platform'] == 'scientific' - target_platform = "rhel#{node['platform_version'].to_i}" - else - target_platform = "#{node['platform']}#{node['platform_version'].to_i}" - end - yum_repository "mariadb-#{node['mariadb']['install']['version']}" do - description 'MariaDB Official Repository' - baseurl 'http://yum.mariadb.org/' + \ - node['mariadb']['install']['version'] + "/#{target_platform}-amd64" - gpgkey 'https://yum.mariadb.org/RPM-GPG-KEY-MariaDB' - action :create - end - - case node['platform'] - when 'redhat', 'centos', 'scientific' - include_recipe 'yum-epel::default' - end - end -end diff --git a/cookbooks/mariadb/recipes/server.rb b/cookbooks/mariadb/recipes/server.rb deleted file mode 100644 index aa5db89..0000000 --- a/cookbooks/mariadb/recipes/server.rb +++ /dev/null @@ -1,130 +0,0 @@ -# -# Cookbook Name:: mariadb -# Recipe:: server -# -# Copyright 2014, blablacar.com -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -Chef::Recipe.send(:include, MariaDB::Helper) -case node['mariadb']['install']['type'] -when 'package' - if use_os_native_package?(node['mariadb']['install']['prefer_os_package'], - node['platform'], node['platform_version']) - # currently, no releases with apt (e.g. ubuntu) ship mariadb - # only provide one type of server here (with yum support) - include_recipe "#{cookbook_name}::_redhat_server_native" - else - include_recipe "#{cookbook_name}::repository" - - case node['platform'] - when 'debian', 'ubuntu' - include_recipe "#{cookbook_name}::_debian_server" - when 'redhat', 'centos', 'fedora', 'scientific', 'amazon' - include_recipe "#{cookbook_name}::_redhat_server" - end - end -when 'from_source' - # To be filled as soon as possible -end - -include_recipe "#{cookbook_name}::config" - -service 'mysql' do - service_name node['mariadb']['mysqld']['service_name'] - supports restart: true - action :nothing -end - -# move the datadir if needed -if node['mariadb']['mysqld']['datadir'] != - node['mariadb']['mysqld']['default_datadir'] - - bash 'move-datadir' do - user 'root' - code <<-EOH - /bin/cp -a #{node['mariadb']['mysqld']['default_datadir']}/* \ - #{node['mariadb']['mysqld']['datadir']} && - /bin/rm -r #{node['mariadb']['mysqld']['default_datadir']} && - /bin/ln -s #{node['mariadb']['mysqld']['datadir']} \ - #{node['mariadb']['mysqld']['default_datadir']} - EOH - action :nothing - end - - directory node['mariadb']['mysqld']['datadir'] do - owner 'mysql' - group 'mysql' - mode 00750 - action :create - notifies :stop, 'service[mysql]', :immediately - notifies :run, 'bash[move-datadir]', :immediately - notifies :start, 'service[mysql]', :immediately - only_if { !File.symlink?(node['mariadb']['mysqld']['default_datadir']) } - end -end - -# restart the service if needed -# workaround idea from https://github.com/stissot -Chef::Resource::Execute.send(:include, MariaDB::Helper) -execute 'mariadb-service-restart-needed' do - command 'true' - only_if do - mariadb_service_restart_required?( - node['mariadb']['mysqld']['bind_address'], - node['mariadb']['mysqld']['port'], - node['mariadb']['mysqld']['socket'] - ) - end - notifies :restart, 'service[mysql]', :immediately -end - -if node['mariadb']['allow_root_pass_change'] - # Used to change root password after first install - # Still experimental - if node['mariadb']['server_root_password'].empty? - md5 = Digest::MD5.hexdigest('empty') - else - md5 = Digest::MD5.hexdigest(node['mariadb']['server_root_password']) - end - - file '/etc/mysql_root_change' do - content md5 - action :create - notifies :run, 'execute[install-grants]', :immediately - end -end - -if node['mariadb']['allow_root_pass_change'] || - node['mariadb']['forbid_remote_root'] - execute 'install-grants' do - # Add sensitive true when foodcritic #233 fixed - command '/bin/bash /etc/mariadb_grants \'' + \ - node['mariadb']['server_root_password'] + '\'' - only_if { File.exist?('/etc/mariadb_grants') } - action :nothing - end - - template '/etc/mariadb_grants' do - sensitive true - source 'mariadb_grants.erb' - owner 'root' - group 'root' - mode '0600' - notifies :run, 'execute[install-grants]', :immediately - end -end - -# MariaDB Plugins -include_recipe "#{cookbook_name}::plugins" if node['mariadb']['plugins_options']['auto_install'] diff --git a/cookbooks/mariadb/resources/configuration.rb b/cookbooks/mariadb/resources/configuration.rb deleted file mode 100644 index 57e458a..0000000 --- a/cookbooks/mariadb/resources/configuration.rb +++ /dev/null @@ -1,13 +0,0 @@ -# -# Cookbook Name:: mariadb -# Resource:: configuration -# - -actions :add, :remove -default_action :add - -# name of the extra conf file, used for .cnf filename -attribute :conf_name, kind_of: String, name_attribute: true -attribute :section, kind_of: String -attribute :option, kind_of: Hash, default: {} -attribute :cookbook, kind_of: String, default: nil diff --git a/cookbooks/mariadb/resources/replication.rb b/cookbooks/mariadb/resources/replication.rb deleted file mode 100644 index afb0462..0000000 --- a/cookbooks/mariadb/resources/replication.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Cookbook Name:: mariadb -# Resource:: replication -# - -actions :add, :remove, :start, :stop -default_action :add - -# name of the extra conf file, used for .cnf filename -attribute :connection_name, kind_of: String, name_attribute: true -attribute :host, kind_of: [String, NilClass], default: nil -attribute :port, kind_of: [String, NilClass], default: nil -attribute :user, kind_of: [String, NilClass], default: nil -attribute :password, kind_of: [String, NilClass], default: nil -attribute :master_host, kind_of: [String, NilClass], default: nil -attribute :master_user, kind_of: [String, NilClass], default: nil -attribute :master_password, kind_of: [String, NilClass], default: nil -attribute :master_connect_retry, kind_of: [String, NilClass], default: nil -attribute :master_port, kind_of: [Integer, NilClass], default: nil -attribute :master_log_pos, kind_of: [Integer, NilClass], default: nil -attribute :master_log_file, kind_of: [String, NilClass], default: nil -attribute :master_use_gtid, kind_of: String, default: 'no' diff --git a/cookbooks/mariadb/templates/default/conf.d.generic.erb b/cookbooks/mariadb/templates/default/conf.d.generic.erb deleted file mode 100644 index 56af4e1..0000000 --- a/cookbooks/mariadb/templates/default/conf.d.generic.erb +++ /dev/null @@ -1,19 +0,0 @@ -# DEPLOYED BY CHEF -[<%= @section -%>] -<% @options.each do | option_name, option_value |-%> - <% if option_value.to_s == 'true' -%> -<%= option_name %> - <% else -%> - <% if option_value.kind_of?(String) && option_value.start_with?('#') -%> -<%= option_value %> - <% else -%> - <% if option_value.kind_of?(Array) -%> - <% option_value.each do | option_value_array_value | -%> -<%= option_name -%> = <%= option_value_array_value %> - <% end -%> - <% else -%> -<%= option_name -%> = <%= option_value %> - <% end -%> - <% end -%> - <% end -%> -<% end -%> diff --git a/cookbooks/mariadb/templates/default/debian.cnf.erb b/cookbooks/mariadb/templates/default/debian.cnf.erb deleted file mode 100644 index b7fb3f6..0000000 --- a/cookbooks/mariadb/templates/default/debian.cnf.erb +++ /dev/null @@ -1,12 +0,0 @@ -# Automatically generated for Debian scripts (Managed by CHEF). DO NOT TOUCH! -[client] -host = <%= node['mariadb']['debian']['host'] %> -user = <%= node['mariadb']['debian']['user'] %> -password = <%= node['mariadb']['debian']['password'] %> -socket = <%= node['mariadb']['client']['socket'] %> -[mysql_upgrade] -host = <%= node['mariadb']['debian']['host'] %> -user = <%= node['mariadb']['debian']['user'] %> -password = <%= node['mariadb']['debian']['password'] %> -socket = <%= node['mariadb']['mysqld_safe']['socket'] %> -basedir = <%= node['mariadb']['mysqld']['basedir'] %> diff --git a/cookbooks/mariadb/templates/default/mariadb-server.seed.erb b/cookbooks/mariadb/templates/default/mariadb-server.seed.erb deleted file mode 100644 index eddb939..0000000 --- a/cookbooks/mariadb/templates/default/mariadb-server.seed.erb +++ /dev/null @@ -1,13 +0,0 @@ -<% -# Value obtained via the debconf-get-selections tool on debian wheezy -pack_w_version = @package_name + '-' + node['mariadb']['install']['version'] --%> -<%= pack_w_version %> mysql-server/root_password_again select <%= node['mariadb']['server_root_password'] %> -<%= pack_w_version %> mysql-server/root_password select <%= node['mariadb']['server_root_password'] %> -<%= pack_w_version %> mysql-server/error_setting_password boolean false -<%= pack_w_version %> mysql-server-5.1/nis_warning note -<%= pack_w_version %> mysql-server-5.1/start_on_boot boolean true -<%= pack_w_version %> <%= pack_w_version %>/really_downgrade boolean false -<%= pack_w_version %> mysql-server-5.1/postrm_remove_databases boolean false -<%= pack_w_version %> mysql-server/password_mismatch boolean false -<%= pack_w_version %> mysql-server/no_upgrade_when_using_ndb boolean true diff --git a/cookbooks/mariadb/templates/default/mariadb_grants.erb b/cookbooks/mariadb/templates/default/mariadb_grants.erb deleted file mode 100644 index 6eda39d..0000000 --- a/cookbooks/mariadb/templates/default/mariadb_grants.erb +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Generated by CHEF -# Local modification will be overriden - -<% if node['mariadb']['allow_root_pass_change'] -%> -<% if node['mariadb']['server_root_password'].empty? -%> -/usr/bin/mysqladmin -u root password "$1" -<% else -%> -/usr/bin/mysqladmin -u root -p'<%= node['mariadb']['server_root_password'] %>' password "$1" -<% end -%> - -<% end -%> -password_flag="" -if [ "$1" ]; then - password_flag="-p$1" -fi - -<% if node['mariadb']['forbid_remote_root'] -%> -user_exist=`/usr/bin/mysql -u root ${password_flag} -D mysql -r -B -N -e "SELECT user from user where user = 'root' and host = '%'"` -if [ $user_exist == 'root' ]; then - /bin/echo "DROP USER 'root'@'%';" | /usr/bin/mysql -u root ${password_flag} -fi -<% else -%> -/bin/echo "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '<%= node['mariadb']['server_root_password'] %>' WITH GRANT OPTION;" | /usr/bin/mysql -u root ${password_flag} -<% end -%> diff --git a/cookbooks/mariadb/templates/default/my.cnf.erb b/cookbooks/mariadb/templates/default/my.cnf.erb deleted file mode 100644 index 4b78c25..0000000 --- a/cookbooks/mariadb/templates/default/my.cnf.erb +++ /dev/null @@ -1,191 +0,0 @@ -# DEPLOYED BY CHEF -# MariaDB database server configuration file. -# -# You can copy this file to one of: -# - "/etc/mysql/my.cnf" to set global options, -# - "~/.my.cnf" to set user-specific options. -# -# One can use all long options that the program supports. -# Run program with --help to get a list of available options and with -# --print-defaults to see which it would actually understand and use. -# -# For explanations see -# http://dev.mysql.com/doc/mysql/en/server-system-variables.html - -# This will be passed to all mysql clients -# It has been reported that passwords should be enclosed with ticks/quotes -# escpecially if they contain "#" chars... -# Remember to edit /etc/mysql/debian.cnf when changing the socket location. -[client] -port = <%= node['mariadb']['client']['port'] %> -socket = <%= node['mariadb']['client']['socket'] %> -<% if node['mariadb']['client'].attribute?('host') && !node['mariadb']['client']['host'].nil? %> -host = <%= node['mariadb']['client']['host'] %> -<% end %> - -# Here is entries for some specific programs -# The following values assume you have at least 32M ram - -# This was formally known as [safe_mysqld]. Both versions are currently parsed. -[mysqld_safe] -socket = <%= node['mariadb']['mysqld_safe']['socket'] %> -nice = 0 - -[mysqld] -# -# * Basic Settings -# -user = <%= node['mariadb']['mysqld']['user'] %> -<% if node['mariadb']['mysqld'].attribute?('pid_file') %> -pid-file = <%= node['mariadb']['mysqld']['pid_file'] %> -<% end %> -socket = <%= node['mariadb']['mysqld']['socket'] %> -port = <%= node['mariadb']['mysqld']['port'] %> -basedir = <%= node['mariadb']['mysqld']['basedir'] %> -datadir = <%= node['mariadb']['mysqld']['default_datadir'] %> -tmpdir = <%= node['mariadb']['mysqld']['tmpdir'] %> -lc_messages_dir = <%= node['mariadb']['mysqld']['lc_messages_dir'] %> -lc_messages = <%= node['mariadb']['mysqld']['lc_messages'] %> -<% if node['mariadb']['mysqld']['skip_external_locking'] == 'true' -%> -skip-external-locking -<% end -%> -# -# Instead of skip-networking the default is now to listen only on -# localhost which is more compatible and is not less secure. -<% unless node['mariadb']['mysqld']['bind_address'].nil? or node['mariadb']['mysqld']['bind_address'].empty? -%> -bind-address = <%= node['mariadb']['mysqld']['bind_address'] %> -<% end -%> -# -# * Fine Tuning -# -max_connections = <%= node['mariadb']['mysqld']['max_connections'] %> -connect_timeout = <%= node['mariadb']['mysqld']['connect_timeout'] %> -wait_timeout = <%= node['mariadb']['mysqld']['wait_timeout'] %> -max_allowed_packet = <%= node['mariadb']['mysqld']['max_allowed_packet'] %> -thread_cache_size = <%= node['mariadb']['mysqld']['thread_cache_size'] %> -sort_buffer_size = <%= node['mariadb']['mysqld']['sort_buffer_size'] %> -bulk_insert_buffer_size = <%= node['mariadb']['mysqld']['bulk_insert_buffer_size'] %> -tmp_table_size = <%= node['mariadb']['mysqld']['tmp_table_size'] %> -max_heap_table_size = <%= node['mariadb']['mysqld']['max_heap_table_size'] %> -# -# * MyISAM -# -# This replaces the startup script and checks MyISAM tables if needed -# the first time they are touched. On error, make copy and try a repair. -myisam_recover = <%= node['mariadb']['mysqld']['myisam_recover'] %> -key_buffer_size = <%= node['mariadb']['mysqld']['key_buffer_size'] %> -<% if node['mariadb']['mysqld']['open_files_limit'].empty? -%> -#open-files-limit = 2000 -<% else -%> -open-files-limit = <%= node['mariadb']['mysqld']['open_files_limit'] %> -<% end -%> -table_open_cache = <%= node['mariadb']['mysqld']['table_open_cache'] %> -myisam_sort_buffer_size = <%= node['mariadb']['mysqld']['myisam_sort_buffer_size'] %> -concurrent_insert = <%= node['mariadb']['mysqld']['concurrent_insert'] %> -read_buffer_size = <%= node['mariadb']['mysqld']['read_buffer_size'] %> -read_rnd_buffer_size = <%= node['mariadb']['mysqld']['read_rnd_buffer_size'] %> -# -# * Query Cache Configuration -# -# Cache only tiny result sets, so we can fit more in the query cache. -query_cache_limit = <%= node['mariadb']['mysqld']['query_cache_limit'] %> -query_cache_size = <%= node['mariadb']['mysqld']['query_cache_size'] %> -# for more write intensive setups, set to DEMAND or OFF -<% if node['mariadb']['mysqld']['query_cache_type'].empty? -%> -#query_cache_type = DEMAND -<% else -%> -query_cache_type = <%= node['mariadb']['mysqld']['query_cache_type'] %> -<% end -%> -# -# * Logging and Replication -# -# Both location gets rotated by the cronjob. -# Be aware that this log type is a performance killer. -# As of 5.1 you can enable the log at runtime! -#general_log_file = /var/log/mysql/mysql.log -#general_log = 1 -# -# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. -# -# we do want to know about network errors and such -log_warnings = 2 -# -# Enable the slow query log to see queries with especially long duration -#slow_query_log[={0|1}] -slow_query_log_file = /var/log/mysql/mariadb-slow.log -long_query_time = 10 -#log_slow_rate_limit = 1000 -log_slow_verbosity = query_plan - -#log-queries-not-using-indexes -#log_slow_admin_statements -# -# The following can be used as easy to replay backup logs or for replication. -# note: if you are setting up a replication slave, see README.Debian about -# other settings you may need to change. -#report_host = master1 -#auto_increment_increment = 2 -#auto_increment_offset = 1 -# not fab for performance, but safer -#sync_binlog = 1 -# slaves -#relay_log = /var/log/mysql/relay-bin -#relay_log_index = /var/log/mysql/relay-bin.index -#relay_log_info_file = /var/log/mysql/relay-bin.info -#log_slave_updates -#read_only -# -# If applications support it, this stricter sql_mode prevents some -# mistakes like inserting invalid dates etc. -#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL - -default_storage_engine = <%= node['mariadb']['mysqld']['default_storage_engine'] %> - -# -# * Security Features -# -# Read the manual, too, if you want chroot! -# chroot = /var/lib/mysql/ -# -# For generating SSL certificates I recommend the OpenSSL GUI "tinyca". -# -# ssl-ca=/etc/mysql/cacert.pem -# ssl-cert=/etc/mysql/server-cert.pem -# ssl-key=/etc/mysql/server-key.pem - -<% if node['mariadb']['mysqld'].key?('options') -%> -<% node['mariadb']['mysqld']['options'].each { |key, value| -%> -<%= key %> = <%= value %> -<% } -%> -<% end -%> - -# -# * Plugins Options -# -<% plugin_load = [] -%> -<% node['mariadb']['plugins_loading'].each { |plugin, loading| -%> - <% plugin_load.push(loading) if node['mariadb']['plugins'][plugin] %> -<% } -%> -plugin-load = <%= plugin_load.join(';') %> - -[mysqldump] -<% if node['mariadb']['mysqldump']['quick'].empty? -%> -quick -<% end -%> -<% if node['mariadb']['mysqldump']['quote_names'].empty? -%> -quote-names -<% end -%> -max_allowed_packet = <%= node['mariadb']['mysqldump']['max_allowed_packet'] %> - -[mysql] -#no-auto-rehash # faster start of mysql but no tab completition - -[isamchk] -key_buffer = <%= node['mariadb']['isamchk']['key_buffer'] %> - -# -# * IMPORTANT: Additional settings that can override those from this file! -# The files must end with '.cnf', otherwise they'll be ignored. -# -!includedir <%= node['mariadb']['configuration']['includedir'] %>/ - diff --git a/cookbooks/mingw/.markdownlint-cli2.yaml b/cookbooks/mingw/.markdownlint-cli2.yaml new file mode 100644 index 0000000..dffb96a --- /dev/null +++ b/cookbooks/mingw/.markdownlint-cli2.yaml @@ -0,0 +1,4 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading/no-duplicate-header: false # MD024 diff --git a/cookbooks/mingw/CHANGELOG.md b/cookbooks/mingw/CHANGELOG.md index 7235bbc..cc69c82 100644 --- a/cookbooks/mingw/CHANGELOG.md +++ b/cookbooks/mingw/CHANGELOG.md @@ -2,6 +2,16 @@ This file is used to list changes made in each version of the mingw cookbook. +## 2.1.7 - *2023-06-01* + +## 2.1.6 - *2023-04-01* + +## 2.1.5 - *2023-03-03* + +## 2.1.4 - *2022-02-08* + +- Remove delivery folder + ## 2.1.3 - *2021-08-31* - Standardise files with files in sous-chefs/repo-management @@ -57,9 +67,11 @@ This file is used to list changes made in each version of the mingw cookbook. - Do not allow bash.exe to be called if MSYSTEM is undefined. ## v1.2.0 (2016-06-03) + - Updating to fix the issue where msys2 bash does not inherit the cwd correctly ## v1.1.0 (2016-06-03) + - Add msys2 based compiler support using the new msys2_package resource ## v1.0.0 (2016-05-11) diff --git a/cookbooks/mingw/README.md b/cookbooks/mingw/README.md index 477040c..ec3c241 100644 --- a/cookbooks/mingw/README.md +++ b/cookbooks/mingw/README.md @@ -40,79 +40,9 @@ Of course, to further complicate matters, different versions of different compil ## Resources -### msys2_package - -- ':install' - Installs an msys2 package using pacman. -- ':remove' - Uninstalls any existing msys2 package. -- ':upgrade' - Upgrades the specified package using pacman. - -All options also automatically attempt to install a 64-bit based msys2 base file system at the root path specified. Note that you probably won't need a "32-bit" msys2 unless you are actually on a 32-bit only platform. You can still install both 32 and 64-bit compilers and libraries in a 64-bit msys2 base file system. - -#### Attributes - -- `node['msys2']['url']` - overrides the url from which to download the package. -- `node['msys2']['checksum']` - overrides the checksum used to verify the downloaded package. - -#### Parameters - -- `package` - An msys2 pacman package (or meta-package) to fetch and install. You may use a legal package wild-card pattern here if you are installing. This is the name attribute. -- `root` - The root directory where msys2 tools will be installed. This directory must not contain any spaces in order to pacify old posix tools and most Makefiles. - -#### Examples - -To get the core msys2 developer tools in `C:\msys2` - -```ruby -msys2_package 'base-devel' do - root 'C:\msys2' -end -``` - -### mingw_get - -#### Actions - -- `:install` - Installs a mingw package from sourceforge using mingw-get.exe. -- `:remove` - Uninstalls a mingw package. -- `:upgrade` - Upgrades a mingw package (even to a lower version). - -#### Parameters - -- `package` - A mingw-get package (or meta-package) to fetch and install. You may use a legal package wild-card pattern here if you are installing. This is the name attribute. -- `root` - The root directory where msys and mingw tools will be installed. This directory must not contain any spaces in order to pacify old posix tools and most Makefiles. - -#### Examples - -To get the core msys developer tools in `C:\mingw32` - -```ruby -mingw_get 'msys-base=2013072300-msys-bin.meta' do - root 'C:\mingw32' -end -``` - -### mingw_tdm_gcc - -#### Actions - -- `:install` - Installs the TDM compiler toolchain at the given path. This only gives you a compiler. If you need any support tooling such as make/grep/awk/bash etc., see `mingw_get`. - -#### Parameters - -- `flavor` - Either `:sjlj_32` or `:seh_sjlj_64`. TDM-64 is a 32/64-bit multi-lib "cross-compiler" toolchain that builds 64-bit by default. It uses structured exception handling (SEH) in 64-bit code and setjump-longjump exception handling (SJLJ) in 32-bit code. TDM-32 only builds 32-bit binaries and uses SJLJ. -- `root` - The root directory where compiler tools and runtime will be installed. This directory must not contain any spaces in order to pacify old posix tools and most Makefiles. -- `version` - The version of the compiler to fetch and install. This is the name attribute. Currently, '5.1.0' is supported. - -#### Examples - -To get the 32-bit TDM GCC compiler in `C:\mingw32` - -```ruby -mingw_tdm_gcc '5.1.0' do - flavor :sjlj_32 - root 'C:\mingw32' -end -``` +- [minw_get](./documentation/mingw_get.md) +- [mingw_tdm_gcc](./documentation/mingw_tdm_gcc.md) +- [msys2_package](./documentation/msys2_package.md) ## License & Authors @@ -120,7 +50,7 @@ end **Copyright:** 2009-2016, Chef Software, Inc. -``` +```text Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/cookbooks/mingw/metadata.json b/cookbooks/mingw/metadata.json index 0d39c3b..98cf457 100644 --- a/cookbooks/mingw/metadata.json +++ b/cookbooks/mingw/metadata.json @@ -17,7 +17,7 @@ "recipes": { }, - "version": "2.1.3", + "version": "2.1.7", "source_url": "https://github.com/chef-cookbooks/mingw", "issues_url": "https://github.com/chef-cookbooks/mingw/issues", "privacy": false, diff --git a/cookbooks/mingw/metadata.rb b/cookbooks/mingw/metadata.rb index 4df13cd..f899f16 100644 --- a/cookbooks/mingw/metadata.rb +++ b/cookbooks/mingw/metadata.rb @@ -3,7 +3,7 @@ maintainer 'Chef Software, Inc.' maintainer_email 'cookbooks@chef.io' license 'Apache-2.0' description 'Installs a mingw/msys based toolchain on windows' -version '2.1.3' +version '2.1.7' supports 'windows' diff --git a/cookbooks/mingw/renovate.json b/cookbooks/mingw/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/mingw/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/poise-archive/CHANGELOG.md b/cookbooks/poise-archive/CHANGELOG.md deleted file mode 100644 index 25c32a6..0000000 --- a/cookbooks/poise-archive/CHANGELOG.md +++ /dev/null @@ -1,43 +0,0 @@ -# Poise-Archive Changelog - -## v1.5.0 - -* Support for 7-Zip unpacking archives on drives other than the system root. -* Chef 13 support. - -## v1.4.0 - -* Added support for using 7-Zip on Windows. -* Fixed handling of `.tar.xz` archives on RHEL and CentOS. - -## v1.3.0 - -* Add support for unpacking directly from a URL. - -## v1.2.1 - -* [#1](https://github.com/poise/poise-archive/issues/1) Restore file permissions - for ZIP files. - -## v1.2.0 - -* Add back a tar-binary provider called `GnuTar`, used by default on Linux. -* Support for ZIP files via RubyZip. -* Full Windows support, including with the `user` and `group` properties. - -## v1.1.2 - -* Fix compat with older Ruby that doesn't include `Entry#symlink?`. - -## v1.1.1 - -* Fix GNU tar longlink extension. - -## v1.1.0 - -* Scrap the original tar implementation in favor of a 100% pure-Ruby solution. - This should work on all platforms exactly the same. Hopefully. - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise-archive/README.md b/cookbooks/poise-archive/README.md deleted file mode 100644 index 46893e6..0000000 --- a/cookbooks/poise-archive/README.md +++ /dev/null @@ -1,103 +0,0 @@ -# Poise-Archive Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-archive.svg)](https://travis-ci.org/poise/poise-archive) -[![Gem Version](https://img.shields.io/gem/v/poise-archive.svg)](https://rubygems.org/gems/poise-archive) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-archive.svg)](https://supermarket.chef.io/cookbooks/poise-archive) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-archive.svg)](https://codecov.io/github/poise/poise-archive) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-archive.svg)](https://gemnasium.com/poise/poise-archive) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to unpack file archives. - -It supports `.tar`, `.tar.gz`, `.tar.bz2`, and `.zip` archive files. - -## Quick Start - -To download an unpack and archive: - -```ruby -poise_archive 'https://example.com/myapp.tgz' do - destination '/opt/myapp' -end -``` - -## Requirements - -Chef 12.1 or newer is required. - -## Platforms - -This cookbook supports all platforms (including Windows) but some Unix platforms -(Solaris, AIX) may see very slow tar file unpacking when using the pure-Ruby fallback -implementation. - -## Resources - -### `poise_archive` - -The `poise_archive` resource unpacks file archives. - -```ruby -poise_archive '/tmp/myapp-1.2.0.tar' do - destination '/srv/myapp-1.2.0' -end -``` - -A URL can also be passed as the source path, optionally with extra properties to -be merged with `source_properties`. - -```ruby -poise_archive 'http://example.com/myapp-1.2.0.zip' do - destination '/srv/myapp-1.2.0' -end - -poise_archive ['http://example.com/myapp-1.2.0.zip', {headers: {'Authentication' => '...'}}] do - destination '/srv/myapp-1.2.0' -end -``` - -#### Actions - -* `:unpack` – Unpack the archive. *(default)* - -#### Properties - -* `path` – Path to the archive. If relative, it is taken as a file inside - `Chef::Config[:file_cache_path]`. If a URL, it is downloaded to a cache file - first. *(name attribute)* -* `destination` – Path to unpack the archive to. If not specified, the path of - the archive without the file extension is used. Required when unpacking from - a URL. *(default: auto)* -* `group` – Group to run the unpack as. -* `keep_existing` – Keep existing files in the destination directory when - unpacking. *(default: false)* -* `source_properties` – Property key/value pairs to be applied to the - `remote_file` file resource when downloading a URL. *(default: {retries: 5})* -* `strip_components` – Number of intermediary directories to skip when - unpacking. Works like GNU tar's `--strip-components`. *(default: 1)* -* `user` – User to run the unpack as. - -## Sponsors - -Development sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2016-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -BZip2 implementation is based on RBzip2. Copyright Sebastian Staudt, Brian Lopez. -RBzip2 code used under the terms of the new BSD license. diff --git a/cookbooks/poise-archive/attributes/default.rb b/cookbooks/poise-archive/attributes/default.rb deleted file mode 100644 index 5c92d99..0000000 --- a/cookbooks/poise-archive/attributes/default.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -default['poise-archive']['seven_zip']['version'] = '16.04' -default['poise-archive']['seven_zip']['url'] = 'http://www.7-zip.org/a/7z%{version_tag}%{arch_tag}.exe' diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive.rb deleted file mode 100644 index e796045..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseArchive - autoload :Resources, 'poise_archive/resources' - autoload :VERSION, 'poise_archive/version' -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers.rb deleted file mode 100644 index 8d0d29f..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_archive/archive_providers/gnu_tar' -require 'poise_archive/archive_providers/seven_zip' -require 'poise_archive/archive_providers/tar' -require 'poise_archive/archive_providers/zip' - - -module PoiseArchive - # Providers for the poise_archive resource. - # - # @since 1.0.0 - module ArchiveProviders - # Set up priority maps - Chef::Platform::ProviderPriorityMap.instance.priority(:poise_archive, [ - PoiseArchive::ArchiveProviders::Zip, - PoiseArchive::ArchiveProviders::GnuTar, - PoiseArchive::ArchiveProviders::SevenZip, - PoiseArchive::ArchiveProviders::Tar, - ]) - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/base.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/base.rb deleted file mode 100644 index a249e72..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/base.rb +++ /dev/null @@ -1,132 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'fileutils' - -require 'chef/provider' -require 'poise' - - -module PoiseArchive - module ArchiveProviders - # The provider base class for `poise_archive`. - # - # @see PoiseArchive::Resources::PoiseArchive::Resource - # @provides poise_archive - class Base < Chef::Provider - include Poise - - # Set the file extension this provider will handle. - # - # @param match [RegExp] Regular expression to match against the archive - # file name. - # @return [void] - # @example - # class MyProvider < Base - # provides_extension(/\.hqx$/) - # end - def self.provides_extension(match) - provides(:poise_archive) - @provides_extension = match - end - - # Override normal provider resolution to also check file extension if one - # was specified in the provider. - # - # @api private - def self.provides?(node, resource) - super && (!@provides_extension || @provides_extension.match(resource.path)) - end - - # `unpack` action for `poise_archive`. - # - # @return [void] - def action_unpack - if new_resource.is_url? - download_resource = download_file - # Check if the download resource updated, if not don't run the rest - # of the unpack for idempotence. I could also check - # new_resource.updated? but this seems more future proof. - return if !download_resource.updated_by_last_action? - end - converge_by("unpack archive #{new_resource.path} to #{new_resource.destination}") do - notifying_block do - create_directory - end - empty_directory - unpack_archive - end - end - - private - - # Download the source file to a cache path. - # - # @return [Chef::Resource] - def download_file - # resource_state used for closure breaking on the notifying block. - resource_state = [] - notifying_block do - # TODO handle cookbook:// for cookbook_file "downloads". - resource_state << remote_file(new_resource.absolute_path) do - source new_resource.path - retries 5 # As a default, could be overridden by source_properties. - new_resource.merged_source_properties.each do |key, value| - send(key, value) - end - end - end - # Return the download resource for state tracking. - resource_state.first - end - - # Make sure the destination directory exists. - # - # @return [void] - def create_directory - directory new_resource.destination do - group new_resource.group if new_resource.group - owner new_resource.user if new_resource.user - # There is explicitly no mode being set here. If a non-default mode - # is needed, you should manage that outside of poise_archive. - end - end - - # Remove all existing content from the destination so we can unpack the - # new content. - # - # @return [void] - def empty_directory - # If you want to keep it, not my problem. - return if new_resource.keep_existing - dest = new_resource.destination - Dir.entries(dest).each do |entry| - next if entry == '.' || entry == '..' - FileUtils.remove_entry_secure(::File.join(dest, entry)) - end - end - - # Run the provider-specific unpack behavior. - # - # @abstract - # @return [void] - def unpack_archive - raise NotImplementedError - end - - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/gnu_tar.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/gnu_tar.rb deleted file mode 100644 index 196f844..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/gnu_tar.rb +++ /dev/null @@ -1,88 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'fileutils' -require 'tmpdir' - -require 'poise_archive/archive_providers/base' - - -module PoiseArchive - module ArchiveProviders - # The `gnu_tar` provider class for `poise_archive` to install from TAR - # archives using GNU's tar executable. - # - # @see PoiseArchive::Resources::PoiseArchive::Resource - # @provides poise_archive - class GnuTar < Base - provides_extension(/\.t(ar|gz|bz|xz)/) - - # Only use this if we are on Linux. Everyone else gets the slow Ruby code. - # - # @api private - def self.provides?(node, _resource) - super && node['os'] == 'linux' - end - - private - - def unpack_archive - notifying_block do - install_prereqs - end - unpack_tar - end - - # Install any needed prereqs. - # - # @return [void] - def install_prereqs - utils = ['tar'] - utils << 'bzip2' if new_resource.absolute_path =~ /\.t?bz/ - if new_resource.absolute_path =~ /\.t?xz/ - xz_package = node.value_for_platform_family( - debian: 'xz-utils', - rhel: 'xz', - ) - utils << xz_package if xz_package - end - # This is a resource. - package utils - end - - # Unpack the archive and process `strip_components`. - # - # @return [void] - def unpack_tar - # Build the tar command. - cmd = %w{tar} - cmd << "--strip-components=#{new_resource.strip_components}" if new_resource.strip_components && new_resource.strip_components > 0 - cmd << if new_resource.absolute_path =~ /\.t?gz/ - '-xzvf' - elsif new_resource.absolute_path =~ /\.t?bz/ - '-xjvf' - elsif new_resource.absolute_path =~ /\.t?xz/ - '-xJvf' - else - '-xvf' - end - cmd << new_resource.absolute_path - poise_shell_out!(cmd, cwd: new_resource.destination, group: new_resource.group, user: new_resource.user) - end - - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/seven_zip.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/seven_zip.rb deleted file mode 100644 index 9206525..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/seven_zip.rb +++ /dev/null @@ -1,183 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'fileutils' -require 'tmpdir' - - -require 'poise_archive/archive_providers/base' - - -module PoiseArchive - module ArchiveProviders - # The `seven_zip` provider class for `poise_archive` to upack archives - # using 7-Zip. - # - # @since 1.4.0 - # @see PoiseArchive::Resources::PoiseArchive::Resource - # @provides poise_archive - class SevenZip < Base - provides_extension(/\.(t(ar|gz|bz|xz)|zip|7z)/) - - # Only works on Windows, because use less silly things elsewhere. - # - # @api private - def self.provides?(node, _resource) - super && node['platform_family'] == 'windows' - end - - private - - def unpack_archive - notifying_block do - install_seven_zip - end - # Create a temp directory to unpack in to. Do I want to try and force - # this to be on the same filesystem as the target? - self.class.mktmpdir do |tmpdir| - unpack_using_seven_zip(tmpdir) - chown_files(tmpdir) if new_resource.user || new_resource.group - move_files(tmpdir) - end - end - - # Install 7-Zip to a cache folder. - # - # @api private - # @return [void] - def install_seven_zip - url = seven_zip_url - path = "#{Chef::Config[:file_cache_path]}/#{url.split(/\//).last}" - - install = execute "#{windows_path(path)} /S /D=#{seven_zip_home}" do - action :nothing - end - - remote_file path do - source url - notifies :run, install, :immediately - end - end - - # Unpack the whole archive to a temp directory. - # - # @api private - # @param tmpdir [String] Temp directory to unpack to. - # @return [void] - def unpack_using_seven_zip(tmpdir) - if new_resource.absolute_path =~ /\.t(ar\.)?(gz|bz(2)?|xz)$/ - # 7-Zip doesn't know to unpack both levels of the archive on its own - # so we need to handle this more explicitly. - shell_out!("#{seven_zip_home}\\7z.exe x -so \"#{windows_path(new_resource.absolute_path)}\" | #{seven_zip_home}\\7z.exe x -si -ttar -o\"#{windows_path(tmpdir)}\"") - else - shell_out!("#{seven_zip_home}\\7z.exe x -o\"#{windows_path(tmpdir)}\" \"#{windows_path(new_resource.absolute_path)}\"") - end - end - - # Fix file ownership if requested. - # - # @api private - # @param tmpdir [String] Temp directory to change ownership in. - # @return [void] - def chown_files(tmpdir) - notifying_block do - Dir["#{tmpdir}/**/*"].each do |path| - declare_resource(::File.directory?(path) ? :directory : :file, path) do - owner new_resource.user if new_resource.user - group new_resource.group if new_resource.group - end - end - end - end - - # Manual implementation of --strip-components since 7-Zip doesn't support - # it internally. - # - # @api private - # @param tmpdir [String] Temp directory to move from. - # @return [void] - def move_files(tmpdir) - entries_at_depth(tmpdir, new_resource.strip_components).each do |source| - target = ::File.join(new_resource.destination, ::File.basename(source)) - FileUtils.mv(source, target, secure: true) - end - end - - # Compute the URL to download the 7-Zip installer from. - # - # @api private - # @return [String] - def seven_zip_url - node['poise-archive']['seven_zip']['url'] % { - version: node['poise-archive']['seven_zip']['version'], - version_tag: node['poise-archive']['seven_zip']['version'].gsub(/\./, ''), - arch: node['kernel']['machine'], - arch_tag: node['kernel']['machine'] == 'x86_64' ? '-x64' : '', - } - end - - # Path to install 7-Zip in to. - # - # @api private - # @return [String] - def seven_zip_home - "#{windows_path(Chef::Config[:file_cache_path])}\\seven_zip_#{node['poise-archive']['seven_zip']['version']}" - end - - # Flip the slashes in a path because 7z wants "normal" paths. - # - # @api private - # @param path [String] Path to convert. - # @return [String] - def windows_path(path) - path.gsub(/\//, '\\') - end - - # Find the absolute paths for entries under a path at a depth. - # - # @api private - # @param path [String] Base path to search under. - # @param depth [Integer] Number of intermediary directories to skip. - # @return [Array] - def entries_at_depth(path, depth) - entries = [path] - current_depth = 0 - while current_depth <= depth - entries.map! do |ent| - if ::File.directory?(ent) - Dir.entries(ent).select {|e| e != '.' && e != '..' }.map {|e| ::File.join(ent, e) } - else - [] - end - end - entries.flatten! - current_depth += 1 - end - entries - end - - # Indirection so I can stub this for testing without breaking RSpec. - # - # @api private - def self.mktmpdir(*args, &block) - # :nocov: - Dir.mktmpdir(*args, &block) - # :nocov: - end - - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/tar.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/tar.rb deleted file mode 100644 index 50c3643..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/tar.rb +++ /dev/null @@ -1,158 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'rubygems/package' -require 'zlib' - -require 'poise_archive/archive_providers/base' -require 'poise_archive/bzip2' - - -module PoiseArchive - module ArchiveProviders - # The `tar` provider class for `poise_archive` to install from tar archives. - # - # @see PoiseArchive::Resources::PoiseArchive::Resource - # @provides poise_archive - class Tar < Base - provides_extension(/\.t(ar|gz|bz)/) - - # Hack that GNU tar uses for paths over 100 bytes. - # - # @api private - # @see #unpack_tar - TAR_LONGLINK = '././@LongLink' - - private - - def unpack_archive - unpack_tar - chown_entries if new_resource.user || new_resource.group - end - - # Unpack the archive. - # - # @return [void] - def unpack_tar - @tar_entry_paths = [] - tar_each_with_longlink do |entry| - entry_name = entry.full_name.split(/\//).drop(new_resource.strip_components).join('/') - # If strip_components wiped out the name, don't process this entry. - next if entry_name.empty? - dest = ::File.join(new_resource.destination, entry_name) - if entry.directory? - Dir.mkdir(dest, entry.header.mode) - @tar_entry_paths << [:directory, dest] - elsif entry.file? - ::File.open(dest, 'wb', entry.header.mode) do |dest_f| - while buf = entry.read(4096) - dest_f.write(buf) - end - end - @tar_entry_paths << [:file, dest] - elsif entry.header.typeflag == '2' # symlink? is new in Ruby 2.0, apparently. - ::File.symlink(entry.header.linkname, dest) - @tar_entry_paths << [:link, dest] - else - raise RuntimeError.new("Unknown tar entry type #{entry.header.typeflag.inspect} in #{new_resource.path}") - end - end - end - - def tar_each_with_longlink(&block) - entry_name = nil - tar_each do |entry| - if entry.full_name == TAR_LONGLINK - # Stash the longlink name so it will be used for the next entry. - entry_name = entry.read.strip - # And then skip forward because this isn't a real block. - next - end - # For entries not preceded by a longlink block, use the normal name. - entry_name ||= entry.full_name - # Make the entry return the correct name. - entry.define_singleton_method(:full_name) { entry_name } - block.call(entry) - # Reset entry_name for the next entry. - entry_name = nil - end - end - - # Sequence the opening, iteration, and closing. - # - # @param block [Proc] Block to process each tar entry. - # @return [void] - def tar_each(&block) - # In case of extreme weirdness where this happens twice. - close_file! - open_file! - @tar_reader.each(&block) - ensure - close_file! - end - - # Open a file handle of the correct flavor. - # - # @return [void] - def open_file! - @raw_file = ::File.open(new_resource.absolute_path, 'rb') - @file = case new_resource.absolute_path - when /\.tar$/ - nil # So it uses @raw_file instead. - when /\.t?gz/ - Zlib::GzipReader.wrap(@raw_file) - when /\.t?bz/ - # This can't take a block, hence the gross non-block forms for everything. - PoiseArchive::Bzip2::Decompressor.new(@raw_file) - else - raise RuntimeError.new("Unknown or unsupported file extension for #{new_resource.path}") - end - @tar_reader = Gem::Package::TarReader.new(@file || @raw_file) - end - - # Close all the various file handles. - # - # @return [void] - def close_file! - if @tar_reader - @tar_reader.close - @tar_reader = nil - end - if @file - @file.close - @file = nil - end - if @raw_file - @raw_file.close unless @raw_file.closed? - @raw_file = nil - end - end - - def chown_entries - paths = @tar_entry_paths - notifying_block do - paths.each do |type, path| - send(type, path) do - group new_resource.group - owner new_resource.user - end - end - end - end - - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/zip.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/zip.rb deleted file mode 100644 index 2dba06d..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/archive_providers/zip.rb +++ /dev/null @@ -1,97 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_archive/archive_providers/base' - - -module PoiseArchive - module ArchiveProviders - # The `zip` provider class for `poise_archive` to install from ZIP archives. - # - # @see PoiseArchive::Resources::PoiseArchive::Resource - # @provides poise_archive - class Zip < Base - provides_extension(/\.zip$/) - - private - - def unpack_archive - check_rubyzip - unpack_zip - chown_entries if new_resource.user || new_resource.group - end - - def check_rubyzip - require 'zip' - rescue LoadError - notifying_block do - install_rubyzip - end - require 'zip' - end - - def install_rubyzip - chef_gem 'rubyzip' - end - - def unpack_zip - @zip_entry_paths = [] - ::Zip::File.open(new_resource.absolute_path) do |zip_file| - zip_file.each do |entry| - entry_name = entry.name.split(/\//).drop(new_resource.strip_components).join('/') - # If strip_components wiped out the name, don't process this entry. - next if entry_name.empty? - entry_path = ::File.join(new_resource.destination, entry_name) - # Ensure parent directories exist because some ZIP files don't - # include those for some reason. - ensure_directory(entry_path) - entry.extract(entry_path) - # Make sure we restore file permissions. RubyZip won't do this - # unless we also turn on UID/GID restoration, which we don't want. - # Mask filters out setuid and setgid bits because no. - ::File.chmod(entry.unix_perms & 01777, entry_path) if !node.platform_family?('windows') && entry.unix_perms - @zip_entry_paths << [entry.directory? ? :directory : entry.file? ? :file : :link, entry_path] - end - end - end - - # Make sure all enclosing directories exist before writing a path. - # - # @param oath [String] Path to check. - def ensure_directory(path) - base = ::File.dirname(path) - unless ::File.exist?(base) - ensure_directory(base) - Dir.mkdir(base) - @zip_entry_paths << [:directory, base] - end - end - - def chown_entries - paths = @zip_entry_paths - notifying_block do - paths.each do |type, path| - send(type, path) do - group new_resource.group - owner new_resource.user - end - end - end - end - - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2.rb deleted file mode 100644 index 4e1ecfc..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2.rb +++ /dev/null @@ -1,16 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2013, Sebastian Staudt - - -module PoiseArchive::Bzip2 - - autoload :CRC, 'poise_archive/bzip2/crc' - autoload :Constants, 'poise_archive/bzip2/constants' - autoload :Decompressor, 'poise_archive/bzip2/decompressor' - autoload :IO, 'poise_archive/bzip2/io' - autoload :InputData, 'poise_archive/bzip2/input_data' - autoload :OutputData, 'poise_archive/bzip2/output_data' - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/LICENSE b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/LICENSE deleted file mode 100755 index ba9a1a4..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -Copyright (c) 2011, Sebastian Staudt -All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. -* Neither the name of the author nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/constants.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/constants.rb deleted file mode 100755 index 102c620..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/constants.rb +++ /dev/null @@ -1,83 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2011-2013, Sebastian Staudt - - -module PoiseArchive::Bzip2::Constants - - BASEBLOCKSIZE = 100000 - MAX_ALPHA_SIZE = 258 - MAX_CODE_LEN = 23 - RUNA = 0 - RUNB = 1 - N_GROUPS = 6 - G_SIZE = 50 - N_ITERS = 4 - MAX_SELECTORS = (2 + (900000 / G_SIZE)) - NUM_OVERSHOOT_BYTES = 20 - - EOF = 0 - START_BLOCK_STATE = 1 - RAND_PART_A_STATE = 2 - RAND_PART_B_STATE = 3 - RAND_PART_C_STATE = 4 - NO_RAND_PART_A_STATE = 5 - NO_RAND_PART_B_STATE = 6 - NO_RAND_PART_C_STATE = 7 - - RNUMS = [ - 619, 720, 127, 481, 931, 816, 813, 233, 566, 247, 985, 724, 205, 454, 863, - 491, 741, 242, 949, 214, 733, 859, 335, 708, 621, 574, 73, 654, 730, 472, - 419, 436, 278, 496, 867, 210, 399, 680, 480, 51, 878, 465, 811, 169, 869, - 675, 611, 697, 867, 561, 862, 687, 507, 283, 482, 129, 807, 591, 733, 623, - 150, 238, 59, 379, 684, 877, 625, 169, 643, 105, 170, 607, 520, 932, 727, - 476, 693, 425, 174, 647, 73, 122, 335, 530, 442, 853, 695, 249, 445, 515, - 909, 545, 703, 919, 874, 474, 882, 500, 594, 612, 641, 801, 220, 162, 819, - 984, 589, 513, 495, 799, 161, 604, 958, 533, 221, 400, 386, 867, 600, 782, - 382, 596, 414, 171, 516, 375, 682, 485, 911, 276, 98, 553, 163, 354, 666, - 933, 424, 341, 533, 870, 227, 730, 475, 186, 263, 647, 537, 686, 600, 224, - 469, 68, 770, 919, 190, 373, 294, 822, 808, 206, 184, 943, 795, 384, 383, - 461, 404, 758, 839, 887, 715, 67, 618, 276, 204, 918, 873, 777, 604, 560, - 951, 160, 578, 722, 79, 804, 96, 409, 713, 940, 652, 934, 970, 447, 318, - 353, 859, 672, 112, 785, 645, 863, 803, 350, 139, 93, 354, 99, 820, 908, - 609, 772, 154, 274, 580, 184, 79, 626, 630, 742, 653, 282, 762, 623, 680, - 81, 927, 626, 789, 125, 411, 521, 938, 300, 821, 78, 343, 175, 128, 250, - 170, 774, 972, 275, 999, 639, 495, 78, 352, 126, 857, 956, 358, 619, 580, - 124, 737, 594, 701, 612, 669, 112, 134, 694, 363, 992, 809, 743, 168, 974, - 944, 375, 748, 52, 600, 747, 642, 182, 862, 81, 344, 805, 988, 739, 511, - 655, 814, 334, 249, 515, 897, 955, 664, 981, 649, 113, 974, 459, 893, 228, - 433, 837, 553, 268, 926, 240, 102, 654, 459, 51, 686, 754, 806, 760, 493, - 403, 415, 394, 687, 700, 946, 670, 656, 610, 738, 392, 760, 799, 887, 653, - 978, 321, 576, 617, 626, 502, 894, 679, 243, 440, 680, 879, 194, 572, 640, - 724, 926, 56, 204, 700, 707, 151, 457, 449, 797, 195, 791, 558, 945, 679, - 297, 59, 87, 824, 713, 663, 412, 693, 342, 606, 134, 108, 571, 364, 631, - 212, 174, 643, 304, 329, 343, 97, 430, 751, 497, 314, 983, 374, 822, 928, - 140, 206, 73, 263, 980, 736, 876, 478, 430, 305, 170, 514, 364, 692, 829, - 82, 855, 953, 676, 246, 369, 970, 294, 750, 807, 827, 150, 790, 288, 923, - 804, 378, 215, 828, 592, 281, 565, 555, 710, 82, 896, 831, 547, 261, 524, - 462, 293, 465, 502, 56, 661, 821, 976, 991, 658, 869, 905, 758, 745, 193, - 768, 550, 608, 933, 378, 286, 215, 979, 792, 961, 61, 688, 793, 644, 986, - 403, 106, 366, 905, 644, 372, 567, 466, 434, 645, 210, 389, 550, 919, 135, - 780, 773, 635, 389, 707, 100, 626, 958, 165, 504, 920, 176, 193, 713, 857, - 265, 203, 50, 668, 108, 645, 990, 626, 197, 510, 357, 358, 850, 858, 364, - 936, 638 - ] - - MIN_BLOCK_SIZE = 1 - MAX_BLOCK_SIZE = 9 - SETMASK = (1 << 21) - CLEARMASK = (~SETMASK) - GREATER_ICOST = 15 - LESSER_ICOST = 0 - SMALL_THRESH = 20 - DEPTH_THRESH = 10 - WORK_FACTOR = 30 - QSORT_STACK_SIZE = 1000 - - INCS = [ - 1, 4, 13, 40, 121, 364, 1093, 3280, 9841, 29524, 88573, 265720, 797161, - 2391484 - ] - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/crc.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/crc.rb deleted file mode 100755 index c09f71d..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/crc.rb +++ /dev/null @@ -1,73 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2011-2013, Sebastian Staudt - - -class PoiseArchive::Bzip2::CRC - - CRC32_TABLE = [ - 0x00000000, 0x04c11db7, 0x09823b6e, 0x0d4326d9, 0x130476dc, 0x17c56b6b, - 0x1a864db2, 0x1e475005, 0x2608edb8, 0x22c9f00f, 0x2f8ad6d6, 0x2b4bcb61, - 0x350c9b64, 0x31cd86d3, 0x3c8ea00a, 0x384fbdbd, 0x4c11db70, 0x48d0c6c7, - 0x4593e01e, 0x4152fda9, 0x5f15adac, 0x5bd4b01b, 0x569796c2, 0x52568b75, - 0x6a1936c8, 0x6ed82b7f, 0x639b0da6, 0x675a1011, 0x791d4014, 0x7ddc5da3, - 0x709f7b7a, 0x745e66cd, 0x9823b6e0, 0x9ce2ab57, 0x91a18d8e, 0x95609039, - 0x8b27c03c, 0x8fe6dd8b, 0x82a5fb52, 0x8664e6e5, 0xbe2b5b58, 0xbaea46ef, - 0xb7a96036, 0xb3687d81, 0xad2f2d84, 0xa9ee3033, 0xa4ad16ea, 0xa06c0b5d, - 0xd4326d90, 0xd0f37027, 0xddb056fe, 0xd9714b49, 0xc7361b4c, 0xc3f706fb, - 0xceb42022, 0xca753d95, 0xf23a8028, 0xf6fb9d9f, 0xfbb8bb46, 0xff79a6f1, - 0xe13ef6f4, 0xe5ffeb43, 0xe8bccd9a, 0xec7dd02d, 0x34867077, 0x30476dc0, - 0x3d044b19, 0x39c556ae, 0x278206ab, 0x23431b1c, 0x2e003dc5, 0x2ac12072, - 0x128e9dcf, 0x164f8078, 0x1b0ca6a1, 0x1fcdbb16, 0x018aeb13, 0x054bf6a4, - 0x0808d07d, 0x0cc9cdca, 0x7897ab07, 0x7c56b6b0, 0x71159069, 0x75d48dde, - 0x6b93dddb, 0x6f52c06c, 0x6211e6b5, 0x66d0fb02, 0x5e9f46bf, 0x5a5e5b08, - 0x571d7dd1, 0x53dc6066, 0x4d9b3063, 0x495a2dd4, 0x44190b0d, 0x40d816ba, - 0xaca5c697, 0xa864db20, 0xa527fdf9, 0xa1e6e04e, 0xbfa1b04b, 0xbb60adfc, - 0xb6238b25, 0xb2e29692, 0x8aad2b2f, 0x8e6c3698, 0x832f1041, 0x87ee0df6, - 0x99a95df3, 0x9d684044, 0x902b669d, 0x94ea7b2a, 0xe0b41de7, 0xe4750050, - 0xe9362689, 0xedf73b3e, 0xf3b06b3b, 0xf771768c, 0xfa325055, 0xfef34de2, - 0xc6bcf05f, 0xc27dede8, 0xcf3ecb31, 0xcbffd686, 0xd5b88683, 0xd1799b34, - 0xdc3abded, 0xd8fba05a, 0x690ce0ee, 0x6dcdfd59, 0x608edb80, 0x644fc637, - 0x7a089632, 0x7ec98b85, 0x738aad5c, 0x774bb0eb, 0x4f040d56, 0x4bc510e1, - 0x46863638, 0x42472b8f, 0x5c007b8a, 0x58c1663d, 0x558240e4, 0x51435d53, - 0x251d3b9e, 0x21dc2629, 0x2c9f00f0, 0x285e1d47, 0x36194d42, 0x32d850f5, - 0x3f9b762c, 0x3b5a6b9b, 0x0315d626, 0x07d4cb91, 0x0a97ed48, 0x0e56f0ff, - 0x1011a0fa, 0x14d0bd4d, 0x19939b94, 0x1d528623, 0xf12f560e, 0xf5ee4bb9, - 0xf8ad6d60, 0xfc6c70d7, 0xe22b20d2, 0xe6ea3d65, 0xeba91bbc, 0xef68060b, - 0xd727bbb6, 0xd3e6a601, 0xdea580d8, 0xda649d6f, 0xc423cd6a, 0xc0e2d0dd, - 0xcda1f604, 0xc960ebb3, 0xbd3e8d7e, 0xb9ff90c9, 0xb4bcb610, 0xb07daba7, - 0xae3afba2, 0xaafbe615, 0xa7b8c0cc, 0xa379dd7b, 0x9b3660c6, 0x9ff77d71, - 0x92b45ba8, 0x9675461f, 0x8832161a, 0x8cf30bad, 0x81b02d74, 0x857130c3, - 0x5d8a9099, 0x594b8d2e, 0x5408abf7, 0x50c9b640, 0x4e8ee645, 0x4a4ffbf2, - 0x470cdd2b, 0x43cdc09c, 0x7b827d21, 0x7f436096, 0x7200464f, 0x76c15bf8, - 0x68860bfd, 0x6c47164a, 0x61043093, 0x65c52d24, 0x119b4be9, 0x155a565e, - 0x18197087, 0x1cd86d30, 0x029f3d35, 0x065e2082, 0x0b1d065b, 0x0fdc1bec, - 0x3793a651, 0x3352bbe6, 0x3e119d3f, 0x3ad08088, 0x2497d08d, 0x2056cd3a, - 0x2d15ebe3, 0x29d4f654, 0xc5a92679, 0xc1683bce, 0xcc2b1d17, 0xc8ea00a0, - 0xd6ad50a5, 0xd26c4d12, 0xdf2f6bcb, 0xdbee767c, 0xe3a1cbc1, 0xe760d676, - 0xea23f0af, 0xeee2ed18, 0xf0a5bd1d, 0xf464a0aa, 0xf9278673, 0xfde69bc4, - 0x89b8fd09, 0x8d79e0be, 0x803ac667, 0x84fbdbd0, 0x9abc8bd5, 0x9e7d9662, - 0x933eb0bb, 0x97ffad0c, 0xafb010b1, 0xab710d06, 0xa6322bdf, 0xa2f33668, - 0xbcb4666d, 0xb8757bda, 0xb5365d03, 0xb1f740b4 - ] - - attr_accessor :global_crc - - def initialize - initialize_crc - end - - def initialize_crc - @global_crc = 0xffffffff - end - - def final_crc - @global_crc ^ 0xffffffff - end - - def update_crc(in_ch) - @global_crc = ((@global_crc << 8) & 0xffffffff) ^ CRC32_TABLE[(@global_crc >> 24) ^ in_ch] - end - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/decompressor.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/decompressor.rb deleted file mode 100755 index 201fa3e..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/decompressor.rb +++ /dev/null @@ -1,704 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2011-2013, Sebastian Staudt - - -class PoiseArchive::Bzip2::Decompressor - - include PoiseArchive::Bzip2::Constants - - def initialize(io) - @buff = 0 - @bytes_read = 0 - @computed_combined_crc = 0 - @crc = PoiseArchive::Bzip2::CRC.new - @current_char = -1 - @io = io - @live = 0 - @stored_combined_crc = 0 - @su_t_pos = 0 - init - end - - def count(read) - @bytes_read += read if read != -1 - end - - # ADDED METHODS - def pos - @bytes_read - end - - def eof? - @current_state == EOF - end - # /ADDED METHODS - - def read(length = nil) - raise 'stream closed' if @io.nil? - - if length == 1 - r = read0 - count (r < 0 ? -1 : 1) - r - else - r = '' - if length == nil - while true do - b = read0 - break if b < 0 - r << b.chr - end - count r.size # ADDED LINE - elsif length > 0 - length.times do - b = read0 - break if b < 0 - r << b.chr - end - count r.size - end - r - end - end - - def read0 - ret_char = @current_char - - if @current_state == RAND_PART_B_STATE - setup_rand_part_b - elsif @current_state == NO_RAND_PART_B_STATE - setup_no_rand_part_b - elsif @current_state == RAND_PART_C_STATE - setup_rand_part_c - elsif @current_state == NO_RAND_PART_C_STATE - setup_no_rand_part_c - elsif @current_state == EOF - return -1 - else - raise 'illegal state' - end - - ret_char - end - - def make_maps - in_use = @data.in_use - seq_to_unseq = @data.seq_to_unseq - - n_in_use_shadow = 0 - - 256.times do |i| - if in_use[i] - seq_to_unseq[n_in_use_shadow] = i - n_in_use_shadow += 1 - end - end - - @n_in_use = n_in_use_shadow - end - - def init - check_magic - - block_size = @io.read(1).to_i - raise 'Illegal block size.' if block_size < 1 || block_size > 9 - @block_size = block_size - - init_block - setup_block - end - - def check_magic - raise 'Magic number does not match "BZh".' unless @io.read(3) == 'BZh' - end - - def init_block - magic = [ubyte, ubyte, ubyte, ubyte, ubyte, ubyte] - - if magic == [0x17, 0x72, 0x45, 0x38, 0x50, 0x90] - complete - elsif magic != [0x31, 0x41, 0x59, 0x26, 0x53, 0x59] - @current_state = EOF - - raise 'Bad block header.' - else - @stored_block_crc = int - @block_randomised = bit - - @data = PoiseArchive::Bzip2::InputData.new @block_size if @data.nil? - - get_and_move_to_front_decode - - @crc.initialize_crc - @current_state = START_BLOCK_STATE - end - end - - def end_block - @computed_block_crc = @crc.final_crc - - if @stored_block_crc != @computed_block_crc - @computed_combined_crc = (@stored_combined_crc << 1) | (@stored_combined_crc >> 31) - @computed_combined_crc ^= @stored_block_crc - - raise 'BZip2 CRC error' - end - - @computed_combined_crc = (@computed_combined_crc << 1) | (@computed_combined_crc >> 31) - @computed_combined_crc ^= @computed_block_crc - end - - def complete - @stored_combined_crc = int - @current_state = EOF - @data = nil - - raise 'BZip2 CRC error' if @stored_combined_crc != @computed_combined_crc - end - - def close - if @io != $stdin - @io = nil - @data = nil - end - end - - def r(n) - live_shadow = @live - buff_shadow = @buff - - if live_shadow < n - begin - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = (buff_shadow << 8) | thech - live_shadow += 8 - end while live_shadow < n - - @buff = buff_shadow - end - - @live = live_shadow - n - - (buff_shadow >> (live_shadow - n)) & ((1 << n) - 1) - end - - def bit - r(1) != 0 - end - - def ubyte - r 8 - end - - def int - (((((r(8) << 8) | r(8)) << 8) | r(8)) << 8) | r(8) - end - - def create_decode_tables(limit, base, perm, length, min_len, max_len, alpha_size) - pp = 0 - (min_len..max_len).each do |i| - alpha_size.times do |j| - if length[j] == i - perm[pp] = j - pp += 1 - end - end - end - - MAX_CODE_LEN.downto 1 do |i| - base[i] = 0 - limit[i] = 0 - end - - alpha_size.times do |i| - base[length[i] + 1] += 1 - end - - b = 0 - 1.upto(MAX_CODE_LEN - 1) do |i| - b += base[i] - base[i] = b - end - - vec = 0 - min_len.upto(max_len) do |i| - b = base[i] - nb = base[i + 1] - vec += nb - b - b = nb - limit[i] = vec - 1 - vec = vec << 1 - end - - (min_len + 1).upto(max_len) do |i| - base[i] = ((limit[i - 1] + 1) << 1) - base[i] - end - end - - def receive_decoding_tables - in_use = @data.in_use - pos = @data.receive_decoding_tables_pos - selector = @data.selector - selector_mtf = @data.selector_mtf - - in_use16 = 0 - - 16.times do |i| - in_use16 |= 1 << i if bit - end - - 255.downto(0) do |i| - in_use[i] = false - end - - 16.times do |i| - if (in_use16 & (1 << i)) != 0 - i16 = i << 4 - 16.times do |j| - in_use[i16 + j] = true if bit - end - end - end - - make_maps - alpha_size = @n_in_use + 2 - - groups = r 3 - selectors = r 15 - - selectors.times do |i| - j = 0 - while bit - j += 1 - end - selector_mtf[i] = j - end - - groups.downto(0) do |v| - pos[v] = v - end - - selectors.times do |i| - v = selector_mtf[i] & 0xff - tmp = pos[v] - - while v > 0 do - pos[v] = pos[v -= 1] - end - - pos[0] = tmp - selector[i] = tmp - end - - len = @data.temp_char_array_2d - - groups.times do |t| - curr = r 5 - len_t = len[t] - alpha_size.times do |i| - while bit - curr += bit ? -1 : 1 - end - len_t[i] = curr - end - @data.temp_char_array_2d[t] = len_t - end - - create_huffman_decoding_tables alpha_size, groups - end - - def create_huffman_decoding_tables(alpha_size, groups) - len = @data.temp_char_array_2d - min_lens = @data.min_lens - limit = @data.limit - base = @data.base - perm = @data.perm - - groups.times do |t| - min_len = 32 - max_len = 0 - len_t = len[t] - - (alpha_size - 1).downto 0 do |i| - lent = len_t[i] - max_len = lent if lent > max_len - min_len = lent if lent < min_len - end - - create_decode_tables limit[t], base[t], perm[t], len[t], min_len, max_len, alpha_size - min_lens[t] = min_len - end - end - - def get_and_move_to_front_decode - @orig_ptr = r 24 - receive_decoding_tables - - ll8 = @data.ll8 - unzftab = @data.unzftab - selector = @data.selector - seq_to_unseq = @data.seq_to_unseq - yy = @data.get_and_move_to_front_decode_yy - min_lens = @data.min_lens - limit = @data.limit - base = @data.base - perm = @data.perm - limit_last = @block_size * BASEBLOCKSIZE - - 256.downto(0) do |i| - yy[i] = i - unzftab[i] = 0 - end - - group_no = 0 - group_pos = G_SIZE - 1 - eob = @n_in_use + 1 - next_sym = get_and_move_to_front_decode0 0 - buff_shadow = @buff - live_shadow = @live - last_shadow = -1 - zt = selector[group_no] & 0xff - base_zt = base[zt] - limit_zt = limit[zt] - perm_zt = perm[zt] - min_lens_zt = min_lens[zt] - - while next_sym != eob - if (next_sym == RUNA) || (next_sym == RUNB) - s = -1 - - n = 1 - while true do - if next_sym == RUNA - s += n - elsif next_sym == RUNB - s += n << 1 - else - break - end - - if group_pos == 0 - group_pos = G_SIZE - 1 - group_no += 1 - zt = selector[group_no] & 0xff - base_zt = base[zt] - limit_zt = limit[zt] - perm_zt = perm[zt] - min_lens_zt = min_lens[zt] - else - group_pos -= 1 - end - - zn = min_lens_zt - - while live_shadow < zn - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = ((buff_shadow << 8) & 0xffffffff) | thech - live_shadow += 8 - end - - zvec = ((buff_shadow >> (live_shadow - zn)) & 0xffffffff) & ((1 << zn) - 1) - live_shadow -= zn - - while zvec > limit_zt[zn] - zn += 1 - - while live_shadow < 1 - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = ((buff_shadow << 8) & 0xffffffff) | thech - live_shadow += 8 - end - - live_shadow -= 1 - zvec = (zvec << 1) | ((buff_shadow >> live_shadow) & 1) - end - - next_sym = perm_zt[zvec - base_zt[zn]] - - n = n << 1 - end - - ch = seq_to_unseq[yy[0]] - unzftab[ch & 0xff] += s + 1 - - while s >= 0 - last_shadow += 1 - ll8[last_shadow] = ch - s -= 1 - end - - raise 'block overrun' if last_shadow >= limit_last - else - last_shadow += 1 - raise 'block overrun' if last_shadow >= limit_last - - tmp = yy[next_sym - 1] - unzftab[seq_to_unseq[tmp] & 0xff] += 1 - ll8[last_shadow] = seq_to_unseq[tmp] - - yy[1, next_sym - 1] = yy[0, next_sym - 1] - yy[0] = tmp - - if group_pos == 0 - group_pos = G_SIZE - 1 - group_no += 1 - zt = selector[group_no] & 0xff - base_zt = base[zt] - limit_zt = limit[zt] - perm_zt = perm[zt] - min_lens_zt = min_lens[zt] - else - group_pos -= 1 - end - - zn = min_lens_zt - - while live_shadow < zn - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = ((buff_shadow << 8) & 0xffffffff) | thech - live_shadow += 8 - end - zvec = (buff_shadow >> (live_shadow - zn)) & ((1 << zn) - 1) - live_shadow -= zn - - while zvec > limit_zt[zn] - zn += 1 - while live_shadow < 1 - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = ((buff_shadow << 8) & 0xffffffff) | thech - live_shadow += 8 - end - live_shadow -= 1 - zvec = (zvec << 1) | ((buff_shadow >> live_shadow) & 1) - end - - next_sym = perm_zt[zvec - base_zt[zn]] - end - end - - @last = last_shadow - @live = live_shadow - @buff = buff_shadow - end - - def get_and_move_to_front_decode0(group_no) - zt = @data.selector[group_no] & 0xff - limit_zt = @data.limit[zt] - zn = @data.min_lens[zt] - zvec = r zn - live_shadow = @live - buff_shadow = @buff - - while zvec > limit_zt[zn] - zn += 1 - - while live_shadow < 1 - thech = @io.readbyte - - raise 'unexpected end of stream' if thech < 0 - - buff_shadow = ((buff_shadow << 8) & 0xffffffff) | thech - live_shadow += 8 - end - - live_shadow -=1 - zvec = (zvec << 1) | ((buff_shadow >> live_shadow) & 1) - end - - @live = live_shadow - @buff = buff_shadow - - @data.perm[zt][zvec - @data.base[zt][zn]] - end - - def setup_block - return if @data.nil? - - cftab = @data.cftab - tt = @data.init_tt @last + 1 - ll8 = @data.ll8 - cftab[0] = 0 - cftab[1, 256] = @data.unzftab[0, 256] - - c = cftab[0] - 1.upto(256) do |i| - c += cftab[i] - cftab[i] = c - end - - last_shadow = @last - (last_shadow + 1).times do |i| - cftab_i = ll8[i] & 0xff - tt[cftab[cftab_i]] = i - cftab[cftab_i] += 1 - end - - raise 'stream corrupted' if @orig_ptr < 0 || @orig_ptr >= tt.size - - @su_t_pos = tt[@orig_ptr] - @su_count = 0 - @su_i2 = 0 - @su_ch2 = 256 - - if @block_randomised - @su_r_n_to_go = 0 - @su_r_t_pos = 0 - - setup_rand_part_a - else - setup_no_rand_part_a - end - end - - def setup_rand_part_a - if @su_i2 <= @last - @su_ch_prev = @su_ch2 - su_ch2_shadow = @data.ll8[@su_t_pos] & 0xff - @su_t_pos = @data.tt[@su_t_pos] - - if @su_r_n_to_go == 0 - @su_r_n_to_go = RNUMS[@su_r_t_pos] - 1 - @su_r_t_pos += 1 - @su_r_t_pos = 0 if @su_r_t_pos == 512 - else - @su_r_n_to_go -= 1 - end - - @su_ch2 = su_ch2_shadow ^= (@su_r_n_to_go == 1) ? 1 : 0 - @su_i2 += 1 - @current_char = su_ch2_shadow - @current_state = RAND_PART_B_STATE - @crc.update_crc su_ch2_shadow - else - end_block - init_block - setup_block - end - end - - def setup_no_rand_part_a - if @su_i2 <= @last - @su_ch_prev = @su_ch2 - su_ch2_shadow = @data.ll8[@su_t_pos] & 0xff - @su_ch2 = su_ch2_shadow - @su_t_pos = @data.tt[@su_t_pos] - @su_i2 += 1 - @current_char = su_ch2_shadow - @current_state = NO_RAND_PART_B_STATE - @crc.update_crc su_ch2_shadow - else - @current_state = NO_RAND_PART_A_STATE - end_block - init_block - setup_block - end - end - - def setup_rand_part_b - if @su_ch2 != @su_ch_prev - @current_state = RAND_PART_A_STATE - @su_count = 1 - setup_rand_part_a - else - @su_count += 1 - if @su_count >= 4 - @su_z = @data.ll8[@su_t_pos] & 0xff - @su_t_pos = @data.tt[@su_t_pos] - - if @su_r_n_to_go == 0 - @su_r_n_to_go = RNUMS[@su_r_t_pos] - 1 - @su_r_t_pos += 1 - @su_r_t_pos = 0 if @su_r_t_pos == 512 - else - @su_r_n_to_go -= 1 - end - - @su_j2 = 0 - @current_state = RAND_PART_C_STATE - @su_z ^= 1 if @su_r_n_to_go == 1 - setup_rand_part_c - else - @current_state = RAND_PART_A_STATE - setup_rand_part_a - end - end - end - - def setup_rand_part_c - if @su_j2 < @su_z - @current_char = @su_ch2 - @crc.update_crc @su_ch2 - @su_j2 += 1 - else - @current_state = RAND_PART_A_STATE - @su_i2 += 1 - @su_count = 0 - setup_rand_part_a - end - end - - def setup_no_rand_part_b - if @su_ch2 != @su_ch_prev - @su_count = 1 - setup_no_rand_part_a - else - @su_count += 1 - if @su_count >= 4 - @su_z = @data.ll8[@su_t_pos] & 0xff - @su_t_pos = @data.tt[@su_t_pos] - @su_j2 = 0 - setup_no_rand_part_c - else - setup_no_rand_part_a - end - end - end - - def setup_no_rand_part_c - if @su_j2 < @su_z - su_ch2_shadow = @su_ch2 - @current_char = su_ch2_shadow - @crc.update_crc su_ch2_shadow - @su_j2 += 1 - @current_state = NO_RAND_PART_C_STATE - else - @su_i2 += 1 - @su_count = 0 - setup_no_rand_part_a - end - end - - def size - if @io.is_a? StringIO - @io.size - elsif @io.is_a? File - @io.stat.size - end - end - - def uncompressed - @last + 1 - end - - def inspect - "#<#{self.class}: @io=#{@io.inspect} size=#{size} uncompressed=#{uncompressed}>" - end - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/input_data.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/input_data.rb deleted file mode 100755 index a3ef7d2..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/input_data.rb +++ /dev/null @@ -1,43 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2011-2013, Sebastian Staudt - - -class PoiseArchive::Bzip2::InputData - - include PoiseArchive::Bzip2::Constants - - attr_reader :base, :cftab, :get_and_move_to_front_decode_yy, :in_use, - :limit, :ll8, :min_lens, :perm, :receive_decoding_tables_pos, - :selector, :selector_mtf, :seq_to_unseq, :temp_char_array_2d, - :unzftab, :tt - - def initialize(block_size) - @in_use = Array.new 256, false - - @seq_to_unseq = Array.new 256, 0 - @selector = Array.new MAX_SELECTORS, 0 - @selector_mtf = Array.new MAX_SELECTORS, 0 - - @unzftab = Array.new 256, 0 - - @base = Array.new(N_GROUPS) { Array.new(MAX_ALPHA_SIZE, 0) } - @limit = Array.new(N_GROUPS) { Array.new(MAX_ALPHA_SIZE, 0) } - @perm = Array.new(N_GROUPS) { Array.new(MAX_ALPHA_SIZE, 0) } - @min_lens = Array.new N_GROUPS, 0 - - @cftab = Array.new 257, 0 - @get_and_move_to_front_decode_yy = Array.new 256 - @temp_char_array_2d = Array.new(N_GROUPS) { Array.new(MAX_ALPHA_SIZE, 0) } - @receive_decoding_tables_pos = Array.new N_GROUPS, 0 - - @ll8 = Array.new block_size * BASEBLOCKSIZE - end - - def init_tt(size) - @tt = Array.new(size) if @tt.nil? || @tt.size < size - @tt - end - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/output_data.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/output_data.rb deleted file mode 100755 index 20f890f..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/bzip2/output_data.rb +++ /dev/null @@ -1,57 +0,0 @@ -# This code is free software; you can redistribute it and/or modify it under -# the terms of the new BSD License. -# -# Copyright (c) 2011-2013, Sebastian Staudt - - -class PoiseArchive::Bzip2::OutputData - - include PoiseArchive::Bzip2::Constants - - attr_reader :block, :ftab, :fmap, :generate_mtf_values_yy, :heap, :in_use, - :main_sort_big_done, :main_sort_copy, :main_sort_running_order, - :mtf_freq, :parent, :quadrant, :selector, :selector_mtf, - :send_mtf_values_code, :send_mtf_values_cost, - :send_mtf_values_fave, :send_mtf_values_len, - :send_mtf_values_rfreq, :send_mtf_values2_pos, - :send_mtf_values4_in_use_16, :sfmap, :stack_dd, :stack_hh, - :stack_ll, :unseq_to_seq, :weight - - def initialize(block_size) - n = block_size * BASEBLOCKSIZE - @block = Array.new n + 1 + NUM_OVERSHOOT_BYTES, 0 - @fmap = Array.new n, 0 - @selector = Array.new MAX_SELECTORS - @selector_mtf = Array.new MAX_SELECTORS - @sfmap = Array.new 2 * n - @quadrant = @sfmap - - @in_use = Array.new 256 - @mtf_freq = Array.new MAX_ALPHA_SIZE, 0 - @unseq_to_seq = Array.new 256 - - @generate_mtf_values_yy = Array.new 256 - @send_mtf_values_code = Array.new(N_GROUPS) { Array.new MAX_ALPHA_SIZE } - @send_mtf_values_cost = Array.new N_GROUPS - @send_mtf_values_fave = Array.new N_GROUPS - @send_mtf_values_len = Array.new(N_GROUPS) { Array.new MAX_ALPHA_SIZE } - @send_mtf_values_rfreq = Array.new(N_GROUPS) { Array.new MAX_ALPHA_SIZE } - @send_mtf_values2_pos = Array.new N_GROUPS - @send_mtf_values4_in_use_16 = Array.new 16 - - @stack_dd = Array.new QSORT_STACK_SIZE - @stack_hh = Array.new QSORT_STACK_SIZE - @stack_ll = Array.new QSORT_STACK_SIZE - - @main_sort_big_done = Array.new 256 - @main_sort_copy = Array.new 256 - @main_sort_running_order = Array.new 256 - - @heap = Array.new MAX_ALPHA_SIZE + 2 - @parent = Array.new MAX_ALPHA_SIZE + 2 - @weight = Array.new MAX_ALPHA_SIZE + 2 - - @ftab = Array.new 65537 - end - -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/cheftie.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/cheftie.rb deleted file mode 100644 index cb3be2d..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_archive/resources' -require 'poise_archive/archive_providers' diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/resources.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/resources.rb deleted file mode 100644 index d9ebb4a..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/resources.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_archive/resources/poise_archive' - - -module PoiseArchive - # Chef resources and providers for poise-archive. - # - # @since 1.0.0 - module Resources - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/resources/poise_archive.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/resources/poise_archive.rb deleted file mode 100644 index 7186d6c..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/resources/poise_archive.rb +++ /dev/null @@ -1,151 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'base64' -require 'uri' - -require 'chef/resource' -require 'poise' - - -module PoiseArchive - module Resources - # (see PoiseArchive::Resource) - # @since 1.0.0 - module PoiseArchive - # A `poise_archive` resource to unpack archives. - # - # @provides poise_archive - # @action unpack - # @example - # poise_archive '/opt/myapp.tgz' - # @example Downloading from a URL with options - # poise_archive ['http://example.com/myapp.zip', {headers: {'Authentication' => '...'}}] do - # destination '/opt/myapp' - # end - class Resource < Chef::Resource - include Poise - provides(:poise_archive) - actions(:unpack) - - # @!attribute path - # Path to the archive. If relative, it is taken as a file inside - # `Chef::Config[:file_cache_path]`. Can also be a URL to download the - # archive from. - # @return [String, Array] - attribute(:path, kind_of: String, default: lazy { @raw_name.is_a?(Array) ? @raw_name[0] : name }, required: true) - # @!attribute destination - # Path to unpack the archive to. If not specified, the path of the - # archive without the file extension is used. - # @return [String, nil, false] - attribute(:destination, kind_of: [String, NilClass, FalseClass], default: lazy { default_destination }) - # @!attribute group - # Group to run the unpack as. - # @return [String, Integer, nil, false] - attribute(:group, kind_of: [String, Integer, NilClass, FalseClass]) - # @!attribute keep_existing - # Keep existing files in the destination directory when unpacking. - # @return [Boolean] - attribute(:keep_existing, equal_to: [true, false], default: false) - # @!attribute source_properties - # Properties to pass through to the underlying download resource if - # using one. Merged with the array form of {#name}. - # @return [Hash] - attribute(:source_properties, option_collector: true, forced_keys: %i{retries}) - # @!attribute strip_components - # Number of intermediary directories to skip when unpacking. Works - # like GNU tar's --strip-components. - # @return [Integer] - attribute(:strip_components, kind_of: Integer, default: 1) - # @!attribute user - # User to run the unpack as. - # @return [String, Integer, nil, false] - attribute(:user, kind_of: [String, Integer, NilClass, FalseClass]) - - # Alias for the forgetful. - # @api private - alias_method :owner, :user - - def initialize(name, run_context) - @raw_name = name # Capture this before it gets coerced to a string. - super - end - - # Regexp for URL-like paths. - # @api private - URL_PATHS = %r{^(\w+:)?//} - - # Check if the source path is a URL. - # - # @api private - # @return [Boolean] - def is_url? - path =~ URL_PATHS - end - - # Expand a relative file path against `Chef::Config[:file_cache_path]`. - # For URLs it returns the cache file path. - # - # @api private - # @return [String] - def absolute_path - if is_url? - # Use the last path component without the query string plus the name - # of the resource in Base64. This should be both mildly readable and - # also unique per invocation. - url_part = URI(path).path.split(/\//).last - base64_name = Base64.strict_encode64(name).gsub(/\=/, '') - ::File.join(Chef::Config[:file_cache_path], "#{base64_name}_#{url_part}") - else - ::File.expand_path(path, Chef::Config[:file_cache_path]) - end - end - - # Merge the explicit source properties with the array form of the name. - # - # @api private - # @return [Hash] - def merged_source_properties - if @raw_name.is_a?(Array) && @raw_name[1] - source_properties.merge(@raw_name[1]) - else - source_properties - end - end - - private - - # Filename components to ignore. - # @api private - BASENAME_IGNORE = /(\.(t?(ar|gz|bz2?|xz)|zip))+$/ - - # Default value for the {#destination} property - # - # @api private - # @return [String] - def default_destination - if is_url? - raise ValueError.new("Destination for URL-based archive #{self} must be specified explicitly") - else - ::File.join(::File.dirname(absolute_path), ::File.basename(path).gsub(BASENAME_IGNORE, '')) - end - end - end - - # Providers can be found in archive_providers/. - end - end -end diff --git a/cookbooks/poise-archive/files/halite_gem/poise_archive/version.rb b/cookbooks/poise-archive/files/halite_gem/poise_archive/version.rb deleted file mode 100644 index ba3e48e..0000000 --- a/cookbooks/poise-archive/files/halite_gem/poise_archive/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseArchive - VERSION = '1.5.0' -end diff --git a/cookbooks/poise-archive/libraries/default.rb b/cookbooks/poise-archive/libraries/default.rb deleted file mode 100644 index 01175df..0000000 --- a/cookbooks/poise-archive/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2016-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_archive/cheftie" diff --git a/cookbooks/poise-archive/metadata.json b/cookbooks/poise-archive/metadata.json deleted file mode 100644 index c3e7b00..0000000 --- a/cookbooks/poise-archive/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-archive","version":"1.5.0","description":"A Chef cookbook for unpacking file archives like tar and zip.","long_description":"# Poise-Archive Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-archive.svg)](https://travis-ci.org/poise/poise-archive)\n[![Gem Version](https://img.shields.io/gem/v/poise-archive.svg)](https://rubygems.org/gems/poise-archive)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-archive.svg)](https://supermarket.chef.io/cookbooks/poise-archive)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-archive.svg)](https://codecov.io/github/poise/poise-archive)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-archive.svg)](https://gemnasium.com/poise/poise-archive)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to unpack file archives.\n\nIt supports `.tar`, `.tar.gz`, `.tar.bz2`, and `.zip` archive files.\n\n## Quick Start\n\nTo download an unpack and archive:\n\n```ruby\npoise_archive 'https://example.com/myapp.tgz' do\n destination '/opt/myapp'\nend\n```\n\n## Requirements\n\nChef 12.1 or newer is required.\n\n## Platforms\n\nThis cookbook supports all platforms (including Windows) but some Unix platforms\n(Solaris, AIX) may see very slow tar file unpacking when using the pure-Ruby fallback\nimplementation.\n\n## Resources\n\n### `poise_archive`\n\nThe `poise_archive` resource unpacks file archives.\n\n```ruby\npoise_archive '/tmp/myapp-1.2.0.tar' do\n destination '/srv/myapp-1.2.0'\nend\n```\n\nA URL can also be passed as the source path, optionally with extra properties to\nbe merged with `source_properties`.\n\n```ruby\npoise_archive 'http://example.com/myapp-1.2.0.zip' do\n destination '/srv/myapp-1.2.0'\nend\n\npoise_archive ['http://example.com/myapp-1.2.0.zip', {headers: {'Authentication' => '...'}}] do\n destination '/srv/myapp-1.2.0'\nend\n```\n\n#### Actions\n\n* `:unpack` – Unpack the archive. *(default)*\n\n#### Properties\n\n* `path` – Path to the archive. If relative, it is taken as a file inside\n `Chef::Config[:file_cache_path]`. If a URL, it is downloaded to a cache file\n first. *(name attribute)*\n* `destination` – Path to unpack the archive to. If not specified, the path of\n the archive without the file extension is used. Required when unpacking from\n a URL. *(default: auto)*\n* `group` – Group to run the unpack as.\n* `keep_existing` – Keep existing files in the destination directory when\n unpacking. *(default: false)*\n* `source_properties` – Property key/value pairs to be applied to the\n `remote_file` file resource when downloading a URL. *(default: {retries: 5})*\n* `strip_components` – Number of intermediary directories to skip when\n unpacking. Works like GNU tar's `--strip-components`. *(default: 1)*\n* `user` – User to run the unpack as.\n\n## Sponsors\n\nDevelopment sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2016-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\nBZip2 implementation is based on RBzip2. Copyright Sebastian Staudt, Brian Lopez.\nRBzip2 code used under the terms of the new BSD license.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"poise":"~> 2.6"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-archive","issues_url":"https://github.com/poise/poise-archive/issues","chef_version":[["< 14",">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-build-essential/CHANGELOG.md b/cookbooks/poise-build-essential/CHANGELOG.md deleted file mode 100644 index 2e62ba5..0000000 --- a/cookbooks/poise-build-essential/CHANGELOG.md +++ /dev/null @@ -1,5 +0,0 @@ -# Poise-Build-Essential Changelog - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise-build-essential/README.md b/cookbooks/poise-build-essential/README.md deleted file mode 100644 index fd9979f..0000000 --- a/cookbooks/poise-build-essential/README.md +++ /dev/null @@ -1,85 +0,0 @@ -# Poise-Build-Essential Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-build-essential.svg)](https://travis-ci.org/poise/poise-build-essential) -[![Gem Version](https://img.shields.io/gem/v/poise-build-essential.svg)](https://rubygems.org/gems/poise-build-essential) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-build-essential.svg)](https://supermarket.chef.io/cookbooks/poise-build-essential) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-build-essential.svg)](https://codecov.io/github/poise/poise-build-essential) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-build-essential.svg)](https://gemnasium.com/poise/poise-build-essential) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to install a C compiler and build tools.. - -## Quick Start - -To install a C compiler: - -```ruby -include_recipe 'poise-build-essential' -``` - -Or to install using a resource and at compile time: - -```ruby -poise_build_essential 'build_essential' do - action :nothing -end.run_action(:install) -``` - -## Recipes - -* `poise-build-essential::default` – Install a C compiler and build tools. - -## Attributes - -* `node['poise-build-essential']['action']` – Action to use. One of install, - upgrade, or remove. *(default: install)* -* `node['poise-build-essential']['allow_unsupported_platform']` – Whether or not - to raise an error on unsupported platforms. *(default: false)* - -## Resources - -### `poise_build_essential` - -The `poise_build_essential` resource installs a C compiler and build tools. - -```ruby -poise_build_essential 'build_essential' do - allow_unsupported_platform true -end -``` - -#### Actions - -* `:install` – Install a C compiler. *(default)* -* `:upgrade` – Install a C compiler using `package action :ugprade` rules. -* `:remove` – Remove a C compiler. - -#### Properties - -* `allow_unsupported_platform` – Whether or not to raise an error on unsupported - platforms. *(default: false)* - -## Sponsors - -Development sponsored by [SAP](https://www.sap.com/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Some code copyright 2008-2017, Chef Software, Inc. Used under the terms of the -Apache License, Version 2.0. - -Copyright 2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-build-essential/attributes/default.rb b/cookbooks/poise-build-essential/attributes/default.rb deleted file mode 100644 index 0b97ec0..0000000 --- a/cookbooks/poise-build-essential/attributes/default.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Action to use. One of install, upgrade, or remove. -default['poise-build-essential']['action'] = 'install' - -# Whether or not to raise an error on unsupported platforms. -default['poise-build-essential']['allow_unsupported_platform'] = false diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential.rb deleted file mode 100644 index 85106af..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseBuildEssential - autoload :BuildEssentialProviders, 'poise_build_essential/build_essential_providers' - autoload :Resources, 'poise_build_essential/resources' - autoload :VERSION, 'poise_build_essential/version' -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers.rb deleted file mode 100644 index d8cd687..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_build_essential/build_essential_providers/debian' -require 'poise_build_essential/build_essential_providers/freebsd' -require 'poise_build_essential/build_essential_providers/mac_os_x' -require 'poise_build_essential/build_essential_providers/omnios' -require 'poise_build_essential/build_essential_providers/rhel' -require 'poise_build_essential/build_essential_providers/smartos' -require 'poise_build_essential/build_essential_providers/solaris' -require 'poise_build_essential/build_essential_providers/suse' -# require 'poise_build_essential/build_essential_providers/windows' - - -module PoiseBuildEssential - # Inversion providers for the poise_build_essential resource. - # - # @since 1.0.0 - module BuildEssentialProviders - # Set up priority maps - Chef::Platform::ProviderPriorityMap.instance.priority(:poise_build_essential, [ - PoiseBuildEssential::BuildEssentialProviders::Debian, - PoiseBuildEssential::BuildEssentialProviders::FreeBSD, - PoiseBuildEssential::BuildEssentialProviders::MacOSX, - PoiseBuildEssential::BuildEssentialProviders::OmniOS, - PoiseBuildEssential::BuildEssentialProviders::RHEL, - PoiseBuildEssential::BuildEssentialProviders::SmartOS, - PoiseBuildEssential::BuildEssentialProviders::Solaris, - PoiseBuildEssential::BuildEssentialProviders::SUSE, - # PoiseBuildEssential::BuildEssentialProviders::Windows, - PoiseBuildEssential::BuildEssentialProviders::Base, - ]) - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/base.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/base.rb deleted file mode 100644 index 7c6e912..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/base.rb +++ /dev/null @@ -1,103 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'poise' - - -module PoiseBuildEssential - module BuildEssentialProviders - # The provider base class for `poise_build_essential`. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class Base < Chef::Provider - include Poise - provides(:poise_build_essential) - - # The `install` action for the `poise_build_essential` resource. - # - # @return [void] - def action_install - notifying_block do - install_build_essential - end - end - - # The `upgrade` action for the `poise_build_essential` resource. - # - # @return [void] - def action_upgrade - notifying_block do - upgrade_build_essential - end - end - - # The `remove` action for the `poise_build_essential` resource. - # - # @return [void] - def action_remove - notifying_block do - remove_build_essential - end - end - - private - - # Install C compiler and build tools. Must be implemented by subclasses. - # - # @abstract - def install_build_essential - unsupported_platform("Unknown platform for poise_build_eseential: #{node['platform']} (#{node['platform_family']})") - # Return an array so upgrade/remove also work. - [] - end - - # Upgrade C compiler and build tools. Must be implemented by subclasses. - # - # @abstract - def upgrade_build_essential - install_build_essential.tap do |installed| - Array(installed).each {|r| r.action(:upgrade) } - end - end - - # Uninstall C compiler and build tools. Must be implemented by subclasses. - # - # @abstract - def remove_build_essential - install_build_essential.tap do |installed| - Array(installed).each {|r| r.action(:remove) } - end - end - - # Helper method for either warning about an unsupported platform or raising - # an exception. - # - # @api private - # @param msg [String] Error message to display. - # @return [void] - def unsupported_platform(msg) - if new_resource.allow_unsupported_platform - Chef::Log.warn(msg) - else - raise RuntimeError.new(msg) - end - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/debian.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/debian.rb deleted file mode 100644 index 9fd0bd9..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/debian.rb +++ /dev/null @@ -1,41 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on Debian platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class Debian < Base - provides(:poise_build_essential, platform_family: 'debian') - - private - - # (see Base#install_build_essential) - def install_build_essential - package %w{autoconf binutils-doc bison build-essential flex gettext ncurses-dev} - end - - end - end -end - - diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/freebsd.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/freebsd.rb deleted file mode 100644 index d462c2b..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/freebsd.rb +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on FreeBSD platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class FreeBSD < Base - provides(:poise_build_essential, platform_family: 'freebsd') - - private - - # (see Base#install_build_essential) - def install_build_essential - pkgs = %w{devel/gmake devel/autoconf devel/m4 devel/gettext} - # Only install gcc on freebsd 9.x - 10 uses clang. - if node['platform_version'].to_i <= 9 - pkgs << 'lang/gcc49' - end - pkgs.map {|name| package name } - end - - end - end -end - - diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/mac_os_x.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/mac_os_x.rb deleted file mode 100644 index ab2849c..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/mac_os_x.rb +++ /dev/null @@ -1,66 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on macOS platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class MacOSX < Base - provides(:poise_build_essential, platform_family: 'mac_os_x') - - private - - # (see Base#install_build_essential) - def install_build_essential - # This script was graciously borrowed and modified from Tim Sutton's - # osx-vm-templates at https://github.com/timsutton/osx-vm-templates/blob/b001475df54a9808d3d56d06e71b8fa3001fff42/scripts/xcode-cli-tools.sh - execute 'install XCode Command Line tools' do - command <<-EOH -# create the placeholder file that's checked by CLI updates' .dist code -# in Apple's SUS catalog -touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress -# find the CLI Tools update -PROD=$(softwareupdate -l | grep "\*.*Command Line" | head -n 1 | awk -F"*" '{print $2}' | sed -e 's/^ *//' | tr -d '\n') -# install it -softwareupdate -i "$PROD" --verbose -# Remove the placeholder to prevent perpetual appearance in the update utility -rm -f /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress - EOH - not_if 'pkgutil --pkgs=com.apple.pkg.CLTools_Executables' - end - end - - # (see Base#upgrade_build_essential) - def upgrade_build_essential - # Make upgrade the same as install on Mac. - install_build_essential - end - - # (see Base#remove_build_essential) - def remove_build_essential - # Not sure how to do this, ignoring for now. - raise NotImplementedError - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/omnios.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/omnios.rb deleted file mode 100644 index 3a22af0..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/omnios.rb +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on OmniOS platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class OmniOS < Base - provides(:poise_build_essential, platform_family: 'omnios') - - private - - # (see Base#install_build_essential) - def install_build_essential - # Per OmniOS documentation, the gcc bin dir isn't in the default - # $PATH, so add it to the running process environment. - # http://omnios.omniti.com/wiki.php/DevEnv - ENV['PATH'] = "#{ENV['PATH']}:/opt/gcc-4.7.2/bin" - - %w{developer/gcc48 developer/object-file developer/linker - developer/library/lint developer/build/gnu-make system/header - system/library/math/header-math}.map {|name| package name } - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/rhel.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/rhel.rb deleted file mode 100644 index 65052a5..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/rhel.rb +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on RedHat and Fedora platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class RHEL < Base - provides(:poise_build_essential, platform_family: %w{rhel fedora}) - - private - - # (see Base#install_build_essential) - def install_build_essential - pkgs = %w{autoconf bison flex gcc gcc-c++ gettext kernel-devel make m4 ncurses-devel patch} - # Ensure GCC 4 is available on older pre-6 EL - if node['platform_family'] == 'rhel' && node['platform_version'].to_i < 6 - pkgs += %w{gcc44 gcc44-c++} - end - package pkgs - end - - end - end -end - - diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/smartos.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/smartos.rb deleted file mode 100644 index 8f45af1..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/smartos.rb +++ /dev/null @@ -1,39 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on SmartOS platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class SmartOS < Base - provides(:poise_build_essential, platform_family: 'smartos') - - private - - # (see Base#install_build_essential) - def install_build_essential - %w{autoconf binutils build-essential gcc47 gmake pkg-config}.map {|name| package name } - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/solaris.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/solaris.rb deleted file mode 100644 index 2ef2b50..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/solaris.rb +++ /dev/null @@ -1,47 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on Solaris platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class Solaris < Base - provides(:poise_build_essential, platform_family: 'solaris2') - - private - - # (see Base#install_build_essential) - def install_build_essential - if node['platform_version'].to_f < 5.11 - unsupported_platform('poise_build_essential does not support Solaris before 11. You will need to install SUNWbison, SUNWgcc, SUNWggrp, SUNWgmake, and SUNWgtar from the Solaris DVD') - return [] - end - - # lock because we don't use gcc 5 yet. - [package('gcc') { version '4.8.2'} ] + \ - %w{autoconf automake bison gnu-coreutils flex gcc-3 gnu-grep gnu-make - gnu-patch gnu-tar make pkg-config ucb}.map {|name| package name } - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/suse.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/suse.rb deleted file mode 100644 index b734631..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/suse.rb +++ /dev/null @@ -1,43 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on SUSE platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class SUSE < Base - provides(:poise_build_essential, platform_family: 'suse') - - private - - # (see Base#install_build_essential) - def install_build_essential - pkgs = %w{autoconf bison flex gcc gcc-c++ kernel-default-devel make m4} - if node['platform_version'].to_i < 12 - pkgs += %w{gcc48 gcc48-c++} - end - package pkgs - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/windows.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/windows.rb deleted file mode 100644 index 67251db..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/build_essential_providers/windows.rb +++ /dev/null @@ -1,68 +0,0 @@ -# -# Copyright 2008-2017, Chef Software, Inc. -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/build_essential_providers/base' - - -module PoiseBuildEssential - module BuildEssentialProviders - # A provider for `poise_build_essential` to install on Windows platforms. - # - # @see PoiseBuildEssential::Resources::PoiseBuildEssential::Resource - # @provides poise_build_essential - class Windows < Base - provides(:poise_build_essential, platform_family: 'windows') - - private - - # (see Base#install_build_essential) - def install_build_essential - install_build_essential_packages - end - - # (see Base#upgrade_build_essential) - def upgrade_build_essential - # Upgrade and install are the same on Windows. (?) - install_build_essential - end - - # (see Base#remove_build_essential) - def remove_build_essential - raise NotImplementedError - end - - # Install MSYS2 packages needed for the build environment. - # - # @api private - # @return [Array] - def install_build_essential_packages - # TODO This probably won't work on 32-bit right now, fix that. - [ - 'base-devel', # Brings down msys based bash/make/awk/patch/stuff. - 'mingw-w64-x86_64-toolchain', # Puts 64-bit SEH mingw toolchain in msys2\mingw64. - 'mingw-w64-i686-toolchain' # Puts 32-bit DW2 mingw toolchain in msys2\ming32. - ].map do |pkg_group| - # The pacman package provider doesn't support groups, so going old-school. - poise_msys2_execute "pacman --sync #{pkg_group}" do - command ['pacman', '--sync', '--noconfirm', '--noprogressbar', '--needed', pkg_group] - end - end - end - - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/cheftie.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/cheftie.rb deleted file mode 100644 index c771207..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/resources' -require 'poise_build_essential/build_essential_providers' diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources.rb deleted file mode 100644 index 25c75d3..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_build_essential/resources/poise_build_essential' - - -module PoiseBuildEssential - # Chef resources and providers for poise-build-essential. - # - # @since 1.0.0 - module Resources - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources/poise_build_essential.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources/poise_build_essential.rb deleted file mode 100644 index e5e08cc..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/resources/poise_build_essential.rb +++ /dev/null @@ -1,48 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise' - - -module PoiseBuildEssential - module Resources - # (see PoiseBuildEssential::Resource) - # @since 1.0.0 - module PoiseBuildEssential - # A `poise_build_essential` resource to install a C compiler and build tools. - # - # @provides poise_build_essential - # @action install - # @action upgrade - # @action uninstall - # @example - # poise_build_essential 'build-essential' - class Resource < Chef::Resource - include Poise - provides(:poise_build_essential) - actions(:install, :upgrade, :remove) - - # @!attribute allow_unsupported_platform - # Whether or not to raise an error on unsupported platforms. - # @return [Boolean] - attribute(:allow_unsupported_platform, kind_of: [TrueClass, FalseClass], default: lazy { node['poise-build-essential']['allow_unsupported_platform'] }) - end - - # Providers can be found under build_essential_providers/. - end - end -end diff --git a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/version.rb b/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/version.rb deleted file mode 100644 index 58a1c80..0000000 --- a/cookbooks/poise-build-essential/files/halite_gem/poise_build_essential/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseBuildEssential - VERSION = '1.0.0' -end diff --git a/cookbooks/poise-build-essential/libraries/default.rb b/cookbooks/poise-build-essential/libraries/default.rb deleted file mode 100644 index 4b0a953..0000000 --- a/cookbooks/poise-build-essential/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_build_essential/cheftie" diff --git a/cookbooks/poise-build-essential/metadata.json b/cookbooks/poise-build-essential/metadata.json deleted file mode 100644 index c1ddba6..0000000 --- a/cookbooks/poise-build-essential/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-build-essential","version":"1.0.0","description":"A Chef cookbook to install a C compiler and build tools.","long_description":"# Poise-Build-Essential Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-build-essential.svg)](https://travis-ci.org/poise/poise-build-essential)\n[![Gem Version](https://img.shields.io/gem/v/poise-build-essential.svg)](https://rubygems.org/gems/poise-build-essential)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-build-essential.svg)](https://supermarket.chef.io/cookbooks/poise-build-essential)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-build-essential.svg)](https://codecov.io/github/poise/poise-build-essential)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-build-essential.svg)](https://gemnasium.com/poise/poise-build-essential)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to install a C compiler and build tools..\n\n## Quick Start\n\nTo install a C compiler:\n\n```ruby\ninclude_recipe 'poise-build-essential'\n```\n\nOr to install using a resource and at compile time:\n\n```ruby\npoise_build_essential 'build_essential' do\n action :nothing\nend.run_action(:install)\n```\n\n## Recipes\n\n* `poise-build-essential::default` – Install a C compiler and build tools.\n\n## Attributes\n\n* `node['poise-build-essential']['action']` – Action to use. One of install,\n upgrade, or remove. *(default: install)*\n* `node['poise-build-essential']['allow_unsupported_platform']` – Whether or not\n to raise an error on unsupported platforms. *(default: false)*\n\n## Resources\n\n### `poise_build_essential`\n\nThe `poise_build_essential` resource installs a C compiler and build tools.\n\n```ruby\npoise_build_essential 'build_essential' do\n allow_unsupported_platform true\nend\n```\n\n#### Actions\n\n* `:install` – Install a C compiler. *(default)*\n* `:upgrade` – Install a C compiler using `package action :ugprade` rules.\n* `:remove` – Remove a C compiler.\n\n#### Properties\n\n* `allow_unsupported_platform` – Whether or not to raise an error on unsupported\n platforms. *(default: false)*\n\n## Sponsors\n\nDevelopment sponsored by [SAP](https://www.sap.com/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nSome code copyright 2008-2017, Chef Software, Inc. Used under the terms of the\nApache License, Version 2.0.\n\nCopyright 2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"poise":"~> 2.6"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-build-essential","issues_url":"https://github.com/poise/poise-build-essential/issues","chef_version":[["< 14",">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-build-essential/recipes/default.rb b/cookbooks/poise-build-essential/recipes/default.rb deleted file mode 100644 index 9c89821..0000000 --- a/cookbooks/poise-build-essential/recipes/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -poise_build_essential 'build_essential' do - action node['poise-build-essential']['action'].to_sym -end diff --git a/cookbooks/poise-git/CHANGELOG.md b/cookbooks/poise-git/CHANGELOG.md deleted file mode 100644 index d037b8c..0000000 --- a/cookbooks/poise-git/CHANGELOG.md +++ /dev/null @@ -1,5 +0,0 @@ -# Poise-Git Changelog - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise-git/README.md b/cookbooks/poise-git/README.md deleted file mode 100644 index 2d8a6e0..0000000 --- a/cookbooks/poise-git/README.md +++ /dev/null @@ -1,151 +0,0 @@ -# Poise-Git Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-git.svg)](https://travis-ci.org/poise/poise-git) -[![Gem Version](https://img.shields.io/gem/v/poise-git.svg)](https://rubygems.org/gems/poise-git) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-git.svg)](https://supermarket.chef.io/cookbooks/poise-git) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-git.svg)](https://codecov.io/github/poise/poise-git) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-git.svg)](https://gemnasium.com/poise/poise-git) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to manage [Git](https://git-scm.com/). - -## Quick Start - -To install Git and clone a repository using a deploy key from a data bag: - -```ruby -poise_git '/srv/myapp' do - repository 'git@github.com:example/myapp.git' - deploy_key data_bag_item('keys', 'myapp')['key'] -end -``` - -To install Git and clone a repository using a deploy key that already exists on -disk: - -```ruby -poise_git '/srv/myapp' do - repository 'git@github.com:example/myapp.git' - deploy_key '/path/to/mykey.pem' -end -``` - -## Recipes - -* `poise-git::default` – Install Git. - -## Attributes - -* `node['poise-git']['default_recipe']` – Recipe used by `poise_git` to install - Git if not already available. *(default: poise-git)* -* `node['poise-git']['provider']` – Default provider for `poise_git_client` resource - instances. *(default: auto)* -* `node['poise-git']['recipe'][*]` – All subkeys of `'recipe'` will be passed - as properties to the `poise_git_client` resource before installation when using - the `poise-git::default` recipe. - -## Resources - -### `poise_git` - -The `poise_git` resource extends the core `git` resource, adding a `deploy_key` -property to use SSH deploy keys automatically. - -```ruby -poise_git '/srv/myapp' do - repository 'git@github.com:example/myapp.git' - deploy_key 'mysecretkey' -end -``` - -The `poise_git` resource supports all the same actions and properties as the -core `git` resource. - -The `deploy_key` property can either be passed the absolute path to an existing -SSH key file, or the raw SSH private key text. - -### `poise_git_client` - -The `poise_git_client` resource installs Git. - -```ruby -poise_git_client 'git' -``` - -#### Actions - -* `:install` – Install Git. *(default)* -* `:uninstall` – Uninstall Git. - -#### Properties - -* `version` – Version of Git to install. If a partial version is given, use the - latest available version matching that prefix. *(name property)* - -#### Provider Options - -The `poise_git_client` resource uses provide options for per-provider configuration. See -[the poise-service documentation](https://github.com/poise/poise-service#service-options) -for more information on using provider options. - -## Git Client Providers - -### `system` - -The `system` provider installs Git using system packages. This is currently -only tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS -Amazon Linux, and Fedora) and is a default provider on those platforms. It may -work on other platforms but is untested. - -```ruby -poise_git_client 'git' do - provider :system -end -``` - -#### Options - -* `package_name` – Override auto-detection of the package name. -* `package_upgrade` – Install using action `:upgrade`. *(default: false)* -* `package_version` – Override auto-detection of the package version. - -### `dummy` - -The `dummy` provider supports using the `poise_git_client` resource with ChefSpec -or other testing frameworks to not actually install Git. It is used by default under -ChefSpec. It can also be used to manage the Git installation externally from -this cookbook. - -```ruby -poise_git_client 'git' do - provider :dummy - options git_binary: '/path/to/git' -end -``` - -#### Provider Options - -* `git_binary` – Path to the `git` executable. *(default: /git)* -* `git_environment` – Hash of environment variables to use with this Git. *(default: {})* - -## Sponsors - -Development sponsored by [SAP](https://www.sap.com/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-git/attributes/default.rb b/cookbooks/poise-git/attributes/default.rb deleted file mode 100644 index ae15453..0000000 --- a/cookbooks/poise-git/attributes/default.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Default recipe to use to install git. -default['poise-git']['default_recipe'] = 'poise-git' - -# Default inversion options. -default['poise-git']['provider'] = 'auto' -default['poise-git']['options'] = {} - -# Attributes for recipe[poise-git]. All values are nil because the actual -# defaults live in the resource. -default['poise-git']['recipe']['version'] = nil diff --git a/cookbooks/poise-git/files/halite_gem/poise_git.rb b/cookbooks/poise-git/files/halite_gem/poise_git.rb deleted file mode 100644 index 9da6e6a..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseGit - autoload :GitClientProviders, 'poise_git/git_client_providers' - autoload :GitCommandMixin, 'poise_git/git_command_mixin' - autoload :Resources, 'poise_git/resources' - autoload :SafeString, 'poise_git/safe_string' - autoload :VERSION, 'poise_git/version' -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/cheftie.rb b/cookbooks/poise-git/files/halite_gem/poise_git/cheftie.rb deleted file mode 100644 index 54b295f..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_git/resources' -require 'poise_git/git_client_providers' diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers.rb b/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers.rb deleted file mode 100644 index 552a035..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers.rb +++ /dev/null @@ -1,36 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_git/git_client_providers/dummy' -require 'poise_git/git_client_providers/system' - - -module PoiseGit - # Inversion providers for the poise_git resource. - # - # @since 1.0.0 - module GitClientProviders - autoload :Base, 'poise_git/git_client_providers/base' - - # Set up priority maps - Chef::Platform::ProviderPriorityMap.instance.priority(:poise_git_client, [ - PoiseGit::GitClientProviders::Dummy, - PoiseGit::GitClientProviders::System, - ]) - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/base.rb b/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/base.rb deleted file mode 100644 index fdc370c..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/base.rb +++ /dev/null @@ -1,93 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'poise' - - -module PoiseGit - module GitClientProviders - # The provider base class for `poise_git_client`. - # - # @see PoiseGit::Resources::PoiseGitClient::Resource - # @provides poise_git_client - class Base < Chef::Provider - include Poise(inversion: :poise_git_client) - provides(:poise_git_client) - - # Set default inversion options. - # - # @api private - def self.default_inversion_options(node, new_resource) - super.merge({ - version: new_resource.version, - }) - end - - # The `install` action for the `poise_git_client` resource. - # - # @return [void] - def action_install - notifying_block do - install_git - end - end - - # The `uninstall` action for the `poise_git_client` resource. - # - # @return [void] - def action_uninstall - notifying_block do - uninstall_git - end - end - - # The path to the `git` binary. This is an output property. - # - # @abstract - # @return [String] - def git_binary - raise NotImplementedError - end - - # The environment variables for this Git. This is an output property. - # - # @return [Hash] - def git_environment - {} - end - - private - - # Install git. - # - # @abstract - # @return [void] - def install_git - raise NotImplementedError - end - - # Uninstall git. - # - # @abstract - # @return [void] - def uninstall_git - raise NotImplementedError - end - - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/dummy.rb b/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/dummy.rb deleted file mode 100644 index 39f1194..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/dummy.rb +++ /dev/null @@ -1,79 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_git/git_client_providers/base' - - -module PoiseGit - module GitClientProviders - # Inversion provider for the `poise_git_client` resource to use a fake Git, - # for use in unit tests. - # - # @since 1.0.0 - # @see PoiseGit::Resources::PoiseGitClient::Resource - # @provides poise_git_client - class Dummy < Base - provides(:dummy) - - # Enable by default on ChefSpec. - # - # @api private - def self.provides_auto?(node, _resource) - node.platform?('chefspec') - end - - # Manual overrides for dummy data. - # - # @api private - def self.default_inversion_options(node, resource) - super.merge({ - git_binary: '/git', - git_environment: nil, - }) - end - - # The `install` action for the `poise_git_client` resource. - # - # @return [void] - def action_install - # This space left intentionally blank. - end - - # The `uninstall` action for the `poise_git_client` resource. - # - # @return [void] - def action_uninstall - # This space left intentionally blank. - end - - # Path to the non-existent Git. - # - # @return [String] - def git_binary - options['git_binary'] - end - - # Environment for the non-existent Git. - # - # @return [String] - def git_environment - options['git_environment'] || super - end - - end - end -end - diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/system.rb b/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/system.rb deleted file mode 100644 index 812039d..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/git_client_providers/system.rb +++ /dev/null @@ -1,73 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_languages' - -require 'poise_git/git_client_providers/base' - - -module PoiseGit - module GitClientProviders - # A provider for `poise_git_client` to install from distro packages. - # - # @since 1.0.0 - # @see PoiseGit::Resources::PoiseGitClient::Resource - # @provides poise_git_client - class System < Base - include PoiseLanguages::System::Mixin - provides(:system) - packages('git', { - omnios: {default: %w{developer/versioning/git}}, - smartos: {default: %w{scmgit}}, - }) - - # Output value for the Git binary we are installing. - def git_binary - # What should this be for OmniOS and SmartOS? - "/usr/bin/git" - end - - private - - # Install git from system packages. - # - # @return [void] - def install_git - install_system_packages do - # Unlike language-ish packages, we don't need a headers package. - dev_package false - end - end - - # Remove git from system packages. - # - # @return [void] - def uninstall_git - uninstall_system_packages do - # Unlike language-ish packages, we don't need a headers package. - dev_package false - end - end - - def system_package_candidates(version) - # This is kind of silly, could use a refactor in the mixin but just - # moving on for right now. - node.value_for_platform(self.class.packages) || %w{git} - end - - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/git_command_mixin.rb b/cookbooks/poise-git/files/halite_gem/poise_git/git_command_mixin.rb deleted file mode 100644 index 7e1d3f0..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/git_command_mixin.rb +++ /dev/null @@ -1,37 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' -require 'poise_languages' - - -module PoiseGit - # Mixin for resources and providers which run Git commands. - # - # @since 1.0.0 - module GitCommandMixin - include Poise::Utils::ResourceProviderMixin - - # Mixin for resources which run Git commands. - module Resource - include PoiseLanguages::Command::Mixin::Resource(:git, runtime: :poise_git_client) - end - - module Provider - include PoiseLanguages::Command::Mixin::Provider(:git) - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/resources.rb b/cookbooks/poise-git/files/halite_gem/poise_git/resources.rb deleted file mode 100644 index ce7f5ab..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/resources.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_git/resources/poise_git_client' -require 'poise_git/resources/poise_git' - - -module PoiseGit - # Chef resources and providers for poise-git. - # - # @since 1.0.0 - module Resources - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git.rb b/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git.rb deleted file mode 100644 index 9eb621d..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git.rb +++ /dev/null @@ -1,252 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'shellwords' -require 'zlib' - -require 'chef/provider/git' -require 'chef/resource/git' -require 'poise' - -require 'poise_git/git_command_mixin' -require 'poise_git/safe_string' - - -module PoiseGit - module Resources - # (see PoiseGit::Resource) - # @since 1.0.0 - module PoiseGit - # A `poise_git` resource to manage Python installations using pip. - # - # @provides poise_git - # @action checkout - # @action export - # @action sync - # @example - # poise_git '/srv/myapp' do - # repository 'https://...' - # deploy_key data_bag_item('deploy_keys', 'myapp')['key'] - # end - class Resource < Chef::Resource::Git - include Poise - include ::PoiseGit::GitCommandMixin - provides(:poise_git) - # Manually create matchers because #actions is unreliable. - %i{checkout export sync}.each do |action| - Poise::Helpers::ChefspecMatchers.create_matcher(:poise_git, action) - end - - # @api private - def initialize(*args) - super - # Because the superclass declares this, we have to as well. Should be - # removable at some point when Chef makes everything use the provider - # resolver system instead. - @resource_name = :poise_git if defined?(@resource_name) && @resource_name - @provider = ::PoiseGit::Resources::PoiseGit::Provider if defined?(@provider) && @provider - end - - # @!attribute strict_ssh - # Enable strict SSH host key checking. Defaults to false. - # @return [Boolean] - attribute(:strict_ssh, equal_to: [true, false], default: false) - - # @!attribute deploy_key - # SSH deploy key as either a string value or a path to a key file. - # @return [String] - def deploy_key(val=nil) - # Use a SafeString for literal deploy keys so they aren't shown. - val = SafeString.new(val) if val && !deploy_key_is_local?(val) - set_or_return(:deploy_key, val, kind_of: String) - end - - # Default SSH wrapper path. - # - # @api private - # @return [String] - def ssh_wrapper_path - @ssh_wrapper_path ||= "#{Chef::Config[:file_cache_path]}/poise_git_wrapper_#{Zlib.crc32(name)}" - end - - # Guess if the deploy key is a local path or literal value. - # - # @api private - # @param key [String, nil] Key value to check. Defaults to self.key. - # @return [Boolean] - def deploy_key_is_local?(key=nil) - key ||= deploy_key - # Try to be mindful of Windows-y paths here even though they almost - # certainly won't actually work later on with ssh. - key && key =~ /\A(\/|[a-zA-Z]:)/ - end - - # Path to deploy key. - # - # @api private - # @return [String] - def deploy_key_path - @deploy_key_path ||= if deploy_key_is_local? - deploy_key - else - "#{Chef::Config[:file_cache_path]}/poise_git_deploy_#{Zlib.crc32(name)}" - end - end - - # Hook to force the git install via recipe if needed. - def after_created - if !parent_git && node['poise-git']['default_recipe'] - # Use the default recipe to give us a parent the next time we ask. - run_context.include_recipe(node['poise-git']['default_recipe']) - # Force it to re-expand the cache next time. - @parent_git = nil - end - super - end - - end - - # The default provider for the `poise_git` resource. - # - # @see Resource - class Provider < Chef::Provider::Git - include Poise - include ::PoiseGit::GitCommandMixin - provides(:poise_git) - - # @api private - def initialize(*args) - super - # Set the SSH wrapper path in a late-binding kind of way. This better - # supports situations where the user doesn't exist until Chef converges. - new_resource.ssh_wrapper(new_resource.ssh_wrapper_path) if new_resource.deploy_key - end - - # Hack our special login in before load_current_resource runs because that - # needs access to the git remote. - # - # @api private - def load_current_resource - create_deploy_key if new_resource.deploy_key - super - end - - # Like {#load_current_resource}, make sure git is installed since we might - # need it depending on the version of Chef. - # - # @api private - def define_resource_requirements - create_deploy_key if new_resource.deploy_key - super - end - - private - - # Install git and set up the deploy key if needed. Safe to call multiple - # times if needed. - # - # @api private - # @return [void] - def create_deploy_key - return if @create_deploy_key - Chef::Log.debug("[#{new_resource}] Creating deploy key") - old_why_run = Chef::Config[:why_run] - begin - # Forcibly disable why run support so these will always run, since - # we need to be able to talk to the git remote even just for the - # whyrun checks. - Chef::Config[:why_run] = false - notifying_block do - write_deploy_key - write_ssh_wrapper - end - ensure - Chef::Config[:why_run] = old_why_run - end - @create_deploy_key = true - end - - # Copy the deploy key to a file if needed. - # - # @api private - # @return [void] - def write_deploy_key - # Check if we have a local path or some actual content - return if new_resource.deploy_key_is_local? - file new_resource.deploy_key_path do - owner new_resource.user - group new_resource.group - mode '600' - content new_resource.deploy_key - sensitive true - end - end - - # Create the SSH wrapper script. - # - # @api private - # @return [void] - def write_ssh_wrapper - # Write out the GIT_SSH script, it should already be enabled above - file new_resource.ssh_wrapper_path do - owner new_resource.user - group new_resource.group - mode '700' - content %Q{#!/bin/sh\n/usr/bin/env ssh #{'-o "StrictHostKeyChecking=no" ' unless new_resource.strict_ssh}-i "#{new_resource.deploy_key_path}" $@\n} - end - end - - # Patch back in the `#git` from the git provider. This otherwise conflicts - # with the `#git` defined by the DSL, which gets included in such a way - # that the DSL takes priority. - # - # @api private - def git(*args, &block) - self.class.superclass.instance_method(:git).bind(self).call(*args, &block) - end - - # Trick all shell_out related things in the base class in to using - # my git_shell_out instead. - # - # @api private - def shell_out(*cmd, **options) - if @shell_out_hack_inner - # This is the real call. - super - else - # This ia call we want to intercept and send to our method. - begin - @shell_out_hack_inner = true - # Remove nils and flatten for compat with how core uses this method. - cmd.compact! - cmd.flatten! - # Reparse the command to get a clean array. - cmd = Shellwords.split(cmd.join(' ')) - # We'll add the git command back in ourselves. - cmd.shift if cmd.first == 'git' - # Push the yak stack. - git_shell_out(*cmd, **options) - ensure - @shell_out_hack_inner = false - end - end - end - - end - - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git_client.rb b/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git_client.rb deleted file mode 100644 index 0a83d4f..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/resources/poise_git_client.rb +++ /dev/null @@ -1,82 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise' - - -module PoiseGit - module Resources - # (see PoiseGitClient::Resource) - # @since 1.0.0 - module PoiseGitClient - # A `poise_git_client` resource to install a C compiler and build tools. - # - # @provides poise_git_client - # @action install - # @action uninstall - # @example - # poise_git_client 'git' - class Resource < Chef::Resource - include Poise(inversion: true, container: true) - provides(:poise_git_client) - actions(:install, :uninstall) - - # @!attribute version - # Version of Git to install. The version is prefix-matched so `'2'` - # will install the most recent Git 2.x, and so on. - # @return [String] - # @example Install any version - # poise_git_client 'any' do - # version '' - # end - # @example Install Git 2 - # poise_git_client '2' - attribute(:version, kind_of: String, default: lazy { default_version }) - - # The path to the `git` binary for this Git installation. This is - # an output property. - # - # @return [String] - # @example - # execute "#{resources('poise_git_client[git]').git_binary} init" - def git_binary - provider_for_action(:git_binary).git_binary - end - - # The environment variables for this Git installation. This is an - # output property. - # - # @return [Hash] - def git_environment - provider_for_action(:git_environment).git_environment - end - - private - - # Default value for the version property. Trims an optional `git-` from - # the resource name. - # - # @return [String] - def default_version - name[/^(git-?)?(.*)$/, 2] || '' - end - end - - # Providers can be found under git_client_providers/. - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/safe_string.rb b/cookbooks/poise-git/files/halite_gem/poise_git/safe_string.rb deleted file mode 100644 index 347e54f..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/safe_string.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseGit - # A string that won't be shown in Chef error output - class SafeString < String - def to_text - '"suppressed sensitive value"' - end - end -end diff --git a/cookbooks/poise-git/files/halite_gem/poise_git/version.rb b/cookbooks/poise-git/files/halite_gem/poise_git/version.rb deleted file mode 100644 index f998a84..0000000 --- a/cookbooks/poise-git/files/halite_gem/poise_git/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseGit - VERSION = '1.0.0' -end diff --git a/cookbooks/poise-git/libraries/default.rb b/cookbooks/poise-git/libraries/default.rb deleted file mode 100644 index b2f6163..0000000 --- a/cookbooks/poise-git/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_git/cheftie" diff --git a/cookbooks/poise-git/metadata.json b/cookbooks/poise-git/metadata.json deleted file mode 100644 index 610553d..0000000 --- a/cookbooks/poise-git/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-git","version":"1.0.0","description":"A Chef cookbook for installing and using Git.","long_description":"# Poise-Git Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-git.svg)](https://travis-ci.org/poise/poise-git)\n[![Gem Version](https://img.shields.io/gem/v/poise-git.svg)](https://rubygems.org/gems/poise-git)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-git.svg)](https://supermarket.chef.io/cookbooks/poise-git)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-git.svg)](https://codecov.io/github/poise/poise-git)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-git.svg)](https://gemnasium.com/poise/poise-git)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to manage [Git](https://git-scm.com/).\n\n## Quick Start\n\nTo install Git and clone a repository using a deploy key from a data bag:\n\n```ruby\npoise_git '/srv/myapp' do\n repository 'git@github.com:example/myapp.git'\n deploy_key data_bag_item('keys', 'myapp')['key']\nend\n```\n\nTo install Git and clone a repository using a deploy key that already exists on\ndisk:\n\n```ruby\npoise_git '/srv/myapp' do\n repository 'git@github.com:example/myapp.git'\n deploy_key '/path/to/mykey.pem'\nend\n```\n\n## Recipes\n\n* `poise-git::default` – Install Git.\n\n## Attributes\n\n* `node['poise-git']['default_recipe']` – Recipe used by `poise_git` to install\n Git if not already available. *(default: poise-git)*\n* `node['poise-git']['provider']` – Default provider for `poise_git_client` resource\n instances. *(default: auto)*\n* `node['poise-git']['recipe'][*]` – All subkeys of `'recipe'` will be passed\n as properties to the `poise_git_client` resource before installation when using\n the `poise-git::default` recipe.\n\n## Resources\n\n### `poise_git`\n\nThe `poise_git` resource extends the core `git` resource, adding a `deploy_key`\nproperty to use SSH deploy keys automatically.\n\n```ruby\npoise_git '/srv/myapp' do\n repository 'git@github.com:example/myapp.git'\n deploy_key 'mysecretkey'\nend\n```\n\nThe `poise_git` resource supports all the same actions and properties as the\ncore `git` resource.\n\nThe `deploy_key` property can either be passed the absolute path to an existing\nSSH key file, or the raw SSH private key text.\n\n### `poise_git_client`\n\nThe `poise_git_client` resource installs Git.\n\n```ruby\npoise_git_client 'git'\n```\n\n#### Actions\n\n* `:install` – Install Git. *(default)*\n* `:uninstall` – Uninstall Git.\n\n#### Properties\n\n* `version` – Version of Git to install. If a partial version is given, use the\n latest available version matching that prefix. *(name property)*\n\n#### Provider Options\n\nThe `poise_git_client` resource uses provide options for per-provider configuration. See\n[the poise-service documentation](https://github.com/poise/poise-service#service-options)\nfor more information on using provider options.\n\n## Git Client Providers\n\n### `system`\n\nThe `system` provider installs Git using system packages. This is currently\nonly tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS\nAmazon Linux, and Fedora) and is a default provider on those platforms. It may\nwork on other platforms but is untested.\n\n```ruby\npoise_git_client 'git' do\n provider :system\nend\n```\n\n#### Options\n\n* `package_name` – Override auto-detection of the package name.\n* `package_upgrade` – Install using action `:upgrade`. *(default: false)*\n* `package_version` – Override auto-detection of the package version.\n\n### `dummy`\n\nThe `dummy` provider supports using the `poise_git_client` resource with ChefSpec\nor other testing frameworks to not actually install Git. It is used by default under\nChefSpec. It can also be used to manage the Git installation externally from\nthis cookbook.\n\n```ruby\npoise_git_client 'git' do\n provider :dummy\n options git_binary: '/path/to/git'\nend\n```\n\n#### Provider Options\n\n* `git_binary` – Path to the `git` executable. *(default: /git)*\n* `git_environment` – Hash of environment variables to use with this Git. *(default: {})*\n\n## Sponsors\n\nDevelopment sponsored by [SAP](https://www.sap.com/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"poise":"~> 2.6","poise-languages":"~> 2.1"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-git","issues_url":"https://github.com/poise/poise-git/issues","chef_version":[["< 14",">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-git/recipes/default.rb b/cookbooks/poise-git/recipes/default.rb deleted file mode 100644 index a884efe..0000000 --- a/cookbooks/poise-git/recipes/default.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright 2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -poise_git_client 'git' do - node['poise-git']['recipe'].each do |key, value| - # Skip nils, use false if you want to disable something. - send(key, value) unless value.nil? - end -end diff --git a/cookbooks/poise-javascript/CHANGELOG.md b/cookbooks/poise-javascript/CHANGELOG.md deleted file mode 100644 index 6911f35..0000000 --- a/cookbooks/poise-javascript/CHANGELOG.md +++ /dev/null @@ -1,21 +0,0 @@ -# Poise-Javascript Changelog - -## v1.2.0 - -* Updated Node.js versions. The default version is now the Boron LTS series. -* Chef 13 support. - -## v1.1.0 - -* New version list for Node.js. -* Support new SCL structure and packages. - -## v1.0.1 - -* Update for Chef 12.6 compatibility. -* Update version list for `nodejs` provider. - -## v1.0.0 - -* Initial release! - diff --git a/cookbooks/poise-javascript/LICENSE b/cookbooks/poise-javascript/LICENSE deleted file mode 100644 index 11069ed..0000000 --- a/cookbooks/poise-javascript/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-javascript/README.md b/cookbooks/poise-javascript/README.md deleted file mode 100644 index a8368f4..0000000 --- a/cookbooks/poise-javascript/README.md +++ /dev/null @@ -1,332 +0,0 @@ -# Poise-Javascript Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-javascript.svg)](https://travis-ci.org/poise/poise-javascript) -[![Gem Version](https://img.shields.io/gem/v/poise-javascript.svg)](https://rubygems.org/gems/poise-javascript) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-javascript.svg)](https://supermarket.chef.io/cookbooks/poise-javascript) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-javascript.svg)](https://codecov.io/github/poise/poise-javascript) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-javascript.svg)](https://gemnasium.com/poise/poise-javascript) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to provide a unified interface for -installing server-side JavaScript runtimes like Node.js and io.js. - -## Quick Start - -To install the latest available version of Node.js 0.12: - -```ruby -javascript_runtime '0.12' -``` - -## Supported JavaScript Runtimes - -This cookbook can install Node.js and io.js on Linux and OS X. - -## Requirements - -Chef 12.1 or newer is required. - -## Attributes - -Attributes are used to configure the default recipe. - -* `node['poise-javascript']['install_nodejs']` – Install a Node.js runtime. *(default: true)* -* `node['poise-javascript']['install_iojs']` – Install an io.js runtime. *(default: false)* - -## Recipes - -### `default` - -The default recipe installs Node.js or io.js based on the node attributes. It is -entirely optional and can be ignored in favor of direct use of the -`javascript_runtime` resource. - -## Resources - -### `javascript_runtime` - -The `javascript_runtime` resource installs a JavaScript interpreter. - -```ruby -javascript_runtime '0.12' -``` - -#### Actions - -* `:install` – Install the JavaScript interpreter. *(default)* -* `:uninstall` – Uninstall the JavaScript interpreter. - -#### Properties - -* `version` – Version of the runtime to install. If a partial version is given, - use the latest available version matching that prefix. *(name property)* - -#### Provider Options - -The `poise-javascript` library offers an additional way to pass configuration -information to the final provider called "options". Options are key/value pairs -that are passed down to the `javascript_runtime` provider and can be used to control how it -installs JavaScript. These can be set in the `javascript_runtime` -resource using the `options` method, in node attributes or via the -`javascript_runtime_options` resource. The options from all sources are merged -together in to a single hash. - -When setting options in the resource you can either set them for all providers: - -```ruby -javascript_runtime 'myapp' do - version '0.10' - options dev_package: false -end -``` - -or for a single provider: - -```ruby -javascript_runtime 'myapp' do - version '0.10' - options :system, dev_package: false -end -``` - -Setting via node attributes is generally how an end-user or application cookbook -will set options to customize installations in the library cookbooks they are using. -You can set options for all installations or for a single runtime: - -```ruby -# Global, for all installations. -override['poise-javascript']['options']['version'] = '0.10' -# Single installation. -override['poise-javascript']['myapp']['version'] = 'iojs' -``` - -The `javascript_runtime_options` resource is also available to set node attributes -for a specific installation in a DSL-friendly way: - -```ruby -javascript_runtime_options 'myapp' do - version 'iojs' -end -``` - -Unlike resource attributes, provider options can be different for each provider. -Not all providers support the same options so make sure to the check the -documentation for each provider to see what options the use. - -### `javascript_runtime_options` - -The `javascript_runtime_options` resource allows setting provider options in a -DSL-friendly way. See [the Provider Options](#provider-options) section for more -information about provider options overall. - -```ruby -javascript_runtime_options 'myapp' do - version 'iojs' -end -``` - -#### Actions - -* `:run` – Apply the provider options. *(default)* - -#### Properties - -* `resource` – Name of the `javascript_runtime` resource. *(name property)* -* `for_provider` – Provider to set options for. - -All other attribute keys will be used as options data. - -### `javascript_execute` - -The `javascript_execute` resource executes a JavaScript script using the configured runtime. - -```ruby -javascript_execute 'myapp.js' do - user 'myuser' -end -``` - -This uses the built-in `execute` resource and supports all the same properties. - -#### Actions - -* `:run` – Execute the script. *(default)* - -#### Properties - -* `command` – Script and arguments to run. Must not include the `node`. *(name attribute)* -* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the - most recently declared `javascript_runtime` will be used. Can also be set to the - full path to a `node` binary. - -For other properties see the [Chef documentation](https://docs.chef.io/resource_execute.html#attributes). - -### `node_package` - -The `node_package` resource installs Node.js packages using -[NPM](https://www.npmjs.com/). - -```ruby -node_package 'express' do - version '4.13.3' -end -``` - -This uses the built-in `package` resource and supports the same actions and -properties. Multi-package installs are supported using the standard syntax. - -#### Actions - -* `:install` – Install the package. *(default)* -* `:upgrade` – Upgrade the package. -* `:remove` – Uninstall the package. - -The `:purge` and `:reconfigure` actions are not supported. - -#### Properties - -* `group` – System group to install the package. -* `package_name` – Package or packages to install. *(name property)* -* `path` – Path to install the package in to. If unset install using `--global`. - *(default: nil)* -* `version` – Version or versions to install. -* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the - most recently declared `javascript_runtime` will be used. Can also be set to the - full path to a `node` binary. -* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)* -* `user` – System user to install the package. - -For other properties see the [Chef documentation](https://docs.chef.io/resource_package.html#attributes). -The `response_file`, `response_file_variables`, and `source` properties are not -supported. - -### `npm_install` - -The `npm_install` resource runs `npm install` for a package. - -```ruby -npm_install '/opt/myapp' -``` - -The underlying `npm install` command will run on every converge, but notifications -will only be triggered if a package is actually installed. - -#### Actions - -* `:install` – Run `npm install`. *(default)* - -#### Properties - -* `path` – Path to the package folder containing a `package.json`. *(name attribute)* -* `group` – System group to install the packages. -* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the - most recently declared `javascript_runtime` will be used. Can also be set to the - full path to a `node` binary. -* `production` – Enable production install mode. *(default: true)* -* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)* -* `user` – System user to install the packages. - -## Javascript Providers - -### Common Options - -These provider options are supported by all providers. - -* `version` – Override the runtime version. - -### `system` - -The `system` provider installs Node.js using system packages. This is currently -only tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS -Amazon Linux, and Fedora). It may work on other platforms but is untested. - -```ruby -javascript_runtime 'myapp' do - provider :system - version '0.10' -end -``` - -#### Options - -* `dev_package` – Install the package with the headers and other development - files. Can be set to a string to select the dev package specifically. - *(default: true)* -* `package_name` – Override auto-detection of the package name. -* `package_upgrade` – Install using action `:upgrade`. *(default: false)* -* `package_version` – Override auto-detection of the package version. - -### `scl` - -The `scl` provider installs Node.js using the [Software Collections](https://www.softwarecollections.org/) -packages. This is only available on RHEL and CentOS. SCL offers more -recent versions of Node.js than the system packages for the most part. If an SCL -package exists for the requests version, it will be used in preference to the -`system` provider. - -```ruby -javascript_runtime 'myapp' do - provider :scl - version '0.10' -end -``` - -### `nodejs` - -The `nodejs` provider installs Node.js from the static binaries on nodejs.org. -Support is included for Linux and OS X. - -```ruby -javascript_runtime 'myapp' do - provider :nodejs - version '0.12' -end -``` - -#### Options - -* `path` – Folder to install Node.js to. *(default: /opt/nodejs-)* -* `static_version` – Specific version number to use for computing the URL and - path. *(default: automatic from `version`)* -* `strip_components` – Value to pass to tar --strip-components. *(automatic)* -* `url` – URL template to download the archive from. *(default: automatic)* - -### `iojs` - -The `iojs` provider installs io.js from the static binaries on iojs.org. -Support is included for Linux and OS X. - -```ruby -javascript_runtime 'myapp' do - provider :iojs - version '3' -end -``` - -#### Options - -* `path` – Folder to install io.js to. *(default: /opt/iojs-)* -* `static_version` – Specific version number to use for computing the URL and - path. *(default: automatic from `version`)* -* `strip_components` – Value to pass to tar --strip-components. *(automatic)* -* `url` – URL template to download the archive from. *(default: automatic)* - -## Sponsors - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-javascript/attributes/default.rb b/cookbooks/poise-javascript/attributes/default.rb deleted file mode 100644 index f9da36f..0000000 --- a/cookbooks/poise-javascript/attributes/default.rb +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Default inversion options. -default['poise-javascript']['provider'] = 'auto' -default['poise-javascript']['options'] = {} - -# Used for the default recipe. -default['poise-javascript']['install_nodejs'] = true -default['poise-javascript']['install_iojs'] = false diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript.rb deleted file mode 100644 index 1625ad7..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseJavascript - autoload :Error, 'poise_javascript/error' - autoload :Resources, 'poise_javascript/resources' - autoload :JavascriptCommandMixin, 'poise_javascript/javascript_command_mixin' - autoload :JavascriptProviders, 'poise_javascript/javascript_providers' - autoload :VERSION, 'poise_javascript/version' -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/cheftie.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/cheftie.rb deleted file mode 100644 index 45aa376..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources' -require 'poise_javascript/javascript_providers' diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_command_mixin.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_command_mixin.rb deleted file mode 100644 index d3690a8..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_command_mixin.rb +++ /dev/null @@ -1,56 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' -require 'poise_languages' - - -module PoiseJavascript - # Mixin for resources and providers which run Javascript commands. - # - # @since 1.0.0 - module JavascriptCommandMixin - include Poise::Utils::ResourceProviderMixin - - # Mixin for resources which run Javascript commands. - module Resource - include PoiseLanguages::Command::Mixin::Resource(:javascript, default_binary: 'node') - - # @!attribute npm_binary - # Path to the npm binary. - # @return [String] - attribute(:npm_binary, kind_of: String, default: lazy { default_npm_binary }) - - private - - # Find the default gem binary. If there is a parent use that, otherwise - # use the same logic as {PoiseRuby::RubyProviders::Base#npm_binary}. - # - # @return [String] - def default_npm_binary - if parent_javascript - parent_javascript.npm_binary - else - ::File.expand_path('../npm', javascript) - end - end - end - - module Provider - include PoiseLanguages::Command::Mixin::Provider(:javascript) - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers.rb deleted file mode 100644 index 7859cad..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers.rb +++ /dev/null @@ -1,40 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_javascript/javascript_providers/dummy' -require 'poise_javascript/javascript_providers/iojs' -require 'poise_javascript/javascript_providers/nodejs' -require 'poise_javascript/javascript_providers/scl' -require 'poise_javascript/javascript_providers/system' - - -module PoiseJavascript - # Inversion providers for the javascript_runtime resource. - # - # @since 1.0.0 - module JavascriptProviders - autoload :Base, 'poise_javascript/javascript_providers/base' - - Chef::Platform::ProviderPriorityMap.instance.priority(:javascript_runtime, [ - PoiseJavascript::JavascriptProviders::IOJS, - PoiseJavascript::JavascriptProviders::NodeJS, - PoiseJavascript::JavascriptProviders::Scl, - PoiseJavascript::JavascriptProviders::System, - ]) - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/base.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/base.rb deleted file mode 100644 index 55b2c0e..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/base.rb +++ /dev/null @@ -1,97 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'poise' - - -module PoiseJavascript - module JavascriptProviders - class Base < Chef::Provider - include Poise(inversion: :javascript_runtime) - - # Set default inversion options. - # - # @api private - def self.default_inversion_options(node, new_resource) - super.merge({ - version: new_resource.version, - }) - end - - # The `install` action for the `javascript_runtime` resource. - # - # @return [void] - def action_install - notifying_block do - install_javascript - end - end - - # The `uninstall` action for the `javascript_runtime` resource. - # - # @abstract - # @return [void] - def action_uninstall - notifying_block do - uninstall_javascript - end - end - - # The path to the `javascript` binary. This is an output property. - # - # @abstract - # @return [String] - def javascript_binary - raise NotImplementedError - end - - # The environment variables for this Javascript. This is an output property. - # - # @return [Hash] - def javascript_environment - {} - end - - # The path to the `npm` binary. This is an output property. - # - # @abstract - # @return [String] - def npm_binary - ::File.expand_path(::File.join('..', 'npm'), javascript_binary) - end - - private - - # Install the Javascript runtime. Must be implemented by subclass. - # - # @abstract - # @return [void] - def install_javascript - raise NotImplementedError - end - - # Uninstall the Javascript runtime. Must be implemented by subclass. - # - # @abstract - # @return [void] - def uninstall_javascript - raise NotImplementedError - end - - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/dummy.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/dummy.rb deleted file mode 100644 index 9ef97c8..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/dummy.rb +++ /dev/null @@ -1,77 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/javascript_providers/base' - - -module PoiseJavascript - module JavascriptProviders - # Inversion provider for the `javascript_runtime` resource to use a fake Javascript, - # for use in unit tests. - # - # @since 1.0.0 - # @provides dummy - class Dummy < Base - provides(:dummy) - - def self.default_inversion_options(node, resource) - super.merge({ - # Manual overrides for dummy data. - javascript_binary: ::File.join('', 'node'), - javascript_environment: nil, - npm_binary: nil, - }) - end - - # The `install` action for the `javascript_runtime` resource. - # - # @return [void] - def action_install - # This space left intentionally blank. - end - - # The `uninstall` action for the `javascript_runtime` resource. - # - # @return [void] - def action_uninstall - # This space left intentionally blank. - end - - # Path to the non-existent Javascript. - # - # @return [String] - def javascript_binary - options['javascript_binary'] - end - - # Environment for the non-existent Javascript. - # - # @return [String] - def javascript_environment - options['javascript_environment'] || super - end - - # Path to the non-existent npm. - # - # @return [String] - def npm_binary - options['npm_binary'] || super - end - - end - end -end - diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/iojs.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/iojs.rb deleted file mode 100644 index c6cea34..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/iojs.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages/static' - -require 'poise_javascript/error' -require 'poise_javascript/javascript_providers/base' - - -module PoiseJavascript - module JavascriptProviders - class IOJS < Base - provides(:iojs) - include PoiseLanguages::Static( - versions: %w{3.3.1 3.2.0 3.1.0 3.0.0 2.5.0 2.4.0 2.3.4 2.2.1 2.1.0 2.0.2 1.8.4 1.7.1 1.6.4 1.5.1 1.4.3 1.3.0 1.2.0 1.1.0 1.0.4}, - machines: %w{linux-i686 linux-x86_64 darwin-x86_64}, - url: 'https://iojs.org/dist/v%{version}/iojs-v%{version}-%{kernel}-%{machine}.tar.gz', - ) - - def self.provides_auto?(node, resource) - # Also work if we have a version starting with 1. 2. or 3. since that has - # to be io.js and no other mechanism supports that. - super || (resource.version.to_s =~ /^[123](\.|$)/ && static_machines.include?(static_machine_label(node))) - end - - MACHINE_LABELS = {'i386' => 'x86', 'i686' => 'x86', 'x86_64' => 'x64'} - - def static_url_variables - machine = node['kernel']['machine'] - super.merge(machine: MACHINE_LABELS[machine] || machine) - end - - def javascript_binary - ::File.join(static_folder, 'bin', 'iojs') - end - - private - - def install_javascript - install_static - end - - def uninstall_javascript - uninstall_static - end - - end - end -end - diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/nodejs.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/nodejs.rb deleted file mode 100644 index ebeac3b..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/nodejs.rb +++ /dev/null @@ -1,65 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages/static' - -require 'poise_javascript/error' -require 'poise_javascript/javascript_providers/base' - - -module PoiseJavascript - module JavascriptProviders - class NodeJS < Base - provides(:nodejs) - include PoiseLanguages::Static( - # LTS version is first so that it is what you get for version ''. - versions: %w{8.11.1 10.0.0 9.11.1 9.10.1 9.9.0 9.8.0 9.7.1 9.6.1 9.5.0 9.4.0 9.3.0 9.2.1 9.1.0 9.0.0 8.10.0 8.9.4 8.8.1 8.7.0 8.6.0 8.5.0 8.4.0 8.3.0 8.2.1 8.1.4 8.0.0 7.10.1 7.9.0 7.8.0 7.7.4 7.6.0 7.5.0 7.4.0 7.3.0 7.2.1 7.1.0 7.0.0 6.14.2 6.13.1 6.12.3 6.11.5 6.10.3 6.9.5 6.8.1 6.7.0 6.6.0 6.5.0 6.4.0 6.3.1 6.2.2 6.1.0 6.0.0 5.12.0 5.11.1 5.10.1 5.9.1 5.8.0 5.7.1 5.6.0 5.5.0 5.4.1 5.3.0 5.2.0 5.1.1 5.0.0 4.9.1 4.8.7 4.7.3 4.6.2 4.5.0 4.4.7 4.3.2 4.2.6 4.1.2 4.0.0 0.12.18 0.11.16 0.10.48 0.9.12 0.8.28 0.7.12 0.6.21 0.5.10 0.4.12 0.3.8 0.2.6 0.1.104}, - machines: %w{linux-i686 linux-x86_64 linux-armv6l linux-armv7l linux-arm64 darwin-x86_64}, - url: 'https://nodejs.org/dist/v%{version}/node-v%{version}-%{kernel}-%{machine}.tar.gz', - ) - - def self.provides_auto?(node, resource) - # Also work if we have a blank or numeric-y version. This should make - # it the default provider on supported platforms. - super || (resource.version.to_s =~ /^(\d|$)/ && static_machines.include?(static_machine_label(node))) - end - - MACHINE_LABELS = {'i386' => 'x86', 'i686' => 'x86', 'x86_64' => 'x64'} - - def static_url_variables - machine = node['kernel']['machine'] - super.merge(machine: MACHINE_LABELS[machine] || machine) - end - - def javascript_binary - ::File.join(static_folder, 'bin', 'node') - end - - private - - def install_javascript - install_static - end - - def uninstall_javascript - uninstall_static - end - - end - end -end - diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/scl.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/scl.rb deleted file mode 100644 index 22066db..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/scl.rb +++ /dev/null @@ -1,53 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages' - -require 'poise_javascript/error' -require 'poise_javascript/javascript_providers/base' - - -module PoiseJavascript - module JavascriptProviders - class Scl < Base - include PoiseLanguages::Scl::Mixin - provides(:scl) - scl_package('4.4.2', 'rh-nodejs4', 'rh-nodejs4-nodejs-devel', '>= 7.0') - scl_package('0.10.35', 'nodejs010', 'nodejs010-nodejs-devel') - - def javascript_binary - ::File.join(scl_folder, 'root', 'usr', 'bin', 'node') - end - - def javascript_environment - scl_environment - end - - private - - def install_javascript - install_scl_package - end - - def uninstall_javascript - uninstall_scl_package - end - - end - end -end - diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/system.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/system.rb deleted file mode 100644 index 965fcc0..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/javascript_providers/system.rb +++ /dev/null @@ -1,71 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages' - -require 'poise_javascript/error' -require 'poise_javascript/javascript_providers/base' - - -module PoiseJavascript - module JavascriptProviders - class System < Base - include PoiseLanguages::System::Mixin - provides(:system) - packages('nodejs', { - debian: {default: %w{nodejs}}, - ubuntu: {default: %w{nodejs}}, - # Empty arrays because no package in the base OS. - redhat: {default: %w{}}, - centos: {default: %w{}}, - fedora: {default: %w{nodejs}}, - amazon: {default: %w{}}, - }) - - def self.provides_auto?(node, resource) - # Don't auto on platforms I know have no system package by default. Kind - # of pointless since the nodejs provider will hit on these platforms - # anyway so this shouldn't ever happen. - super && !node.platform_family?('rhel') && !node.platform?('amazon') - end - - def javascript_binary - # Debian and Ubuntu after 12.04 changed the binary name ಠ_ಠ. - binary_name = node.value_for_platform(debian: {default: 'nodejs'}, ubuntu: {'12.04' => 'node', default: 'nodejs'}, default: 'node') - ::File.join('', 'usr', 'bin', binary_name) - end - - private - - def install_javascript - install_system_packages - package %w{npm nodejs-legacy} if node.platform_family?('debian') - end - - def uninstall_javascript - uninstall_system_packages - package(%w{npm nodejs-legacy}) { action :purge } if node.platform_family?('debian') - end - - def system_package_candidates(version) - # Boring :-(. - %w{nodejs nodejs-legacy node} - end - - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources.rb deleted file mode 100644 index 24a70b7..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_javascript/resources/javascript_execute' -require 'poise_javascript/resources/javascript_runtime' -require 'poise_javascript/resources/node_package' -require 'poise_javascript/resources/npm_install' - - -module PoiseJavascript - # Chef resources and providers for poise-javascript. - # - # @since 1.0.0 - module Resources - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_execute.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_execute.rb deleted file mode 100644 index f84e67e..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_execute.rb +++ /dev/null @@ -1,83 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/which' -require 'chef/provider/execute' -require 'chef/resource/execute' -require 'poise' - -require 'poise_javascript/javascript_command_mixin' - - -module PoiseJavascript - module Resources - # (see JavascriptExecute::Resource) - # @since 1.0.0 - module JavascriptExecute - # A `javascript_execute` resource to run Javascript scripts and commands. - # - # @provides javascript_execute - # @action run - # @example - # javascript_execute 'myapp.js' do - # user 'myuser' - # end - class Resource < Chef::Resource::Execute - include PoiseJavascript::JavascriptCommandMixin - provides(:javascript_execute) - actions(:run) - end - - # The default provider for `javascript_execute`. - # - # @see Resource - # @provides javascript_execute - class Provider < Chef::Provider::Execute - include Chef::Mixin::Which - provides(:javascript_execute) - - private - - # Command to pass to shell_out. - # - # @return [String, Array] - def command - if new_resource.command.is_a?(Array) - [new_resource.javascript] + new_resource.command - else - "#{new_resource.javascript} #{new_resource.command}" - end - end - - # Environment variables to pass to shell_out. - # - # @return [Hash] - def environment - if new_resource.parent_javascript - environment = new_resource.parent_javascript.javascript_environment - if new_resource.environment - environment = environment.merge(new_resource.environment) - end - environment - else - new_resource.environment - end - end - - end - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime.rb deleted file mode 100644 index da1d932..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime.rb +++ /dev/null @@ -1,85 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise' - - -module PoiseJavascript - module Resources - # (see JavascriptRuntime::Resource) - # @since 1.0.0 - module JavascriptRuntime - # A `javascript_runtime` resource to manage Javascript installations. - # - # @provides javascript_runtime - # @action install - # @action uninstall - # @example - # javascript_runtime '2.7' - class Resource < Chef::Resource - include Poise(inversion: true, container: true) - provides(:javascript_runtime) - actions(:install, :uninstall) - - # @!attribute version - # Version of Javascript to install. This is generally a NodeJS version - # but because of io.js there are shenanigans. - # @return [String] - # @example Install any version - # javascript_runtime 'any' do - # version '' - # end - attribute(:version, kind_of: String, name_attribute: true) - - # The path to the `node` binary for this Javascript installation. This is - # an output property. - # - # @return [String] - # @example - # execute "#{resources('javascript_runtime[nodejs]').javascript_binary} myapp.js" - def javascript_binary - provider_for_action(:javascript_binary).javascript_binary - end - - # The environment variables for this Javascript installation. This is an - # output property. - # - # @return [Hash] - # @example - # execute '/opt/myapp.js' do - # environment resources('javascript_runtime[nodejs]').javascript_environment - # end - def javascript_environment - provider_for_action(:javascript_environment).javascript_environment - end - - # The path to the `npm` binary for this Javascript installation. This is - # an output property. Can raise an exception if NPM is not supported for - # this runtime. - # - # @return [String] - # @example - # execute "#{resources('javascript_runtime[nodejs]').npm_binary} install" - def npm_binary - provider_for_action(:npm_binary).npm_binary - end - end - - # Providers can be found under lib/poise_javascript/javascript_providers/ - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime_test.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime_test.rb deleted file mode 100644 index 0811ad6..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/javascript_runtime_test.rb +++ /dev/null @@ -1,226 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'chef/resource' -require 'poise' - - -module PoiseJavascript - module Resources - # (see JavascriptRuntimeTest::Resource) - # @since 1.0.0 - # @api private - module JavascriptRuntimeTest - # A `javascript_runtime_test` resource for integration testing of this - # cookbook. This is an internal API and can change at any time. - # - # @provides javascript_runtime_test - # @action run - class Resource < Chef::Resource - include Poise - provides(:javascript_runtime_test) - actions(:run) - - attribute(:version, kind_of: String, name_attribute: true) - attribute(:runtime_provider, kind_of: Symbol) - attribute(:path, kind_of: String, default: lazy { default_path }) - attribute(:test_yo, equal_to: [true, false], default: true) - - def default_path - ::File.join('', 'root', "javascript_test_#{name}") - end - end - - # The default provider for `javascript_runtime_test`. - # - # @see Resource - # @provides javascript_runtime_test - class Provider < Chef::Provider - include Poise - provides(:javascript_runtime_test) - - # The `run` action for the `javascript_runtime_test` resource. - # - # @return [void] - def action_run - notifying_block do - # Top level directory for this test. - directory new_resource.path - - # Install and log the version. - javascript_runtime new_resource.name do - provider new_resource.runtime_provider if new_resource.runtime_provider - version new_resource.version - end - test_version - - # Create a package and test npm_install. - pkg_path = ::File.join(new_resource.path, 'pkg') - directory pkg_path - file ::File.join(pkg_path, 'package.json') do - content <<-EOH -{ - "name": "mypkg", - "version": "1.0.0", - "description": "", - "main": "index.js", - "scripts": { - "test": "echo \\"Error: no test specified\\" && exit 1" - }, - "author": "", - "license": "ISC", - "dependencies": { - "express": "4.13.3" - }, - "devDependencies": { - "handlebars": "4.0.2" - } -} -EOH - end - npm_install pkg_path do - notifies :create, sentinel_file('npm_install_one'), :immediately - end - npm_install pkg_path+'2' do - path pkg_path - notifies :create, sentinel_file('npm_install_two'), :immediately - end - test_require('express', pkg_path) - test_require('handlebars', pkg_path) - - # Test node_package. - test1_path = ::File.join(new_resource.path, 'test1') - directory test1_path - node_package 'express' do - path test1_path - notifies :create, sentinel_file('test1_express_one'), :immediately - end - node_package 'express two' do - package_name 'express' - path test1_path - notifies :create, sentinel_file('test1_express_two'), :immediately - end - node_package %w{gulp less} do - path test1_path - notifies :create, sentinel_file('test1_multi'), :immediately - end - node_package %w{express bower} do - path test1_path - notifies :create, sentinel_file('test1_multi_overlap'), :immediately - end - node_package 'bower' do - path test1_path - notifies :create, sentinel_file('test1_bower'), :immediately - end - node_package 'yo' do - path test1_path - version '1.4.5' - end if new_resource.test_yo - node_package 'forever' do - path test1_path - version '0.13.0' - end - test_require('express', test1_path, 'node_package_express') - test_require('gulp', test1_path) - test_require('less', test1_path) - test_require('bower', test1_path) - if new_resource.test_yo - test_require('yo', test1_path) - else - file ::File.join(new_resource.path, 'no_yo') - end - test_require('forever', test1_path) - - # Check we don't get cross talk between paths. - test2_path = ::File.join(new_resource.path, 'test2') - directory test2_path - node_package 'express' do - path test2_path - notifies :create, sentinel_file('test2_express'), :immediately - end - - # Test global installs. - node_package 'grunt-cli' do - notifies :create, sentinel_file('grunt_one'), :immediately - end - node_package 'grunt-cli two' do - package_name 'grunt-cli' - notifies :create, sentinel_file('grunt_two'), :immediately - end - test_require('grunt-cli', new_resource.path) - javascript_execute 'grunt-cli --version' do - command lazy { - # Check local/bin first and then just bin/. - grunt_path = ::File.expand_path('../../local/bin/grunt', javascript) - grunt_path = ::File.expand_path('../grunt', javascript) unless ::File.exist?(grunt_path) - "#{grunt_path} --version > #{::File.join(new_resource.path, 'grunt_version')}" - } - end - - end - end - - def sentinel_file(name) - file ::File.join(new_resource.path, "sentinel_#{name}") do - action :nothing - end - end - - private - - def test_version(javascript: new_resource.name) - # Only queue up this resource once, the ivar is just for tracking. - @javascript_version_test ||= file ::File.join(new_resource.path, 'javascript_version.js') do - user 'root' - group 'root' - mode '644' - content <<-EOH -var fs = require('fs'); -fs.writeFileSync(process.argv[2], process.version); -EOH - end - - javascript_execute "#{@javascript_version_test.path} #{::File.join(new_resource.path, 'version')}" do - javascript javascript if javascript - end - end - - def test_require(name, cwd, path=name, javascript: new_resource.name) - javascript_require_test = file ::File.join(cwd, 'javascript_require.js') do - user 'root' - group 'root' - mode '644' - content <<-EOH -var fs = require('fs'); -try { - var version = require(process.argv[2] + '/package.json').version; - fs.writeFileSync(process.argv[3], version); -} catch(e) { -} -EOH - end - - javascript_execute "#{javascript_require_test.path} #{name} #{::File.join(new_resource.path, "require_#{path}")}" do - javascript javascript if javascript - cwd cwd - end - end - - end - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/node_package.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/node_package.rb deleted file mode 100644 index c368942..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/node_package.rb +++ /dev/null @@ -1,254 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/json_compat' -require 'chef/provider/package' -require 'chef/resource/package' -require 'poise' - -require 'poise_javascript/error' -require 'poise_javascript/javascript_command_mixin' - - -module PoiseJavascript - module Resources - # (see NodePackage::Resource) - # @since 1.0.0 - module NodePackage - # A `node_package` resource to manage Node.js packages using npm. - # - # @provides node_package - # @action install - # @action upgrade - # @action uninstall - # @example - # node_package 'express' do - # javascript '0.10' - # version '1.8.3' - # end - class Resource < Chef::Resource::Package - include PoiseJavascript::JavascriptCommandMixin - provides(:node_package) - # Manually create matchers because #actions is unreliable. - %i{install upgrade remove}.each do |action| - Poise::Helpers::ChefspecMatchers.create_matcher(:node_package, action) - end - - # @!attribute group - # System group to install the package. - # @return [String, Integer, nil] - attribute(:group, kind_of: [String, Integer, NilClass]) - # @!attribute path - # Path to install the package in to. If unset install using --global. - # @return [String, nil, false] - attribute(:path, kind_of: [String, NilClass, FalseClass]) - # @!attribute unsafe_perm - # Enable --unsafe-perm. - # @return [Boolean, nil] - attribute(:unsafe_perm, equal_to: [true, false, nil], default: true) - # @!attribute user - # System user to install the package. - # @return [String, Integer, nil] - attribute(:user, kind_of: [String, Integer, NilClass]) - - def initialize(*args) - super - # For older Chef. - @resource_name = :node_package - # We don't have these actions. - @allowed_actions.delete(:purge) - @allowed_actions.delete(:reconfig) - end - - # Upstream attribute we don't support. Sets are an error and gets always - # return nil. - # - # @api private - # @param arg [Object] Ignored - # @return [nil] - def response_file(arg=nil) - raise NoMethodError if arg - end - - # (see #response_file) - def response_file_variables(arg=nil) - raise NoMethodError if arg && arg != {} - end - end - - # The default provider for the `node_package` resource. - # - # @see Resource - class Provider < Chef::Provider::Package - include PoiseJavascript::JavascriptCommandMixin - provides(:node_package) - - # Load current and candidate versions for all needed packages. - # - # @api private - # @return [Chef::Resource] - def load_current_resource - @current_resource = new_resource.class.new(new_resource.name, run_context) - current_resource.package_name(new_resource.package_name) - check_package_versions(current_resource) - current_resource - end - - # Populate current and candidate versions for all needed packages. - # - # @api private - # @param resource [PoiseJavascript::Resources::NodePackage::Resource] - # Resource to load for. - # @return [void] - def check_package_versions(resource) - version_data = Hash.new {|hash, key| hash[key] = {current: nil, candidate: nil} } - # Get the version for everything currently installed. - list_args = npm_version?('>= 1.4.16') ? %w{--depth 0} : [] - npm_shell_out!('list', list_args).fetch('dependencies', {}).each do |pkg_name, pkg_data| - version_data[pkg_name][:current] = pkg_data['version'] - end - # If any requested packages are currently installed, run npm outdated - # to look for candidate versions. Older npm doesn't support --json - # here so you get slow behavior, sorry. - requested_packages = Set.new(Array(resource.package_name)) - if npm_version?('>= 1.3.16') && version_data.any? {|pkg_name, _pkg_vers| requested_packages.include?(pkg_name) } - outdated = npm_shell_out!('outdated', returns: [0, 1]) || {} - version_data.each do |pkg_name, pkg_vers| - pkg_vers[:candidate] = if outdated.include?(pkg_name) - outdated[pkg_name]['wanted'] - else - # If it was already installed and not listed in outdated, it - # must have been up to date already. - pkg_vers[:current] - end - end - end - # Check for candidates for anything else we didn't get from outdated. - requested_packages.each do |pkg_name| - version_data[pkg_name][:candidate] ||= npm_shell_out!('show', [pkg_name])['version'] - end - # Populate the current resource and candidate versions. Youch this is - # a gross mix of data flow. - if(resource.package_name.is_a?(Array)) - @candidate_version = [] - versions = [] - [resource.package_name].flatten.each do |name| - ver = version_data[name.downcase] - versions << ver[:current] - @candidate_version << ver[:candidate] - end - resource.version(versions) - else - ver = version_data[resource.package_name.downcase] - resource.version(ver[:current]) - @candidate_version = ver[:candidate] - end - end - - # Install package(s) using npm. - # - # @param name [String, Array] Name(s) of package(s). - # @param version [String, Array] Version(s) of package(s). - # @return [void] - def install_package(name, version) - args = [] - # Set --unsafe-perm unless the property is nil. - unless new_resource.unsafe_perm.nil? - args << '--unsafe-perm' - args << new_resource.unsafe_perm.to_s - end - # Build up the actual package install args. - if new_resource.source - args << new_resource.source - else - Array(name).zip(Array(version)) do |pkg_name, pkg_ver| - args << "#{pkg_name}@#{pkg_ver}" - end - end - npm_shell_out!('install', args, parse_json: false) - end - - # Upgrade and install are the same for NPM. - alias_method :upgrade_package, :install_package - - # Uninstall package(s) using npm. - # - # @param name [String, Array] Name(s) of package(s). - # @param version [String, Array] Version(s) of package(s). - # @return [void] - def remove_package(name, version) - npm_shell_out!('uninstall', [name].flatten, parse_json: false) - end - - private - - # Run an npm command. - # - # @param subcmd [String] Subcommand to run. - # @param args [Array] Command arguments. - # @param parse_json [Boolean] Parse the JSON on stdout. - # @return [Hash] - def npm_shell_out!(subcmd, args=[], parse_json: true, **kwargs) - cmd = [new_resource.npm_binary, subcmd, '--json'] - # If path is nil, we are in global mode. - cmd << '--global' unless new_resource.path - # Add the rest. - cmd.concat(args) - # If we are in global mode, cwd will be nil so probably just fine. Add - # the directory for the node binary to $PATH for post-install stuffs. - new_path = [::File.dirname(new_resource.javascript), ENV['PATH'].to_s].join(::File::PATH_SEPARATOR) - out = javascript_shell_out!(cmd, cwd: new_resource.path, group: new_resource.group, user: new_resource.user, environment: {'PATH' => new_path}, **kwargs) - if parse_json - # Parse the JSON. - if out.stdout.strip.empty? - {} - else - Chef::JSONCompat.parse(out.stdout) - end - else - out - end - end - - # Find the version of the current npm binary. - # - # @return [Gem::Version] - def npm_version - @npm_version ||= begin - out = javascript_shell_out!([new_resource.npm_binary, 'version']) - # Older NPM doesn't support --json here we get to regex! - # The line we want looks like: - # npm: '2.12.1' - if out.stdout =~ /npm: '([^']+)'/ - Gem::Version.new($1) - else - raise PoiseJavascript::Error.new("Unable to parse NPM version from #{out.stdout.inspect}") - end - end - end - - # Check the NPM version against a requirement. - # - # @param req [String] Requirement string in Gem::Requirement format. - # @return [Boolean] - def npm_version?(req) - Gem::Requirement.new(req).satisfied_by?(npm_version) - end - - end - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/npm_install.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/npm_install.rb deleted file mode 100644 index 6179a53..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/resources/npm_install.rb +++ /dev/null @@ -1,98 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'chef/resource' -require 'poise' - -require 'poise_javascript/javascript_command_mixin' - - -module PoiseJavascript - module Resources - # (see NpmInstall::Resource) - # @since 1.0.0 - module NpmInstall - # A `npm_install` resource to install NPM packages based on a package.json. - # - # @provides npm_install - # @action install - # @example - # npm_install '/opt/myapp' - class Resource < Chef::Resource - include PoiseJavascript::JavascriptCommandMixin - provides(:npm_install) - actions(:install) - - # @!attribute path - # Directory to run `npm install` from. - # @return [String] - attribute(:path, kind_of: String, name_attribute: true) - # @!attribute group - # System group to install the packages. - # @return [String, Integer, nil] - attribute(:group, kind_of: [String, Integer, NilClass]) - # @!attribute production - # Enable production install mode. - # @return [Boolean] - attribute(:production, equal_to: [true, false], default: true) - # @!attribute timeout - # Command execution timeout. - # @return [Integer] - attribute(:timeout, kind_of: Integer, default: 900) - # @!attribute unsafe_perm - # Enable --unsafe-perm. - # @return [Boolean, nil] - attribute(:unsafe_perm, equal_to: [true, false, nil], default: true) - # @!attribute user - # System user to install the packages. - # @return [String, Integer, nil] - attribute(:user, kind_of: [String, Integer, NilClass]) - end - - # The default provider for `npm_install`. - # - # @see Resource - # @provides npm_install - class Provider < Chef::Provider - include Poise - include PoiseJavascript::JavascriptCommandMixin - provides(:npm_install) - - # The `install` action for the `npm_install` resource. - # - # @return [void] - def action_install - cmd = [new_resource.npm_binary, 'install', '--no-audit'] - cmd << '--production' if new_resource.production - # Set --unsafe-perm unless the property is nil. - unless new_resource.unsafe_perm.nil? - cmd << '--unsafe-perm' - cmd << new_resource.unsafe_perm.to_s - end - # Add the directory for the node binary to $PATH for post-install stuffs. - new_path = [::File.dirname(new_resource.javascript), ENV['PATH'].to_s].join(::File::PATH_SEPARATOR) - output = javascript_shell_out!(cmd, cwd: new_resource.path, user: new_resource.user, group: new_resource.group, environment: {'PATH' => new_path}, timeout: new_resource.timeout).stdout - unless output.strip.empty? || output.include?('up to date') - # Any output means it did something for old NPM, "up to date" for newer. - new_resource.updated_by_last_action(true) - end - end - - end - end - end -end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/version.rb b/cookbooks/poise-javascript/files/halite_gem/poise_javascript/version.rb deleted file mode 100644 index c60017a..0000000 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseJavascript - VERSION = '1.2.1.pre' -end diff --git a/cookbooks/poise-javascript/libraries/default.rb b/cookbooks/poise-javascript/libraries/default.rb deleted file mode 100644 index 1f32012..0000000 --- a/cookbooks/poise-javascript/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_javascript/cheftie" diff --git a/cookbooks/poise-javascript/metadata.json b/cookbooks/poise-javascript/metadata.json deleted file mode 100644 index f58b9c2..0000000 --- a/cookbooks/poise-javascript/metadata.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "name": "poise-javascript", - "description": "A Chef cookbook for managing Node.js and io.js installations.", - "long_description": "# Poise-Javascript Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-javascript.svg)](https://travis-ci.org/poise/poise-javascript)\n[![Gem Version](https://img.shields.io/gem/v/poise-javascript.svg)](https://rubygems.org/gems/poise-javascript)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-javascript.svg)](https://supermarket.chef.io/cookbooks/poise-javascript)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-javascript.svg)](https://codecov.io/github/poise/poise-javascript)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-javascript.svg)](https://gemnasium.com/poise/poise-javascript)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to provide a unified interface for\ninstalling server-side JavaScript runtimes like Node.js and io.js.\n\n## Quick Start\n\nTo install the latest available version of Node.js 0.12:\n\n```ruby\njavascript_runtime '0.12'\n```\n\n## Supported JavaScript Runtimes\n\nThis cookbook can install Node.js and io.js on Linux and OS X.\n\n## Requirements\n\nChef 12.1 or newer is required.\n\n## Attributes\n\nAttributes are used to configure the default recipe.\n\n* `node['poise-javascript']['install_nodejs']` – Install a Node.js runtime. *(default: true)*\n* `node['poise-javascript']['install_iojs']` – Install an io.js runtime. *(default: false)*\n\n## Recipes\n\n### `default`\n\nThe default recipe installs Node.js or io.js based on the node attributes. It is\nentirely optional and can be ignored in favor of direct use of the\n`javascript_runtime` resource.\n\n## Resources\n\n### `javascript_runtime`\n\nThe `javascript_runtime` resource installs a JavaScript interpreter.\n\n```ruby\njavascript_runtime '0.12'\n```\n\n#### Actions\n\n* `:install` – Install the JavaScript interpreter. *(default)*\n* `:uninstall` – Uninstall the JavaScript interpreter.\n\n#### Properties\n\n* `version` – Version of the runtime to install. If a partial version is given,\n use the latest available version matching that prefix. *(name property)*\n\n#### Provider Options\n\nThe `poise-javascript` library offers an additional way to pass configuration\ninformation to the final provider called \"options\". Options are key/value pairs\nthat are passed down to the `javascript_runtime` provider and can be used to control how it\ninstalls JavaScript. These can be set in the `javascript_runtime`\nresource using the `options` method, in node attributes or via the\n`javascript_runtime_options` resource. The options from all sources are merged\ntogether in to a single hash.\n\nWhen setting options in the resource you can either set them for all providers:\n\n```ruby\njavascript_runtime 'myapp' do\n version '0.10'\n options dev_package: false\nend\n```\n\nor for a single provider:\n\n```ruby\njavascript_runtime 'myapp' do\n version '0.10'\n options :system, dev_package: false\nend\n```\n\nSetting via node attributes is generally how an end-user or application cookbook\nwill set options to customize installations in the library cookbooks they are using.\nYou can set options for all installations or for a single runtime:\n\n```ruby\n# Global, for all installations.\noverride['poise-javascript']['options']['version'] = '0.10'\n# Single installation.\noverride['poise-javascript']['myapp']['version'] = 'iojs'\n```\n\nThe `javascript_runtime_options` resource is also available to set node attributes\nfor a specific installation in a DSL-friendly way:\n\n```ruby\njavascript_runtime_options 'myapp' do\n version 'iojs'\nend\n```\n\nUnlike resource attributes, provider options can be different for each provider.\nNot all providers support the same options so make sure to the check the\ndocumentation for each provider to see what options the use.\n\n### `javascript_runtime_options`\n\nThe `javascript_runtime_options` resource allows setting provider options in a\nDSL-friendly way. See [the Provider Options](#provider-options) section for more\ninformation about provider options overall.\n\n```ruby\njavascript_runtime_options 'myapp' do\n version 'iojs'\nend\n```\n\n#### Actions\n\n* `:run` – Apply the provider options. *(default)*\n\n#### Properties\n\n* `resource` – Name of the `javascript_runtime` resource. *(name property)*\n* `for_provider` – Provider to set options for.\n\nAll other attribute keys will be used as options data.\n\n### `javascript_execute`\n\nThe `javascript_execute` resource executes a JavaScript script using the configured runtime.\n\n```ruby\njavascript_execute 'myapp.js' do\n user 'myuser'\nend\n```\n\nThis uses the built-in `execute` resource and supports all the same properties.\n\n#### Actions\n\n* `:run` – Execute the script. *(default)*\n\n#### Properties\n\n* `command` – Script and arguments to run. Must not include the `node`. *(name attribute)*\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n\nFor other properties see the [Chef documentation](https://docs.chef.io/resource_execute.html#attributes).\n\n### `node_package`\n\nThe `node_package` resource installs Node.js packages using\n[NPM](https://www.npmjs.com/).\n\n```ruby\nnode_package 'express' do\n version '4.13.3'\nend\n```\n\nThis uses the built-in `package` resource and supports the same actions and\nproperties. Multi-package installs are supported using the standard syntax.\n\n#### Actions\n\n* `:install` – Install the package. *(default)*\n* `:upgrade` – Upgrade the package.\n* `:remove` – Uninstall the package.\n\nThe `:purge` and `:reconfigure` actions are not supported.\n\n#### Properties\n\n* `group` – System group to install the package.\n* `package_name` – Package or packages to install. *(name property)*\n* `path` – Path to install the package in to. If unset install using `--global`.\n *(default: nil)*\n* `version` – Version or versions to install.\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)*\n* `user` – System user to install the package.\n\nFor other properties see the [Chef documentation](https://docs.chef.io/resource_package.html#attributes).\nThe `response_file`, `response_file_variables`, and `source` properties are not\nsupported.\n\n### `npm_install`\n\nThe `npm_install` resource runs `npm install` for a package.\n\n```ruby\nnpm_install '/opt/myapp'\n```\n\nThe underlying `npm install` command will run on every converge, but notifications\nwill only be triggered if a package is actually installed.\n\n#### Actions\n\n* `:install` – Run `npm install`. *(default)*\n\n#### Properties\n\n* `path` – Path to the package folder containing a `package.json`. *(name attribute)*\n* `group` – System group to install the packages.\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n* `production` – Enable production install mode. *(default: true)*\n* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)*\n* `user` – System user to install the packages.\n\n## Javascript Providers\n\n### Common Options\n\nThese provider options are supported by all providers.\n\n* `version` – Override the runtime version.\n\n### `system`\n\nThe `system` provider installs Node.js using system packages. This is currently\nonly tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS\nAmazon Linux, and Fedora). It may work on other platforms but is untested.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :system\n version '0.10'\nend\n```\n\n#### Options\n\n* `dev_package` – Install the package with the headers and other development\n files. Can be set to a string to select the dev package specifically.\n *(default: true)*\n* `package_name` – Override auto-detection of the package name.\n* `package_upgrade` – Install using action `:upgrade`. *(default: false)*\n* `package_version` – Override auto-detection of the package version.\n\n### `scl`\n\nThe `scl` provider installs Node.js using the [Software Collections](https://www.softwarecollections.org/)\npackages. This is only available on RHEL and CentOS. SCL offers more\nrecent versions of Node.js than the system packages for the most part. If an SCL\npackage exists for the requests version, it will be used in preference to the\n`system` provider.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :scl\n version '0.10'\nend\n```\n\n### `nodejs`\n\nThe `nodejs` provider installs Node.js from the static binaries on nodejs.org.\nSupport is included for Linux and OS X.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :nodejs\n version '0.12'\nend\n```\n\n#### Options\n\n* `path` – Folder to install Node.js to. *(default: /opt/nodejs-)*\n* `static_version` – Specific version number to use for computing the URL and\n path. *(default: automatic from `version`)*\n* `strip_components` – Value to pass to tar --strip-components. *(automatic)*\n* `url` – URL template to download the archive from. *(default: automatic)*\n\n### `iojs`\n\nThe `iojs` provider installs io.js from the static binaries on iojs.org.\nSupport is included for Linux and OS X.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :iojs\n version '3'\nend\n```\n\n#### Options\n\n* `path` – Folder to install io.js to. *(default: /opt/iojs-)*\n* `static_version` – Specific version number to use for computing the URL and\n path. *(default: automatic from `version`)*\n* `strip_components` – Value to pass to tar --strip-components. *(automatic)*\n* `url` – URL template to download the archive from. *(default: automatic)*\n\n## Sponsors\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n", - "maintainer": "Noah Kantrowitz", - "maintainer_email": "noah@coderanger.net", - "license": "Apache-2.0", - "platforms": { - "amazon": ">= 0.0.0", - "arch": ">= 0.0.0", - "centos": ">= 0.0.0", - "debian": ">= 0.0.0", - "fedora": ">= 0.0.0", - "gentoo": ">= 0.0.0", - "mac_os_x": ">= 0.0.0", - "opensuse": ">= 0.0.0", - "oracle": ">= 0.0.0", - "raspbian": ">= 0.0.0", - "redhat": ">= 0.0.0", - "slackware": ">= 0.0.0", - "suse": ">= 0.0.0", - "ubuntu": ">= 0.0.0" - }, - "dependencies": { - "poise": "~> 2.0", - "poise-languages": "~> 2.0" - }, - "providing": { - - }, - "recipes": { - - }, - "version": "1.2.1", - "source_url": "https://github.com/poise/poise-javascript", - "issues_url": "https://github.com/poise/poise-javascript/issues", - "privacy": false, - "chef_versions": [ - [ - ">= 12.14" - ] - ], - "ohai_versions": [ - - ], - "gems": [ - - ], - "eager_load_libraries": true -} diff --git a/cookbooks/poise-javascript/metadata.rb b/cookbooks/poise-javascript/metadata.rb deleted file mode 100644 index fb9e66c..0000000 --- a/cookbooks/poise-javascript/metadata.rb +++ /dev/null @@ -1,42 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -name "poise-javascript" -version "1.2.1" -description "A Chef cookbook for managing Node.js and io.js installations." -long_description "# Poise-Javascript Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-javascript.svg)](https://travis-ci.org/poise/poise-javascript)\n[![Gem Version](https://img.shields.io/gem/v/poise-javascript.svg)](https://rubygems.org/gems/poise-javascript)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-javascript.svg)](https://supermarket.chef.io/cookbooks/poise-javascript)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-javascript.svg)](https://codecov.io/github/poise/poise-javascript)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-javascript.svg)](https://gemnasium.com/poise/poise-javascript)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to provide a unified interface for\ninstalling server-side JavaScript runtimes like Node.js and io.js.\n\n## Quick Start\n\nTo install the latest available version of Node.js 0.12:\n\n```ruby\njavascript_runtime '0.12'\n```\n\n## Supported JavaScript Runtimes\n\nThis cookbook can install Node.js and io.js on Linux and OS X.\n\n## Requirements\n\nChef 12.1 or newer is required.\n\n## Attributes\n\nAttributes are used to configure the default recipe.\n\n* `node['poise-javascript']['install_nodejs']` – Install a Node.js runtime. *(default: true)*\n* `node['poise-javascript']['install_iojs']` – Install an io.js runtime. *(default: false)*\n\n## Recipes\n\n### `default`\n\nThe default recipe installs Node.js or io.js based on the node attributes. It is\nentirely optional and can be ignored in favor of direct use of the\n`javascript_runtime` resource.\n\n## Resources\n\n### `javascript_runtime`\n\nThe `javascript_runtime` resource installs a JavaScript interpreter.\n\n```ruby\njavascript_runtime '0.12'\n```\n\n#### Actions\n\n* `:install` – Install the JavaScript interpreter. *(default)*\n* `:uninstall` – Uninstall the JavaScript interpreter.\n\n#### Properties\n\n* `version` – Version of the runtime to install. If a partial version is given,\n use the latest available version matching that prefix. *(name property)*\n\n#### Provider Options\n\nThe `poise-javascript` library offers an additional way to pass configuration\ninformation to the final provider called \"options\". Options are key/value pairs\nthat are passed down to the `javascript_runtime` provider and can be used to control how it\ninstalls JavaScript. These can be set in the `javascript_runtime`\nresource using the `options` method, in node attributes or via the\n`javascript_runtime_options` resource. The options from all sources are merged\ntogether in to a single hash.\n\nWhen setting options in the resource you can either set them for all providers:\n\n```ruby\njavascript_runtime 'myapp' do\n version '0.10'\n options dev_package: false\nend\n```\n\nor for a single provider:\n\n```ruby\njavascript_runtime 'myapp' do\n version '0.10'\n options :system, dev_package: false\nend\n```\n\nSetting via node attributes is generally how an end-user or application cookbook\nwill set options to customize installations in the library cookbooks they are using.\nYou can set options for all installations or for a single runtime:\n\n```ruby\n# Global, for all installations.\noverride['poise-javascript']['options']['version'] = '0.10'\n# Single installation.\noverride['poise-javascript']['myapp']['version'] = 'iojs'\n```\n\nThe `javascript_runtime_options` resource is also available to set node attributes\nfor a specific installation in a DSL-friendly way:\n\n```ruby\njavascript_runtime_options 'myapp' do\n version 'iojs'\nend\n```\n\nUnlike resource attributes, provider options can be different for each provider.\nNot all providers support the same options so make sure to the check the\ndocumentation for each provider to see what options the use.\n\n### `javascript_runtime_options`\n\nThe `javascript_runtime_options` resource allows setting provider options in a\nDSL-friendly way. See [the Provider Options](#provider-options) section for more\ninformation about provider options overall.\n\n```ruby\njavascript_runtime_options 'myapp' do\n version 'iojs'\nend\n```\n\n#### Actions\n\n* `:run` – Apply the provider options. *(default)*\n\n#### Properties\n\n* `resource` – Name of the `javascript_runtime` resource. *(name property)*\n* `for_provider` – Provider to set options for.\n\nAll other attribute keys will be used as options data.\n\n### `javascript_execute`\n\nThe `javascript_execute` resource executes a JavaScript script using the configured runtime.\n\n```ruby\njavascript_execute 'myapp.js' do\n user 'myuser'\nend\n```\n\nThis uses the built-in `execute` resource and supports all the same properties.\n\n#### Actions\n\n* `:run` – Execute the script. *(default)*\n\n#### Properties\n\n* `command` – Script and arguments to run. Must not include the `node`. *(name attribute)*\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n\nFor other properties see the [Chef documentation](https://docs.chef.io/resource_execute.html#attributes).\n\n### `node_package`\n\nThe `node_package` resource installs Node.js packages using\n[NPM](https://www.npmjs.com/).\n\n```ruby\nnode_package 'express' do\n version '4.13.3'\nend\n```\n\nThis uses the built-in `package` resource and supports the same actions and\nproperties. Multi-package installs are supported using the standard syntax.\n\n#### Actions\n\n* `:install` – Install the package. *(default)*\n* `:upgrade` – Upgrade the package.\n* `:remove` – Uninstall the package.\n\nThe `:purge` and `:reconfigure` actions are not supported.\n\n#### Properties\n\n* `group` – System group to install the package.\n* `package_name` – Package or packages to install. *(name property)*\n* `path` – Path to install the package in to. If unset install using `--global`.\n *(default: nil)*\n* `version` – Version or versions to install.\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)*\n* `user` – System user to install the package.\n\nFor other properties see the [Chef documentation](https://docs.chef.io/resource_package.html#attributes).\nThe `response_file`, `response_file_variables`, and `source` properties are not\nsupported.\n\n### `npm_install`\n\nThe `npm_install` resource runs `npm install` for a package.\n\n```ruby\nnpm_install '/opt/myapp'\n```\n\nThe underlying `npm install` command will run on every converge, but notifications\nwill only be triggered if a package is actually installed.\n\n#### Actions\n\n* `:install` – Run `npm install`. *(default)*\n\n#### Properties\n\n* `path` – Path to the package folder containing a `package.json`. *(name attribute)*\n* `group` – System group to install the packages.\n* `javascript` – Name of the `javascript_runtime` resource to use. If not specified, the\n most recently declared `javascript_runtime` will be used. Can also be set to the\n full path to a `node` binary.\n* `production` – Enable production install mode. *(default: true)*\n* `unsafe_perm` – Enable `--unsafe-perm`. *(default: true)*\n* `user` – System user to install the packages.\n\n## Javascript Providers\n\n### Common Options\n\nThese provider options are supported by all providers.\n\n* `version` – Override the runtime version.\n\n### `system`\n\nThe `system` provider installs Node.js using system packages. This is currently\nonly tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS\nAmazon Linux, and Fedora). It may work on other platforms but is untested.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :system\n version '0.10'\nend\n```\n\n#### Options\n\n* `dev_package` – Install the package with the headers and other development\n files. Can be set to a string to select the dev package specifically.\n *(default: true)*\n* `package_name` – Override auto-detection of the package name.\n* `package_upgrade` – Install using action `:upgrade`. *(default: false)*\n* `package_version` – Override auto-detection of the package version.\n\n### `scl`\n\nThe `scl` provider installs Node.js using the [Software Collections](https://www.softwarecollections.org/)\npackages. This is only available on RHEL and CentOS. SCL offers more\nrecent versions of Node.js than the system packages for the most part. If an SCL\npackage exists for the requests version, it will be used in preference to the\n`system` provider.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :scl\n version '0.10'\nend\n```\n\n### `nodejs`\n\nThe `nodejs` provider installs Node.js from the static binaries on nodejs.org.\nSupport is included for Linux and OS X.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :nodejs\n version '0.12'\nend\n```\n\n#### Options\n\n* `path` – Folder to install Node.js to. *(default: /opt/nodejs-)*\n* `static_version` – Specific version number to use for computing the URL and\n path. *(default: automatic from `version`)*\n* `strip_components` – Value to pass to tar --strip-components. *(automatic)*\n* `url` – URL template to download the archive from. *(default: automatic)*\n\n### `iojs`\n\nThe `iojs` provider installs io.js from the static binaries on iojs.org.\nSupport is included for Linux and OS X.\n\n```ruby\njavascript_runtime 'myapp' do\n provider :iojs\n version '3'\nend\n```\n\n#### Options\n\n* `path` – Folder to install io.js to. *(default: /opt/iojs-)*\n* `static_version` – Specific version number to use for computing the URL and\n path. *(default: automatic from `version`)*\n* `strip_components` – Value to pass to tar --strip-components. *(automatic)*\n* `url` – URL template to download the archive from. *(default: automatic)*\n\n## Sponsors\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n" -maintainer "Noah Kantrowitz" -maintainer_email "noah@coderanger.net" -source_url "https://github.com/poise/poise-javascript" if defined?(source_url) -issues_url "https://github.com/poise/poise-javascript/issues" if defined?(issues_url) -license "Apache-2.0" -depends "poise", "~> 2.0" -depends "poise-languages", "~> 2.0" -chef_version ">= 12.14" if defined?(chef_version) -supports "amazon" -supports "arch" -supports "centos" -supports "debian" -supports "fedora" -supports "gentoo" -supports "mac_os_x" -supports "opensuse" -supports "oracle" -supports "raspbian" -supports "redhat" -supports "slackware" -supports "suse" -supports "ubuntu" diff --git a/cookbooks/poise-javascript/recipes/default.rb b/cookbooks/poise-javascript/recipes/default.rb deleted file mode 100644 index 0c9ab14..0000000 --- a/cookbooks/poise-javascript/recipes/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Default runtimes, last one will be the default. -javascript_runtime 'iojs' if node['poise-javascript']['install_iojs'] -javascript_runtime 'nodejs' if node['poise-javascript']['install_nodejs'] diff --git a/cookbooks/poise-languages/CHANGELOG.md b/cookbooks/poise-languages/CHANGELOG.md deleted file mode 100644 index 3ebbbe0..0000000 --- a/cookbooks/poise-languages/CHANGELOG.md +++ /dev/null @@ -1,89 +0,0 @@ -# Changelog - -## v2.1.2 - -* Drop support for Chef that uses Ruby 2.1 (<= 12.13). -* Fix handling of RPM epoch prefixes in the system package resource. - -## v2.1.1 - -* Fix the SCL repository enable command for RHEL. -* Internal refactoring of the system package installer. - -## v2.1.0 - -* Allow customizing properties on the system package install resource via a block - -## v2.0.5 - -* Fixes to work with the latest Chef (again). - -## v2.0.4 - -* Fixes to work with the latest Chef. - -## v2.0.3 - -* Correct the subscription repository name used for SCLs on RedHat. - -## v2.0.2 - -* Don't try to use SCL providers on Amazon Linux. - -## v2.0.1 - -* Don't error on `Chef::Decorator::Lazy` proxy objects for `candidate_version`. -* Retry system and SCL package installs because transient network failures. - -## v2.0.0 - -* Backwards-incompatible change to SCL management to comply with their new repo - packages and layout. Uses `centos-release-scl-rh` repo package or the - `rhel-variant-rhscl` RedHat subscription. - -## v1.4.0 - -* Use `poise-archive` to unpack static binary archives. This should work better - on AIX and Solaris, as well as making it easier to add more archive formats in - the future. - -## v1.3.3 - -* [#3](https://github.com/poise/poise-languages/pull/3) Fix `static` binary - installation on AIX and Solaris. -* Only run the candidate version check for `system` installs when we aren't - passing in package_version. - -## v1.3.2 - -* Handle static archive unpacking correctly when a single download is shared - between two paths. - -## v1.3.1 - -* Fix system package installs on OS X. - -## v1.3.0 - -* `%{machine_label}` is available in URL template for static download. -* Automatically retry `remote_file` downloads to handle transient HTTP failures. -* All `*_shell_out` language command helpers use `poise_shell_out` to set `$HOME` - and other environment variables by default. - -## v1.2.0 - -* Support for installing development headers with SCL providers. -* Add `PoiseLanguages::Utils.shelljoin` for encoding command arrays with some - bash metadata characters allowed. -* [#1](https://github.com/poise/poise-languages/pull/1) Fix typo in gemspec. - -## v1.1.0 - -* Add helpers for installing from static archives. -* Improve auto-selection rules for system and SCL providers. -* Support SCL packages that depend on other SCL packages. -* Support Ruby 2.0 again. - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise-languages/README.md b/cookbooks/poise-languages/README.md deleted file mode 100644 index 30bc6da..0000000 --- a/cookbooks/poise-languages/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# Poise-Languages Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-languages.svg)](https://travis-ci.org/poise/poise-languages) -[![Gem Version](https://img.shields.io/gem/v/poise-languages.svg)](https://rubygems.org/gems/poise-languages) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-languages.svg)](https://supermarket.chef.io/cookbooks/poise-languages) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-languages.svg)](https://codecov.io/github/poise/poise-languages) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-languages.svg)](https://gemnasium.com/poise/poise-languages) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -Shared support code for Poise's language cookbooks like poise-ruby and -poise-python. - -## License - -Copyright 2015-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages.rb deleted file mode 100644 index 9952907..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - autoload :Command, 'poise_languages/command' - autoload :Error, 'poise_languages/error' - autoload :Scl, 'poise_languages/scl' - autoload :Static, 'poise_languages/static' - autoload :System, 'poise_languages/system' - autoload :Utils, 'poise_languages/utils' - autoload :VERSION, 'poise_languages/version' -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/command.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/command.rb deleted file mode 100644 index bd46621..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/command.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - # A namespace for language-command-related stuff. - # - # @since 1.0.0 - module Command - autoload :Mixin, 'poise_languages/command/mixin' - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/command/mixin.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/command/mixin.rb deleted file mode 100644 index 15e2c7d..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/command/mixin.rb +++ /dev/null @@ -1,241 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'shellwords' - -require 'poise' - -require 'poise_languages/error' -require 'poise_languages/utils' - - -module PoiseLanguages - module Command - # A mixin for resources and providers that run language commands. - # - # @since 1.0.0 - module Mixin - include Poise::Utils::ResourceProviderMixin - - # A mixin for resources that run language commands. Also available as a - # parameterized mixin via `include PoiseLanguages::Command::Mixin::Resource(name)`. - # - # @example - # class MyLangThing - # include PoiseLanguages::Command::Mixin::Resource(:mylang) - # # ... - # end - module Resource - include Poise::Resource - poise_subresource(true) - - private - - # Implementation of the $name accessor. - # - # @api private - # @param name [Symbol] Language name. - # @param runtime [Symbol] Language runtime resource name. - # @param val [String, Chef::Resource, Poise::NOT_PASSED, nil] Accessor value. - # @return [String] - def language_command_runtime(name, runtime, default_binary, val=Poise::NOT_PASSED) - unless val == Poise::NOT_PASSED - path_arg = parent_arg = nil - # Figure out which property we are setting. - if val.is_a?(String) - # Check if it is a runtime resource. - begin - parent_arg = run_context.resource_collection.find("#{runtime}[#{val}]") - rescue Chef::Exceptions::ResourceNotFound - # Check if something looks like a path, defined as containing - # either / or \. While a single word could be a path, I think the - # UX win of better error messages should take priority. - might_be_path = val =~ %r{/|\\} - if might_be_path - Chef::Log.debug("[#{self}] #{runtime}[#{val}] not found, treating it as a path") - path_arg = val - else - # Surface the error up to the user. - raise - end - end - else - parent_arg = val - end - # Set both attributes. - send(:"parent_#{name}", parent_arg) - set_or_return(name, path_arg, kind_of: [String, NilClass]) - else - # Getter behavior. Using the ivar directly is kind of gross but oh well. - instance_variable_get(:"@#{name}") || default_language_command_runtime(name, default_binary) - end - end - - # Compute the path to the default runtime binary. - # - # @api private - # @param name [Symbol] Language name. - # @return [String] - def default_language_command_runtime(name, default_binary) - parent = send(:"parent_#{name}") - if parent - parent.send(:"#{name}_binary") - else - PoiseLanguages::Utils.which(default_binary || name.to_s) - end - end - - # Inherit language parent from another resource. - # - # @api private - # @param name [Symbol] Language name. - # @param resource [Chef::Resource] Resource to inherit from. - # @return [void] - def language_command_runtime_from_parent(name, resource) - parent = resource.send(:"parent_#{name}") - if parent - send(:"parent_#{name}", parent) - else - path = resource.send(name) - if path - send(name, path) - end - end - end - - module ClassMethods - # Configure this module or class for a specific language. - # - # @param name [Symbol] Language name. - # @param runtime [Symbol] Language runtime resource name. - # @param timeout [Boolean] Enable the timeout attribute. - # @param default_binary [String] Name of the default language binary. - # @return [void] - def language_command_mixin(name, runtime: :"#{name}_runtime", timeout: true, default_binary: nil) - # Create the parent attribute. - parent_attribute(name, type: runtime, optional: true) - - # Timeout attribute for the shell_out wrappers in the provider. - attribute(:timeout, kind_of: Integer, default: 900) if timeout - - # Create the main accessor for the parent/path. - define_method(name) do |val=Poise::NOT_PASSED| - language_command_runtime(name, runtime, default_binary, val) - end - - # Create the method to inherit settings from another resource. - define_method(:"#{name}_from_parent") do |resource| - language_command_runtime_from_parent(name, resource) - end - private :"#{name}_from_parent" - end - - def language_command_default_binary(val=Poise::NOT_PASSED) - @language_command_default_binary = val if val != Poise::NOT_PASSED - @language_command_default_binary - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - Poise::Utils.parameterized_module(self) {|*args| language_command_mixin(*args) } - end # /module Resource - - # A mixin for providers that run language commands. - module Provider - include Poise::Utils::ShellOut - - private - - # Run a command using the configured language via `shell_out`. - # - # @api private - # @param name [Symbol] Language name. - # @param command_args [Array] Arguments to `shell_out`. - # @return [Mixlib::ShellOut] - def language_command_shell_out(name, *command_args, **options) - # Inject our environment variables if needed. - options[:environment] ||= {} - parent = new_resource.send(:"parent_#{name}") - if parent - options[:environment].update(parent.send(:"#{name}_environment")) - end - # Inject other options. - options[:timeout] ||= new_resource.timeout - # Find the actual binary to use. Raise an exception if we see false - # which happens if no parent resource is found, no explicit default - # binary was given, and which() fails to find a thing. - binary = new_resource.send(name) - raise Error.new("Unable to find a #{name} binary for command: #{command_args.is_a?(Array) ? Shellwords.shelljoin(command_args) : command_args}") unless binary - command = if command_args.length == 1 && command_args.first.is_a?(String) - # String mode, sigh. - "#{Shellwords.escape(binary)} #{command_args.first}" - else - # Array mode. Handle both ('one', 'two') and (['one', 'two']). - [binary] + command_args.flatten - end - Chef::Log.debug("[#{new_resource}] Running #{name} command: #{command.is_a?(Array) ? Shellwords.shelljoin(command) : command}") - # Run the command - poise_shell_out(command, options) - end - - # Run a command using the configured language via `shell_out!`. - # - # @api private - # @param name [Symbol] Language name. - # @param command_args [Array] Arguments to `shell_out!`. - # @return [Mixlib::ShellOut] - def language_command_shell_out!(name, *command_args) - send(:"#{name}_shell_out", *command_args).tap(&:error!) - end - - module ClassMethods - # Configure this module or class for a specific language. - # - # @param name [Symbol] Language name. - # @return [void] - def language_command_mixin(name) - define_method(:"#{name}_shell_out") do |*command_args| - language_command_shell_out(name, *command_args) - end - private :"#{name}_shell_out" - - define_method(:"#{name}_shell_out!") do |*command_args| - language_command_shell_out!(name, *command_args) - end - private :"#{name}_shell_out!" - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - Poise::Utils.parameterized_module(self) {|*args| language_command_mixin(*args) } - end # /module Provider - - Poise::Utils.parameterized_module(self) {|*args| language_command_mixin(*args) } - end # /module Mixin - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/error.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/error.rb deleted file mode 100644 index ddfadee..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/error.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - class Error < ::Exception - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/scl.rb deleted file mode 100644 index b0b5771..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - module Scl - autoload :Mixin, 'poise_languages/scl/mixin' - autoload :Resource, 'poise_languages/scl/resource' - autoload :Provider, 'poise_languages/scl/resource' - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/mixin.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/mixin.rb deleted file mode 100644 index 63f6cd0..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/mixin.rb +++ /dev/null @@ -1,134 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_languages/scl/resource' - - -module PoiseLanguages - module Scl - module Mixin - private - - def install_scl_package - pkg = scl_package - poise_languages_scl options[:package_name] || pkg[:name] do - action :upgrade if options[:package_upgrade] - dev_package options[:dev_package] == true ? pkg[:devel_name] : options[:dev_package] - parent new_resource - version options[:package_version] - end - end - - def uninstall_scl_package - install_scl_package.tap do |r| - r.action(:uninstall) - end - end - - def scl_package - @scl_package ||= self.class.find_scl_package(node, options['version']).tap do |p| - raise PoiseLanguages::Error.new("No SCL repoistory package for #{node['platform']} #{node['platform_version']}") unless p - end - end - - def scl_folder - ::File.join('', 'opt', 'rh', scl_package[:name]) - end - - def scl_environment - parse_enable_file(::File.join(scl_folder, 'enable')) - end - - # Parse an SCL enable file to extract the environment variables set in it. - # - # @param path [String] Path to the enable file. - # @return [Hash] - def parse_enable_file(path, env={}) - # Doesn't exist yet, so running Python will fail anyway. Just make sure - # it fails in the expected way. - return {} unless File.exist?(path) - # Yes, this is a bash parser in regex. Feel free to be mad at me. - IO.readlines(path).inject(env) do |memo, line| - if match = line.match(/^export (\w+)=(.*)$/) - memo[match[1]] = match[2].gsub(/\$(?:\{(\w+)(:\+:\$\{\w+\})?\}|(\w+))/) do - key = $1 || $3 - value = (memo[key] || ENV[key]).to_s - value = ":#{value}" if $2 && !value.empty? - value - end - elsif match = line.match(/^\. scl_source enable (\w+)$/) - # Parse another file. - memo.update(parse_enable_file(::File.join('', 'opt', 'rh', match[1], 'enable'), memo)) - end - memo - end - end - - module ClassMethods - def provides_auto?(node, resource) - # They don't build 32-bit versions for these and only for RHEL/CentOS. - # TODO: What do I do about Fedora and/or Amazon? - return false unless node['kernel']['machine'] == 'x86_64' && node.platform?('redhat', 'centos') - version = inversion_options(node, resource)['version'] - !!find_scl_package(node, version) - end - - # Set some default inversion provider options. Package name can't get - # a default value here because that would complicate the handling of - # {system_package_candidates}. - # - # @api private - def default_inversion_options(node, resource) - super.merge({ - # Install dev headers? - dev_package: true, - # Manual overrides for package name and/or version. - package_name: nil, - package_version: nil, - # Set to true to use action :upgrade on system packages. - package_upgrade: false, - }) - end - - def find_scl_package(node, version) - platform_version = ::Gem::Version.create(node['platform_version']) - # Filter out anything that doesn't match this EL version. - candidate_packages = scl_packages.select {|p| p[:platform_version].satisfied_by?(platform_version) } - # Find something with a prefix match on the Python version. - candidate_packages.find {|p| p[:version].start_with?(version) } - end - - private - - def scl_packages - @scl_packages ||= [] - end - - def scl_package(version, name, devel_name=nil, platform_version='>= 6.0') - scl_packages << {version: version, name: name, devel_name: devel_name, platform_version: ::Gem::Requirement.create(platform_version)} - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/resource.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/resource.rb deleted file mode 100644 index 9ecf14a..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/scl/resource.rb +++ /dev/null @@ -1,159 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseLanguages - module Scl - # A `poise_language_scl` resource to manage installing a language from - # SCL packages. This is an internal implementation detail of - # poise-languages. - # - # @api private - # @since 1.0 - # @provides poise_languages_scl - # @action install - # @action uninstall - class Resource < Chef::Resource - include Poise - provides(:poise_languages_scl) - actions(:install, :upgrade, :uninstall) - - # @!attribute package_name - # Name of the SCL package for the language. - # @return [String] - attribute(:package_name, kind_of: String, name_attribute: true) - # @!attribute dev_package - # Name of the -devel package with headers and whatnot. - # @return [String, nil] - attribute(:dev_package, kind_of: [String, NilClass]) - # @!attribute version - # Version of the SCL package(s) to install. If unset, follows the same - # semantics as the core `package` resource. - # @return [String, nil] - attribute(:version, kind_of: [String, NilClass]) - # @!attribute parent - # Resource for the language runtime. Used only for messages. - # @return [Chef::Resource] - attribute(:parent, kind_of: Chef::Resource, required: true) - end - - # The default provider for `poise_languages_scl`. - # - # @api private - # @since 1.0 - # @see Resource - # @provides poise_languages_scl - class Provider < Chef::Provider - include Poise - provides(:poise_languages_scl) - - # The `install` action for the `poise_languages_scl` resource. - # - # @return [void] - def action_install - notifying_block do - install_scl_repo - flush_yum_cache - install_scl_package(:install) - install_scl_devel_package(:install) if new_resource.dev_package - end - end - - # The `upgrade` action for the `poise_languages_scl` resource. - # - # @return [void] - def action_upgrade - notifying_block do - install_scl_repo - flush_yum_cache - install_scl_package(:upgrade) - install_scl_devel_package(:upgrade) if new_resource.dev_package - end - end - - # The `uninstall` action for the `poise_languages_scl` resource. - # - # @return [void] - def action_uninstall - notifying_block do - uninstall_scl_devel_package if new_resource.dev_package - uninstall_scl_package - end - end - - private - - def install_scl_repo - if node.platform?('redhat') - # Set up the real RHSCL subscription. - # NOTE: THIS IS NOT TESTED BECAUSE REDHAT DOESN'T OFFER ANY WAY TO DO - # AUTOMATED TESTING. IF YOU USE REDHAT AND THIS BREAKS, PLEASE LET ME - # KNOW BY FILING A GITHUB ISSUE AT http://github.com/poise/poise-languages/issues/new. - repo_name = "rhel-server-rhscl-#{node['platform_version'][0]}-rpms" - execute "subscription-manager repos --enable #{repo_name}" do - not_if { shell_out!('subscription-manager repos --list-enabled').stdout.include?(repo_name) } - end - else - package 'centos-release-scl-rh' do - # Using upgrade here because changes very very rare and always - # important when they happen. If this breaks your prod infra, I'm - # sorry :-( - action :upgrade - retries 5 - end - end - end - - def flush_yum_cache - ruby_block 'flush_yum_cache' do - block do - # Equivalent to flush_cache after: true - Chef::Provider::Package::Yum::YumCache.instance.reload - end - end - end - - def install_scl_package(action) - package new_resource.package_name do - action action - retries 5 - version new_resource.version - end - end - - def install_scl_devel_package(action) - package new_resource.dev_package do - action action - retries 5 - version new_resource.version - end - end - - def uninstall_scl_package - install_scl_package(:remove) - end - - def uninstall_scl_devel_package - install_scl_devel_package(:remove) - end - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/static.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/static.rb deleted file mode 100644 index efdbe10..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/static.rb +++ /dev/null @@ -1,34 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' - - -module PoiseLanguages - # Helpers for installing languages from static archives. - # - # @since 1.1.0 - module Static - autoload :Mixin, 'poise_languages/static/mixin' - autoload :Resource, 'poise_languages/static/resource' - autoload :Provider, 'poise_languages/static/resource' - - Poise::Utils.parameterized_module(self) do |opts| - require 'poise_languages/static/mixin' - include PoiseLanguages::Static::Mixin(opts) - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/static/mixin.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/static/mixin.rb deleted file mode 100644 index d189331..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/static/mixin.rb +++ /dev/null @@ -1,144 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_languages/static/resource' - - -module PoiseLanguages - module Static - # Mixin for language providers to install from static archives. - # - # @since 1.1.0 - module Mixin - private - - def install_static - url = static_url - poise_languages_static static_folder do - source url - strip_components options['strip_components'] - end - end - - def uninstall_static - install_static.tap do |r| - r.action(:uninstall) - end - end - - def static_folder - options['path'] || ::File.join('', 'opt', "#{self.class.static_name}-#{options['static_version']}") - end - - def static_url - options['url'] % static_url_variables - end - - def static_url_variables - { - version: options['static_version'], - kernel: node['kernel']['name'].downcase, - machine: node['kernel']['machine'], - machine_label: self.class.static_machine_label_wrapper(node, new_resource), - } - end - - module ClassMethods - attr_accessor :static_name - attr_accessor :static_versions - attr_accessor :static_machines - attr_accessor :static_url - attr_accessor :static_strip_components - attr_accessor :static_retries - - def provides_auto?(node, resource) - # Check that the version starts with our project name and the machine - # we are on is supported. - resource.version.to_s =~ /^#{static_name}(-|$)/ && static_machines.include?(static_machine_label_wrapper(node, resource)) - end - - # Set some default inversion provider options. Package name can't get - # a default value here because that would complicate the handling of - # {system_package_candidates}. - # - # @api private - def default_inversion_options(node, resource) - super.merge({ - # Path to install the package. Defaults to /opt/name-version. - path: nil, - # Number of times to retry failed downloads. - retries: static_retries, - # Full version number for use in interpolation. - static_version: static_version(node, resource), - # Value to pass to tar --strip-components. - strip_components: static_strip_components, - # URL template to download from. - url: static_url, - }) - end - - def static_options(name: nil, versions: [], machines: %w{linux-i686 linux-x86_64}, url: nil, strip_components: 1, retries: 5) - raise PoiseLanguages::Error.new("Static archive URL is required, on #{self}") unless url - self.static_name = name || provides.to_s - self.static_versions = versions - self.static_machines = Set.new(machines) - self.static_url = url - self.static_strip_components = strip_components - self.static_retries = retries - end - - def static_version(node, resource) - raw_version = resource.version.to_s.gsub(/^#{static_name}(-|$)/, '') - if static_versions.include?(raw_version) - raw_version - else - # Prefix match or just use the given version number if not found. - # This allow mild future proofing in some cases. - static_versions.find {|v| v.start_with?(raw_version) } || raw_version - end - end - - def static_machine_label(node, _resource=nil) - "#{node['kernel']['name'].downcase}-#{node['kernel']['machine']}" - end - - # Wrapper for {#static_machine_label} because I need to add an argument. - # This preserves backwards compat. - # - # @api private - def static_machine_label_wrapper(node, resource) - args = [node] - arity = method(:static_machine_label).arity - args << resource if arity > 1 || arity < 0 - static_machine_label(*args) - end - - def included(klass) - super - klass.extend ClassMethods - end - - end - - extend ClassMethods - - Poise::Utils.parameterized_module(self) do |opts| - static_options(opts) - end - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/static/resource.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/static/resource.rb deleted file mode 100644 index 150eb44..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/static/resource.rb +++ /dev/null @@ -1,139 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseLanguages - module Static - # A `poise_languages_static` resource to manage installing a language from - # static binary archives. This is an internal implementation detail of - # poise-languages. - # - # @api private - # @since 1.1.0 - # @provides poise_languages_static - # @action install - # @action uninstall - class Resource < Chef::Resource - include Poise - provides(:poise_languages_static) - actions(:install, :uninstall) - - # @!attribute path - # Directory to install to. - # @return [String] - attribute(:path, kind_of: String, name_attribute: true) - # @!attribute download_retries - # Number of times to retry failed downloads. Defaults to 5. - # @return [Integer] - attribute(:download_retries, kind_of: Integer, default: 5) - # @!attribute source - # URL to download from. - # @return [String] - attribute(:source, kind_of: String, required: true) - # @!attribute strip_components - # Value to pass to tar --strip-components. - # @return [String, Integer, nil] - attribute(:strip_components, kind_of: [String, Integer, NilClass], default: 1) - - def cache_path - @cache_path ||= ::File.join(Chef::Config[:file_cache_path], source.split(/\//).last) - end - end - - # The default provider for `poise_languages_static`. - # - # @api private - # @since 1.0 - # @see Resource - # @provides poise_languages_static - class Provider < Chef::Provider - include Poise - provides(:poise_languages_static) - - # The `install` action for the `poise_languages_static` resource. - # - # @return [void] - def action_install - notifying_block do - download_archive - create_directory - # Unpack is handled as a notification from download_archive. - end - end - - # The `uninstall` action for the `poise_languages_static` resource. - # - # @return [void] - def action_uninstall - notifying_block do - delete_archive - delete_directory - end - end - - private - - def create_directory - unpack_resource = unpack_archive - directory new_resource.path do - user 0 - group 0 - mode '755' - notifies :unpack, unpack_resource, :immediately - end - end - - def download_archive - unpack_resource = unpack_archive - remote_file new_resource.cache_path do - source new_resource.source - owner 0 - group 0 - mode '644' - notifies :unpack, unpack_resource, :immediately if ::File.exist?(new_resource.path) - retries new_resource.download_retries - end - end - - def unpack_archive - @unpack_archive ||= poise_archive new_resource.cache_path do - # Run via notification from #download_archive and #create_directory. - action :nothing - destination new_resource.path - strip_components new_resource.strip_components - end - end - - def delete_archive - file new_resource.cache_path do - action :delete - end - end - - def delete_directory - directory new_resource.path do - action :delete - recursive true - end - end - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/system.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/system.rb deleted file mode 100644 index 5ece43c..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/system.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - module System - autoload :Mixin, 'poise_languages/system/mixin' - autoload :Resource, 'poise_languages/system/resource' - autoload :Provider, 'poise_languages/system/resource' - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/system/mixin.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/system/mixin.rb deleted file mode 100644 index 8b1764e..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/system/mixin.rb +++ /dev/null @@ -1,170 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_languages/system/resource' - - -module PoiseLanguages - module System - module Mixin - - private - - # Install a language using system packages. - # - # @api public - # @return [PoiseLanguages::System::Resource] - def install_system_packages(&block) - dev_package_overrides = system_dev_package_overrides - poise_languages_system system_package_name do - # Otherwise use the default install action. - action(:upgrade) if options['package_upgrade'] - parent new_resource - # Don't pass true because we want the default computed behavior for that. - dev_package options['dev_package'] unless options['dev_package'] == true - dev_package_overrides dev_package_overrides - package_version options['package_version'] if options['package_version'] - version options['version'] - instance_exec(&block) if block - end - end - - # Uninstall a language using system packages. - # - # @api public - # @return [PoiseLanguages::System::Resource] - def uninstall_system_packages(&block) - install_system_packages.tap do |r| - r.action(:uninstall) - r.instance_exec(&block) if block - end - end - - # Compute all possible package names for a given language version. Must be - # implemented by mixin users. Versions are expressed as prefixes so '' - # matches all versions, '2' matches 2.x. - # - # @abstract - # @api public - # @param version [String] Language version prefix. - # @return [Array] - def system_package_candidates(version) - raise NotImplementedError - end - - # Compute the default package name for the base package for this language. - # - # @api public - # @return [String] - def system_package_name - # If we have an override, just use that. - return options['package_name'] if options['package_name'] - # Look up all packages for this language on this platform. - system_packages = self.class.packages && node.value_for_platform(self.class.packages) - if !system_packages && self.class.default_package - Chef::Log.debug("[#{new_resource}] No known packages for #{node['platform']} #{node['platform_version']}, defaulting to '#{self.class.default_package}'.") if self.class.packages - system_packages = Array(self.class.default_package) - end - - # Find the first value on system_package_candidates that is in system_packages. - system_package_candidates(options['version'].to_s).each do |name| - return name if system_packages.include?(name) - end - # No valid candidate. Sad trombone. - raise PoiseLanguages::Error.new("Unable to find a candidate package for version #{options['version'].to_s.inspect}. Please set package_name provider option for #{new_resource}.") - end - - # A hash mapping package names to their override dev package name. - # - # @api public - # @return [Hash] - def system_dev_package_overrides - {} - end - - module ClassMethods - # Install this as a default provider if nothing else matched. Might not - # work, but worth a try at least for unknown platforms. Windows is a - # whole different story, and OS X might work sometimes so at least try. - # - # @api private - def provides_auto?(node, resource) - !node.platform_family?('windows') - end - - # Set some default inversion provider options. Package name can't get - # a default value here because that would complicate the handling of - # {system_package_candidates}. - # - # @api private - def default_inversion_options(node, resource) - super.merge({ - # Install dev headers? - dev_package: true, - # Manual overrides for package name and/or version. - package_name: nil, - package_version: nil, - # Set to true to use action :upgrade on system packages. - package_upgrade: false, - }) - end - - # @overload packages() - # Return a hash formatted for value_for_platform returning an Array - # of package names. - # @return [Hash] - # @overload packages(default_package, packages) - # Define what system packages are available for this language on each - # platform. - # @param default_package [String] Default package name for platforms - # not otherwise defined. - # @param [Hash] Hash formatted for value_for_platform returning an - # Array of package names. - # @return [Hash] - def packages(default_package=nil, packages=nil) - self.default_package(default_package) if default_package - if packages - @packages = packages - end - @packages - end - - # @overload default_package() - # Return the default package name for platforms not otherwise defined. - # @return [String] - # @overload default_package(name) - # Set the default package name for platforms not defined in {packages}. - # @param name [String] Package name. - # @return [String] - def default_package(name=nil) - if name - @default_package = name - end - @default_package - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/system/resource.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/system/resource.rb deleted file mode 100644 index 90d18bd..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/system/resource.rb +++ /dev/null @@ -1,254 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseLanguages - module System - # A `poise_language_system` resource to manage installing a language from - # system packages. This is an internal implementation detail of - # poise-languages. - # - # @api private - # @since 1.0 - # @provides poise_languages_system - # @action install - # @action upgrade - # @action uninstall - class Resource < Chef::Resource - include Poise - provides(:poise_languages_system) - actions(:install, :upgrade, :uninstall) - - # @!attribute package_name - # Name of the main package for the language. - # @return [String] - attribute(:package_name, kind_of: String, name_attribute: true) - # @!attribute dev_package - # Name of the development headers package, or false to disable - # installing headers. By default computed from {package_name}. - # @return [String, false] - attribute(:dev_package, kind_of: [String, FalseClass], default: lazy { default_dev_package }) - # @!attribute dev_package_overrides - # A hash of override names for dev packages that don't match the normal - # naming scheme. - # @return [Hash] - attribute(:dev_package_overrides, kind_of: Hash, default: lazy { {} }) - # @!attribute package_version - # Version of the package(s) to install. This is distinct from {version}, - # and is the specific version package version, not the language version. - # By default this is unset meaning the latest version will be used. - # @return [String, nil] - attribute(:package_version, kind_of: [String, NilClass]) - # @!attribute parent - # Resource for the language runtime. Used only for messages. - # @return [Chef::Resource] - attribute(:parent, kind_of: Chef::Resource, required: true) - # @!attributes version - # Language version prefix. This prefix determines which version of the - # language to install, following prefix matching rules. - # @return [String] - attribute(:version, kind_of: String, default: '') - - # Compute the default package name for the development headers. - # - # @return [String] - def default_dev_package - # Check for an override. - return dev_package_overrides[package_name] if dev_package_overrides.include?(package_name) - suffix = node.value_for_platform_family(debian: '-dev', rhel: '-devel', fedora: '-devel') - # Platforms like Arch and Gentoo don't need this anyway. I've got no - # clue how Amazon Linux does this. - if suffix - package_name + suffix - else - nil - end - end - end - - # The default provider for `poise_languages_system`. - # - # @api private - # @since 1.0 - # @see Resource - # @provides poise_languages_system - class Provider < Chef::Provider - include Poise - provides(:poise_languages_system) - - # The `install` action for the `poise_languages_system` resource. - # - # @return [void] - def action_install - notifying_block do - install_packages - run_action_hack - end - end - - # The `upgrade` action for the `poise_languages_system` resource. - # - # @return [void] - def action_upgrade - notifying_block do - upgrade_packages - run_action_hack - end - end - - # The `uninstall` action for the `poise_languages_system` resource. - # - # @return [void] - def action_uninstall - notifying_block do - uninstall_packages - end - end - - private - - # Install the needed language packages. - # - # @api private - # @return [Array] - def install_packages - packages = {new_resource.package_name => new_resource.package_version} - # If we are supposed to install the dev package, grab it using the same - # version as the main package. - if new_resource.dev_package - packages[new_resource.dev_package] = new_resource.package_version - end - Chef::Log.debug("[#{new_resource.parent}] Building package resource using #{packages.inspect}.") - - # Check for multi-package support. - package_resource_class = Chef::Resource.resource_for_node(:package, node) - package_provider_class = package_resource_class.new('multipackage_check', run_context).provider_for_action(:install) - package_resources = if package_provider_class.respond_to?(:use_multipackage_api?) && package_provider_class.use_multipackage_api? - package packages.keys do - version packages.values - end - else - # Fallback for non-multipackage. - packages.map do |pkg_name, pkg_version| - package pkg_name do - version pkg_version - end - end - end - - # Apply some settings to all of the resources. - Array(package_resources).each do |res| - res.retries(5) - res.define_singleton_method(:apply_action_hack?) { true } - end - end - - # Upgrade the needed language packages. - # - # @api private - # @return [Array] - def upgrade_packages - install_packages.each do |res| - res.action(:upgrade) - end - end - - # Uninstall the needed language packages. - # - # @api private - # @return [Array] - def uninstall_packages - install_packages.each do |res| - res.action(node.platform_family?('debian') ? :purge : :remove) - end - end - - # Run the requested action for all package resources. This exists because - # we inject our version check in to the provider directly and I want to - # only run the provider action once for performance. It is otherwise - # mostly a stripped down version of Chef::Resource#run_action. - # - # @param action [Symbol] Action to run on all package resources. - # @return [void] - def run_action_hack - # If new_resource.package_version is set, skip this madness. - return if new_resource.package_version - - # Process every resource in the current collection, which is bounded - # by notifying_block. - run_context.resource_collection.each do |resource| - # Only apply to things we tagged above. - next unless resource.respond_to?(:apply_action_hack?) && resource.apply_action_hack? - - Array(resource.action).each do |action| - # Reset it so we have a clean baseline. - resource.updated_by_last_action(false) - # Grab the provider. - provider = resource.provider_for_action(action) - provider.action = action - # Inject our check for the candidate version. This will actually - # get run during run_action below. - patch_load_current_resource!(provider, new_resource.version) - # Run our action. - Chef::Log.debug("[#{new_resource.parent}] Running #{provider} with #{action}") - provider.run_action(action) - # Check updated flag. - new_resource.updated_by_last_action(true) if resource.updated_by_last_action? - end - - # Make sure the resource doesn't run again when notifying_block ends. - resource.action(:nothing) - end - end - - # Hack a provider object to run our verification code. - # - # @param provider [Chef::Provider] Provider object to patch. - # @param version [String] Language version prefix to check for. - # @return [void] - def patch_load_current_resource!(provider, version) - # Create a closure module and inject it. - provider.extend Module.new { - # Patch load_current_resource to run our verification logic after - # the normal code. - define_method(:load_current_resource) do - super().tap do |_| - each_package do |package_name, new_version, current_version, candidate_version| - # In Chef 12.14+, candidate_version is a Chef::Decorator::Lazy object - # so we need the nil? check to see if the object being proxied is - # nil (i.e. there is no version). The `\d+:` is for RPM epoch prefixes. - unless candidate_version && (!candidate_version.nil?) && (!candidate_version.empty?) && candidate_version =~ /^(\d+:)?#{Regexp.escape(version)}/ - # Don't display a wonky error message if there is no candidate. - candidate_label = if candidate_version && (!candidate_version.nil?) && (!candidate_version.empty?) - candidate_version - else - candidate_version.inspect - end - raise PoiseLanguages::Error.new("Package #{package_name} would install #{candidate_label}, which does not match #{version.empty? ? version.inspect : version}. Please set the package_name or package_version provider options.") - end - end - end - end - } - end - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/utils.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/utils.rb deleted file mode 100644 index 84ff73d..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/utils.rb +++ /dev/null @@ -1,68 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'shellwords' - -require 'poise_languages/utils/which' - - -module PoiseLanguages - module Utils - include Which - extend self - - # Default whitelist for {#shelljoin}. - SHELLJOIN_WHITELIST = [/^2?[><]/] - - # An improved version of Shellwords.shelljoin that doesn't escape a few - # things. - # - # @param cmd [Array] Command array to join. - # @param whitelist [Array] Array of patterns to whitelist. - # @return [String] - def shelljoin(cmd, whitelist: SHELLJOIN_WHITELIST) - cmd.map do |str| - if whitelist.any? {|pat| str =~ pat } - str - else - Shellwords.shellescape(str) - end - end.join(' ') - end - - # Convert the executable in a string or array command to an absolute path. - # - # @param cmd [String, Array] Command to fix up. - # @param path [String, nil] Replacement $PATH for executable lookup. - # @return [String, Array] - def absolute_command(cmd, path: nil) - was_array = cmd.is_a?(Array) - cmd = if was_array - cmd.dup - else - Shellwords.split(cmd) - end - # Don't try to touch anything if the first value looks like a flag or a path. - if cmd.first && !cmd.first.start_with?('-') && !cmd.first.include?(::File::SEPARATOR) - # If which returns false, just leave it I guess. - cmd[0] = which(cmd.first, path: path) || cmd.first - end - cmd = shelljoin(cmd) unless was_array - cmd - end - - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/utils/which.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/utils/which.rb deleted file mode 100644 index 8661c57..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/utils/which.rb +++ /dev/null @@ -1,51 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - module Utils - # Replacement module for Chef::Mixin::Which with a slight improvement. - # - # @since 1.0.0 - # @see Which#which - module Which - extend self - - # A replacement for Chef::Mixin::Which#which that allows using something - # other than an environment variable if needed. - # - # @param cmd [String] Executable to search for. - # @param extra_path [Array] Extra directories to always search. - # @param path [String, nil] Replacement $PATH value. - # @return [String, false] - def which(cmd, extra_path: %w{/bin /usr/bin /sbin /usr/sbin}, path: nil) - # If it was already absolute, just return that. - return cmd if cmd =~ /^(\/|([a-z]:)?\\)/i - # Allow passing something other than the real env var. - path ||= ENV['PATH'] - # Based on Chef::Mixin::Which#which - # Copyright 2010-2017, Chef Softare, Inc. - paths = path.split(File::PATH_SEPARATOR) + extra_path - paths.each do |candidate_path| - filename = ::File.join(candidate_path, cmd) - return filename if ::File.executable?(filename) - end - false - end - - end - end -end diff --git a/cookbooks/poise-languages/files/halite_gem/poise_languages/version.rb b/cookbooks/poise-languages/files/halite_gem/poise_languages/version.rb deleted file mode 100644 index 61bcdb7..0000000 --- a/cookbooks/poise-languages/files/halite_gem/poise_languages/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseLanguages - VERSION = '2.1.2' -end diff --git a/cookbooks/poise-languages/libraries/default.rb b/cookbooks/poise-languages/libraries/default.rb deleted file mode 100644 index 8b2a908..0000000 --- a/cookbooks/poise-languages/libraries/default.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) diff --git a/cookbooks/poise-languages/metadata.json b/cookbooks/poise-languages/metadata.json deleted file mode 100644 index 9cf3ac6..0000000 --- a/cookbooks/poise-languages/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-languages","version":"2.1.2","description":"A Chef cookbook to help writing language cookbooks.","long_description":"# Poise-Languages Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-languages.svg)](https://travis-ci.org/poise/poise-languages)\n[![Gem Version](https://img.shields.io/gem/v/poise-languages.svg)](https://rubygems.org/gems/poise-languages)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-languages.svg)](https://supermarket.chef.io/cookbooks/poise-languages)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-languages.svg)](https://codecov.io/github/poise/poise-languages)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-languages.svg)](https://gemnasium.com/poise/poise-languages)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nShared support code for Poise's language cookbooks like poise-ruby and\npoise-python.\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"aix":">= 0.0.0","amazon":">= 0.0.0","arch":">= 0.0.0","centos":">= 0.0.0","chefspec":">= 0.0.0","debian":">= 0.0.0","dragonfly4":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","gentoo":">= 0.0.0","ios_xr":">= 0.0.0","mac_os_x":">= 0.0.0","nexus":">= 0.0.0","omnios":">= 0.0.0","openbsd":">= 0.0.0","opensuse":">= 0.0.0","oracle":">= 0.0.0","raspbian":">= 0.0.0","redhat":">= 0.0.0","slackware":">= 0.0.0","smartos":">= 0.0.0","solaris2":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{"poise":"~> 2.5","poise-archive":"~> 1.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-languages","issues_url":"https://github.com/poise/poise-languages/issues","chef_version":[["< 15",">= 12.14"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-ruby-build/CHANGELOG.md b/cookbooks/poise-ruby-build/CHANGELOG.md deleted file mode 100644 index e4fbf98..0000000 --- a/cookbooks/poise-ruby-build/CHANGELOG.md +++ /dev/null @@ -1,22 +0,0 @@ -# Poise-Ruby-Build Changelog - -## v1.1.0 - -* Chef 13 support. -* Switch to `poise-git` and `poise-build-essential` rather than the traditional - cookbooks to ensure support for older Chef and clean up lingering bugs. - -## v1.0.2 - -* Fix a typo that prevented uninstalling `ruby_build` runtimes. -* Ensure bzip2 is installed as some minimal Linux images do not include it. - -## v1.0.1 - -* Install bundler in the same way as other `ruby_runtime` providers. -* New integration test harness. - -## v1.0.0 - -* Initial release! - diff --git a/cookbooks/poise-ruby-build/README.md b/cookbooks/poise-ruby-build/README.md deleted file mode 100644 index 05d13a1..0000000 --- a/cookbooks/poise-ruby-build/README.md +++ /dev/null @@ -1,53 +0,0 @@ -# Poise-Ruby-Build Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-ruby-build.svg)](https://travis-ci.org/poise/poise-ruby-build) -[![Gem Version](https://img.shields.io/gem/v/poise-ruby-build.svg)](https://rubygems.org/gems/poise-ruby-build) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-ruby-build.svg)](https://supermarket.chef.io/cookbooks/poise-ruby-build) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-ruby-build.svg)](https://codecov.io/github/poise/poise-ruby-build) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-ruby-build.svg)](https://gemnasium.com/poise/poise-ruby-build) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [ruby-build](https://github.com/sstephenson/ruby-build) provider for the -[poise-ruby cookbook](https://github.com/poise/poise-ruby). - -## Provider - -The `ruby_build` provider uses [ruby-build](https://github.com/sstephenson/ruby-build) -to compile and install Ruby. - -```ruby -ruby_runtime 'myapp' do - provider :ruby_build - version '2.1' -end -``` - -### Options - -* `install_doc` – Install documentation with Ruby. *(default: false)* -* `install_repo` – Git URI to clone to install ruby-build. *(default: https://github.com/sstephenson/ruby-build.git)* -* `install_rev` – Git revision to clone to install ruby-build. *(default: master)* -* `prefix` – Base path for install ruby-build and rubies. *(default: /opt/ruby_build)* -* `version` – Override the Ruby version. - -## Sponsors - -Development sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-ruby-build/attributes/default.rb b/cookbooks/poise-ruby-build/attributes/default.rb deleted file mode 100644 index 1bf8521..0000000 --- a/cookbooks/poise-ruby-build/attributes/default.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -default['poise-ruby']['provider'] = 'ruby_build' diff --git a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build.rb b/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build.rb deleted file mode 100644 index 342d461..0000000 --- a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseRuby - # A plugin for poise-ruby to compile Ruby using ruby-build. - # - # @since 1.0.0 - module RubyBuild - autoload :Provider, 'poise_ruby/ruby_build/provider' - autoload :VERSION, 'poise_ruby/ruby_build/version' - end -end diff --git a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/cheftie.rb b/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/cheftie.rb deleted file mode 100644 index 32fd6ca..0000000 --- a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/cheftie.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/ruby_build/provider' diff --git a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/provider.rb b/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/provider.rb deleted file mode 100644 index 9cf45d6..0000000 --- a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/provider.rb +++ /dev/null @@ -1,219 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/shell_out' - -require 'poise_ruby/ruby_providers/base' - - -module PoiseRuby - module RubyBuild - # Inversion provider for `ruby_runtime` to install via ruby-build. - # - # @since 1.0.0 - # @provides ruby_build - class Provider < PoiseRuby::RubyProviders::Base - include Chef::Mixin::ShellOut - provides(:ruby_build) - - # Add default options for ruby-build. - # - # @param node [Chef::Node] Node to load from. - # @param resource [Chef::Resource] Resource to load from. - # @return [Hash] - def self.default_inversion_options(node, resource) - super.merge({ - install_doc: false, - install_repo: 'https://github.com/sstephenson/ruby-build.git', - install_rev: 'master', - prefix: '/opt/ruby_build', - }) - end - - # Path to the compiled Ruby binary. - # - # @return [String] - def ruby_binary - ::File.join(options['prefix'], 'builds', new_resource.name, 'bin', 'ruby') - end - - # Find the full definition name to use with ruby-build. This is based on - # prefix matching from the `ruby-build --definitions` output. Only - # public because sigh scoping. - # - # @!visibility private - # @return [String] - def ruby_definition - @ruby_definition ||= begin - cmd = shell_out!([::File.join(options['prefix'], 'install', options['install_rev'], 'bin', 'ruby-build'), '--definitions']) - version_prefix = options['version'] - # Default for '', look for MRI 2.x. - version_prefix = '2' if version_prefix == '' - # Find the last line that starts with the target version. - cmd.stdout.split(/\n/).reverse.find {|line| line.start_with?(version_prefix) } || options['version'] - end - end - - private - - # Path to the version record file. Should contain the actual version of - # Ruby installed in this folder. - # - # @return [String] - def version_file - ::File.join(options['prefix'], 'builds', new_resource.name, 'VERSION') - end - - # Installs ruby-build and then uses that to install Ruby. - # - # @return [void] - def install_ruby - # We assume that if the version_file exists, ruby-build is already - # installed. Calling #ruby_definition will shell out to ruby-build. - if ::File.exists?(version_file) && IO.read(version_file) == ruby_definition - # All set, bail out. - return - end - - converge_by("Installing Ruby #{options['version'].empty? ? new_resource.name : options['version']} via ruby-build") do - notifying_block do - create_prefix_directory - create_install_directory - create_builds_directory - install_ruby_build - install_dependencies - # Possible failed install or a version change. Wipe the existing build. - # If we weren't going to rebuild, we would have bailed out already. - uninstall_ruby - end - # Second converge has ruby-build installed so using #ruby_definition - # is safe. - notifying_block do - build_ruby - create_version_file - end - end - end - - # Create the base prefix directory. - # - # @return [Chef::Resource::Directory] - def create_prefix_directory - directory options['prefix'] do - owner 'root' - group 'root' - mode '755' - end - end - - # Create the directory to hold ruby-build installations. - # - # @return [Chef::Resource::Directory] - def create_install_directory - directory ::File.join(options['prefix'], 'install') do - owner 'root' - group 'root' - mode '755' - end - end - - # Create the directory to hold compiled rubies. - # - # @return [Chef::Resource::Directory] - def create_builds_directory - directory ::File.join(options['prefix'], 'builds') do - owner 'root' - group 'root' - mode '755' - end - end - - # Clone ruby-build from GitHub or a similar git server. Will also install - # git via the `git` cookbook unless `no_dependencies` is set. - # - # @return [Chef::Resource::Git] - def install_ruby_build - poise_git ::File.join(options['prefix'], 'install', options['install_rev']) do - repository options['install_repo'] - revision options['install_rev'] - user 'root' - end - end - - # Install dependency packages needed to compile Ruby. A no-op if - # `no_dependencies` is set. - # - # @return [Chef::Resource::Package] - def install_dependencies - return if options['no_dependencies'] - poise_build_essential 'build_essential' - unless options['version'].start_with?('jruby') - pkgs = node.value_for_platform_family( - debian: %w{libreadline6-dev zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev libxml2-dev libxslt1-dev}, - rhel: %w{tar bzip2 readline-devel zlib-devel libffi-devel openssl-devel libxml2-devel libxslt-devel}, - suse: %w{zlib-devel libffi-devel sqlite3-devel libxml2-devel libxslt-devel}, - ) - package pkgs if pkgs - end - end - - - # Compile Ruby using ruby-build. - # - # @return [Chef::Resource::Execute] - def build_ruby - # Figure out the argument to disable docs - disable_docs = if options['install_doc'] - nil - elsif options['version'].start_with?('rbx') - nil # Doesn't support? - elsif options['version'].start_with?('ree') - '--no-dev-docs' - else - '--disable-install-doc' - end - - execute 'ruby-build install' do - command [::File.join(options['prefix'], 'install', options['install_rev'], 'bin', 'ruby-build'), ruby_definition, ::File.join(options['prefix'], 'builds', new_resource.name)] - user 'root' - environment 'RUBY_CONFIGURE_OPTS' => disable_docs if disable_docs - end - end - - # Write out the concrete version to the VERSION file. - # - # @return [Chef::Resource::File] - def create_version_file - file version_file do - owner 'root' - group 'root' - mode '644' - content ruby_definition - end - end - - # Delete the compiled Ruby, but leave ruby-build installed as it may be - # shared by other resources. - # - # @return [Chef::Resource::Directory] - def uninstall_ruby - directory ::File.join(options['prefix'], 'builds', new_resource.name) do - action :delete - end - end - end - end -end diff --git a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/version.rb b/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/version.rb deleted file mode 100644 index 2b51c09..0000000 --- a/cookbooks/poise-ruby-build/files/halite_gem/poise_ruby/ruby_build/version.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseRuby - module RubyBuild - VERSION = '1.1.0' - end -end diff --git a/cookbooks/poise-ruby-build/libraries/default.rb b/cookbooks/poise-ruby-build/libraries/default.rb deleted file mode 100644 index 2788808..0000000 --- a/cookbooks/poise-ruby-build/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_ruby/ruby_build/cheftie" diff --git a/cookbooks/poise-ruby-build/metadata.json b/cookbooks/poise-ruby-build/metadata.json deleted file mode 100644 index 49d9350..0000000 --- a/cookbooks/poise-ruby-build/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-ruby-build","version":"1.1.0","description":"A Chef cookbook for managing Ruby installations using ruby-build.","long_description":"# Poise-Ruby-Build Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-ruby-build.svg)](https://travis-ci.org/poise/poise-ruby-build)\n[![Gem Version](https://img.shields.io/gem/v/poise-ruby-build.svg)](https://rubygems.org/gems/poise-ruby-build)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-ruby-build.svg)](https://supermarket.chef.io/cookbooks/poise-ruby-build)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-ruby-build.svg)](https://codecov.io/github/poise/poise-ruby-build)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-ruby-build.svg)](https://gemnasium.com/poise/poise-ruby-build)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [ruby-build](https://github.com/sstephenson/ruby-build) provider for the\n[poise-ruby cookbook](https://github.com/poise/poise-ruby).\n\n## Provider\n\nThe `ruby_build` provider uses [ruby-build](https://github.com/sstephenson/ruby-build)\nto compile and install Ruby.\n\n```ruby\nruby_runtime 'myapp' do\n provider :ruby_build\n version '2.1'\nend\n```\n\n### Options\n\n* `install_doc` – Install documentation with Ruby. *(default: false)*\n* `install_repo` – Git URI to clone to install ruby-build. *(default: https://github.com/sstephenson/ruby-build.git)*\n* `install_rev` – Git revision to clone to install ruby-build. *(default: master)*\n* `prefix` – Base path for install ruby-build and rubies. *(default: /opt/ruby_build)*\n* `version` – Override the Ruby version.\n\n## Sponsors\n\nDevelopment sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"poise":"~> 2.0","poise-build-essential":"~> 1.0","poise-git":"~> 1.0","poise-ruby":"~> 2.1"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-ruby-build","issues_url":"https://github.com/poise/poise-ruby-build/issues","chef_version":[["< 14",">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-ruby/CHANGELOG.md b/cookbooks/poise-ruby/CHANGELOG.md deleted file mode 100644 index 22d7ccb..0000000 --- a/cookbooks/poise-ruby/CHANGELOG.md +++ /dev/null @@ -1,33 +0,0 @@ -# Changelog - -## v2.4.0 - -* Add support for the rh-ruby24 SCL package. - -## v2.3.0 - -* Chef 13 support. - -## v2.2.0 - -* Add support for Ubuntu 16.04 system packages. -* Support new SCL structure and packages. - -## v2.1.1 - -* Create ChefSpec matchers for the `ruby_gem` resource. - -## v2.1.0 - -* Fix version field for default Ruby runtime. -* Add a `:dummy` provider for `ruby_runtime` for unit testing or complex overrides. -* Improved handling for `bundle exec` in `ruby_execute`. -* New integration test harness. - -## v2.0.0 - -* Initial release (again)! - -## v1.0.0 - -* Pre-history, we do not speak of these times. diff --git a/cookbooks/poise-ruby/README.md b/cookbooks/poise-ruby/README.md deleted file mode 100644 index 764aa20..0000000 --- a/cookbooks/poise-ruby/README.md +++ /dev/null @@ -1,305 +0,0 @@ -# Poise-Ruby Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-ruby.svg)](https://travis-ci.org/poise/poise-ruby) -[![Gem Version](https://img.shields.io/gem/v/poise-ruby.svg)](https://rubygems.org/gems/poise-ruby) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-ruby.svg)](https://supermarket.chef.io/cookbooks/poise-ruby) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-ruby.svg)](https://codecov.io/github/poise/poise-ruby) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-ruby.svg)](https://gemnasium.com/poise/poise-ruby) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to provide a unified interface for -installing Ruby and running things with it. This README covers the 2.x version -of the cookbook, the 1.x version is very different and no longer supported. - -## Quick Start - -To install the latest available version of Ruby 2.x and then use it to install -some gems: - -```ruby -ruby_runtime '2' - -ruby_gem 'rake' - -bundle_install '/path/to/Gemfile' do - without 'development' - deployment true -end -``` - -## Requirements - -Chef 12.1 or newer is required. - -## Attributes - -Attributes are used to configure the default recipe. - -* `node['poise-ruby']['install_ruby']` – Install a Ruby runtime. *(default: true)* -* `node['poise-ruby']['install_chef_ruby']` – Create a `ruby_runtime` using - the `:chef` provider. Doesn't actually install anything. *(default: true)* - -## Recipes - -### `default` - -The default recipe installs Ruby based on the node attributes. It is entirely -optional and can be ignored in favor of direct use of the `ruby_runtime` -resource. - -## Resources - -### `ruby_runtime` - -The `ruby_runtime` resource installs a Ruby interpreter. - -```ruby -ruby_runtime 'any' do - version '' -end -``` - -#### Actions - -* `:install` – Install the Ruby interpreter. *(default)* -* `:uninstall` – Uninstall the Ruby interpreter. - -#### Properties - -* `version` – Version of Ruby to install. If a partial version is given, use the - latest available version matching that prefix. *(name properties)* - -#### Provider Options - -The `poise-ruby` library offers an additional way to pass configuration -information to the final provider called "options". Options are key/value pairs -that are passed down to the ruby_runtime provider and can be used to control how it -installs Ruby. These can be set in the `ruby_runtime` -resource using the `options` method, in node attributes or via the -`ruby_runtime_options` resource. The options from all sources are merged -together in to a single hash. - -When setting options in the resource you can either set them for all providers: - -```ruby -ruby_runtime 'myapp' do - version '2.1' - options dev_package: false -end -``` - -or for a single provider: - -```ruby -ruby_runtime 'myapp' do - version '2.1' - options :system, dev_package: false -end -``` - -Setting via node attributes is generally how an end-user or application cookbook -will set options to customize installations in the library cookbooks they are using. -You can set options for all installations or for a single runtime: - -```ruby -# Global, for all installations. -override['poise-ruby']['options']['dev_package'] = false -# Single installation. -override['poise-ruby']['myapp']['version'] = '2.2' -``` - -The `ruby_runtime_options` resource is also available to set node attributes -for a specific installation in a DSL-friendly way: - -```ruby -ruby_runtime_options 'myapp' do - version '2.2' -end -``` - -Unlike resource attributes, provider options can be different for each provider. -Not all providers support the same options so make sure to the check the -documentation for each provider to see what options the use. - -### `ruby_runtime_options` - -The `ruby_runtime_options` resource allows setting provider options in a -DSL-friendly way. See [the Provider Options](#provider-options) section for more -information about provider options overall. - -```ruby -ruby_runtime_options 'myapp' do - version '2.2' -end -``` - -#### Actions - -* `:run` – Apply the provider options. *(default)* - -#### Properties - -* `resource` – Name of the `ruby_runtime` resource. *(name property)* -* `for_provider` – Provider to set options for. - -All other property keys will be used as options data. - -### `ruby_execute` - -The `ruby_execute` resource executes a Ruby script using the configured runtime. - -```ruby -ruby_execute 'myapp.rb' do - user 'myuser' -end -``` - -This uses the built-in `execute` resource and supports all the same properties. - -#### Actions - -* `:run` – Execute the script. *(default)* - -#### Properties - -* `command` – Script and arguments to run. Must not include the `ruby`. *(name property)* -* `ruby` – Name of the `ruby_runtime` resource to use. If not specified, the - most recently declared `ruby_runtime` will be used. - -For other properties see the [Chef documentation](https://docs.chef.io/resource_execute.html#attributes). - -### `ruby_gem` - -The `ruby_gem` resource is a subclass of the standard `gem_package` resource to -install the gem with the configured runtime. - -```ruby -ruby_gem 'rake' do - version ' 10.4.2' -end -``` - -All actions and attributes match the standard `gem_package` resource with the -addition of a `ruby` attribute matching `ruby_execute`. - -### `bundle_install` - -The `bundle_install` resource installs gems based on a Gemfile using -[bundler](http://bundler.io/). - -```ruby -bundle_install '/path/to/Gemfile' do - deployment true - jobs 3 -end -``` - -The underlying `bundle` command will run on every converge, but notifications -will only be triggered if a gem is actually installed. - -#### Actions - -* `:install` – Run `bundle install`. *(default)* -* `:update` – Run `bundle update`. - -#### Properties - -* `path` – Path to a Gemfile or a directory containing a Gemfile. *(name property)* -* `binstubs` – Enable binstubs. If set to a string it is the path to generate - stubs in. -* `bundler_version` – Version of bundler to install. If unset the latest version is used. -* `deployment` – Enable deployment mode. -* `gem_binary` – Path to the gem binary. If unset this uses the `ruby_runtime` parent. -* `jobs` – Number of parallel installations to run. -* `retry` – Number of times to retry failed installations. -* `ruby` – Name of the `ruby_runtime` resource to execute against. -* `user` – User to run bundler as. -* `vendor` – Enable local vendoring. This maps to the `--path` option in bundler, - but that attribute name is already used. -* `without` – Group or groups to not install. - -## Ruby Providers - -### `system` - -The `system` provider installs Ruby using system packages. This is currently -only tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS -Amazon Linux, and Fedora) and is the default provider on those platforms. It -may work on other platforms but is untested. - -```ruby -ruby_runtime 'myapp' do - provider :system - version '2.1' -end -``` - -#### Options - -* `dev_package` – Install the package with the headers and other development - files. *(default: true)* -* `rubygems_package` – Install rubygems from a package. This is only needed for - Ruby 1.8. *(default: true on RHEL 6)* -* `package_name` – Override auto-detection of the package name. -* `package_upgrade` – Install using action `:upgrade`. *(default: false)* -* `package_version` – Override auto-detection of the package version. -* `version` – Override the Ruby version. - -### `scl` - -The `scl` provider installs Ruby using the [Software Collections](https://www.softwarecollections.org/) -packages. This is only available on RHEL and CentOS. SCL offers more -recent versions of Ruby than the system packages for the most part. If an SCL -package exists for the requested version, it will be used in preference to the -`system` provider. - -```ruby -ruby_runtime 'myapp' do - provider :scl - version '2.2' -end -``` - -### `chef` - -The `chef` provider uses the Ruby environment included in the Omnibus packages. -Great care should be taken when using this provider. - -```ruby -ruby_runtime 'myapp' do - provider :chef - version '2.1' -end -``` - -#### Options - -* `version` – Override the Ruby version. - -### `ruby_build` - -The `ruby_build` provider uses [ruby-build](https://github.com/sstephenson/ruby-build) -to compile and install Ruby. It can be found in the -[poise-ruby-build cookbook](https://github.com/poise/poise-ruby-build). - -## Sponsors - -Development sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2017, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-ruby/attributes/default.rb b/cookbooks/poise-ruby/attributes/default.rb deleted file mode 100644 index 48f1155..0000000 --- a/cookbooks/poise-ruby/attributes/default.rb +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Default inversion options. -default['poise-ruby']['provider'] = 'auto' -default['poise-ruby']['options'] = {} - -# Used for the default recipe. -default['poise-ruby']['install_ruby'] = true -default['poise-ruby']['install_chef_ruby'] = true diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby.rb deleted file mode 100644 index d068a6f..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseRuby - autoload :BundlerMixin, 'poise_ruby/bundler_mixin' - autoload :Error, 'poise_ruby/error' - autoload :Resources, 'poise_ruby/resources' - autoload :RubyCommandMixin, 'poise_ruby/ruby_command_mixin' - autoload :RubyProviders, 'poise_ruby/ruby_providers' - autoload :VERSION, 'poise_ruby/version' -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/bundler_mixin.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/bundler_mixin.rb deleted file mode 100644 index c393576..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/bundler_mixin.rb +++ /dev/null @@ -1,84 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/error' - - -module PoiseRuby - # Mixin for creating bundle exec commands. - # - # @since 2.1.0 - module BundlerMixin - # Transform a command to run under `bundle exec` with the same semantics as - # Ruby execution elsewhere in this system. That means you should end up with - # something like `/bin/ruby /bin/bundle exec /bin/ruby /bin/cmd args`. - # - # @param cmd [String, Array] Command to transform. - # @param path [String] Optional input path for command resolution. - # @return [String, Array] - def bundle_exec_command(cmd, path: nil) - bundle = new_resource.parent_bundle - return cmd unless bundle - is_array = cmd.is_a?(Array) - cmd = Shellwords.split(cmd) unless is_array - root_path = ::File.expand_path('..', bundle.gemfile_path) - # Grab this once in case I need it for the extra path. - bundler_binary = bundle.bundler_binary - # This doesn't account for the potential of a .bundle/config created with - # settings that Chef doesn't know about. (╯°□°)╯︵ ┻━┻ - extra_path = if bundle.binstubs - bundle.binstubs == true ? 'bin' : bundle.binstubs - elsif bundle.vendor || bundle.deployment - # Find the relative path to start searching from. - vendor_base_path = if bundle.vendor && bundle.vendor != true - bundle.vendor - else - 'vendor/bundle' - end - # Add the ruby/. - vendor_base_path = ::File.join(File.expand_path(vendor_base_path, root_path), 'ruby') - # Find the version number folder inside that. - candidates = Dir.entries(vendor_base_path) - ruby_abi_folder = candidates.find {|name| name =~ /^\d\./ } - vendor_sub_path = if ruby_abi_folder - ::File.join(ruby_abi_folder, 'bin') - elsif candidates.include?('bin') - 'bin' - else - raise PoiseRuby::Error.new("Unable to find the vendor bin folder for #{vendor_base_path}: #{candidates.join(', ')}") - end - # Make the final path. - ::File.join(vendor_base_path, vendor_sub_path) - else - # The folder the bundler binary is in was the global gem executable dir. - ::File.dirname(bundler_binary) - end - # Resolve relative paths against Bundler.root. - extra_path = ::File.expand_path(extra_path, root_path) - # Create the full $PATH. - path ||= ENV['PATH'] - bundle_exec_path = extra_path + ::File::PATH_SEPARATOR + path - # Resolve the command - abs_cmd = PoiseLanguages::Utils.absolute_command(cmd, path: bundle_exec_path) - bundle_exec = [new_resource.ruby, bundler_binary, 'exec', new_resource.ruby] + abs_cmd - if is_array - bundle_exec - else - PoiseLanguages::Utils.shelljoin(bundle_exec) - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/cheftie.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/cheftie.rb deleted file mode 100644 index aef9f39..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/resources' -require 'poise_ruby/ruby_providers' diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/error.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/error.rb deleted file mode 100644 index 813221f..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/error.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseRuby - class Error < ::Exception - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources.rb deleted file mode 100644 index 6a46c8e..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/resources/bundle_install' -require 'poise_ruby/resources/ruby_execute' -require 'poise_ruby/resources/ruby_gem' -require 'poise_ruby/resources/ruby_runtime' - - -module PoiseRuby - # Chef resources and providers for poise-ruby. - # - # @since 2.0.0 - module Resources - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/bundle_install.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/bundle_install.rb deleted file mode 100644 index d2b4ec1..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/bundle_install.rb +++ /dev/null @@ -1,225 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/shell_out' -require 'chef/mixin/which' -require 'chef/provider' -require 'chef/resource' -require 'poise' - -require 'poise_ruby/error' -require 'poise_ruby/ruby_command_mixin' - - -module PoiseRuby - module Resources - # (see BundleInstall::Resource) - # @since 2.0.0 - module BundleInstall - # A `bundle_install` resource to install a [Bundler](http://bundler.io/) - # Gemfile. - # - # @provides bundle_install - # @action install - # @action update - # @note - # This resource is not idempotent itself, it will always run `bundle - # install`. - # @example - # bundle_install '/opt/my_app' do - # gem_path '/usr/local/bin/gem' - # end - class Resource < Chef::Resource - include Poise - provides(:bundle_install) - actions(:install, :update) - include PoiseRuby::RubyCommandMixin - - # @!attribute path - # Path to the Gemfile or to a directory that contains a Gemfile. - # @return [String] - attribute(:path, kind_of: String, name_attribute: true) - # @!attribute binstubs - # Enable binstubs. If set to a string it is the path to generate - # stubs in. - # @return [Boolean, String] - attribute(:binstubs, kind_of: [TrueClass, String]) - # @!attribute deployment - # Enable deployment mode. - # @return [Boolean] - attribute(:deployment, equal_to: [true, false], default: false) - # @!attribute jobs - # Number of parallel installations to run. - # @return [String, Integer] - attribute(:jobs, kind_of: [String, Integer]) - # @!attribute retry - # Number of times to retry failed installations. - # @return [String, Integer] - attribute(:retry, kind_of: [String, Integer]) - # @!attribute user - # User to run bundler as. - # @return [String, Integery, nil] - attribute(:user, kind_of: [String, Integer, NilClass]) - # @!attribute vendor - # Enable local vendoring. This maps to the `--path` option in bundler, - # but that attribute name is already used. - # @return [Boolean, String] - attribute(:vendor, kind_of: [TrueClass, String]) - # @!attribute without - # Group or groups to not install. - # @return [String, Array] - attribute(:without, kind_of: [Array, String]) - - # The path to the `bundle` binary for this installation. This is an - # output property. - # - # @return [String] - # @example - # execute "#{resources('bundle_install[/opt/myapp]').bundler_binary} vendor" - def bundler_binary - @bundler_binary ||= provider_for_action(:bundler_binary).bundler_binary - end - - # The path to the Gemfile for this installation. This is an output - # property. - # - # @return [String] - # @example - # file resources('bundle_install[/opt/myapp]').gemfile_path do - # owner 'root' - # end - def gemfile_path - @gemfile_path ||= provider_for_action(:gemfile_path).gemfile_path - end - end - - # The default provider for the `bundle_install` resource. - # - # @see Resource - class Provider < Chef::Provider - include Poise - provides(:bundle_install) - include PoiseRuby::RubyCommandMixin - - # Install bundler and the gems in the Gemfile. - def action_install - run_bundler('install') - end - - # Install bundler and update the gems in the Gemfile. - def action_update - run_bundler('update') - end - - # Return the absolute path to the correct bundle binary to run. - # - # @return [String] - def bundler_binary - @bundler_binary ||= ::File.join(poise_gem_bindir, 'bundle') - end - - # Find the absolute path to the Gemfile. This mirrors bundler's internal - # search logic by scanning up to parent folder as needed. - # - # @return [String] - def gemfile_path - @gemfile_path ||= begin - path = ::File.expand_path(new_resource.path) - if ::File.file?(path) - # We got a path to a real file, use that. - path - else - # Walk back until path==dirname(path) meaning we are at the root - while path != (next_path = ::File.dirname(path)) - possible_path = ::File.join(path, 'Gemfile') - return possible_path if ::File.file?(possible_path) - path = next_path - end - end - end - end - - private - - # Install the gems in the Gemfile. - def run_bundler(command) - return converge_by "Run bundle #{command}" if whyrun_mode? - cmd = ruby_shell_out!(bundler_command(command), environment: {'BUNDLE_GEMFILE' => gemfile_path}, user: new_resource.user) - # Look for a line like 'Installing $gemname $version' to know if we did anything. - if cmd.stdout.include?('Installing') - new_resource.updated_by_last_action(true) - end - end - - # Parse out the value for Gem.bindir. This is so complicated to minimize - # the required configuration on the resource combined with gem having - # terrible output formats. - # - # Renamed from #gem_bindir in 2.3.0 because of a conflict with a method - # of the same name in Chef::Mixin::PathSanity (which is pulled in via - # ShellOut) added in 13.0. - # - # @return [String] - def poise_gem_bindir - cmd = ruby_shell_out!(new_resource.gem_binary, 'environment') - # Parse a line like: - # - EXECUTABLE DIRECTORY: /usr/local/bin - matches = cmd.stdout.scan(/EXECUTABLE DIRECTORY: (.*)$/).first - if matches - matches.first - else - raise PoiseRuby::Error.new("Cannot find EXECUTABLE DIRECTORY: #{cmd.stdout}") - end - end - - # Command line options for the bundle install. - # - # @return [Array] - def bundler_options - [].tap do |opts| - if new_resource.binstubs - opts << "--binstubs" + (new_resource.binstubs.is_a?(String) ? "=#{new_resource.binstubs}" : '') - end - if new_resource.vendor - opts << "--path=" + (new_resource.vendor.is_a?(String) ? new_resource.vendor : 'vendor/bundle') - end - if new_resource.deployment - opts << '--deployment' - end - if new_resource.jobs - opts << "--jobs=#{new_resource.jobs}" - end - if new_resource.retry - opts << "--retry=#{new_resource.retry}" - end - if new_resource.without - opts << '--without' - opts.insert(-1, *new_resource.without) - end - end - end - - # Command array to run when installing the Gemfile. - # - # @return [Array] - def bundler_command(command) - [bundler_binary, command] + bundler_options - end - - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_execute.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_execute.rb deleted file mode 100644 index e1ea4f9..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_execute.rb +++ /dev/null @@ -1,90 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mash' -require 'chef/provider/execute' -require 'chef/resource/execute' -require 'poise' - -require 'poise_ruby/bundler_mixin' -require 'poise_ruby/ruby_command_mixin' - - -module PoiseRuby - module Resources - # (see RubyExecute::Resource) - # @since 2.0.0 - module RubyExecute - # A `ruby_execute` resource to run Ruby scripts and commands. - # - # @provides ruby_execute - # @action run - # @example - # ruby_execute 'myapp.rb' do - # user 'myuser' - # end - class Resource < Chef::Resource::Execute - include Poise - provides(:ruby_execute) - actions(:run) - include PoiseRuby::RubyCommandMixin - - # @!attribute parent_bundle - # Optional bundle_install resource to run `bundle exec` against. - # @return [PoiseRuby::Resources::BundleInstall::Resource] - parent_attribute(:bundle, type: :bundle_install, optional: true, auto: false) - end - - # The default provider for `ruby_execute`. - # - # @see Resource - # @provides ruby_execute - class Provider < Chef::Provider::Execute - include PoiseRuby::BundlerMixin - provides(:ruby_execute) - - private - - # Command to pass to shell_out. - # - # @return [String, Array] - def command - if new_resource.parent_bundle - bundle_exec_command(new_resource.command, path: environment['PATH']) - else - if new_resource.command.is_a?(Array) - [new_resource.ruby] + new_resource.command - else - "#{new_resource.ruby} #{new_resource.command}" - end - end - end - - # Environment variables to pass to shell_out. - # - # @return [Hash] - def environment - Mash.new.tap do |environment| - environment.update(new_resource.parent_ruby.ruby_environment) if new_resource.parent_ruby - environment['BUNDLE_GEMFILE'] = new_resource.parent_bundle.gemfile_path if new_resource.parent_bundle - environment.update(new_resource.environment) if new_resource.environment - end - end - - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_gem.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_gem.rb deleted file mode 100644 index 17d10c3..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_gem.rb +++ /dev/null @@ -1,125 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider/package/rubygems' -require 'chef/resource/gem_package' -require 'poise' - -require 'poise_ruby/ruby_command_mixin' - - -module PoiseRuby - module Resources - # (see RubyGem::Resource) - # @since 2.0.0 - module RubyGem - # A `ruby_gem` resource to install Ruby gems. - # - # @provides ruby_gem - # @action install - # @action upgrade - # @action remove - # @action purge - # @action reconfig - # @example - # ruby_gem 'rack' - class Resource < Chef::Resource::GemPackage - include Poise - provides(:ruby_gem) - actions(:install, :upgrade, :remove, :purge, :reconfig) - include PoiseRuby::RubyCommandMixin - - # @api private - def initialize(name, run_context=nil) - super - @resource_name = :ruby_gem if @resource_name - # Remove when all useful versions are using provider resolver. - @provider = PoiseRuby::Resources::RubyGem::Provider if @provider - end - end - - # The default provider for `ruby_gem`. - # - # @see Resource - # @provides ruby_gem - class Provider < Chef::Provider::Package::Rubygems - include Poise - provides(:ruby_gem) - - def load_current_resource - patch_environment { super } - end - - def define_resource_requirements - patch_environment { super } - end - - def action_install - patch_environment { super } - end - - def action_upgrade - patch_environment { super } - end - - def action_remove - patch_environment { super } - end - - def action_purge - patch_environment { super } - end - - def action_reconfig - patch_environment { super } - end - - private - - def patch_environment(&block) - environment_to_add = if new_resource.parent_ruby - new_resource.parent_ruby.ruby_environment - else - {} - end - - begin - if ENV['GEM_HOME'] && !ENV['GEM_HOME'].empty? - Chef::Log.warn("[#{new_resource}] $GEM_HOME is set in Chef's environment, this will likely interfere with gem installation") - end - if ENV['GEM_PATH'] && !ENV['GEM_PATH'].empty? - Chef::Log.warn("[#{new_resource}] $GEM_PATH is set in Chef's environment, this will likely interfere with gem installation") - end - old_vars = environment_to_add.inject({}) do |memo, (key, value)| - memo[key] = ENV[key] - ENV[key] = value - memo - end - block.call - ensure - old_vars.each do |key, value| - if value.nil? - ENV.delete(key) - else - ENV[key] = value - end - end - end - end - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime.rb deleted file mode 100644 index 695f601..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime.rb +++ /dev/null @@ -1,87 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise' - - -module PoiseRuby - module Resources - # (see RubyRuntime::Resource) - # @since 2.0.0 - module RubyRuntime - # A `ruby_runtime` resource to manage Ruby installations. - # - # @provides ruby_runtime - # @action install - # @action uninstall - # @example - # ruby_runtime '2.1.2' - class Resource < Chef::Resource - include Poise(inversion: true, container: true) - provides(:ruby_runtime) - actions(:install, :uninstall) - - # @!attribute version - # Version of Ruby to install. - # @return [String] - attribute(:version, kind_of: String, name_attribute: true) - # @!attribute bundler_version - # Version of Bundler to install. It set to `true`, the latest - # available version will be used. If set to `false`, Bundler will - # not be installed. - # @note Disabling the Bundler install may result in other resources - # being non-functional. - # @return [String, Boolean] - attribute(:bundler_version, kind_of: [String, TrueClass, FalseClass], default: true) - - # The path to the `ruby` binary for this Ruby installation. This is an - # output property. - # - # @return [String] - # @example - # execute "#{resources('ruby_runtime[2.2.2]').ruby_binary} myapp.rb" - def ruby_binary - @ruby_binary ||= provider_for_action(:ruby_binary).ruby_binary - end - - # The environment variables for this Ruby installation. This is an - # output property. - # - # @return [Hash] - # @example - # execute '/opt/myapp.py' do - # environment resources('ruby_runtime[2.2.2]').ruby_environment - # end - def ruby_environment - @ruby_environment ||= provider_for_action(:ruby_environment).ruby_environment - end - - # The path to the `gem` binary for this Ruby installation. This is an - # output property. - # - # @return [String] - # @example - # execute "#{resources('ruby_runtime[2.2.2]').gem_binary} install myapp" - def gem_binary - @gem_binary ||= provider_for_action(:gem_binary).gem_binary - end - end - - # Providers can be found under lib/poise_ruby/ruby_providers/ - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime_test.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime_test.rb deleted file mode 100644 index 956394d..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/resources/ruby_runtime_test.rb +++ /dev/null @@ -1,213 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/convert_to_class_name' -require 'chef/provider' -require 'chef/resource' -require 'poise' - - -module PoiseRuby - module Resources - # (see RubyRuntimeTest::Resource) - # @since 2.1.0 - # @api private - module RubyRuntimeTest - # A `ruby_runtime_test` resource for integration testing of this - # cookbook. This is an internal API and can change at any time. - # - # @provides ruby_runtime_test - # @action run - class Resource < Chef::Resource - include Poise - provides(:ruby_runtime_test) - actions(:run) - - attribute(:version, kind_of: String, name_attribute: true) - attribute(:runtime_provider, kind_of: Symbol) - attribute(:path, kind_of: String, default: lazy { default_path }) - - def default_path - ::File.join('', 'root', "ruby_test_#{name}") - end - end - - # The default provider for `ruby_runtime_test`. - # - # @see Resource - # @provides ruby_runtime_test - class Provider < Chef::Provider - include Poise - provides(:ruby_runtime_test) - - # The `run` action for the `ruby_runtime_test` resource. - # - # @return [void] - def action_run - notifying_block do - # Top level directory for this test. - directory new_resource.path - - # Install and log the version. - ruby_runtime new_resource.name do - provider new_resource.runtime_provider if new_resource.runtime_provider - version new_resource.version - end - test_version - - # Test ruby_gem. - ruby_gem 'thor remove before' do - action :remove - package_name 'thor' - ruby new_resource.name - end - test_require('thor', 'thor_before') - ruby_gem 'thor' do - ruby new_resource.name - notifies :create, sentinel_file('thor'), :immediately - end - test_require('thor', 'thor_mid') - ruby_gem 'thor again' do - package_name 'thor' - ruby new_resource.name - notifies :create, sentinel_file('thor2'), :immediately - end - ruby_gem 'thor remove after' do - action :remove - package_name 'thor' - ruby new_resource.name - end - test_require('thor', 'thor_after') - - # Use bundler to test something that should always be installed. - ruby_gem 'bundler' do - ruby new_resource.name - notifies :create, sentinel_file('bundler'), :immediately - end - - # Create and install a Gemfile. - bundle1_path = ::File.join(new_resource.path, 'bundle1') - directory bundle1_path - file ::File.join(bundle1_path, 'Gemfile') do - content <<-EOH -source 'https://rubygems.org/' -gem 'hashie' -gem 'tomlrb', '1.1.0' -EOH - end - bundle1 = bundle_install bundle1_path do - ruby new_resource.name - end - test_require('hashie', bundle: bundle1) - test_require('tomlrb', bundle: bundle1) - test_require('thor', 'thor_bundle', bundle: bundle1) - - # Test for bundle exec shebang issues. - bundle2_path = ::File.join(new_resource.path, 'bundle2') - directory bundle2_path - file ::File.join(bundle2_path, 'Gemfile') do - content <<-EOH -source 'https://rubygems.org/' -gem 'unicorn' -EOH - end - file ::File.join(bundle2_path, 'Gemfile.lock') do - content <<-EOH -GEM - remote: https://rubygems.org/ - specs: - kgio (2.10.0) - rack (1.6.4) - raindrops (0.15.0) - unicorn (4.9.0) - kgio (~> 2.6) - rack - raindrops (~> 0.7) - -PLATFORMS - ruby - -DEPENDENCIES - unicorn - -BUNDLED WITH - 1.10.6 -EOH - end - bundle2 = bundle_install bundle2_path do - ruby new_resource.name - deployment true - end - # test_require('unicorn', bundle: bundle2) - ruby_execute "unicorn --version > #{::File.join(new_resource.path, "unicorn_version")}" do - ruby new_resource.name - parent_bundle bundle2 - end - end - end - - def sentinel_file(name) - file ::File.join(new_resource.path, "sentinel_#{name}") do - action :nothing - end - end - - private - - def test_version(ruby: new_resource.name) - # Only queue up this resource once, the ivar is just for tracking. - @ruby_version_test ||= file ::File.join(new_resource.path, 'ruby_version.rb') do - user 'root' - group 'root' - mode '644' - content <<-EOH -File.new(ARGV[0], 'w').write(RUBY_VERSION) -EOH - end - - ruby_execute "#{@ruby_version_test.path} #{::File.join(new_resource.path, 'version')}" do - ruby ruby if ruby - end - end - - def test_require(name, path=name, ruby: new_resource.name, bundle: nil, class_name: nil) - # Only queue up this resource once, the ivar is just for tracking. - @ruby_require_test ||= file ::File.join(new_resource.path, 'require_version.rb') do - user 'root' - group 'root' - mode '644' - content <<-EOH -require 'rubygems' -begin - require "\#{ARGV[0]}/version" - klass = ARGV[1].split('::').inject(Object) {|memo, name| memo.const_get(name) } - File.new(ARGV[2], 'w').write(klass::VERSION) -rescue LoadError -end -EOH - end - - class_name ||= Chef::Mixin::ConvertToClassName.convert_to_class_name(name) - ruby_execute "#{@ruby_require_test.path} #{name} #{class_name} #{::File.join(new_resource.path, "require_#{path}")}" do - ruby ruby if ruby - parent_bundle bundle if bundle - end - end - - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_command_mixin.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_command_mixin.rb deleted file mode 100644 index 10bc0c6..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_command_mixin.rb +++ /dev/null @@ -1,59 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils' -require 'poise_languages' - - -module PoiseRuby - # Mixin for resources and providers which run Ruby commands. - # - # @since 2.0.0 - module RubyCommandMixin - include Poise::Utils::ResourceProviderMixin - - module Resource - include PoiseLanguages::Command::Mixin::Resource(:ruby) - - # @!attribute gem_binary - # Path to the gem binary. - # @return [String] - attribute(:gem_binary, kind_of: String, default: lazy { default_gem_binary }) - - private - - # Find the default gem binary. If there is a parent use that, otherwise - # use the same logic as {PoiseRuby::RubyProviders::Base#gem_binary}. - # - # @return [String] - def default_gem_binary - if parent_ruby - parent_ruby.gem_binary - else - dir, base = ::File.split(ruby) - # If this ruby is called something weird, bail out. - raise NotImplementedError unless base.start_with?('ruby') - # Allow for names like "ruby2.0" -> "gem2.0". - ::File.join(dir, base.sub(/^ruby/, 'gem')) - end - end - end - - module Provider - include PoiseLanguages::Command::Mixin::Provider(:ruby) - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers.rb deleted file mode 100644 index 621ee56..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers.rb +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_ruby/ruby_providers/chef' -require 'poise_ruby/ruby_providers/dummy' -require 'poise_ruby/ruby_providers/scl' -require 'poise_ruby/ruby_providers/system' - - -module PoiseRuby - # Inversion providers for the ruby_runtime resource. - # - # @since 2.0.0 - module RubyProviders - Chef::Platform::ProviderPriorityMap.instance.priority(:ruby_runtime, [ - PoiseRuby::RubyProviders::Scl, - PoiseRuby::RubyProviders::System, - ]) - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/base.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/base.rb deleted file mode 100644 index 4813c73..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/base.rb +++ /dev/null @@ -1,117 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'poise' - -require 'poise_ruby/resources/ruby_gem' -require 'poise_ruby/resources/ruby_runtime' - - -module PoiseRuby - module RubyProviders - class Base < Chef::Provider - include Poise(inversion: :ruby_runtime) - - # Set default inversion options. - # - # @api private - def self.default_inversion_options(node, new_resource) - super.merge({ - bundler_version: new_resource.bundler_version, - version: new_resource.version, - }) - end - - # The `install` action for the `ruby_runtime` resource. - # - # @return [void] - def action_install - notifying_block do - install_ruby - install_bundler - end - end - - # The `uninstall` action for the `ruby_runtime` resource. - # - # @return [void] - def action_uninstall - notifying_block do - uninstall_ruby - end - end - - # The path to the `ruby` binary. - # - # @abstract - # @return [String] - def ruby_binary - raise NotImplementedError - end - - # Output property for environment variables. - # - # @return [Hash] - def ruby_environment - # No environment variables needed. Rejoice. - {} - end - - # The path to the `gem` binary. Look relative to the - # `ruby` binary for a default implementation. - # - # @return [String] - def gem_binary - dir, base = ::File.split(ruby_binary) - # If this ruby is called something weird, bail out. - raise NotImplementedError unless base.start_with?('ruby') - # Allow for names like "ruby2.0" -> "gem2.0". - ::File.join(dir, base.sub(/^ruby/, 'gem')) - end - - private - - # Install the Ruby runtime. Must be implemented by subclass. - # - # @abstract - # @return [void] - def install_ruby - end - - # Uninstall the Ruby runtime. Must be implemented by subclass. - # - # @abstract - # @return [void] - def uninstall_ruby - end - - # Install Bundler in to the Ruby runtime. - # - # @return [void] - def install_bundler - # Captured because #options conflicts with Chef::Resource::Package#options. - bundler_version = options[:bundler_version] - return unless bundler_version - ruby_gem 'bundler' do - action :upgrade if bundler_version == true - parent_ruby new_resource - version bundler_version if bundler_version.is_a?(String) - end - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/chef.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/chef.rb deleted file mode 100644 index be7ecc4..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/chef.rb +++ /dev/null @@ -1,53 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/error' -require 'poise_ruby/ruby_providers/base' - - -module PoiseRuby - module RubyProviders - # Inversion provider for the `ruby_runtime` resource to use whatever Ruby is - # currently running, generally Chef's omnibus-d Ruby. - # - # @since 2.0.0 - # @provides chef - class ChefRuby < Base - provides(:chef) - - # The `install` action for the `ruby_runtime` resource. - # - # @return [void] - def action_install - # No-op, already installed! - end - - # The `uninstall` action for the `ruby_runtime` resource. - # - # @return [void] - def action_uninstall - raise PoiseRuby::Error.new("You cannot uninstall Chef's Ruby.") - end - - # The path to the running Ruby binary as determined via RbConfig. - # - # @return [String] - def ruby_binary - Gem.ruby - end - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/dummy.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/dummy.rb deleted file mode 100644 index 0996831..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/dummy.rb +++ /dev/null @@ -1,77 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_ruby/ruby_providers/base' - - -module PoiseRuby - module RubyProviders - # Inversion provider for the `ruby_runtime` resource to use a fake Ruby, - # for use in unit tests. - # - # @since 2.1.0 - # @provides dummy - class Dummy < Base - provides(:dummy) - - def self.default_inversion_options(node, resource) - super.merge({ - # Manual overrides for dummy data. - ruby_binary: ::File.join('', 'ruby'), - ruby_environment: nil, - gem_binary: nil, - }) - end - - # The `install` action for the `ruby_runtime` resource. - # - # @return [void] - def action_install - # This space left intentionally blank. - end - - # The `uninstall` action for the `ruby_runtime` resource. - # - # @return [void] - def action_uninstall - # This space left intentionally blank. - end - - # Path to the non-existent ruby. - # - # @return [String] - def ruby_binary - options['ruby_binary'] - end - - # Environment for the non-existent Ruby. - # - # @return [String] - def ruby_environment - options['ruby_environment'] || super - end - - # Path to the non-existent gem. - # - # @return [String] - def gem_binary - options['gem_binary'] || super - end - - end - end -end - diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/scl.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/scl.rb deleted file mode 100644 index 795a9a1..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/scl.rb +++ /dev/null @@ -1,56 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages' - -require 'poise_ruby/ruby_providers/base' - - -module PoiseRuby - module RubyProviders - class Scl < Base - include PoiseLanguages::Scl::Mixin - provides(:scl) - scl_package('2.4.0', 'rh-ruby24', 'rh-ruby24-ruby-devel') - scl_package('2.3.1', 'rh-ruby23', 'rh-ruby23-ruby-devel') - scl_package('2.2.2', 'rh-ruby22', 'rh-ruby22-ruby-devel') - # On EL7, the system package is Ruby 2.0.0 and is newer than the SCL build. - scl_package('2.0.0', 'ruby200', 'ruby200-ruby-devel', '~> 6.0') - scl_package('1.9.3', 'ruby193', 'ruby193-ruby-devel') - - def ruby_binary - ::File.join(scl_folder, 'root', 'usr', 'bin', 'ruby') - end - - def ruby_environment - scl_environment - end - - private - - def install_ruby - install_scl_package - end - - def uninstall_ruby - uninstall_scl_package - end - - end - end -end - diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/system.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/system.rb deleted file mode 100644 index fb4267c..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/ruby_providers/system.rb +++ /dev/null @@ -1,116 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'poise_languages' - -require 'poise_ruby/error' -require 'poise_ruby/ruby_providers/base' - - -module PoiseRuby - module RubyProviders - class System < Base - include PoiseLanguages::System::Mixin - provides(:system) - packages('ruby', { - debian: { - '8' => %w{ruby2.1}, - '7' => %w{ruby1.9.3 ruby1.9.1 ruby1.8}, - # Debian 6 has a ruby1.9.1 package that installs 1.9.2, ignoring it for now. - '6' => %w{ruby1.8}, - }, - ubuntu: { - '16.04' => %w{ruby2.3}, - '14.04' => %w{ruby2.0 ruby1.9.3}, - '12.04' => %w{ruby1.9.3 ruby1.8}, - '10.04' => %w{ruby1.9.1 ruby1.8}, - }, - rhel: {default: %w{ruby}}, - centos: {default: %w{ruby}}, - fedora: {default: %w{ruby}}, - # Amazon Linux does actually have packages ruby18, ruby19, ruby20, ruby21. - # Ignoring for now because wooooo non-standard formatting. - amazon: {default: %w{ruby}}, - }) - - def self.default_inversion_options(node, resource) - super.merge({ - # Install a separate rubygems package? Only needed for 1.8. - rubygems_package: node['platform_family'] == 'rhel' && node['platform_version'].start_with?('6'), - }) - end - - # Output value for the Python binary we are installing. Seems to match - # package name on all platforms I've checked. - def ruby_binary - ::File.join('', 'usr', 'bin', system_package_name) - end - - private - - def install_ruby - install_system_packages - install_rubygems_package if options['rubygems_package'] - end - - def uninstall_ruby - uninstall_system_packages - end - - # Ubuntu has no ruby1.9.3-dev package. - def system_dev_package_overrides - super.tap do |overrides| - # WTF Ubuntu, seriously. - overrides['ruby1.9.3'] = 'ruby1.9.1-dev' if node.platform_family?('debian') - end - end - - # Install the configured rubygems package. - def install_rubygems_package - package (options['rubygems_package'].is_a?(String) ? options['rubygems_package'] : 'rubygems') - end - - def system_package_candidates(version) - [].tap do |names| - # Might as well try it. - names << "ruby#{version}" if version && !['', '1', '2'].include?(version) - # On debian, 1.9.1 and 1.9.3 have special packages. - if match = version.match(/^(\d+\.\d+\.\d+)/) - names << "ruby#{match[1]}" - end - # Normal debian package like ruby2.0. - if match = version.match(/^(\d+\.\d+)/) - names << "ruby#{match[1]}" - end - # Aliases for ruby1 and ruby2 - if version == '2' || version == '' - # 2.3 is on there for future proofing. Well, at least giving me a - # buffer zone. - names.concat(%w{ruby2.3 ruby2.2 ruby2.1 ruby2.0}) - end - if version == '1' || version == '' - names.concat(%w{ruby1.9.3 ruby1.9 ruby1.8}) - end - # For RHEL and friends. - names << 'ruby' - names.uniq! - end - end - - end - end -end diff --git a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/version.rb b/cookbooks/poise-ruby/files/halite_gem/poise_ruby/version.rb deleted file mode 100644 index 6101a09..0000000 --- a/cookbooks/poise-ruby/files/halite_gem/poise_ruby/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseRuby - VERSION = '2.4.0' -end diff --git a/cookbooks/poise-ruby/libraries/default.rb b/cookbooks/poise-ruby/libraries/default.rb deleted file mode 100644 index e31c91f..0000000 --- a/cookbooks/poise-ruby/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_ruby/cheftie" diff --git a/cookbooks/poise-ruby/metadata.json b/cookbooks/poise-ruby/metadata.json deleted file mode 100644 index 10a7467..0000000 --- a/cookbooks/poise-ruby/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-ruby","version":"2.4.0","description":"A Chef cookbook for managing Ruby installations.","long_description":"# Poise-Ruby Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-ruby.svg)](https://travis-ci.org/poise/poise-ruby)\n[![Gem Version](https://img.shields.io/gem/v/poise-ruby.svg)](https://rubygems.org/gems/poise-ruby)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-ruby.svg)](https://supermarket.chef.io/cookbooks/poise-ruby)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-ruby.svg)](https://codecov.io/github/poise/poise-ruby)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-ruby.svg)](https://gemnasium.com/poise/poise-ruby)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to provide a unified interface for\ninstalling Ruby and running things with it. This README covers the 2.x version\nof the cookbook, the 1.x version is very different and no longer supported.\n\n## Quick Start\n\nTo install the latest available version of Ruby 2.x and then use it to install\nsome gems:\n\n```ruby\nruby_runtime '2'\n\nruby_gem 'rake'\n\nbundle_install '/path/to/Gemfile' do\n without 'development'\n deployment true\nend\n```\n\n## Requirements\n\nChef 12.1 or newer is required.\n\n## Attributes\n\nAttributes are used to configure the default recipe.\n\n* `node['poise-ruby']['install_ruby']` – Install a Ruby runtime. *(default: true)*\n* `node['poise-ruby']['install_chef_ruby']` – Create a `ruby_runtime` using\n the `:chef` provider. Doesn't actually install anything. *(default: true)*\n\n## Recipes\n\n### `default`\n\nThe default recipe installs Ruby based on the node attributes. It is entirely\noptional and can be ignored in favor of direct use of the `ruby_runtime`\nresource.\n\n## Resources\n\n### `ruby_runtime`\n\nThe `ruby_runtime` resource installs a Ruby interpreter.\n\n```ruby\nruby_runtime 'any' do\n version ''\nend\n```\n\n#### Actions\n\n* `:install` – Install the Ruby interpreter. *(default)*\n* `:uninstall` – Uninstall the Ruby interpreter.\n\n#### Properties\n\n* `version` – Version of Ruby to install. If a partial version is given, use the\n latest available version matching that prefix. *(name properties)*\n\n#### Provider Options\n\nThe `poise-ruby` library offers an additional way to pass configuration\ninformation to the final provider called \"options\". Options are key/value pairs\nthat are passed down to the ruby_runtime provider and can be used to control how it\ninstalls Ruby. These can be set in the `ruby_runtime`\nresource using the `options` method, in node attributes or via the\n`ruby_runtime_options` resource. The options from all sources are merged\ntogether in to a single hash.\n\nWhen setting options in the resource you can either set them for all providers:\n\n```ruby\nruby_runtime 'myapp' do\n version '2.1'\n options dev_package: false\nend\n```\n\nor for a single provider:\n\n```ruby\nruby_runtime 'myapp' do\n version '2.1'\n options :system, dev_package: false\nend\n```\n\nSetting via node attributes is generally how an end-user or application cookbook\nwill set options to customize installations in the library cookbooks they are using.\nYou can set options for all installations or for a single runtime:\n\n```ruby\n# Global, for all installations.\noverride['poise-ruby']['options']['dev_package'] = false\n# Single installation.\noverride['poise-ruby']['myapp']['version'] = '2.2'\n```\n\nThe `ruby_runtime_options` resource is also available to set node attributes\nfor a specific installation in a DSL-friendly way:\n\n```ruby\nruby_runtime_options 'myapp' do\n version '2.2'\nend\n```\n\nUnlike resource attributes, provider options can be different for each provider.\nNot all providers support the same options so make sure to the check the\ndocumentation for each provider to see what options the use.\n\n### `ruby_runtime_options`\n\nThe `ruby_runtime_options` resource allows setting provider options in a\nDSL-friendly way. See [the Provider Options](#provider-options) section for more\ninformation about provider options overall.\n\n```ruby\nruby_runtime_options 'myapp' do\n version '2.2'\nend\n```\n\n#### Actions\n\n* `:run` – Apply the provider options. *(default)*\n\n#### Properties\n\n* `resource` – Name of the `ruby_runtime` resource. *(name property)*\n* `for_provider` – Provider to set options for.\n\nAll other property keys will be used as options data.\n\n### `ruby_execute`\n\nThe `ruby_execute` resource executes a Ruby script using the configured runtime.\n\n```ruby\nruby_execute 'myapp.rb' do\n user 'myuser'\nend\n```\n\nThis uses the built-in `execute` resource and supports all the same properties.\n\n#### Actions\n\n* `:run` – Execute the script. *(default)*\n\n#### Properties\n\n* `command` – Script and arguments to run. Must not include the `ruby`. *(name property)*\n* `ruby` – Name of the `ruby_runtime` resource to use. If not specified, the\n most recently declared `ruby_runtime` will be used.\n\nFor other properties see the [Chef documentation](https://docs.chef.io/resource_execute.html#attributes).\n\n### `ruby_gem`\n\nThe `ruby_gem` resource is a subclass of the standard `gem_package` resource to\ninstall the gem with the configured runtime.\n\n```ruby\nruby_gem 'rake' do\n version ' 10.4.2'\nend\n```\n\nAll actions and attributes match the standard `gem_package` resource with the\naddition of a `ruby` attribute matching `ruby_execute`.\n\n### `bundle_install`\n\nThe `bundle_install` resource installs gems based on a Gemfile using\n[bundler](http://bundler.io/).\n\n```ruby\nbundle_install '/path/to/Gemfile' do\n deployment true\n jobs 3\nend\n```\n\nThe underlying `bundle` command will run on every converge, but notifications\nwill only be triggered if a gem is actually installed.\n\n#### Actions\n\n* `:install` – Run `bundle install`. *(default)*\n* `:update` – Run `bundle update`.\n\n#### Properties\n\n* `path` – Path to a Gemfile or a directory containing a Gemfile. *(name property)*\n* `binstubs` – Enable binstubs. If set to a string it is the path to generate\n stubs in.\n* `bundler_version` – Version of bundler to install. If unset the latest version is used.\n* `deployment` – Enable deployment mode.\n* `gem_binary` – Path to the gem binary. If unset this uses the `ruby_runtime` parent.\n* `jobs` – Number of parallel installations to run.\n* `retry` – Number of times to retry failed installations.\n* `ruby` – Name of the `ruby_runtime` resource to execute against.\n* `user` – User to run bundler as.\n* `vendor` – Enable local vendoring. This maps to the `--path` option in bundler,\n but that attribute name is already used.\n* `without` – Group or groups to not install.\n\n## Ruby Providers\n\n### `system`\n\nThe `system` provider installs Ruby using system packages. This is currently\nonly tested on platforms using `apt-get` and `yum` (Debian, Ubuntu, RHEL, CentOS\nAmazon Linux, and Fedora) and is the default provider on those platforms. It\nmay work on other platforms but is untested.\n\n```ruby\nruby_runtime 'myapp' do\n provider :system\n version '2.1'\nend\n```\n\n#### Options\n\n* `dev_package` – Install the package with the headers and other development\n files. *(default: true)*\n* `rubygems_package` – Install rubygems from a package. This is only needed for\n Ruby 1.8. *(default: true on RHEL 6)*\n* `package_name` – Override auto-detection of the package name.\n* `package_upgrade` – Install using action `:upgrade`. *(default: false)*\n* `package_version` – Override auto-detection of the package version.\n* `version` – Override the Ruby version.\n\n### `scl`\n\nThe `scl` provider installs Ruby using the [Software Collections](https://www.softwarecollections.org/)\npackages. This is only available on RHEL and CentOS. SCL offers more\nrecent versions of Ruby than the system packages for the most part. If an SCL\npackage exists for the requested version, it will be used in preference to the\n`system` provider.\n\n```ruby\nruby_runtime 'myapp' do\n provider :scl\n version '2.2'\nend\n```\n\n### `chef`\n\nThe `chef` provider uses the Ruby environment included in the Omnibus packages.\nGreat care should be taken when using this provider.\n\n```ruby\nruby_runtime 'myapp' do\n provider :chef\n version '2.1'\nend\n```\n\n#### Options\n\n* `version` – Override the Ruby version.\n\n### `ruby_build`\n\nThe `ruby_build` provider uses [ruby-build](https://github.com/sstephenson/ruby-build)\nto compile and install Ruby. It can be found in the\n[poise-ruby-build cookbook](https://github.com/poise/poise-ruby-build).\n\n## Sponsors\n\nDevelopment sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2017, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","centos":">= 0.0.0","redhat":">= 0.0.0","fedora":">= 0.0.0","amazon":">= 0.0.0"},"dependencies":{"poise":"~> 2.0","poise-languages":"~> 2.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-ruby","issues_url":"https://github.com/poise/poise-ruby/issues","chef_version":[["< 15",">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-ruby/recipes/default.rb b/cookbooks/poise-ruby/recipes/default.rb deleted file mode 100644 index c01a91f..0000000 --- a/cookbooks/poise-ruby/recipes/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2017, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Default runtimes, last one will be the default. -ruby_runtime('chef') { provider :chef } if node['poise-ruby']['install_chef_ruby'] -ruby_runtime('ruby') { version '' } if node['poise-ruby']['install_ruby'] diff --git a/cookbooks/poise-service/CHANGELOG.md b/cookbooks/poise-service/CHANGELOG.md deleted file mode 100644 index 8f0fa43..0000000 --- a/cookbooks/poise-service/CHANGELOG.md +++ /dev/null @@ -1,92 +0,0 @@ -# Poise-Service Changelog - -## v1.5.2 - -* Set `declared_type` on the mixin-created `poise_service` resource so it works - correctly with ChefSpec. - -## v1.5.1 - -* Fix the `sysvinit` provider on Amazon Linux under Chef 13. - -## v1.5.0 - -* Added `never_start` and `never_stop` provider options to prevent Chef from starting - or stopping a service. -* Automatically reload systemd when removing a service if auto_reload is enabled. -* Improved dummy provider, records process output to `/var/run/service_name.out` - and a `restart_delay` provider option to the dummy provider to wait between - stopping and starting. - -## v1.4.2 - -* Fix the `noterm` test service to work on Ruby 2.3. - -## v1.4.1 - -* Fix `poise_service_user` on Solaris and make it closer to being usable on Windows. - -## v1.4.0 - -* [#31](https://github.com/poise/poise-service/pull/31) Add `shell` property to - `poise_service_user` resource. - -## v1.3.1 - -* [#25](https://github.com/poise/poise-service/pull/25) Cope with a service user - with an invalid home directory. -* Use the correct default cookbook for `service_template` when used with additional plugins. - -## v1.3.0 - -* Allow setting `pid_file_external false` as a provider option for the `sysvinit` - provider to have non-standard path but keep the internal handling. -* Improved quoting for environment variables in the `inittab` provider. - -## v1.2.1 - -* [#23](https://github.com/poise/poise-service/pull/23) Fix service templates on AIX and FreeBSD to use the correct root group. - -## v1.2.0 - -* The `Restart` mode for systemd services can now be controlled via provider - option and defaults to `on-failure` to match other providers. - -## v1.1.2 - -* [#22](https://github.com/poise/poise-service/pull/22) Set all script commands - for the `sysvinit` provider. This should fix compatibility with EL5. - -## v1.1.1 - -* Fix an incorrect value in `poise_service_test`. This is not relevant to - end-users of `poise-service`. - -## v1.1.0 - -* Added `inittab` provider to manage services using old-fashioned `/etc/inittab`. - -## v1.0.4 - -* Set GID correctly in all service providers. -* Allow overriding the path to the generated sysvinit script. - -## v1.0.3 - -* [#10](https://github.com/poise/poise-service/pull/10) Fixes for ensuring services are restarted when their command or user changes. -* [#11](https://github.com/poise/poise-service/pull/11) Revamp the `sysvinit` provider for non-Debian platforms to be more stable. -* [#12](https://github.com/poise/poise-service/pull/12) Improve the `dummy` provider to handle dropping privs correctly. - -## v1.0.2 - -* Fix a potential infinite loop when starting a service with the dummy provider. -* [#2](https://github.com/poise/poise-service/pull/2) Remove usage of root - default files so uploading with Berkshelf works (for now). - -## v1.0.1 - -* Don't use a shared, mutable default value for `#environment`. - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise-service/README.md b/cookbooks/poise-service/README.md deleted file mode 100644 index a9e9947..0000000 --- a/cookbooks/poise-service/README.md +++ /dev/null @@ -1,448 +0,0 @@ -# Poise-Service Cookbook - -[![Build Status](https://img.shields.io/travis/poise/poise-service.svg)](https://travis-ci.org/poise/poise-service) -[![Gem Version](https://img.shields.io/gem/v/poise-service.svg)](https://rubygems.org/gems/poise-service) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise-service.svg)](https://supermarket.chef.io/cookbooks/poise-service) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-service.svg)](https://codecov.io/github/poise/poise-service) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-service.svg)](https://gemnasium.com/poise/poise-service) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -A [Chef](https://www.chef.io/) cookbook to provide a unified interface for -services. - -### What is poise-service? - -Poise-service is a tool for developers of "library cookbooks" to define a -service without forcing the end-user of the library to adhere to their choice of -service management framework. The `poise_service` resource represents an -abstract service to be run, which can then be customized by node attributes and -the `poise_service_options` resource. This is a technique called [dependency -injection](https://en.wikipedia.org/wiki/Dependency_injection), and allows a -measure of decoupling between the library and application cookbooks. - -### Why would I use poise-service? - -Poise-service is most useful for authors of library-style cookbooks, for example -the `apache2`, `mysql`, or `application` cookbooks. When using other service -management options with Chef, the author of the library cookbook has to add -specific code for each service management framework they want to support, often -resulting in a cookbook only supporting the favorite framework of the author or -depending on distribution packages for their init scripts. The `poise_service` -resource allows library cookbook authors a way to write generic code for all -service management frameworks while still allowing users of that cookbook to -choose which service management framework best fits their needs. - -### How is this different from the built-in service resource? - -Chef includes a `service` resource which allows interacting with certain -service management frameworks such as SysV, Upstart, and systemd. -`poise-service` goes further in that it actually generates the configuration -files needed for the requested service management framework, as well as offering -a dependency injection system for application cookbooks to customize which -framework is used. - -### What service management frameworks are supported? - -* [SysV (aka /etc/init.d)](#sysvinit) -* [Upstart](#upstart) -* [systemd](#systemd) -* [Inittab](#inittab) -* [Runit](https://github.com/poise/poise-service-runit) -* [Monit](https://github.com/poise/poise-monit#service-provider) -* [Solaris](https://github.com/sh9189/poise-service-solaris) -* [AIX](https://github.com/johnbellone/poise-service-aix) -* *Supervisor (coming soon!)* - - -## Quick Start - -To create a service user and a service to run Apache2: - -```ruby -poise_service_user 'www-data' - -poise_service 'apache2' do - command '/usr/sbin/apache2 -f /etc/apache2/apache2.conf -DFOREGROUND' - stop_signal 'WINCH' - reload_signal 'USR1' -end -``` - -or for a hypothetical Rails web application: - -```ruby -poise_service_user 'myapp' - -poise_service 'myapp-web' do - command 'bundle exec unicorn -p 8080' - user 'myapp' - directory '/srv/myapp' - environment RAILS_ENV: 'production' -end -``` - -## Resources - -### `poise_service` - -The `poise_service` resource is the abstract definition of a service. - -```ruby -poise_service 'myapp' do - command 'myapp --serve' - environment RAILS_ENV: 'production' -end -``` - -#### Actions - -* `:enable` – Create, enable and start the service. *(default)* -* `:disable` – Stop, disable, and destroy the service. -* `:start` – Start the service. -* `:stop` – Stop the service. -* `:restart` – Stop and then start the service. -* `:reload` – Send the configured reload signal to the service. - -#### Attributes - -* `service_name` – Name of the service. *(name attribute)* -* `command` – Command to run for the service. This command must stay in the - foreground and not daemonize itself. *(required)* -* `user` – User to run the service as. See - [`poise_service_user`](#poise_service_user) for any easy way to create service - users. *(default: root)* -* `directory` – Working directory for the service. *(default: home directory for - user, or / if not found)* -* `environment` – Environment variables for the service. -* `stop_signal` – Signal to use to stop the service. Some systems will fall back - to SIGKILL if this signal fails to stop the process. *(default: TERM)* -* `reload_signal` – Signal to use to reload the service. *(default: HUP)* -* `restart_on_update` – If true, the service will be restarted if the service - definition or configuration changes. If `'immediately'`, the notification will - happen in immediate mode. *(default: true)* - -#### Service Options - -The `poise-service` library offers an additional way to pass configuration -information to the final service called "options". Options are key/value pairs -that are passed down to the service provider and can be used to control how it -creates and manages the service. These can be set in the `poise_service` -resource using the `options` method, in node attributes or via the -`poise_service_options` resource. The options from all sources are merged -together in to a single hash. - -When setting options in the resource you can either set them for all providers: - -```ruby -poise_service 'myapp' do - command 'myapp --serve' - options status_port: 8000 -end -``` - -or for a single provider: - -```ruby -poise_service 'myapp' do - command 'myapp --serve' - options :systemd, after_target: 'network' -end -``` - -Setting via node attributes is generally how an end-user or application cookbook -will set options to customize services in the library cookbooks they are using. -You can set options for all services or for a single service, by service name -or by resource name: - -```ruby -# Global, for all services. -override['poise-service']['options']['after_target'] = 'network' -# Single service. -override['poise-service']['myapp']['template'] = 'myapp.erb' -``` - -The `poise_service_options` resource is also available to set node attributes -for a specific service in a DSL-friendly way: - -```ruby -poise_service_options 'myapp' do - template 'myapp.erb' - restart_on_update false -end -``` - -Unlike resource attributes, service options can be different for each provider. -Not all providers support the same options so make sure to check the -documentation for each provider to see what options are available. - -### `poise_service_options` - -The `poise_service_options` resource allows setting per-service options in a -DSL-friendly way. See [the Service Options](#service-options) section for more -information about service options overall. - -```ruby -poise_service_options 'myapp' do - template 'myapp.erb' - restart_on_update false -end -``` - -#### Actions - -* `:run` – Apply the service options. *(default)* - -#### Attributes - -* `resource` – Name of the service. *(name attribute)* -* `for_provider` – Provider to set options for. - -All other attribute keys will be used as options data. - -### `poise_service_user` - -The `poise_service_user` resource is an easy way to create service users. It is -not required to use `poise_service`, it is only a helper. - -```ruby -poise_service_user 'myapp' do - home '/srv/myapp' -end -``` - -#### Actions - -* `:create` – Create the user and group. *(default)* -* `:remove` – Remove the user and group. - -#### Attributes - -* `user` – Name of the user. *(name attribute)* -* `group` – Name of the group. Set to `false` to disable group creation. *(name attribute)* -* `uid` – UID of the user. *(default: automatic)* -* `gid` – GID of the group. *(default: automatic)* -* `home` – Home directory of the user. -* `shell` – Shell of the user. *(default: /bin/nologin if present or /bin/false)* - -## Providers - -### `sysvinit` - -The `sysvinit` provider supports SystemV-style init systems on Debian-family and -RHEL-family platforms. It will create the `/etc/init.d/` script -and enable/disable the service using the platform-specific service resource. - -```ruby -poise_service 'myapp' do - provider :sysvinit - command 'myapp --serve' -end -``` - -By default a PID file will be created in `/var/run/service_name.pid`. You can -use the `pid_file` option detailed below to override this and rely on your -process creating a PID file in the given path. - -#### Options - -* `pid_file` – Path to PID file that the service command will create. -* `pid_file_external` – If true, assume the service will create the PID file - itself. *(default: true if `pid_file` option is set)* -* `template` – Override the default script template. If you want to use a - template in a different cookbook use `'cookbook:template'`. -* `command` – Override the service command. -* `directory` – Override the service directory. -* `environment` – Override the service environment variables. -* `reload_signal` – Override the service reload signal. -* `stop_signal` – Override the service stop signal. -* `user` – Override the service user. -* `never_start` – Never try to start the service. -* `never_stop` – Never try to stop the service. -* `never_restart` – Never try to restart the service. -* `never_reload` – Never try to reload the service. -* `script_path` – Override the path to the generated service script. - -### `upstart` - -The `upstart` provider supports [Upstart](http://upstart.ubuntu.com/). It will -create the `/etc/init/service_name.conf` configuration. - -```ruby -poise_service 'myapp' do - provider :upstart - command 'myapp --serve' -end -``` - -As a wide variety of versions of Upstart are in use in various Linux -distributions, the provider does its best to identify which features are -available and provide shims as appropriate. Most of these should be invisible -however Upstart older than 1.10 does not support setting a `reload signal` so -only SIGHUP can be used. You can set a `reload_shim` option to enable an -internal implementaion of reloading to be used for signals other than SIGHUP, -however as this is implemented inside Chef code, running `initctl reload` would -still result in SIGHUP being sent. For this reason, the feature is disabled by -default and will throw an error if a reload signal other than SIGHUP is used. - -#### Options - -* `reload_shim` – Enable the reload signal shim. See above for a warning about - this feature. -* `template` – Override the default configuration template. If you want to use a - template in a different cookbook use `'cookbook:template'`. -* `command` – Override the service command. -* `directory` – Override the service directory. -* `environment` – Override the service environment variables. -* `reload_signal` – Override the service reload signal. -* `stop_signal` – Override the service stop signal. -* `user` – Override the service user. -* `never_start` – Never try to start the service. -* `never_stop` – Never try to stop the service. -* `never_restart` – Never try to restart the service. -* `never_reload` – Never try to reload the service. - -### `systemd` - -The `systemd` provider supports [systemd](http://www.freedesktop.org/wiki/Software/systemd/). -It will create the `/etc/systemd/system/service_name.service` configuration. - - -```ruby -poise_service 'myapp' do - provider :systemd - command 'myapp --serve' -end -``` - -#### Options - -* `template` – Override the default configuration template. If you want to use a - template in a different cookbook use `'cookbook:template'`. -* `command` – Override the service command. -* `directory` – Override the service directory. -* `environment` – Override the service environment variables. -* `reload_signal` – Override the service reload signal. -* `stop_signal` – Override the service stop signal. -* `user` – Override the service user. -* `never_start` – Never try to start the service. -* `never_stop` – Never try to stop the service. -* `never_restart` – Never try to restart the service. -* `never_reload` – Never try to reload the service. -* `auto_reload` – Run `systemctl daemon-reload` after changes to the unit file. *(default: true)* -* `restart_mode` – Restart mode for the generated service unit. *(default: on-failure)* - -### `inittab` - -The `inittab` provider supports managing services via `/etc/inittab` using -[SystemV Init](http://www.nongnu.org/sysvinit/). This can provide basic -process supervision even on very old *nix machines. - -```ruby -poise_service 'myapp' do - provider :inittab - command 'myapp --serve' -end -``` - -**NOTE:** Inittab does not allow stopping services, and they are started as soon -as they are enabled. - -#### Options - -* `never_start` – Never try to start the service. -* `never_stop` – Never try to stop the service. -* `never_restart` – Never try to restart the service. -* `never_reload` – Never try to reload the service. -* `pid_file` – Path to PID file that the service command will create. -* `service_id` – Unique 1-4 character tag for the service. Defaults to an - auto-generated hash based on the service name. If these collide, bad things - happen. Don't do that. - -### `dummy` - -The `dummy` provider supports launching services directly from Chef itself. -This is for testing purposes only and is entirely unsuitable for use in -production. This is mostly useful when used alongside kitchen-docker. - -```ruby -poise_service 'myapp' do - provider :dummy - command 'myapp --serve' -end -``` - -The service information is written to `/var/run`. The PID file is `service_name.pid`, -the command output is `service_name.out`, and the service parameters are in -`service_name.json`. - -#### Options - -* `never_start` – Never try to start the service. -* `never_stop` – Never try to stop the service. -* `never_restart` – Never try to restart the service. -* `never_reload` – Never try to reload the service. -* `restart_delay` – Number of seconds to wait between stop and start when - restarting. *(default: 1)* - -## ServiceMixin - -For the common case of a resource (LWRP or plain Ruby) that roughly maps to -"some config files and a service" poise-service provides a mixin module, -`PoiseService::ServiceMixin`. This mixin adds the standard service actions -(`enable`, `disable`, `start`, `stop`, `restart`, and `reload`) with basic -implementations that call those actions on a `poise_service` resource for you. -You customize the service by defining a `service_options` method on your -provider class: - -```ruby -def service_options(service) - # service is the PoiseService::Resource object instance. - service.command "/usr/sbin/#{new_resource.name} -f /etc/#{new_resource.name}/conf/httpd.conf -DFOREGROUND" - service.stop_signal 'WINCH' - service.reload_signal 'USR1' -end -``` - -You will generally want to override the `enable` action to install things -related to the service like packages, users and configuration files: - -```ruby -def action_enable - notifying_block do - package 'apache2' - poise_service_user 'www-data' - template "/etc/#{new_resource.name}/conf/httpd.conf" do - # ... - end - end - # This super call will run the normal service enable, - # creating the service and starting it. - super -end -``` - -See [the poise_service_test_mixin resource](test/cookbooks/poise-service_test/resources/mixin.rb) -and [provider](test/cookbooks/poise-service_test/providers/mixin.rb) for -examples of using `ServiceMixin` in an LWRP. - -## Sponsors - -Development sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/). - -The Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/). - -## License - -Copyright 2015-2016, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise-service/attributes/default.rb b/cookbooks/poise-service/attributes/default.rb deleted file mode 100644 index 2e8490d..0000000 --- a/cookbooks/poise-service/attributes/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -default['poise-service']['provider'] = 'auto' - -default['poise-service']['options'] = {} diff --git a/cookbooks/poise-service/files/halite_gem/poise_service.rb b/cookbooks/poise-service/files/halite_gem/poise_service.rb deleted file mode 100644 index ad2ec60..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseService - autoload :Error, 'poise_service/error' - autoload :Resources, 'poise_service/resources' - autoload :ServiceMixin, 'poise_service/service_mixin' - autoload :ServiceProviders, 'poise_service/service_providers' - autoload :Utils, 'poise_service/utils' - autoload :VERSION, 'poise_service/version' -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/cheftie.rb b/cookbooks/poise-service/files/halite_gem/poise_service/cheftie.rb deleted file mode 100644 index 31d59db..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/cheftie.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_service/resources' -require 'poise_service/service_providers' diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/error.rb b/cookbooks/poise-service/files/halite_gem/poise_service/error.rb deleted file mode 100644 index 5029795..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/error.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -module PoiseService - class Error < ::Exception - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/resources.rb b/cookbooks/poise-service/files/halite_gem/poise_service/resources.rb deleted file mode 100644 index b0e1ddb..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/resources.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_service/resources/poise_service' -require 'poise_service/resources/poise_service_user' - - -module PoiseService - # Chef resources and providers for poise-service. - # - # @since 1.0.0 - module Resources - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service.rb b/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service.rb deleted file mode 100644 index 157a584..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service.rb +++ /dev/null @@ -1,165 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'etc' - -require 'chef/mash' -require 'chef/resource' -require 'poise' - -require 'poise_service/error' - - -module PoiseService - module Resources - # (see PoiseService::Resource) - module PoiseService - # `poise_service` resource. Provides a unified service interface with a - # dependency injection framework. - # - # @since 1.0.0 - # @provides poise_service - # @action enable - # @action disable - # @action start - # @action stop - # @action restart - # @action reload - # @example - # poise_service 'myapp' do - # command 'myapp --serve' - # user 'myuser' - # directory '/home/myapp' - # end - class Resource < Chef::Resource - include Poise(inversion: true) - provides(:poise_service) - actions(:enable, :disable, :start, :stop, :restart, :reload) - - # @!attribute service_name - # Name of the service to the underlying init system. Defaults to the name - # of the resource. - # @return [String] - attribute(:service_name, kind_of: String, name_attribute: true) - # @!attribute command - # Command to run inside the service. This command must remain in the - # foreground and not daemoinize itself. - # @return [String] - attribute(:command, kind_of: String, required: true) - # @!attribute user - # User to run the service as. See {UserResource} for an easy way to - # create service users. Defaults to root. - # @return [String] - attribute(:user, kind_of: String, default: 'root') - # @!attribute directory - # Working directory for the service. Defaults to the home directory of - # the configured user or / if not found. - # @return [String] - attribute(:directory, kind_of: String, default: lazy { default_directory }) - # @!attribute environment - # Environment variables for the service. - # @return [Hash] - attribute(:environment, kind_of: Hash, default: lazy { Mash.new }) - # @!attribute stop_signal - # Signal to use to stop the service. Some systems will fall back to - # KILL if this signal fails to stop the process. Defaults to TERM. - # @return [String, Symbol, Integer] - attribute(:stop_signal, kind_of: [String, Symbol, Integer], default: 'TERM') - # @!attribute reload_signal - # Signal to use to reload the service. Defaults to HUP. - # @return [String, Symbol, Integer] - attribute(:reload_signal, kind_of: [String, Symbol, Integer], default: 'HUP') - # @!attribute restart_on_update - # If true, the service will be restarted if the service definition or - # configuration changes. If 'immediately', the notification will happen - # in immediate mode. - # @return [Boolean, String] - attribute(:restart_on_update, equal_to: [true, false, 'immediately', :immediately], default: true) - - # Resource DSL callback. - # - # @api private - def after_created - # Set signals to clean values. - stop_signal(clean_signal(stop_signal)) - reload_signal(clean_signal(reload_signal)) - end - - # Return the PID of the main process for this service or nil if the service - # isn't running or the PID cannot be found. - # - # @return [Integer, nil] - # @example - # execute "kill -WINCH #{resources('poise_test[myapp]').pid}" - def pid - # :pid isn't a real action, but this should still work. - provider_for_action(:pid).pid - end - - private - - # Try to find the home diretory for the configured user. This will fail if - # nsswitch.conf was changed during this run such as with LDAP. Defaults to - # the system root directory. - # - # @see #directory - # @return [String] - def default_directory - # Default fallback. - sysroot = case node['platform_family'] - when 'windows' - ENV.fetch('SystemRoot', 'C:\\') - else - '/' - end - # For root we always want the system root path. - return sysroot if user == 'root' - # Force a reload in case any users were created earlier in the run. - Etc.endpwent - # ArgumentError means we can't find the user, possibly nsswitch caching? - home = begin - Dir.home(user) - rescue ArgumentError - sysroot - end - # If the home doesn't exist or is empty, use sysroot. - home = sysroot if home.empty? || !::File.directory?(home) - home - end - - # Clean up a signal string/integer. Ints are mapped to the signal name, - # and strings are reformatted to upper case and without the SIG. - # - # @see #stop_signal - # @param signal [String, Symbol, Integer] Signal value to clean. - # @return [String] - def clean_signal(signal) - if signal.is_a?(Integer) - raise Error.new("Unknown signal #{signal}") unless (0..31).include?(signal) - Signal.signame(signal) - else - short_sig = signal.to_s.upcase - short_sig = short_sig[3..-1] if short_sig.start_with?('SIG') - raise Error.new("Unknown signal #{signal}") unless Signal.list.include?(short_sig) - short_sig - end - end - - # Providers can be found under service_providers/. - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_test.rb b/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_test.rb deleted file mode 100644 index 393ae21..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_test.rb +++ /dev/null @@ -1,240 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseService - module Resources - # (see PoiseServiceTest::Resource) - module PoiseServiceTest - # A `poise_service_test` resource for integration testing service providers. - # This is used in Test-Kitchen tests to ensure all providers behave - # similarly. - # - # @since 1.0.0 - # @provides poise_service_test - # @action run - # @example - # poise_service_test 'upstart' do - # service_provider :upstart - # base_port 5000 - # end - class Resource < Chef::Resource - include Poise - provides(:poise_service_test) - actions(:run) - - # @!attribute service_provider - # Service provider to set for the test group. - # @return [Symbol] - attribute(:service_provider, kind_of: Symbol) - # @!attribute service_options - # Service options to set for the test group. - # @return [Hash, nil] - attribute(:service_options, kind_of: [Hash, NilClass]) - # @!attribute base_port - # Port number to start from for the test group. - # @return [Integer] - attribute(:base_port, kind_of: Integer) - end - - # Provider for `poise_service_test`. - # - # @see Resource - # @provides poise_service_test - class Provider < Chef::Provider - include Poise - provides(:poise_service_test) - - SERVICE_SCRIPT = <<-EOH -require 'webrick' -require 'json' -require 'etc' -FILE_DATA = '' -server = WEBrick::HTTPServer.new(Port: ARGV[0].to_i) -server.mount_proc '/' do |req, res| - res.body = { - directory: Dir.getwd, - user: Etc.getpwuid(Process.uid).name, - euser: Etc.getpwuid(Process.euid).name, - group: Etc.getgrgid(Process.gid).name, - egroup: Etc.getgrgid(Process.egid).name, - environment: ENV.to_hash, - file_data: FILE_DATA, - pid: Process.pid, - }.to_json -end -EOH - - # `run` action for `poise_service_test`. Create all test services. - # - # @return [void] - def action_run - notifying_block do - create_script - create_noterm_script - create_user - create_tests - end - end - - private - - def create_script - file '/usr/bin/poise_test' do - owner 'root' - group 'root' - mode '755' - content <<-EOH -#!/opt/chef/embedded/bin/ruby -#{SERVICE_SCRIPT} -def load_file - FILE_DATA.replace(IO.read(ARGV[1])) -end -if ARGV[1] - load_file - trap('HUP') do - load_file - end -end -server.start -EOH - end - end - - def create_noterm_script - file '/usr/bin/poise_test_noterm' do - owner 'root' - group 'root' - mode '755' - content <<-EOH -#!/opt/chef/embedded/bin/ruby -trap('HUP', 'IGNORE') -trap('TERM', 'IGNORE') -#{SERVICE_SCRIPT} -while true - begin - server.start - rescue Exception - rescue StandardError - end -end -EOH - end - end - - def create_user - poise_service_user 'poise' do - home '/tmp' - end - end - - def create_tests - poise_service "poise_test_#{new_resource.name}" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - command "/usr/bin/poise_test #{new_resource.base_port}" - end - - poise_service "poise_test_#{new_resource.name}_params" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - command "/usr/bin/poise_test #{new_resource.base_port + 1}" - environment POISE_ENV: new_resource.name - user 'poise' - end - - poise_service "poise_test_#{new_resource.name}_noterm" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - action [:enable, :disable] - command "/usr/bin/poise_test_noterm #{new_resource.base_port + 2}" - stop_signal 'kill' - end - - {'restart' => 3, 'reload' => 4}.each do |action, port| - # Stop it before writing the file so we always start with first. - poise_service "poise_test_#{new_resource.name}_#{action} stop" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - action(:disable) - service_name "poise_test_#{new_resource.name}_#{action}" - end - - # Write the content to the read on service launch. - file "/etc/poise_test_#{new_resource.name}_#{action}" do - content 'first' - end - - # Launch the service, reading in first. - poise_service "poise_test_#{new_resource.name}_#{action}" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - command "/usr/bin/poise_test #{new_resource.base_port + port} /etc/poise_test_#{new_resource.name}_#{action}" - end - - # Rewrite the file to second, restart/reload to trigger an update. - file "/etc/poise_test_#{new_resource.name}_#{action} again" do - path "/etc/poise_test_#{new_resource.name}_#{action}" - content 'second' - notifies action.to_sym, "poise_service[poise_test_#{new_resource.name}_#{action}]" - end - end - - # Test the #pid accessor. - ruby_block "/tmp/poise_test_#{new_resource.name}_pid" do - block do - pid = resources("poise_service[poise_test_#{new_resource.name}]").pid - IO.write("/tmp/poise_test_#{new_resource.name}_pid", pid.to_s) - end - end - - # Test changing the service definition itself. - poise_service "poise_test_#{new_resource.name}_change" do - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - command "/usr/bin/poise_test #{new_resource.base_port + 5}" - end - - poise_service "poise_test_#{new_resource.name}_change_second" do - service_name "poise_test_#{new_resource.name}_change" - if new_resource.service_provider - provider new_resource.service_provider - options new_resource.service_provider, new_resource.service_options if new_resource.service_options - end - command "/usr/bin/poise_test #{new_resource.base_port + 6}" - end - - end - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_user.rb b/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_user.rb deleted file mode 100644 index 6d4eac4..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/resources/poise_service_user.rb +++ /dev/null @@ -1,186 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/provider' -require 'poise' - - -module PoiseService - module Resources - # (see PoiseServiceUser::Resource) - # @since 1.0.0 - module PoiseServiceUser - # Shells to look for in order. - # @api private - DEFAULT_SHELLS = %w{/bin/nologin /usr/bin/nologin /bin/false} - - # A `poise_service_user` resource to create service users/groups. - # - # @since 1.0.0 - # @provides poise_service_user - # @action create - # @action remove - # @example - # poise_service_user 'myapp' do - # home '/var/tmp' - # group 'nogroup' - # end - class Resource < Chef::Resource - include Poise - provides(:poise_service_user) - actions(:create, :remove) - - # @!attribute user - # Name of the user to create. Defaults to the name of the resource. - # @return [String] - attribute(:user, kind_of: String, name_attribute: true) - # @!attribute group - # Name of the group to create. Defaults to the name of the user, - # except on Windows where it defaults to false. Set to false to - # disable group creation. - # @return [String, false] - attribute(:group, kind_of: [String, FalseClass], default: lazy { default_group }) - # @!attribute uid - # UID of the user to create. Optional, if not set the UID will be - # allocated automatically. - # @return [Integer] - attribute(:uid, kind_of: Integer) - # @!attribute gid - # GID of the group to create. Optional, if not set the GID will be - # allocated automatically. - # @return [Integer] - attribute(:gid, kind_of: Integer) - # @!attribute shell - # Login shell for the user. Optional, if not set the shell will be - # determined automatically. - # @return [String] - attribute(:shell, kind_of: String, default: lazy { default_shell }) - # @!attribute home - # Home directory of the user. This directory will not be created if it - # does not exist. Optional. - # @return [String] - attribute(:home, kind_of: String) - - private - - # Find a default shell for service users. Tries to use nologin, but fall - # back on false. - # - # @api private - # @return [String] - def default_shell - DEFAULT_SHELLS.find {|s| ::File.exist?(s) } || DEFAULT_SHELLS.last - end - - # Find the default group name. Returns false on Windows because service - # groups aren't needed there. Otherwise use the name of the service user. - # - # @api private - # @return [String, false] - def default_group - if node.platform_family?('windows') - false - else - user - end - end - end - - # Provider for `poise_service_user`. - # - # @since 1.0.0 - # @see Resource - # @provides poise_service_user - class Provider < Chef::Provider - include Poise - provides(:poise_service_user) - - # `create` action for `poise_service_user`. Ensure the user and group (if - # enabled) exist. - # - # @return [void] - def action_create - notifying_block do - create_group if new_resource.group - create_user - end - end - - # `remove` action for `poise_service_user`. Ensure the user and group (if - # enabled) are destroyed. - # - # @return [void] - def action_remove - notifying_block do - remove_user - remove_group if new_resource.group - end - end - - private - - # Create the system group. - # - # @api private - # @return [void] - def create_group - group new_resource.group do - gid new_resource.gid - # Solaris doesn't support the idea of system groups. - system true unless node.platform_family?('solaris2') - end - end - - # Create the system user. - # - # @api private - # @return [void] - def create_user - user new_resource.user do - comment "Service user for #{new_resource.name}" - gid new_resource.group if new_resource.group - home new_resource.home - shell new_resource.shell - # Solaris doesn't support the idea of system users. - system true unless node.platform_family?('solaris2') - uid new_resource.uid - end - end - - # Remove the system group. - # - # @api private - # @return [void] - def remove_group - create_group.tap do |r| - r.action(:remove) - end - end - - # Remove the system user. - # - # @api private - # @return [void] - def remove_user - create_user.tap do |r| - r.action(:remove) - end - end - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_mixin.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_mixin.rb deleted file mode 100644 index 41c2472..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_mixin.rb +++ /dev/null @@ -1,193 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise' - -require 'poise_service/resources/poise_service' - - -module PoiseService - # Mixin for application services. This is any resource that will be part of - # an application deployment and involves running a persistent service. - # - # @since 1.0.0 - # @example - # module MyApp - # class Resource < Chef::Resource - # include Poise - # provides(:my_app) - # include PoiseService::ServiceMixin - # end - # - # class Provider < Chef::Provider - # include Poise - # provides(:my_app) - # include PoiseService::ServiceMixin - # - # def action_enable - # notifying_block do - # template '/etc/myapp.conf' do - # # ... - # end - # end - # super - # end - # - # def service_options(r) - # r.command('myapp --serve') - # end - # end - # end - module ServiceMixin - include Poise::Utils::ResourceProviderMixin - - # Mixin for service wrapper resources. - # - # @see ServiceMixin - module Resource - include Poise::Resource - - module ClassMethods - # @api private - def included(klass) - super - klass.extend(ClassMethods) - klass.class_exec do - actions(:enable, :disable, :start, :stop, :restart, :reload) - attribute(:service_name, kind_of: String, name_attribute: true) - end - end - end - - extend ClassMethods - end - - # Mixin for service wrapper providers. - # - # @see ServiceMixin - module Provider - include Poise::Provider - - # Default enable action for service wrappers. - # - # @return [void] - def action_enable - notify_if_service do - service_resource.run_action(:enable) - end - end - - # Default disable action for service wrappers. - # - # @return [void] - def action_disable - notify_if_service do - service_resource.run_action(:disable) - end - end - - # Default start action for service wrappers. - # - # @return [void] - def action_start - notify_if_service do - service_resource.run_action(:start) - end - end - - # Default stop action for service wrappers. - # - # @return [void] - def action_stop - notify_if_service do - service_resource.run_action(:stop) - end - end - - # Default restart action for service wrappers. - # - # @return [void] - def action_restart - notify_if_service do - service_resource.run_action(:restart) - end - end - - # Default reload action for service wrappers. - # - # @return [void] - def action_reload - notify_if_service do - service_resource.run_action(:reload) - end - end - - # @todo Add reload once poise-service supports it. - - private - - # Set the current resource as notified if the provided block updates the - # service resource. - # - # @api public - # @param block [Proc] Block to run. - # @return [void] - # @example - # notify_if_service do - # service_resource.run_action(:enable) - # end - def notify_if_service(&block) - service_resource.updated_by_last_action(false) - block.call if block - new_resource.updated_by_last_action(true) if service_resource.updated_by_last_action? - end - - # Service resource for this service wrapper. This returns a - # poise_service resource that will not be added to the resource - # collection. Override {#service_options} to set service resource - # parameters. - # - # @api public - # @return [Chef::Resource] - # @example - # service_resource.run_action(:restart) - def service_resource - @service_resource ||= PoiseService::Resources::PoiseService::Resource.new(new_resource.name, run_context).tap do |r| - # Set some defaults. - r.declared_type = :poise_service - r.enclosing_provider = self - r.source_line = new_resource.source_line - r.service_name(new_resource.service_name) - # Call the subclass hook for more specific settings. - service_options(r) - end - end - - # Abstract hook to set parameters on {#service_resource} when it is - # created. This is required to set at least `resource.command`. - # - # @api public - # @param resource [Chef::Resource] Resource instance to set parameters on. - # @return [void] - # @example - # def service_options(resource) - # resource.command('myapp --serve') - # end - def service_options(resource) - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers.rb deleted file mode 100644 index 6cee1ae..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/platform/provider_priority_map' - -require 'poise_service/service_providers/dummy' -require 'poise_service/service_providers/inittab' -require 'poise_service/service_providers/systemd' -require 'poise_service/service_providers/sysvinit' -require 'poise_service/service_providers/upstart' - - -module PoiseService - # Inversion providers for the poise_service resource. - # - # @since 1.0.0 - module ServiceProviders - # Set up priority maps - Chef::Platform::ProviderPriorityMap.instance.priority(:poise_service, [ - PoiseService::ServiceProviders::Systemd, - PoiseService::ServiceProviders::Upstart, - PoiseService::ServiceProviders::Sysvinit, - ]) - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/base.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/base.rb deleted file mode 100644 index 31263d4..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/base.rb +++ /dev/null @@ -1,196 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'poise' - - -module PoiseService - module ServiceProviders - class Base < Chef::Provider - include Poise(inversion: :poise_service) - - # Extend the default lookup behavior to check for service_name too. - # - # @api private - def self.resolve_inversion_provider(node, resource) - attrs = resolve_inversion_attribute(node) - (attrs[resource.service_name] && attrs[resource.service_name]['provider']) || super - end - - # Extend the default options to check for service_name too. - # - # @api private - def self.inversion_options(node, resource) - super.tap do |opts| - attrs = resolve_inversion_attribute(node) - opts.update(attrs[resource.service_name]) if attrs[resource.service_name] - run_state = Mash.new(node.run_state.fetch('poise_inversion', {}).fetch(inversion_resource, {}))[resource.service_name] || {} - opts.update(run_state['*']) if run_state['*'] - opts.update(run_state[provides]) if run_state[provides] - end - end - - # Cache the service hints to improve performance. This is called from the - # provides_auto? on most service providers and hits the filesystem a lot. - # - # @return [Array] - def self.service_resource_hints - @@service_resource_hints ||= Chef::Platform::ServiceHelpers.service_resource_providers - end - - def action_enable - include_recipe(*Array(recipes)) if recipes - notifying_block do - create_service - end - enable_service - action_start - end - - def action_disable - action_stop - disable_service - notifying_block do - destroy_service - end - end - - def action_start - return if options['never_start'] - notify_if_service do - service_resource.run_action(:start) - end - end - - def action_stop - return if options['never_stop'] - notify_if_service do - service_resource.run_action(:stop) - end - end - - def action_restart - return if options['never_restart'] - notify_if_service do - service_resource.run_action(:restart) - end - end - - def action_reload - return if options['never_reload'] - notify_if_service do - service_resource.run_action(:reload) - end - end - - def pid - raise NotImplementedError - end - - private - - # Recipes to include for this provider to work. Subclasses can override. - # - # @return [String, Array] - def recipes - end - - # Subclass hook to create the required files et al for the service. - def create_service - raise NotImplementedError - end - - # Subclass hook to remove the required files et al for the service. - def destroy_service - raise NotImplementedError - end - - def enable_service - notify_if_service do - service_resource.run_action(:enable) - end - end - - def disable_service - notify_if_service do - service_resource.run_action(:disable) - end - end - - def notify_if_service(&block) - service_resource.updated_by_last_action(false) - block.call - new_resource.updated_by_last_action(true) if service_resource.updated_by_last_action? - end - - # Subclass hook to create the resource used to delegate start, stop, and - # restart actions. - def service_resource - @service_resource ||= Chef::Resource::Service.new(new_resource.service_name, run_context).tap do |r| - r.declared_type = :service - r.enclosing_provider = self - r.source_line = new_resource.source_line - r.supports(status: true, restart: true, reload: true) - end - end - - def service_template(path, default_source, &block) - # Sigh scoping. - template path do - owner 'root' - group node['root_group'] - mode '644' - if options['template'] - # If we have a template override, allow specifying a cookbook via - # "cookbook:template". - parts = options['template'].split(/:/, 2) - if parts.length == 2 - source parts[1] - cookbook parts[0] - else - source parts.first - cookbook new_resource.cookbook_name.to_s - end - else - source default_source - cookbook self.poise_defined_in_cookbook - end - variables( - command: options['command'] || new_resource.command, - directory: options['directory'] || new_resource.directory, - environment: options['environment'] || new_resource.environment, - name: new_resource.service_name, - new_resource: new_resource, - options: options, - reload_signal: options['reload_signal'] || new_resource.reload_signal, - stop_signal: options['stop_signal'] || new_resource.stop_signal, - user: options['user'] || new_resource.user, - ) - # Don't trigger a restart if the template doesn't already exist, this - # prevents restarting on the run that first creates the service. - restart_on_update = options.fetch('restart_on_update', new_resource.restart_on_update) - if restart_on_update && ::File.exist?(path) - mode = restart_on_update.to_s == 'immediately' ? :immediately : :delayed - notifies :restart, new_resource, mode - end - instance_exec(&block) if block - end - end - - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/dummy.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/dummy.rb deleted file mode 100644 index 0a84ec5..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/dummy.rb +++ /dev/null @@ -1,195 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'etc' -require 'shellwords' - -require 'poise_service/service_providers/base' - - -module PoiseService - module ServiceProviders - class Dummy < Base - provides(:dummy) - - # @api private - def self.default_inversion_options(node, resource) - super.merge({ - # Time to wait between stop and start. - restart_delay: 1, - }) - end - - def action_start - return if options['never_start'] - return if pid - Chef::Log.debug("[#{new_resource}] Starting #{new_resource.command}") - # Clear the pid file if it exists. - ::File.unlink(pid_file) if ::File.exist?(pid_file) - if Process.fork - # Parent, wait for the final child to write the pid file. - now = Time.now - until ::File.exist?(pid_file) - sleep(1) - # After 30 seconds, show output at a higher level to avoid too much - # confusing on failed process launches. - if Time.now - now <= 30 - Chef::Log.debug("[#{new_resource}] Waiting for PID file") - else - Chef::Log.warning("[#{new_resource}] Waiting for PID file at #{pid_file} to be created") - end - end - else - # :nocov: - begin - Chef::Log.debug("[#{new_resource}] Forked") - # First child, daemonize and go to town. This handles multi-fork, - # setsid, and shutting down stdin/out/err. - Process.daemon(true) - Chef::Log.debug("[#{new_resource}] Daemonized") - # Daemonized, set up process environment. - Dir.chdir(new_resource.directory) - Chef::Log.debug("[#{new_resource}] Directory changed to #{new_resource.directory}") - ENV['HOME'] = Dir.home(new_resource.user) - new_resource.environment.each do |key, val| - ENV[key.to_s] = val.to_s - end - Chef::Log.debug("[#{new_resource}] Process environment configured") - # Make sure to open the output file and write the pid file before we - # drop privs. - output = ::File.open(output_file, 'ab') - IO.write(pid_file, Process.pid) - Chef::Log.debug("[#{new_resource}] PID #{Process.pid} written to #{pid_file}") - ent = Etc.getpwnam(new_resource.user) - if Process.euid != ent.uid || Process.egid != ent.gid - Process.initgroups(ent.name, ent.gid) - Process::GID.change_privilege(ent.gid) if Process.egid != ent.gid - Process::UID.change_privilege(ent.uid) if Process.euid != ent.uid - Chef::Log.debug("[#{new_resource}] Changed privs to #{new_resource.user} (#{ent.uid}:#{ent.gid})") - end - # Log the command. Happens before ouput redirect or this ends up in the file. - Chef::Log.debug("[#{new_resource}] Execing #{new_resource.command}") - # Set up output logging. - Chef::Log.debug("[#{new_resource}] Logging output to #{output_file}") - $stdout.reopen(output) - $stdout.sync = true - $stderr.reopen(output) - $stderr.sync = true - $stdout.write("#{Time.now} Starting #{new_resource.command}") - # Split the command so we don't get an extra sh -c. - Kernel.exec(*Shellwords.split(new_resource.command)) - # Just in case, bail out. - $stdout.reopen(STDOUT) - $stderr.reopen(STDERR) - Chef::Log.debug("[#{new_resource}] Exec failed, bailing out.") - exit! - rescue Exception => e - # Welp, we tried. - $stdout.reopen(STDOUT) - $stderr.reopen(STDERR) - Chef::Log.error("[#{new_resource}] Error during process spawn: #{e}") - exit! - end - # :nocov: - end - Chef::Log.debug("[#{new_resource}] Started.") - end - - def action_stop - return if options['never_stop'] - return unless pid - Chef::Log.debug("[#{new_resource}] Stopping with #{new_resource.stop_signal}. Current PID is #{pid.inspect}.") - Process.kill(new_resource.stop_signal, pid) - ::File.unlink(pid_file) - end - - def action_restart - return if options['never_restart'] - action_stop - # Give things a moment to stop before we try starting again. - sleep(options['restart_delay']) - action_start - end - - def action_reload - return if options['never_reload'] - return unless pid - Chef::Log.debug("[#{new_resource}] Reloading with #{new_resource.reload_signal}. Current PID is #{pid.inspect}.") - Process.kill(new_resource.reload_signal, pid) - end - - def pid - return nil unless ::File.exist?(pid_file) - pid = IO.read(pid_file).to_i - begin - # Check if the PID is running. - Process.kill(0, pid) - pid - rescue Errno::ESRCH - nil - end - end - - private - - def service_resource - # Intentionally not implemented. - raise NotImplementedError - end - - def enable_service - end - - # Write all major service parameters to a file so that if they change, we - # can restart the service. This also makes debuggin a bit easier so you - # can still see what it thinks it was starting without sifting through - # piles of debug output. - def create_service - service_template(run_file, 'dummy.json.erb') - end - - def disable_service - end - - # Delete the tracking file. - def destroy_service - file run_file do - action :delete - end - - file pid_file do - action :delete - end - end - - # Path to the run parameters tracking file. - def run_file - "/var/run/#{new_resource.service_name}.json" - end - - # Path to the PID file. - def pid_file - "/var/run/#{new_resource.service_name}.pid" - end - - # Path to the output file. - def output_file - "/var/run/#{new_resource.service_name}.out" - end - - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/inittab.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/inittab.rb deleted file mode 100644 index 4758455..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/inittab.rb +++ /dev/null @@ -1,150 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/util/file_edit' - -require 'poise_service/service_providers/base' - - -module PoiseService - module ServiceProviders - class Inittab < Base - provides(:inittab) - - def self.provides_auto?(node, resource) - ::File.exist?('/etc/inittab') - end - - def pid - IO.read(pid_file).to_i if ::File.exist?(pid_file) - end - - # Don't try to stop when disabling because we can't. - def action_disable - disable_service - notifying_block do - destroy_service - end - end - - def action_start - Chef::Log.debug("[#{new_resource}] Inittab services are always started.") - end - - def action_stop - raise NotImplementedError.new("[#{new_resource}] Inittab services cannot be stopped") - end - - def action_restart - return if options['never_restart'] - # Just kill it and let init restart it. - Process.kill(new_resource.stop_signal, pid) if pid - end - - def action_reload - return if options['never_reload'] - Process.kill(new_resource.reload_signal, pid) if pid - end - - private - - def service_resource - # Intentionally not implemented. - raise NotImplementedError - end - - def enable_service - end - - def disable_service - end - - def create_service - # Sigh scoping. - pid_file_ = pid_file - # Inittab only allows 127 characters for the command, so cram stuff in - # a file. Writing to a file is gross, but so is using inittab so ¯\_(ツ)_/¯. - service_template("/sbin/poise_service_#{new_resource.service_name}", 'inittab.sh.erb') do - mode '755' - variables.update( - pid_file: pid_file_, - ) - end - # Add to inittab. - edit_inittab do |content| - inittab_line = "#{service_id}:2345:respawn:/sbin/poise_service_#{new_resource.service_name}" - if content =~ /^# #{Regexp.escape(service_tag)}$/ - # Existing line, update in place. - content.gsub!(/^(# #{Regexp.escape(service_tag)}\n)(.*)$/, "\\1#{inittab_line}") - else - # Add to the end. - content << "# #{service_tag}\n#{inittab_line}\n" - end - end - end - - def destroy_service - # Remove from inittab. - edit_inittab do |content| - content.gsub!(/^# #{Regexp.escape(service_tag)}\n.*?\n$/, '') - end - - file "/sbin/poise_service_#{new_resource.service_name}" do - action :delete - end - - file pid_file do - action :delete - end - end - - # The shortened ID because sysvinit only allows 4 characters. - def service_id - # This is a terrible hash, but it should be good enough. - options['service_id'] || begin - sum = new_resource.service_name.sum(20).to_s(36) - if sum.length < 4 - 'p' + sum - else - sum - end - end - end - - # Tag to put in a comment in inittab for tracking. - def service_tag - "poise_service(#{new_resource.service_name})" - end - - def pid_file - options['pid_file'] || "/var/run/#{new_resource.service_name}.pid" - end - - def edit_inittab(&block) - inittab = IO.read('/etc/inittab') - original_inittab = inittab.dup - block.call(inittab) - if inittab != original_inittab - file '/etc/inittab' do - content inittab - end - - execute 'telinit q' - end - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/systemd.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/systemd.rb deleted file mode 100644 index 35faf03..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/systemd.rb +++ /dev/null @@ -1,85 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/shell_out' - -require 'poise_service/service_providers/base' - - -module PoiseService - module ServiceProviders - class Systemd < Base - include Chef::Mixin::ShellOut - provides(:systemd) - - # @api private - def self.provides_auto?(node, resource) - service_resource_hints.include?(:systemd) - end - - # @api private - def self.default_inversion_options(node, resource) - super.merge({ - # Automatically reload systemd on changes. - auto_reload: true, - # Service restart mode. - restart_mode: 'on-failure', - }) - end - - def pid - cmd = shell_out(%w{systemctl status} + [new_resource.service_name]) - if !cmd.error? && cmd.stdout.include?('Active: active (running)') && md = cmd.stdout.match(/Main PID: (\d+)/) - md[1].to_i - else - nil - end - end - - private - - def service_resource - super.tap do |r| - r.provider(Chef::Provider::Service::Systemd) - end - end - - def systemctl_daemon_reload - execute 'systemctl daemon-reload' do - action :nothing - user 'root' - end - end - - def create_service - reloader = systemctl_daemon_reload - service_template("/etc/systemd/system/#{new_resource.service_name}.service", 'systemd.service.erb') do - notifies :run, reloader, :immediately if options['auto_reload'] - variables.update(auto_reload: options['auto_reload'], restart_mode: options['restart_mode']) - end - end - - def destroy_service - reloader = systemctl_daemon_reload - file "/etc/systemd/system/#{new_resource.service_name}.service" do - action :delete - notifies :run, reloader, :immediately if options['auto_reload'] - end - end - - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/sysvinit.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/sysvinit.rb deleted file mode 100644 index c9fb0e5..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/sysvinit.rb +++ /dev/null @@ -1,97 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise_service/service_providers/base' - - -module PoiseService - module ServiceProviders - class Sysvinit < Base - provides(:sysvinit) - - def self.provides_auto?(node, resource) - [:debian, :redhat, :invokercd].any? {|name| service_resource_hints.include?(name) } - end - - def pid - IO.read(pid_file).to_i if ::File.exist?(pid_file) - end - - private - - def service_resource - super.tap do |r| - r.provider(case node['platform_family'] - when 'debian' - Chef::Provider::Service::Debian - when 'rhel', 'amazon' - Chef::Provider::Service::Redhat - else - # Better than nothing I guess? Will fail on enable I think. - Chef::Provider::Service::Init - end) - r.init_command(script_path) - # Pending https://github.com/chef/chef/pull/4709. - r.start_command("#{script_path} start") - r.stop_command("#{script_path} stop") - r.status_command("#{script_path} status") - r.restart_command("#{script_path} restart") - r.reload_command("#{script_path} reload") - end - end - - def create_service - # Split the command into the binary and its arguments. This is for - # start-stop-daemon since it treats those differently. - parts = new_resource.command.split(/ /, 2) - daemon = ENV['PATH'].split(/:/) - .map {|path| ::File.absolute_path(parts[0], path) } - .find {|path| ::File.exist?(path) } || parts[0] - # Sigh scoping. - pid_file_ = pid_file - # Render the service template - service_template(script_path, 'sysvinit.sh.erb') do - mode '755' - variables.update( - daemon: daemon, - daemon_options: parts[1].to_s, - pid_file: pid_file_, - pid_file_external: options['pid_file_external'].nil? ? !!options['pid_file'] : options['pid_file_external'], - platform_family: node['platform_family'], - ) - end - end - - def destroy_service - file script_path do - action :delete - end - - file pid_file do - action :delete - end - end - - def script_path - options['script_path'] || "/etc/init.d/#{new_resource.service_name}" - end - - def pid_file - options['pid_file'] || "/var/run/#{new_resource.service_name}.pid" - end - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/upstart.rb b/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/upstart.rb deleted file mode 100644 index cb4db46..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/service_providers/upstart.rb +++ /dev/null @@ -1,136 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Used in the template. -require 'shellwords' - -require 'chef/mixin/shell_out' - -require 'poise_service/error' -require 'poise_service/service_providers/base' - - -module PoiseService - module ServiceProviders - class Upstart < Base - include Chef::Mixin::ShellOut - provides(:upstart) - - def self.provides_auto?(node, resource) - service_resource_hints.include?(:upstart) - end - - # @api private - def self.default_inversion_options(node, resource) - super.merge({ - # Time to wait between stop and start. - restart_delay: 1, - }) - end - - # True restart in Upstart preserves the original config data, we want the - # more obvious behavior like everything else in the world that restart - # would re-read the updated config file. Use stop+start to get this - # behavior. http://manpages.ubuntu.com/manpages/raring/man8/initctl.8.html - def action_restart - return if options['never_restart'] - action_stop - # Give things a moment to stop before we try starting again. - sleep(options['restart_delay']) - action_start - end - - # Shim out reload if we have a version that predates reload support. - def action_reload - return if options['never_reload'] - if !upstart_features[:reload_signal] && new_resource.reload_signal != 'HUP' - if options[:reload_shim] - Process.kill(new_resource.reload_signal, pid) - else - check_reload_signal! - end - else - super - end - end - - def pid - cmd = shell_out(%w{initctl status} + [new_resource.service_name]) - if !cmd.error? && md = cmd.stdout.match(/process (\d+)/) - md[1].to_i - else - nil - end - end - - private - - def service_resource - super.tap do |r| - r.provider(Chef::Provider::Service::Upstart) - end - end - - def create_service - check_reload_signal! - # Set features so it will be a closure below. - features = upstart_features - service_template("/etc/init/#{new_resource.service_name}.conf", 'upstart.conf.erb') do - variables.update( - upstart_features: features, - ) - end - end - - def destroy_service - file "/etc/init/#{new_resource.service_name}.conf" do - action :delete - end - end - - def upstart_version - cmd = shell_out(%w{initctl --version}) - if !cmd.error? && md = cmd.stdout.match(/upstart ([^)]+)\)/) - md[1] - else - '0' - end - end - - def upstart_features - @upstart_features ||= begin - upstart_ver = Gem::Version.new(upstart_version) - versions_added = { - kill_signal: '1.3', - reload_signal: '1.10', - setuid: '1.4', - } - versions_added.inject({}) do |memo, (feature, version)| - memo[feature] = Gem::Requirement.create(">= #{version}").satisfied_by?(upstart_ver) - memo - end - end - end - - def check_reload_signal! - if !options['reload_shim'] && !upstart_features[:reload_signal] && new_resource.reload_signal != 'HUP' - raise Error.new("Upstart #{upstart_version} only supports HUP for reload, to use the shim please set the 'reload_shim' options for #{new_resource.to_s}") - end - end - - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/utils.rb b/cookbooks/poise-service/files/halite_gem/poise_service/utils.rb deleted file mode 100644 index bbf7896..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/utils.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'pathname' - - -module PoiseService - # Utility methods for PoiseService. - # - # @api public - # @since 1.0.0 - module Utils - # Methods are also available as module-level methods as well as a mixin. - extend self - - # Common segments to ignore - COMMON_SEGMENTS = %w{var www current etc}.inject({}) {|memo, seg| memo[seg] = true; memo } - - # Parse the service name from a path. Look at the last component of the - # path, ignoring some common names. - # - # @param path [String] Path to parse. - # @return [String] - # @example - # attribute(:service_name, kind_of: String, default: lazy { PoiseService::Utils.parse_service_name(path) }) - def parse_service_name(path) - parts = Pathname.new(path).each_filename.to_a.reverse! - # Find the last segment not in common segments, fall back to the last segment. - parts.find {|seg| !COMMON_SEGMENTS[seg] } || parts.first - end - end -end diff --git a/cookbooks/poise-service/files/halite_gem/poise_service/version.rb b/cookbooks/poise-service/files/halite_gem/poise_service/version.rb deleted file mode 100644 index f4c6463..0000000 --- a/cookbooks/poise-service/files/halite_gem/poise_service/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module PoiseService - VERSION = '1.5.2' -end diff --git a/cookbooks/poise-service/libraries/default.rb b/cookbooks/poise-service/libraries/default.rb deleted file mode 100644 index dd4c6ca..0000000 --- a/cookbooks/poise-service/libraries/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) -require "poise_service/cheftie" diff --git a/cookbooks/poise-service/metadata.json b/cookbooks/poise-service/metadata.json deleted file mode 100644 index e71ef57..0000000 --- a/cookbooks/poise-service/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise-service","version":"1.5.2","description":"A Chef cookbook for managing system services.","long_description":"# Poise-Service Cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/poise-service.svg)](https://travis-ci.org/poise/poise-service)\n[![Gem Version](https://img.shields.io/gem/v/poise-service.svg)](https://rubygems.org/gems/poise-service)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise-service.svg)](https://supermarket.chef.io/cookbooks/poise-service)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise-service.svg)](https://codecov.io/github/poise/poise-service)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise-service.svg)](https://gemnasium.com/poise/poise-service)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to provide a unified interface for\nservices.\n\n### What is poise-service?\n\nPoise-service is a tool for developers of \"library cookbooks\" to define a\nservice without forcing the end-user of the library to adhere to their choice of\nservice management framework. The `poise_service` resource represents an\nabstract service to be run, which can then be customized by node attributes and\nthe `poise_service_options` resource. This is a technique called [dependency\ninjection](https://en.wikipedia.org/wiki/Dependency_injection), and allows a\nmeasure of decoupling between the library and application cookbooks.\n\n### Why would I use poise-service?\n\nPoise-service is most useful for authors of library-style cookbooks, for example\nthe `apache2`, `mysql`, or `application` cookbooks. When using other service\nmanagement options with Chef, the author of the library cookbook has to add\nspecific code for each service management framework they want to support, often\nresulting in a cookbook only supporting the favorite framework of the author or\ndepending on distribution packages for their init scripts. The `poise_service`\nresource allows library cookbook authors a way to write generic code for all\nservice management frameworks while still allowing users of that cookbook to\nchoose which service management framework best fits their needs.\n\n### How is this different from the built-in service resource?\n\nChef includes a `service` resource which allows interacting with certain\nservice management frameworks such as SysV, Upstart, and systemd.\n`poise-service` goes further in that it actually generates the configuration\nfiles needed for the requested service management framework, as well as offering\na dependency injection system for application cookbooks to customize which\nframework is used.\n\n### What service management frameworks are supported?\n\n* [SysV (aka /etc/init.d)](#sysvinit)\n* [Upstart](#upstart)\n* [systemd](#systemd)\n* [Inittab](#inittab)\n* [Runit](https://github.com/poise/poise-service-runit)\n* [Monit](https://github.com/poise/poise-monit#service-provider)\n* [Solaris](https://github.com/sh9189/poise-service-solaris)\n* [AIX](https://github.com/johnbellone/poise-service-aix)\n* *Supervisor (coming soon!)*\n\n\n## Quick Start\n\nTo create a service user and a service to run Apache2:\n\n```ruby\npoise_service_user 'www-data'\n\npoise_service 'apache2' do\n command '/usr/sbin/apache2 -f /etc/apache2/apache2.conf -DFOREGROUND'\n stop_signal 'WINCH'\n reload_signal 'USR1'\nend\n```\n\nor for a hypothetical Rails web application:\n\n```ruby\npoise_service_user 'myapp'\n\npoise_service 'myapp-web' do\n command 'bundle exec unicorn -p 8080'\n user 'myapp'\n directory '/srv/myapp'\n environment RAILS_ENV: 'production'\nend\n```\n\n## Resources\n\n### `poise_service`\n\nThe `poise_service` resource is the abstract definition of a service.\n\n```ruby\npoise_service 'myapp' do\n command 'myapp --serve'\n environment RAILS_ENV: 'production'\nend\n```\n\n#### Actions\n\n* `:enable` – Create, enable and start the service. *(default)*\n* `:disable` – Stop, disable, and destroy the service.\n* `:start` – Start the service.\n* `:stop` – Stop the service.\n* `:restart` – Stop and then start the service.\n* `:reload` – Send the configured reload signal to the service.\n\n#### Attributes\n\n* `service_name` – Name of the service. *(name attribute)*\n* `command` – Command to run for the service. This command must stay in the\n foreground and not daemonize itself. *(required)*\n* `user` – User to run the service as. See\n [`poise_service_user`](#poise_service_user) for any easy way to create service\n users. *(default: root)*\n* `directory` – Working directory for the service. *(default: home directory for\n user, or / if not found)*\n* `environment` – Environment variables for the service.\n* `stop_signal` – Signal to use to stop the service. Some systems will fall back\n to SIGKILL if this signal fails to stop the process. *(default: TERM)*\n* `reload_signal` – Signal to use to reload the service. *(default: HUP)*\n* `restart_on_update` – If true, the service will be restarted if the service\n definition or configuration changes. If `'immediately'`, the notification will\n happen in immediate mode. *(default: true)*\n\n#### Service Options\n\nThe `poise-service` library offers an additional way to pass configuration\ninformation to the final service called \"options\". Options are key/value pairs\nthat are passed down to the service provider and can be used to control how it\ncreates and manages the service. These can be set in the `poise_service`\nresource using the `options` method, in node attributes or via the\n`poise_service_options` resource. The options from all sources are merged\ntogether in to a single hash.\n\nWhen setting options in the resource you can either set them for all providers:\n\n```ruby\npoise_service 'myapp' do\n command 'myapp --serve'\n options status_port: 8000\nend\n```\n\nor for a single provider:\n\n```ruby\npoise_service 'myapp' do\n command 'myapp --serve'\n options :systemd, after_target: 'network'\nend\n```\n\nSetting via node attributes is generally how an end-user or application cookbook\nwill set options to customize services in the library cookbooks they are using.\nYou can set options for all services or for a single service, by service name\nor by resource name:\n\n```ruby\n# Global, for all services.\noverride['poise-service']['options']['after_target'] = 'network'\n# Single service.\noverride['poise-service']['myapp']['template'] = 'myapp.erb'\n```\n\nThe `poise_service_options` resource is also available to set node attributes\nfor a specific service in a DSL-friendly way:\n\n```ruby\npoise_service_options 'myapp' do\n template 'myapp.erb'\n restart_on_update false\nend\n```\n\nUnlike resource attributes, service options can be different for each provider.\nNot all providers support the same options so make sure to check the\ndocumentation for each provider to see what options are available.\n\n### `poise_service_options`\n\nThe `poise_service_options` resource allows setting per-service options in a\nDSL-friendly way. See [the Service Options](#service-options) section for more\ninformation about service options overall.\n\n```ruby\npoise_service_options 'myapp' do\n template 'myapp.erb'\n restart_on_update false\nend\n```\n\n#### Actions\n\n* `:run` – Apply the service options. *(default)*\n\n#### Attributes\n\n* `resource` – Name of the service. *(name attribute)*\n* `for_provider` – Provider to set options for.\n\nAll other attribute keys will be used as options data.\n\n### `poise_service_user`\n\nThe `poise_service_user` resource is an easy way to create service users. It is\nnot required to use `poise_service`, it is only a helper.\n\n```ruby\npoise_service_user 'myapp' do\n home '/srv/myapp'\nend\n```\n\n#### Actions\n\n* `:create` – Create the user and group. *(default)*\n* `:remove` – Remove the user and group.\n\n#### Attributes\n\n* `user` – Name of the user. *(name attribute)*\n* `group` – Name of the group. Set to `false` to disable group creation. *(name attribute)*\n* `uid` – UID of the user. *(default: automatic)*\n* `gid` – GID of the group. *(default: automatic)*\n* `home` – Home directory of the user.\n* `shell` – Shell of the user. *(default: /bin/nologin if present or /bin/false)*\n\n## Providers\n\n### `sysvinit`\n\nThe `sysvinit` provider supports SystemV-style init systems on Debian-family and\nRHEL-family platforms. It will create the `/etc/init.d/` script\nand enable/disable the service using the platform-specific service resource.\n\n```ruby\npoise_service 'myapp' do\n provider :sysvinit\n command 'myapp --serve'\nend\n```\n\nBy default a PID file will be created in `/var/run/service_name.pid`. You can\nuse the `pid_file` option detailed below to override this and rely on your\nprocess creating a PID file in the given path.\n\n#### Options\n\n* `pid_file` – Path to PID file that the service command will create.\n* `pid_file_external` – If true, assume the service will create the PID file\n itself. *(default: true if `pid_file` option is set)*\n* `template` – Override the default script template. If you want to use a\n template in a different cookbook use `'cookbook:template'`.\n* `command` – Override the service command.\n* `directory` – Override the service directory.\n* `environment` – Override the service environment variables.\n* `reload_signal` – Override the service reload signal.\n* `stop_signal` – Override the service stop signal.\n* `user` – Override the service user.\n* `never_start` – Never try to start the service.\n* `never_stop` – Never try to stop the service.\n* `never_restart` – Never try to restart the service.\n* `never_reload` – Never try to reload the service.\n* `script_path` – Override the path to the generated service script.\n\n### `upstart`\n\nThe `upstart` provider supports [Upstart](http://upstart.ubuntu.com/). It will\ncreate the `/etc/init/service_name.conf` configuration.\n\n```ruby\npoise_service 'myapp' do\n provider :upstart\n command 'myapp --serve'\nend\n```\n\nAs a wide variety of versions of Upstart are in use in various Linux\ndistributions, the provider does its best to identify which features are\navailable and provide shims as appropriate. Most of these should be invisible\nhowever Upstart older than 1.10 does not support setting a `reload signal` so\nonly SIGHUP can be used. You can set a `reload_shim` option to enable an\ninternal implementaion of reloading to be used for signals other than SIGHUP,\nhowever as this is implemented inside Chef code, running `initctl reload` would\nstill result in SIGHUP being sent. For this reason, the feature is disabled by\ndefault and will throw an error if a reload signal other than SIGHUP is used.\n\n#### Options\n\n* `reload_shim` – Enable the reload signal shim. See above for a warning about\n this feature.\n* `template` – Override the default configuration template. If you want to use a\n template in a different cookbook use `'cookbook:template'`.\n* `command` – Override the service command.\n* `directory` – Override the service directory.\n* `environment` – Override the service environment variables.\n* `reload_signal` – Override the service reload signal.\n* `stop_signal` – Override the service stop signal.\n* `user` – Override the service user.\n* `never_start` – Never try to start the service.\n* `never_stop` – Never try to stop the service.\n* `never_restart` – Never try to restart the service.\n* `never_reload` – Never try to reload the service.\n\n### `systemd`\n\nThe `systemd` provider supports [systemd](http://www.freedesktop.org/wiki/Software/systemd/).\nIt will create the `/etc/systemd/system/service_name.service` configuration.\n\n\n```ruby\npoise_service 'myapp' do\n provider :systemd\n command 'myapp --serve'\nend\n```\n\n#### Options\n\n* `template` – Override the default configuration template. If you want to use a\n template in a different cookbook use `'cookbook:template'`.\n* `command` – Override the service command.\n* `directory` – Override the service directory.\n* `environment` – Override the service environment variables.\n* `reload_signal` – Override the service reload signal.\n* `stop_signal` – Override the service stop signal.\n* `user` – Override the service user.\n* `never_start` – Never try to start the service.\n* `never_stop` – Never try to stop the service.\n* `never_restart` – Never try to restart the service.\n* `never_reload` – Never try to reload the service.\n* `auto_reload` – Run `systemctl daemon-reload` after changes to the unit file. *(default: true)*\n* `restart_mode` – Restart mode for the generated service unit. *(default: on-failure)*\n\n### `inittab`\n\nThe `inittab` provider supports managing services via `/etc/inittab` using\n[SystemV Init](http://www.nongnu.org/sysvinit/). This can provide basic\nprocess supervision even on very old *nix machines.\n\n```ruby\npoise_service 'myapp' do\n provider :inittab\n command 'myapp --serve'\nend\n```\n\n**NOTE:** Inittab does not allow stopping services, and they are started as soon\nas they are enabled.\n\n#### Options\n\n* `never_start` – Never try to start the service.\n* `never_stop` – Never try to stop the service.\n* `never_restart` – Never try to restart the service.\n* `never_reload` – Never try to reload the service.\n* `pid_file` – Path to PID file that the service command will create.\n* `service_id` – Unique 1-4 character tag for the service. Defaults to an\n auto-generated hash based on the service name. If these collide, bad things\n happen. Don't do that.\n\n### `dummy`\n\nThe `dummy` provider supports launching services directly from Chef itself.\nThis is for testing purposes only and is entirely unsuitable for use in\nproduction. This is mostly useful when used alongside kitchen-docker.\n\n```ruby\npoise_service 'myapp' do\n provider :dummy\n command 'myapp --serve'\nend\n```\n\nThe service information is written to `/var/run`. The PID file is `service_name.pid`,\nthe command output is `service_name.out`, and the service parameters are in\n`service_name.json`.\n\n#### Options\n\n* `never_start` – Never try to start the service.\n* `never_stop` – Never try to stop the service.\n* `never_restart` – Never try to restart the service.\n* `never_reload` – Never try to reload the service.\n* `restart_delay` – Number of seconds to wait between stop and start when\n restarting. *(default: 1)*\n\n## ServiceMixin\n\nFor the common case of a resource (LWRP or plain Ruby) that roughly maps to\n\"some config files and a service\" poise-service provides a mixin module,\n`PoiseService::ServiceMixin`. This mixin adds the standard service actions\n(`enable`, `disable`, `start`, `stop`, `restart`, and `reload`) with basic\nimplementations that call those actions on a `poise_service` resource for you.\nYou customize the service by defining a `service_options` method on your\nprovider class:\n\n```ruby\ndef service_options(service)\n # service is the PoiseService::Resource object instance.\n service.command \"/usr/sbin/#{new_resource.name} -f /etc/#{new_resource.name}/conf/httpd.conf -DFOREGROUND\"\n service.stop_signal 'WINCH'\n service.reload_signal 'USR1'\nend\n```\n\nYou will generally want to override the `enable` action to install things\nrelated to the service like packages, users and configuration files:\n\n```ruby\ndef action_enable\n notifying_block do\n package 'apache2'\n poise_service_user 'www-data'\n template \"/etc/#{new_resource.name}/conf/httpd.conf\" do\n # ...\n end\n end\n # This super call will run the normal service enable,\n # creating the service and starting it.\n super\nend\n```\n\nSee [the poise_service_test_mixin resource](test/cookbooks/poise-service_test/resources/mixin.rb)\nand [provider](test/cookbooks/poise-service_test/providers/mixin.rb) for\nexamples of using `ServiceMixin` in an LWRP.\n\n## Sponsors\n\nDevelopment sponsored by [Bloomberg](http://www.bloomberg.com/company/technology/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","centos":">= 0.0.0","redhat":">= 0.0.0","fedora":">= 0.0.0","amazon":">= 0.0.0","suse":">= 0.0.0","opensuse":">= 0.0.0"},"dependencies":{"poise":"~> 2.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise-service","issues_url":"https://github.com/poise/poise-service/issues","chef_version":[["< 14",">= 12"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/poise-service/templates/default/dummy.json.erb b/cookbooks/poise-service/templates/default/dummy.json.erb deleted file mode 100644 index ad62f40..0000000 --- a/cookbooks/poise-service/templates/default/dummy.json.erb +++ /dev/null @@ -1,7 +0,0 @@ -<%= {command: @command, - directory: @directory, - environment: @environment, - name: @name, - reload_signal: @reload_signal, - stop_signal: @stop_signal, - user: @user}.to_json %> diff --git a/cookbooks/poise-service/templates/default/inittab.sh.erb b/cookbooks/poise-service/templates/default/inittab.sh.erb deleted file mode 100644 index 7e19bf7..0000000 --- a/cookbooks/poise-service/templates/default/inittab.sh.erb +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -exec /opt/chef/embedded/bin/ruby <", Process.pid) -Dir.chdir("<%= @directory %>") -ent = Etc.getpwnam("<%= @user %>") -if Process.euid != ent.uid || Process.egid != ent.gid - Process.initgroups(ent.name, ent.gid) - Process::GID.change_privilege(ent.gid) if Process.egid != ent.gid - Process::UID.change_privilege(ent.uid) if Process.euid != ent.uid -end -(ENV["HOME"] = Dir.home("<%= @user %>")) rescue nil -<%= @environment.map {|key, value| "ENV[#{key.to_s.inspect}] = #{value.to_s.inspect}" }.join("; ") %> -exec(*<%= Shellwords.split(@command).inspect %>) -EOH diff --git a/cookbooks/poise-service/templates/default/systemd.service.erb b/cookbooks/poise-service/templates/default/systemd.service.erb deleted file mode 100644 index ebdf871..0000000 --- a/cookbooks/poise-service/templates/default/systemd.service.erb +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=<%= @name %> - -[Service] -Environment=<%= @environment.map {|key, val| %Q{"#{key}=#{val}"} }.join(' ') %> -ExecStart=<%= @command %> -ExecReload=/bin/kill -<%= @reload_signal %> $MAINPID -KillSignal=<%= @stop_signal %> -User=<%= @user %> -WorkingDirectory=<%= @directory %> -Restart=<%= @restart_mode %> - -[Install] -WantedBy=multi-user.target diff --git a/cookbooks/poise-service/templates/default/sysvinit.sh.erb b/cookbooks/poise-service/templates/default/sysvinit.sh.erb deleted file mode 100644 index f13d811..0000000 --- a/cookbooks/poise-service/templates/default/sysvinit.sh.erb +++ /dev/null @@ -1,190 +0,0 @@ -#!/bin/sh -# Init script for <%= @name %> generated by poise-service -# -### BEGIN INIT INFO -# Provides: <%= @name %> -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Init script for <%= @name %> -# Description: Init script for <%= @name %> -### END INIT INFO - -<%- if @platform_family == 'debian' -%> -. /lib/lsb/init-functions - -_start() { - start-stop-daemon --start --quiet --background \ - --pidfile "<%= @pid_file %>"<% unless @pid_file_external %> --make-pidfile<% end %> \ - --chuid "<%= @user %>" --chdir "<%= @directory %>" \ - --exec "<%= @daemon %>" -- <%= @daemon_options %> -} - -_stop() { - start-stop-daemon --stop --quiet --pidfile "<%= @pid_file %>" --user "<%= @user %>" --signal "<%= @stop_signal %>" -} - -_status() { - status_of_proc -p "<%= @pid_file %>" "<%= @daemon %>" "<%= @name %>" -} - -_reload() { - start-stop-daemon --stop --quiet --pidfile "<%= @pid_file %>" --user "<%= @user %>" --signal "<%= @reload_signal %>" -} - -<%- else -%> -_start() { - <%# Implementing this using RedHat's bash helpers is too painful. Sorry. %> - <%# See dummy.rb for a more commented version of this code. %> - /opt/chef/embedded/bin/ruby < -File.unlink(pid_file) if File.exist?(pid_file) -if Process.fork - sleep(1) until File.exist?(pid_file) -else - Process.daemon(true) - Dir.chdir(<%= @directory.inspect %>) - <%- unless @pid_file_external -%> - IO.write(pid_file, Process.pid) - <%- end -%> - ent = Etc.getpwnam(<%= @user.inspect %>) - if Process.euid != ent.uid || Process.egid != ent.gid - Process.initgroups(ent.name, ent.gid) - Process::GID.change_privilege(ent.gid) if Process.egid != ent.gid - Process::UID.change_privilege(ent.uid) if Process.euid != ent.uid - end - Kernel.exec(*<%= Shellwords.split(@command).inspect %>) - exit! -end -EOH -} - -_stop() { - if [ -r "<%= @pid_file %>" ]; then - kill -<%= @stop_signal%> "$(cat "<%= @pid_file %>")" - else - return 0 - fi -} - -_status() { - if [ -r "<%= @pid_file %>" ]; then - kill -0 "$(cat "<%= @pid_file %>")" - else - return 1 - fi -} - -_reload() { - if [ -r "<%= @pid_file %>" ]; then - kill -<%= @reload_signal%> "$(cat "<%= @pid_file %>")" - else - return 1 - fi -} - -<%# Some functions to match LSB %> - -log_daemon_msg() { - echo -n "$1" -} - -log_progress_msg() { - echo -n "$1" -} - -log_warning_msg() { - echo -n "$1" -} - -log_failure_msg() { - echo -n "$1" -} - -log_end_msg() { - if [ "$1" = 0 ]; then - echo " [ OK ]" - else - echo " [FAILED]" - fi -} -<%- end -%> - -set -e - -start() { - if _start - then - rc=0 - sleep 1 - if ! kill -0 "$(cat "<%= @pid_file %>")" >/dev/null 2>&1; then - log_failure_msg "<%= @name %> failed to start" - rc=1 - fi - else - rc=1 - fi - if [ "$rc" -eq 0 ]; then - log_end_msg 0 - else - log_end_msg 1 - rm -f "<%= @pid_file %>" - fi -} - -<%- @environment.each do |key, val| -%> -export <%= key %>="<%= val %>" -<%- end -%> -export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" - -case "$1" in - start) - log_daemon_msg "Starting <%= @name %>" - if [ -s "<%= @pid_file %>" ] && kill -0 "$(cat "<%= @pid_file %>")" >/dev/null 2>&1; then - log_progress_msg "apparently already running" - log_end_msg 0 - exit 0 - fi - start - ;; - - stop) - log_daemon_msg "Stopping <%= @name %>" - _stop - log_end_msg "$?" - rm -f "<%= @pid_file %>" - ;; - - reload|force-reload) - log_daemon_msg "Reloading <%= @name %>" - _reload - log_end_msg "$?" - ;; - - restart) - set +e - log_daemon_msg "Restarting <%= @name %>" - if [ -s "<%= @pid_file %>" ] && kill -0 "$(cat "<%= @pid_file %>")" >/dev/null 2>&1; then - _stop || true - sleep 1 - else - log_warning_msg "<%= @name %> not running, attempting to start." - rm -f "<%= @pid_file %>" - fi - start - ;; - - status) - set +e - _status - exit $? - ;; - - *) - echo "Usage: /etc/init.d/<%= @name %> {start|stop|reload|force-reload|restart|status}" - exit 1 -esac - -exit 0 diff --git a/cookbooks/poise-service/templates/default/upstart.conf.erb b/cookbooks/poise-service/templates/default/upstart.conf.erb deleted file mode 100644 index cd60ea1..0000000 --- a/cookbooks/poise-service/templates/default/upstart.conf.erb +++ /dev/null @@ -1,49 +0,0 @@ -# <%= @name %> generated by poise-service for <%= @new_resource.to_s %> - -description "<%= @name %>" - -start on runlevel [2345] -stop on runlevel [!2345] - -respawn -respawn limit 10 5 -umask 022 -chdir <%= @directory %> -<%- @environment.each do |key, val| -%> -env <%= key %>="<%= val %>" -<%- end -%> -<%- if @upstart_features[:setuid] -%> -setuid <%= @user %> -<%- end -%> -<%- if @upstart_features[:kill_signal] -%> -kill signal <%= @stop_signal %> -<%- end -%> -<%- if @upstart_features[:reload_signal] -%> -reload signal <%= @reload_signal %> -<%- end -%> - -<%- if @upstart_features[:setuid] -%> -exec <%= @command %> -<%- else -%> -script -exec /opt/chef/embedded/bin/ruby <) -if Process.euid != ent.uid || Process.egid != ent.gid - Process.initgroups(ent.name, ent.gid) - Process::GID.change_privilege(ent.gid) if Process.egid != ent.gid - Process::UID.change_privilege(ent.uid) if Process.euid != ent.uid -end -ENV["HOME"] = Dir.home(<%= @user.inspect %>) rescue nil -exec(*<%= Shellwords.split(@command).inspect %>) -EOH -end script -<%- end -%> -<%- if !@upstart_features[:kill_signal] && @stop_signal != 'TERM' -%> -pre-stop script - PID=`initctl status <%= @name %> | sed 's/^.*process \([0-9]*\)$/\1/'` - if [ -n "$PID" ]; then - kill -<%= @stop_signal %> "$PID" - fi -end script -<%- end -%> diff --git a/cookbooks/poise/CHANGELOG.md b/cookbooks/poise/CHANGELOG.md deleted file mode 100644 index 13b4f9c..0000000 --- a/cookbooks/poise/CHANGELOG.md +++ /dev/null @@ -1,203 +0,0 @@ -# Changelog - -## v2.8.2 - -* Remove support for Chef before 12.14. -* Fixed compatibility with Chef 14.3. - -## v2.8.1 - -* Fix a missing `require` when using `subclass_providers!` on Chef 12.3. - -## v2.8.0 - -* Chef 13 compatibility. -* Passing a symbol for the parent now works with the `include Poise(:name)` - shortcut. -* Fixed `subclass_providers!` on older versions of Chef. - -## v2.7.2 - -* Test harness fixes for Chef. - -## v2.7.1 - -* Minor tweak for compatability with Chef master. - -## v2.7.0 - -* More compatibility improvements for Chef 12.9. -* New helper: `Poise::Helpers::Win32User` to automatically convert `'root'` - defaults for user and group properties to more platform-appropriate values. -* Enhanced `poise_shell_out` to better cope with Windows command parsing. Use - Bash-style commands and it will automatically convert. -* Overall compatibility fixes for Windows. - -## v2.6.1 - -* Compatibility with Chef master to fix issues with `defined_in!` not ignoring - stack frames from Chef code. -* Setting a provider in a inversion options resource now works as (probably) - expected. - -## v2.6.0 - -* New backwards-compatibility helper: `Poise::Backports::VERIFY_PATH`. Use it - like `verify "myapp -t #{Poise::Backports::VERIFY_PATH}" if defined?(verify)` - for backwards-compatible usage of file verifications. -* Fixed Poise's implementation of lazy defaults to more closely match Chef's - even when both are used in conjunction. Lazy defaults will no longer be - evaluated when setting a value or getting an existing non-default value. - -## v2.5.0 - -* New property for inversion resources: `provider_no_auto`. Set one or more - provider names that will be ignored for automatic resolution for that instance. -* Support `variables` as an alias for `options` in template content properties - to match the `template` resource. -* Template content properties are no longer validated after creation for - non-default actions. -* Formalize the extra-verbose logging mode for Poise and expose it via helpers. -* Extra-verbose logging mode can now be enabled by creating a `/poise_debug` file. -* New helper: `poise_shell_out`. Like normal `shell_out` but sets group and - environment variables automatically to better defaults. - -## v2.4.0 - -* Added return value to `Container#register_subresource` to track if the resource - was already added. -* Improve inspect output for subresources and containers. -* Ensure notifications work with subresources. -* Inversion providers process name equivalences. - -## v2.3.2 - -* Improve handling of deeply nested subresources. - -## v2.3.1 - -* Ensure a container with a parent link to its own type doesn't use self as the - default parent. -* Improve handling of `load_current_resource` in providers that call it via - `super`. - -## v2.3.0 - -* New helper: `ResourceSubclass`, a helper for subclassing a resource while - still using the providers as the base class. -* New feature: Non-default containers. Use `container_default: false` to mark - a container class as ineligible for default lookup. -* New feature: parent attribute defaults. You can set a `parent_default` to - provide a default value for the parent of a resource. This supports the - `lazy { }` helper as with normal default values. -* New feature: use `forced_keys: [:name]` on an option collector property to - force keys that would otherwise be clobbered by resource methods. -* Can enable verbose logging mode via a node attribute in addition to an - environment variable. - -## v2.2.3 - -* Add `ancestor_send` utility method for use in other helpers. -* Improve subresource support for use in mixins. - -## v2.2.2 - -* Fix 2.2.1 for older versions of Chef. - -## v2.2.1 - -* Fixed delayed notifications inside `notifying_block`. -* Default actions as expected within LWRPs. - -## v2.2.0 - -* Compatibility with Chef 12.4.1 and Chefspec 4.3.0. -* New helper `ResourceCloning`: Disables resource cloning between Poise-based - resources. This is enabled by default. -* Subresource parent references can be set to nil. - -## v2.1.0 - -* Compatibility with Chef 12.4. -* Add `#property` as an alias for `#attribute` in resources. This provides - forward compatibility with future versions of Chef. -* Freeze default resource attribute values. **This may break your code**, - however this is not a major release because any code broken by this change - was itself already a bug. - -## v2.0.1 - -* Make the ChefspecHelpers helper a no-op if chefspec is not already loaded. -* Fix for finding the correct cookbook for a file when using vendored gems. -* New flag for the OptionCollector helper, `parser`: - -```ruby -class Resource < Chef::Resource - include Poise - attribute(:options, option_collector: true, parser: proc {|val| parse(val) }) - - def parse(val) - {name: val} - end -end -``` - -* Fix for a possible infinite loop when using `ResourceProviderMixin` in a nested - module structure. - -## v2.0.0 - -Major overhaul! Poise is now a Halite gem/cookbook. New helpers: - -* ChefspecMatchers – Automatically create Chefspec matchers for Poise resources. -* DefinedIn – Track which file (and cookbook) a resource or provider is defined in. -* Fused – Experimental support for defining provider actions in the resource class. -* Inversion – Support for end-user dependency inversion with providers. - -All helpers are compatible with Chef >= 12.0. Chef 11 is now deprecated, if you -need to support Chef 11 please continue to use Poise 1. - -## v1.0.12 - -* Correctly propagate errors from inside notifying_block. - -## v1.0.10 - -* Fixes an issue with the LWRPPolyfill helper and false values. - - -## v1.0.8 - -* Delayed notifications from nested converges will still only run at the end of - the main converge. - -## v1.0.6 - -* The include_recipe helper now works correctly when used at compile time. - -## v1.0.4 - -* Redeclaring a template attribute with the same name as a parent class will - inherit its options. - -## v1.0.2 - -* New template attribute pattern. - -```ruby -attribute(:config, template: true) - -... - -resource 'name' do - config_source 'template.erb' -end - -... - -new_resource.config_content -``` - -## v1.0.0 - -* Initial release! diff --git a/cookbooks/poise/README.md b/cookbooks/poise/README.md deleted file mode 100644 index 881b5cf..0000000 --- a/cookbooks/poise/README.md +++ /dev/null @@ -1,233 +0,0 @@ -# Poise - -[![Build Status](https://img.shields.io/travis/poise/poise.svg)](https://travis-ci.org/poise/poise) -[![Gem Version](https://img.shields.io/gem/v/poise.svg)](https://rubygems.org/gems/poise) -[![Cookbook Version](https://img.shields.io/cookbook/v/poise.svg)](https://supermarket.chef.io/cookbooks/poise) -[![Coverage](https://img.shields.io/codecov/c/github/poise/poise.svg)](https://codecov.io/github/poise/poise) -[![Gemnasium](https://img.shields.io/gemnasium/poise/poise.svg)](https://gemnasium.com/poise/poise) -[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) - -## What is Poise? - -The poise cookbook is a set of libraries for writing reusable cookbooks. It -provides helpers for common patterns and a standard structure to make it easier to create flexible cookbooks. - -## Writing your first resource - -Rather than LWRPs, Poise promotes the idea of using normal, or "heavy weight" -resources, while including helpers to reduce much of boilerplate needed for this. Each resource goes in its own file under `libraries/` named to match -the resource, which is in turn based on the class name. This means that the file `libraries/my_app.rb` would contain `Chef::Resource::MyApp` which maps to the resource `my_app`. - -An example of a simple shell to start from: - -```ruby -require 'poise' -require 'chef/resource' -require 'chef/provider' - -module MyApp - class Resource < Chef::Resource - include Poise - provides(:my_app) - actions(:enable) - - attribute(:path, kind_of: String) - # Other attribute definitions. - end - - class Provider < Chef::Provider - include Poise - provides(:my_app) - - def action_enable - notifying_block do - ... # Normal Chef recipe code goes here - end - end - end -end -``` - -Starting from the top, first we require the libraries we will be using. Then we -create a module to hold our resource and provider. If your cookbook declares -multiple resources and/or providers, you might want additional nesting here. -Then we declare the resource class, which inherits from `Chef::Resource`. This -is similar to the `resources/` file in an LWRP, and a similar DSL can be used. -We then include the `Poise` mixin to load our helpers, and then call -`provides(:my_app)` to tell Chef this class will implement the `my_app` -resource. Then we use the familiar DSL, though with a few additions we'll cover -later. - -Then we declare the provider class, again similar to the `providers/` file in an -LWRP. We include the `Poise` mixin again to get access to all the helpers and -call `provides()` to tell Chef what provider this is. Rather than use the -`action :enable do ... end` DSL from LWRPs, we just define the action method -directly. The implementation of action comes from a block of recipe code -wrapped with `notifying_block` to capture changes in much the same way as -`use_inline_resources`, see below for more information about all the features of -`notifying_block`. - -We can then use this resource like any other Chef resource: - -```ruby -my_app 'one' do - path '/tmp' -end -``` - -## Helpers - -While not exposed as a specific method, Poise will automatically set the -`resource_name` based on the class name. - -### Notifying Block - -As mentioned above, `notifying_block` is similar to `use_inline_resources` in LWRPs. Any Chef resource created inside the block will be converged in a sub-context and if any have updated it will trigger notifications on the current resource. Unlike `use_inline_resources`, resources inside the sub-context can still see resources outside of it, with lookups propagating up sub-contexts until a match is found. Also any delayed notifications are scheduled to run at the end of the main converge cycle, instead of the end of this inner converge. - -This can be used to write action methods using the normal Chef recipe DSL, while still offering more flexibility through subclassing and other forms of code reuse. - -### Include Recipe - -In keeping with `notifying_block` to implement action methods using the Chef DSL, Poise adds an `include_recipe` helper to match the method of the same name in recipes. This will load and converge the requested recipe. - -### Resource DSL - -To make writing resource classes easier, Poise exposes a DSL similar to LWRPs for defining actions and attributes. Both `actions` and -`default_action` are just like in LWRPs, though `default_action` is rarely needed as the first action becomes the default. `attribute` is also available just like in LWRPs, but with some enhancements noted below. - -One notable difference over the standard DSL method is that Poise attributes -can take a block argument. - -#### Template Content - -A common pattern with resources is to allow passing either a template filename or raw file content to be used in a configuration file. Poise exposes a new attribute flag to help with this behavior: - -```ruby -attribute(:name, template: true) -``` - -This creates four methods on the class, `name_source`, `name_cookbook`, -`name_content`, and `name_options`. If the name is set to `''`, no prefix is applied to the function names. The content method can be set directly, but if not set and source is set, then it will render the template and return it as a string. Default values can also be set for any of these: - -```ruby -attribute(:name, template: true, default_source: 'app.cfg.erb', - default_options: {host: 'localhost'}) -``` - -As an example, you can replace this: - -```ruby -if new_resource.source - template new_resource.path do - source new_resource.source - owner 'app' - group 'app' - variables new_resource.options - end -else - file new_resource.path do - content new_resource.content - owner 'app' - group 'app' - end -end -``` - -with simply: - -```ruby -file new_resource.path do - content new_resource.content - owner 'app' - group 'app' -end -``` - -As the content method returns the rendered template as a string, this can also -be useful within other templates to build from partials. - -#### Lazy Initializers - -One issue with Poise-style resources is that when the class definition is executed, Chef hasn't loaded very far so things like the node object are not -yet available. This means setting defaults based on node attributes does not work directly: - -```ruby -attribute(:path, default: node['myapp']['path']) -... -NameError: undefined local variable or method 'node' -``` - -To work around this, Poise extends the idea of lazy initializers from Chef recipes to work with resource definitions as well: - -```ruby -attribute(:path, default: lazy { node['myapp']['path'] }) -``` - -These initializers are run in the context of the resource object, allowing -complex default logic to be moved to a method if desired: - -```ruby -attribute(:path, default: lazy { my_default_path }) - -def my_default_path - ... -end -``` - -#### Option Collector - -Another common pattern with resources is to need a set of key/value pairs for -configuration data or options. This can done with a simple Hash, but an option collector attribute can offer a nicer syntax: - -```ruby -attribute(:mydata, option_collector: true) -... - -my_app 'name' do - mydata do - key1 'value1' - key2 'value2' - end -end -``` - -This will be converted to `{key1: 'value1', key2: 'value2'}`. You can also pass a Hash to an option collector attribute just as you would with a normal attribute. - -## Debugging Poise - -Poise has its own extra-verbose level of debug logging that can be enabled in -three different ways. You can either set the environment variable `$POISE_DEBUG`, -set a node attribute `node['POISE_DEBUG']`, or touch the file `/POISE_DEBUG`. -You will see a log message `Extra verbose logging enabled` at the start of the -run to confirm Poise debugging has been enabled. Make sure you also set Chef's -log level to `debug`, usually via `-l debug` on the command line. - -## Upgrading from Poise 1.x - -The biggest change when upgrading from Poise 1.0 is that the mixin is no longer -loaded automatically. You must add `require 'poise'` to your code is you want to -load it, as you would with normal Ruby code outside of Chef. It is also highly -recommended to add `provides(:name)` calls to your resources and providers, this -will be required in Chef 13 and will display a deprecation warning if you do -not. This also means you can move your code out of the `Chef` module namespace -and instead declare it in your own namespace. An example of this is shown above. - -## Sponsors - -The Poise test server infrastructure is generously sponsored by [Rackspace](https://rackspace.com/). Thanks Rackspace! - -## License - -Copyright 2013-2016, Noah Kantrowitz - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/poise/files/halite_gem/poise.rb b/cookbooks/poise/files/halite_gem/poise.rb deleted file mode 100644 index cdacd57..0000000 --- a/cookbooks/poise/files/halite_gem/poise.rb +++ /dev/null @@ -1,108 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' -require 'chef/resource' -require 'chef/run_context' - -require 'poise/utils/resource_provider_mixin' - - -module Poise - include Poise::Utils::ResourceProviderMixin - autoload :Backports, 'poise/backports' - autoload :Helpers, 'poise/helpers' - autoload :NOT_PASSED, 'poise/backports/not_passed' - autoload :Provider, 'poise/provider' - autoload :Resource, 'poise/resource' - autoload :Subcontext, 'poise/subcontext' - autoload :Utils, 'poise/utils' - autoload :VERSION, 'poise/version' - - # Check if Poise's extra debugging output is enabled. This produces a *lot* - # of logging. - # - # @param node [Chef::Node, Chef::RunContext] Optional node to check for - # attributes. If not given, Chef.node is used instead. - # @return [Boolean] - def self.debug?(node=nil) - node = node.node if node.is_a?(Chef::RunContext) - node ||= Chef.node if defined?(Chef.node) - @debug_file_upper = ::File.exist?('/POISE_DEBUG') unless defined?(@debug_file_upper) - @debug_file_lower = ::File.exist?('/poise_debug') unless defined?(@debug_file_lower) - !!( - (ENV['POISE_DEBUG'] && ENV['POISE_DEBUG'] != 'false') || - (ENV['poise_debug'] && ENV['poise_debug'] != 'false') || - (node && node['POISE_DEBUG']) || - (node && node['poise_debug']) || - @debug_file_upper || - @debug_file_lower - ) - end - - # Log a message only if Poise's extra debugging output is enabled. - # - # @see #debug? - # @param msg [String] Log message. - # @return [void] - def self.debug(msg) - Chef::Log.debug(msg) if debug? - end -end - -# Callable form to allow passing in options: -# include Poise(ParentResource) -# include Poise(parent: ParentResource) -# include Poise(container: true) -def Poise(options={}) - # Allow passing a class as a shortcut - if options.is_a?(Class) || options.is_a?(Symbol) - options = {parent: options} - end - - # Create a new anonymous module - mod = Module.new - - # Fake the name. - mod.define_singleton_method(:name) do - super() || 'Poise' - end - - mod.define_singleton_method(:included) do |klass| - super(klass) - # Pull in the main helper to cover most of the needed logic. - klass.class_exec { include Poise } - # Set the defined_in values as needed. - klass.poise_defined!(caller) - # Resource-specific options. - if klass < Chef::Resource - klass.poise_subresource(options[:parent], options[:parent_optional], options[:parent_auto]) if options[:parent] - klass.poise_subresource_container(options[:container_namespace], options[:container_default]) if options[:container] - klass.poise_fused if options[:fused] - klass.poise_inversion(options[:inversion_options_resource]) if options[:inversion] - end - # Provider-specific options. - if klass < Chef::Provider - klass.poise_inversion(options[:inversion], options[:inversion_attribute]) if options[:inversion] - end - end - - mod -end - -# Display a message if poise_debug is enabled. Off in ChefSpec so I don't get -# extra logging stuff that I don't care about. -Poise.debug('[Poise] Extra verbose logging enabled') unless defined?(ChefSpec) diff --git a/cookbooks/poise/files/halite_gem/poise/backports.rb b/cookbooks/poise/files/halite_gem/poise/backports.rb deleted file mode 100644 index 84ceed8..0000000 --- a/cookbooks/poise/files/halite_gem/poise/backports.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - # Backported features from Chef to be able to use them with older versions. - # - # @since 2.3.0 - module Backports - autoload :NOT_PASSED, 'poise/backports/not_passed' - autoload :VERIFY_PATH, 'poise/backports/verify_path' - end - - autoload :NOT_PASSED, 'poise/backports/not_passed' -end diff --git a/cookbooks/poise/files/halite_gem/poise/backports/not_passed.rb b/cookbooks/poise/files/halite_gem/poise/backports/not_passed.rb deleted file mode 100644 index c5b3ce0..0000000 --- a/cookbooks/poise/files/halite_gem/poise/backports/not_passed.rb +++ /dev/null @@ -1,52 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -begin - require 'chef/constants' -rescue LoadError - # This space left intentionally blank. -end - - -module Poise - module Backports - # A sentinel value for optional arguments where nil is a valid value. - # @since 2.3.0 - # @!parse NOT_PASSED = Object.new - NOT_PASSED = if defined?(Chef::NOT_PASSED) - Chef::NOT_PASSED - else - # Copyright 2015-2016, Chef Software Inc. - # Used under Apache License, Version 2.0. - Object.new.tap do |not_passed| - def not_passed.to_s - "NOT_PASSED" - end - def not_passed.inspect - to_s - end - not_passed.freeze - end - end - - end - - # An alias to {Backports::NOT_PASSED} to avoid typing so much. - # - # @since 2.3.0 - # @see Backports::NOT_PASSED - NOT_PASSED = Backports::NOT_PASSED -end diff --git a/cookbooks/poise/files/halite_gem/poise/backports/verify_path.rb b/cookbooks/poise/files/halite_gem/poise/backports/verify_path.rb deleted file mode 100644 index 8bd4c06..0000000 --- a/cookbooks/poise/files/halite_gem/poise/backports/verify_path.rb +++ /dev/null @@ -1,33 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Backports - # The correct interpolation key for any version of Chef. - # @since 2.6.0 - # @example - # file '/path' do - # content my_content - # verify "myapp -t #{Poise::Backports::VERIFY_PATH}" - # end - VERIFY_PATH = if Gem::Version.create(Chef::VERSION) < Gem::Version.create('12.5.0') - '%{file}' - else - '%{path}' - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/error.rb b/cookbooks/poise/files/halite_gem/poise/error.rb deleted file mode 100644 index 9a6a948..0000000 --- a/cookbooks/poise/files/halite_gem/poise/error.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - # Base exception class for Poise errors. - # - # @since 2.0.0 - class Error < Exception - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers.rb b/cookbooks/poise/files/halite_gem/poise/helpers.rb deleted file mode 100644 index ab2fc33..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers.rb +++ /dev/null @@ -1,36 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Helpers - autoload :ChefspecMatchers, 'poise/helpers/chefspec_matchers' - autoload :DefinedIn, 'poise/helpers/defined_in' - autoload :Fused, 'poise/helpers/fused' - autoload :IncludeRecipe, 'poise/helpers/include_recipe' - autoload :Inversion, 'poise/helpers/inversion' - autoload :LazyDefault, 'poise/helpers/lazy_default' - autoload :LWRPPolyfill, 'poise/helpers/lwrp_polyfill' - autoload :NotifyingBlock, 'poise/helpers/notifying_block' - autoload :OptionCollector, 'poise/helpers/option_collector' - autoload :ResourceCloning, 'poise/helpers/resource_cloning' - autoload :ResourceName, 'poise/helpers/resource_name' - autoload :ResourceSubclass, 'poise/helpers/resource_subclass' - autoload :Subresources, 'poise/helpers/subresources' - autoload :TemplateContent, 'poise/helpers/template_content' - autoload :Win32User, 'poise/helpers/win32_user' - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/chefspec_matchers.rb b/cookbooks/poise/files/halite_gem/poise/helpers/chefspec_matchers.rb deleted file mode 100644 index 7417628..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/chefspec_matchers.rb +++ /dev/null @@ -1,92 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Not requiring chefspec or rspec/expectations since this code should only -# activate if they are already loaded. - -require 'poise/helpers/lwrp_polyfill' -require 'poise/helpers/resource_name' - - -module Poise - module Helpers - # A resource mixin to register ChefSpec matchers for a resource - # automatically. - # - # If you are using the provides() form for naming resources, ensure that is - # set before declaring actions. - # - # @since 2.0.0 - # @example Define a class - # class Chef::Resource::MyResource < Chef::Resource - # include Poise::Helpers::ChefspecMatchers - # actions(:run) - # end - # @example Use a matcher - # expect(chef_run).to run_my_resource('...') - module ChefspecMatchers - include Poise::Helpers::LWRPPolyfill::Resource - include Poise::Helpers::ResourceName - - # Create a matcher for a given resource type and action. This is - # idempotent so if a matcher already exists, it will not be recreated. - # - # @api private - def self.create_matcher(resource, action) - # Check that we have everything we need. - return unless defined?(ChefSpec) && defined?(RSpec::Matchers) && resource - method = :"#{action}_#{resource}" - return if RSpec::Matchers.method_defined?(method) - RSpec::Matchers.send(:define_method, method) do |resource_name| - ChefSpec::Matchers::ResourceMatcher.new(resource, action, resource_name) - end - end - - # @!classmethods - module ClassMethods - # Create a resource-level matcher for this resource. - # - # @see Resource::ResourceName.provides - def provides(name, *args, &block) - super(name, *args, &block) - ChefSpec.define_matcher(name) if defined?(ChefSpec) - # Call #actions here to grab any actions from a parent class. - actions.each do |action| - ChefspecMatchers.create_matcher(name, action) - end - end - - # Create matchers for all declared actions. - # - # @see Resource::LWRPPolyfill.actions - def actions(*names) - super.tap do |actions| - actions.each do |action| - ChefspecMatchers.create_matcher(resource_name, action) - end if resource_name && resource_name != :resource && !names.empty? - end - end - - def included(klass) - super - klass.extend ClassMethods - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/defined_in.rb b/cookbooks/poise/files/halite_gem/poise/helpers/defined_in.rb deleted file mode 100644 index 81ce8c4..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/defined_in.rb +++ /dev/null @@ -1,129 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise' -require 'poise/error' -require 'poise/utils' - - -module Poise - module Helpers - # A mixin to track where a resource or provider was defined. This can - # provide either the filename of the class or the cookbook it was defined in. - # - # @since 2.0.0 - # @example - # class MyProvider < Chef::provider - # include Poise::Helpers::DefinedIn - # - # def action_create - # template '...' do - # # ... - # cookbook new_resource.poise_defined_in - # end - # end - # end - module DefinedIn - # Path to the root of Poise's code. - # @see #poise_defined! - # @api private - POISE_LIB_ROOT = ::File.expand_path('../..', __FILE__) - - # Path to the root of Chef's code. - # @see #poise_defined! - # @api private - CHEF_LIB_ROOT = ::File.join(::Gem::Specification.find_by_name('chef').gem_dir, 'lib') - - # A regex used to parse Ruby's `caller` string syntax. - # @see #poise_defined! - # @api private - CALLER_REGEXP = /^(.+):\d+:in `.+'/ - - # Wrapper for {.poise_defined_in_cookbook} to pass the run context for you. - # - # @see .poise_defined_in_cookbook - # @param file [String, nil] Optional file path to check instead of the path - # this class was defined in. - # @return [String] - def poise_defined_in_cookbook(file=nil) - self.class.poise_defined_in_cookbook(run_context, file) - end - - # @!classmethods - module ClassMethods - # The file this class or module was defined in, or nil if it isn't found. - # - # @return [String] - def poise_defined_in - raise Poise::Error.new("Unable to determine location of #{self.name}") unless @poise_defined_in - @poise_defined_in - end - - # The cookbook this class or module was defined in. Can pass a file to - # check that instead. - # - # @param run_context [Chef::RunContext] Run context to check cookbooks in. - # @param file [String, nil] Optional file path to check instead of the - # path this class was defined in. - # @return [String] - def poise_defined_in_cookbook(run_context, file=nil) - file ||= poise_defined_in - Poise.debug("[#{self.name}] Checking cookbook name for #{file}") - Poise::Utils.find_cookbook_name(run_context, file).tap do |cookbook| - Poise.debug("[#{self.name}] found cookbook #{cookbook.inspect}") - end - end - - # Record that the class/module was defined. Called automatically by Ruby - # for all normal cases. - # - # @param caller_array [Array] A strack trace returned by #caller. - # @return [void] - def poise_defined!(caller_array) - # Only try to set this once. - return if @poise_defined_in - # Parse out just the filenames. - caller_paths = caller_array.map {|line| line[CALLER_REGEXP, 1] } - # Find the first non-poise, non-chef line. This assumes Halite - # transformation which I'm not thrilled about. - caller_path = caller_paths.find do |line| - line && !line.start_with?(POISE_LIB_ROOT) && !line.start_with?(CHEF_LIB_ROOT) - end - raise Poise::Error.new("Unable to find a caller path for: #{caller_array.inspect}") unless caller_path - if ::File::ALT_SEPARATOR - caller_path.gsub!(::File::ALT_SEPARATOR, ::File::SEPARATOR) - end - Chef::Log.debug("[#{self.name}] Recording poise_defined_in as #{caller_path}") - @poise_defined_in = caller_path - end - - # @api private - def inherited(klass) - super - klass.poise_defined!(caller) - end - - def included(klass) - super - klass.extend(ClassMethods) - klass.poise_defined!(caller) - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/fused.rb b/cookbooks/poise/files/halite_gem/poise/helpers/fused.rb deleted file mode 100644 index 8b67bea..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/fused.rb +++ /dev/null @@ -1,127 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider' - - -module Poise - module Helpers - # Resource mixin to create "fused" resources where the resource and provider - # are implemented in the same class. - # - # @since 2.0.0 - # @example - # class Chef::Resource::MyResource < Chef::Resource - # include Poise(fused: true) - # attribute(:path, kind_of: String) - # attribute(:message, kind_of: String) - # action(:run) do - # file new_resource.path do - # content new_resource.message - # end - # end - # end - module Fused - # Hack is_a? so that the DSL will consider this a Provider for the - # purposes of attaching enclosing_provider. - # - # @api private - # @param klass [Class] - # @return [Boolean] - def is_a?(klass) - if klass == Chef::Provider - # Lies, damn lies, and Ruby code. - true - else - super - end - end - - # Hack provider_for_action so that the resource is also the provider. - # - # @api private - # @param action [Symbol] - # @return [Chef::Provider] - def provider_for_action(action) - provider(self.class.fused_provider_class) unless provider - super - end - - # @!classmethods - module ClassMethods - # Define a provider action. The block should contain the usual provider - # code. - # - # @param name [Symbol] Name of the action. - # @param block [Proc] Action implementation. - # @example - # action(:run) do - # file '/temp' do - # user 'root' - # content 'temp' - # end - # end - def action(name, &block) - fused_actions[name.to_sym] = block - # Make sure this action is allowed, also sets the default if first. - if respond_to?(:actions) - actions(name.to_sym) - end - end - - # Storage accessor for fused action blocks. Maps action name to proc. - # - # @api private - # @return [Hash] - def fused_actions - (@fused_actions ||= {}) - end - - # Create a provider class for the fused actions in this resource. - # Inherits from the fused provider class of the resource's superclass if - # present. - # - # @api private - # @return [Class] - def fused_provider_class - @fused_provider_class ||= begin - provider_superclass = begin - self.superclass.fused_provider_class - rescue NoMethodError - Chef::Provider - end - actions = fused_actions - class_name = self.name - Class.new(provider_superclass) do - include Poise - define_singleton_method(:name) { class_name + ' (fused)' } - actions.each do |action, block| - define_method(:"action_#{action}", &block) - end - end - end - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/include_recipe.rb b/cookbooks/poise/files/halite_gem/poise/helpers/include_recipe.rb deleted file mode 100644 index 2b84e30..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/include_recipe.rb +++ /dev/null @@ -1,62 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/helpers/subcontext_block' -require 'poise/subcontext/runner' - - -module Poise - module Helpers - # A provider mixin to add #include_recipe that can be called from action - # methods. - # - # @since 2.0.0 - module IncludeRecipe - include Poise::Helpers::SubcontextBlock - - def include_recipe(*recipes) - loaded_recipes = [] - subcontext = subcontext_block do - recipes.flatten.each do |recipe| - case recipe - when String - # Process normally - Chef::Log.debug("Loading recipe #{recipe} via include_recipe (poise)") - loaded_recipes += run_context.include_recipe(recipe) - when Proc - # Pretend its a block of recipe code - fake_recipe = Chef::Recipe.new(cookbook_name, new_resource.recipe_name, run_context) - fake_recipe.instance_eval(&recipe) - loaded_recipes << fake_recipe - end - end - end - # Converge the new context. - Poise::Subcontext::Runner.new(new_resource, subcontext).converge - collection = global_resource_collection - subcontext.resource_collection.each do |r| - Chef::Log.debug("Poise::IncludeRecipe: Adding #{r} to global collection #{collection.object_id}") - # Insert the local resource into the global context - collection.insert(r) - # Skip the iterator forward so we don't double-execute the inserted resource - # If running at compile time, the iterator is nil - collection.iterator.skip_forward if collection.iterator - end - loaded_recipes - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/inversion.rb b/cookbooks/poise/files/halite_gem/poise/helpers/inversion.rb deleted file mode 100644 index 76b64ba..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/inversion.rb +++ /dev/null @@ -1,414 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/node' -require 'chef/node_map' -require 'chef/provider' -require 'chef/resource' - -require 'poise/backports' -require 'poise/helpers/defined_in' -require 'poise/error' -require 'poise/helpers/inversion/options_resource' -require 'poise/utils/resource_provider_mixin' - - -module Poise - module Helpers - # A mixin for dependency inversion in Chef. - # - # @since 2.0.0 - module Inversion - autoload :OptionsResource, 'poise/helpers/inversion/options_resource' - autoload :OptionsProvider, 'poise/helpers/inversion/options_provider' - - include Poise::Utils::ResourceProviderMixin - - # Resource implementation for {Poise::Helpers::Inversion}. - # @see Poise::Helpers::Inversion - module Resource - # @overload options(val=nil) - # Set or return provider options for all providers. - # @param val [Hash] Provider options to set. - # @return [Hash] - # @example - # my_resource 'thing_one' do - # options depends: 'thing_two' - # end - # @overload options(provider, val=nil) - # Set or return provider options for a specific provider. - # @param provider [Symbol] Provider to set for. - # @param val [Hash] Provider options to set. - # @return [Hash] - # @example - # my_resource 'thing_one' do - # options :my_provider, depends: 'thing_two' - # end - def options(provider=nil, val=nil) - key = :options - if !val && provider.is_a?(Hash) - val = provider - elsif provider - key = :"options_#{provider}" - end - set_or_return(key, val ? Mash.new(val) : val, kind_of: Hash, default: lazy { Mash.new }) - end - - # Allow setting the provider directly using the same names as the attribute - # settings. - # - # @param val [String, Symbol, Class, nil] Value to set the provider to. - # @return [Class] - # @example - # my_resource 'thing_one' do - # provider :my_provider - # end - def provider(val=nil) - if val && !val.is_a?(Class) - resource_names = [resource_name] - # If subclass_providers! might be in play, check for those names too. - resource_names.concat(self.class.subclass_resource_equivalents) if self.class.respond_to?(:subclass_resource_equivalents) - # Silly ruby tricks to find the first provider that exists and no more. - provider_class = resource_names.lazy.map {|name| Poise::Helpers::Inversion.provider_for(name, node, val) }.select {|x| x }.first - Poise.debug("[#{self}] Checking for an inversion provider for #{val}: #{provider_class && provider_class.name}") - val = provider_class if provider_class - end - super - end - - # Set or return the array of provider names to be blocked from - # auto-resolution. - # - # @param val [String, Array] Value to set. - # @return [Array] - def provider_no_auto(val=nil) - # Coerce to an array. - val = Array(val).map(&:to_s) if val - set_or_return(:provider_no_auto, val, kind_of: Array, default: []) - end - - # @!classmethods - module ClassMethods - # Options resource class. - attr_reader :inversion_options_resource_class - # Options provider class. - attr_reader :inversion_options_provider_class - - # @overload inversion_options_resource() - # Return the options resource mode for this class. - # @return [Boolean] - # @overload inversion_options_resource(val) - # Set the options resource mode for this class. Set to true to - # automatically create an options resource. Defaults to true. - # @param val [Boolean] Enable/disable setting. - # @return [Boolean] - def inversion_options_resource(val=nil) - @poise_inversion_options_resource = val unless val.nil? - @poise_inversion_options_resource - end - - # Create resource and provider classes for an options resource. - # - # @param name [String, Symbol] DSL name for the base resource. - # @return [void] - def create_inversion_options_resource!(name) - enclosing_class = self - options_resource_name = :"#{name}_options" - # Create the resource class. - @inversion_options_resource_class = Class.new(Chef::Resource) do - include Poise::Helpers::Inversion::OptionsResource - define_singleton_method(:name) do - "#{enclosing_class}::OptionsResource" - end - define_singleton_method(:inversion_resource_class) do - enclosing_class - end - provides(options_resource_name) - inversion_resource(name) - end - # Create the provider class. - @inversion_options_provider_class = Class.new(Chef::Provider) do - include Poise::Helpers::Inversion::OptionsProvider - define_singleton_method(:name) do - "#{enclosing_class}::OptionsProvider" - end - define_singleton_method(:inversion_resource_class) do - enclosing_class - end - provides(options_resource_name) - end - end - - # Wrap #provides() to create an options resource if desired. - # - # @param name [Symbol] Resource name - # return [void] - def provides(name, *args, &block) - create_inversion_options_resource!(name) if inversion_options_resource - super(name, *args, &block) if defined?(super) - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - - # Provider implementation for {Poise::Helpers::Inversion}. - # @see Poise::Helpers::Inversion - module Provider - include DefinedIn - - # Compile all the different levels of inversion options together. - # - # @return [Hash] - # @example - # def action_run - # if options['depends'] - # # ... - # end - # end - def options - @options ||= self.class.inversion_options(node, new_resource) - end - - # @!classmethods - module ClassMethods - # @overload inversion_resource() - # Return the inversion resource name for this class. - # @return [Symbo, nill] - # @overload inversion_resource(val) - # Set the inversion resource name for this class. You can pass either - # a symbol in DSL format or a resource class that uses Poise. This - # name is used to determine which resources the inversion provider is - # a candidate for. - # @param val [Symbol, Class] Name to set. - # @return [Symbol, nil] - def inversion_resource(val=Poise::NOT_PASSED) - if val != Poise::NOT_PASSED - val = val.resource_name if val.is_a?(Class) - Chef::Log.debug("[#{self.name}] Setting inversion resource to #{val}") - @poise_inversion_resource = val.to_sym - end - if defined?(@poise_inversion_resource) - @poise_inversion_resource - else - Poise::Utils.ancestor_send(self, :inversion_resource, default: nil) - end - end - - # @overload inversion_attribute() - # Return the inversion attribute name(s) for this class. - # @return [Array, nil] - # @overload inversion_attribute(val) - # Set the inversion attribute name(s) for this class. This is - # used by {.resolve_inversion_attribute} to load configuration data - # from node attributes. To specify a nested attribute pass an array - # of strings corresponding to the keys. - # @param val [String, Array] Attribute path. - # @return [Array, nil] - def inversion_attribute(val=Poise::NOT_PASSED) - if val != Poise::NOT_PASSED - # Coerce to an array of strings. - val = Array(val).map {|name| name.to_s } - @poise_inversion_attribute = val - end - if defined?(@poise_inversion_attribute) - @poise_inversion_attribute - else - Poise::Utils.ancestor_send(self, :inversion_attribute, default: nil) - end - end - - # Default attribute paths to check for inversion options. Based on - # the cookbook this class and its superclasses are defined in. - # - # @param node [Chef::Node] Node to load from. - # @return [Array>] - def default_inversion_attributes(node) - klass = self - tried = [] - while klass.respond_to?(:poise_defined_in_cookbook) - cookbook = klass.poise_defined_in_cookbook(node.run_context) - if node[cookbook] - return [cookbook] - end - tried << cookbook - klass = klass.superclass - end - raise Poise::Error.new("Unable to find inversion attributes, tried: #{tried.join(', ')}") - end - - # Resolve the node attribute used as the base for inversion options - # for this class. This can be set explicitly with {.inversion_attribute} - # or the default is to use the name of the cookbook the provider is - # defined in. - # - # @param node [Chef::Node] Node to load from. - # @return [Chef::Node::Attribute] - def resolve_inversion_attribute(node) - # Default to using just the name of the cookbook. - attribute_names = inversion_attribute || default_inversion_attributes(node) - return {} if attribute_names.empty? - attribute_names.inject(node) do |memo, key| - memo[key] || begin - raise Poise::Error.new("Attribute #{key} not set when expanding inversion attribute for #{self.name}: #{memo}") - end - end - end - - # Compile all the different levels of inversion options together. - # - # @param node [Chef::Node] Node to load from. - # @param resource [Chef::Resource] Resource to load from. - # @return [Hash] - def inversion_options(node, resource) - Mash.new.tap do |opts| - attrs = resolve_inversion_attribute(node) - # Cast the run state to a Mash because string vs. symbol keys. I can - # at least promise poise_inversion will be a str so cut down on the - # amount of data to convert. - run_state = Mash.new(node.run_state.fetch('poise_inversion', {}).fetch(inversion_resource, {}))[resource.name] || {} - # Class-level defaults. - opts.update(default_inversion_options(node, resource)) - # Resource options for all providers. - opts.update(resource.options) if resource.respond_to?(:options) - # Global provider from node attributes. - opts.update(provider: attrs['provider']) if attrs['provider'] - # Attribute options for all providers. - opts.update(attrs['options']) if attrs['options'] - # Resource options for this provider. - opts.update(resource.options(provides)) if resource.respond_to?(:options) - # Attribute options for this resource name. - opts.update(attrs[resource.name]) if attrs[resource.name] - # Options resource options for all providers. - opts.update(run_state['*']) if run_state['*'] - # Options resource options for this provider. - opts.update(run_state[provides]) if run_state[provides] - # Vomitdebug output for tracking down weirdness. - Poise.debug("[#{resource}] Resolved inversion options: #{opts.inspect}") - end - end - - # Default options data for this provider class. - # - # @param node [Chef::Node] Node to load from. - # @param resource [Chef::Resource] Resource to load from. - # @return [Hash] - def default_inversion_options(node, resource) - {} - end - - # Resolve which provider name should be used for a resource. - # - # @param node [Chef::Node] Node to load from. - # @param resource [Chef::Resource] Resource to query. - # @return [String] - def resolve_inversion_provider(node, resource) - inversion_options(node, resource)['provider'] || 'auto' - end - - # Override the normal #provides to set the inversion provider name - # instead of adding to the normal provider map. - # - # @overload provides() - # Return the inversion provider name for the class. - # @return [Symbol] - # @overload provides(name, opts={}, &block) - # Set the inversion provider name for the class. - # @param name [Symbol] Provider name. - # @param opts [Hash] NodeMap filter options. - # @param block [Proc] NodeMap filter proc. - # @return [Symbol] - def provides(name=nil, opts={}, &block) - if name - raise Poise::Error.new("Inversion resource name not set for #{self.name}") unless inversion_resource - @poise_inversion_provider = name - Chef::Log.debug("[#{self.name}] Setting inversion provider name to #{name}") - Poise::Helpers::Inversion.provider_map(inversion_resource).set(name.to_sym, self, opts, &block) - # Set the actual Chef-level provides name for DSL dispatch. - super(inversion_resource) - end - @poise_inversion_provider - end - - # Override the default #provides? to check for our inverted providers. - # - # @api private - # @param node [Chef::Node] Node to use for attribute checks. - # @param resource [Chef::Resource] Resource instance to match. - # @return [Boolean] - def provides?(node, resource) - raise Poise::Error.new("Inversion resource name not set for #{self.name}") unless inversion_resource - resource_name_equivalents = {resource.resource_name => true} - # If subclass_providers! might be in play, check for those names too. - if resource.class.respond_to?(:subclass_resource_equivalents) - resource.class.subclass_resource_equivalents.each do |name| - resource_name_equivalents[name] = true - end - end - return false unless resource_name_equivalents[inversion_resource] - provider_name = resolve_inversion_provider(node, resource).to_s - Poise.debug("[#{resource}] Checking provides? on #{self.name}. Got provider_name #{provider_name.inspect}") - provider_name == provides.to_s || ( provider_name == 'auto' && !resource.provider_no_auto.include?(provides.to_s) && provides_auto?(node, resource) ) - end - - # Subclass hook to provide auto-detection for providers. - # - # @param node [Chef::Node] Node to check against. - # @param resource [Chef::Resource] Resource to check against. - # @return [Boolean] - def provides_auto?(node, resource) - false - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - - # The provider map for a given resource type. - # - # @param resource_type [Symbol] Resource type in DSL format. - # @return [Chef::NodeMap] - # @example - # Poise::Helpers::Inversion.provider_map(:my_resource) - def self.provider_map(resource_type) - @provider_maps ||= {} - @provider_maps[resource_type.to_sym] ||= Chef::NodeMap.new - end - - # Find a specific provider class for a resource. - # - # @param resource_type [Symbol] Resource type in DSL format. - # @param node [Chef::Node] Node to use for the lookup. - # @param provider_type [Symbol] Provider type in DSL format. - # @return [Class] - # @example - # Poise::Helpers::Inversion.provider_for(:my_resource, node, :my_provider) - def self.provider_for(resource_type, node, provider_type) - provider_map(resource_type).get(node, provider_type.to_sym) - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_provider.rb b/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_provider.rb deleted file mode 100644 index 9ea5f94..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_provider.rb +++ /dev/null @@ -1,41 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Helpers - module Inversion - # A mixin for inversion options providers. - # - # @api private - # @since 2.0.0 - # @see Poise::Helper::Inversion - module OptionsProvider - # @api private - def self.included(klass) - klass.class_exec { include Poise } - end - - # A blank run action. - # - # @return [void] - def action_run - # This space left intentionally blank. - end - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_resource.rb b/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_resource.rb deleted file mode 100644 index 9ff47a7..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/inversion/options_resource.rb +++ /dev/null @@ -1,115 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mash' - -require 'poise/backports' -require 'poise/error' - - -module Poise - module Helpers - module Inversion - # A mixin for inversion options resources. - # - # @api private - # @since 2.0.0 - # @see Poise::Helpers::Inversion - module OptionsResource - include Poise - - # Method missing delegation to allow DSL-style options. - # - # @example - # my_app_options 'app' do - # key1 'value1' - # key2 'value2' - # end - def method_missing(method_sym, *args, &block) - super(method_sym, *args, &block) - rescue NoMethodError - # First time we've seen this key and using it as an rvalue, NOPE.GIF. - raise unless !args.empty? || block || _options[method_sym] - if !args.empty? || block - _options[method_sym] = block || args.first - end - _options[method_sym] - end - - # Capture setting the provider and make it Do What I Mean. This does - # mean you can't set the actual provider for the options resource, which - # is fine because the provider is a no-op. - # - # @api private - def provider(val=Poise::NOT_PASSED) - if val == Poise::NOT_PASSED - super() - else - _options[:provider] = val - end - end - - # Insert the options data in to the run state. This has to match the - # layout used in {Poise::Helpers::Inversion::Provider.inversion_options}. - # - # @api private - def after_created - raise Poise::Error.new("Inversion resource name not set for #{self.class.name}") unless self.class.inversion_resource - node.run_state['poise_inversion'] ||= {} - node.run_state['poise_inversion'][self.class.inversion_resource] ||= {} - node.run_state['poise_inversion'][self.class.inversion_resource][resource] ||= {} - node.run_state['poise_inversion'][self.class.inversion_resource][resource][for_provider] ||= {} - node.run_state['poise_inversion'][self.class.inversion_resource][resource][for_provider].update(_options) - end - - module ClassMethods - # @overload inversion_resource() - # Return the inversion resource name for this class. - # @return [Symbol] - # @overload inversion_resource(val) - # Set the inversion resource name for this class. You can pass either - # a symbol in DSL format or a resource class that uses Poise. This - # name is used to determine which resources the inversion provider is - # a candidate for. - # @param val [Symbol, Class] Name to set. - # @return [Symbol] - def inversion_resource(val=nil) - if val - val = val.resource_name if val.is_a?(Class) - Chef::Log.debug("[#{self.name}] Setting inversion resource to #{val}") - @poise_inversion_resource = val.to_sym - end - @poise_inversion_resource || (superclass.respond_to?(:inversion_resource) ? superclass.inversion_resource : nil) - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - klass.class_exec do - actions(:run) - attribute(:resource, kind_of: String, name_attribute: true) - attribute(:for_provider, kind_of: [String, Symbol], default: '*') - attribute(:_options, kind_of: Hash, default: lazy { Mash.new }) - end - end - end - - extend ClassMethods - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/lazy_default.rb b/cookbooks/poise/files/halite_gem/poise/helpers/lazy_default.rb deleted file mode 100644 index 59a04c9..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/lazy_default.rb +++ /dev/null @@ -1,79 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/version' - - -module Poise - module Helpers - # Resource mixin to allow lazyily-evaluated defaults in resource attributes. - # This is designed to be used with {LWRPPolyfill} or a similar #attributes - # method. - # - # @since 1.0.0 - # @example - # class MyResource < Chef::Resource - # include Poise::Helpers::LWRPPolyfill - # include Poise::Helpers::LazyDefault - # attribute(:path, default: lazy { name + '_temp' }) - # end - module LazyDefault - # Check if this version of Chef already supports lazy defaults. This is - # true for Chef 12.5+. - # - # @since 2.0.3 - # @api private - # @return [Boolean] - def self.needs_polyfill? - @needs_polyfill ||= Gem::Requirement.new('< 12.5.pre').satisfied_by?(Gem::Version.new(Chef::VERSION)) - end - - # Override the default set_or_return to support lazy evaluation of the - # default value. This only actually matters when it is called from a class - # level context via #attributes. - def set_or_return(symbol, arg, validation) - if LazyDefault.needs_polyfill? && validation && validation[:default].is_a?(Chef::DelayedEvaluator) - validation = validation.dup - if (arg.nil? || arg == Poise::NOT_PASSED) && (!instance_variable_defined?(:"@#{symbol}") || instance_variable_get(:"@#{symbol}").nil?) - validation[:default] = instance_eval(&validation[:default]) - else - # Clear the default. - validation.delete(:default) - end - end - super(symbol, arg, validation) - end - - # @!classmethods - module ClassMethods - # Create a lazyily-evaluated block. - # - # @param block [Proc] Callable to return the default value. - # @return [Chef::DelayedEvaluator] - def lazy(&block) - Chef::DelayedEvaluator.new(&block) - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/lwrp_polyfill.rb b/cookbooks/poise/files/halite_gem/poise/helpers/lwrp_polyfill.rb deleted file mode 100644 index a8c2541..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/lwrp_polyfill.rb +++ /dev/null @@ -1,163 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' - -require 'poise/utils/resource_provider_mixin' - - -module Poise - module Helpers - # A resource and provider mixin to add back some compatability with Chef's - # LWRPBase classes. - # - # @since 1.0.0 - module LWRPPolyfill - include Poise::Utils::ResourceProviderMixin - - # Provide default_action and actions like LWRPBase but better equipped for subclassing. - module Resource - def initialize(*args) - super - # Try to not stomp on stuff if already set in a parent. Coerce @action - # to an array because this behavior may change in the future in Chef. - @action = self.class.default_action if Array(@action) == [:nothing] - (@allowed_actions << self.class.actions).flatten!.uniq! - end - - module ClassMethods - # @overload default_action() - # Get the default action for this resource class. If no explicit - # default is set, the first action in the list will be used. - # @see #actions - # @return [Array] - # @overload default_action(name) - # Set the default action for this resource class. If this action is - # not already allowed, it will be added. - # @note It is idiomatic to use {#actions} instead, with the first - # action specified being the default. - # @param name [Symbol, Array] Name of the action(s). - # @return [Array] - # @example - # class MyApp < Chef::Resource - # include Poise - # default_action(:install) - # end - def default_action(name=nil) - if name - name = Array(name).flatten.map(&:to_sym) - @default_action = name - actions(*name) - end - if @default_action - @default_action - elsif respond_to?(:superclass) && superclass != Chef::Resource && superclass.respond_to?(:default_action) && superclass.default_action && Array(superclass.default_action) != %i{nothing} - superclass.default_action - elsif first_non_nothing = actions.find {|action| action != :nothing } - [first_non_nothing] - else - %i{nothing} - end - end - - # @overload actions() - # Get all actions allowed for this resource class. This includes - # any actions allowed on parent classes. - # @return [Array] - # @overload actions(*names) - # Set actions as allowed for this resource class. These must - # correspond with action methods in the provider class(es). - # @param names [Array] One or more actions to set. - # @return [Array] - # @example - # class MyApp < Chef::Resource - # include Poise - # actions(:install, :uninstall) - # end - def actions(*names) - @actions ||= ( respond_to?(:superclass) && superclass.respond_to?(:actions) && superclass.actions.dup ) || ( respond_to?(:superclass) && superclass != Chef::Resource && superclass.respond_to?(:allowed_actions) && superclass.allowed_actions.dup ) || [] - (@actions << names).tap {|actions| actions.flatten!; actions.uniq! } - end - - # Create a resource property (née attribute) on this resource class. - # This follows the same usage as the helper of the same name in Chef - # LWRPs. - # - # @param name [Symbol] Name of the property. - # @param opts [Hash] Validation options and flags. - # @return [void] - # @example - # class MyApp < Chef::Resource - # include Poise - # attribute(:path, name_attribute: true) - # attribute(:port, kind_of: Integer, default: 8080) - # end - def attribute(name, opts={}) - # Freeze the default value. This is done upstream too in Chef 12.5+. - opts[:default].freeze if opts && opts[:default] - # Ruby 1.8 can go to hell. - define_method(name) do |arg=nil, &block| - arg = block if arg.nil? # Try to allow passing either. - set_or_return(name, arg, opts) - end - end - - # For forward compat with Chef 12.5+. - alias_method :property, :attribute - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - - # Helper to handle load_current_resource for direct subclasses of Provider - module Provider - module LoadCurrentResource - def load_current_resource - @current_resource = if new_resource - new_resource.class.new(new_resource.name, run_context) - else - # Better than nothing, subclass can overwrite anyway. - Chef::Resource.new(nil, run_context) - end - end - end - - # @!classmethods - module ClassMethods - def included(klass) - super - klass.extend(ClassMethods) - - # Mask Chef::Provider#load_current_resource because it throws NotImplementedError. - if klass.is_a?(Class) && klass.superclass == Chef::Provider - klass.send(:include, LoadCurrentResource) - end - - # Reinstate the Chef DSL, removed in Chef 12. - klass.send(:include, Chef::DSL::Recipe) - end - end - - extend ClassMethods - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/notifying_block.rb b/cookbooks/poise/files/halite_gem/poise/helpers/notifying_block.rb deleted file mode 100644 index 72708c9..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/notifying_block.rb +++ /dev/null @@ -1,78 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/helpers/subcontext_block' -require 'poise/subcontext/runner' - - -module Poise - module Helpers - # A provider mixin to provide #notifying_block, a scoped form of Chef's - # use_inline_resources. - # - # @since 1.0.0 - # @example - # class MyProvider < Chef::Provider - # include Chef::Helpers::NotifyingBlock - # - # def action_run - # notifying_block do - # template '/etc/myapp.conf' do - # # ... - # end - # end - # end - # end - module NotifyingBlock - include Poise::Helpers::SubcontextBlock - - private - - # Create and converge a subcontext for the recipe DSL. This is similar to - # Chef's use_inline_resources but is scoped to a block. All DSL resources - # declared inside the block will be converged when the block returns, and - # the updated_by_last_action flag will be set if any of the inner - # resources are updated. - # - # @api public - # @param block [Proc] Block to run in the subcontext. - # @return [void] - # @example - # def action_run - # notifying_block do - # template '/etc/myapp.conf' do - # # ... - # end - # end - # end - def notifying_block(&block) - # Make sure to mark the resource as updated-by-last-action if - # any sub-run-context resources were updated (any actual - # actions taken against the system) during the - # sub-run-context convergence. - begin - subcontext = subcontext_block(&block) - # Converge the new context. - Poise::Subcontext::Runner.new(new_resource, subcontext).converge - ensure - new_resource.updated_by_last_action( - subcontext && subcontext.resource_collection.any?(&:updated?) - ) - end - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/option_collector.rb b/cookbooks/poise/files/halite_gem/poise/helpers/option_collector.rb deleted file mode 100644 index dfc5522..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/option_collector.rb +++ /dev/null @@ -1,144 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mash' - -require 'poise/error' - - -module Poise - module Helpers - # A resource mixin to add a new kind of attribute, an option collector. - # These attributes can act as mini-DSLs for things which would otherwise be - # key/value pairs. - # - # @since 1.0.0 - # @example Defining an option collector - # class MyResource < Chef::Resource - # include Poise::Helpers::OptionCollector - # attribute(:my_options, option_collector: true) - # end - # @example Using an option collector - # my_resource 'name' do - # my_options do - # key1 'value1' - # key2 'value2' - # end - # end - module OptionCollector - # Instance context used to eval option blocks. - # @api private - class OptionEvalContext - attr_reader :_options - - def initialize(parent, forced_keys) - @parent = parent - @forced_keys = forced_keys - @_options = {} - end - - def method_missing(method_sym, *args, &block) - # Deal with forced keys. - if @forced_keys.include?(method_sym) - @_options[method_sym] = args.first || block if !args.empty? || block - return @_options[method_sym] - end - # Try the resource context. - @parent.send(method_sym, *args, &block) - rescue NameError - # Even though method= in the block will set a variable instead of - # calling method_missing, still try to cope in case of self.method=. - method_sym = method_sym.to_s.chomp('=').to_sym - if !args.empty? || block - @_options[method_sym] = args.first || block - elsif !@_options.include?(method_sym) - # We haven't seen this name before, re-raise the NameError. - raise - end - @_options[method_sym] - end - end - - # @!classmethods - module ClassMethods - # Override the normal #attribute() method to support defining option - # collectors too. - def attribute(name, options={}) - # If present but false-y, make sure it is removed anyway so it - # doesn't confuse ParamsValidate. - if options.delete(:option_collector) - option_collector_attribute(name, options) - else - super - end - end - - # Define an option collector attribute. Normally used via {.attribute}. - # - # @param name [String, Symbol] Name of the attribute to define. - # @param default [Hash] Default value for the options. - # @param parser [Proc, Symbol] Optional parser method. If a symbol it is - # called as a method on self. Takes a non-hash value and returns a - # hash of its parsed representation. - # @param forced_keys [Array, Set] Method names that will be forced - # to be options rather than calls to the parent resource. - def option_collector_attribute(name, default: {}, parser: nil, forced_keys: Set.new) - raise Poise::Error.new("Parser must be a Proc or Symbol: #{parser.inspect}") if parser && !(parser.is_a?(Proc) || parser.is_a?(Symbol)) - # Cast to a set at definition time. - forced_keys = Set.new(forced_keys) unless forced_keys.is_a?(Set) - # Never allow name to be called accidentally since it does really wonky things. - forced_keys.add(:name) - # Unlike LWRPBase.attribute, I don't care about Ruby 1.8. Worlds tiniest violin. - define_method(name.to_sym) do |arg=nil, &block| - iv_sym = :"@#{name}" - - value = instance_variable_get(iv_sym) || begin - default = instance_eval(&default) if default.is_a?(Chef::DelayedEvaluator) # Handle lazy{} - Mash.new(default) # Wrap in a mash because fuck str vs sym. - end - if arg - if !arg.is_a?(Hash) && parser - arg = case parser - when Proc - instance_exec(arg, &parser) - when Symbol - send(parser, arg) - end - end - raise Exceptions::ValidationFailed, "Option #{name} must be a Hash" if !arg.is_a?(Hash) - # Should this and the update below be a deep merge? - value.update(arg) - end - if block - ctx = OptionEvalContext.new(self, forced_keys) - ctx.instance_exec(&block) - value.update(ctx._options) - end - instance_variable_set(iv_sym, value) - value - end - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/resource_cloning.rb b/cookbooks/poise/files/halite_gem/poise/helpers/resource_cloning.rb deleted file mode 100644 index 54c259c..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/resource_cloning.rb +++ /dev/null @@ -1,72 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Helpers - # A resource mixin to disable resource cloning. - # - # @since 2.2.0 - # @example - # class MyResource < Chef::Resource - # include Poise::Helpers::ResourceCloning - # end - module ResourceCloning - # Override to disable resource cloning on Chef 12.0. - # - # @api private - def load_prior_resource(*args) - # Do nothing. - end - - # Override to disable resource cloning on Chef 12.1+. - # - # @api private - def load_from(*args) - # Do nothing. - end - - # Monkeypatch for Chef::ResourceBuilder to silence the warning if needed. - # - # @api private - module ResourceBuilderPatch - # @api private - def self.install! - begin - require 'chef/resource_builder' - Chef::ResourceBuilder.send(:prepend, ResourceBuilderPatch) - rescue LoadError - # For 12.0, this is already taken care of. - end - end - - # @api private - def emit_cloned_resource_warning - super unless resource.is_a?(ResourceCloning) - end - - # @api private - def emit_harmless_cloning_debug - super unless resource.is_a?(ResourceCloning) - end - end - - # Install the patch. - ResourceBuilderPatch.install! - - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/resource_name.rb b/cookbooks/poise/files/halite_gem/poise/helpers/resource_name.rb deleted file mode 100644 index c5d40e0..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/resource_name.rb +++ /dev/null @@ -1,107 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/convert_to_class_name' - - -module Poise - module Helpers - # A resource mixin to automatically set @resource_name. - # - # @since 1.0.0 - # @example - # class MyResource < Chef::Resource - # include Poise::Helpers::ResourceName - # provides(:my_resource) - # end - module ResourceName - def initialize(*args) - super - # If provides() was explicitly set, unconditionally set @resource_name. - # This helps when subclassing core Chef resources which set it - # themselves in #initialize. - if self.class.resource_name(false) - @resource_name = self.class.resource_name - else - @resource_name ||= self.class.resource_name - end - end - - # @!classmethods - module ClassMethods - # Set the DSL name for the the resource class. - # - # @param name [Symbol] Name of the resource. - # @return [void] - # @example - # class MyResource < Chef::Resource - # include Poise::Resource::ResourceName - # provides(:my_resource) - # end - def provides(name, *args, &block) - # Patch self.constantize so this can cope with anonymous classes. - # This does require that the anonymous class define self.name though. - if self.name && respond_to?(:constantize) - old_constantize = instance_method(:constantize) - define_singleton_method(:constantize) do |const_name| - ( const_name == self.name ) ? self : old_constantize.bind(self).call(const_name) - end - end - # Store the name for later. - @provides_name ||= name - # Call the original if present. The defined? is for old Chef. - super(name, *args, &block) if defined?(super) - end - - # Retreive the DSL name for the resource class. If not set explicitly - # via {provides} this will try to auto-detect based on the class name. - # - # @param auto [Boolean] Try to auto-detect based on class name. - # @return [Symbol] - def resource_name(auto=true) - # In 12.4+ we need to proxy through the super class for setting. - return super(auto) if defined?(super) && (auto.is_a?(Symbol) || auto.is_a?(String)) - return @provides_name unless auto - @provides_name || if name - mode = if name.start_with?('Chef::Resource') - [name, 'Chef::Resource'] - else - [name.split('::').last] - end - Chef::Mixin::ConvertToClassName.convert_to_snake_case(*mode).to_sym - elsif defined?(super) - # No name on 12.4+ probably means this is an LWRP, use super(). - super() - end - end - - # Used by Resource#to_text to find the human name for the resource. - # - # @api private - def dsl_name - resource_name.to_s - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/resource_subclass.rb b/cookbooks/poise/files/halite_gem/poise/helpers/resource_subclass.rb deleted file mode 100644 index 69c4ff7..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/resource_subclass.rb +++ /dev/null @@ -1,93 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -begin - require 'chef/chef_class' -rescue LoadError - # This space left intentionally blank, fallback is below. -end - -require 'poise/error' -require 'poise/helpers/resource_name' - - -module Poise - module Helpers - # A resource mixin to help subclass existing resources. - # - # @since 2.3.0 - module ResourceSubclass - include ResourceName - - module ClassMethods - def subclass_providers!(superclass_resource_name=nil, resource_name: nil) - resource_name ||= self.resource_name - superclass_resource_name ||= if superclass.respond_to?(:resource_name) - superclass.resource_name - elsif superclass.respond_to?(:dsl_name) - superclass.dsl_name - else - raise Poise::Error.new("Unable to determine superclass resource name for #{superclass}. Please specify name manually via subclass_providers!('name').") - end.to_sym - # Deal with the node maps. - node_maps = {} - node_maps['handler map'] = Chef.provider_handler_map if defined?(Chef.provider_handler_map) - node_maps['priority map'] = if defined?(Chef.provider_priority_map) - Chef.provider_priority_map - else - require 'chef/platform/provider_priority_map' - Chef::Platform::ProviderPriorityMap.instance.send(:priority_map) - end - # Patch anything in the descendants tracker. - Chef::Provider.descendants.each do |provider| - node_maps["#{provider} node map"] = provider.node_map if defined?(provider.node_map) - end if defined?(Chef::Provider.descendants) - node_maps.each do |map_name, node_map| - map = node_map.respond_to?(:map, true) ? node_map.send(:map) : node_map.instance_variable_get(:@map) - if map.include?(superclass_resource_name) - Chef::Log.debug("[#{self}] Copying provider mapping in #{map_name} from #{superclass_resource_name} to #{resource_name}") - map[resource_name] = map[superclass_resource_name].dup - end - end - # Add any needed equivalent names. - if superclass.respond_to?(:subclass_resource_equivalents) - subclass_resource_equivalents.concat(superclass.subclass_resource_equivalents) - else - subclass_resource_equivalents << superclass_resource_name - end - subclass_resource_equivalents.uniq! - end - - # An array of names for the resources this class is equivalent to for - # the purposes of provider resolution. - # - # @return [Array] - def subclass_resource_equivalents - @subclass_resource_names ||= [resource_name.to_sym] - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/subcontext_block.rb b/cookbooks/poise/files/halite_gem/poise/helpers/subcontext_block.rb deleted file mode 100644 index facdda9..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/subcontext_block.rb +++ /dev/null @@ -1,72 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/subcontext/resource_collection' - - -module Poise - module Helpers - # A provider mixin to help with creating subcontexts. Mostly for internal - # use within Poise. - # - # @since 1.0.0 - module SubcontextBlock - private - - def subcontext_block(parent_context=nil, &block) - # Setup a subcontext. - parent_context ||= @run_context - sub_run_context = parent_context.dup - # Reset state for the subcontext. In 12.4+ this uses the built-in - # support, otherwise do it manually. - if defined?(sub_run_context.initialize_child_state) - sub_run_context.initialize_child_state - else - # Audits was added in 12.1 I think. - sub_run_context.audits = {} if defined?(sub_run_context.audits) - # Dup and clear to preserve the default behavior without copy-pasta. - sub_run_context.immediate_notification_collection = parent_context.immediate_notification_collection.dup.clear - sub_run_context.delayed_notification_collection = parent_context.delayed_notification_collection.dup.clear - end - # Create the subcollection. - sub_run_context.resource_collection = Poise::Subcontext::ResourceCollection.new(parent_context.resource_collection) - # Create an accessor for the parent run context. - sub_run_context.define_singleton_method(:parent_run_context) { parent_context } - - # Declare sub-resources within the sub-run-context. Since they - # are declared here, they do not pollute the parent run-context. - begin - outer_run_context = @run_context - @run_context = sub_run_context - instance_eval(&block) - ensure - @run_context = outer_run_context - end - - # Return the inner context to do other things with - sub_run_context - end - - def global_resource_collection - collection = @run_context.resource_collection - while collection.respond_to?(:parent) && collection.parent - collection = collection.parent - end - collection - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/subresources.rb b/cookbooks/poise/files/halite_gem/poise/helpers/subresources.rb deleted file mode 100644 index ce0f199..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/subresources.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Helpers - # Mixins and helpers for managing subresources, resources with a - # parent/child relationship. - # - # @since 2.0.0 - module Subresources - autoload :Child, 'poise/helpers/subresources/child' - autoload :Container, 'poise/helpers/subresources/container' - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/child.rb b/cookbooks/poise/files/halite_gem/poise/helpers/subresources/child.rb deleted file mode 100644 index ef6a24a..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/child.rb +++ /dev/null @@ -1,276 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' - -require 'poise/error' -require 'poise/helpers/subresources/default_containers' - - -module Poise - module Helpers - module Subresources - # A resource mixin for child subresources. - # - # @since 1.0.0 - module Child - # Little class used to fix up the display of subresources in #to_text. - # Without this you get the full parent resource shown for @parent et al. - # @api private - class ParentRef - attr_accessor :resource - - def initialize(resource) - @resource = resource - end - - def inspect - to_text - end - - def to_text - if @resource.nil? - 'nil' - else - @resource.to_s - end - end - end - - # @overload parent() - # Get the parent resource for this child. This may be nil if the - # resource is set to parent_optional = true. - # @return [Chef::Resource, nil] - # @overload parent(val) - # Set the parent resource. The parent can be set as resource - # object, a string (either a bare resource name or a type[name] - # string), or a type:name hash. - # @param val [String, Hash, Chef::Resource] Parent resource to set. - # @return [Chef::Resource, nil] - def parent(*args) - # Lie about this method if the parent type is true. - if self.class.parent_type == true - raise NoMethodError.new("undefined method `parent' for #{self}") - end - _parent(:parent, self.class.parent_type, self.class.parent_optional, self.class.parent_auto, self.class.parent_default, *args) - end - - # Register ourself with parents in case this is not a nested resource. - # - # @api private - def after_created - super - self.class.parent_attributes.each_key do |name| - parent = self.send(name) - parent.register_subresource(self) if parent && parent.respond_to?(:register_subresource) - end - end - - private - - # Generic form of the parent getter/setter. - # - # @since 2.0.0 - # @see #parent - def _parent(name, parent_type, parent_optional, parent_auto, parent_default, *args) - # Allow using a DSL symbol as the parent type. - if parent_type.is_a?(Symbol) - parent_type = Chef::Resource.resource_for_node(parent_type, node) - end - # Grab the ivar for local use. - parent_ref = instance_variable_get(:"@#{name}") - if !args.empty? - val = args.first - if val.nil? - # Unsetting the parent. - parent = parent_ref = nil - else - if val.is_a?(String) && !val.include?('[') - raise Poise::Error.new("Cannot use a string #{name} without defining a parent type") if parent_type == Chef::Resource - # Try to find the most recent instance of parent_type with a - # matching name. This takes subclassing parent_type into account. - found_val = nil - iterator = run_context.resource_collection.respond_to?(:recursive_each) ? :recursive_each : :each - # This will find the last matching value due to overwriting - # found_val as it goes. Will be the nearest match. - run_context.resource_collection.public_send(iterator) do |res| - found_val = res if res.is_a?(parent_type) && res.name == val - end - # If found_val is nil, fall back to using lookup even though - # it won't work with subclassing, better than nothing? - val = found_val || "#{parent_type.resource_name}[#{val}]" - end - if val.is_a?(String) || val.is_a?(Hash) - parent = @run_context.resource_collection.find(val) - else - parent = val - end - if !parent.is_a?(parent_type) - raise Poise::Error.new("Parent resource is not an instance of #{parent_type.name}: #{val.inspect}") - end - parent_ref = ParentRef.new(parent) - end - elsif !parent_ref || !parent_ref.resource - if parent_default - parent = if parent_default.is_a?(Chef::DelayedEvaluator) - instance_eval(&parent_default) - else - parent_default - end - end - # The @parent_ref means we won't run this if we previously set - # ParentRef.new(nil). This means auto-lookup only happens during - # after_created. - if !parent && !parent_ref && parent_auto - # Automatic sibling lookup for sequential composition. - # Find the last instance of the parent class as the default parent. - # This is super flaky and should only be a last resort. - parent = Poise::Helpers::Subresources::DefaultContainers.find(parent_type, run_context, self_resource: self) - end - # Can't find a valid parent, if it wasn't optional raise an error. - raise Poise::Error.new("No #{name} found for #{self}") unless parent || parent_optional - parent_ref = ParentRef.new(parent) - else - parent = parent_ref.resource - end - raise Poise::Error.new("Cannot set the #{name} of #{self} to itself") if parent.equal?(self) - # Store the ivar back. - instance_variable_set(:"@#{name}", parent_ref) - # Return the actual resource. - parent - end - - module ClassMethods - # @overload parent_type() - # Get the class of the default parent link on this resource. - # @return [Class, Symbol] - # @overload parent_type(type) - # Set the class of the default parent link on this resource. - # @param type [Class, Symbol] Class to set. - # @return [Class, Symbol] - def parent_type(type=nil) - if type - raise Poise::Error.new("Parent type must be a class, symbol, or true, got #{type.inspect}") unless type.is_a?(Class) || type.is_a?(Symbol) || type == true - # Setting to true shouldn't actually do anything if a type was already set. - @parent_type = type unless type == true && !@parent_type.nil? - end - # First ancestor_send looks for a non-true && non-default value, - # second one is to check for default vs true if no real value is found. - @parent_type || Poise::Utils.ancestor_send(self, :parent_type, ignore: [Chef::Resource, true]) || Poise::Utils.ancestor_send(self, :parent_type, default: Chef::Resource) - end - - # @overload parent_optional() - # Get the optional mode for the default parent link on this resource. - # @return [Boolean] - # @overload parent_optional(val) - # Set the optional mode for the default parent link on this resource. - # @param val [Boolean] Mode to set. - # @return [Boolean] - def parent_optional(val=nil) - unless val.nil? - @parent_optional = val - end - if @parent_optional.nil? - Poise::Utils.ancestor_send(self, :parent_optional, default: false) - else - @parent_optional - end - end - - # @overload parent_auto() - # Get the auto-detect mode for the default parent link on this resource. - # @return [Boolean] - # @overload parent_auto(val) - # Set the auto-detect mode for the default parent link on this resource. - # @param val [Boolean] Mode to set. - # @return [Boolean] - def parent_auto(val=nil) - unless val.nil? - @parent_auto = val - end - if @parent_auto.nil? - Poise::Utils.ancestor_send(self, :parent_auto, default: true) - else - @parent_auto - end - end - - # @overload parent_default() - # Get the default value for the default parent link on this resource. - # @since 2.3.0 - # @return [Object, Chef::DelayedEvaluator] - # @overload parent_default(val) - # Set the default value for the default parent link on this resource. - # @since 2.3.0 - # @param val [Object, Chef::DelayedEvaluator] Default value to set. - # @return [Object, Chef::DelayedEvaluator] - def parent_default(*args) - unless args.empty? - @parent_default = args.first - end - if defined?(@parent_default) - @parent_default - else - Poise::Utils.ancestor_send(self, :parent_default) - end - end - - # Create a new kind of parent link. - # - # @since 2.0.0 - # @param name [Symbol] Name of the relationship. This becomes a method - # name on the resource instance. - # @param type [Class] Class of the parent. - # @param optional [Boolean] If the parent is optional. - # @param auto [Boolean] If the parent is auto-detected. - # @return [void] - def parent_attribute(name, type: Chef::Resource, optional: false, auto: true, default: nil) - name = :"parent_#{name}" - (@parent_attributes ||= {})[name] = type - define_method(name) do |*args| - _parent(name, type, optional, auto, default, *args) - end - end - - # Return the name of all parent relationships on this class. - # - # @since 2.0.0 - # @return [Hash] - def parent_attributes - {}.tap do |attrs| - # Grab superclass's attributes if possible. - attrs.update(Poise::Utils.ancestor_send(self, :parent_attributes, default: {})) - # Local default parent. - attrs[:parent] = parent_type - # Extra locally defined parents. - attrs.update(@parent_attributes) if @parent_attributes - # Remove anything with the type set to true. - attrs.reject! {|name, type| type == true } - end - end - - # @api private - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/container.rb b/cookbooks/poise/files/halite_gem/poise/helpers/subresources/container.rb deleted file mode 100644 index f218e86..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/container.rb +++ /dev/null @@ -1,229 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/dsl/recipe' - -require 'poise/helpers/subcontext_block' -require 'poise/helpers/subresources/default_containers' - - -module Poise - module Helpers - module Subresources - # A resource mixin for subresource containers. - # - # @since 1.0.0 - module Container - # A resource collection that has much more condensed text output. This - # is used to show the value of @subresources during Chef's error formatting. - # @api private - class NoPrintingResourceCollection < Chef::ResourceCollection - def inspect - to_text - end - - def to_text - "[#{all_resources.map(&:to_s).join(', ')}]" - end - end - - include SubcontextBlock - include Chef::DSL::Recipe - - attr_reader :subresources - attr_reader :subcontexts - - def initialize(*args) - super - @subresources = NoPrintingResourceCollection.new - @subcontexts = [] - end - - def after_created - super - # Register as a default container if needed. - Poise::Helpers::Subresources::DefaultContainers.register!(self, run_context) if self.class.container_default - # Add all internal subresources to the resource collection. - unless @subresources.empty? - Chef::Log.debug("[#{self}] Adding subresources to collection:") - # Because after_create is run before adding the container to the resource collection - # we need to jump through some hoops to get it swapped into place. - self_ = self - order_fixer = Chef::Resource::RubyBlock.new('subresource_order_fixer', @run_context) - # respond_to? is for <= 12.0.2, remove some day when I stop caring. - order_fixer.declared_type = 'ruby_block' if order_fixer.respond_to?(:declared_type=) - order_fixer.block do - Chef::Log.debug("[#{self_}] Running order fixer") - collection = self_.run_context.resource_collection - # Delete the current container resource from its current position. - collection.all_resources.delete(self_) - # Replace the order fixer with the container so it runs before all - # subresources. - collection.all_resources[collection.iterator.position] = self_ - # Hack for Chef 11 to reset the resources_by_name position too. - # @todo Remove this when I drop support for Chef 11. - if resources_by_name = collection.instance_variable_get(:@resources_by_name) - resources_by_name[self_.to_s] = collection.iterator.position - end - # Step back so we re-run the "current" resource, which is now the - # container. - collection.iterator.skip_back - Chef::Log.debug("Collection: #{@run_context.resource_collection.map(&:to_s).join(', ')}") - end - @run_context.resource_collection.insert(order_fixer) - @subcontexts.each do |ctx| - # Copy all resources to the outer context. - ctx.resource_collection.each do |r| - Chef::Log.debug(" * #{r}") - # Fix the subresource to use the outer run context. - r.run_context = @run_context - @run_context.resource_collection.insert(r) - end - # Copy all notifications to the outer context. - %w{immediate delayed}.each do |notification_type| - ctx.send(:"#{notification_type}_notification_collection").each do |key, notifications| - notifications.each do |notification| - parent_notifications = @run_context.send(:"#{notification_type}_notification_collection")[key] - unless parent_notifications.any? { |existing_notification| existing_notification.duplicates?(notification) } - parent_notifications << notification - end - end - end - end - end - Chef::Log.debug("Collection: #{@run_context.resource_collection.map(&:to_s).join(', ')}") - end - end - - def declare_resource(type, name, created_at=nil, &block) - Chef::Log.debug("[#{self}] Creating subresource from #{type}(#{name})") - self_ = self - # Used to break block context, non-local return from subcontext_block. - resource = [] - # Grab the caller so we can make the subresource look like it comes from - # correct place. - created_at ||= caller[0] - # Run this inside a subcontext to avoid adding to the current resource collection. - # It will end up added later, indirected via @subresources to ensure ordering. - @subcontexts << subcontext_block do - namespace = if self.class.container_namespace == true - # If the value is true, use the name of the container resource. - self.name - elsif self.class.container_namespace.is_a?(Proc) - instance_eval(&self.class.container_namespace) - else - self.class.container_namespace - end - sub_name = if name && !name.empty? - if namespace - "#{namespace}::#{name}" - else - name - end - else - # If you pass in nil or '', you just get the namespace or parent name. - namespace || self.name - end - resource << super(type, sub_name, created_at) do - # Apply the correct parent before anything else so it is available - # in after_created for the subresource. It might raise - # NoMethodError is there isn't a real parent. - begin - parent(self_) if respond_to?(:parent) - rescue NoMethodError - # This space left intentionally blank. - end - # Run the resource block. - instance_exec(&block) if block - end - end - # Try and add to subresources. For normal subresources this is handled - # in the after_created. - register_subresource(resource.first) if resource.first - # Return whatever we have - resource.first - end - - # Register a resource as part of this container. Returns true if the - # resource was added to the collection and false if it was already - # known. - # - # @note Return value added in 2.4.0. - # @return [Boolean] - def register_subresource(resource) - subresources.lookup(resource) - false - rescue Chef::Exceptions::ResourceNotFound - Chef::Log.debug("[#{self}] Adding #{resource} to subresources") - subresources.insert(resource) - true - end - - private - - # Thanks Array.flatten, big help you are. Specifically the - # method_missing in the recipe DSL will make a flatten on an array of - # resources fail, so make this safe. - def to_ary - nil - end - - # @!classmethods - module ClassMethods - def container_namespace(val=nil) - @container_namespace = val unless val.nil? - if @container_namespace.nil? - # Not set here, look at the superclass or true by default for backwards compat. - Poise::Utils.ancestor_send(self, :container_namespace, default: true) - else - @container_namespace - end - end - - # @overload container_default() - # Get the default mode for this resource. If false, this resource - # class will not be used for default container lookups. Defaults to - # true. - # @since 2.3.0 - # @return [Boolean] - # @overload container_default(val) - # Set the default mode for this resource. - # @since 2.3.0 - # @param val [Boolean] Default mode to set. - # @return [Boolean] - def container_default(val=nil) - @container_default = val unless val.nil? - if @container_default.nil? - # Not set here, look at the superclass or true by default for backwards compat. - Poise::Utils.ancestor_send(self, :container_default, default: true) - else - @container_default - end - end - - def included(klass) - super - klass.extend(ClassMethods) - klass.const_set(:HIDDEN_VARS, klass.const_get(:HIDDEN_IVARS) + [:@subcontexts]) - klass.const_set(:FORBIDDEN_IVARS, klass.const_get(:FORBIDDEN_IVARS) + [:@subcontexts]) - end - end - - extend ClassMethods - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/default_containers.rb b/cookbooks/poise/files/halite_gem/poise/helpers/subresources/default_containers.rb deleted file mode 100644 index 2ef26e5..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/subresources/default_containers.rb +++ /dev/null @@ -1,75 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Helpers - module Subresources - # Helpers to track default container resources. This is used to find a - # default parent for a child with no parent set. It flat out violates - # encapsulation to allow for the use of default parents to act as - # system-level defaults even when created in a nested scope. - # - # @api private - # @since 2.0.0 - module DefaultContainers - # Mutex to sync access to the containers array. - # - # @see .containers - CONTAINER_MUTEX = Mutex.new - - # Add a resource to the array of default containers. - # - # @param resource [Chef::Resource] Resource to add. - # @param run_context [Chef::RunContext] Context of the current run. - # @return [void] - def self.register!(resource, run_context) - CONTAINER_MUTEX.synchronize do - containers(run_context) << resource - end - end - - # Find a default container for a resource class. - # - # @param klass [Class] Resource class to search for. - # @param run_context [Chef::RunContext] Context of the current run. - # @return [Chef::Resource] - def self.find(klass, run_context, self_resource: nil) - CONTAINER_MUTEX.synchronize do - containers(run_context).reverse_each do |resource| - return resource if resource.is_a?(klass) && (!self_resource || self_resource != resource) - end - # Nothing found. - nil - end - end - - private - - # Get the array of all default container resources. - # - # @note MUST BE CALLED FROM A LOCKED CONTEXT! - # @param run_context [Chef::RunContext] Context of the current run. - # @return [Array] - def self.containers(run_context) - # For test cases where nil gets used sometimes. - return [] unless run_context && run_context.node && run_context.node.run_state - run_context.node.run_state[:poise_default_containers] ||= [] - end - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/template_content.rb b/cookbooks/poise/files/halite_gem/poise/helpers/template_content.rb deleted file mode 100644 index 48d8ec9..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/template_content.rb +++ /dev/null @@ -1,168 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/provider/template_finder' -require 'chef/mixin/template' - -require 'poise/helpers/lazy_default' -require 'poise/helpers/lwrp_polyfill' -require 'poise/helpers/option_collector' -require 'poise/utils' - - -module Poise - module Helpers - # A resource mixin to add a new kind of attribute, template content. TODO - # - # @since 1.0.0 - module TemplateContent - include LazyDefault - include LWRPPolyfill - include OptionCollector - - # @!classmethods - module ClassMethods - def attribute(name, options={}) - if options.delete(:template) - name_prefix = name.empty? ? '' : "#{name}_" - - # If you are reading this, I'm so sorry - # This is used for computing the default cookbook below - parent_filename = caller.first.reverse.split(':', 4).last.reverse - - # If our parent class also declared a template_content attribute on the same name, inherit its options - if superclass.respond_to?("_#{name_prefix}_template_content_options") - options = superclass.send("_#{name_prefix}_template_content_options").merge(options) - end - - # Template source path if using a template - attribute("#{name_prefix}source", kind_of: String) - define_method("_#{name_prefix}source") do - send("#{name_prefix}source") || maybe_eval(options[:default_source]) - end - - # Template cookbook name if using a template - attribute("#{name_prefix}cookbook", kind_of: [String, Symbol], default: lazy do - if send("#{name_prefix}source") - cookbook_name - elsif options[:default_cookbook] - maybe_eval(options[:default_cookbook]) - else - Poise::Utils.find_cookbook_name(run_context, parent_filename) - end - end) - - # Template variables if using a template - attribute("#{name_prefix}options", option_collector: true) - - # Make an alias for #variables to match the template resource. - alias_method("#{name_prefix}variables", "#{name_prefix}options") - - # The big one, get/set content, but if you are getting and no - # explicit content was given, try to render the template - define_method("#{name_prefix}content") do |arg=nil, no_compute=false| - ret = set_or_return("#{name_prefix}content", arg, kind_of: String) - if !ret && !arg && !no_compute - ret = send("_#{name_prefix}content") - # Cache the results for next time - set_or_return("#{name_prefix}content", ret, {}) if ret - end - ret - end - - # Validate that arguments work - define_method("_#{name_prefix}validate") do - if options[:required] && !send("_#{name_prefix}source") && !send("#{name_prefix}content", nil, true) - raise Chef::Exceptions::ValidationFailed, "#{self}: One of #{name_prefix}source or #{name_prefix}content is required" - end - if send("#{name_prefix}source") && send("#{name_prefix}content", nil, true) - raise Chef::Exceptions::ValidationFailed, "#{self}: Only one of #{name_prefix}source or #{name_prefix}content can be specified" - end - end - - # Monkey patch #after_create to run best-effort validation. Arguments - # could be changed after creation, but this gives nicer errors for - # most cases. - unless options[:no_validate_on_create] - old_after_created = instance_method(:after_created) - define_method(:after_created) do - old_after_created.bind(self).call - send("_#{name_prefix}validate") if Array(action) == Array(self.class.default_action) - end - end - - # Compile the needed content - define_method("_#{name_prefix}content") do - # Run validation again - send("_#{name_prefix}validate") - # Get all the relevant parameters - content = send("#{name_prefix}content", nil, true) - source = send("_#{name_prefix}source") - if content - content # I don't think it can ever hit this branch - elsif source - cookbook = send("#{name_prefix}cookbook") - template_options = send("#{name_prefix}options") - send("_#{name_prefix}render_template", source, cookbook, template_options) - else - maybe_eval(options[:default]) - end - end - - # Actually render a template - define_method("_#{name_prefix}render_template") do |source, cookbook, template_options| - all_template_options = {} - all_template_options.update(maybe_eval(options[:default_options])) if options[:default_options] - all_template_options.update(template_options) - all_template_options[:new_resource] = self - finder = Chef::Provider::TemplateFinder.new(run_context, cookbook, node) - context = Chef::Mixin::Template::TemplateContext.new(all_template_options) - context[:node] = node - context[:template_finder] = finder - context.render_template(finder.find(source)) - end - - # Used to check if a parent class already defined a template_content thing here - define_singleton_method("_#{name_prefix}_template_content_options") do - options - end - else - super if defined?(super) - end - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - - private - - # Evaluate lazy blocks if needed - def maybe_eval(val) - if val.is_a?(Chef::DelayedEvaluator) - instance_eval(&val) - else - val - end - end - - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/helpers/win32_user.rb b/cookbooks/poise/files/halite_gem/poise/helpers/win32_user.rb deleted file mode 100644 index 4588df4..0000000 --- a/cookbooks/poise/files/halite_gem/poise/helpers/win32_user.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/utils/win32' - - -module Poise - module Helpers - # A resource mixin to intercept properties named `user`, `group`, or `owner`, - # if their default value is `'root'` and make it work on Windows (and - # FreeBSD, AIX). - # - # @since 2.7.0 - # @example - # class MyResource < Chef::Resource - # include Poise::Helpers::Win32User - # attribute(:user, default: 'root') - # attribute(:group, default: 'root') - # end - # @example Avoiding automatic translation - # class MyResource < Chef::Resource - # include Poise::Helpers::Win32User - # attribute(:user, default: lazy { 'root' }) - # attribute(:group, default: lazy { 'root' }) - # end - module Win32User - # User-ish property names. - # @api private - USER_PROPERTIES = ['user', :user, 'owner', :owner] - - # Group-ish property names. - # @api private - GROUP_PROPERTIES = ['group', :group] - - # Intercept property access to swap out the default value. - # @api private - def set_or_return(symbol, arg, options={}) - if options && options[:default] == 'root' - if USER_PROPERTIES.include?(symbol) && node.platform_family?('windows') - options = options.dup - options[:default] = Poise::Utils::Win32.admin_user - elsif GROUP_PROPERTIES.include?(symbol) - options = options.dup - options[:default] = node['root_group'] - end - end - super(symbol, arg, options) - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/provider.rb b/cookbooks/poise/files/halite_gem/poise/provider.rb deleted file mode 100644 index 953e31c..0000000 --- a/cookbooks/poise/files/halite_gem/poise/provider.rb +++ /dev/null @@ -1,59 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/helpers' -require 'poise/utils' - - -module Poise - # Master provider mixin for Poise-based providers. - # - # @since 1.0.0 - # @example Default helpers. - # class MyProvider < Chef::Provider - # include Poise::Provider - # end - # @example With optional helpers. - # class MyProvider < Chef::Provider - # include Poise::Provider - # poise_inversion(MyResource) - # end - module Provider - include Poise::Helpers::DefinedIn - include Poise::Helpers::LWRPPolyfill - # IncludeRecipe must come after LWRPPolyfill because that pulls in the - # recipe DSL which has its own #include_recipe. - include Poise::Helpers::IncludeRecipe - include Poise::Helpers::NotifyingBlock - include Poise::Utils::ShellOut - - # @!classmethods - module ClassMethods - def poise_inversion(resource, attribute=nil) - include Poise::Helpers::Inversion - inversion_resource(resource) - inversion_attribute(attribute) if attribute - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/resource.rb b/cookbooks/poise/files/halite_gem/poise/resource.rb deleted file mode 100644 index ff8ad05..0000000 --- a/cookbooks/poise/files/halite_gem/poise/resource.rb +++ /dev/null @@ -1,81 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/helpers' -require 'poise/utils' - - -module Poise - # Master resource mixin for Poise-based resources. - # - # @since 1.0.0 - # @example Default helpers. - # class MyResource < Chef::Resource - # include Poise::Resource - # end - # @example With optional helpers. - # class MyResource < Chef::Resource - # include Poise::Resource - # poise_subresource(MyParent) - # poise_fused - # end - module Resource - include Poise::Helpers::ChefspecMatchers - include Poise::Helpers::DefinedIn - include Poise::Helpers::LazyDefault if Poise::Helpers::LazyDefault.needs_polyfill? - include Poise::Helpers::LWRPPolyfill - include Poise::Helpers::OptionCollector - include Poise::Helpers::ResourceCloning - include Poise::Helpers::ResourceName - include Poise::Helpers::ResourceSubclass - include Poise::Helpers::TemplateContent - include Poise::Helpers::Win32User # Must be after LazyDefault. - include Poise::Utils::ShellOut - - # @!classmethods - module ClassMethods - def poise_subresource_container(namespace=nil, default=nil) - include Poise::Helpers::Subresources::Container - # false is a valid value. - container_namespace(namespace) unless namespace.nil? - container_default(default) unless default.nil? - end - - def poise_subresource(parent_type=nil, parent_optional=nil, parent_auto=nil) - include Poise::Helpers::Subresources::Child - parent_type(parent_type) if parent_type - parent_optional(parent_optional) unless parent_optional.nil? - parent_auto(parent_auto) unless parent_auto.nil? - end - - def poise_fused - include Poise::Helpers::Fused - end - - def poise_inversion(options_resource=nil) - include Poise::Helpers::Inversion - inversion_options_resource(true) unless options_resource == false - end - - def included(klass) - super - klass.extend(ClassMethods) - end - end - - extend ClassMethods - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/subcontext.rb b/cookbooks/poise/files/halite_gem/poise/subcontext.rb deleted file mode 100644 index 278d973..0000000 --- a/cookbooks/poise/files/halite_gem/poise/subcontext.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - # Helpers and whatnot for dealing with subcontexts. - # - # @api private - # @since 2.0.0 - module Subcontext - autoload :ResourceCollection, 'poise/subcontext/resource_collection' - autoload :Runner, 'poise/subcontext/runner' - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/subcontext/resource_collection.rb b/cookbooks/poise/files/halite_gem/poise/subcontext/resource_collection.rb deleted file mode 100644 index cacd32c..0000000 --- a/cookbooks/poise/files/halite_gem/poise/subcontext/resource_collection.rb +++ /dev/null @@ -1,75 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource_collection' - - -module Poise - module Subcontext - # A subclass of the normal Chef ResourceCollection that creates a partially - # isolated set of resources. Notifications and other resources lookups can - # propagate out to parent contexts but not back in. This is used to allow - # black-box resources that are still aware of things in upper contexts. - # - # @api private - # @since 1.0.0 - class ResourceCollection < Chef::ResourceCollection - attr_accessor :parent - - def initialize(parent) - @parent = parent - super() - end - - def lookup(resource) - super - rescue Chef::Exceptions::ResourceNotFound - @parent.lookup(resource) - end - - # Iterate over all resources, expanding parent context in order. - # - # @param block [Proc] Iteration block - # @return [void] - def recursive_each(&block) - if @parent - if @parent.respond_to?(:recursive_each) - @parent.recursive_each(&block) - else - @parent.each(&block) - end - end - each(&block) - end - - # Iterate over all resources in reverse order. - # - # @since 2.3.0 - # @param block [Proc] Iteration block - # @return [void] - def reverse_recursive_each(&block) - reverse_each(&block) - if @parent - if @parent.respond_to?(:recursive_each) - @parent.reverse_recursive_each(&block) - else - @parent.reverse_each(&block) - end - end - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/subcontext/runner.rb b/cookbooks/poise/files/halite_gem/poise/subcontext/runner.rb deleted file mode 100644 index aaa5e44..0000000 --- a/cookbooks/poise/files/halite_gem/poise/subcontext/runner.rb +++ /dev/null @@ -1,55 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/runner' - - -module Poise - module Subcontext - # A subclass of the normal Chef Runner that migrates delayed notifications - # to the enclosing run_context instead of running them at the end of the - # subcontext convergence. - # - # @api private - # @since 1.0.0 - class Runner < Chef::Runner - def initialize(resource, *args) - super(*args) - @resource = resource - end - - def run_delayed_notifications(error=nil) - # If there is an error, just do the normal thing. The return shouldn't - # ever fire because the superclass re-raises if there is an error. - return super if error - delayed_actions.each do |notification| - if @resource.run_context.respond_to?(:add_delayed_action) - @resource.run_context.add_delayed_action(notification) - else - notifications = run_context.parent_run_context.delayed_notifications(@resource) - if notifications.any? { |existing_notification| existing_notification.duplicates?(notification) } - Chef::Log.info( "#{@resource} not queuing delayed action #{notification.action} on #{notification.resource}"\ - " (delayed), as it's already been queued") - else - notifications << notification - end - end - end - end - - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/utils.rb b/cookbooks/poise/files/halite_gem/poise/utils.rb deleted file mode 100644 index 9e05270..0000000 --- a/cookbooks/poise/files/halite_gem/poise/utils.rb +++ /dev/null @@ -1,181 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'poise/error' - - -module Poise - module Utils - autoload :ResourceProviderMixin, 'poise/utils/resource_provider_mixin' - autoload :ShellOut, 'poise/utils/shell_out' - autoload :Win32, 'poise/utils/win32' - - extend self - - # Find the cookbook name for a given filename. The can used to find the - # cookbook that corresponds to a caller of a file. - # - # @param run_context [Chef::RunContext] Context to check. - # @param filename [String] Absolute filename to check for. - # @return [String] - # @example - # def my_thing - # caller_filename = caller.first.split(':').first - # cookbook = Poise::Utils.find_cookbook_name(run_context, caller_filename) - # # ... - # end - def find_cookbook_name(run_context, filename) - possibles = {} - Poise.debug("[Poise] Checking cookbook for #{filename.inspect}") - run_context.cookbook_collection.each do |name, ver| - # This special method is added by Halite::Gem#as_cookbook_version. - if ver.respond_to?(:halite_root) - # The join is there because ../poise-ruby/lib starts with ../poise so - # we want a trailing /. - if filename.start_with?(File.join(ver.halite_root, '')) - Poise.debug("[Poise] Found matching halite_root in #{name}: #{ver.halite_root.inspect}") - possibles[ver.halite_root] = name - end - else - Chef::CookbookVersion::COOKBOOK_SEGMENTS.each do |seg| - ver.segment_filenames(seg).each do |file| - if ::File::ALT_SEPARATOR - file = file.gsub(::File::ALT_SEPARATOR, ::File::SEPARATOR) - end - # Put this behind an environment variable because it is verbose - # even for normal debugging-level output. - Poise.debug("[Poise] Checking #{seg} in #{name}: #{file.inspect}") - if file == filename - Poise.debug("[Poise] Found matching #{seg} in #{name}: #{file.inspect}") - possibles[file] = name - end - end - end - end - end - raise Poise::Error.new("Unable to find cookbook for file #{filename.inspect}") if possibles.empty? - # Sort the items by matching path length, pick the name attached to the longest. - possibles.sort_by{|key, value| key.length }.last[1] - end - - # Try to find an ancestor to call a method on. - # - # @since 2.2.3 - # @since 2.3.0 - # Added ignore parameter. - # @param obj [Object] Self from the caller. - # @param msg [Symbol] Method to try to call. - # @param args [Array] Method arguments. - # @param default [Object] Default return value if no valid ancestor exists. - # @param ignore [Array] Return value to ignore when scanning ancesors. - # @return [Object] - # @example - # val = @val || Poise::Utils.ancestor_send(self, :val) - def ancestor_send(obj, msg, *args, default: nil, ignore: [default]) - # Class is a subclass of Module, if we get something else use its class. - obj = obj.class unless obj.is_a?(Module) - ancestors = [] - if obj.respond_to?(:superclass) - # Check the superclass first if present. - ancestors << obj.superclass - end - # Make sure we don't check obj itself. - ancestors.concat(obj.ancestors.drop(1)) - ancestors.each do |mod| - if mod.respond_to?(msg) - val = mod.send(msg, *args) - # If we get the default back, assume we should keep trying. - return val unless ignore.include?(val) - end - end - # Nothing valid found, use the default. - default - end - - # Create a helper to invoke a module with some parameters. - # - # @since 2.3.0 - # @param mod [Module] The module to wrap. - # @param block [Proc] The module to implement to parameterization. - # @return [void] - # @example - # module MyMixin - # def self.my_mixin_name(name) - # # ... - # end - # end - # - # Poise::Utils.parameterized_module(MyMixin) do |name| - # my_mixin_name(name) - # end - def parameterized_module(mod, &block) - raise Poise::Error.new("Cannot parameterize an anonymous module") unless mod.name && !mod.name.empty? - parent_name_parts = mod.name.split(/::/) - # Grab the last piece which will be the method name. - mod_name = parent_name_parts.pop - # Find the enclosing module or class object. - parent = parent_name_parts.inject(Object) {|memo, name| memo.const_get(name) } - # Object is a special case since we need #define_method instead. - method_type = if parent == Object - :define_method - else - :define_singleton_method - end - # Scoping hack. - self_ = self - # Construct the method. - parent.send(method_type, mod_name) do |*args| - self_.send(:check_block_arity!, block, args) - # Create a new anonymous module to be returned from the method. - Module.new do - # Fake the name. - define_singleton_method(:name) do - super() || mod.name - end - - # When the stub module gets included, activate our behaviors. - define_singleton_method(:included) do |klass| - super(klass) - klass.send(:include, mod) - klass.instance_exec(*args, &block) - end - end - end - end - - private - - # Check that the given arguments match the given block. This is needed - # because Ruby will nil-pad mismatched argspecs on blocks rather than error. - # - # @since 2.3.0 - # @param block [Proc] Block to check. - # @param args [Array] Arguments to check. - # @return [void] - def check_block_arity!(block, args) - # Convert the block to a lambda-style proc. You can't make this shit up. - obj = Object.new - obj.define_singleton_method(:block, &block) - block = obj.method(:block).to_proc - # Check - required_args = block.arity < 0 ? ~block.arity : block.arity - if args.length < required_args || (block.arity >= 0 && args.length > block.arity) - raise ArgumentError.new("wrong number of arguments (#{args.length} for #{required_args}#{block.arity < 0 ? '+' : ''})") - end - end - - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/utils/resource_provider_mixin.rb b/cookbooks/poise/files/halite_gem/poise/utils/resource_provider_mixin.rb deleted file mode 100644 index fba69d4..0000000 --- a/cookbooks/poise/files/halite_gem/poise/utils/resource_provider_mixin.rb +++ /dev/null @@ -1,65 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - module Utils - # A mixin to dispatch other mixins with resource and provider - # implementations. The module this is included in must have Resource and - # Provider sub-modules. - # - # @since 2.0.0 - # @example - # module MyHelper - # include Poise::Utils::ResourceProviderMixin - # module Resource - # # ... - # end - # - # module Provider - # # ... - # end - # end - module ResourceProviderMixin - def self.included(klass) - # Warning here be dragons. - # Create a new anonymous module, klass will be the module that - # actually included ResourceProviderMixin. We want to keep a reference - # to that locked down so that we can close over it and use it in the - # "real" .included defined below to find the original relative consts. - mod = Module.new do - # Use define_method instead of def so we can close over klass and mod. - define_method(:included) do |inner_klass| - # Has to be explicit because super inside define_method. - super(inner_klass) - # Cargo this .included to things which include us. - inner_klass.extend(mod) - # Dispatch to submodules, inner_klass is the most recent includer. - if inner_klass < Chef::Resource || inner_klass.name.to_s.end_with?('::Resource') - # Use klass::Resource to look up relative to the original module. - inner_klass.class_exec { include klass::Resource } - elsif inner_klass < Chef::Provider || inner_klass.name.to_s.end_with?('::Provider') - # As above, klass::Provider. - inner_klass.class_exec { include klass::Provider } - end - end - end - # Add our .included to the original includer. - klass.extend(mod) - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/utils/shell_out.rb b/cookbooks/poise/files/halite_gem/poise/utils/shell_out.rb deleted file mode 100644 index 0231e14..0000000 --- a/cookbooks/poise/files/halite_gem/poise/utils/shell_out.rb +++ /dev/null @@ -1,90 +0,0 @@ -# -# Copyright 2015-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'etc' - -require 'chef/mixin/shell_out' - - -module Poise - module Utils - # A mixin to provider a better shell_out. - # - # @since 2.5.0 - # @example - # Poise::Utils::ShellOut.poise_shell_out('ruby myapp.rb', user: 'myuser') - module ShellOut - extend self - include Chef::Mixin::ShellOut - - # An enhanced version of Chef's `shell_out` which sets some default - # parameters. If possible it will set $HOME, $USER, $LOGNAME, and the - # group to run as. - # - # @param command_args [Array] Command arguments to be passed to `shell_out`. - # @param options [Hash] Options to be passed to `shell_out`, - # with modifications. - # @return [Mixlib::ShellOut] - def poise_shell_out(*command_args, **options) - # Allow the env option shorthand. - options[:environment] ||= {} - if options[:env] - options[:environment].update(options[:env]) - options.delete(:env) - end - # Convert environment keys to strings to be safe. - options[:environment] = options[:environment].inject({}) do |memo, (key, value)| - memo[key.to_s] = value.to_s - memo - end - # Populate some standard environment variables. - ent = begin - if options[:user].is_a?(Integer) - Etc.getpwuid(options[:user]) - elsif options[:user] - Etc.getpwnam(options[:user]) - end - rescue ArgumentError - nil - end - username = ent ? ent.name : options[:name] - if username - options[:environment]['HOME'] ||= Dir.home(username) - options[:environment]['USER'] ||= username - # On the off chance they set one manually but not the other. - options[:environment]['LOGNAME'] ||= options[:environment]['USER'] - end - # Set the default group on Unix. - options[:group] ||= ent.gid if ent - # Mixlib-ShellOut doesn't support array commands on Windows and has - # super wonky escaping for cmd.exe. - if respond_to?(:node) && node.platform_family?('windows') - command_args = [Poise::Utils::Win32.reparse_command(*command_args)] - end - # Call Chef's shell_out wrapper. - shell_out(*command_args, **options) - end - - # The `error!` version of {#poise_shell_out}. - # - # @see #poise_shell_out - # @return [Mixlib::ShellOut] - def poise_shell_out!(*command_args) - poise_shell_out(*command_args).tap(&:error!) - end - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/utils/win32.rb b/cookbooks/poise/files/halite_gem/poise/utils/win32.rb deleted file mode 100644 index 0cc6f9d..0000000 --- a/cookbooks/poise/files/halite_gem/poise/utils/win32.rb +++ /dev/null @@ -1,127 +0,0 @@ -# -# Copyright 2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'shellwords' - - -module Poise - module Utils - # Utilities for working with Windows. - # - # @since 2.7.0 - module Win32 - extend self - - # Code borrowed from https://github.com/chef-cookbooks/chef-client/blob/master/libraries/helpers.rb - # Used under the terms of the Apache v2 license. - # Copyright 2012-2016, John Dewey - - # Run a WMI query and extracts a property. This assumes Chef has already - # loaded the win32 libraries. - # - # @api private - # @param wmi_property [Symbol] Property to extract. - # @param wmi_query [String] Query to run. - # @return [String] - def wmi_property_from_query(wmi_property, wmi_query) - @wmi = ::WIN32OLE.connect('winmgmts://') - result = @wmi.ExecQuery(wmi_query) - return nil unless result.each.count > 0 - result.each.next.send(wmi_property) - end - - # Find the name of the Administrator user, give or take localization. - # - # @return [String] - def admin_user - if defined?(::WIN32OLE) - wmi_property_from_query(:name, "select * from Win32_UserAccount where sid like 'S-1-5-21-%-500' and LocalAccount=True") - else - # Warn except under ChefSpec because it will just annoy people. - Chef::Log.warn('[Poise::Utils::Win32] Unable to query admin user, WIN32OLE not available') unless defined?(ChefSpec) - 'Administrator' - end - end - - # Escaping that is compatible with CommandLineToArgvW. Based on - # https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/ - # - # @api private - # @param string [String] String to escape. - # @return [String] - def argv_quote(string, force_quote: false) - if !force_quote && !string.empty? && string !~ /[ \t\n\v"]/ - # Nothing fancy, no escaping needed. - string - else - command_line = '"' - i = 0 - while true - number_backslashes = 0 - - while i != string.size && string[i] == '\\' - i += 1 - number_backslashes += 1 - end - - if i == string.size - # Escape all backslashes, but let the terminating - # double quotation mark we add below be interpreted - # as a metacharacter. - command_line << '\\' * (number_backslashes * 2) - break - elsif string[i] == '"' - # Escape all backslashes and the following - # double quotation mark. - command_line << '\\' * ((number_backslashes * 2) + 1) - command_line << '"' - else - # Backslashes aren't special here. - command_line << '\\' * number_backslashes - command_line << string[i] - end - i += 1 - end - command_line << '"' - command_line - end - end - - # Take a string or array command in the format used by shell_out et al and - # create something we can use on Windows. - # - # @ - def reparse_command(*args) - array_mode = !(args.length == 1 && args.first.is_a?(String)) - # At some point when mixlib-shellout groks array commands on Windows, - # we should support that here. - parsed_args = array_mode ? args.flatten : Shellwords.split(args.first) - cmd = parsed_args.map {|s| argv_quote(s) }.join(' ') - if array_mode - # This fails on non-Windows because of win32/process. - require 'mixlib/shellout/windows' - if Mixlib::ShellOut::Windows::Utils.should_run_under_cmd?(cmd) - # If we are in array mode, try to make cmd.exe keep its grubby paws - # off our metacharacters. - cmd = cmd.each_char.map {|c| '^'+c }.join('') - end - end - cmd - end - - end - end -end diff --git a/cookbooks/poise/files/halite_gem/poise/version.rb b/cookbooks/poise/files/halite_gem/poise/version.rb deleted file mode 100644 index ba30d42..0000000 --- a/cookbooks/poise/files/halite_gem/poise/version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -module Poise - VERSION = '2.8.2' -end diff --git a/cookbooks/poise/libraries/default.rb b/cookbooks/poise/libraries/default.rb deleted file mode 100644 index 9731909..0000000 --- a/cookbooks/poise/libraries/default.rb +++ /dev/null @@ -1,18 +0,0 @@ -# -# Copyright 2013-2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -raise 'Halite is not compatible with no_lazy_load false, please set no_lazy_load true in your Chef configuration file.' unless Chef::Config[:no_lazy_load] -$LOAD_PATH << File.expand_path('../../files/halite_gem', __FILE__) diff --git a/cookbooks/poise/metadata.json b/cookbooks/poise/metadata.json deleted file mode 100644 index 38a322c..0000000 --- a/cookbooks/poise/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"poise","version":"2.8.2","description":"Helpers for writing extensible Chef cookbooks.","long_description":"# Poise\n\n[![Build Status](https://img.shields.io/travis/poise/poise.svg)](https://travis-ci.org/poise/poise)\n[![Gem Version](https://img.shields.io/gem/v/poise.svg)](https://rubygems.org/gems/poise)\n[![Cookbook Version](https://img.shields.io/cookbook/v/poise.svg)](https://supermarket.chef.io/cookbooks/poise)\n[![Coverage](https://img.shields.io/codecov/c/github/poise/poise.svg)](https://codecov.io/github/poise/poise)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/poise.svg)](https://gemnasium.com/poise/poise)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\n## What is Poise?\n\nThe poise cookbook is a set of libraries for writing reusable cookbooks. It\nprovides helpers for common patterns and a standard structure to make it easier to create flexible cookbooks.\n\n## Writing your first resource\n\nRather than LWRPs, Poise promotes the idea of using normal, or \"heavy weight\"\nresources, while including helpers to reduce much of boilerplate needed for this. Each resource goes in its own file under `libraries/` named to match\nthe resource, which is in turn based on the class name. This means that the file `libraries/my_app.rb` would contain `Chef::Resource::MyApp` which maps to the resource `my_app`.\n\nAn example of a simple shell to start from:\n\n```ruby\nrequire 'poise'\nrequire 'chef/resource'\nrequire 'chef/provider'\n\nmodule MyApp\n class Resource < Chef::Resource\n include Poise\n provides(:my_app)\n actions(:enable)\n\n attribute(:path, kind_of: String)\n # Other attribute definitions.\n end\n\n class Provider < Chef::Provider\n include Poise\n provides(:my_app)\n\n def action_enable\n notifying_block do\n ... # Normal Chef recipe code goes here\n end\n end\n end\nend\n```\n\nStarting from the top, first we require the libraries we will be using. Then we\ncreate a module to hold our resource and provider. If your cookbook declares\nmultiple resources and/or providers, you might want additional nesting here.\nThen we declare the resource class, which inherits from `Chef::Resource`. This\nis similar to the `resources/` file in an LWRP, and a similar DSL can be used.\nWe then include the `Poise` mixin to load our helpers, and then call\n`provides(:my_app)` to tell Chef this class will implement the `my_app`\nresource. Then we use the familiar DSL, though with a few additions we'll cover\nlater.\n\nThen we declare the provider class, again similar to the `providers/` file in an\nLWRP. We include the `Poise` mixin again to get access to all the helpers and\ncall `provides()` to tell Chef what provider this is. Rather than use the\n`action :enable do ... end` DSL from LWRPs, we just define the action method\ndirectly. The implementation of action comes from a block of recipe code\nwrapped with `notifying_block` to capture changes in much the same way as\n`use_inline_resources`, see below for more information about all the features of\n`notifying_block`.\n\nWe can then use this resource like any other Chef resource:\n\n```ruby\nmy_app 'one' do\n path '/tmp'\nend\n```\n\n## Helpers\n\nWhile not exposed as a specific method, Poise will automatically set the\n`resource_name` based on the class name.\n\n### Notifying Block\n\nAs mentioned above, `notifying_block` is similar to `use_inline_resources` in LWRPs. Any Chef resource created inside the block will be converged in a sub-context and if any have updated it will trigger notifications on the current resource. Unlike `use_inline_resources`, resources inside the sub-context can still see resources outside of it, with lookups propagating up sub-contexts until a match is found. Also any delayed notifications are scheduled to run at the end of the main converge cycle, instead of the end of this inner converge.\n\nThis can be used to write action methods using the normal Chef recipe DSL, while still offering more flexibility through subclassing and other forms of code reuse.\n\n### Include Recipe\n\nIn keeping with `notifying_block` to implement action methods using the Chef DSL, Poise adds an `include_recipe` helper to match the method of the same name in recipes. This will load and converge the requested recipe.\n\n### Resource DSL\n\nTo make writing resource classes easier, Poise exposes a DSL similar to LWRPs for defining actions and attributes. Both `actions` and\n`default_action` are just like in LWRPs, though `default_action` is rarely needed as the first action becomes the default. `attribute` is also available just like in LWRPs, but with some enhancements noted below.\n\nOne notable difference over the standard DSL method is that Poise attributes\ncan take a block argument.\n\n#### Template Content\n\nA common pattern with resources is to allow passing either a template filename or raw file content to be used in a configuration file. Poise exposes a new attribute flag to help with this behavior:\n\n```ruby\nattribute(:name, template: true)\n```\n\nThis creates four methods on the class, `name_source`, `name_cookbook`,\n`name_content`, and `name_options`. If the name is set to `''`, no prefix is applied to the function names. The content method can be set directly, but if not set and source is set, then it will render the template and return it as a string. Default values can also be set for any of these:\n\n```ruby\nattribute(:name, template: true, default_source: 'app.cfg.erb',\n default_options: {host: 'localhost'})\n```\n\nAs an example, you can replace this:\n\n```ruby\nif new_resource.source\n template new_resource.path do\n source new_resource.source\n owner 'app'\n group 'app'\n variables new_resource.options\n end\nelse\n file new_resource.path do\n content new_resource.content\n owner 'app'\n group 'app'\n end\nend\n```\n\nwith simply:\n\n```ruby\nfile new_resource.path do\n content new_resource.content\n owner 'app'\n group 'app'\nend\n```\n\nAs the content method returns the rendered template as a string, this can also\nbe useful within other templates to build from partials.\n\n#### Lazy Initializers\n\nOne issue with Poise-style resources is that when the class definition is executed, Chef hasn't loaded very far so things like the node object are not\nyet available. This means setting defaults based on node attributes does not work directly:\n\n```ruby\nattribute(:path, default: node['myapp']['path'])\n...\nNameError: undefined local variable or method 'node'\n```\n\nTo work around this, Poise extends the idea of lazy initializers from Chef recipes to work with resource definitions as well:\n\n```ruby\nattribute(:path, default: lazy { node['myapp']['path'] })\n```\n\nThese initializers are run in the context of the resource object, allowing\ncomplex default logic to be moved to a method if desired:\n\n```ruby\nattribute(:path, default: lazy { my_default_path })\n\ndef my_default_path\n ...\nend\n```\n\n#### Option Collector\n\nAnother common pattern with resources is to need a set of key/value pairs for\nconfiguration data or options. This can done with a simple Hash, but an option collector attribute can offer a nicer syntax:\n\n```ruby\nattribute(:mydata, option_collector: true)\n...\n\nmy_app 'name' do\n mydata do\n key1 'value1'\n key2 'value2'\n end\nend\n```\n\nThis will be converted to `{key1: 'value1', key2: 'value2'}`. You can also pass a Hash to an option collector attribute just as you would with a normal attribute.\n\n## Debugging Poise\n\nPoise has its own extra-verbose level of debug logging that can be enabled in\nthree different ways. You can either set the environment variable `$POISE_DEBUG`,\nset a node attribute `node['POISE_DEBUG']`, or touch the file `/POISE_DEBUG`.\nYou will see a log message `Extra verbose logging enabled` at the start of the\nrun to confirm Poise debugging has been enabled. Make sure you also set Chef's\nlog level to `debug`, usually via `-l debug` on the command line.\n\n## Upgrading from Poise 1.x\n\nThe biggest change when upgrading from Poise 1.0 is that the mixin is no longer\nloaded automatically. You must add `require 'poise'` to your code is you want to\nload it, as you would with normal Ruby code outside of Chef. It is also highly\nrecommended to add `provides(:name)` calls to your resources and providers, this\nwill be required in Chef 13 and will display a deprecation warning if you do\nnot. This also means you can move your code out of the `Chef` module namespace\nand instead declare it in your own namespace. An example of this is shown above.\n\n## Sponsors\n\nThe Poise test server infrastructure is generously sponsored by [Rackspace](https://rackspace.com/). Thanks Rackspace!\n\n## License\n\nCopyright 2013-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"aix":">= 0.0.0","amazon":">= 0.0.0","arch":">= 0.0.0","centos":">= 0.0.0","chefspec":">= 0.0.0","debian":">= 0.0.0","dragonfly4":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","gentoo":">= 0.0.0","ios_xr":">= 0.0.0","mac_os_x":">= 0.0.0","nexus":">= 0.0.0","omnios":">= 0.0.0","openbsd":">= 0.0.0","opensuse":">= 0.0.0","oracle":">= 0.0.0","raspbian":">= 0.0.0","redhat":">= 0.0.0","slackware":">= 0.0.0","smartos":">= 0.0.0","solaris2":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/poise","issues_url":"https://github.com/poise/poise/issues","chef_version":[["< 15",">= 12.14"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/redis/.gitignore b/cookbooks/redis/.gitignore deleted file mode 100644 index bf6420b..0000000 --- a/cookbooks/redis/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -*.tgz -*.tar.gz -vendor/bundle -.bundle -.DS_Store -build/* -tmp/ -*.lock -.kitchen/* diff --git a/cookbooks/redis/.kitchen.yml b/cookbooks/redis/.kitchen.yml deleted file mode 100644 index c69ece7..0000000 --- a/cookbooks/redis/.kitchen.yml +++ /dev/null @@ -1,20 +0,0 @@ -driver: - require_chef_omnibus: <%= ENV.fetch("CHEF_VERSION", "latest") %> - ssh_key: <%= File.expand_path("./test/support/keys/vagrant") %> - name: vagrant - -provisioner: - name: chef_solo - -platforms: - - name: debian-6.0.8 - - name: debian-7.2.0 - - name: ubuntu-12.04 - - name: ubuntu-14.04 - -suites: - - name: default - run_list: - - recipe[redis::server] - - recipe[redis::client] - # - recipe[minitest-handler] diff --git a/cookbooks/redis/.rubocop.yml b/cookbooks/redis/.rubocop.yml deleted file mode 100644 index 9e26e49..0000000 --- a/cookbooks/redis/.rubocop.yml +++ /dev/null @@ -1,18 +0,0 @@ -LineLength: - Max: 80 - Exclude: - - "**/attributes/*.rb" - - "**/metadata.rb" - -StringLiterals: - EnforcedStyle: double_quotes - -PercentLiteralDelimiters: - PreferredDelimiters: - "%w": "[]" # Arrays use brackets - -SingleSpaceBeforeFirstArg: - Enabled: false # too strict about metadata and certain formatting - -inherit_from: test/support/rubocop/enabled.yml -inherit_from: test/support/rubocop/disabled.yml diff --git a/cookbooks/redis/.ruby-gemset b/cookbooks/redis/.ruby-gemset deleted file mode 100644 index 515fa5d..0000000 --- a/cookbooks/redis/.ruby-gemset +++ /dev/null @@ -1 +0,0 @@ -chef-redis diff --git a/cookbooks/redis/.ruby-version b/cookbooks/redis/.ruby-version deleted file mode 100644 index cd57a8b..0000000 --- a/cookbooks/redis/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -2.1.5 diff --git a/cookbooks/redis/.travis.yml b/cookbooks/redis/.travis.yml deleted file mode 100644 index 852f917..0000000 --- a/cookbooks/redis/.travis.yml +++ /dev/null @@ -1,19 +0,0 @@ -language: ruby -bundler_args: --jobs 3 --without integration -rvm: -- 1.9.3 -- 2.0.0 -- 2.1.5 -before_script: -- "gem install bundler-audit --no-rdoc --no-ri && bundle-audit update" -script: -- bundle-audit -- bundle exec rake rubocop -- bundle exec rake foodcritic -- bundle exec rake chefspec -- bundle exec rake kitchen:all -- bundle exec license_finder --quiet -env: - matrix: - - CHEF_VERSION: "10.30" - - CHEF_VERSION: "11.16" diff --git a/cookbooks/redis/Berksfile b/cookbooks/redis/Berksfile deleted file mode 100644 index 06f8e4f..0000000 --- a/cookbooks/redis/Berksfile +++ /dev/null @@ -1,7 +0,0 @@ -source "http://api.berkshelf.com" - -metadata - -group :integration do - cookbook "minitest-handler" -end diff --git a/cookbooks/redis/Gemfile b/cookbooks/redis/Gemfile deleted file mode 100644 index 88b54de..0000000 --- a/cookbooks/redis/Gemfile +++ /dev/null @@ -1,20 +0,0 @@ -source "https://rubygems.org" - -chef_version = ENV.fetch("CHEF_VERSION", "11.16") - -gem "chef", "~> #{chef_version}" -gem "chefspec", "~> 4.1.1" if chef_version =~ /^11/ - -gem "berkshelf", "~> 3.2.1" -gem "foodcritic", "~> 4.0.0" -gem "license_finder", "~> 1.2.0" -gem "rake" -gem "rubocop", "~> 0.27.1" -gem "serverspec", "~> 2.3.1" - -group :integration do - gem "busser-serverspec", "~> 0.5.3" - gem "guard-rspec", "~> 4.3.1" - gem "kitchen-vagrant", "~> 0.15.0" - gem "test-kitchen", "~> 1.2.1" -end diff --git a/cookbooks/redis/Guardfile b/cookbooks/redis/Guardfile deleted file mode 100644 index e40e264..0000000 --- a/cookbooks/redis/Guardfile +++ /dev/null @@ -1,5 +0,0 @@ -guard :rspec, cmd: "rspec --color", all_on_start: false do - watch(/^spec\/(.+)_spec\.rb$/) - watch(/^recipes\/(.+)\.rb$/) { |m| "spec/#{m[1]}_spec.rb" } - watch("spec/spec_helper.rb") { "spec" } -end diff --git a/cookbooks/redis/LICENSE.txt b/cookbooks/redis/LICENSE.txt deleted file mode 100644 index 20dac68..0000000 --- a/cookbooks/redis/LICENSE.txt +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) -Copyright © 2012-2014 Phil Cohen - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the “Software”), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/cookbooks/redis/README.md b/cookbooks/redis/README.md deleted file mode 100644 index 30954ef..0000000 --- a/cookbooks/redis/README.md +++ /dev/null @@ -1,155 +0,0 @@ -# chef-redis [![Build Status](https://travis-ci.org/phlipper/chef-redis.svg?branch=master)](https://travis-ci.org/phlipper/chef-redis) - -## Description - -This cookbook installs [Redis](http://redis.io) from Chris Lea's [ppa archive](https://launchpad.net/~chris-lea/+archive/redis-server). - -Redis is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. - - -## Requirements - -### Supported Platforms - -The following platforms are supported by this cookbook, meaning that the recipes run on these platforms without error: - -* Ubuntu 12.04+ -* Debian 6+ - -### Cookbooks - -* [apt](http://community.opscode.com/cookbooks/apt) -* [minitest-handler](http://community.opscode.com/cookbooks/minitest-handler) _(suggested, not required)_ - - -## Recipes - -* `redis` - The default recipe. Setup apt with ppa details. -* `redis::server` - Install the Redis server. -* `redis::client` - Install the Redis client. - -# Usage - -This cookbook installs the Redis components if not present, and pulls updates if they are installed on the system. - - -## Attributes - -```ruby -case node["platform"] -when "debian" - default["redis"]["apt_distribution"] = node["lsb"]["codename"] - default["redis"]["apt_repository"] = "dotdeb" - default["redis"]["apt_uri"] = "http://packages.dotdeb.org" - default["redis"]["apt_components"] = ["all"] - default["redis"]["apt_key"] = "http://www.dotdeb.org/dotdeb.gpg" -when "ubuntu" - default["redis"]["apt_distribution"] = node["lsb"]["codename"] - default["redis"]["apt_repository"] = "chris-lea-redis-server" - default["redis"]["apt_uri"] = "http://ppa.launchpad.net/chris-lea/redis-server/ubuntu" - default["redis"]["apt_components"] = ["main"] - default["redis"]["apt_keyserver"] = "keyserver.ubuntu.com" - default["redis"]["apt_key"] = "C7917B12" -end -default["redis"]["pidfile"] = "/var/run/redis/redis-server.pid" -default["redis"]["daemonize"] = "yes" -default["redis"]["port"] = 6379 -default["redis"]["bind"] = "127.0.0.1" -default["redis"]["unixsocket"] = "/var/run/redis/redis.sock" -default["redis"]["unixsocketperm"] = 755 -default["redis"]["timeout"] = 300 -default["redis"]["loglevel"] = "notice" -default["redis"]["logfile"] = "/var/log/redis/redis-server.log" -default["redis"]["syslog_enabled"] = "no" -default["redis"]["syslog_ident"] = "redis" -default["redis"]["syslog_facility"] = "local0" -default["redis"]["databases"] = 16 -default["redis"]["snapshots"] = { - 900 => 1, - 300 => 10, - 60 => 10000 -} -default["redis"]["stop_writes_on_bgsave_error"] = "yes" -default["redis"]["rdbcompression"] = "yes" -default["redis"]["rdbchecksum"] = "yes" -default["redis"]["dbfilename"] = "dump.rdb" -default["redis"]["dir"] = "/var/lib/redis" -default["redis"]["slaveof"] = "" -default["redis"]["masterauth"] = "" -default["redis"]["slave_serve_stale_data"] = "yes" -default["redis"]["slave_read_only"] = "yes" -default["redis"]["repl_ping_slave_period"] = 10 -default["redis"]["repl_timeout"] = 60 -default["redis"]["slave_priority"] = 100 -default["redis"]["requirepass"] = "" -default["redis"]["rename_commands"] = [] -default["redis"]["maxclients"] = 128 -default["redis"]["maxmemory"] = "64mb" -default["redis"]["maxmemory_policy"] = "volatile-lru" -default["redis"]["maxmemory_samples"] = 3 -default["redis"]["appendonly"] = "no" -default["redis"]["appendfilename"] = "appendonly.aof" -default["redis"]["appendfsync"] = "everysec" -default["redis"]["no_appendfsync_on_rewrite"] = "no" -default["redis"]["auto_aof_rewrite_percentage"] = 100 -default["redis"]["auto_aof_rewrite_min_size"] = "64mb" -default["redis"]["lua_time_limit"] = 5000 -default["redis"]["slowlog_log_slower_than"] = 10000 -default["redis"]["slowlog_max_len"] = 1024 -default["redis"]["hash_max_ziplist_entries"] = 512 -default["redis"]["hash_max_ziplist_value"] = 64 -default["redis"]["list_max_ziplist_entries"] = 512 -default["redis"]["list_max_ziplist_value"] = 64 -default["redis"]["set_max_intset_entries"] = 512 -default["redis"]["zset_max_ziplist_entries"] = 128 -default["redis"]["zset_max_ziplist_value"] = 64 -default["redis"]["activerehashing"] = "yes" -default["redis"]["client_output_buffer_limit"] = { - "normal" => "0 0 0", - "slave" => "256mb 64mb 60", - "pubsub" => "32mb 8mb 60" -} -default["redis"]["include_config_files"] = [] -default["redis"]["ulimit"] = "" -default["redis"]["auto_upgrade"] = false -``` - - -## Basic Settings - -* `node["redis"]["ulimit"]` - Sets the maximum number of file descriptors for the Redis process. If this is unset or empty, the limit is the system default. The default may not be high enough to handle a large number of concurrent connections. See [Redis Clients Handling](http://redis.io/topics/clients). - - -## Contributors - -Many thanks go to the following [contributors](https://github.com/phlipper/chef-redis/graphs/contributors) who have helped to make this cookbook even better: - -* **[@smoil](https://github.com/smoil)** - * `redis.conf` updates for Redis 2.6 -* **[@svend](https://github.com/svend)** - * add attribute to set ulimit -* **[@maciej](https://github.com/maciej)** - * ensure `node["redis"]["dir"]` exists -* **[@dwradcliffe](https://github.com/dwradcliffe)** - * allow bind to all interfaces -* **[@duggan](https://github.com/duggan)** - * allow customizable apt sources - -## Contributing - -This cookbook could have way more personality... Help make it so! - -1. Fork it -2. Create your feature branch (`git checkout -b my-new-feature`) -3. Commit your changes (`git commit -am 'Added some feature'`) -4. Push to the branch (`git push origin my-new-feature`) -5. Create new Pull Request - - -## License - -**chef-redis** - -* Freely distributable and licensed under the [MIT license](http://phlipper.mit-license.org/2012-2014/license.html). -* Copyright (c) 2012-2014 Phil Cohen (github@phlippers.net) [![endorse](http://api.coderwall.com/phlipper/endorsecount.png)](http://coderwall.com/phlipper) [![Gittip](http://img.shields.io/gittip/phlipper.png)](https://www.gittip.com/phlipper/) -* http://phlippers.net/ diff --git a/cookbooks/redis/Rakefile b/cookbooks/redis/Rakefile deleted file mode 100644 index 52903cd..0000000 --- a/cookbooks/redis/Rakefile +++ /dev/null @@ -1,31 +0,0 @@ -task default: "test" - -desc "Run all tests except `kitchen`" -task test: [:rubocop, :foodcritic, :chefspec] - -desc "Run all tests" -task all_tests: [:rubocop, :foodcritic, :chefspec, "kitchen:all"] - -# rubocop style checker -require "rubocop/rake_task" -RuboCop::RakeTask.new - -# foodcritic chef lint -require "foodcritic" -FoodCritic::Rake::LintTask.new do |t| - t.options = { fail_tags: ["any"] } -end - -# chefspec unit tests -require "rspec/core/rake_task" -RSpec::Core::RakeTask.new(:chefspec) do |t| - t.rspec_opts = "--color --format progress" -end - -# test-kitchen integration tests -begin - require "kitchen/rake_tasks" - Kitchen::RakeTasks.new -rescue LoadError - task("kitchen:all") { puts "Unable to run `test-kitchen`" } -end diff --git a/cookbooks/redis/attributes/default.rb b/cookbooks/redis/attributes/default.rb deleted file mode 100644 index 692fe4e..0000000 --- a/cookbooks/redis/attributes/default.rb +++ /dev/null @@ -1,77 +0,0 @@ -case node["platform"] -when "debian" - default["redis"]["apt_distribution"] = node["lsb"]["codename"] - default["redis"]["apt_repository"] = "dotdeb" - default["redis"]["apt_uri"] = "http://packages.dotdeb.org" - default["redis"]["apt_components"] = ["all"] - default["redis"]["apt_key"] = "http://www.dotdeb.org/dotdeb.gpg" -when "ubuntu" - default["redis"]["apt_distribution"] = node["lsb"]["codename"] - default["redis"]["apt_repository"] = "chris-lea-redis-server" - default["redis"]["apt_uri"] = "http://ppa.launchpad.net/chris-lea/redis-server/ubuntu" - default["redis"]["apt_components"] = ["main"] - default["redis"]["apt_keyserver"] = "keyserver.ubuntu.com" - default["redis"]["apt_key"] = "C7917B12" -end - -default["redis"]["pidfile"] = "/var/run/redis/redis-server.pid" -default["redis"]["daemonize"] = "yes" -default["redis"]["port"] = 6379 -default["redis"]["bind"] = "127.0.0.1" -default["redis"]["unixsocket"] = "/var/run/redis/redis.sock" -default["redis"]["unixsocketperm"] = 755 -default["redis"]["timeout"] = 300 -default["redis"]["loglevel"] = "notice" -default["redis"]["logfile"] = "/var/log/redis/redis-server.log" -default["redis"]["syslog_enabled"] = "no" -default["redis"]["syslog_ident"] = "redis" -default["redis"]["syslog_facility"] = "local0" -default["redis"]["databases"] = 16 -default["redis"]["snapshots"] = { - 900 => 1, - 300 => 10, - 60 => 10_000 -} -default["redis"]["stop_writes_on_bgsave_error"] = "yes" -default["redis"]["rdbcompression"] = "yes" -default["redis"]["rdbchecksum"] = "yes" -default["redis"]["dbfilename"] = "dump.rdb" -default["redis"]["dir"] = "/var/lib/redis" -default["redis"]["slaveof"] = "" -default["redis"]["masterauth"] = "" -default["redis"]["slave_serve_stale_data"] = "yes" -default["redis"]["slave_read_only"] = "yes" -default["redis"]["repl_ping_slave_period"] = 10 -default["redis"]["repl_timeout"] = 60 -default["redis"]["slave_priority"] = 100 -default["redis"]["requirepass"] = "" -default["redis"]["rename_commands"] = [] -default["redis"]["maxclients"] = 128 -default["redis"]["maxmemory"] = "64mb" -default["redis"]["maxmemory_policy"] = "volatile-lru" -default["redis"]["maxmemory_samples"] = 3 -default["redis"]["appendonly"] = "no" -default["redis"]["appendfilename"] = "appendonly.aof" -default["redis"]["appendfsync"] = "everysec" -default["redis"]["no_appendfsync_on_rewrite"] = "no" -default["redis"]["auto_aof_rewrite_percentage"] = 100 -default["redis"]["auto_aof_rewrite_min_size"] = "64mb" -default["redis"]["lua_time_limit"] = 5000 -default["redis"]["slowlog_log_slower_than"] = 10_000 -default["redis"]["slowlog_max_len"] = 1024 -default["redis"]["hash_max_ziplist_entries"] = 512 -default["redis"]["hash_max_ziplist_value"] = 64 -default["redis"]["list_max_ziplist_entries"] = 512 -default["redis"]["list_max_ziplist_value"] = 64 -default["redis"]["set_max_intset_entries"] = 512 -default["redis"]["zset_max_ziplist_entries"] = 128 -default["redis"]["zset_max_ziplist_value"] = 64 -default["redis"]["activerehashing"] = "yes" -default["redis"]["client_output_buffer_limit"] = { - "normal" => "0 0 0", - "slave" => "256mb 64mb 60", - "pubsub" => "32mb 8mb 60" -} -default["redis"]["include_config_files"] = [] -default["redis"]["ulimit"] = "" -default["redis"]["auto_upgrade"] = false diff --git a/cookbooks/redis/config/license_finder.yml b/cookbooks/redis/config/license_finder.yml deleted file mode 100644 index 45173be..0000000 --- a/cookbooks/redis/config/license_finder.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -whitelist: -- Apache 2.0 -- Apache v2 -- BSD -- BSD-3 -- ISC -- MIT -- Ruby -dependencies_file_dir: doc/license_finder -project_name: chef-redis diff --git a/cookbooks/redis/doc/license_finder/dependencies.csv b/cookbooks/redis/doc/license_finder/dependencies.csv deleted file mode 100644 index 91da360..0000000 --- a/cookbooks/redis/doc/license_finder/dependencies.csv +++ /dev/null @@ -1,105 +0,0 @@ -addressable, 2.3.6, Apache 2.0 -ast, 2.0.0, MIT -astrolabe, 1.3.0, MIT -berkshelf, 3.2.1, Apache 2.0 -berkshelf-api-client, 1.2.0, Apache 2.0 -buff-config, 1.0.1, Apache 2.0 -buff-extensions, 1.0.0, Apache 2.0 -buff-ignore, 1.1.1, Apache 2.0 -buff-ruby_engine, 0.1.0, Apache 2.0 -buff-shell_out, 0.2.0, Apache 2.0 -bundler, 1.7.6, MIT -busser, 0.6.0, Apache 2.0 -busser-serverspec, 0.5.3, Apache 2.0 -celluloid, 0.16.0, MIT -celluloid-io, 0.16.1, MIT -chef, 11.16.4, Apache 2.0 -chef-zero, 2.2.1, Apache 2.0 -chefspec, 4.1.1, MIT -cleanroom, 1.0.0, Apache 2.0 -coderay, 1.1.0, MIT -dep-selector-libgecode, 1.0.2, MIT, Apache 2.0 -dep_selector, 1.0.3, Apache v2 -diff-lcs, 1.2.5, MIT, Perl Artistic v2, GNU GPL v2 -erubis, 2.7.0, MIT -faraday, 0.9.0, MIT -fauxhai, 2.2.0, MIT -ffi, 1.9.6, BSD -ffi-yajl, 1.3.0, Apache 2.0 -foodcritic, 4.0.0, MIT -formatador, 0.2.5, MIT -gherkin, 2.12.2, MIT -guard, 2.8.2, MIT -guard-rspec, 4.3.1, MIT -hashie, 2.1.2, MIT -highline, 1.6.21, ruby -hitimes, 1.2.2, ISC -httparty, 0.13.3, MIT -ipaddress, 0.8.0, MIT -json, 1.8.1, ruby -kitchen-vagrant, 0.15.0, Apache 2.0 -libyajl2, 1.2.0, Apache 2.0 -license_finder, 1.2, MIT -listen, 2.8.0, MIT -lumberjack, 1.0.9, MIT -method_source, 0.8.2, MIT -mime-types, 1.25.1, MIT, Artistic 2.0, GPL-2 -mini_portile, 0.6.1, MIT -minitar, 0.5.4, ruby -mixlib-authentication, 1.3.0, Apache 2.0 -mixlib-cli, 1.5.0, Apache 2.0 -mixlib-config, 2.1.0, Apache 2.0 -mixlib-log, 1.6.0, Apache 2.0 -mixlib-shellout, 1.6.0, Apache 2.0 -multi_json, 1.10.1, MIT -multi_xml, 0.5.5, MIT -multipart-post, 2.0.0, MIT -net-http-persistent, 2.9.4, MIT -net-scp, 1.2.1, MIT -net-ssh, 2.9.1, MIT -net-ssh-gateway, 1.2.0, MIT -net-ssh-multi, 1.2.0, MIT -nio4r, 1.0.1, MIT -nokogiri, 1.6.4.1, MIT -octokit, 3.5.2, MIT -ohai, 7.4.0, Apache 2.0 -parser, 2.2.0.pre.8, MIT -plist, 3.1.0, MIT -polyglot, 0.3.5, MIT -powerpack, 0.0.9, MIT -pry, 0.10.1, MIT -rack, 1.5.2, MIT -rainbow, 2.0.0, MIT -rake, 10.3.2, MIT -rb-fsevent, 0.9.4, MIT -rb-inotify, 0.9.5, MIT -rest-client, 1.6.7, MIT -retryable, 1.3.6, MIT -ridley, 4.1.0, Apache 2.0 -rspec, 3.1.0, MIT -rspec-core, 3.1.7, MIT -rspec-expectations, 3.1.2, MIT -rspec-its, 1.1.0, MIT -rspec-mocks, 3.1.3, MIT -rspec-support, 3.1.2, MIT -rubocop, 0.27.1, MIT -ruby-progressbar, 1.7.0, MIT -rufus-lru, 1.0.5, MIT -safe_yaml, 1.0.4, MIT -sawyer, 0.5.5, MIT -semverse, 1.2.1, Apache 2.0 -sequel, 4.16.0, MIT -serverspec, 2.3.1, MIT -slop, 3.6.0, MIT -solve, 1.2.1, Apache 2.0 -specinfra, 2.5.0, MIT -sqlite3, 1.3.10, New BSD -systemu, 2.6.4, ruby -test-kitchen, 1.2.1, Apache 2.0 -thor, 0.19.1, MIT -timers, 4.0.1, MIT -treetop, 1.5.3, MIT -varia_model, 0.4.0, Apache 2.0 -wmi-lite, 1.0.0, Apache 2.0 -xml-simple, 1.1.4, ruby -yajl-ruby, 1.2.1, MIT diff --git a/cookbooks/redis/doc/license_finder/dependencies.db b/cookbooks/redis/doc/license_finder/dependencies.db deleted file mode 100644 index 1e1e87a..0000000 Binary files a/cookbooks/redis/doc/license_finder/dependencies.db and /dev/null differ diff --git a/cookbooks/redis/doc/license_finder/dependencies.html b/cookbooks/redis/doc/license_finder/dependencies.html deleted file mode 100644 index 5df7d0d..0000000 --- a/cookbooks/redis/doc/license_finder/dependencies.html +++ /dev/null @@ -1,2509 +0,0 @@ - - - - - - - -
-

chef-redis

-
-
-
-

Dependencies

- -

As of November 22, 2014 9:37pm

- -

105 total

- -
    -
  • 65 MIT
    • -
  • 28 Apache 2.0
    • -
  • 5 ruby
    • -
  • 1 Apache 2.0, MIT
    • -
  • 1 BSD
    • -
  • 1 Apache v2
    • -
  • 1 ISC
    • -
  • 1 Artistic 2.0, GPL-2, MIT
    • -
  • 1 GNU GPL v2, MIT, Perl Artistic v2
    • -
  • 1 New BSD
    • -
-
-
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- addressable - v2.3.6 -

-

URI Implementation

-

Addressable is a replacement for the URI implementation that is part of -Ruby's standard library. It more closely conforms to the relevant RFCs and -adds support for IRIs and URI templates. -

-
-
addressable is required by:
-
sawyer, ridley, berkshelf
-
-
-
addressable relies on:
-
rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- ast - v2.0.0 -

-

A library for working with Abstract Syntax Trees.

-

A library for working with Abstract Syntax Trees.

-
-
ast is required by:
-
parser
-
-
-
ast relies on:
-
rake, mime-types
-
-
-
-
-

- MIT - whitelisted - -

-
-

- astrolabe - v1.3.0 -

-

An object-oriented AST extension for Parser

-

An object-oriented AST extension for Parser

-
-
astrolabe is required by:
-
rubocop
-
-
-
astrolabe relies on:
-
parser, bundler, rake, rspec, rubocop, guard-rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- berkshelf - v3.2.1 (default) -

-

Manages a Cookbook's, or an Application's, Cookbook dependencies

-

Manages a Cookbook's, or an Application's, Cookbook dependencies

-
-
berkshelf relies on:
-
addressable, berkshelf-api-client, buff-config, buff-extensions, buff-shell_out, cleanroom, faraday, minitar, retryable, ridley, solve, thor, octokit, celluloid, celluloid-io, chef-zero, rake, rspec, test-kitchen
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- berkshelf-api-client - v1.2.0 -

-

API Client for communicating with a Berkshelf API server

-

API Client for communicating with a Berkshelf API server

-
-
berkshelf-api-client is required by:
-
berkshelf
-
-
-
berkshelf-api-client relies on:
-
faraday, bundler, rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- buff-config - v1.0.1 -

-

A simple configuration class

-

A simple configuration class

-
-
buff-config is required by:
-
ridley, berkshelf
-
-
-
buff-config relies on:
-
varia_model, buff-extensions, buff-ruby_engine, thor, bundler, rake, rspec, guard, guard-rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- buff-extensions - v1.0.0 -

-

Extensions to Core Ruby classes

-

Extensions to Core Ruby classes

-
-
buff-extensions is required by:
-
varia_model, buff-config, ridley, berkshelf
-
-
-
buff-extensions relies on:
-
buff-ruby_engine, thor, bundler, rake, rspec, guard, guard-rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- buff-ignore - v1.1.1 -

-

A Ruby library for parsing lists of files and applying pattern matching exclusion (such as .gitignore)

-

Parse ignore files with Ruby

-
-
buff-ignore is required by:
-
ridley
-
-
-
buff-ignore relies on:
-
bundler, rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- buff-ruby_engine - v0.1.0 -

-

Buff up your code with a mixin for querying the platform running Ruby

-

A mixin for querying the platform running Ruby

-
-
buff-ruby_engine is required by:
-
buff-extensions, varia_model, buff-config, buff-shell_out, ridley
-
-
-
buff-ruby_engine relies on:
-
thor, bundler, rake, rspec, guard, guard-rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- buff-shell_out - v0.2.0 -

-

Buff up your code with a mixin for issuing shell commands and collecting the output

-

A mixin for issuing shell commands and collecting the output

-
-
buff-shell_out is required by:
-
ridley, berkshelf
-
-
-
buff-shell_out relies on:
-
buff-ruby_engine, thor, bundler, rake, rspec, guard, guard-rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- bundler - v1.7.6 -

-

-

-
-
bundler is required by:
-
parser, astrolabe, faraday, berkshelf-api-client, buff-extensions, varia_model, buff-config, buff-ruby_engine, buff-shell_out, cleanroom, octokit, retryable, buff-ignore, semverse, dep-selector-libgecode, thor, busser, busser-serverspec, libyajl2, wmi-lite, pry, rspec-support, multi_json, gherkin, rb-fsevent, listen, guard-rspec, multi_xml, test-kitchen, license_finder, powerpack, rainbow, rspec-its, rubocop, specinfra, serverspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- busser - v0.6.0 -

-

Kitchen Busser - Runs tests for projects in test-kitchen

-

Kitchen Busser - Runs tests for projects in test-kitchen

-
-
busser is required by:
-
busser-serverspec
-
-
-
busser relies on:
-
thor, chef, bundler, rake
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- busser-serverspec - v0.5.3 (integration) -

-

A Busser runner plugin for Serverspec

-

A Busser runner plugin for Serverspec

-
-
busser-serverspec relies on:
-
busser, serverspec, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- celluloid - v0.16.0 -

-

Actor-based concurrent object framework for Ruby

-

Celluloid enables people to build concurrent programs out of concurrent objects just as easily as they build sequential programs out of sequential objects

-
-
celluloid is required by:
-
celluloid-io, ridley, berkshelf, listen
-
-
-
celluloid relies on:
-
timers, rake, rspec, guard-rspec, rubocop
-
-
-
-
-

- MIT - whitelisted - -

-
-

- celluloid-io - v0.16.1 -

-

Celluloid::IO allows you to monitor multiple IO objects within a Celluloid actor

-

Evented IO for Celluloid actors

-
-
celluloid-io is required by:
-
ridley, berkshelf, listen
-
-
-
celluloid-io relies on:
-
celluloid, nio4r, rake, rspec, guard-rspec, rb-fsevent
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- chef - v11.16.4 (default) -

-

A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure.

-

A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure.

-
-
chef is required by:
-
busser, ohai, chefspec
-
-
-
chef relies on:
-
mixlib-config, mixlib-cli, mixlib-log, mixlib-authentication, mixlib-shellout, ohai, rest-client, mime-types, ffi-yajl, net-ssh, net-ssh-multi, highline, erubis, diff-lcs, chef-zero, pry, plist, rack, rake, rspec-core, rspec-expectations, rspec-mocks
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- chef-zero - v2.2.1 -

-

Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes

-

Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes

-
-
chef-zero is required by:
-
berkshelf, chef
-
-
-
chef-zero relies on:
-
mixlib-log, hashie, ffi-yajl, rack, rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- chefspec - v4.1.1 (default) -

-

Write RSpec examples and generate coverage reports for Chef recipes!

-

ChefSpec is a unit testing and resource coverage (code coverage) framework for testing Chef cookbooks ChefSpec makes it easy to write examples and get fast feedback on cookbook changes without the need for virtual machines or cloud servers.

-
-
chefspec relies on:
-
chef, fauxhai, rspec, rake
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- cleanroom - v1.0.0 -

-

(More) safely evaluate Ruby DSLs with cleanroom

-

Ruby is an excellent programming language for creating and managing custom DSLs, but how can you securely evaluate a DSL while explicitly controlling the methods exposed to the user? Our good friends instance_eval and instance_exec are great, but they expose all methods - public, protected, and private - to the user. Even worse, they expose the ability to accidentally or intentionally alter the behavior of the system! The cleanroom pattern is a safer, more convenient, Ruby-like approach for limiting the information exposed by a DSL while giving users the ability to write awesome code!

-
-
cleanroom is required by:
-
berkshelf
-
-
-
cleanroom relies on:
-
rspec, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- coderay - v1.1.0 -

-

Fast syntax highlighting for selected languages.

-

Fast and easy syntax highlighting for selected languages, written in Ruby. Comes with RedCloth integration and LOC counter.

-
-
coderay is required by:
-
pry, rspec-core
-
-
-
-
-

- MIT, Apache 2.0 - whitelisted - -

-
-

- dep-selector-libgecode - v1.0.2 -

-

Installs a vendored copy of Gecode suitable for use with dep-selector

-

Installs a vendored copy of Gecode suitable for use with dep-selector

-
-
dep-selector-libgecode is required by:
-
dep_selector
-
-
-
dep-selector-libgecode relies on:
-
bundler, rake
-
-
-
-
-

- Apache v2 - whitelisted - -

-
-

- dep_selector - v1.0.3 -

-

Given packages, versions, and a dependency graph, find a valid assignment of package versions

-

Given packages, versions, and a dependency graph, find a valid assignment of package versions

-
-
dep_selector is required by:
-
solve
-
-
-
dep_selector relies on:
-
ffi, dep-selector-libgecode, rake, rspec, solve
-
-
-
-
-

- MIT, Perl Artistic v2, GNU GPL v2 - whitelisted - -

-
-

- diff-lcs - v1.2.5 -

-

Diff::LCS computes the difference between two Enumerable sequences using the McIlroy-Hunt longest common subsequence (LCS) algorithm

-

Diff::LCS computes the difference between two Enumerable sequences using the -McIlroy-Hunt longest common subsequence (LCS) algorithm. It includes utilities -to create a simple HTML diff output format and a standard diff-like tool. - -This is release 1.2.4, fixing a bug introduced after diff-lcs 1.1.3 that did -not properly prune common sequences at the beginning of a comparison set. -Thanks to Paul Kunysch for fixing this issue. - -Coincident with the release of diff-lcs 1.2.3, we reported an issue with -Rubinius in 1.9 mode -({rubinius/rubinius#2268}[https://github.com/rubinius/rubinius/issues/2268]). -We are happy to report that this issue has been resolved.

-
-
diff-lcs is required by:
-
chef, rspec-expectations
-
-
-
diff-lcs relies on:
-
rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- erubis - v2.7.0 -

-

a fast and extensible eRuby implementation which supports multi-language

-

Erubis is an implementation of eRuby and has the following features: - - * Very fast, almost three times faster than ERB and about 10% faster than eruby. - * Multi-language support (Ruby/PHP/C/Java/Scheme/Perl/Javascript) - * Auto escaping support - * Auto trimming spaces around '<% %>' - * Embedded pattern changeable (default '<% %>') - * Enable to handle Processing Instructions (PI) as embedded pattern (ex. '') - * Context object available and easy to combine eRuby template with YAML datafile - * Print statement available - * Easy to extend and customize in subclass - * Ruby on Rails support -

-
-
erubis is required by:
-
ridley, chef, foodcritic
-
-
-
-
-

- MIT - whitelisted - -

-
-

- faraday - v0.9.0 -

-

HTTP/REST API client library.

-

-
-
faraday is required by:
-
berkshelf-api-client, sawyer, ridley, berkshelf
-
-
-
faraday relies on:
-
multipart-post, bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- fauxhai - v2.2.0 -

-

Fauxhai provides an easy way to mock out your ohai data for testing with chefspec!

-

Easily mock out ohai data

-
-
fauxhai is required by:
-
chefspec
-
-
-
fauxhai relies on:
-
net-ssh, ohai, rake
-
-
-
-
-

- BSD - whitelisted - -

-
-

- ffi - v1.9.6 -

-

Ruby FFI

-

Ruby FFI library

-
-
ffi is required by:
-
dep_selector, libyajl2, ffi-yajl, ohai, rb-inotify
-
-
-
ffi relies on:
-
rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- ffi-yajl - v1.3.0 -

-

Ruby FFI wrapper around YAJL 2.x

-

Ruby FFI wrapper around YAJL 2.x

-
-
ffi-yajl is required by:
-
chef-zero, ohai, chef
-
-
-
ffi-yajl relies on:
-
rake, rspec, pry, mime-types, ffi, libyajl2
-
-
-
-
-

- MIT - whitelisted - -

-
-

- foodcritic - v4.0.0 (default) -

-

foodcritic-4.0.0

-

Lint tool for Opscode Chef cookbooks.

-
-
foodcritic relies on:
-
gherkin, nokogiri, rake, treetop, yajl-ruby, erubis, rufus-lru
-
-
-
-
-

- MIT - whitelisted - -

-
-

- formatador - v0.2.5 -

-

Ruby STDOUT text formatting

-

STDOUT text formatting

-
-
formatador is required by:
-
guard
-
-
-
formatador relies on:
-
rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- gherkin - v2.12.2 -

-

gherkin-2.12.2

-

A fast Gherkin lexer/parser based on the Ragel State Machine Compiler.

-
-
gherkin is required by:
-
foodcritic
-
-
-
gherkin relies on:
-
multi_json, rake, bundler, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- guard - v2.8.2 -

-

Guard keeps an eye on your file modifications

-

Guard is a command line tool to easily handle events on file system modifications.

-
-
guard is required by:
-
buff-extensions, varia_model, buff-config, buff-ruby_engine, buff-shell_out, guard-rspec
-
-
-
guard relies on:
-
thor, listen, pry, lumberjack, formatador
-
-
-
-
-

- MIT - whitelisted - -

-
-

- guard-rspec - v4.3.1 (integration) -

-

Guard gem for RSpec

-

Guard::RSpec automatically run your specs (much like autotest).

-
-
guard-rspec is required by:
-
astrolabe, buff-extensions, varia_model, buff-config, buff-ruby_engine, buff-shell_out, celluloid, celluloid-io, rb-fsevent
-
-
-
guard-rspec relies on:
-
guard, rspec, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- hashie - v2.1.2 -

-

Your friendly neighborhood hash library.

-

Hashie is a collection of classes and mixins that make hashes more powerful.

-
-
hashie is required by:
-
varia_model, ridley, chef-zero
-
-
-
hashie relies on:
-
rake, rspec
-
-
-
-
-

- ruby - whitelisted - -

-
-

- highline - v1.6.21 -

-

HighLine is a high-level command-line IO library.

-

A high-level IO library that provides validation, type conversion, and more for -command-line interfaces. HighLine also includes a complete menu system that can -crank out anything from simple list selection to complete shells with just -minutes of work. -

-
-
highline is required by:
-
chef
-
-
-
-
-

- ISC - whitelisted - -

-
-

- hitimes - v1.2.2 -

-

Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible.

-

Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible. It currently supports any of the following systems: * any system with the POSIX call `clock_gettime()` * Mac OS X * Windows * JRuby Using Hitimes can be faster than using a series of `Time.new` calls, and it will have a much higher granularity. It is definitely faster than using `Process.times`.

-
-
hitimes is required by:
-
timers
-
-
-
hitimes relies on:
-
rake, json
-
-
-
-
-

- MIT - whitelisted - -

-
-

- httparty - v0.13.3 -

-

Makes http fun! Also, makes consuming restful web services dead easy.

-

Makes http fun! Also, makes consuming restful web services dead easy.

-
-
httparty is required by:
-
license_finder
-
-
-
httparty relies on:
-
json, multi_xml
-
-
-
-
-

- MIT - whitelisted - -

-
-

- ipaddress - v0.8.0 -

-

IPv4/IPv6 addresses manipulation library

-

IPAddress is a Ruby library designed to make manipulation - of IPv4 and IPv6 addresses both powerful and simple. It mantains - a layer of compatibility with Ruby's own IPAddr, while - addressing many of its issues. -

-
-
ipaddress is required by:
-
ohai
-
-
-
-
-

- ruby - whitelisted - -

-
-

- json - v1.8.1 -

-

This json is bundled with Ruby

-

-
-
json is required by:
-
hitimes, ridley, yajl-ruby, httparty
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- kitchen-vagrant - v0.15.0 (integration) -

-

Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen.

-

Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen.

-
-
kitchen-vagrant relies on:
-
test-kitchen
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- libyajl2 - v1.2.0 -

-

Installs a vendored copy of libyajl2 for distributions which lack it

-

Installs a vendored copy of libyajl2 for distributions which lack it

-
-
libyajl2 is required by:
-
ffi-yajl
-
-
-
libyajl2 relies on:
-
bundler, rake, mime-types, rspec, ffi
-
-
-
-
-

- MIT - whitelisted - -

-
-

- license_finder - v1.2 (default) -

-

Audit the OSS licenses of your application's dependencies.

-

LicenseFinder works with your package managers to find - dependencies, detect the licenses of the packages in them, compare - those licenses against a user-defined whitelist, and give you an - actionable exception report. -

-
-
license_finder relies on:
-
bundler, sequel, thor, httparty, xml-simple, sqlite3, rake, rspec-its, pry, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- listen - v2.8.0 -

-

Listen to file modifications

-

The Listen gem listens to file modifications and notifies you about the changes. Works everywhere!

-
-
listen is required by:
-
guard
-
-
-
listen relies on:
-
celluloid, rb-fsevent, rb-inotify, bundler, celluloid-io, rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- lumberjack - v1.0.9 -

-

A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger.

-

A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger. Provides support for automatically rolling log files even with multiple processes writing the same log file.

-
-
lumberjack is required by:
-
guard
-
-
-
-
-

- MIT - whitelisted - -

-
-

- method_source - v0.8.2 -

-

retrieve the sourcecode for a method

-

retrieve the sourcecode for a method

-
-
method_source is required by:
-
pry
-
-
-
method_source relies on:
-
rake
-
-
-
-
-

- MIT, Artistic 2.0, GPL-2 - whitelisted - -

-
-

- mime-types - v1.25.1 -

-

This library allows for the identification of a file's likely MIME content type

-

This library allows for the identification of a file's likely MIME content -type. This is release 1.25.1, fixing an issue with priority comparison for -mime-types 1.x. The current release is 2.0, which only supports Ruby 1.9 or -later. - -Release 1.25.1 contains all features of 1.25, including the experimental -caching and lazy loading functionality. The caching and lazy loading features -were initially implemented by Greg Brockman (gdb). As these features are -experimental, they are disabled by default and must be enabled through the use -of environment variables. The cache is invalidated on a per-version basis; the -cache for version 1.25 will not be reused for any later version. - -To use lazy loading, set the environment variable +RUBY_MIME_TYPES_LAZY_LOAD+ -to any value other than 'false'. When using lazy loading, the initial startup -of MIME::Types is around 12–25× faster than normal startup (on my system, -normal startup is about 90 ms; lazy startup is about 4 ms). This isn't -generally useful, however, as the MIME::Types database has not been loaded. -Lazy startup and load is just *slightly* faster—around 1 ms. The real advantage -comes from using the cache. - -To enable the cache, set the environment variable +RUBY_MIME_TYPES_CACHE+ to a -filename where MIME::Types will have read-write access. The first time a new -version of MIME::Types is run using this file, it will be created, taking a -little longer than normal. Subsequent loads using the same cache file will be -approximately 3½× faster (25 ms) than normal loads. This can be combined with -+RUBY_MIME_TYPES_LAZY_LOAD+, but this is *not* recommended in a multithreaded -or multiprocess environment where all threads or processes will be using the -same cache file. - -As the caching interface is still experimental, the only values cached are the -default MIME::Types database, not any custom MIME::Types added by users. - -MIME types are used in MIME-compliant communications, as in e-mail or HTTP -traffic, to indicate the type of content which is transmitted. MIME::Types -provides the ability for detailed information about MIME entities (provided as -a set of MIME::Type objects) to be determined and used programmatically. There -are many types defined by RFCs and vendors, so the list is long but not -complete; don't hesitate to ask to add additional information. This library -follows the IANA collection of MIME types (see below for reference). - -MIME::Types for Ruby was originally based on MIME::Types for Perl by Mark -Overmeer, copyright 2001 - 2009. - -MIME::Types is built to conform to the MIME types of RFCs 2045 and 2231. It -tracks the {IANA registry}[http://www.iana.org/assignments/media-types/] -({ftp}[ftp://ftp.iana.org/assignments/media-types]) with some unofficial types -added from the {LTSW collection}[http://www.ltsw.se/knbase/internet/mime.htp] -and added by the users of MIME::Types.

-
-
mime-types is required by:
-
ast, parser, libyajl2, ffi-yajl, ohai, rest-client, chef
-
-
-
mime-types relies on:
-
rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- mini_portile - v0.6.1 -

-

Simplistic port-like solution for developers

-

Simplistic port-like solution for developers. It provides a standard and simplified way to compile against dependency libraries without messing up your system.

-
-
mini_portile is required by:
-
nokogiri, sqlite3
-
-
-
-
-

- ruby - whitelisted - -

-
-

- minitar - v0.5.4 -

-

Provides POSIX tarchive management from Ruby programs.

-

Archive::Tar::Minitar is a pure-Ruby library and command-line utility that provides the ability to deal with POSIX tar(1) archive files. The implementation is based heavily on Mauricio Ferna'ndez's implementation in rpa-base, but has been reorganised to promote reuse in other projects. Antoine Toulme forked the original project on rubyforge to place it on github, under http://www.github.com/atoulme/minitar

-
-
minitar is required by:
-
berkshelf
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- mixlib-authentication - v1.3.0 -

-

Mixes in simple per-request authentication

-

Mixes in simple per-request authentication

-
-
mixlib-authentication is required by:
-
ridley, chef
-
-
-
mixlib-authentication relies on:
-
mixlib-log
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- mixlib-cli - v1.5.0 -

-

A simple mixin for CLI interfaces, including option parsing

-

A simple mixin for CLI interfaces, including option parsing

-
-
mixlib-cli is required by:
-
ohai, chef
-
-
-
mixlib-cli relies on:
-
rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- mixlib-config - v2.1.0 -

-

A class based configuration library

-

A class based configuration library

-
-
mixlib-config is required by:
-
ohai, chef
-
-
-
mixlib-config relies on:
-
rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- mixlib-log - v1.6.0 -

-

A gem that provides a simple mixin for log functionality

-

-
-
mixlib-log is required by:
-
mixlib-authentication, chef-zero, ohai, chef
-
-
-
mixlib-log relies on:
-
rake, rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- mixlib-shellout - v1.6.0 -

-

Run external commands on Unix or Windows

-

Run external commands on Unix or Windows

-
-
mixlib-shellout is required by:
-
ohai, chef, test-kitchen
-
-
-
mixlib-shellout relies on:
-
rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- multi_json - v1.10.1 -

-

A common interface to multiple JSON libraries.

-

A common interface to multiple JSON libraries, including Oj, Yajl, the JSON gem (with C-extensions), the pure-Ruby JSON gem, NSJSONSerialization, gson.rb, JrJackson, and OkJson.

-
-
multi_json is required by:
-
gherkin, serverspec
-
-
-
multi_json relies on:
-
bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- multi_xml - v0.5.5 -

-

A generic swappable back-end for XML parsing

-

Provides swappable XML backends utilizing LibXML, Nokogiri, Ox, or REXML.

-
-
multi_xml is required by:
-
httparty
-
-
-
multi_xml relies on:
-
bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- multipart-post - v2.0.0 -

-

A multipart form post accessory for Net::HTTP.

-

Use with Net::HTTP to do multipart form posts. IO values that have #content_type, #original_filename, and #local_path will be posted as a binary file.

-
-
multipart-post is required by:
-
faraday
-
-
-
-
-

- MIT - whitelisted - -

-
-

- net-http-persistent - v2.9.4 -

-

Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8

-

Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8. -It's thread-safe too! - -Using persistent HTTP connections can dramatically increase the speed of HTTP. -Creating a new HTTP connection for every request involves an extra TCP -round-trip and causes TCP congestion avoidance negotiation to start over. - -Net::HTTP supports persistent connections with some API methods but does not -handle reconnection gracefully. Net::HTTP::Persistent supports reconnection -and retry according to RFC 2616.

-
-
net-http-persistent is required by:
-
ridley
-
-
-
-
-

- MIT - whitelisted - -

-
-

- net-scp - v1.2.1 -

-

A pure Ruby implementation of the SCP client protocol

-

A pure Ruby implementation of the SCP client protocol

-
-
net-scp is required by:
-
test-kitchen, specinfra
-
-
-
net-scp relies on:
-
net-ssh
-
-
-
-
-

- MIT - whitelisted - -

-
-

- net-ssh - v2.9.1 -

-

Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.

-

Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.

-
-
net-ssh is required by:
-
net-ssh-gateway, net-ssh-multi, chef, fauxhai, net-scp, test-kitchen, specinfra
-
-
-
-
-

- MIT - whitelisted - -

-
-

- net-ssh-gateway - v1.2.0 -

-

A simple library to assist in establishing tunneled Net::SSH connections

-

A simple library to assist in establishing tunneled Net::SSH connections

-
-
net-ssh-gateway is required by:
-
net-ssh-multi
-
-
-
net-ssh-gateway relies on:
-
net-ssh
-
-
-
-
-

- MIT - whitelisted - -

-
-

- net-ssh-multi - v1.2.0 -

-

Control multiple Net::SSH connections via a single interface.

-

Control multiple Net::SSH connections via a single interface.

-
-
net-ssh-multi is required by:
-
chef
-
-
-
net-ssh-multi relies on:
-
net-ssh, net-ssh-gateway
-
-
-
-
-

- MIT - whitelisted - -

-
-

- nio4r - v1.0.1 -

-

NIO provides a high performance selector API for monitoring IO objects

-

New IO for Ruby

-
-
nio4r is required by:
-
celluloid-io
-
-
-
nio4r relies on:
-
rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- nokogiri - v1.6.4.1 -

-

Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser

-

Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's -many features is the ability to search documents via XPath or CSS3 selectors. - -XML is like violence - if it doesn’t solve your problems, you are not using -enough of it.

-
-
nokogiri is required by:
-
rspec-core, foodcritic
-
-
-
nokogiri relies on:
-
mini_portile, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- octokit - v3.5.2 -

-

Ruby toolkit for working with the GitHub API

-

Simple wrapper for the GitHub API

-
-
octokit is required by:
-
berkshelf
-
-
-
octokit relies on:
-
bundler, sawyer
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- ohai - v7.4.0 -

-

Ohai profiles your system and emits JSON

-

Ohai profiles your system and emits JSON

-
-
ohai is required by:
-
chef, fauxhai
-
-
-
ohai relies on:
-
mime-types, systemu, ffi-yajl, mixlib-cli, mixlib-config, mixlib-log, mixlib-shellout, ipaddress, wmi-lite, ffi, rake, rspec-core, rspec-expectations, rspec-mocks, chef
-
-
-
-
-

- MIT - whitelisted - -

-
-

- parser - v2.2.0.pre.8 -

-

A Ruby parser written in pure Ruby.

-

A Ruby parser written in pure Ruby.

-
-
parser is required by:
-
astrolabe, rubocop
-
-
-
parser relies on:
-
ast, slop, bundler, rake, mime-types, rest-client
-
-
-
-
-

- MIT - whitelisted - -

-
-

- plist - v3.1.0 -

-

All-purpose Property List manipulation library.

-

Plist is a library to manipulate Property List files, also known as plists. It can parse plist files into native Ruby data structures as well as generating new plist files from your Ruby objects. -

-
-
plist is required by:
-
chef
-
-
-
-
-

- MIT - whitelisted - -

-
-

- polyglot - v0.3.5 -

-

Augment 'require' to load non-Ruby file types

-

-The Polyglot library allows a Ruby module to register a loader -for the file type associated with a filename extension, and it -augments 'require' to find and load matching files.

-
-
polyglot is required by:
-
treetop
-
-
-
-
-

- MIT - whitelisted - -

-
-

- powerpack - v0.0.9 -

-

A few useful extensions to core Ruby classes.

-

A few useful extensions to core Ruby classes.

-
-
powerpack is required by:
-
rubocop
-
-
-
powerpack relies on:
-
bundler, rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- pry - v0.10.1 -

-

An IRB alternative and runtime developer console

-

An IRB alternative and runtime developer console

-
-
pry is required by:
-
ffi-yajl, wmi-lite, chef, guard, license_finder
-
-
-
pry relies on:
-
coderay, slop, method_source, bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rack - v1.5.2 -

-

a modular Ruby webserver interface

-

Rack provides a minimal, modular and adaptable interface for developing -web applications in Ruby. By wrapping HTTP requests and responses in -the simplest way possible, it unifies and distills the API for web -servers, web frameworks, and software in between (the so-called -middleware) into a single method call. - -Also see http://rack.github.com/. -

-
-
rack is required by:
-
chef-zero, chef
-
-
-
rack relies on:
-
rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rainbow - v2.0.0 -

-

Colorize printed text on ANSI terminals

-

Colorize printed text on ANSI terminals

-
-
rainbow is required by:
-
rubocop
-
-
-
rainbow relies on:
-
bundler, rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rake - v10.3.2 (default) -

-

Rake is a Make-like program implemented in Ruby

-

Rake is a Make-like program implemented in Ruby. Tasks and dependencies are -specified in standard Ruby syntax. - -Rake has the following features: - -* Rakefiles (rake's version of Makefiles) are completely defined in - standard Ruby syntax. No XML files to edit. No quirky Makefile - syntax to worry about (is that a tab or a space?) - -* Users can specify tasks with prerequisites. - -* Rake supports rule patterns to synthesize implicit tasks. - -* Flexible FileLists that act like arrays but know about manipulating - file names and paths. - -* A library of prepackaged tasks to make building rakefiles easier. For example, - tasks for building tarballs and publishing to FTP or SSH sites. (Formerly - tasks for building RDoc and Gems were included in rake but they're now - available in RDoc and RubyGems respectively.) - -* Supports parallel execution of tasks.

-
-
rake is required by:
-
addressable, ast, slop, parser, astrolabe, berkshelf-api-client, buff-extensions, hashie, varia_model, buff-config, buff-ruby_engine, buff-shell_out, hitimes, timers, celluloid, nio4r, celluloid-io, cleanroom, buff-ignore, mixlib-log, semverse, dep-selector-libgecode, ffi, dep_selector, berkshelf, busser, busser-serverspec, libyajl2, ffi-yajl, rack, chef-zero, diff-lcs, mime-types, mixlib-cli, mixlib-config, wmi-lite, ohai, method_source, chef, fauxhai, rspec-support, rspec-core, rspec-expectations, rspec-mocks, chefspec, gherkin, nokogiri, rufus-lru, treetop, foodcritic, formatador, listen, guard-rspec, test-kitchen, license_finder, powerpack, rainbow, rspec-its, rubocop, specinfra, serverspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rb-fsevent - v0.9.4 -

-

Very simple & usable FSEvents API

-

FSEvents API with Signals catching (without RubyCocoa)

-
-
rb-fsevent is required by:
-
celluloid-io, listen
-
-
-
rb-fsevent relies on:
-
bundler, rspec, guard-rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rb-inotify - v0.9.5 -

-

A Ruby wrapper for Linux's inotify, using FFI

-

A Ruby wrapper for Linux's inotify, using FFI

-
-
rb-inotify is required by:
-
listen
-
-
-
rb-inotify relies on:
-
ffi
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rest-client - v1.6.7 -

-

Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions.

-

A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework style of specifying actions: get, put, post, delete.

-
-
rest-client is required by:
-
parser, chef
-
-
-
rest-client relies on:
-
mime-types, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- retryable - v1.3.6 -

-

Kernel#retryable, allow for retrying of code blocks.

-

Kernel#retryable, allow for retrying of code blocks.

-
-
retryable is required by:
-
ridley, berkshelf
-
-
-
retryable relies on:
-
bundler
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- ridley - v4.1.0 -

-

A reliable Chef API client with a clean syntax

-

A reliable Chef API client with a clean syntax

-
-
ridley is required by:
-
berkshelf
-
-
-
ridley relies on:
-
addressable, varia_model, buff-config, buff-extensions, buff-ignore, buff-shell_out, celluloid, celluloid-io, erubis, faraday, hashie, json, mixlib-authentication, net-http-persistent, retryable, semverse, buff-ruby_engine
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec - v3.1.0 -

-

rspec-3.1.0

-

BDD for Ruby

-
-
rspec is required by:
-
addressable, astrolabe, berkshelf-api-client, buff-extensions, hashie, varia_model, buff-config, buff-ruby_engine, buff-shell_out, timers, celluloid, nio4r, celluloid-io, cleanroom, buff-ignore, mixlib-log, ffi, dep_selector, berkshelf, libyajl2, ffi-yajl, chef-zero, diff-lcs, mixlib-cli, mixlib-config, mixlib-shellout, wmi-lite, rest-client, chefspec, gherkin, rufus-lru, treetop, yajl-ruby, rb-fsevent, listen, guard-rspec, license_finder, powerpack, rainbow, ruby-progressbar, rubocop, specinfra, serverspec
-
-
-
rspec relies on:
-
rspec-core, rspec-expectations, rspec-mocks
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec-core - v3.1.7 -

-

rspec-core-3.1.7

-

BDD for Ruby. RSpec runner and example groups.

-
-
rspec-core is required by:
-
ohai, chef, rspec, rspec-its
-
-
-
rspec-core relies on:
-
rspec-support, rake, nokogiri, coderay
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec-expectations - v3.1.2 -

-

rspec-expectations-3.1.2

-

rspec-expectations provides a simple, readable API to express expected outcomes of a code example.

-
-
rspec-expectations is required by:
-
ohai, chef, rspec, rspec-its
-
-
-
rspec-expectations relies on:
-
rspec-support, diff-lcs, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec-its - v1.1.0 -

-

Provides "its" method formally part of rspec-core

-

RSpec extension gem for attribute matching

-
-
rspec-its is required by:
-
license_finder, specinfra, serverspec
-
-
-
rspec-its relies on:
-
rspec-core, rspec-expectations, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec-mocks - v3.1.3 -

-

rspec-mocks-3.1.3

-

RSpec's 'test double' framework, with support for stubbing and mocking

-
-
rspec-mocks is required by:
-
ohai, chef, rspec
-
-
-
rspec-mocks relies on:
-
rspec-support, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rspec-support - v3.1.2 -

-

rspec-support-3.1.2

-

Support utilities for RSpec gems

-
-
rspec-support is required by:
-
rspec-core, rspec-expectations, rspec-mocks
-
-
-
rspec-support relies on:
-
bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rubocop - v0.27.1 (default) -

-

Automatic Ruby code style checking tool.

-

Automatic Ruby code style checking tool. - Aims to enforce the community-driven Ruby Style Guide. -

-
-
rubocop is required by:
-
astrolabe, celluloid
-
-
-
rubocop relies on:
-
rainbow, parser, powerpack, astrolabe, ruby-progressbar, rake, rspec, bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- ruby-progressbar - v1.7.0 -

-

Ruby/ProgressBar is a flexible text progress bar library for Ruby.

-

Ruby/ProgressBar is an extremely flexible text progress bar library for Ruby. -The output can be customized with a flexible formatting system including: -percentage, bars of various formats, elapsed time and estimated time remaining. -

-
-
ruby-progressbar is required by:
-
rubocop
-
-
-
ruby-progressbar relies on:
-
rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- rufus-lru - v1.0.5 -

-

A Hash with a max size, controlled by a LRU mechanism

-

LruHash class, a Hash with a max size, controlled by a LRU mechanism

-
-
rufus-lru is required by:
-
foodcritic
-
-
-
rufus-lru relies on:
-
rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- safe_yaml - v1.0.4 -

-

SameYAML provides an alternative implementation of YAML.load suitable for accepting user input in Ruby applications.

-

Parse YAML safely

-
-
safe_yaml is required by:
-
test-kitchen
-
-
-
-
-

- MIT - whitelisted - -

-
-

- sawyer - v0.5.5 -

-

Secret User Agent of HTTP

-

-
-
sawyer is required by:
-
octokit
-
-
-
sawyer relies on:
-
faraday, addressable
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- semverse - v1.2.1 -

-

An elegant library for representing and comparing SemVer versions and constraints

-

An elegant library for representing and comparing SemVer versions and constraints

-
-
semverse is required by:
-
ridley, solve
-
-
-
semverse relies on:
-
bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- sequel - v4.16.0 -

-

The Database Toolkit for Ruby

-

The Database Toolkit for Ruby

-
-
sequel is required by:
-
license_finder
-
-
-
-
-

- MIT - whitelisted - -

-
-

- serverspec - v2.3.1 (default) -

-

RSpec tests for your servers configured by Puppet, Chef or anything else

-

RSpec tests for your servers configured by Puppet, Chef or anything else

-
-
serverspec is required by:
-
busser-serverspec
-
-
-
serverspec relies on:
-
rspec, rspec-its, multi_json, specinfra, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- slop - v3.6.0 -

-

Simple Lightweight Option Parsing

-

A simple DSL for gathering options and parsing the command line

-
-
slop is required by:
-
parser, pry
-
-
-
slop relies on:
-
rake
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- solve - v1.2.1 -

-

A Ruby version constraint solver implementing Semantic Versioning 2.0.0-rc.1

-

A Ruby version constraint solver

-
-
solve is required by:
-
dep_selector, berkshelf
-
-
-
solve relies on:
-
semverse, dep_selector
-
-
-
-
-

- MIT - whitelisted - -

-
-

- specinfra - v2.5.0 -

-

Common layer for serverspec and itamae

-

Common layer for serverspec and itamae

-
-
specinfra is required by:
-
serverspec
-
-
-
specinfra relies on:
-
net-ssh, net-scp, bundler, rake, rspec, rspec-its
-
-
-
-
-

- New BSD - whitelisted - -

-
-

- sqlite3 - v1.3.10 -

-

This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org)

-

This module allows Ruby programs to interface with the SQLite3 -database engine (http://www.sqlite.org). You must have the -SQLite engine installed in order to build this module. - -Note that this module is only compatible with SQLite 3.6.16 or newer.

-
-
sqlite3 is required by:
-
license_finder
-
-
-
sqlite3 relies on:
-
mini_portile
-
-
-
-
-

- ruby - whitelisted - -

-
-

- systemu - v2.6.4 -

-

systemu

-

universal capture of stdout and stderr and handling of child process pid for windows, *nix, etc.

-
-
systemu is required by:
-
ohai
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- test-kitchen - v1.2.1 (integration) -

-

Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms.

-

Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms.

-
-
test-kitchen is required by:
-
berkshelf, kitchen-vagrant
-
-
-
test-kitchen relies on:
-
mixlib-shellout, net-scp, net-ssh, safe_yaml, thor, bundler, rake
-
-
-
-
-

- MIT - whitelisted - -

-
-

- thor - v0.19.1 -

-

Thor is a toolkit for building powerful command-line interfaces.

-

Thor is a toolkit for building powerful command-line interfaces.

-
-
thor is required by:
-
buff-extensions, varia_model, buff-config, buff-ruby_engine, buff-shell_out, berkshelf, busser, guard, test-kitchen, license_finder
-
-
-
thor relies on:
-
bundler
-
-
-
-
-

- MIT - whitelisted - -

-
-

- timers - v4.0.1 -

-

Schedule procs to run after a certain time, or at periodic intervals, using any API that accepts a timeout

-

Pure Ruby one-shot and periodic timers

-
-
timers is required by:
-
celluloid
-
-
-
timers relies on:
-
hitimes, rake, rspec
-
-
-
-
-

- MIT - whitelisted - -

-
-

- treetop - v1.5.3 -

-

A Ruby-based text parsing and interpretation DSL

-

-
-
treetop is required by:
-
foodcritic
-
-
-
treetop relies on:
-
polyglot, rspec, rake
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- varia_model - v0.4.0 -

-

A mixin to provide objects with magic attribute reading and writing

-

A mixin to provide objects with magic attribute reading and writing

-
-
varia_model is required by:
-
buff-config, ridley
-
-
-
varia_model relies on:
-
hashie, buff-extensions, buff-ruby_engine, thor, bundler, rake, rspec, guard, guard-rspec
-
-
-
-
-

- Apache 2.0 - whitelisted - -

-
-

- wmi-lite - v1.0.0 -

-

A lightweight utility library for accessing basic WMI (Windows Management Instrumentation) functionality on Windows

-

A lightweight utility over win32ole for accessing basic WMI (Windows Management Instrumentation) functionality in the Microsoft Windows operating system. It has no runtime dependencies other than Ruby, so it can be used without concerns around dependency issues.

-
-
wmi-lite is required by:
-
ohai
-
-
-
wmi-lite relies on:
-
bundler, rspec, rake, pry
-
-
-
-
-

- ruby - whitelisted - -

-
-

- xml-simple - v1.1.4 -

-

A simple API for XML processing.

-

-
-
xml-simple is required by:
-
license_finder
-
-
-
-
-

- MIT - whitelisted - -

-
-

- yajl-ruby - v1.2.1 -

-

Ruby C bindings to the excellent Yajl JSON stream-based parser library.

-

-
-
yajl-ruby is required by:
-
foodcritic
-
-
-
yajl-ruby relies on:
-
rspec, json
-
-
-
-
- - diff --git a/cookbooks/redis/doc/license_finder/dependencies.md b/cookbooks/redis/doc/license_finder/dependencies.md deleted file mode 100644 index 581d441..0000000 --- a/cookbooks/redis/doc/license_finder/dependencies.md +++ /dev/null @@ -1,991 +0,0 @@ -# chef-redis - -As of November 22, 2014 9:37pm. 105 total - -## Summary -* 65 MIT -* 28 Apache 2.0 -* 5 ruby -* 1 Apache 2.0, MIT -* 1 BSD -* 1 Apache v2 -* 1 ISC -* 1 Artistic 2.0, GPL-2, MIT -* 1 GNU GPL v2, MIT, Perl Artistic v2 -* 1 New BSD - - - -## Items - - - -### addressable v2.3.6 -#### URI Implementation - -Apache 2.0 whitelisted - -Addressable is a replacement for the URI implementation that is part of -Ruby's standard library. It more closely conforms to the relevant RFCs and -adds support for IRIs and URI templates. - - - -### ast v2.0.0 -#### A library for working with Abstract Syntax Trees. - -MIT whitelisted - -A library for working with Abstract Syntax Trees. - - -### astrolabe v1.3.0 -#### An object-oriented AST extension for Parser - -MIT whitelisted - -An object-oriented AST extension for Parser - - -### berkshelf v3.2.1 (default) -#### Manages a Cookbook's, or an Application's, Cookbook dependencies - -Apache 2.0 whitelisted - -Manages a Cookbook's, or an Application's, Cookbook dependencies - - -### berkshelf-api-client v1.2.0 -#### API Client for communicating with a Berkshelf API server - -Apache 2.0 whitelisted - -API Client for communicating with a Berkshelf API server - - -### buff-config v1.0.1 -#### A simple configuration class - -Apache 2.0 whitelisted - -A simple configuration class - - -### buff-extensions v1.0.0 -#### Extensions to Core Ruby classes - -Apache 2.0 whitelisted - -Extensions to Core Ruby classes - - -### buff-ignore v1.1.1 -#### A Ruby library for parsing lists of files and applying pattern matching exclusion (such as .gitignore) - -Apache 2.0 whitelisted - -Parse ignore files with Ruby - - -### buff-ruby_engine v0.1.0 -#### Buff up your code with a mixin for querying the platform running Ruby - -Apache 2.0 whitelisted - -A mixin for querying the platform running Ruby - - -### buff-shell_out v0.2.0 -#### Buff up your code with a mixin for issuing shell commands and collecting the output - -Apache 2.0 whitelisted - -A mixin for issuing shell commands and collecting the output - - -### bundler v1.7.6 -#### - -MIT whitelisted - - - -### busser v0.6.0 -#### Kitchen Busser - Runs tests for projects in test-kitchen - -Apache 2.0 whitelisted - -Kitchen Busser - Runs tests for projects in test-kitchen - - -### busser-serverspec v0.5.3 (integration) -#### A Busser runner plugin for Serverspec - -Apache 2.0 whitelisted - -A Busser runner plugin for Serverspec - - -### celluloid v0.16.0 -#### Actor-based concurrent object framework for Ruby - -MIT whitelisted - -Celluloid enables people to build concurrent programs out of concurrent objects just as easily as they build sequential programs out of sequential objects - - -### celluloid-io v0.16.1 -#### Celluloid::IO allows you to monitor multiple IO objects within a Celluloid actor - -MIT whitelisted - -Evented IO for Celluloid actors - - -### chef v11.16.4 (default) -#### A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure. - -Apache 2.0 whitelisted - -A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure. - - -### chef-zero v2.2.1 -#### Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes - -Apache 2.0 whitelisted - -Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes - - -### chefspec v4.1.1 (default) -#### Write RSpec examples and generate coverage reports for Chef recipes! - -MIT whitelisted - -ChefSpec is a unit testing and resource coverage (code coverage) framework for testing Chef cookbooks ChefSpec makes it easy to write examples and get fast feedback on cookbook changes without the need for virtual machines or cloud servers. - - -### cleanroom v1.0.0 -#### (More) safely evaluate Ruby DSLs with cleanroom - -Apache 2.0 whitelisted - -Ruby is an excellent programming language for creating and managing custom DSLs, but how can you securely evaluate a DSL while explicitly controlling the methods exposed to the user? Our good friends instance_eval and instance_exec are great, but they expose all methods - public, protected, and private - to the user. Even worse, they expose the ability to accidentally or intentionally alter the behavior of the system! The cleanroom pattern is a safer, more convenient, Ruby-like approach for limiting the information exposed by a DSL while giving users the ability to write awesome code! - - -### coderay v1.1.0 -#### Fast syntax highlighting for selected languages. - -MIT whitelisted - -Fast and easy syntax highlighting for selected languages, written in Ruby. Comes with RedCloth integration and LOC counter. - - -### dep-selector-libgecode v1.0.2 -#### Installs a vendored copy of Gecode suitable for use with dep-selector - -MIT, Apache 2.0 whitelisted - -Installs a vendored copy of Gecode suitable for use with dep-selector - - -### dep_selector v1.0.3 -#### Given packages, versions, and a dependency graph, find a valid assignment of package versions - -Apache v2 whitelisted - -Given packages, versions, and a dependency graph, find a valid assignment of package versions - - -### diff-lcs v1.2.5 -#### Diff::LCS computes the difference between two Enumerable sequences using the McIlroy-Hunt longest common subsequence (LCS) algorithm - -MIT, Perl Artistic v2, GNU GPL v2 whitelisted - -Diff::LCS computes the difference between two Enumerable sequences using the -McIlroy-Hunt longest common subsequence (LCS) algorithm. It includes utilities -to create a simple HTML diff output format and a standard diff-like tool. - -This is release 1.2.4, fixing a bug introduced after diff-lcs 1.1.3 that did -not properly prune common sequences at the beginning of a comparison set. -Thanks to Paul Kunysch for fixing this issue. - -Coincident with the release of diff-lcs 1.2.3, we reported an issue with -Rubinius in 1.9 mode -({rubinius/rubinius#2268}[https://github.com/rubinius/rubinius/issues/2268]). -We are happy to report that this issue has been resolved. - - -### erubis v2.7.0 -#### a fast and extensible eRuby implementation which supports multi-language - -MIT whitelisted - - Erubis is an implementation of eRuby and has the following features: - - * Very fast, almost three times faster than ERB and about 10% faster than eruby. - * Multi-language support (Ruby/PHP/C/Java/Scheme/Perl/Javascript) - * Auto escaping support - * Auto trimming spaces around '<% %>' - * Embedded pattern changeable (default '<% %>') - * Enable to handle Processing Instructions (PI) as embedded pattern (ex. '') - * Context object available and easy to combine eRuby template with YAML datafile - * Print statement available - * Easy to extend and customize in subclass - * Ruby on Rails support - - - -### faraday v0.9.0 -#### HTTP/REST API client library. - -MIT whitelisted - - - -### fauxhai v2.2.0 -#### Fauxhai provides an easy way to mock out your ohai data for testing with chefspec! - -MIT whitelisted - -Easily mock out ohai data - - -### ffi v1.9.6 -#### Ruby FFI - -BSD whitelisted - -Ruby FFI library - - -### ffi-yajl v1.3.0 -#### Ruby FFI wrapper around YAJL 2.x - -Apache 2.0 whitelisted - -Ruby FFI wrapper around YAJL 2.x - - -### foodcritic v4.0.0 (default) -#### foodcritic-4.0.0 - -MIT whitelisted - -Lint tool for Opscode Chef cookbooks. - - -### formatador v0.2.5 -#### Ruby STDOUT text formatting - -MIT whitelisted - -STDOUT text formatting - - -### gherkin v2.12.2 -#### gherkin-2.12.2 - -MIT whitelisted - -A fast Gherkin lexer/parser based on the Ragel State Machine Compiler. - - -### guard v2.8.2 -#### Guard keeps an eye on your file modifications - -MIT whitelisted - -Guard is a command line tool to easily handle events on file system modifications. - - -### guard-rspec v4.3.1 (integration) -#### Guard gem for RSpec - -MIT whitelisted - -Guard::RSpec automatically run your specs (much like autotest). - - -### hashie v2.1.2 -#### Your friendly neighborhood hash library. - -MIT whitelisted - -Hashie is a collection of classes and mixins that make hashes more powerful. - - -### highline v1.6.21 -#### HighLine is a high-level command-line IO library. - -ruby whitelisted - -A high-level IO library that provides validation, type conversion, and more for -command-line interfaces. HighLine also includes a complete menu system that can -crank out anything from simple list selection to complete shells with just -minutes of work. - - - -### hitimes v1.2.2 -#### Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible. - -ISC whitelisted - -Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible. It currently supports any of the following systems: * any system with the POSIX call `clock_gettime()` * Mac OS X * Windows * JRuby Using Hitimes can be faster than using a series of `Time.new` calls, and it will have a much higher granularity. It is definitely faster than using `Process.times`. - - -### httparty v0.13.3 -#### Makes http fun! Also, makes consuming restful web services dead easy. - -MIT whitelisted - -Makes http fun! Also, makes consuming restful web services dead easy. - - -### ipaddress v0.8.0 -#### IPv4/IPv6 addresses manipulation library - -MIT whitelisted - - IPAddress is a Ruby library designed to make manipulation - of IPv4 and IPv6 addresses both powerful and simple. It mantains - a layer of compatibility with Ruby's own IPAddr, while - addressing many of its issues. - - - -### json v1.8.1 -#### This json is bundled with Ruby - -ruby whitelisted - - - -### kitchen-vagrant v0.15.0 (integration) -#### Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen. - -Apache 2.0 whitelisted - -Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen. - - -### libyajl2 v1.2.0 -#### Installs a vendored copy of libyajl2 for distributions which lack it - -Apache 2.0 whitelisted - -Installs a vendored copy of libyajl2 for distributions which lack it - - -### license_finder v1.2 (default) -#### Audit the OSS licenses of your application's dependencies. - -MIT whitelisted - - LicenseFinder works with your package managers to find - dependencies, detect the licenses of the packages in them, compare - those licenses against a user-defined whitelist, and give you an - actionable exception report. - - - -### listen v2.8.0 -#### Listen to file modifications - -MIT whitelisted - -The Listen gem listens to file modifications and notifies you about the changes. Works everywhere! - - -### lumberjack v1.0.9 -#### A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger. - -MIT whitelisted - -A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger. Provides support for automatically rolling log files even with multiple processes writing the same log file. - - -### method_source v0.8.2 -#### retrieve the sourcecode for a method - -MIT whitelisted - -retrieve the sourcecode for a method - - -### mime-types v1.25.1 -#### This library allows for the identification of a file's likely MIME content type - -MIT, Artistic 2.0, GPL-2 whitelisted - -This library allows for the identification of a file's likely MIME content -type. This is release 1.25.1, fixing an issue with priority comparison for -mime-types 1.x. The current release is 2.0, which only supports Ruby 1.9 or -later. - -Release 1.25.1 contains all features of 1.25, including the experimental -caching and lazy loading functionality. The caching and lazy loading features -were initially implemented by Greg Brockman (gdb). As these features are -experimental, they are disabled by default and must be enabled through the use -of environment variables. The cache is invalidated on a per-version basis; the -cache for version 1.25 will not be reused for any later version. - -To use lazy loading, set the environment variable +RUBY_MIME_TYPES_LAZY_LOAD+ -to any value other than 'false'. When using lazy loading, the initial startup -of MIME::Types is around 12–25× faster than normal startup (on my system, -normal startup is about 90 ms; lazy startup is about 4 ms). This isn't -generally useful, however, as the MIME::Types database has not been loaded. -Lazy startup and load is just *slightly* faster—around 1 ms. The real advantage -comes from using the cache. - -To enable the cache, set the environment variable +RUBY_MIME_TYPES_CACHE+ to a -filename where MIME::Types will have read-write access. The first time a new -version of MIME::Types is run using this file, it will be created, taking a -little longer than normal. Subsequent loads using the same cache file will be -approximately 3½× faster (25 ms) than normal loads. This can be combined with -+RUBY_MIME_TYPES_LAZY_LOAD+, but this is *not* recommended in a multithreaded -or multiprocess environment where all threads or processes will be using the -same cache file. - -As the caching interface is still experimental, the only values cached are the -default MIME::Types database, not any custom MIME::Types added by users. - -MIME types are used in MIME-compliant communications, as in e-mail or HTTP -traffic, to indicate the type of content which is transmitted. MIME::Types -provides the ability for detailed information about MIME entities (provided as -a set of MIME::Type objects) to be determined and used programmatically. There -are many types defined by RFCs and vendors, so the list is long but not -complete; don't hesitate to ask to add additional information. This library -follows the IANA collection of MIME types (see below for reference). - -MIME::Types for Ruby was originally based on MIME::Types for Perl by Mark -Overmeer, copyright 2001 - 2009. - -MIME::Types is built to conform to the MIME types of RFCs 2045 and 2231. It -tracks the {IANA registry}[http://www.iana.org/assignments/media-types/] -({ftp}[ftp://ftp.iana.org/assignments/media-types]) with some unofficial types -added from the {LTSW collection}[http://www.ltsw.se/knbase/internet/mime.htp] -and added by the users of MIME::Types. - - -### mini_portile v0.6.1 -#### Simplistic port-like solution for developers - -MIT whitelisted - -Simplistic port-like solution for developers. It provides a standard and simplified way to compile against dependency libraries without messing up your system. - - -### minitar v0.5.4 -#### Provides POSIX tarchive management from Ruby programs. - -ruby whitelisted - -Archive::Tar::Minitar is a pure-Ruby library and command-line utility that provides the ability to deal with POSIX tar(1) archive files. The implementation is based heavily on Mauricio Ferna'ndez's implementation in rpa-base, but has been reorganised to promote reuse in other projects. Antoine Toulme forked the original project on rubyforge to place it on github, under http://www.github.com/atoulme/minitar - - -### mixlib-authentication v1.3.0 -#### Mixes in simple per-request authentication - -Apache 2.0 whitelisted - -Mixes in simple per-request authentication - - -### mixlib-cli v1.5.0 -#### A simple mixin for CLI interfaces, including option parsing - -Apache 2.0 whitelisted - -A simple mixin for CLI interfaces, including option parsing - - -### mixlib-config v2.1.0 -#### A class based configuration library - -Apache 2.0 whitelisted - -A class based configuration library - - -### mixlib-log v1.6.0 -#### A gem that provides a simple mixin for log functionality - -Apache 2.0 whitelisted - - - -### mixlib-shellout v1.6.0 -#### Run external commands on Unix or Windows - -Apache 2.0 whitelisted - -Run external commands on Unix or Windows - - -### multi_json v1.10.1 -#### A common interface to multiple JSON libraries. - -MIT whitelisted - -A common interface to multiple JSON libraries, including Oj, Yajl, the JSON gem (with C-extensions), the pure-Ruby JSON gem, NSJSONSerialization, gson.rb, JrJackson, and OkJson. - - -### multi_xml v0.5.5 -#### A generic swappable back-end for XML parsing - -MIT whitelisted - -Provides swappable XML backends utilizing LibXML, Nokogiri, Ox, or REXML. - - -### multipart-post v2.0.0 -#### A multipart form post accessory for Net::HTTP. - -MIT whitelisted - -Use with Net::HTTP to do multipart form posts. IO values that have #content_type, #original_filename, and #local_path will be posted as a binary file. - - -### net-http-persistent v2.9.4 -#### Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8 - -MIT whitelisted - -Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8. -It's thread-safe too! - -Using persistent HTTP connections can dramatically increase the speed of HTTP. -Creating a new HTTP connection for every request involves an extra TCP -round-trip and causes TCP congestion avoidance negotiation to start over. - -Net::HTTP supports persistent connections with some API methods but does not -handle reconnection gracefully. Net::HTTP::Persistent supports reconnection -and retry according to RFC 2616. - - -### net-scp v1.2.1 -#### A pure Ruby implementation of the SCP client protocol - -MIT whitelisted - -A pure Ruby implementation of the SCP client protocol - - -### net-ssh v2.9.1 -#### Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. - -MIT whitelisted - -Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2. - - -### net-ssh-gateway v1.2.0 -#### A simple library to assist in establishing tunneled Net::SSH connections - -MIT whitelisted - -A simple library to assist in establishing tunneled Net::SSH connections - - -### net-ssh-multi v1.2.0 -#### Control multiple Net::SSH connections via a single interface. - -MIT whitelisted - -Control multiple Net::SSH connections via a single interface. - - -### nio4r v1.0.1 -#### NIO provides a high performance selector API for monitoring IO objects - -MIT whitelisted - -New IO for Ruby - - -### nokogiri v1.6.4.1 -#### Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser - -MIT whitelisted - -Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's -many features is the ability to search documents via XPath or CSS3 selectors. - -XML is like violence - if it doesn’t solve your problems, you are not using -enough of it. - - -### octokit v3.5.2 -#### Ruby toolkit for working with the GitHub API - -MIT whitelisted - -Simple wrapper for the GitHub API - - -### ohai v7.4.0 -#### Ohai profiles your system and emits JSON - -Apache 2.0 whitelisted - -Ohai profiles your system and emits JSON - - -### parser v2.2.0.pre.8 -#### A Ruby parser written in pure Ruby. - -MIT whitelisted - -A Ruby parser written in pure Ruby. - - -### plist v3.1.0 -#### All-purpose Property List manipulation library. - -MIT whitelisted - -Plist is a library to manipulate Property List files, also known as plists. It can parse plist files into native Ruby data structures as well as generating new plist files from your Ruby objects. - - - -### polyglot v0.3.5 -#### Augment 'require' to load non-Ruby file types - -MIT whitelisted - - -The Polyglot library allows a Ruby module to register a loader -for the file type associated with a filename extension, and it -augments 'require' to find and load matching files. - - -### powerpack v0.0.9 -#### A few useful extensions to core Ruby classes. - -MIT whitelisted - -A few useful extensions to core Ruby classes. - - -### pry v0.10.1 -#### An IRB alternative and runtime developer console - -MIT whitelisted - -An IRB alternative and runtime developer console - - -### rack v1.5.2 -#### a modular Ruby webserver interface - -MIT whitelisted - -Rack provides a minimal, modular and adaptable interface for developing -web applications in Ruby. By wrapping HTTP requests and responses in -the simplest way possible, it unifies and distills the API for web -servers, web frameworks, and software in between (the so-called -middleware) into a single method call. - -Also see http://rack.github.com/. - - - -### rainbow v2.0.0 -#### Colorize printed text on ANSI terminals - -MIT whitelisted - -Colorize printed text on ANSI terminals - - -### rake v10.3.2 (default) -#### Rake is a Make-like program implemented in Ruby - -MIT whitelisted - -Rake is a Make-like program implemented in Ruby. Tasks and dependencies are -specified in standard Ruby syntax. - -Rake has the following features: - -* Rakefiles (rake's version of Makefiles) are completely defined in - standard Ruby syntax. No XML files to edit. No quirky Makefile - syntax to worry about (is that a tab or a space?) - -* Users can specify tasks with prerequisites. - -* Rake supports rule patterns to synthesize implicit tasks. - -* Flexible FileLists that act like arrays but know about manipulating - file names and paths. - -* A library of prepackaged tasks to make building rakefiles easier. For example, - tasks for building tarballs and publishing to FTP or SSH sites. (Formerly - tasks for building RDoc and Gems were included in rake but they're now - available in RDoc and RubyGems respectively.) - -* Supports parallel execution of tasks. - - -### rb-fsevent v0.9.4 -#### Very simple & usable FSEvents API - -MIT whitelisted - -FSEvents API with Signals catching (without RubyCocoa) - - -### rb-inotify v0.9.5 -#### A Ruby wrapper for Linux's inotify, using FFI - -MIT whitelisted - -A Ruby wrapper for Linux's inotify, using FFI - - -### rest-client v1.6.7 -#### Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions. - -MIT whitelisted - -A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework style of specifying actions: get, put, post, delete. - - -### retryable v1.3.6 -#### Kernel#retryable, allow for retrying of code blocks. - -MIT whitelisted - -Kernel#retryable, allow for retrying of code blocks. - - -### ridley v4.1.0 -#### A reliable Chef API client with a clean syntax - -Apache 2.0 whitelisted - -A reliable Chef API client with a clean syntax - - -### rspec v3.1.0 -#### rspec-3.1.0 - -MIT whitelisted - -BDD for Ruby - - -### rspec-core v3.1.7 -#### rspec-core-3.1.7 - -MIT whitelisted - -BDD for Ruby. RSpec runner and example groups. - - -### rspec-expectations v3.1.2 -#### rspec-expectations-3.1.2 - -MIT whitelisted - -rspec-expectations provides a simple, readable API to express expected outcomes of a code example. - - -### rspec-its v1.1.0 -#### Provides "its" method formally part of rspec-core - -MIT whitelisted - -RSpec extension gem for attribute matching - - -### rspec-mocks v3.1.3 -#### rspec-mocks-3.1.3 - -MIT whitelisted - -RSpec's 'test double' framework, with support for stubbing and mocking - - -### rspec-support v3.1.2 -#### rspec-support-3.1.2 - -MIT whitelisted - -Support utilities for RSpec gems - - -### rubocop v0.27.1 (default) -#### Automatic Ruby code style checking tool. - -MIT whitelisted - - Automatic Ruby code style checking tool. - Aims to enforce the community-driven Ruby Style Guide. - - - -### ruby-progressbar v1.7.0 -#### Ruby/ProgressBar is a flexible text progress bar library for Ruby. - -MIT whitelisted - -Ruby/ProgressBar is an extremely flexible text progress bar library for Ruby. -The output can be customized with a flexible formatting system including: -percentage, bars of various formats, elapsed time and estimated time remaining. - - - -### rufus-lru v1.0.5 -#### A Hash with a max size, controlled by a LRU mechanism - -MIT whitelisted - -LruHash class, a Hash with a max size, controlled by a LRU mechanism - - -### safe_yaml v1.0.4 -#### SameYAML provides an alternative implementation of YAML.load suitable for accepting user input in Ruby applications. - -MIT whitelisted - -Parse YAML safely - - -### sawyer v0.5.5 -#### Secret User Agent of HTTP - -MIT whitelisted - - - -### semverse v1.2.1 -#### An elegant library for representing and comparing SemVer versions and constraints - -Apache 2.0 whitelisted - -An elegant library for representing and comparing SemVer versions and constraints - - -### sequel v4.16.0 -#### The Database Toolkit for Ruby - -MIT whitelisted - -The Database Toolkit for Ruby - - -### serverspec v2.3.1 (default) -#### RSpec tests for your servers configured by Puppet, Chef or anything else - -MIT whitelisted - -RSpec tests for your servers configured by Puppet, Chef or anything else - - -### slop v3.6.0 -#### Simple Lightweight Option Parsing - -MIT whitelisted - -A simple DSL for gathering options and parsing the command line - - -### solve v1.2.1 -#### A Ruby version constraint solver implementing Semantic Versioning 2.0.0-rc.1 - -Apache 2.0 whitelisted - -A Ruby version constraint solver - - -### specinfra v2.5.0 -#### Common layer for serverspec and itamae - -MIT whitelisted - -Common layer for serverspec and itamae - - -### sqlite3 v1.3.10 -#### This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org) - -New BSD whitelisted - -This module allows Ruby programs to interface with the SQLite3 -database engine (http://www.sqlite.org). You must have the -SQLite engine installed in order to build this module. - -Note that this module is only compatible with SQLite 3.6.16 or newer. - - -### systemu v2.6.4 -#### systemu - -ruby whitelisted - -universal capture of stdout and stderr and handling of child process pid for windows, *nix, etc. - - -### test-kitchen v1.2.1 (integration) -#### Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms. - -Apache 2.0 whitelisted - -Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms. - - -### thor v0.19.1 -#### Thor is a toolkit for building powerful command-line interfaces. - -MIT whitelisted - -Thor is a toolkit for building powerful command-line interfaces. - - -### timers v4.0.1 -#### Schedule procs to run after a certain time, or at periodic intervals, using any API that accepts a timeout - -MIT whitelisted - -Pure Ruby one-shot and periodic timers - - -### treetop v1.5.3 -#### A Ruby-based text parsing and interpretation DSL - -MIT whitelisted - - - -### varia_model v0.4.0 -#### A mixin to provide objects with magic attribute reading and writing - -Apache 2.0 whitelisted - -A mixin to provide objects with magic attribute reading and writing - - -### wmi-lite v1.0.0 -#### A lightweight utility library for accessing basic WMI (Windows Management Instrumentation) functionality on Windows - -Apache 2.0 whitelisted - -A lightweight utility over win32ole for accessing basic WMI (Windows Management Instrumentation) functionality in the Microsoft Windows operating system. It has no runtime dependencies other than Ruby, so it can be used without concerns around dependency issues. - - -### xml-simple v1.1.4 -#### A simple API for XML processing. - -ruby whitelisted - - - -### yajl-ruby v1.2.1 -#### Ruby C bindings to the excellent Yajl JSON stream-based parser library. - -MIT whitelisted - diff --git a/cookbooks/redis/doc/license_finder/dependencies_detailed.csv b/cookbooks/redis/doc/license_finder/dependencies_detailed.csv deleted file mode 100644 index b529837..0000000 --- a/cookbooks/redis/doc/license_finder/dependencies_detailed.csv +++ /dev/null @@ -1,234 +0,0 @@ -addressable,2.3.6,Apache 2.0,URI Implementation,"Addressable is a replacement for the URI implementation that is part of -Ruby's standard library. It more closely conforms to the relevant RFCs and -adds support for IRIs and URI templates." -ast,2.0.0,MIT,A library for working with Abstract Syntax Trees.,A library for working with Abstract Syntax Trees. -astrolabe,1.3.0,MIT,An object-oriented AST extension for Parser,An object-oriented AST extension for Parser -berkshelf,3.2.1,Apache 2.0,"Manages a Cookbook's, or an Application's, Cookbook dependencies","Manages a Cookbook's, or an Application's, Cookbook dependencies" -berkshelf-api-client,1.2.0,Apache 2.0,API Client for communicating with a Berkshelf API server,API Client for communicating with a Berkshelf API server -buff-config,1.0.1,Apache 2.0,A simple configuration class,A simple configuration class -buff-extensions,1.0.0,Apache 2.0,Extensions to Core Ruby classes,Extensions to Core Ruby classes -buff-ignore,1.1.1,Apache 2.0,A Ruby library for parsing lists of files and applying pattern matching exclusion (such as .gitignore),Parse ignore files with Ruby -buff-ruby_engine,0.1.0,Apache 2.0,Buff up your code with a mixin for querying the platform running Ruby,A mixin for querying the platform running Ruby -buff-shell_out,0.2.0,Apache 2.0,Buff up your code with a mixin for issuing shell commands and collecting the output,A mixin for issuing shell commands and collecting the output -bundler,1.7.6,MIT,"","" -busser,0.6.0,Apache 2.0,Kitchen Busser - Runs tests for projects in test-kitchen,Kitchen Busser - Runs tests for projects in test-kitchen -busser-serverspec,0.5.3,Apache 2.0,A Busser runner plugin for Serverspec,A Busser runner plugin for Serverspec -celluloid,0.16.0,MIT,Actor-based concurrent object framework for Ruby,Celluloid enables people to build concurrent programs out of concurrent objects just as easily as they build sequential programs out of sequential objects -celluloid-io,0.16.1,MIT,Celluloid::IO allows you to monitor multiple IO objects within a Celluloid actor,Evented IO for Celluloid actors -chef,11.16.4,Apache 2.0,"A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure.","A systems integration framework, built to bring the benefits of configuration management to your entire infrastructure." -chef-zero,2.2.1,Apache 2.0,"Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes","Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes" -chefspec,4.1.1,MIT,Write RSpec examples and generate coverage reports for Chef recipes!,ChefSpec is a unit testing and resource coverage (code coverage) framework for testing Chef cookbooks ChefSpec makes it easy to write examples and get fast feedback on cookbook changes without the need for virtual machines or cloud servers. -cleanroom,1.0.0,Apache 2.0,(More) safely evaluate Ruby DSLs with cleanroom,"Ruby is an excellent programming language for creating and managing custom DSLs, but how can you securely evaluate a DSL while explicitly controlling the methods exposed to the user? Our good friends instance_eval and instance_exec are great, but they expose all methods - public, protected, and private - to the user. Even worse, they expose the ability to accidentally or intentionally alter the behavior of the system! The cleanroom pattern is a safer, more convenient, Ruby-like approach for limiting the information exposed by a DSL while giving users the ability to write awesome code!" -coderay,1.1.0,MIT,Fast syntax highlighting for selected languages.,"Fast and easy syntax highlighting for selected languages, written in Ruby. Comes with RedCloth integration and LOC counter." -dep-selector-libgecode,1.0.2,"MIT,Apache 2.0",Installs a vendored copy of Gecode suitable for use with dep-selector,Installs a vendored copy of Gecode suitable for use with dep-selector -dep_selector,1.0.3,Apache v2,"Given packages, versions, and a dependency graph, find a valid assignment of package versions","Given packages, versions, and a dependency graph, find a valid assignment of package versions" -diff-lcs,1.2.5,"MIT,Perl Artistic v2,GNU GPL v2",Diff::LCS computes the difference between two Enumerable sequences using the McIlroy-Hunt longest common subsequence (LCS) algorithm,"Diff::LCS computes the difference between two Enumerable sequences using the -McIlroy-Hunt longest common subsequence (LCS) algorithm. It includes utilities -to create a simple HTML diff output format and a standard diff-like tool. - -This is release 1.2.4, fixing a bug introduced after diff-lcs 1.1.3 that did -not properly prune common sequences at the beginning of a comparison set. -Thanks to Paul Kunysch for fixing this issue. - -Coincident with the release of diff-lcs 1.2.3, we reported an issue with -Rubinius in 1.9 mode -({rubinius/rubinius#2268}[https://github.com/rubinius/rubinius/issues/2268]). -We are happy to report that this issue has been resolved." -erubis,2.7.0,MIT,a fast and extensible eRuby implementation which supports multi-language,"Erubis is an implementation of eRuby and has the following features: - - * Very fast, almost three times faster than ERB and about 10% faster than eruby. - * Multi-language support (Ruby/PHP/C/Java/Scheme/Perl/Javascript) - * Auto escaping support - * Auto trimming spaces around '<% %>' - * Embedded pattern changeable (default '<% %>') - * Enable to handle Processing Instructions (PI) as embedded pattern (ex. '') - * Context object available and easy to combine eRuby template with YAML datafile - * Print statement available - * Easy to extend and customize in subclass - * Ruby on Rails support" -faraday,0.9.0,MIT,HTTP/REST API client library.,"" -fauxhai,2.2.0,MIT,Fauxhai provides an easy way to mock out your ohai data for testing with chefspec!,Easily mock out ohai data -ffi,1.9.6,BSD,Ruby FFI,Ruby FFI library -ffi-yajl,1.3.0,Apache 2.0,Ruby FFI wrapper around YAJL 2.x,Ruby FFI wrapper around YAJL 2.x -foodcritic,4.0.0,MIT,foodcritic-4.0.0,Lint tool for Opscode Chef cookbooks. -formatador,0.2.5,MIT,Ruby STDOUT text formatting,STDOUT text formatting -gherkin,2.12.2,MIT,gherkin-2.12.2,A fast Gherkin lexer/parser based on the Ragel State Machine Compiler. -guard,2.8.2,MIT,Guard keeps an eye on your file modifications,Guard is a command line tool to easily handle events on file system modifications. -guard-rspec,4.3.1,MIT,Guard gem for RSpec,Guard::RSpec automatically run your specs (much like autotest). -hashie,2.1.2,MIT,Your friendly neighborhood hash library.,Hashie is a collection of classes and mixins that make hashes more powerful. -highline,1.6.21,ruby,HighLine is a high-level command-line IO library.,"A high-level IO library that provides validation, type conversion, and more for -command-line interfaces. HighLine also includes a complete menu system that can -crank out anything from simple list selection to complete shells with just -minutes of work." -hitimes,1.2.2,ISC,"Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible.","Hitimes is a fast, high resolution timer library for recording performance metrics. It uses the appropriate low method calls for each system to get the highest granularity time increments possible. It currently supports any of the following systems: * any system with the POSIX call `clock_gettime()` * Mac OS X * Windows * JRuby Using Hitimes can be faster than using a series of `Time.new` calls, and it will have a much higher granularity. It is definitely faster than using `Process.times`." -httparty,0.13.3,MIT,"Makes http fun! Also, makes consuming restful web services dead easy.","Makes http fun! Also, makes consuming restful web services dead easy." -ipaddress,0.8.0,MIT,IPv4/IPv6 addresses manipulation library,"IPAddress is a Ruby library designed to make manipulation - of IPv4 and IPv6 addresses both powerful and simple. It mantains - a layer of compatibility with Ruby's own IPAddr, while - addressing many of its issues." -json,1.8.1,ruby,This json is bundled with Ruby,"" -kitchen-vagrant,0.15.0,Apache 2.0,Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen.,Kitchen::Driver::Vagrant - A Vagrant Driver for Test Kitchen. -libyajl2,1.2.0,Apache 2.0,Installs a vendored copy of libyajl2 for distributions which lack it,Installs a vendored copy of libyajl2 for distributions which lack it -license_finder,1.2,MIT,Audit the OSS licenses of your application's dependencies.,"LicenseFinder works with your package managers to find - dependencies, detect the licenses of the packages in them, compare - those licenses against a user-defined whitelist, and give you an - actionable exception report." -listen,2.8.0,MIT,Listen to file modifications,The Listen gem listens to file modifications and notifies you about the changes. Works everywhere! -lumberjack,1.0.9,MIT,"A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger.","A simple, powerful, and very fast logging utility that can be a drop in replacement for Logger or ActiveSupport::BufferedLogger. Provides support for automatically rolling log files even with multiple processes writing the same log file." -method_source,0.8.2,MIT,retrieve the sourcecode for a method,retrieve the sourcecode for a method -mime-types,1.25.1,"MIT,Artistic 2.0,GPL-2",This library allows for the identification of a file's likely MIME content type,"This library allows for the identification of a file's likely MIME content -type. This is release 1.25.1, fixing an issue with priority comparison for -mime-types 1.x. The current release is 2.0, which only supports Ruby 1.9 or -later. - -Release 1.25.1 contains all features of 1.25, including the experimental -caching and lazy loading functionality. The caching and lazy loading features -were initially implemented by Greg Brockman (gdb). As these features are -experimental, they are disabled by default and must be enabled through the use -of environment variables. The cache is invalidated on a per-version basis; the -cache for version 1.25 will not be reused for any later version. - -To use lazy loading, set the environment variable +RUBY_MIME_TYPES_LAZY_LOAD+ -to any value other than 'false'. When using lazy loading, the initial startup -of MIME::Types is around 12–25× faster than normal startup (on my system, -normal startup is about 90 ms; lazy startup is about 4 ms). This isn't -generally useful, however, as the MIME::Types database has not been loaded. -Lazy startup and load is just *slightly* faster—around 1 ms. The real advantage -comes from using the cache. - -To enable the cache, set the environment variable +RUBY_MIME_TYPES_CACHE+ to a -filename where MIME::Types will have read-write access. The first time a new -version of MIME::Types is run using this file, it will be created, taking a -little longer than normal. Subsequent loads using the same cache file will be -approximately 3½× faster (25 ms) than normal loads. This can be combined with -+RUBY_MIME_TYPES_LAZY_LOAD+, but this is *not* recommended in a multithreaded -or multiprocess environment where all threads or processes will be using the -same cache file. - -As the caching interface is still experimental, the only values cached are the -default MIME::Types database, not any custom MIME::Types added by users. - -MIME types are used in MIME-compliant communications, as in e-mail or HTTP -traffic, to indicate the type of content which is transmitted. MIME::Types -provides the ability for detailed information about MIME entities (provided as -a set of MIME::Type objects) to be determined and used programmatically. There -are many types defined by RFCs and vendors, so the list is long but not -complete; don't hesitate to ask to add additional information. This library -follows the IANA collection of MIME types (see below for reference). - -MIME::Types for Ruby was originally based on MIME::Types for Perl by Mark -Overmeer, copyright 2001 - 2009. - -MIME::Types is built to conform to the MIME types of RFCs 2045 and 2231. It -tracks the {IANA registry}[http://www.iana.org/assignments/media-types/] -({ftp}[ftp://ftp.iana.org/assignments/media-types]) with some unofficial types -added from the {LTSW collection}[http://www.ltsw.se/knbase/internet/mime.htp] -and added by the users of MIME::Types." -mini_portile,0.6.1,MIT,Simplistic port-like solution for developers,Simplistic port-like solution for developers. It provides a standard and simplified way to compile against dependency libraries without messing up your system. -minitar,0.5.4,ruby,Provides POSIX tarchive management from Ruby programs.,"Archive::Tar::Minitar is a pure-Ruby library and command-line utility that provides the ability to deal with POSIX tar(1) archive files. The implementation is based heavily on Mauricio Ferna'ndez's implementation in rpa-base, but has been reorganised to promote reuse in other projects. Antoine Toulme forked the original project on rubyforge to place it on github, under http://www.github.com/atoulme/minitar" -mixlib-authentication,1.3.0,Apache 2.0,Mixes in simple per-request authentication,Mixes in simple per-request authentication -mixlib-cli,1.5.0,Apache 2.0,"A simple mixin for CLI interfaces, including option parsing","A simple mixin for CLI interfaces, including option parsing" -mixlib-config,2.1.0,Apache 2.0,A class based configuration library,A class based configuration library -mixlib-log,1.6.0,Apache 2.0,A gem that provides a simple mixin for log functionality,"" -mixlib-shellout,1.6.0,Apache 2.0,Run external commands on Unix or Windows,Run external commands on Unix or Windows -multi_json,1.10.1,MIT,A common interface to multiple JSON libraries.,"A common interface to multiple JSON libraries, including Oj, Yajl, the JSON gem (with C-extensions), the pure-Ruby JSON gem, NSJSONSerialization, gson.rb, JrJackson, and OkJson." -multi_xml,0.5.5,MIT,A generic swappable back-end for XML parsing,"Provides swappable XML backends utilizing LibXML, Nokogiri, Ox, or REXML." -multipart-post,2.0.0,MIT,A multipart form post accessory for Net::HTTP.,"Use with Net::HTTP to do multipart form posts. IO values that have #content_type, #original_filename, and #local_path will be posted as a binary file." -net-http-persistent,2.9.4,MIT,Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8,"Manages persistent connections using Net::HTTP plus a speed fix for Ruby 1.8. -It's thread-safe too! - -Using persistent HTTP connections can dramatically increase the speed of HTTP. -Creating a new HTTP connection for every request involves an extra TCP -round-trip and causes TCP congestion avoidance negotiation to start over. - -Net::HTTP supports persistent connections with some API methods but does not -handle reconnection gracefully. Net::HTTP::Persistent supports reconnection -and retry according to RFC 2616." -net-scp,1.2.1,MIT,A pure Ruby implementation of the SCP client protocol,A pure Ruby implementation of the SCP client protocol -net-ssh,2.9.1,MIT,Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.,"Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2." -net-ssh-gateway,1.2.0,MIT,A simple library to assist in establishing tunneled Net::SSH connections,A simple library to assist in establishing tunneled Net::SSH connections -net-ssh-multi,1.2.0,MIT,Control multiple Net::SSH connections via a single interface.,Control multiple Net::SSH connections via a single interface. -nio4r,1.0.1,MIT,NIO provides a high performance selector API for monitoring IO objects,New IO for Ruby -nokogiri,1.6.4.1,MIT,"Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser","Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's -many features is the ability to search documents via XPath or CSS3 selectors. - -XML is like violence - if it doesn’t solve your problems, you are not using -enough of it." -octokit,3.5.2,MIT,Ruby toolkit for working with the GitHub API,Simple wrapper for the GitHub API -ohai,7.4.0,Apache 2.0,Ohai profiles your system and emits JSON,Ohai profiles your system and emits JSON -parser,2.2.0.pre.8,MIT,A Ruby parser written in pure Ruby.,A Ruby parser written in pure Ruby. -plist,3.1.0,MIT,All-purpose Property List manipulation library.,"Plist is a library to manipulate Property List files, also known as plists. It can parse plist files into native Ruby data structures as well as generating new plist files from your Ruby objects." -polyglot,0.3.5,MIT,Augment 'require' to load non-Ruby file types,"The Polyglot library allows a Ruby module to register a loader -for the file type associated with a filename extension, and it -augments 'require' to find and load matching files." -powerpack,0.0.9,MIT,A few useful extensions to core Ruby classes.,A few useful extensions to core Ruby classes. -pry,0.10.1,MIT,An IRB alternative and runtime developer console,An IRB alternative and runtime developer console -rack,1.5.2,MIT,a modular Ruby webserver interface,"Rack provides a minimal, modular and adaptable interface for developing -web applications in Ruby. By wrapping HTTP requests and responses in -the simplest way possible, it unifies and distills the API for web -servers, web frameworks, and software in between (the so-called -middleware) into a single method call. - -Also see http://rack.github.com/." -rainbow,2.0.0,MIT,Colorize printed text on ANSI terminals,Colorize printed text on ANSI terminals -rake,10.3.2,MIT,Rake is a Make-like program implemented in Ruby,"Rake is a Make-like program implemented in Ruby. Tasks and dependencies are -specified in standard Ruby syntax. - -Rake has the following features: - -* Rakefiles (rake's version of Makefiles) are completely defined in - standard Ruby syntax. No XML files to edit. No quirky Makefile - syntax to worry about (is that a tab or a space?) - -* Users can specify tasks with prerequisites. - -* Rake supports rule patterns to synthesize implicit tasks. - -* Flexible FileLists that act like arrays but know about manipulating - file names and paths. - -* A library of prepackaged tasks to make building rakefiles easier. For example, - tasks for building tarballs and publishing to FTP or SSH sites. (Formerly - tasks for building RDoc and Gems were included in rake but they're now - available in RDoc and RubyGems respectively.) - -* Supports parallel execution of tasks." -rb-fsevent,0.9.4,MIT,Very simple & usable FSEvents API,FSEvents API with Signals catching (without RubyCocoa) -rb-inotify,0.9.5,MIT,"A Ruby wrapper for Linux's inotify, using FFI","A Ruby wrapper for Linux's inotify, using FFI" -rest-client,1.6.7,MIT,"Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions.","A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework style of specifying actions: get, put, post, delete." -retryable,1.3.6,MIT,"Kernel#retryable, allow for retrying of code blocks.","Kernel#retryable, allow for retrying of code blocks." -ridley,4.1.0,Apache 2.0,A reliable Chef API client with a clean syntax,A reliable Chef API client with a clean syntax -rspec,3.1.0,MIT,rspec-3.1.0,BDD for Ruby -rspec-core,3.1.7,MIT,rspec-core-3.1.7,BDD for Ruby. RSpec runner and example groups. -rspec-expectations,3.1.2,MIT,rspec-expectations-3.1.2,"rspec-expectations provides a simple, readable API to express expected outcomes of a code example." -rspec-its,1.1.0,MIT,"Provides ""its"" method formally part of rspec-core",RSpec extension gem for attribute matching -rspec-mocks,3.1.3,MIT,rspec-mocks-3.1.3,"RSpec's 'test double' framework, with support for stubbing and mocking" -rspec-support,3.1.2,MIT,rspec-support-3.1.2,Support utilities for RSpec gems -rubocop,0.27.1,MIT,Automatic Ruby code style checking tool.,"Automatic Ruby code style checking tool. - Aims to enforce the community-driven Ruby Style Guide." -ruby-progressbar,1.7.0,MIT,Ruby/ProgressBar is a flexible text progress bar library for Ruby.,"Ruby/ProgressBar is an extremely flexible text progress bar library for Ruby. -The output can be customized with a flexible formatting system including: -percentage, bars of various formats, elapsed time and estimated time remaining." -rufus-lru,1.0.5,MIT,"A Hash with a max size, controlled by a LRU mechanism","LruHash class, a Hash with a max size, controlled by a LRU mechanism" -safe_yaml,1.0.4,MIT,SameYAML provides an alternative implementation of YAML.load suitable for accepting user input in Ruby applications.,Parse YAML safely -sawyer,0.5.5,MIT,Secret User Agent of HTTP,"" -semverse,1.2.1,Apache 2.0,An elegant library for representing and comparing SemVer versions and constraints,An elegant library for representing and comparing SemVer versions and constraints -sequel,4.16.0,MIT,The Database Toolkit for Ruby,The Database Toolkit for Ruby -serverspec,2.3.1,MIT,"RSpec tests for your servers configured by Puppet, Chef or anything else","RSpec tests for your servers configured by Puppet, Chef or anything else" -slop,3.6.0,MIT,Simple Lightweight Option Parsing,A simple DSL for gathering options and parsing the command line -solve,1.2.1,Apache 2.0,A Ruby version constraint solver implementing Semantic Versioning 2.0.0-rc.1,A Ruby version constraint solver -specinfra,2.5.0,MIT,Common layer for serverspec and itamae,Common layer for serverspec and itamae -sqlite3,1.3.10,New BSD,This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org),"This module allows Ruby programs to interface with the SQLite3 -database engine (http://www.sqlite.org). You must have the -SQLite engine installed in order to build this module. - -Note that this module is only compatible with SQLite 3.6.16 or newer." -systemu,2.6.4,ruby,systemu,"universal capture of stdout and stderr and handling of child process pid for windows, *nix, etc." -test-kitchen,1.2.1,Apache 2.0,Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms.,Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms. -thor,0.19.1,MIT,Thor is a toolkit for building powerful command-line interfaces.,Thor is a toolkit for building powerful command-line interfaces. -timers,4.0.1,MIT,"Schedule procs to run after a certain time, or at periodic intervals, using any API that accepts a timeout",Pure Ruby one-shot and periodic timers -treetop,1.5.3,MIT,A Ruby-based text parsing and interpretation DSL,"" -varia_model,0.4.0,Apache 2.0,A mixin to provide objects with magic attribute reading and writing,A mixin to provide objects with magic attribute reading and writing -wmi-lite,1.0.0,Apache 2.0,A lightweight utility library for accessing basic WMI (Windows Management Instrumentation) functionality on Windows,"A lightweight utility over win32ole for accessing basic WMI (Windows Management Instrumentation) functionality in the Microsoft Windows operating system. It has no runtime dependencies other than Ruby, so it can be used without concerns around dependency issues." -xml-simple,1.1.4,ruby,A simple API for XML processing.,"" -yajl-ruby,1.2.1,MIT,Ruby C bindings to the excellent Yajl JSON stream-based parser library.,"" diff --git a/cookbooks/redis/files/default/tests/minitest/client_test.rb b/cookbooks/redis/files/default/tests/minitest/client_test.rb deleted file mode 100644 index 8295e75..0000000 --- a/cookbooks/redis/files/default/tests/minitest/client_test.rb +++ /dev/null @@ -1,7 +0,0 @@ -require_relative "test_helper" - -describe_recipe "redis::client" do - it "installed the `redis-tools` package" do - package("redis-tools").must_be_installed - end -end diff --git a/cookbooks/redis/files/default/tests/minitest/default_test.rb b/cookbooks/redis/files/default/tests/minitest/default_test.rb deleted file mode 100644 index 7a8d743..0000000 --- a/cookbooks/redis/files/default/tests/minitest/default_test.rb +++ /dev/null @@ -1,19 +0,0 @@ -require_relative "test_helper" - -describe_recipe "redis::default" do - let(:apt_path) do - "/etc/apt/sources.list.d" - end - - it "set up an apt repository" do - repo = { - "debian" => { name: "dotdeb", content: "dotdeb" }, - "ubuntu" => { name: "chris-lea-redis-server", content: "chris-lea" } - }[node["platform"]] - - apt_file = "#{apt_path}/#{repo[:name]}.list" - - file(apt_file).must_exist - file(apt_file).must_include repo[:content] - end -end diff --git a/cookbooks/redis/files/default/tests/minitest/server_test.rb b/cookbooks/redis/files/default/tests/minitest/server_test.rb deleted file mode 100644 index d6a085b..0000000 --- a/cookbooks/redis/files/default/tests/minitest/server_test.rb +++ /dev/null @@ -1,48 +0,0 @@ -require_relative "test_helper" - -describe_recipe "redis::server" do - it "installed the `redis-server` package" do - package("redis-server").must_be_installed - end - - it "enabled the `redis-server` service" do - service("redis-server").must_be_enabled - end - - it "started the `redis-server` service" do - service("redis-server").must_be_running - end - - describe "data directory" do - let(:dir) do - directory node["redis"]["dir"] - end - - it { dir.must_exist } - it { dir.must_have :owner, "redis" } - it { dir.must_have :group, "redis" } - it { dir.must_have :mode, "750" } - end - - describe "redis.conf" do - let(:conf) do - file "/etc/redis/redis.conf" - end - - it { conf.must_exist } - it { conf.must_have :owner, "root" } - it { conf.must_have :group, "root" } - it { conf.must_have :mode, "644" } - end - - describe "`default` file" do - let(:default) do - file "/etc/default/redis-server" - end - - it { default.must_exist } - it { default.must_have :owner, "root" } - it { default.must_have :group, "root" } - it { default.must_have :mode, "644" } - end -end diff --git a/cookbooks/redis/files/default/tests/minitest/test_helper.rb b/cookbooks/redis/files/default/tests/minitest/test_helper.rb deleted file mode 100644 index 2b82ba7..0000000 --- a/cookbooks/redis/files/default/tests/minitest/test_helper.rb +++ /dev/null @@ -1,5 +0,0 @@ -require "minitest/spec" - -include MiniTest::Chef::Assertions -include MiniTest::Chef::Context -include MiniTest::Chef::Resources diff --git a/cookbooks/redis/metadata.json b/cookbooks/redis/metadata.json deleted file mode 100644 index 52f0342..0000000 --- a/cookbooks/redis/metadata.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "name": "redis", - "description": "Installs and configures Redis", - "long_description": "", - "maintainer": "Phil Cohen", - "maintainer_email": "github@phlippers.net", - "license": "MIT", - "platforms": { - "debian": ">= 0.0.0", - "ubuntu": ">= 0.0.0" - }, - "dependencies": { - "apt": ">= 0.0.0" - }, - "providing": { - - }, - "recipes": { - "redis::default": "Sets up ppa apt repository", - "redis::server": "Installs redis server", - "redis::client": "Installs redis client" - }, - "version": "0.5.6", - "source_url": "", - "issues_url": "", - "privacy": false, - "chef_versions": [ - - ], - "ohai_versions": [ - - ], - "gems": [ - - ], - "eager_load_libraries": true -} diff --git a/cookbooks/redis/metadata.rb b/cookbooks/redis/metadata.rb deleted file mode 100644 index d67a2c7..0000000 --- a/cookbooks/redis/metadata.rb +++ /dev/null @@ -1,15 +0,0 @@ -name "redis" -maintainer "Phil Cohen" -maintainer_email "github@phlippers.net" -license "MIT" -description "Installs and configures Redis" -version "0.5.6" - -recipe "redis::default", "Sets up ppa apt repository" -recipe "redis::server", "Installs redis server" -recipe "redis::client", "Installs redis client" - -supports "debian" -supports "ubuntu" - -depends "apt" diff --git a/cookbooks/redis/recipes/client.rb b/cookbooks/redis/recipes/client.rb deleted file mode 100644 index f80ac1e..0000000 --- a/cookbooks/redis/recipes/client.rb +++ /dev/null @@ -1,10 +0,0 @@ -# -# Cookbook Name:: redis -# Recipe:: client -# - -include_recipe "redis::default" - -package "redis-tools" do - action node["redis"]["auto_upgrade"] ? :upgrade : :install -end diff --git a/cookbooks/redis/recipes/default.rb b/cookbooks/redis/recipes/default.rb deleted file mode 100644 index 496ec29..0000000 --- a/cookbooks/redis/recipes/default.rb +++ /dev/null @@ -1,11 +0,0 @@ -# -# Cookbook Name:: redis -# Recipe:: default -# -apt_repository node["redis"]["apt_repository"] do - uri node["redis"]["apt_uri"] - distribution node["redis"]["apt_distribution"] - components node["redis"]["apt_components"] - keyserver node["redis"]["apt_keyserver"] - key node["redis"]["apt_key"] -end diff --git a/cookbooks/redis/recipes/server.rb b/cookbooks/redis/recipes/server.rb deleted file mode 100644 index 7d22d4b..0000000 --- a/cookbooks/redis/recipes/server.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Cookbook Name:: redis -# Recipe:: server -# - -include_recipe "redis::default" - -package "redis-server" do - action node["redis"]["auto_upgrade"] ? :upgrade : :install -end - -directory node["redis"]["dir"] do - owner "redis" - group "redis" - mode "0750" - recursive true -end - -service "redis-server" do - supports restart: true - action [:enable, :start] -end - -template "/etc/redis/redis.conf" do - source "redis.conf.erb" - owner "root" - group "root" - mode "0644" - notifies :restart, "service[redis-server]" -end - -template "/etc/default/redis-server" do - source "default_redis-server.erb" - owner "root" - group "root" - mode "0644" - notifies :restart, "service[redis-server]" -end diff --git a/cookbooks/redis/spec/client_spec.rb b/cookbooks/redis/spec/client_spec.rb deleted file mode 100644 index fda98a4..0000000 --- a/cookbooks/redis/spec/client_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe "redis::client" do - let(:chef_run) do - ChefSpec::SoloRunner.new.converge(described_recipe) - end - - it { expect(chef_run).to include_recipe("redis::default") } - - describe "package installation" do - describe "default action" do - it { expect(chef_run).to install_package("redis-tools") } - it { expect(chef_run).to_not upgrade_package("redis-tools") } - end - - describe "when `auto_upgrade` is `true`" do - let(:chef_run) do - ChefSpec::SoloRunner.new do |node| - node.set["redis"]["auto_upgrade"] = true - end.converge(described_recipe) - end - - it { expect(chef_run).to_not install_package("redis-tools") } - it { expect(chef_run).to upgrade_package("redis-tools") } - end - end -end diff --git a/cookbooks/redis/spec/default_spec.rb b/cookbooks/redis/spec/default_spec.rb deleted file mode 100644 index e228887..0000000 --- a/cookbooks/redis/spec/default_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require "spec_helper" - -describe "redis::default" do - let(:chef_run) do - ChefSpec::SoloRunner.new.converge(described_recipe) - end - - it { expect(chef_run).to add_apt_repository("chris-lea-redis-server") } - - # debian family setup - context "using debian platform" do - let(:chef_run) do - env_options = { platform: "debian", version: "6.0.5" } - ChefSpec::SoloRunner.new(env_options).converge(described_recipe) - end - - it { expect(chef_run).to add_apt_repository("dotdeb") } - end -end diff --git a/cookbooks/redis/spec/server_spec.rb b/cookbooks/redis/spec/server_spec.rb deleted file mode 100644 index 7e0dfd3..0000000 --- a/cookbooks/redis/spec/server_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -require "spec_helper" - -describe "redis::server" do - let(:chef_run) do - ChefSpec::SoloRunner.new.converge(described_recipe) - end - - it { expect(chef_run).to include_recipe("redis::default") } - - describe "package installation" do - describe "default action" do - it { expect(chef_run).to install_package("redis-server") } - it { expect(chef_run).to_not upgrade_package("redis-server") } - end - - describe "when `auto_upgrade` is `true`" do - let(:chef_run) do - ChefSpec::SoloRunner.new do |node| - node.set["redis"]["auto_upgrade"] = true - end.converge(described_recipe) - end - - it { expect(chef_run).to_not install_package("redis-server") } - it { expect(chef_run).to upgrade_package("redis-server") } - end - end - - it "creates the data directory" do - expect(chef_run).to create_directory("/var/lib/redis").with( - owner: "redis", - group: "redis", - mode: "0750", - recursive: true - ) - end - - it { expect(chef_run).to enable_service("redis-server") } - it { expect(chef_run).to start_service("redis-server") } - - it "creates `/etc/redis/redis.conf`" do - path = "/etc/redis/redis.conf" - - expect(chef_run).to create_template(path).with( - source: "redis.conf.erb", - owner: "root", - group: "root", - mode: "0644" - ) - - expect(chef_run.template(path)).to( - notify("service[redis-server]").to(:restart) - ) - end - - it "creates `/etc/default/redis-server`" do - path = "/etc/default/redis-server" - - expect(chef_run).to create_template(path).with( - source: "default_redis-server.erb", - owner: "root", - group: "root", - mode: "0644" - ) - - expect(chef_run.template(path)).to( - notify("service[redis-server]").to(:restart) - ) - end -end diff --git a/cookbooks/redis/spec/spec_helper.rb b/cookbooks/redis/spec/spec_helper.rb deleted file mode 100644 index 75a73c8..0000000 --- a/cookbooks/redis/spec/spec_helper.rb +++ /dev/null @@ -1,20 +0,0 @@ -begin - require "chefspec" - require "chefspec/berkshelf" -rescue LoadError - puts "Unable to run `chefspec`" - exit -end - -RSpec.configure do |config| - config.platform = "ubuntu" - config.version = "12.04" - config.log_level = :error - config.raise_errors_for_deprecations! -end - -def add_apt_repository(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:apt_repository, :add, resource_name) -end - -at_exit { ChefSpec::Coverage.report! } diff --git a/cookbooks/redis/templates/default/default_redis-server.erb b/cookbooks/redis/templates/default/default_redis-server.erb deleted file mode 100644 index 9a24ec7..0000000 --- a/cookbooks/redis/templates/default/default_redis-server.erb +++ /dev/null @@ -1,12 +0,0 @@ -# redis-server configure options - -# ULIMIT: Call ulimit -n with this argument prior to invoking Redis itself. -# This may be required for high-concurrency environments. Redis itself cannot -# alter its limits as it is not being run as root. (default: do not call -# ulimit) -# -<% if node["redis"]["ulimit"] && !node["redis"]["ulimit"].empty? %> -ULIMIT=<%= node["redis"]["ulimit"] %> -<% else %> -# ULIMIT=65536 -<% end %> diff --git a/cookbooks/redis/templates/default/redis.conf.erb b/cookbooks/redis/templates/default/redis.conf.erb deleted file mode 100644 index 474e881..0000000 --- a/cookbooks/redis/templates/default/redis.conf.erb +++ /dev/null @@ -1,556 +0,0 @@ -# Redis configuration file example - -# Note on units: when memory size is needed, it is possible to specifiy -# it in the usual form of 1k 5GB 4M and so forth: -# -# 1k => 1000 bytes -# 1kb => 1024 bytes -# 1m => 1000000 bytes -# 1mb => 1024*1024 bytes -# 1g => 1000000000 bytes -# 1gb => 1024*1024*1024 bytes -# -# units are case insensitive so 1GB 1Gb 1gB are all the same. - -# By default Redis does not run as a daemon. Use 'yes' if you need it. -# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize <%= node["redis"]["daemonize"] %> - -# When running daemonized, Redis writes a pid file in /var/run/redis.pid by -# default. You can specify a custom pid file location here. -pidfile <%= node["redis"]["pidfile"] %> - -# Accept connections on the specified port, default is 6379. -# If port 0 is specified Redis will not listen on a TCP socket. -port <%= node["redis"]["port"] %> - -# If you want you can bind a single interface, if the bind option is not -# specified all the interfaces will listen for incoming connections. -# -<% unless node["redis"]["bind"].empty? %> -bind <%= node["redis"]["bind"] %> -<% end %> - -# Specify the path for the unix socket that will be used to listen for -# incoming connections. There is no default, so Redis will not listen -# on a unix socket when not specified. -# -<% unless node["redis"]["unixsocket"].empty? %> -unixsocket <%= node["redis"]["unixsocket"] %> -unixsocketperm <%= node["redis"]["unixsocketperm"] %> -<% end %> - -# Close the connection after a client is idle for N seconds (0 to disable) -timeout <%= node["redis"]["timeout"] %> - -# Set server verbosity to 'debug' -# it can be one of: -# debug (a lot of information, useful for development/testing) -# verbose (many rarely useful info, but not a mess like the debug level) -# notice (moderately verbose, what you want in production probably) -# warning (only very important / critical messages are logged) -loglevel <%= node["redis"]["loglevel"] %> - -# Specify the log file name. Also 'stdout' can be used to force -# Redis to log on the standard output. Note that if you use standard -# output for logging but daemonize, logs will be sent to /dev/null -logfile <%= node["redis"]["logfile"] %> - -# To enable logging to the system logger, just set 'syslog-enabled' to yes, -# and optionally update the other syslog parameters to suit your needs. -syslog-enabled <%= node["redis"]["syslog_enabled"] %> - -<% if node["redis"]["syslog_enabled"] == "yes" %> -# Specify the syslog identity. -syslog-ident <%= node["redis"]["syslog_ident"] %> - -# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. -syslog-facility <%= node["redis"]["syslog_facility"] %> -<% end %> - -# Set the number of databases. The default database is DB 0, you can select -# a different one on a per-connection basis using SELECT where -# dbid is a number between 0 and 'databases'-1 -databases <%= node["redis"]["databases"] %> - -################################ SNAPSHOTTING ################################# -# -# Save the DB on disk: -# -# save -# -# Will save the DB if both the given number of seconds and the given -# number of write operations against the DB occurred. -# -# In the example below the behaviour will be to save: -# after 900 sec (15 min) if at least 1 key changed -# after 300 sec (5 min) if at least 10 keys changed -# after 60 sec if at least 10000 keys changed -# -# Note: you can disable saving at all commenting all the "save" lines. -# -# It is also possible to remove all the previously configured save -# points by adding a save directive with a single empty string argument -# like in the following example: -# -# save "" - -<% node["redis"]["snapshots"].each do |interval, keys| %> -save <%= "#{interval} #{keys}" %> -<% end %> - -# By default Redis will stop accepting writes if RDB snapshots are enabled -# (at least one save point) and the latest background save failed. -# This will make the user aware (in an hard way) that data is not persisting -# on disk properly, otherwise chances are that no one will notice and some -# distater will happen. -# -# If the background saving process will start working again Redis will -# automatically allow writes again. -# -# However if you have setup your proper monitoring of the Redis server -# and persistence, you may want to disable this feature so that Redis will -# continue to work as usually even if there are problems with disk, -# permissions, and so forth. -stop-writes-on-bgsave-error <%= node["redis"]["stop_writes_on_bgsave_error"] %> - -# Compress string objects using LZF when dump .rdb databases? -# For default that's set to 'yes' as it's almost always a win. -# If you want to save some CPU in the saving child set it to 'no' but -# the dataset will likely be bigger if you have compressible values or keys. -rdbcompression <%= node["redis"]["rdbcompression"] %> - -# Since verison 5 of RDB a CRC64 checksum is placed at the end of the file. -# This makes the format more resistant to corruption but there is a performance -# hit to pay (around 10%) when saving and loading RDB files, so you can disable it -# for maximum performances. -# -# RDB files created with checksum disabled have a checksum of zero that will -# tell the loading code to skip the check. -rdbchecksum <%= node["redis"]["rdbchecksum"] %> - -# The filename where to dump the DB -dbfilename <%= node["redis"]["dbfilename"] %> - -# The working directory. -# -# The DB will be written inside this directory, with the filename specified -# above using the 'dbfilename' configuration directive. -# -# Also the Append Only File will be created inside this directory. -# -# Note that you must specify a directory here, not a file name. -dir <%= node["redis"]["dir"] %> - -################################# REPLICATION ################################# - -# Master-Slave replication. Use slaveof to make a Redis instance a copy of -# another Redis server. Note that the configuration is local to the slave -# so for example it is possible to configure the slave to save the DB with a -# different interval, or to listen to another port, and so on. -# -# slaveof -<% if node["redis"]["slaveof"] && !node["redis"]["slaveof"].empty? %> -slaveof <%= node["redis"]["slaveof"] %> -<% end %> - -# If the master is password protected (using the "requirepass" configuration -# directive below) it is possible to tell the slave to authenticate before -# starting the replication synchronization process, otherwise the master will -# refuse the slave request. -# -# masterauth -<% if node["redis"]["masterauth"] && !node["redis"]["masterauth"].empty? %> -masterauth <%= node["redis"]["masterauth"] %> -<% end %> - -# When a slave lost the connection with the master, or when the replication -# is still in progress, the slave can act in two different ways: -# -# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will -# still reply to client requests, possibly with out of data data, or the -# data set may just be empty if this is the first synchronization. -# -# 2) if slave-serve-stale data is set to 'no' the slave will reply with -# an error "SYNC with master in progress" to all the kind of commands -# but to INFO and SLAVEOF. -# -slave-serve-stale-data <%= node["redis"]["slave_serve_stale_data"] %> - -# You can configure a slave instance to accept writes or not. Writing against -# a slave instance may be useful to store some ephemeral data (because data -# written on a slave will be easily deleted after resync with the master) but -# may also cause problems if clients are writing to it because of a -# misconfiguration. -# -# Since Redis 2.6 by default slaves are read-only. -# -# Note: read only slaves are not designed to be exposed to untrusted clients -# on the internet. It's just a protection layer against misuse of the instance. -# Still a read only slave exports by default all the administrative commands -# such as CONFIG, DEBUG, and so forth. To a limited extend you can improve -# security of read only slaves using 'rename-command' to shadow all the -# administrative / dangerous commands. -slave-read-only <%= node["redis"]["slave_read_only"] %> - -# Slaves send PINGs to server in a predefined interval. It's possible to change -# this interval with the repl_ping_slave_period option. The default value is 10 -# seconds. -# -repl-ping-slave-period <%= node["redis"]["repl_ping_slave_period"] %> - -# The following option sets a timeout for both Bulk transfer I/O timeout and -# master data or ping response timeout. The default value is 60 seconds. -# -# It is important to make sure that this value is greater than the value -# specified for repl-ping-slave-period otherwise a timeout will be detected -# every time there is low traffic between the master and the slave. -# -repl-timeout <%= node["redis"]["repl_timeout"] %> - -# The slave priority is an integer number published by Redis in the INFO output. -# It is used by Redis Sentinel in order to select a slave to promote into a -# master if the master is no longer working correctly. -# -# A slave with a low priority number is considered better for promotion, so -# for instance if there are three slaves with priority 10, 100, 25 Sentinel will -# pick the one wtih priority 10, that is the lowest. -# -# However a special priority of 0 marks the slave as not able to perform the -# role of master, so a slave with priority of 0 will never be selected by -# Redis Sentinel for promotion. -# -# By default the priority is 100. -slave-priority <%= node["redis"]["slave_priority"] %> - -################################## SECURITY ################################### - -# Require clients to issue AUTH before processing any other -# commands. This might be useful in environments in which you do not trust -# others with access to the host running redis-server. -# -# This should stay commented out for backward compatibility and because most -# people do not need auth (e.g. they run their own servers). -# -# Warning: since Redis is pretty fast an outside user can try up to -# 150k passwords per second against a good box. This means that you should -# use a very strong password otherwise it will be very easy to break. -# -# requirepass foobared -<% if node["redis"]["requirepass"] && !node["redis"]["requirepass"].empty? %> -requirepass <%= node["redis"]["requirepass"] %> -<% end %> - -# Command renaming. -# -# It is possilbe to change the name of dangerous commands in a shared -# environment. For instance the CONFIG command may be renamed into something -# of hard to guess so that it will be still available for internal-use -# tools but not available for general clients. -# -# Example: -# -# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 -# -# It is also possilbe to completely kill a command renaming it into -# an empty string: -# -# rename-command CONFIG "" -<% node["redis"]["rename_commands"].each do |command| %> -rename-command <%= command %> -<% end %> - -################################### LIMITS #################################### - -# Set the max number of connected clients at the same time. By default there -# is no limit, and it's up to the number of file descriptors the Redis process -# is able to open. The special value '0' means no limits. -# Once the limit is reached Redis will close all the new connections sending -# an error 'max number of clients reached'. -# -maxclients <%= node["redis"]["maxclients"] %> - -# Don't use more memory than the specified amount of bytes. -# When the memory limit is reached Redis will try to remove keys -# accordingly to the eviction policy selected (see maxmemmory-policy). -# -# If Redis can't remove keys according to the policy, or if the policy is -# set to 'noeviction', Redis will start to reply with errors to commands -# that would use more memory, like SET, LPUSH, and so on, and will continue -# to reply to read-only commands like GET. -# -# This option is usually useful when using Redis as an LRU cache, or to set -# an hard memory limit for an instance (using the 'noeviction' policy). -# -# WARNING: If you have slaves attached to an instance with maxmemory on, -# the size of the output buffers needed to feed the slaves are subtracted -# from the used memory count, so that network problems / resyncs will -# not trigger a loop where keys are evicted, and in turn the output -# buffer of slaves is full with DELs of keys evicted triggering the deletion -# of more keys, and so forth until the database is completely emptied. -# -# In short... if you have slaves attached it is suggested that you set a lower -# limit for maxmemory so that there is some free RAM on the system for slave -# output buffers (but this is not needed if the policy is 'noeviction'). -# -maxmemory <%= node["redis"]["maxmemory"] %> - -# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory -# is reached? You can select among five behavior: -# -# volatile-lru -> remove the key with an expire set using an LRU algorithm -# allkeys-lru -> remove any key accordingly to the LRU algorithm -# volatile-random -> remove a random key with an expire set -# allkeys->random -> remove a random key, any key -# volatile-ttl -> remove the key with the nearest expire time (minor TTL) -# noeviction -> don't expire at all, just return an error on write operations -# -# Note: with all the kind of policies, Redis will return an error on write -# operations, when there are not suitable keys for eviction. -# -# At the date of writing this commands are: set setnx setex append -# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd -# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby -# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby -# getset mset msetnx exec sort -# -# The default is: -# -# maxmemory-policy volatile-lru -maxmemory-policy <%= node["redis"]["maxmemory_policy"] %> - -# LRU and minimal TTL algorithms are not precise algorithms but approximated -# algorithms (in order to save memory), so you can select as well the sample -# size to check. For instance for default Redis will check three keys and -# pick the one that was used less recently, you can change the sample size -# using the following configuration directive. -# -# maxmemory-samples 3 -maxmemory-samples <%= node["redis"]["maxmemory_samples"] %> - -############################## APPEND ONLY MODE ############################### - -# By default Redis asynchronously dumps the dataset on disk. If you can live -# with the idea that the latest records will be lost if something like a crash -# happens this is the preferred way to run Redis. If instead you care a lot -# about your data and don't want to that a single record can get lost you should -# enable the append only mode: when this mode is enabled Redis will append -# every write operation received in the file appendonly.aof. This file will -# be read on startup in order to rebuild the full dataset in memory. -# -# Note that you can have both the async dumps and the append only file if you -# like (you have to comment the "save" statements above to disable the dumps). -# Still if append only mode is enabled Redis will load the data from the -# log file at startup ignoring the dump.rdb file. -# -# IMPORTANT: Check the BGREWRITEAOF to check how to rewrite the append -# log file in background when it gets too big. - -appendonly <%= node["redis"]["appendonly"] %> - -# The name of the append only file (default: "appendonly.aof") -appendfilename <%= node["redis"]["appendfilename"] %> - -# The fsync() call tells the Operating System to actually write data on disk -# instead to wait for more data in the output buffer. Some OS will really flush -# data on disk, some other OS will just try to do it ASAP. -# -# Redis supports three different modes: -# -# no: don't fsync, just let the OS flush the data when it wants. Faster. -# always: fsync after every write to the append only log . Slow, Safest. -# everysec: fsync only if one second passed since the last fsync. Compromise. -# -# The default is "everysec" that's usually the right compromise between -# speed and data safety. It's up to you to understand if you can relax this to -# "no" that will will let the operating system flush the output buffer when -# it wants, for better performances (but if you can live with the idea of -# some data loss consider the default persistence mode that's snapshotting), -# or on the contrary, use "always" that's very slow but a bit safer than -# everysec. -# -# If unsure, use "everysec". - -# appendfsync always -appendfsync <%= node["redis"]["appendfsync"] %> -# appendfsync no - -# When the AOF fsync policy is set to always or everysec, and a background -# saving process (a background save or AOF log background rewriting) is -# performing a lot of I/O against the disk, in some Linux configurations -# Redis may block too long on the fsync() call. Note that there is no fix for -# this currently, as even performing fsync in a different thread will block -# our synchronous write(2) call. -# -# In order to mitigate this problem it's possible to use the following option -# that will prevent fsync() from being called in the main process while a -# BGSAVE or BGREWRITEAOF is in progress. -# -# This means that while another child is saving the durability of Redis is -# the same as "appendfsync none", that in pratical terms means that it is -# possible to lost up to 30 seconds of log in the worst scenario (with the -# default Linux settings). -# -# If you have latency problems turn this to "yes". Otherwise leave it as -# "no" that is the safest pick from the point of view of durability. -no-appendfsync-on-rewrite <%= node["redis"]["no_appendfsync_on_rewrite"] %> - -# Automatic rewrite of the append only file. -# Redis is able to automatically rewrite the log file implicitly calling -# BGREWRITEAOF when the AOF log size will growth by the specified percentage. -# -# This is how it works: Redis remembers the size of the AOF file after the -# latest rewrite (or if no rewrite happened since the restart, the size of -# the AOF at startup is used). -# -# This base size is compared to the current size. If the current size is -# bigger than the specified percentage, the rewrite is triggered. Also -# you need to specify a minimal size for the AOF file to be rewritten, this -# is useful to avoid rewriting the AOF file even if the percentage increase -# is reached but it is still pretty small. -# -# Specify a precentage of zero in order to disable the automatic AOF -# rewrite feature. - -auto-aof-rewrite-percentage <%= node["redis"]["auto_aof_rewrite_percentage"] %> -auto-aof-rewrite-min-size <%= node["redis"]["auto_aof_rewrite_min_size"] %> - -################################ LUA SCRIPTING ############################### - -# Max execution time of a Lua script in milliseconds. -# -# If the maximum execution time is reached Redis will log that a script is -# still in execution after the maximum allowed time and will start to -# reply to queries with an error. -# -# When a long running script exceed the maximum execution time only the -# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be -# used to stop a script that did not yet called write commands. The second -# is the only way to shut down the server in the case a write commands was -# already issue by the script but the user don't want to wait for the natural -# termination of the script. -# -# Set it to 0 or a negative value for unlimited execution without warnings. -lua-time-limit <%= node["redis"]["lua_time_limit"] %> - -################################## SLOW LOG ################################### - -# The Redis Slow Log is a system to log queries that exceeded a specified -# execution time. The execution time does not include the I/O operations -# like talking with the client, sending the reply and so forth, -# but just the time needed to actually execute the command (this is the only -# stage of command execution where the thread is blocked and can not serve -# other requests in the meantime). -# -# You can configure the slow log with two parameters: one tells Redis -# what is the execution time, in microseconds, to exceed in order for the -# command to get logged, and the other parameter is the length of the -# slow log. When a new command is logged the oldest one is removed from the -# queue of logged commands. - -# The following time is expressed in microseconds, so 1000000 is equivalent -# to one second. Note that a negative number disables the slow log, while -# a value of zero forces the logging of every command. -slowlog-log-slower-than <%= node["redis"]["slowlog_log_slower_than"] %> - -# There is no limit to this length. Just be aware that it will consume memory. -# You can reclaim memory used by the slow log with SLOWLOG RESET. -slowlog-max-len <%= node["redis"]["slowlog_max_len"] %> - - -############################### ADVANCED CONFIG ############################### - -# Hashes are encoded using a memory efficient data structure when they have a -# small number of entries, and the biggest entry does not exceed a given -# threshold. These thresholds can be configured using the following directives. -hash-max-ziplist-entries <%= node["redis"]["hash_max_ziplist_entries"] %> -hash-max-ziplist-value <%= node["redis"]["hash_max_ziplist_value"] %> - -# Similarly to hashes, small lists are also encoded in a special way in order -# to save a lot of space. The special representation is only used when -# you are under the following limits: -list-max-ziplist-entries <%= node["redis"]["list_max_ziplist_entries"] %> -list-max-ziplist-value <%= node["redis"]["list_max_ziplist_value"] %> - -# Sets have a special encoding in just one case: when a set is composed -# of just strings that happens to be integers in radix 10 in the range -# of 64 bit signed integers. -# The following configuration setting sets the limit in the size of the -# set in order to use this special memory saving encoding. -set-max-intset-entries <%= node["redis"]["set_max_intset_entries"] %> - -# Similarly to hashes and lists, sorted sets are also specially encoded in -# order to save a lot of space. This encoding is only used when the length and -# elements of a sorted set are below the following limits: -zset-max-ziplist-entries <%= node["redis"]["zset_max_ziplist_entries"] %> -zset-max-ziplist-value <%= node["redis"]["zset_max_ziplist_value"] %> - -# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in -# order to help rehashing the main Redis hash table (the one mapping top-level -# keys to values). The hash table implementation redis uses (see dict.c) -# performs a lazy rehashing: the more operation you run into an hash table -# that is rhashing, the more rehashing "steps" are performed, so if the -# server is idle the rehashing is never complete and some more memory is used -# by the hash table. -# -# The default is to use this millisecond 10 times every second in order to -# active rehashing the main dictionaries, freeing memory when possible. -# -# If unsure: -# use "activerehashing no" if you have hard latency requirements and it is -# not a good thing in your environment that Redis can reply form time to time -# to queries with 2 milliseconds delay. -# -# use "activerehashing yes" if you don't have such hard requirements but -# want to free memory asap when possible. -activerehashing <%= node["redis"]["activerehashing"] %> - -# The client output buffer limits can be used to force disconnection of clients -# that are not reading data from the server fast enough for some reason (a -# common reason is that a Pub/Sub client can't consume messages as fast as the -# publisher can produce them). -# -# The limit can be set differently for the three different classes of clients: -# -# normal -> normal clients -# slave -> slave clients and MONITOR clients -# pubsub -> clients subcribed to at least one pubsub channel or pattern -# -# The syntax of every client-output-buffer-limit directive is the following: -# -# client-output-buffer-limit -# -# A client is immediately disconnected once the hard limit is reached, or if -# the soft limit is reached and remains reached for the specified number of -# seconds (continuously). -# So for instance if the hard limit is 32 megabytes and the soft limit is -# 16 megabytes / 10 seconds, the client will get disconnected immediately -# if the size of the output buffers reach 32 megabytes, but will also get -# disconnected if the client reaches 16 megabytes and continuously overcomes -# the limit for 10 seconds. -# -# By default normal clients are not limited because they don't receive data -# without asking (in a push way), but just after a request, so only -# asynchronous clients may create a scenario where data is requested faster -# than it can read. -# -# Instead there is a default limit for pubsub and slave clients, since -# subscribers and slaves receive data in a push fashion. -# -# Both the hard or the soft limit can be disabled just setting it to zero. -client-output-buffer-limit normal <%= node["redis"]["client_output_buffer_limit"]["normal"] %> -client-output-buffer-limit slave <%= node["redis"]["client_output_buffer_limit"]["slave"] %> -client-output-buffer-limit pubsub <%= node["redis"]["client_output_buffer_limit"]["pubsub"] %> - -################################## INCLUDES ################################### - -# Include one or more other config files here. This is useful if you -# have a standard template that goes to all redis server but also need -# to customize a few per-server settings. Include files can include -# other files, so use this wisely. -# -# include /path/to/local.conf -# include /path/to/other.conf -<% node["redis"]["include_config_files"].each do |file| %> -include <%= file %> -<% end %> diff --git a/cookbooks/redis/test/.chef/knife.rb b/cookbooks/redis/test/.chef/knife.rb deleted file mode 100644 index a0fd5a0..0000000 --- a/cookbooks/redis/test/.chef/knife.rb +++ /dev/null @@ -1,2 +0,0 @@ -cache_type "BasicFile" -cache_options(path: "#{ENV["HOME"]}/.chef/checksums") diff --git a/cookbooks/redis/test/integration/default/serverspec/default_spec.rb b/cookbooks/redis/test/integration/default/serverspec/default_spec.rb deleted file mode 100644 index 395eddf..0000000 --- a/cookbooks/redis/test/integration/default/serverspec/default_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require "serverspec" - -set :backend, :exec - -describe "Redis client installation" do - describe package("redis-tools") do - it { should be_installed } - end -end - -describe "Redis server installation" do - describe package("redis-server") do - it { should be_installed } - end - - describe file("/var/lib/redis") do - it { should be_a_directory } - it { should be_owned_by "redis" } - it { should be_grouped_into "redis" } - it { should be_mode 750 } - end - - describe service("redis-server") do - it { should be_enabled } - it { should be_running } - end - - describe file("/etc/redis/redis.conf") do - it { should be_a_file } - it { should be_owned_by "root" } - it { should be_grouped_into "root" } - it { should be_mode 644 } - end - - describe file("/etc/default/redis-server") do - it { should be_a_file } - it { should be_owned_by "root" } - it { should be_grouped_into "root" } - it { should be_mode 644 } - end -end diff --git a/cookbooks/redis/test/support/keys/README.md b/cookbooks/redis/test/support/keys/README.md deleted file mode 100644 index 47c0ccf..0000000 --- a/cookbooks/redis/test/support/keys/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# Insecure Keypair - -These keys are the "insecure" public/private keypair we offer to -[base box creators](http://docs.vagrantup.com/v1/docs/base_boxes.html) for use in their base boxes so that -vagrant installations can automatically SSH into the boxes. - -If you're working with a team or company or with a custom box and -you want more secure SSH, you should create your own keypair -and configure the private key in the Vagrantfile with -`config.ssh.private_key_path` - -# Putty - -If you are using Vagrant on windows, the .ppk file contained here, in the keys directory, -has been generated from the private key and should be used to connect Putty to any VMs that -are leveraging the default key pair. See [guide](http://docs.vagrantup.com/v1/docs/getting-started/ssh.html) -in the documentation for more details on using Putty with Vagrant. diff --git a/cookbooks/redis/test/support/keys/vagrant b/cookbooks/redis/test/support/keys/vagrant deleted file mode 100644 index 7d6a083..0000000 --- a/cookbooks/redis/test/support/keys/vagrant +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI -w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP -kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2 -hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO -Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW -yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd -ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1 -Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf -TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK -iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A -sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf -4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP -cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk -EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN -CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX -3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG -YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj -3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+ -dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz -6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC -P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF -llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ -kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH -+vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ -NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s= ------END RSA PRIVATE KEY----- diff --git a/cookbooks/redis/test/support/keys/vagrant.pub b/cookbooks/redis/test/support/keys/vagrant.pub deleted file mode 100644 index 18a9c00..0000000 --- a/cookbooks/redis/test/support/keys/vagrant.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key diff --git a/cookbooks/redis/test/support/rubocop/disabled.yml b/cookbooks/redis/test/support/rubocop/disabled.yml deleted file mode 100644 index b4fd70a..0000000 --- a/cookbooks/redis/test/support/rubocop/disabled.yml +++ /dev/null @@ -1,25 +0,0 @@ -Encoding: - Description: 'Use UTF-8 as the source file encoding.' - Enabled: false - -SymbolArray: - Description: 'Use %i or %I for arrays of symbols.' - Enabled: false - -##################### Rails ################################## - -DefaultScope: - Description: 'Checks if the argument passed to default_scope is a block.' - Enabled: false - -HasAndBelongsToMany: - Description: 'Prefer has_many :through to has_and_belongs_to_many.' - Enabled: false - -Output: - Description: 'Checks for calls to puts, print, etc.' - Enabled: false - -Validation: - Description: 'Use sexy validations.' - Enabled: false diff --git a/cookbooks/redis/test/support/rubocop/enabled.yml b/cookbooks/redis/test/support/rubocop/enabled.yml deleted file mode 100644 index df712be..0000000 --- a/cookbooks/redis/test/support/rubocop/enabled.yml +++ /dev/null @@ -1,652 +0,0 @@ -# These are all the cops that are enabled in the default configuration. - -AccessModifierIndentation: - Description: Check indentation of private/protected visibility modifiers. - Enabled: true - -AccessorMethodName: - Description: Check the naming of accessor methods for get_/set_. - Enabled: true - -Alias: - Description: 'Use alias_method instead of alias.' - Enabled: true - -AlignArray: - Description: >- - Align the elements of an array literal if they span more than - one line. - Enabled: true - -AlignHash: - Description: >- - Align the elements of a hash literal if they span more than - one line. - Enabled: true - -AlignParameters: - Description: >- - Align the parameters of a method call if they span more - than one line. - Enabled: true - -AndOr: - Description: 'Use &&/|| instead of and/or.' - Enabled: true - -AsciiComments: - Description: 'Use only ascii symbols in comments.' - Enabled: true - -AsciiIdentifiers: - Description: 'Use only ascii symbols in identifiers.' - Enabled: true - -Attr: - Description: 'Checks for uses of Module#attr.' - Enabled: true - -BeginBlock: - Description: 'Avoid the use of BEGIN blocks.' - Enabled: true - -BlockComments: - Description: 'Do not use block comments.' - Enabled: true - -BlockNesting: - Description: 'Avoid excessive block nesting' - Enabled: true - -Blocks: - Description: >- - Avoid using {...} for multi-line blocks (multiline chaining is - always ugly). - Prefer {...} over do...end for single-line blocks. - Enabled: true - -BracesAroundHashParameters: - Description: 'Enforce braces style inside hash parameters.' - Enabled: true - -CaseEquality: - Description: 'Avoid explicit use of the case equality operator(===).' - Enabled: true - -CaseIndentation: - Description: 'Indentation of when in a case/when/[else/]end.' - Enabled: true - -CharacterLiteral: - Description: 'Checks for uses of character literals.' - Enabled: true - -ClassAndModuleCamelCase: - Description: 'Use CamelCase for classes and modules.' - Enabled: true - -ClassLength: - Description: 'Avoid classes longer than 100 lines of code.' - Enabled: true - -ClassMethods: - Description: 'Use self when defining module/class methods.' - Enabled: true - -ClassVars: - Description: 'Avoid the use of class variables.' - Enabled: true - -CollectionMethods: - Description: 'Preferred collection methods.' - Enabled: true - -ColonMethodCall: - Description: 'Do not use :: for method call.' - Enabled: true - -CommentAnnotation: - Description: >- - Checks formatting of special comments - (TODO, FIXME, OPTIMIZE, HACK, REVIEW). - Enabled: true - -ConstantName: - Description: 'Constants should use SCREAMING_SNAKE_CASE.' - Enabled: true - -CyclomaticComplexity: - Description: 'Avoid complex methods.' - Enabled: true - -DefWithParentheses: - Description: 'Use def with parentheses when there are arguments.' - Enabled: true - -Documentation: - Description: 'Document classes and non-namespace modules.' - Enabled: true - -DotPosition: - Description: 'Checks the position of the dot in multi-line method calls.' - Enabled: true - -EmptyLineBetweenDefs: - Description: 'Use empty lines between defs.' - Enabled: true - -EmptyLines: - Description: "Don't use several empty lines in a row." - Enabled: true - -EmptyLinesAroundAccessModifier: - Description: "Keep blank lines around access modifiers." - Enabled: true - -EmptyLinesAroundBody: - Description: "Keeps track of empty lines around expression bodies." - Enabled: true - -EmptyLiteral: - Description: 'Prefer literals to Array.new/Hash.new/String.new.' - Enabled: true - -EndBlock: - Description: 'Avoid the use of END blocks.' - Enabled: true - -EndOfLine: - Description: 'Use Unix-style line endings.' - Enabled: true - -EvenOdd: - Description: 'Favor the use of Fixnum#even? && Fixnum#odd?' - Enabled: true - -FavorJoin: - Description: 'Use Array#join instead of Array#*.' - Enabled: true - -FavorUnlessOverNegatedIf: - Description: >- - Favor unless over if for negative conditions - (or control flow or). - Enabled: true - -FavorUntilOverNegatedWhile: - Description: 'Favor until over while for negative conditions.' - Enabled: true - -FileName: - Description: 'Use snake_case for source file names.' - Enabled: true - -FinalNewline: - Description: 'Checks for a final newline in a source file.' - Enabled: true - -FlipFlop: - Description: 'Checks for flip flops' - Enabled: true - -For: - Description: 'Checks use of for or each in multiline loops.' - Enabled: true - -FormatString: - Description: 'Enforce the use of Kernel#sprintf, Kernel#format or String#%.' - Enabled: true - -GlobalVars: - Description: 'Do not introduce global variables.' - Enabled: true - -HashMethods: - Description: 'Checks for use of deprecated Hash methods.' - Enabled: true - -HashSyntax: - Description: >- - Prefer Ruby 1.9 hash syntax { a: 1, b: 2 } over 1.8 syntax - { :a => 1, :b => 2 }. - Enabled: true - -IfUnlessModifier: - Description: >- - Favor modifier if/unless usage when you have a - single-line body. - Enabled: true - -IfWithSemicolon: - Description: 'Never use if x; .... Use the ternary operator instead.' - Enabled: true - -IndentationConsistency: - Description: 'Keep indentation straight.' - Enabled: true - -IndentationWidth: - Description: 'Use 2 spaces for indentation.' - Enabled: true - -IndentArray: - Description: >- - Checks the indentation of the first element in an array - literal. - Enabled: true - -IndentHash: - Description: 'Checks the indentation of the first key in a hash literal.' - Enabled: true - -Lambda: - Description: 'Use the new lambda literal syntax for single-line blocks.' - Enabled: true - -LambdaCall: - Description: 'Use lambda.call(...) instead of lambda.(...).' - Enabled: true - -LeadingCommentSpace: - Description: 'Comments should start with a space.' - Enabled: true - -LineEndConcatenation: - Description: 'Use \\ instead of + to concatenate two string literals at line end.' - Enabled: true - -LineLength: - Description: 'Limit lines to 79 characters.' - Enabled: true - -MethodCalledOnDoEndBlock: - Description: 'Avoid chaining a method call on a do...end block.' - Enabled: true - -MethodCallParentheses: - Description: 'Do not use parentheses for method calls with no arguments.' - Enabled: true - -MethodDefParentheses: - Description: >- - Checks if the method definitions have or don't have - parentheses. - Enabled: true - -MethodLength: - Description: 'Avoid methods longer than 10 lines of code.' - Enabled: true - -MethodName: - Description: 'Use the configured style when naming methods.' - Enabled: true - -ModuleFunction: - Description: 'Checks for usage of `extend self` in modules.' - Enabled: true - -MultilineBlockChain: - Description: 'Avoid multi-line chains of blocks.' - Enabled: true - -MultilineIfThen: - Description: 'Never use then for multi-line if/unless.' - Enabled: true - -MultilineTernaryOperator: - Description: >- - Avoid multi-line ?: (the ternary operator); - use if/unless instead. - Enabled: true - -NestedTernaryOperator: - Description: 'Use one expression per branch in a ternary operator.' - Enabled: true - -NilComparison: - Description: 'Prefer x.nil? to x == nil.' - Enabled: true - -Not: - Description: 'Use ! instead of not.' - Enabled: true - -NumericLiterals: - Description: >- - Add underscores to large numeric literals to improve their - readability. - Enabled: true - -OneLineConditional: - Description: >- - Favor the ternary operator(?:) over - if/then/else/end constructs. - Enabled: true - -OpMethod: - Description: 'When defining binary operators, name the argument other.' - Enabled: true - -ParameterLists: - Description: 'Avoid parameter lists longer than three or four parameters.' - Enabled: true - -ParenthesesAroundCondition: - Description: >- - Don't use parentheses around the condition of an - if/unless/while. - Enabled: true - -PerlBackrefs: - Description: 'Avoid Perl-style regex back references.' - Enabled: true - -PredicateName: - Description: 'Check the names of predicate methods.' - Enabled: true - -Proc: - Description: 'Use proc instead of Proc.new.' - Enabled: true - -RaiseArgs: - Description: 'Checks the arguments passed to raise/fail.' - Enabled: true - -RedundantBegin: - Description: "Don't use begin blocks when they are not needed." - Enabled: true - -RedundantException: - Description: "Checks for an obsolete RuntimeException argument in raise/fail." - Enabled: true - -RedundantReturn: - Description: "Don't use return where it's not required." - Enabled: true - -RedundantSelf: - Description: "Don't use self where it's not needed." - Enabled: true - -RegexpLiteral: - Description: >- - Use %r for regular expressions matching more than - `MaxSlashes` '/' characters. - Use %r only for regular expressions matching more than - `MaxSlashes` '/' character. - Enabled: true - -RescueModifier: - Description: 'Avoid using rescue in its modifier form.' - Enabled: true - -Semicolon: - Description: "Don't use semicolons to terminate expressions." - Enabled: true - -SignalException: - Description: 'Checks for proper usage of fail and raise.' - Enabled: true - -SingleLineBlockParams: - Description: 'Enforces the names of some block params.' - Enabled: true - -SingleLineMethods: - Description: 'Avoid single-line methods.' - Enabled: true - -SpaceAfterColon: - Description: 'Use spaces after colons.' - Enabled: true - -SpaceAfterComma: - Description: 'Use spaces after commas.' - Enabled: true - -SpaceAfterControlKeyword: - Description: 'Use spaces after if/elsif/unless/while/until/case/when.' - Enabled: true - -SpaceAfterMethodName: - Description: >- - Never put a space between a method name and the opening - parenthesis. - Enabled: true - -SpaceAfterNot: - Description: Tracks redundant space after the ! operator. - Enabled: true - -SpaceAfterSemicolon: - Description: 'Use spaces after semicolons.' - Enabled: true - -SpaceAroundBlockBraces: - Description: >- - Checks that block braces have or don't have surrounding space. - For blocks taking parameters, checks that the left brace has - or doesn't have trailing space. - Enabled: true - -SpaceAroundEqualsInParameterDefault: - Description: >- - Use spaces around the = operator when assigning default - values in def params. - Enabled: true - -SpaceAroundOperators: - Description: 'Use spaces around operators.' - Enabled: true - -SpaceBeforeModifierKeyword: - Description: 'Put a space before the modifier keyword.' - Enabled: true - -SpaceInsideBrackets: - Description: 'No spaces after [ or before ].' - Enabled: true - -SpaceInsideHashLiteralBraces: - Description: "Use spaces inside hash literal braces - or don't." - Enabled: true - -SpaceInsideParens: - Description: 'No spaces after ( or before ).' - Enabled: true - -SpecialGlobalVars: - Description: 'Avoid Perl-style global variables.' - Enabled: true - -StringLiterals: - Description: 'Checks if uses of quotes match the configured preference.' - Enabled: true - -Tab: - Description: 'No hard tabs.' - Enabled: true - -TrailingBlankLines: - Description: 'Checks for superfluous trailing blank lines.' - Enabled: true - -TrailingComma: - Description: 'Checks for trailing comma in parameter lists and literals.' - Enabled: true - -TrailingWhitespace: - Description: 'Avoid trailing whitespace.' - Enabled: true - -TrivialAccessors: - Description: 'Prefer attr_* methods to trivial readers/writers.' - Enabled: true - -UnlessElse: - Description: >- - Never use unless with else. Rewrite these with the positive - case first. - Enabled: true - -VariableInterpolation: - Description: >- - Don't interpolate global, instance and class variables - directly in strings. - Enabled: true - -VariableName: - Description: 'Use the configured style when naming variables.' - Enabled: true - -WhenThen: - Description: 'Use when x then ... for one-line cases.' - Enabled: true - -WhileUntilDo: - Description: 'Checks for redundant do after while or until.' - Enabled: true - -WhileUntilModifier: - Description: >- - Favor modifier while/until usage when you have a - single-line body. - Enabled: true - -WordArray: - Description: 'Use %w or %W for arrays of words.' - Enabled: true - -#################### Lint ################################ -### Warnings - -AmbiguousOperator: - Description: >- - Checks for ambiguous operators in the first argument of a - method invocation without parentheses. - Enabled: true - -AmbiguousRegexpLiteral: - Description: >- - Checks for ambiguous regexp literals in the first argument of - a method invocation without parenthesis. - Enabled: true - -AssignmentInCondition: - Description: "Don't use assignment in conditions." - Enabled: true - -BlockAlignment: - Description: 'Align block ends correctly.' - Enabled: true - -ConditionPosition: - Description: 'Checks for condition placed in a confusing position relative to the keyword.' - Enabled: true - -Debugger: - Description: 'Check for debugger calls.' - Enabled: true - -DeprecatedClassMethods: - Description: 'Check for deprecated class method calls.' - Enabled: true - -ElseLayout: - Description: 'Check for odd code arrangement in an else block.' - Enabled: true - -EmptyEnsure: - Description: 'Checks for empty ensure block.' - Enabled: true - -EndAlignment: - Description: 'Align ends correctly.' - Enabled: true - -EndInMethod: - Description: 'END blocks should not be placed inside method definitions.' - Enabled: true - -EnsureReturn: - Description: 'Never use return in an ensure block.' - Enabled: true - -Eval: - Description: 'The use of eval represents a serious security risk.' - Enabled: true - -HandleExceptions: - Description: "Don't suppress exception." - Enabled: true - -InvalidCharacterLiteral: - Description: >- - Checks for invalid character literals with a non-escaped - whitespace character. - Enabled: true - -LiteralInCondition: - Description: 'Checks of literals used in conditions.' - Enabled: true - -LiteralInInterpolation: - Description: 'Checks for literals used in interpolation.' - Enabled: true - -Loop: - Description: >- - Use Kernel#loop with break rather than begin/end/until or - begin/end/while for post-loop tests. - Enabled: true - -ParenthesesAsGroupedExpression: - Description: >- - Checks for method calls with a space before the opening - parenthesis. - Enabled: true - -RequireParentheses: - Description: >- - Use parentheses in the method call to avoid confusion - about precedence. - Enabled: true - -RescueException: - Description: 'Avoid rescuing the Exception class.' - Enabled: true - -ShadowingOuterLocalVariable: - Description: >- - Do not use the same name as outer local variable - for block arguments or block local variables. - Enabled: true - -StringConversionInInterpolation: - Description: 'Checks for Object#to_s usage in string interpolation.' - Enabled: true - -UnreachableCode: - Description: 'Unreachable code.' - Enabled: true - -UselessAssignment: - Description: 'Checks for useless assignment to a local variable.' - Enabled: true - -UselessComparison: - Description: 'Checks for comparison of something with itself.' - Enabled: true - -UselessElseWithoutRescue: - Description: 'Checks for useless `else` in `begin..end` without `rescue`.' - Enabled: true - -UselessSetterCall: - Description: 'Checks for useless setter call to a local variable.' - Enabled: true - -Void: - Description: 'Possible use of operator/literal/variable in void context.' - Enabled: true diff --git a/cookbooks/redisio/.markdownlint-cli2.yaml b/cookbooks/redisio/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/redisio/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/redisio/CHANGELOG.md b/cookbooks/redisio/CHANGELOG.md index 1f520e7..0ff092a 100644 --- a/cookbooks/redisio/CHANGELOG.md +++ b/cookbooks/redisio/CHANGELOG.md @@ -1,9 +1,106 @@ # redisio +This file is used to list changes made in each version of the redisio cookbook. + +## 6.4.1 - *2023-05-16* + +## 6.4.0 - *2023-04-26* + +- Simplify `configure` and `sentinel` resources, making them idempotent + +## 6.3.7 - *2023-04-25* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.6 - *2023-04-04* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.5 - *2023-04-01* + +- Update workflows + +## 6.3.5 - *2023-04-01* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.5 - *2023-04-01* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.4 - *2023-03-15* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.3 - *2023-02-15* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.2 - *2023-02-14* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.1 - *2022-12-06* + +- Standardise files with files in sous-chefs/repo-management + +## 6.3.0 - *2022-09-10* + +- Version check fix for some Redis default settings to support Redis v4 and above. + +## 6.2.4 - *2022-08-13* + +- Fix systemd entry to ensure listening on all network interfaces ([#440](https://github.com/brianbianco/redisio/pull/440)) + +## 6.2.3 - *2022-08-12* + +- Fix grammar in README.md +- Use latest instead of current channel with dokken + +## 6.2.2 - *2022-04-25* + +- Standardise files with files in sous-chefs/repo-management + +## 6.2.1 - *2022-04-25* + +- Fixes configdir permissions. Similar to [451](https://github.com/sous-chefs/redisio/pull/451) +- Deprecated `.foodcritic` configfile removed + +## 6.2.0 - *2022-02-14* + +- Adds support for Rocky Linux + +## 6.1.3 - *2022-02-04* + +- Remove references to selinux_policy cookbook + +## 6.1.2 - *2022-02-03* + +- Fixes configdir permissions preventing Sentinel to update the config file + +## 6.1.1 - *2022-02-03* + +- Remove delivery and move to calling RSpec directly via a reusable workflow + +## 6.1.0 - *2021-09-15* + +- Add protected mode to sentinel configuration file + +## 6.0.0 - *2021-09-09* + +- Set unified_mode true for Chef 17+ support +- Require Chef 15.3+ for unified_mode +- Require Chef 16 for user_ulimit resource +- Remove dependency on the ulimit cookbook +- Switch from using the selinux_policy cookbook to the selinux cookbook + - The selinux_policy cookbook is now deprecated. The resources have been moved + to the selinux cookbook + ## 5.0.0 - *2021-09-08* - resolved cookstyle error: attributes/default.rb:74:40 refactor: `Chef/Modernize/UseChefLanguageSystemdHelper` + ## 4.3.2 - *2021-08-30* - Standardise files with files in sous-chefs/repo-management diff --git a/cookbooks/redisio/README.md b/cookbooks/redisio/README.md index 9b75a76..ebf4739 100644 --- a/cookbooks/redisio/README.md +++ b/cookbooks/redisio/README.md @@ -49,7 +49,7 @@ Tested on: The redisio cookbook contains LWRP for installing, configuring and managing redis and redis_sentinel. -The install recipe can build, compile and install redis from sources or install from packages. The configure recipe will configure redis and setup service resources. These resources will be named for the port of the redis server, unless a "name" attribute was specified. Example names would be: service["redis6379"] or service["redismaster"] if the name attribute was "master". +The install recipe can build, compile and install redis from sources or install from packages. The configure recipe will configure redis and set up service resources. These resources will be named for the port of the redis server, unless a "name" attribute was specified. Example names would be: service["redis6379"] or service["redismaster"] if the name attribute was "master". _NOTE: currently installation from source is not supported for FreeBSD_ The most common use case for the redisio cookbook is to use the default recipe, followed by the enable recipe. @@ -81,7 +81,7 @@ Redis-sentinel will write configuration and state data back into its configurati ### Role File Examples -#### Install redis and setup an instance with default settings on default port, and start the service through a role file +#### Install redis and set up an instance with default settings on default port, and start the service through a role file ```ruby run_list *%w[ @@ -92,7 +92,7 @@ run_list *%w[ default_attributes({}) ``` -##### Install redis with packages and setup an instance with default settings on default port, and start the service through a role file +##### Install redis with packages and set up an instance with default settings on default port, and start the service through a role file ```ruby run_list *%w[ @@ -151,7 +151,7 @@ default_attributes({ } ``` -##### Install redis and setup two instances on the same server, on different ports, with one slaved to the other through a role file +##### Install redis and set up two instances on the same server, on different ports, with one slaved to the other through a role file ```ruby run_list *%w[ @@ -169,7 +169,7 @@ default_attributes({ }) ``` -##### Install redis and setup two instances, on the same server, on different ports, with the default data directory changed to /mnt/redis, and the second instance named +##### Install redis and set up two instances, on the same server, on different ports, with the default data directory changed to /mnt/redis, and the second instance named ```ruby run_list *%w[ @@ -185,7 +185,7 @@ default_attributes({ }) ``` -##### Install redis and setup three instances on the same server, changing the default data directory to /mnt/redis, each instance will use a different backup type, and one instance will use a different data dir +##### Install redis and set up three instances on the same server, changing the default data directory to /mnt/redis, each instance will use a different backup type, and one instance will use a different data dir ```ruby run_list *%w[ @@ -230,7 +230,7 @@ run_list *%w[ ] ``` -#### Install redis and setup two instances, on the same server, on different ports, the second instance configuration file will be overwriten by chef +#### Install redis and set up two instances, on the same server, on different ports, the second instance configuration file will be overwriten by chef ```ruby run_list *%w[ @@ -413,7 +413,8 @@ The sentinel recipe's use their own attribute file. 'logfile' => nil, 'syslogenabled' => 'yes', 'syslogfacility' => 'local0', -'quorum_count' => 2 +'quorum_count' => 2, +'protected-mode' => nil, ``` * `redisio['redisio']['sentinel']['manage_config']` - Should the cookbook manage the redis and redis sentinel config files. This is best set to false when using redis_sentinel as it will write state into both configuration files. diff --git a/cookbooks/redisio/attributes/default.rb b/cookbooks/redisio/attributes/default.rb index 65c1158..8c11c8e 100644 --- a/cookbooks/redisio/attributes/default.rb +++ b/cookbooks/redisio/attributes/default.rb @@ -2,12 +2,12 @@ package_bin_path = '/usr/bin' config_dir = '/etc/redis' default_package_install = false -case node['platform'] -when 'ubuntu', 'debian' +case node['platform_family'] +when 'debian' shell = '/bin/false' homedir = '/var/lib/redis' package_name = 'redis-server' -when 'centos', 'redhat', 'scientific', 'amazon', 'suse', 'fedora' +when 'rhel', 'fedora' shell = '/bin/sh' homedir = '/var/lib/redis' package_name = 'redis' @@ -162,3 +162,10 @@ default['redisio']['bin_path'] = if node['redisio']['package_install'] else '/usr/local/bin' end + +# Ulimit +default['ulimit']['pam_su_template_cookbook'] = nil +default['ulimit']['users'] = Mash.new +default['ulimit']['security_limits_directory'] = '/etc/security/limits.d' +default['ulimit']['ulimit_overriding_sudo_file_name'] = 'sudo' +default['ulimit']['ulimit_overriding_sudo_file_cookbook'] = nil diff --git a/cookbooks/redisio/attributes/redis_sentinel.rb b/cookbooks/redisio/attributes/redis_sentinel.rb index b515554..3d8469e 100644 --- a/cookbooks/redisio/attributes/redis_sentinel.rb +++ b/cookbooks/redisio/attributes/redis_sentinel.rb @@ -26,6 +26,7 @@ default['redisio']['sentinel_defaults'] = { 'announce-port' => nil, 'notification-script' => nil, 'client-reconfig-script' => nil, + 'protected_mode' => nil, } # Manage Sentinel Config File diff --git a/cookbooks/redisio/chefignore b/cookbooks/redisio/chefignore index cc170ea..a27b0b2 100644 --- a/cookbooks/redisio/chefignore +++ b/cookbooks/redisio/chefignore @@ -61,7 +61,7 @@ Dangerfile examples/* features/* Guardfile -kitchen.yml* +kitchen*.yml mlc_config.json Procfile Rakefile diff --git a/cookbooks/redisio/files/sudo b/cookbooks/redisio/files/sudo new file mode 100644 index 0000000..5e97689 --- /dev/null +++ b/cookbooks/redisio/files/sudo @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth required pam_env.so readenv=1 user_readenv=0 +auth required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0 +session required pam_limits.so +@include common-auth +@include common-account +@include common-session-noninteractive diff --git a/cookbooks/redisio/kitchen.dokken.yml b/cookbooks/redisio/kitchen.dokken.yml deleted file mode 100644 index 913c591..0000000 --- a/cookbooks/redisio/kitchen.dokken.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -driver: - name: dokken - privileged: true - chef_version: current - env: [CHEF_LICENSE=accept] - -transport: - name: dokken - -provisioner: - name: dokken - deprecations_as_errors: true - -verifier: - name: inspec - -platforms: - - name: centos-7 - driver: - image: dokken/centos-7 - pid_one_command: /usr/lib/systemd/systemd - run_list: - - recipe[yum-epel::default] - - recipe[yum-remi::default] - - - name: debian-9 - driver: - image: dokken/debian-9 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update - - - name: ubuntu-16.04 - driver: - image: dokken/ubuntu-16.04 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update - - - name: ubuntu-18.04 - driver: - image: dokken/ubuntu-18.04 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update diff --git a/cookbooks/redisio/metadata.json b/cookbooks/redisio/metadata.json index 330492c..00675ac 100644 --- a/cookbooks/redisio/metadata.json +++ b/cookbooks/redisio/metadata.json @@ -6,18 +6,17 @@ "maintainer_email": "help@sous-chefs.org", "license": "Apache-2.0", "platforms": { - "amazon": ">= 0.0.0", "centos": ">= 0.0.0", "debian": ">= 0.0.0", "fedora": ">= 0.0.0", "redhat": ">= 0.0.0", + "rocky": ">= 0.0.0", "scientific": ">= 0.0.0", "suse": ">= 0.0.0", "ubuntu": ">= 0.0.0" }, "dependencies": { - "ulimit": ">= 0.1.2", - "selinux_policy": ">= 2.2.0" + "selinux": ">= 0.0.0" }, "providing": { @@ -25,13 +24,13 @@ "recipes": { }, - "version": "5.0.0", + "version": "6.4.1", "source_url": "https://github.com/sous-chefs/redisio", "issues_url": "https://github.com/sous-chefs/redisio/issues", "privacy": false, "chef_versions": [ [ - ">= 15.5" + ">= 16" ] ], "ohai_versions": [ diff --git a/cookbooks/redisio/metadata.rb b/cookbooks/redisio/metadata.rb index 5c0fbad..5b7cc21 100644 --- a/cookbooks/redisio/metadata.rb +++ b/cookbooks/redisio/metadata.rb @@ -3,23 +3,19 @@ maintainer 'Sous Chefs' maintainer_email 'help@sous-chefs.org' license 'Apache-2.0' description 'Installs and configures redis' -version '5.0.0' +version '6.4.1' source_url 'https://github.com/sous-chefs/redisio' issues_url 'https://github.com/sous-chefs/redisio/issues' -chef_version '>= 15.5' +chef_version '>= 16' -%w( - amazon - centos - debian - fedora - redhat - scientific - suse - ubuntu -).each do |os| - supports os -end +suports 'amazon' +supports 'centos' +supports 'debian' +supports 'fedora' +supports 'redhat' +supports 'rocky' +supports 'scientific' +supports 'suse' +supports 'ubuntu' -depends 'ulimit', '>= 0.1.2' -depends 'selinux_policy', '>= 2.2.0' +depends 'selinux' diff --git a/cookbooks/redisio/providers/configure.rb b/cookbooks/redisio/providers/configure.rb index f3f19e6..d01a495 100644 --- a/cookbooks/redisio/providers/configure.rb +++ b/cookbooks/redisio/providers/configure.rb @@ -1,9 +1,4 @@ action :run do - configure - new_resource.updated_by_last_action(true) -end - -def configure base_piddir = new_resource.base_piddir if !new_resource.version @@ -72,318 +67,311 @@ def configure current['maxclients'] end - recipe_eval do - server_name = current['name'] || current['port'] - piddir = "#{base_piddir}/#{server_name}" - aof_file = current['appendfilename'] || "#{current['datadir']}/appendonly-#{server_name}.aof" - rdb_file = current['dbfilename'] || "#{current['datadir']}/dump-#{server_name}.rdb" + server_name = current['name'] || current['port'] + piddir = "#{base_piddir}/#{server_name}" + aof_file = current['appendfilename'] || "#{current['datadir']}/appendonly-#{server_name}.aof" + rdb_file = current['dbfilename'] || "#{current['datadir']}/dump-#{server_name}.rdb" - # Create the owner of the redis data directory - user current['user'] do - comment 'Redis service account' - manage_home true - home current['homedir'] - shell current['shell'] - system current['systemuser'] - uid current['uid'] unless current['uid'].nil? - end + # Create the owner of the redis data directory + user current['user'] do + comment 'Redis service account' + manage_home true + home current['homedir'] + shell current['shell'] + system current['systemuser'] + uid current['uid'] unless current['uid'].nil? + end - # Create the redis configuration directory - directory current['configdir'] do - owner 'root' - group platform_family?('freebsd') ? 'wheel' : 'root' - mode '0755' - recursive true - action :create - end - # Create the instance data directory - directory current['datadir'] do - owner current['user'] - group current['group'] - mode '0775' - recursive true - action :create - end - # Create the pid file directory - directory piddir do + # Create the redis configuration directory + directory current['configdir'] do + owner 'root' + group platform_family?('freebsd') ? 'wheel' : 'redis' + mode '0775' + recursive true + action :create + end + # Create the instance data directory + directory current['datadir'] do + owner current['user'] + group current['group'] + mode '0775' + recursive true + action :create + end + # Create the pid file directory + directory piddir do + owner current['user'] + group current['group'] + mode '0755' + recursive true + action :create + end + # Create the log directory if syslog is not being used + if log_directory + directory log_directory do owner current['user'] group current['group'] mode '0755' recursive true action :create end - # Create the log directory if syslog is not being used + end + # Configure SELinux if it is enabled + extend Chef::Util::Selinux + + if selinux_enabled? + selinux_install 'install' + + selinux_fcontext "#{current['configdir']}(/.*)?" do + secontext 'redis_conf_t' + end + selinux_fcontext "#{current['datadir']}(/.*)?" do + secontext 'redis_var_lib_t' + end + selinux_fcontext "#{piddir}(/.*)?" do + secontext 'redis_var_run_t' + end if log_directory - directory log_directory do - owner current['user'] - group current['group'] - mode '0755' - recursive true - action :create + selinux_fcontext "#{log_directory}(/.*)?" do + secontext 'redis_log_t' end end - # Configure SELinux if it is enabled - extend Chef::Util::Selinux - - if selinux_enabled? - selinux_policy_install 'install' - - selinux_policy_fcontext "#{current['configdir']}(/.*)?" do - secontext 'redis_conf_t' - end - selinux_policy_fcontext "#{current['datadir']}(/.*)?" do - secontext 'redis_var_lib_t' - end - selinux_policy_fcontext "#{piddir}(/.*)?" do - secontext 'redis_var_run_t' - end - if log_directory - selinux_policy_fcontext "#{log_directory}(/.*)?" do - secontext 'redis_log_t' - end - end - end - # Create the log file if syslog is not being used - if log_file - file current['logfile'] do - owner current['user'] - group current['group'] - mode '0644' - backup false - action :touch - # in version 2.8 or higher the empty string is used instead of stdout - only_if { !log_file.empty? && log_file != 'stdout' } - end - end - # Set proper permissions on the AOF or RDB files - file aof_file do + end + # Create the log file if syslog is not being used + if log_file + file current['logfile'] do owner current['user'] group current['group'] mode '0644' - only_if { current['backuptype'] == 'aof' || current['backuptype'] == 'both' } - only_if { ::File.exist?(aof_file) } - end - file rdb_file do - owner current['user'] - group current['group'] - mode '0644' - only_if { current['backuptype'] == 'rdb' || current['backuptype'] == 'both' } - only_if { ::File.exist?(rdb_file) } - end - - # Setup the redis users descriptor limits - # Pending response on https://github.com/brianbianco/redisio/commit/4ee9aad3b53029cc3b6c6cf741f5126755e712cd#diff-8ae42a59a6f4e8dc5b4e6dd2d6a34eab - # TODO: ulimit cookbook v0.1.2 doesn't work with freeBSD - if current['ulimit'] && !platform_family?('freebsd') - user_ulimit current['user'] do - filehandle_limit descriptors - end - end - - computed_save = current['save'] - if current['save'] && current['save'].respond_to?(:each_line) - computed_save = current['save'].each_line - Chef::Log.warn("#{server_name}: given a save argument as a string, instead of an array.") - Chef::Log.warn("#{server_name}: This will be deprecated in future versions of the redisio cookbook.") - end - - # Load password for use with requirepass from data bag if needed - if current['data_bag_name'] && current['data_bag_item'] && current['data_bag_key'] - bag = data_bag_item(current['data_bag_name'], current['data_bag_item']) - current['requirepass'] = bag[current['data_bag_key']] - current['masterauth'] = bag[current['data_bag_key']] - end - - # Lay down the configuration files for the current instance - template "#{current['configdir']}/#{server_name}.conf" do - source node['redisio']['redis_config']['template_source'] - cookbook node['redisio']['redis_config']['template_cookbook'] - owner current['user'] - group current['group'] - mode current['permissions'] + backup false action :create + # in version 2.8 or higher the empty string is used instead of stdout + only_if { !log_file.empty? && log_file != 'stdout' } + end + end + # Set proper permissions on the AOF or RDB files + file aof_file do + owner current['user'] + group current['group'] + mode '0644' + only_if { current['backuptype'] == 'aof' || current['backuptype'] == 'both' } + only_if { ::File.exist?(aof_file) } + end + file rdb_file do + owner current['user'] + group current['group'] + mode '0644' + only_if { current['backuptype'] == 'rdb' || current['backuptype'] == 'both' } + only_if { ::File.exist?(rdb_file) } + end + + # Setup the redis users descriptor limits + # Pending response on https://github.com/brianbianco/redisio/commit/4ee9aad3b53029cc3b6c6cf741f5126755e712cd#diff-8ae42a59a6f4e8dc5b4e6dd2d6a34eab + # TODO: ulimit cookbook v0.1.2 doesn't work with freeBSD + if current['ulimit'] && !platform_family?('freebsd') + user_ulimit current['user'] do + filehandle_limit descriptors + end + end + + computed_save = current['save'] + if current['save'] && current['save'].respond_to?(:each_line) + computed_save = current['save'].each_line + Chef::Log.warn("#{server_name}: given a save argument as a string, instead of an array.") + Chef::Log.warn("#{server_name}: This will be deprecated in future versions of the redisio cookbook.") + end + + # Load password for use with requirepass from data bag if needed + if current['data_bag_name'] && current['data_bag_item'] && current['data_bag_key'] + bag = data_bag_item(current['data_bag_name'], current['data_bag_item']) + current['requirepass'] = bag[current['data_bag_key']] + current['masterauth'] = bag[current['data_bag_key']] + end + + # Lay down the configuration files for the current instance + template "#{current['configdir']}/#{server_name}.conf" do + source node['redisio']['redis_config']['template_source'] + cookbook node['redisio']['redis_config']['template_cookbook'] + owner current['user'] + group current['group'] + mode current['permissions'] + action :create + variables( + version: version_hash, + piddir: piddir, + name: server_name, + job_control: node['redisio']['job_control'], + port: current['port'], + tcpbacklog: current['tcpbacklog'], + address: current['address'], + databases: current['databases'], + backuptype: current['backuptype'], + datadir: current['datadir'], + unixsocket: current['unixsocket'], + unixsocketperm: current['unixsocketperm'], + timeout: current['timeout'], + keepalive: current['keepalive'], + loglevel: current['loglevel'], + logfile: current['logfile'], + syslogenabled: current['syslogenabled'], + syslogfacility: current['syslogfacility'], + save: computed_save, + stopwritesonbgsaveerror: current['stopwritesonbgsaveerror'], + rdbcompression: current['rdbcompression'], + rdbchecksum: current['rdbchecksum'], + dbfilename: current['dbfilename'], + slaveof: current['slaveof'], + protected_mode: current['protected_mode'], + masterauth: current['masterauth'], + slaveservestaledata: current['slaveservestaledata'], + slavereadonly: current['slavereadonly'], + replpingslaveperiod: current['replpingslaveperiod'], + repltimeout: current['repltimeout'], + repldisabletcpnodelay: current['repldisabletcpnodelay'], + replbacklogsize: current['replbacklogsize'], + replbacklogttl: current['replbacklogttl'], + slavepriority: current['slavepriority'], + requirepass: current['requirepass'], + rename_commands: current['rename_commands'], + maxclients: current['maxclients'], + maxmemory: maxmemory, + maxmemorypolicy: current['maxmemorypolicy'], + maxmemorysamples: current['maxmemorysamples'], + appendfilename: current['appendfilename'], + appendfsync: current['appendfsync'], + noappendfsynconrewrite: current['noappendfsynconrewrite'], + aofrewritepercentage: current['aofrewritepercentage'], + aofrewriteminsize: current['aofrewriteminsize'], + aofloadtruncated: current['aofloadtruncated'], + luatimelimit: current['luatimelimit'], + slowloglogslowerthan: current['slowloglogslowerthan'], + slowlogmaxlen: current['slowlogmaxlen'], + notifykeyspaceevents: current['notifykeyspaceevents'], + hashmaxziplistentries: current['hashmaxziplistentries'], + hashmaxziplistvalue: current['hashmaxziplistvalue'], + listmaxziplistentries: current['listmaxziplistentries'], + listmaxziplistvalue: current['listmaxziplistvalue'], + setmaxintsetentries: current['setmaxintsetentries'], + zsetmaxziplistentries: current['zsetmaxziplistentries'], + zsetmaxziplistvalue: current['zsetmaxziplistvalue'], + hllsparsemaxbytes: current['hllsparsemaxbytes'], + activerehasing: current['activerehasing'], + clientoutputbufferlimit: current['clientoutputbufferlimit'], + hz: current['hz'], + aofrewriteincrementalfsync: current['aofrewriteincrementalfsync'], + clusterenabled: current['clusterenabled'], + clusterconfigfile: current['clusterconfigfile'], + clusternodetimeout: current['clusternodetimeout'], + includes: current['includes'], + minslavestowrite: current['minslavestowrite'], + minslavesmaxlag: current['minslavesmaxlag'], + repldisklesssync: current['repldisklesssync'], + repldisklesssyncdelay: current['repldisklesssyncdelay'] + ) + not_if { ::File.exist?("#{current['configdir']}/#{server_name}.conf.breadcrumb") } + end + + file "#{current['configdir']}/#{server_name}.conf.breadcrumb" do + content 'This file prevents the chef cookbook from overwritting the redis config more than once' + action :create_if_missing + only_if { current['breadcrumb'] == true } + end + + # Setup init.d file + bin_path = if node['redisio']['install_dir'] + ::File.join(node['redisio']['install_dir'], 'bin') + else + node['redisio']['bin_path'] + end + + case node['redisio']['job_control'] + when 'initd' + template "/etc/init.d/redis#{server_name}" do + source 'redis.init.erb' + cookbook 'redisio' + owner 'root' + group 'root' + mode '0755' variables( - version: version_hash, - piddir: piddir, - name: server_name, - job_control: node['redisio']['job_control'], - port: current['port'], - tcpbacklog: current['tcpbacklog'], - address: current['address'], - databases: current['databases'], - backuptype: current['backuptype'], - datadir: current['datadir'], - unixsocket: current['unixsocket'], - unixsocketperm: current['unixsocketperm'], - timeout: current['timeout'], - keepalive: current['keepalive'], - loglevel: current['loglevel'], - logfile: current['logfile'], - syslogenabled: current['syslogenabled'], - syslogfacility: current['syslogfacility'], - save: computed_save, - stopwritesonbgsaveerror: current['stopwritesonbgsaveerror'], - rdbcompression: current['rdbcompression'], - rdbchecksum: current['rdbchecksum'], - dbfilename: current['dbfilename'], - slaveof: current['slaveof'], - protected_mode: current['protected_mode'], - masterauth: current['masterauth'], - slaveservestaledata: current['slaveservestaledata'], - slavereadonly: current['slavereadonly'], - replpingslaveperiod: current['replpingslaveperiod'], - repltimeout: current['repltimeout'], - repldisabletcpnodelay: current['repldisabletcpnodelay'], - replbacklogsize: current['replbacklogsize'], - replbacklogttl: current['replbacklogttl'], - slavepriority: current['slavepriority'], - requirepass: current['requirepass'], - rename_commands: current['rename_commands'], - maxclients: current['maxclients'], - maxmemory: maxmemory, - maxmemorypolicy: current['maxmemorypolicy'], - maxmemorysamples: current['maxmemorysamples'], - appendfilename: current['appendfilename'], - appendfsync: current['appendfsync'], - noappendfsynconrewrite: current['noappendfsynconrewrite'], - aofrewritepercentage: current['aofrewritepercentage'], - aofrewriteminsize: current['aofrewriteminsize'], - aofloadtruncated: current['aofloadtruncated'], - luatimelimit: current['luatimelimit'], - slowloglogslowerthan: current['slowloglogslowerthan'], - slowlogmaxlen: current['slowlogmaxlen'], - notifykeyspaceevents: current['notifykeyspaceevents'], - hashmaxziplistentries: current['hashmaxziplistentries'], - hashmaxziplistvalue: current['hashmaxziplistvalue'], - listmaxziplistentries: current['listmaxziplistentries'], - listmaxziplistvalue: current['listmaxziplistvalue'], - setmaxintsetentries: current['setmaxintsetentries'], - zsetmaxziplistentries: current['zsetmaxziplistentries'], - zsetmaxziplistvalue: current['zsetmaxziplistvalue'], - hllsparsemaxbytes: current['hllsparsemaxbytes'], - activerehasing: current['activerehasing'], - clientoutputbufferlimit: current['clientoutputbufferlimit'], - hz: current['hz'], - aofrewriteincrementalfsync: current['aofrewriteincrementalfsync'], - clusterenabled: current['clusterenabled'], - clusterconfigfile: current['clusterconfigfile'], - clusternodetimeout: current['clusternodetimeout'], - includes: current['includes'], - minslavestowrite: current['minslavestowrite'], - minslavesmaxlag: current['minslavesmaxlag'], - repldisklesssync: current['repldisklesssync'], - repldisklesssyncdelay: current['repldisklesssyncdelay'] + name: server_name, + bin_path: bin_path, + port: current['port'], + address: current['address'], + user: current['user'], + configdir: current['configdir'], + piddir: piddir, + requirepass: current['requirepass'], + shutdown_save: current['shutdown_save'], + platform: node['platform'], + unixsocket: current['unixsocket'], + ulimit: descriptors, + required_start: node['redisio']['init.d']['required_start'].join(' '), + required_stop: node['redisio']['init.d']['required_stop'].join(' ') ) - not_if { ::File.exist?("#{current['configdir']}/#{server_name}.conf.breadcrumb") } + end + when 'upstart' + template "/etc/init/redis#{server_name}.conf" do + source 'redis.upstart.conf.erb' + cookbook 'redisio' + owner current['user'] + group current['group'] + mode '0644' + variables( + name: server_name, + bin_path: bin_path, + port: current['port'], + user: current['user'], + group: current['group'], + configdir: current['configdir'], + piddir: piddir + ) + end + when 'rcinit' + template "/usr/local/etc/rc.d/redis#{server_name}" do + source 'redis.rcinit.erb' + cookbook 'redisio' + owner current['user'] + group current['group'] + mode '0755' + variables( + name: server_name, + bin_path: bin_path, + user: current['user'], + configdir: current['configdir'], + piddir: piddir + ) + end + when 'systemd' + service_name = "redis@#{server_name}" + reload_name = "#{service_name} systemd reload" + + file "/etc/tmpfiles.d/#{service_name}.conf" do + content "d #{piddir} 0755 #{current['user']} #{current['group']}\n" + owner 'root' + group 'root' + mode '0644' end - file "#{current['configdir']}/#{server_name}.conf.breadcrumb" do - content 'This file prevents the chef cookbook from overwritting the redis config more than once' - action :create_if_missing - only_if { current['breadcrumb'] == true } + execute reload_name do + command 'systemctl daemon-reload' + action :nothing end - # Setup init.d file - bin_path = if node['redisio']['install_dir'] - ::File.join(node['redisio']['install_dir'], 'bin') - else - node['redisio']['bin_path'] - end - - case node['redisio']['job_control'] - when 'initd' - template "/etc/init.d/redis#{server_name}" do - source 'redis.init.erb' - cookbook 'redisio' - owner 'root' - group 'root' - mode '0755' - variables( - name: server_name, - bin_path: bin_path, - port: current['port'], - address: current['address'], - user: current['user'], - configdir: current['configdir'], - piddir: piddir, - requirepass: current['requirepass'], - shutdown_save: current['shutdown_save'], - platform: node['platform'], - unixsocket: current['unixsocket'], - ulimit: descriptors, - required_start: node['redisio']['init.d']['required_start'].join(' '), - required_stop: node['redisio']['init.d']['required_stop'].join(' ') - ) - end - when 'upstart' - template "/etc/init/redis#{server_name}.conf" do - source 'redis.upstart.conf.erb' - cookbook 'redisio' - owner current['user'] - group current['group'] - mode '0644' - variables( - name: server_name, - bin_path: bin_path, - port: current['port'], - user: current['user'], - group: current['group'], - configdir: current['configdir'], - piddir: piddir - ) - end - when 'rcinit' - template "/usr/local/etc/rc.d/redis#{server_name}" do - source 'redis.rcinit.erb' - cookbook 'redisio' - owner current['user'] - group current['group'] - mode '0755' - variables( - name: server_name, - bin_path: bin_path, - user: current['user'], - configdir: current['configdir'], - piddir: piddir - ) - end - when 'systemd' - service_name = "redis@#{server_name}" - reload_name = "#{service_name} systemd reload" - - file "/etc/tmpfiles.d/#{service_name}.conf" do - content "d #{piddir} 0755 #{current['user']} #{current['group']}\n" - owner 'root' - group 'root' - mode '0644' - end - - execute reload_name do - command 'systemctl daemon-reload' - action :nothing - end - - template "/lib/systemd/system/#{service_name}.service" do - source 'redis@.service.erb' - cookbook 'redisio' - owner 'root' - group 'root' - mode '0644' - variables( - bin_path: bin_path, - user: current['user'], - group: current['group'], - limit_nofile: descriptors - ) - notifies :run, "execute[#{reload_name}]", :immediately - end + template "/lib/systemd/system/#{service_name}.service" do + source 'redis@.service.erb' + cookbook 'redisio' + owner 'root' + group 'root' + mode '0644' + variables( + bin_path: bin_path, + user: current['user'], + group: current['group'], + limit_nofile: descriptors + ) + notifies :run, "execute[#{reload_name}]", :immediately end end end # servers each loop end - -def load_current_resource - @current_resource = Chef::Resource.resource_for_node(:redisio_configure, node).new(new_resource.name) - @current_resource -end diff --git a/cookbooks/redisio/providers/sentinel.rb b/cookbooks/redisio/providers/sentinel.rb index cfb2d7d..b6b74e1 100644 --- a/cookbooks/redisio/providers/sentinel.rb +++ b/cookbooks/redisio/providers/sentinel.rb @@ -1,9 +1,4 @@ action :run do - configure - new_resource.updated_by_last_action(true) -end - -def configure base_piddir = new_resource.base_piddir current_version = if new_resource.version.nil? @@ -23,200 +18,199 @@ def configure # Merge the configuration defaults with the provided array of configurations provided current = current_defaults_hash.merge(current_instance_hash) - recipe_eval do - sentinel_name = current['name'] || current['port'] - sentinel_name = "sentinel_#{sentinel_name}" - piddir = "#{base_piddir}/#{sentinel_name}" + sentinel_name = current['name'] || current['port'] + sentinel_name = "sentinel_#{sentinel_name}" + piddir = "#{base_piddir}/#{sentinel_name}" - # Create the owner of the redis data directory - user current['user'] do - comment 'Redis service account' - manage_home true - home current['homedir'] - shell current['shell'] - system current['systemuser'] - uid current['uid'] unless current['uid'].nil? - end + # Create the owner of the redis data directory + user current['user'] do + comment 'Redis service account' + manage_home true + home current['homedir'] + shell current['shell'] + system current['systemuser'] + uid current['uid'] unless current['uid'].nil? + end - # Create the redis configuration directory - directory current['configdir'] do - owner 'root' - group platform_family?('freebsd') ? 'wheel' : 'root' - mode '0755' - recursive true - action :create - end - # Create the pid file directory - directory piddir do + # Create the redis configuration directory + directory current['configdir'] do + owner 'root' + group platform_family?('freebsd') ? 'wheel' : 'redis' + mode '0775' + recursive true + action :create + end + # Create the pid file directory + directory piddir do + owner current['user'] + group current['group'] + mode '0755' + recursive true + action :create + end + + unless current['logfile'].nil? + # Create the log directory if syslog is not being used + directory ::File.dirname(current['logfile']) do owner current['user'] group current['group'] mode '0755' recursive true action :create + only_if { current['syslogenabled'] != 'yes' && current['logfile'] && current['logfile'] != 'stdout' } end - unless current['logfile'].nil? - # Create the log directory if syslog is not being used - directory ::File.dirname(current['logfile']) do - owner current['user'] - group current['group'] - mode '0755' - recursive true - action :create - only_if { current['syslogenabled'] != 'yes' && current['logfile'] && current['logfile'] != 'stdout' } - end - - # Create the log file is syslog is not being used - file current['logfile'] do - owner current['user'] - group current['group'] - mode '0644' - backup false - action :touch - only_if { current['logfile'] && current['logfile'] != 'stdout' } - end - end - - # <%=@name%> <%=@masterip%> <%=@masterport%> <%= @quorum_count %> - # <%= "sentinel auth-pass #{@name} #{@authpass}" unless @authpass.nil? %> - # sentinel down-after-milliseconds <%=@name%> <%=@downaftermil%> - # sentinel parallel-syncs <%=@name%> <%=@parallelsyncs%> - # sentinel failover-timeout <%=@name%> <%=@failovertimeout%> - - # convert from old format (preserve compat) - if !current['masters'] && current['master_ip'] - Chef::Log.warn('You are using a deprecated sentinel format. This will be removed in future versions.') - - # use old key names if newer key names aren't present (e.g. 'foo' || :foo) - masters = [ - { - master_name: current['master_name'] || current[:mastername], - master_ip: current['master_ip'] || current[:masterip], - master_port: current['master_port'] || current[:masterport], - quorum_count: current['quorum_count'] || current[:quorum_count], - auth_pass: current['auth-pass'] || current[:authpass], - down_after_milliseconds: current['down-after-milliseconds'] || current[:downaftermil], - parallel_syncs: current['parallel-syncs'] || current[:parallelsyncs], - failover_timeout: current['failover-timeout'] || current[:failovertimeout], - }, - ] - else - masters = [current['masters']].flatten - end - - # Load password for use with requirepass from data bag if needed - if current['data_bag_name'] && current['data_bag_item'] && current['data_bag_key'] - bag = data_bag_item(current['data_bag_name'], current['data_bag_item']) - masters.each do |master| - master['auth_pass'] = bag[current['data_bag_key']] - end - end - - # merge in default values to each sentinel hash - masters_with_defaults = [] - masters.each do |current_sentinel_master| - default_sentinel_master = new_resource.sentinel_defaults.to_hash - sentinel_master = default_sentinel_master.merge(current_sentinel_master || {}) - masters_with_defaults << sentinel_master - end - - # Don't render a template if we're missing these from any sentinel, - # as these are the minimal settings required to be passed in - masters_with_defaults.each do |sentinel_instance| - %w(master_ip master_port quorum_count).each do |param| - raise "Missing required sentinel parameter #{param} for #{sentinel_instance}" unless sentinel_instance[param] - end - end - - # Lay down the configuration files for the current instance - template "#{current['configdir']}/#{sentinel_name}.conf" do - source 'sentinel.conf.erb' - cookbook 'redisio' + # Create the log file is syslog is not being used + file current['logfile'] do owner current['user'] group current['group'] mode '0644' - action :create - variables( - name: current['name'], - piddir: piddir, - version: version_hash, - job_control: node['redisio']['job_control'], - sentinel_bind: current['sentinel_bind'], - sentinel_port: current['sentinel_port'], - loglevel: current['loglevel'], - logfile: current['logfile'], - syslogenabled: current['syslogenabled'], - syslogfacility: current['syslogfacility'], - masters: masters_with_defaults, - announce_ip: current['announce-ip'], - announce_port: current['announce-port'], - notification_script: current['notification-script'], - client_reconfig_script: current['client-reconfig-script'] - ) - not_if { ::File.exist?("#{current['configdir']}/#{sentinel_name}.conf.breadcrumb") } + backup false + action :touch + only_if { current['logfile'] && current['logfile'] != 'stdout' } end + end - file "#{current['configdir']}/#{sentinel_name}.conf.breadcrumb" do - content 'This file prevents the chef cookbook from overwritting the sentinel config more than once' - action :create_if_missing - end + # <%=@name%> <%=@masterip%> <%=@masterport%> <%= @quorum_count %> + # <%= "sentinel auth-pass #{@name} #{@authpass}" unless @authpass.nil? %> + # sentinel down-after-milliseconds <%=@name%> <%=@downaftermil%> + # sentinel parallel-syncs <%=@name%> <%=@parallelsyncs%> + # sentinel failover-timeout <%=@name%> <%=@failovertimeout%> - # Setup init.d file - bin_path = if node['redisio']['install_dir'] - ::File.join(node['redisio']['install_dir'], 'bin') - else - node['redisio']['bin_path'] - end - template "/etc/init.d/redis_#{sentinel_name}" do - source 'sentinel.init.erb' - cookbook 'redisio' - owner 'root' - group 'root' - mode '0755' - variables( - name: sentinel_name, - bin_path: bin_path, - user: current['user'], - configdir: current['configdir'], - piddir: piddir, - platform: node['platform'] - ) - only_if { node['redisio']['job_control'] == 'initd' } - end + # convert from old format (preserve compat) + if !current['masters'] && current['master_ip'] + Chef::Log.warn('You are using a deprecated sentinel format. This will be removed in future versions.') - template "/etc/init/redis_#{sentinel_name}.conf" do - source 'sentinel.upstart.conf.erb' - cookbook 'redisio' - owner current['user'] - group current['group'] - mode '0644' - variables( - name: sentinel_name, - bin_path: bin_path, - user: current['user'], - group: current['group'], - configdir: current['configdir'], - piddir: piddir - ) - only_if { node['redisio']['job_control'] == 'upstart' } + # use old key names if newer key names aren't present (e.g. 'foo' || :foo) + masters = [ + { + master_name: current['master_name'] || current[:mastername], + master_ip: current['master_ip'] || current[:masterip], + master_port: current['master_port'] || current[:masterport], + quorum_count: current['quorum_count'] || current[:quorum_count], + auth_pass: current['auth-pass'] || current[:authpass], + down_after_milliseconds: current['down-after-milliseconds'] || current[:downaftermil], + parallel_syncs: current['parallel-syncs'] || current[:parallelsyncs], + failover_timeout: current['failover-timeout'] || current[:failovertimeout], + }, + ] + else + masters = [current['masters']].flatten + end + + # Load password for use with requirepass from data bag if needed + if current['data_bag_name'] && current['data_bag_item'] && current['data_bag_key'] + bag = data_bag_item(current['data_bag_name'], current['data_bag_item']) + masters.each do |master| + master['auth_pass'] = bag[current['data_bag_key']] end - # TODO: fix for freebsd - template "/usr/local/etc/rc.d/redis_#{sentinel_name}" do - source 'sentinel.rcinit.erb' - cookbook 'redisio' - owner current['user'] - group current['group'] - mode '0755' - variables( - name: sentinel_name, - bin_path: bin_path, - user: current['user'], - configdir: current['configdir'], - piddir: piddir - ) - only_if { node['redisio']['job_control'] == 'rcinit' } + end + + # merge in default values to each sentinel hash + masters_with_defaults = [] + masters.each do |current_sentinel_master| + default_sentinel_master = new_resource.sentinel_defaults.to_hash + sentinel_master = default_sentinel_master.merge(current_sentinel_master || {}) + masters_with_defaults << sentinel_master + end + + # Don't render a template if we're missing these from any sentinel, + # as these are the minimal settings required to be passed in + masters_with_defaults.each do |sentinel_instance| + %w(master_ip master_port quorum_count).each do |param| + raise "Missing required sentinel parameter #{param} for #{sentinel_instance}" unless sentinel_instance[param] end end + + # Lay down the configuration files for the current instance + template "#{current['configdir']}/#{sentinel_name}.conf" do + source 'sentinel.conf.erb' + cookbook 'redisio' + owner current['user'] + group current['group'] + mode '0644' + action :create + variables( + name: current['name'], + piddir: piddir, + version: version_hash, + job_control: node['redisio']['job_control'], + sentinel_bind: current['sentinel_bind'], + sentinel_port: current['sentinel_port'], + loglevel: current['loglevel'], + logfile: current['logfile'], + syslogenabled: current['syslogenabled'], + syslogfacility: current['syslogfacility'], + masters: masters_with_defaults, + announce_ip: current['announce-ip'], + announce_port: current['announce-port'], + notification_script: current['notification-script'], + client_reconfig_script: current['client-reconfig-script'], + protected_mode: current['protected_mode'] + ) + not_if { ::File.exist?("#{current['configdir']}/#{sentinel_name}.conf.breadcrumb") } + end + + file "#{current['configdir']}/#{sentinel_name}.conf.breadcrumb" do + content 'This file prevents the chef cookbook from overwritting the sentinel config more than once' + action :create_if_missing + end + + # Setup init.d file + bin_path = if node['redisio']['install_dir'] + ::File.join(node['redisio']['install_dir'], 'bin') + else + node['redisio']['bin_path'] + end + template "/etc/init.d/redis_#{sentinel_name}" do + source 'sentinel.init.erb' + cookbook 'redisio' + owner 'root' + group 'root' + mode '0755' + variables( + name: sentinel_name, + bin_path: bin_path, + user: current['user'], + configdir: current['configdir'], + piddir: piddir, + platform: node['platform'] + ) + only_if { node['redisio']['job_control'] == 'initd' } + end + + template "/etc/init/redis_#{sentinel_name}.conf" do + source 'sentinel.upstart.conf.erb' + cookbook 'redisio' + owner current['user'] + group current['group'] + mode '0644' + variables( + name: sentinel_name, + bin_path: bin_path, + user: current['user'], + group: current['group'], + configdir: current['configdir'], + piddir: piddir + ) + only_if { node['redisio']['job_control'] == 'upstart' } + end + # TODO: fix for freebsd + template "/usr/local/etc/rc.d/redis_#{sentinel_name}" do + source 'sentinel.rcinit.erb' + cookbook 'redisio' + owner current['user'] + group current['group'] + mode '0755' + variables( + name: sentinel_name, + bin_path: bin_path, + user: current['user'], + configdir: current['configdir'], + piddir: piddir + ) + only_if { node['redisio']['job_control'] == 'rcinit' } + end end # servers each loop end @@ -247,9 +241,3 @@ def version end nil end - -def load_current_resource - @current_resource = Chef::Resource.resource_for_node(:redisio_sentinel, node).new(new_resource.name) - @current_resource.version(version) - @current_resource -end diff --git a/cookbooks/redisio/recipes/_install_prereqs.rb b/cookbooks/redisio/recipes/_install_prereqs.rb index ae35774..dda5a38 100644 --- a/cookbooks/redisio/recipes/_install_prereqs.rb +++ b/cookbooks/redisio/recipes/_install_prereqs.rb @@ -1,9 +1,9 @@ -packages_to_install = case node['platform'] - when 'debian', 'ubuntu' +packages_to_install = case node['platform_family'] + when 'debian' %w( tar ) - when 'redhat', 'centos', 'fedora', 'scientific', 'suse', 'amazon' + when 'rhel', 'fedora' %w( tar ) diff --git a/cookbooks/redisio/recipes/configure.rb b/cookbooks/redisio/recipes/configure.rb index 1a5673d..dc1ad43 100644 --- a/cookbooks/redisio/recipes/configure.rb +++ b/cookbooks/redisio/recipes/configure.rb @@ -1,5 +1,5 @@ include_recipe 'redisio::default' -include_recipe 'ulimit::default' +include_recipe 'redisio::ulimit' redis = node['redisio'] diff --git a/cookbooks/redisio/recipes/default.rb b/cookbooks/redisio/recipes/default.rb index 5e3269f..ed51ac4 100644 --- a/cookbooks/redisio/recipes/default.rb +++ b/cookbooks/redisio/recipes/default.rb @@ -1,14 +1,4 @@ -# debian 6.0.x fails the build_essential recipe without an apt-get update prior to run -if platform?('debian', 'ubuntu') - execute 'apt-get-update-periodic' do - command 'apt-get update' - ignore_failure true - only_if do - !File.exist?('/var/lib/apt/periodic/update-success-stamp') || - File.mtime('/var/lib/apt/periodic/update-success-stamp') < Time.now - 86400 - end - end -end +apt_update unless node['redisio']['package_install'] include_recipe 'redisio::_install_prereqs' diff --git a/cookbooks/redisio/recipes/disable_os_default.rb b/cookbooks/redisio/recipes/disable_os_default.rb index e755ed6..7fd76e4 100644 --- a/cookbooks/redisio/recipes/disable_os_default.rb +++ b/cookbooks/redisio/recipes/disable_os_default.rb @@ -1,8 +1,8 @@ # disable the default OS redis init script -service_name = case node['platform'] - when 'debian', 'ubuntu' +service_name = case node['platform_family'] + when 'debian' 'redis-server' - when 'redhat', 'centos', 'fedora', 'scientific', 'suse', 'amazon' + when 'rhel', 'fedora' 'redis' end diff --git a/cookbooks/redisio/recipes/install.rb b/cookbooks/redisio/recipes/install.rb index fb54ecd..bb7064f 100644 --- a/cookbooks/redisio/recipes/install.rb +++ b/cookbooks/redisio/recipes/install.rb @@ -19,4 +19,4 @@ else end end -include_recipe 'ulimit::default' +include_recipe 'redisio::ulimit' diff --git a/cookbooks/redisio/recipes/sentinel.rb b/cookbooks/redisio/recipes/sentinel.rb index fde9995..84a49d0 100644 --- a/cookbooks/redisio/recipes/sentinel.rb +++ b/cookbooks/redisio/recipes/sentinel.rb @@ -1,6 +1,6 @@ include_recipe 'redisio::_install_prereqs' include_recipe 'redisio::install' -include_recipe 'ulimit::default' +include_recipe 'redisio::ulimit' redis = node['redisio'] diff --git a/cookbooks/redisio/recipes/ulimit.rb b/cookbooks/redisio/recipes/ulimit.rb new file mode 100644 index 0000000..fbe4bfb --- /dev/null +++ b/cookbooks/redisio/recipes/ulimit.rb @@ -0,0 +1,25 @@ +# Pulled from the now replaced ulimit cookbook +# TODO: find a more tidy way to do this +ulimit = node['ulimit'] + +if platform_family?('debian') + template '/etc/pam.d/su' do + cookbook ulimit['pam_su_template_cookbook'] + end + + cookbook_file '/etc/pam.d/sudo' do + cookbook node['ulimit']['ulimit_overriding_sudo_file_cookbook'] + source node['ulimit']['ulimit_overriding_sudo_file_name'] + mode '0644' + end +end + +if ulimit.key?('users') + ulimit['users'].each do |user, attributes| + user_ulimit user do + attributes.each do |a, v| + send(a.to_sym, v) + end + end + end +end diff --git a/cookbooks/redisio/renovate.json b/cookbooks/redisio/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/redisio/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/redisio/resources/configure.rb b/cookbooks/redisio/resources/configure.rb index d8d10bd..328e07c 100644 --- a/cookbooks/redisio/resources/configure.rb +++ b/cookbooks/redisio/resources/configure.rb @@ -1,5 +1,5 @@ actions :run - +unified_mode true default_action :run # Configuration attributes diff --git a/cookbooks/redisio/resources/install.rb b/cookbooks/redisio/resources/install.rb index 9314e9c..c299dcb 100644 --- a/cookbooks/redisio/resources/install.rb +++ b/cookbooks/redisio/resources/install.rb @@ -1,5 +1,5 @@ actions :run - +unified_mode true default_action :run # Installation attributes diff --git a/cookbooks/redisio/resources/sentinel.rb b/cookbooks/redisio/resources/sentinel.rb index 175956e..1c07599 100644 --- a/cookbooks/redisio/resources/sentinel.rb +++ b/cookbooks/redisio/resources/sentinel.rb @@ -1,5 +1,5 @@ actions :run - +unified_mode true default_action :run # Configuration attributes diff --git a/cookbooks/redisio/templates/default/domain.erb b/cookbooks/redisio/templates/default/domain.erb new file mode 100644 index 0000000..219080c --- /dev/null +++ b/cookbooks/redisio/templates/default/domain.erb @@ -0,0 +1,9 @@ +<% + node.run_state[:ulimit][@domain].each do |item, entries| + entries.each do |type, value| +-%> +<%= @domain %> <%= type %> <%= item %> <%= value %> +<% + end + end +-%> diff --git a/cookbooks/redisio/templates/default/redis.conf.erb b/cookbooks/redisio/templates/default/redis.conf.erb index 6e28d19..5320578 100644 --- a/cookbooks/redisio/templates/default/redis.conf.erb +++ b/cookbooks/redisio/templates/default/redis.conf.erb @@ -26,7 +26,7 @@ pidfile <%= @piddir %>/redis_<%=@name%>.pid # If port 0 is specified Redis will not listen on a TCP socket. port <%=@port%> -<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 5 || @version[:major].to_i == 3 %> +<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 5 || @version[:major].to_i >= 3 %> # TCP listen() backlog. # # In high requests-per-second environments you need an high backlog in order @@ -185,7 +185,7 @@ stop-writes-on-bgsave-error <%= @stopwritesonbgsaveerror %> # the dataset will likely be bigger if you have compressible values or keys. rdbcompression <%= @rdbcompression %> -<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %> +<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %> # Since version 5 of RDB a CRC64 checksum is placed at the end of the file. # This makes the format more resistant to corruption but there is a performance # hit to pay (around 10%) when saving and loading RDB files, so you can disable it @@ -320,7 +320,7 @@ repl-diskless-sync <%=@repldisklesssync%> repl-diskless-sync-delay <%=@repldisklesssyncdelay%> <% end %> -<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %> +<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %> # You can configure a slave instance to accept writes or not. Writing against # a slave instance may be useful to store some ephemeral data (because data # written on a slave will be easily deleted after resync with the master) but @@ -353,7 +353,7 @@ repl-ping-slave-period <%=@replpingslaveperiod%> # repl-timeout <%=@repltimeout%> -<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %> +<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %> # Disable TCP_NODELAY on the slave socket after SYNC? # # If you select "yes" Redis will use a smaller number of TCP packets and @@ -906,7 +906,7 @@ set-max-intset-entries <%= @setmaxintsetentries %> zset-max-ziplist-entries <%= @zsetmaxziplistentries %> zset-max-ziplist-value <%= @zsetmaxziplistvalue %> -<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 9 || @version[:major].to_i == 3 %> +<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 9 || @version[:major].to_i >= 3 %> # HyperLogLog sparse representation bytes limit. The limit includes the # 16 bytes header. When an HyperLogLog using the sparse representation crosses # this limit, it is converted into the dense representation. diff --git a/cookbooks/redisio/templates/default/redis@.service.erb b/cookbooks/redisio/templates/default/redis@.service.erb index c5cd645..dc2b006 100644 --- a/cookbooks/redisio/templates/default/redis@.service.erb +++ b/cookbooks/redisio/templates/default/redis@.service.erb @@ -1,6 +1,7 @@ [Unit] Description=Redis (%i) persistent key-value database -After=network.target +Wants=network-online.target +After=network-online.target [Service] ExecStart=<%= @bin_path %>/redis-server /etc/redis/%i.conf --daemonize no diff --git a/cookbooks/redisio/templates/default/sentinel.conf.erb b/cookbooks/redisio/templates/default/sentinel.conf.erb index 83ae4e2..278e854 100644 --- a/cookbooks/redisio/templates/default/sentinel.conf.erb +++ b/cookbooks/redisio/templates/default/sentinel.conf.erb @@ -11,10 +11,14 @@ syslog-ident redis-<%= @name %> syslog-facility <%= @syslogfacility %> <%= "logfile #{@logfile}" unless @logfile.nil? %> -# bind sentinel IP <% if @sentinel_bind %> bind <%=@sentinel_bind%> <% end %> + + <% if @protected_mode %> +<%= "protected-mode #{@protected_mode}" %> +<% end %> + # port # The port that this sentinel instance will run on port <%=@sentinel_port%> diff --git a/cookbooks/redisio/templates/default/su.erb b/cookbooks/redisio/templates/default/su.erb new file mode 100644 index 0000000..882fbd6 --- /dev/null +++ b/cookbooks/redisio/templates/default/su.erb @@ -0,0 +1,62 @@ +# +# The PAM configuration file for the Shadow `su' service +# +# This file modified by Chef to enable ulimit switching with `su` +# + +# This allows root to su without passwords (normal operation) +auth sufficient pam_rootok.so + +# Uncomment this to force users to be a member of group root +# before they can use `su'. You can also add "group=foo" +# to the end of this line if you want to use a group other +# than the default "root" (but this may have side effect of +# denying "root" user, unless she's a member of "foo" or explicitly +# permitted earlier by e.g. "sufficient pam_rootok.so"). +# (Replaces the `SU_WHEEL_ONLY' option from login.defs) +# auth required pam_wheel.so + +# Uncomment this if you want wheel members to be able to +# su without a password. +# auth sufficient pam_wheel.so trust + +# Uncomment this if you want members of a specific group to not +# be allowed to use su at all. +# auth required pam_wheel.so deny group=nosu + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on su usage. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +# +# "nopen" stands to avoid reporting new mail when su'ing to another user +session optional pam_mail.so nopen + +# Sets up user limits, please uncomment and read /etc/security/limits.conf +# to enable this functionality. +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session diff --git a/cookbooks/redisio/templates/default/ulimit.erb b/cookbooks/redisio/templates/default/ulimit.erb new file mode 100644 index 0000000..46065e9 --- /dev/null +++ b/cookbooks/redisio/templates/default/ulimit.erb @@ -0,0 +1,32 @@ +# Limits settings for <%= @ulimit_user %> +<% unless @filehandle_limit.nil? -%> +<%= @ulimit_user -%> - nofile <%= @filehandle_limit %> +<% else -%><% unless @filehandle_soft_limit.nil? -%><%= @ulimit_user -%> soft nofile <%= @filehandle_soft_limit %><% end -%> +<% unless @filehandle_hard_limit.nil? -%><%= @ulimit_user -%> hard nofile <%= @filehandle_hard_limit %><% end -%> +<% end -%> +<% unless @process_limit.nil? -%> +<%= @ulimit_user -%> - nproc <%= @process_limit %> +<% else -%><% unless @process_soft_limit.nil? -%><%= @ulimit_user -%> soft nproc <%= @process_soft_limit %><% end -%> +<% unless @process_hard_limit.nil? -%><%= @ulimit_user -%> hard nproc <%= @process_hard_limit %><% end -%> +<% end -%> +<% unless @memory_limit.nil? -%> +<%= @ulimit_user -%> - memlock <%= @memory_limit %> +<% end -%> +<% unless @core_limit.nil? -%> +<%= @ulimit_user -%> - core <%= @core_limit %> +<% else -%><% unless @core_soft_limit.nil? -%><%= @ulimit_user -%> soft core <%= @core_soft_limit %><% end -%> +<% unless @core_hard_limit.nil? -%><%= @ulimit_user -%> hard core <%= @core_hard_limit %><% end -%> +<% end -%> +<% unless @stack_limit.nil? -%> +<%= @ulimit_user -%> - stack <%= @stack_limit %> +<% else -%><% unless @stack_soft_limit.nil? -%><%= @ulimit_user -%> soft stack <%= @stack_soft_limit %><% end -%> +<% unless @stack_hard_limit.nil? -%><%= @ulimit_user -%> hard stack <%= @stack_hard_limit %><% end -%> +<% end -%> +<% unless @rtprio_limit.nil? -%> +<%= @ulimit_user -%> - rtprio <%= @rtprio_limit %> +<% else -%><% unless @rtprio_soft_limit.nil? -%><%= @ulimit_user -%> soft rtprio <%= @rtprio_soft_limit %><% end -%> +<% unless @rtprio_hard_limit.nil? -%><%= @ulimit_user -%> hard rtprio <%= @rtprio_hard_limit %><% end -%> +<% end -%> +<% unless @virt_limit.nil? -%> + <%= @ulimit_user -%> - as <%= @virt_limit %> +<% end -%> diff --git a/cookbooks/ruby_build/.markdownlint-cli2.yaml b/cookbooks/ruby_build/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/ruby_build/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/ruby_build/CHANGELOG.md b/cookbooks/ruby_build/CHANGELOG.md new file mode 100644 index 0000000..79e49d8 --- /dev/null +++ b/cookbooks/ruby_build/CHANGELOG.md @@ -0,0 +1,235 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## 2.5.0 - *2023-05-16* + +- Allow ruby-build to recognize when it needs to be upgraded. +- Allow ruby-build to reinstall Ruby if the version changes. + +## 2.4.1 - *2023-05-16* + +## 2.4.0 - *2023-05-16* + +- Ubuntu 18 now uses 'libssl-dev' instead of 'libssl1.0-dev' + +## 2.3.15 - *2023-05-15* + +## 2.3.14 - *2023-04-17* + +## 2.3.13 - *2023-04-07* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.12 - *2023-04-01* + +## 2.3.11 - *2023-04-01* + +## 2.3.10 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.9 - *2023-03-20* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.8 - *2023-03-15* + +Standardise files with files in sous-chefs/repo-management + +Standardise files with files in sous-chefs/repo-management + +## 2.3.7 - *2023-02-27* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.6 - *2023-02-16* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.5 - *2023-02-14* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.4 - *2023-02-13* + +## 2.3.3 - *2023-02-13* + +## 2.3.2 - *2023-02-13* + +## 2.3.1 - *2022-12-06* + +Standardise files with files in sous-chefs/repo-management + +## 2.3.0 - *2022-08-08* + +- Add `verbose` option +- Remove Delivery and move to calling RSpec directly via a reusable workflow +- Use reusable workflows +- Update test build to use Ruby 3.0.4 +- Add Alma Linux & Rocky Linux / Replace CentOS 8 with CentOS Stream 8 +- Standardize kitchen.dokken.yml +- Add support for Ubuntu 22.04 +- Remove use of yum-centos and replace with use of yum-config-manager to make it easier to work with Alma/Rocky +- Install openssl@1.1 on MacOS + +## 2.2.3 - *2022-05-16* + +- Standardise files with files in sous-chefs/repo-management + +## 2.2.2 - *2022-02-10* + +- Standardise files with files in sous-chefs/repo-management + +## 2.2.1 - *2022-02-08* + +- Remove delivery folder + +## 2.2.0 - *2021-12-27* + +- support Chef temporary directory being located on a volume mounted `noexec` +- support Ruby installation directory being created ahead of time + +## 2.1.5 - *2021-11-22* + +- Retry when cloning the ruby-build code repository + +## 2.1.4 - *2021-08-30* + +- Standardise files with files in sous-chefs/repo-management + +## 2.1.3 - *2021-06-01* + +- Standardise files with files in sous-chefs/repo-management + +## 2.1.2 - *2020-12-02* + +- resolved cookstyle error: libraries/package_deps.rb:8:5 convention: `Layout/EmptyLineBetweenDefs` + +## 2.1.1 (2020-09-16) + +- resolved cookstyle error: spec/libraries/cruby_spec.rb:6:7 refactor: `ChefCorrectness/IncorrectLibraryInjection` +- Cookstyle Bot Auto Corrections with Cookstyle 6.16.8 + +## 2.1.0 (2020-06-17) + +- Fix package_deps being passed too many arguments +- Fix switching to master when we're already on master +- Add MacOS testing + +- fix broken environment property (needs a Hash, was set to String) +- update documentation pages with new custom resource name ruby_build_definition +- make the automatic addition of the Ruby version to the prefix an option +- allow users to use the old ruby_build_ruby resource name, for compatibility +- do not assume that users are running Chef 15.3.x and can use unified_mode +- add requested feature: patch + +## 2.0.0 (2020-04-21) + +- Remove support for JRuby, it requires an out of support Java version +- Convert to a custom resource +- Move test from bats to Inspec +- Add support for Amazon Linux +- Add support for Ubuntu 18.04 + +## 1.3.0 (2020-03-05) + +- Add debian-10 platform to test kitchen configurations +- Migrate to github actions +- Fix CircleCI testing, bring it up to Sous-Chefs standards +- Fix Markdown +- Fix YAML +- Use platform? helper in the attributes file +- Remove the unnecessary long_description field in metadata.rb +- Fix libgdbm package name in attributes for debian 10 +- Fix libgdbm package name in attributes for Ubuntu 19.04 + +## 1.2.0 (2019-01-23) + +- Add debian-10 platform to test kitchen configurations +- Migrate to github actions +- Remove recipes +- Add ruby_build_install resource +- Add ruby_build_definition resource +- Add unit testing + +## 1.1.0 (2017-04-07) + +- Maintenance of this cookbook has been moved to the Sous Chefs organization - +- Switched git installation to the git cookbook +- Sped up converge times by using multi-package installs when available +- Added Chefspec matchers +- Removed a duplicate package that was causing warnings on Chef 12 / failures on Chef 13 +- Ensured that multi-package installs would continue on Amazon Linux with Chef 13 +- Removed some fragile and unnecessary code that checked to see if we were on Chef 12+ +- Switched testing to Delivery local mode and removed all test gems from the Gemfile. +- Added a skeleton Chefspec test suite +- Updated to more modern Ruby versions to test with + +## 1.0.0 (2016-07-18) + +- This cookbook has been moved under the chef-rbenv Github organization to allow for additional committers and further maintenance +- The cookbook now requires Chef 12 due to the use of multi-package installations +- Existing lists of package dependencies have been updated to match those on the ruby-build wiki. This removes several runtime dependencies such as readline, zlib, and subversion +- Added support for installing Rubinius dependencies when installing Rubinius +- Added dependency installation on OS X machines +- Added support for FreeBSD +- Added a dependency on yum-epel when on RHEL +- Added Travis CI integration testing using kitchen-dokken and inspec +- Added cookstyle for Ruby linting and resolved all warnings +- Updated the ruby-build Github URL to the new location +- Switched package dependency logic to use platform_family which supports additional derivative distros +- Add source_url, issues_url, and chef_version metadata to metadata.rb +- Updated the LWRP to use use_inline_resources for proper update notifications +- Added a Chef 11+ style default_action to the LWRP +- Updated attribute file to use default instead of node.set which avoids deprecation warnings +- Updated the Berksfile to use Supermarket +- Updated the Gemfile with the latest testing dependencies +- Added the Apache 2.0 license file +- Updated readme to remove HTML tables that don't render in Supermarket +- Swapped the Rakefile for the standard Chef Rakefile + +## 0.8.0 (2013-05-22) + +- Pull request [#8]: Remove libyaml-devel pkg dependency for Red Hat family platforms. ([@fnichol]) +- Pull request [#9]: Use the HTTPS clone URL. ([@adammck]) +- Pull request [#10]: Use old-form notifies to support AWS OpsWorks. ([@tsabat]) +- Issue [#7]: Install Git package(s) only if Git is not previously installed. ([@fnichol], [@ChrisLundquist]) +- Convert project from Jamie to Test Kitchen. ([@fnichol]) + +## 0.7.2 (2012-12-31) + +- Fix missing package dependencies for C Ruby versions on RHEL family. ([@fnichol]) +- Print Ruby build time to :info logger (formerly :debug). ([@fnichol]) +- Add integration tests for commonly installed Ruby versions. ([@fnichol]) + +## 0.7.0 (2012-11-21) + +- Add environment attr to ruby_build_ruby. This allows for adding custom compilation flags, as well as newer ruby-build environment variables, such as RUBY_BUILD_MIRROR_URL. ([@fnichol]) +- Update foodcritic configuration and update .travis.yml. ([@fnichol]) +- Update Installation section of README (welcome Berkshelf). ([@fnichol]) + +## 0.6.2 (2012-05-03) + +- Fix ruby_build_ruby LWRP now notifies when updated (FC017). ([@fnichol]) +- Fix Add plaform equivalents in default attrs (FC024). ([@fnichol]) +- Fix JRuby requires make package on Ubuntu/Debian. ([@fnichol]) +- Ensure `Chef::Config[:file_cache_path]` exists in solo mode. ([@fnichol]) +- Add TravisCI to run Foodcritic linter. ([@fnichol]) +- Reorganize README with section links. ([@fnichol]) + +## 0.6.0 (2011-12-10) + +The initial release. + +[#10]: https://github.com/fnichol/chef-ruby_build/issues/10 +[#7]: https://github.com/fnichol/chef-ruby_build/issues/7 +[#8]: https://github.com/fnichol/chef-ruby_build/issues/8 +[#9]: https://github.com/fnichol/chef-ruby_build/issues/9 +[@adammck]: https://github.com/adammck +[@chrislundquist]: https://github.com/ChrisLundquist +[@fnichol]: https://github.com/fnichol +[@tsabat]: https://github.com/tsabat diff --git a/cookbooks/ruby_build/LICENSE b/cookbooks/ruby_build/LICENSE new file mode 100644 index 0000000..8f71f43 --- /dev/null +++ b/cookbooks/ruby_build/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/cookbooks/ruby_build/README.md b/cookbooks/ruby_build/README.md new file mode 100644 index 0000000..37e0f3b --- /dev/null +++ b/cookbooks/ruby_build/README.md @@ -0,0 +1,79 @@ +# ruby-build Chef Cookbook + +[![Cookbook Version](https://img.shields.io/cookbook/v/ruby_build.svg)](https://supermarket.chef.io/cookbooks/ruby_build) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) + +## Description + +Manages the [ruby-build][rb_site] framework and its installed Rubies, through custom resources. + +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + +## Usage + +It is for use in standalone mode. If you wish to use ruby-build with rbenv, please use the [rbenv cookbook][rbenv-cookbook]. + +## Requirements + +### Chef + +- Chef 15+ + +### Supported Platforms + +- Ubuntu 16.04+ +- MacOS +- debian 8+ +- FreeBSD 9+ +- RedHat 6+ + +## Usage + +```ruby +# metadata.rb +depends 'ruby_build' +``` + +```ruby +# default.rb +ruby_build_install '' + +ruby_build_definition '2.6.0' + +# build 2.6.0 with a patch that lives in your cookbook's files/default dir +ruby_build_definition '2.6.0' do + patch 'foobar.patch' +end +``` + +## Resources + +- [ruby_build_install](https://github.com/sous-chefs/ruby_build/blob/master/documentation/resources/install.md) +- [ruby_build_definition](https://github.com/sous-chefs/ruby_build/blob/master/documentation/resources/definition.md) + +## License and Author + +Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at + +```text +http://www.apache.org/licenses/LICENSE-2.0 +``` + +### Sponsors + +[rb_site]: https://github.com/rbenv/ruby-build +[rbenv-cookbook]: https://github.com/sous-chefs/ruby_rbenv + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/cookbooks/ruby_build/chefignore b/cookbooks/ruby_build/chefignore new file mode 100644 index 0000000..a27b0b2 --- /dev/null +++ b/cookbooks/ruby_build/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen*.yml +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/ruby_build/libraries/package_deps.rb b/cookbooks/ruby_build/libraries/package_deps.rb new file mode 100644 index 0000000..d03164a --- /dev/null +++ b/cookbooks/ruby_build/libraries/package_deps.rb @@ -0,0 +1,43 @@ +class Chef + module Rbenv + module MacOs + def openssl_prefix + `/usr/local/bin/brew --prefix openssl@1.1`.strip! + end + end + + module PackageDeps + def cruby_package_deps + case node['platform_family'] + when 'rhel', 'fedora', 'amazon' + %w( gcc bzip2 openssl-devel libyaml-devel libffi-devel readline-devel zlib-devel gdbm-devel ncurses-devel make patch ) + when 'debian' + case node['platform'] + when 'debian' + if node['platform_version'].to_i >= 10 + %w( gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev make patch ) + else + %w( gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev make patch ) + end + when 'ubuntu' + if node['platform_version'].to_i >= 20 + %w( gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev make patch ) + elsif node['platform_version'].to_i == 18 + %w( gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev make patch ) + else + %w( gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev make patch ) + end + end + when 'suse' + %w( gcc make automake gdbm-devel libyaml-devel ncurses-devel readline-devel zlib-devel libopenssl-devel patch ) + when 'mac_os_x' + %w( openssl@1.1 readline ) + end + end + + def package_deps + cruby_package_deps + end + end + end +end diff --git a/cookbooks/ruby_build/metadata.json b/cookbooks/ruby_build/metadata.json new file mode 100644 index 0000000..aaf0ec5 --- /dev/null +++ b/cookbooks/ruby_build/metadata.json @@ -0,0 +1,48 @@ +{ + "name": "ruby_build", + "description": "Manages the ruby-build framework and its installed rubies. A LWRP is also defined.", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "ubuntu": ">= 0.0.0", + "debian": ">= 0.0.0", + "freebsd": ">= 0.0.0", + "redhat": ">= 0.0.0", + "centos": ">= 0.0.0", + "fedora": ">= 0.0.0", + "amazon": ">= 0.0.0", + "scientific": ">= 0.0.0", + "suse": ">= 0.0.0", + "opensuse": ">= 0.0.0", + "opensuseleap": ">= 0.0.0", + "mac_os_x": ">= 0.0.0" + }, + "dependencies": { + "yum-epel": ">= 0.0.0", + "homebrew": ">= 0.0.0" + }, + "providing": { + + }, + "recipes": { + + }, + "version": "2.5.0", + "source_url": "https://github.com/sous-chefs/ruby_build", + "issues_url": "https://github.com/sous-chefs/ruby_build/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 15.0" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/ruby_build/metadata.rb b/cookbooks/ruby_build/metadata.rb new file mode 100644 index 0000000..9d4f6bc --- /dev/null +++ b/cookbooks/ruby_build/metadata.rb @@ -0,0 +1,25 @@ +name 'ruby_build' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Manages the ruby-build framework and its installed rubies. A LWRP is also defined.' +source_url 'https://github.com/sous-chefs/ruby_build' +issues_url 'https://github.com/sous-chefs/ruby_build/issues' +chef_version '>= 15.0' +version '2.5.0' + +supports 'ubuntu' +supports 'debian' +supports 'freebsd' +supports 'redhat' +supports 'centos' +supports 'fedora' +supports 'amazon' +supports 'scientific' +supports 'suse' +supports 'opensuse' +supports 'opensuseleap' +supports 'mac_os_x' + +depends 'yum-epel' +depends 'homebrew' diff --git a/cookbooks/ruby_build/renovate.json b/cookbooks/ruby_build/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/ruby_build/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/ruby_build/resources/definition.rb b/cookbooks/ruby_build/resources/definition.rb new file mode 100644 index 0000000..763cc3d --- /dev/null +++ b/cookbooks/ruby_build/resources/definition.rb @@ -0,0 +1,102 @@ +include Chef::Rbenv::MacOs + +# for compatibility with earlier incarnations +# of this resource +# +provides :ruby_build_ruby + +property :definition, String, + name_property: true, + description: 'Version of Ruby to install' + +property :prefix_path, String, + default: '/usr/local/ruby', + description: 'Location to install Ruby' + +property :verbose, [true, false], + default: false, + description: 'print compilation status to stdout' + +# NOTE: adding the Ruby version to the installation prefix +# by default is unexpected and will likely lead to user +# problems. Now defaults to false. +# +property :version_prefix, [true, false], + default: false, + description: 'add Ruby version to the installation prefix' + +property :patch, [String, nil], + description: 'path to a Ruby patch file for ruby-build to use' + +property :environment, Hash, + default: {}, + description: 'Environment hash to pass to the ruby-build install process' + +property :user, String, + description: 'User to install as' + +property :group, String, + description: 'Group to install as' + +unified_mode true if respond_to? :unified_mode + +action :install do + Chef::Log.fatal('JRuby is not a supported definition') \ + if new_resource.definition.include? 'jruby' + + if platform_family?('mac_os_x') && Chef::VERSION < '16' + Array(package_deps).each do |pkg| + package pkg + end + else + package package_deps + end + + installation_path = if new_resource.version_prefix + ::File.join(new_resource.prefix_path, new_resource.definition) + else + new_resource.prefix_path + end + + env = if platform_family?('mac_os_x') + extra_env = { 'RUBY_CONFIGURE_OPTS' => "--with-openssl-dir=#{openssl_prefix}" } + new_resource.environment.merge extra_env + else + new_resource.environment + end + + ruby_build_cmd = [ + '/usr/local/bin/ruby-build', + new_resource.definition, + installation_path, + ].join(' ') + + ruby_build_cmd += ' --verbose' if new_resource.verbose + + if new_resource.patch + patch_path = "#{Chef::Config[:file_cache_path]}/#{new_resource.patch}" + ruby_build_cmd += %( --patch < "#{patch_path}" ) + + cookbook_file patch_path do + source new_resource.patch + end + end + + bash "ruby-build #{new_resource.definition}" do + code ruby_build_cmd + environment env + user new_resource.user + group new_resource.group + not_if do + ::Dir.exist?("#{installation_path}/bin") && + new_resource.definition == `#{installation_path}/bin/ruby -e 'print RUBY_VERSION'` + end + live_stream true + action :run + end +end + +action_class do + include Chef::Rbenv::PackageDeps + include Chef::Rbenv::MacOs +end diff --git a/cookbooks/ruby_build/resources/homebrew_update.rb b/cookbooks/ruby_build/resources/homebrew_update.rb new file mode 100644 index 0000000..de88d53 --- /dev/null +++ b/cookbooks/ruby_build/resources/homebrew_update.rb @@ -0,0 +1,77 @@ +unified_mode true if respond_to? :unified_mode + +provides :homebrew_update + +description 'Use the **homebrew_update** resource to manage Homebrew repository updates on MacOS.' +introduced '16.2' +examples <<~DOC + **Update the hombrew repository data at a specified interval**: + ```ruby + homebrew_update 'all platforms' do + frequency 86400 + action :periodic + end + ``` + **Update the Homebrew repository at the start of a Chef Infra Client run**: + ```ruby + homebrew_update 'update' + ``` +DOC + +# allow bare homebrew_update with no name +property :name, String, default: '' + +property :frequency, Integer, + description: 'Determines how frequently (in seconds) Homebrew updates are made. Use this property when the `:periodic` action is specified.', + default: 86_400 + +default_action :periodic + +action_class do + BREW_STAMP_DIR = '/var/lib/homebrew/periodic'.freeze + BREW_STAMP = "#{BREW_STAMP_DIR}/update-success-stamp".freeze + + # Determines whether we need to run `homebrew update` + # + # @return [Boolean] + def brew_up_to_date? + ::File.exist?(BREW_STAMP) && + ::File.mtime(BREW_STAMP) > Time.now - new_resource.frequency + end + + def do_update + directory BREW_STAMP_DIR do + recursive true + end + + file BREW_STAMP do + content "BREW::Update::Post-Invoke-Success\n" + action :create_if_missing + end + + execute 'brew update' do + command %w(brew update) + default_env true + user Homebrew.owner + notifies :touch, "file[#{BREW_STAMP}]", :immediately + end + end +end + +action :periodic do + return unless mac_os_x? + + unless brew_up_to_date? + converge_by 'update new lists of packages' do + do_update + end + end +end + +action :update do + return unless mac_os_x? + + converge_by 'force update new lists of packages' do + do_update + end +end diff --git a/cookbooks/ruby_build/resources/install.rb b/cookbooks/ruby_build/resources/install.rb new file mode 100644 index 0000000..d3c8daf --- /dev/null +++ b/cookbooks/ruby_build/resources/install.rb @@ -0,0 +1,41 @@ +property :name, String, default: '' + +property :git_ref, String, + default: 'master', + description: 'Git reference to download, set to a tag to get a specific version' + +unified_mode true if respond_to? :unified_mode + +action :install do + src_path = "#{Chef::Config['file_cache_path']}/ruby-build" + + if platform_family?('rhel') + if node['platform_version'].to_i >= 8 + package 'yum-utils' + + execute 'yum-config-manager --enable powertools' do + not_if 'yum-config-manager --dump powertools | grep -q "enabled = 1"' + end + end + + include_recipe 'yum-epel' + end + + package %w(tar bash curl git) unless platform_family?('mac_os_x', 'freebsd') + + git src_path do + repository 'https://github.com/rbenv/ruby-build.git' + revision new_resource.git_ref unless new_resource.git_ref == 'master' + retries 5 + retry_delay 5 + end + + execute 'Install ruby-build' do + cwd src_path + command %(sh ./install.sh) + not_if do + ::File.exist?('/usr/local/bin/ruby-build') && + `#{src_path}/bin/ruby-build --version` == `/usr/local/bin/ruby-build --version` + end + end +end diff --git a/cookbooks/selinux/.markdownlint-cli2.yaml b/cookbooks/selinux/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/selinux/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/selinux/CHANGELOG.md b/cookbooks/selinux/CHANGELOG.md new file mode 100644 index 0000000..26ae15e --- /dev/null +++ b/cookbooks/selinux/CHANGELOG.md @@ -0,0 +1,263 @@ +# selinux Cookbook CHANGELOG + +This file is used to list changes made in each version of the selinux cookbook. + +## 6.1.12 - *2023-05-17* + +## 6.1.11 - *2023-04-17* + +## 6.1.10 - *2023-04-07* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.9 - *2023-04-01* + +## 6.1.8 - *2023-04-01* + +## 6.1.7 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.6 - *2023-03-20* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.5 - *2023-03-15* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.4 - *2023-02-23* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.3 - *2023-02-15* + +## 6.1.2 - *2023-02-14* + +Standardise files with files in sous-chefs/repo-management + +## 6.1.1 - *2023-02-03* + +- Updated selinux_port documentation + +## 6.1.0 - *2023-01-18* + +- resolved cookstyle error: resources/install.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` +- resolved cookstyle error: resources/module.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` +- resolved cookstyle error: resources/state.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` +- Standardise files with files in sous-chefs/repo-management +- Add `selinux_login` resource +- Add `selinux_user` resource + +## 6.0.7 - *2022-11-01* + +- Fix CentOS 6 package requirements +- Fix Chef 18 compatibility + +## 6.0.6 - *2022-09-28* + +- Add missing `policycoreutils-python` package +- Include additional platforms and suites for testing +- Run `apt_update` in `selinux_install` on Debian-based systems +- Fix SELinux enablement on Ubuntu 18.04 + +## 6.0.5 - *2022-09-18* + +- Standardise files with files in sous-chefs/repo-management +- Add testing for Debian 11, Alma Linux and Rocky Linux +- Remove testing for CentOS 8 (prefer Stream instead) +- Update Github CI config + +## 6.0.4 - *2022-02-17* + +- Standardise files with files in sous-chefs/repo-management + +## 6.0.3 - *2022-02-08* + +- Remove delivery folder + +## 6.0.2 - *2022-01-01* + +- resolved cookstyle error: resources/install.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` +- resolved cookstyle error: resources/module.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` +- resolved cookstyle error: resources/state.rb:5:1 refactor: `Chef/Style/CopyrightCommentFormat` + +## 6.0.1 - *2021-11-03* + +- Correctly parse ports with multple contexts + +## 6.0.0 - *2021-09-02* + +- Import `selinux_policy` resources into this cookbook (`_fcontext`, `_permissive`, and `_port`) +- `selinux_policy_module` not imported since it is a duplicate of `selinux_module` + +### Deprecations + +- `selinux_fcontext` action `addormodify` renamed to `manage` +- `selinux_port` action `addormodify` renamed to `manage` + +## 5.1.1 - *2021-08-30* + +- Standardise files with files in sous-chefs/repo-management + +## 5.1.0 - *2021-08-21* + +- Fix `selinux_install` on Alma Linux / Oracle Linux + +## 5.0.0 - *2021-08-10* + +### Note: With version 5.0.0 the default recipe has been removed + +- Major refactoring +- Restore support for Debian based distros +- All resources now use unified_mode +- Added selinux_boolean resource +- Remove attributes and default recipe +- Replaced with a set of bare recipes for the three selinux states +- Add automatic restart function to `selinux_state` resource + +## 4.0.0 - *2021-07-21* + +- Sous Chefs adoption +- Enable `unified_mode` for Chef 17 compatibility +- Update test platforms + +## 3.1.1 (2020-09-29) + +- Move `default['selinux']['status']` attribute to `default['selinux']['state']` to avoid conflicts with Ohai in Chef Infra Client 16 - [@shoekstra](https://github.com/shoekstra) + +## 3.1.0 (2020-09-29) + +- Cookstyle Bot Auto Corrections with Cookstyle 6.16.8 - [@cookstyle](https://github.com/cookstyle) +- Add a new `node['selinux']['install_mcstrans_package']` attribute to control installation of the mcdtrans package. This default to true to maintain existing functionality. - [@kapilchouhan99](https://github.com/kapilchouhan99) + +## 3.0.2 (2020-08-25) + +- Fix failures in CI- [@shoekstra](https://github.com/shoekstra) +- Specify platform to SoloRunner - [@shoekstra](https://github.com/shoekstra) +- Remove unnecessary Foodcritic comments - [@tas50](https://github.com/tas50) +- Notify :immediately not :immediate - [@tas50](https://github.com/tas50) +- Add Github actions testing of style/unit - [@tas50](https://github.com/tas50) +- [GH-67] - Do not try to modify frozen checksum - [@vzDevelopment](https://github.com/vzDevelopment) +- Standardise files with files in chef-cookbooks/repo-management - [@xorimabot](https://github.com/xorimabot) + +## 3.0.1 (2019-11-14) + +- Remove the deprecated ChefSpec report - [@tas50](https://github.com/tas50) +- Allow "-" and "_" for module names - [@ramereth](https://github.com/ramereth) +- Update Fedora versions we test on - [@tas50](https://github.com/tas50) + +## 3.0.0 (2019-06-06) + +- Support for SELinux Modules, via new resource `selinux_module`, able to compile `.te` files, install and remove modules; +- Improving test coverage for all resources +- Remove support for Ubuntu/Debian +- Require Chef 13+ + +## 2.1.1 (2018-06-07) + +- Do not execute setenforce 1 always +- Remove chefspec matchers that are autogenerated now +- Chef 13 Fixes + +## 2.1.0 (2017-09-15) + +- Simplify Travis config and fix ChefDK 2.0 failures +- Use bento slugs in Kitchen +- Remove maintainer files +- More cleanup of the maintainer files +- Speed up install with multi-package install + +## 2.0.3 (2017-06-13) + +- Fix boolean check within default recipe + +## 2.0.2 (2017-06-05) + +- Permissive guard should grep for permissive not just disabled + +## 2.0.1 (2017-05-30) + +- Remove class_eval usage + +## 2.0.0 (2017-05-15) + +- Deprecate debian family support +- Make default for rhel family use setenforce regardless of whether a temporary change or not. Eliminates the requirement for a required reboot to effect change in the running system. + +## 1.0.4 (2017-04-17) + +- Switch to local delivery for testing +- Use the standard apache license string +- Updates for early Chef 12 and Chef 13 compatibility +- Update and add copyright blocks to the various files + +## 1.0.3 (2017-03-14) + +- Fix requirement in metadata to reflect need for Chef 12.7 as using action_class in state resource. + +## 1.0.2 (2017-03-01) + +- Remove setools* packages from install resource (utility to analyze and query policies, monitor and report audit logs, and manage file context). Future versions of this cookbook that might use this need to handle package install on Oracle Linux as not available in default repo. + +## 1.0.1 (2017-02-26) + +- Fix logic error in the permissive state change + +## 1.0.0 (2017-02-26) + +- **BREAKING CHANGE** `node['selinux']['state']` is now `node['selinux']['status']` to meet Chef 13 requirements. +- Update to current cookbook engineering standards +- Rewrite LWRP to 12.5 resources +- Resolved cookstyle errors +- Update package information for debian based on +- selinux-activate looks like it's required to ACTUALLY activate selinux on non-RHEL systems. This seems like it could be destructive if unexpected. + +- Add property temporary to allow for switching between permissive and enabled + +- Add install resource + +## v0.9.0 (2015-02-22) + +- Initial Debian / Ubuntu support +- Various bug fixes + +## v0.8.0 (2014-04-23) + +- [COOK-4528] - Fix selinux directory permissions +- [COOK-4562] - Basic support for Ubuntu/Debian + +## v0.7.2 (2014-03-24) + +handling minimal installs + +## v0.7.0 (2014-02-27) + +[COOK-4218] Support setting SELinux boolean values + +## v0.6.2 + +- Fixing bug introduced in 0.6.0 +- adding basic test-kitchen coverage + +## v0.6.0 + +- [COOK-760] - selinux enforce/permit/disable based on attribute + +## v0.5.6 + +- [COOK-2124] - enforcing recipe fails if selinux is disabled + +## v0.5.4 + +- [COOK-1277] - disabled recipe fails on systems w/o selinux installed + +## v0.5.2 + +- [COOK-789] - fix dangling commas causing syntax error on some rubies + +## v0.5.0 + +- [COOK-678] - add the selinux cookbook to the repository +- Use main selinux config file (/etc/selinux/config) +- Use getenforce instead of selinuxenabled for enforcing and permissive diff --git a/cookbooks/selinux/LICENSE b/cookbooks/selinux/LICENSE new file mode 100644 index 0000000..8dada3e --- /dev/null +++ b/cookbooks/selinux/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/cookbooks/yum/README.md b/cookbooks/selinux/README.md similarity index 54% rename from cookbooks/yum/README.md rename to cookbooks/selinux/README.md index 1c8ebc3..e4d6b63 100644 --- a/cookbooks/yum/README.md +++ b/cookbooks/selinux/README.md @@ -1,88 +1,62 @@ -# yum Cookbook +# SELinux Cookbook -[![Cookbook Version](https://img.shields.io/cookbook/v/yum.svg)](https://supermarket.chef.io/cookbooks/yum) -[![CI State](https://github.com/sous-chefs/yum/workflows/ci/badge.svg)](https://github.com/sous-chefs/yum/actions?query=workflow%3Aci) +[![Cookbook Version](https://img.shields.io/cookbook/v/selnux.svg)](https://supermarket.chef.io/cookbooks/selinux) +[![CI State](https://github.com/sous-chefs/selinux/workflows/ci/badge.svg)](https://github.com/sous-chefs/selinux/actions?query=workflow%3Aci) [![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) [![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) [![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) -The Yum cookbook exposes the `yum_globalconfig` resource which allows a user to control global yum behavior. This resources aims to allow the user to configure all options listed in the `yum.conf` man page, found at +## Description + +The SELinux (Security Enhanced Linux) cookbook provides recipes for manipulating SELinux policy enforcement state. + +SELinux can have one of three settings: + +`Enforcing` + +- Watches all system access checks, stops all 'Denied access' +- Default mode on RHEL systems + +`Permissive` + +- Allows access but reports violations + +`Disabled` + +- Disables SELinux from the system but is only read at boot time. If you set this flag, you must reboot. + +Disable SELinux only if you plan to not use it. Use `Permissive` mode if you just need to debug your system. + +## Requirements + +- Chef 15.3 or higher + +## Platform + +- RHEL 7+ +- CentOS 7+ +- Fedora +- Ubuntu +- Debian + +## Resources + +The following resources are provided: + +- [selinux_boolean](documentation/selinux_boolean.md) +- [selinux_fcontext](documentation/selinux_fcontext.md) +- [selinux_install](documentation/selinux_install.md) +- [selinux_login](documentation/selinux_login.md) +- [selinux_module](documentation/selinux_module.md) +- [selinux_permissive](documentation/selinux_permissive.md) +- [selinux_port](documentation/selinux_port.md) +- [selinux_state](documentation/selinux_state.md) +- [selinux_user](documentation/selinux_user.md) ## Maintainers This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). -## Requirements - -### Platforms - -- RHEL/CentOS and derivatives -- Fedora - -### Chef - -- Chef 15.3+ - -### Cookbooks - -- none - -## Resources - -- [`yum_globalconfig`](documentation/yum_globalconfig.md) -- [`dnf_module`](documentation/dnf_module.md) - -## Recipes (deprecated) - -- `default` - Configures `yum_globalconfig[/etc/yum.conf]` with values found in node attributes at `node['yum']['main']` - -## Attributes - -The following attributes are set by default - -```ruby -default['yum']['main']['cachedir'] = '/var/cache/yum/$basearch/$releasever' -default['yum']['main']['keepcache'] = false -default['yum']['main']['debuglevel'] = nil -default['yum']['main']['exclude'] = nil -default['yum']['main']['logfile'] = '/var/log/yum.log' -default['yum']['main']['exactarch'] = nil -default['yum']['main']['obsoletes'] = nil -default['yum']['main']['installonly_limit'] = nil -default['yum']['main']['installonlypkgs'] = nil -default['yum']['main']['installroot'] = nil -``` - -For Amazon platform nodes, the default is to receive a continuous flow of updates, - -```ruby -default['yum']['main']['releasever'] = 'latest' -``` - -To lock existing instances to the current version of the Amazon AMI, - -```ruby -default['yum']['main']['releasever'] = '' -``` - -## Related Cookbooks - -Recipes from older versions of this cookbook have been moved individual cookbooks. Recipes for managing platform yum configurations and installing specific repositories can be found in one (or more!) of the following cookbook. - -- yum-centos -- yum-fedora -- yum-amazon -- yum-epel -- yum-elrepo -- yum-repoforge -- yum-ius -- yum-percona -- yum-pgdg - -## Usage - -Put `depends 'yum'` in your metadata.rb to gain access to the yum_repository resource. - ## Contributors This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) diff --git a/cookbooks/selinux/chefignore b/cookbooks/selinux/chefignore new file mode 100644 index 0000000..a27b0b2 --- /dev/null +++ b/cookbooks/selinux/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen*.yml +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/selinux/libraries/boolean.rb b/cookbooks/selinux/libraries/boolean.rb new file mode 100644 index 0000000..c64d07c --- /dev/null +++ b/cookbooks/selinux/libraries/boolean.rb @@ -0,0 +1,17 @@ +module SELinux + module Cookbook + module BooleanHelpers + def selinux_bool(bool) + if ['on', 'true', '1', true, 1].include?(bool) + 'on' + elsif ['off', 'false', '0', false, 0].include?(bool) + 'off' + else + raise ArgumentError, "selinux_bool: Invalid selinux boolean value #{bool}" + end + end + + module_function :selinux_bool + end + end +end diff --git a/cookbooks/selinux/libraries/install.rb b/cookbooks/selinux/libraries/install.rb new file mode 100644 index 0000000..0de1789 --- /dev/null +++ b/cookbooks/selinux/libraries/install.rb @@ -0,0 +1,33 @@ +module SELinux + module Cookbook + module InstallHelpers + def default_install_packages + case node['platform_family'] + when 'rhel' + case node['platform_version'].to_i + when 6 + %w(make policycoreutils selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console) + when 7 + %w(make policycoreutils policycoreutils-python selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console) + else + %w(make policycoreutils policycoreutils-python-utils selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console) + end + when 'amazon' + %w(make policycoreutils policycoreutils-python selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console) + when 'fedora' + %w(make policycoreutils policycoreutils-python-utils selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console) + when 'debian' + if node['platform'] == 'ubuntu' + if node['platform_version'].to_f == 18.04 + %w(make policycoreutils selinux selinux-basics selinux-policy-default selinux-policy-dev auditd setools) + else + %w(make policycoreutils selinux-basics selinux-policy-default selinux-policy-dev auditd setools) + end + else + %w(make policycoreutils selinux-basics selinux-policy-default selinux-policy-dev auditd setools) + end + end + end + end + end +end diff --git a/cookbooks/selinux/libraries/state.rb b/cookbooks/selinux/libraries/state.rb new file mode 100644 index 0000000..81421df --- /dev/null +++ b/cookbooks/selinux/libraries/state.rb @@ -0,0 +1,60 @@ +module SELinux + module Cookbook + module StateHelpers + def selinux_disabled? + selinux_state.eql?(:disabled) + end + + def selinux_enforcing? + selinux_state.eql?(:enforcing) + end + + def selinux_permissive? + selinux_state.eql?(:permissive) + end + + def state_change_reboot_required? + (selinux_disabled? && %i(enforcing permissive).include?(action)) || + ((selinux_enforcing? || selinux_permissive?) && action == :disabled) || + (selinux_activate_required? && %i(enforcing permissive).include?(action)) + end + + def selinux_state + state = shell_out!('getenforce').stdout.strip.downcase.to_sym + raise "Got unknown SELinux state #{state}" unless %i(disabled enforcing permissive).include?(state) + + state + end + + def selinux_activate_required? + return false unless platform_family?('debian') + sestatus = shell_out!('sestatus -v').stdout.strip + + # Ensure we're booted up to a system which has selinux activated and filesystem is properly labeled + if File.read('/proc/cmdline').match?('security=selinux') && sestatus.match?(%r{/usr/sbin/sshd.*sshd_exec_t}) + false + else + true + end + end + + def selinux_activate_cmd + # selinux-activate is semi-broken on Ubuntu 18.04 however this method does work + if platform?('ubuntu') && node['platform_version'] == '18.04' + 'touch /.autorelabel' + else + '/usr/sbin/selinux-activate' + end + end + + def default_policy_platform + case node['platform_family'] + when 'rhel', 'fedora', 'amazon' + 'targeted' + when 'debian' + 'default' + end + end + end + end +end diff --git a/cookbooks/yum/metadata.json b/cookbooks/selinux/metadata.json similarity index 65% rename from cookbooks/yum/metadata.json rename to cookbooks/selinux/metadata.json index c2b9d36..dae3c66 100644 --- a/cookbooks/yum/metadata.json +++ b/cookbooks/selinux/metadata.json @@ -1,18 +1,19 @@ { - "name": "yum", - "description": "Configures various yum components on Red Hat-like systems", + "name": "selinux", + "description": "Manages SELinux policy state and rules.", "long_description": "", "maintainer": "Sous Chefs", "maintainer_email": "help@sous-chefs.org", "license": "Apache-2.0", "platforms": { - "amazon": ">= 0.0.0", - "centos": ">= 0.0.0", - "fedora": ">= 0.0.0", - "oracle": ">= 0.0.0", "redhat": ">= 0.0.0", + "centos": ">= 0.0.0", "scientific": ">= 0.0.0", - "zlinux": ">= 0.0.0" + "oracle": ">= 0.0.0", + "amazon": ">= 0.0.0", + "fedora": ">= 0.0.0", + "debian": ">= 0.0.0", + "ubuntu": ">= 0.0.0" }, "dependencies": { @@ -23,9 +24,9 @@ "recipes": { }, - "version": "7.2.0", - "source_url": "https://github.com/sous-chefs/yum", - "issues_url": "https://github.com/sous-chefs/yum/issues", + "version": "6.1.12", + "source_url": "https://github.com/sous-chefs/selinux", + "issues_url": "https://github.com/sous-chefs/selinux/issues", "privacy": false, "chef_versions": [ [ diff --git a/cookbooks/selinux/metadata.rb b/cookbooks/selinux/metadata.rb new file mode 100644 index 0000000..85c8109 --- /dev/null +++ b/cookbooks/selinux/metadata.rb @@ -0,0 +1,13 @@ +name 'selinux' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Manages SELinux policy state and rules.' +version '6.1.12' +source_url 'https://github.com/sous-chefs/selinux' +issues_url 'https://github.com/sous-chefs/selinux/issues' +chef_version '>= 15.3' + +%w(redhat centos scientific oracle amazon fedora debian ubuntu).each do |os| + supports os +end diff --git a/cookbooks/mariadb/recipes/default.rb b/cookbooks/selinux/recipes/disabled.rb similarity index 79% rename from cookbooks/mariadb/recipes/default.rb rename to cookbooks/selinux/recipes/disabled.rb index 7edcd87..35cedbb 100644 --- a/cookbooks/mariadb/recipes/default.rb +++ b/cookbooks/selinux/recipes/disabled.rb @@ -1,8 +1,6 @@ # -# Cookbook Name:: mariadb -# Recipe:: default -# -# Copyright 2014, blablacar.com +# Cookbook:: selinux +# Recipe:: disabled # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,4 +15,9 @@ # limitations under the License. # -include_recipe "#{cookbook_name}::server" +selinux_install 'selinux' + +selinux_state 'disabled' do + automatic_reboot true + action :disabled +end diff --git a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/error.rb b/cookbooks/selinux/recipes/enforcing.rb similarity index 72% rename from cookbooks/poise-javascript/files/halite_gem/poise_javascript/error.rb rename to cookbooks/selinux/recipes/enforcing.rb index b556b2d..ae003d3 100644 --- a/cookbooks/poise-javascript/files/halite_gem/poise_javascript/error.rb +++ b/cookbooks/selinux/recipes/enforcing.rb @@ -1,11 +1,13 @@ + # -# Copyright 2015-2017, Noah Kantrowitz +# Cookbook:: selinux +# Recipe:: enforcing # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -14,10 +16,9 @@ # limitations under the License. # -require 'poise_languages' +selinux_install 'selinux' - -module PoiseJavascript - class Error < PoiseLanguages::Error - end +selinux_state 'enforcing' do + automatic_reboot true + action :enforcing end diff --git a/cookbooks/application_git/files/halite_gem/poise_application_git/version.rb b/cookbooks/selinux/recipes/permissive.rb similarity index 72% rename from cookbooks/application_git/files/halite_gem/poise_application_git/version.rb rename to cookbooks/selinux/recipes/permissive.rb index 0a67268..3edba4a 100644 --- a/cookbooks/application_git/files/halite_gem/poise_application_git/version.rb +++ b/cookbooks/selinux/recipes/permissive.rb @@ -1,11 +1,12 @@ # -# Copyright 2015-2016, Noah Kantrowitz +# Cookbook:: selinux +# Recipe:: permissive # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -14,7 +15,9 @@ # limitations under the License. # +selinux_install 'selinux' -module PoiseApplicationGit - VERSION = '1.1.0' +selinux_state 'permissive' do + automatic_reboot true + action :permissive end diff --git a/cookbooks/selinux/renovate.json b/cookbooks/selinux/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/selinux/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/selinux/resources/boolean.rb b/cookbooks/selinux/resources/boolean.rb new file mode 100644 index 0000000..b55cff1 --- /dev/null +++ b/cookbooks/selinux/resources/boolean.rb @@ -0,0 +1,56 @@ +# +# Cookbook:: selinux +# Resource:: boolean +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :boolean, String, + name_property: true, + description: 'SELinux boolean to set' + +property :value, [Integer, String, true, false], + required: true, + equal_to: %w(on off), + coerce: proc { |p| ::SELinux::Cookbook::BooleanHelpers.selinux_bool(p) }, + description: 'SELinux boolean value' + +property :persistent, [true, false], + default: true, + desired_state: false, + description: 'Set to true for value setting to survive reboot' + +load_current_value do |new_resource| + value shell_out!("getsebool #{new_resource.boolean}").stdout.split('-->').map(&:strip).last +end + +action_class do + include ::SELinux::Cookbook::StateHelpers +end + +action :set do + if selinux_disabled? + Chef::Log.warn("Unable to set SELinux boolean #{new_resource.name} as SELinux is disabled") + return + end + + converge_if_changed do + cmd = 'setsebool' + cmd += ' -P' if new_resource.persistent + cmd += " #{new_resource.boolean} #{new_resource.value}" + + shell_out!(cmd) + end +end diff --git a/cookbooks/selinux/resources/fcontext.rb b/cookbooks/selinux/resources/fcontext.rb new file mode 100644 index 0000000..9efbbbb --- /dev/null +++ b/cookbooks/selinux/resources/fcontext.rb @@ -0,0 +1,132 @@ +# +# Cookbook:: selinux +# Resource:: fcontext +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :file_spec, String, + name_property: true, + description: 'Path to or regex matching the files or directoriesto label' + +property :secontext, String, + required: %i(add modify manage), + description: 'SELinux context to assign' + +property :file_type, String, + default: 'a', + equal_to: %w(a f d c b s l p), + description: 'The type of the file being labeled' + +action_class do + include ::SELinux::Cookbook::StateHelpers + + def current_file_context + file_hash = { + 'a' => 'all files', + 'f' => 'regular file', + 'd' => 'directory', + 'c' => 'character device', + 'b' => 'block device', + 's' => 'socket', + 'l' => 'symbolic link', + 'p' => 'named pipe', + } + + contexts = shell_out!('semanage fcontext -l').stdout.split("\n") + # pull out file label from user:role:type:level context string + contexts.grep(/^#{Regexp.escape(new_resource.file_spec)}\s+#{file_hash[new_resource.file_type]}/) do |c| + c.match(/.+ (?.+):(?.+):(?.+):(?.+)$/)[:type] + # match returns ['foo'] or [], shift converts that to 'foo' or nil + end.shift + end + + # Run restorecon to fix label + # https://github.com/sous-chefs/selinux_policy/pull/72#issuecomment-338718721 + def relabel_files + spec = new_resource.file_spec + escaped = Regexp.escape spec + + # find common path between regex and string + common = if spec == escaped + spec + else + index = spec.size.times { |i| break i if spec[i] != escaped[i] } + ::File.dirname spec[0...index] + end + + # if path is not absolute, ignore it and search everything + common = '/' if common[0] != '/' + + if ::File.exist? common + shell_out!("find #{common.shellescape} -ignore_readdir_race -regextype posix-egrep -regex #{spec.shellescape} -prune -print0 | xargs -0 restorecon -iRv") + end + end +end + +action :manage do + run_action(:add) + run_action(:modify) +end + +action :addormodify do + Chef::Log.warn('The :addormodify action for selinux_fcontext is deprecated and will be removed in a future release. Use the :manage action instead.') + run_action(:manage) +end + +# Create if doesn't exist, do not touch if fcontext is already registered +action :add do + if selinux_disabled? + Chef::Log.warn("Unable to add SELinux fcontext #{new_resource.name} as SELinux is disabled") + return + end + + unless current_file_context + converge_by "adding label #{new_resource.secontext} to #{new_resource.file_spec}" do + shell_out!("semanage fcontext -a -f #{new_resource.file_type} -t #{new_resource.secontext} '#{new_resource.file_spec}'") + relabel_files + end + end +end + +# Only modify if fcontext exists & doesn't have the correct label already +action :modify do + if selinux_disabled? + Chef::Log.warn("Unable to modify SELinux fcontext #{new_resource.name} as SELinux is disabled") + return + end + + if current_file_context && current_file_context != new_resource.secontext + converge_by "modifying label #{new_resource.secontext} to #{new_resource.file_spec}" do + shell_out!("semanage fcontext -m -f #{new_resource.file_type} -t #{new_resource.secontext} '#{new_resource.file_spec}'") + relabel_files + end + end +end + +# Delete if exists +action :delete do + if selinux_disabled? + Chef::Log.warn("Unable to delete SELinux fcontext #{new_resource.name} as SELinux is disabled") + return + end + + if current_file_context + converge_by "deleting label for #{new_resource.file_spec}" do + shell_out!("semanage fcontext -d -f #{new_resource.file_type} '#{new_resource.file_spec}'") + relabel_files + end + end +end diff --git a/cookbooks/selinux/resources/install.rb b/cookbooks/selinux/resources/install.rb new file mode 100644 index 0000000..9bb195c --- /dev/null +++ b/cookbooks/selinux/resources/install.rb @@ -0,0 +1,56 @@ +# +# Cookbook:: selinux +# Resource:: install +# +# Copyright:: 2016-2023, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +unified_mode true + +include ::SELinux::Cookbook::InstallHelpers + +property :packages, [String, Array], + default: lazy { default_install_packages }, + description: 'SELinux packages for system' + +action_class do + def do_package_action(action) + # friendly message for unsupported platforms + raise "The platform #{node['platform']} is not currently supported by the `selinux_install` resource. Please file an issue at https://github.com/sous-chefs/selinux/issues/new with details on the platform this cookbook is running on." if new_resource.packages.nil? + + apt_update 'selinux' if platform_family?('debian') + + package 'selinux' do + package_name new_resource.packages + action action + end + end +end + +action :install do + do_package_action(action) + + directory '/etc/selinux' do + owner 'root' + group 'root' + mode '0755' + action :create + end +end + +%i(upgrade remove).each do |a| + action a do + do_package_action(a) + end +end diff --git a/cookbooks/selinux/resources/login.rb b/cookbooks/selinux/resources/login.rb new file mode 100644 index 0000000..52b160b --- /dev/null +++ b/cookbooks/selinux/resources/login.rb @@ -0,0 +1,88 @@ +# +# Cookbook:: selinux +# Resource:: login +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :login, String, + name_property: true, + description: 'OS user login' + +property :user, String, + description: 'SELinux user' + +property :range, String, + description: 'MLS/MCS security range for the login' + +load_current_value do |new_resource| + logins = shell_out!('semanage login -l').stdout.split("\n") + + current_login = logins.grep(/^#{Regexp.escape(new_resource.login)}\s+/) do |l| + l.match(/^(?[^\s]+)\s+(?[^\s]+)\s+(?[^\s]+)/) + # match returns [] or [], shift converts that to or nil + end.shift + + current_value_does_not_exist! unless current_login + + # Existing resources should maintain their current configuration unless otherwise specified + new_resource.user ||= current_login[:user] + new_resource.range ||= current_login[:range] + + user current_login[:user] + range current_login[:range] +end + +action_class do + def semanage_login_args + args = '' + + args += " -s #{new_resource.user}" if new_resource.user + args += " -r #{new_resource.range}" if new_resource.range + + args + end +end + +action :manage do + run_action(:add) + run_action(:modify) +end + +action :add do + raise 'The user property must be populated to create a new SELinux login' unless new_resource.user + + unless current_resource + converge_if_changed do + shell_out!("semanage login -a#{semanage_login_args} #{new_resource.login}") + end + end +end + +action :modify do + if current_resource + converge_if_changed do + shell_out!("semanage login -m#{semanage_login_args} #{new_resource.login}") + end + end +end + +action :delete do + if current_resource + converge_by "deleting SELinux login #{new_resource.login}" do + shell_out!("semanage login -d #{new_resource.login}") + end + end +end diff --git a/cookbooks/selinux/resources/module.rb b/cookbooks/selinux/resources/module.rb new file mode 100644 index 0000000..3ac55ef --- /dev/null +++ b/cookbooks/selinux/resources/module.rb @@ -0,0 +1,125 @@ +# +# Cookbook:: selinux +# Resource:: module +# +# Copyright:: 2016-2023, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +unified_mode true + +property :module_name, String, + name_property: true, + description: 'Override the module name' + +property :source, String, + description: 'Module source file name' + +property :content, String, + description: 'Module source as String' + +property :cookbook, String, + default: lazy { cookbook_name }, + description: 'Cookbook to source from module source file from' + +property :base_dir, String, + default: '/etc/selinux/local', + description: 'Directory to create module source file in' + +action_class do + def selinux_module_filepath(type) + path = ::File.join(new_resource.base_dir, "#{new_resource.module_name}") + path.concat(".#{type}") if type + end + + def list_installed_modules + shell_out!('semodule --list-modules').stdout.split("\n").map { |x| x.split(/\s/).first } + end +end + +action :create do + directory new_resource.base_dir + + if property_is_set?(:content) + file selinux_module_filepath('te') do + content new_resource.content + + mode '0600' + owner 'root' + group 'root' + + action :create + + notifies :run, "execute[Compiling SELinux modules at '#{new_resource.base_dir}']", :immediately + end + else + cookbook_file selinux_module_filepath('te') do + cookbook new_resource.cookbook + source new_resource.source + + mode '0600' + owner 'root' + group 'root' + + action :create + + notifies :run, "execute[Compiling SELinux modules at '#{new_resource.base_dir}']", :immediately + end + end + + execute "Compiling SELinux modules at '#{new_resource.base_dir}'" do + cwd new_resource.base_dir + command "make -C #{new_resource.base_dir} -f /usr/share/selinux/devel/Makefile" + timeout 120 + user 'root' + + action :nothing + + notifies :run, "execute[Install SELinux module '#{selinux_module_filepath('pp')}']", :immediately + end + + raise "Compilation must have failed, no 'pp' file found at: '#{selinux_module_filepath('pp')}'" unless ::File.exist?(selinux_module_filepath('pp')) + + execute "Install SELinux module '#{selinux_module_filepath('pp')}'" do + command "semodule --install '#{selinux_module_filepath('pp')}'" + action :nothing + end +end + +action :delete do + %w(fc if pp te).each do |type| + next unless ::File.exist?(selinux_module_filepath(type)) + + file selinux_module_filepath(type) do + action :delete + end + end +end + +action :install do + raise "Module must be compiled before it can be installed, no 'pp' file found at: '#{selinux_module_filepath('pp')}'" unless ::File.exist?(selinux_module_filepath('pp')) + + unless list_installed_modules.include? new_resource.module_name + converge_by "Install SELinux module #{selinux_module_filepath('pp')}" do + shell_out!("semodule --install '#{selinux_module_filepath('pp')}'") + end + end +end + +action :remove do + if list_installed_modules.include? new_resource.module_name + converge_by "Remove SELinux module #{new_resource.module_name}" do + shell_out!("semodule --remove '#{new_resource.module_name}'") + end + end +end diff --git a/cookbooks/selinux/resources/permissive.rb b/cookbooks/selinux/resources/permissive.rb new file mode 100644 index 0000000..161b02c --- /dev/null +++ b/cookbooks/selinux/resources/permissive.rb @@ -0,0 +1,46 @@ +# +# Cookbook:: selinux +# Resource:: permissive +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :context, String, + name_property: true, + description: 'The SELinux context to permit' + +action_class do + def current_permissives + shell_out!('semanage permissive -ln').stdout.split("\n") + end +end + +# Create if doesn't exist, do not touch if permissive is already registered (even under different type) +action :add do + unless current_permissives.include? new_resource.context + converge_by "adding permissive context #{new_resource.context}" do + shell_out!("semanage permissive -a '#{new_resource.context}'") + end + end +end + +# Delete if exists +action :delete do + if current_permissives.include? new_resource.context + converge_by "deleting permissive context #{new_resource.context}" do + shell_out!("semanage permissive -d '#{new_resource.context}'") + end + end +end diff --git a/cookbooks/selinux/resources/port.rb b/cookbooks/selinux/resources/port.rb new file mode 100644 index 0000000..987c081 --- /dev/null +++ b/cookbooks/selinux/resources/port.rb @@ -0,0 +1,98 @@ +# +# Cookbook:: selinux +# Resource:: port +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :port, [Integer, String], + name_property: true, + regex: /^\d+$/, + description: 'Port to modify' + +property :protocol, String, + equal_to: %w(tcp udp), + required: %i(manage add modify), + description: 'Protocol to modify' + +property :secontext, String, + required: %i(manage add modify), + description: 'SELinux context to assign to the port' + +action_class do + include ::SELinux::Cookbook::StateHelpers + + def current_port_context + # use awk to see if the given port is within a reported port range + shell_out!( + <<~CMD + seinfo --portcon=#{new_resource.port} | grep 'portcon #{new_resource.protocol}' | \ + awk -F: '$(NF-1) !~ /reserved_port_t$/ && $(NF-3) !~ /[0-9]*-[0-9]*/ {print $(NF-1)}' + CMD + ).stdout.split + end +end + +action :manage do + run_action(:add) + run_action(:modify) +end + +action :addormodify do + Chef::Log.warn('The :addormodify action for selinux_port is deprecated and will be removed in a future release. Use the :manage action instead.') + run_action(:manage) +end + +# Create if doesn't exist, do not touch if port is already registered (even under different type) +action :add do + if selinux_disabled? + Chef::Log.warn("Unable to add SELinux port #{new_resource.name} as SELinux is disabled") + return + end + + if current_port_context.empty? + converge_by "Adding context #{new_resource.secontext} to port #{new_resource.port}/#{new_resource.protocol}" do + shell_out!("semanage port -a -t '#{new_resource.secontext}' -p #{new_resource.protocol} #{new_resource.port}") + end + end +end + +# Only modify port if it exists & doesn't have the correct context already +action :modify do + if selinux_disabled? + Chef::Log.warn("Unable to modify SELinux port #{new_resource.name} as SELinux is disabled") + return + end + + if !current_port_context.empty? && !current_port_context.include?(new_resource.secontext) + converge_by "Modifying context #{new_resource.secontext} to port #{new_resource.port}/#{new_resource.protocol}" do + shell_out!("semanage port -m -t '#{new_resource.secontext}' -p #{new_resource.protocol} #{new_resource.port}") + end + end +end + +# Delete if exists +action :delete do + if selinux_disabled? + Chef::Log.warn("Unable to delete SELinux port #{new_resource.name} as SELinux is disabled") + return + end + + unless current_port_context.empty? + converge_by "Deleting context from port #{new_resource.port}/#{new_resource.protocol}" do + shell_out!("semanage port -d -p #{new_resource.protocol} #{new_resource.port}") + end + end +end diff --git a/cookbooks/selinux/resources/state.rb b/cookbooks/selinux/resources/state.rb new file mode 100644 index 0000000..36dee12 --- /dev/null +++ b/cookbooks/selinux/resources/state.rb @@ -0,0 +1,114 @@ +# +# Cookbook:: selinux +# Resource:: state +# +# Copyright:: 2016-2023, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +unified_mode true + +include ::SELinux::Cookbook::StateHelpers + +default_action :nothing + +property :config_file, String, + default: '/etc/selinux/config' + +property :persistent, [true, false], + default: true, + description: 'Persist status update to the selinux configuration file' + +property :policy, String, + default: lazy { default_policy_platform }, + equal_to: %w(default minimum mls src strict targeted), + description: 'SELinux policy type' + +property :automatic_reboot, [true, false, Symbol], + default: false, + description: 'Perform an automatic node reboot if required for state change' + +deprecated_property_alias 'temporary', 'persistent', 'The temporary property was renamed persistent in the 4.0 release of this cookbook. Please update your cookbooks to use the new property name.' + +action_class do + include ::SELinux::Cookbook::StateHelpers + + def render_selinux_template(action) + Chef::Log.warn( + 'It is advised to set the configuration first to permissive to relabel the filesystem prior to enforcing.' + ) if selinux_disabled? && action == :enforcing + + unless new_resource.automatic_reboot + Chef::Log.warn('Changes from disabled require a reboot.') if selinux_disabled? && %i(enforcing permissive).include?(action) + Chef::Log.warn('Disabling selinux requires a reboot.') if (selinux_enforcing? || selinux_permissive?) && action == :disabled + end + + template "#{action} selinux config" do + path new_resource.config_file + source 'selinux.erb' + cookbook 'selinux' + variables( + selinux: action.to_s, + selinuxtype: new_resource.policy + ) + end + end + + def node_selinux_restart + unless new_resource.automatic_reboot + Chef::Log.warn("SELinux state change to #{action} requires a manual reboot as SELinux is currently #{selinux_state} and automatic reboots are disabled.") + return + end + + outer_action = action + reboot 'selinux_state_change' do + delay_mins 1 + reason "SELinux state change to #{outer_action} from #{selinux_state}" + + action new_resource.automatic_reboot.is_a?(Symbol) ? new_resource.automatic_reboot : :reboot_now + end + end +end + +action :enforcing do + execute 'selinux-setenforce-enforcing' do + command '/usr/sbin/setenforce 1' + end unless selinux_disabled? || selinux_enforcing? + + execute 'debian-selinux-activate' do + command selinux_activate_cmd + end if selinux_activate_required? + + render_selinux_template(action) if new_resource.persistent + node_selinux_restart if state_change_reboot_required? +end + +action :permissive do + execute 'selinux-setenforce-permissive' do + command '/usr/sbin/setenforce 0' + end unless selinux_disabled? || selinux_permissive? + + execute 'debian-selinux-activate' do + command selinux_activate_cmd + end if selinux_activate_required? + + render_selinux_template(action) if new_resource.persistent + node_selinux_restart if state_change_reboot_required? +end + +action :disabled do + raise 'A non-persistent change to the disabled SELinux status is not possible.' unless new_resource.persistent + + render_selinux_template(action) + node_selinux_restart if state_change_reboot_required? +end diff --git a/cookbooks/selinux/resources/user.rb b/cookbooks/selinux/resources/user.rb new file mode 100644 index 0000000..03e5ee0 --- /dev/null +++ b/cookbooks/selinux/resources/user.rb @@ -0,0 +1,95 @@ +# +# Cookbook:: selinux +# Resource:: user +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :user, String, + name_property: true, + description: 'SELinux user' + +property :level, String, + description: 'MLS/MCS security level for the user' + +property :range, String, + description: 'MLS/MCS security range for the user' + +property :roles, Array, + description: 'SELinux roles for the user' + +load_current_value do |new_resource| + users = shell_out!('semanage user -l').stdout.split("\n") + + current_user = users.grep(/^#{Regexp.escape(new_resource.user)}\s+/) do |u| + u.match(/^(?[^\s]+)\s+(?[^\s]+)\s+(?[^\s]+)\s+(?[^\s]+)\s+(?.*)$/) + # match returns [] or [], shift converts that to or nil + end.shift + + current_value_does_not_exist! unless current_user + + # Existing resources should maintain their current configuration unless otherwise specified + new_resource.level ||= current_user[:level] + new_resource.range ||= current_user[:range] + new_resource.roles ||= current_user[:roles].to_s.split + new_resource.roles = new_resource.roles.sort + + level current_user[:level] + range current_user[:range] + roles current_user[:roles].to_s.split.sort +end + +action_class do + def semanage_user_args + args = '' + + args += " -L #{new_resource.level}" if new_resource.level + args += " -r #{new_resource.range}" if new_resource.range + args += " -R '#{new_resource.roles.join(' ')}'" unless new_resource.roles.to_a.empty? + + args + end +end + +action :manage do + run_action(:add) + run_action(:modify) +end + +action :add do + raise 'The roles property must be populated to create a new SELinux user' if new_resource.roles.to_a.empty? + + unless current_resource + converge_if_changed do + shell_out!("semanage user -a#{semanage_user_args} #{new_resource.user}") + end + end +end + +action :modify do + if current_resource + converge_if_changed do + shell_out!("semanage user -m#{semanage_user_args} #{new_resource.user}") + end + end +end + +action :delete do + if current_resource + converge_by "deleting SELinux user #{new_resource.user}" do + shell_out!("semanage user -d #{new_resource.user}") + end + end +end diff --git a/cookbooks/selinux/templates/debian/selinux.erb b/cookbooks/selinux/templates/debian/selinux.erb new file mode 100644 index 0000000..7a403b6 --- /dev/null +++ b/cookbooks/selinux/templates/debian/selinux.erb @@ -0,0 +1,18 @@ +# Generated by Chef for <%= node['fqdn'] %> +# Do NOT modify this file by hand. +# + +# This file controls the state of SELinux on the system. +# SELINUX= can take one of these three values: +# enforcing - SELinux security policy is enforced. +# permissive - SELinux prints warnings instead of enforcing. +# disabled - No SELinux policy is loaded. +SELINUX=<%= @selinux %> +# SELINUXTYPE= can take one of these three values: +# default - equivalent to the old strict and targeted policies +# mls - Multi-Level Security (for military and educational use) +# src - Custom policy built from source +SELINUXTYPE=<%= @selinuxtype %> + +# SETLOCALDEFS= Check local definition changes +SETLOCALDEFS=0 diff --git a/cookbooks/selinux/templates/default/selinux.erb b/cookbooks/selinux/templates/default/selinux.erb new file mode 100644 index 0000000..e1c84d8 --- /dev/null +++ b/cookbooks/selinux/templates/default/selinux.erb @@ -0,0 +1,15 @@ +# Generated by Chef for <%= node['fqdn'] %> +# Do NOT modify this file by hand. +# + +# This file controls the state of SELinux on the system. +# SELINUX= can take one of these three values: +# enforcing - SELinux security policy is enforced. +# permissive - SELinux prints warnings instead of enforcing. +# disabled - No SELinux policy is loaded. +SELINUX=<%= @selinux %> +# SELINUXTYPE= can take one of these three values: +# targeted - Targeted processes are protected, +# minimum - Modification of targeted policy. Only selected processes are protected. +# mls - Multi Level Security protection. +SELINUXTYPE=<%= @selinuxtype %> diff --git a/cookbooks/selinux_policy/CHANGELOG.md b/cookbooks/selinux_policy/CHANGELOG.md deleted file mode 100644 index 08a5048..0000000 --- a/cookbooks/selinux_policy/CHANGELOG.md +++ /dev/null @@ -1,221 +0,0 @@ -# selinux_policy CHANGELOG - -This file is used to changes made in each version of the selinux_policy cookbook. - -## 2.4.3 (2020-08-07) - -- Ship the correct license file since this cookbook was relicensed - [@tas50](https://github.com/tas50) -- Update testing configs - [@tas50](https://github.com/tas50) -- Update the maintainer to be Chef Software - [@tas50](https://github.com/tas50) - -## 2.4.2 (2020-08-07) - -- Make sure the `setpersist` action runs by default not `set` to match the docs. - -## 2.4.1 - 2020-05-14 - -- resolved cookstyle error: resources/module.rb:26:35 convention: `Layout/TrailingWhitespace` -- resolved cookstyle error: resources/module.rb:26:36 refactor: `ChefModernize/FoodcriticComments` - -## [2.4.0] - 2020-02-13 - -- Fix port_defined helper function for Centos 8 compatibility -- Test fixes - -## [2.3.6] - 2020-01-26 - -- Fix issue on use_selinux function -- Migrate to github actions -- Resolved ChefStyle/ImmediateNotificationTiming: Use :immediately instead of :immediate for resource notification timing notifies - -## [2.3.5] - 2019-02-15 - -- Fix resource failure in permissive.rb Caused by [#96](https://github.com/sous-chefs/selinux_policy/pull/96) -- Migrated testing to circleci - -## [2.3.4] - 2019-02-07 - -- Fix `shell_out` to use an actual shell. Caused by [#88](https://github.com/sous-chefs/selinux_policy/issues/88) - -## [2.3.3] - 2019-02-06 - -- Perform relabel (restorecon) using xargs while still supporting regexes. Fixes [#88](https://github.com/sous-chefs/selinux_policy/issues/88) - -## [2.3.2] - 2018-11-29 - -- Cache which helper method calls - -## [2.3.1] - 2018-11-29 - -- Use `chef/mixin/which` to locate selinux binaries. Fixes [#85](https://github.com/sous-chefs/selinux_policy/issues/85) & [#93](https://github.com/sous-chefs/selinux_policy/issues/93) - -## [2.3.0] - 2018-11-27 - -- Further fixes for the earlier refactoring -- Repair CI jobs - -## [2.2.0] - 2018-11-21 - -- Large refactoring to helpers and resources -- Add RHEL-8 packages - -## [2.1.0] - 2018-04-12 - -- Port definition methods to check for already defined ports -- Cleanup resource cloning -- Deprecate support for Chef 12.x now it's EOL -- Fix Foodcritic warnings & update test platforms - -## 2.0.1 - 2017-04-21 - -- Perform relabel (restorecon) using find to support regexes - -## 2.0.0 - 2017-02-23 - -- This cookbook has been moved to the Sous Chefs org. See sous-chefs.org for more information -- Require Chef 12.1 or later -- Use compat_resource instead of requiring yum -- Don't install yum::dnf_yum_compat on Fedora since Chef has DNF support now -- Don't define attributes in the metadata as these aren't used -- Remove the Vagrantfile -- Add chef_version requirements to the metadata -- Test with ChefDK / Rake in Travis instead of gems -- Resolve Foodcritic, Cookstyle, and Chefspec warnings - -## 1.1.1 - -- [7307850] (Adam Ward) Silence fcontext guard output -- [ad71437] (nitz) Restorecon is now done via shell_out -- [fa30813] (James Le Cuirot) Change yum dependency to ~> 4.0 -- [cd9a8da] (nitz) Removed selinux enforcing from kitchen, unified runlists - -## 1.1.0 - -- [daften] Added `file_type` for fcontext - -## 1.0.1 - -- [backslasher] - Foodcritic and rubocop improvements - -## 1.0.0 - -- [equick] - Validating ports better -- [backslasher] - FContext relabling for flies is now immediate. (Possibly breaking) -- [backslasher] - testing made slightly more elegant - -## 0.9.6 - -- [jhmartin] - Updated README -- [backslasher] - Major revision of testing - -## 0.9.5 - -- [backslasher] - Modified yum dependency - -## 0.9.4 - -- [mhorbul] - Fixed state detection in boolean resource - -## 0.9.3 - -- [backlsasher] - Fixed testing & kitchen -- [jbartko] - Added Fedora support - -## 0.9.2 - -- [backslasher] - Ignoring nonexisting files in restorecon - -## 0.9.1 - -- [backslasher] - Fixed issue with module being partially executed on machines with SELinux disabled - -## 0.9.0 - -- [backslasher] - module overhaul: code refactoring, supporting new input, testing, new actions -- [backslasher] - fcontext overhaul: code refactoring, testing, new action - -**Note**: I don't think I have any breaking changes here. If there are, I apologise and request that you create an issue with a test recipe that fails on the problem (so I can reproduce) - -## 0.8.1 - -- [backslasher] - Added Travis CI harness -- [backslasher] - Fixed typo in README - -## 0.8.0 - -- [backslasher] - Test overhaul. Now testing is somewhat reliable when using ports -- [backslasher] - Port search is a function -- [backslasher] - Port detection now supports ranges. No possibility to add ranges (yet) - -## 0.7.2 - -- [shortdudey123] - ChefSpec matchers, helps testing - -## 0.7.1 - -- [backslasher] - Forgot contributor - -## 0.7.0 - -- [chewi] - Fixed prereq packages -- [backslasher] - Modified misleading comment -- [chewi] - Move helpers into a cookbook-specific module -- [chewi] - Prevent use_selinux from blowing up on systems without getenforce - -## 0.6.5 - -- [backslasher] - Ubuntu installation warning - -## 0.6.4 - -- [sauraus] - CentOS 7 support -- [sauraus] - Typos - -## 0.6.3 - -- [backslasher] - Readme updates -- [kevans] - Added kitchen testing - -## 0.6.2 - -- [kevans] - Support Chef 11.8.0 running shellout!() -- [backslasher] - Simplified support info -- [backslasher] - ASCIIed files - -## 0.6.1 - -- [backslasher] - Migrated to `only_if` instead of if -- [backslasher] - README typos - -## 0.6.0 - -- [joerg] - Added fcontext resource for managing file contexts under SELinux - -## 0.5.0 - -- [backslasher] - Added RHEL5/derivatives support. Thanks to @knightorc. -- **Cookbook will break on RHEL7\. If anyone experiences this, please check required packages and create an issue/PR** -- [backslasher] - Machines without SELinux are (opionally) supported. Thanks to @knightroc. - -## 0.4.0 - -- [backlasher] - Fixed foodcritic errors - -## 0.3.0 - -- [backlasher] - Fixed `install.rb` syntax. Now it actually works - -## 0.2.0 - -- [backlasher] - Added module resource. Currently supports deployment and removal (because that's what I need) -- [backlasher] - Added permissive resource - -## 0.1.0 - -- [backlasher] - Initial release of selinuxpolicy - -[2.3.2]: https://github.com/sous-chefs/selinux_policy/compare/v2.3.1...v2.3.2 -[2.3.1]: https://github.com/sous-chefs/selinux_policy/compare/v2.3.0...v2.3.1 -[2.3.0]: https://github.com/sous-chefs/selinux_policy/compare/v2.2.0...v2.3.0 -[2.2.0]: https://github.com/sous-chefs/selinux_policy/compare/v2.1.0...v2.2.0 -[2.1.0]: https://github.com/sous-chefs/selinux_policy/compare/v2.0.1...v2.1.0 diff --git a/cookbooks/selinux_policy/CONTRIBUTING.md b/cookbooks/selinux_policy/CONTRIBUTING.md deleted file mode 100644 index a946aea..0000000 --- a/cookbooks/selinux_policy/CONTRIBUTING.md +++ /dev/null @@ -1,4 +0,0 @@ -# Contributing - -Please refer to -[https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) diff --git a/cookbooks/selinux_policy/README.md b/cookbooks/selinux_policy/README.md deleted file mode 100644 index 73587db..0000000 --- a/cookbooks/selinux_policy/README.md +++ /dev/null @@ -1,209 +0,0 @@ -# selinux_policy Cookbook - -[![Cookbook Version](https://img.shields.io/cookbook/v/selinux_policy.svg)](https://supermarket.chef.io/cookbooks/selinux_policy) -[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) - -This cookbook can be used to manage SELinux policies and components (rather than just enable / disable enforcing). I made it because I needed some SELinux settings done, and the `execute`s started to look annoying. - -## Requirements - -Needs an SELinux policy active (so its values can be managed). Can work with a disabled SELinux system (see attribute `allow_disabled`), which will generate warnings and do nothing (but won't break the run). Also requires SELinux's management tools, namely `semanage`, `setsebool` and `getsebool`. Tools are installed by the `selinux_policy::install` recipe (for RHEL/Debian and the like). - -### Chef Infra Client - -- 13 or later - -### Platforms - -- rhel -- fedora - -## Attributes - -These attributes affect the way all of the resource behave. - -- `node['selinux_policy']['allow_disabled']` - Whether to allow runs when SELinux is disabled. Will generate warnings, but the run won't fail. Defaults to `true`, set to `false` if you don't have any machines with disabled SELinux. - -## Usage - -- `selinux_policy::install` - Installs SELinux policy management tools - -This cookbook's functionality is exposed via resources, so it should be called from a wrapper cookbook. Remember to add `depends 'selinux_policy'` to your `metadata.rb`. - -### boolean - -Represents an SELinux [boolean](http://wiki.gentoo.org/wiki/SELinux/Tutorials/Using_SELinux_booleans). You can either `set` it, meaning it will be changed without persistence (it will revert to default in the next reboot), or `setpersist` it (default action), so it'll keep it value after rebooting. Using `setpersist` requires an active policy (so that the new value can be saved somewhere). - -Properties: - -- `name`: boolean's name. Defaults to resource name. -- `value`: Its new value (`true`/`false`). -- `force`: Use `setsebool` even if the current value agrees with the requested one. - -Example usage: - -```ruby -include_recipe 'selinux_policy::install' - -selinux_policy_boolean 'httpd_can_network_connect' do - value true - # Make sure nginx is started if this value was modified - notifies :start,'service[nginx]', :immediate -end -``` - -**Note**: Due to ruby interperting `0` as `true`, using `value 0` is unwise. - -### port - -Allows assigning a network port to a certain SELinux context. As explained [here](http://wiki.centos.org/HowTos/SELinux#head-ad837f60830442ae77a81aedd10c20305a811388), it can be useful for running Apache on a non-standard port. - -Actions: - -- `addormodify` (default): Assigns the port to the right context, whether it's already listed another context or not at all. -- `add`: Assigns the port to the right context it's if not listed (only uses `-a`). -- `modify`: Changes the port's context if it's already listed (only uses `-m`). -- `delete`: Removes the port's context if it's listed (uses `-d`). - -Properties: - -- `port`: The port in question, defaults to resource name. -- `protocol`: `tcp`/`udp`. -- `secontext`: The SELinux context to assign the port to. Unnecessary when using `delete`. - -Example usage: - -```ruby -include_recipe 'selinux_policy::install' - -# Allow nginx to bind to port 5678, by giving it the http_port_t context -selinux_policy_port '5678' do - protocol 'tcp' - secontext 'http_port_t' -end -``` - -### module - -Manages SEModules - -Actions: - -- `fetch`: Prepares the module's files for compilation. Allow `remote_directory`-like behavior -- `compile`: Translates a module source directory into a `NAME.pp` file. Uses `make` logic for idempotence. -- `install`: Adds a compiled module (`pp`) to the current policy. Only installs if the module was modified this run, `force` is enabled or it's missing from the current policy. **Note:** I wish I could compare the existing module to the one generated, but the `extract` capability was only added in [Aug 15](https://github.com/SELinuxProject/selinux/commit/65c6325271b54d3de9c17352a57d469dfbd12729). I'll be happy to see a better idea. -- `deploy` (default): Runs `fetch`, `compile`, `install` in that order. -- `remove`: Removes a module. - -Properties: - -- `name`: The module name. Defaults to resource name. -- `directory`: Directory where module is stored. Defaults to a directory inside the Chef cache. -- `content`: The module content, can be extracted from `audit2allow -m NAME`. This can be used to create simple modules without using external files. -- `directory_source`: Copies files cookbook to the module directory (uses `remote_directory`). Allows keeping all of the module's source files in the cookbook. **Note:** You can pre-create the module directory and populate it in any other way you'd choose. -- `cookbook`: Modifies the source cookbook for the `remote_directory`. -- `force`: Installs the module even if it seems fine. Ruins idempotence but should help solve some weird cases. - -Example usage: - -```ruby -include_recipe 'selinux_policy::install' - -# Allow openvpn to write/delete in '/etc/openvpn' -selinux_policy_module 'openvpn-googleauthenticator' do - content <<-eos - module dy-openvpn-googleauthenticator 1.0; - - require { - type openvpn_t; - type openvpn_etc_t; - class file { write unlink }; - } - - - #============= openvpn_t ============== - allow openvpn_t openvpn_etc_t:file { write unlink }; - eos - action :deploy -end -``` - -### fcontext - -Allows managing the SELinux context of files. This can be used to grant SELinux-protected daemons access to additional / moved files. - -Actions: - -- `addormodify` (default): Assigns the file regexp to the right context, whether it's already listed another context or not at all. -- `add`: Assigns the file regexp to the right context it's if not listed (only uses -a). -- `modify`: Changes the file regexp context if it's already listed (only uses -m). -- `delete`: Removes the file regexp context if it's listed (uses -d). - -Properties: - -- `file_spec`: This is the file regexp in question, defaults to resource name. -- `secontext`: The SELinux context to assign the file regexp to. Not required for `:delete` -- `file_type`: Restrict the fcontext to specific file types. See the table below for an overview. See also for more info -- **a** All files -- **f** Regular files -- **d** Directory -- **c** Character device -- **b** Block device -- **s** Socket -- **l** Symbolic link -- **p** Namedpipe - -Example usage (see mysql cookbook for example daemons ): - -```ruby -include_recipe 'selinux_policy::install' - -# Allow http servers (nginx/apache) to modify moodle files -selinux_policy_fcontext '/var/www/moodle(/.*)?' do - secontext 'httpd_sys_rw_content_t' -end - -# Allow a custom mysql daemon to access its files. -{'mysqld_etc_t' => "/etc/mysql-#{service_name}(/.*)?", -'mysqld_etc_t' => "/etc/mysql-#{service_name}/my\.cnf", -'mysqld_log_t' => "/var/log/mysql-#{service_name}(/.*)?", -'mysqld_db_t' => "/opt/mysql_data_#{service_name}(/.*)?", -'mysqld_var_run_t' => "/var/run/mysql-#{service_name}(/.*)?", -'mysqld_initrc_exec_t' => "/etc/rc\.d/init\.d/mysql-#{service_name}"}.each do |sc, f| - selinux_policy_fcontext f do - secontext sc - end -end - -# Adapt a symbolic link -selinux_policy_fcontext '/var/www/symlink_to_webroot' do - secontext 'httpd_sys_rw_content_t' - filetype 'l' -end -``` - -### permissive - -Allows some types to misbehave without stopping them. Not as good as specific policies, but better than disabling SELinux entirely. - -Actions: - -- `add`: Adds a permissive, unless it's already added -- `delete`: Deletes a permissive if it's listed - -Example usage: - -```ruby -include_recipe 'selinux_policy::install' - -# Disable enforcement on Nginx -# As described on http://nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/ - -selinux_policy_permissive 'nginx' do - notifies :restart, 'service[nginx]' -end -``` - -## Original Author - -[Nitzan Raz](https://github.com/BackSlasher) ([backslasher](http://backslasher.net)) \ No newline at end of file diff --git a/cookbooks/selinux_policy/libraries/helpers.rb b/cookbooks/selinux_policy/libraries/helpers.rb deleted file mode 100644 index cf163c5..0000000 --- a/cookbooks/selinux_policy/libraries/helpers.rb +++ /dev/null @@ -1,108 +0,0 @@ -class Chef - module SELinuxPolicy - module Helpers - require 'chef/mixin/shell_out' - include Chef::Mixin::ShellOut - # Checks if SELinux is disabled or otherwise unavailable and - # whether we're allowed to run when disabled - def use_selinux(allow_disabled) - begin - getenforce = shell_out!(getenforce_cmd) - rescue - selinux_disabled = true - else - selinux_disabled = getenforce.stdout =~ /disabled/i - end - - # return false only when SELinux is disabled and it's allowed - return_val = !selinux_disabled || !(selinux_disabled && allow_disabled) - Chef::Log.warn('SELinux is disabled / unreachable, skipping') unless return_val - return_val - end - - def sebool(new_resource, persist = false) - persist_string = persist ? '-P ' : '' - new_value = new_resource.value ? 'on' : 'off' - execute "selinux-setbool-#{new_resource.name}-#{new_value}" do - command "#{setsebool_cmd} #{persist_string} #{new_resource.name} #{new_value}" - not_if "#{getsebool_cmd} #{new_resource.name} | grep '#{new_value}$' >/dev/null" unless new_resource.force - only_if { use_selinux(new_resource.allow_disabled) } - end - end - - def module_defined(name) - "#{semodule_cmd} -l | grep -w '^#{name}'" - end - - def shell_boolean(expression) - expression ? 'true' : 'false' - end - - def port_defined(protocol, port, label = nil) - base_command = "seinfo --portcon=#{port} | grep 'portcon #{protocol}' | awk -F: '$(NF-1) !~ /reserved_port_t$/ && $(NF-3) !~ /[0-9]*-[0-9]*/ {print $(NF-1)}'" - grep = if label - "grep -P '#{Regexp.escape(label)}'" - else - 'grep -q ^' - end - "#{base_command} | #{grep}" - end - - def validate_port(port) - raise ArgumentError, "port value: #{port} is invalid." unless port.to_s =~ /^\d+$/ - end - - def fcontext_defined(file_spec, file_type, label = nil) - file_hash = { - 'a' => 'all files', - 'f' => 'regular file', - 'd' => 'directory', - 'c' => 'character device', - 'b' => 'block device', - 's' => 'socket', - 'l' => 'symbolic link', - 'p' => 'named pipe', - } - - label_matcher = label ? "system_u:object_r:#{Regexp.escape(label)}:s0\\s*$" : '' - "#{semanage_cmd} fcontext -l | grep -qP '^#{Regexp.escape(file_spec)}\\s+#{Regexp.escape(file_hash[file_type])}\\s+#{label_matcher}'" - end - - def semanage_options(file_type) - # Set options for file_type - if node['platform_family'].include?('rhel') && Chef::VersionConstraint.new('< 7.0').include?(node['platform_version']) - case file_type - when 'a' then '-f ""' - when 'f' then '-f --' - else; "-f -#{file_type}" - end - else - "-f #{file_type}" - end - end - - require 'chef/mixin/which' - include Chef::Mixin::Which - - def setsebool_cmd - @setsebool_cmd ||= which('setsebool') - end - - def getsebool_cmd - @getsebool_cmd ||= which('getsebool') - end - - def getenforce_cmd - @getenforce_cmd ||= which('getenforce') - end - - def semanage_cmd - @semanage_cmd ||= which('semanage') - end - - def semodule_cmd - @semodule_cmd ||= which('semodule') - end - end - end -end diff --git a/cookbooks/selinux_policy/metadata.json b/cookbooks/selinux_policy/metadata.json deleted file mode 100644 index e13875a..0000000 --- a/cookbooks/selinux_policy/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"selinux_policy","version":"2.4.3","description":"Manages SELinux policy components","long_description":"","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"redhat":">= 0.0.0","centos":">= 0.0.0","fedora":">= 0.0.0","ubuntu":">= 0.0.0","debian":">= 0.0.0","amazon":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/sous-chefs/selinux_policy","issues_url":"https://github.com/sous-chefs/selinux_policy/issues","chef_version":[[">= 13.0"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/selinux_policy/metadata.rb b/cookbooks/selinux_policy/metadata.rb deleted file mode 100644 index b715015..0000000 --- a/cookbooks/selinux_policy/metadata.rb +++ /dev/null @@ -1,16 +0,0 @@ -name 'selinux_policy' -maintainer 'Chef Software, Inc.' -maintainer_email 'cookbooks@chef.io' -license 'Apache-2.0' -description 'Manages SELinux policy components' -source_url 'https://github.com/sous-chefs/selinux_policy' -issues_url 'https://github.com/sous-chefs/selinux_policy/issues' -chef_version '>= 13.0' -version '2.4.3' - -supports 'redhat' -supports 'centos' -supports 'fedora' -supports 'ubuntu' -supports 'debian' -supports 'amazon' diff --git a/cookbooks/selinux_policy/recipes/default.rb b/cookbooks/selinux_policy/recipes/default.rb deleted file mode 100644 index d7a17d2..0000000 --- a/cookbooks/selinux_policy/recipes/default.rb +++ /dev/null @@ -1 +0,0 @@ -# Nothing here diff --git a/cookbooks/selinux_policy/recipes/install.rb b/cookbooks/selinux_policy/recipes/install.rb deleted file mode 100644 index a88347d..0000000 --- a/cookbooks/selinux_policy/recipes/install.rb +++ /dev/null @@ -1 +0,0 @@ -selinux_policy_install 'install' diff --git a/cookbooks/selinux_policy/resources/boolean.rb b/cookbooks/selinux_policy/resources/boolean.rb deleted file mode 100644 index 3fd359c..0000000 --- a/cookbooks/selinux_policy/resources/boolean.rb +++ /dev/null @@ -1,19 +0,0 @@ -# A resource for managing SELinux Booleans - -property :value, [true, false] -property :force, [true, false], default: false -property :allow_disabled, [true, false], default: true - -# Set and persist -action :setpersist do - sebool(new_resource, true) -end - -# Set for now, without persisting -action :set do - sebool(new_resource, false) -end - -action_class do - include Chef::SELinuxPolicy::Helpers -end diff --git a/cookbooks/selinux_policy/resources/fcontext.rb b/cookbooks/selinux_policy/resources/fcontext.rb deleted file mode 100644 index 596dc18..0000000 --- a/cookbooks/selinux_policy/resources/fcontext.rb +++ /dev/null @@ -1,71 +0,0 @@ -# Manages file specs in SELinux -# See http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html#id3715134 - -property :file_spec, String, name_property: true -property :secontext, String -property :file_type, String, default: 'a', equal_to: %w(a f d c b s l p) -property :allow_disabled, [true, false], default: true - -action :addormodify do - run_action(:add) - run_action(:modify) -end - -# Run restorecon to fix label -# https://github.com/sous-chefs/selinux_policy/pull/72#issuecomment-338718721 -action :relabel do - converge_by 'relabel' do - spec = new_resource.file_spec - escaped = Regexp.escape spec - - common = - if spec == escaped - spec - else - index = spec.size.times { |i| break i if spec[i] != escaped[i] } - ::File.dirname spec[0...index] - end - - # Just in case the spec is very weird... - common = '/' if common[0] != '/' - - if ::File.exist? common - shell_out!("find #{common.shellescape} -ignore_readdir_race -regextype posix-egrep -regex #{spec.shellescape} -prune -print0 2>/dev/null | xargs -0 restorecon -iRv") - end - end -end - -# Create if doesn't exist, do not touch if fcontext is already registered -action :add do - execute "selinux-fcontext-#{new_resource.secontext}-add" do - command "#{semanage_cmd} fcontext -a #{semanage_options(new_resource.file_type)} -t #{new_resource.secontext} '#{new_resource.file_spec}'" - not_if fcontext_defined(new_resource.file_spec, new_resource.file_type) - only_if { use_selinux(new_resource.allow_disabled) } - notifies :relabel, new_resource, :immediately - end -end - -# Delete if exists -action :delete do - execute "selinux-fcontext-#{new_resource.secontext}-delete" do - command "#{semanage_cmd} fcontext #{semanage_options(new_resource.file_type)} -d '#{new_resource.file_spec}'" - only_if fcontext_defined(new_resource.file_spec, new_resource.file_type, new_resource.secontext) - only_if { use_selinux(new_resource.allow_disabled) } - notifies :relabel, new_resource, :immediately - end -end - -action :modify do - execute "selinux-fcontext-#{new_resource.secontext}-modify" do - command "#{semanage_cmd} fcontext -m #{semanage_options(new_resource.file_type)} -t #{new_resource.secontext} '#{new_resource.file_spec}'" - only_if { use_selinux(new_resource.allow_disabled) } - only_if fcontext_defined(new_resource.file_spec, new_resource.file_type) - not_if fcontext_defined(new_resource.file_spec, new_resource.file_type, new_resource.secontext) - notifies :relabel, new_resource, :immediately - end -end - -action_class do - include Chef::SELinuxPolicy::Helpers - include Chef::Mixin::Which -end diff --git a/cookbooks/selinux_policy/resources/install.rb b/cookbooks/selinux_policy/resources/install.rb deleted file mode 100644 index 2d4a181..0000000 --- a/cookbooks/selinux_policy/resources/install.rb +++ /dev/null @@ -1,32 +0,0 @@ -property :allow_disabled, [true, false], default: true - -action :install do - case node['platform_family'] - when 'debian' - raise 'Install SELinux manually on Ubuntu. See https://wiki.ubuntu.com/SELinux' if platform?('ubuntu') - - execute 'selinux-activate' do - action :nothing - end - - package %w(selinux-policy-default selinux-basics auditd) do - notifies :run, 'execute[selinux-activate]', :immediately - end - - when 'rhel' - case node['platform_version'].to_i - when 6 - package %w(policycoreutils-python selinux-policy setools-console make) - when 7 - package %w(policycoreutils-python selinux-policy-devel setools-console make) - when 8 - package %w(policycoreutils-python-utils selinux-policy-devel setools-console make) - else - raise 'Unknown version of RHEL/derivative, cannot determine required package names' - end - when 'fedora' - package %w(policycoreutils-python selinux-policy-devel setools-console make) - else - raise 'Unknown distro, cannot determine required package names' - end -end diff --git a/cookbooks/selinux_policy/resources/module.rb b/cookbooks/selinux_policy/resources/module.rb deleted file mode 100644 index 532f12d..0000000 --- a/cookbooks/selinux_policy/resources/module.rb +++ /dev/null @@ -1,75 +0,0 @@ -# A resource for managing SE modules - -property :module_name, String, name_property: true -property :force, [true, false], default: false -property :directory, String, default: lazy { "#{Chef::Config[:file_cache_path]}/#{module_name}" } # content to work with. Defaults to autogenerated name in the Chef cache. Can be provided and pre-populated -# Content options: -property :content, String # provide a 'te' file directly. Optional -property :directory_source, String # Source directory for module source code. If specified, will use "remote_directory" on the directory specified as `directory` -property :cookbook, String # Related to directory -property :allow_disabled, [true, false], default: true - -action :deploy do - run_action(:fetch) - run_action(:compile) - run_action(:install) -end - -# Get all the components in the right place -action :fetch do - directory new_resource.directory do - only_if { use_selinux(new_resource.allow_disabled) } - end - - raise 'dont specify both directory_source and content' if new_resource.directory_source && new_resource.content - - if new_resource.directory_source - remote_directory new_resource.directory do - source new_resource.directory_source - cookbook new_resource.cookbook - only_if { use_selinux(new_resource.allow_disabled) } - end - end - - if new_resource.content - file "#{new_resource.directory}/#{new_resource.module_name}.te" do - content new_resource.content - only_if { use_selinux(new_resource.allow_disabled) } - end - end -end - -action :compile do - make_command = "/usr/bin/make -f /usr/share/selinux/devel/Makefile #{new_resource.module_name}.pp" - execute "semodule-compile-#{new_resource.module_name}" do - command make_command - not_if "#{make_command} -q", cwd: new_resource.directory # $? = 1 means make wants to execute http://www.gnu.org/software/make/manual/html_node/Running.html - only_if { use_selinux(new_resource.allow_disabled) } - cwd new_resource.directory - end -end - -# deploy / upgrade module -# XXX this looks ugly because CentOS 6.X doesn't support extracting -# SELinux modules from the current policy, which I planned on comparing -# to my compiled file. I'll be happy to see anything else (that works). -action :install do - filename = "#{new_resource.directory}/#{new_resource.module_name}.pp" - execute "semodule-install-#{new_resource.module_name}" do - command "#{semodule_cmd} -i #{filename}" - only_if "#{shell_boolean(new_resource.updated_by_last_action? || new_resource.force)} || ! (#{module_defined(new_resource.module_name)}) " - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -action :remove do - execute "semodule-remove-#{new_resource.module_name}" do - command "#{semodule_cmd} -r #{new_resource.module_name}" - only_if module_defined(new_resource.module_name) - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -action_class do - include Chef::SELinuxPolicy::Helpers -end diff --git a/cookbooks/selinux_policy/resources/permissive.rb b/cookbooks/selinux_policy/resources/permissive.rb deleted file mode 100644 index d6bf92d..0000000 --- a/cookbooks/selinux_policy/resources/permissive.rb +++ /dev/null @@ -1,25 +0,0 @@ -# a resource for managing selinux permissive contexts - -property :allow_disabled, [true, false], default: true - -# Create if doesn't exist, do not touch if port is already registered (even under different type) -action :add do - execute "selinux-permissive-#{new_resource.name}-add" do - command "#{semanage_cmd} permissive -a '#{new_resource.name}'" - not_if "#{semanage_cmd} permissive -l | grep '^#{new_resource.name}$'" - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -# Delete if exists -action :delete do - execute "selinux-port-#{new_resource.name}-delete" do - command "#{semanage_cmd} permissive -d '#{new_resource.name}'" - not_if "#{semanage_cmd} permissive -l | grep '^#{new_resource.name}$'" - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -action_class do - include Chef::SELinuxPolicy::Helpers -end diff --git a/cookbooks/selinux_policy/resources/port.rb b/cookbooks/selinux_policy/resources/port.rb deleted file mode 100644 index 87b76fb..0000000 --- a/cookbooks/selinux_policy/resources/port.rb +++ /dev/null @@ -1,50 +0,0 @@ -# Manages a port assignment in SELinux -# See http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html#id3715134 - -property :port, [Integer, String], name_property: true -property :protocol, String, equal_to: %w(tcp udp) -property :secontext, String -property :allow_disabled, [true, false], default: true - -action :addormodify do - # TODO: We can be a bit more clever here, and try to detect if it's already - # there then modify - # Try to add new port - run_action(:add) - # Try to modify existing port - run_action(:modify) -end - -# Create if doesn't exist, do not touch if port is already registered (even under different type) -action :add do - validate_port(new_resource.port) - execute "selinux-port-#{new_resource.port}-add" do - command "#{semanage_cmd} port -a -t #{new_resource.secontext} -p #{new_resource.protocol} #{new_resource.port}" - not_if port_defined(new_resource.protocol, new_resource.port, new_resource.secontext) - not_if port_defined(new_resource.protocol, new_resource.port) - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -# Delete if exists -action :delete do - validate_port(new_resource.port) - execute "selinux-port-#{new_resource.port}-delete" do - command "#{semanage_cmd} port -d -p #{new_resource.protocol} #{new_resource.port}" - only_if port_defined(new_resource.protocol, new_resource.port) - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -action :modify do - execute "selinux-port-#{new_resource.port}-modify" do - command "#{semanage_cmd} port -m -t #{new_resource.secontext} -p #{new_resource.protocol} #{new_resource.port}" - only_if port_defined(new_resource.protocol, new_resource.port) - not_if port_defined(new_resource.protocol, new_resource.port, new_resource.secontext) - only_if { use_selinux(new_resource.allow_disabled) } - end -end - -action_class do - include Chef::SELinuxPolicy::Helpers -end diff --git a/cookbooks/yum/CHANGELOG.md b/cookbooks/yum/CHANGELOG.md deleted file mode 100644 index 38ea170..0000000 --- a/cookbooks/yum/CHANGELOG.md +++ /dev/null @@ -1,391 +0,0 @@ -# yum Cookbook CHANGELOG - -This file is used to list changes made in each version of the yum cookbook. - -## 7.2.0 - *2021-09-29* - -- Add `dnf_module` resource for managing DNF modules on RHEL 8+ / Fedora - -## 7.1.0 - *2021-08-29* - -- Add support for DNF (Yum v4) property `install_weak_deps` (#193) - -## 7.0.1 - *2021-08-26* - -- Standardise files with files in sous-chefs/repo-management (#191) - -## 7.0.0 - *2021-08-13* - -- Enable `unified_mode` for Chef 17 compatibility -- Remove deprecated `dnf_yum_compat` recipe - -## 6.1.1 - *2021-06-01* - -## 6.1.0 - *2021-03-24* - -- complete ip_resolve additions started in 6.0.0 - -## 6.0.0 - *2021-01-20* - -- Sous Chefs Adoption -- Cookstyle fixes -- Various testing fixes -- Standardise files with files in sous-chefs/repo-management -- Adding proper distroverpkg assignment for Oracle Linux -- Require 13+ -- Remove RHEL5 references -- Mark `dnf_yum_compat` recipe deprecated -- Add EL8 support - -## 5.1.0 (2017-08-04) - -- Avoid spec deprecation warnings -- Use an empty string `releasever` to lock an Amazon Linux AMI to its current verison - -## 5.0.1 (2017-04-06) - -- Switch from Rake testing to Local Delivery -- Rename kitchen-docker to kitchen-dokken -- Update apache2 license string -- use true/false vs. TrueClass and FalseClass in the resource - -## 5.0.0 (2017-02-12) - -### Breaking changes - -- Removed the yum_repository resource and instead require chef-client 12.14 or later, which has the yum repository functionality built in. This resolves Chef 13 compatibility warnings for any cookbook with the yum cookbook. - -### Other changes - -- Convert yum_globalconfig from an LWRP to a custom resource - -## 4.2.0 (2017-02-12) - -- Make cache in the DNF compat recipe -- Fix `fastestmirror_enabled`. -- Require Chef 12.1 not 12.0 -- Convert to Inspec - -## 4.1.0 (2016-10-21) - -- Purge yum cache before removing a repo not after - -## 4.0.0 (2016-09-06) - -- Remove support for Chef 11 - -## 3.13.0 (2016-09-06) - -- Add deprecation warning for add/remove actions, which were replaced with create/delete in Yum 3.0 -- Remove support for Chef 10 - -## v3.12.0 (2016-08-25) - -- Fixing baseurl to support multiple urls -- Modify releasever attribute for Amazon to match Amazon's default policy for releasever - -## v3.11.0 (2016-06-01) - -- Install yum at compile time in the dnf compatibility recipe -- Add IBM zlinux as a supported platform in the metadata -- Use cookstyle instead of rubocop to provide a consistent linting experience - -## v3.10.0 (2016-02-04) - -- Add a new sensitive attribute to the repository resource so prevent writing the diff of the config to Chef output / logs -- Update testing dependencies and remove the Guardfile / Guard dependencies - -## v3.9.0 (2016-01-14) - -- Added dnf_yum_compat recipe to ensure yum is installed on Fedora systems for Chef package resource compatibility. This will no longer be necessary when native dnf package support ships in chef-client. - -## v3.8.2 (2015-10-28) - -- # 141 - Replace clean_headers with clean_metadata - -## v3.8.1 (2015-10-28) - -- Fixing up Chef13 deprecation warnings - -## v3.8.0 (2015-10-13) - -- adding clean_headers boolean property to yum_resource -- restoring Chef 10 backwards compat for the sake of ChefSpec -- (unique resource names needed to avoid cloning) -- Fixing localpkg_gpgcheck values - -## v3.7.1 (2015-09-08) - -- # 135 - reverting "yum clean headers" as it breaks dnf compat - -## v3.7.0 (2015-09-05) - -- Adding deltarpm toggle -- Cleaning 'headers' rather than 'all' - -## v3.6.3 (2015-07-13) - -- Normalizing sslverify option rendering behavior -- Setting default value on the resource to nil -- Explictly setting string to render in template if value is supplied -- Behavior should default to "True", per man page - -## v3.6.2 (2015-07-13) - -- Adding -y to makecache, to import key when repo_gpgcheck = true. -- Accepting Integer value for max_retries - -## v3.6.1 (2015-06-04) - -- Executing yum clean before makecache -- Adding repo_gpgcheck - -## v3.6.0 (2015-04-23) - -- Adding "yum clean" before "yum makecache" in yum_repository :create -- Adding why_run support to yum_globalconfig - -## v3.5.4 (2015-04-07) - -- Changing tolerant config line to stringified integer - -## v3.5.3 (2015-01-16) - -- Adding reposdir to globalconfig template - -## v3.5.2 (2014-12-24) - -- Fixing redhat-release detection for Redhat 7 - -## v3.5.1 (2014-11-24) - -- Reverting management of ca-certificates because EL5 was broken - -## v3.5.0 (2014-11-24) - -- Adding management of ca-certificates package to yum_repository provider - -## v3.4.1 (2014-10-29) - -- Run yum-makecache only_if new_resource.enabled -- Allow setting of reposdir in global yum config and man page -- Change default 'obsoletes' behavior to match yum defaults - -## v3.4.0 (2014-10-15) - -- Dynamically generate the new_resource attributes - -## v3.3.2 (2014-09-11) - -- Fix globalconfig resource param for http_caching - -## v3.3.1 (2014-09-04) - -- Fix issue with sslverify if set to false -- Add fancy badges - -## v3.3.0 (2014-09-03) - -- Adding tuning attributes for all supported resource parameters -- Adding options hash parameter -- Adding (real) rhel-6.5 and centos-7.0 to test-kitchen coverage -- Updating regex for mirror_expire and mirrorlist_expire to include /^\d+[mhd]$/ -- Updating README so keepcache reflects reality (defaults to false) -- Changing 'obsoletes' behavior in globalconfig resource to match -- default behavior. (now defaults to nil, yum defaults to false) -- Adding makecache action to repository resource -- Adding mode parameter to repository resource. Defaults to '0644'. - -## v3.2.4 (2014-08-20) - -- # 82 - Adding a makecache parameter - -## v3.2.2 (2014-06-11) - -- # 77 - Parameter default to be Trueclass instead of "1" - -- # 78 - add releasever parameter - -## v3.2.0 (2014-04-09) - -- [COOK-4510] - Adding username and password parameters to node attributes -- [COOK-4518] - Fix Scientific Linux distroverpkg - -## v3.1.6 (2014-03-27) - -- [COOK-4463] - support multiple GPG keys -- [COOK-4364] - yum_repository delete action fails - -## v3.1.4 (2014-03-12) - -- [COOK-4417] Expand test harness to encompass 32-bit boxes - -## v3.1.2 (2014-02-23) - -Fixing bugs around :delete action and cache clean Fixing specs to cover :remove and :delete aliasing properly Adding Travis-ci build matrix bits - -## v3.1.0 (2014-02-13) - -- Updating testing harness for integration testing on Travis-ci -- Adding TESTING.md and Guardfile -- PR #67 - Add skip_if_unvailable repository option -- PR #64 - Fix validation of 'metadata_expire' option to match documentation -- [COOK-3591] - removing node.name from repo template rendering -- [COOK-4275] - Enhancements to yum cookbook -- Adding full spec coverage -- Adding support for custom source template to yum_repository - -## v3.0.8 (2014-01-27) - -Fixing typo in default.rb. yum_globalconfig now passes proxy attribute correctly. - -## v3.0.6 (2014-01-27) - -Updating default.rb to consume node['yum']['main']['proxy'] - -## v3.0.4 (2013-12-29) - -### Bug - -- **[COOK-4156](https://tickets.chef.io/browse/COOK-4156)** - yum cookbook creates a yum.conf with "cachefir" directive - -## v3.0.2 - -Updating globalconfig provider for Chef 10 compatability - -## v3.0.0 - -3.0.0 Major rewrite with breaking changes. Recipes broken out into individual cookbooks yum_key resource has been removed yum_repository resource now takes gpgkey as a URL directly yum_repository actions have been reduced to :create and :delete 'name' has been changed to repositoryid to avoid ambiguity chefspec test coverage gpgcheck is set to 'true' by default and must be explicitly disabled - -## v2.4.4 - -Reverting to Ruby 1.8 hash syntax. - -## v2.4.2 - -[COOK-3275] LWRP repository.rb :add method fails to create yum repo in some cases which causes :update to fail Amazon rhel - -## v2.4.0 - -### Improvement - -- [COOK-3025] - Allow per-repo proxy definitions - -## v2.3.4 - -### Improvement - -- **[COOK-3689](https://tickets.chef.io/browse/COOK-3689)** - Fix warnings about resource cloning -- **[COOK-3574](https://tickets.chef.io/browse/COOK-3574)** - Add missing "description" field in metadata - -## v2.3.2 - -### Bug - -- **[COOK-3145](https://tickets.chef.io/browse/COOK-3145)** - Use correct download URL for epel `key_url` - -## v2.3.0 - -### New Feature - -- [COOK-2924]: Yum should allow type setting in repo file - -## v2.2.4 - -### Bug - -- [COOK-2360]: last commit to `yum_repository` changes previous behaviour -- [COOK-3015]: Yum cookbook test minitest to fail - -## v2.2.2 - -### Improvement - -- [COOK-2741]: yum::elrepo -- [COOK-2946]: update tests, test kitchen support in yum cookbook - -### Bug - -- [COOK-2639]: Yum cookbook - epel - always assumes url is a mirror list -- [COOK-2663]: Yum should allow metadata_expire setting in repo file -- [COOK-2751]: Update yum.ius_release version to 1.0-11 - -## v2.2.0 - -- [COOK-2189] - yum::ius failed on install (caused from rpm dependency) -- [COOK-2196] - Make includepkgs and exclude configurable for each repos -- [COOK-2244] - Allow configuring caching using attributes -- [COOK-2399] - yum cookbook LWRPs fail FoodCritic -- [COOK-2519] - Add priority option to Yum repo files -- [COOK-2593] - allow integer or string for yum priority -- [COOK-2643] - don't use conditional attribute for `yum_key` `remote_file` - -## v2.1.0 - -- [COOK-2045] - add remi repository recipe -- [COOK-2121] - add `:create` action to `yum_repository` - -## v2.0.6 - -- [COOK-2037] - minor style fixes -- [COOK-2038] - updated README - -## v2.0.4 - -- [COOK-1908] - unable to install repoforge on CentOS 6 32 bit - -## v2.0.2 - -- [COOK-1758] - Add default action for repository resource - -## v2.0.0 - -This version changes the behavior of the EPEL recipe (most commonly used in other Chef cookbooks) on Amazon, and removes an attribute, `node['yum']['epel_release']`. See the README for details. - -- [COOK-1772] - Simplify management of EPEL with LWRP - -## v1.0.0 - -`mirrorlist` in the `yum_repository` LWRP must be set to the mirror list URI to use rather than setting it to true. See README.md. - -- [COOK-1088] - use dl.fedoraproject.org for EPEL to prevent redirects -- [COOK-1653] - fix mirrorlist -- [COOK-1710] - support http proxy -- [COOK-1722] - update IUS version - -## v0.8.2 - -- [COOK-1521] - add :update action to `yum_repository` - -## v0.8.0 - -- [COOK-1204] - Make 'add' default action for yum_repository -- [COOK-1351] - option to not make the yum cache (via attribute) -- [COOK-1353] - x86_64 centos path fixes -- [COOK-1414] - recipe for repoforge - -## v0.6.2 - -- Updated README to remove git diff artifacts. - -## v0.6.0 - -- Default action for the yum_repository LWRP is now add. -- [COOK-1227] - clear Chefs internal cache after adding new yum repo -- [COOK-1262] - yum::epel should enable existing repo on Amazon Linux -- [COOK-1272], [COOK-1302] - update RPM file for CentOS / RHEL 6 -- [COOK-1330] - update cookbook documentation on excludes for yum -- [COOK-1346] - retry remote_file for EPEL in case we get an FTP mirror - -## v0.5.2 - -- [COOK-825] - epel and ius `remote_file` should notify the `rpm_package` to install - -## v0.5.0 - -- [COOK-675] - add recipe for handling EPEL repository -- [COOK-722] - add recipe for handling IUS repository - -## v.0.1.2 - -- Remove yum update in default recipe, that doesn't update caches, it updates packages installed. diff --git a/cookbooks/yum/attributes/main.rb b/cookbooks/yum/attributes/main.rb deleted file mode 100644 index 3592fb8..0000000 --- a/cookbooks/yum/attributes/main.rb +++ /dev/null @@ -1,97 +0,0 @@ -# http://man7.org/linux/man-pages/man5/yum.conf.5.html - -default['yum']['main']['cachedir'] = '/var/cache/yum/$basearch/$releasever' -default['yum']['main']['distroverpkg'] = case node['platform'] - when 'amazon' - 'system-release' - when 'scientific' - 'sl-release' - when 'redhat' - nil - when 'oracle' - 'oraclelinux-release' - else - "#{node['platform']}-release" - end -default['yum']['main']['releasever'] = 'latest' if platform?('amazon') -default['yum']['main']['alwaysprompt'] = nil # [true, false] -default['yum']['main']['assumeyes'] = nil # [true, false] -default['yum']['main']['bandwidth'] = nil # /^\d+$/ -default['yum']['main']['bugtracker_url'] = nil -default['yum']['main']['clean_requirements_on_remove'] = nil # [true, false] -default['yum']['main']['color'] = nil # %w{ always never } -default['yum']['main']['color_list_available_downgrade'] = nil -default['yum']['main']['color_list_available_install'] = nil -default['yum']['main']['color_list_available_reinstall'] = nil -default['yum']['main']['color_list_available_upgrade'] = nil -default['yum']['main']['color_list_installed_extra'] = nil -default['yum']['main']['color_list_installed_newer'] = nil -default['yum']['main']['color_list_installed_older'] = nil -default['yum']['main']['color_list_installed_reinstall'] = nil -default['yum']['main']['color_search_match'] = nil -default['yum']['main']['color_update_installed'] = nil -default['yum']['main']['color_update_local'] = nil -default['yum']['main']['color_update_remote'] = nil -default['yum']['main']['commands'] = nil -default['yum']['main']['deltarpm'] = nil # [true, false] -default['yum']['main']['debuglevel'] = nil # /^\d+$/ -default['yum']['main']['diskspacecheck'] = nil # [true, false] -default['yum']['main']['enable_group_conditionals'] = nil # [true, false] -default['yum']['main']['errorlevel'] = nil # /^\d+$/ -default['yum']['main']['exactarch'] = nil # [true, false] -default['yum']['main']['exclude'] = nil -default['yum']['main']['gpgcheck'] = true # [true, false] -default['yum']['main']['group_package_types'] = nil -default['yum']['main']['groupremove_leaf_only'] = nil # [true, false] -default['yum']['main']['history_list_view'] = nil -default['yum']['main']['history_record'] = nil # [true, false] -default['yum']['main']['history_record_packages'] = nil -default['yum']['main']['http_caching'] = nil # %w{ packages all none } -default['yum']['main']['ip_resolve'] = nil # %w{ 4 6 } -default['yum']['main']['installonly_limit'] = nil # /\d+/, /keep/ -default['yum']['main']['installonlypkgs'] = nil -default['yum']['main']['installroot'] = nil -default['yum']['main']['keepalive'] = nil # [true, false] -default['yum']['main']['keepcache'] = false # [true, false] -default['yum']['main']['kernelpkgnames'] = nil -default['yum']['main']['localpkg_gpgcheck'] = false # [true,# false] -default['yum']['main']['logfile'] = '/var/log/yum.log' -default['yum']['main']['max_retries'] = nil # /^\d+$/ -default['yum']['main']['mdpolicy'] = nil # %w{ packages all none } -default['yum']['main']['metadata_expire'] = nil # /^\d+$/ -default['yum']['main']['mirrorlist_expire'] = nil # /^\d+$/ -default['yum']['main']['multilib_policy'] = nil # %w{ all best } -default['yum']['main']['obsoletes'] = nil # [true, false] -default['yum']['main']['overwrite_groups'] = nil # [true, false] -default['yum']['main']['password'] = nil -default['yum']['main']['path'] = '/etc/yum.conf' -default['yum']['main']['persistdir'] = nil -default['yum']['main']['pluginconfpath'] = nil -default['yum']['main']['pluginpath'] = nil -default['yum']['main']['plugins'] = nil # [true, false] -default['yum']['main']['protected_multilib'] = nil -default['yum']['main']['protected_packages'] = nil -default['yum']['main']['proxy'] = nil -default['yum']['main']['proxy_password'] = nil -default['yum']['main']['proxy_username'] = nil -default['yum']['main']['password'] = nil -default['yum']['main']['recent'] = nil # /^\d+$/ -default['yum']['main']['repo_gpgcheck'] = nil # [true, false] -default['yum']['main']['reposdir'] = nil -default['yum']['main']['reset_nice'] = nil # [true, false] -default['yum']['main']['rpmverbosity'] = nil # %w{ info critical# emergency error warn debug } -default['yum']['main']['showdupesfromrepos'] = nil # [true, false] -default['yum']['main']['skip_broken'] = nil # [true, false] -default['yum']['main']['ssl_check_cert_permissions'] = nil # [true, false] -default['yum']['main']['sslcacert'] = nil -default['yum']['main']['sslclientcert'] = nil -default['yum']['main']['sslclientkey'] = nil -default['yum']['main']['sslverify'] = nil # [true, false] -default['yum']['main']['syslog_device'] = nil -default['yum']['main']['syslog_facility'] = nil -default['yum']['main']['syslog_ident'] = nil -default['yum']['main']['throttle'] = nil # [/\d+k/, /\d+M/, /\d+G/] -default['yum']['main']['timeout'] = nil # /\d+/ -default['yum']['main']['tolerant'] = false -default['yum']['main']['tsflags'] = nil -default['yum']['main']['username'] = nil diff --git a/cookbooks/yum/kitchen.dokken.yml b/cookbooks/yum/kitchen.dokken.yml deleted file mode 100644 index 9d2678f..0000000 --- a/cookbooks/yum/kitchen.dokken.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -driver: - name: dokken - privileged: true # because Docker and SystemD/Upstart - -transport: - name: dokken - -provisioner: - name: dokken - chef_version: <%= ENV['CHEF_VERSION'] || 'current' %> - chef_license: accept-no-persist - -platforms: - - name: amazonlinux-2 - driver: - image: dokken/amazonlinux-2 - pid_one_command: /usr/lib/systemd/systemd - - - name: centos-7 - driver: - image: dokken/centos-7 - pid_one_command: /usr/lib/systemd/systemd - - - name: centos-8 - driver: - image: dokken/centos-8 - pid_one_command: /usr/lib/systemd/systemd - - - name: centos-stream-8 - driver: - image: dokken/centos-stream-8 - pid_one_command: /usr/lib/systemd/systemd - - - name: oraclelinux-7 - driver: - image: dokken/oraclelinux-7 - pid_one_command: /usr/lib/systemd/systemd - - - name: oraclelinux-8 - driver: - image: dokken/oraclelinux-8 - pid_one_command: /usr/lib/systemd/systemd - - - name: fedora-latest - driver: - image: dokken/fedora-latest - pid_one_command: /usr/lib/systemd/systemd diff --git a/cookbooks/yum/metadata.rb b/cookbooks/yum/metadata.rb deleted file mode 100644 index 4f6c382..0000000 --- a/cookbooks/yum/metadata.rb +++ /dev/null @@ -1,17 +0,0 @@ -name 'yum' -maintainer 'Sous Chefs' -maintainer_email 'help@sous-chefs.org' -license 'Apache-2.0' -description 'Configures various yum components on Red Hat-like systems' -version '7.2.0' -source_url 'https://github.com/sous-chefs/yum' -issues_url 'https://github.com/sous-chefs/yum/issues' -chef_version '>= 15.3' - -supports 'amazon' -supports 'centos' -supports 'fedora' -supports 'oracle' -supports 'redhat' -supports 'scientific' -supports 'zlinux' diff --git a/cookbooks/yum/recipes/default.rb b/cookbooks/yum/recipes/default.rb deleted file mode 100644 index 76cd2b0..0000000 --- a/cookbooks/yum/recipes/default.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Sean OMeara () -# Author:: Joshua Timberman () -# Recipe:: yum::default -# -# Copyright:: 2013-2019, Chef Software, Inc () -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -yum_globalconfig '/etc/yum.conf' do - node['yum']['main'].each do |config, value| - send(config.to_sym, value) unless value.nil? - end - - action :create -end diff --git a/cookbooks/yum/resources/dnf_module.rb b/cookbooks/yum/resources/dnf_module.rb deleted file mode 100644 index e256d32..0000000 --- a/cookbooks/yum/resources/dnf_module.rb +++ /dev/null @@ -1,104 +0,0 @@ -resource_name :dnf_module -provides :dnf_module - -unified_mode true - -property :module_name, String, - name_property: true, - description: 'Name of the module to install' - -property :options, [String, Array], - coerce: proc { |x| Array(x) }, - default: [], - description: 'Any additional options to pass to DNF' - -action_class do - def supported? - (platform_family?('rhel') && node['platform_version'] >= 8) || platform?('fedora') - end - - def list_modules(type) - raw_output = shell_out!('dnf -q module list').stdout.split("\n") - raw_output.keep_if { |l| l.match? /\[#{type}\]/ } - raw_output.map { |l| "#{l.split[0]}:#{l.split[1]}" }[0..-2] # remove Hint: line from end - end - - def enabled_modules - # extract modules from the rest of the output -- the lines with [e] (for enabled) - list_modules('e') - end - - def disabled_modules - # extract modules from the rest of the output -- the lines with [x] (for disabled) - # disable disables all versions of the stream, so add entry without :version - dl = list_modules('x') - dl + dl.map { |m| m.split(':').first }.uniq - end - - def installed_modules - # extract modules from the rest of the output -- the lines with [i] (for installed) - list_modules('i') - end - - def opts - new_resource.options.join(' ') - end -end - -action :switch_to do - return unless supported? - - unless enabled_modules.include?(new_resource.module_name) - converge_by "switch to #{new_resource.module_name}" do - shell_out!("dnf -qy module switch-to #{opts} '#{new_resource.module_name}'") - end - end -end - -action :enable do - return unless supported? - - unless enabled_modules.include?(new_resource.module_name) - converge_by "enable #{new_resource.module_name}" do - shell_out!("dnf -qy module enable #{opts} '#{new_resource.module_name}'") - end - end -end - -action :disable do - return unless supported? - - unless disabled_modules.include?(new_resource.module_name) - converge_by "disable #{new_resource.module_name}" do - shell_out!("dnf -qy module disable #{opts} '#{new_resource.module_name}'") - end - end -end - -action :install do - return unless supported? - - unless installed_modules.include?(new_resource.module_name) - converge_by "install #{new_resource.module_name}" do - shell_out!("dnf -qy module install #{opts} '#{new_resource.module_name}'") - end - end -end - -action :remove do - return unless supported? - - if installed_modules.include?(new_resource.module_name) - converge_by "remove #{new_resource.module_name}" do - shell_out!("dnf -qy module remove #{opts} '#{new_resource.module_name}'") - end - end -end - -action :reset do - return unless supported? - - converge_by "reset #{new_resource.module_name}" do - shell_out!("dnf -qy module reset #{opts} '#{new_resource.module_name}'") - end -end diff --git a/cookbooks/yum/resources/globalconfig.rb b/cookbooks/yum/resources/globalconfig.rb deleted file mode 100644 index 5049e79..0000000 --- a/cookbooks/yum/resources/globalconfig.rb +++ /dev/null @@ -1,166 +0,0 @@ -# -# Cookbook:: yum -# Resource:: repository -# -# Author:: Sean OMeara -# Copyright:: 2013-2020, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# http://man7.org/linux/man-pages/man5/yum.conf.5.html - -unified_mode true - -property :alwaysprompt, [true, false], description: 'When true yum will not prompt for confirmation when the list of packages to be installed exactly matches those given on the command line. Unless assumeyes is enabled, it will prompt when additional packages need to be installed to fulfill dependencies regardless of this setting. Note that older versions of yum would also always prompt for package removal, and that is no longer true.' -property :assumeno, [true, false], description: "If yum would prompt for confirmation of critical actions, assume the user chose no. This is basically the same as doing 'echo | yum ...' but is a bit more usable. This option overrides assumeyes, but is still subject to alwaysprompt." -property :assumeyes, [true, false], description: 'Determines whether or not yum prompts for confirmation of critical actions.' -property :autocheck_running_kernel, [true, false], description: "Set this to false to disable the automatic checking of the running kernel against updateinfo ('yum updateinfo check-running-kernel'), in the 'check-update' and 'updateinfo summary' commands." -property :autosavets, [true, false], description: 'Should yum automatically save a transaction to a file when the transaction is solved but not run. Yum defaults to True' -property :bandwidth, String, regex: /^\d+/, description: "Use to specify the maximum available network bandwidth in bytes/second. Used with the throttle property. If throttle is a percentage and bandwidth is '0' then bandwidth throttling will be disabled. If throttle is expressed as a data rate (bytes/sec) then this option is ignored." -property :bugtracker_url, String, description: 'URL where bugs should be filed for yum. Configurable for local versions or distro-specific bugtrackers.' -property :cachedir, String, default: '/var/cache/yum/$basearch/$releasever', description: 'Directory where yum should store its cache and db files.' -property :cashe_root_dir, String, description: "Directory where yum would initialize the cashe, should almost certainly be left at the default. Yum's default is '/var/cache/CAShe'. Note that unlike all other configuration, this does not change with installroot, the reason is so that multiple install root can share the same data. See man cashe for more info." -property :check_config_file_age, [true, false], description: 'Specifies whether yum should auto metadata expire repos that are older than any of the configuration files that led to them (usually the yum.conf file and the foo.repo file).' -property :clean_requirements_on_remove, [true, false], description: "When removing packages (by removal, update or obsoletion) go through each package's dependencies. If any of them are no longer required by any other package then also mark them to be removed." -property :color, String, equal_to: %w(always never), description: 'Display colorized output automatically, depending on the output terminal' -property :color_list_available_downgrade, String -property :color_list_available_install, String -property :color_list_available_reinstall, String -property :color_list_available_upgrade, String -property :color_list_installed_extra, String -property :color_list_installed_newer, String -property :color_list_installed_older, String -property :color_list_installed_reinstall, String -property :color_search_match, String -property :color_update_installed, String -property :color_update_local, String -property :color_update_remote, String -property :commands, String, description: "List of functional commands to run if no functional commands are specified on the command line (eg. 'update foo bar baz quux'). None of the short options (eg. -y, -e, -d) are accepted for this option." -property :debuglevel, String, regex: /^\d+$/, default: '2', description: 'Debug message output level 0-10.' -property :deltarpm, [String, Integer], description: "When non-zero, delta-RPM files are used if available. The value specifies the maximum number of 'applydeltarpm' processes Yum will spawn, if the value is negative then yum works out how many cores you have and multiplies that by the value (cores=2, deltarpm=-2; 4 processes). (2 by default).\nNote that the 'applydeltarpm' process uses a significant amount of disk IO, so running too many instances can significantly slow down all disk IO including the downloads that yum is doing (thus. a too high value can make everything slower)." -property :deltarpm_metadata_percentage, String, description: "When the relative size of deltarpm metadata vs pkgs is larger than this, deltarpm metadata is not downloaded from the repo. Yum's default value is 100 (Deltarpm metadata must be smaller than the packages from the repo). Note that you can give values over 100, so 200 means that the metadata is required to be half the size of the packages. Use '0' to turn off this check, and always download metadata." -property :deltarpm_percentage, String, description: "When the relative size of delta vs pkg is larger than this, delta is not used. Yum's default value is 75 (Deltas must be at least 25% smaller than the pkg). Use '0' to turn off delta rpm processing. Local repositories (with file:// baseurl) have delta rpms turned off by default." -property :depsolve_loop_limit, Integer, description: "Set the number of times any attempt to depsolve before we just give up. This shouldn't be needed as yum should always solve or fail, however it has been observed that it can loop forever with very large system upgrades. Setting this to `0' (or " > ") makes yum try forever. Yum's default is '100'." -property :disable_excludes, [true, false], description: 'Permanently set the --disableexcludes command line option.' -property :diskspacecheck, [true, false], description: 'Set this to false to disable the checking for sufficient diskspace and inodes before a RPM transaction is run.' -property :distroverpkg, String, description: "The package used by yum to determine the 'version' of the distribution, this sets $releasever for use in config. files. This can be any installed package. Default is 'system-release(releasever)', 'redhat-release'. Yum will now look at the version provided by the provide, and if that is non-empty then will use the full V(-R), otherwise it uses the version of the package." -property :enable_group_conditionals, [true, false], description: 'Determines whether yum will allow the use of conditionals packages.' -property :errorlevel, String, regex: /^\d+$/, description: 'Error message output level 0-10.' -property :exactarch, [true, false], default: true -property :exactarchlist, String, description: "List of packages that should never change archs in an update. That means, if a package has a newer version available which is for a different compatible arch, yum will not consider that version an update if the package name is in this list. For example, on x86_64, foo-1.x86_64 won't be updated to foo-2.i686 if foo is in this list. Kernels in particular fall into this category. Shell globs using wildcards (eg. * and ?) are allowed." -property :exclude, String, description: "List of packages to exclude from all repositories, so yum works as if that package was never in the repositories. This should be a space separated list. This is commonly used so a package isn't upgraded or installed accidentally, but can be used to remove packages in any way that 'yum list' will show packages. Shell globs using wildcards (eg. * and ?) are allowed." -property :exit_on_lock, [true, false], description: 'Should the yum client exit immediately when something else has the lock. Yum defaults to false' -property :fssnap_abort_on_errors, String, equal_to: %w(), description: "When fssnap_automatic_pre or fssnap_automatic_post is enabled, it's possible to specify which fssnap errors should make the transaction fail. Yum's default is 'any'.\n'broken-setup' - Abort current transaction if snapshot support is unavailable because lvm is missing or broken.\n'snapshot-failure' - Abort current transaction if creating a snapshot fails (e.g. there is not enough free space to make a snapshot).\n'any' - Abort current transaction if any of the above occurs.\n'none' - Never abort a transaction in case of errors." -property :fssnap_automatic_keep, Integer, description: "How many old snapshots should yum keep when trying to automatically create a new snapshot. Setting to 0 disables this feature. Yum's default is '1'" -property :fssnap_automatic_post, [true, false], description: 'Should yum try to automatically create a snapshot after it runs a transaction. Yum defaults to False' -property :fssnap_automatic_pre, [true, false], description: 'Should yum try to automatically create a snapshot before it runs a transaction. Yum defaults to False' -property :fssnap_devices, String, description: 'The origin LVM devices to use for snapshots. Wildcards and negation are allowed, first match (positive or negative) wins. Default is: !*/swap !*/lv_swap glob:/etc/yum/fssnap.d/*.conf' -property :fssnap_percentage, Integer, description: "The size of new snaphosts, expressed as a percentage of the old origin device. Any number between 1 and 100. Yum defaults to '100'." -property :ftp_disable_epsv, [true, false], description: 'This options disables Extended Passive Mode (the EPSV command) which does not work correctly on some buggy ftp servers.' -property :gpgcheck, [true, false], default: true, description: 'This tells yum whether or not it should perform a GPG signature check on packages. When this is set in the [main] section it sets the default for all repositories.' -property :group_command, String, equal_to: %w(simple compat objects), description: "Tells yum what to do for group install/upgrade/remove commands.\nSimple acts like you did yum group cmd $(repoquery --group --list group), so it is very easy to reason about what will happen. Alas. this is often not what people want to happen.\nCompat. works much like simple, except that when you run 'group upgrade' it actually runs 'group install' (this means that you get any new packages added to the group, but you also get packages added that were there before and you didn't want). \nObjects makes groups act like a real object, separate from the packages they contain. Yum keeps track of the groups you have installed, so 'group upgrade' will install new packages for the group but not install old ones. It also knows about group members that are installed but weren't installed as part of the group, and won't remove those on 'group remove'. Running 'yum upgrade' will also run 'yum group upgrade' (thus. adding new packages for all groups)." -property :group_package_types, String, description: "List of the following: optional, default, mandatory. Tells yum which type of packages in groups will be installed when 'groupinstall' is called." -property :groupremove_leaf_only, [true, false], description: "Used to determine yum's behaviour when the groupremove command is run. If groupremove_leaf_only is false (default) then all packages in the group will be removed. If groupremove_leaf_only is true then only those packages in the group that aren't required by another package will be removed." -property :history_list_view, String, equal_to: %w(users commands single-user-commands), description: "Which column of information to display in the 'yum history list' command." -property :history_record, [true, false], description: 'Should yum record history entries for transactions. This takes some disk space, and some extra time in the transactions. But it allows how to know a lot of information about what has happened before, and display it to the user with the history info/list/summary commands. yum also provides the history undo/redo commands.' -property :history_record_packages, String, description: 'This is a list of package names that should be recorded as having helped the transaction. yum plugins have an API to add themselves to this, so it should not normally be necessary to add packages here. Not that this is also used for the packages to look for in --version. Defaults to rpm, yum, yum-metadata-parser.' -property :http_caching, String, equal_to: %w(packages all none), description: "Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does. This option can take the following values: all' means that all HTTP downloads should be cached. 'packages' means that only RPM package downloads should be cached (but not repository metadata downloads). 'none' means that no HTTP downloads should be cached." -property :installonly_limit, String, regex: [/^\d+/, /keep/], default: '3', description: "Number of packages listed in installonlypkgs to keep installed at the same time. Setting to 0 disables this feature. Default is '0'. Note that this functionality used to be in the 'installonlyn' plugin, where this option was altered via tokeep. Note that as of version 3.2.24, yum will now look in the yumdb for a installonly attribute on installed packages. If that attribute is 'keep', then they will never be removed." -property :installonlypkgs, String, description: 'List of package provides that should only ever be installed, never updated. Kernels in particular fall into this category. Defaults to kernel, kernel-bigmem, kernel-enterprise, kernel-smp, kernel-modules, kernel-debug, kernel- unsupported, kernel-source, kernel-devel, kernel-PAE, kernel- PAE-debug.' -property :installroot, String, description: 'Specifies an alternative installroot, relative to which all packages will be installed.' -property :install_weak_deps, [true, false], description: "When this option is set to true and a new package is about to be installed, all packages linked by a weak dependency relation (i.e., Recommends or Supplements flags) with this package will be pulled into the transaction. Default is DNF's default of true." -property :ip_resolve, [String, Integer], equal_to: [4, '4', 6, '6'], description: "Determines how yum resolves host names. '4': resolve to IPv4 addresses only. '6': resolve to IPv6 addresses only." -property :keepalive, [true, false], description: 'Set whether HTTP keepalive should be used for HTTP/1.1 servers that support it. This can improve transfer speeds by using one connection when downloading multiple files from a repository.' -property :keepcache, [true, false], default: false, description: 'Determines whether or not yum keeps the cache of headers and packages after successful installation.' -property :kernelpkgnames, String, description: 'List of package names that are kernels. This is really only here for the updating of kernel packages and should be removed out in the yum 2.1 series.' -property :loadts_ignoremissing, [true, false], description: "Should the load-ts command ignore packages that are missing. This includes packages in the TS to be removed, which aren't installed, and packages in the TS to be added, which aren't available. If this is set to true, and an rpm is missing then loadts_ignorenewrpm is automatically set to true. Yum defaults to False." -property :loadts_ignorenewrpm, [true, false], description: 'Should the load-ts command ignore the future rpmdb version or abort if there is a mismatch between the TS file and what will happen on the current machine. Note that if loadts_ignorerpm is True, this option does nothing. Yum defaults to False' -property :loadts_ignorerpm, [true, false], description: 'Should the load-ts command ignore the rpmdb version (yum version nogroups) or abort if there is a mismatch between the TS file and the current machine. If this is set to true, then loadts_ignorenewrpm is automatically set to true. Yum defaults to False' -property :localpkg_gpgcheck, [true, false], description: 'This tells yum whether or not it should perform a GPG signature check on local packages (packages in a file, not in a repositoy).' -property :logfile, String, default: '/var/log/yum.log', description: 'Full directory and file name for where yum should write its log file.' -property :max_connections, String, regex: /^\d+/, description: 'The maximum number of simultaneous connections. This overrides the urlgrabber default of 5 connections. Note that there are also implicit per-mirror limits and the downloader honors these too.' -property :mddownloadpolicy, String, equal_to: %w(sqlite xml), description: "You can select which kinds of repodata you would prefer yum to download:\n'sqlite' - Download the .sqlite files, if available. This is currently slightly faster, once they are downloaded. However these files tend to be bigger, and thus. take longer to download. \n'xml' - Download the .XML files, which yum will do anyway as a fallback on the other options. These files tend to be smaller, but they require parsing/converting locally after download and some aditional checks are performed on them each time they are used." -property :mdpolicy, String, equal_to: %w(instant group:primary group:small group:main group:all), description: "You can select from different metadata download policies depending on how much data you want to download with the main repository metadata index. The advantages of downloading more metadata with the index is that you can't get into situations where you need to use that metadata later and the versions available aren't compatible (or the user lacks privileges) and that if the metadata is corrupt in any way yum will revert to the previous metadata.\n'instant' - Just download the new metadata index, this is roughly what yum always did, however it now does some checking on the index and reverts if it classifies it as bad.\n'group:primary' - Download the primary metadata with the index. This contains most of the package information and so is almost always required anyway.\n'group:small' - With the primary also download the updateinfo metadata, groups, and pkgtags. This is required for yum-security operations and it also used in the graphical clients. This file also tends to be significantly smaller than most others. This is the default. \n'group:main' - With the primary and updateinfo download the filelists metadata and the group metadata. The filelists data is required for operations like 'yum install /bin/bash', and also some dependency resolutions require it. The group data is used in some graphical clients and for group operations like 'yum grouplist Base'.\n'group:all' - Download all metadata listed in the index, currently the only one not listed above is the other metadata, which contains the changelog information which is used by yum-changelog. This is what 'yum makecache' uses." -property :metadata_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/, /never/], description: "Time (in seconds) after which the metadata will expire. So that if the current metadata downloaded is less than this many seconds old then yum will not update the metadata against the repository. If you find that yum is not downloading information on updates as often as you would like lower the value of this option. You can also change from the default of using seconds to using days, hours or minutes by appending a d, h or m respectively. The default is 6 hours, to compliment yum-updatesd running once an hour. It's also possible to use the word 'never', meaning that the metadata will never expire. Note that when using a metalink file the metalink must always be newer than the metadata for the repository, due to the validation, so this timeout also applies to the metalink file." -property :metadata_expire_filter, String, equal_to: %w(never read-only:past read-only:present read-only:future), description: "Filter the metadata_expire time, allowing a trade of speed for accuracy if a command doesn't require it. Each yum command can specify that it requires a certain level of timeliness quality from the remote repos. from 'I\'m about to install/upgrade, so this better be current' to 'Anything that\'s available is good enough'. \n'never' - Nothing is filtered, always obey metadata_expire. \n'read-only:past' - Commands that only care about past\ information are filtered from metadata expiring. Eg. yum history info (if history needs to lookup anything about a previous transaction, then by definition the remote package was available in the past). \n'read-only:present' - Commands that are balanced between past and future. This is the default. Eg. yum list yum\n'read-only:future' - Commands that are likely to result in running other commands which will require the latest metadata. Eg. yum check-update\nNote that this option requires that all the enabled repositories be roughly the same freshness (meaning the cache age difference from one another is at most 5 days). Failing that, metadata_expire will always be obeyed, just like with 'never'.\nAlso note that this option does not override 'yum clean expire-cache'." -property :minrate, String, description: "This sets the low speed threshold in bytes per second. If the server is sending data slower than this for at least 'timeout' seconds, Yum aborts the connection." -property :mirrorlist_expire, String, regex: /^\d+$/, description: 'Time (in seconds) after which the mirrorlist locally cached will expire. If the current mirrorlist is less than this many seconds old then yum will not download another copy of the mirrorlist, it has the same extra format as metadata_expire. If you find that yum is not downloading the mirrorlists as often as you would like lower the value of this option.' -property :multilib_policy, String, equal_to: %w(all best), description: "The policy installation policy. Can be set to 'all' or 'best'. All means install all possible arches for any package you want to install. Therefore yum install foo will install foo.i386 and foo.x86_64 on x86_64, if it is available. Best means install the best arch for this platform, only. " -property :obsoletes, [true, false], description: "This option only has affect during an update. It enables yum's obsoletes processing logic. Useful when doing distribution level upgrades. See also the yum upgrade command documentation for more details" -property :options, Hash -property :override_install_langs, [true, false], description: "This is a way to override rpm's _install_langs macro. without having to change it within rpm's macro file" -property :overwrite_groups, [true, false], description: "Used to determine yum's behaviour if two or more repositories offer the package groups with the same name. If overwrite_groups is true then the group packages of the last matching repository will be used. If overwrite_groups is false then the groups from all matching repositories will be merged together as one large group. Note that this option does not override remove_leaf_only, so enabling that option means this has almost no affect." -property :password, String, description: 'password to use with the username for basic authentication.' -property :path, String, name_property: true -property :persistdir, String, description: 'Directory where yum should store information that should persist over multiple runs.' -property :pluginconfpath, String, description: 'A list of directories where yum should look for plugin configuration files.' -property :pluginpath, String, description: 'A list of directories where yum should look for plugin modules.' -property :plugins, [true, false], default: true, description: 'Global switch to enable or disable yum plugins.' -property :protected_multilib, [true, false], description: 'This tells yum whether or not it should perform a check to make sure that multilib packages are the same version. For example, if this option is off (rpm behavior) then in some cases it might be possible for pkgA-1.x86_64 and pkgA-2.i386 to be installed at the same time. However this is very rarely desired. Install only packages, like the kernel, are exempt from this check.' -property :protected_packages, String, description: 'This is a list of packages that yum should never completely remove. They are protected via Obsoletes as well as user/plugin removals.' -property :proxy, String, description: 'URL to the proxy server that yum should use.' -property :proxy_password, String, description: 'The password for the specified proxy.' -property :proxy_username, String, description: 'The username for the specified proxy.' -property :query_install_excludes, [true, false], description: 'This applies the command line exclude option (only, not the configuration exclude above) to installed packages being shown in some query commands' -property :recent, String, regex: /^\d+$/, description: "Number of days back to look for 'recent' packages added to a repository." -property :recheck_installed_requires, [true, false], description: "When upgrading a package do we recheck any requirements that existed in the old package. Turning this on shouldn't do anything but slow yum depsolving down, however using rpm --nodeps etc. can break the rpmdb and then this will help." -property :releasever, String -property :remove_leaf_only, [true, false], description: "Used to determine yum's behaviour when a package is removed. If remove_leaf_only is false then packages, and their deps, will be removed. If remove_leaf_only is true then only those packages that aren't required by another package will be removed." -property :repo_gpgcheck, [true, false], description: 'This tells yum whether or not it should perform a GPG signature check on the repodata. When this is set in the [main] section it sets the default for all repositories.' -property :repopkgsremove_leaf_only, [true, false], description: "Used to determine yum's behaviour when the repo-pkg remove command is run. If repopkgremove_leaf_only is false then all packages in the repo. will be removed. If repopkgremove_leaf_only is true then only those packages in the repo. that aren't required by another package will be removed. Note that this option does not override remove_leaf_only, so enabling that option means this has almost no affect." -property :reposdir, String, description: "A list of directories where yum should look for .repo files which define repositories to use. Default is '/etc/yum/repos.d'. Each file in this directory should contain one or more repository sections as documented in [repository] options below. These will be merged with the repositories defined in /etc/yum/yum.conf to form the complete set of repositories that yum will use." -property :requires_policy, String, equal_to: %w(strong weak info), description: 'Strong means install just the needed requirements. Weak means also install any weak requirements. Info means install all requirements. This only happens on install/reinstall, upgrades/downgrades do not consult this at all. Note that yum will try to just drop weak and info requirements on errors.' -property :reset_nice, [true, false], description: 'If set to true then yum will try to reset the nice value to zero, before running an rpm transaction.' -property :retries, String, regex: /^\d+$/, description: "Set the number of times any attempt to retrieve a file should retry before returning an error. Setting this to '0' makes yum try forever." -property :rpmverbosity, String, equal_to: %w(info critical emergency error warn debug), description: 'Debug scriptlet output level.' -property :shell_exit_status, String, equal_to: %w(0 ?), description: "Determines the exit status that should be returned by `yum shell' when it terminates after reading the `exit' command or EOF. If ? is set, the exit status is that of the last command executed before `exit' (bash-like behavior). Yum defaults to 0." -property :showdupesfromrepos, [true, false], description: 'Set to true if you wish to show any duplicate packages from any repository, from package listings like the info or list commands. Set to false if you want only to see the newest packages from any repository.' -property :skip_broken, [true, false], description: 'Resolve depsolve problems by removing packages that are causing problems from the transaction.' -property :skip_missing_names_on_install, [true, false], description: "If set to False, 'yum install' will fail if it can't find any of the provided names (package, group, rpm file). Yum's default is true." -property :skip_missing_names_on_update, [true, false], description: "If set to False, 'yum update' will fail if it can't find any of the provided names (package, group, rpm file). It will also fail if the provided name is a package which is available, but not installed. Yum's default is true." -property :ssl_check_cert_permissions, [true, false], description: "Whether yum should check the permissions on the paths for the certificates on the repository (both remote and local). If we can't read any of the files then yum will force skip_if_unavailable to be true. This is most useful for non-root processes which use yum on repos. that have client cert files which are readable only by root." -property :sslcacert, String, description: 'Path to the directory containing the databases of the certificate authorities yum should use to verify SSL certificates.' -property :sslclientcert, String, description: 'Path to the SSL client certificate yum should use to connect to repos/remote sites.' -property :sslclientkey, String, description: 'Path to the SSL client key yum should use to connect to repos/remote sites.' -property :sslverify, [true, false], description: 'Should yum verify SSL certificates/hosts at all.' -property :syslog_device, String, description: 'Where to log syslog messages. Can be a local device (path) or a host:port string to use a remote syslog. If empty or points to a nonexistent device, syslog logging is disabled.' -property :syslog_facility, String, description: 'Facility name for syslog messages.' -property :syslog_ident, String, description: 'Identification (program name) for syslog messages.' -property :throttle, String, regex: [/\d+k/, /\d+M/, /\d+G/], description: "Enable bandwidth throttling for downloads. This option can be expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the bandwidth value (eg. '5.5k' is 5.5 kilobytes/sec, '2M' is 2 Megabytes/sec)." -property :timeout, String, regex: /^\d+$/, description: 'Number of seconds to wait for a connection before timing out.' -property :tolerant, [true, false], description: "If enabled, yum will go slower, checking for things that shouldn't be possible making it more tolerant of external errors. Default to '0' (not tolerant)." -property :tsflags, String, description: "Comma or space separated list of transaction flags to pass to the rpm transaction set. These include 'noscripts', 'notriggers', 'nodocs', 'test', 'justdb' and 'nocontexts'. 'repackage' is also available but that does nothing with newer rpm versions. You can set all/any of them. However, if you don't know what these do in the context of an rpm transaction set you're best leaving it alone." -property :ui_repoid_vars, String, description: 'When a repository id is displayed, append these yum variables to the string if they are used in the baseurl/etc. Variables are appended in the order listed (and found).' -property :upgrade_group_objects_upgrade, [true, false], description: "Set this to false to disable the automatic running of 'group upgrade' when running the 'upgrade' command, and group_command is set to 'objects'." -property :upgrade_requirements_on_install, [true, false], description: "When installing/reinstalling/upgrading packages go through each package's installed dependencies and check for an update." -property :usercache, String, description: "Determines whether or not yum should store per-user cache in $TMPDIR. When set to '0', then whenever yum runs as a non-root user, --cacheonly is implied and system cache is used directly, and no new user cache is created in $TMPDIR. This can be used to prevent $TMPDIR from filling up if many users on the system often use yum and root tends to have up-to-date metadata that the users can rely on (they can still enable this feature with --setopt if they wish)." -property :username, String, description: 'username to use for basic authentication to a repo or really any url.' -property :usr_w_check, [true, false], description: "Set this to false to disable the checking for writability on /usr in the installroot (when going into the depsolving stage). Yum's default is true." - -alias_method :max_retries, :retries - -action :create do - template new_resource.path do - source 'main.erb' - cookbook 'yum' - mode '0644' - variables(config: new_resource) - end -end - -action :delete do - file new_resource.path do - action :delete - end -end diff --git a/cookbooks/yum/templates/main.erb b/cookbooks/yum/templates/main.erb deleted file mode 100644 index 28a163f..0000000 --- a/cookbooks/yum/templates/main.erb +++ /dev/null @@ -1,286 +0,0 @@ -# This file was generated by Chef Infra Client -# Do NOT modify this file by hand. - -[main] -<% if @config.alwaysprompt %> -alwaysprompt=<%= @config.alwaysprompt %> -<% end %> -<% if @config.assumeyes %> -assumeyes=<%= @config.assumeyes %> -<% end %> -<% if @config.bandwidth %> -bandwidth=<%= @config.bandwidth %> -<% end %> -<% if @config.bugtracker_url %> -bugtracker_url=<%= @config.bugtracker_url %> -<% end %> -<% if @config.cachedir %> -cachedir=<%= @config.cachedir %> -<% end %> -<% if @config.clean_requirements_on_remove %> -clean_requirements_on_remove=<%= @config.clean_requirements_on_remove %> -<% end %> -<% if @config.color %> -color=<%= @config.color %> -<% end %> -<% if @config.color_list_available_downgrade %> -color_list_available_downgrade=<%= @config.color_list_available_downgrade %> -<% end %> -<% if @config.color_list_available_install %> -color_list_available_install=<%= @config.color_list_available_install %> -<% end %> -<% if @config.color_list_available_reinstall %> -color_list_available_reinstall=<%= @config.color_list_available_reinstall %> -<% end %> -<% if @config.color_list_available_upgrade %> -color_list_available_upgrade=<%= @config.color_list_available_upgrade %> -<% end %> -<% if @config.color_list_installed_extra %> -color_list_installed_extra=<%= @config.color_list_installed_extra %> -<% end %> -<% if @config.color_list_installed_newer %> -color_list_installed_newer=<%= @config.color_list_installed_newer %> -<% end %> -<% if @config.color_list_installed_older %> -color_list_installed_older=<%= @config.color_list_installed_older %> -<% end %> -<% if @config.color_list_installed_reinstall %> -color_list_installed_reinstall=<%= @config.color_list_installed_reinstall %> -<% end %> -<% if @config.color_search_match %> -color_search_match=<%= @config.color_search_match %> -<% end %> -<% if @config.color_update_installed %> -color_update_installed=<%= @config.color_update_installed %> -<% end %> -<% if @config.color_update_local %> -color_update_local=<%= @config.color_update_local %> -<% end %> -<% if @config.color_update_remote %> -color_update_remote=<%= @config.color_update_remote %> -<% end %> -<% if @config.commands %> -commands=<%= @config.commands %> -<% end %> -<% if @config.debuglevel %> -debuglevel=<%= @config.debuglevel %> -<% end %> -<% if @config.deltarpm == true %> -deltarpm=1 -<% elsif @config.deltarpm == false %> -deltarpm=0 -<% end %> -<% if @config.diskspacecheck %> -diskspacecheck=<%= @config.diskspacecheck %> -<% end %> -<% if @config.distroverpkg %> -distroverpkg=<%= @config.distroverpkg %> -<% end %> -<% if @config.enable_group_conditionals %> -enable_group_conditionals=1 -<% end %> -<% if @config.errorlevel %> -errorlevel=<%= @config.errorlevel %> -<% end %> -<% if @config.exactarch %> -exactarch=1 -<% else %> -exactarch=0 -<% end %> -<% if @config.exclude %> -exclude=<%= @config.exclude %> -<% end %> -<% if @config.gpgcheck %> -gpgcheck=1 -<% else %> -gpgcheck=0 -<% end %> -<% if @config.group_package_types %> -group_package_types=<%= @config.group_package_types %> -<% end %> -<% if @config.groupremove_leaf_only %> -groupremove_leaf_only=<%= @config.groupremove_leaf_only %> -<% end %> -<% if @config.history_list_view %> -history_list_view=<%= @config.history_list_view %> -<% end %> -<% if @config.history_record %> -history_record=<%= @config.history_record %> -<% end %> -<% if @config.history_record_packages %> -history_record_packages=<%= @config.history_record_packages %> -<% end %> -<% if @config.http_caching %> -http_caching=<%= @config.http_caching %> -<% end %> -<% if @config.ip_resolve %> -ip_resolve=<%= @config.ip_resolve %> -<% end %> -<% unless @config.install_weak_deps.nil? %> -<% if @config.install_weak_deps %> -install_weak_deps=1 -<% else %> -install_weak_deps=0 -<% end %> -<% end %> -<% if @config.installonly_limit %> -installonly_limit=<%= @config.installonly_limit %> -<% end %> -<% if @config.installonlypkgs %> -installonlypkgs=<%= @config.installonlypkgs %> -<% end %> -<% if @config.installroot %> -installroot=<%= @config.installroot %> -<% end %> -<% if @config.keepalive %> -keepalive=<%= @config.keepalive %> -<% end %> -<% if @config.keepcache %> -keepcache=1 -<% else %> -keepcache=0 -<% end %> -<% if @config.kernelpkgnames %> -kernelpkgnames=<%= @config.kernelpkgnames %> -<% end %> -<% if @config.localpkg_gpgcheck %> -localpkg_gpgcheck=1 -<% else %> -localpkg_gpgcheck=0 -<% end %> -<% if @config.logfile %> -logfile=<%= @config.logfile %> -<% end %> -<% if @config.max_retries %> -max_retries=<%= @config.max_retries %> -<% end %> -<% if @config.mdpolicy %> -mdpolicy=<%= @config.mdpolicy %> -<% end %> -<% if @config.metadata_expire %> -metadata_expire=<%= @config.metadata_expire %> -<% end %> -<% if @config.mirrorlist_expire %> -mirrorlist_expire=<%= @config.mirrorlist_expire %> -<% end %> -<% if @config.multilib_policy %> -multilib_policy=<%= @config.multilib_policy %> -<% end %> -<% if @config.obsoletes == false %> -obsoletes=0 -<% else %> -obsoletes=1 -<% end %> -<% if @config.overwrite_groups %> -overwrite_groups=<%= @config.overwrite_groups %> -<% end %> -<% if @config.password %> -password=<%= @config.password %> -<% end %> -<% if @config.persistdir %> -persistdir=<%= @config.persistdir %> -<% end %> -<% if @config.pluginconfpath %> -pluginconfpath=<%= @config.pluginconfpath %> -<% end %> -<% if @config.pluginpath %> -pluginpath=<%= @config.pluginpath %> -<% end %> -<% if @config.plugins %> -plugins=1 -<% else %> -plugins=0 -<% end %> -<% if @config.protected_multilib %> -protected_multilib=<%= @config.protected_multilib %> -<% end %> -<% if @config.protected_packages %> -protected_packages=<%= @config.protected_packages %> -<% end %> -<% if @config.proxy %> -proxy=<%= @config.proxy %> -<% end %> -<% if @config.proxy_password %> -proxy_password=<%= @config.proxy_password %> -<% end %> -<% if @config.proxy_username %> -proxy_username=<%= @config.proxy_username %> -<% end %> -<% if @config.recent %> -recent=<%= @config.recent %> -<% end %> -<% if @config.releasever && @config.releasever.length > 0 %> -releasever=<%= @config.releasever %> -<% end %> -<% if @config.repo_gpgcheck %> -repo_gpgcheck=<%= @config.repo_gpgcheck %> -<% end %> -<% if @config.reposdir %> -reposdir=<%= @config.reposdir %> -<% end %> -<% if @config.reset_nice %> -reset_nice=<%= @config.reset_nice %> -<% end %> -<% if @config.rpmverbosity %> -rpmverbosity=<%= @config.rpmverbosity %> -<% end %> -<% if @config.showdupesfromrepos %> -showdupesfromrepos=<%= @config.showdupesfromrepos %> -<% end %> -<% if @config.skip_broken %> -skip_broken=<%= @config.skip_broken %> -<% end %> -<% if @config.ssl_check_cert_permissions %> -ssl_check_cert_permissions=<%= @config.ssl_check_cert_permissions %> -<% end %> -<% if @config.sslcacert %> -sslcacert=<%= @config.sslcacert %> -<% end %> -<% if @config.sslclientcert %> -sslclientcert=<%= @config.sslclientcert %> -<% end %> -<% if @config.sslclientkey %> -sslclientkey=<%= @config.sslclientkey %> -<% end %> -<% unless @config.sslverify.nil? %> -sslverify=<%= ( @config.sslverify ) ? 'true' : 'false' %> -<% end %> -<% if @config.syslog_device %> -syslog_device=<%= @config.syslog_device %> -<% end %> -<% if @config.syslog_facility %> -syslog_facility=<%= @config.syslog_facility %> -<% end %> -<% if @config.syslog_ident %> -syslog_ident=<%= @config.syslog_ident %> -<% end %> -<% if @config.throttle %> -throttle=<%= @config.throttle %> -<% end %> -<% if @config.timeout %> -timeout=<%= @config.timeout %> -<% end %> -<% if @config.tolerant %> -tolerant=<%= ( @config.tolerant ) ? '1' : '0' %> -<% end %> -<% if @config.tsflags %> -tsflags=<%= @config.tsflags %> -<% end %> -<% if @config.username %> -username=<%= @config.username %> -<% end %> -<% if @config.options -%> -<% @config.options.each do |key, value| -%> -<%= key %>=<%= - case value - when Array - value.join("\n ") - when TrueClass - '1' - when FalseClass - '0' - else - value - end %> -<% end -%> -<% end -%> diff --git a/environments/production.json b/environments/production.json index 0d0d0ac..538483e 100644 --- a/environments/production.json +++ b/environments/production.json @@ -2,14 +2,17 @@ "name": "production", "override_attributes": { "akkounts": { - "discourse": { - "public_url": "https://community.kosmos.org" + "ejabberd": { + "admin_url": "https://xmpp.kosmos.org:5443/admin" }, "lndhub": { "public_url": "https://lndhub.kosmos.org", "public_key": "024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946" } }, + "discourse": { + "domain": "community.kosmos.org" + }, "garage": { "replication_mode": "2", "s3_api_root_domain": ".s3.garage.kosmos.org", @@ -20,6 +23,7 @@ ] }, "gitea": { + "domain": "gitea.kosmos.org", "postgresql_host": "pg.kosmos.local:5432", "config": { "storage": { @@ -31,6 +35,7 @@ } }, "kosmos-mastodon": { + "domain": "kosmos.social", "s3_endpoint": "http://localhost:3900", "s3_region": "garage", "s3_bucket": "kosmos-social", @@ -40,6 +45,9 @@ "mastodon.w7nooprauv6yrnhzh2ajpcnj3doinked2aaztlwfyt6u6pva2qdxqhid.onion" ] }, + "mediawiki": { + "url": "https://wiki.kosmos.org" + }, "sentry": { "allowed_ips": "10.1.1.0/24" } diff --git a/nodes/akkounts-1.json b/nodes/akkounts-1.json index dc47bff..a183843 100644 --- a/nodes/akkounts-1.json +++ b/nodes/akkounts-1.json @@ -46,7 +46,7 @@ "redisio::default", "redisio::_install_prereqs", "redisio::install", - "ulimit::default", + "redisio::ulimit", "redisio::disable_os_default", "redisio::configure", "redisio::enable", @@ -54,21 +54,20 @@ "nodejs::nodejs_from_package", "nodejs::repo", "nodejs::npm", - "nodejs::install", - "git::default", - "git::package" + "nodejs::install" ], "platform": "ubuntu", "platform_version": "20.04", "cloud": null, "chef_packages": { "chef": { - "version": "15.14.0", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib" + "version": "18.2.7", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", + "chef_effortless": null }, "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" } } }, diff --git a/nodes/barnard.kosmos.org.json b/nodes/barnard.kosmos.org.json deleted file mode 100644 index 9de80d0..0000000 --- a/nodes/barnard.kosmos.org.json +++ /dev/null @@ -1,103 +0,0 @@ -{ - "name": "barnard.kosmos.org", - "normal": { - "knife_zero": { - "host": "barnard.kosmos.org" - }, - "ipfs": { - "memory_max": "256M" - } - }, - "automatic": { - "fqdn": "barnard.kosmos.org", - "os": "linux", - "os_version": "4.15.0-122-generic", - "hostname": "barnard", - "ipaddress": "104.248.95.16", - "roles": [ - "base" - ], - "recipes": [ - "kosmos-base", - "kosmos-base::default", - "kosmos-ipfs", - "kosmos-ipfs::default", - "kosmos-hubot::botka_freenode", - "kosmos-hubot::hal8000", - "kosmos-hubot::hal8000_xmpp", - "sockethub", - "sockethub::default", - "sockethub::proxy", - "kosmos-dirsrv", - "kosmos-dirsrv::default", - "apt::default", - "timezone_iii::default", - "timezone_iii::debian", - "ntp::default", - "ntp::apparmor", - "kosmos-base::systemd_emails", - "apt::unattended-upgrades", - "kosmos-base::firewall", - "kosmos-postfix::default", - "postfix::default", - "postfix::_common", - "postfix::_attributes", - "postfix::sasl_auth", - "hostname::default", - "ipfs::default", - "ipfs::_user", - "kosmos-ipfs::kredits_pinner", - "kosmos-nodejs::default", - "nodejs::nodejs_from_package", - "nodejs::repo", - "kosmos-ipfs::firewall_swarm", - "firewall::default", - "chef-sugar::default", - "kosmos-redis::default", - "redis::server", - "redis::default", - "backup::default", - "logrotate::default", - "kosmos-base::letsencrypt", - "kosmos-nginx::default", - "nginx::default", - "nginx::package", - "nginx::ohai_plugin", - "nginx::repo", - "nginx::commons", - "nginx::commons_dir", - "nginx::commons_script", - "nginx::commons_conf", - "kosmos-nginx::firewall", - "kosmos-hubot::_user", - "sockethub::_firewall", - "kosmos-dirsrv::firewall", - "ulimit::default" - ], - "platform": "ubuntu", - "platform_version": "18.04", - "cloud": { - "public_ipv4_addrs": [ - "104.248.95.16" - ], - "provider": "digital_ocean", - "public_ipv4": "104.248.95.16" - }, - "chef_packages": { - "ohai": { - "version": "15.3.1", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.3.1/lib/ohai" - }, - "chef": { - "version": "15.3.14", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.3.14/lib" - } - } - }, - "run_list": [ - "role[base]", - "recipe[kosmos-ipfs]", - "recipe[kosmos-hubot::hal8000_xmpp]", - "recipe[kosmos-dirsrv]" - ] -} diff --git a/nodes/bitcoin-2.json b/nodes/bitcoin-2.json index 030bd35..7891613 100644 --- a/nodes/bitcoin-2.json +++ b/nodes/bitcoin-2.json @@ -37,7 +37,6 @@ "kosmos-bitcoin::rtl", "kosmos-bitcoin::peerswap-lnd", "kosmos_postgresql::hostsfile", - "kosmos-bitcoin::lndhub", "kosmos-bitcoin::lndhub-go", "kosmos-bitcoin::dotnet", "kosmos-bitcoin::nbxplorer", @@ -71,14 +70,6 @@ "nodejs::nodejs_from_package", "nodejs::repo", "firewall::default", - "chef-sugar::default", - "redisio::default", - "redisio::_install_prereqs", - "redisio::install", - "ulimit::default", - "redisio::disable_os_default", - "redisio::configure", - "redisio::enable", "kosmos-nginx::default", "nginx::default", "nginx::package", @@ -95,13 +86,14 @@ "platform_version": "20.04", "cloud": null, "chef_packages": { - "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" - }, "chef": { - "version": "15.13.8", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.13.8/lib" + "version": "18.2.7", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" } } }, diff --git a/nodes/centaurus.kosmos.org.json b/nodes/centaurus.kosmos.org.json deleted file mode 100644 index 580a566..0000000 --- a/nodes/centaurus.kosmos.org.json +++ /dev/null @@ -1,83 +0,0 @@ -{ - "name": "centaurus.kosmos.org", - "normal": { - "knife_zero": { - "host": "10.1.1.186" - } - }, - "automatic": { - "fqdn": "centaurus.kosmos.org", - "os": "linux", - "os_version": "5.4.0-99-generic", - "hostname": "centaurus", - "ipaddress": "78.46.59.98", - "roles": [ - "gitea", - "postgresql_client", - "drone" - ], - "recipes": [ - "kosmos-base", - "kosmos-base::default", - "kosmos_encfs", - "kosmos_encfs::default", - "kosmos_postgresql::hostsfile", - "kosmos_gitea", - "kosmos_gitea::default", - "kosmos_gitea::backup", - "kosmos_drone", - "kosmos_drone::default", - "kosmos_assets::nginx_site", - "kosmos_kvm::host", - "kosmos-ejabberd::firewall", - "kosmos_website", - "kosmos_website::default", - "kosmos_zerotier::firewall", - "apt::default", - "timezone_iii::default", - "timezone_iii::debian", - "ntp::default", - "ntp::apparmor", - "kosmos-base::systemd_emails", - "apt::unattended-upgrades", - "kosmos-base::firewall", - "kosmos-postfix::default", - "postfix::default", - "postfix::_common", - "postfix::_attributes", - "postfix::sasl_auth", - "hostname::default", - "kosmos-nginx::default", - "nginx::default", - "nginx::package", - "nginx::ohai_plugin", - "nginx::repo", - "nginx::commons", - "nginx::commons_dir", - "nginx::commons_script", - "nginx::commons_conf", - "kosmos-nginx::firewall", - "backup::default", - "logrotate::default", - "kosmos-base::letsencrypt" - ], - "platform": "ubuntu", - "platform_version": "20.04", - "cloud": null, - "chef_packages": { - "ohai": { - "version": "15.9.1", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.9.1/lib/ohai" - }, - "chef": { - "version": "15.10.12", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.10.12/lib" - } - } - }, - "run_list": [ - "recipe[kosmos-base]", - "recipe[kosmos_kvm::host]", - "recipe[kosmos_zerotier::firewall]" - ] -} diff --git a/nodes/ipfs-1.json b/nodes/ipfs-1.json index d3a825e..8022309 100644 --- a/nodes/ipfs-1.json +++ b/nodes/ipfs-1.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "ipfs-1", "os": "linux", - "os_version": "5.4.0-131-generic", + "os_version": "5.4.0-152-generic", "hostname": "ipfs-1", "ipaddress": "192.168.122.195", "roles": [ @@ -39,7 +39,6 @@ "ipfs::default", "ipfs::_user", "firewall::default", - "chef-sugar::default", "kosmos-nodejs::default", "nodejs::nodejs_from_package", "nodejs::repo", @@ -50,12 +49,13 @@ "cloud": null, "chef_packages": { "chef": { - "version": "15.14.0", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib" + "version": "18.2.7", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", + "chef_effortless": null }, "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" } } }, diff --git a/nodes/mastodon-3.json b/nodes/mastodon-3.json index 3cd4fa0..7bc96ba 100644 --- a/nodes/mastodon-3.json +++ b/nodes/mastodon-3.json @@ -45,9 +45,6 @@ "postfix::sasl_auth", "hostname::default", "firewall::default", - "chef-sugar::default", - "git::default", - "git::package", "kosmos-nodejs::default", "nodejs::nodejs_from_package", "nodejs::repo", @@ -60,7 +57,7 @@ "redisio::default", "redisio::_install_prereqs", "redisio::install", - "ulimit::default", + "redisio::ulimit", "redisio::disable_os_default", "redisio::configure", "redisio::enable", @@ -73,13 +70,14 @@ "platform_version": "20.04", "cloud": null, "chef_packages": { - "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" - }, "chef": { - "version": "15.17.4", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.17.4/lib" + "version": "18.2.7", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" } } }, diff --git a/nodes/nodejs-4.json b/nodes/nodejs-4.json index d711ed9..659966b 100644 --- a/nodes/nodejs-4.json +++ b/nodes/nodejs-4.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "nodejs-4", "os": "linux", - "os_version": "5.4.0-1058-kvm", + "os_version": "5.4.0-1089-kvm", "hostname": "nodejs-4", "ipaddress": "192.168.122.106", "roles": [ @@ -47,7 +47,7 @@ "redisio::default", "redisio::_install_prereqs", "redisio::install", - "ulimit::default", + "redisio::ulimit", "redisio::disable_os_default", "redisio::configure", "redisio::enable", @@ -75,13 +75,14 @@ "platform_version": "20.04", "cloud": null, "chef_packages": { - "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" - }, "chef": { - "version": "15.17.4", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.17.4/lib" + "version": "18.2.7", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" } } }, diff --git a/nodes/redis-1.json b/nodes/redis-1.json index 8ba41ee..a5507e7 100644 --- a/nodes/redis-1.json +++ b/nodes/redis-1.json @@ -13,12 +13,15 @@ "ipaddress": "192.168.122.83", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "redis_server" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_redis", + "kosmos_redis::default", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +35,17 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "redisio::default", + "redisio::_install_prereqs", + "redisio::install", + "redisio::ulimit", + "redisio::disable_os_default", + "redisio::configure", + "redisio::enable", + "kosmos_redis::firewall", + "backup::default", + "logrotate::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +64,7 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[redis_server]" ] } \ No newline at end of file diff --git a/nodes/test-3.json b/nodes/test-3.json deleted file mode 100644 index 86e533e..0000000 --- a/nodes/test-3.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "name": "test-3", - "normal": { - "knife_zero": { - "host": "10.1.1.18" - } - }, - "automatic": { - "fqdn": "test-3", - "os": "linux", - "os_version": "5.4.0-1031-kvm", - "hostname": "test-3", - "ipaddress": "192.168.122.22", - "roles": [ - - ], - "recipes": [ - "kosmos-base", - "kosmos-base::default", - "apt::default", - "timezone_iii::default", - "timezone_iii::debian", - "ntp::default", - "ntp::apparmor", - "kosmos-base::systemd_emails", - "apt::unattended-upgrades", - "kosmos-base::firewall", - "kosmos-postfix::default", - "postfix::default", - "postfix::_common", - "postfix::_attributes", - "postfix::sasl_auth", - "hostname::default" - ], - "platform": "ubuntu", - "platform_version": "20.04", - "cloud": null, - "chef_packages": { - "chef": { - "version": "15.15.1", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.15.1/lib" - }, - "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" - } - } - }, - "run_list": [ - "recipe[kosmos-base]" - ] -} \ No newline at end of file diff --git a/roles/lndhub.rb b/roles/lndhub.rb index 6f67d07..ab598e6 100644 --- a/roles/lndhub.rb +++ b/roles/lndhub.rb @@ -2,6 +2,5 @@ name "lndhub" run_list %w( role[postgresql_client] - kosmos-bitcoin::lndhub kosmos-bitcoin::lndhub-go ) diff --git a/roles/redis_local.rb b/roles/redis_local.rb deleted file mode 100644 index 4b1ee2d..0000000 --- a/roles/redis_local.rb +++ /dev/null @@ -1,8 +0,0 @@ -name "redis_local" - -run_list %w( - redisio::default - redisio::enable -) - -default_attributes({}) diff --git a/roles/redis_server.rb b/roles/redis_server.rb new file mode 100644 index 0000000..f7fb88e --- /dev/null +++ b/roles/redis_server.rb @@ -0,0 +1,18 @@ +name "redis_server" + +default_run_list = %w( + kosmos_redis::default +) + +production_run_list = %w( + kosmos_redis::default + kosmos_redis::firewall +) + +env_run_lists( + '_default' => default_run_list, + 'development' => default_run_list, + 'production' => production_run_list +) + +default_attributes({}) diff --git a/site-cookbooks/backup/recipes/default.rb b/site-cookbooks/backup/recipes/default.rb index 84a6b75..ec3ec39 100644 --- a/site-cookbooks/backup/recipes/default.rb +++ b/site-cookbooks/backup/recipes/default.rb @@ -5,12 +5,13 @@ apt_package 'postgresql-client-12' build_essential 'backup gem' +package ['libxml2-dev', 'libcurl4-gnutls-dev'] # Don't try to install packages on older Ubuntu, the repositories are 404 package ["ruby", "ruby-dev", "zlib1g-dev"] if node[:platform_version].to_f >= 16.04 gem_package 'backup' do - version '5.0.0.beta.2' + version '5.0.0.beta.3' end smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp') diff --git a/site-cookbooks/kosmos-akkounts/attributes/default.rb b/site-cookbooks/kosmos-akkounts/attributes/default.rb index 44ea880..a3c6968 100644 --- a/site-cookbooks/kosmos-akkounts/attributes/default.rb +++ b/site-cookbooks/kosmos-akkounts/attributes/default.rb @@ -2,6 +2,7 @@ node.default['akkounts']['repo'] = 'https://gitea.kosmos.org/kosmos/akkounts.git node.default['akkounts']['revision'] = 'master' node.default['akkounts']['port'] = 3000 node.default['akkounts']['domain'] = 'accounts.kosmos.org' +node.default['akkounts']['primary_domain'] = 'kosmos.org' node.default['akkounts_api']['domain'] = 'api.kosmos.org' @@ -10,11 +11,9 @@ node.default['akkounts']['smtp']['domain'] = 'kosmos.org' node.default['akkounts']['smtp']['auth_method'] = 'plain' node.default['akkounts']['smtp']['enable_starttls'] = 'auto' -node.default['akkounts']['discourse']['public_url'] = nil +node.default['akkounts']['ejabberd']['admin_url'] = nil node.default['akkounts']['lndhub']['api_url'] = nil node.default['akkounts']['lndhub']['public_url'] = nil node.default['akkounts']['lndhub']['public_key'] = nil node.default['akkounts']['lndhub']['postgres_db'] = 'lndhub' - -node.override["redisio"]["version"] = "6.2.6" diff --git a/site-cookbooks/kosmos-akkounts/metadata.rb b/site-cookbooks/kosmos-akkounts/metadata.rb index 8e0cf07..6ae1ac6 100644 --- a/site-cookbooks/kosmos-akkounts/metadata.rb +++ b/site-cookbooks/kosmos-akkounts/metadata.rb @@ -5,15 +5,13 @@ license 'MIT' description 'Installs/configures kosmos-akkounts' long_description 'Installs/configures kosmos-akkounts' version '0.2.0' -chef_version '>= 14.0' +chef_version '>= 18.0' depends 'kosmos-nginx' depends "kosmos-nodejs" depends "redisio" -depends "poise-ruby-build" -depends "application" -depends 'application_git' depends "postgresql" depends "kosmos_postgresql" depends "backup" depends "kosmos-dirsrv" +depends "ruby_build" diff --git a/site-cookbooks/kosmos-akkounts/recipes/default.rb b/site-cookbooks/kosmos-akkounts/recipes/default.rb index 689ad4c..597f276 100644 --- a/site-cookbooks/kosmos-akkounts/recipes/default.rb +++ b/site-cookbooks/kosmos-akkounts/recipes/default.rb @@ -30,15 +30,22 @@ npm_package "yarn" do end ruby_version = "2.7.5" -bundle_path = "/opt/ruby_build/builds/#{ruby_version}/bin/bundle" +ruby_path = "/opt/ruby_build/builds/#{ruby_version}" +bundle_path = "#{ruby_path}/bin/bundle" rails_env = node.chef_environment == "development" ? "development" : "production" +ruby_build_install 'v20230615' +ruby_build_definition ruby_version do + prefix_path ruby_path +end + postgres_readonly_host = search(:node, "role:postgresql_replica").first["knife_zero"]["host"] rescue nil btcpay_host = search(:node, "role:btcpay").first["knife_zero"]["host"] rescue nil lndhub_host = search(:node, "role:lndhub").first["knife_zero"]["host"] rescue nil webhooks_allowed_ips = [lndhub_host].compact.uniq.join(',') env = { + primary_domain: node['akkounts']['primary_domain'], akkounts_domain: node['akkounts']['domain'], rails_serve_static_files: true } @@ -65,24 +72,9 @@ if btcpay_host env[:btcpay_api_url] = "http://#{btcpay_host}:23001/api/v1" end -env[:discourse_public_url] = node['akkounts']['discourse']['public_url'] +env[:discourse_public_url] = "https://#{node['discourse']['domain']}" env[:discourse_connect_secret] = credentials['discourse_connect_secret'] -if lndhub_host - node.override["akkounts"]["lndhub"]["api_url"] = "http://#{lndhub_host}:3026" - env[:lndhub_legacy_api_url] = node["akkounts"]["lndhub"]["api_url"] - env[:lndhub_api_url] = node["akkounts"]["lndhub"]["api_url"] - env[:lndhub_public_url] = node["akkounts"]["lndhub"]["public_url"] - env[:lndhub_public_key] = node["akkounts"]["lndhub"]["public_key"] - if postgres_readonly_host - env[:lndhub_admin_ui] = true - env[:lndhub_pg_host] = postgres_readonly_host - env[:lndhub_pg_database] = node['akkounts']['lndhub']['postgres_db'] - env[:lndhub_pg_username] = credentials['postgresql_username'] - env[:lndhub_pg_password] = credentials['postgresql_password'] - end -end - ejabberd_private_ip_addresses = [] search(:node, "role:ejabberd").each do |node| ejabberd_private_ip_addresses << node["knife_zero"]["host"] @@ -101,8 +93,29 @@ end if ejabberd_private_ip_addresses.size > 0 env[:ejabberd_api_url] = "http://xmpp.kosmos.local/api" + env[:ejabberd_admin_url] = node['akkounts']['ejabberd']['admin_url'] end +env[:gitea_public_url] = "https://#{node['gitea']['domain']}" + +if lndhub_host + node.override["akkounts"]["lndhub"]["api_url"] = "http://#{lndhub_host}:3026" + env[:lndhub_legacy_api_url] = node["akkounts"]["lndhub"]["api_url"] + env[:lndhub_api_url] = node["akkounts"]["lndhub"]["api_url"] + env[:lndhub_public_url] = node["akkounts"]["lndhub"]["public_url"] + env[:lndhub_public_key] = node["akkounts"]["lndhub"]["public_key"] + if postgres_readonly_host + env[:lndhub_admin_ui] = true + env[:lndhub_pg_host] = postgres_readonly_host + env[:lndhub_pg_database] = node['akkounts']['lndhub']['postgres_db'] + env[:lndhub_pg_username] = credentials['postgresql_username'] + env[:lndhub_pg_password] = credentials['postgresql_password'] + end +end + +env[:mastodon_public_url] = "https://#{node['kosmos-mastodon']['domain']}" +env[:mediawiki_public_url] = node['mediawiki']['url'] + systemd_unit "akkounts.service" do content({ Unit: { @@ -145,7 +158,7 @@ systemd_unit "akkounts-sidekiq.service" do User: deploy_user, WorkingDirectory: deploy_path, Environment: "MALLOC_ARENA_MAX=2", - ExecStart: "#{bundle_path} exec sidekiq -C #{deploy_path}/config/sidekiq.yml -e production", + ExecStart: "#{bundle_path} exec sidekiq -C #{deploy_path}/config/sidekiq.yml -e #{rails_env}", WatchdogSec: "10", Restart: "on-failure", RestartSec: "1", @@ -162,84 +175,83 @@ systemd_unit "akkounts-sidekiq.service" do action [:create, :enable] end -application deploy_path do +deploy_env = { + "HOME" => deploy_path, + "PATH" => "#{ruby_path}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin", + "RAILS_ENV" => rails_env, + "NODE_ENV" => rails_env +} + +git deploy_path do + repository node[app_name]["repo"] + revision node[app_name]["revision"] + user deploy_user + group deploy_group + # Restart services on deployments + notifies :run, "execute[restart #{app_name} services]", :delayed +end + +execute "restart #{app_name} services" do + command "true" + action :nothing + notifies :restart, "service[#{app_name}]", :delayed + notifies :restart, "service[#{app_name}-sidekiq]", :delayed +end + +file "#{deploy_path}/config/master.key" do + content credentials['rails_master_key'] + mode '0400' owner deploy_user group deploy_group + notifies :run, "execute[restart #{app_name} services]", :delayed +end - # Take care of application restarts manually, in the git resource - action_on_update false +template "#{deploy_path}/.env.#{rails_env}" do + source 'env.erb' + owner deploy_user + group deploy_group + mode 0600 + sensitive true + variables config: env + notifies :run, "execute[restart #{app_name} services]", :delayed +end - environment "HOME" => deploy_path, - "PATH" => "/opt/ruby_build/builds/#{ruby_version}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" +execute "bundle install" do + environment deploy_env + user deploy_user + cwd deploy_path + command "bundle install --without development,test --deployment" +end - ruby_runtime ruby_version do - provider :ruby_build - version ruby_version - end +execute "yarn install" do + environment deploy_env + user deploy_user + cwd deploy_path + command "yarn install --pure-lockfile" +end - git do - user deploy_user - group deploy_group - repository node[app_name]["repo"] - revision node[app_name]["revision"] - # Restart services on deployments - notifies :restart, "application[#{deploy_path}]", :delayed - end +execute 'rake db:migrate' do + environment deploy_env + user deploy_user + group deploy_group + cwd deploy_path + command "bundle exec rake db:migrate" +end - file "#{deploy_path}/config/master.key" do - content credentials['rails_master_key'] - mode '0400' - owner deploy_user - group deploy_group - end +execute 'rake assets:precompile' do + environment deploy_env + user deploy_user + group deploy_group + cwd deploy_path + command "bundle exec rake assets:precompile" +end - template "#{deploy_path}/.env.production" do - source 'env.production.erb' - owner deploy_user - group deploy_group - mode 0600 - sensitive true - variables config: env - notifies :restart, "application[#{deploy_path}]", :delayed - end +service "akkounts" do + action [:enable, :start] +end - execute "bundle install" do - environment "HOME" => deploy_path - user deploy_user - cwd deploy_path - command "/opt/ruby_build/builds/#{ruby_version}/bin/bundle install --without development,test --deployment" - end - - execute "yarn install" do - environment "HOME" => deploy_path, "NODE_ENV" => "production" - user deploy_user - cwd deploy_path - command "yarn install --pure-lockfile" - end - - execute 'rake db:migrate' do - environment "RAILS_ENV" => rails_env, "HOME" => deploy_path - user deploy_user - group deploy_group - cwd deploy_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake db:migrate" - end - - execute 'rake assets:precompile' do - environment "RAILS_ENV" => rails_env, "HOME" => deploy_path - user deploy_user - group deploy_group - cwd deploy_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake assets:precompile" - end - - service "akkounts" do - action [:enable, :start] - end - - service "akkounts-sidekiq" do - action [:enable, :start] - end +service "akkounts-sidekiq" do + action [:enable, :start] end firewall_rule "akkounts_zerotier" do diff --git a/site-cookbooks/kosmos-akkounts/templates/env.production.erb b/site-cookbooks/kosmos-akkounts/templates/env.erb similarity index 100% rename from site-cookbooks/kosmos-akkounts/templates/env.production.erb rename to site-cookbooks/kosmos-akkounts/templates/env.erb diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index b608f93..ed524e3 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -74,13 +74,8 @@ node.default['rtl']['revision'] = 'v0.12.1' node.default['rtl']['host'] = '10.1.1.163' node.default['rtl']['port'] = '3000' -node.default['lndhub']['repo'] = 'https://gitea.kosmos.org/kosmos/lndhub.git' -node.default['lndhub']['revision'] = 'master' -node.default['lndhub']['port'] = '3023' -node.default['lndhub']['domain'] = 'lndhub.kosmos.org' - node.default['lndhub-go']['repo'] = 'https://github.com/getAlby/lndhub.go.git' -node.default['lndhub-go']['revision'] = '0.12.0' +node.default['lndhub-go']['revision'] = '0.14.0' node.default['lndhub-go']['source_dir'] = '/opt/lndhub-go' node.default['lndhub-go']['port'] = 3026 node.default['lndhub-go']['domain'] = 'lndhub.kosmos.org' diff --git a/site-cookbooks/kosmos-bitcoin/metadata.rb b/site-cookbooks/kosmos-bitcoin/metadata.rb index cfea78c..1cf8f30 100644 --- a/site-cookbooks/kosmos-bitcoin/metadata.rb +++ b/site-cookbooks/kosmos-bitcoin/metadata.rb @@ -7,7 +7,6 @@ long_description 'Installs/configures bitcoin-related software' version '0.1.0' chef_version '>= 14.0' -depends 'application_javascript' depends 'ark' depends 'backup' depends 'firewall' diff --git a/site-cookbooks/kosmos-bitcoin/recipes/lndhub.rb b/site-cookbooks/kosmos-bitcoin/recipes/lndhub.rb deleted file mode 100644 index c877a4a..0000000 --- a/site-cookbooks/kosmos-bitcoin/recipes/lndhub.rb +++ /dev/null @@ -1,96 +0,0 @@ -# -# Cookbook:: kosmos-bitcoin -# Recipe:: lndhub -# - -include_recipe 'redisio::default' -include_recipe 'redisio::enable' - -app_name = "lndhub" -app_dir = "/opt/#{app_name}" -lnd_dir = node['lnd']['lnd_dir'] -bitcoin_user = node['bitcoin']['username'] -bitcoin_group = node['bitcoin']['usergroup'] - -application app_dir do - owner bitcoin_user - group bitcoin_group - - git do - user bitcoin_user - group bitcoin_group - repository node['lndhub']['repo'] - revision node['lndhub']['revision'] - notifies :restart, "systemd_unit[lndhub.service]", :delayed - end - - npm_install do - user bitcoin_user - end - - link "#{app_dir}/admin.macaroon" do - to "#{lnd_dir}/data/chain/bitcoin/mainnet/admin.macaroon" - owner bitcoin_user - group bitcoin_group - end - - link "#{app_dir}/tls.cert" do - to "#{lnd_dir}/tls.cert" - owner bitcoin_user - group bitcoin_group - end - - template "#{app_dir}/config.js" do - source "lndhub.config.js.erb" - owner bitcoin_user - group bitcoin_group - mode '0600' - variables lnd_rpc_host: '127.0.0.1:10009' - notifies :restart, "systemd_unit[lndhub.service]", :delayed - end - - systemd_unit 'lndhub.service' do - content({ - Unit: { - Description: 'LND Hub', - Documentation: ['https://github.com/BlueWallet/LndHub'], - Requires: 'lnd.service', - After: 'lnd.service' - }, - Service: { - User: bitcoin_user, - Group: bitcoin_group, - Type: 'simple', - Environment: "PORT=#{node['lndhub']['port']}", - WorkingDirectory: app_dir, - ExecStart: "/usr/bin/npm start", - Restart: 'always', - RestartSec: '30', - TimeoutSec: '120', - PrivateTmp: true, - ProtectSystem: 'full', - NoNewPrivileges: true, - PrivateDevices: true, - }, - Install: { - WantedBy: 'multi-user.target' - } - }) - verify false - triggers_reload true - action [:create, :enable, :start] - end -end - -include_recipe 'firewall' -firewall_rule 'lndhub_private' do - port node['lndhub']['port'].to_i - source "10.1.1.0/24" - protocol :tcp - command :allow -end - -return if node.chef_environment == "development" - -node.override["backup"]["archives"]["lndhub"] = ["/var/lib/redis/dump-6379.rdb"] -include_recipe "backup" diff --git a/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb b/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb index 1a170a6..a0592b4 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb @@ -51,60 +51,57 @@ if node['boltz'] rtl_config[:nodes][0][:Settings][:boltzServerUrl] = "https://#{node['boltz']['rest_host']}:#{node['boltz']['rest_port']}" end -application rtl_dir do +git rtl_dir do + user bitcoin_user + group bitcoin_group + repository node['rtl']['repo'] + revision node['rtl']['revision'] + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end + +execute "npm install" do + cwd rtl_dir + environment "HOME" => rtl_dir + user bitcoin_user +end + +file "#{rtl_dir}/RTL-Config.json" do owner bitcoin_user group bitcoin_group + mode '0640' + content rtl_config.to_json + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end - git do - user bitcoin_user - group bitcoin_group - repository node['rtl']['repo'] - revision node['rtl']['revision'] - notifies :restart, "systemd_unit[rtl.service]", :delayed - end - - npm_install do - user bitcoin_user - end - - file "#{rtl_dir}/RTL-Config.json" do - owner bitcoin_user - group bitcoin_group - mode '0640' - content rtl_config.to_json - notifies :restart, "systemd_unit[rtl.service]", :delayed - end - - systemd_unit 'rtl.service' do - content({ - Unit: { - Description: 'Ride The Lightning', - Documentation: ['https://github.com/Ride-The-Lightning/RTL'], - Requires: 'lnd.service', - After: 'lnd.service' - }, - Service: { - User: bitcoin_user, - Group: bitcoin_group, - Type: 'simple', - # ExecStartPre: '/bin/sleep 120', - ExecStart: "/usr/bin/node #{rtl_dir}/rtl.js", - Restart: 'always', - RestartSec: '30', - TimeoutSec: '120', - PrivateTmp: true, - ProtectSystem: 'full', - NoNewPrivileges: true, - PrivateDevices: true, - }, - Install: { - WantedBy: 'multi-user.target' - } - }) - verify false - triggers_reload true - action [:create, :enable, :start] - end +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: 'Ride The Lightning', + Documentation: ['https://github.com/Ride-The-Lightning/RTL'], + Requires: 'lnd.service', + After: 'lnd.service' + }, + Service: { + User: bitcoin_user, + Group: bitcoin_group, + Type: 'simple', + # ExecStartPre: '/bin/sleep 120', + ExecStart: "/usr/bin/node #{rtl_dir}/rtl.js", + Restart: 'always', + RestartSec: '30', + TimeoutSec: '120', + PrivateTmp: true, + ProtectSystem: 'full', + NoNewPrivileges: true, + PrivateDevices: true, + }, + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] end include_recipe 'firewall' diff --git a/site-cookbooks/kosmos-hubot/metadata.rb b/site-cookbooks/kosmos-hubot/metadata.rb index 75f13c4..4867b00 100644 --- a/site-cookbooks/kosmos-hubot/metadata.rb +++ b/site-cookbooks/kosmos-hubot/metadata.rb @@ -10,6 +10,5 @@ depends 'kosmos-base' depends 'kosmos-nodejs' depends 'kosmos-ipfs' depends 'firewall' -depends 'application_javascript' depends 'git' depends 'redisio' diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb index 52d4c87..1e51b9e 100644 --- a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb +++ b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb @@ -18,85 +18,86 @@ include_recipe "kosmos-hubot::_user" include_recipe "kosmos-hubot::_nodejs" include_recipe "kosmos-base::firewall" -application app_path do - credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) +credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) +git app_path do + user app_user + group app_group + repository "https://gitea.kosmos.org/kosmos/botka.git" + revision "master" + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end + +file "#{app_path}/external-scripts.json" do + mode "0640" owner app_user group app_group + content [ + "hubot-help", + "hubot-redis-brain", + "hubot-remotestorage-logger", + "hubot-web-push-notifications", + ].to_json +end - git do - user app_user - group app_group - repository "https://gitea.kosmos.org/kosmos/botka.git" - revision "master" - end +execute "npm install" do + cwd app_path + environment "HOME" => app_path + user app_user +end - file "#{app_path}/external-scripts.json" do - mode "0640" - owner app_user - group app_group - content [ - "hubot-help", - "hubot-redis-brain", - "hubot-remotestorage-logger", - "hubot-web-push-notifications", - ].to_json - end +service_env = { + "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", + "HUBOT_IRC_USESSL" => "true", + "HUBOT_IRC_SERVER" => credentials["znc_host"], + "HUBOT_IRC_PORT" => credentials["znc_port"], + "HUBOT_IRC_NICK" => "botka", + "HUBOT_IRC_USERNAME" => credentials['znc_user'], + "HUBOT_IRC_PASSWORD" => credentials['znc_password'], + "HUBOT_IRC_REALNAME" => "botka (kosmos)", + "HUBOT_IRC_ROOMS" => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon", + "HUBOT_IRC_UNFLOOD" => "100", + "HUBOT_RSS_PRINTSUMMARY" => "false", + "HUBOT_RSS_PRINTERROR" => "false", + "HUBOT_RSS_IRCCOLORS" => "true", + "REDIS_URL" => "redis://localhost:6379/botka", + "EXPRESS_PORT" => node[app_name]['http_port'], + "HUBOT_AUTH_ADMIN" => "bkero,raucao", + "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", + "RS_LOGGER_USER" => "kosmos@5apps.com", + "RS_LOGGER_TOKEN" => credentials['rs_logger_token'], + "RS_LOGGER_SERVER_NAME" => "irc.libera.chat", + "RS_LOGGER_PUBLIC" => "true", + "GCM_API_KEY" => credentials['gcm_api_key'], + "VAPID_SUBJECT" => "https://kosmos.org", + "VAPID_PUBLIC_KEY" => credentials['vapid_public_key'], + "VAPID_PRIVATE_KEY" => credentials['vapid_private_key'] +} - npm_install do - user app_user - end +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: app_name, + Requires: "redis@6379.service", + After: "redis@6379.service" + }, - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end + Service: { + ExecStart: "#{app_path}/bin/hubot -a irc", + WorkingDirectory: app_path, + User: app_user, + Group: app_group, + Environment: service_env.map { |k, v| "'#{k}=#{v}'" }, + Restart: 'always' + }, - template "/lib/systemd/system/#{app_name}.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0644' - variables( - user: app_user, - group: app_group, - app_dir: app_path, - entry: "#{app_path}/bin/hubot -a irc", - environment: { - "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", - "HUBOT_IRC_USESSL" => "true", - "HUBOT_IRC_SERVER" => credentials["znc_host"], - "HUBOT_IRC_PORT" => credentials["znc_port"], - "HUBOT_IRC_NICK" => "botka", - "HUBOT_IRC_USERNAME" => credentials['znc_user'], - "HUBOT_IRC_PASSWORD" => credentials['znc_password'], - "HUBOT_IRC_REALNAME" => "botka (kosmos)", - "HUBOT_IRC_ROOMS" => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon", - "HUBOT_IRC_UNFLOOD" => "100", - "HUBOT_RSS_PRINTSUMMARY" => "false", - "HUBOT_RSS_PRINTERROR" => "false", - "HUBOT_RSS_IRCCOLORS" => "true", - "REDIS_URL" => "redis://localhost:6379/botka", - "EXPRESS_PORT" => node[app_name]['http_port'], - "HUBOT_AUTH_ADMIN" => "bkero,raucao", - "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", - "RS_LOGGER_USER" => "kosmos@5apps.com", - "RS_LOGGER_TOKEN" => credentials['rs_logger_token'], - "RS_LOGGER_SERVER_NAME" => "irc.libera.chat", - "RS_LOGGER_PUBLIC" => "true", - "GCM_API_KEY" => credentials['gcm_api_key'], - "VAPID_SUBJECT" => "https://kosmos.org", - "VAPID_PUBLIC_KEY" => credentials['vapid_public_key'], - "VAPID_PRIVATE_KEY" => credentials['vapid_private_key'] - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[#{app_name}]", :delayed - end - - service app_name do - action [:enable, :start] - end + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] end firewall_rule app_name do diff --git a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb index f83e084..3afc8df 100644 --- a/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb +++ b/site-cookbooks/kosmos-hubot/recipes/hal8000_xmpp.rb @@ -18,41 +18,40 @@ include_recipe "kosmos-hubot::_user" include_recipe "kosmos-hubot::_nodejs" include_recipe "kosmos-base::firewall" -application app_path do - data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) +data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) +git app_path do + user app_user + group app_group + repository "https://gitea.kosmos.org/kosmos/hal8000.git" + revision "master" + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end + +file "#{app_path}/external-scripts.json" do + mode "0640" owner app_user group app_group + content node[app_name]['hubot_scripts'].to_json +end - git do - user app_user - group app_group - repository "https://gitea.kosmos.org/kosmos/hal8000.git" - revision "master" - end +execute "npm install" do + cwd app_path + environment "HOME" => app_path + user app_user +end - file "#{app_path}/external-scripts.json" do - mode "0640" - owner app_user - group app_group - content node[app_name]['hubot_scripts'].to_json - end +ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"] +node.override[app_name]['kredits']['ipfs_host'] = ipfs_host - npm_install do - user app_user - end +rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"] +node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444" - ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"] - node.override[app_name]['kredits']['ipfs_host'] = ipfs_host - - rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"] - node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444" - - file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do - mode "0600" - owner app_user - group app_group - content <<-EOF +file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do + mode "0600" + owner app_user + group app_group + content <<-EOF GITEA_TOKEN=#{data_bag['gitea_token']} GITHUB_TOKEN=#{data_bag['github_token']} KREDITS_PROVIDER_URL=#{node[app_name]['kredits']['provider_url']} @@ -61,72 +60,74 @@ IPFS_API_PORT=#{node[app_name]['kredits']['ipfs_port']} IPFS_API_PROTOCOL=#{node[app_name]['kredits']['ipfs_protocol']} KREDITS_WALLET_PATH=../../#{node[app_name]['kredits']['wallet_path']} KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']} - EOF - end + EOF +end - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end +cookbook_file "#{app_path}/wallet.json" do + source "wallet.json" +end - template "/lib/systemd/system/#{app_name}.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0644' - variables( - user: app_user, - group: app_user, - app_dir: app_path, - entry: "#{app_path}/bin/hubot -a xmpp --name hal8000", - environment: { - "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", - "HUBOT_XMPP_USERNAME" => "hal8000@kosmos.org/hubot", - "HUBOT_XMPP_PASSWORD" => data_bag['xmpp_password'], - "HUBOT_XMPP_HOST" => "xmpp.kosmos.org", - "HUBOT_XMPP_ROOMS" => node[app_name]['rooms'].join(','), - "HUBOT_AUTH_ADMIN" => node[app_name]['auth_admins'].join(','), - "HUBOT_RSS_PRINTSUMMARY" => "false", - "HUBOT_RSS_PRINTERROR" => "false", - "HUBOT_RSS_IRCCOLORS" => "true", - "HUBOT_PLUSPLUS_POINTS_TERM" => "karma,karma", - "HUBOT_RSS_HEADER" => "Update:", - "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", - "REDIS_URL" => "redis://localhost:6379/#{app_name}", - "EXPRESS_PORT" => node[app_name]['http_port'], - "WEBHOOK_TOKEN" => data_bag['webhook_token'], - "IPFS_API_HOST" => node[app_name]['kredits']['ipfs_host'], - "IPFS_API_PORT" => node[app_name]['kredits']['ipfs_port'], - "IPFS_API_PROTOCOL" => node[app_name]['kredits']['ipfs_protocol'], - "KREDITS_WEB_URL" => node[app_name]['kredits']['web_url'], - "KREDITS_ROOM" => node[app_name]['kredits']['room'], - "KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'], - "KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'], - "KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'], - "KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'], - "KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'], - "KREDITS_GITHUB_REPO_BLACKLIST" => node[app_name]['kredits']['github_repo_blacklist'], - "KREDITS_GITEA_REPO_BLACKLIST" => node[app_name]['kredits']['gitea_repo_blacklist'], - "KREDITS_GRANT_HOST" => node[app_name]['domain'], - "KREDITS_GRANT_PROTOCOL" => "https", - "KREDITS_SESSION_SECRET" => data_bag['kredits_session_secret'], - "KREDITS_GITHUB_KEY" => data_bag['kredits_github_key'], - "KREDITS_GITHUB_SECRET" => data_bag['kredits_github_secret'], - "KREDITS_ZOOM_JWT" => data_bag['kredits_zoom_jwt'], - "KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771" - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[#{app_name}]", :delayed - end +service_env = { + "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", + "HUBOT_XMPP_USERNAME" => "hal8000@kosmos.org/hubot", + "HUBOT_XMPP_PASSWORD" => data_bag['xmpp_password'], + "HUBOT_XMPP_HOST" => "xmpp.kosmos.org", + "HUBOT_XMPP_ROOMS" => node[app_name]['rooms'].join(','), + "HUBOT_AUTH_ADMIN" => node[app_name]['auth_admins'].join(','), + "HUBOT_RSS_PRINTSUMMARY" => "false", + "HUBOT_RSS_PRINTERROR" => "false", + "HUBOT_RSS_IRCCOLORS" => "true", + "HUBOT_PLUSPLUS_POINTS_TERM" => "karma,karma", + "HUBOT_RSS_HEADER" => "Update:", + "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", + "REDIS_URL" => "redis://localhost:6379/#{app_name}", + "EXPRESS_PORT" => node[app_name]['http_port'], + "WEBHOOK_TOKEN" => data_bag['webhook_token'], + "IPFS_API_HOST" => node[app_name]['kredits']['ipfs_host'], + "IPFS_API_PORT" => node[app_name]['kredits']['ipfs_port'], + "IPFS_API_PROTOCOL" => node[app_name]['kredits']['ipfs_protocol'], + "KREDITS_WEB_URL" => node[app_name]['kredits']['web_url'], + "KREDITS_ROOM" => node[app_name]['kredits']['room'], + "KREDITS_WEBHOOK_TOKEN" => data_bag['kredits_webhook_token'], + "KREDITS_PROVIDER_URL" => node[app_name]['kredits']['provider_url'], + "KREDITS_WALLET_PATH" => node[app_name]['kredits']['wallet_path'], + "KREDITS_WALLET_PASSWORD" => data_bag['kredits_wallet_password'], + "KREDITS_MEDIAWIKI_URL" => node[app_name]['kredits']['mediawiki_url'], + "KREDITS_GITHUB_REPO_BLACKLIST" => node[app_name]['kredits']['github_repo_blacklist'], + "KREDITS_GITEA_REPO_BLACKLIST" => node[app_name]['kredits']['gitea_repo_blacklist'], + "KREDITS_GRANT_HOST" => node[app_name]['domain'], + "KREDITS_GRANT_PROTOCOL" => "https", + "KREDITS_SESSION_SECRET" => data_bag['kredits_session_secret'], + "KREDITS_GITHUB_KEY" => data_bag['kredits_github_key'], + "KREDITS_GITHUB_SECRET" => data_bag['kredits_github_secret'], + "KREDITS_ZOOM_JWT" => data_bag['kredits_zoom_jwt'], + "KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771" +} - cookbook_file "#{app_path}/wallet.json" do - source "wallet.json" - end +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: app_name, + Requires: "redis@6379.service", + After: "redis@6379.service" + }, - service app_name do - action [:enable, :start] - end + Service: { + ExecStart: "#{app_path}/bin/hubot -a xmpp --name hal8000", + WorkingDirectory: app_path, + User: app_user, + Group: app_group, + Environment: service_env.map { |k, v| "'#{k}=#{v}'" }, + Restart: 'always' + }, + + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] end firewall_rule app_name do diff --git a/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb b/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb deleted file mode 100644 index b254622..0000000 --- a/site-cookbooks/kosmos-hubot/templates/default/nodejs.systemd.service.erb +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=Start nodejs app -<% unless @without_redis %> -Requires=redis@6379.service -After=redis@6379.service -<% end %> - -[Service] -ExecStart=<%= @entry %> -WorkingDirectory=<%= @app_dir %> -User=<%= @user %> -Group=<%= @group %> -<% unless @environment.empty? -%> -Environment=<% @environment.each do |key, value| -%>'<%= key %>=<%= value %>' <% end %> -<% end -%> -Restart=always - -[Install] -WantedBy=multi-user.target diff --git a/site-cookbooks/kosmos-ipfs/metadata.rb b/site-cookbooks/kosmos-ipfs/metadata.rb index cb4c434..65947e0 100644 --- a/site-cookbooks/kosmos-ipfs/metadata.rb +++ b/site-cookbooks/kosmos-ipfs/metadata.rb @@ -12,4 +12,3 @@ depends 'kosmos-base' depends 'kosmos-nginx' depends 'kosmos-nodejs' depends 'firewall' -depends 'application_javascript' diff --git a/site-cookbooks/kosmos-ipfs/recipes/default.rb b/site-cookbooks/kosmos-ipfs/recipes/default.rb index a8761c2..7be4ba5 100644 --- a/site-cookbooks/kosmos-ipfs/recipes/default.rb +++ b/site-cookbooks/kosmos-ipfs/recipes/default.rb @@ -17,28 +17,28 @@ unless node.chef_environment == "development" include_recipe "kosmos-ipfs::firewall_swarm" end -firewall_rule 'ipfs_api' do +firewall_rule 'ipfs api' do port node['kosmos-ipfs']['api_port'] source "10.1.1.0/24" protocol :tcp command :allow end -firewall_rule 'ipfs_gateway' do +firewall_rule 'ipfs gateway' do port node['kosmos-ipfs']['gateway_port'] source "10.1.1.0/24" protocol :tcp command :allow end -firewall_rule 'ipfs_local_p2p_allow_out' do +firewall_rule 'ipfs local p2p' do destination "10.1.1.0/24" direction :out protocol :none command :allow end -firewall_rule 'ipfs_local_p2p_deny_out' do +firewall_rule 'ipfs local p2p' do destination "10.0.0.0/8" direction :out protocol :none diff --git a/site-cookbooks/kosmos-ipfs/recipes/firewall_swarm.rb b/site-cookbooks/kosmos-ipfs/recipes/firewall_swarm.rb index 3c3aeeb..a1636d4 100644 --- a/site-cookbooks/kosmos-ipfs/recipes/firewall_swarm.rb +++ b/site-cookbooks/kosmos-ipfs/recipes/firewall_swarm.rb @@ -4,7 +4,7 @@ # include_recipe 'firewall' -firewall_rule 'ipfs_swarm_p2p' do +firewall_rule 'ipfs swarm p2p' do port node['kosmos-ipfs']['swarm_p2p_port'] protocol :tcp command :allow diff --git a/site-cookbooks/kosmos-ipfs/recipes/kredits_pinner.rb b/site-cookbooks/kosmos-ipfs/recipes/kredits_pinner.rb index 492b81d..d1b1f76 100644 --- a/site-cookbooks/kosmos-ipfs/recipes/kredits_pinner.rb +++ b/site-cookbooks/kosmos-ipfs/recipes/kredits_pinner.rb @@ -13,50 +13,51 @@ deploy_group = "ipfs" group deploy_group -path_to_deploy = "/opt/#{app_name}" +app_path = "/opt/#{app_name}" rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"] rsk_rpc_url = "http://#{rsk_node_ip}:4444" -application path_to_deploy do - owner deploy_user +git app_path do + user deploy_user group deploy_group - - git do - user deploy_user - group deploy_group - repository "https://gitea.kosmos.org/kredits/#{app_name}.git" - revision node['kosmos-ipfs']['kredits-pinner']['revision'] - end - - npm_install do - user deploy_user - end - - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end - - template "/lib/systemd/system/#{app_name}.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0640' - variables( - user: deploy_user, - group: deploy_group, - app_dir: path_to_deploy, - entry: "/usr/bin/node /usr/bin/npm start -- --watch --rpc-url #{rsk_rpc_url}", - environment: { - 'DEBUG' => 'ipfs-pinner' - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[#{app_name}]", :delayed - end - - service app_name do - action [:enable, :start] - end + repository "https://gitea.kosmos.org/kredits/#{app_name}.git" + revision node['kosmos-ipfs']['kredits-pinner']['revision'] + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end + +execute "npm install" do + cwd app_path + environment "HOME" => app_path + user deploy_user +end + +service_env = { + 'DEBUG' => 'ipfs-pinner' +} + +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: app_name, + After: "ipfs.service" + }, + + Service: { + ExecStartPre: '/bin/sleep 5', + ExecStart: "/usr/bin/npm start -- --watch --rpc-url #{rsk_rpc_url}", + WorkingDirectory: app_path, + User: deploy_user, + Group: deploy_group, + Environment: service_env.map { |k, v| "'#{k}=#{v}'" }, + Restart: 'always' + }, + + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] end diff --git a/site-cookbooks/kosmos-mastodon/attributes/default.rb b/site-cookbooks/kosmos-mastodon/attributes/default.rb index 347595c..187d3e3 100644 --- a/site-cookbooks/kosmos-mastodon/attributes/default.rb +++ b/site-cookbooks/kosmos-mastodon/attributes/default.rb @@ -4,7 +4,7 @@ node.default["kosmos-mastodon"]["directory"] = "/opt/mastodon" node.default["kosmos-mastodon"]["bind_ip"] = "127.0.0.1" node.default["kosmos-mastodon"]["app_port"] = 3000 node.default["kosmos-mastodon"]["streaming_port"] = 4000 -node.default["kosmos-mastodon"]["server_name"] = "kosmos.social" +node.default["kosmos-mastodon"]["domain"] = "kosmos.social" node.default["kosmos-mastodon"]["alternate_domains"] = [] node.default["kosmos-mastodon"]["redis_url"] = "redis://localhost:6379/0" node.default["kosmos-mastodon"]["sidekiq_threads"] = 25 diff --git a/site-cookbooks/kosmos-mastodon/metadata.rb b/site-cookbooks/kosmos-mastodon/metadata.rb index fa0b6f4..81fc2bf 100644 --- a/site-cookbooks/kosmos-mastodon/metadata.rb +++ b/site-cookbooks/kosmos-mastodon/metadata.rb @@ -6,16 +6,14 @@ description 'Installs/Configures Mastodon' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '0.2.1' -depends 'application' -depends 'application_git' depends 'backup' depends 'elasticsearch' depends 'java' depends 'firewall' depends 'redisio' depends 'tor-full' -depends 'poise-ruby-build' depends 'postgresql' depends 'kosmos-nginx' depends 'kosmos-nodejs' depends 'kosmos_postgresql' +depends 'ruby_build' diff --git a/site-cookbooks/kosmos-mastodon/recipes/default.rb b/site-cookbooks/kosmos-mastodon/recipes/default.rb index 2dc8187..7ec2aca 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/default.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/default.rb @@ -13,7 +13,12 @@ elasticsearch_user 'elasticsearch' elasticsearch_install 'elasticsearch' do type 'package' - version '7.17.7' + # The current version of the elasticsearch cookbook doesn't like versions + # it doesn't know about. This would still be installing the default (7.17.9) + # on a new machine, but it doesn't upgrade the package + download_url 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.7-amd64.deb' + # SHA256 + download_checksum '5c588d779023672ba4e315e7cd4db068ac60a38873a35973574a1cae858c2030' action :install end @@ -21,8 +26,6 @@ elasticsearch_configure 'elasticsearch' do allocated_memory node["kosmos-mastodon"]["elasticsearch"]["allocated_memory"] jvm_options %w( - -Xms1536m - -Xmx1536m -XX:+AlwaysPreTouch -server -Xss1m @@ -71,6 +74,15 @@ npm_package "yarn" do end ruby_version = "3.0.4" +# ruby_version = "3.2.2" + +ruby_path = "/opt/ruby_build/builds/#{ruby_version}" +bundle_path = "#{ruby_path}/bin/bundle" + +ruby_build_install 'v20230615' +ruby_build_definition ruby_version do + prefix_path ruby_path +end execute "systemctl daemon-reload" do command "systemctl daemon-reload" @@ -85,7 +97,7 @@ template "/lib/systemd/system/mastodon-web.service" do app_dir: mastodon_path, bind: bind_ip, port: node["kosmos-mastodon"]["app_port"], - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle" + bundle_path: bundle_path notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-web]", :delayed end @@ -96,7 +108,7 @@ template "/lib/systemd/system/mastodon-sidekiq.service" do source "mastodon-sidekiq.systemd.service.erb" variables user: mastodon_user, app_dir: mastodon_path, - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle", + bundle_path: bundle_path, sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"] notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-sidekiq]", :delayed @@ -108,7 +120,7 @@ template "/lib/systemd/system/mastodon-sidekiq-scheduler.service" do source "mastodon-sidekiq-scheduler.systemd.service.erb" variables user: mastodon_user, app_dir: mastodon_path, - bundle_path: "/opt/ruby_build/builds/#{ruby_version}/bin/bundle", + bundle_path: bundle_path, sidekiq_threads: 1 notifies :run, "execute[systemctl daemon-reload]", :immediately notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed @@ -126,110 +138,114 @@ template "/lib/systemd/system/mastodon-streaming.service" do notifies :restart, "service[mastodon-streaming]", :delayed end -application mastodon_path do - owner "mastodon" - group "mastodon" +rails_env = node.chef_environment == "development" ? "development" : "production" +deploy_env = { + # FIXME: /usr/bin was missing from PATH when running `yarn install` + "PATH" => "#{ruby_path}/bin:/usr/bin:$PATH", + "HOME" => mastodon_path, + "RAILS_ENV" => rails_env, + "NODE_ENV" => rails_env, + "SKIP_POST_DEPLOYMENT_MIGRATIONS" => "true" +} - # Take care of application restarts manually, in the git resource - action_on_update false +git mastodon_path do + user mastodon_user + group mastodon_user - environment "HOME" => mastodon_path, - "PATH" => "/opt/ruby_build/builds/#{ruby_version}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin" - - ruby_runtime ruby_version do - provider :ruby_build - version ruby_version - end - - git do - user mastodon_user - group mastodon_user - repository node["kosmos-mastodon"]["repo"] - revision node["kosmos-mastodon"]["revision"] - # Restart services on deployments - notifies :restart, "application[#{mastodon_path}]", :delayed - end - - mastodon_credentials = data_bag_item('credentials', 'mastodon') - - template ".env.production" do - source "env.production.erb" - mode "0640" - owner mastodon_user - group mastodon_user - variables redis_url: node["kosmos-mastodon"]["redis_url"], - domain: node["kosmos-mastodon"]["server_name"], - alternate_domains: node["kosmos-mastodon"]["alternate_domains"], - paperclip_secret: mastodon_credentials['paperclip_secret'], - secret_key_base: mastodon_credentials['secret_key_base'], - otp_secret: mastodon_credentials['otp_secret'], - smtp_login: mastodon_credentials['smtp_user_name'], - smtp_password: mastodon_credentials['smtp_password'], - smtp_from_address: "mail@#{node['kosmos-mastodon']['server_name']}", - s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"], - s3_region: node["kosmos-mastodon"]["s3_region"], - s3_bucket: node["kosmos-mastodon"]["s3_bucket"], - s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"], - aws_access_key_id: mastodon_credentials['s3_key_id'], - aws_secret_access_key: mastodon_credentials['s3_secret_key'], - vapid_private_key: mastodon_credentials['vapid_private_key'], - vapid_public_key: mastodon_credentials['vapid_public_key'], - db_pass: postgresql_data_bag_item['mastodon_user_password'], - db_host: "pg.kosmos.local", - default_locale: node["kosmos-mastodon"]["default_locale"], - allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"], - libre_translate_endpoint: node["kosmos-mastodon"]["libre_translate_endpoint"] - notifies :restart, "application[#{mastodon_path}]", :delayed - end - - execute "bundle install" do - environment "HOME" => mastodon_path - user mastodon_user - cwd mastodon_path - command "/opt/ruby_build/builds/#{ruby_version}/bin/bundle install --without development,test --deployment" - end - - execute "yarn install" do - environment "HOME" => mastodon_path, "NODE_ENV" => "production" - user mastodon_user - cwd mastodon_path - command "yarn install --pure-lockfile" - end - - execute 'rake db:migrate' do - environment "RAILS_ENV" => "production", "HOME" => mastodon_path, "SKIP_POST_DEPLOYMENT_MIGRATIONS" => "true" - user mastodon_user - group mastodon_user - cwd mastodon_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake db:migrate" - end - - execute 'rake assets:precompile' do - environment "RAILS_ENV" => "production", "HOME" => mastodon_path - user mastodon_user - group mastodon_user - cwd mastodon_path - command "PATH=\"/opt/ruby_build/builds/#{ruby_version}/bin:$PATH\" bundle exec rake assets:precompile" - end - - service "mastodon-web" do - action [:enable, :start] - end - - service "mastodon-sidekiq" do - action [:enable, :start] - end - - service "mastodon-sidekiq-scheduler" do - action [:enable, :start] - end - - service "mastodon-streaming" do - action [:enable, :start] - end + repository node["kosmos-mastodon"]["repo"] + revision node["kosmos-mastodon"]["revision"] + # Restart services on deployments + notifies :run, "execute[restart mastodon services]", :delayed end -firewall_rule 'mastodon_app' do +execute "restart mastodon services" do + command "true" + action :nothing + notifies :restart, "service[mastodon-web]", :delayed + notifies :restart, "service[mastodon-sidekiq]", :delayed + notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed + notifies :restart, "service[mastodon-streaming]", :delayed +end + +mastodon_credentials = data_bag_item('credentials', 'mastodon') + +template "#{mastodon_path}/.env.#{rails_env}" do + source "env.erb" + mode "0640" + owner mastodon_user + group mastodon_user + variables redis_url: node["kosmos-mastodon"]["redis_url"], + domain: node["kosmos-mastodon"]["domain"], + alternate_domains: node["kosmos-mastodon"]["alternate_domains"], + paperclip_secret: mastodon_credentials['paperclip_secret'], + secret_key_base: mastodon_credentials['secret_key_base'], + otp_secret: mastodon_credentials['otp_secret'], + smtp_login: mastodon_credentials['smtp_user_name'], + smtp_password: mastodon_credentials['smtp_password'], + smtp_from_address: "mail@#{node['kosmos-mastodon']['domain']}", + s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"], + s3_region: node["kosmos-mastodon"]["s3_region"], + s3_bucket: node["kosmos-mastodon"]["s3_bucket"], + s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"], + aws_access_key_id: mastodon_credentials['s3_key_id'], + aws_secret_access_key: mastodon_credentials['s3_secret_key'], + vapid_private_key: mastodon_credentials['vapid_private_key'], + vapid_public_key: mastodon_credentials['vapid_public_key'], + db_pass: postgresql_data_bag_item['mastodon_user_password'], + db_host: "pg.kosmos.local", + default_locale: node["kosmos-mastodon"]["default_locale"], + allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"], + libre_translate_endpoint: node["kosmos-mastodon"]["libre_translate_endpoint"] + notifies :run, "execute[restart mastodon services]", :delayed +end + +execute "bundle install" do + environment deploy_env + user mastodon_user + cwd mastodon_path + command "bundle install --without development,test --deployment" +end + +execute "yarn install" do + environment deploy_env + user mastodon_user + cwd mastodon_path + command "yarn install --pure-lockfile" +end + +execute "rake db:migrate" do + environment deploy_env + user mastodon_user + group mastodon_user + cwd mastodon_path + command "bundle exec rake db:migrate" +end + +execute "rake assets:precompile" do + environment deploy_env + user mastodon_user + group mastodon_user + cwd mastodon_path + command "bundle exec rake assets:precompile" +end + +service "mastodon-web" do + action [:enable, :start] +end + +service "mastodon-sidekiq" do + action [:enable, :start] +end + +service "mastodon-sidekiq-scheduler" do + action [:enable, :start] +end + +service "mastodon-streaming" do + action [:enable, :start] +end + +firewall_rule "mastodon_app" do port node['kosmos-mastodon']['app_port'] source "10.1.1.0/24" protocol :tcp diff --git a/site-cookbooks/kosmos-mastodon/recipes/nginx.rb b/site-cookbooks/kosmos-mastodon/recipes/nginx.rb index 34575d0..3c81e81 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/nginx.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/nginx.rb @@ -6,7 +6,7 @@ include_recipe "kosmos-nginx" app_dir = node["kosmos-mastodon"]["directory"] -server_name = node["kosmos-mastodon"]["server_name"] +server_name = node["kosmos-mastodon"]["domain"] is_proxy = node.roles.include?('nginx_proxy') rescue nil upstream_hosts = [] diff --git a/site-cookbooks/kosmos-mastodon/templates/default/env.production.erb b/site-cookbooks/kosmos-mastodon/templates/default/env.erb similarity index 100% rename from site-cookbooks/kosmos-mastodon/templates/default/env.production.erb rename to site-cookbooks/kosmos-mastodon/templates/default/env.erb diff --git a/site-cookbooks/kosmos-nodejs/attributes/default.rb b/site-cookbooks/kosmos-nodejs/attributes/default.rb new file mode 100644 index 0000000..039cebf --- /dev/null +++ b/site-cookbooks/kosmos-nodejs/attributes/default.rb @@ -0,0 +1,3 @@ +node.override["nodejs"]["repo"] = "https://deb.nodesource.com/node_14.x" +# Allows upgrading +node.override["nodejs"]["package_action"]["nodejs"] = :upgrade diff --git a/site-cookbooks/kosmos-nodejs/recipes/default.rb b/site-cookbooks/kosmos-nodejs/recipes/default.rb index 935dead..849c6a9 100644 --- a/site-cookbooks/kosmos-nodejs/recipes/default.rb +++ b/site-cookbooks/kosmos-nodejs/recipes/default.rb @@ -3,7 +3,4 @@ # Recipe:: default # -node.normal["nodejs"]["repo"] = "https://deb.nodesource.com/node_14.x" -# Allows upgrading -node.normal["nodejs"]["package_action"]["nodejs"] = :upgrade include_recipe "nodejs::nodejs_from_package" diff --git a/site-cookbooks/kosmos-parity/metadata.rb b/site-cookbooks/kosmos-parity/metadata.rb index 4370527..83355da 100644 --- a/site-cookbooks/kosmos-parity/metadata.rb +++ b/site-cookbooks/kosmos-parity/metadata.rb @@ -9,7 +9,6 @@ version '0.1.0' gem 'toml' depends 'ark' -depends 'build-essential' depends 'kosmos-nginx' depends 'firewall' depends 'backup' diff --git a/site-cookbooks/kosmos-parity/recipes/create_package_from_github.rb b/site-cookbooks/kosmos-parity/recipes/create_package_from_github.rb index 2356dc1..b99cdd4 100644 --- a/site-cookbooks/kosmos-parity/recipes/create_package_from_github.rb +++ b/site-cookbooks/kosmos-parity/recipes/create_package_from_github.rb @@ -25,7 +25,7 @@ # THE SOFTWARE. include_recipe 'kosmos-parity::user' -include_recipe 'build-essential' +build_essential 'kosmos-parity' package %w(git libssl-dev pkg-config libudev-dev) gem_package 'fpm' do version '1.8.1' diff --git a/site-cookbooks/kosmos-redis/README.md b/site-cookbooks/kosmos-redis/README.md deleted file mode 100644 index 4b76bdb..0000000 --- a/site-cookbooks/kosmos-redis/README.md +++ /dev/null @@ -1,4 +0,0 @@ -kosmos-redis Cookbook -===================== - -redis wrapper cookbook diff --git a/site-cookbooks/kosmos-redis/recipes/default.rb b/site-cookbooks/kosmos-redis/recipes/default.rb deleted file mode 100644 index 06e440d..0000000 --- a/site-cookbooks/kosmos-redis/recipes/default.rb +++ /dev/null @@ -1,13 +0,0 @@ -# -# Cookbook Name:: kosmos-redis -# Recipe:: default -# - -node.override['redis']['unixsocket'] = '' -include_recipe 'redis::server' - -unless node.chef_environment == "development" - # Backup the database to S3 - node.override["backup"]["redis"]["databases"] = ["dump"] - include_recipe "backup" -end diff --git a/site-cookbooks/kosmos_postgresql/metadata.rb b/site-cookbooks/kosmos_postgresql/metadata.rb index ad7ca14..4653163 100644 --- a/site-cookbooks/kosmos_postgresql/metadata.rb +++ b/site-cookbooks/kosmos_postgresql/metadata.rb @@ -20,6 +20,5 @@ chef_version '>= 12.14' if respond_to?(:chef_version) # source_url 'https://github.com//kosmos_postgresql' depends "postgresql", ">= 7.0.0" -depends "build-essential" depends "kosmos_encfs" depends "hostsfile" diff --git a/site-cookbooks/kosmos-redis/LICENSE b/site-cookbooks/kosmos_redis/LICENSE similarity index 100% rename from site-cookbooks/kosmos-redis/LICENSE rename to site-cookbooks/kosmos_redis/LICENSE diff --git a/site-cookbooks/kosmos_redis/README.md b/site-cookbooks/kosmos_redis/README.md new file mode 100644 index 0000000..6744560 --- /dev/null +++ b/site-cookbooks/kosmos_redis/README.md @@ -0,0 +1,5 @@ +kosmos_redis Cookbook +===================== + +redis wrapper cookbook +Sets up the Redis version set in the default attributes diff --git a/site-cookbooks/kosmos_redis/attributes/default.rb b/site-cookbooks/kosmos_redis/attributes/default.rb new file mode 100644 index 0000000..e35a8a7 --- /dev/null +++ b/site-cookbooks/kosmos_redis/attributes/default.rb @@ -0,0 +1 @@ +node.override["redisio"]["version"] = "7.0.11" diff --git a/site-cookbooks/kosmos-redis/metadata.rb b/site-cookbooks/kosmos_redis/metadata.rb similarity index 69% rename from site-cookbooks/kosmos-redis/metadata.rb rename to site-cookbooks/kosmos_redis/metadata.rb index 4097136..e58b021 100644 --- a/site-cookbooks/kosmos-redis/metadata.rb +++ b/site-cookbooks/kosmos_redis/metadata.rb @@ -1,10 +1,11 @@ -name 'kosmos-redis' +name 'kosmos_redis' maintainer 'Kosmos' maintainer_email 'mail@kosmos.org' license 'MIT' description 'redis wrapper cookbook' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '0.1.0' +version '0.2.0' -depends 'redis' +depends 'redisio' depends 'backup' +depends 'kosmos-base' diff --git a/site-cookbooks/kosmos_redis/recipes/default.rb b/site-cookbooks/kosmos_redis/recipes/default.rb new file mode 100644 index 0000000..7153aca --- /dev/null +++ b/site-cookbooks/kosmos_redis/recipes/default.rb @@ -0,0 +1,18 @@ +# +# Cookbook Name:: kosmos_redis +# Recipe:: default +# + +include_recipe 'redisio::default' +include_recipe 'redisio::enable' + +unless node.chef_environment == "development" + include_recipe "kosmos_redis::firewall" + + # Backup the databases to S3 + databases = node['redisio']['servers'].map do |server, _| + "dump-#{server['port']}" + end + node.override["backup"]["redis"]["databases"] = databases + include_recipe "backup" +end diff --git a/site-cookbooks/kosmos_redis/recipes/firewall.rb b/site-cookbooks/kosmos_redis/recipes/firewall.rb new file mode 100644 index 0000000..4911854 --- /dev/null +++ b/site-cookbooks/kosmos_redis/recipes/firewall.rb @@ -0,0 +1,17 @@ +# +# Cookbook Name:: kosmos_redis +# Recipe:: firewall +# + +include_recipe "kosmos-base::firewall" + +ports = node['redisio']['servers'].map do |server, _| + server['port'] +end + +firewall_rule "redis" do + port ports + source "10.1.1.0/24" # zerotier + protocol :tcp + command :allow +end diff --git a/site-cookbooks/kredits-github/metadata.rb b/site-cookbooks/kredits-github/metadata.rb index fdcf098..12d54b6 100644 --- a/site-cookbooks/kredits-github/metadata.rb +++ b/site-cookbooks/kredits-github/metadata.rb @@ -6,6 +6,5 @@ description 'Installs/Configures kredits-github' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '0.1.0' -depends 'application_javascript' depends 'kosmos-nodejs' depends 'kosmos-nginx' diff --git a/site-cookbooks/kredits-github/recipes/default.rb b/site-cookbooks/kredits-github/recipes/default.rb index 5412cf5..49fffe1 100644 --- a/site-cookbooks/kredits-github/recipes/default.rb +++ b/site-cookbooks/kredits-github/recipes/default.rb @@ -1,28 +1,6 @@ # # Cookbook Name:: kredits-github # Recipe:: default -# -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. include_recipe 'kosmos-nodejs' @@ -40,56 +18,55 @@ user deploy_user do comment "deploy user" end -path_to_deploy = "/opt/#{app_name}" -application path_to_deploy do +app_path = "/opt/#{app_name}" +git app_path do + user deploy_user + group deploy_group + repository "https://github.com/67P/#{app_name}.git" + revision node[app_name]['revision'] + notifies :restart, "systemd_unit[#{app_name}.service]", :delayed +end + +execute "npm install" do + cwd app_path + environment "HOME" => app_path + user deploy_user +end + +file "#{app_path}/github_app_key.pem" do + content credentials['private_key'] owner deploy_user group deploy_group - - git do - user deploy_user - group deploy_group - repository "https://github.com/67P/#{app_name}.git" - revision node[app_name]['revision'] - end - - npm_install do - user deploy_user - end - - execute "systemctl daemon-reload" do - command "systemctl daemon-reload" - action :nothing - end - - file "#{path_to_deploy}/github_app_key.pem" do - content credentials['private_key'] - owner deploy_user - group deploy_group - mode '0440' - end - - template "/lib/systemd/system/#{app_name}.service" do - source 'nodejs.systemd.service.erb' - owner 'root' - group 'root' - mode '0640' - variables( - user: deploy_user, - group: deploy_group, - app_dir: path_to_deploy, - entry: "/usr/bin/node /usr/bin/npm start", - environment: { - 'LOG_LEVEL' => "info", - 'APP_ID' => credentials['app_id'], - 'PRIVATE_KEY_PATH' => "#{path_to_deploy}/github_app_key.pem", - 'WEBHOOK_SECRET' => credentials['webhook_secret'], - } - ) - notifies :run, "execute[systemctl daemon-reload]", :delayed - notifies :restart, "service[#{app_name}]", :delayed - end - - service app_name do - action [:enable, :start] - end + mode '0440' +end + +service_env = { + "LOG_LEVEL" => 'info', + "APP_ID" => credentials["app_id"], + "PRIVATE_KEY_PATH" => "#{app_path}/github_app_key.pem", + "WEBHOOK_SECRET" => credentials["webhook_secret"] +} + +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: app_name + }, + + Service: { + ExecStart: "/usr/bin/node /usr/bin/npm start", + WorkingDirectory: app_path, + User: deploy_user, + Group: deploy_group, + Environment: service_env.map { |k, v| "'#{k}=#{v}'" }, + Restart: 'always' + }, + + Install: { + WantedBy: 'multi-user.target' + } + }) + verify false + triggers_reload true + action [:create, :enable, :start] end diff --git a/site-cookbooks/kredits-github/templates/default/nodejs.systemd.service.erb b/site-cookbooks/kredits-github/templates/default/nodejs.systemd.service.erb deleted file mode 100644 index 68f7a05..0000000 --- a/site-cookbooks/kredits-github/templates/default/nodejs.systemd.service.erb +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Start nodejs app - -[Service] -ExecStart=<%= @entry %> -WorkingDirectory=<%= @app_dir %> -User=<%= @user %> -Group=<%= @group %> -<% unless @environment.empty? -%> -Environment=<% @environment.each do |key, value| -%>'<%= key %>=<%= value %>' <% end %> -<% end -%> -Restart=always - -[Install] -WantedBy=multi-user.target