| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
| |
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
|
|
|
|
|
|
|
|
|
| |
This allows specifying additional options to apt repositories, in addition to `trusted` and `arch`.
By using an array of strings we also allow using multivalue operators like -= and +=
Fixes: #13727
Signed-off-by: Thayne McCombs <thayne@lucid.co>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Installing the apache2-mod_wsgi-python3 package is not idempotent due to the
fact that zypper will also return the apache2-mod_wsgi package. The
resolve_available_version method, incorrectly assumes this will only return one
item, but in this case it returns four items and will pick the first package
listed.
To work around this, we should verify that the package name listed in the output
matches what we are expecting to install.
Signed-off-by: Lance Albertson <lance@osuosl.org>
|
|
|
|
| |
Signed-off-by: John <john.mccrae@progress.com>
|
|
|
| |
Signed-off-by: Vikram Karve <vikram.karve@progress.com>
|
|
|
|
|
|
| |
* set default values for user and host on userdefaults
Signed-off-by: rishichawda <rishichawda@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
| |
* Add `selinux_user` resource to manage SELinux users.
* Add `selinux_login` resource to manage OS login to SELinux user
mapping.
Related to PR https://github.com/sous-chefs/selinux/pull/92
Signed-off-by: Matthew Newell <matthew.newell@oracle.com>
|
|\
| |
| | |
Correcting cert retrieval issues for multiple user scenarios
|
| |
| |
| |
| | |
Signed-off-by: John McCrae <mccrae@progress.com>
|
|/
|
|
|
|
|
|
|
| |
This makes it so that the apt keys are updated if the expiration of a key is updated without
changing the fingerprint.
See: https://gitlab.com/gitlab-cookbooks/cookbook-gitlab-runner/-/merge_requests/37/diffs#35cd6a49d9e22469db42af7a30c5f3a76487e3c7
Fixes: #13308
Signed-off-by: Thayne McCombs <thayne@lucid.co>
|
|
|
|
|
|
|
| |
* add missing test
Customer ran into this scenario where audit cookbook is present due to base dependencies, profiles are set to pull from automate. CB is using policyfile and setting in kitchen.yml attributes: audit: compliance_phase: false to avoid run failures in test-kitchen. Compliance phase still runs though.
Signed-off-by: Corey Hemminger <hemminger@hotmail.com>
|
|
|
|
|
|
|
|
| |
* revert chef-foundation changes in chef omnibus config
* change fips test for windows
* update pipeline names to validate and increase timeout for windows omnibus builds
* remove omnibus build and test for now
Signed-off-by: Evan Ahlberg <evanahlberg@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* update verify pipeline and omnibus build/test to use containers
* add execution permission on scripts
* add fips back in for opensuse but skip for windows
* jesseprieur/BS-159 - Add RPM Signing Key for RHEL/SLES/CentOS
* evanahlberg/BS-152 - Add MSI Signing to Windows Builds
* fix label on windows platforms
* fix role and add check for organization for aws credentials
* chmod omnibus test script and fix windows 2019 queue for omnibus test
* fix windows queue
* Remove dependencies that are part of chef-foundation.
* Disable s3 caching.
* Rename chef-gem as it conflicts with another omnibus-software.
* Speeding up debugging; Removing more-ruby-cleanup gem from omnibus chef package
* Adding more-ruby-cleanup back in
* Removing more-ruby-cleanup; Removing debugging steps
* Remove ruby dependency from more-ruby-cleanup.
* add retry and timeouts to all steps
* move omnibus test and build to own file and create ad hoc pipeline
* Adding in changes to use heredoc in verify pipeline
* Adding in retries/timeouts; Fixing missing agent
* allow for filtering of the omnibus build and test platforms
* only block on chef-oss org
* add canary adhoc pipeline and add back trigger for omnibus release
* Make omnibus s3 caching configurable via env.
Signed-off-by: Gregory Schofield <grschofi@progress.com>
Signed-off-by: Evan Ahlberg <evanahlberg@gmail.com>
Signed-off-by: Jesse Prieur <jesse.prieur@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
(#12915)
* Adds 'makecache_fast' property to minimise cached repodata
* add makecache_fast property to unit test
* no makecache fast on dnf systems
* correct property in unit test
Signed-off-by: Stuart Sears <stuart@sjsears.com>
|
|
|
|
|
|
| |
* updating file_system to send back the copy status
* Updating Gemfile.lock for cheffish bump
Signed-off-by: Vinay Satish <vinay.satish@progress.com>
|
|
|
|
|
|
|
|
|
|
| |
* Fix indentation of condition for disabling repos
The helper was only disabling repos if the disable action appeared
last in the repos array. This was also hiding a problem where the
helper failed to re-enable repos when all repos are disabled using
a wildcard (e.g. "*").
Signed-off-by: Davi Arnaut <davi@verdesmares.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update omnibus-software for FIPS issues
New version of omnibus-software should have disable-dynamicbase
option on for the all DLLs involve with openssl for FIPS build as
well as keying off of mingw64 "platform" argument to ./Configure
script.
Ensure FIPS mode turned off after test
Disable all opensuse fips_mode tags, due to broken FIPS build in rubydistros for OpenSUSE.
Signed-off-by: Thomas Powell <powell@progress.com>
|
|
|
|
|
|
|
|
|
| |
Res validation should be aware of action prop reqs.
The get and set methods in the Property class (for resource validation) check that a property is required if its value is nil. However, they don't check to see whether the property was required for the specific action the resource is using, so any use of get and set will throw an exception if used with a resource that doesn't use a required property, even when the property is not required for that action.
What I'm describing is easier to understand with an example: the current version of the chef-client cookbook has a recipe (cron.rb) with a resource that uses the :delete action. When you try to get that resource, it throws an exception, explaining that :command is a required property—but it's only required for the :create action, not for :delete.
Co-authored-by: Steve Abatangle <steve_abatangle@gap.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix false updates on cron resource when using integers
Signed-off-by: Jeremy Kimber <kimbernator@state.local>
* move new cron idempotency test to provider spec and coerce data to string in provider
Signed-off-by: Jeremy Kimber <kimbernator@state.local>
* Compare cron variables by class
Signed-off-by: Jeremy Kimber <kimbernator@state.local>
Signed-off-by: Jeremy Kimber <kimbernator@state.local>
Co-authored-by: Jeremy Kimber <kimbernator@state.local>
|
|
|
|
|
|
|
|
|
|
| |
* Add a case-insensitive helper to determine if two checksums match
* Use case-insensitive checksum match helper for checksum validation
This fixes a bug where checksum validation fails because the two
checksums are in different letter cases. The existing checksum
validation logic was using case sensitive equality checks.
Signed-off-by: Joseph Larionov <jlarionov@webmd.net>
|
|
|
|
|
|
| |
* Add linux_only: true to new linux user specs
* Address Trailing Comma and nonexisting group in SLES 15
Signed-off-by: Thomas Powell <powell@progress.com>
|
|\
| |
| | |
Fixes bug in compare_user on Linux systems
|
| |
| |
| |
| |
| |
| |
| |
| | |
d4c3b8ad111ec7ff6b32ebccf9edd1b6a2f9e8e2 introduced a bug making
`compare_user` on Linux systems return `%i{expire_date inactive}`
instead of wether `@change_desc` is empty.
Signed-off-by: Frederik Thuysbaert <frederik.thuysbaert@combell.group>
|
|\ \
| | |
| | | |
Do not raise if we can't close win resource handle
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we're failing this test on a pre-emptive direct execution of
Get-LocalDscConfigurationManager that we're doing in the test. It is
not returning the expected result, but it's hiding the errors.
Instead, we'll let the actual thing we want to test occur
(dsc_refresh_mode_disabled) - because it runs the same command, and
raises an error if it fails.
Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
|
| |
| |
| |
| |
| |
| | |
INFC-274 Fix Solaris tests
* Do not match on OS specific message, only on generic description.
* Update omnibus version to fix read_shared_libs
* Force `ENV["TERM"]` to `"vt100"` for tests
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have found on AIX 7.x, it can be a varying amount of time before
the system reflects that member(s) have been added to a group. This
change increases the delay on AIX from 2 seconds to 3 after adding a
user to a group.
This ensures that the new group members are visible before we verify
that they are added correctly.
This change also removes the limitation that only applies this delay on AIX 7.2
since we have found it affects 7.3 as well. For consistency, it is now applied
on all AIX platform versions.
With these tests passing, it is now possible to re-enable the AIX
pipeline (which has also been done in this change).
Signed-off-by: Neha Pansare <neha.pansare@progress.com>
Signed-off-by: John McCrae <john.mccrae@progress.com>
Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The AIX platform does not support ruby-shadow, but we always attempt to
load it. The load fails on the AIX platform, which later causes our
requirement assertion that `@shadow_lib_ok` be true to fail.
Instead we allow user resource providers to override
`supports_ruby_shadow?` if they do not support it, so that we don't
assert that it is required in those cases. We default the return value
to `true` because most platforms are supported by this gem.
Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This is a combination of 64 commits, the originals were mostly
repeating one-line messages so that history has not been kept here.
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Marc Paradise <marc@chef.io>
Signed-off-by: John McCrae <john.mccrae@progress.com>
|
|\
| |
| |
| |
| | |
Add newline to end of sysctl files
Current pipeline failures are environmental and not related to this change. Failing tests are kitchen, which does not have coverage for this resource.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the sysctl file doesn't end with a newline, then Ubuntu's CIS audit won't correctly
detect the sysctl configuration. Also, it is UNIX best practice to include a newline at the
end of the last line of text files.
Obvious fix.
Signed-off-by: Thayne McCombs <thayne@lucid.co>
|
| |
| |
| |
| | |
Signed-off-by: Corey Hemminger <hemminger@hotmail.com>
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Corey Hemminger <hemminger@hotmail.com>
|
|/
|
|
| |
Signed-off-by: Corey Hemminger <hemminger@hotmail.com>
|
|
|
| |
This reverts commit 4797e01535af8e33ace9ef3a7404dd8256913bce.
|
|
|
|
| |
Signed-off-by: Poornima <94897054+poorndm@users.noreply.github.com>
|
|
|
|
| |
Signed-off-by: Poornima <94897054+poorndm@users.noreply.github.com>
|
| |
|
|\
| |
| | |
Fixed sensitive properties unsuppressed content issue
|
| |\ |
|
| | |
| | |
| | |
| | | |
Signed-off-by: Bapu L <bapu.labade@progress.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Bapu L <bapu.labade@progress.com>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/
|/|
| |
| | |
Signed-off-by: Matt Wrock <matt@mattwrock.com>
|
| |
| |
| |
| |
| |
| | |
tests passing locally
Signed-off-by: John McCrae <john.mccrae@progress.com>
|
| |
| |
| |
| |
| |
| | |
tests passing locally
Signed-off-by: John McCrae <john.mccrae@progress.com>
|