diff --git a/Vagrantfile b/Vagrantfile index 58edab0..ec662bd 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -42,6 +42,8 @@ Vagrant.configure("2") do |config| # accessing "localhost:8080" will access port 80 on the guest machine. # NOTE: This will enable public access to the opened port config.vm.network "forwarded_port", guest: 80, host: 8000 + config.vm.network "forwarded_port", guest: 3000, host: 8300 + # Provider-specific configuration so you can fine-tune various # backing providers for Vagrant. These expose provider-specific options. @@ -50,7 +52,7 @@ Vagrant.configure("2") do |config| config.vm.provider 'virtualbox' do |vb| # Customize the amount of memory on the VM: vb.memory = '1024' - vb.default_nic_type = "virtio" + # vb.default_nic_type = "virtio" vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] end # @@ -73,17 +75,17 @@ Vagrant.configure("2") do |config| fi cd /vagrant - git submodule update --init --recursive + # git submodule update --init --recursive - cd /vagrant/ops/cookbooks - rm -rf vendor - rm -rf $HOME/.berksfile - if [ -f ".Berksfile.lock" ]; then - berks update - else - berks install - fi - berks vendor vendor + # cd /vagrant/ops/cookbooks + # rm -rf vendor + # rm -rf $HOME/.berksfile + # if [ -f ".Berksfile.lock" ]; then + # berks update + # else + # berks install + # fi + # berks vendor vendor SHELL config.vm.provision 'chef_solo' do |chef| @@ -97,55 +99,30 @@ Vagrant.configure("2") do |config| chef.json = { 'working-dir': '/vagrant', 'app': { - 'name': 'proxy', - 'run_user': 'vagrant', - 'domain': 'localhost', + 'name': 't42-proxy', + 'run_user': 'root', + 'domain': 'proxy.local', + }, + 'python': { + # 'working-dir': 'django', + 'version': '2.7' }, 'nodejs': { 'working-dir': 'nodejs', - 'port': '8001', - 'install_version': 12 + 'port': '3000', + 'install_version': 8, + 'exec_file': 'bin/www', + 'service': true, }, 'redis':{ 'unix': { 'perm': '777' } }, - 'python': { - # 'working-dir': 'django', - 'version': '2.7' + 'web':{ + 'admin_email': 'admin2342@example.com', + 'do_ssl': true, }, - # 'db':{}, - # 'django': { - # 'settings_path': 'project/settings', - # 'email': { - # 'host': 'smtp.gmail.com', - # 'port': '587', - # 'tls': 'True', - # }, - # 'allowed_hosts': [ - # '*' - # ], - # 'github': { - # 'TEST_ORG': 'ByteTesting', - # 'DISTRIBUTOR_ORG': 'ByteExercises', - # 'SOURCE_ORG': 'ByteAcademyCo' - # } - # }, - # 'web':{ - # 'admin_email': 'admin2342@example.com', - # 'do_ssl': false, - # 'static': [ - # {'uri': '/static', 'path': 'django/staticfiles'}, - # ], - # 'wsgi': { - # 'wsgi_path': 'django/project/wsgi.py', - # }, - # 'socket.io': { - # 'host': 'localhost', - # 'port': '8001', - # } - # }, }.deep_merge(secrets); end end diff --git a/nodejs/bin/www b/nodejs/bin/www index 8e5c5e6..93acb9a 100755 --- a/nodejs/bin/www +++ b/nodejs/bin/www @@ -12,7 +12,7 @@ var http = require('http'); * Get port from environment and store in Express. */ -var port = normalizePort(process.env.PORT || '3000'); +var port = normalizePort(process.env.NODE_PORT || '3000'); app.set('port', port); /** diff --git a/nodejs/models/users.js b/nodejs/models/users.js index 1fe6a37..ab7c9fd 100755 --- a/nodejs/models/users.js +++ b/nodejs/models/users.js @@ -2,7 +2,7 @@ const {promisify} = require('util'); const client = require('../redis'); -const linuxUser = require('linux-user'); +const linuxUser = require('linux-sys-user'); const pam = require('authenticate-pam'); const UUID = function b(a){return a?(a^Math.random()*16>>a/4).toString(16):([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,b)}; diff --git a/nodejs/package-lock.json b/nodejs/package-lock.json index a7f86a9..c69fcf9 100755 --- a/nodejs/package-lock.json +++ b/nodejs/package-lock.json @@ -147,11 +147,6 @@ "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.13.1.tgz", "integrity": "sha512-Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw==" }, - "bluebird": { - "version": "3.5.5", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.5.tgz", - "integrity": "sha512-5am6HnnfN+urzt4yfg7IgTbotDjIT/u8AJpEt0sIU9FtXfVeezXAPKswrG+xKUCOYAINpSdgZVDU6QFh+cuH3w==" - }, "body-parser": { "version": "1.18.3", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.18.3.tgz", @@ -787,8 +782,7 @@ }, "ansi-regex": { "version": "2.1.1", - "bundled": true, - "optional": true + "bundled": true }, "aproba": { "version": "1.2.0", @@ -806,13 +800,11 @@ }, "balanced-match": { "version": "1.0.0", - "bundled": true, - "optional": true + "bundled": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, - "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -825,18 +817,15 @@ }, "code-point-at": { "version": "1.1.0", - "bundled": true, - "optional": true + "bundled": true }, "concat-map": { "version": "0.0.1", - "bundled": true, - "optional": true + "bundled": true }, "console-control-strings": { "version": "1.1.0", - "bundled": true, - "optional": true + "bundled": true }, "core-util-is": { "version": "1.0.2", @@ -939,8 +928,7 @@ }, "inherits": { "version": "2.0.3", - "bundled": true, - "optional": true + "bundled": true }, "ini": { "version": "1.3.5", @@ -950,7 +938,6 @@ "is-fullwidth-code-point": { "version": "1.0.0", "bundled": true, - "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -963,20 +950,17 @@ "minimatch": { "version": "3.0.4", "bundled": true, - "optional": true, "requires": { "brace-expansion": "^1.1.7" } }, "minimist": { "version": "0.0.8", - "bundled": true, - "optional": true + "bundled": true }, "minipass": { "version": "2.3.5", "bundled": true, - "optional": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -993,7 +977,6 @@ "mkdirp": { "version": "0.5.1", "bundled": true, - "optional": true, "requires": { "minimist": "0.0.8" } @@ -1066,8 +1049,7 @@ }, "number-is-nan": { "version": "1.0.1", - "bundled": true, - "optional": true + "bundled": true }, "object-assign": { "version": "4.1.1", @@ -1077,7 +1059,6 @@ "once": { "version": "1.4.0", "bundled": true, - "optional": true, "requires": { "wrappy": "1" } @@ -1153,8 +1134,7 @@ }, "safe-buffer": { "version": "5.1.2", - "bundled": true, - "optional": true + "bundled": true }, "safer-buffer": { "version": "2.1.2", @@ -1184,7 +1164,6 @@ "string-width": { "version": "1.0.2", "bundled": true, - "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -1202,7 +1181,6 @@ "strip-ansi": { "version": "3.0.1", "bundled": true, - "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -1241,13 +1219,11 @@ }, "wrappy": { "version": "1.0.2", - "bundled": true, - "optional": true + "bundled": true }, "yallist": { "version": "3.0.3", - "bundled": true, - "optional": true + "bundled": true } } }, @@ -1577,17 +1553,11 @@ }, "linux-sys-user": { "version": "github:wmantly/linux-user#94ce2f75a5cc365355ca10d2f5b824c6f0180609", - "from": "github:wmantly/linux-user", - "requires": { - "bluebird": "^3.5.5" - } + "from": "github:wmantly/linux-user" }, "linux-user": { "version": "github:wmantly/linux-user#94ce2f75a5cc365355ca10d2f5b824c6f0180609", - "from": "github:wmantly/linux-user", - "requires": { - "bluebird": "^3.5.5" - } + "from": "github:wmantly/linux-user" }, "map-cache": { "version": "0.2.2", diff --git a/ops/cookbooks/vendor/app/recipes/default.rb b/ops/cookbooks/vendor/app/recipes/default.rb index e69de29..d39357a 100644 --- a/ops/cookbooks/vendor/app/recipes/default.rb +++ b/ops/cookbooks/vendor/app/recipes/default.rb @@ -0,0 +1 @@ +package 'libpam0g-dev' \ No newline at end of file diff --git a/ops/cookbooks/vendor/change-me/app/recipes/default.rb b/ops/cookbooks/vendor/change-me/app/recipes/default.rb index e69de29..d39357a 100644 --- a/ops/cookbooks/vendor/change-me/app/recipes/default.rb +++ b/ops/cookbooks/vendor/change-me/app/recipes/default.rb @@ -0,0 +1 @@ +package 'libpam0g-dev' \ No newline at end of file diff --git a/ops/cookbooks/vendor/mysql/.foodcritic b/ops/cookbooks/vendor/mysql/.foodcritic deleted file mode 100644 index 913f038..0000000 --- a/ops/cookbooks/vendor/mysql/.foodcritic +++ /dev/null @@ -1 +0,0 @@ -~FC005 diff --git a/ops/cookbooks/vendor/mysql/CHANGELOG.md b/ops/cookbooks/vendor/mysql/CHANGELOG.md index 92291b9..4a9e688 100644 --- a/ops/cookbooks/vendor/mysql/CHANGELOG.md +++ b/ops/cookbooks/vendor/mysql/CHANGELOG.md @@ -1,24 +1,42 @@ -# mysql Cookbook CHANGELOG +# Changelog -This file is used to list changes made in each version of the mysql cookbook. +All notable changes to this project will be documented in this file. -## 8.5.1 (2017-08-23) +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [8.6.0] - 2019-12-03 + +- Fix the failing linting tests +- Add mysql57 support for Amazon Linux AMI +- Fix installation and testing on Ubuntu 18.04 bionic, EL7, Fedora and Opensuse +- Ensure compatibility with mysql 5.7 on Ubtuntu 16.04 +- Add apparmor profile for ubuntu 16.04 +- Allow instance with 'mysql' as name +- Add a helper for Ubuntu 18.04 +- Remove support for Debian 7 +- Remove ChefSpec matchers +- Set apparmor tmp_dir permissions on directory itself +- Run latest cookstyle +- Circleci, Yaml and markdown lint updates + +## [8.5.1] - 2017-08-23 - Fix the remainder of the namespace collision deprecation warnings - Remove the class_eval in the action class as this causes issues with some releases of Chef 12 -## 8.5.0 (2017-08-23) +## [8.5.0] - 2017-08-23 - Require Chef 12.7+ since 12.5/12.6 has custom resource action_class issues - Resolve several Chef 14 deprecation warnings -## 8.4.0 (2017-05-30) +## [8.4.0] - 2017-05-30 - Fix client/server install on Amazon Linux and add testing - Remove support for Ubuntu Precise since it's EOL - Add Amazon Linux testing -## 8.3.1 (2017-04-04) +## [8.3.1] - 2017-04-04 - Fix an ignoring of 'cookbook' attribute by 'mysql_config' resource - Remove unused helper method @@ -26,21 +44,24 @@ This file is used to list changes made in each version of the mysql cookbook. - Switch to Delivery Local and rename the docked config - Remove mention of the EOL opensuse 13.x in the readme -## 8.3.0 (2017-03-20) +## [8.3.0] - 2017-03-20 + - Refactor mysql_service_manager_upstart.rb to eliminate use of cloned resource -## 8.2.0 (2016-12-03) +## [8.2.0] - 2016-12-03 - Include client development packages on RHEL/SUSE platforms -## 8.1.1 (2016-10-31) +## [8.1.1] - 2016-10-31 + - Fixing CVE-2016-6662 - Reverting execure bit on mysql config -## 8.1.0 (2016-10-29) +## [8.1.0] - 2016-10-29 - Drop hardcoded, specific package version logic that broke many users -## 8.0.4 (2016-09-26) +## [8.0.4] - 2016-09-26 + - Bump debian version - Updated packages for 12.04 and 14.04 too - Add chef_version metadata @@ -48,19 +69,22 @@ This file is used to list changes made in each version of the mysql cookbook. - Add selinux to the Berksfile for testing - Make sure yum repos are setup in local Test Kitchen -## 8.0.3 (2016-09-14) +## [8.0.3] - 2016-09-14 + - [GH-390] Fix #390 incorrect escaping of initial_root_password - Updated package versions for Ubuntu 16.04 - Testing updates -# v8.0.2 (2016-08-25) +## [8.0.2] - 2016-08-25 + - Various bug fixed and updates to package version strings -# v8.0.1 (2016-07-20) +## [8.0.1] - 2016-07-20 + - Fixed a regression in the mysql_client resource where the action was changed from create to install in the 8.0 release - Added oracle, opensuse, and opensuseleap as supported platforms in the metadata -# v8.0.0 (2016-07-11) +## [8.0.0] - 2016-07-11 - Converting from LWRP to custom resources - Removing yum-mysql and other dependencies. @@ -71,26 +95,26 @@ This file is used to list changes made in each version of the mysql cookbook. - Renaming "replication" test suite to "smoke" - Moving to Inspec -## v7.2.0 (2016-06-30) +## [7.2.0] - 2016-06-30 - Support openeSUSE leap - Support Fedora 24 -## v7.1.2 (2016-06-30) +## [7.1.2] - 2016-06-30 - Avoid deprecation warnings on the upcoming Chef 12.12 release -## v7.1.1 (2016-06-03) +## [7.1.1] - 2016-06-03 - Fix apparmor blocking writes to non-default tmp_dirs - Updated apparmor config to allow read & write to sock.lock file - Use cookstyle instead of Rubocop directly -## v7.1.0 (2016-05-11) +## [7.1.0] - 2016-05-11 - Added support for Ubuntu 16.04 -## v7.0.0 (2016-04-19) +## [7.0.0] - 2016-04-19 - Removed support for legacy distros: Ubuntu 10.04/13.04/14.10/15.04, Fedora 20/21, OmniOS r151006, opensuse 11.3/12.0 - Added support for Fedora 23, suse 13.X, and Ubuntu 16.04 @@ -100,161 +124,161 @@ This file is used to list changes made in each version of the mysql cookbook. - Added Travis CI Test Kitchen testing on Fedora 22/23 and removed Fedora 21 - Updated the platforms used in the specs -## v6.1.3 (2016-03-14) +## [6.1.3] - 2016-03-14 - Added support for Ubuntu 15.10 - Added support for Amazon Linux 2016-03 - Updated Kitchen testing configs -## v6.1.2 (2015-10-05) +## [6.1.2] - 2015-10-05 - Added support for Amazon Linux 2015.09 -## v6.1.1 (2015-09-24) +## [6.1.1] - 2015-09-24 - Completing ChefSpec matchers -## v6.1.0 (2015-07-17) +## [6.1.0] - 2015-07-17 - Adding tunables for tmp_dir, error_log, and pid_file - Adding mysqld_options hash interface for main my.cnf template -## v6.0.31 (2015-07-13) +## [6.0.31] - 2015-07-13 - Reverting create_stop_system_service checks -## v6.0.30 (2015-07-13) +## [6.0.30] - 2015-07-13 - Ubuntu 15.04 support - Check for scripts and unit files during create_stop_system_service -## v6.0.29 (2015-07-12) +## [6.0.29] - 2015-07-12 - Patch to allow blank root password - Adding package information for Suse 12.0 -## v6.0.28 (2015-07-10) +## [6.0.28] - 2015-07-10 - Fixes for 12.4.x -## v6.0.27 (2015-07-09) +## [6.0.27] - 2015-07-09 - Allowing integer value for port number -## v6.0.26 (2015-07-07) +## [6.0.26] - 2015-07-07 - Reverting breaking changes introduced in 6.0.25 -## v6.0.25 (2015-07-06) +## [6.0.25] - 2015-07-06 - Fixes for 12.4.1 -## v6.0.24 (2015-06-27) +## [6.0.24] - 2015-06-27 - 341 - Changing default GRANT for root from '%' to 'localhost' and '127.0.0.1' -## v6.0.23 (2015-06-21) +## [6.0.23] - 2015-06-21 - 354 Better handling of long MySQL startup times -## v6.0.22 (2015-05-07) +## [6.0.22] - 2015-05-07 - Debian 8 (Jessie) support -## v6.0.21 (2015-04-08) +## [6.0.21] - 2015-04-08 - Fix to Upstart prestart script when using custom socket - Adding --explicit_defaults_for_timestamp mysql_install_db_cmd for - 5.6 and above -## v6.0.20 (2015-03-27) +## [6.0.20] - 2015-03-27 - 318 - Fixing Upstart pre-start script to handle custom socket paths -## v6.0.19 (2015-03-25) +## [6.0.19] - 2015-03-25 - Adding support for Amazon Linux 2015.03 -## v6.0.18 (2015-03-24) +## [6.0.18] - 2015-03-24 - Adding support for 5.6 and 5.7 packages from dotdeb repos on Debian 7 -## v6.0.17 (2015-03-13) +## [6.0.17] - 2015-03-13 - Updated for MySQL 5.7.6. - Handing removal of mysql_install_db and mysqld_safe -## v6.0.16 (2015-03-10) +## [6.0.16] - 2015-03-10 - Moved --defaults-file as first option to mysql_install_db_script -## v6.0.15 (2015-02-26) +## [6.0.15] - 2015-02-26 - Updating docker detection fix to pass specs -## v6.0.14 (2015-02-26) +## [6.0.14] - 2015-02-26 - Fixed debian system service :disable action. Now survives reboot - Fixing centos-7 instance :enable action. Now survives - Not applying Apparmor policy if running in a Docker container -## v6.0.13 (2015-02-15) +## [6.0.13] - 2015-02-15 - Adding support for special characters in initial_root_password - Fixing failure status bug in sysvinit script -## v6.0.12 (2015-02-30) +## [6.0.12] - 2015-02-30 - No changes. Released a 6.0.11 that was identical to 6.0.10. - Git before coffee. -## v6.0.11 (2015-02-30) +## [6.0.11] - 2015-02-30 - Adding support for configurable socket files -## v6.0.10 (2015-01-19) +## [6.0.10] - 2015-01-19 - Fix #282 - Fixing up data_dir template variable -## v6.0.9 (2015-01-19) +## [6.0.9] - 2015-01-19 - Fix #282 - undefined method `parsed_data_dir' bug -## v6.0.8 (2015-01-19) +## [6.0.8] - 2015-01-19 - Refactoring helper methods out of resource classes -## v6.0.7 (2015-01-14) +## [6.0.7] - 2015-01-14 - Fixing timing issue with Upstart provider :restart and :reload - actions where service returns before being available -## v6.0.6 (2014-12-26) +## [6.0.6] - 2014-12-26 - Fixing subtle bug where MysqlCookbook::Helper methods were polluting Chef::Resource -## v6.0.5 (2014-12-25) +## [6.0.5] - 2014-12-25 - Using 'include_recipe' instead of 'recipe_eval' in LWRP - Fixing type checking on package_name attribute in mysql_client resource. -## v6.0.4 (2014-12-21) +## [6.0.4] - 2014-12-21 - Suggest available versions if current is not available for current platform. -## v6.0.3 (2014-12-17) +## [6.0.3] - 2014-12-17 - Adding bind_address parameter to mysql_service resource -## v6.0.2 (2014-12-17) +## [6.0.2] - 2014-12-17 - Fixing sysvinit provider to survive reboots -## v6.0.1 (2014-12-16) +## [6.0.1] - 2014-12-16 - Fixing Upstart template to survive reboots -## v6.0.0 (2014-12-15) +## [6.0.0] - 2014-12-15 - Major version update - Cookbook now provides LWRPs instead of recipes @@ -269,11 +293,11 @@ This file is used to list changes made in each version of the mysql cookbook. - Refactored acceptance tests - Temporarily dropped FreeBSD support -## v5.6.1 (2014-10-29) +## [5.6.1] - 2014-10-29 - Use Gem::Version instead of Chef::Version -## v5.6.0 (2014-10-29) +## [5.6.0] - 2014-10-29 - Changing default charset to utf8 - Quoting passwords in debian.cnf.erb @@ -282,45 +306,45 @@ This file is used to list changes made in each version of the mysql cookbook. - Only hide passwords from STDOUT via "sensitive true" in chef-client higher than 11.14 - Updating test harness -## v5.5.4 (2014-10-07) +## [5.5.4] - 2014-10-07 - Adding sensitive flag to execute resources to protect passwords from logs -## v5.5.3 (2014-09-24) +## [5.5.3] - 2014-09-24 - Reverting back to Upstart on Ubuntu 14.04 -## v5.5.2 (2014-09-8) +## [5.5.2] - 2014-09-8 - Reverting commit that broke Debian pass_string -## v5.5.1 (2014-09-2) +## [5.5.1] - 2014-09-2 - Switching Ubuntu service provider to use SysVinit instead of Upstart -## v5.5.0 (2014-08-27) +## [5.5.0] - 2014-08-27 - Adding package version and action parameters to mysql_service resource - Fixing Debian pass_string -## v5.4.4 (2014-08-27) +## [5.4.4] - 2014-08-27 - Changing module namespace to MysqlCookbook -## v5.4.3 (2014-08-25) +## [5.4.3] - 2014-08-25 - More refactoring. Moving helper function bits into resource parsed_parameters -## v5.4.2 (2014-08-25) +## [5.4.2] - 2014-08-25 - Moving provider local variables into definitions for RHEL provider -## v5.4.1 (2014-08-25) +## [5.4.1] - 2014-08-25 - Refactoring resources into the LWRP style with parsed parameters - Moving provider local variables into definitions -## v5.4.0 (2014-08-25) +## [5.4.0] - 2014-08-25 - 212 - support for centos-7 (mysql55 and mysql56) - Adding (untested) Debian-6 support @@ -330,119 +354,119 @@ This file is used to list changes made in each version of the mysql cookbook. - Appeasing AppArmor - Reducing duplication in client provider -## v5.3.6 (2014-06-18) +## [5.3.6] - 2014-06-18 - Fixing pid path location. Updating tests to include real RHEL -## v5.3.4 (2014-06-16) +## [5.3.4] - 2014-06-16 - Fixing specs for Amazon Linux server package names -## v5.3.2 (2014-06-16) +## [5.3.2] - 2014-06-16 - Fixing Amazon Linux support -## v5.3.0 (2014-06-11) +## [5.3.0] - 2014-06-11 - 189 - Fix server_repl_password description - 191 - Adding support for server55 and server56 on el-6 - 193 - Fix syntax in mysql_service example - 199 - Adding Suse support -## v5.2.12 (2014-05-19) +## [5.2.12] - 2014-05-19 PR #192 - recipes/server.rb should honor parameter node['mysql']['version'] -## v5.2.10 (2014-05-15) +## [5.2.10] - 2014-05-15 - COOK-4394 - restore freebsd support -## v5.2.8 (2014-05-15) +## [5.2.8] - 2014-05-15 - [COOK-4653] - Missing mySQL 5.6 support for Ubuntu 14.04 -## v5.2.6 (2014-05-07) +## [5.2.6] - 2014-05-07 - [COOK-4625] - Fix password resource parameter consumption on Debian and Ubuntu - Fix up typos and version numbers in PLATFORMS.md - Fix up specs from COOK-4613 changes -## v5.2.4 (2014-05-02) +## [5.2.4] - 2014-05-02 - [COOK-4613] - Fix permissions on mysql data_dir to allow global access to mysql.sock -## v5.2.2 (2014-04-24) +## [5.2.2] - 2014-04-24 - [COOK-4564] - Using positive tests for datadir move -## v5.2.0 (2014-04-22) +## [5.2.0] - 2014-04-22 - [COOK-4551] - power grants.sql from resource parameters -## v5.1.12 (2014-04-21) +## [5.1.12] - 2014-04-21 - [COOK-4554] - Support for Debian Sid -## v5.1.10 (2014-04-21) +## [5.1.10] - 2014-04-21 - [COOK-4565] Support for Ubuntu 14.04 - [COOK-4565] Adding Specs and TK platform - Removing non-LTS 13.10 specs and TK platform -## v5.1.8 (2014-04-12) +## [5.1.8] - 2014-04-12 Adding Ubuntu 13.04 to Platforminfo -## v5.1.6 (2014-04-11) +## [5.1.6] - 2014-04-11 - [COOK-4548] - Add template[/etc/mysql/debian.cnf] to Ubuntu provider -## v5.1.4 (2014-04-11) +## [5.1.4] - 2014-04-11 - [COOK-4547] - Shellescape server_root_password -## v5.1.2 (2014-04-09) +## [5.1.2] - 2014-04-09 - [COOK-4519] - Fix error in run_dir for Ubuntu - [COOK-4531] - Fix pid and run_dir for Debian -## v5.1.0 (2014-04-08) +## [5.1.0] - 2014-04-08 [COOK-4523] - Allow for both :restart and :reload -## v5.0.6 (2014-04-07) +## [5.0.6] - 2014-04-07 - [COOK-4519] - Updating specs to reflect pid file change on Ubuntu -## v5.0.4 (2014-04-07) +## [5.0.4] - 2014-04-07 - [COOK-4519] - Fix path to pid file on Ubuntu -## v5.0.2 (2014-04-01) +## [5.0.2] - 2014-04-01 - Moving server_deprecated into recipes directory -## v5.0.0 (2014-03-31) +## [5.0.0] - 2014-03-31 - Rewriting as a library cookbook - Exposing mysql_service and mysql_client resources - User now needs to supply configuration - Moving attribute driven recipe to server-deprecated -## v4.1.2 (2014-02-28) +## [4.1.2] - 2014-02-28 - [COOK-4349] - Fix invalid platform check - [COOK-4184] - Better handling of Ubuntu upstart service - [COOK-2100] - Changing innodb_log_file_size tunable results in inability to start MySQL -## v4.1.1 (2014-02-25) +## [4.1.1] - 2014-02-25 - **[COOK-2966] - Address foodcritic failures' - **[COOK-4182] - Template parse failure in /etc/init/mysql.conf (data_dir)' - **[COOK-4198] - Added missing tunable' - **[COOK-4206] - create root@127.0.0.1, as well as root@localhost' -## v4.0.20 (2014-01-18) +## [4.0.20] - 2014-01-18 - [COOK-3931] - MySQL Server Recipe Regression for Non-LTS Ubuntu Versions - [COOK-3945] - MySQL cookbook fails on Ubuntu 13.04/13.10 @@ -452,11 +476,11 @@ Adding Ubuntu 13.04 to Platforminfo - [COOK-4001] - Pull request: Fixes for broken mysql::server on Debian - [COOK-4071] - Mysql cookbook doesn't work on debian 7.2 -## v4.0.14 +## [4.0.14] Fixing style cops -## v4.0.12 +## [4.0.12] ### Bug @@ -466,25 +490,25 @@ Fixing style cops - **[COOK-3801](https://tickets.chef.io/browse/COOK-3801)** - Add innodb_adaptive_flushing_method and innodb_adaptive_checkpoint -## v4.0.10 +## [4.0.10] fixing metadata version error. locking to 3.0 -## v4.0.8 +## [4.0.8] Locking yum dependency to '< 3' -## v4.0.6 +## [4.0.6] -# Bug +### Bug - [COOK-3943] Notifying service restart on grants update -## v4.0.4 +## [4.0.4] [COOK-3952] - Adding 'recursive true' to directory resources -## v4.0.2 +## [4.0.2] ### BUGS @@ -492,7 +516,7 @@ Locking yum dependency to '< 3' - Fixing bug where unprivileged users cannot connect over a local socket. Adding integration test. - Fixing bug in mysql_grants_cmd generation -## v4.0.0 +## [4.0.0] - [COOK-3928] Heavily refactoring for readability. Moving platform implementation into separate recipes - Moving integration tests from minitest to serverspec, removing "improper" tests @@ -503,23 +527,23 @@ Locking yum dependency to '< 3' - [COOK-3807] - Don't use execute[assign-root-password] on Debian and Ubuntu - [COOK-3881] - Fixing /etc being owned by mysql user -## v3.0.12 +## [3.0.12] ### Bug - **[COOK-3752](https://tickets.chef.io/browse/COOK-3752)** - mysql service fails to start in mysql::server recipe -## v3.0.10 +## [3.0.10] - Fix a failed release attempt for v3.0.8 -## v3.0.8 +## [3.0.8] ### Bug - **[COOK-3749](https://tickets.chef.io/browse/COOK-3749)** - Fix a regression with Chef 11-specific features -## v3.0.6 +## [3.0.6] ### Bug @@ -536,7 +560,7 @@ Locking yum dependency to '< 3' - **[COOK-3498](https://tickets.chef.io/browse/COOK-3498)** - Add support for replicate_* variables in my.cnf -## v3.0.4 +## [3.0.4] ### Bug @@ -546,7 +570,7 @@ Locking yum dependency to '< 3' - **[COOK-3134](https://tickets.chef.io/browse/COOK-3134)** - Fix Chef 11 support - **[COOK-2318](https://tickets.chef.io/browse/COOK-2318)** - Remove redundant `if` block around `node.mysql.tunable.log_bin` -## v3.0.2 +## [3.0.2] ### Bug @@ -558,7 +582,7 @@ Locking yum dependency to '< 3' - [COOK-2102]: `innodb_flush_log_at_trx_commit` value is incorrectly set based on CPU count -## v3.0.0 +## [3.0.0] **Note** This is a backwards incompatible version with previous versions of the cookbook. Tickets that introduce incompatibility are COOK-2615 and COOK-2617. @@ -580,11 +604,11 @@ Locking yum dependency to '< 3' - [COOK-2618] - myisam-recover not using attribute value - [COOK-2617] - open-files is a duplicate of open-files-limit -## v2.1.2 +## [2.1.2] - [COOK-2172] - Mysql cookbook duplicates `binlog_format` configuration -## v2.1.0 +## [2.1.0] - [COOK-1669] - Using platform("ubuntu") in default attributes always returns true - [COOK-1694] - Added additional my.cnf fields and reorganized cookbook to avoid race conditions with mysql startup and sql script execution @@ -592,13 +616,13 @@ Locking yum dependency to '< 3' - [COOK-1929] - Update msyql server attributes file because setting attributes without specifying a precedence is deprecated - [COOK-1999] - Add read_only tunable useful for replication slave servers -## v2.0.2 +## [2.0.2] - [COOK-1967] - mysql: trailing comma in server.rb platform family -## v2.0.0 +## [2.0.0] -**Important note for this release** +### Important note for this release Under Chef Solo, you must set the node attributes for the root, debian and repl passwords or the run will completely fail. See COOK-1737 for background on this. @@ -613,9 +637,9 @@ Under Chef Solo, you must set the node attributes for the root, debian and repl - [COOK-1769] - link to database recipe in mysql README goes to old chef/cookbooks repo instead of chef-cookbook organization - [COOK-1963] - use `platform_family` -## v1.3.0 +## [1.3.0] -**Important note for this release** +### Important note for this release This version no longer installs Ruby bindings in the client recipe by default. Use the ruby recipe if you'd like the RubyGem. If you'd like packages from your distribution, use them in your application's specific cookbook/recipe, or modify the client packages attribute. This resolves the following tickets: @@ -637,7 +661,7 @@ The following issues are also addressed in this release. - [COOK-934] - remove deprecated mysql/libraries/database.rb, use the database cookbook instead. - [COOK-1475] - fix restart on config change -## v1.2.6 +## [1.2.6] - [COOK-1113] - Use an attribute to determine if upstart is used - [COOK-1121] - Add support for Windows @@ -645,47 +669,47 @@ The following issues are also addressed in this release. - [COOK-1151] - Fix server_ec2 handling /var/lib/mysql bind mount - [COOK-1321] - Document setting password attributes for solo -## v1.2.4 +## [1.2.4] - [COOK-992] - fix FATAL nameerror - [COOK-827] - `mysql:server_ec2` recipe can't mount `data_dir` - [COOK-945] - FreeBSD support -## v1.2.2 +## [1.2.2] - [COOK-826] mysql::server recipe doesn't quote password string - [COOK-834] Add 'scientific' and 'amazon' platforms to mysql cookbook -## v1.2.1 +## [1.2.1] - [COOK-644] Mysql client cookbook 'package missing' error message is confusing - [COOK-645] RHEL6/CentOS6 - mysql cookbook contains 'skip-federated' directive which is unsupported on MySQL 5.1 -## v1.2.0 +## [1.2.0] - [COOK-684] remove mysql_database LWRP -## v1.0.8 +## [1.0.8] - [COOK-633] ensure "cloud" attribute is available -## v1.0.7 +## [1.0.7] - [COOK-614] expose all mysql tunable settings in config - [COOK-617] bind to private IP if available -## v1.0.6 +## [1.0.6] - [COOK-605] install mysql-client package on ubuntu/debian -## v1.0.5 +## [1.0.5] - [COOK-465] allow optional remote root connections to mysql - [COOK-455] improve platform version handling - externalize conf_dir attribute for easier cross platform support - change datadir attribute to data_dir for consistency -## v1.0.4 +## [1.0.4] - fix regressions on debian platform - [COOK-578] wrap root password in quotes diff --git a/ops/cookbooks/vendor/mysql/CONTRIBUTING.md b/ops/cookbooks/vendor/mysql/CONTRIBUTING.md index ef2f2b8..8b1753a 100644 --- a/ops/cookbooks/vendor/mysql/CONTRIBUTING.md +++ b/ops/cookbooks/vendor/mysql/CONTRIBUTING.md @@ -1,2 +1,21 @@ -Please refer to -https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD +# Contributing + +## Branches + +### `master` branch + +The master branch is the current committed changes. These changes may not yet be released although we try to release often. + +## Tags + +All releases are tagged in git. To see the releases available to you see the changelog or the tags directly. + +## Pull requests + +- + +## Issues + +Need to report an issue? Use the github issues: + +- diff --git a/ops/cookbooks/vendor/mysql/README.md b/ops/cookbooks/vendor/mysql/README.md index 63dba0f..329e394 100644 --- a/ops/cookbooks/vendor/mysql/README.md +++ b/ops/cookbooks/vendor/mysql/README.md @@ -1,6 +1,10 @@ # MySQL Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/mysql.svg?branch=master)](https://travis-ci.org/chef-cookbooks/mysql) [![Cookbook Version](https://img.shields.io/cookbook/v/mysql.svg)](https://supermarket.chef.io/cookbooks/mysql) +[![Cookbook Version](https://img.shields.io/cookbook/v/mysql.svg)](https://supermarket.chef.io/cookbooks/mysql) +[![Build Status](https://img.shields.io/circleci/project/github/sous-chefs/mysql/master.svg)](https://circleci.com/gh/sous-chefs/mysql) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) The MySQL Cookbook is a library cookbook that provides resource primitives (LWRPs) for use in recipes. It is designed to be a reference example for creating highly reusable cross-platform cookbooks. @@ -8,6 +12,10 @@ The MySQL Cookbook is a library cookbook that provides resource primitives (LWRP This cookbook is concerned with the "MySQL Community Server", particularly those shipped with F/OSS Unix and Linux distributions. It does not address forks or value-added repackaged MySQL distributions like MariaDB or Percona. +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + ## Requirements - Chef 12.7 or higher @@ -18,27 +26,15 @@ This cookbook is concerned with the "MySQL Community Server", particularly those The following platforms have been tested with Test Kitchen: -``` -|----------------+-----+-----+-----+-----| -| | 5.1 | 5.5 | 5.6 | 5.7 | -|----------------+-----+-----+-----+-----| -| debian-7 | | X | | | -|----------------+-----+-----+-----+-----| +| OS | 5.1 | 5.5 | 5.6 | 5.7 | +|----------------|-----|-----|-----|-----| | debian-8 | | X | | | -|----------------+-----+-----+-----+-----| | ubuntu-14.04 | | X | X | | -|----------------+-----+-----+-----+-----| | ubuntu-16.04 | | | | X | -|----------------+-----+-----+-----+-----| | centos-6 | X | X | X | X | -|----------------+-----+-----+-----+-----| | centos-7 | | X | X | X | -|----------------+-----+-----+-----+-----| | fedora | | | X | X | -|----------------+-----+-----+-----+-----| | openSUSE Leap | | | X | | -|----------------+-----+-----+-----+-----| -``` ## Cookbook Dependencies @@ -65,9 +61,11 @@ end The service name on the OS is `mysql-foo`. You can manually start and stop it with `service mysql-foo start` and `service mysql-foo stop`. +If you use `default` as the name the service name will be `mysql` instead of `mysql-default`. + The configuration file is at `/etc/mysql-foo/my.cnf`. It contains the minimum options to get the service running. It looks like this. -``` +```toml # Chef generated my.cnf for instance mysql-foo [client] @@ -156,7 +154,6 @@ Please note that when using `notifies` or `subscribes`, the resource to referenc - `error_log` - Tunable location of the error_log - `initial_root_password` - allows the user to specify the initial root password for mysql when initializing new databases. This can be set explicitly in a recipe, driven from a node attribute, or from data_bags. When omitted, it defaults to `ilikerandompasswords`. Please be sure to change it. - `instance` - A string to identify the MySQL service. By convention, to allow for multiple instances of the `mysql_service`, directories and files on disk are named `mysql-`. Defaults to the resource name. -- `package_action` - Defaults to `:install`. - `package_name` - Defaults to a value looked up in an internal map. - `package_version` - Specific version of the package to install,passed onto the underlying package manager. Defaults to `nil`. - `bind_address` - determines the listen IP address for the mysqld service. When omitted, it will be determined by MySQL. If the address is "regular" IPv4/IPv6address (e.g 127.0.0.1 or ::1), the server accepts TCP/IP connections only for that particular address. If the address is "0.0.0.0" (IPv4) or "::" (IPv6), the server accepts TCP/IP connections on all IPv4 or IPv6 interfaces. @@ -166,17 +163,17 @@ Please note that when using `notifies` or `subscribes`, the resource to referenc - `run_user` - The name of the system user the `mysql_service` should run as. Defaults to 'mysql'. - `pid_file` - Tunable location of the pid file. - `socket` - determines where to write the socket file for the `mysql_service` instance. Useful when configuring clients on the same machine to talk over socket and skip the networking stack. Defaults to a calculated value based on platform and instance name. -- `tmp_dir` - Tunable location of the tmp_dir +- `tmp_dir` - Tunable location of the tmp_dir. - `version` - allows the user to select from the versions available for the platform, where applicable. When omitted, it will install the default MySQL version for the target platform. Available version numbers are `5.0`, `5.1`, `5.5`, `5.6`, and `5.7`, depending on platform. #### Actions - `:create` - Configures everything but the underlying operating system service. - `:delete` - Removes everything but the package and data_dir. -- `:start` - Starts the underlying operating system service -- `:stop`- Stops the underlying operating system service -- `:restart` - Restarts the underlying operating system service -- `:reload` - Reloads the underlying operating system service +- `:start` - Starts the underlying operating system service. +- `:stop`- Stops the underlying operating system service. +- `:restart` - Restarts the underlying operating system service. +- `:reload` - Reloads the underlying operating system service. #### Providers @@ -353,7 +350,7 @@ Use multiple `mysql_service` instances to test a replication setup. This particu ## Frequently Asked Questions -### How do I run this behind my firewall? +### How do I run this behind my firewall On Linux, the `mysql_service` resource uses the platform's underlying package manager to install software. For this to work behind firewalls, you'll need to either: @@ -395,30 +392,35 @@ Or to connect over the network, use something like this: connect over the networ These network or socket ssettings can also be put in you $HOME/.my.cnf, if preferred. -### What about MariaDB, Percona, etc. +### What about MariaDB, Percona, etc MySQL forks are purposefully out of scope for this cookbook. This is mostly to reduce the testing matrix to a manageable size. Cookbooks for these technologies can easily be created by copying and adapting this cookbook. However, there will be differences. Package repository locations, package version names, software major version numbers, supported platform matrices, and the availability of software such as XtraDB and Galera are the main reasons that creating multiple cookbooks to make sense. -## Maintainers +There are existing cookbooks to carter for these forks, check them out on the supermarket -This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/) +## Contributors -## License +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) -```text -Copyright:: 2009-2017 Chef Software, Inc +### Backers -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at +Thank you to all our backers! - http://www.apache.org/licenses/LICENSE-2.0 +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +### Sponsors + +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/ops/cookbooks/vendor/mysql/libraries/helpers.rb b/ops/cookbooks/vendor/mysql/libraries/helpers.rb index e60d21d..85183e5 100644 --- a/ops/cookbooks/vendor/mysql/libraries/helpers.rb +++ b/ops/cookbooks/vendor/mysql/libraries/helpers.rb @@ -12,8 +12,13 @@ module MysqlCookbook false end - def wheezy? - return true if node['platform'] == 'debian' && node['platform_version'].to_i == 7 + def fedora? + return true if node['platform_family'] == 'fedora' + false + end + + def suse? + return true if node['platform_family'] == 'suse' false end @@ -38,6 +43,11 @@ module MysqlCookbook false end + def bionic? + return true if node['platform'] == 'ubuntu' && node['platform_version'] == '18.04' + false + end + def defaults_file "#{etc_dir}/my.cnf" end @@ -58,22 +68,22 @@ module MysqlCookbook def default_major_version # rhelish - return '5.1' if el6? + return '5.6' if el6? return '5.6' if el7? return '5.6' if node['platform'] == 'amazon' # debian - return '5.5' if wheezy? return '5.5' if jessie? # ubuntu return '5.5' if trusty? return '5.7' if xenial? + return '5.7' if bionic? # misc return '5.6' if node['platform'] == 'freebsd' - return '5.6' if node['platform'] == 'fedora' - return '5.6' if node['platform_family'] == 'suse' + return '5.7' if fedora? + return '5.6' if suse? end def major_from_full(v) @@ -81,7 +91,11 @@ module MysqlCookbook end def mysql_name - "mysql-#{instance}" + if instance == 'default' + 'mysql' + else + "mysql-#{instance}" + end end def default_socket_file @@ -89,20 +103,23 @@ module MysqlCookbook end def default_client_package_name - return ['mysql', 'mysql-devel'] if major_version == '5.1' && el6? + return %w(mysql mysql-devel) if major_version == '5.1' && el6? + return %w(mysql mysql-devel) if el7? return ['mysql55', 'mysql55-devel.x86_64'] if major_version == '5.5' && node['platform'] == 'amazon' return ['mysql56', 'mysql56-devel.x86_64'] if major_version == '5.6' && node['platform'] == 'amazon' + return ['mysql57', 'mysql57-devel.x86_64'] if major_version == '5.7' && node['platform'] == 'amazon' return ['mysql-client-5.5', 'libmysqlclient-dev'] if major_version == '5.5' && node['platform_family'] == 'debian' return ['mysql-client-5.6', 'libmysqlclient-dev'] if major_version == '5.6' && node['platform_family'] == 'debian' return ['mysql-client-5.7', 'libmysqlclient-dev'] if major_version == '5.7' && node['platform_family'] == 'debian' return 'mysql-community-server-client' if major_version == '5.6' && node['platform_family'] == 'suse' - ['mysql-community-client', 'mysql-community-devel'] + %w(mysql-community-client mysql-community-devel) end def default_server_package_name return 'mysql-server' if major_version == '5.1' && el6? return 'mysql55-server' if major_version == '5.5' && node['platform'] == 'amazon' return 'mysql56-server' if major_version == '5.6' && node['platform'] == 'amazon' + return 'mysql57-server' if major_version == '5.7' && node['platform'] == 'amazon' return 'mysql-server-5.5' if major_version == '5.5' && node['platform_family'] == 'debian' return 'mysql-server-5.6' if major_version == '5.6' && node['platform_family'] == 'debian' return 'mysql-server-5.7' if major_version == '5.7' && node['platform_family'] == 'debian' @@ -189,7 +206,6 @@ module MysqlCookbook set -e rm -rf /tmp/#{mysql_name} mkdir /tmp/#{mysql_name} - cat > /tmp/#{mysql_name}/my.sql <<-'EOSQL' UPDATE mysql.user SET #{password_column_name}=PASSWORD('#{sql_escaped_password}')#{password_expired} WHERE user = 'root'; DELETE FROM mysql.user WHERE USER LIKE ''; @@ -198,15 +214,24 @@ FLUSH PRIVILEGES; DELETE FROM mysql.db WHERE db LIKE 'test%'; DROP DATABASE IF EXISTS test ; EOSQL - #{db_init} #{record_init} - while [ ! -f #{pid_file} ] ; do sleep 1 ; done kill `cat #{pid_file}` while [ -f #{pid_file} ] ; do sleep 1 ; done rm -rf /tmp/#{mysql_name} - EOS + EOS + end + + def wait_for_init + cmd = <<-EOS + while [ ! -f #{pid_file} ] ; do sleep 1 ; done + kill `cat #{pid_file}` + while [ -f #{pid_file} ] ; do sleep 1 ; done + rm -rf /tmp/#{mysql_name} + EOS + cmd = '' if v57plus + cmd end def password_column_name @@ -256,12 +281,26 @@ EOSQL def mysqld_bin return "#{prefix_dir}/libexec/mysqld" if node['platform_family'] == 'smartos' return "#{base_dir}/bin/mysqld" if node['platform_family'] == 'omnios' - return '/usr/sbin/mysqld' if node['platform_family'] == 'fedora' && v56plus - return '/usr/libexec/mysqld' if node['platform_family'] == 'fedora' + return '/usr/sbin/mysqld' if fedora? && v56plus + return '/usr/libexec/mysqld' if fedora? return 'mysqld' if scl_package? "#{prefix_dir}/usr/sbin/mysqld" end + def mysql_systemd_start_pre + return '/usr/bin/mysqld_pre_systemd' if v57plus && (el7? || fedora?) + return '/usr/bin/mysql-systemd-start pre' if node['platform_family'] == 'rhel' + return '/usr/lib/mysql/mysql-systemd-helper install' if suse? + '/usr/share/mysql/mysql-systemd-start pre' + end + + def mysql_systemd + return "/usr/libexec/#{mysql_name}-wait-ready $MAINPID" if v57plus && (el7? || fedora?) + return '/usr/bin/mysql-systemd-start' if node['platform_family'] == 'rhel' + return '/usr/share/mysql/mysql-systemd-start' if v57plus + "/usr/libexec/#{mysql_name}-wait-ready $MAINPID" + end + def mysqld_initialize_cmd cmd = mysqld_bin cmd << " --defaults-file=#{etc_dir}/my.cnf" diff --git a/ops/cookbooks/vendor/mysql/libraries/matchers.rb b/ops/cookbooks/vendor/mysql/libraries/matchers.rb deleted file mode 100644 index adf5e73..0000000 --- a/ops/cookbooks/vendor/mysql/libraries/matchers.rb +++ /dev/null @@ -1,71 +0,0 @@ -if defined?(ChefSpec) - ChefSpec.define_matcher :mysql_config - ChefSpec.define_matcher :mysql_service - ChefSpec.define_matcher :mysql_client - - # mysql_client_client_installation_package - def install_mysql_client_installation_package(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :create, resource_name) - end - - def remove_mysql_client_installation_package(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :remove, resource_name) - end - - # mysql_server_server_installation_package - def install_mysql_server_installation_package(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :install, resource_name) - end - - def remove_mysql_server_installation_package(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :remove, resource_name) - end - - ##### - # old - ##### - - # client - def create_mysql_client(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :create, resource_name) - end - - def delete_mysql_client(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :delete, resource_name) - end - - # mysql_config - def create_mysql_config(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_config, :create, resource_name) - end - - def delete_mysql_config(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_config, :delete, resource_name) - end - - # service - def create_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :create, resource_name) - end - - def delete_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :delete, resource_name) - end - - def start_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :start, resource_name) - end - - def stop_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :stop, resource_name) - end - - def restart_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :restart, resource_name) - end - - def reload_mysql_service(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :reload, resource_name) - end - -end diff --git a/ops/cookbooks/vendor/mysql/libraries/mysql_base.rb b/ops/cookbooks/vendor/mysql/libraries/mysql_base.rb index 2db0c16..0e1d675 100644 --- a/ops/cookbooks/vendor/mysql/libraries/mysql_base.rb +++ b/ops/cookbooks/vendor/mysql/libraries/mysql_base.rb @@ -3,9 +3,6 @@ module MysqlCookbook require_relative 'helpers' # All resources are composites - def whyrun_supported? - true - end ################ # Type Constants diff --git a/ops/cookbooks/vendor/mysql/libraries/mysql_client_installation_package.rb b/ops/cookbooks/vendor/mysql/libraries/mysql_client_installation_package.rb index 1dc87f5..049c1eb 100644 --- a/ops/cookbooks/vendor/mysql/libraries/mysql_client_installation_package.rb +++ b/ops/cookbooks/vendor/mysql/libraries/mysql_client_installation_package.rb @@ -4,7 +4,7 @@ module MysqlCookbook require_relative 'helpers' include MysqlCookbook::HelpersBase - # Resource properties + # Resource:: properties resource_name :mysql_client_installation_package provides :mysql_client_installation, os: 'linux' provides :mysql_client, os: 'linux' diff --git a/ops/cookbooks/vendor/mysql/libraries/mysql_server_installation_package.rb b/ops/cookbooks/vendor/mysql/libraries/mysql_server_installation_package.rb index bf46c8d..7f906b4 100644 --- a/ops/cookbooks/vendor/mysql/libraries/mysql_server_installation_package.rb +++ b/ops/cookbooks/vendor/mysql/libraries/mysql_server_installation_package.rb @@ -1,6 +1,6 @@ module MysqlCookbook class MysqlServerInstallationPackage < MysqlBase - # Resource properties + # Resource:: properties resource_name :mysql_server_installation_package provides :mysql_server_installation, os: 'linux' diff --git a/ops/cookbooks/vendor/mysql/libraries/mysql_service_base.rb b/ops/cookbooks/vendor/mysql/libraries/mysql_service_base.rb index a03b5aa..1e22d7e 100644 --- a/ops/cookbooks/vendor/mysql/libraries/mysql_service_base.rb +++ b/ops/cookbooks/vendor/mysql/libraries/mysql_service_base.rb @@ -41,6 +41,7 @@ module MysqlCookbook # setting up multiple services. file "#{prefix_dir}/etc/mysql/my.cnf" do action :delete + not_if { node['init_package'] == 'systemd' } end file "#{prefix_dir}/etc/my.cnf" do @@ -55,20 +56,14 @@ module MysqlCookbook end # Support directories - directory etc_dir do - owner new_resource.run_user - group new_resource.run_group - mode '0750' - recursive true - action :create - end - - directory new_resource.include_dir do - owner new_resource.run_user - group new_resource.run_group - mode '0750' - recursive true - action :create + [etc_dir, new_resource.include_dir, log_dir, new_resource.data_dir].each do |dir| + directory dir do + owner new_resource.run_user + group new_resource.run_group + mode '0750' + recursive true + action :create + end end directory run_dir do @@ -79,22 +74,6 @@ module MysqlCookbook action :create end - directory log_dir do - owner new_resource.run_user - group new_resource.run_group - mode '0750' - recursive true - action :create - end - - directory new_resource.data_dir do - owner new_resource.run_user - group new_resource.run_group - mode '0750' - recursive true - action :create - end - # Main configuration file template "#{etc_dir}/my.cnf" do source 'my.cnf.erb' @@ -171,7 +150,7 @@ module MysqlCookbook template '/etc/apparmor.d/usr.sbin.mysqld' do cookbook 'mysql' - source 'apparmor/usr.sbin.mysqld.erb' + source "apparmor/#{node['platform']}-#{node['platform_version']}/usr.sbin.mysqld.erb" owner 'root' group 'root' mode '0644' diff --git a/ops/cookbooks/vendor/mysql/libraries/mysql_service_manager_systemd.rb b/ops/cookbooks/vendor/mysql/libraries/mysql_service_manager_systemd.rb index 5c6880a..2a355f1 100644 --- a/ops/cookbooks/vendor/mysql/libraries/mysql_service_manager_systemd.rb +++ b/ops/cookbooks/vendor/mysql/libraries/mysql_service_manager_systemd.rb @@ -48,7 +48,9 @@ module MysqlCookbook config: new_resource, etc_dir: etc_dir, base_dir: base_dir, - mysqld_bin: mysqld_bin + mysqld_bin: mysqld_bin, + mysql_systemd_start_pre: mysql_systemd_start_pre, + mysql_systemd: mysql_systemd ) cookbook 'mysql' notifies :run, "execute[#{new_resource.instance} systemctl daemon-reload]", :immediately diff --git a/ops/cookbooks/vendor/mysql/metadata.json b/ops/cookbooks/vendor/mysql/metadata.json index f847f3b..08b86bf 100644 --- a/ops/cookbooks/vendor/mysql/metadata.json +++ b/ops/cookbooks/vendor/mysql/metadata.json @@ -1 +1 @@ -{"name":"mysql","version":"8.5.1","description":"Provides mysql_service, mysql_config, and mysql_client resources","long_description":"","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"redhat":">= 6.0","centos":">= 6.0","scientific":">= 6.0","oracle":">= 6.0","amazon":">= 0.0.0","fedora":">= 0.0.0","debian":">= 7.0","ubuntu":">= 12.04","opensuse":">= 13.0","opensuseleap":">= 0.0.0","suse":">= 12.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/mysql","issues_url":"https://github.com/chef-cookbooks/mysql/issues","chef_version":[[">= 12.7"]],"ohai_version":[]} \ No newline at end of file +{"name":"mysql","version":"8.6.0","description":"Provides mysql_service, mysql_config, and mysql_client resources","long_description":"","maintainer":"Sous Chefs","maintainer_email":"help@sous-chefs.org","license":"Apache-2.0","platforms":{"redhat":">= 6.0","centos":">= 6.0","scientific":">= 6.0","oracle":">= 6.0","amazon":">= 0.0.0","fedora":">= 0.0.0","debian":">= 7.0","ubuntu":">= 14.04","opensuseleap":">= 0.0.0","suse":">= 12.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/sous-chefs/mysql","issues_url":"https://github.com/sous-chefs/mysql/issues","chef_version":[[">= 12.7"]],"ohai_version":[]} \ No newline at end of file diff --git a/ops/cookbooks/vendor/mysql/metadata.rb b/ops/cookbooks/vendor/mysql/metadata.rb new file mode 100644 index 0000000..8025144 --- /dev/null +++ b/ops/cookbooks/vendor/mysql/metadata.rb @@ -0,0 +1,21 @@ +name 'mysql' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Provides mysql_service, mysql_config, and mysql_client resources' +version '8.6.0' + +%w(redhat centos scientific oracle).each do |el| + supports el, '>= 6.0' +end + +supports 'amazon' +supports 'fedora' +supports 'debian', '>= 7.0' +supports 'ubuntu', '>= 14.04' +supports 'opensuseleap' +supports 'suse', '>= 12.0' + +source_url 'https://github.com/sous-chefs/mysql' +issues_url 'https://github.com/sous-chefs/mysql/issues' +chef_version '>= 12.7' diff --git a/ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld.erb b/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-14.04/usr.sbin.mysqld.erb similarity index 100% rename from ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld.erb rename to ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-14.04/usr.sbin.mysqld.erb diff --git a/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-16.04/usr.sbin.mysqld.erb b/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-16.04/usr.sbin.mysqld.erb new file mode 100644 index 0000000..2619e7d --- /dev/null +++ b/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-16.04/usr.sbin.mysqld.erb @@ -0,0 +1,68 @@ +# vim:syntax=apparmor +# Last Modified: Tue Feb 09 15:28:30 2016 +#include + +/usr/sbin/mysqld { + #include + #include + #include + #include + #include + +# Allow system resource access + /sys/devices/system/cpu/ r, + capability sys_resource, + capability dac_override, + capability setuid, + capability setgid, + +# Allow network access + network tcp, + + /etc/hosts.allow r, + /etc/hosts.deny r, + +# Allow config access + /etc/mysql/** r, + +# Allow pid, socket, socket lock file access + /var/run/mysqld/mysqld.pid rw, + /var/run/mysqld/mysqld.sock rw, + /var/run/mysqld/mysqld.sock.lock rw, + /run/mysqld/mysqld.pid rw, + /run/mysqld/mysqld.sock rw, + /run/mysqld/mysqld.sock.lock rw, + +# Allow execution of server binary + /usr/sbin/mysqld mr, + /usr/sbin/mysqld-debug mr, + +# Allow plugin access + /usr/lib/mysql/plugin/ r, + /usr/lib/mysql/plugin/*.so* mr, + +# Allow error msg and charset access + /usr/share/mysql/ r, + /usr/share/mysql/** r, + +# Allow data dir access + /var/lib/mysql/ r, + /var/lib/mysql/** rwk, + +# Allow data files dir access + /var/lib/mysql-files/ r, + /var/lib/mysql-files/** rwk, + +# Allow keyring dir access + /var/lib/mysql-keyring/ r, + /var/lib/mysql-keyring/** rwk, + +# Allow log file access + /var/log/mysql.err rw, + /var/log/mysql.log rw, + /var/log/mysql/ r, + /var/log/mysql/** rw, + + # Site-specific additions and overrides. See local/README for details. + #include +} diff --git a/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-18.04/usr.sbin.mysqld.erb b/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-18.04/usr.sbin.mysqld.erb new file mode 100644 index 0000000..2619e7d --- /dev/null +++ b/ops/cookbooks/vendor/mysql/templates/default/apparmor/ubuntu-18.04/usr.sbin.mysqld.erb @@ -0,0 +1,68 @@ +# vim:syntax=apparmor +# Last Modified: Tue Feb 09 15:28:30 2016 +#include + +/usr/sbin/mysqld { + #include + #include + #include + #include + #include + +# Allow system resource access + /sys/devices/system/cpu/ r, + capability sys_resource, + capability dac_override, + capability setuid, + capability setgid, + +# Allow network access + network tcp, + + /etc/hosts.allow r, + /etc/hosts.deny r, + +# Allow config access + /etc/mysql/** r, + +# Allow pid, socket, socket lock file access + /var/run/mysqld/mysqld.pid rw, + /var/run/mysqld/mysqld.sock rw, + /var/run/mysqld/mysqld.sock.lock rw, + /run/mysqld/mysqld.pid rw, + /run/mysqld/mysqld.sock rw, + /run/mysqld/mysqld.sock.lock rw, + +# Allow execution of server binary + /usr/sbin/mysqld mr, + /usr/sbin/mysqld-debug mr, + +# Allow plugin access + /usr/lib/mysql/plugin/ r, + /usr/lib/mysql/plugin/*.so* mr, + +# Allow error msg and charset access + /usr/share/mysql/ r, + /usr/share/mysql/** r, + +# Allow data dir access + /var/lib/mysql/ r, + /var/lib/mysql/** rwk, + +# Allow data files dir access + /var/lib/mysql-files/ r, + /var/lib/mysql-files/** rwk, + +# Allow keyring dir access + /var/lib/mysql-keyring/ r, + /var/lib/mysql-keyring/** rwk, + +# Allow log file access + /var/log/mysql.err rw, + /var/log/mysql.log rw, + /var/log/mysql/ r, + /var/log/mysql/** rw, + + # Site-specific additions and overrides. See local/README for details. + #include +} diff --git a/ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld-instance.erb b/ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld-instance.erb index 130beb7..e3bbb05 100644 --- a/ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld-instance.erb +++ b/ops/cookbooks/vendor/mysql/templates/default/apparmor/usr.sbin.mysqld-instance.erb @@ -11,4 +11,5 @@ <%= @config.socket_file %> rw, /tmp/<%= @mysql_name %>/ r, /tmp/<%= @mysql_name %>/my.sql r, +<%= @config.tmp_dir %>/ rw, <%= @config.tmp_dir %>/* rw, diff --git a/ops/cookbooks/vendor/mysql/templates/default/systemd/mysqld.service.erb b/ops/cookbooks/vendor/mysql/templates/default/systemd/mysqld.service.erb index f1fb6c1..1a5cd41 100644 --- a/ops/cookbooks/vendor/mysql/templates/default/systemd/mysqld.service.erb +++ b/ops/cookbooks/vendor/mysql/templates/default/systemd/mysqld.service.erb @@ -7,10 +7,15 @@ After=network.target Type=simple User=<%= @config.run_user %> Group=<%= @config.run_group %> +PermissionsStartOnly=true +ExecStartPre=<%= @mysql_systemd_start_pre %> + ExecStart=<%= @mysqld_bin %> --defaults-file=<%= @etc_dir %>/my.cnf --basedir=<%= @base_dir %> -ExecStartPost=/usr/libexec/mysql-<%= @config.instance %>-wait-ready $MAINPID +ExecStartPost=<%= @mysql_systemd %> TimeoutSec=300 -PrivateTmp=true +Restart=on-failure +RuntimeDirectory=mysqld +RuntimeDirectoryMode=755 [Install] WantedBy=multi-user.target diff --git a/ops/cookbooks/vendor/postgresql/CHANGELOG.md b/ops/cookbooks/vendor/postgresql/CHANGELOG.md index 95af871..4f854db 100644 --- a/ops/cookbooks/vendor/postgresql/CHANGELOG.md +++ b/ops/cookbooks/vendor/postgresql/CHANGELOG.md @@ -4,32 +4,38 @@ This file is used to list changes made in the last 3 major versions of the postg ## Unreleased -## v7.1.4 (28-03-2019) +## v7.1.5 (2019-11-18) + +- Allow to install extensions with hyphens, ex: `postgresql_extension '"uuid-ossp"'` +- Update Circle CI config to match sous-chefs defaults #617 +- Remove Fedora testing from CI, not an official supported OS by sous-chefs, PR welcome #617 + +## v7.1.4 (2019-03-28) - Fix installation of extensions. -## v7.1.3 (15-01-2019) +## v7.1.3 (2019-01-15) - Added support for dash in database role name. -## v7.1.2 (06-01-2019) +## v7.1.2 (2019-06-01) - Cleanup and update the user resource documentation and code. Removed extraneous 'sensitive' property which is a common property in all Chef resources. - Change default permissions on the postgres.conf to be world readable so that psql can work. -## v7.1.1 (26-09-2018) +## v7.1.1 (2018-09-26) - Rename slave to follower - Use CircleCI for testing - Simplyfy extension resource -## v7.1.0 (22-06-2018) +## v7.1.0 (2018-06-22) - Update the `initdb` script to use initdb rather than a service. #542 - Refactor database commands to use the common connect method. #535 - Increase the unit test coverage. -## v7.0.0 (25-05-2018) +## v7.0.0 (2018-05-25) _Breaking Change_ Please see UPGRADING.md and the README.md for information how to use. @@ -57,7 +63,7 @@ _Breaking Change_ Please see UPGRADING.md and the README.md for information how ## v6.1.2 (2018-04-16) -**this will be the last release of the 6.0 series before all recipes are removed from the cookbook** +this will be the last release of the 6.0 series before all recipes are removed from the cookbook - Deprecate all recipes diff --git a/ops/cookbooks/vendor/postgresql/README.md b/ops/cookbooks/vendor/postgresql/README.md index d25d75e..d8ebb76 100644 --- a/ops/cookbooks/vendor/postgresql/README.md +++ b/ops/cookbooks/vendor/postgresql/README.md @@ -2,10 +2,16 @@ [![Cookbook Version](https://img.shields.io/cookbook/v/postgresql.svg)](https://supermarket.chef.io/cookbooks/postgresql) [![Build Status](https://img.shields.io/circleci/project/github/sous-chefs/postgresql/master.svg)](https://circleci.com/gh/sous-chefs/postgresql) -[![pullreminders](https://pullreminders.com/badge.svg)](https://pullreminders.com?ref=badge) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) Installs and configures PostgreSQL as a client or a server. +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + ## Upgrading If you are wondering where all the recipes went in v7.0+, or how on earth I use this new cookbook please see upgrading.md for a full description. @@ -18,7 +24,6 @@ If you are wondering where all the recipes went in v7.0+, or how on earth I use - Debian 7+ - Ubuntu 14.04+ - Red Hat/CentOS/Scientific 6+ -- Fedora ### PostgreSQL version @@ -51,7 +56,7 @@ Name | Types | Description `hba_file` | String | | `#{conf_dir}/main/pg_hba.conf` | no `ident_file` | String | | `#{conf_dir}/main/pg_ident.conf` | no `external_pid_file` | String | | `/var/run/postgresql/#{version}-main.pid` | no -`password` | String, nil | Pass in a password, or have the cookbook generate one for you | | no +`password` | String, nil | Pass in a password, or have the cookbook generate one for you | random string | no #### Examples @@ -211,14 +216,14 @@ end This generates the following line in the `pg_hba.conf`: -``` +```config # Local postgres superuser access local all postgres ident ``` **Note**: The template by default generates a local access for Unix domain sockets only to support running the SQL execute resources. In Postgres version 9.1 and higher, the method is 'peer' instead of 'ident' which is identical. It looks like this: -``` +```config # "local" is for Unix domain socket connections only local all all peer ``` @@ -257,7 +262,7 @@ end This generates the following line in the `pg_ident.conf`: -``` +```config # MAPNAME SYSTEM-USERNAME PG-USERNAME # John Mapping @@ -279,7 +284,7 @@ end This generates the following line in the `pg_hba.conf`: -``` +```config # Local postgres superuser access host all foo 127.0.0.1/32 ident ``` @@ -400,34 +405,27 @@ postgresql_server_conf 'PostgreSQL Config' do end ``` -## Contributing +## Contributors -Please refer to each project's style guidelines and guidelines for submitting patches and additions. In general, we follow the "fork-and-pull" Git workflow. +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) -1. **Fork** the repo on GitHub -2. **Clone** the project to your own machine -3. **Commit** changes to your own branch -4. **Push** your work back up to your fork -5. Submit a **Pull request** so that we can review your changes +### Backers -NOTE: Be sure to merge the latest from "upstream" before making a pull request! +Thank you to all our backers! -[Contribution informations for this project](CONTRIBUTING.md) +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) -## License +### Sponsors -Copyright 2010-2017, Chef Software, Inc. +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. -```text -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/ops/cookbooks/vendor/postgresql/libraries/helpers.rb b/ops/cookbooks/vendor/postgresql/libraries/helpers.rb index 431d5dd..fb8839f 100644 --- a/ops/cookbooks/vendor/postgresql/libraries/helpers.rb +++ b/ops/cookbooks/vendor/postgresql/libraries/helpers.rb @@ -22,7 +22,7 @@ module PostgresqlCookbook require 'securerandom' def psql_command_string(new_resource, query, grep_for: nil, value_only: false) - cmd = "/usr/bin/psql -c \"#{query}\"" + cmd = %(/usr/bin/psql -c "#{query}") cmd << " -d #{new_resource.database}" if new_resource.database cmd << " -U #{new_resource.user}" if new_resource.user cmd << " --host #{new_resource.host}" if new_resource.host @@ -35,12 +35,12 @@ module PostgresqlCookbook def execute_sql(new_resource, query) # If we don't pass in a user to the resource # default to the postgres user - user = new_resource.user ? new_resource.user : 'postgres' + user = new_resource.user || 'postgres' # Query could be a String or an Array of Strings statement = query.is_a?(String) ? query : query.join("\n") - cmd = shell_out(statement, user: user) + cmd = shell_out(statement, user: user, environment: psql_environment) # Pass back cmd so we can decide what to do with it in the calling method. cmd @@ -81,7 +81,7 @@ module PostgresqlCookbook end def create_extension_sql(new_resource) - sql = "CREATE EXTENSION IF NOT EXISTS #{new_resource.extension}" + sql = %(CREATE EXTENSION IF NOT EXISTS #{new_resource.extension}) sql << " FROM \"#{new_resource.old_version}\"" if new_resource.old_version psql_command_string(new_resource, sql) @@ -239,6 +239,12 @@ module PostgresqlCookbook platform?('amazon') ? '6' : '$releasever' end + # Fedora doesn't seem to know the right symbols for psql + def psql_environment + return {} unless platform?('fedora') + { LD_LIBRARY_PATH: '/usr/lib64' } + end + # Generate a password if the value is set to generate. def postgres_password(new_resource) new_resource.password == 'generate' ? secure_random : new_resource.password diff --git a/ops/cookbooks/vendor/postgresql/metadata.json b/ops/cookbooks/vendor/postgresql/metadata.json index 52a549a..b2c5879 100644 --- a/ops/cookbooks/vendor/postgresql/metadata.json +++ b/ops/cookbooks/vendor/postgresql/metadata.json @@ -1 +1 @@ -{"name":"postgresql","version":"7.1.4","description":"Installs and configures postgresql for clients or servers","long_description":"# PostgreSQL cookbook\n\n[![Cookbook Version](https://img.shields.io/cookbook/v/postgresql.svg)](https://supermarket.chef.io/cookbooks/postgresql)\n[![Build Status](https://img.shields.io/circleci/project/github/sous-chefs/postgresql/master.svg)](https://circleci.com/gh/sous-chefs/postgresql)\n[![pullreminders](https://pullreminders.com/badge.svg)](https://pullreminders.com?ref=badge)\n\nInstalls and configures PostgreSQL as a client or a server.\n\n## Upgrading\n\nIf you are wondering where all the recipes went in v7.0+, or how on earth I use this new cookbook please see upgrading.md for a full description.\n\n## Requirements\n\n### Platforms\n\n- Amazon Linux\n- Debian 7+\n- Ubuntu 14.04+\n- Red Hat/CentOS/Scientific 6+\n- Fedora\n\n### PostgreSQL version\n\nWe follow the currently supported versions listed on \n\n### Chef\n\n- Chef 13.8+\n\n### Cookbook Dependencies\n\nNone.\n\n## Resources\n\n### postgresql_client_install\n\nThis resource installs PostgreSQL client packages.\n\n#### Actions\n\n- `install` - (default) Install client packages\n\n#### Properties\n\nName | Types | Description | Default | Required?\n------------------- | ----------------- | ------------------------------------------------------------- | ----------------------------------------- | ---------\n`version` | String | Version of PostgreSQL to install | '9.6' | no\n`setup_repo` | Boolean | Define if you want to add the PostgreSQL repo | true | no\n`hba_file` | String | | `#{conf_dir}/main/pg_hba.conf` | no\n`ident_file` | String | | `#{conf_dir}/main/pg_ident.conf` | no\n`external_pid_file` | String | | `/var/run/postgresql/#{version}-main.pid` | no\n`password` | String, nil | Pass in a password, or have the cookbook generate one for you | | no\n\n#### Examples\n\nTo install version 9.5:\n\n```ruby\npostgresql_client_install 'My PostgreSQL Client install' do\n version '9.5'\nend\n```\n\n### postgresql_server_install\n\nThis resource installs PostgreSQL client and server packages.\n\n#### Actions\n\n- `install` - (default) Install client and server packages\n- `create` - Initialize the database\n\n#### Properties\n\nName | Types | Description | Default | Required?\n------------------- | --------------- | --------------------------------------------- | -------------------------------------------------- | ---------\n`version` | String | Version of PostgreSQL to install | '9.6' | no\n`setup_repo` | Boolean | Define if you want to add the PostgreSQL repo | true | no\n`hba_file` | String | Path of pg_hba.conf file | `/pg_hba.conf'` | no\n`ident_file` | String | Path of pg_ident.conf file | `/pg_ident.conf` | no\n`external_pid_file` | String | Path of PID file | `/var/run/postgresql/-main.pid` | no\n`password` | String, nil | Set PostgreSQL user password | 'generate' | no\n`port` | Integer | Set listen port of PostgreSQL service | 5432 | no\n`initdb_locale` | String | Locale to initialise the database with | 'C' | no\n\n#### Examples\n\nTo install PostgreSQL server, set your own postgres password using non-default service port.\n\n```ruby\npostgresql_server_install 'My PostgreSQL Server install' do\n action :install\nend\n\npostgresql_server_install 'Setup my PostgreSQL 9.6 server' do\n password 'MyP4ssw0rd'\n port 5433\n action :create\nend\n```\n\n#### Known issues\n\nOn some platforms (e.g. Ubuntu 18.04), your `initdb_locale` should be set to the\nsame as the template database [GH-555](https://github.com/sous-chefs/postgresql/issues/555).\n\n### postgresql_server_conf\n\nThis resource manages postgresql.conf configuration file.\n\n#### Actions\n\n- `modify` - (default) Manager PostgreSQL configuration file (postgresql.conf)\n\n#### Properties\n\nName | Types | Description | Default | Required?\n---------------------- | ------- | --------------------------------------- | --------------------------------------------------- | ---------\n`version` | String | Version of PostgreSQL to install | '9.6' | no\n`data_directory` | String | Path of PostgreSQL data directory | `` | no\n`hba_file` | String | Path of pg_hba.conf file | `/pg_hba.conf` | no\n`ident_file` | String | Path of pg_ident.conf file | `/pg_ident.conf` | no\n`external_pid_file` | String | Path of PID file | `/var/run/postgresql/-main.pid` | no\n`stats_temp_directory` | String | Path of stats file | `/var/run/postgresql/version>-main.pg_stat_tmp` | no\n`port` | Integer | Set listen port of PostgreSQL service | 5432 | no\n`additional_config` | Hash | Extra configuration for the config file | {} | no\n\n#### Examples\n\nTo setup your PostgreSQL configuration with a specific data directory. If you have installed a specific version of PostgreSQL (different from 9.6), you must specify version in this resource too.\n\n```ruby\npostgresql_server_conf 'My PostgreSQL Config' do\n version '9.5'\n data_directory '/data/postgresql/9.5/main'\n notifies :reload, 'service[postgresql]'\nend\n```\n\n### postgresql_extension\n\nThis resource manages PostgreSQL extensions for a given database.\n\n#### Actions\n\n- `create` - (default) Creates an extension in a given database\n- `drop` - Drops an extension from the database\n\n#### Properties\n\nName | Types | Description | Default | Required?\n------------- | ------ | -------------------------------------------------------------------------------- | ---------------- | ---------\n`database` | String | Name of the database to install the extension into | | yes\n`extension` | String | Name of the extension to install the database | Name of resource | yes\n`version` | String | Version of the extension to install | | no\n`old_version` | String | Older module name for new extension replacement. Appends FROM to extension query | | no\n\n#### Examples\n\nTo install the `adminpack` extension:\n\n```ruby\n# Add the contrib package in Ubuntu/Debian\npackage 'postgresql-contrib-9.6'\n\n# Install adminpack extension\npostgresql_extension 'postgres adminpack' do\n database 'postgres'\n extension 'adminpack'\nend\n```\n\n### postgresql_access\n\nThis resource uses the accumulator pattern to build up the `pg_hba.conf` file via chef resources instead of piling on a mountain of chef attributes to make this cookbook more reusable. It directly mirrors the configuration options of the postgres hba file in the resource and by default notifies the server with a reload to avoid a full restart, causing a potential outage of service. To revoke access, simply remove the resource and the access change won't be computed into the final `pg_hba.conf`\n\n#### Actions\n\n- `grant` - (default) Creates an access line inside of `pg_hba.conf`\n\n#### Properties\n\nName | Types | Description | Default | Required?\n--------------- | ------ | ----------------------------------------------------------------------------------------- | ----------------- | ---------\n`name` | String | Name of the access resource, this is left as a comment inside the `pg_hba` config | Resource name | yes\n`source` | String | The cookbook template filename if you want to use your own custom template | 'pg_hba.conf.erb' | yes\n`cookbook` | String | The cookbook to look in for the template source | 'postgresql' | yes\n`comment` | String | A comment to leave above the entry in `pg_hba` | nil | no\n`access_type` | String | The type of access, e.g. local or host | 'local' | yes\n`access_db` | String | The database to access. Can use 'all' for all databases | 'all' | yes\n`access_user` | String | The user accessing the database. Can use 'all' for any user | 'all' | yes\n`access_addr` | String | The address(es) allowed access. Can be nil if method ident is used since it is local then | nil | no\n`access_method` | String | Authentication method to use | 'ident' | yes\n\n#### Examples\n\nTo grant access to the PostgreSQL user with ident authentication:\n\n```ruby\npostgresql_access 'local_postgres_superuser' do\n comment 'Local postgres superuser access'\n access_type 'local'\n access_db 'all'\n access_user 'postgres'\n access_addr nil\n access_method 'ident'\nend\n```\n\nThis generates the following line in the `pg_hba.conf`:\n\n```\n# Local postgres superuser access\nlocal all postgres ident\n```\n\n**Note**: The template by default generates a local access for Unix domain sockets only to support running the SQL execute resources. In Postgres version 9.1 and higher, the method is 'peer' instead of 'ident' which is identical. It looks like this:\n\n```\n# \"local\" is for Unix domain socket connections only\nlocal all all peer\n```\n\n### postgresql_ident\n\nThis resource generate `pg_ident.conf` configuration file to manage user mapping between system and PostgreSQL users.\n\n#### Actions\n\n- `create` - (default) Creates an mapping line inside of `pg_ident.conf`\n\n#### Properties\n\nName | Types | Description | Default | Required?\n-------------- | ----------- | -------------------------------------------------------------------------- | ------------------- | ---------\n`mapname` | String | Name of the user mapping | Resource name | yes\n`source` | String | The cookbook template filename if you want to use your own custom template | 'pg_ident.conf.erb' | no\n`cookbook` | String | The cookbook to look in for the template source | 'postgresql' | no\n`comment` | String, nil | A comment to leave above the entry in `pg_ident` | nil | no\n`system_user` | String | System user or regexp used for the mapping | None | yes\n`pg_user` | String | Pg user or regexp used for the mapping | None | yes\n\n#### Examples\n\nCreates a `mymapping` mapping that map `john` system user to `user1` PostgreSQL user:\n\n```ruby\npostgresql_ident 'Map john to user1' do\n comment 'John Mapping'\n mapname 'mymapping'\n system_user 'john'\n pg_user 'user1'\nend\n```\n\nThis generates the following line in the `pg_ident.conf`:\n\n```\n# MAPNAME SYSTEM-USERNAME PG-USERNAME\n\n# John Mapping\nmymapping john user1\n```\n\nTo grant access to the foo user with password authentication:\n\n```ruby\npostgresql_access 'local_foo_user' do\n comment 'Foo user access'\n access_type 'host'\n access_db 'all'\n access_user 'foo'\n access_addr '127.0.0.1/32'\n access_method 'md5'\nend\n```\n\nThis generates the following line in the `pg_hba.conf`:\n\n```\n# Local postgres superuser access\nhost all foo 127.0.0.1/32 ident\n```\n\n### postgresql_database\n\nThis resource manages PostgreSQL databases.\n\n#### Actions\n\n- `create` - (default) Creates the given database.\n- `drop` - Drops the given database.\n\n#### Properties\n\nName | Types | Description | Default | Required?\n---------- | ------- | ------------------------------------------------------------------- | ------------------- | ---------\n`database` | String | Name of the database to create | Resource name | yes\n`user` | String | User which run psql command | 'postgres' | no\n`template` | String | Template used to create the new database | 'template1' | no\n`host` | String | Define the host server where the database creation will be executed | Not set (localhost) | no\n`port` | Integer | Define the port of PostgreSQL server | 5432 | no\n`encoding` | String | Define database encoding | 'UTF-8' | no\n`locale` | String | Define database locale | 'en_US.UTF-8' | no\n`owner` | String | Define the owner of the database | Not set | no\n\n#### Examples\n\nTo create database named 'my_app' with owner 'user1':\n\n```ruby\npostgresql_database 'my_app' do\n owner 'user1'\nend\n```\n\n#### Known issues\n\nOn some platforms (e.g. Ubuntu 18.04), your `initdb_locale` should be set to the\nsame as the template database [GH-555](https://github.com/sous-chefs/postgresql/issues/555).\n\n### postgresql_user\n\nThis resource manage PostgreSQL users.\n\n#### Actions\n\n- `create` - (default) Creates the given user with default or given privileges.\n- `update` - Update user privilieges.\n- `drop` - Deletes the given user.\n\n#### Properties\n\nName | Types | Description | Default | Required?\n-------------------- | ------- | ----------------------------------------------- | -------- | ---------\n`create_user` | String | User to create (defaults to the resource name) | | Yes\n`superuser` | Boolean | Define if user needs superuser role | false | no\n`createdb` | Boolean | Define if user needs createdb role | false | no\n`createrole` | Boolean | Define if user needs createrole role | false | no\n`inherit` | Boolean | Define if user inherits the privileges of roles | true | no\n`replication` | Boolean | Define if user needs replication role | false | no\n`login` | Boolean | Define if user can login | true | no\n`password` | String | Set user's password | | no\n`encrypted_password` | String | Set user's password with an hashed password | | no\n`valid_until` | String | Define an account expiration date | | no\n`attributes` | Hash | Additional attributes for :update action | {} | no\n`user` | String | User for command | postgres | no\n`database` | String | Database for command | | no\n`host` | String | Hostname for command | | no\n`port` | Integer | Port number to connect to postgres | 5432 | no\n\n#### Examples\n\nCreate a user `user1` with a password, with `createdb` role and set an expiration date to 2018, Dec 21.\n\n```ruby\npostgresql_user 'user1' do\n password 'UserP4ssword'\n createdb true\n valid_until '2018-12-31'\nend\n```\n\nCreate a user `user1` with a password, with `createdb` role and set an expiration date to 2018, Dec 21.\n\n```ruby\npostgresql_user 'user1' do\n password 'UserP4ssword'\n createdb true\n valid_until '2018-12-31'\nend\n```\n\n## Usage\n\nTo install and configure your PostgreSQL instance you need to create your own cookbook and call needed resources with your own parameters.\n\nMore examples can be found in `test/cookbooks/test/recipes`\n\n## Example Usage\n\n```ruby\n# cookbooks/my_postgresql/recipes/default.rb\n\npostgresql_client_install 'PostgreSQL Client' do\n setup_repo false\n version '10.6'\nend\n\npostgresql_server_install 'PostgreSQL Server' do\n version '10.6'\n setup_repo false\n password 'P0stgresP4ssword'\nend\n\npostgresql_server_conf 'PostgreSQL Config' do\n notifies :reload, 'service[postgresql]'\nend\n```\n\n## Contributing\n\nPlease refer to each project's style guidelines and guidelines for submitting patches and additions. In general, we follow the \"fork-and-pull\" Git workflow.\n\n1. **Fork** the repo on GitHub\n2. **Clone** the project to your own machine\n3. **Commit** changes to your own branch\n4. **Push** your work back up to your fork\n5. Submit a **Pull request** so that we can review your changes\n\nNOTE: Be sure to merge the latest from \"upstream\" before making a pull request!\n\n[Contribution informations for this project](CONTRIBUTING.md)\n\n## License\n\nCopyright 2010-2017, Chef Software, Inc.\n\n```text\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Sous Chefs","maintainer_email":"help@sous-chefs.org","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","amazon":">= 0.0.0","redhat":">= 0.0.0","centos":">= 0.0.0","scientific":">= 0.0.0","oracle":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/sous-chefs/postgresql","issues_url":"https://github.com/sous-chefs/postgresql/issues","chef_version":[[">= 13.8"]],"ohai_version":[]} \ No newline at end of file +{"name":"postgresql","version":"7.1.5","description":"Installs and configures postgresql for clients or servers","long_description":"","maintainer":"Sous Chefs","maintainer_email":"help@sous-chefs.org","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","amazon":">= 0.0.0","redhat":">= 0.0.0","centos":">= 0.0.0","scientific":">= 0.0.0","oracle":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/sous-chefs/postgresql","issues_url":"https://github.com/sous-chefs/postgresql/issues","chef_version":[[">= 13.8"]],"ohai_version":[]} \ No newline at end of file diff --git a/ops/cookbooks/vendor/postgresql/metadata.rb b/ops/cookbooks/vendor/postgresql/metadata.rb index 9fb54ac..88f8fb3 100644 --- a/ops/cookbooks/vendor/postgresql/metadata.rb +++ b/ops/cookbooks/vendor/postgresql/metadata.rb @@ -4,8 +4,7 @@ maintainer 'Sous Chefs' maintainer_email 'help@sous-chefs.org' license 'Apache-2.0' description 'Installs and configures postgresql for clients or servers' -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '7.1.4' +version '7.1.5' source_url 'https://github.com/sous-chefs/postgresql' issues_url 'https://github.com/sous-chefs/postgresql/issues' chef_version '>= 13.8' diff --git a/ops/cookbooks/vendor/postgresql/resources/access.rb b/ops/cookbooks/vendor/postgresql/resources/access.rb index 56d69cc..8c5ba63 100644 --- a/ops/cookbooks/vendor/postgresql/resources/access.rb +++ b/ops/cookbooks/vendor/postgresql/resources/access.rb @@ -16,12 +16,12 @@ # limitations under the License. # -property :access_type, String, required: true, default: 'local' -property :access_db, String, required: true, default: 'all' -property :access_user, String, required: true, default: 'postgres' -property :access_method, String, required: true, default: 'ident' -property :cookbook, String, default: 'postgresql' -property :source, String, default: 'pg_hba.conf.erb' +property :access_type, String, default: 'local' +property :access_db, String, default: 'all' +property :access_user, String, default: 'postgres' +property :access_method, String, default: 'ident' +property :cookbook, String, default: 'postgresql' +property :source, String, default: 'pg_hba.conf.erb' property :access_addr, String property :comment, String diff --git a/ops/cookbooks/vendor/postgresql/resources/extension.rb b/ops/cookbooks/vendor/postgresql/resources/extension.rb index fb104dd..f8987b6 100644 --- a/ops/cookbooks/vendor/postgresql/resources/extension.rb +++ b/ops/cookbooks/vendor/postgresql/resources/extension.rb @@ -30,6 +30,7 @@ action :create do code create_extension_sql(new_resource) user 'postgres' action :run + environment(psql_environment) not_if { follower? || extension_installed?(new_resource) } end end @@ -39,6 +40,7 @@ action :drop do code psql_command_string(new_resource, "DROP EXTENSION IF EXISTS \"#{new_resource.extension}\"") user 'postgres' action :run + environment(psql_environment) not_if { follower? } only_if { extension_installed?(new_resource) } end diff --git a/ops/cookbooks/vendor/postgresql/resources/user.rb b/ops/cookbooks/vendor/postgresql/resources/user.rb index 05da73b..17b8b18 100644 --- a/ops/cookbooks/vendor/postgresql/resources/user.rb +++ b/ops/cookbooks/vendor/postgresql/resources/user.rb @@ -40,6 +40,7 @@ action :create do user 'postgres' command create_user_sql(new_resource) sensitive new_resource.sensitive + environment(psql_environment) not_if { follower? || user_exists?(new_resource) } end end @@ -49,6 +50,7 @@ action :update do execute "update postgresql user #{new_resource.create_user}" do user 'postgres' command update_user_sql(new_resource) + environment(psql_environment) sensitive true not_if { follower? } only_if { user_exists?(new_resource) } @@ -64,6 +66,7 @@ action :update do execute "Update postgresql user #{new_resource.create_user} to set #{attr}" do user 'postgres' command update_user_with_attributes_sql(new_resource, v) + environment(psql_environment) sensitive true not_if { follower? } only_if { user_exists?(new_resource) } @@ -76,6 +79,7 @@ action :drop do execute "drop postgresql user #{new_resource.create_user}" do user 'postgres' command drop_user_sql(new_resource) + environment(psql_environment) sensitive true not_if { follower? } only_if { user_exists?(new_resource) } diff --git a/ops/cookbooks/vendor/seven_zip/metadata.json b/ops/cookbooks/vendor/seven_zip/metadata.json index cf13785..523109a 100644 --- a/ops/cookbooks/vendor/seven_zip/metadata.json +++ b/ops/cookbooks/vendor/seven_zip/metadata.json @@ -13,14 +13,11 @@ }, "providing": { - }, - "attributes": { - }, "recipes": { }, - "version": "3.1.1", + "version": "3.1.2", "source_url": "https://github.com/windowschefcookbooks/seven_zip", "issues_url": "https://github.com/windowschefcookbooks/seven_zip/issues", "privacy": false, diff --git a/ops/cookbooks/vendor/seven_zip/metadata.rb b/ops/cookbooks/vendor/seven_zip/metadata.rb index d840292..67cf09b 100644 --- a/ops/cookbooks/vendor/seven_zip/metadata.rb +++ b/ops/cookbooks/vendor/seven_zip/metadata.rb @@ -7,6 +7,6 @@ chef_version '>= 13.0' if respond_to?(:chef_version) license 'Apache-2.0' description 'Installs/Configures 7-Zip' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '3.1.1' +version '3.1.2' supports 'windows' depends 'windows' diff --git a/ops/cookbooks/vendor/t42-common/attributes/nodejs.rb b/ops/cookbooks/vendor/t42-common/attributes/nodejs.rb index 503156b..fc3b2ac 100644 --- a/ops/cookbooks/vendor/t42-common/attributes/nodejs.rb +++ b/ops/cookbooks/vendor/t42-common/attributes/nodejs.rb @@ -1,5 +1,6 @@ default['nodejs']['env_path'] = "/opt/theta42/#{node['app']['name']}/env/node" -default['NodeJS']['install_version'] = 12 -default['NodeJS']['working-dir'] = 'src/nodejs' -default['NodeJS']['exec_file'] = 'app.js' -default['NodeJS']['port'] = '8001' +default['nodeJS']['install_version'] = 12 +default['nodeJS']['working-dir'] = 'src/nodejs' +default['nodeJS']['exec_file'] = 'app.js' +default['nodeJS']['port'] = '3000' +default['nodeJS']['service'] = false diff --git a/ops/cookbooks/vendor/t42-common/metadata.json b/ops/cookbooks/vendor/t42-common/metadata.json index 4aa6ba1..191614d 100644 --- a/ops/cookbooks/vendor/t42-common/metadata.json +++ b/ops/cookbooks/vendor/t42-common/metadata.json @@ -19,7 +19,7 @@ "recipes": { }, - "version": "0.4.8", + "version": "0.6.1", "source_url": "", "issues_url": "", "privacy": false, diff --git a/ops/cookbooks/vendor/t42-common/metadata.rb b/ops/cookbooks/vendor/t42-common/metadata.rb index 8305536..29c59fb 100644 --- a/ops/cookbooks/vendor/t42-common/metadata.rb +++ b/ops/cookbooks/vendor/t42-common/metadata.rb @@ -4,7 +4,7 @@ maintainer_email 'you@example.com' license 'All Rights Reserved' description 'Installs/Configures t42-common' long_description 'Installs/Configures t42-common' -version '0.4.8' +version '0.6.1' chef_version '>= 13.0' depends 'nodejs' diff --git a/ops/cookbooks/vendor/t42-common/recipes/nodejs.rb b/ops/cookbooks/vendor/t42-common/recipes/nodejs.rb index deec087..401c792 100644 --- a/ops/cookbooks/vendor/t42-common/recipes/nodejs.rb +++ b/ops/cookbooks/vendor/t42-common/recipes/nodejs.rb @@ -34,7 +34,7 @@ node.default['nodejs']['version'] = set_version['version'].to_str node.default['nodejs']['binary']['url'] = set_version['url'] node.default['nodejs']['binary']['checksum'] = set_version['checksum'] -node.default['nodejs']['env_path'] = "/home/#{node['app']['run_user']}/app/#{node['app']['name']}/env/node" +node.default['nodejs']['env_path'] = "/opt/theta42/app/#{node['app']['name']}/env/node" include_recipe "nodejs" @@ -53,14 +53,46 @@ file "#{node['nodejs']['env_path']}/package.json" do action :create end +do_sudo = node['app']['run_user'] == 'root' ? 'sudo' : '' + execute 'Install NPM package.json' do cwd node['nodejs']['env_path'] user node['app']['run_user'] group node['app']['run_user'] - environment ({'HOME' => "/home/#{node['app']['run_user']}"}) - command "npm --prefix #{node['nodejs']['env_path']} --python=\"`which python2.7`\" install #{node['nodejs']['env_path']}" + environment ({'HOME' => node['app']['run_user'] == 'root' ? '/root/' : "/home/#{node['app']['run_user']}"}) + command "#{do_sudo} npm --prefix #{node['nodejs']['env_path']} --python=\"`which python2.7`\" install #{node['nodejs']['env_path']}" end directory "/var/log/node/#{node['app']['name']}" do + owner node['app']['run_user'] + group node['app']['run_user'] + mode 0755 recursive true end + +bash 'Add Node path to env' do + code "echo 'NODE_PATH=\"#{node['nodejs']['env_path']}/node_modules\"' > /etc/environment" + not_if "grep NODE_PATH /etc/environment" +end + +if node['nodejs']['service'] + systemd_unit "node-#{node['app']['name']}.service" do + content <<~EOU + [Unit] + Description=NodeJS app for #{node['app']['name']} + After=network.target + + [Service] + Environment=NODE_PORT=#{node['nodejs']['port']} + Environment=NODE_PATH=#{node['nodejs']['env_path']}/node_modules/ + Type=simple + WorkingDirectory=#{node['nodejs']['working-dir']} + ExecStart=/usr/bin/env node #{node['nodejs']['working-dir']}/#{node['nodejs']['exec_file']} + Restart=on-failure + + [Install] + WantedBy=multi-user.target + EOU + action [:create, :enable, :start] + end +end diff --git a/ops/cookbooks/vendor/t42-common/recipes/openresty.rb b/ops/cookbooks/vendor/t42-common/recipes/openresty.rb index bf0d30b..50dd782 100644 --- a/ops/cookbooks/vendor/t42-common/recipes/openresty.rb +++ b/ops/cookbooks/vendor/t42-common/recipes/openresty.rb @@ -37,12 +37,12 @@ if node['web']['do_ssl'] end template '/etc/openresty/autossl.conf' do - source 'autossl.conf.erb' + source 'openresty/autossl.conf.erb' end end template '/etc/openresty/nginx.conf' do - source 'nginx.conf.erb' + source 'openresty/nginx.conf.erb' end directory '/etc/openresty/sites-enabled' do @@ -56,9 +56,9 @@ directory '/var/log/nginx/' do end template '/etc/openresty/sites-enabled/host.conf' do - source 'host.conf.erb' + source 'openresty/simple-proxy.conf.erb' end systemd_unit 'openresty' do action :reload -end \ No newline at end of file +end diff --git a/ops/cookbooks/vendor/windows/CHANGELOG.md b/ops/cookbooks/vendor/windows/CHANGELOG.md index d88694c..a11165d 100644 --- a/ops/cookbooks/vendor/windows/CHANGELOG.md +++ b/ops/cookbooks/vendor/windows/CHANGELOG.md @@ -2,6 +2,11 @@ This file is used to list changes made in each version of the windows cookbook. +## 6.0.1 (2019-10-01) + +- Update README.md for Windows cookbook suggesting core dns resources (#616) - [@NAshwini](https://github.com/NAshwini) +- Add a warning when using windows_zipfile resource as users should migrate to archive_file (#617) - [@NAshwini](https://github.com/NAshwini) + ## 6.0.0 (2019-04-25) ### Breaking Changes diff --git a/ops/cookbooks/vendor/windows/README.md b/ops/cookbooks/vendor/windows/README.md index b849fbf..430642c 100644 --- a/ops/cookbooks/vendor/windows/README.md +++ b/ops/cookbooks/vendor/windows/README.md @@ -22,7 +22,7 @@ Provides a set of Windows-specific resources to aid in the creation of cookbooks ### Deprecated Resources Note -As of Chef 14.7+ the windows_share and windows_certificate resources are now included in the Chef Client. If you are running Chef 14.7+ the resources in Chef client will take precedence over the resources in this cookbook. In November 2019 we will release a new major version of this cookbook that removes these resources. +As of Chef 14.7+ the windows_share and windows_certificate resources are now included in the Chef Client. Also the windows_zipfile resource is replaced by the new archive_file resource in Chef 15.0.293+. If you are running Chef 14.7+ the resources in Chef client will take precedence over the resources in this cookbook. In November 2019 we will release a new major version of this cookbook that removes these resources. ### windows_certificate @@ -135,6 +135,8 @@ end ### windows_dns +`Note`: This resource is now included in Chef 15 and later. If you are using newer versions of [windows](https://devblogs.microsoft.com/powershell/configuration-in-a-devops-world-windows-powershell-desired-state-configuration/) then should use the core [resource](https://github.com/chef/chef/blob/master/RELEASE_NOTES.md#windows_dns_record-resource) instead of windows_dns. + Configures A and CNAME records in Windows DNS. This requires the DNSCMD to be installed, which is done by adding the DNS role to the server or installing the Remote Server Admin Tools. #### Actions @@ -345,6 +347,8 @@ SeTakeOwnershipPrivilege Take ownership of files or other objects ### windows_zipfile +`Note`: This resource has been deprecated as Chef Infra Client 15.0 shipped with a new archive_file resource, which natively handles multiple archive formats. Please update any cookbooks using this resource to instead use the `archive_file` resource: https://docs.chef.io/resource_archive_file.html + Most version of Windows do not ship with native cli utility for managing compressed files. This resource provides a pure-ruby implementation for managing zip files. Be sure to use the `not_if` or `only_if` meta parameters to guard the resource for idempotence or action will be taken every Chef run. #### Actions diff --git a/ops/cookbooks/vendor/windows/metadata.json b/ops/cookbooks/vendor/windows/metadata.json index 33a7cfd..4bca055 100644 --- a/ops/cookbooks/vendor/windows/metadata.json +++ b/ops/cookbooks/vendor/windows/metadata.json @@ -1 +1 @@ -{"name":"windows","version":"6.0.0","description":"Provides a set of useful Windows-specific primitives.","long_description":"# Windows Cookbook\n\n[![Build status](https://ci.appveyor.com/api/projects/status/9x4uepmm1g4rktie/branch/master?svg=true)](https://ci.appveyor.com/project/ChefWindowsCookbooks/windows/branch/master) [![Cookbook Version](https://img.shields.io/cookbook/v/windows.svg)](https://supermarket.chef.io/cookbooks/windows)\n\nProvides a set of Windows-specific resources to aid in the creation of cookbooks/recipes targeting the Windows platform.\n\n## Requirements\n\n### Platforms\n\n- Windows 7\n- Windows Server 2008 R2\n- Windows 8, 8.1\n- Windows Server 2012 (R1, R2)\n- Windows Server 2016\n\n### Chef\n\n- Chef 14+\n\n## Resources\n\n### Deprecated Resources Note\n\nAs of Chef 14.7+ the windows_share and windows_certificate resources are now included in the Chef Client. If you are running Chef 14.7+ the resources in Chef client will take precedence over the resources in this cookbook. In November 2019 we will release a new major version of this cookbook that removes these resources.\n\n### windows_certificate\n\n`Note`: This resource is now included in Chef 14.7 and later. There is no need to depend on the Windows cookbook for this resource.\n\nInstalls a certificate into the Windows certificate store from a file, and grants read-only access to the private key for designated accounts. Due to current limitations in WinRM, installing certificated remotely may not work if the operation requires a user profile. Operations on the local machine store should still work.\n\n#### Actions\n\n- `:create` - creates or updates a certificate.\n- `:delete` - deletes a certificate.\n- `:acl_add` - adds read-only entries to a certificate's private key ACL.\n- `:verify` - logs whether or not a certificate is valid\n\n#### Properties\n\n- `source` - name attribute. The source file (for create and acl_add), thumbprint (for delete and acl_add) or subject (for delete).\n- `pfx_password` - the password to access the source if it is a pfx file.\n- `private_key_acl` - array of 'domain\\account' entries to be granted read-only access to the certificate's private key. This is not idempotent.\n- `store_name` - the certificate store to manipulate. One of:\n - MY (Personal)\n - CA (Intermediate Certification Authorities)\n - ROOT (Trusted Root Certification Authorities)\n - TRUSTEDPUBLISHER (Trusted Publishers)\n - CLIENTAUTHISSUER (Client Authentication Issuers)\n - REMOTE DESKTOP (Remote Desktop)\n - TRUSTEDDEVICES (Trusted Devices)\n - WEBHOSTING (Web Hosting)\n - AUTHROOT (Third-Party Root Certification Authorities)\n - TRUSTEDPEOPLE (Trusted People)\n - SMARTCARDROOT (Smart Card Trusted Roots)\n - TRUST (Enterprise Trust)\n - DISALLOWED (Untrusted Certificates)\n- `user_store` - if false (default) then use the local machine store; if true then use the current user's store.\n\n#### Examples\n\n```ruby\n# Add PFX cert to local machine personal store and grant accounts read-only access to private key\nwindows_certificate \"c:/test/mycert.pfx\" do\n pfx_password \"password\"\n private_key_acl [\"acme\\fred\", \"pc\\jane\"]\nend\n```\n\n```ruby\n# Add cert to trusted intermediate store\nwindows_certificate \"c:/test/mycert.cer\" do\n store_name \"CA\"\nend\n```\n\n```ruby\n# Remove all certificates matching the subject\nwindows_certificate \"me.acme.com\" do\n action :delete\nend\n```\n\n### windows_certificate_binding\n\nBinds a certificate to an HTTP port in order to enable TLS communication.\n\n#### Actions\n\n- `:create` - creates or updates a binding.\n- `:delete` - deletes a binding.\n\n#### Properties\n\n- `cert_name` - name attribute. The thumbprint(hash) or subject that identifies the certificate to be bound.\n- `name_kind` - indicates the type of cert_name. One of :subject (default) or :hash.\n- `address` - the address to bind against. Default is 0.0.0.0 (all IP addresses). One of:\n - IP v4 address `1.2.3.4`\n - IP v6 address `[::1]`\n - Host name `www.foo.com`\n- `port` - the port to bind against. Default is 443.\n- `app_id` - the GUID that defines the application that owns the binding. Default is the values used by IIS.\n- `store_name` - the store to locate the certificate in. One of:\n - MY (Personal)\n - CA (Intermediate Certification Authorities)\n - ROOT (Trusted Root Certification Authorities)\n - TRUSTEDPUBLISHER (Trusted Publishers)\n - CLIENTAUTHISSUER (Client Authentication Issuers)\n - REMOTE DESKTOP (Remote Desktop)\n - TRUSTEDDEVICES (Trusted Devices)\n - WEBHOSTING (Web Hosting)\n - AUTHROOT (Third-Party Root Certification Authorities)\n - TRUSTEDPEOPLE (Trusted People)\n - SMARTCARDROOT (Smart Card Trusted Roots)\n - TRUST (Enterprise Trust)\n\n#### Examples\n\n```ruby\n# Bind the first certificate matching the subject to the default TLS port\nwindows_certificate_binding \"me.acme.com\" do\nend\n```\n\n```ruby\n# Bind a cert from the CA store with the given hash to port 4334\nwindows_certificate_binding \"me.acme.com\" do\n cert_name \"d234567890a23f567c901e345bc8901d34567890\"\n name_kind :hash\n store_name \"CA\"\n port 4334\nend\n```\n\n### windows_dns\n\nConfigures A and CNAME records in Windows DNS. This requires the DNSCMD to be installed, which is done by adding the DNS role to the server or installing the Remote Server Admin Tools.\n\n#### Actions\n\n- :create: creates/updates the DNS entry\n- :delete: deletes the DNS entry\n\n#### Properties\n\n- host_name: name attribute. FQDN of the entry to act on.\n- dns_server: the DNS server to update. Default is local machine (.)\n- record_type: the type of record to create. One of A (default) or CNAME\n- target: for A records an array of IP addresses to associate with the host; for CNAME records the FQDN of the host to alias\n- ttl: if > 0 then set the time to live of the record\n\n#### Examples\n\n```ruby\n# Create A record linked to 2 addresses with a 10 minute ttl\nwindows_dns \"m1.chef.test\" do\n target ['10.9.8.7', '1.2.3.4']\n ttl 600\nend\n```\n\n```ruby\n# Delete records. target is mandatory although not used\nwindows_dns \"m1.chef.test\" do\n action :delete\n target []\nend\n```\n\n```ruby\n# Set an alias against the node in a role\nnodes = search( :node, \"role:my_service\" )\nwindows_dns \"myservice.chef.test\" do\n record_type 'CNAME'\n target nodes[0]['fqdn']\nend\n```\n\n### windows_http_acl\n\nSets the Access Control List for an http URL to grant non-admin accounts permission to open HTTP endpoints.\n\n#### Actions\n\n- `:create` - creates or updates the ACL for a URL.\n- `:delete` - deletes the ACL from a URL.\n\n#### Properties\n\n- `url` - the name of the url to be created/deleted.\n- `sddl` - the DACL string configuring all permissions to URL. Mandatory for create if user is not provided. Can't be use with `user`.\n- `user` - the name (domain\\user) of the user or group to be granted permission to the URL. Mandatory for create if sddl is not provided. Can't be use with `sddl`. Only one user or group can be granted permission so this replaces any previously defined entry. If you receive a parameter error your user may not exist.\n\n#### Examples\n\n```ruby\nwindows_http_acl 'http://+:50051/' do\n user 'pc\\\\fred'\nend\n```\n\n```ruby\n# Grant access to users \"NT SERVICE\\WinRM\" and \"NT SERVICE\\Wecsvc\" via sddl\nwindows_http_acl 'http://+:5985/' do\n sddl 'D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)'\nend\n```\n\n```ruby\nwindows_http_acl 'http://+:50051/' do\n action :delete\nend\n```\n\n### windows_share\n\n`Note`: This resource is now included in Chef 14.7 and later. There is no need to depend on the Windows cookbook for this resource.\n\nCreates, modifies and removes Windows shares. All properties are idempotent.\n\n`Note`: This resource uses PowerShell cmdlets introduced in Windows 2012/8.\n\n#### Actions\n\n- `:create`: creates/modifies a share\n- `:delete`: deletes a share\n\n#### Properties\n\nproperty | type | default | description\n------------------------ | ---------- | ------------- | -----------------------------------------------------------------------------------------------------------------------------------------------------------\n`share_name` | String | resource name | the share to assign to the share\n`path` | String | | The path of the location of the folder to share. Required when creating. If the share already exists on a different path then it is deleted and re-created.\n`description` | String | | description to be applied to the share\n`full_users` | Array | [] | users which should have \"Full control\" permissions\n`change_users` | Array | [] | Users are granted modify permission to access the share.\n`read_users` | Array | [] | users which should have \"Read\" permissions\n`temporary` | True/False | false | The lifetime of the new SMB share. A temporary share does not persist beyond the next restart of the computer\n`scope_name` | String | '*' | The scope name of the share.\n`ca_timeout` | Integer | 0 | The continuous availability time-out for the share.\n`continuously_available` | True/False | false | Indicates that the share is continuously available.\n`concurrent_user_limit` | Integer | 0 (unlimited) | The maximum number of concurrently connected users the share can accommodate\n`encrypt_data` | True/False | false | Indicates that the share is encrypted.\n\n#### Examples\n\n```ruby\nwindows_share \"foo\" do\n action :create\n path \"C:\\\\foo\"\n full_users [\"DOMAIN_A\\\\some_user\", \"DOMAIN_B\\\\some_other_user\"]\n read_users [\"DOMAIN_C\\\\Domain users\"]\nend\n```\n\n```ruby\nwindows_share \"foo\" do\n action :delete\nend\n```\n\n### windows_user_privilege\n\nAdds the `principal` (User/Group) to the specified privileges (such as `Logon as a batch job` or `Logon as a Service`).\n\n#### Actions\n\n- `:add` - add the specified privileges to the `principal`\n- `:remove` - remove the specified privilege of the `principal`\n\n#### Properties\n\n- `principal` - Name attribute, Required, String. The user or group to be granted privileges.\n- `privilege` - Required, String/Array. The privilege(s) to be granted.\n\n#### Examples\n\nGrant the Administrator user the `Logon as a batch job` and `Logon as a service` privilege.\n\n```ruby\nwindows_user_privilege 'Administrator' do\n privilege %w(SeBatchLogonRight SeServiceLogonRight)\nend\n```\n\nRemove `Logon as a batch job` privilege of Administrator.\n\n```ruby\nwindows_user_privilege 'Administrator' do\n privilege %w(SeBatchLogonRight)\n action :remove\nend\n```\n\n#### Available Privileges\n\n```\nSeTrustedCredManAccessPrivilege Access Credential Manager as a trusted caller\nSeNetworkLogonRight Access this computer from the network\nSeTcbPrivilege Act as part of the operating system\nSeMachineAccountPrivilege Add workstations to domain\nSeIncreaseQuotaPrivilege Adjust memory quotas for a process\nSeInteractiveLogonRight Allow log on locally\nSeRemoteInteractiveLogonRight Allow log on through Remote Desktop Services\nSeBackupPrivilege Back up files and directories\nSeChangeNotifyPrivilege Bypass traverse checking\nSeSystemtimePrivilege Change the system time\nSeTimeZonePrivilege Change the time zone\nSeCreatePagefilePrivilege Create a pagefile\nSeCreateTokenPrivilege Create a token object\nSeCreateGlobalPrivilege Create global objects\nSeCreatePermanentPrivilege Create permanent shared objects\nSeCreateSymbolicLinkPrivilege Create symbolic links\nSeDebugPrivilege Debug programs\nSeDenyNetworkLogonRight Deny access this computer from the network\nSeDenyBatchLogonRight Deny log on as a batch job\nSeDenyServiceLogonRight Deny log on as a service\nSeDenyInteractiveLogonRight Deny log on locally\nSeDenyRemoteInteractiveLogonRight Deny log on through Remote Desktop Services\nSeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation\nSeRemoteShutdownPrivilege Force shutdown from a remote system\nSeAuditPrivilege Generate security audits\nSeImpersonatePrivilege Impersonate a client after authentication\nSeIncreaseWorkingSetPrivilege Increase a process working set\nSeIncreaseBasePriorityPrivilege Increase scheduling priority\nSeLoadDriverPrivilege Load and unload device drivers\nSeLockMemoryPrivilege Lock pages in memory\nSeBatchLogonRight Log on as a batch job\nSeServiceLogonRight Log on as a service\nSeSecurityPrivilege Manage auditing and security log\nSeRelabelPrivilege Modify an object label\nSeSystemEnvironmentPrivilege Modify firmware environment values\nSeManageVolumePrivilege Perform volume maintenance tasks\nSeProfileSingleProcessPrivilege Profile single process\nSeSystemProfilePrivilege Profile system performance\nSeUnsolicitedInputPrivilege \"Read unsolicited input from a terminal device\"\nSeUndockPrivilege Remove computer from docking station\nSeAssignPrimaryTokenPrivilege Replace a process level token\nSeRestorePrivilege Restore files and directories\nSeShutdownPrivilege Shut down the system\nSeSyncAgentPrivilege Synchronize directory service data\nSeTakeOwnershipPrivilege Take ownership of files or other objects\n```\n\n### windows_zipfile\n\nMost version of Windows do not ship with native cli utility for managing compressed files. This resource provides a pure-ruby implementation for managing zip files. Be sure to use the `not_if` or `only_if` meta parameters to guard the resource for idempotence or action will be taken every Chef run.\n\n#### Actions\n\n- `:unzip` - unzip a compressed file\n- `:zip` - zip a directory (recursively)\n\n#### Properties\n\n- `path` - name attribute. The path where files will be (un)zipped to.\n- `source` - source of the zip file (either a URI or local path) for :unzip, or directory to be zipped for :zip.\n- `overwrite` - force an overwrite of the files if they already exist.\n- `checksum` - for :unzip, useful if source is remote, if the local file matches the SHA-256 checksum, Chef will not download it.\n\n#### Examples\n\nUnzip a remote zip file locally\n\n```ruby\nwindows_zipfile 'c:/bin' do\n source 'http://download.sysinternals.com/Files/SysinternalsSuite.zip'\n action :unzip\n not_if {::File.exists?('c:/bin/PsExec.exe')}\nend\n```\n\nUnzip a local zipfile\n\n```ruby\nwindows_zipfile 'c:/the_codez' do\n source 'c:/foo/baz/the_codez.zip'\n action :unzip\nend\n```\n\nCreate a local zipfile\n\n```ruby\nwindows_zipfile 'c:/foo/baz/the_codez.zip' do\n source 'c:/the_codez'\n action :zip\nend\n```\n\n## Libraries\n\n### WindowsHelper\n\nHelper that allows you to use helpful functions in windows\n\n#### installed_packages\n\nReturns a hash of all DisplayNames installed\n\n```ruby\n# usage in a recipe\n::Chef::Recipe.send(:include, Windows::Helper)\nhash_of_installed_packages = installed_packages\n```\n\n#### is_package_installed?\n\n- `package_name` - The name of the package you want to query to see if it is installed\n- `returns` - true if the package is installed, false if it the package is not installed\n\nDownload a file if a package isn't installed\n\n```ruby\n# usage in a recipe to not download a file if package is already installed\n::Chef::Recipe.send(:include, Windows::Helper)\nis_win_sdk_installed = is_package_installed?('Windows Software Development Kit')\n\nremote_file 'C:\\windows\\temp\\windows_sdk.zip' do\n source 'http://url_to_download/windows_sdk.zip'\n action :create_if_missing\n not_if {is_win_sdk_installed}\nend\n```\n\nDo something if a package is installed\n\n```ruby\n# usage in a provider\ninclude Windows::Helper\nif is_package_installed?('Windows Software Development Kit')\n # do something if package is installed\nend\n```\n\n### Windows::VersionHelper\n\nHelper that allows you to get information of the windows version running on your node. It leverages windows ohai from kernel.os_info, easy to mock and to use even on linux.\n\n#### core_version?\n\nDetermines whether given node is running on a windows Core.\n\n```ruby\nif ::Windows::VersionHelper.core_version? node\n fail 'Windows Core is not supported'\nend\n```\n\n#### workstation_version?\n\nDetermines whether given node is a windows workstation version (XP, Vista, 7, 8, 8.1, 10)\n\n```ruby\nif ::Windows::VersionHelper.workstation_version? node\n fail 'Only server version of windows are supported'\nend\n```\n\n#### server_version?\n\nDetermines whether given node is a windows server version (Server 2003, Server 2008, Server 2012, Server 2016)\n\n```ruby\nif ::Windows::VersionHelper.server_version? node\n puts 'Server version of windows are cool'\nend\n```\n\n#### nt_version\n\nDetermines NT version of the given node\n\n```ruby\ncase ::Windows::VersionHelper.nt_version node\n when '6.0' then 'Windows vista or Server 2008'\n when '6.1' then 'Windows 7 or Server 2008R2'\n when '6.2' then 'Windows 8 or Server 2012'\n when '6.3' then 'Windows 8.1 or Server 2012R2'\n when '10.0' then 'Windows 10'\nend\n```\n\n## Usage\n\nPlace an explicit dependency on this cookbook (using depends in the cookbook's metadata.rb) from any cookbook where you would like to use the Windows-specific resources/providers that ship with this cookbook.\n\n```ruby\ndepends 'windows'\n```\n\n## License & Authors\n\n- Author:: Seth Chisamore ([schisamo@chef.io](mailto:schisamo@chef.io))\n- Author:: Doug MacEachern ([dougm@vmware.com](mailto:dougm@vmware.com))\n- Author:: Paul Morton ([pmorton@biaprotect.com](mailto:pmorton@biaprotect.com))\n- Author:: Doug Ireton ([doug.ireton@nordstrom.com](mailto:doug.ireton@nordstrom.com))\n\n```text\nCopyright 2011-2018, Chef Software, Inc.\nCopyright 2010, VMware, Inc.\nCopyright 2011, Business Intelligence Associates, Inc\nCopyright 2012, Nordstrom, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"windows":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/windows","issues_url":"https://github.com/chef-cookbooks/windows/issues","chef_version":[[">= 14"]],"ohai_version":[]} \ No newline at end of file +{"name":"windows","version":"6.0.1","description":"Provides a set of useful Windows-specific primitives.","long_description":"","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"windows":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/windows","issues_url":"https://github.com/chef-cookbooks/windows/issues","chef_version":[[">= 14"]],"ohai_version":[]} \ No newline at end of file diff --git a/ops/cookbooks/vendor/windows/metadata.rb b/ops/cookbooks/vendor/windows/metadata.rb index f65f147..9c787e8 100644 --- a/ops/cookbooks/vendor/windows/metadata.rb +++ b/ops/cookbooks/vendor/windows/metadata.rb @@ -3,8 +3,7 @@ maintainer 'Chef Software, Inc.' maintainer_email 'cookbooks@chef.io' license 'Apache-2.0' description 'Provides a set of useful Windows-specific primitives.' -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '6.0.0' +version '6.0.1' supports 'windows' source_url 'https://github.com/chef-cookbooks/windows' issues_url 'https://github.com/chef-cookbooks/windows/issues' diff --git a/ops/cookbooks/vendor/windows/providers/dns.rb b/ops/cookbooks/vendor/windows/providers/dns.rb index f6a8b31..fae9858 100644 --- a/ops/cookbooks/vendor/windows/providers/dns.rb +++ b/ops/cookbooks/vendor/windows/providers/dns.rb @@ -23,11 +23,6 @@ include Windows::Helper -# Support whyrun -def whyrun_supported? - true -end - action :create do if @current_resource.exists needs_change = (@new_resource.record_type != @current_resource.record_type) || diff --git a/ops/cookbooks/vendor/windows/resources/dns.rb b/ops/cookbooks/vendor/windows/resources/dns.rb index 35b0274..8f375b2 100644 --- a/ops/cookbooks/vendor/windows/resources/dns.rb +++ b/ops/cookbooks/vendor/windows/resources/dns.rb @@ -1,6 +1,6 @@ # # Author:: Richard Lavey (richard.lavey@calastone.com) -# Cookbook Name:: windows +# Cookbook:: windows # Resource:: dns # # Copyright:: 2015, Calastone Ltd. diff --git a/ops/cookbooks/vendor/windows/resources/zipfile.rb b/ops/cookbooks/vendor/windows/resources/zipfile.rb index 424717b..f182b5a 100644 --- a/ops/cookbooks/vendor/windows/resources/zipfile.rb +++ b/ops/cookbooks/vendor/windows/resources/zipfile.rb @@ -116,6 +116,7 @@ action_class do def ensure_rubyzip_gem_installed require 'zip' + Chef::Log.warn('The windows_zipfile resource has been deprecated as Chef Infra Client 15.0 shipped with a new archive_file resource, which natively handles multiple archive formats. Please update any cookbooks using this resource to instead use the `archive_file` resource: https://docs.chef.io/resource_archive_file.html') rescue LoadError Chef::Log.info("Missing gem 'rubyzip'...installing now.") chef_gem 'rubyzip' do diff --git a/ops/roles/common.rb b/ops/roles/common.rb index 927f384..1bb4f53 100644 --- a/ops/roles/common.rb +++ b/ops/roles/common.rb @@ -8,7 +8,7 @@ run_list( "recipe[t42-common::python]", "recipe[t42-common::nodejs]", # "recipe[t42-common::apache]", - # "recipe[t42-common::openresty]", + "recipe[t42-common::openresty]", # "recipe[t42-common::php]", # "recipe[t42-common::mysql]", ) \ No newline at end of file