microsoft
/
macos-cookbook
зеркало из https://github.com/microsoft/macos-cookbook.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Release 1.5 (#43) 

* Feature/useraddtogroup: macos_user new property "groups" (#41)

* Add smoke test for new property "groups" for macos_user resource

* Add new macos_user that utilizes the new "groups" property

* Add new property for macos_user called "groups"

groups property will take a String or an Array

* Idempotent "machine_name" resource + docs

- This commit includes a revamped machine_name resource along with some other magical additions. The additions include a software_updates helper, abd a re-working of the `binary?` plist action_class method
- More realistic version bump
- Documentation for machine_name resource
- Better test for machine_name resource (fix macOS version test bug)

* update relative paths for documentation for Supermarket shoppers

* add backticks

* remove delivery; fix keep_awake idempotence bug
This commit is contained in:
Eric Hanko 2018-02-12 12:23:41 -08:00 коммит произвёл GitHub
Родитель f1a1e2b994
Коммит 6e8db283df
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
43 изменённых файлов: 375 добавлений и 808 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

21
.delivery/build_cookbook/.kitchen.yml
Просмотреть файл

@ -1,21 +0,0 @@
---
driver:
name: vagrant
synced_folders:
- [<%= File.join(ENV['PWD'], '..', '..')%>, '/tmp/repo-data']
provisioner:
name: chef_zero
encrypted_data_bag_secret_key_path: 'secrets/fakey-mcfakerton'
data_bags_path: './data_bags'
product_name: chefdk
platforms:
- name: ubuntu-16.04
- name: centos-7.3
suites:
- name: default
run_list:
- recipe[test]
attributes:

7
.delivery/build_cookbook/Berksfile
Просмотреть файл

@ -1,7 +0,0 @@
source 'https://supermarket.chef.io'
metadata
group :delivery do
cookbook 'test', path: './test/fixtures/cookbooks/test'
end

21
.delivery/build_cookbook/LICENSE
Просмотреть файл

@ -1,21 +0,0 @@
The MIT License (MIT)
Copyright (c) 2017 Copyright © 2017 Microsoft. All rights reserved.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

146
.delivery/build_cookbook/README.md
Просмотреть файл

@ -1,146 +0,0 @@
# build_cookbook
A build cookbook for running the parent project through Chef Delivery
This build cookbook should be customized to suit the needs of the parent project. Using this cookbook can be done outside of Chef Delivery, too. If the parent project is a Chef cookbook, we've detected that and "wrapped" [delivery-truck](https://github.com/chef-cookbooks/delivery-truck). That means it is a dependency, and each of its pipeline phase recipes is included in the appropriate phase recipes in this cookbook. If the parent project is not a cookbook, it's left as an exercise to the reader to customize the recipes as needed for each phase in the pipeline.
## .delivery/config.json
In the parent directory to this build_cookbook, the `config.json` can be modified as necessary. For example, phases can be skipped, publishing information can be added, and so on. Refer to customer support or the Chef Delivery documentation for assistance on what options are available for this configuration.
## Test Kitchen - Local Verify Testing
This cookbook also has a `.kitchen.yml` which can be used to create local build nodes with Test Kitchen to perform the verification phases, `unit`, `syntax`, and `lint`. When running `kitchen converge`, the instances will be set up like Chef Delivery "build nodes" with the [delivery_build cookbook](https://github.com/chef-cookbooks/delivery_build). The reason for this is to make sure that the same exact kind of nodes are used by this build cookbook are run on the local workstation as would run Delivery. It will run `delivery job verify PHASE` for the parent project.
Modify the `.kitchen.yml` if necessary to change the platforms or other configuration to run the verify phases. After making changes in the parent project, `cd` into this directory (`.delivery/build_cookbook`), and run:
```
kitchen test
```
## Recipes
Each of the recipes in this build_cookbook are run in the named phase during the Chef Delivery pipeline. The `unit`, `syntax`, and `lint` recipes are additionally run when using Test Kitchen for local testing as noted in the above section.
## Making Changes - Cookbook Example
When making changes in the parent project (that which lives in `../..` from this directory), or in the recipes in this build cookbook, there is a bespoke workflow for Chef Delivery. As an example, we'll discuss a Chef Cookbook as the parent.
First, create a new branch for the changes.
```
git checkout -b testing-build-cookbook
```
Next, increment the version in the metadata.rb. This should be in the _parent_, not in this, the build_cookbook. If this is not done, the verify phase will fail.
```
% git diff
<SNIP>
-version '0.1.0'
+version '0.1.1'
```
The change we'll use for an example is to install the `zsh` package. Write a failing ChefSpec in the cookbook project's `spec/unit/recipes/default_spec.rb`.
```ruby
require 'spec_helper'
describe 'godzilla::default' do
context 'When all attributes are default, on Ubuntu 16.04' do
let(:chef_run) do
runner = ChefSpec::ServerRunner.new(platform: 'ubuntu', version: '16.04')
runner.converge(described_recipe)
end
it 'installs zsh' do
expect(chef_run).to install_package('zsh')
end
end
end
```
Commit the local changes as work in progress. The `delivery job` expects to use a clean git repository.
```
git add ../..
git commit -m 'WIP: Testing changes'
```
From _this_ directory (`.delivery/build_cookbook`, relative to the parent cookbook project), run
```
cd .delivery/build_cookbook
kitchen converge
```
This will take some time at first, because the VMs need to be created, Chef installed, the Delivery CLI installed, etc. Later runs will be faster until they are destroyed. It will also fail on the first VM, as expected, because we wrote the test first. Now edit the parent cookbook project's default recipe to install `zsh`.
```
cd ../../
$EDITOR/recipes/default.rb
```
It should look like this:
```
package 'zsh'
```
Create another commit.
```
git add .
git commit -m 'WIP: Install zsh in default recipe'
```
Now rerun kitchen from the build_cookbook.
```
cd .delivery/build_cookbook
kitchen converge
```
This will take awhile because it will now pass on the first VM, and then create the second VM. We should have warned you this was a good time for a coffee break.
```
Recipe: test::default
- execute HOME=/home/vagrant delivery job verify unit --server localhost --ent test --org kitchen
* execute[HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen] action run
- execute HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen
- execute HOME=/home/vagrant delivery job verify syntax --server localhost --ent test --org kitchen
Running handlers:
Running handlers complete
Chef Client finished, 3/32 resources updated in 54.665445968 seconds
Finished converging <default-centos-71> (1m26.83s).
```
Victory is ours! Our verify phase passed on the build nodes.
We are ready to run this through our Delivery pipeline. Simply run `delivery review` on the local system from the parent project, and it will open a browser window up to the change we just added.
```
cd ../..
delivery review
```
## FAQ
### Why don't I just run rspec and foodcritic/rubocop on my local system?
An objection to the Test Kitchen approach is that it is much faster to run the unit, lint, and syntax commands for the project on the local system. That is totally true, and also totally valid. Do that for the really fast feedback loop. However, the dance we do with Test Kitchen brings a much higher degree of confidence in the changes we're making, that everything will run on the build nodes in Chef Delivery. We strongly encourage this approach before actually pushing the changes to Delivery.
### Why do I have to make a commit every time?
When running `delivery job`, it expects to merge the commit for the changeset against the clean master branch. If we don't save our progress by making a commit, our local changes aren't run through `delivery job` in the Test Kitchen build instances. We can always perform an interactive rebase, and modify the original changeset message in Delivery with `delivery review --edit`. The latter won't modify the git commits, only the changeset in Delivery.
### What do I do next?
Make changes in the cookbook project as required for organizational goals and needs. Modify the `build_cookbook` as necessary for the pipeline phases that the cookbook should go through.
### What if I get stuck?
Contact Chef Support, or your Chef Customer Success team and they will help you get unstuck.

107
.delivery/build_cookbook/chefignore
Просмотреть файл

@ -1,107 +0,0 @@
# Put files/directories that should be ignored in this file when uploading
# to a chef-server or supermarket.
# Lines that start with '# ' are comments.
# OS generated files #
######################
.DS_Store
Icon?
nohup.out
ehthumbs.db
Thumbs.db
# SASS #
########
.sass-cache
# EDITORS #
###########
\#*
.#*
*~
*.sw[a-z]
*.bak
REVISION
TAGS*
tmtags
*_flymake.*
*_flymake
*.tmproj
.project
.settings
mkmf.log
## COMPILED ##
##############
a.out
*.o
*.pyc
*.so
*.com
*.class
*.dll
*.exe
*/rdoc/
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
# SCM #
#######
.git
*/.git
.gitignore
.gitmodules
.gitconfig
.gitattributes
.svn
*/.bzr/*
*/.hg/*
*/.svn/*
# Berkshelf #
#############
Berksfile
Berksfile.lock
cookbooks/*
tmp
# Policyfile #
##############
Policyfile.rb
Policyfile.lock.json
# Cookbooks #
#############
CONTRIBUTING*
CHANGELOG*
TESTING*
MAINTAINERS.toml
# Strainer #
############
Colanderfile
Strainerfile
.colander
.strainer
# Vagrant #
###########
.vagrant
Vagrantfile

1
.delivery/build_cookbook/data_bags/keys/delivery_builder_keys.json
Просмотреть файл

@ -1 +0,0 @@
{"id": "delivery_builder_keys"}

8
.delivery/build_cookbook/metadata.rb
Просмотреть файл

@ -1,8 +0,0 @@
name 'build_cookbook'
maintainer 'Copyright © 2017 Microsoft. All rights reserved.'
maintainer_email 'apxlab@microsoft.com'
license 'mit'
version '0.1.0'
chef_version '>= 12.1' if respond_to?(:chef_version)
depends 'delivery-truck'

27
.delivery/build_cookbook/recipes/default.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: default
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::default'

27
.delivery/build_cookbook/recipes/deploy.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: deploy
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::deploy'

27
.delivery/build_cookbook/recipes/functional.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: functional
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::functional'

27
.delivery/build_cookbook/recipes/lint.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: lint
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::lint'

27
.delivery/build_cookbook/recipes/provision.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: provision
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::provision'

27
.delivery/build_cookbook/recipes/publish.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: publish
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::publish'

27
.delivery/build_cookbook/recipes/quality.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: quality
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::quality'

27
.delivery/build_cookbook/recipes/security.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: security
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::security'

27
.delivery/build_cookbook/recipes/smoke.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: smoke
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::smoke'

27
.delivery/build_cookbook/recipes/syntax.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: syntax
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::syntax'

27
.delivery/build_cookbook/recipes/unit.rb
Просмотреть файл

@ -1,27 +0,0 @@
#
# Cookbook:: build_cookbook
# Recipe:: unit
#
# The MIT License (MIT)
#
# Copyright:: 2017, Copyright © 2017 Microsoft. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'delivery-truck::unit'

0
.delivery/build_cookbook/secrets/fakey-mcfakerton
Просмотреть файл

2
.delivery/build_cookbook/test/fixtures/cookbooks/test/metadata.rb поставляемый
Просмотреть файл

@ -1,2 +0,0 @@
name 'test'
version '0.1.0'

8
.delivery/build_cookbook/test/fixtures/cookbooks/test/recipes/default.rb поставляемый
Просмотреть файл

@ -1,8 +0,0 @@
%w(unit lint syntax).each do |phase|
# TODO: This works on Linux/Unix. Not Windows.
execute "HOME=/home/vagrant delivery job verify #{phase} --server localhost --ent test --org kitchen" do
cwd '/tmp/repo-data'
user 'vagrant'
environment('GIT_DISCOVERY_ACROSS_FILESYSTEM' => '1')
end
end

12
.delivery/config.json
Просмотреть файл

@ -1,12 +0,0 @@
{
"version": "2",
"build_cookbook": {
"name": "build_cookbook",
"path": ".delivery/build_cookbook"
},
"skip_phases": [],
"job_dispatch": {
"version": "v2"
},
"dependencies": []
}

36
.delivery/project.toml
Просмотреть файл

@ -1,36 +0,0 @@
# Delivery Prototype for Local Phases Execution
#
# The purpose of this file is to prototype a new way to execute
# phases locally on your workstation. The delivery-cli will read
# this file and execute the command(s) that are configured for
# each phase. You can customize them by just modifying the phase
# key on this file.
#
# By default these phases are configured for Cookbook Workflow only
#
# As this is still a prototype we are not modifying the current
# config.json file and it will continue working as usual.
[local_phases]
unit = "chef exec rspec spec/"
lint = "chef exec cookstyle"
# Foodcritic includes rules only appropriate for community cookbooks
# uploaded to Supermarket. We turn off any rules tagged "supermarket"
# by default. If you plan to share this cookbook you should remove
# '-t ~supermarket' below to enable supermarket rules.
syntax = "chef exec foodcritic . --exclude spec -f any -t ~supermarket"
provision = "chef exec kitchen create"
deploy = "chef exec kitchen converge"
smoke = "chef exec kitchen verify"
# The functional phase is optional, you can define it by uncommenting
# the line below and running the command: `delivery local functional`
functional = "echo No functional tests found."
cleanup = "chef exec kitchen destroy"
# Remote project.toml file
#
# Specify a remote URI location for the `project.toml` file.
# This is useful for teams that wish to centrally manage the behavior
# of the `delivery local` command across many different projects.
#
# remote_file = "https://url/project.toml"

7
.mailmap Normal file
Просмотреть файл

@ -0,0 +1,7 @@
Jacob Zaval <jazava@microsoft.com>
Eric Hanko <v-erhank@microsoft.com> Unknown <v-erhank@microsoft.com> <eric.hanko1@gmail.com>
Mark John Merin <v-mamer@microsoft.com> <33106688+mjmerin@users.noreply.github.com>
Ryan Dominguez <v-rydom@microsoft.com>
Eammon Hanlon <eammon.hanlon@outlook.com> Unknown <eammon.hanlon@microsoft.com> <eahanl@microsoft.com> <eammon.hanlon@gmail.com> <ehanlon@users.noreply.github.com>
Andre Shelds <v-anshie@microsoft.com> v-anshie <v-anshie@microsoft.com>
Darío Hereñú <magallania@gmail.com>

88
README.md
Просмотреть файл

@ -5,24 +5,26 @@ The macOS cookbook is a Chef library cookbook that provides resources for config
and provisioning macOS. Additionally, it provides recipes that implement common
use-cases of the macOS cookbook's resources.
|||
|-|-|
| macOS High Sierra 10.13 | ![build-status-1013](https://office.visualstudio.com/_apis/public/build/definitions/59d72877-1cea-4eb6-9d06-66716573631a/2143/badge) |
| macOS Sierra 10.12 | ![build-status-1012](https://office.visualstudio.com/_apis/public/build/definitions/59d72877-1cea-4eb6-9d06-66716573631a/2140/badge) |
|||
- [Chef Requirements](#chef-requirements)
- [Supported OS Versions](#supported-os-versions)
- [Attributes](#attributes)
- [Recipes](#recipes)
- [Data Bags](#data-bags)
- [Resources](#resources)
Requirements
------------
Chef Requirements
-----------------
- Only tested on Chef 13
- Surprisingly, this cookbook is only compatible with macOS
Currently, we've only tested the macOS cookbook using **Chef 13**. We do intend to implement
better test coverage in order to support more versions of Chef. Let us know
if you find issues with previous versions and we will do our best to resolve them.
Supported OS Versions
---------------------
- OS X El Capitan 10.11
- macOS Sierra 10.12
- macOS High Sierra 10.13
| OS X El Capitan 10.11 | macOS Sierra 10.12 | macOS High Sierra 10.13 |
|:---------------------:|:------------------:|:-----------------------:|
| ![build-status-1011](https://office.visualstudio.com/_apis/public/build/definitions/59d72877-1cea-4eb6-9d06-66716573631a/2140/badge) | ![build-status-1012](https://office.visualstudio.com/_apis/public/build/definitions/59d72877-1cea-4eb6-9d06-66716573631a/2140/badge) | ![build-status-1013](https://office.visualstudio.com/_apis/public/build/definitions/59d72877-1cea-4eb6-9d06-66716573631a/2143/badge) |
Attributes
----------
@ -51,59 +53,64 @@ No attributes used in this recipe.
### Keep Awake
Prevent macOS from falling asleep, disable the screensaver, and
several other settings to always keep macOS on. Uses the `plistbuddy` and `pmset`
resources.
Prevent macOS from falling asleep, disable the screensaver, reboot upon power failure,
enable wake on LAN, enable remote login (SSH) and adjust several other settings
to always keep macOS on and available.
**Usage:** `include_recipe macos::keep_awake`
| Attribute used | Default value |
|---------------------------------------|-------------------------|
| `node['macos']['network_time_server']`| `'time.windows.com'` |
| `node['macos']['time_zone']` | `'America/Los_Angeles'` |
| Attributes used | Default value |
|-----------------------------------------|-------------------------|
| `node['macos']['remote_login_enabled']` | `true` |
| `node['macos']['disk_sleep_disabled']` | `false` |
| `node['macos']['network_time_server']` | `'time.windows.com'` |
| `node['macos']['time_zone']` | `'America/Los_Angeles'` |
### Mono
Installs [Mono](http://www.mono-project.com/docs/about-mono/). Requires package
name, version number, and checksum in order to override.
Installs [Mono](http://www.mono-project.com/docs/about-mono/). Requires setting
the `package`, `version` and `checksum` attributes in order to override.
**Usage:** `include_recipe macos::mono`
| Attribute used | Default value |
|-------------------------------------|----------------------------------------|
| `node['macos']['mono']['package']` | `'MonoFramework-MDK-4.4.2.11.macos10.xamarin.universal.pkg'` |
| `node['macos']['mono']['version']` | `'4.4.2'` |
| Attributes used | Default value |
|-------------------------------------|----------------------------------------------------------------------|
| `node['macos']['mono']['package']` | `'MonoFramework-MDK-4.4.2.11.macos10.xamarin.universal.pkg'` |
| `node['macos']['mono']['version']` | `'4.4.2'` |
| `node['macos']['mono']['checksum']` | `'d8bfbee7ae4d0d1facaf0ddfb70c0de4b1a3d94bb1b4c38e8fa4884539f54e23'` |
### Xcode
Installs Xcode 9.1 and simulators for iOS 10 and iOS 11. Check out
the documentation for the Xcode resource if you need more flexibility.
Installs Xcode 9.1 and simulators for iOS 10 and iOS 11. See the
[Xcode resource documentation](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_xcode.md) if you need
more flexibility.
:large_orange_diamond: Requires an `apple_id` data bag item.
:warning: Requires a `credentials` data bag containing an `apple_id` data bag item.
**Usage:** `include_recipe macos::xcode`
| Attribute Used | Default value |
|---------------------------------------------------------------|---------------|
| `node['macos']['xcode']['version']` | `'9.1'` |
| `node['macos']['xcode']['simulator']['major_version']` | `%w(11 10)` |
| Attributes used | Default value |
|--------------------------------------------------------|---------------|
| `node['macos']['xcode']['version']` | `'9.2'` |
| `node['macos']['xcode']['simulator']['major_version']` | `[11, 10]` |
### Apple Configurator 2
Installs Apple Configurator 2 using `mas` and links `cfgutil` to
`/usr/local/bin`.
:large_orange_diamond: Requires an `apple_id` data bag item.
:warning: Requires a `credentials` data bag containing an `apple_id.json` data bag item.
**Usage:** `include_recipe macos::configurator`
**Attributes**: No attributes used in this recipe.
#### Data Bags
Data Bags
---------
Both the `macos::xcode` and `macos::configurator` recipes require a data bag
item named `apple_id` containing valid Apple ID credentials. For example:
Both the `macos::xcode` and `macos::configurator` recipes require a `credentials`
data bag with an `apple_id` data bag item. The item should contain valid Apple ID
credentials. For example:
**Example:**
@ -118,7 +125,8 @@ item named `apple_id` containing valid Apple ID credentials. For example:
Resources
---------
- [ARD (Apple Remote Desktop)](./documentation/resource_ard.md)
- [Plist](./documentation/resource_plist.md)
- [Xcode](./documentation/resource_xcode.md)
- [Spotlight (mdutil)](./documentation/resource_spotlight.md)
- [ARD (Apple Remote Desktop)](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_ard.md)
- [Machine Name](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_machine_name.md)
- [Plist](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_plist.md)
- [Spotlight (mdutil)](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_spotlight.md)
- [Xcode](https://github.com/Microsoft/macos-cookbook/blob/master/documentation/resource_xcode.md)

2
attributes/default.rb
Просмотреть файл

@ -5,7 +5,7 @@ default['macos']['mono']['package'] = 'MonoFramework-MDK-4.4.2.11.macos10.xamari
default['macos']['mono']['version'] = '4.4.2'
default['macos']['mono']['checksum'] = 'd8bfbee7ae4d0d1facaf0ddfb70c0de4b1a3d94bb1b4c38e8fa4884539f54e23'
default['macos']['xcode']['version'] = '9.1'
default['macos']['xcode']['version'] = '9.2'
default['macos']['xcode']['simulator']['major_version'] = %w(11 10)
default['macos']['remote_login_enabled'] = true

49
documentation/resource_ard.md
Просмотреть файл

@ -1,19 +1,17 @@
ard
===
Use the **ard** resource to manage Remote Desktop settings and preferences.
Under the hood, an **ard** resource executes the `kickstart` command, located
in ARDAgent.app (one of the CoreServices of macOS). It has some basic actions,
which pertain to the simple `kickstart` subcommands. It also has the more
complicated `:configure` action, which requires some familiarity with
`kickstart`.
[Learn more about the `kickstart` command](https://support.apple.com/en-us/HT201710).
Use the **ard** resource to manage the "Remote Management" settings, found in System
Preferences > Sharing > Remote Management. Under the hood, an **ard** resource
executes the `kickstart` command, located in ARDAgent.app (one of macOS' "core services").
It has some basic actions, which pertain to the simple `kickstart` subcommands.
It also has the more complicated `:configure` action, which requires some familiarity
with [`kickstart`](https://support.apple.com/en-us/HT201710).
Syntax
------
A **ard** resource block declares a basic description of the command configuration
An **ard** resource block declares a basic description of the command configuration
and a set of properties depending on the actions executed. For example:
```ruby
@ -27,25 +25,31 @@ where
- `:activate` activates the ARD agent
- `:configure` configures the agent using the `kickstart` defaut commandline arguments.
The default `:configure` action is equivalent to the following
**System Preferences > Sharing** settings:
![Sharing Preferences](sharing_preferences.png)
The full syntax for all of the properties that are available to the **ard**
resource is:
```ruby
ard 'description' do
install_package String
uninstall_options Array, # defaults to ['-files', '-settings', '-prefs'] if not specified
restart_options Array, # defaults to ['-agent', '-console', '-menu'] if not specified
users Array
privs Array, # defaults to ['-all'] if not specified
access String, # defaults to '-on' if not specified
allow_access_for String, # defaults to '-allUsers' if not specified
computerinfo Array
clientopts Array
action Symbol # defaults to [:activate, :configure] if not specified
install_package String
uninstall_options Array # defaults to ['-files', '-settings', '-prefs'] if not specified
restart_options Array # defaults to ['-agent', '-console', '-menu'] if not specified
users Array
privs Array # defaults to ['-all'] if not specified
access String # defaults to '-on' if not specified
allow_access_for String # defaults to '-allUsers' if not specified
computerinfo Array
clientopts Array
action Symbol # defaults to [:activate, :configure] if not specified
end
```
**Note:** Not all properties are compatible with each action.
:warning: Not all properties are compatible with each action. For example, the
`uninstall_options` property is only applicable when the `:uninstall` action is used.
Actions
-------
@ -63,7 +67,7 @@ This resource has the following actions:
`:uninstall`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Uninstall a package from another remotely
managed mac.
managed Mac.
`:stop`
@ -76,8 +80,7 @@ managed mac.
`:configure`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Configure the setup of the remote desktop
agent using the default options. If you were to configure the default options,
your settings would look like this in the GUI:
agent using the default options.
Properties
----------

88
documentation/resource_machine_name.md Normal file
Просмотреть файл

@ -0,0 +1,88 @@
machine_name
============
Use the **machine_name** resource to manage a machine's name.
As defined by the `scutil` manual, an individual macOS system has three different
types of names managed by `scutil`: `ComputerName`, `LocalHostName`, and `HostName`.
The fourth and lesser-known name, the **NetBIOS** name, will be set to an appropriately
formatted version of `HostName` by default unless otherwise set explicitly.
When the state of a `machine_name` resource changes, an `ohai` resource is notified
to reload; this is so that all name changes are reflected and immediately available
via the node's normal attributes. Additionally, regardless of the chosen `ComputerName`,
both `HostName` and `LocalHostName` will be formatted to adhere to [RFC 1034](https://tools.ietf.org/html/rfc1034).
Syntax
------
A **machine_name** resource block manages a machine's name. The simplest use of
the **machine_name** resource is:
```ruby
machine_name "Johnny's MacBookPro"
```
which would set:
- `ComputerName` to **Johnny's MacBookPro**
- `HostName` and `LocalHostName` to **Johnnys-MacBookPro**
- `NetBIOS` name to **JOHNNYS-MACBOOK**.
The full syntax for all of the properties that are available to the **machine_name**
resource is:
```ruby
machine_name 'description' do
computer_name String # defaults to 'hostname' if not specified
local_hostname String # defaults to 'hostname' if not specified
hostname Array # defaults to 'name' if not specified
netbios_name Symbol # defaults to 'hostname' if not specified
end
```
Properties
----------
`hostname`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby Type:** `String`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The name associated with `hostname(1)` and `gethostname(3)`.
`computer_name`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby type:** `String`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The user-friendly name for the system.
`hostname`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby type:** `String`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The local (Bonjour) host name.
`netbios_name`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby type:** `String`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The 16-byte address used to identify a NetBIOS
resource on the network. In the context of macOS, setting this can be helpful when
you need to identify a machine with certain network scanning tools such as `nmap`
or Angry IP Scanner.
Examples
--------
**Set `HostName`, `LocalHostName`, and `ComputerName` to different values**
```ruby
machine_name 'set computer/hostname' do
hostname 'johnnys-macpro.vagrantup.com'
computer_name "Johnny's MacPro"
local_hostname "Johnnys-MacPro.local"
end
```
**Note:** This would automatically set the NetBIOS name to JOHNNYS-MACPRO.

20
documentation/resource_plist.md
Просмотреть файл

@ -12,11 +12,13 @@ During the `chef-client` run, the client knows to check the state of the plist
before changing any values. It also makes sure that the plist is in binary format
so that the settings can be interpreted correctly by the operating system.
Prior knowledge of using commandline utilities such as `/usr/bin/defaults`
and `/usr/libexec/PlistBuddy` will be useful when implementing the
**plist** resource.
Prior knowledge of using commandline utilities such as
[defaults](https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/defaults.1.html),
[plutil](https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/plutil.1.html),
and [PlistBuddy](https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man8/PlistBuddy.8.html)
will be useful when implementing the **plist** resource.
[Learn more about property lists.](https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/PropertyLists/QuickStartPlist/QuickStartPlist.html#//apple_ref/doc/uid/10000048i-CH4-SW5)
Want to learn more? See the [Property List Programming Guide](https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/PropertyLists/QuickStartPlist/QuickStartPlist.html#//apple_ref/doc/uid/10000048i-CH4-SW5).
Syntax
------
@ -26,10 +28,10 @@ resource is:
```ruby
plist 'description' do
path String # defaults to 'description' if not specified
entry String
value TrueClass, FalseClass, String, Integer, Float
action Symbol # defaults to :set if not specified
path String # defaults to 'description' if not specified
entry String
value TrueClass, FalseClass, String, Integer, Float
action Symbol # defaults to :set if not specified
end
```
@ -45,7 +47,7 @@ This resource has the following actions:
Examples
--------
Enabling the setting to show both visible and invisible files.
**Show invisible files**
```ruby
plist 'show hidden files' do

55
documentation/resource_spotlight.md
Просмотреть файл

@ -1,32 +1,33 @@
spotlight
===
=========
Use the **spotlight** resource to manage the metadata indexing state for disk volumes. This
will primarily affect the ability to search volume contents with the macOS Spotlight feature.
Under the hood, a **spotlight** resource executes the `mdutil` command in the `metadata_util`
library.
Use the **spotlight** resource to manage the metadata indexing state for disk volumes.
This will primarily affect the ability to search volume contents with the macOS
Spotlight feature. Under the hood, a **spotlight** resource executes the `mdutil`
command in the `metadata_util` library.
[Learn more about Spotlight](https://support.apple.com/en-us/HT204014).
[Learn more about the `mdutil` command](https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/mdutil.1.html).
[Learn more about `mdutil`](https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/mdutil.1.html).
Syntax
------
The most basic usage of a **spotlight** resource block declares a disk volume as the name property
to **enable** metadata indexing:
The most basic usage of a **spotlight** resource block declares a disk volume as
the name property to **enable** metadata indexing:
```ruby
spotlight '/'
```
The full syntax for all of the properties available to the **spotlight** resource is:
The full syntax for all of the properties available to the **spotlight** resource
is:
```ruby
spotlight 'volume name' do
volume String # defaults to 'volume name' if not specified
indexed TrueClass, FalseClass # defaults to TrueClass if not specified
searchable TrueClass, FalseClass # defaults to TrueClass if not specified
searchable TrueClass, FalseClass # defaults to TrueClass if not specified
end
```
@ -37,9 +38,8 @@ This resource has the following actions:
`:set`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Set the metadata indexing state declared by the `indexed`
property. This is the only, and default, action.
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Set the metadata indexing state declared by
the `indexed` property. This is the only, and default, action.
Properties
----------
@ -54,31 +54,46 @@ Properties
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby type:** `TrueClass, FalseClass`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Whether or not the desired state of the named disk volume is to
be indexed.
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Whether or not the desired state of the named
disk volume is to be indexed.
`searchable`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Ruby type:** `TrueClass, FalseClass`
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Disables Spotlight searching if the index has already been
created for the volume. Only applicable if the `indexed` property is set to `false`.
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Disables Spotlight searching if the index has
already been created for the volume. Only applicable if the `indexed` property is
set to `false`.
Examples
----------
```ruby
spotlight '/' # enables indexing on the boot volume
**Enable indexing on the boot volume**
spotlight 'test_disk1' do # disables indexing on 'test_disk1'
```ruby
spotlight '/'
```
**Disable indexing on 'test_disk1'**
```ruby
spotlight 'test_disk1' do #
indexed false
end
```
**Enable indexing on a different volume**
```ruby
spotlight 'enable indexing on TDD2' do
volume 'TDD2'
indexed true
end
```
**Disable indexing and prevent searching**
```ruby
spotlight 'disable indexing and prevent searching index on TDD-ROM' do
volume 'TDD-ROM'
indexed false

20
documentation/resource_xcode.md
Просмотреть файл

@ -9,6 +9,14 @@ version of iOS simulators are always installed with Xcode.
Syntax
------
The simplest use of an **xcode** resource is:
```ruby
xcode '9.2'
```
which would install Xcode 9.2 with the default simulators.
The full syntax for all of the properties that are available to the **xcode**
resource is:
@ -38,17 +46,7 @@ install the declared array of the major versions of `ios_simulators`.
Examples
--------
### Basic usage
The **xcode** resource in its simplest form:
```ruby
xcode '9.2'
```
### Using with node attributes
Install different versions of Xcode based on the macOS version:
**Install different versions of Xcode based on platform version node attributes**
```ruby
if node['platform_version'].match?(/10\.13/) || node['platform_version'].match?(/10\.12/)

Двоичные данные
documentation/sharing_preferences.png Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 97 KiB

28
libraries/machine_name.rb Normal file
Просмотреть файл

@ -0,0 +1,28 @@
module MacOS
module MachineName
def scutil
'/usr/sbin/scutil'
end
def major_os_version
major_vers_pattern = Regexp.new('(\d+\.\d+)\.\d+')
Chef.node['platform_version'].split(major_vers_pattern).last
end
def conform_to_rfc1034(name)
name = ::String.new(name)
name.tr('_.', '')
end
def get_name(name_type)
names = %w(LocalHostName HostName ComputerName)
Chef::Application.fatal!("name_type must be one of #{names}", error_code) unless names.include?(name_type)
command = shell_out(scutil, '--get', name_type)
command.stdout.chomp
end
end
end
Chef::Recipe.include(MacOS::MachineName)
Chef::Resource.include(MacOS::MachineName)
Chef::DSL::Recipe.include(MacOS::MachineName)

12
libraries/software_updates.rb Normal file
Просмотреть файл

@ -0,0 +1,12 @@
module MacOS
module SoftwareUpdates
def updates_available?
no_new_software_pattern = Regexp.union('No new software available.')
command = shell_out('softwareupdate', '--list', '--all')
command.stderr.chomp.match?(no_new_software_pattern)
end
end
end
Chef::Recipe.include(MacOS::SoftwareUpdates)
Chef::Resource.include(MacOS::SoftwareUpdates)

4
metadata.rb
Просмотреть файл

@ -3,9 +3,9 @@ maintainer 'Microsoft'
maintainer_email 'chef@microsoft.com'
license 'MIT'
description 'Resources for configuring and provisioning macOS'
long_description 'Resources for configuring and provisioning macOS'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
chef_version '~> 13.0' if respond_to?(:chef_version)
version '1.3.1'
version '1.5.0'
source_url 'https://github.com/Microsoft/macos-cookbook'
issues_url 'https://github.com/Microsoft/macos-cookbook/issues'

2
recipes/keep_awake.rb
Просмотреть файл

@ -36,7 +36,7 @@ end
system_preference 'pressing power button does not sleep computer' do
preference :allowpowerbuttontosleepcomputer
setting 'Never'
setting 'Off'
only_if { power_button_model? }
end

61
resources/machine_name.rb
Просмотреть файл

@ -1,24 +1,57 @@
resource_name :machine_name
default_action :run
BASE_COMMAND = '/usr/sbin/scutil'.freeze
SMB_SERVER_PLIST = '/Library/Preferences/SystemConfiguration/com.apple.smb.server'.freeze
property :hostname, String, desired_state: true, coerce: proc { |name| conform_to_rfc1034(name) }, required: true, name_property: true
property :computer_name, String, desired_state: true
property :local_hostname, String, desired_state: true, coerce: proc { |name| conform_to_rfc1034(name) }
property :netbios_name, String, desired_state: false, coerce: proc { |name| conform_to_rfc1034(name)[0, 15].upcase }
property :machine_name, String, name_property: true
load_current_value do
hostname get_name('HostName')
computer_name get_name('ComputerName')
local_hostname get_name('LocalHostName')
end
# We cannot set the LocalHostName here because it does not conform to
# the DNS standards outlined in RFC 1034 (section 3.5)
action :run do
execute BASE_COMMAND do
command "#{BASE_COMMAND} --set HostName '#{new_resource.machine_name}'"
action :set do
converge_if_changed :hostname do
converge_by "set Hostname to #{new_resource.hostname}" do
execute [scutil, '--set', 'HostName', new_resource.hostname] do
notifies :reload, 'ohai[reload ohai]'
end
end
end
execute BASE_COMMAND do
command "#{BASE_COMMAND} --set ComputerName '#{new_resource.machine_name}'"
converge_if_changed :computer_name do
property_is_set?(:computer_name) ? new_resource.computer_name : new_resource.computer_name = new_resource.hostname.split('.').first
converge_by "set ComputerName to #{new_resource.computer_name}" do
execute [scutil, '--set', 'ComputerName', new_resource.computer_name] do
notifies :reload, 'ohai[reload ohai]'
end
end
end
defaults SMB_SERVER_PLIST do
settings 'NetBIOSName' => new_resource.machine_name
converge_if_changed :local_hostname do
property_is_set?(:local_hostname) ? new_resource.local_hostname : new_resource.local_hostname = new_resource.hostname.split('.').first
converge_by "set LocalHostName to #{new_resource.local_hostname}" do
execute [scutil, '--set', 'LocalHostName', new_resource.local_hostname] do
notifies :reload, 'ohai[reload ohai]'
end
end
end
property_is_set?(:netbios_name) ? new_resource.netbios_name : new_resource.netbios_name = new_resource.hostname.split('.').first
plist 'netbios name' do # converge_if_changed is not needed since `plist` is already idempotent
path '/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist'
entry 'NetBIOSName'
value new_resource.netbios_name
notifies :restart, 'service[com.apple.smbd]'
notifies :reload, 'ohai[reload ohai]'
end
service 'com.apple.smbd' do
action :nothing
end
ohai 'reload ohai' do
action :nothing
end
end

19
resources/macos_user.rb
Просмотреть файл

@ -6,6 +6,7 @@ property :password, String, default: 'password'
property :autologin, [TrueClass]
property :admin, [TrueClass]
property :fullname, String
property :groups, [Array, String]
action_class do
def user_home
@ -76,6 +77,24 @@ action :create do
mode '0600'
end
end
if property_is_set?(:groups)
if groups.is_a? String
group groups do
action :create
members username
append true
end
else
groups.each do |g|
group g do
action :create
members username
append true
end
end
end
end
end
action :delete do

16
resources/plist.rb
Просмотреть файл

@ -4,13 +4,6 @@ property :path, String, name_property: true
property :entry, String, desired_state: true
property :value, [TrueClass, FalseClass, String, Integer, Float], desired_state: true
action_class do
def binary?
file_type_output = shell_out('/usr/bin/file', '--brief', '--mime-encoding', new_resource.path).stdout
file_type_output.strip == 'binary'
end
end
load_current_value do |desired|
setting = setting_from_plist(desired.path, desired.entry)
current_value_does_not_exist! if setting[:key_type].nil?
@ -33,7 +26,14 @@ action :set do
unless binary?
converge_by "convert \"#{new_resource.path.split('/').last}\" to binary" do
execute "/usr/bin/plutil -convert binary1 #{new_resource.path}"
execute ['/usr/bin/plutil', '-convert', 'binary1', new_resource.path]
end
end
end
action_class do
def binary?
file_type_output = shell_out('/usr/bin/file', '--brief', '--mime-encoding', new_resource.path).stdout
file_type_output.chomp == 'binary'
end
end

8
test/cookbooks/macos_test/recipes/machine_name.rb
Просмотреть файл

@ -1,5 +1,7 @@
name = "New#{node['platform_version']}_Washing_Machine"
washing_machine = "New#{node['platform_version']}_Washing_Machine"
machine_name name do
not_if { shell_out('scutil', '--get', 'HostName').stdout.match? Regexp.union name }
machine_name 'set computer/hostname' do
hostname washing_machine
computer_name washing_machine
local_hostname washing_machine
end

7
test/cookbooks/macos_test/recipes/new_users.rb
Просмотреть файл

@ -3,10 +3,17 @@ macos_user 'create admin user randall and enable automatic login' do
password 'correct-horse-battery-staple'
autologin true
admin true
groups 'alpha'
end
macos_user 'create non-admin user johnny' do
username 'johnny'
fullname 'Johnny Appleseed'
password 'yang-yolked-cordon-karate'
groups %w(alpha beta)
end
macos_user 'create non-admin user paul' do
username 'paul'
password 'yang-yolked-cordon-karate'
end

21
test/cookbooks/macos_test/test/smoke/default/machine_name_test.rb
Просмотреть файл

@ -1,16 +1,17 @@
control 'machine name' do
desc 'machine name is set to the format "New#{macos_semantic_version}_Washing_Machine"'
macos_semantic_version = command('sw_vers -productVersion').stdout.strip
friendly_pattern = Regexp.union("New#{macos_semantic_version}_Washing_Machine")
hostname_pattern = Regexp.union("New#{os[:release].tr('.', '')}WashingMachine")
macos_semantic_version = command('sw_vers -productVersion').stdout.strip
hostname_pattern = /New#{macos_semantic_version}_Washing_Machine/
control 'machine-name' do
desc "machine name is set to the format \"New#{macos_semantic_version}_Washing_Machine\""
hostname_commands = ['hostname',
'scutil --get ComputerName',
'scutil --get HostName']
hostname_commands.each do |hostname_command|
describe command(hostname_command) do
%w(HostName LocalHostName).each do |hostname_command|
describe command("scutil --get #{hostname_command}") do
its('stdout') { should match hostname_pattern }
end
describe command('scutil --get ComputerName') do
its('stdout') { should match friendly_pattern }
end
end
end

10
test/cookbooks/macos_test/test/smoke/default/new_users_test.rb
Просмотреть файл

@ -6,6 +6,7 @@ control 'new macOS users' do
its('uid') { should eq 503 }
its('gid') { should eq 20 }
its('home') { should eq '/Users/randall' }
its('groups') { should include 'alpha' }
end
describe user('johnny') do
@ -13,6 +14,8 @@ control 'new macOS users' do
its('uid') { should eq 504 }
its('gid') { should eq 20 }
its('home') { should eq '/Users/johnny' }
its('groups') { should include 'alpha' }
its('groups') { should include 'beta' }
end
realname_cmd = 'dscl . read /Users/johnny RealName | grep -v RealName | cut -c 2-'
@ -20,4 +23,11 @@ control 'new macOS users' do
describe command(realname_cmd) do
its('stdout.strip') { should eq 'Johnny Appleseed' }
end
describe user('paul') do
it { should exist }
its('uid') { should eq 505 }
its('gid') { should eq 20 }
its('home') { should eq '/Users/paul' }
end
end