Previous logic used PowerShell to call ruby.exe, with the ruby being an embedded string within the PowerShell script. That ruby used LicenseAcceptance::Acceptor to apply the license acceptance condition. This also used chef_install_dir to determine where Chef was located.
The new logic eliminates the embedded Ruby by determining if there is license acceptance before starting PowerShell to modify the command line of the post-action ChefClient execution. This now will use the --chef-license command line parameter to affect the license state. Instead of using chef_install_dir to determine where Chef is installed it will use the exec_command resource.
Description
There are two desired impacts of this change
1) Stylistically it is poor form to embed Ruby in PowerShell that is effectively called by Ruby. If there were tests for this code, it would be untestable.
-- determines where ruby.exe is located (in PowerShell).
https://github.com/chef-cookbooks/chef_client_updater/blob/a7093078a69b3dad593a46eab59349e9c323d392/providers/default.rb#L571
The need this addresses is to allow the PowerShell script to be run from a directory other than that in which Chef is installed. This is a security requirement for us. While the more obvious change may have been to modify the behavior of the first case above, the, changing the second is a light touch that does should not change the current, expected behavior.
Previous logic used PowerShell to call ruby.exe, with the ruby being an embedded string within the PowerShell script. That ruby used LicenseAcceptance::Acceptor to apply the license acceptance condition. This also used chef_install_dir to determine where Chef was located.
The new logic eliminates the embedded Ruby by determining if there is license acceptance before starting PowerShell to modify the command line of the post-action ChefClient execution. This now will use the --chef-license command line parameter to affect the license state. Instead of using chef_install_dir to determine where Chef is installed it will use the exec_command resource.
Description
There are two desired impacts of this change
1) Stylistically it is poor form to embed Ruby in PowerShell that is effectively called by Ruby. If there were tests for this code, it would be untestable.
2) The use of chef_install_dir is used for two non-congruent purposes in the cookbook: -- determines the directory where the PowerShell script to be run is located. https://github.com/chef-cookbooks/chef_client_updater/blob/a7093078a69b3dad593a46eab59349e9c323d392/providers/default.rb#L309 That location would (by default) be C:\OpsCode.
-- determines where ruby.exe is located (in PowerShell). https://github.com/chef-cookbooks/chef_client_updater/blob/a7093078a69b3dad593a46eab59349e9c323d392/providers/default.rb#L571 The need this addresses is to allow the PowerShell script to be run from a directory other than that in which Chef is installed. This is a security requirement for us. While the more obvious change may have been to modify the behavior of the first case above, the, changing the second is a light touch that does should not change the current, expected behavior.
Issues Resolved
None
Check List