From 96b99e9d7ebd436ca47c9b9ebdb05983f555e82a Mon Sep 17 00:00:00 2001 From: Matthijs Wijers <3501593+mwijers@users.noreply.github.com> Date: Fri, 20 Dec 2024 09:27:41 +0100 Subject: [PATCH 1/2] Update _install-windows.rb Prevent an issue (race condition) where Windows environment is locked by another process causing hanging chef-client runs during writing or removing the dd username or password using windows_env. Changed the logic to node.run_state which prevents this condition and also makes sure the password isn't stored n cleartext in the environment variables. --- recipes/_install-windows.rb | 34 ++++++++++++---------------------- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/recipes/_install-windows.rb b/recipes/_install-windows.rb index 92954790..a2bbf23c 100644 --- a/recipes/_install-windows.rb +++ b/recipes/_install-windows.rb @@ -30,13 +30,11 @@ module Windows class Helper def clean_user(context) - resource = context.resource_collection.lookup('windows_env[DDAGENTUSER_NAME]') - resource.run_action(:delete) + context.node.run_state['datadog']['windows_ddagentuser_name'] = nil end def clean_password(context) - resource = context.resource_collection.lookup('windows_env[DDAGENTUSER_PASSWORD]') - resource.run_action(:delete) + context.node.run_state['datadog']['windows_ddagentuser_password'] = nil end def unmute_host(context) @@ -55,9 +53,12 @@ def unmute_host(context) Windows::Helper.new.clean_user(Chef.run_context) end end - windows_env 'DDAGENTUSER_NAME' do - value ddagentuser_name + ruby_block 'Store Datadog User Password' do + block do + node.run_state['datadog']['windows_ddagentuser_name'] = ddagentuser_name + end sensitive true + action :run end end @@ -67,9 +68,12 @@ def unmute_host(context) Windows::Helper.new.clean_password(Chef.run_context) end end - windows_env 'DDAGENTUSER_PASSWORD' do - value ddagentuser_password + ruby_block 'Store Datadog User Password' do + block do + node.run_state['datadog']['windows_ddagentuser_password'] = ddagentuser_password + end sensitive true + action :run end end @@ -249,17 +253,3 @@ def unmute_host(context) unsafe end end - -if ddagentuser_name - windows_env 'DDAGENTUSER_NAME' do - action :delete - sensitive true - end -end - -if ddagentuser_password - windows_env 'DDAGENTUSER_PASSWORD' do - action :delete - sensitive true - end -end From 2a07e769b05e4afabce68f0ca2b95790d16c50c8 Mon Sep 17 00:00:00 2001 From: Matthijs Wijers <3501593+mwijers@users.noreply.github.com> Date: Fri, 20 Dec 2024 11:00:39 +0100 Subject: [PATCH 2/2] Update _install-windows.rb --- recipes/_install-windows.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/_install-windows.rb b/recipes/_install-windows.rb index a2bbf23c..f2306c06 100644 --- a/recipes/_install-windows.rb +++ b/recipes/_install-windows.rb @@ -53,7 +53,7 @@ def unmute_host(context) Windows::Helper.new.clean_user(Chef.run_context) end end - ruby_block 'Store Datadog User Password' do + ruby_block 'Store Datadog User Name' do block do node.run_state['datadog']['windows_ddagentuser_name'] = ddagentuser_name end