├── .editorconfig ├── .envrc ├── .gitattributes ├── .github ├── CODEOWNERS ├── lock.yml └── workflows │ ├── ci.yml │ └── stale.yml ├── .gitignore ├── .markdownlint-cli2.yaml ├── .mdlrc ├── .overcommit.yml ├── .rubocop.yml ├── .vscode └── extensions.json ├── .yamllint ├── Berksfile ├── CHANGELOG.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Dangerfile ├── LICENSE ├── README.md ├── TESTING.md ├── chefignore ├── documentation ├── .gitkeep └── resources │ ├── alternatives.md │ ├── certificate.md │ ├── corretto_install.md │ ├── jce.md │ ├── openjdk_install.md │ ├── openjdk_pkg_install.md │ └── openjdk_source_install.md ├── kitchen.dokken.yml ├── kitchen.exec.yml ├── kitchen.global.yml ├── kitchen.macos.local.yml ├── kitchen.macos.yml ├── kitchen.windows.yml ├── kitchen.yml ├── libraries ├── certificate_helpers.rb ├── corretto_helpers.rb └── openjdk_helpers.rb ├── metadata.rb ├── renovate.json ├── resources ├── alternatives.rb ├── certificate.rb ├── corretto_install.rb ├── jce.rb ├── openjdk_install.rb ├── openjdk_pkg_install.rb ├── openjdk_source_install.rb └── partial │ ├── _common.rb │ ├── _java_home.rb │ ├── _linux.rb │ └── _macos.rb ├── spec ├── libraries │ ├── certificate_helpers_spec.rb │ ├── corretto_helpers_spec.rb │ ├── openjdk_helpers_spec.rb │ └── semeru_helpers_spec.rb └── spec_helper.rb ├── templates ├── jdk.sh.erb └── jinfo.erb └── test ├── fixtures └── cookbooks │ └── test │ ├── files │ ├── UnlimitedSupportJCETest.jar │ ├── UnlimitedSupportJCETest.java │ └── java_certificate_test.pem │ ├── metadata.rb │ └── recipes │ ├── base.rb │ ├── corretto.rb │ ├── java_cert.rb │ ├── openjdk.rb │ └── openjdk_pkg.rb └── integration ├── corretto ├── controls │ └── verify_openjdk.rb └── inspec.yml ├── custom-package ├── controls │ └── verify_home.rb ├── inputs │ ├── hotspot-11.yml │ ├── hotspot-8.yml │ ├── openj9-11.yml │ └── openj9-large-heap-11.yml └── inspec.yml ├── openjdk ├── controls │ └── verify_openjdk.rb └── inspec.yml └── openjdk_pkg ├── controls └── verify_openjdk.rb └── inspec.yml /.editorconfig: -------------------------------------------------------------------------------- 1 | # https://EditorConfig.org 2 | 3 | # top-most EditorConfig file 4 | root=true 5 | 6 | # Unix-style newlines with a newline ending every file 7 | [*] 8 | end_of_line = lf 9 | insert_final_newline = true 10 | 11 | # 2 space indentation 12 | indent_style = space 13 | indent_size = 2 14 | 15 | # Avoid issues parsing cookbook files later 16 | charset = utf-8 17 | 18 | # Avoid cookstyle warnings 19 | trim_trailing_whitespace = true 20 | -------------------------------------------------------------------------------- /.envrc: -------------------------------------------------------------------------------- 1 | use chefworkstation 2 | export KITCHEN_GLOBAL_YAML=kitchen.global.yml 3 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto eol=lf 2 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @sous-chefs/maintainers 2 | -------------------------------------------------------------------------------- /.github/lock.yml: -------------------------------------------------------------------------------- 1 | --- 2 | daysUntilLock: 365 3 | exemptLabels: [] 4 | lockLabel: false 5 | lockComment: > 6 | This thread has been automatically locked since there has not been 7 | any recent activity after it was closed. Please open a new issue for 8 | related bugs. 9 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: "Test" 3 | 4 | "on": 5 | pull_request: 6 | push: 7 | branches: [main] 8 | 9 | jobs: 10 | lint-unit: 11 | uses: sous-chefs/.github/.github/workflows/lint-unit.yml@3.1.1 12 | permissions: 13 | actions: write 14 | checks: write 15 | pull-requests: write 16 | statuses: write 17 | issues: write 18 | 19 | integration: 20 | needs: "lint-unit" 21 | runs-on: ubuntu-latest 22 | strategy: 23 | matrix: 24 | os: 25 | - amazonlinux-2023 26 | - debian-12 27 | - debian-11 28 | - rockylinux-9 29 | - rockylinux-8 30 | - ubuntu-2204 31 | - ubuntu-2004 32 | suite: 33 | # - openjdk-11 # Debian doesn't have an 11 package 34 | - openjdk-16 35 | - openjdk-17 36 | # - temurin-8-hotspot 37 | # - temurin-11-hotspot 38 | # - semeru-11-openj9 39 | # - semeru-17-openj9 40 | - corretto-8 41 | - corretto-11 42 | - corretto-17 43 | - corretto-18 44 | fail-fast: false 45 | steps: 46 | - name: Check out code 47 | uses: actions/checkout@v4 48 | - name: Install Chef 49 | uses: actionshub/chef-install@3.0.1 50 | - name: Dokken 51 | uses: actionshub/test-kitchen@3.0.0 52 | env: 53 | CHEF_LICENSE: accept-no-persist 54 | KITCHEN_LOCAL_YAML: kitchen.dokken.yml 55 | with: 56 | suite: ${{ matrix.suite }} 57 | os: ${{ matrix.os }} 58 | 59 | final: 60 | runs-on: ubuntu-latest 61 | needs: [integration] 62 | steps: 63 | - run: echo ${{needs.integration.outputs}} 64 | -------------------------------------------------------------------------------- /.github/workflows/stale.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Mark stale issues and pull requests 3 | 4 | "on": 5 | schedule: [cron: "0 0 * * *"] 6 | 7 | jobs: 8 | stale: 9 | runs-on: ubuntu-latest 10 | steps: 11 | - uses: actions/stale@v9 12 | with: 13 | repo-token: ${{ secrets.GITHUB_TOKEN }} 14 | close-issue-message: > 15 | Closing due to inactivity. 16 | If this is still an issue please reopen or open another issue. 17 | Alternatively drop by the #sous-chefs channel on the [Chef Community Slack](http://community-slack.chef.io/) and we'll be happy to help! 18 | Thanks, Sous-Chefs. 19 | days-before-close: 7 20 | days-before-stale: 365 21 | stale-issue-message: > 22 | Marking stale due to inactivity. 23 | Remove stale label or comment or this will be closed in 7 days. 24 | Alternatively drop by the #sous-chefs channel on the [Chef Community Slack](http://community-slack.chef.io/) and we'll be happy to help! 25 | Thanks, Sous-Chefs. 26 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.rbc 2 | .config 3 | InstalledFiles 4 | pkg 5 | test/tmp 6 | test/version_tmp 7 | tmp 8 | _Store 9 | *~ 10 | *# 11 | .#* 12 | \#*# 13 | *.un~ 14 | *.tmp 15 | *.bk 16 | *.bkup 17 | 18 | # editor files 19 | .idea 20 | .*.sw[a-z] 21 | 22 | # ruby/bundler/rspec files 23 | .ruby-version 24 | .ruby-gemset 25 | .rvmrc 26 | Gemfile.lock 27 | .bundle 28 | *.gem 29 | coverage 30 | spec/reports 31 | 32 | # YARD / rdoc artifacts 33 | .yardoc 34 | _yardoc 35 | doc/ 36 | rdoc 37 | 38 | # chef infra stuff 39 | Berksfile.lock 40 | .kitchen 41 | kitchen.local.yml 42 | vendor/ 43 | .coverage/ 44 | .zero-knife.rb 45 | Policyfile.lock.json 46 | 47 | # vagrant stuff 48 | .vagrant/ 49 | .vagrant.d/ 50 | -------------------------------------------------------------------------------- /.markdownlint-cli2.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | ul-indent: false # MD007 3 | line-length: false # MD013 4 | no-duplicate-heading: false # MD024 5 | reference-links-images: false # MD052 6 | ignores: 7 | - .github/copilot-instructions.md 8 | -------------------------------------------------------------------------------- /.mdlrc: -------------------------------------------------------------------------------- 1 | rules "~MD036", "~MD013", "~MD024" 2 | -------------------------------------------------------------------------------- /.overcommit.yml: -------------------------------------------------------------------------------- 1 | --- 2 | PreCommit: 3 | TrailingWhitespace: 4 | enabled: true 5 | YamlLint: 6 | enabled: true 7 | required_executable: "yamllint" 8 | ChefSpec: 9 | enabled: true 10 | required_executable: "chef" 11 | command: ["chef", "exec", "rspec"] 12 | Cookstyle: 13 | enabled: true 14 | required_executable: "cookstyle" 15 | command: ["cookstyle"] 16 | MarkdownLint: 17 | enabled: false 18 | required_executable: "npx" 19 | command: ["npx", "markdownlint-cli2", "'**/*.md'"] 20 | include: ["**/*.md"] 21 | 22 | CommitMsg: 23 | HardTabs: 24 | enabled: true 25 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | require: 2 | - cookstyle 3 | -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | "recommendations": [ 3 | "chef-software.chef", 4 | "rebornix.ruby", 5 | "editorconfig.editorconfig", 6 | "DavidAnson.vscode-markdownlint" 7 | ] 8 | } 9 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | extends: default 3 | rules: 4 | line-length: 5 | max: 256 6 | level: warning 7 | document-start: disable 8 | braces: 9 | forbid: false 10 | min-spaces-inside: 0 11 | max-spaces-inside: 1 12 | min-spaces-inside-empty: -1 13 | max-spaces-inside-empty: -1 14 | comments: 15 | min-spaces-from-content: 1 16 | -------------------------------------------------------------------------------- /Berksfile: -------------------------------------------------------------------------------- 1 | source 'https://supermarket.chef.io' 2 | 3 | metadata 4 | 5 | group :integration do 6 | cookbook 'test', path: 'test/fixtures/cookbooks/test' 7 | end 8 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Java Cookbook CHANGELOG 2 | 3 | This file is used to list changes made in each version of the Java cookbook. 4 | 5 | ## Unreleased 6 | 7 | ## 12.1.1 - *2024-12-05* 8 | 9 | ## 12.1.0 - *2024-12-03* 10 | 11 | - Add support for OpenJDK versions 19, 20, 21 and 22 12 | - Remove commented out `adoptopenjdk_linux_install` resource 13 | - CI: chore(deps): update sous-chefs/.github action to v3.1.0 14 | - CI: chore(deps): update actionshub/chef-install action to v3 15 | - Update platforms 16 | - Replace AdoptOpenJDK with Eclipse Temurin and IBM Semeru 17 | 18 | ## 12.0.7 - *2024-11-18* 19 | 20 | - Standardise files with files in sous-chefs/repo-management 21 | 22 | ## 12.0.6 - *2024-07-15* 23 | 24 | - Standardise files with files in sous-chefs/repo-management 25 | 26 | ## 12.0.2 - *2024-01-16* 27 | 28 | - Fix `openjdk_pkg_install` to obey `pkg_version` property for all `pkg_names` 29 | 30 | ## 11.2.0 - *2023-09-12* 31 | 32 | - Standardise files with files in sous-chefs/repo-management 33 | 34 | ## 11.1.0 - *2023-04-17* 35 | 36 | - Standardise files with files in sous-chefs/repo-management 37 | 38 | ## 11.1.0 - *2022-04-26* 39 | 40 | - Remove Correto 15 and 16 41 | - Add Corretto 17 and 18 42 | - Change the defualt download URL for Corretto to the versioned resources URL, rather than latest. 43 | 44 | ## 11.0.0 - *2022-02-16* 45 | 46 | - Require Chef 16 for resource partials 47 | - Add resource partials for: MacOS, Linux, Java Home and Common as these are used in a multiple places 48 | 49 | ## 10.2.0 - *2022-01-26* 50 | 51 | - Remove tap_full option as this is no longer supported and there is no replacement 52 | - Remove delivery and move to calling RSpec directly via a reusable workflow 53 | 54 | ## 10.1.0 - *2021-10-06* 55 | 56 | - Revert worklfow split out 57 | - Rename InSpec attribute folders to input 58 | - Add Corretto 16 59 | - Update the Corretto minor version numbers 60 | - Default the Debian install method to package 61 | - Remove testing for end of life OpenJDK suites 62 | - Primarily support OpenJDK LTS versions 11, 17 63 | - Drop support for OpenJDK package installs for non-LTS versions 64 | - Direct Amazon users to Amazon Corretto instead of installing OpenJDK 65 | - Drop package install support for Java 8 66 | 67 | ## 10.0.0 - *2021-09-02* 68 | 69 | - Remove recipes to stop confusing users 70 | 71 | ## 9.0.0 - *2021-06-04* 72 | 73 | - Remove Corretto checksum code defaults as this changes regularly, and is not provided in the SHA256 format via an API 74 | - Set unified_mode to true for Chef 17 support 75 | - Bump the minimum Chef version to 15.3 for unified_mode support 76 | 77 | ## 8.6.0 - *2021-01-22* 78 | 79 | - Added Amazon Corretto 15 support to `corretto_install` 80 | - Added configurable `file_cache_path` property to `java_certificate` 81 | - Added `cacerts` property to `java_certificate` for interacting with java cacerts file (Java 9+) 82 | 83 | ## 8.5.0 - *2020-12-03* 84 | 85 | - If installation issues with `openjdk_install` resource (fixes #645) 86 | - Remove testing of Amazon Linux 1 87 | - Use fedora-latest 88 | 89 | ## 8.4.0 - *2020-09-09* 90 | 91 | - Add `starttls` property to `java_certificate` resource to allow fetching certificates from non HTTPS endpoints 92 | 93 | ## 8.3.2 - *2020-08-20* 94 | 95 | - Add aarch64 installation candidate for Corretto 96 | 97 | ## 8.3.1 - *2020-08-06* 98 | 99 | - Extract correct JAVA_HOME from custom URLs 100 | 101 | ## 8.3.0 - *2020-06-18* 102 | 103 | - Restore compatibility with Chef Infra Client < 16 104 | - Update Fedora releases in the Kitchen configs 105 | 106 | ## 8.2.0 - *2020-06-02* 107 | 108 | - resolved cookstyle error: resources/adoptopenjdk_install.rb:1:1 warning: `ChefDeprecations/ResourceUsesOnlyResourceName` 109 | - Remove testing of Ubuntu 14.04, support at this point is no longer guaranteed 110 | 111 | ## 8.1.0 - *2020-04-19* 112 | 113 | - Added `openjdk_pkg_install` resource 114 | - Added documentation for openjdk_pkg_install 115 | - Added `adoptopenjdk_linux_install` resource 116 | - Added `adoptopenjdk_macos_install` resource 117 | - Added documentation for `adoptopenjdk_linux_install` 118 | - Added documentation for `adoptopenjdk_macos_install` 119 | - Resolved cookstyle error: resources/alternatives.rb:49:13 refactor: `ChefCorrectness/ChefApplicationFatal` 120 | - Resolved cookstyle error: resources/alternatives.rb:62:13 refactor: `ChefCorrectness/ChefApplicationFatal` 121 | - Resolved cookstyle error: resources/alternatives.rb:75:11 refactor: `ChefCorrectness/ChefApplicationFatal` 122 | - Resolved cookstyle error: resources/jce.rb:51:6 refactor: `ChefStyle/UnnecessaryOSCheck` 123 | 124 | ## 8.0.0 - *2020-03-30* 125 | 126 | - Added `openjdk_install` resource & documentation 127 | - Removed openjdk, corretto, default_java_symlink, ibm & ibm_tar, notify & oracle recipes 128 | - Removed support for IBM and Oracle Java 129 | - Temporarily removed support for Windows 130 | - Split out helpers for each provider into their own namespace and file 131 | 132 | ## 7.0.0 - *2020-03-05* 133 | 134 | - Refactored and sped up unit tests. 135 | - Added `adoptopenjdk_install` resource & documentation 136 | - Added AdoptOpenJDK 13 testing 137 | - Removed the adoptopenjdk recipe, please use the `adoptopenjdk_install` resource instead. 138 | - Increased the minimum Chef requirement to Chef 15 to use the archive resource. 139 | - Removed AdoptOpenJDK 10 testing 140 | 141 | ## 6.0.0 - *2020-03-02* 142 | 143 | - The resource alias `java_ark` has been deprecated in favour of `java_oracle_install` 144 | 145 | ## 5.0.0 - *2020-02-21* 146 | 147 | - Fixed java_certificate regex where it checks if cert exists in cacert file. 148 | - Make Homebrew Cask name an attribute to allow for other options (ex: adoptopenjdk) 149 | - Switch homebrew tap to homebrew/cask-versions 150 | - Make builds parallel 151 | - Updates package name and link changes for adoptopenjdk 152 | - Migrated testing to github actions 153 | - Removes openjdk-6 154 | - Removes openjdk-7 for Ubuntu 16.04 155 | - Removes openjdk-11 for Ubuntu 156 | - Removes openjdk-direct for Debian 8 157 | - Removes oracle variants from test configurations 158 | 159 | ## 4.3.0 - *2019-08-04* 160 | 161 | - Upgrade Amazon Corretto to the latest versions: 8.222.10.1 and 11.0.4.11.1 162 | - Upgrade circleci orb to version 2 and add yamllint and markdown lint 163 | 164 | ## 4.2.0 - *2019-07-15* 165 | 166 | - Fix for issue 538 167 | - Added "download_path" node attribute defaulting to file_cache_path 168 | - Replaced all hardcoded instances of file_cache_path with the node attribute 169 | 170 | ## 4.1.0 - *2019-05-08* 171 | 172 | - Added new install flavor "corretto" for Amazon's Corretto distribution of OpenJDK 173 | 174 | ## 4.0.0 - *2019-04-19* 175 | 176 | - Added new install flavor "adoptopenjdk" for AdoptOpenJDK's distribution of Java 177 | - The certificate resource now uses the Java version to determine the default cacerts location 178 | - Updated AdoptOpenJDK links for Java 8 179 | - Updated AdoptOpenJDK links for Java 11 to 11.0.1 180 | - BREAKING CHANGE: Remove support for Java 6 & 7 181 | - Remove platform suport for untested platforms (smartOS, XenServer, zlinux, arch) 182 | - Remove testing of Ubuntu 14.04, support at this point is no longer guaranteed and patches or other changes may not be accepted going further as Ubuntu 14.04 will be shortly EOL 183 | - Fixed oracle download link for JDK 8 (update to 8u202 from 8u201) 184 | - fixed specs for windows 185 | 186 | ## 3.2.0 - *2019-01-24* 187 | 188 | - Add support OpenJDK 11 189 | - Fixed oracle download link again 190 | 191 | ## 3.1.2 - *2018-12-11* 192 | 193 | - Set java home on macosx using /usr/libexec/java_home 194 | - Find command should have ./ for path to search, works for nix and mac 195 | - Make `java_certificate` work with SNI endpoints 196 | 197 | ## 3.1.1 - *2018-11-09* 198 | 199 | - Fix jce installation linux 200 | - Allow overwrite `returns` property of windows_packages 201 | 202 | ## 3.1.0 - *2018-10-18* 203 | 204 | - Add support for JDK 11 205 | 206 | ## 3.0.0 - *2018-10-18* 207 | 208 | - Fix broken JCE with JRE installations 209 | - make cert alias matching case insensitive as `keytool` always returns results downcases 210 | - BREAKING CHANGE: fixed greedy matching by adding a word boundry when checking cert alias this prevents matching `foo_123` as `foo` 211 | - verify artifact after downloading from oracle 212 | - fixed `recipes/openjdk` when `node['java']['jdk_version']` by casting it to a string 213 | - Updated Oracle Java links to 8u191 214 | 215 | ## 2.2.1 - *2018-09-29* 216 | 217 | - Allows for additional Oracle (post 9) jdk download file naming, including '10.0.2'. '18.9', '11' 218 | 219 | ## 2.2.0 - *2018-07-19* 220 | 221 | - Updated Oracle Java links to 8u181 222 | - Fixed incorrect kitchen setup runlists that preventing local testing 223 | - Resolve undefined certout errors 224 | 225 | ## 2.1.0 - *2018-05-25* 226 | 227 | - Added Java 10 JCE attributes to default attrs 228 | - Update oracle recipeM to not perform a switch on java major version and instead use the version provided in attributes. This allows end users to include new Java versions without the cookbook requiring an update each time a major version gets released 229 | - Updated the oracle_install resource to pick up semantic versioning that Oracle has started using for Java 10+ 230 | - Updated the default attributes file to include x86_64 endpoint and checksum for Oracle Java 10\. The i586 version is not (yet) available. 231 | - Fix JCE installation on Windows 232 | - Avoid EmptyWindowsCommand error on Windows 233 | 234 | ## v2.0.1 - *2018-05-02* 235 | 236 | - Fix java_certificate and java_oracle_install to work on FIPS enabled systems 237 | 238 | ## v2.0.0 - *2018-05-02* 239 | 240 | - Converted alternatives, ark, and certificate LWRP/HWRPs to custom resources with improved logging and convergence notification. 241 | - Renamed the java_ark resource to java_oracle_install, which better represents what it does. The existing name will continue to function 242 | - Removed the need for the apt cookbook and instead require Chef 12.9+ 243 | - Fixed Amazon Linux support on Chef 13+. 244 | - Fixed the alternatives commands on Fedora systems. 245 | - Added initial openSUSE leap support. 246 | - Updated code to use multi-package installs to speed up runs 247 | - Made the 'cert_alias' property in the certificate resource the name_property to allow users to avoid resource cloning and to be able to use friendly resource names 248 | - Moved the warning code for downloading directly from Oracle into the resource to prevent another resource showing as converged 249 | - Updated the metadata to resolve failures to parse chef_version on older chef-client releases. 250 | - Added installation of tar directly to the ark resource when uncompression .tar.gz files. This prevents installation in the recipe that occurred even if tar wasn't needed. 251 | - Add support for Mac OS X "mac_os_x" via homebrew. 252 | - Update metadata.rb to contain source and issue information for supermarket and chef-repo convenience 253 | 254 | ### Known Issues 255 | 256 | - Kitchen CI test with 12.04 fails due to hostname unable to be set. 257 | 258 | ## v1.31 - *2/3/2015* 259 | 260 | - Update to latest JDKs for 7 and 8\. JDK7 will be EOL April 2015 261 | - Fix up Travis support. 262 | - Add ability to install JCE policy files for oracle JDK #228 263 | - Change connect timeout to 30 seconds 264 | 265 | ## v1.29.0 - *11/14/2014* 266 | 267 | - Ensure dirs, links, and jinfo files are owned correctly 268 | - Update to Oracle JDK 8u25 269 | - Update to Oracle JDK 7u71-b14 270 | - Adding a connect_timeout option for downloading java. 271 | - Switched to chef-zero provisioner in test suites. 272 | - Adding ISSUES.md for guidance on creating new issues for the Java cookbook. 273 | - Fix IBM unit tests. 274 | 275 | ## v1.28.0 - *9/6/2014* 276 | 277 | - Allow setting of group to extracted java files. 278 | - Add -no-same-owner parameter to tar extract to avoid issues when the chef cache dir is on an NFS mounted drive. 279 | - In the ark provider, it doesn't compare the MD5 sum with the right value which causes Java cookbook always download tarball from oracle server 280 | 281 | ## v1.27.0 - *8/22/2014* 282 | 283 | - Update Oracle JDK8 to version 8u20 284 | 285 | ## v1.26.0 - *8/16/2014* 286 | 287 | - Allow pinning of package versions for openjdk 288 | - Update Oracle JDK7 to version 7u67 289 | - Support specific version and name for Oracle RPM 290 | 291 | ## v1.25.0 - *8/1/2014* 292 | 293 | - Resource ark -> attribute bin_cmds default value 294 | - Add option to put JAVA_HOME in /etc/environment 295 | - Allow ark to pull from http and files ending in .gz. 296 | - Recommendations for inclusion in community cookbooks 297 | - Production Deployment with Oracle Java 298 | - Update testing instructions for chefdk 299 | - Various Readme formatting. 300 | - Use Supermarket endpoint in berksfile 301 | - rspec cleanup 302 | - Adding ubuntu-14.04 to test suite 303 | 304 | ## v1.24.0 - *7/25/2014* 305 | 306 | New Cookbook maintainer! **[Agile Orbit](http://agileorbit.com)** 307 | 308 | - Bump JDK7 URLs to 7u65 309 | - Upgrade Oracle's Java 8 to u11 310 | - Allow for alternatives priority to be set from attribute. 311 | - Change ownership of extracted files 312 | - Add retries and retry_delay parameters to java_ark LWRP 313 | - default: don't fail when using java 8 on windows 314 | - Support for Server JRE 315 | - Updated README for accepting oracle terms 316 | - Remove VirtualBox specific box_urls 317 | - List AgileOrbit as the maintainer (AgileOrbit took over from Socrata in July 2014) 318 | 319 | ## v1.23.0 - *7/25/2014* 320 | 321 | - Tagged but never published to community cookbooks. All changes rolled into 1.24.0 322 | 323 | ## v1.22.0 324 | 325 | - Add support for Oracle JDK 1.8.0 326 | - Make use of Chef's cache directory instead of /tmp 327 | - Update Test Kitchen suites 328 | - Add safety check for JDK 8 on non-Oracle 329 | 330 | ## v1.21.2 331 | 332 | [COOK-4210] - remove unneeded run_command to prevent zombie processes 333 | 334 | ## v1.21.0 335 | 336 | - Update Oracle accept-license-terms cookie format 337 | 338 | ## v1.20.0 339 | 340 | - Fixing version number. Accidently released at 0.15.x instead of 1.15.x 341 | 342 | ## v0.15.2 343 | 344 | ### FIX 345 | 346 | - Fixing JAVA_HOME on Ubuntu 10.04 347 | 348 | ## v1.14.0 349 | 350 | - Fix alternatives when the package is already installed 351 | - Fix a condition that would result in an error executing action `run` on resource 'bash[update-java-alternatives]' 352 | - Fix bad checksum length 353 | - Fix an issue where Java cookbook installs both JDK 6 and JDK 7 when JDK 7 is specified 354 | - Allow Windoes recipe to download from signed S3 url 355 | - Fix a failure on Centos 6.4 and Oracle JDK 7 356 | - Improve Windows support 357 | 358 | ## v1.13.0 359 | 360 | - Add default `platform_family` option in Java helper 361 | - Fix support for Fedora 362 | - Upgrade to Oracle Java 7u25 363 | - Add Oracle RPM support 364 | - Add support for the platform `xenserver` 365 | - Add SmartOS support 366 | 367 | ## v1.12.0 368 | 369 | - Add SmartOS support to java::openjdk recipe 370 | - upgrade to Oracle Java 7u25 371 | - Adding support for the platform 'xenserver' (for installations of java in DOM0) 372 | - java cookbook fails on Fedora 373 | 374 | ## v1.11.6 375 | 376 | - Java cookbook does not have opensuse support 377 | - Syntax Errors spec/default_spec.rb:4-8 378 | 379 | ## v1.11.4 380 | 381 | - `bash[update-java-alternatives]` resource uses wrong attribute 382 | 383 | ## v1.11.2 384 | 385 | - Use SHA256 checksums for Oracle downloads, not SHA1. 386 | 387 | ## v1.11.0 388 | 389 | This version brings a wealth of tests and (backwards-compatible) refactoring, plus some new features (updated Java, IBM recipe). 390 | 391 | - Add ibm recipe to java cookbook 392 | - move java_home resources to their own recipe 393 | - refactor ruby_block "update-java-alternatives" 394 | - use platform_family in java cookbook 395 | - add chefspec to java cookbook 396 | - Refactor java cookbook 397 | - update JDK to JDK 7u21, 6u45 398 | 399 | ## v1.10.2 400 | 401 | - [2415] - Fixed deprecation warnings in ark provider and openjdk recipe by using Chef::Mixin::ShellOut instead of Chef::ShellOut 402 | 403 | ## v1.10.0 404 | 405 | - Allow java ark :url to be https 406 | - Upgrade needed for oracle jdk in java cookbook 407 | 408 | ## v1.9.6 409 | 410 | - add support for Oracle Linux 411 | 412 | ## v1.9.4 413 | 414 | - Run set-env-java-home in Java cookbook only if necessary 415 | - ark provider does not allow for *.tgz tarballs to be used 416 | - Java cookbook fails on CentOS6 (update-java-alternatives) 417 | 418 | ## v1.9.2 419 | 420 | - FoodCritic fixes for java cookbook 421 | 422 | ## v1.9.0 423 | 424 | - Update the Oracle Java version in the Java cookbook to release 1.7u11 425 | 426 | ## v1.8.2 427 | 428 | - Fix for missing /usr/lib/jvm/default-java on Debian 429 | 430 | ## v1.8.0 431 | 432 | - Add windows support 433 | 434 | ## v1.7.0 435 | 436 | - improvements for Oracle update-alternatives 437 | - When installing an Oracle JDK it is now registered with a higher priority than OpenJDK. (Related to COOK-1131.) 438 | - When running both the oracle and oracle_i386 recipes, alternatives are now created for both JDKs. 439 | - Alternatives are now created for all binaries listed in version specific attributes. (Related to COOK-1563 and COOK-1635.) 440 | - When installing Oracke JDKs on Ubuntu, create .jinfo files for use with update-java-alternatives. Commands to set/install alternatives now only run if needed. 441 | 442 | ## v1.6.4 443 | 444 | - fixed typo in attribute for java 5 on i586 445 | 446 | ## v1.6.2 447 | 448 | - whyrun support in `java_ark` LWRP 449 | - CHEF-1804 compatibility 450 | - install Java 6u37 and Java 7u9 451 | - incorrect warning text about `node['java']['oracle']['accept_oracle_download_terms']` 452 | 453 | ## v1.6.0 454 | 455 | - Install Oracle JDK from Oracle download directly 456 | - set JAVA_HOME in openjdk recipe 457 | - Install correct architecture on Amazon Linux 458 | 459 | ## v1.5.4 460 | 461 | update alternatives called on wrong file 462 | use shellout instead of execute resource to update alternatives 463 | 464 | ## v1.5.2 465 | 466 | - remove sun-java6-jre on Ubuntu before installing Oracle's Java 467 | - fails on Ubuntu 12.04 64bit with openjdk7 468 | - Oracle Java should symlink the jar command 469 | 470 | ## v1.5.0 471 | 472 | - Oracle now prevents download of JDK via non-browser 473 | - fix File.exists? 474 | 475 | ## v1.4.2 476 | 477 | - fix attributes typo and platform case switch consistency 478 | 479 | ## v1.4.0 480 | 481 | - numerous updates: handle jdk6 and 7, switch from sun to oracle, make openjdk default, add `java_ark` LWRP. 482 | - [42] - FreeBSD support 483 | - ArchLinux support 484 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Community Guidelines 2 | 3 | This project follows the Chef Community Guidelines 4 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Please refer to 4 | [https://github.com/chef-cookbooks/community_cookbook_documentation/blob/main/CONTRIBUTING.MD](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/main/CONTRIBUTING.MD) 5 | -------------------------------------------------------------------------------- /Dangerfile: -------------------------------------------------------------------------------- 1 | # Reference: http://danger.systems/reference.html 2 | 3 | # A pull request summary is required. Add a description of the pull request purpose. 4 | # Changelog must be updated for each pull request that changes code. 5 | # Warnings will be issued for: 6 | # Pull request with more than 400 lines of code changed 7 | # Pull reqest that change more than 5 lines without test changes 8 | # Failures will be issued for: 9 | # Pull request without summary 10 | # Pull requests with code changes without changelog entry 11 | 12 | def code_changes? 13 | code = %w(libraries attributes recipes resources files templates) 14 | code.each do |location| 15 | return true unless git.modified_files.grep(/#{location}/).empty? 16 | end 17 | false 18 | end 19 | 20 | def test_changes? 21 | tests = %w(spec test kitchen.yml kitchen.dokken.yml) 22 | tests.each do |location| 23 | return true unless git.modified_files.grep(/#{location}/).empty? 24 | end 25 | false 26 | end 27 | 28 | failure 'Please provide a summary of your Pull Request.' if github.pr_body.length < 10 29 | 30 | warn 'This is a big Pull Request.' if git.lines_of_code > 400 31 | 32 | warn 'This is a Table Flip.' if git.lines_of_code > 2000 33 | 34 | # Require a CHANGELOG entry for non-test changes. 35 | if !git.modified_files.include?('CHANGELOG.md') && code_changes? 36 | failure 'Please include a CHANGELOG entry.' 37 | end 38 | 39 | # Require Major Minor Patch version labels 40 | unless github.pr_labels.grep /minor|major|patch/i 41 | warn 'Please add a release label to this pull request' 42 | end 43 | 44 | # A sanity check for tests. 45 | if git.lines_of_code > 5 && code_changes? && !test_changes? 46 | warn 'This Pull Request is probably missing tests.' 47 | end 48 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # java cookbook 2 | 3 | [![Cookbook Version](https://img.shields.io/cookbook/v/java.svg)](https://supermarket.chef.io/cookbooks/java) 4 | [![Build Status](https://img.shields.io/circleci/project/github/sous-chefs/java/master.svg)](https://circleci.com/gh/sous-chefs/java) 5 | [![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) 6 | [![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) 7 | [![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) 8 | 9 | This cookbook installs a Java JDK/JRE. It defaults to installing [OpenJDK](https://openjdk.java.net/), but it can also install [AdoptOpenJDK](https://adoptopenjdk.net/) and [Amazon Corretto](https://corretto.aws/). 10 | 11 | ## Maintainers 12 | 13 | This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). 14 | 15 | ## Usage 16 | 17 | ## Requirements 18 | 19 | Chef 15.3+ 20 | 21 | ### Platforms 22 | 23 | - Debian, Ubuntu 24 | - CentOS, RedHat, Fedora, Scientific, Amazon 25 | 26 | ## Resources 27 | 28 | - [adoptopenjdk_install](https://github.com/sous-chefs/java/blob/master/documentation/resources/adoptopenjdk_install.md) 29 | - [adoptopenjdk_macos_install](https://github.com/sous-chefs/java/blob/master/documentation/resources/adoptopenjdk_macos_install.md) 30 | - [alternatives](https://github.com/sous-chefs/java/blob/master/documentation/resources/alternatives.md) 31 | - [certificate](https://github.com/sous-chefs/java/blob/master/documentation/resources/certificate.md) 32 | - [corretto_install](https://github.com/sous-chefs/java/blob/master/documentation/resources/corretto_install.md) 33 | - [jce](https://github.com/sous-chefs/java/blob/master/documentation/resources/jce.md) 34 | - [openjdk_install](https://github.com/sous-chefs/java/blob/master/documentation/resources/openjdk_install.md) 35 | - [openjdk_pkg_install](https://github.com/sous-chefs/java/blob/master/documentation/resources/openjdk_pkg_install.md) 36 | 37 | ## Contributors 38 | 39 | This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) 40 | 41 | ### Backers 42 | 43 | Thank you to all our backers! 44 | 45 | ![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) 46 | 47 | ### Sponsors 48 | 49 | Support this project by becoming a sponsor. Your logo will show up here with a link to your website. 50 | 51 | ![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) 52 | ![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) 53 | ![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) 54 | ![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) 55 | ![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) 56 | ![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) 57 | ![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) 58 | ![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) 59 | ![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) 60 | ![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) 61 | -------------------------------------------------------------------------------- /TESTING.md: -------------------------------------------------------------------------------- 1 | # Testing 2 | 3 | Please refer to [the community cookbook documentation on testing](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/main/TESTING.MD). 4 | -------------------------------------------------------------------------------- /chefignore: -------------------------------------------------------------------------------- 1 | # Put files/directories that should be ignored in this file when uploading 2 | # to a Chef Infra Server or Supermarket. 3 | # Lines that start with '# ' are comments. 4 | 5 | # OS generated files # 6 | ###################### 7 | .DS_Store 8 | ehthumbs.db 9 | Icon? 10 | nohup.out 11 | Thumbs.db 12 | .envrc 13 | 14 | # EDITORS # 15 | ########### 16 | .#* 17 | .project 18 | .settings 19 | *_flymake 20 | *_flymake.* 21 | *.bak 22 | *.sw[a-z] 23 | *.tmproj 24 | *~ 25 | \#* 26 | REVISION 27 | TAGS* 28 | tmtags 29 | .vscode 30 | .editorconfig 31 | 32 | ## COMPILED ## 33 | ############## 34 | *.class 35 | *.com 36 | *.dll 37 | *.exe 38 | *.o 39 | *.pyc 40 | *.so 41 | */rdoc/ 42 | a.out 43 | mkmf.log 44 | 45 | # Testing # 46 | ########### 47 | .circleci/* 48 | .codeclimate.yml 49 | .delivery/* 50 | .foodcritic 51 | .kitchen* 52 | .mdlrc 53 | .overcommit.yml 54 | .rspec 55 | .rubocop.yml 56 | .travis.yml 57 | .watchr 58 | .yamllint 59 | azure-pipelines.yml 60 | Dangerfile 61 | examples/* 62 | features/* 63 | Guardfile 64 | kitchen*.yml 65 | mlc_config.json 66 | Procfile 67 | Rakefile 68 | spec/* 69 | test/* 70 | 71 | # SCM # 72 | ####### 73 | .git 74 | .gitattributes 75 | .gitconfig 76 | .github/* 77 | .gitignore 78 | .gitkeep 79 | .gitmodules 80 | .svn 81 | */.bzr/* 82 | */.git 83 | */.hg/* 84 | */.svn/* 85 | 86 | # Berkshelf # 87 | ############# 88 | Berksfile 89 | Berksfile.lock 90 | cookbooks/* 91 | tmp 92 | 93 | # Bundler # 94 | ########### 95 | vendor/* 96 | Gemfile 97 | Gemfile.lock 98 | 99 | # Policyfile # 100 | ############## 101 | Policyfile.rb 102 | Policyfile.lock.json 103 | 104 | # Documentation # 105 | ############# 106 | CODE_OF_CONDUCT* 107 | CONTRIBUTING* 108 | documentation/* 109 | TESTING* 110 | UPGRADING* 111 | 112 | # Vagrant # 113 | ########### 114 | .vagrant 115 | Vagrantfile 116 | -------------------------------------------------------------------------------- /documentation/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sous-chefs/java/f2e340ace9ef2139b9d5095b9c2ee26d3dbea867/documentation/.gitkeep -------------------------------------------------------------------------------- /documentation/resources/alternatives.md: -------------------------------------------------------------------------------- 1 | 2 | # java_alternatives 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | The `java_alternatives` resource uses `update-alternatives` command to set and unset command alternatives for various Java tools such as java, javac, etc. 7 | 8 | ## Actions 9 | 10 | - `:set`: set alternatives for Java tools 11 | - `:unset`: unset alternatives for Java tools 12 | 13 | ## Properties 14 | 15 | | Name | Type | Default | Description | 16 | | -------------------- | ------------- | ------- | ---------------------------------------------------------------------------- | 17 | | `java_location` | `String` | | Java installation location | 18 | | `bin_cmds` | `String` | | Array of Java tool names to set or unset alternatives on | 19 | | `default` | `true, false` | `true` | Whether to set the Java tools as system default. Boolean, defaults to `true` | 20 | | `priority` | `Integer` | `1061` | Priority of the alternatives. Integer, defaults to `1061` | 21 | | `reset_alternatives` | `true, false` | `true` | Whether to reset alternatives before setting them | 22 | 23 | - `java_location`: Java installation location. 24 | - `bin_cmds`: . 25 | - `default`: . 26 | - `priority`: . 27 | 28 | ## Examples 29 | 30 | ```ruby 31 | java_alternatives "set java alternatives" do 32 | java_location '/usr/local/java' 33 | bin_cmds ["java", "javac"] 34 | end 35 | ``` 36 | -------------------------------------------------------------------------------- /documentation/resources/certificate.md: -------------------------------------------------------------------------------- 1 | 2 | # java_certificate 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | Java certificate simplifies adding certificates to a java keystore. 7 | It can also populate the keystore with a certificate retrieved from a given SSL end-point. 8 | 9 | ## Actions 10 | 11 | - `:install`: installs a certificate. 12 | - `:remove`: removes a certificate. 13 | 14 | ## Properties 15 | 16 | | Name | Type | Default | Description | 17 | | ----------------- | ------ | --------------------------- | --------------------------------------------------------------------------------------- | 18 | | `java_home` | | `node['java']['java_home']` | The java home directory | 19 | | `java_version` | | `node['java']['jdk_version']` | The java version | 20 | | `keystore_path` | String | | Path to the keystore | 21 | | `keystore_passwd` | String | `changeit` | Password to the keystore | 22 | | `cert_alias` | String | | The alias of the certificate in the keystore. This defaults to the name of the resource | 23 | | `cert_data` | String | | The certificate data to install | 24 | | `cert_file` | String | | Path to a certificate file to install | 25 | | `ssl_endpoint` | String | | An SSL end-point from which to download the certificate | 26 | | `starttls` | String | | Control the TLS protocol handler when fetching a remote certificate from `ssl_endpoint` | 27 | 28 | ## Examples 29 | 30 | ```ruby 31 | java_certificate 'java_certificate_ssl_endpoint' do 32 | ssl_endpoint 'google.com:443' 33 | java_version '8' 34 | end 35 | ``` 36 | -------------------------------------------------------------------------------- /documentation/resources/corretto_install.md: -------------------------------------------------------------------------------- 1 | 2 | # corretto_install 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | Introduced: v8.0.0 7 | 8 | ## Actions 9 | 10 | - `:install` 11 | - `:remove` 12 | 13 | ## Properties 14 | 15 | | Name | Type | Default | Description | 16 | | --------------------- | --------------- | ------------------------------------ | ----------------------------------------------------------------------------------------------------------------- | 17 | | version | String | | Java version to install | 18 | | full_version | String | | Used to configure the package directory, change this is the version installed by the package is no longer correct | 19 | | url | String | `default_corretto_url(version)` | The URL to download from | 20 | | checksum | String | | The checksum for the downloaded file | 21 | | java_home | String | Based on the version | Set to override the java_home | 22 | | java_home_mode | Integer, String | `0755` | The permission for the Java home directory | 23 | | java_home_owner | String | `root` | Owner of the Java Home | 24 | | java_home_group | String | `node['root_group']` | Group for the Java Home | 25 | | default | Boolean | `true` | Whether to set this as the defalut Java | 26 | | bin_cmds | Array | `default_corretto_bin_cmds(version)` | A list of bin_cmds based on the version and variant | 27 | | alternatives_priority | Integer | `1` | Alternatives priority to set for this Java | 28 | | reset_alternatives | Boolean | `true` | Whether to reset alternatives before setting | 29 | 30 | ## Examples 31 | 32 | To install Corretto 11 and set it as the default Java: 33 | 34 | ```ruby 35 | corretto_install '11' 36 | ``` 37 | 38 | To install Corretto 11 and set it as second highest priority: 39 | 40 | ```ruby 41 | corretto_install '8' do 42 | alternatives_priority 2 43 | end 44 | ``` 45 | -------------------------------------------------------------------------------- /documentation/resources/jce.md: -------------------------------------------------------------------------------- 1 | 2 | # java_jce 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | `java_jce` installs the Java Cryptography Extension (JCE) policy files for a given Java installation. 7 | 8 | ## Actions 9 | 10 | - `:install`: Installs the JCE policy files. 11 | 12 | ## Properties 13 | 14 | | Name | Type | Default | Description | 15 | | -------------- | ------ | -------------------------------------------------------- | -------------------------------------------------------------------------- | 16 | | `jdk_version` | String | `node['java']['jdk_version']` | The Java version to install into | 17 | | `jce_url` | String | `node['java']['oracle']['jce'][jdk_version]['url']` | The URL for the JCE distribution | 18 | | `jce_checksum` | String | `node['java']['oracle']['jce'][jdk_version]['checksum']` | The checksum of the JCE distribution | 19 | | `jce_cookie` | String | `node['java']['oracle']['accept_oracle_download_terms']` | Indicates that you accept Oracle's EULA | 20 | | `jce_home` | String | `node['java']['oracle']['jce']['home']` | The location where JCE files will be decompressed for installation | 21 | | `java_home` | String | `node['java']['java_home']` | The location of the Java installation | 22 | | `principal` | String | `node['java']['windows']['owner']` | For Windows installations only, this determines the owner of the JCE files | 23 | 24 | ## Examples 25 | 26 | ``` ruby 27 | # Install the JCE for the default Java installation: 28 | java_jce 'Install the JCE files' 29 | 30 | # Install the JCE for a Java installation in /opt/tools/jdk8: 31 | java_jce 'Install the JCE files' do 32 | java_home '/opt/tools/jdk8' 33 | end 34 | 35 | # Install the JCE for a Java 8 installation in /opt/tools/java using a custom download location: 36 | java_jce 'Install the JCE files' do 37 | java_home '/opt/tools/java' 38 | jdk_version '8' 39 | jce_url 'https://artifacts/path/to/jce/policy.zip' 40 | jce_checksum 'deadbeefcafe...' 41 | end 42 | ``` 43 | -------------------------------------------------------------------------------- /documentation/resources/openjdk_install.md: -------------------------------------------------------------------------------- 1 | 2 | # openjdk_install 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | Introduced: v8.0.0 7 | 8 | ## Actions 9 | 10 | - `:install` 11 | - `:remove` 12 | 13 | ## Properties 14 | 15 | | Name | Type | Default | Description | Allowed values | 16 | | --------------------- | --------------- | ------- | --------------------------------------------------- | ------------------ | 17 | | version | String | | Java version to install | | 18 | | url | String | | The URL to download from | | 19 | | checksum | String | | The checksum for the downloaded file | | 20 | | java_home | String | | Set to override the java_home | | 21 | | java_home_mode | Integer, String | | The permission for the Java home directory | | 22 | | java_home_owner | String | | Owner of the Java Home | | 23 | | java_home_group | String | | Group for the Java Home | | 24 | | default | Boolean | | Whether to set this as the defalut Java | | 25 | | bin_cmds | Array | | A list of bin_cmds based on the version and variant | | 26 | | alternatives_priority | Integer | | Alternatives priority to set for this Java | | 27 | | reset_alternatives | Boolean | | Whether to reset alternatives before setting | | 28 | | pkg_names | Array | | List of packages to install | | 29 | | pkg_version | String | | Package version to install | | 30 | | install_type | String | | Installation type | `package` `source` | 31 | 32 | ## Examples 33 | 34 | To install OpenJDK 11 and set it as the default Java: 35 | 36 | ```ruby 37 | openjdk_install '11' 38 | ``` 39 | 40 | To install OpenJDK 11 and set it as second highest priority: 41 | 42 | ```ruby 43 | openjdk_install '11' do 44 | alternatives_priority 2 45 | end 46 | ``` 47 | -------------------------------------------------------------------------------- /documentation/resources/openjdk_pkg_install.md: -------------------------------------------------------------------------------- 1 | 2 | # openjdk_pkg_install 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | Introduced: v8.1.0 7 | 8 | ## Actions 9 | 10 | - `:install` 11 | - `:remove` 12 | 13 | ## Properties 14 | 15 | | Name | Type | Default | Description | 16 | | --------------------- | ------- | ------------------------------------ | --------------------------------------------------- | 17 | | version | String | | Java major version to install | 18 | | pkg_names | Array | `default_openjdk_pkg_names(version)` | List of packages to install | 19 | | pkg_version | String | `nil` | Package version to install | 20 | | java_home | String | Based on the version | Set to override the java_home | 21 | | default | Boolean | `true` | Whether to set this as the defalut Java | 22 | | bin_cmds | Array | `default_openjdk_bin_cmds(version)` | A list of bin_cmds based on the version and variant | 23 | | alternatives_priority | Integer | `1062` | Alternatives priority to set for this Java | 24 | | reset_alternatives | Boolean | `true` | Whether to reset alternatives before setting | 25 | 26 | ## Examples 27 | 28 | To install OpenJDK 11 and set it as the default Java: 29 | 30 | ```ruby 31 | openjdk_pkg_install '11' 32 | ``` 33 | 34 | To install OpenJDK 11 and set it as second highest priority: 35 | 36 | ```ruby 37 | openjdk_pkg_install '11' do 38 | alternatives_priority 2 39 | end 40 | ``` 41 | -------------------------------------------------------------------------------- /documentation/resources/openjdk_source_install.md: -------------------------------------------------------------------------------- 1 | 2 | # openjdk_install 3 | 4 | [back to resource list](https://github.com/sous-chefs/java#resources) 5 | 6 | Introduced: v8.0.0 7 | 8 | ## Actions 9 | 10 | - `:install` 11 | - `:remove` 12 | 13 | ## Properties 14 | 15 | | Name | Type | Default | Description | 16 | | --------------------- | --------------- | ----------------------------------- | --------------------------------------------------- | 17 | | version | String | | Java version to install | 18 | | url | String | `default_openjdk_url(version)` | The URL to download from | 19 | | checksum | String | `default_openjdk_checksum(version)` | The checksum for the downloaded file | 20 | | java_home | String | Based on the version | Set to override the java_home | 21 | | java_home_mode | Integer, String | `0755` | The permission for the Java home directory | 22 | | java_home_owner | String | `root` | Owner of the Java Home | 23 | | java_home_group | String | `node['root_group']` | Group for the Java Home | 24 | | default | Boolean | `true` | Whether to set this as the defalut Java | 25 | | bin_cmds | Array | `default_openjdk_bin_cmds(version)` | A list of bin_cmds based on the version and variant | 26 | | alternatives_priority | Integer | `1` | Alternatives priority to set for this Java | 27 | | reset_alternatives | Boolean | `true` | Whether to reset alternatives before setting | 28 | 29 | ## Examples 30 | 31 | To install OpenJDK 11 and set it as the default Java: 32 | 33 | ```ruby 34 | openjdk_install '11' 35 | ``` 36 | 37 | To install OpenJDK 11 and set it as second highest priority: 38 | 39 | ```ruby 40 | openjdk_install '11' do 41 | alternatives_priority 2 42 | end 43 | ``` 44 | -------------------------------------------------------------------------------- /kitchen.dokken.yml: -------------------------------------------------------------------------------- 1 | driver: 2 | name: dokken 3 | privileged: true 4 | chef_version: <%= ENV['CHEF_VERSION'] || 'current' %> 5 | 6 | transport: { name: dokken } 7 | provisioner: { name: dokken } 8 | 9 | platforms: 10 | - name: almalinux-8 11 | driver: 12 | image: dokken/almalinux-8 13 | pid_one_command: /usr/lib/systemd/systemd 14 | 15 | - name: almalinux-9 16 | driver: 17 | image: dokken/almalinux-9 18 | pid_one_command: /usr/lib/systemd/systemd 19 | 20 | - name: almalinux-10 21 | driver: 22 | image: dokken/almalinux-10 23 | pid_one_command: /usr/lib/systemd/systemd 24 | 25 | - name: amazonlinux-2023 26 | driver: 27 | image: dokken/amazonlinux-2023 28 | pid_one_command: /usr/lib/systemd/systemd 29 | 30 | - name: centos-stream-9 31 | driver: 32 | image: dokken/centos-stream-9 33 | pid_one_command: /usr/lib/systemd/systemd 34 | 35 | - name: centos-stream-10 36 | driver: 37 | image: dokken/centos-stream-10 38 | pid_one_command: /usr/lib/systemd/systemd 39 | 40 | - name: debian-11 41 | driver: 42 | image: dokken/debian-11 43 | pid_one_command: /bin/systemd 44 | 45 | - name: debian-12 46 | driver: 47 | image: dokken/debian-12 48 | pid_one_command: /bin/systemd 49 | 50 | - name: fedora-latest 51 | driver: 52 | image: dokken/fedora-latest 53 | pid_one_command: /usr/lib/systemd/systemd 54 | 55 | - name: opensuse-leap-15 56 | driver: 57 | image: dokken/opensuse-leap-15 58 | pid_one_command: /usr/lib/systemd/systemd 59 | 60 | - name: oraclelinux-8 61 | driver: 62 | image: dokken/oraclelinux-8 63 | pid_one_command: /usr/lib/systemd/systemd 64 | 65 | - name: oraclelinux-9 66 | driver: 67 | image: dokken/oraclelinux-9 68 | pid_one_command: /usr/lib/systemd/systemd 69 | 70 | - name: rockylinux-8 71 | driver: 72 | image: dokken/rockylinux-8 73 | pid_one_command: /usr/lib/systemd/systemd 74 | 75 | - name: rockylinux-9 76 | driver: 77 | image: dokken/rockylinux-9 78 | pid_one_command: /usr/lib/systemd/systemd 79 | 80 | - name: ubuntu-20.04 81 | driver: 82 | image: dokken/ubuntu-20.04 83 | pid_one_command: /bin/systemd 84 | 85 | - name: ubuntu-22.04 86 | driver: 87 | image: dokken/ubuntu-22.04 88 | pid_one_command: /bin/systemd 89 | 90 | - name: ubuntu-24.04 91 | driver: 92 | image: dokken/ubuntu-24.04 93 | pid_one_command: /bin/systemd 94 | -------------------------------------------------------------------------------- /kitchen.exec.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: { name: exec } 3 | transport: { name: exec } 4 | 5 | platforms: 6 | - name: macos-latest 7 | - name: windows-latest 8 | -------------------------------------------------------------------------------- /kitchen.global.yml: -------------------------------------------------------------------------------- 1 | --- 2 | provisioner: 3 | name: chef_infra 4 | product_name: chef 5 | product_version: <%= ENV['CHEF_VERSION'] || 'latest' %> 6 | channel: stable 7 | install_strategy: once 8 | chef_license: accept 9 | enforce_idempotency: <%= ENV['ENFORCE_IDEMPOTENCY'] || true %> 10 | multiple_converge: <%= ENV['MULTIPLE_CONVERGE'] || 2 %> 11 | deprecations_as_errors: true 12 | log_level: <%= ENV['CHEF_LOG_LEVEL'] || 'auto' %> 13 | 14 | verifier: 15 | name: inspec 16 | 17 | platforms: 18 | - name: almalinux-8 19 | - name: almalinux-9 20 | - name: amazonlinux-2023 21 | - name: centos-stream-9 22 | - name: debian-11 23 | - name: debian-12 24 | - name: fedora-latest 25 | - name: opensuse-leap-15 26 | - name: oraclelinux-8 27 | - name: oraclelinux-9 28 | - name: rockylinux-8 29 | - name: rockylinux-9 30 | - name: ubuntu-20.04 31 | - name: ubuntu-22.04 32 | - name: ubuntu-24.04 33 | -------------------------------------------------------------------------------- /kitchen.macos.local.yml: -------------------------------------------------------------------------------- 1 | --- 2 | provisioner: 3 | name: chef_zero 4 | install_strategy: skip 5 | channel: current 6 | 7 | platforms: 8 | - name: macos 9 | driver: 10 | box: damacus/macos-10.15.4 11 | provider: parallels 12 | linked_clone: true 13 | gui: false 14 | 15 | suites: 16 | - name: default 17 | run_list: 18 | - recipe[homebrew] 19 | - recipe[test::openjdk] 20 | attributes: 21 | version: 14 22 | variant: openj9 23 | verifier: 24 | inspec_tests: [test/integration/openjdk] 25 | input_files: [test/integration/openjdk/inputs/openjdk-14-macos.yml] 26 | -------------------------------------------------------------------------------- /kitchen.macos.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: 3 | name: exec 4 | host: localhost 5 | 6 | provisioner: 7 | require_chef_omnibus: false 8 | name: chef_zero 9 | install_strategy: skip 10 | chef_client_path: "/opt/chef-workstation/bin/chef-client" 11 | deprecations_as_errors: false 12 | sudo: true 13 | 14 | platforms: 15 | - name: macos 16 | driver: 17 | box: damacus/macos-10.15.4 18 | provider: parallels 19 | linked_clone: true 20 | gui: false 21 | 22 | suites: 23 | - name: default 24 | run_list: 25 | - recipe[test::openjdk] 26 | attributes: 27 | version: 17 28 | verifier: 29 | inspec_tests: [test/integration/openjdk] 30 | inputs: { java_version: "17" } 31 | -------------------------------------------------------------------------------- /kitchen.windows.yml: -------------------------------------------------------------------------------- 1 | # --- 2 | # driver: 3 | # name: exec 4 | # host: localhost 5 | 6 | # provisioner: 7 | # require_chef_omnibus: false 8 | # # chef_client_path: "/opt/chef-workstation/bin/chef-client" 9 | # name: chef_zero 10 | # deprecations_as_errors: false 11 | # log_level: :info 12 | # install_strategy: skip 13 | 14 | # suites: 15 | # - name: adoptopenjdk-13-openj9 16 | # run_list: 17 | # - recipe[test::adoptopenjdk] 18 | 19 | # platforms: 20 | # - name: windows_2019 21 | -------------------------------------------------------------------------------- /kitchen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: 3 | name: vagrant 4 | chef_version: <%= ENV['CHEF_VERSION'] || 'current' %> 5 | env: [CHEF_LICENSE=accept] 6 | 7 | provisioner: 8 | name: chef_zero 9 | 10 | verifier: 11 | name: inspec 12 | 13 | platforms: 14 | - name: amazonlinux-2023 15 | - name: debian-12 16 | - name: debian-11 17 | - name: freebsd-13 18 | - name: fedora-latest 19 | - name: rockylinux-9 20 | - name: rockylinux-8 21 | - name: ubuntu-22.04 22 | - name: ubuntu-20.04 23 | 24 | suites: 25 | # OpenJDK 26 | - name: openjdk-11 27 | run_list: 28 | - recipe[test::openjdk] 29 | attributes: { version: "11" } 30 | verifier: 31 | inspec_tests: [test/integration/openjdk] 32 | inputs: { java_version: "11" } 33 | 34 | - name: openjdk-16 35 | run_list: 36 | - recipe[test::openjdk] 37 | attributes: { version: "16" } 38 | verifier: 39 | inspec_tests: [test/integration/openjdk] 40 | inputs: { java_version: "16" } 41 | 42 | - name: openjdk-17 43 | run_list: 44 | - recipe[test::openjdk] 45 | attributes: { version: "17" } 46 | verifier: 47 | inspec_tests: [test/integration/openjdk] 48 | inputs: { java_version: "17" } 49 | 50 | # Temurin/Semeru 51 | - name: temurin-8-hotspot 52 | run_list: 53 | - recipe[test::openjdk] 54 | attributes: 55 | version: 8 56 | variant: hotspot 57 | verifier: 58 | inspec_tests: [test/integration/openjdk] 59 | inputs: { java_version: "8" } 60 | 61 | - name: temurin-11-hotspot 62 | run_list: 63 | - recipe[test::openjdk] 64 | attributes: 65 | version: 11 66 | variant: hotspot 67 | verifier: 68 | inspec_tests: [test/integration/openjdk] 69 | inputs: { java_version: "11" } 70 | 71 | - name: semeru-11-openj9 72 | run_list: 73 | - recipe[test::openjdk] 74 | attributes: 75 | version: 11 76 | variant: openj9 77 | verifier: 78 | inspec_tests: [test/integration/openjdk] 79 | inputs: { java_version: "11" } 80 | 81 | - name: semeru-17-openj9 82 | run_list: 83 | - recipe[test::openjdk] 84 | attributes: 85 | version: 17 86 | variant: openj9 87 | verifier: 88 | inspec_tests: [test/integration/openjdk] 89 | inputs: { java_version: "17" } 90 | 91 | # Corretto 92 | - name: corretto-8 93 | run_list: 94 | - recipe[test::corretto] 95 | attributes: { version: "8" } 96 | verifier: 97 | inspec_tests: [test/integration/corretto] 98 | inputs: { java_version: "8" } 99 | - name: corretto-11 100 | run_list: 101 | - recipe[test::corretto] 102 | attributes: { version: "11" } 103 | verifier: 104 | inspec_tests: [test/integration/corretto] 105 | inputs: { java_version: "11" } 106 | - name: corretto-17 107 | run_list: 108 | - recipe[test::corretto] 109 | attributes: { version: "17" } 110 | verifier: 111 | inspec_tests: [test/integration/corretto] 112 | inputs: { java_version: "17" } 113 | - name: corretto-18 114 | run_list: 115 | - recipe[test::corretto] 116 | attributes: { version: "18" } 117 | verifier: 118 | inspec_tests: [test/integration/corretto] 119 | inputs: { java_version: "18" } 120 | -------------------------------------------------------------------------------- /libraries/certificate_helpers.rb: -------------------------------------------------------------------------------- 1 | module Java 2 | module Cookbook 3 | module CertificateHelpers 4 | def default_truststore_path(version, java_home) 5 | if version.to_i > 8 6 | "#{java_home}/lib/security/cacerts" 7 | else 8 | "#{java_home}/jre/lib/security/cacerts" 9 | end 10 | end 11 | 12 | def keystore_argument(version, cacerts, truststore_path) 13 | if version.to_i > 8 && cacerts 14 | '-cacerts' 15 | else 16 | "-keystore #{truststore_path}" 17 | end 18 | end 19 | end 20 | end 21 | end 22 | -------------------------------------------------------------------------------- /libraries/corretto_helpers.rb: -------------------------------------------------------------------------------- 1 | module Java 2 | module Cookbook 3 | module CorrettoHelpers 4 | def corretto_arch 5 | node['kernel']['machine'].match?('aarch64') ? 'aarch64' : 'x64' 6 | end 7 | 8 | def default_corretto_bin_cmds(version) 9 | case version.to_s 10 | when '8' 11 | %w(appletviewer clhsdb extcheck hsdb idlj jar jarsigner java java-rmi.cgi javac javadoc javafxpackager javah javap javapackager jcmd jconsole jdb jdeps jfr jhat jinfo jjs jmap jps jrunscript jsadebugd jstack jstat jstatd keytool native2ascii orbd pack200 policytool rmic rmid rmiregistry schemagen serialver servertool tnameserv unpack200 wsgen wsimport xjc) 12 | when '11' 13 | %w(jaotc jar jarsigner java javac javadoc javap jcmd jconsole jdb jdeprscan jdeps jfr jhsdb jimage jinfo jjs jlink jmap jmod jps jrunscript jshell jstack jstat jstatd keytool pack200 rmic rmid rmiregistry serialver unpack200) 14 | when '15', '17', '18' 15 | %w(jaotc jar jarsigner java javac javadoc javap jcmd jconsole jdb jdeprscan jdeps jfr jhsdb jimage jinfo jlink jmap jmod jpackage jps jrunscript jshell jstack jstat jstatd keytool rmid rmiregistry serialver) 16 | else 17 | raise 'Corretto version not recognised' 18 | end 19 | end 20 | 21 | def default_corretto_minor(version) 22 | case version 23 | when '8' 24 | '8.332.08.1' 25 | when '11' 26 | '11.0.15.9.1' 27 | when '17' 28 | '17.0.3.6.1' 29 | when '18' 30 | '18.0.1.10.1' 31 | else 32 | raise 'Corretto version not recognised' 33 | end 34 | end 35 | 36 | def corretto_sub_dir(version, full_version = nil) 37 | ver = full_version.nil? ? default_corretto_minor(version) : full_version 38 | "amazon-corretto-#{ver}-linux-#{corretto_arch}" 39 | end 40 | 41 | def default_corretto_url(version) 42 | ver = version.include?('.') ? version : default_corretto_minor(version) 43 | 44 | "https://corretto.aws/downloads/resources/#{ver}/amazon-corretto-#{ver}-linux-#{corretto_arch}.tar.gz" 45 | end 46 | end 47 | end 48 | end 49 | -------------------------------------------------------------------------------- /libraries/openjdk_helpers.rb: -------------------------------------------------------------------------------- 1 | module Java 2 | module Cookbook 3 | module OpenJdkHelpers 4 | def lts 5 | %w(11 17) 6 | end 7 | 8 | # This method relies on the GitHub release artefact URL 9 | # e.g. https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.3%2B7/OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.3_7.tar.gz 10 | def sub_dir(url) 11 | URI.parse(url) 12 | url.split('/')[7].split('_')[0].gsub('%2', '-').downcase 13 | end 14 | 15 | def default_openjdk_install_method(version) 16 | case node['platform_family'] 17 | when 'amazon' 18 | 'source' 19 | when 'rhel' 20 | supported = lts.delete('11') 21 | supported.include?(version) ? 'package' : 'source' 22 | when 'debian' 23 | case node['platform_version'] 24 | when '10', '18.04' 25 | supported = lts - ['17'] 26 | supported.include?(version) ? 'package' : 'source' 27 | when '9' 28 | %w(8).include?(version) ? 'package' : 'source' 29 | else 30 | lts.include?(version) ? 'package' : 'source' 31 | end 32 | else 33 | lts.include?(version) ? 'package' : 'source' 34 | end 35 | end 36 | 37 | def default_openjdk_url(version, variant = nil) 38 | # Always default to OpenJDK 39 | # If the user passes variant we'll also select that variant's URL 40 | case version 41 | when '8' 42 | case variant 43 | when 'semeru' 44 | 'https://github.com/ibmruntimes/semeru8-binaries/releases/download/jdk8u322-b06_openj9-0.30.0/ibm-semeru-open-jdk_x64_linux_8u322b06_openj9-0.30.0.tar.gz' 45 | when 'temurin' 46 | 'https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u322-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u322b06.tar.gz' 47 | else 48 | Chef::Log.fatal('Version specified does not have a URL value set') 49 | raise 'Version supplied does not have a download URL set' 50 | end 51 | when '9' 52 | 'https://download.java.net/java/GA/jdk9/9/binaries/openjdk-9_linux-x64_bin.tar.gz' 53 | when '10' 54 | 'https://download.java.net/java/GA/jdk10/10/binaries/openjdk-10_linux-x64_bin.tar.gz' 55 | when '11' 56 | case variant 57 | when 'semeru' 58 | 'https://github.com/ibmruntimes/semeru11-binaries/releases/download/jdk-11.0.14.1%2B1_openj9-0.30.1/ibm-semeru-open-jdk_x64_linux_11.0.14.1_1_openj9-0.30.1.tar.gz' 59 | when 'temurin' 60 | 'https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.15%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.15_10.tar.gz' 61 | else 62 | 'https://download.java.net/java/ga/jdk11/openjdk-11_linux-x64_bin.tar.gz' 63 | end 64 | when '12' 65 | 'https://download.java.net/java/GA/jdk12/33/GPL/openjdk-12_linux-x64_bin.tar.gz' 66 | when '13' 67 | 'https://download.java.net/java/GA/jdk13/5b8a42f3905b406298b72d750b6919f6/33/GPL/openjdk-13_linux-x64_bin.tar.gz' 68 | when '14' 69 | 'https://download.java.net/java/GA/jdk14/076bab302c7b4508975440c56f6cc26a/36/GPL/openjdk-14_linux-x64_bin.tar.gz' 70 | when '15' 71 | 'https://download.java.net/java/GA/jdk15/779bf45e88a44cbd9ea6621d33e33db1/36/GPL/openjdk-15_linux-x64_bin.tar.gz' 72 | when '16' 73 | case variant 74 | when 'semeru' 75 | 'https://github.com/ibmruntimes/semeru16-binaries/releases/download/jdk-16.0.2%2B7_openj9-0.27.1/ibm-semeru-open-jdk_ppc64le_linux_16.0.2_7_openj9-0.27.1.tar.gz' 76 | when 'temurin' 77 | 'https://github.com/adoptium/temurin16-binaries/releases/download/jdk-16.0.2%2B7/OpenJDK16U-jdk_x64_linux_hotspot_16.0.2_7.tar.gz' 78 | else 79 | 'https://download.java.net/java/GA/jdk16/7863447f0ab643c585b9bdebf67c69db/36/GPL/openjdk-16_linux-x64_bin.tar.gz' 80 | end 81 | when '17' 82 | case variant 83 | when 'semeru' 84 | 'https://github.com/ibmruntimes/semeru17-binaries/releases/download/jdk-17.0.2%2B8_openj9-0.30.0/ibm-semeru-open-jdk_x64_linux_17.0.2_8_openj9-0.30.0.tar.gz' 85 | when 'temurin' 86 | 'https://github.com/adoptium/temurin18-binaries/releases/download/jdk-18.0.1%2B10/OpenJDK18U-jdk_x64_linux_hotspot_18.0.1_10.tar.gz' 87 | else 88 | 'https://download.java.net/java/GA/jdk17/0d483333a00540d886896bac774ff48b/35/GPL/openjdk-17_linux-x64_bin.tar.gz' 89 | end 90 | when '18' 91 | case variant 92 | when 'semeru' 93 | 'https://github.com/AdoptOpenJDK/semeru18-binaries/releases/download/jdk-18.0.1%2B10_openj9-0.32.0/ibm-semeru-open-jdk_x64_linux_18.0.1_10_openj9-0.32.0.tar.gz' 94 | when 'temurin' 95 | 'https://github.com/adoptium/temurin18-binaries/releases/download/jdk-18.0.1%2B10/OpenJDK18U-jdk_x64_linux_hotspot_18.0.1_10.tar.gz' 96 | else 97 | 'https://download.java.net/java/GA/jdk18.0.1/3f48cabb83014f9fab465e280ccf630b/10/GPL/openjdk-18.0.1_linux-x64_bin.tar.gz' 98 | end 99 | else 100 | Chef::Log.fatal('Version specified does not have a URL value set') 101 | raise 'Version supplied does not have a download URL set' 102 | end 103 | end 104 | 105 | def default_openjdk_checksum(version) 106 | case version 107 | when '9' 108 | 'f908e31b6185e11b322825809172dcbb7ac0dce64061c9cf154cb1b0df884480' 109 | when '10' 110 | 'c851df838a51af52517b74e3a4b251d90c54cf478a4ebed99e7285ef134c3435' 111 | when '11' 112 | '3784cfc4670f0d4c5482604c7c513beb1a92b005f569df9bf100e8bef6610f2e' 113 | when '12' 114 | 'b43bc15f4934f6d321170419f2c24451486bc848a2179af5e49d10721438dd56' 115 | when '13' 116 | '5f547b8f0ffa7da517223f6f929a5055d749776b1878ccedbd6cc1334f4d6f4d' 117 | when '14' 118 | 'c7006154dfb8b66328c6475447a396feb0042608ee07a96956547f574a911c09' 119 | when '15' 120 | 'bb67cadee687d7b486583d03c9850342afea4593be4f436044d785fba9508fb7' 121 | when '16' 122 | 'e952958f16797ad7dc7cd8b724edd69ec7e0e0434537d80d6b5165193e33b931' 123 | when '17' 124 | 'aef49cc7aa606de2044302e757fa94c8e144818e93487081c4fd319ca858134b' 125 | else 126 | Chef::Log.fatal('Version specified does not have a checksum value set') 127 | raise 'No checksum value' 128 | end 129 | end 130 | 131 | def default_openjdk_bin_cmds(version) 132 | case version 133 | when '7' 134 | %w(appletviewer apt ControlPanel extcheck idlj jar jarsigner java javac javadoc javafxpackager javah javap javaws jcmd jconsole jcontrol jdb jdeps jhat jinfo jjs jmap jmc jps jrunscript jsadebugd jstack jstat jstatd jvisualvm keytool native2ascii orbd pack200 policytool rmic rmid rmiregistry schemagen serialver servertool tnameserv unpack200 wsgen wsimport xjc) 135 | when '8' 136 | %w(appletviewer apt ControlPanel extcheck idlj jar jarsigner java javac javadoc javafxpackager javah javap javaws jcmd jconsole jcontrol jdb jdeps jhat jinfo jjs jmap jmc jps jrunscript jsadebugd jstack jstat jstatd jvisualvm keytool native2ascii orbd pack200 policytool rmic rmid rmiregistry schemagen serialver servertool tnameserv unpack200 wsgen wsimport xjc) 137 | when '9' 138 | %w(appletviewer idlj jaotc jar jarsigner java javac javadoc javah javap jcmd jconsole jdb jdeprscan jdeps jhsdb jimage jinfo jjs jlink jmap jmod jps jrunscript jshell jstack jstat jstatd keytool orbd pack200 policytool rmic rmid rmiregistry schemagen serialver servertool tnameserv unpack200 wsgen wsimport xjc) 139 | when '10' 140 | %w(appletviewer idlj jaotc jar jarsigner java javac javadoc javap jcmd jconsole jdb jdeprscan jdeps jhsdb jimage jinfo jjs jlink jmap jmod jps jrunscript jshell jstack jstat jstatd keytool orbd pack200 rmic rmid rmiregistry schemagen serialver servertool tnameserv unpack200 wsgen wsimport xjc) 141 | when '11' 142 | %w(jaotc jar jarsigner java javac javadoc javap jcmd jconsole jdb jdeprscan jdeps jhsdb jimage jinfo jjs jlink jmap jmod jps jrunscript jshell jstack jstat jstatd keytool pack200 rmic rmid rmiregistry serialver unpack200) 143 | when '12', '13', '14', '15', '16', '17', '19', '20', '21', '22', 'latest' 144 | %w(jaotc jarsigner javac javap jconsole jdeprscan jfr jimage jjs jmap jps jshell jstat keytool rmic rmiregistry unpack200 jar java javadoc jcmd jdb jdeps jhsdb jinfo jlink jmod jrunscript jstack jstatd pack200 rmid serialver) 145 | else 146 | Chef::Log.fatal('Version specified does not have a default set of bin_cmds') 147 | end 148 | end 149 | 150 | def default_openjdk_pkg_names(version) 151 | value_for_platform_family( 152 | amazon: ["java-1.#{version}.0-openjdk", "java-1.#{version}.0-openjdk-devel"], 153 | %w(rhel fedora) => version.to_i < 11 ? ["java-1.#{version}.0-openjdk", "java-1.#{version}.0-openjdk-devel"] : ["java-#{version}-openjdk", "java-#{version}-openjdk-devel"], 154 | suse: version.to_i == 8 ? ["java-1_#{version}_0-openjdk", "java-1_#{version}_0-openjdk-devel"] : ["java-#{version}-openjdk", "java-#{version}-openjdk-devel"], 155 | freebsd: "openjdk#{version}", 156 | arch: "openjdk#{version}", 157 | debian: ["openjdk-#{version}-jdk", "openjdk-#{version}-jre-headless"], 158 | default: ["openjdk-#{version}-jdk"] 159 | ) 160 | end 161 | 162 | def default_openjdk_pkg_java_home(version) 163 | value_for_platform_family( 164 | %w(rhel fedora) => version.to_i < 11 ? "/usr/lib/jvm/java-1.#{version}.0" : "/usr/lib/jvm/java-#{version}", 165 | amazon: version.to_i < 11 ? "/usr/lib/jvm/java-1.#{version}.0" : "/usr/lib/jvm/jre-#{version}", 166 | suse: "/usr/lib#{node['kernel']['machine'] == 'x86_64' ? '64' : nil}/jvm/java-#{version.to_i == 8 ? "1.#{version}.0" : version}", 167 | freebsd: "/usr/local/openjdk#{version}", 168 | arch: "/usr/lib/jvm/java-#{version}-openjdk", 169 | debian: "/usr/lib/jvm/java-#{version}-openjdk-#{node['kernel']['machine'] == 'x86_64' ? 'amd64' : 'i386'}", 170 | default: '/usr/lib/jvm/default-java' 171 | ) 172 | end 173 | end 174 | end 175 | end 176 | -------------------------------------------------------------------------------- /metadata.rb: -------------------------------------------------------------------------------- 1 | name 'java' 2 | maintainer 'Sous Chefs' 3 | maintainer_email 'help@sous-chefs.org' 4 | license 'Apache-2.0' 5 | description 'Recipes and resources for installing Java and managing certificates' 6 | source_url 'https://github.com/sous-chefs/java' 7 | issues_url 'https://github.com/sous-chefs/java/issues' 8 | chef_version '>= 16.0' 9 | version '12.1.1' 10 | 11 | supports 'debian' 12 | supports 'ubuntu' 13 | supports 'centos' 14 | supports 'redhat' 15 | supports 'scientific' 16 | supports 'fedora' 17 | supports 'amazon' 18 | supports 'oracle' 19 | supports 'freebsd' 20 | supports 'suse' 21 | supports 'opensuseleap' 22 | 23 | depends 'line' 24 | -------------------------------------------------------------------------------- /renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "extends": ["config:base"], 4 | "packageRules": [ 5 | { 6 | "groupName": "Actions", 7 | "matchUpdateTypes": ["minor", "patch", "pin"], 8 | "automerge": true, 9 | "addLabels": ["Release: Patch", "Skip: Announcements"] 10 | }, 11 | { 12 | "groupName": "Actions", 13 | "matchUpdateTypes": ["major"], 14 | "automerge": false, 15 | "addLabels": ["Release: Patch", "Skip: Announcements"] 16 | } 17 | ] 18 | } 19 | -------------------------------------------------------------------------------- /resources/alternatives.rb: -------------------------------------------------------------------------------- 1 | unified_mode true 2 | 3 | property :java_location, 4 | String, 5 | description: 'Java installation location' 6 | 7 | property :bin_cmds, 8 | Array, 9 | description: 'Array of Java tool names to set or unset alternatives on' 10 | 11 | property :default, 12 | [true, false], 13 | default: true, 14 | description: 'Whether to set the Java tools as system default. Boolean, defaults to `true`' 15 | 16 | property :priority, 17 | Integer, 18 | default: 1061, 19 | description: ' Priority of the alternatives. Integer, defaults to `1061`' 20 | 21 | property :reset_alternatives, 22 | [true, false], 23 | default: true, 24 | description: 'Whether to reset alternatives before setting them' 25 | 26 | action :set do 27 | if new_resource.bin_cmds 28 | new_resource.bin_cmds.each do |cmd| 29 | bin_path = "/usr/bin/#{cmd}" 30 | alt_path = "#{new_resource.java_location}/bin/#{cmd}" 31 | priority = new_resource.priority 32 | 33 | unless ::File.exist?(alt_path) 34 | Chef::Log.debug "Skipping setting alternative for #{cmd}. Command #{alt_path} does not exist." 35 | next 36 | end 37 | 38 | alternative_exists_same_priority = shell_out("#{alternatives_cmd} --display #{cmd} | grep #{alt_path} | grep 'priority #{priority}$'").exitstatus == 0 39 | alternative_exists = shell_out("#{alternatives_cmd} --display #{cmd} | grep #{alt_path}").exitstatus == 0 40 | # remove alternative if priority is changed and install it with new priority 41 | if alternative_exists && !alternative_exists_same_priority 42 | converge_by("Removing alternative for #{cmd} with old priority") do 43 | Chef::Log.debug "Removing alternative for #{cmd} with old priority" 44 | remove_cmd = shell_out("#{alternatives_cmd} --remove #{cmd} #{alt_path}") 45 | alternative_exists = false 46 | unless remove_cmd.exitstatus == 0 47 | raise(%( remove alternative failed )) 48 | end 49 | end 50 | end 51 | # install the alternative if needed 52 | unless alternative_exists 53 | converge_by("Add alternative for #{cmd}") do 54 | Chef::Log.debug "Adding alternative for #{cmd}" 55 | if new_resource.reset_alternatives 56 | shell_out("rm /var/lib/alternatives/#{cmd}") 57 | end 58 | install_cmd = shell_out("#{alternatives_cmd} --install #{bin_path} #{cmd} #{alt_path} #{priority}") 59 | unless install_cmd.exitstatus == 0 60 | raise(%( install alternative failed )) 61 | end 62 | end 63 | end 64 | 65 | # set the alternative if default 66 | next unless new_resource.default 67 | alternative_is_set = shell_out("#{alternatives_cmd} --display #{cmd} | grep \"link currently points to #{alt_path}\"").exitstatus == 0 68 | next if alternative_is_set 69 | converge_by("Set alternative for #{cmd}") do 70 | Chef::Log.debug "Setting alternative for #{cmd}" 71 | set_cmd = shell_out("#{alternatives_cmd} --set #{cmd} #{alt_path}") 72 | unless set_cmd.exitstatus == 0 73 | raise(%( set alternative failed )) 74 | end 75 | end 76 | end 77 | end 78 | end 79 | 80 | action :unset do 81 | new_resource.bin_cmds.each do |cmd| 82 | converge_by("Remove alternative for #{cmd}") do 83 | shell_out("#{alternatives_cmd} --remove #{cmd} #{new_resource.java_location}/bin/#{cmd}") 84 | end 85 | end 86 | end 87 | 88 | action_class do 89 | def alternatives_cmd 90 | platform_family?('rhel', 'fedora', 'amazon') ? 'alternatives' : 'update-alternatives' 91 | end 92 | end 93 | -------------------------------------------------------------------------------- /resources/certificate.rb: -------------------------------------------------------------------------------- 1 | unified_mode true 2 | include Java::Cookbook::CertificateHelpers 3 | 4 | property :cert_alias, 5 | String, 6 | name_property: true, 7 | description: 'The alias of the certificate in the keystore. This defaults to the name of the resource' 8 | 9 | property :java_home, 10 | String, 11 | default: lazy { node['java']['java_home'] }, 12 | description: 'The java home directory' 13 | 14 | property :java_version, 15 | String, 16 | default: lazy { node['java']['jdk_version'] }, 17 | description: 'The major java version' 18 | 19 | property :cacerts, 20 | [true, false], 21 | default: true, 22 | description: 'Specify true for interacting with the Java installation cacerts file. (Java 9+)' 23 | 24 | property :keystore_path, 25 | String, 26 | default: lazy { default_truststore_path(java_version, java_home) }, 27 | description: 'Path to the keystore' 28 | 29 | property :keystore_passwd, 30 | String, 31 | default: 'changeit', 32 | description: 'Password to the keystore' 33 | 34 | property :cert_data, 35 | String, 36 | description: 'The certificate data to install' 37 | 38 | property :cert_file, 39 | String, 40 | description: 'Path to a certificate file to install' 41 | 42 | property :ssl_endpoint, 43 | String, 44 | description: 'An SSL end-point from which to download the certificate' 45 | 46 | property :starttls, 47 | String, 48 | equal_to: %w(smtp pop3 imap ftp xmpp xmpp-server irc postgres mysql lmtp nntp sieve ldap), 49 | description: 'A protocol specific STARTTLS argument to use when fetching from an ssl_endpoint' 50 | 51 | property :file_cache_path, 52 | String, 53 | default: Chef::Config[:file_cache_path], 54 | description: 'Location to store certificate files' 55 | 56 | action :install do 57 | require 'openssl' 58 | 59 | keystore_argument = keystore_argument(new_resource.java_version, new_resource.cacerts, new_resource.keystore_path) 60 | 61 | certdata = new_resource.cert_data || fetch_certdata 62 | 63 | hash = OpenSSL::Digest::SHA512.hexdigest(certdata) 64 | certfile = ::File.join(new_resource.file_cache_path, "#{new_resource.cert_alias}.cert.#{hash}") 65 | 66 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -list #{keystore_argument} -storepass #{new_resource.keystore_passwd} -rfc -alias \"#{new_resource.cert_alias}\"") 67 | cmd.run_command 68 | keystore_cert = cmd.stdout.match(/^[-]+BEGIN.*END(\s|\w)+[-]+$/m).to_s 69 | 70 | keystore_cert_digest = keystore_cert.empty? ? nil : OpenSSL::Digest::SHA512.hexdigest(OpenSSL::X509::Certificate.new(keystore_cert).to_der) 71 | certfile_digest = OpenSSL::Digest::SHA512.hexdigest(OpenSSL::X509::Certificate.new(certdata).to_der) 72 | if keystore_cert_digest == certfile_digest 73 | Chef::Log.debug("Certificate \"#{new_resource.cert_alias}\" in keystore \"#{new_resource.keystore_path}\" is up-to-date.") 74 | else 75 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -list #{keystore_argument} -storepass #{new_resource.keystore_passwd} -v") 76 | cmd.run_command 77 | Chef::Log.debug(cmd.format_for_exception) 78 | Chef::Application.fatal!("Error querying keystore for existing certificate: #{cmd.exitstatus}", cmd.exitstatus) unless cmd.exitstatus == 0 79 | 80 | has_key = !cmd.stdout[/Alias name: \b#{new_resource.cert_alias}\s*$/i].nil? 81 | 82 | if has_key 83 | converge_by("delete existing certificate #{new_resource.cert_alias} from #{new_resource.keystore_path}") do 84 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -delete -alias \"#{new_resource.cert_alias}\" #{keystore_argument} -storepass #{new_resource.keystore_passwd}") 85 | cmd.run_command 86 | Chef::Log.debug(cmd.format_for_exception) 87 | unless cmd.exitstatus == 0 88 | Chef::Application.fatal!("Error deleting existing certificate \"#{new_resource.cert_alias}\" in " \ 89 | "keystore so it can be updated: #{cmd.exitstatus}", cmd.exitstatus) 90 | end 91 | end 92 | end 93 | 94 | ::File.open(certfile, 'w', 0o644) { |f| f.write(certdata) } 95 | 96 | converge_by("add certificate #{new_resource.cert_alias} to keystore #{new_resource.keystore_path}") do 97 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -import -trustcacerts -alias \"#{new_resource.cert_alias}\" -file #{certfile} #{keystore_argument} -storepass #{new_resource.keystore_passwd} -noprompt") 98 | cmd.run_command 99 | Chef::Log.debug(cmd.format_for_exception) 100 | 101 | unless cmd.exitstatus == 0 102 | FileUtils.rm_f(certfile) 103 | Chef::Application.fatal!("Error importing certificate into keystore: #{cmd.exitstatus}", cmd.exitstatus) 104 | end 105 | end 106 | end 107 | end 108 | 109 | action :remove do 110 | keystore_argument = keystore_argument(new_resource.java_version, new_resource.cacerts, new_resource.keystore_path) 111 | 112 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -list #{keystore_argument} -storepass #{new_resource.keystore_passwd} -v | grep \"#{new_resource.cert_alias}\"") 113 | cmd.run_command 114 | has_key = !cmd.stdout[/Alias name: #{new_resource.cert_alias}/].nil? 115 | does_not_exist = cmd.stdout[/Alias <#{new_resource.cert_alias}> does not exist/].nil? 116 | Chef::Application.fatal!("Error querying keystore for existing certificate: #{cmd.exitstatus}", cmd.exitstatus) unless (cmd.exitstatus == 0) || does_not_exist 117 | 118 | if has_key 119 | converge_by("remove certificate #{new_resource.cert_alias} from #{new_resource.keystore_path}") do 120 | cmd = Mixlib::ShellOut.new("#{new_resource.java_home}/bin/keytool -delete -alias \"#{new_resource.cert_alias}\" #{keystore_argument} -storepass #{new_resource.keystore_passwd}") 121 | cmd.run_command 122 | unless cmd.exitstatus == 0 123 | Chef::Application.fatal!("Error deleting existing certificate \"#{new_resource.cert_alias}\" in " \ 124 | "keystore so it can be updated: #{cmd.exitstatus}", cmd.exitstatus) 125 | end 126 | end 127 | end 128 | 129 | FileUtils.rm_f("#{new_resource.file_cache_path}/#{new_resource.cert_alias}.cert.*") 130 | end 131 | 132 | action_class do 133 | def fetch_certdata 134 | return IO.read(new_resource.cert_file) unless new_resource.cert_file.nil? 135 | 136 | certendpoint = new_resource.ssl_endpoint 137 | starttls = new_resource.starttls.nil? ? '' : "-starttls #{new_resource.starttls}" 138 | unless certendpoint.nil? 139 | cmd = Mixlib::ShellOut.new("echo QUIT | openssl s_client -showcerts -servername #{certendpoint.split(':').first} -connect #{certendpoint} #{starttls} 2> /dev/null | openssl x509") 140 | cmd.run_command 141 | Chef::Log.debug(cmd.format_for_exception) 142 | 143 | Chef::Application.fatal!("Error returned when attempting to retrieve certificate from remote endpoint #{certendpoint}: #{cmd.exitstatus}", cmd.exitstatus) unless cmd.exitstatus == 0 144 | 145 | certout = cmd.stdout 146 | return certout unless certout.empty? 147 | Chef::Application.fatal!("Unable to parse certificate from openssl query of #{certendpoint}.", 999) 148 | end 149 | 150 | Chef::Application.fatal!('At least one of cert_data, cert_file or ssl_endpoint attributes must be provided.', 999) 151 | end 152 | end 153 | -------------------------------------------------------------------------------- /resources/corretto_install.rb: -------------------------------------------------------------------------------- 1 | provides :corretto_install 2 | unified_mode true 3 | include Java::Cookbook::CorrettoHelpers 4 | 5 | property :full_version, String, 6 | description: 'Used to configure the package directory, change this is the version installed by the package is no longer correct' 7 | 8 | property :url, String, 9 | default: lazy { default_corretto_url(version) }, 10 | description: 'The URL to download from' 11 | 12 | property :checksum, String, 13 | regex: /^[0-9a-f]{32}$|^[a-zA-Z0-9]{40,64}$/, 14 | description: 'The checksum for the downloaded file' 15 | 16 | property :java_home, String, 17 | default: lazy { "/usr/lib/jvm/java-#{version}-corretto/#{corretto_sub_dir(version, full_version)}" }, 18 | description: 'Set to override the java_home' 19 | 20 | property :bin_cmds, Array, 21 | default: lazy { default_corretto_bin_cmds(version) }, 22 | description: 'A list of bin_cmds based on the version and variant' 23 | 24 | use 'partial/_common' 25 | use 'partial/_linux' 26 | use 'partial/_java_home' 27 | 28 | action :install do 29 | extract_dir = new_resource.java_home.split('/')[0..-2].join('/') 30 | parent_dir = new_resource.java_home.split('/')[0..-3].join('/') 31 | tarball_name = new_resource.url.split('/').last 32 | 33 | directory parent_dir do 34 | owner new_resource.java_home_owner 35 | group new_resource.java_home_group 36 | mode new_resource.java_home_mode 37 | recursive true 38 | end 39 | 40 | remote_file "#{Chef::Config[:file_cache_path]}/#{tarball_name}" do 41 | source new_resource.url 42 | checksum new_resource.checksum if new_resource.checksum 43 | retries new_resource.retries 44 | retry_delay new_resource.retry_delay 45 | mode '644' 46 | end 47 | 48 | archive_file "#{Chef::Config[:file_cache_path]}/#{tarball_name}" do 49 | destination extract_dir 50 | end 51 | 52 | node.default['java']['java_home'] = new_resource.java_home 53 | 54 | # Set up .jinfo file for update-java-alternatives 55 | template "/usr/lib/jvm/.java-#{new_resource.version}-corretto.jinfo" do 56 | cookbook 'java' 57 | source 'jinfo.erb' 58 | owner new_resource.java_home_owner 59 | group new_resource.java_home_group 60 | variables( 61 | priority: new_resource.alternatives_priority, 62 | bin_cmds: new_resource.bin_cmds, 63 | name: extract_dir.split('/').last, 64 | app_dir: new_resource.java_home 65 | ) 66 | only_if { platform_family?('debian') } 67 | end 68 | 69 | java_alternatives 'set-java-alternatives' do 70 | java_location new_resource.java_home 71 | bin_cmds new_resource.bin_cmds 72 | priority new_resource.alternatives_priority 73 | default new_resource.default 74 | reset_alternatives new_resource.reset_alternatives 75 | action :set 76 | end 77 | end 78 | 79 | action :remove do 80 | extract_dir = new_resource.java_home.split('/')[0..-2].join('/') 81 | 82 | java_alternatives 'unset-java-alternatives' do 83 | java_location new_resource.java_home 84 | bin_cmds new_resource.bin_cmds 85 | only_if { ::File.exist?(extract_dir) } 86 | action :unset 87 | end 88 | 89 | directory "Removing #{extract_dir}" do 90 | path extract_dir 91 | recursive true 92 | only_if { ::File.exist?(extract_dir) } 93 | action :delete 94 | end 95 | end 96 | -------------------------------------------------------------------------------- /resources/jce.rb: -------------------------------------------------------------------------------- 1 | unified_mode true 2 | 3 | property :jdk_version, 4 | String, 5 | default: lazy { node['java']['jdk_version'].to_s }, description: 'The Java version to install into' 6 | 7 | property :jce_url, 8 | String, 9 | default: lazy { node['java']['oracle']['jce'][jdk_version]['url'] }, description: 'The URL for the JCE distribution' 10 | 11 | property :jce_checksum, 12 | String, 13 | default: lazy { node['java']['oracle']['jce'][jdk_version]['checksum'] }, description: 'The checksum of the JCE distribution' 14 | 15 | property :java_home, 16 | String, 17 | default: lazy { node['java']['java_home'] }, description: 'The location of the Java installation' 18 | 19 | property :jce_home, 20 | String, 21 | default: lazy { node['java']['oracle']['jce']['home'] }, description: 'The location where JCE files will be decompressed for installation' 22 | 23 | property :jce_cookie, 24 | String, 25 | default: lazy { node['java']['oracle']['accept_oracle_download_terms'] ? 'oraclelicense=accept-securebackup-cookie' : '' }, description: 'Indicates that you accept Oracles EULA' 26 | 27 | property :principal, 28 | String, 29 | default: lazy { platform_family?('windows') ? node['java']['windows']['owner'] : 'administrator' }, description: 'For Windows installations only, this determines the owner of the JCE files' 30 | 31 | action :install do 32 | jdk_version = new_resource.jdk_version 33 | jce_url = new_resource.jce_url 34 | jce_checksum = new_resource.jce_checksum 35 | java_home = new_resource.java_home 36 | jce_home = new_resource.jce_home 37 | jce_cookie = new_resource.jce_cookie 38 | principal = new_resource.principal 39 | 40 | directory ::File.join(jce_home, jdk_version) do 41 | mode '0755' 42 | recursive true 43 | end 44 | 45 | r = remote_file "#{node['java']['download_path']}/jce.zip" do 46 | source jce_url 47 | checksum jce_checksum 48 | headers( 49 | 'Cookie' => jce_cookie 50 | ) 51 | not_if { ::File.exist?(::File.join(jce_home, jdk_version, 'US_export_policy.jar')) } 52 | end 53 | 54 | # JRE installation does not have a jre folder 55 | jre_path = node['java']['install_type'] == 'jdk' ? 'jre' : '' 56 | 57 | if platform_family?('windows') 58 | 59 | staging_path = ::File.join(jce_home, jdk_version) 60 | staging_local_policy = ::File.join(staging_path, "UnlimitedJCEPolicyJDK#{jdk_version}", 'local_policy.jar') 61 | staging_export_policy = ::File.join(staging_path, "UnlimitedJCEPolicyJDK#{jdk_version}", 'US_export_policy.jar') 62 | jre_final_path = ::File.join(java_home, jre_path, 'lib', 'security') 63 | final_local_policy = ::File.join(jre_final_path, 'local_policy.jar') 64 | final_export_policy = ::File.join(jre_final_path, 'US_export_policy.jar') 65 | 66 | archive_file staging_path do 67 | path r.path 68 | destination staging_path 69 | action :extract 70 | not_if { ::File.exist? staging_local_policy } 71 | end 72 | 73 | remote_file final_local_policy do 74 | rights :full_control, principal 75 | source "file://#{staging_local_policy}" 76 | end 77 | 78 | remote_file final_export_policy do 79 | rights :full_control, principal 80 | source "file://#{staging_export_policy}" 81 | end 82 | 83 | else 84 | package 'unzip' 85 | package 'curl' 86 | 87 | execute 'extract jce' do 88 | command <<-EOF 89 | rm -rf java_jce 90 | mkdir java_jce 91 | cd java_jce 92 | unzip -o ../jce.zip 93 | find ./ -name '*.jar' | xargs -I JCE_JAR mv JCE_JAR #{jce_home}/#{jdk_version}/ 94 | chmod -R 0644 #{jce_home}/#{jdk_version}/*.jar 95 | EOF 96 | cwd node['java']['download_path'] 97 | creates ::File.join(jce_home, jdk_version, 'US_export_policy.jar') 98 | end 99 | 100 | %w(local_policy.jar US_export_policy.jar).each do |jar| 101 | jar_path = ::File.join(java_home, jre_path, 'lib', 'security', jar) 102 | # remove the jars already in the directory 103 | file jar_path do 104 | action :delete 105 | not_if { ::File.symlink? jar_path } 106 | end 107 | link jar_path do 108 | to ::File.join(jce_home, jdk_version, jar) 109 | end 110 | end 111 | end 112 | end 113 | -------------------------------------------------------------------------------- /resources/openjdk_install.rb: -------------------------------------------------------------------------------- 1 | provides :openjdk_install 2 | unified_mode true 3 | include Java::Cookbook::OpenJdkHelpers 4 | 5 | property :install_type, 6 | String, 7 | default: lazy { default_openjdk_install_method(version) }, 8 | equal_to: %w( package source ), 9 | description: 'Installation type' 10 | 11 | property :pkg_names, 12 | [String, Array], 13 | description: 'List of packages to install' 14 | 15 | property :pkg_version, 16 | String, 17 | description: 'Package version to install' 18 | 19 | property :java_home, 20 | String, 21 | description: 'Set to override the java_home' 22 | 23 | property :bin_cmds, 24 | Array, 25 | description: 'A list of bin_cmds based on the version and variant' 26 | 27 | property :url, 28 | String, 29 | description: 'The URL to download from' 30 | 31 | property :checksum, 32 | String, 33 | description: 'The checksum for the downloaded file' 34 | 35 | use 'partial/_common' 36 | use 'partial/_linux' 37 | use 'partial/_java_home' 38 | 39 | action :install do 40 | if new_resource.install_type == 'package' 41 | openjdk_pkg_install new_resource.version do 42 | pkg_names new_resource.pkg_names 43 | pkg_version new_resource.pkg_version 44 | java_home new_resource.java_home 45 | default new_resource.default 46 | bin_cmds new_resource.bin_cmds 47 | alternatives_priority new_resource.alternatives_priority 48 | reset_alternatives new_resource.reset_alternatives 49 | end 50 | elsif new_resource.install_type == 'source' 51 | openjdk_source_install new_resource.version do 52 | url new_resource.url 53 | checksum new_resource.checksum 54 | java_home new_resource.java_home 55 | java_home_mode new_resource.java_home_mode 56 | java_home_group new_resource.java_home_group 57 | default new_resource.default 58 | bin_cmds new_resource.bin_cmds 59 | alternatives_priority new_resource.alternatives_priority 60 | reset_alternatives new_resource.reset_alternatives 61 | end 62 | else 63 | ChefLog.fatal('Invalid install method specified') 64 | end 65 | end 66 | 67 | action :remove do 68 | if new_resource.install_type == 'package' 69 | openjdk_pkg_install new_resource.version do 70 | pkg_names new_resource.pkg_names 71 | pkg_version new_resource.pkg_version 72 | java_home new_resource.java_home 73 | default new_resource.default 74 | bin_cmds new_resource.bin_cmds 75 | alternatives_priority new_resource.alternatives_priority 76 | reset_alternatives new_resource.reset_alternatives 77 | action :remove 78 | end 79 | elsif new_resource.install_type == 'source' 80 | openjdk_source_install new_resource.version do 81 | url new_resource.url 82 | checksum new_resource.checksum 83 | java_home new_resource.java_home 84 | java_home_mode new_resource.java_home_mode 85 | java_home_group new_resource.java_home_group 86 | default new_resource.default 87 | bin_cmds new_resource.bin_cmds 88 | alternatives_priority new_resource.alternatives_priority 89 | reset_alternatives new_resource.reset_alternatives 90 | action :remove 91 | end 92 | else 93 | ChefLog.fatal('Invalid install method specified') 94 | end 95 | end 96 | -------------------------------------------------------------------------------- /resources/openjdk_pkg_install.rb: -------------------------------------------------------------------------------- 1 | provides :openjdk_pkg_install 2 | unified_mode true 3 | include Java::Cookbook::OpenJdkHelpers 4 | 5 | property :pkg_names, [String, Array], 6 | default: lazy { default_openjdk_pkg_names(version) }, 7 | description: 'List of packages to install' 8 | 9 | property :pkg_version, String, 10 | description: 'Package version to install' 11 | 12 | property :java_home, String, 13 | default: lazy { default_openjdk_pkg_java_home(version) }, 14 | description: 'Set to override the java_home' 15 | 16 | property :bin_cmds, Array, 17 | default: lazy { default_openjdk_bin_cmds(version) }, 18 | description: 'A list of bin_cmds based on the version and variant' 19 | 20 | property :alternatives_priority, Integer, 21 | default: 1062, 22 | description: 'Alternatives priority to set for this Java' 23 | 24 | use 'partial/_common' 25 | use 'partial/_linux' 26 | 27 | action :install do 28 | if platform?('ubuntu') 29 | apt_repository 'openjdk-r-ppa' do 30 | uri 'ppa:openjdk-r' 31 | end 32 | end 33 | 34 | pkg_version = 35 | if new_resource.pkg_version && new_resource.pkg_names.is_a?(String) 36 | version new_resource.pkg_version 37 | elsif new_resource.pkg_version && new_resource.pkg_names.is_a?(Array) 38 | Array.new(new_resource.pkg_names.size, new_resource.pkg_version) 39 | end 40 | 41 | package new_resource.pkg_names do 42 | version pkg_version if pkg_version 43 | end 44 | 45 | node.default['java']['java_home'] = new_resource.java_home 46 | 47 | java_alternatives 'set-java-alternatives' do 48 | java_location new_resource.java_home 49 | bin_cmds new_resource.bin_cmds 50 | priority new_resource.alternatives_priority 51 | default new_resource.default 52 | reset_alternatives new_resource.reset_alternatives 53 | action :set 54 | end 55 | end 56 | 57 | action :remove do 58 | java_alternatives 'unset-java-alternatives' do 59 | java_location new_resource.java_home 60 | bin_cmds new_resource.bin_cmds 61 | only_if { ::File.exist?(new_resource.java_home) } 62 | action :unset 63 | end 64 | 65 | package new_resource.pkg_names do 66 | action :remove 67 | end 68 | 69 | if platform?('ubuntu') 70 | apt_repository 'openjdk-r-ppa' do 71 | uri 'ppa:openjdk-r' 72 | action :remove 73 | end 74 | end 75 | end 76 | -------------------------------------------------------------------------------- /resources/openjdk_source_install.rb: -------------------------------------------------------------------------------- 1 | provides :openjdk_source_install 2 | unified_mode true 3 | include Java::Cookbook::OpenJdkHelpers 4 | 5 | property :version, String, 6 | name_property: true, 7 | description: 'Java version to install' 8 | 9 | property :variant, String, 10 | equal_to: %w(openjdk semeru temurin), 11 | default: 'openjdk', 12 | description: 'Install flavour' 13 | 14 | property :url, String, 15 | default: lazy { default_openjdk_url(version, variant) }, 16 | description: 'The URL to download from' 17 | 18 | property :checksum, String, 19 | regex: /^[0-9a-f]{32}$|^[a-zA-Z0-9]{40,64}$/, 20 | default: lazy { default_openjdk_checksum(version) }, 21 | description: 'The checksum for the downloaded file' 22 | 23 | property :java_home, String, 24 | default: lazy { "/usr/lib/jvm/java-#{version}-openjdk/jdk-#{version}" }, 25 | description: 'Set to override the java_home' 26 | 27 | property :bin_cmds, Array, 28 | default: lazy { default_openjdk_bin_cmds(version) }, 29 | description: 'A list of bin_cmds based on the version and variant' 30 | 31 | use 'partial/_common' 32 | use 'partial/_linux' 33 | use 'partial/_java_home' 34 | 35 | action :install do 36 | extract_dir = new_resource.java_home.split('/')[0..-2].join('/') 37 | parent_dir = new_resource.java_home.split('/')[0..-3].join('/') 38 | tarball_name = new_resource.url.split('/').last 39 | 40 | directory parent_dir do 41 | owner new_resource.java_home_owner 42 | group new_resource.java_home_group 43 | mode new_resource.java_home_mode 44 | recursive true 45 | end 46 | 47 | remote_file "#{Chef::Config[:file_cache_path]}/#{tarball_name}" do 48 | source new_resource.url 49 | checksum new_resource.checksum 50 | retries new_resource.retries 51 | retry_delay new_resource.retry_delay 52 | mode '644' 53 | end 54 | 55 | archive_file "#{Chef::Config[:file_cache_path]}/#{tarball_name}" do 56 | destination extract_dir 57 | end 58 | 59 | node.default['java']['java_home'] = new_resource.java_home 60 | 61 | java_alternatives 'set-java-alternatives' do 62 | java_location new_resource.java_home 63 | bin_cmds new_resource.bin_cmds 64 | priority new_resource.alternatives_priority 65 | default new_resource.default 66 | reset_alternatives new_resource.reset_alternatives 67 | action :set 68 | end 69 | 70 | append_if_no_line 'Java Home' do 71 | path '/etc/profile.d/java.sh' 72 | line "export JAVA_HOME=#{new_resource.java_home}" 73 | end 74 | end 75 | 76 | action :remove do 77 | extract_dir = new_resource.java_home.split('/')[0..-2].join('/') 78 | 79 | java_alternatives 'unset-java-alternatives' do 80 | java_location new_resource.java_home 81 | bin_cmds new_resource.bin_cmds 82 | only_if { ::File.exist?(extract_dir) } 83 | action :unset 84 | end 85 | 86 | directory "Removing #{extract_dir}" do 87 | path extract_dir 88 | recursive true 89 | only_if { ::File.exist?(extract_dir) } 90 | action :delete 91 | end 92 | end 93 | -------------------------------------------------------------------------------- /resources/partial/_common.rb: -------------------------------------------------------------------------------- 1 | property :version, String, 2 | name_property: true, 3 | description: 'Java version to install' 4 | -------------------------------------------------------------------------------- /resources/partial/_java_home.rb: -------------------------------------------------------------------------------- 1 | property :java_home_mode, String, 2 | default: '0755', 3 | description: 'The permission for the Java home directory' 4 | 5 | property :java_home_owner, String, 6 | default: 'root', 7 | description: 'Owner of the Java Home' 8 | 9 | property :java_home_group, String, 10 | default: lazy { node['root_group'] }, 11 | description: 'Group for the Java Home' 12 | -------------------------------------------------------------------------------- /resources/partial/_linux.rb: -------------------------------------------------------------------------------- 1 | property :alternatives_priority, Integer, 2 | default: 1, 3 | description: 'Alternatives priority to set for this Java' 4 | 5 | property :reset_alternatives, [true, false], 6 | default: true, 7 | description: 'Whether to reset alternatives before setting' 8 | 9 | property :default, [true, false], 10 | default: true, 11 | description: ' Whether to set this as the default Java' 12 | -------------------------------------------------------------------------------- /resources/partial/_macos.rb: -------------------------------------------------------------------------------- 1 | property :tap_url, 2 | String, 3 | description: 'The URL of the tap' 4 | 5 | property :cask_options, 6 | String, 7 | description: 'Options to pass to the brew command during installation' 8 | 9 | property :homebrew_path, 10 | String, 11 | description: 'The path to the homebrew binary' 12 | 13 | property :owner, 14 | [String, Integer], 15 | description: 'The owner of the Homebrew installation' 16 | -------------------------------------------------------------------------------- /spec/libraries/certificate_helpers_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | RSpec.describe Java::Cookbook::CertificateHelpers do 4 | class DummyClass < Chef::Node 5 | include Java::Cookbook::CertificateHelpers 6 | end 7 | 8 | subject { DummyClass.new } 9 | 10 | describe '#default_truststore_path' do 11 | context 'Java 8' do 12 | let(:version) { '8' } 13 | let(:java_home) { '/usr/lib/jvm/corretto-8' } 14 | 15 | it 'returns the correct path' do 16 | expect(subject.default_truststore_path(version, java_home)).to eq('/usr/lib/jvm/corretto-8/jre/lib/security/cacerts') 17 | end 18 | end 19 | 20 | context 'Java 9' do 21 | let(:version) { '9' } 22 | let(:java_home) { '/usr/lib/jvm/corretto-9' } 23 | 24 | it 'returns the correct path' do 25 | expect(subject.default_truststore_path(version, java_home)).to eq('/usr/lib/jvm/corretto-9/lib/security/cacerts') 26 | end 27 | end 28 | end 29 | 30 | describe '#keystore_argument' do 31 | context 'Java 8 and cacerts' do 32 | let(:version) { '8' } 33 | let(:cacerts) { true } 34 | let(:truststore_path) { '/usr/lib/jvm/corretto-8/jre/lib/security/cacerts' } 35 | 36 | it 'returns the correct argument' do 37 | expect(subject.keystore_argument(version, cacerts, truststore_path)).to eq('-keystore /usr/lib/jvm/corretto-8/jre/lib/security/cacerts') 38 | end 39 | end 40 | 41 | context 'Java 9 and cacerts' do 42 | let(:version) { '9' } 43 | let(:cacerts) { true } 44 | let(:truststore_path) { '/usr/lib/jvm/corretto-9/jre/lib/security/cacerts' } 45 | 46 | it 'returns the correct argument' do 47 | expect(subject.keystore_argument(version, cacerts, truststore_path)).to eq('-cacerts') 48 | end 49 | end 50 | 51 | context 'Java 9 and no cacerts' do 52 | let(:version) { '9' } 53 | let(:cacerts) { false } 54 | let(:truststore_path) { '/mycertstore.jks' } 55 | 56 | it 'returns the correct argument' do 57 | expect(subject.keystore_argument(version, cacerts, truststore_path)).to eq('-keystore /mycertstore.jks') 58 | end 59 | end 60 | end 61 | end 62 | -------------------------------------------------------------------------------- /spec/libraries/corretto_helpers_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | RSpec.describe Java::Cookbook::CorrettoHelpers do 4 | class DummyClass < Chef::Node 5 | include Java::Cookbook::CorrettoHelpers 6 | end 7 | 8 | subject { DummyClass.new } 9 | 10 | describe '#default_corretto_url' do 11 | before do 12 | allow(subject).to receive(:[]).with('version').and_return(version) 13 | allow(subject).to receive(:[]).with('kernel').and_return('machine' => machine) 14 | end 15 | 16 | context 'Corretto 8 x64' do 17 | let(:version) { '8' } 18 | let(:machine) { 'x86_64' } 19 | 20 | it 'returns the correct URL' do 21 | expect(subject.default_corretto_url(version)).to match /corretto-8.+\.tar.gz/ 22 | end 23 | end 24 | 25 | context 'Corretto 11 x64' do 26 | let(:version) { '11' } 27 | let(:machine) { 'x86_64' } 28 | 29 | it 'returns the correct URL' do 30 | expect(subject.default_corretto_url(version)).to match /corretto-11.+\.tar.gz/ 31 | end 32 | end 33 | 34 | context 'Corretto 17 x64' do 35 | let(:version) { '17' } 36 | let(:machine) { 'x86_64' } 37 | 38 | it 'returns the correct URL' do 39 | expect(subject.default_corretto_url(version)).to match /corretto-17.+\.tar.gz/ 40 | end 41 | end 42 | 43 | context 'Corretto 18 x64' do 44 | let(:version) { '18' } 45 | let(:machine) { 'x86_64' } 46 | 47 | it 'returns the correct URL' do 48 | expect(subject.default_corretto_url(version)).to match /corretto-18.+\.tar.gz/ 49 | end 50 | end 51 | 52 | context 'Corretto 8 aarch64' do 53 | let(:version) { '8' } 54 | let(:machine) { 'aarch64' } 55 | 56 | it 'returns the correct URL' do 57 | expect(subject.default_corretto_url(version)).to match /corretto-8.+\.tar.gz/ 58 | end 59 | end 60 | 61 | context 'Corretto 11 aarch64' do 62 | let(:version) { '11' } 63 | let(:machine) { 'aarch64' } 64 | 65 | it 'returns the correct URL' do 66 | expect(subject.default_corretto_url(version)).to match /corretto-11.+\.tar.gz/ 67 | end 68 | end 69 | 70 | context 'Corretto 17 aarch64' do 71 | let(:version) { '17' } 72 | let(:machine) { 'aarch64' } 73 | 74 | it 'returns the correct URL' do 75 | expect(subject.default_corretto_url(version)).to match /corretto-17.+\.tar.gz/ 76 | end 77 | end 78 | 79 | context 'Corretto 18 aarch64' do 80 | let(:version) { '18' } 81 | let(:machine) { 'aarch64' } 82 | 83 | it 'returns the correct URL' do 84 | expect(subject.default_corretto_url(version)).to match /corretto-18.+\.tar.gz/ 85 | end 86 | end 87 | end 88 | 89 | describe '#default_bin_cmds' do 90 | before do 91 | allow(subject).to receive(:[]).with('version').and_return(version) 92 | end 93 | 94 | context 'Corretto 8' do 95 | let(:version) { '8' } 96 | 97 | it 'returns the correct bin command array' do 98 | expect(subject.default_corretto_bin_cmds(version)).to include 'appletviewer' 99 | expect(subject.default_corretto_bin_cmds(version)).to_not include 'jaotc' 100 | end 101 | end 102 | 103 | context 'Corretto 11' do 104 | let(:version) { '11' } 105 | 106 | it 'returns the correct bin command array' do 107 | expect(subject.default_corretto_bin_cmds(version)).to_not include 'appletviewer' 108 | expect(subject.default_corretto_bin_cmds(version)).to include 'jaotc' 109 | end 110 | end 111 | 112 | context 'Corretto 17' do 113 | let(:version) { '17' } 114 | 115 | it 'returns the correct bin command array' do 116 | expect(subject.default_corretto_bin_cmds(version)).to_not include 'jjs' 117 | expect(subject.default_corretto_bin_cmds(version)).to include 'jaotc' 118 | end 119 | end 120 | 121 | context 'Corretto 18' do 122 | let(:version) { '18' } 123 | 124 | it 'returns the correct bin command array' do 125 | expect(subject.default_corretto_bin_cmds(version)).to_not include 'jjs' 126 | expect(subject.default_corretto_bin_cmds(version)).to include 'jaotc' 127 | end 128 | end 129 | 130 | describe '#corretto_sub_dir' do 131 | before do 132 | allow(subject).to receive(:[]).with('version', 'full_version').and_return(version) 133 | allow(subject).to receive(:[]).with('kernel').and_return('machine' => machine) 134 | end 135 | 136 | context 'No full_version passed for Corretto 8 x64' do 137 | let(:version) { '8' } 138 | let(:machine) { 'x86_64' } 139 | 140 | it 'returns the default directory value for Corrretto 8 x64' do 141 | expect(subject.corretto_sub_dir(version)).to include '8.332.08.1' 142 | end 143 | end 144 | 145 | context 'No full_version passed for Corretto 8 aarch64' do 146 | let(:version) { '8' } 147 | let(:machine) { 'aarch64' } 148 | 149 | it 'returns the default directory value for Corrretto 8 aarch64' do 150 | expect(subject.corretto_sub_dir(version)).to include '8.332.08.1' 151 | end 152 | end 153 | 154 | context 'No full_version passed for Corretto 11 x64' do 155 | let(:version) { '11' } 156 | let(:machine) { 'x86_64' } 157 | 158 | it 'returns the default directory value for Corrretto 11 x64' do 159 | expect(subject.corretto_sub_dir(version)).to include '11.0.15.9.1' 160 | end 161 | end 162 | 163 | context 'No full_version passed for Corretto 11 aarch64' do 164 | let(:version) { '11' } 165 | let(:machine) { 'aarch64' } 166 | 167 | it 'returns the default directory value for Corrretto 11 aarch64' do 168 | expect(subject.corretto_sub_dir(version)).to include '11.0.15.9.1' 169 | end 170 | end 171 | 172 | context 'No full_version passed for Corretto 17 x64' do 173 | let(:version) { '17' } 174 | let(:machine) { 'x86_64' } 175 | 176 | it 'returns the default directory value for Corrretto 17 x64' do 177 | expect(subject.corretto_sub_dir(version)).to include '17.0.3.6.1' 178 | end 179 | end 180 | 181 | context 'No full_version passed for Corretto 17 aarch64' do 182 | let(:version) { '17' } 183 | let(:machine) { 'aarch64' } 184 | 185 | it 'returns the default directory value for Corrretto 17 aarch64' do 186 | expect(subject.corretto_sub_dir(version)).to include '17.0.3.6.1' 187 | end 188 | end 189 | 190 | context 'No full_version passed for Corretto 18 x64' do 191 | let(:version) { '18' } 192 | let(:machine) { 'x86_64' } 193 | 194 | it 'returns the default directory value for Corrretto 18 x64' do 195 | expect(subject.corretto_sub_dir(version)).to include '18.0.1.10.1' 196 | end 197 | end 198 | 199 | context 'No full_version passed for Corretto 18 aarch64' do 200 | let(:version) { '18' } 201 | let(:machine) { 'aarch64' } 202 | 203 | it 'returns the default directory value for Corrretto 18 aarch64' do 204 | expect(subject.corretto_sub_dir(version)).to include '18.0.1.10.1' 205 | end 206 | end 207 | 208 | context 'A full version passed for for Corretto 8 x64' do 209 | let(:version) { '8' } 210 | let(:full_version) { '8.123.45.6' } 211 | let(:machine) { 'x86_64' } 212 | 213 | it 'returns the default directory value for Corrretto 8 x64' do 214 | expect(subject.corretto_sub_dir(version, full_version)).to include '8.123.45.6' 215 | end 216 | end 217 | 218 | context 'A full version passed for for Corretto 8 aarch64' do 219 | let(:version) { '8' } 220 | let(:full_version) { '8.123.45.6' } 221 | let(:machine) { 'aarch64' } 222 | 223 | it 'returns the default directory value for Corrretto 8 aarch64' do 224 | expect(subject.corretto_sub_dir(version, full_version)).to include '8.123.45.6' 225 | end 226 | end 227 | end 228 | end 229 | end 230 | -------------------------------------------------------------------------------- /spec/libraries/openjdk_helpers_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | RSpec.describe Java::Cookbook::OpenJdkHelpers do 4 | class DummyClass < Chef::Node 5 | include Java::Cookbook::OpenJdkHelpers 6 | end 7 | 8 | subject { DummyClass.new } 9 | 10 | describe '#lts' do 11 | it 'returns the currently supported OpenJDK versions minus version 8' do 12 | expect(subject.lts).to include('11', '17') 13 | end 14 | end 15 | 16 | describe '#default_openjdk_url' do 17 | before do 18 | allow(subject).to receive(:[]).with(version).and_return(version) 19 | end 20 | 21 | context 'OpenJDK 17' do 22 | let(:version) { '17' } 23 | 24 | it 'returns the correct download URL' do 25 | expect(subject.default_openjdk_url(version)).to eq 'https://download.java.net/java/GA/jdk17/0d483333a00540d886896bac774ff48b/35/GPL/openjdk-17_linux-x64_bin.tar.gz' 26 | end 27 | end 28 | 29 | context 'Invalid OpenJDK version' do 30 | let(:version) { '18.2' } 31 | 32 | it 'should raise an error' do 33 | expect { subject.default_openjdk_url(version) } 34 | .to raise_error('Version supplied does not have a download URL set') 35 | end 36 | end 37 | end 38 | 39 | describe '#default_openjdk_install_method' do 40 | before do 41 | allow(subject).to receive(:[]).with(version).and_return(version) 42 | allow(subject).to receive(:[]).with('platform_family').and_return(platform_family) 43 | allow(subject).to receive(:[]).with('platform_version').and_return(platform_version) 44 | end 45 | 46 | context 'Amazon' do 47 | let(:platform_family) { 'amazon' } 48 | let(:platform_version) { '2' } 49 | let(:version) { '17' } 50 | it 'should default to a source install' do 51 | expect(subject.default_openjdk_install_method(version)).to eq 'source' 52 | end 53 | end 54 | 55 | context 'Debian' do 56 | let(:platform_family) { 'debian' } 57 | 58 | context '9' do 59 | let(:platform_version) { '9' } 60 | 61 | context 'OpenJDK 8' do 62 | let(:version) { '8' } 63 | 64 | it 'should default to a package install' do 65 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 66 | end 67 | end 68 | 69 | context 'OpenJDK 11' do 70 | let(:version) { '11' } 71 | 72 | it 'should default to a source install' do 73 | expect(subject.default_openjdk_install_method(version)).to eq 'source' 74 | end 75 | end 76 | 77 | context 'OpenJDK 17' do 78 | let(:version) { '17' } 79 | 80 | it 'should default to a source install' do 81 | expect(subject.default_openjdk_install_method(version)).to eq 'source' 82 | end 83 | end 84 | end 85 | 86 | context '10' do 87 | let(:platform_version) { '10' } 88 | 89 | context 'OpenJDK 17' do 90 | let(:version) { '17' } 91 | 92 | it 'should default to a source install' do 93 | expect(subject.default_openjdk_install_method(version)).to eq 'source' 94 | end 95 | end 96 | 97 | context 'OpenJDK 11' do 98 | let(:version) { '11' } 99 | 100 | it 'should default to a package install' do 101 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 102 | end 103 | end 104 | end 105 | 106 | context '11' do 107 | let(:platform_version) { '11' } 108 | 109 | context 'OpenJDK 17' do 110 | let(:version) { '17' } 111 | 112 | it 'should default to a package install' do 113 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 114 | end 115 | end 116 | 117 | context 'OpenJDK 11' do 118 | let(:version) { '11' } 119 | 120 | it 'should default to a package install' do 121 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 122 | end 123 | end 124 | end 125 | 126 | context 'Ubuntu 18.04' do 127 | let(:platform_version) { '18.04' } 128 | 129 | context 'OpenJDK 17' do 130 | let(:version) { '17' } 131 | 132 | it 'should default to a source install' do 133 | expect(subject.default_openjdk_install_method(version)).to eq 'source' 134 | end 135 | end 136 | 137 | context 'OpenJDK 11' do 138 | let(:version) { '11' } 139 | 140 | it 'should default to a package install' do 141 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 142 | end 143 | end 144 | end 145 | 146 | context 'Ubuntu 20.04' do 147 | let(:platform_version) { '20.04' } 148 | 149 | context 'OpenJDK 17' do 150 | let(:version) { '17' } 151 | 152 | it 'should default to a package install' do 153 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 154 | end 155 | end 156 | 157 | context 'OpenJDK 11' do 158 | let(:version) { '11' } 159 | 160 | it 'should default to a package install' do 161 | expect(subject.default_openjdk_install_method(version)).to eq 'package' 162 | end 163 | end 164 | end 165 | end 166 | 167 | # context 'Debian 11' do 168 | # let(:platform_family) { 'debian' } 169 | # let(:platform_version) { '10' } 170 | # let(:version) { '17' } 171 | # it 'should default to a package install' do 172 | # expect(subject.default_openjdk_install_method(version)).to eq 'package' 173 | # end 174 | # end 175 | end 176 | end 177 | -------------------------------------------------------------------------------- /spec/libraries/semeru_helpers_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | RSpec.describe Java::Cookbook::OpenJdkHelpers do 4 | class DummyClass < Chef::Node 5 | include Java::Cookbook::OpenJdkHelpers 6 | end 7 | 8 | subject { DummyClass.new } 9 | 10 | describe '#sub_dir' do 11 | before do 12 | allow(subject).to receive(:[]).with('url').and_return(url) 13 | end 14 | 15 | context 'OpenJDK Semeru 8' do 16 | let(:url) { 'https://github.com/ibmruntimes/semeru8-binaries/releases/download/jdk8u322-b06_openj9-0.30.0/ibm-semeru-open-jdk_x64_linux_8u322b06_openj9-0.30.0.tar.gz' } 17 | 18 | it 'returns the correct folder name' do 19 | expect(subject.sub_dir(url)).to eq 'jdk8u322-b06' 20 | end 21 | end 22 | 23 | context 'Malformed URL' do 24 | let(:url) { 'a\bad/path/\to\/some.tar.gz' } 25 | 26 | it 'throws an error' do 27 | expect { subject.sub_dir(url) }.to raise_error(URI::InvalidURIError) 28 | end 29 | end 30 | end 31 | 32 | describe '#defaul_openjdk_url' do 33 | before do 34 | allow(subject).to receive(:[]).with('version').and_return(version) 35 | end 36 | 37 | context 'Semeru 8' do 38 | let(:version) { '8' } 39 | let(:variant) { 'semeru' } 40 | 41 | it 'returns the correct URL' do 42 | expect(subject.default_openjdk_url(version, variant)).to eq 'https://github.com/ibmruntimes/semeru8-binaries/releases/download/jdk8u322-b06_openj9-0.30.0/ibm-semeru-open-jdk_x64_linux_8u322b06_openj9-0.30.0.tar.gz' 43 | end 44 | end 45 | 46 | context 'Semeru 11' do 47 | let(:version) { '11' } 48 | let(:variant) { 'semeru' } 49 | 50 | it 'returns the correct URL' do 51 | expect(subject.default_openjdk_url(version, variant)).to eq 'https://github.com/ibmruntimes/semeru11-binaries/releases/download/jdk-11.0.14.1%2B1_openj9-0.30.1/ibm-semeru-open-jdk_x64_linux_11.0.14.1_1_openj9-0.30.1.tar.gz' 52 | end 53 | end 54 | 55 | context 'Semeru 16' do 56 | let(:version) { '16' } 57 | let(:variant) { 'semeru' } 58 | 59 | it 'returns the correct URL' do 60 | expect(subject.default_openjdk_url(version, variant)).to eq 'https://github.com/ibmruntimes/semeru16-binaries/releases/download/jdk-16.0.2%2B7_openj9-0.27.1/ibm-semeru-open-jdk_ppc64le_linux_16.0.2_7_openj9-0.27.1.tar.gz' 61 | end 62 | end 63 | 64 | context 'Semeru 17' do 65 | let(:version) { '17' } 66 | let(:variant) { 'semeru' } 67 | 68 | it 'returns the correct URL' do 69 | expect(subject.default_openjdk_url(version, variant)).to eq 'https://github.com/ibmruntimes/semeru17-binaries/releases/download/jdk-17.0.2%2B8_openj9-0.30.0/ibm-semeru-open-jdk_x64_linux_17.0.2_8_openj9-0.30.0.tar.gz' 70 | end 71 | end 72 | end 73 | end 74 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'chefspec' 2 | require 'chefspec/berkshelf' 3 | 4 | require_relative '../libraries/certificate_helpers' 5 | require_relative '../libraries/corretto_helpers' 6 | require_relative '../libraries/openjdk_helpers' 7 | 8 | RSpec.configure do |config| 9 | config.file_cache_path = File.join(Dir.tmpdir, 'chefspec') if config.respond_to?(:file_cache_path) 10 | config.color = true 11 | config.tty = true 12 | config.formatter = :documentation 13 | config.filter_run focus: true 14 | config.run_all_when_everything_filtered = true 15 | config.platform = 'ubuntu' 16 | config.version = '18.04' 17 | config.expect_with :rspec do |c| 18 | c.syntax = :expect 19 | end 20 | end 21 | -------------------------------------------------------------------------------- /templates/jdk.sh.erb: -------------------------------------------------------------------------------- 1 | export JAVA_HOME=<%= node['java']['java_home']%> 2 | -------------------------------------------------------------------------------- /templates/jinfo.erb: -------------------------------------------------------------------------------- 1 | name=<%= @name %> 2 | priority=<%= @priority %> 3 | section=main 4 | 5 | <% @bin_cmds.each do |cmd| -%>jdk <%= cmd %> <%= @app_dir %>/bin/<%= cmd %> 6 | <% end -%> 7 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/files/UnlimitedSupportJCETest.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sous-chefs/java/f2e340ace9ef2139b9d5095b9c2ee26d3dbea867/test/fixtures/cookbooks/test/files/UnlimitedSupportJCETest.jar -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/files/UnlimitedSupportJCETest.java: -------------------------------------------------------------------------------- 1 | # Copyright [2014] [Kyle McGovern] 2 | 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | import java.security.NoSuchAlgorithmException; 16 | import javax.crypto.Cipher; 17 | 18 | public class UnlimitedSupportJCETest 19 | { 20 | public static void main(final String[] args) 21 | { 22 | int strength = 0; 23 | try { 24 | strength = Cipher.getMaxAllowedKeyLength("AES"); 25 | } catch (NoSuchAlgorithmException e) { 26 | System.out.println("isUnlimitedSupported=FALSE"); 27 | return; 28 | } 29 | if ( strength > 128 ){ 30 | System.out.printf("isUnlimitedSupported=TRUE, strength: %d%n", strength); 31 | } else { 32 | System.out.printf("isUnlimitedSupported=FALSE, strength: %d%n", strength); 33 | } 34 | } 35 | } -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/files/java_certificate_test.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICjzCCAfigAwIBAgIJAOXrhcX4ZaGtMA0GCSqGSIb3DQEBBQUAMDoxCzAJBgNV 3 | BAYTAlVTMQ0wCwYDVQQIEwRUZXN0MQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQDEwR0 4 | ZXN0MB4XDTE2MTAxMzAxMTkzOVoXDTM2MTAwODAxMTkzOVowOjELMAkGA1UEBhMC 5 | VVMxDTALBgNVBAgTBFRlc3QxDTALBgNVBAoTBFRlc3QxDTALBgNVBAMTBHRlc3Qw 6 | gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALu8/ylmItn9wUOB4qvlONEiFQpJ 7 | DCK5bt/OkjT02Knm+aAEZS1EDTVEiZWkumM884fd2+WgaMREk02Gy6u5CraOTtEz 8 | VjLeHdr7V9CBZpR6l5gmUY5Ujk1coHZImiqRs3STLVlWHJGjzLXMkRx10CIU8SHC 9 | zgTr57kNG/FT+e25AgMBAAGjgZwwgZkwHQYDVR0OBBYEFP3Ox0pHbZ0u6z746Hp0 10 | Yk1EBTacMGoGA1UdIwRjMGGAFP3Ox0pHbZ0u6z746Hp0Yk1EBTacoT6kPDA6MQsw 11 | CQYDVQQGEwJVUzENMAsGA1UECBMEVGVzdDENMAsGA1UEChMEVGVzdDENMAsGA1UE 12 | AxMEdGVzdIIJAOXrhcX4ZaGtMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD 13 | gYEAG4idDXusAZ9OrzqdWdFQ+rhQYRovZnfSgPSdF7hugWL5i/qGGlsFjZld2Kyj 14 | X0msGzk61iW7C6kv6OfPGaGNzdNtsH8jUvIYP1IrKpf1NKTKetIWiP08ZI1XNF4H 15 | bXmOxdtxzlHW4qukka+HkK0RBrwX35C8HYqePmInI51JnqY= 16 | -----END CERTIFICATE----- 17 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/metadata.rb: -------------------------------------------------------------------------------- 1 | name 'test' 2 | maintainer 'test cookbook' 3 | license 'Apache-2.0' 4 | description 'A test cookbook for the java cookbook' 5 | version '0.1.0' 6 | depends 'java' 7 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/recipes/base.rb: -------------------------------------------------------------------------------- 1 | apt_update if platform_family?('debian') 2 | 3 | cookbook_file '/tmp/UnlimitedSupportJCETest.jar' do 4 | source 'UnlimitedSupportJCETest.jar' 5 | end 6 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/recipes/corretto.rb: -------------------------------------------------------------------------------- 1 | corretto_install node['version'] 2 | 3 | include_recipe 'test::java_cert' 4 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/recipes/java_cert.rb: -------------------------------------------------------------------------------- 1 | version = node['version'].to_s 2 | 3 | cookbook_file '/tmp/java_certificate_test.pem' do 4 | source 'java_certificate_test.pem' 5 | end 6 | 7 | java_certificate 'java_certificate_test' do 8 | cert_file '/tmp/java_certificate_test.pem' 9 | java_version version 10 | end 11 | 12 | java_certificate 'java_certificate_ssl_endpoint' do 13 | ssl_endpoint 'google.com:443' 14 | java_version version 15 | end 16 | 17 | java_certificate 'java_certificate_ssl_endpoint' do 18 | java_version version 19 | action :remove 20 | end 21 | 22 | java_certificate 'java_certificate_ssl_endpoint_starttls_smtp' do 23 | ssl_endpoint 'smtp.gmail.com:587' 24 | starttls 'smtp' 25 | java_version version 26 | end 27 | 28 | java_certificate 'java_certificate_ssl_endpoint_starttls_smtp' do 29 | java_version version 30 | action :remove 31 | end 32 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/recipes/openjdk.rb: -------------------------------------------------------------------------------- 1 | openjdk_install node['version'] do 2 | variant node['variant'] if node['variant'] 3 | end 4 | 5 | # openjdk || semeru || temurin 6 | # openjdk OpenJ9 || hotspot 7 | 8 | include_recipe 'test::java_cert' 9 | -------------------------------------------------------------------------------- /test/fixtures/cookbooks/test/recipes/openjdk_pkg.rb: -------------------------------------------------------------------------------- 1 | openjdk_install node['version'] do 2 | install_type 'package' 3 | end 4 | 5 | include_recipe 'test::java_cert' 6 | -------------------------------------------------------------------------------- /test/integration/corretto/controls/verify_openjdk.rb: -------------------------------------------------------------------------------- 1 | java_version = input('java_version', description: 'Which version of java should be installed') 2 | 3 | control 'Java is installed & linked correctly' do 4 | impact 1.0 5 | title 'Installed' 6 | desc 'Java is installed & linked correctly' 7 | describe command('java -version 2>&1') do 8 | its('stdout') { should match java_version.to_s } 9 | end 10 | 11 | describe command('update-alternatives --display jar') do 12 | its('stdout') { should match %r{\/usr\/lib\/jvm\/java} } 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /test/integration/corretto/inspec.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: corretto 3 | title: Corretto tests 4 | license: Public domain 5 | copyright: None 6 | summary: Verify installation of Amazon Corretto 7 | version: 0.0.1 8 | -------------------------------------------------------------------------------- /test/integration/custom-package/controls/verify_home.rb: -------------------------------------------------------------------------------- 1 | variant = input('variant', description: 'Variant being used: openj9, openj9-large-heap, or hotspot') 2 | java_version = input('java_version', description: 'Which version of java should be installed') 3 | parent_install_dir = input('parent_install_dir', 4 | value: "java-#{java_version.to_i > 8 ? java_version.to_i : java_version.split('.')[1]}-adoptopenjdk-#{variant}", 5 | description: 'The parent of the Java home') 6 | java_home_dir = input('java_home_dir', description: 'Name of the JAVA_HOME directory') 7 | 8 | control 'check-java-version' do 9 | impact 1.0 10 | title 'Verify java version' 11 | desc 'Verify the correct version of java is installed' 12 | 13 | describe command('java -version 2>&1') do 14 | its('stdout') { should match /AdoptOpenJDK/ } unless java_version.to_i == 1 15 | its('stdout') { should match Regexp.new(java_version.to_s) } 16 | end 17 | end 18 | 19 | control 'check-java-home' do 20 | impact 1.0 21 | title 'Check JAVA_HOME is set' 22 | desc 'Check that custom URL install sets JAVA_HOME properly' 23 | 24 | describe directory("/usr/lib/jvm/#{parent_install_dir}/#{java_home_dir}") do 25 | it { should exist } 26 | end 27 | 28 | describe file('/etc/profile.d/java.sh') do 29 | its('content') { should eq "export JAVA_HOME=/usr/lib/jvm/#{parent_install_dir}/#{java_home_dir}\n" } 30 | end 31 | end 32 | -------------------------------------------------------------------------------- /test/integration/custom-package/inputs/hotspot-11.yml: -------------------------------------------------------------------------------- 1 | --- 2 | variant: hotspot 3 | java_version: 11.0.6 4 | java_home_dir: jdk-11.0.6+10 5 | -------------------------------------------------------------------------------- /test/integration/custom-package/inputs/hotspot-8.yml: -------------------------------------------------------------------------------- 1 | --- 2 | variant: hotspot 3 | java_version: 1.8.0_232 4 | java_home_dir: jdk8u232-b09 5 | -------------------------------------------------------------------------------- /test/integration/custom-package/inputs/openj9-11.yml: -------------------------------------------------------------------------------- 1 | --- 2 | variant: openj9 3 | java_version: 11.0.6 4 | java_home_dir: jdk-11.0.6+10 5 | -------------------------------------------------------------------------------- /test/integration/custom-package/inputs/openj9-large-heap-11.yml: -------------------------------------------------------------------------------- 1 | --- 2 | variant: openj9-large-heap 3 | java_version: 11.0.6 4 | java_home_dir: jdk-11.0.6+10 5 | -------------------------------------------------------------------------------- /test/integration/custom-package/inspec.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: custom-package 3 | title: Custom package from URL testing 4 | license: Public domain 5 | copyright: None 6 | summary: Verify installation from a custom URL 7 | version: 0.0.1 8 | -------------------------------------------------------------------------------- /test/integration/openjdk/controls/verify_openjdk.rb: -------------------------------------------------------------------------------- 1 | java_version = input('java_version', description: 'Which version of java should be installed') 2 | 3 | control 'Java is installed & linked correctly' do 4 | impact 1.0 5 | title 'Installed' 6 | desc 'Java is installed & linked correctly' 7 | describe command('java -version 2>&1') do 8 | its('stdout') { should match java_version.to_s } 9 | end 10 | 11 | describe command('update-alternatives --display jar') do 12 | its('stdout') { should match %r{/usr/lib/jvm/java} } 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /test/integration/openjdk/inspec.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: openjdk 3 | title: OpenJDK tests 4 | license: Public domain 5 | copyright: None 6 | summary: Verify installation of OpenJDK 7 | version: 0.0.1 8 | -------------------------------------------------------------------------------- /test/integration/openjdk_pkg/controls/verify_openjdk.rb: -------------------------------------------------------------------------------- 1 | java_version = input('java_version', description: 'Which version of java should be installed') 2 | 3 | control 'Java is installed & linked correctly' do 4 | impact 1.0 5 | title 'Installed' 6 | desc 'Java is installed & linked correctly' 7 | describe command('java -version 2>&1') do 8 | its('stdout') { should match java_version.to_s } 9 | end 10 | 11 | describe command('update-alternatives --display java') do 12 | its('stdout') { should match %r{/usr/lib/jvm/java} } 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /test/integration/openjdk_pkg/inspec.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: openjdk_pkg 3 | title: OpenJDK tests 4 | license: Public domain 5 | copyright: None 6 | summary: Verify installation of OpenJDK 7 | version: 0.0.1 8 | --------------------------------------------------------------------------------