When the reported architecture is unknown and the provider is listed as
the default architecture, add the box without architecture information
so it is installed without architecture information on the path within
the collection.
With the initial layout of `provider/architecture`, after installing a
box with architecture support downgrading Vagrant would result in it
being unable to process the box collection. Swapping the layout to be
`architecture/provider` allows downgrades to still properly process the
box collection.
When expanding the box url, prefer the API endpoint which is updated to
include provider architecture information. Test the API endpoint and the
legacy endpoint and use which ever is valid, with the API taking
precedence. This allows Vagrant to continue with non Vagrant Cloud
servers that do not implement the API endpoint.
Introduce support for handling box architecture. Adds a new
`box_architecture` setting that defaults to `:auto` which will perform
automatic detection of the host system, but can be overridden with a
custom value. Can also be set to `nil` which will result in it fetching
the box flagged with the default architecture within the metadata.
Box collection has been modified to allow existing boxes already
downloaded and unpacked to still function as expected when architecture
information is not available.
When performing a request via curl on Windows using schannel, ssl
certificate revocation checks does not handle verification failures
gracefully when an error is encountered that is unrelated to the actual
revocation of a certificate.
A new option is available to perform best effort revocation checks on
curl, so this is enabled by default on the Windows platform. A new
config option (`box_download_disable_ssl_revoke_best_effort`) has also
been added which can be optionally enabled to restore previous behavior
which results in a hard error if any error is encountered.
Box's are global to Vagrant. Multiple Vagrant process can all
access the box directory for both downloading and extracting boxes.
A file mutex will ensure that mulitple Vagrant process will not
trample eachother if they are trying to download the same box.
This addresses the surprising behavior that the StoreBoxMetadata hook
was running many times during a machine up, including during failed
operations where a destroy_on_error deleted the machine. This was
resulting in an error that looked like:
> No such file or directory @ rb_sysopen [...] /[...]/box_meta
Plugin action hooks using prepend/append were attaching every time a
Builder was run, including sub-Builders that show up for things like
Call actions.
To fix this, we tell Builders if they are "primary" and only run
prepend/append on those. See inline comments for more explanation.
Still work left to do on exec and stderr separation but this represents
enough working to let vagrant-spec assertions pass so I think it's worth a
checkpoint!
The raw action name tracking should be sufficient for preventing
multi-insertions where only a single modification should occur.
With action name, hooks _should_ be able to be applied in multiple
builder stacks as they are expanding.
Fixes#12035
The raw actions are used for applying the original trigger behavior
which can insert before and/or after the entire set of actions. When
processing the stack items, mark when the raw action has been applied
to prevent it from being applied again. Triggers around the raw actions
should only ever be applied _once_.
Fixes#12034
When expanding stack track the origin action name and only apply
it once the stack has completed its expansion. The local env data
is marked with origin action to prevent it from being applied in
nested builders as they are expanded. The value of the stored action
name is checked and invalidated if another action is applied to the
same env in the future so hooks / triggers for that action are
applied as expected.
Passwords are (and should) never stored be as part of folder data.
I think there is also a case to be made about desensitizes
information here can lead to leaking of credentials. For example if
an exported folder is named "vagrant" and the users password is
"vagrant", the synced_folder cache will show "****" in place of the
folder name, indicating that it is also password.
