A small cookbook that helps you to update system's and chef-client's rubygems version as they a rarely updated via the system updates.
It was created to mitigate problems like that one: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
This cookbook just runs gem update --system for both system's and chef-client's embedded RubyGems setup.
Just add it to your run_list: recipe[rubgems-update]
If you do not want either system or chef-client gem to be updated you can set attributes:
node['rubygems-update']['chef-client']['skip'] = true
# or
node['rubgems-update']['system']['skip'] = trueOr you can add only the desired recipe: recipe[rubgems-update::system] / recipe[rubgems-update::chef-client]
Tested on:
- Ubuntu 16.04
- Debian 8
- Debian 9
- Centos 6
- Centos 7
- Fedora 26
- Fedora 27
- Run 'update' commands a bit rarer then during every chef run.
