feat!: migrate network_interfaces to custom resources

[damacus]

Summary

Selected cookbook: network_interfaces.

Full Migration: this removes the legacy public recipe[network_interfaces] and root attribute API and replaces the behavior with explicit custom resources. Root recipes/ and attributes/ are absent after the migration.

Changes:

• Added network_interfaces_base for the former default recipe behavior that manages /etc/network/interfaces and /etc/network/interfaces.d.
• Modernized the existing network_interfaces resource with provides, unified_mode true, frozen string literals, explicit properties, and no node attribute fallback reads.
• Pulled in the network_interfaces_eni resource from Add new resource: network_interfaces_eni #32, updated it for the modern AWS SDK namespace and EC2 API parameters, and added ChefSpec coverage with AWS/metadata calls stubbed.
• Moved usage into test/cookbooks/test/recipes/default.rb with a full InSpec profile under test/integration/default.
• Added resource documentation, migration.md, and LIMITATIONS.md.
• Updated Kitchen and CI to the current Debian/Ubuntu support matrix and sous-chefs reusable workflow baseline.

Attribution

The network_interfaces_eni resource is based on the work from #32. Original implementation credit goes to @eherot, and PR/rebase credit goes to @jeffbyrnes. The follow-up commit also includes co-author trailers for both contributors.

Verification

$ berks install
Resolving cookbook dependencies...
Using network_interfaces (2.0.8) from source at .
Using test (0.1.0) from source at test/cookbooks/test
Using line (4.6.0)
Using modules (0.2.0)

$ cookstyle
Inspecting 14 files
..............

14 files inspected, no offenses detected

$ chef exec rspec --format documentation
23 examples, 0 failures

$ KITCHEN_LOCAL_YAML=kitchen.dokken.yml kitchen test default-ubuntu-2404 --destroy=always
Infra Phase complete, 0/20 resources updated in 01 seconds
Profile Summary: 2 successful controls, 0 control failures, 0 controls skipped
Test Summary: 11 successful, 0 failures, 0 skipped
Test Kitchen is finished.

Additional checks:

$ markdownlint-cli2 "**/*.md"
Summary: 0 error(s)

$ yamllint .
exit 0

$ actionlint
exit 0

$ chef exec ruby -c resources/default.rb; chef exec ruby -c resources/base.rb; chef exec ruby -c libraries/default.rb
Syntax OK
Syntax OK
Syntax OK

$ chef exec ruby -c resources/eni.rb
Syntax OK

$ git diff --check
exit 0

Structural audit:

• ls -R was run after verification.
• Root recipes/ is absent.
• Root attributes/ is absent.

Platform and Support Evidence

• Product managed: Debian/Ubuntu ifupdown configuration through /etc/network/interfaces and /etc/network/interfaces.d.
• endoflife.date checked on 2026-05-13: Ubuntu 18.04 and Ubuntu 20.04 are outside standard support; Debian 9, Debian 10, and Debian 11 are outside the current migration baseline.
• Debian package data confirms ifupdown is available for Debian 12 and Debian 13.
• Ubuntu Launchpad package data confirms ifupdown is available for Ubuntu 24.04; Ubuntu 22.04 remains in the active LTS support window.
• Active support matrix is now Debian 12, Debian 13, Ubuntu 22.04, and Ubuntu 24.04 across metadata.rb, kitchen.yml, kitchen.dokken.yml, kitchen.global.yml, and CI.
• LIMITATIONS.md documents that modern Ubuntu defaults to Netplan and this cookbook is for hosts intentionally using ifupdown.

Workflow Permission Sources Checked

Checked exact upstream files at the pinned refs before editing workflow permissions:

• sous-chefs/.github/.github/workflows/lint-unit.yml@6.0.0
  • Caller permissions used: contents: read, checks: write, pull-requests: write, statuses: write.
• sous-chefs/.github/.github/workflows/prevent-file-change.yml@6.0.0
  • Reusable jobs request pull-requests: write; caller now sets pull-requests: write.
• sous-chefs/.github/.github/workflows/conventional-commits.yml@6.0.0
  • Reusable job requests pull-requests: read; caller now sets pull-requests: read.
• xalvarez/prevent-file-change-action@v3
  • action.yml requires a token input and declares no additional workflow permissions.
• sous-chefs/.github/.github/actions/install-workstation/action.yml@6.0.0
  • Composite action installs Cinc Workstation and declares no additional caller token permissions.
• sous-chefs/.github/.github/workflows/release-cookbook.yml@6.0.0
  • Requires token, supermarket_user, supermarket_key, slack_bot_token, and slack_channel_id; release workflow now passes all five required secrets.

[github-actions]

Slowest examples

Top 10 slowest examples (0.85 seconds, 63.45% of total time)

Example	Description	Time in seconds
spec/unit/resources/interface_spec.rb:37	network_interfaces with vlan and bridge properties is expected to install package "ifmetric"	0.18372
spec/unit/resources/base_spec.rb:14	network_interfaces_base with default properties is expected to create directory "/etc/network"	0.08715
spec/unit/resources/interface_spec.rb:40	network_interfaces with vlan and bridge properties is expected to render file "/etc/network/interfaces.d/eth1.100"	0.08244
spec/unit/resources/interface_spec.rb:21	network_interfaces with a static interface is expected to render file "/etc/network/interfaces.d/eth1"	0.07973
spec/unit/resources/interface_spec.rb:23	network_interfaces with a static interface is expected to render file "/etc/network/interfaces.d/eth1"	0.07893
spec/unit/resources/interface_spec.rb:39	network_interfaces with vlan and bridge properties is expected to render file "/etc/network/interfaces.d/eth1.100"	0.07372
spec/unit/resources/interface_spec.rb:22	network_interfaces with a static interface is expected to render file "/etc/network/interfaces.d/eth1"	0.07243
spec/unit/resources/interface_spec.rb:19	network_interfaces with a static interface is expected to edit append_if_no_line "insert auto for eth1"	0.06818
spec/unit/resources/interface_spec.rb:52	network_interfaces when removing an interface is expected to nothing execute "if_down eth1"	0.06403
spec/unit/resources/base_spec.rb:26	network_interfaces_base when replacing the original file is expected to create file "/etc/network/interfaces"	0.06276