bolt 0.23.0 → 0.24.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of bolt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb +5 -2
- data/bolt-modules/boltlib/lib/puppet/functions/puppetdb_query.rb +5 -1
- data/bolt-modules/boltlib/lib/puppet/functions/run_task.rb +5 -8
- data/lib/bolt/applicator.rb +11 -8
- data/lib/bolt/boltdir.rb +13 -5
- data/lib/bolt/catalog.rb +22 -47
- data/lib/bolt/config.rb +1 -26
- data/lib/bolt/executor.rb +1 -1
- data/lib/bolt/outputter.rb +0 -9
- data/lib/bolt/outputter/human.rb +29 -14
- data/lib/bolt/outputter/json.rb +12 -1
- data/lib/bolt/pal.rb +12 -10
- data/lib/bolt/target.rb +0 -6
- data/lib/bolt/task.rb +53 -10
- data/lib/bolt/transport/base.rb +1 -6
- data/lib/bolt/transport/local.rb +11 -13
- data/lib/bolt/transport/local/shell.rb +2 -2
- data/lib/bolt/transport/ssh.rb +16 -11
- data/lib/bolt/transport/winrm.rb +8 -11
- data/lib/bolt/version.rb +1 -1
- data/lib/bolt_ext/schemas/task.json +12 -5
- data/libexec/apply_catalog.rb +3 -1
- data/libexec/bolt_catalog +4 -0
- data/vendored/puppet/lib/puppet.rb +2 -1
- data/vendored/puppet/lib/puppet/application/agent.rb +2 -6
- data/vendored/puppet/lib/puppet/application/apply.rb +100 -60
- data/vendored/puppet/lib/puppet/application/cert.rb +26 -291
- data/vendored/puppet/lib/puppet/application/device.rb +0 -5
- data/vendored/puppet/lib/puppet/application/lookup.rb +1 -1
- data/vendored/puppet/lib/puppet/application/ssl.rb +133 -0
- data/vendored/puppet/lib/puppet/application_support.rb +1 -2
- data/vendored/puppet/lib/puppet/configurer.rb +34 -50
- data/vendored/puppet/lib/puppet/configurer/downloader.rb +1 -1
- data/vendored/puppet/lib/puppet/configurer/plugin_handler.rb +1 -1
- data/vendored/puppet/lib/puppet/daemon.rb +1 -1
- data/vendored/puppet/lib/puppet/defaults.rb +40 -117
- data/vendored/puppet/lib/puppet/face/epp.rb +2 -2
- data/vendored/puppet/lib/puppet/face/help.rb +21 -7
- data/vendored/puppet/lib/puppet/face/node/clean.rb +14 -10
- data/vendored/puppet/lib/puppet/feature/base.rb +7 -23
- data/vendored/puppet/lib/puppet/feature/eventlog.rb +1 -1
- data/vendored/puppet/lib/puppet/file_serving/base.rb +2 -2
- data/vendored/puppet/lib/puppet/file_serving/fileset.rb +1 -1
- data/vendored/puppet/lib/puppet/file_serving/metadata.rb +2 -2
- data/vendored/puppet/lib/puppet/functions.rb +133 -0
- data/vendored/puppet/lib/puppet/functions/eyaml_lookup_key.rb +4 -5
- data/vendored/puppet/lib/puppet/functions/filter.rb +7 -6
- data/vendored/puppet/lib/puppet/functions/new.rb +37 -53
- data/vendored/puppet/lib/puppet/functions/warning.rb +1 -1
- data/vendored/puppet/lib/puppet/functions/yaml_data.rb +4 -5
- data/vendored/puppet/lib/puppet/gettext/config.rb +1 -1
- data/vendored/puppet/lib/puppet/graph.rb +0 -2
- data/vendored/puppet/lib/puppet/indirector/catalog/json.rb +14 -3
- data/vendored/puppet/lib/puppet/indirector/catalog/yaml.rb +0 -16
- data/vendored/puppet/lib/puppet/indirector/certificate/file.rb +0 -1
- data/vendored/puppet/lib/puppet/indirector/facts/yaml.rb +4 -2
- data/vendored/puppet/lib/puppet/indirector/key/file.rb +1 -6
- data/vendored/puppet/lib/puppet/indirector/node/exec.rb +1 -3
- data/vendored/puppet/lib/puppet/indirector/node/yaml.rb +0 -6
- data/vendored/puppet/lib/puppet/indirector/request.rb +1 -1
- data/vendored/puppet/lib/puppet/indirector/ssl_file.rb +3 -44
- data/vendored/puppet/lib/puppet/indirector/yaml.rb +4 -4
- data/vendored/puppet/lib/puppet/info_service/task_information_service.rb +7 -3
- data/vendored/puppet/lib/puppet/loaders.rb +1 -0
- data/vendored/puppet/lib/puppet/module/task.rb +198 -29
- data/vendored/puppet/lib/puppet/module_tool/applications/unpacker.rb +1 -1
- data/vendored/puppet/lib/puppet/network/format_support.rb +13 -8
- data/vendored/puppet/lib/puppet/network/formats.rb +93 -2
- data/vendored/puppet/lib/puppet/network/http/api/indirected_routes.rb +10 -3
- data/vendored/puppet/lib/puppet/node/facts.rb +11 -1
- data/vendored/puppet/lib/puppet/parser/catalog_compiler.rb +56 -0
- data/vendored/puppet/lib/puppet/parser/compiler.rb +3 -1
- data/vendored/puppet/lib/puppet/parser/functions.rb +3 -1
- data/vendored/puppet/lib/puppet/parser/functions/filter.rb +1 -1
- data/vendored/puppet/lib/puppet/parser/functions/generate.rb +1 -1
- data/vendored/puppet/lib/puppet/parser/functions/sprintf.rb +12 -1
- data/vendored/puppet/lib/puppet/parser/functions/tagged.rb +1 -4
- data/vendored/puppet/lib/puppet/parser/scope.rb +1 -1
- data/vendored/puppet/lib/puppet/parser/script_compiler.rb +7 -2
- data/vendored/puppet/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
- data/vendored/puppet/lib/puppet/pops/evaluator/runtime3_converter.rb +23 -4
- data/vendored/puppet/lib/puppet/pops/evaluator/runtime3_support.rb +3 -4
- data/vendored/puppet/lib/puppet/pops/functions/dispatch.rb +4 -0
- data/vendored/puppet/lib/puppet/pops/issues.rb +8 -0
- data/vendored/puppet/lib/puppet/pops/loader/loader.rb +2 -2
- data/vendored/puppet/lib/puppet/pops/loader/loader_paths.rb +3 -1
- data/vendored/puppet/lib/puppet/pops/loader/module_loaders.rb +30 -9
- data/vendored/puppet/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +62 -0
- data/vendored/puppet/lib/puppet/pops/loader/static_loader.rb +0 -1
- data/vendored/puppet/lib/puppet/pops/loader/task_instantiator.rb +13 -70
- data/vendored/puppet/lib/puppet/pops/loaders.rb +19 -29
- data/vendored/puppet/lib/puppet/pops/lookup/hiera_config.rb +1 -1
- data/vendored/puppet/lib/puppet/pops/model/model_label_provider.rb +4 -1
- data/vendored/puppet/lib/puppet/pops/pcore.rb +10 -33
- data/vendored/puppet/lib/puppet/pops/serialization.rb +2 -0
- data/vendored/puppet/lib/puppet/pops/serialization/from_data_converter.rb +2 -1
- data/vendored/puppet/lib/puppet/pops/serialization/to_data_converter.rb +11 -3
- data/vendored/puppet/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
- data/vendored/puppet/lib/puppet/pops/types/p_object_type.rb +3 -0
- data/vendored/puppet/lib/puppet/pops/validation/checker4_0.rb +97 -47
- data/vendored/puppet/lib/puppet/pops/validation/validator_factory_4_0.rb +7 -8
- data/vendored/puppet/lib/puppet/property/keyvalue.rb +70 -8
- data/vendored/puppet/lib/puppet/provider/aix_object.rb +483 -0
- data/vendored/puppet/lib/puppet/provider/file/windows.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/group/aix.rb +51 -112
- data/vendored/puppet/lib/puppet/provider/package/gem.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/package/pip.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/package/puppet_gem.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/package/rpm.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/package/windows/package.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/package/zypper.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/service/systemd.rb +1 -1
- data/vendored/puppet/lib/puppet/provider/service/windows.rb +37 -40
- data/vendored/puppet/lib/puppet/provider/user/aix.rb +142 -254
- data/vendored/puppet/lib/puppet/resource.rb +20 -3
- data/vendored/puppet/lib/puppet/resource/catalog.rb +2 -12
- data/vendored/puppet/lib/puppet/rest/routes.rb +97 -34
- data/vendored/puppet/lib/puppet/settings.rb +1 -1
- data/vendored/puppet/lib/puppet/settings/file_setting.rb +1 -1
- data/vendored/puppet/lib/puppet/ssl/base.rb +1 -9
- data/vendored/puppet/lib/puppet/ssl/certificate_request.rb +1 -13
- data/vendored/puppet/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
- data/vendored/puppet/lib/puppet/ssl/host.rb +114 -232
- data/vendored/puppet/lib/puppet/ssl/key.rb +1 -5
- data/vendored/puppet/lib/puppet/ssl/oids.rb +1 -1
- data/vendored/puppet/lib/puppet/test/test_helper.rb +0 -4
- data/vendored/puppet/lib/puppet/transaction/event.rb +3 -7
- data/vendored/puppet/lib/puppet/transaction/persistence.rb +1 -1
- data/vendored/puppet/lib/puppet/type/exec.rb +18 -16
- data/vendored/puppet/lib/puppet/type/file.rb +3 -3
- data/vendored/puppet/lib/puppet/type/file/source.rb +20 -7
- data/vendored/puppet/lib/puppet/type/group.rb +3 -5
- data/vendored/puppet/lib/puppet/type/notify.rb +1 -1
- data/vendored/puppet/lib/puppet/type/package.rb +2 -5
- data/vendored/puppet/lib/puppet/type/schedule.rb +1 -1
- data/vendored/puppet/lib/puppet/type/service.rb +3 -6
- data/vendored/puppet/lib/puppet/type/tidy.rb +1 -1
- data/vendored/puppet/lib/puppet/type/user.rb +13 -20
- data/vendored/puppet/lib/puppet/util.rb +8 -9
- data/vendored/puppet/lib/puppet/util/execution.rb +3 -3
- data/vendored/puppet/lib/puppet/util/feature.rb +61 -39
- data/vendored/puppet/lib/puppet/util/log/destinations.rb +1 -1
- data/vendored/puppet/lib/puppet/util/rdoc.rb +1 -1
- data/vendored/puppet/lib/puppet/util/run_mode.rb +1 -1
- data/vendored/puppet/lib/puppet/util/storage.rb +1 -1
- data/vendored/puppet/lib/puppet/util/suidmanager.rb +7 -5
- data/vendored/puppet/lib/puppet/util/tag_set.rb +1 -1
- data/vendored/puppet/lib/puppet/util/tagging.rb +1 -1
- data/vendored/puppet/lib/puppet/util/windows.rb +18 -2
- data/vendored/puppet/lib/puppet/util/windows/adsi.rb +154 -205
- data/vendored/puppet/lib/puppet/util/windows/service.rb +770 -0
- data/vendored/puppet/lib/puppet/util/yaml.rb +41 -5
- data/vendored/puppet/lib/puppet/version.rb +1 -1
- data/vendored/puppet/lib/puppet_pal.rb +280 -24
- metadata +8 -38
- data/lib/bolt/catalog/compiler.rb +0 -48
- data/lib/bolt/catalog/loaders.rb +0 -19
- data/vendored/puppet/lib/puppet/application/ca.rb +0 -11
- data/vendored/puppet/lib/puppet/application/certificate.rb +0 -17
- data/vendored/puppet/lib/puppet/application/certificate_request.rb +0 -7
- data/vendored/puppet/lib/puppet/application/certificate_revocation_list.rb +0 -7
- data/vendored/puppet/lib/puppet/face/ca.rb +0 -266
- data/vendored/puppet/lib/puppet/face/certificate.rb +0 -167
- data/vendored/puppet/lib/puppet/face/certificate_request.rb +0 -56
- data/vendored/puppet/lib/puppet/face/certificate_revocation_list.rb +0 -56
- data/vendored/puppet/lib/puppet/graph/random_prioritizer.rb +0 -16
- data/vendored/puppet/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
- data/vendored/puppet/lib/puppet/indirector/certificate/ca.rb +0 -9
- data/vendored/puppet/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
- data/vendored/puppet/lib/puppet/indirector/certificate_request/ca.rb +0 -22
- data/vendored/puppet/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
- data/vendored/puppet/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
- data/vendored/puppet/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
- data/vendored/puppet/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
- data/vendored/puppet/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -11
- data/vendored/puppet/lib/puppet/indirector/certificate_status.rb +0 -4
- data/vendored/puppet/lib/puppet/indirector/certificate_status/file.rb +0 -91
- data/vendored/puppet/lib/puppet/indirector/certificate_status/rest.rb +0 -11
- data/vendored/puppet/lib/puppet/indirector/key/ca.rb +0 -16
- data/vendored/puppet/lib/puppet/indirector/key/disabled_ca.rb +0 -22
- data/vendored/puppet/lib/puppet/indirector/ldap.rb +0 -86
- data/vendored/puppet/lib/puppet/indirector/node/ldap.rb +0 -275
- data/vendored/puppet/lib/puppet/provider/aixobject.rb +0 -392
- data/vendored/puppet/lib/puppet/provider/cron/crontab.rb +0 -297
- data/vendored/puppet/lib/puppet/ssl/certificate_authority.rb +0 -475
- data/vendored/puppet/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
- data/vendored/puppet/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
- data/vendored/puppet/lib/puppet/ssl/certificate_factory.rb +0 -219
- data/vendored/puppet/lib/puppet/ssl/certificate_revocation_list.rb +0 -111
- data/vendored/puppet/lib/puppet/ssl/inventory.rb +0 -55
- data/vendored/puppet/lib/puppet/type/cron.rb +0 -480
|
@@ -52,11 +52,10 @@ module Puppet
|
|
|
52
52
|
def self.configure_indirector_routes(application_name)
|
|
53
53
|
route_file = Puppet[:route_file]
|
|
54
54
|
if Puppet::FileSystem.exist?(route_file)
|
|
55
|
-
routes =
|
|
55
|
+
routes = Puppet::Util::Yaml.safe_load_file(route_file, [Symbol])
|
|
56
56
|
application_routes = routes[application_name]
|
|
57
57
|
Puppet::Indirector.configure_routes(application_routes) if application_routes
|
|
58
58
|
end
|
|
59
59
|
end
|
|
60
|
-
|
|
61
60
|
end
|
|
62
61
|
end
|
|
@@ -16,7 +16,7 @@ class Puppet::Configurer
|
|
|
16
16
|
# For benchmarking
|
|
17
17
|
include Puppet::Util
|
|
18
18
|
|
|
19
|
-
attr_reader :
|
|
19
|
+
attr_reader :environment
|
|
20
20
|
|
|
21
21
|
# Provide more helpful strings to the logging that the Agent does
|
|
22
22
|
def self.to_s
|
|
@@ -24,14 +24,10 @@ class Puppet::Configurer
|
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def self.should_pluginsync?
|
|
27
|
-
if Puppet
|
|
28
|
-
|
|
27
|
+
if Puppet[:use_cached_catalog]
|
|
28
|
+
false
|
|
29
29
|
else
|
|
30
|
-
|
|
31
|
-
false
|
|
32
|
-
else
|
|
33
|
-
true
|
|
34
|
-
end
|
|
30
|
+
true
|
|
35
31
|
end
|
|
36
32
|
end
|
|
37
33
|
|
|
@@ -46,7 +42,6 @@ class Puppet::Configurer
|
|
|
46
42
|
# Initialize and load storage
|
|
47
43
|
def init_storage
|
|
48
44
|
Puppet::Util::Storage.load
|
|
49
|
-
@compile_time ||= Puppet::Util::Storage.cache(:configuration)[:compile_time]
|
|
50
45
|
rescue => detail
|
|
51
46
|
Puppet.log_exception(detail, _("Removing corrupt state file %{file}: %{detail}") % { file: Puppet[:statefile], detail: detail })
|
|
52
47
|
begin
|
|
@@ -109,8 +104,8 @@ class Puppet::Configurer
|
|
|
109
104
|
|
|
110
105
|
catalog_conversion_time = thinmark do
|
|
111
106
|
# Will mutate the result and replace all Deferred values with resolved values
|
|
112
|
-
if
|
|
113
|
-
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(
|
|
107
|
+
if facts = options[:convert_with_facts]
|
|
108
|
+
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
|
|
114
109
|
end
|
|
115
110
|
|
|
116
111
|
catalog = result.to_ral
|
|
@@ -180,6 +175,8 @@ class Puppet::Configurer
|
|
|
180
175
|
result = retrieve_catalog_from_cache({:transaction_uuid => @transaction_uuid, :static_catalog => @static_catalog})
|
|
181
176
|
if result
|
|
182
177
|
Puppet.info _("Using cached catalog from environment '%{catalog_env}'") % { catalog_env: result.environment }
|
|
178
|
+
# get facts now so that the convert_catalog method can resolve deferred values
|
|
179
|
+
get_facts(options)
|
|
183
180
|
return convert_catalog(result, @duration, options)
|
|
184
181
|
end
|
|
185
182
|
nil
|
|
@@ -221,26 +218,22 @@ class Puppet::Configurer
|
|
|
221
218
|
|
|
222
219
|
# Skip failover logic if the server_list setting is empty
|
|
223
220
|
if Puppet.settings[:server_list].nil? || Puppet.settings[:server_list].empty?
|
|
224
|
-
do_failover = false
|
|
221
|
+
do_failover = false
|
|
225
222
|
else
|
|
226
223
|
do_failover = true
|
|
227
224
|
end
|
|
228
225
|
# When we are passed a catalog, that means we're in apply
|
|
229
226
|
# mode. We shouldn't try to do any failover in that case.
|
|
230
227
|
if options[:catalog].nil? && do_failover
|
|
231
|
-
|
|
232
|
-
server
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
if !server.first.nil?
|
|
239
|
-
Puppet.debug "Selected master: #{server[0]}:#{server[1]}"
|
|
240
|
-
report.master_used = "#{server[0]}:#{server[1]}"
|
|
228
|
+
server, port = find_functional_server
|
|
229
|
+
Puppet.override(server: server, serverport: port) do
|
|
230
|
+
if server
|
|
231
|
+
Puppet.debug _("Selected puppet server: %{server}:%{port}") % { server: server, port: port }
|
|
232
|
+
report.master_used = "#{server}:#{port}"
|
|
233
|
+
else
|
|
234
|
+
Puppet.warning _("Could not select a functional puppet server")
|
|
241
235
|
end
|
|
242
|
-
|
|
243
|
-
completed = run_internal(options.merge(:node => found[:node]))
|
|
236
|
+
completed = run_internal(options)
|
|
244
237
|
end
|
|
245
238
|
else
|
|
246
239
|
completed = run_internal(options)
|
|
@@ -294,7 +287,7 @@ class Puppet::Configurer
|
|
|
294
287
|
begin
|
|
295
288
|
node = nil
|
|
296
289
|
node_retr_time = thinmark do
|
|
297
|
-
node =
|
|
290
|
+
node = Puppet::Node.indirection.find(Puppet[:node_name_value],
|
|
298
291
|
:environment => Puppet::Node::Environment.remote(@environment),
|
|
299
292
|
:configured_environment => configured_environment,
|
|
300
293
|
:ignore_cache => true,
|
|
@@ -338,7 +331,7 @@ class Puppet::Configurer
|
|
|
338
331
|
end
|
|
339
332
|
Puppet.push_context({
|
|
340
333
|
:current_environment => local_node_environment,
|
|
341
|
-
:loaders => Puppet::Pops::Loaders.new(local_node_environment)
|
|
334
|
+
:loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
|
|
342
335
|
}, "Local node environment for configurer transaction")
|
|
343
336
|
|
|
344
337
|
query_options = get_facts(options) unless query_options
|
|
@@ -397,32 +390,23 @@ class Puppet::Configurer
|
|
|
397
390
|
end
|
|
398
391
|
private :run_internal
|
|
399
392
|
|
|
400
|
-
def find_functional_server
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
:ignore_cache => true,
|
|
415
|
-
:transaction_uuid => @transaction_uuid,
|
|
416
|
-
:fail_on_404 => false)
|
|
417
|
-
found = true
|
|
418
|
-
rescue
|
|
419
|
-
# Nothing to see here
|
|
420
|
-
end
|
|
393
|
+
def find_functional_server
|
|
394
|
+
Puppet.settings[:server_list].each do |server|
|
|
395
|
+
host = server[0]
|
|
396
|
+
port = server[1] || Puppet[:masterport]
|
|
397
|
+
begin
|
|
398
|
+
http = Puppet::Network::HttpPool.http_ssl_instance(host, port)
|
|
399
|
+
response = http.get('/status/v1/simple/master')
|
|
400
|
+
return [host, port] if response.is_a?(Net::HTTPOK)
|
|
401
|
+
|
|
402
|
+
Puppet.debug(_("Puppet server %{host}:%{port} is unavailable: %{code} %{reason}") %
|
|
403
|
+
{ host: host, port: port, code: response.code, reason: response.message })
|
|
404
|
+
rescue
|
|
405
|
+
# Nothing to see here
|
|
406
|
+
Puppet.debug(_("Puppet server %{host}:%{port} is unreachable") % { host: host, port: port })
|
|
421
407
|
end
|
|
422
|
-
found
|
|
423
408
|
end
|
|
424
|
-
|
|
425
|
-
:server => selected_server }
|
|
409
|
+
[nil, nil]
|
|
426
410
|
end
|
|
427
411
|
private :find_functional_server
|
|
428
412
|
|
|
@@ -7,7 +7,7 @@ class Puppet::Configurer::PluginHandler
|
|
|
7
7
|
SUPPORTED_LOCALES_MOUNT_AGENT_VERSION = Gem::Version.new("5.3.4")
|
|
8
8
|
|
|
9
9
|
def download_plugins(environment)
|
|
10
|
-
source_permissions = Puppet.
|
|
10
|
+
source_permissions = Puppet::Util::Platform.windows? ? :ignore : :use
|
|
11
11
|
|
|
12
12
|
plugin_downloader = Puppet::Configurer::Downloader.new(
|
|
13
13
|
"plugin",
|
|
@@ -113,7 +113,7 @@ class Puppet::Daemon
|
|
|
113
113
|
end
|
|
114
114
|
|
|
115
115
|
# extended signals not supported under windows
|
|
116
|
-
if !Puppet.
|
|
116
|
+
if !Puppet::Util::Platform.windows?
|
|
117
117
|
signals = {:HUP => :restart, :USR1 => :reload, :USR2 => :reopen_logs }
|
|
118
118
|
signals.each do |signal, method|
|
|
119
119
|
Signal.trap(signal) do
|
|
@@ -283,8 +283,9 @@ module Puppet
|
|
|
283
283
|
on the CLI.",
|
|
284
284
|
},
|
|
285
285
|
:configprint => {
|
|
286
|
-
:default
|
|
287
|
-
:
|
|
286
|
+
:default => "",
|
|
287
|
+
:deprecated => :completely,
|
|
288
|
+
:desc => "Prints the value of a specific configuration setting. If the name of a
|
|
288
289
|
setting is provided for this, then the value is printed and puppet
|
|
289
290
|
exits. Comma-separate multiple values. For a list of all values,
|
|
290
291
|
specify 'all'. This setting is deprecated, the 'puppet config' command replaces this functionality.",
|
|
@@ -402,7 +403,7 @@ module Puppet
|
|
|
402
403
|
files. The command to use can be chosen with the `diff` setting.",
|
|
403
404
|
},
|
|
404
405
|
:diff => {
|
|
405
|
-
:default => (Puppet.
|
|
406
|
+
:default => (Puppet::Util::Platform.windows? ? "" : "diff"),
|
|
406
407
|
:desc => "Which diff command to use when printing differences between files. This setting
|
|
407
408
|
has no default value on Windows, as standard `diff` is not available, but Puppet can use many
|
|
408
409
|
third-party diff tools.",
|
|
@@ -419,13 +420,13 @@ module Puppet
|
|
|
419
420
|
},
|
|
420
421
|
:daemonize => {
|
|
421
422
|
:type => :boolean,
|
|
422
|
-
:default => (Puppet.
|
|
423
|
+
:default => (Puppet::Util::Platform.windows? ? false : true),
|
|
423
424
|
:desc => "Whether to send the process into the background. This defaults
|
|
424
425
|
to true on POSIX systems, and to false on Windows (where Puppet
|
|
425
426
|
currently cannot daemonize).",
|
|
426
427
|
:short => "D",
|
|
427
428
|
:hook => proc do |value|
|
|
428
|
-
if value and Puppet.
|
|
429
|
+
if value and Puppet::Util::Platform.windows?
|
|
429
430
|
raise "Cannot daemonize on Windows"
|
|
430
431
|
end
|
|
431
432
|
end
|
|
@@ -678,23 +679,13 @@ module Puppet
|
|
|
678
679
|
}
|
|
679
680
|
)
|
|
680
681
|
|
|
681
|
-
define_settings(:main,
|
|
682
|
-
# Whether the application management feature is on or off - now deprecated and always on.
|
|
683
|
-
:app_management => {
|
|
684
|
-
:default => false,
|
|
685
|
-
:type => :boolean,
|
|
686
|
-
:desc => "This setting has no effect and will be removed in a future Puppet version.",
|
|
687
|
-
:deprecated => :completely,
|
|
688
|
-
}
|
|
689
|
-
)
|
|
690
|
-
|
|
691
682
|
Puppet.define_settings(:module_tool,
|
|
692
683
|
:module_repository => {
|
|
693
684
|
:default => 'https://forgeapi.puppet.com',
|
|
694
685
|
:desc => "The module repository",
|
|
695
686
|
},
|
|
696
687
|
:module_working_dir => {
|
|
697
|
-
:default => (Puppet.
|
|
688
|
+
:default => (Puppet::Util::Platform.windows? ? Dir.tmpdir() : '$vardir/puppet-module'),
|
|
698
689
|
:desc => "The directory into which module tool data is stored",
|
|
699
690
|
},
|
|
700
691
|
:forge_authorization => {
|
|
@@ -762,11 +753,14 @@ change this setting; you also need to:
|
|
|
762
753
|
|
|
763
754
|
* On the server: Stop Puppet Server.
|
|
764
755
|
* On the CA server: Revoke and clean the server's old certificate. (`puppet cert clean <NAME>`)
|
|
756
|
+
(Note `puppet cert clean` is deprecated and will be replaced with `puppetserver ca clean`
|
|
757
|
+
in Puppet 6.)
|
|
765
758
|
* On the server: Delete the old certificate (and any old certificate signing requests)
|
|
766
759
|
from the [ssldir](https://puppet.com/docs/puppet/latest/dirs_ssldir.html).
|
|
767
760
|
* On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to request a new certificate
|
|
768
761
|
* On the CA server: Sign the certificate request, explicitly allowing alternate names
|
|
769
|
-
(`puppet cert sign --allow-dns-alt-names <NAME>`).
|
|
762
|
+
(`puppet cert sign --allow-dns-alt-names <NAME>`). (Note `puppet cert sign` is deprecated
|
|
763
|
+
and will be replaced with `puppetserver ca sign` in Puppet 6.)
|
|
770
764
|
* On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to retrieve the cert.
|
|
771
765
|
* On the server: Start Puppet Server again.
|
|
772
766
|
|
|
@@ -987,8 +981,8 @@ EOT
|
|
|
987
981
|
define_settings(
|
|
988
982
|
:ca,
|
|
989
983
|
:ca_name => {
|
|
990
|
-
:default
|
|
991
|
-
:desc
|
|
984
|
+
:default => "Puppet CA: $certname",
|
|
985
|
+
:desc => "The name to use the Certificate Authority certificate.",
|
|
992
986
|
},
|
|
993
987
|
:cadir => {
|
|
994
988
|
:default => "$ssldir/ca",
|
|
@@ -996,7 +990,7 @@ EOT
|
|
|
996
990
|
:owner => "service",
|
|
997
991
|
:group => "service",
|
|
998
992
|
:mode => "0755",
|
|
999
|
-
:desc => "The root directory for the certificate authority."
|
|
993
|
+
:desc => "The root directory for the certificate authority.",
|
|
1000
994
|
},
|
|
1001
995
|
:cacert => {
|
|
1002
996
|
:default => "$cadir/ca_crt.pem",
|
|
@@ -1004,7 +998,7 @@ EOT
|
|
|
1004
998
|
:owner => "service",
|
|
1005
999
|
:group => "service",
|
|
1006
1000
|
:mode => "0644",
|
|
1007
|
-
:desc => "The CA certificate."
|
|
1001
|
+
:desc => "The CA certificate.",
|
|
1008
1002
|
},
|
|
1009
1003
|
:cakey => {
|
|
1010
1004
|
:default => "$cadir/ca_key.pem",
|
|
@@ -1012,7 +1006,7 @@ EOT
|
|
|
1012
1006
|
:owner => "service",
|
|
1013
1007
|
:group => "service",
|
|
1014
1008
|
:mode => "0640",
|
|
1015
|
-
:desc => "The CA private key."
|
|
1009
|
+
:desc => "The CA private key.",
|
|
1016
1010
|
},
|
|
1017
1011
|
:capub => {
|
|
1018
1012
|
:default => "$cadir/ca_pub.pem",
|
|
@@ -1020,7 +1014,7 @@ EOT
|
|
|
1020
1014
|
:owner => "service",
|
|
1021
1015
|
:group => "service",
|
|
1022
1016
|
:mode => "0644",
|
|
1023
|
-
:desc => "The CA public key."
|
|
1017
|
+
:desc => "The CA public key.",
|
|
1024
1018
|
},
|
|
1025
1019
|
:cacrl => {
|
|
1026
1020
|
:default => "$cadir/ca_crl.pem",
|
|
@@ -1028,15 +1022,7 @@ EOT
|
|
|
1028
1022
|
:owner => "service",
|
|
1029
1023
|
:group => "service",
|
|
1030
1024
|
:mode => "0644",
|
|
1031
|
-
:desc => "The certificate revocation list (CRL) for the CA.
|
|
1032
|
-
},
|
|
1033
|
-
:caprivatedir => {
|
|
1034
|
-
:default => "$cadir/private",
|
|
1035
|
-
:type => :directory,
|
|
1036
|
-
:owner => "service",
|
|
1037
|
-
:group => "service",
|
|
1038
|
-
:mode => "0750",
|
|
1039
|
-
:desc => "Where the CA stores private certificate information."
|
|
1025
|
+
:desc => "The certificate revocation list (CRL) for the CA.",
|
|
1040
1026
|
},
|
|
1041
1027
|
:csrdir => {
|
|
1042
1028
|
:default => "$cadir/requests",
|
|
@@ -1044,7 +1030,7 @@ EOT
|
|
|
1044
1030
|
:owner => "service",
|
|
1045
1031
|
:group => "service",
|
|
1046
1032
|
:mode => "0755",
|
|
1047
|
-
:desc => "Where the CA stores certificate requests"
|
|
1033
|
+
:desc => "Where the CA stores certificate requests.",
|
|
1048
1034
|
},
|
|
1049
1035
|
:signeddir => {
|
|
1050
1036
|
:default => "$cadir/signed",
|
|
@@ -1052,15 +1038,7 @@ EOT
|
|
|
1052
1038
|
:owner => "service",
|
|
1053
1039
|
:group => "service",
|
|
1054
1040
|
:mode => "0755",
|
|
1055
|
-
:desc => "Where the CA stores signed certificates."
|
|
1056
|
-
},
|
|
1057
|
-
:capass => {
|
|
1058
|
-
:default => "$caprivatedir/ca.pass",
|
|
1059
|
-
:type => :file,
|
|
1060
|
-
:owner => "service",
|
|
1061
|
-
:group => "service",
|
|
1062
|
-
:mode => "0640",
|
|
1063
|
-
:desc => "Where the CA stores the password for the private key."
|
|
1041
|
+
:desc => "Where the CA stores signed certificates.",
|
|
1064
1042
|
},
|
|
1065
1043
|
:serial => {
|
|
1066
1044
|
:default => "$cadir/serial",
|
|
@@ -1068,7 +1046,7 @@ EOT
|
|
|
1068
1046
|
:owner => "service",
|
|
1069
1047
|
:group => "service",
|
|
1070
1048
|
:mode => "0644",
|
|
1071
|
-
:desc => "Where the serial number for certificates is stored."
|
|
1049
|
+
:desc => "Where the serial number for certificates is stored.",
|
|
1072
1050
|
},
|
|
1073
1051
|
:autosign => {
|
|
1074
1052
|
:default => "$confdir/autosign.conf",
|
|
@@ -1101,14 +1079,13 @@ EOT
|
|
|
1101
1079
|
:allow_duplicate_certs => {
|
|
1102
1080
|
:default => false,
|
|
1103
1081
|
:type => :boolean,
|
|
1104
|
-
:desc => "Whether to allow a new certificate
|
|
1105
|
-
request to overwrite an existing certificate.",
|
|
1082
|
+
:desc => "Whether to allow a new certificate request to overwrite an existing certificate.",
|
|
1106
1083
|
},
|
|
1107
1084
|
:ca_ttl => {
|
|
1108
1085
|
:default => "5y",
|
|
1109
1086
|
:type => :duration,
|
|
1110
1087
|
:desc => "The default TTL for new certificates.
|
|
1111
|
-
#{AS_DURATION}"
|
|
1088
|
+
#{AS_DURATION}",
|
|
1112
1089
|
},
|
|
1113
1090
|
:keylength => {
|
|
1114
1091
|
:default => 4096,
|
|
@@ -1121,7 +1098,7 @@ EOT
|
|
|
1121
1098
|
:owner => "service",
|
|
1122
1099
|
:group => "service",
|
|
1123
1100
|
:desc => "The inventory file. This is a text file to which the CA writes a
|
|
1124
|
-
complete listing of all certificates."
|
|
1101
|
+
complete listing of all certificates.",
|
|
1125
1102
|
}
|
|
1126
1103
|
)
|
|
1127
1104
|
|
|
@@ -1150,10 +1127,6 @@ EOT
|
|
|
1150
1127
|
:default => nil,
|
|
1151
1128
|
:desc => "The address the agent should use to initiate requests.",
|
|
1152
1129
|
},
|
|
1153
|
-
:bindaddress => {
|
|
1154
|
-
:default => "*",
|
|
1155
|
-
:desc => "The address a listening server should bind to.",
|
|
1156
|
-
}
|
|
1157
1130
|
)
|
|
1158
1131
|
|
|
1159
1132
|
define_settings(:environment,
|
|
@@ -1202,11 +1175,15 @@ EOT
|
|
|
1202
1175
|
define_settings(:master,
|
|
1203
1176
|
:user => {
|
|
1204
1177
|
:default => "puppet",
|
|
1205
|
-
:desc => "The user
|
|
1178
|
+
:desc => "The user Puppet Server will run as. Used to ensure
|
|
1179
|
+
the agent side processes (agent, apply, etc) create files and
|
|
1180
|
+
directories readable by Puppet Server when necessary.",
|
|
1206
1181
|
},
|
|
1207
1182
|
:group => {
|
|
1208
1183
|
:default => "puppet",
|
|
1209
|
-
:desc => "The group
|
|
1184
|
+
:desc => "The group Puppet Server will run as. Used to ensure
|
|
1185
|
+
the agent side processes (agent, apply, etc) create files and
|
|
1186
|
+
directories readable by Puppet Server when necessary.",
|
|
1210
1187
|
},
|
|
1211
1188
|
:default_manifest => {
|
|
1212
1189
|
:default => "./manifests",
|
|
@@ -1245,23 +1222,11 @@ EOT
|
|
|
1245
1222
|
by `puppet`, and should only be set if you're writing your own Puppet
|
|
1246
1223
|
executable.",
|
|
1247
1224
|
},
|
|
1248
|
-
:masterhttplog => {
|
|
1249
|
-
:default => "$logdir/masterhttp.log",
|
|
1250
|
-
:type => :file,
|
|
1251
|
-
:owner => "service",
|
|
1252
|
-
:group => "service",
|
|
1253
|
-
:mode => "0660",
|
|
1254
|
-
:create => true,
|
|
1255
|
-
:desc => "Where the puppet master web server saves its access log. This is
|
|
1256
|
-
only used when running a WEBrick puppet master. When puppet master is
|
|
1257
|
-
running under a Rack server like Passenger, that web server will have
|
|
1258
|
-
its own logging behavior."
|
|
1259
|
-
},
|
|
1260
1225
|
:masterport => {
|
|
1261
1226
|
:default => 8140,
|
|
1262
|
-
:desc => "The port
|
|
1263
|
-
|
|
1264
|
-
|
|
1227
|
+
:desc => "The default port puppet subcommands use to communicate
|
|
1228
|
+
with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
|
|
1229
|
+
overridden by more specific settings (see `ca_port`, `report_port`).",
|
|
1265
1230
|
},
|
|
1266
1231
|
:node_name => {
|
|
1267
1232
|
:default => "cert",
|
|
@@ -1283,14 +1248,11 @@ EOT
|
|
|
1283
1248
|
:rest_authconfig => {
|
|
1284
1249
|
:default => "$confdir/auth.conf",
|
|
1285
1250
|
:type => :file,
|
|
1251
|
+
:deprecated => :completely,
|
|
1286
1252
|
:desc => "The configuration file that defines the rights to the different
|
|
1287
|
-
rest indirections. This can be used as a fine-grained
|
|
1288
|
-
|
|
1289
|
-
|
|
1290
|
-
:ca => {
|
|
1291
|
-
:default => true,
|
|
1292
|
-
:type => :boolean,
|
|
1293
|
-
:desc => "Whether the master should function as a certificate authority.",
|
|
1253
|
+
rest indirections. This can be used as a fine-grained authorization system for
|
|
1254
|
+
`puppet master`. The `puppet master` command is deprecated and Puppet Server
|
|
1255
|
+
uses its own auth.conf that must be placed within its configuration directory.",
|
|
1294
1256
|
},
|
|
1295
1257
|
:trusted_oid_mapping_file => {
|
|
1296
1258
|
:default => "$confdir/custom_trusted_oid_mapping.yaml",
|
|
@@ -1646,12 +1608,6 @@ EOT
|
|
|
1646
1608
|
prior compilation. The list of missing objects is maintained per-environment and
|
|
1647
1609
|
persists until the environment is cleared or the master is restarted.",
|
|
1648
1610
|
},
|
|
1649
|
-
:ignorecache => {
|
|
1650
|
-
:default => false,
|
|
1651
|
-
:type => :boolean,
|
|
1652
|
-
:desc => "This setting has no effect and will be removed in a future Puppet version.",
|
|
1653
|
-
:deprecated => :completely,
|
|
1654
|
-
},
|
|
1655
1611
|
:splaylimit => {
|
|
1656
1612
|
:default => "$runinterval",
|
|
1657
1613
|
:type => :duration,
|
|
@@ -1755,28 +1711,6 @@ EOT
|
|
|
1755
1711
|
turn off waiting for certificates by specifying a time of 0, in which case
|
|
1756
1712
|
puppet agent will exit if it cannot get a cert.
|
|
1757
1713
|
#{AS_DURATION}",
|
|
1758
|
-
},
|
|
1759
|
-
:ordering => {
|
|
1760
|
-
:type => :enum,
|
|
1761
|
-
:values => ["manifest", "title-hash", "random"],
|
|
1762
|
-
:default => "manifest",
|
|
1763
|
-
:desc => "How unrelated resources should be ordered when applying a catalog.
|
|
1764
|
-
Allowed values are `title-hash`, `manifest`, and `random`. This
|
|
1765
|
-
setting affects puppet agent and puppet apply, but not puppet master.
|
|
1766
|
-
|
|
1767
|
-
* `manifest` (the default) will use the order in which the resources were
|
|
1768
|
-
declared in their manifest files.
|
|
1769
|
-
* `title-hash` (the default in 3.x) will order resources randomly, but
|
|
1770
|
-
will use the same order across runs and across nodes. It is only of
|
|
1771
|
-
value if you're migrating from 3.x and have errors running with
|
|
1772
|
-
`manifest`.
|
|
1773
|
-
* `random` will order resources randomly and change their order with each
|
|
1774
|
-
run. This can work like a fuzzer for shaking out undeclared dependencies.
|
|
1775
|
-
|
|
1776
|
-
Regardless of this setting's value, Puppet will always obey explicit
|
|
1777
|
-
dependencies set with the before/require/notify/subscribe metaparameters
|
|
1778
|
-
and the `->`/`~>` chaining arrows; this setting only affects the relative
|
|
1779
|
-
ordering of _unrelated_ resources."
|
|
1780
1714
|
}
|
|
1781
1715
|
)
|
|
1782
1716
|
|
|
@@ -1817,17 +1751,6 @@ EOT
|
|
|
1817
1751
|
is used for retrieval, so anything that is a valid file source can
|
|
1818
1752
|
be used here.",
|
|
1819
1753
|
},
|
|
1820
|
-
|
|
1821
|
-
:pluginsync => {
|
|
1822
|
-
:default => true,
|
|
1823
|
-
:type => :boolean,
|
|
1824
|
-
:desc => "Whether plugins should be synced with the central server. This setting is
|
|
1825
|
-
deprecated.",
|
|
1826
|
-
:hook => proc { |value|
|
|
1827
|
-
#TRANSLATORS 'pluginsync' is a setting and should not be translated
|
|
1828
|
-
Puppet.deprecation_warning(_("Setting 'pluginsync' is deprecated."))
|
|
1829
|
-
}
|
|
1830
|
-
},
|
|
1831
1754
|
:pluginsignore => {
|
|
1832
1755
|
:default => ".svn CVS .git .hg",
|
|
1833
1756
|
:desc => "What files to ignore when pulling down plugins.",
|
|
@@ -1924,11 +1847,11 @@ EOT
|
|
|
1924
1847
|
},
|
|
1925
1848
|
:ldapserver => {
|
|
1926
1849
|
:default => "ldap",
|
|
1927
|
-
:desc => "The LDAP server.
|
|
1850
|
+
:desc => "The LDAP server.",
|
|
1928
1851
|
},
|
|
1929
1852
|
:ldapport => {
|
|
1930
1853
|
:default => 389,
|
|
1931
|
-
:desc => "The LDAP port.
|
|
1854
|
+
:desc => "The LDAP port.",
|
|
1932
1855
|
},
|
|
1933
1856
|
|
|
1934
1857
|
:ldapstring => {
|
|
@@ -2062,7 +1985,7 @@ EOT
|
|
|
2062
1985
|
define_settings(
|
|
2063
1986
|
:main,
|
|
2064
1987
|
:rich_data => {
|
|
2065
|
-
:default =>
|
|
1988
|
+
:default => true,
|
|
2066
1989
|
:type => :boolean,
|
|
2067
1990
|
:hook => proc do |value|
|
|
2068
1991
|
envs = Puppet.lookup(:environments) { nil }
|