bolt 0.21.7 → 0.21.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af8e2b6778a6eefcb1efcafe215e6d0642cc1f1d59b656d12bf94d66e6136c73
-  data.tar.gz: 36cfe00c4670dec416489ab9212928071037fd5010e381d2aab07a5fd6914b81
+  metadata.gz: 22fb0de3f6560ee5c6e57d1f0344e9994d93ae5a638531afde4586b619f137de
+  data.tar.gz: c2e8780f18783e570e1d9cd44f52f722cce1329fcdfb3c32c3028b22d718f81e
 SHA512:
-  metadata.gz: d0f08cc1c6b9f3b407c0b292e842ae4b5e21f41857c78a768b7a965877d22cff0affe9a878ebb1c551a7fb81b05d9548d056ea172e1e8e1d6204b85a8f6ccf22
-  data.tar.gz: c68bd35efb219e3d836e5e77e497708b1c5b8a05c1a6dcdc0025d38a754fce5fd334a3f26e989e4f0bf2131a3df82a0bbbbc5b7a74247fdf262c5bd66563f050
+  metadata.gz: e007695b192c794a2d391d9b2e2dbb2a732374e2aa5b7639ad31e0db7a98dfd5f64b08710dfb958ec7af0e56adb2628f7ef40380f9ad951f505231c303467441
+  data.tar.gz: 78a3c221d8c45bc584b477071e47c9a402d0a99867db696eae6201edc739367b2f49a9ad7c465b9292ae4dbcaa1bd692df6dab878b90183e0e2e276af9d7b739

data/lib/bolt/transport/ssh/connection.rb

@@ -54,13 +54,14 @@ module Bolt
         attr_reader :logger, :user, :target
         attr_writer :run_as
 
-        def initialize(target)
+        def initialize(target, transport_logger)
           @target = target
 
           @user = @target.user || Net::SSH::Config.for(target.host)[:user] || Etc.getlogin
           @run_as = nil
 
           @logger = Logging.logger[@target.host]
+          @transport_logger = transport_logger
         end
 
         if Bolt::Util.windows?
@@ -74,10 +75,8 @@ module Bolt
         end
 
         def connect
-          transport_logger = Logging.logger[Net::SSH]
-          transport_logger.level = :warn
           options = {
-            logger: transport_logger,
+            logger: @transport_logger,
             non_interactive: true
           }
 
@@ -94,7 +93,7 @@ module Bolt
           options[:verify_host_key] = if target.options['host-key-check']
                                         Net::SSH::Verifiers::Secure.new
                                       else
-                                        Net::SSH::Verifiers::Lenient.new
+                                        Net::SSH::Verifiers::Null.new
                                       end
           options[:timeout] = target.options['connect-timeout'] if target.options['connect-timeout']
 

data/lib/bolt/transport/ssh.rb

@@ -58,10 +58,13 @@ module Bolt
             "Authentication method 'gssapi-with-mic' is not available"
           }
         end
+
+        @transport_logger = Logging.logger[Net::SSH]
+        @transport_logger.level = :warn
       end
 
       def with_connection(target)
-        conn = Connection.new(target)
+        conn = Connection.new(target, @transport_logger)
         conn.connect
         yield conn
       ensure

data/lib/bolt/transport/winrm/connection.rb

@@ -11,7 +11,7 @@ module Bolt
 
         DEFAULT_EXTENSIONS = ['.ps1', '.rb', '.pp'].freeze
 
-        def initialize(target)
+        def initialize(target, transport_logger)
           @target = target
 
           default_port = target.options['ssl'] ? HTTPS_PORT : HTTP_PORT
@@ -23,6 +23,7 @@ module Bolt
           @extensions = DEFAULT_EXTENSIONS.to_set.merge(extensions)
 
           @logger = Logging.logger[@target.host]
+          @transport_logger = transport_logger
         end
 
         HTTP_PORT = 5985
@@ -47,9 +48,7 @@ module Bolt
 
           Timeout.timeout(target.options['connect-timeout']) do
             @connection = ::WinRM::Connection.new(options)
-            transport_logger = Logging.logger[::WinRM]
-            transport_logger.level = :warn
-            @connection.logger = transport_logger
+            @connection.logger = @transport_logger
 
             @session = @connection.shell(:powershell)
             @session.run('$PSVersionTable.PSVersion')

data/lib/bolt/transport/winrm.rb

@@ -37,10 +37,13 @@ module Bolt
         super
         require 'winrm'
         require 'winrm-fs'
+
+        @transport_logger = Logging.logger[::WinRM]
+        @transport_logger.level = :warn
       end
 
       def with_connection(target)
-        conn = Connection.new(target)
+        conn = Connection.new(target, @transport_logger)
         conn.connect
         yield conn
       ensure

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '0.21.7'
+  VERSION = '0.21.8'
 end

data/libexec/apply_catalog.rb

@@ -1,6 +1,7 @@
 #! /opt/puppetlabs/puppet/bin/ruby
 # frozen_string_literal: true
 
+require 'fileutils'
 require 'json'
 require 'puppet'
 require 'puppet/configurer'
@@ -13,7 +14,7 @@ Puppet.initialize_settings([])
 run_mode = Puppet::Util::RunMode[:user]
 Puppet.settings.initialize_app_defaults(Puppet::Settings.app_defaults_for_run_mode(run_mode))
 
-Puppet::ApplicationSupport.push_application_context(run_mode, :local)
+Puppet::ApplicationSupport.push_application_context(run_mode)
 
 # Avoid extraneous output
 Puppet[:summarize] = false
@@ -43,7 +44,8 @@ Puppet[:postrun_command] = nil
 Puppet[:default_file_terminus] = :file_server
 
 exit_code = 0
-Dir.mktmpdir do |moduledir|
+moduledir = Dir.mktmpdir
+begin
   Tempfile.open('plugins.tar.gz') do |plugins|
     File.binwrite(plugins, Base64.decode64(args['plugins']))
     Puppet::ModuleTool::Tar.instance.unpack(plugins, moduledir, Etc.getlogin || Etc.getpwuid.name)
@@ -75,6 +77,12 @@ Dir.mktmpdir do |moduledir|
 
   puts JSON.pretty_generate(report.to_data_hash)
   exit_code = report.exit_status != 1
+ensure
+  begin
+    FileUtils.remove_dir(moduledir)
+  rescue Errno::ENOTEMPTY => e
+    STDERR.puts("Could not cleanup temporary directory: #{e}")
+  end
 end
 
 exit exit_code

data/vendored/puppet/lib/puppet/application/apply.rb

@@ -265,20 +265,31 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
           exit(1)
         end
 
-        # Translate it to a RAL catalog
-        catalog = catalog.to_ral
+        # Loaders are required when resolving deferred values and at the end
+        # when apply_catalog is called - it is therefore used around all of the
+        # required steps as it is expensive to set up loaders twice (once for
+        # resolution and once for the apply).
+        #
+        exit_status = Puppet.override(:loaders => Puppet::Pops::Loaders.new(apply_environment)) do
 
-        catalog.finalize
+          # Resolve all deferred values and replace them / mutate the catalog
+          Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node, node.facts, catalog)
 
-        catalog.retrieval_duration = Time.now - starttime
+          # Translate it to a RAL catalog
+          catalog = catalog.to_ral
 
-        if options[:write_catalog_summary]
-          catalog.write_class_file
-          catalog.write_resource_file
-        end
+          catalog.finalize
 
-        exit_status = Puppet.override(:loaders => Puppet::Pops::Loaders.new(apply_environment)) { apply_catalog(catalog) }
+          catalog.retrieval_duration = Time.now - starttime
 
+          if options[:write_catalog_summary]
+            catalog.write_class_file
+            catalog.write_resource_file
+          end
+
+          #exit_status = Puppet.override(:loaders => Puppet::Pops::Loaders.new(apply_environment)) { apply_catalog(catalog) }
+          apply_catalog(catalog)
+        end
         if not exit_status
           exit(1)
         elsif options[:detailed_exitcodes] then

data/vendored/puppet/lib/puppet/application/cert.rb

@@ -100,7 +100,7 @@ class Puppet::Application::Cert < Puppet::Application
   end
 
   def summary
-    _("Manage certificates and requests")
+    _("Manage certificates and requests (Deprecated)")
   end
 
   def help
@@ -282,6 +282,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   end
 
   def setup
+    deprecate
+
     require 'puppet/ssl/certificate_authority'
     exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
 

data/vendored/puppet/lib/puppet/application/device.rb

@@ -32,6 +32,7 @@ class Puppet::Application::Device < Puppet::Application
       :centrallogs => false,
       :setdest => false,
       :resource => false,
+      :facts => false,
       :target => nil,
       :to_yaml => false,
     }.each do |opt,val|
@@ -44,6 +45,7 @@ class Puppet::Application::Device < Puppet::Application
   option("--centrallogging")
   option("--debug","-d")
   option("--resource","-r")
+  option("--facts","-f")
   option("--to_yaml","-y")
   option("--verbose","-v")
 
@@ -93,7 +95,7 @@ USAGE
 -----
   puppet device [-d|--debug] [--detailed-exitcodes] [--deviceconfig <file>]
                 [-h|--help] [-l|--logdest syslog|<file>|console]
-                [-v|--verbose] [-w|--waitforcert <seconds>]
+                [-v|--verbose] [-w|--waitforcert <seconds>] [-f|--facts]
                 [-a|--apply <file>] [-r|--resource <type> [name]]
                 [-t|--target <device>] [--user=<user>] [-V|--version]
 
@@ -163,6 +165,9 @@ you can specify '--server <servername>' as an argument.
 * --apply:
   Apply a manifest against a remote target. Target must be specified.
 
+* --facts:
+  Displays the facts of a remote target. Target must be specified.
+
 * --resource:
   Displays a resource state as Puppet code, roughly equivalent to
   `puppet resource`.  Can be filterd by title. Requires --target be specified.
@@ -210,6 +215,9 @@ Licensed under the Apache 2.0 License
     if options[:resource] and !options[:target]
       raise _("resource command requires target")
     end
+    if options[:facts] and !options[:target]
+      raise _("facts command requires target")
+    end
     unless options[:apply].nil?
       raise _("missing argument: --target is required when using --apply") if options[:target].nil?
       raise _("%{file} does not exist, cannot apply") % { file: options[:apply] } unless File.file?(options[:apply])
@@ -266,14 +274,23 @@ Licensed under the Apache 2.0 License
             end
             (puts text)
             0
+          elsif options[:facts]
+            Puppet.info _("retrieving facts from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
+            remote_facts = Puppet::Node::Facts.indirection.find(name, :environment => env)
+            # Give a proper name to the facts
+            remote_facts.name = remote_facts.values['clientcert']
+            renderer = Puppet::Network::FormatHandler.format(:console)
+            puts renderer.render(remote_facts)
+            0
           elsif options[:apply]
+            # ensure we have a cache folder structure exists for the device
+            FileUtils.mkdir_p(Puppet[:statedir]) unless File.directory?(Puppet[:statedir])
             # avoid reporting to server
             Puppet::Transaction::Report.indirection.terminus_class = :yaml
             Puppet::Resource::Catalog.indirection.cache_class = nil
 
             require 'puppet/application/apply'
             begin
-
               Puppet[:node_terminus] = :plain
               Puppet[:catalog_terminus] = :compiler
               Puppet[:catalog_cache_terminus] = nil
@@ -344,11 +361,11 @@ Licensed under the Apache 2.0 License
   end
 
   def setup
-    if options[:resource]
+    setup_logs
+    if options[:apply] || options[:facts] || options[:resource]
+      Puppet::Util::Log.newdestination(:console)
       Puppet.settings.use :main, :agent, :ssl
     else
-      setup_logs
-
       args[:Server] = Puppet[:server]
       if options[:centrallogs]
         logdest = args[:Server]

data/vendored/puppet/lib/puppet/configurer/fact_handler.rb

@@ -28,7 +28,11 @@ module Puppet::Configurer::FactHandler
   end
 
   def facts_for_uploading
-    facts = find_facts
+    encode_facts(find_facts)
+  end
+
+  def encode_facts(facts)
+    #facts = find_facts
 
     # NOTE: :facts specified as parameters are URI encoded here,
     # then  encoded for a second time depending on their length:

data/vendored/puppet/lib/puppet/configurer.rb

@@ -4,6 +4,8 @@ require 'timeout'
 require 'puppet/network/http_pool'
 require 'puppet/util'
 require 'securerandom'
+#require 'puppet/parser/script_compiler'
+require 'puppet/pops/evaluator/deferred_resolver'
 
 class Puppet::Configurer
   require 'puppet/configurer/fact_handler'
@@ -106,6 +108,11 @@ class Puppet::Configurer
     catalog = nil
 
     catalog_conversion_time = thinmark do
+      # Will mutate the result and replace all Deferred values with resolved values
+      if options[:convert_for_node] && options[:convert_with_facts]
+        Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(options[:convert_for_node], options[:convert_with_facts], result)
+      end
+
       catalog = result.to_ral
       catalog.finalize
       catalog.retrieval_duration = duration
@@ -137,7 +144,9 @@ class Puppet::Configurer
       #
       # facts_for_uploading may set Puppet[:node_name_value] as a side effect
       facter_time = thinmark do
-        facts_hash = facts_for_uploading
+        facts = find_facts
+        options[:convert_with_facts] =  facts
+        facts_hash = encode_facts(facts) # encode for uploading # was: facts_for_uploading
       end
       options[:report].add_times(:fact_generation, facter_time) if options[:report]
     end
@@ -327,10 +336,14 @@ class Puppet::Configurer
                                          current_environment.manifest,
                                          current_environment.config_version)
       end
-      Puppet.push_context({:current_environment => local_node_environment}, "Local node environment for configurer transaction")
+      Puppet.push_context({
+        :current_environment => local_node_environment, 
+        :loaders => Puppet::Pops::Loaders.new(local_node_environment)
+      }, "Local node environment for configurer transaction")
 
       query_options = get_facts(options) unless query_options
       query_options[:configured_environment] = configured_environment
+      options[:convert_for_node] = node
 
       unless catalog = prepare_and_retrieve_catalog(options, query_options)
         return nil

data/vendored/puppet/lib/puppet/defaults.rb

@@ -38,11 +38,23 @@ module Puppet
       installdir = Facter.value(:env_windows_installdir)
       if installdir
         path << "#{installdir}/puppet/modules"
-        path << "#{installdir}/puppet/vendor_modules"
       end
       path.join(File::PATH_SEPARATOR)
     else
-      '$codedir/modules:/opt/puppetlabs/puppet/modules:/opt/puppetlabs/puppet/vendor_modules'
+      '$codedir/modules:/opt/puppetlabs/puppet/modules'
+    end
+  end
+
+  def self.default_vendormoduledir
+    if Puppet::Util::Platform.windows?
+      installdir = Facter.value(:env_windows_installdir)
+      if installdir
+        "#{installdir}\\puppet\\vendor_modules"
+      else
+        nil
+      end
+    else
+      '/opt/puppetlabs/puppet/vendor_modules'
     end
   end
 
@@ -290,7 +302,7 @@ module Puppet
         :desc     => "Whether to create the necessary user and group that puppet agent will run as.",
     },
     :manage_internal_file_permissions => {
-        :default  => true,
+        :default  => ! Puppet::Util::Platform.windows?,
         :type     => :boolean,
         :desc     => "Whether Puppet should manage the owner, group, and mode of files it uses internally",
     },
@@ -327,13 +339,7 @@ module Puppet
           for those files that Puppet will load on demand, and is only
           guaranteed to work for those cases.  In fact, the autoload
           mechanism is responsible for making sure this directory
-          is in Ruby's search path\n",
-      :call_hook => :on_initialize_and_write,
-      :hook             => proc do |value|
-        $LOAD_PATH.delete(@oldlibdir) if defined?(@oldlibdir) && $LOAD_PATH.include?(@oldlibdir)
-        @oldlibdir = value
-        $LOAD_PATH << value
-      end
+          is in Ruby's search path\n"
     },
     :environment => {
         :default  => "production",
@@ -467,7 +473,7 @@ module Puppet
       :type       => :terminus,
       :default    => nil,
       :desc       => "How to store cached nodes.
-      Valid values are (none), 'json', 'msgpack', 'yaml' or write only yaml ('write_only_yaml').",
+      Valid values are (none), 'json', 'msgpack', or 'yaml'.",
     },
     :data_binding_terminus => {
       :type    => :terminus,
@@ -582,9 +588,10 @@ module Puppet
       #{AS_DURATION}",
     },
     :http_read_timeout => {
+      :default => "10m",
       :type    => :duration,
-      :desc    => "The time to wait for one block to be read from an HTTP connection. If nothing is
-      read after the elapsed interval then the connection will be closed. The default value is unlimited.
+      :desc    => "The time to wait for data to be read from an HTTP connection. If nothing is
+      read after the elapsed interval then the connection will be closed. The default value is 10 minutes.
       #{AS_DURATION}",
     },
     :http_user_agent => {
@@ -661,13 +668,6 @@ module Puppet
           essentially means that you can't have any code outside of a node,
           class, or definition other than in the site manifest.",
     },
-    :trusted_server_facts => {
-      :default => true,
-      :type    => :boolean,
-      :deprecated => :completely,
-      :desc    => "The 'trusted_server_facts' setting is deprecated and has no effect as the
-        feature this enabled is now always on. The setting will be removed in a future version of puppet.",
-    },
     :preview_outputdir => {
       :default => '$vardir/preview',
       :type     => :directory,
@@ -745,7 +745,8 @@ A comma-separated list of alternate DNS names for Puppet Server. These are extra
 hostnames (in addition to its `certname`) that the server is allowed to use when
 serving agents. Puppet checks this setting when automatically requesting a
 certificate for Puppet agent or Puppet Server, and when manually generating a
-certificate with `puppet cert generate`.
+certificate with `puppet cert generate`. These can be either IP or DNS, and the type
+should be specified and followed with a colon. Untyped inputs will default to DNS.
 
 In order to handle agent requests at a given hostname (like
 "puppet.example.com"), Puppet Server needs a certificate that proves it's
@@ -1308,6 +1309,14 @@ EOT
         any global directories. For more info, see
         <https://puppet.com/docs/puppet/latest/environments_about.html>",
     },
+    :vendormoduledir => {
+      :default => lambda { default_vendormoduledir },
+      :type => :string,
+      :desc => "The directory containing **vendored** modules. These modules will
+      be used by _all_ environments like those in the `basemodulepath`. The only
+      difference is that modules in the `basemodulepath` are pluginsynced, while
+      vendored modules are not",
+    },
     :ssl_client_header => {
       :default    => "HTTP_X_CLIENT_DN",
       :desc       => "The header containing an authenticated client's SSL DN.
@@ -1577,11 +1586,11 @@ EOT
           it with the `--no-client` option. #{AS_DURATION}",
     },
     :runtimeout => {
-      :default  => 0,
+      :default  => "1h",
       :type     => :duration,
       :desc     => "The maximum amount of time an agent run is allowed to take.
-          A Puppet agent run that exceeds this timeout will be aborted.
-          Defaults to 0, which is unlimited. #{AS_DURATION}",
+          A Puppet agent run that exceeds this timeout will be aborted. A value
+          of 0 disables the timeout. Defaults to 1 hour. #{AS_DURATION}",
     },
     :ca_server => {
       :default    => "$server",
@@ -1626,7 +1635,9 @@ EOT
       :type       => :boolean,
       :desc       => "Whether to only use the cached catalog rather than compiling a new catalog
         on every run.  Puppet can be run with this enabled by default and then selectively
-        disabled when a recompile is desired.",
+        disabled when a recompile is desired. Because a Puppet agent using cached catalogs
+        does not contact the master for a new catalog, it also does not upload facts at
+        the beginning of the Puppet run.",
     },
     :ignoremissingtypes => {
       :default    => false,

data/vendored/puppet/lib/puppet/face/certificate.rb

@@ -162,4 +162,6 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
 
   deactivate_action(:search)
   deactivate_action(:save)
+
+  deprecate
 end

data/vendored/puppet/lib/puppet/feature/base.rb

@@ -54,9 +54,6 @@ Puppet.features.add(:root) { require 'puppet/util/suidmanager'; Puppet::Util::SU
 # We have lcs diff
 Puppet.features.add :diff, :libs => %w{diff/lcs diff/lcs/hunk}
 
-# We have augeas
-Puppet.features.add(:augeas, :libs => ["augeas"])
-
 # We have OpenSSL
 Puppet.features.add(:openssl, :libs => ["openssl"])
 

data/vendored/puppet/lib/puppet/functions/call.rb

@@ -6,6 +6,10 @@
 # 2. Any number of arguments to be passed to the called function.
 # 3. An optional lambda, if the function being called supports it.
 #
+# This function can also be used to resolve a `Deferred` given as
+# the only argument to the function (does not accept arguments nor
+# a block).
+#
 # @example Using the `call` function
 #
 # ```puppet
@@ -26,6 +30,29 @@
 # The `call` function can be used to call either Ruby functions or Puppet language
 # functions.
 #
+# When used with `Deferred` values, the deferred value can either describe
+# a function call, or a dig into a variable.
+#
+# @example Resolving a deferred function call
+#
+# ```puppet
+# $d = Deferred('join', [[1,2,3], ':']) # A future call to join that joins the arguments 1,2,3 with ':'
+# notice($d.call())
+# ```
+#
+# Would notice the string "1:2:3".
+#
+# @example Resolving a deferred variable value with optional dig into its structure
+#
+# ```puppet
+# $d = Deferred('$facts', ['processors', 'count'])
+# notice($d.call())
+# ```
+#
+# Would notice the value of `$facts['processors']['count']` at the time when the `call` is made.
+#
+# * Deferred values supported since Puppet 5.6.0
+#
 # @since 5.0.0
 #
 Puppet::Functions.create_function(:call, Puppet::Functions::InternalFunction) do
@@ -36,7 +63,17 @@ Puppet::Functions.create_function(:call, Puppet::Functions::InternalFunction) do
     optional_block_param
   end
 
+  dispatch :call_deferred do
+    scope_param
+    param 'Deferred', :deferred
+  end
+
   def call_impl_block(scope, function_name, *args, &block)
     call_function_with_scope(scope, function_name, *args, &block)
   end
+
+  def call_deferred(scope, deferred)
+    Puppet::Pops::Evaluator::DeferredResolver.resolve(deferred, scope.compiler)
+  end
+
 end

data/vendored/puppet/lib/puppet/functions.rb

@@ -714,6 +714,11 @@ module Puppet::Functions
       inject(:pal_script_compiler)
     end
 
+    # Inject a parameter getting a cached hash for this function
+    def cache_param
+      inject(:cache)
+    end
+
     private
 
     def inject(injection_name)

data/vendored/puppet/lib/puppet/indirector/ldap.rb

@@ -2,6 +2,12 @@ require 'puppet/indirector/terminus'
 require 'puppet/util/ldap/connection'
 
 class Puppet::Indirector::Ldap < Puppet::Indirector::Terminus
+  def initialize
+    #TRANSLATORS 'Puppet::Indirector::Ldap' is a class and should not be translated
+    Puppet.deprecation_warning(_("Puppet::Indirector::Ldap is deprecated and will be removed in a future release of Puppet."));
+    super
+  end
+
   # Perform our ldap search and process the result.
   def find(request)
     ldapsearch(search_filter(request.key)) { |entry| return process(entry) } || nil

data/vendored/puppet/lib/puppet/node/environment.rb

@@ -417,9 +417,10 @@ class Puppet::Node::Environment
   end
 
   # Loads module translations for the current environment once for
-  # the lifetime of the environment.
+  # the lifetime of the environment. Execute a block in the context
+  # of that translation domain.
   def with_text_domain
-    return if Puppet[:disable_i18n]
+    return yield if Puppet[:disable_i18n]
 
     if @text_domain.nil?
       @text_domain = @name
@@ -431,6 +432,7 @@ class Puppet::Node::Environment
 
     yield
   ensure
+    # Is a noop if disable_i18n is true
     Puppet::GettextConfig.clear_text_domain
   end
 

data/vendored/puppet/lib/puppet/parser/scope.rb

@@ -769,8 +769,8 @@ class Puppet::Parser::Scope
       raise Puppet::ParseError, _("Attempt to assign to a reserved variable name: '%{name}'") % { name: name }
     end
 
-    # Check for server_facts reserved variable name if the trusted_sever_facts setting is true
-    if name == VARNAME_SERVER_FACTS && !options[:privileged] && Puppet[:trusted_server_facts]
+    # Check for server_facts reserved variable name
+    if name == VARNAME_SERVER_FACTS && !options[:privileged]
       raise Puppet::ParseError, _("Attempt to assign to a reserved variable name: '%{name}'") % { name: name }
     end
 

data/vendored/puppet/lib/puppet/pops/adapters.rb

@@ -2,6 +2,20 @@
 #
 module Puppet::Pops
 module Adapters
+
+  class ObjectIdCacheAdapter < Puppet::Pops::Adaptable::Adapter
+    attr_accessor :cache
+
+    def initialize
+      @cache = {}
+    end
+
+    # Retrieves a mutable hash with all stored values
+    def retrieve(o)
+      @cache[o.__id__] ||= {}
+    end
+  end
+
   # A documentation adapter adapts an object with a documentation string.
   # (The intended use is for a source text parser to extract documentation and store this
   # in DocumentationAdapter instances).