packaging 0.104.0 → 0.106.1

data/lib/packaging/util/net.rb

@@ -1,15 +1,13 @@
 # Utility methods for handling network calls and interactions
 
 module Pkg::Util::Net
-
   class << self
-
     # This simple method does an HTTP get of a URI and writes it to a file
     # in a slightly more platform agnostic way than curl/wget
     def fetch_uri(uri, target)
       require 'open-uri'
       if Pkg::Util::File.file_writable?(File.dirname(target))
-        File.open(target, 'w') { |f| f.puts(open(uri).read) }
+        File.open(target, 'w') { |f| f.puts(URI.open(uri).read) }
       end
     end
 
@@ -37,7 +35,7 @@ module Pkg::Util::Net
       Array(hosts).flatten.each do |host|
         begin
           remote_execute(host, 'exit', { extra_options: '-oBatchMode=yes' })
-        rescue
+        rescue StandardError
           errs << host
         end
       end
@@ -56,7 +54,7 @@ module Pkg::Util::Net
         begin
           remote_execute(host, "gpg --list-secret-keys #{gpg} > /dev/null 2&>1",
                          { extra_options: '-oBatchMode=yes' })
-        rescue
+        rescue StandardError
           errs << host
         end
       end
@@ -112,13 +110,14 @@ module Pkg::Util::Net
     ###
     ### Deprecated method implemented as a shim to the new `remote_execute` method
     ###
-    def remote_ssh_cmd(target, command, capture_output = false, extra_options = '', fail_fast = true, trace = false)  # rubocop:disable Style/ParameterLists
+    def remote_ssh_cmd(target, command, capture_output = false, extra_options = '', fail_fast = true, trace = false) # rubocop:disable Metrics/ParameterLists
       puts "Warn: \"remote_ssh_cmd\" call in packaging is deprecated. Use \"remote_execute\" instead."
       remote_execute(target, command, {
                        capture_output: capture_output,
                        extra_options: extra_options,
                        fail_fast: fail_fast,
-                       trace: trace })
+                       trace: trace
+})
     end
 
     # Construct a valid rsync command
@@ -149,7 +148,8 @@ module Pkg::Util::Net
         target_path: nil,
         target_host: nil,
         extra_flags: nil,
-        dryrun: false }.merge(opts)
+        dryrun: false
+}.merge(opts)
       origin = Pathname.new(origin_path)
       target = options[:target_path] || origin.parent
 
@@ -187,9 +187,10 @@ module Pkg::Util::Net
         target_path: nil,
         target_host: nil,
         extra_flags: nil,
-        dryrun: ENV['DRYRUN'] }.merge(opts.delete_if { |_, value| value.nil? })
+        dryrun: ENV['DRYRUN']
+}.merge(opts.delete_if { |_, value| value.nil? })
 
-      stdout, _, _ = Pkg::Util::Execution.capture3(rsync_cmd(source, options), true)
+      stdout, = Pkg::Util::Execution.capture3(rsync_cmd(source, options), true)
       stdout
     end
 
@@ -223,7 +224,7 @@ module Pkg::Util::Net
       s3cmd = Pkg::Util::Tool.check_tool('s3cmd')
 
       if Pkg::Util::File.file_exists?(File.join(ENV['HOME'], '.s3cfg'))
-        stdout, _, _ = Pkg::Util::Execution.capture3("#{s3cmd} sync #{flags.join(' ')} '#{source}' s3://#{target_bucket}/#{target_directory}/")
+        stdout, = Pkg::Util::Execution.capture3("#{s3cmd} sync #{flags.join(' ')} '#{source}' s3://#{target_bucket}/#{target_directory}/")
         stdout
       else
         fail "#{File.join(ENV['HOME'], '.s3cfg')} does not exist. It is required to ship files using s3cmd."
@@ -279,7 +280,7 @@ module Pkg::Util::Net
         '--write-out "%{http_code}"',
         '--output /dev/null'
       ]
-      stdout, _ = Pkg::Util::Net.curl_form_data(uri, data)
+      stdout, = Pkg::Util::Net.curl_form_data(uri, data)
       stdout
     end
 
@@ -292,18 +293,18 @@ module Pkg::Util::Net
     end
 
     def remote_set_ownership(host, owner, group, files)
-      remote_cmd = "for file in #{files.join(" ")}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chown #{owner}:#{group} $file; else echo \"$file is immutable\"; fi; done"
+      remote_cmd = "for file in #{files.join(' ')}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chown #{owner}:#{group} $file; else echo \"$file is immutable\"; fi; done"
       Pkg::Util::Net.remote_execute(host, remote_cmd)
     end
 
     def remote_set_permissions(host, permissions, files)
-      remote_cmd = "for file in #{files.join(" ")}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chmod #{permissions} $file; else echo \"$file is immutable\"; fi; done"
+      remote_cmd = "for file in #{files.join(' ')}; do if [[ -d $file ]] || ! `lsattr $file | grep -q '\\-i\\-'`; then sudo chmod #{permissions} $file; else echo \"$file is immutable\"; fi; done"
       Pkg::Util::Net.remote_execute(host, remote_cmd)
     end
 
     # Remotely set the immutable bit on a list of files
     def remote_set_immutable(host, files)
-      Pkg::Util::Net.remote_execute(host, "sudo chattr +i #{files.join(" ")}")
+      Pkg::Util::Net.remote_execute(host, "sudo chattr +i #{files.join(' ')}")
     end
 
     # Create a symlink indicating the latest version of a package
@@ -350,8 +351,9 @@ module Pkg::Util::Net
       CMD
 
       _, err = Pkg::Util::Net.remote_execute(
-           Pkg::Config.staging_server, cmd, { capture_output: true })
-      $stderr.puts err
+        Pkg::Config.staging_server, cmd, { capture_output: true }
+      )
+      warn err
     end
 
     def escape_html(uri)
@@ -383,18 +385,18 @@ module Pkg::Util::Net
       Pkg::Util::Net.rsync_to(tarball, host, '/tmp')
       appendix = Pkg::Util.rand_string
       git_bundle_directory = File.join('/tmp', "#{Pkg::Config.project}-#{appendix}")
-      command = <<-DOC
-#{tar} -zxvf /tmp/#{tarball_name}.tar.gz -C /tmp/ ;
-git clone --recursive /tmp/#{tarball_name} #{git_bundle_directory} ;
-DOC
+      command = <<~DOC
+        #{tar} -zxvf /tmp/#{tarball_name}.tar.gz -C /tmp/ ;
+        git clone --recursive /tmp/#{tarball_name} #{git_bundle_directory} ;
+      DOC
       Pkg::Util::Net.remote_execute(host, command)
       return git_bundle_directory
     end
 
     def remote_bundle_install_command
-      export_packaging_location = ''
       export_packaging_location = "export PACKAGING_LOCATION='#{ENV['PACKAGING_LOCATION']}';" if ENV['PACKAGING_LOCATION'] && !ENV['PACKAGING_LOCATION'].empty?
-      command = "source /usr/local/rvm/scripts/rvm; rvm use ruby-2.5.1; #{export_packaging_location} bundle install --path .bundle/gems ;"
+      export_vanagon_location = "export VANAGON_LOCATION='#{ENV['VANAGON_LOCATION']}';" if ENV['VANAGON_LOCATION'] && !ENV['VANAGON_LOCATION'].empty?
+      "source /usr/local/rvm/scripts/rvm; rvm use ruby-2.5.1; #{export_packaging_location} #{export_vanagon_location} bundle install --path .bundle/gems ;"
     end
 
     # Given a BuildInstance object and a host, send its params to the host. Return

data/lib/packaging/util/repo.rb

@@ -0,0 +1,17 @@
+# Module for signing all packages to places
+
+module Pkg::Util::Repo
+  class << self
+    # Create yum repositories of built RPM packages for this SHA on the distribution server
+    def rpm_repos
+      Pkg::Util::File.fetch
+      Pkg::Rpm::Repo.create_remote_repos
+    end
+
+    # Create apt repositories of build DEB packages for this SHA on the distributions server
+    def deb_repos
+      Pkg::Util::File.fetch
+      Pkg::Deb::Repo.create_repos
+    end
+  end
+end

data/lib/packaging/util/serialization.rb

@@ -2,14 +2,13 @@
 
 module Pkg::Util::Serialization
   class << self
-
     # Given the path to a yaml file, load the yaml file into an object and return the object.
     def load_yaml(file)
       require 'yaml'
       file = File.expand_path(file)
       begin
         input_data = YAML.load_file(file) || {}
-      rescue => e
+      rescue StandardError => e
         fail "There was an error loading data from #{file}.\n#{e}"
       end
       input_data

data/lib/packaging/util/ship.rb

@@ -87,7 +87,7 @@ module Pkg::Util::Ship
     puts "Do you want to ship the above files to (#{staging_server})?"
     return false unless Pkg::Util.ask_yes_or_no
 
-    extra_flags = %w(--ignore-existing --delay-updates)
+    extra_flags = %w[--ignore-existing --delay-updates]
     extra_flags << '--dry-run' if ENV['DRYRUN']
 
     staged_pkgs.each do |pkg|
@@ -330,7 +330,7 @@ module Pkg::Util::Ship
   def test_ship(vm, ship_task)
     command = 'getent group release || groupadd release'
     Pkg::Util::Net.remote_execute(vm, command)
-    hosts_to_override = %w(
+    hosts_to_override = %w[
       APT_HOST
       DMG_HOST
       GEM_HOST
@@ -349,10 +349,157 @@ module Pkg::Util::Ship
       TAR_STAGING_SERVER
       YUM_STAGING_SERVER
       STAGING_SERVER
-    )
+    ]
     hosts_to_override.each do |host|
       ENV[host] = vm
     end
     Rake::Task[ship_task].invoke
   end
+
+  # Ship pkg directory contents to distribution server
+  def ship(target = 'artifacts', local_directory = 'pkg')
+    Pkg::Util::File.fetch
+
+    unless Pkg::Config.project
+      fail "You must set the 'project' in build_defaults.yaml or with the 'PROJECT_OVERRIDE' environment variable."
+    end
+
+    project_basedir = "#{Pkg::Config.jenkins_repo_path}/#{Pkg::Config.project}/#{Pkg::Config.ref}"
+    artifact_directory = "#{project_basedir}/#{target}"
+
+    # For EZBake builds, we also want to include the ezbake.manifest file to
+    # get a snapshot of this build and all dependencies. We eventually will
+    # create a yaml version of this file, but until that point we want to
+    # make the original ezbake.manifest available
+    #
+    ezbake_manifest = File.join('ext', 'ezbake.manifest')
+    if File.exist?(ezbake_manifest)
+      FileUtils.cp(ezbake_manifest, File.join(local_directory, "#{Pkg::Config.ref}.ezbake.manifest"))
+    end
+    ezbake_yaml = File.join("ext", "ezbake.manifest.yaml")
+    if File.exists?(ezbake_yaml)
+      FileUtils.cp(ezbake_yaml, File.join(local_directory, "#{Pkg::Config.ref}.ezbake.manifest.yaml"))
+    end
+
+    # Inside build_metadata*.json files there is additional metadata containing
+    # information such as git ref and dependencies that are needed at build
+    # time. If these files exist, copy them downstream.
+    # Typically these files are named 'ext/build_metadata.<project>.<platform>.json'
+    build_metadata_json_files = Dir.glob('ext/build_metadata*.json')
+    build_metadata_json_files.each do |source_file|
+      target_file = File.join(local_directory, "#{Pkg::Config.ref}.#{File.basename(source_file)}")
+      FileUtils.cp(source_file, target_file)
+    end
+
+    # Sadly, the packaging repo cannot yet act on its own, without living
+    # inside of a packaging-repo compatible project. This means in order to
+    # use the packaging repo for shipping and signing (things that really
+    # don't require build automation, specifically) we still need the project
+    # clone itself.
+    Pkg::Util::Git.bundle('HEAD', 'signing_bundle', local_directory)
+
+    # While we're bundling things, let's also make a git bundle of the
+    # packaging repo that we're using when we invoke pl:jenkins:ship. We can
+    # have a reasonable level of confidence, later on, that the git bundle on
+    # the distribution server was, in fact, the git bundle used to create the
+    # associated packages. This is because this ship task is automatically
+    # called upon completion each cell of the pl:jenkins:uber_build, and we
+    # have --ignore-existing set below. As such, the only git bundle that
+    # should possibly be on the distribution is the one used to create the
+    # packages.
+    # We're bundling the packaging repo because it allows us to keep an
+    # archive of the packaging source that was used to create the packages,
+    # so that later on if we need to rebuild an older package to audit it or
+    # for some other reason we're assured that the new package isn't
+    # different by virtue of the packaging automation.
+    if defined?(PACKAGING_ROOT)
+      packaging_bundle = ''
+      Dir.chdir(PACKAGING_ROOT) do
+        packaging_bundle = Pkg::Util::Git.bundle('HEAD', 'packaging-bundle')
+      end
+      FileUtils.mv(packaging_bundle, local_directory)
+    end
+
+    # This is functionality to add the project-arch.msi links that have no
+    # version. The code itself looks for the link (if it's there already)
+    # and if the source package exists before linking. Searching for the
+    # packages has been restricted specifically to just the pkg/windows dir
+    # on purpose, as this is where we currently have all windows packages
+    # building to. Once we move the Metadata about the output location in
+    # to one source of truth we can refactor this to use that to search
+    #                                           -Sean P. M. 08/12/16
+
+    {
+      'windows' => ['x86', 'x64'],
+      'windowsfips' => ['x64']
+    }.each_pair do |platform, archs|
+      packages = Dir["#{local_directory}/#{platform}/*"]
+
+      archs.each do |arch|
+        package_version = Pkg::Util::Git.describe.tr('-', '.')
+        package_filename = File.join(local_directory, platform, "#{Pkg::Config.project}-#{package_version}-#{arch}.msi")
+        link_filename = File.join(local_directory, platform, "#{Pkg::Config.project}-#{arch}.msi")
+
+        next unless !packages.include?(link_filename) && packages.include?(package_filename)
+        # Dear future code spelunkers:
+        # Using symlinks instead of hard links causes failures when we try
+        # to set these files to be immutable. Also be wary of whether the
+        # linking utility you're using expects the source path to be relative
+        # to the link target or pwd.
+        #
+        FileUtils.ln(package_filename, link_filename)
+      end
+    end
+
+    Pkg::Util::Execution.retry_on_fail(times: 3) do
+      Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "mkdir --mode=775 -p #{project_basedir}")
+      Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "mkdir -p #{artifact_directory}")
+      Pkg::Util::Net.rsync_to("#{local_directory}/", Pkg::Config.distribution_server, "#{artifact_directory}/", extra_flags: ['--ignore-existing', '--exclude repo_configs'])
+    end
+
+    # In order to get a snapshot of what this build looked like at the time
+    # of shipping, we also generate and ship the params file
+    #
+    Pkg::Config.config_to_yaml(local_directory)
+    Pkg::Util::Execution.retry_on_fail(:times => 3) do
+      Pkg::Util::Net.rsync_to("#{local_directory}/#{Pkg::Config.ref}.yaml", Pkg::Config.distribution_server, "#{artifact_directory}/", extra_flags: ["--exclude repo_configs"])
+    end
+
+    # If we just shipped a tagged version, we want to make it immutable
+    files = Dir.glob("#{local_directory}/**/*").select { |f| File.file?(f) and !f.include? "#{Pkg::Config.ref}.yaml" }.map do |file|
+      "#{artifact_directory}/#{file.sub(/^#{local_directory}\//, '')}"
+    end
+
+    Pkg::Util::Net.remote_set_ownership(Pkg::Config.distribution_server, 'root', 'release', files)
+    Pkg::Util::Net.remote_set_permissions(Pkg::Config.distribution_server, '0664', files)
+    Pkg::Util::Net.remote_set_immutable(Pkg::Config.distribution_server, files)
+  end
+
+  def ship_to_artifactory(local_directory = 'pkg')
+    Pkg::Util::File.fetch
+    unless Pkg::Config.project
+      fail "You must set the 'project' in build_defaults.yaml or with the 'PROJECT_OVERRIDE' environment variable."
+    end
+    artifactory = Pkg::ManageArtifactory.new(Pkg::Config.project, Pkg::Config.ref)
+
+    artifacts = Dir.glob("#{local_directory}/**/*").reject { |e| File.directory? e }
+    artifacts.sort! do |a, b|
+      if File.extname(a) =~ /(md5|sha\d+)/ && File.extname(b) !~ /(md5|sha\d+)/
+        1
+      elsif File.extname(b) =~ /(md5|sha\d+)/ && File.extname(a) !~ /(md5|sha\d+)/
+        -1
+      else
+        a <=> b
+      end
+    end
+    artifacts.each do |artifact|
+      if File.extname(artifact) == ".yaml" || File.extname(artifact) == ".json"
+        artifactory.deploy_package(artifact)
+      elsif artifactory.package_exists_on_artifactory?(artifact)
+        warn "Attempt to upload '#{artifact}' failed. Package already exists!"
+      else
+        artifactory.deploy_package(artifact)
+      end
+    end
+  end
 end

data/lib/packaging/util/sign.rb

@@ -0,0 +1,47 @@
+# Module for signing all packages to places
+
+
+module Pkg::Util::Sign
+  class << self
+    # Sign all locally staged packages on signing server.
+    def sign_all(root_directory = nil)
+      Pkg::Util::File.fetch
+      root_directory ||= ENV['DEFAULT_DIRECTORY']
+      Dir["#{root_directory}/*"].empty? and fail "There were no files found in #{root_directory}. \
+      Maybe you wanted to build/retrieve something first?"
+
+      # Because rpms and debs are laid out differently in PE under pkg/ they
+      # have a different sign task to address this. Rather than create a whole
+      # extra :jenkins task for signing PE, we determine which sign task to use
+      # based on if we're building PE.
+      # We also listen in on the environment variable SIGNING_BUNDLE. This is
+      # _NOT_ intended for public use, but rather with the internal promotion
+      # workflow for Puppet Enterprise. SIGNING_BUNDLE is the path to a tarball
+      # containing a git bundle to be used as the environment for the packaging
+      # repo in a signing operation.
+      signing_bundle = ENV['SIGNING_BUNDLE']
+      sign_tasks = ["pl:sign_rpms"]
+      sign_tasks    << "pl:sign_deb_changes" unless Dir["#{root_directory}/**/*.changes"].empty?
+      sign_tasks    << "pl:sign_tar" if Pkg::Config.build_tar
+      sign_tasks    << "pl:sign_gem" if Pkg::Config.build_gem
+      sign_tasks    << "pl:sign_osx" if Pkg::Config.build_dmg || Pkg::Config.vanagon_project
+      sign_tasks    << "pl:sign_swix" if Pkg::Config.vanagon_project
+      sign_tasks    << "pl:sign_svr4" if Pkg::Config.vanagon_project
+      sign_tasks    << "pl:sign_ips" if Pkg::Config.vanagon_project
+      sign_tasks    << "pl:sign_msi" if Pkg::Config.build_msi || Pkg::Config.vanagon_project
+      remote_repo = Pkg::Util::Net.remote_unpack_git_bundle(Pkg::Config.signing_server, 'HEAD', nil, signing_bundle)
+      build_params = Pkg::Util::Net.remote_buildparams(Pkg::Config.signing_server, Pkg::Config)
+      Pkg::Util::Net.rsync_to(root_directory, Pkg::Config.signing_server, remote_repo)
+      rake_command = <<~DOC
+        cd #{remote_repo} ;
+        #{Pkg::Util::Net.remote_bundle_install_command}
+        bundle exec rake #{sign_tasks.map { |task| task + "[#{root_directory}]" }.join(' ')} PARAMS_FILE=#{build_params}
+      DOC
+      Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, rake_command)
+      Pkg::Util::Net.rsync_from("#{remote_repo}/#{root_directory}/", Pkg::Config.signing_server, "#{root_directory}/")
+      Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, "rm -rf #{remote_repo}")
+      Pkg::Util::Net.remote_execute(Pkg::Config.signing_server, "rm #{build_params}")
+      puts "Signed packages staged in #{root_directory}/ directory"
+    end
+  end
+end

data/lib/packaging/util/tool.rb

@@ -1,7 +1,6 @@
 # Utility methods for handling system binaries
 
 module Pkg::Util::Tool
-
   #   Set up utility methods for handling system binaries
   #
   class << self
@@ -15,7 +14,7 @@ module Pkg::Util::Tool
 
         if Pkg::Util::OS.windows? && File.extname(location).empty?
           exts = ENV['PATHEXT']
-          exts = exts ? exts.split(File::PATH_SEPARATOR) : %w(.EXE .BAT .CMD .COM)
+          exts = exts ? exts.split(File::PATH_SEPARATOR) : %w[.EXE .BAT .CMD .COM]
           exts.each do |ext|
             locationext = File.expand_path(location + ext)
 
@@ -30,12 +29,10 @@ module Pkg::Util::Tool
     end
 
     alias :has_tool :find_tool
-
   end
 
   #   Set up paths to system tools we use in the packaging repo
   #   no matter what distribution we're packaging for.
 
   GIT = Pkg::Util::Tool.check_tool('git')
-
 end

data/lib/packaging/util/version.rb

@@ -80,7 +80,6 @@ module Pkg::Util::Version
     # 5.3.0.rc4-1
     # 3.0.5.rc6.24.g431768c-1
     #
-    # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
     def base_pkg_version(version = Pkg::Config.version)
       return "#{dot_version(version)}-#{Pkg::Config.release}".split('-') if final?(version) || Pkg::Config.vanagon_project
 
@@ -142,9 +141,6 @@ module Pkg::Util::Version
     # If you invoke this the version will only be modified in the temporary copy,
     # with the intent that it never change the official source tree.
     #
-    # rubocop:disable Metrics/AbcSize
-    # rubocop:disable Metrics/CyclomaticComplexity
-    # rubocop:disable Metrics/PerceivedComplexity
     def versionbump(workdir = nil)
       version = ENV['VERSION'] || Pkg::Config.version.to_s.strip
       new_version = '"' + version + '"'
@@ -182,7 +178,7 @@ module Pkg::Util::Version
     # input json file and output if it "looks tagged" or not
     #
     # @param json_data [hash] json data hash containing the ref to check
-    def report_json_tags(json_data) # rubocop:disable Metrics/AbcSize
+    def report_json_tags(json_data)
       puts 'component: ' + File.basename(json_data['url'])
       puts 'ref: ' + json_data['ref'].to_s
       if Pkg::Util::Git.remote_tagged?(json_data['url'], json_data['ref'].to_s)

data/lib/packaging/util.rb

@@ -25,9 +25,11 @@ module Pkg::Util
   require 'packaging/util/version'
   require 'packaging/util/windows'
   require 'packaging/util/git_tags'
+  require 'packaging/util/sign'
+  require 'packaging/util/repo'
 
   def self.boolean_value(var)
-    return true if var == true || ( var.is_a?(String) && ( var.downcase == 'true' || var.downcase =~ /^y$|^yes$/))
+    return true if var == true || (var.is_a?(String) && (var.downcase == 'true' || var.downcase =~ /^y$|^yes$/))
     return false
   end
 

data/lib/packaging.rb

@@ -1,6 +1,5 @@
 module Pkg
-
-  LIBDIR = File.expand_path(File.dirname(__FILE__))
+  LIBDIR = __dir__
 
   $:.unshift(LIBDIR) unless
     $:.include?(File.dirname(__FILE__)) || $:.include?(LIBDIR)

data/spec/lib/packaging/config_spec.rb

@@ -223,7 +223,7 @@ describe "Pkg::Config" do
       "./artifacts/aix/7.1/PC1/ppc/puppet-agent-5.3.2-1.aix7.1.ppc.rpm"
 
     fedora_artifacts = \
-      "./artifacts/fedora/31/PC1/x86_64/puppet-agent-5.3.2-1.fc31.x86_64.rpm"
+      "./artifacts/fedora/32/PC1/x86_64/puppet-agent-5.3.2-1.fc32.x86_64.rpm"
 
     windows_artifacts = \
       "./artifacts/windows/puppet-agent-x64.msi\n" \
@@ -280,8 +280,8 @@ describe "Pkg::Config" do
     it "should not use 'f' in fedora platform tags" do
       allow(Pkg::Util::Net).to receive(:remote_execute).and_return(fedora_artifacts, nil)
       data = Pkg::Config.platform_data
-      expect(data).to include('fedora-31-x86_64')
-      expect(data).not_to include('fedora-f31-x86_64')
+      expect(data).to include('fedora-32-x86_64')
+      expect(data).not_to include('fedora-f32-x86_64')
     end
 
     it "should collect packages whose extname differ from package_format" do

data/spec/lib/packaging/deb/repo_spec.rb

@@ -6,7 +6,7 @@ describe "Pkg::Deb::Repo" do
   let(:project)       { "deb_repos" }
   let(:ref)           { "1234abcd" }
   let(:base_url)      { "http://#{builds_server}/#{project}/#{ref}" }
-  let(:cows)          { ["xenial", "jessie", "trusty", "stretch", ""] }
+  let(:cows)          { ["xenial", "trusty", "stretch", ""] }
   let(:wget_results)  { cows.map {|cow| "#{base_url}/repos/apt/#{cow}" }.join("\n") }
   let(:wget_garbage)  { "\n and an index\nhttp://somethingelse.com/robots" }
   let(:repo_configs)  { cows.reject {|cow| cow.empty?}.map {|dist| "pkg/repo_configs/deb/pl-#{project}-#{ref}-#{dist}.list" } }

data/spec/lib/packaging/paths_spec.rb

@@ -5,12 +5,11 @@ describe 'Pkg::Paths' do
     arch_transformations = {
       ['pkg/el-8-x86_64/puppet-agent-6.9.0-1.el8.x86_64.rpm', 'el', '8'] => 'x86_64',
       ['pkg/el/8/puppet6/aarch64/puppet-agent-6.5.0.3094.g16b6fa6f-1.el8.aarch64.rpm', 'el', '8'] => 'aarch64',
-      ['artifacts/fedora/32/puppet6/x86_64/puppet-agent-6.9.0-1.fc30.x86_64.rpm', 'fedora', '32'] => 'x86_64',
+      ['artifacts/fedora/32/puppet6/x86_64/puppet-agent-6.9.0-1.fc32.x86_64.rpm', 'fedora', '32'] => 'x86_64',
       ['pkg/ubuntu-16.04-amd64/puppet-agent_4.99.0-1xenial_amd64.deb', 'ubuntu', '16.04'] => 'amd64',
       ['artifacts/deb/focal/puppet6/puppet-agent_6.5.0.3094.g16b6fa6f-1focal_arm64.deb', 'ubuntu', '20.04'] => 'aarch64',
 
       ['artifacts/ubuntu-16.04-i386/puppetserver_5.0.1-0.1SNAPSHOT.2017.07.27T2346puppetlabs1.debian.tar.gz', 'ubuntu', '16.04'] => 'source',
-      ['artifacts/deb/jessie/PC1/puppetserver_5.0.1.master.orig.tar.gz', 'debian', '8'] => 'source',
       ['artifacts/el/6/PC1/SRPMS/puppetserver-5.0.1.master-0.1SNAPSHOT.2017.08.18T0951.el6.src.rpm', 'el', '6'] => 'SRPMS'
     }
     arch_transformations.each do |path_array, arch|
@@ -273,7 +272,7 @@ describe 'Pkg::Paths' do
         .to eq(fake_apt_repo_path)
     end
     it 'returns nonfinal_yum_repo_path for nonfinal rpms' do
-      expect(Pkg::Paths.remote_repo_base('fedora-31-x86_64', nonfinal: true))
+      expect(Pkg::Paths.remote_repo_base('fedora-34-x86_64', nonfinal: true))
         .to eq(fake_yum_nightly_repo_path)
     end
     it 'returns nonfinal_apt_repo_path for nonfinal debs' do

data/spec/lib/packaging/platforms_spec.rb

@@ -26,7 +26,7 @@ describe 'Pkg::Platforms' do
 
   describe '#versions_for_platform' do
     it 'should return all supported versions for a given platform' do
-      expect(Pkg::Platforms.versions_for_platform('el')).to match_array(['5', '6', '7', '8'])
+      expect(Pkg::Platforms.versions_for_platform('el')).to match_array(['6', '7', '8', '9'])
     end
 
     it 'should raise an error if given a nonexistent platform' do
@@ -36,7 +36,7 @@ describe 'Pkg::Platforms' do
 
   describe '#codenames' do
     it 'should return all codenames for a given platform' do
-      codenames = ['focal', 'bionic', 'bullseye', 'buster', 'cosmic', 'jessie', 'stretch', 'trusty', 'xenial']
+      codenames = ['focal', 'bionic', 'bullseye', 'buster', 'stretch', 'trusty', 'xenial']
       expect(Pkg::Platforms.codenames).to match_array(codenames)
     end
   end
@@ -97,16 +97,16 @@ describe 'Pkg::Platforms' do
   end
 
   describe '#platform_lookup' do
-    ['osx-10.15-x86_64', 'osx-11-x86_64'].each do |platform|
+    ['osx-10.15-x86_64', 'osx-11-x86_64', 'osx-12-x86_64'].each do |platform|
       it 'should return a hash of platform info' do
         expect(Pkg::Platforms.platform_lookup(platform)).to be_instance_of(Hash)
       end
-  
+
       it 'should include at least arch and package format keys' do
         expect(Pkg::Platforms.platform_lookup(platform).keys).to include(:architectures)
         expect(Pkg::Platforms.platform_lookup(platform).keys).to include(:package_format)
       end
-    end 
+    end
   end
 
   describe '#get_attribute' do
@@ -166,7 +166,7 @@ describe 'Pkg::Platforms' do
 
   describe '#generic_platform_tag' do
     it 'fails for unsupported platforms' do
-      expect { Pkg::Platforms.generic_platform_tag('butts') }.to raise_error
+      expect { Pkg::Platforms.generic_platform_tag('noplatform') }.to raise_error
     end
 
     it 'returns a supported platform tag containing the supplied platform' do

data/spec/lib/packaging/sign_spec.rb

@@ -15,13 +15,6 @@ Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
 Header SHA1 digest: OK (3cb7e9861e8bc09783a1b6c8d88243a3c16daa81)
 V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
 MD5 digest: OK (d5f06ba2a9053de532326d0659ec0d11)
-DOC
-      }
-      let(:el5_signed_response) { <<-DOC
-Header V3 RSA/SHA1 signature: NOKEY, key ID ef8d349f
-Header SHA1 digest: OK (12ea7bd578097a3aecc5deb8ada6aca6147d68e3)
-V3 RSA/SHA1 signature: NOKEY, key ID ef8d349f
-MD5 digest: OK (27353c6153068a3c9902fcb4ad5b8b92)
 DOC
       }
       let(:sles12_signed_response) { <<-DOC
@@ -40,10 +33,6 @@ DOC
         allow(Pkg::Sign::Rpm).to receive(:`).and_return(el7_signed_response)
         expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be true
       end
-      it 'returns true if rpm has been signed (el5)' do
-        allow(Pkg::Sign::Rpm).to receive(:`).and_return(el5_signed_response)
-        expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be true
-      end
       it 'returns true if rpm has been signed (sles12)' do
         allow(Pkg::Sign::Rpm).to receive(:`).and_return(sles12_signed_response)
         expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be true
@@ -63,12 +52,11 @@ DOC
     end
 
     describe '#sign_all' do
-      let(:rpm_directory) { 'foo' }
+      let(:rpm_directory) { Dir.mktmpdir }
       let(:rpms_not_to_sign) { [
         "#{rpm_directory}/aix/7.1/PC1/ppc/puppet-agent-5.5.3-1.aix7.1.ppc.rpm",
       ] }
       let(:v3_rpms) { [
-        "#{rpm_directory}/el/5/PC1/i386/puppet-agent-5.5.3-1.el5.i386.rpm",
         "#{rpm_directory}/sles/11/PC1/x86_64/puppet-agent-5.5.3-1.sles11.x86_64.rpm",
       ] }
       let(:v4_rpms) { [

data/spec/lib/packaging/util/git_spec.rb

@@ -150,11 +150,11 @@ describe 'Pkg::Util::Git' do
 
   context '#remote_tagged?' do
     it 'reports Yes on tagged component' do
-      expect(Pkg::Util::Git.remote_tagged?('git://github.com/puppetlabs/leatherman.git', 'refs/tags/0.6.2')).to be(true)
+      expect(Pkg::Util::Git.remote_tagged?('https://github.com/puppetlabs/leatherman.git', 'refs/tags/0.6.2')).to be(true)
     end
 
     it 'reports No on non-tagged component' do
-      expect(Pkg::Util::Git.remote_tagged?('git://github.com/puppetlabs/leatherman.git', '4eef05389ebf418b62af17406c7f9f13fa51f975')).to be(false)
+      expect(Pkg::Util::Git.remote_tagged?('https://github.com/puppetlabs/leatherman.git', '4eef05389ebf418b62af17406c7f9f13fa51f975')).to be(false)
     end
   end
 end