puppet-syntax 2.4.1 → 2.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8f3a393428ed2fa0c2d2bfcf1f540d80589d5d16
-  data.tar.gz: 8a40d90b8a844849051064d8d3042bd568da95a0
+SHA256:
+  metadata.gz: 5881bcc80736f1d0fa83276ba62c306e827839e94e6d6b124a5212b11430af15
+  data.tar.gz: 6140b85f3ae60a823157c763369ee81a5cf7bd3d06a2e8f6400aabc8240ca0e2
 SHA512:
-  metadata.gz: 37e9b85d01f0ec31b29a6ecbbe264f3e6d714af42d83b1d7f08db735fbd7b09b058e516d639b976a4a6e6a097f7c87db82beeb4ee52a529f672599549284a45f
-  data.tar.gz: 1786cccadd25ace8e001fdaa4bf4a0b0966ed90726709595f7a291020726754992857261b2f46fdee1032f9cb6c65f514e8d24ca5433891b9ed1234781fed997
+  metadata.gz: 1b545df2d01645001047e3dac3ad30d9c11a9003f0f8ea5011b519305cafb17a0cffdd8cd646500ab515bc79cbd876148763c24e3aa894a5ff500c35e5a07c9f
+  data.tar.gz: 97ca7f5db0a74bb98fa3447cb60660601d7455e6d8322d872208a402393684aba8060a86183e5fa857d4fcf2379487a5ecb08234ae50dd470654ad3017dcf5d7

data/.gitignore

@@ -16,3 +16,4 @@ test/tmp
 test/version_tmp
 tmp
 vendor/
+.idea/

data/.travis.yml

@@ -5,32 +5,15 @@ before_install: gem install bundler
 install: bundle install --jobs 4 --retry 2 --without development
 script: bundle exec rake
 rvm:
-  - 1.9.3
-  - 2.1.6
-  - 2.2.6
-  - 2.3.3
-  - 2.4.0
+  - 2.4.4
+  - 2.5.1
 env:
-  - PUPPET_VERSION="~> 3.8.7"
-  - PUPPET_VERSION="~> 4.8.0"
-  - PUPPET_VERSION="~> 4.9.0"
+  - PUPPET_VERSION="~> 5.5.10"
+  - PUPPET_VERSION="~> 6.1.0"
+  - PUPPET_VERSION="~> 6.2.0"
   - PUPPET_VERSION=">= 0"
   - PUPPET_VERSION="git://github.com/puppetlabs/puppet.git#master"
 matrix:
-  exclude:
-    - env: PUPPET_VERSION="~> 3.8.7"
-      rvm: 2.2.6
-    - env: PUPPET_VERSION="~> 3.8.7"
-      rvm: 2.3.3
-    - env: PUPPET_VERSION="~> 3.8.7"
-      rvm: 2.4.0
-    # 4.9 with Ruby 1.9.3 issues deprecation warnings
-    - env: PUPPET_VERSION="~> 4.9.0"
-      rvm: 1.9.3
-    - env: PUPPET_VERSION=">= 0"
-      rvm: 1.9.3
-    - env: PUPPET_VERSION="git://github.com/puppetlabs/puppet.git#master"
-      rvm: 1.9.3
   allow_failures:
     - env: PUPPET_VERSION=">= 0"
     - env: PUPPET_VERSION="git://github.com/puppetlabs/puppet.git#master"
@@ -40,8 +23,8 @@ deploy:
     secure: "kwxryZZ/t9EkWuYxhz3G1v+U3ZK4WdsiN0UFHDjijnAGPxqe/n+oBcNA8hOiNhjZeTFo8bADEZkL7JtdKQo9RvgStipyaS5gDHB/C1c4LOBWv4Tga21NNCAuBcE2CDtAH3+TzrZV5vv2+SpOrhKZpzZoAoR6PR1MWVWMUie/rE0="
   gem: puppet-syntax
   on:
-    rvm: 2.4.0
-    condition: '"$PUPPET_VERSION" = "~> 4.8.0"'
+    rvm: 2.5.1
+    condition: '"$PUPPET_VERSION" = "~> 5.5.10"'
     tags: true
     all_branches: true
     repo: voxpupuli/puppet-syntax

data/CHANGELOG

@@ -1,3 +1,9 @@
+2019-02-02 Release 2.4.2
+- Search manifests in manifests directory
+- Allow .yml as an extension for YAML files.
+- Ensure the pkg directory is always excluded
+- Check consistency of ENC blobs in eyaml data
+
 2017-06-29 Release 2.4.1
 - Fix to ensure namespace scope is inherited.
 - Cleanly exits when syntax warnings/errors are found instead of failing.

data/lib/puppet-syntax.rb

@@ -8,9 +8,9 @@ module PuppetSyntax
   @exclude_paths = []
   @future_parser = false
   @hieradata_paths = [
-    "**/data/**/*.*yaml",
-    "hieradata/**/*.*yaml",
-    "hiera*.*yaml"
+    "**/data/**/*.*{yaml,yml}",
+    "hieradata/**/*.*{yaml,yml}",
+    "hiera*.*{yaml,yml}"
   ]
   @fail_on_deprecation_notices = true
   @app_management = Puppet.version.to_i >= 5 ? true : false

data/lib/puppet-syntax/hiera.rb

@@ -1,4 +1,5 @@
 require 'yaml'
+require 'base64'
 
 module PuppetSyntax
   class Hiera
@@ -20,6 +21,53 @@ module PuppetSyntax
       end
     end
 
+    # Recurse through complex data structures.  Return on first error.
+    def check_eyaml_data(name, val)
+      error = nil
+      if val.is_a? String
+        err = check_eyaml_blob(val)
+        error = "Key #{name} #{err}" if err
+      elsif val.is_a? Array
+        val.each_with_index do |v, idx|
+          error = check_eyaml_data("#{name}[#{idx}]", v)
+          break if error
+        end
+      elsif val.is_a? Hash
+        val.each do |k,v|
+          error = check_eyaml_data("#{name}['#{k}']", v)
+          break if error
+        end
+      end
+      error
+    end
+
+    def check_eyaml_blob(val)
+      return unless val =~ /^ENC\[/
+
+      val.sub!('ENC[', '')
+      val.gsub!(/\s+/, '')
+      if val !~ /\]$/
+        return "has unterminated eyaml value"
+      else
+        val.sub!(/\]$/, '')
+        method, base64 = val.split(/,/)
+        if base64 == nil
+          base64 = method
+          method = 'PKCS7'
+        end
+
+        return "has unknown eyaml method #{method}" unless ['PKCS7','GPG'].include? method
+        return "has unpadded or truncated base64 data" unless base64.length % 4 == 0
+
+        # Base64#decode64 will silently ignore characters outside the alphabet,
+        # so we check resulting length of binary data instead
+        pad_length = base64.gsub(/[^=]/, '').length
+        if Base64.decode64(base64).length != base64.length * 3/4 - pad_length
+          return "has corrupt base64 data"
+        end
+      end
+    end
+
     def check(filelist)
       raise "Expected an array of files" unless filelist.is_a?(Array)
 
@@ -38,6 +86,8 @@ module PuppetSyntax
               key_msg = check_hiera_key(k)
               errors << "WARNING: #{hiera_file}: Key :#{k}: #{key_msg}" if key_msg
             end
+            eyaml_msg = check_eyaml_data(k, v)
+            errors << "WARNING: #{hiera_file}: #{eyaml_msg}" if eyaml_msg
           end
         end
       end

data/lib/puppet-syntax/tasks/puppet-syntax.rb

@@ -5,13 +5,15 @@ require 'rake/tasklib'
 module PuppetSyntax
   class RakeTask < ::Rake::TaskLib
     def filelist(paths)
+      excludes = PuppetSyntax.exclude_paths
+      excludes.push('pkg/**/*')
       files = FileList[paths]
       files.reject! { |f| File.directory?(f) }
-      files.exclude(*PuppetSyntax.exclude_paths)
+      files.exclude(*excludes)
     end
 
     def filelist_manifests
-      filelist("**/*.pp")
+      filelist("**/manifests/**/*.pp")
     end
 
     def filelist_templates

data/lib/puppet-syntax/version.rb

@@ -1,3 +1,3 @@
 module PuppetSyntax
-  VERSION = "2.4.1"
+  VERSION = "2.4.2"
 end

data/spec/fixtures/hiera/hiera_bad.eyaml

@@ -0,0 +1,24 @@
+---
+acme::warning1: ENC[unknown-method,aGVsbG8sIHdvcmxk]
+acme::warning2: ENC[PKCS7,aGVsbG8sIHdvcmxk
+acme::warning3: ENC[PKCS7,aGVsbG8sIHdvcmxk==]
+acme::warning4: ENC[PKCS7,aGVs!!!!bG8sIHdvcmxk]
+acme::warning5:
+  key1: foo
+  key2: ENC[PKCS7,aGVs!!!!bG8sIHdvcmxk]
+acme::warning6:
+  hash_key:
+    - element1
+    - >
+      ENC[PKCS7,
+          aGVsbG8sIHdvcmxk
+      ]
+    - >
+      ENC[PKCS7,
+          aGVs!!!!bG8sIHdvcmxk
+      ]
+acme::good1: >
+   ENC[PKCS7,
+     aGVsbG8sIHdvcmxk]
+acme::good2: ENC[GPG,aGVsbG8sIHdvcmxkIQ==]
+acme::good3: ENC[GPG,aGVsbG8sIHdvcmxkISE=]

data/spec/puppet-syntax/hiera_spec.rb

@@ -43,6 +43,23 @@ describe PuppetSyntax::Hiera do
       expect(res[4]).to match('Key :picky::warning5: Puppet automatic lookup will not look up symbols')
     end
 
+    it "should return warnings for bad eyaml values" do
+      hiera_yaml = 'hiera_bad.eyaml'
+      examples = 6
+      files = fixture_hiera(hiera_yaml)
+      res = subject.check(files)
+      (1..examples).each do |n|
+        expect(res).to include(/::warning#{n}/)
+      end
+      expect(res.size).to be == examples
+      expect(res[0]).to match('Key acme::warning1 has unknown eyaml method unknown-method')
+      expect(res[1]).to match('Key acme::warning2 has unterminated eyaml value')
+      expect(res[2]).to match('Key acme::warning3 has unpadded or truncated base64 data')
+      expect(res[3]).to match('Key acme::warning4 has corrupt base64 data')
+      expect(res[4]).to match('Key acme::warning5\[\'key2\'\] has corrupt base64 data')
+      expect(res[5]).to match('Key acme::warning6\[\'hash_key\'\]\[2\] has corrupt base64 data')
+    end
+
     it "should handle empty files" do
       hiera_yaml = 'hiera_key_empty.yaml'
       files = fixture_hiera(hiera_yaml)

data/spec/puppet-syntax/manifests_spec.rb

@@ -74,8 +74,8 @@ describe PuppetSyntax::Manifests do
     expect(has_errors).to eq(true)
     if Puppet.version.to_i >= 4
       expect(output.size).to eq(5)
-      expect(output[0]).to match(/This Name has no effect. A Host Class Definition can not end with a value-producing expression without other effect at \S*\/fail_error.pp:2:32$/)
-      expect(output[1]).to match(/This Name has no effect. A value(-producing expression without other effect may only be placed last in a block\/sequence| was produced and then forgotten.*) at \S*\/fail_error.pp:2:3$/)
+      expect(output[0]).to match(/This Name has no effect. A Host Class Definition can not end with a value-producing expression without other effect \(file: \S*\/fail_error.pp, line: 2, column: 32\)$/)
+      expect(output[1]).to match(/This Name has no effect. A value was produced and then forgotten \(one or more preceding expressions may have the wrong form\) \(file: \S*\/fail_error.pp, line: 2, column: 3\)$/)
       expect(output[2]).to match('2 errors. Giving up')
       expect(output[3]).to match(/Unrecogni(s|z)ed escape sequence '\\\['/)
       expect(output[4]).to match(/Unrecogni(s|z)ed escape sequence '\\\]'/)

data/spec/puppet-syntax/tasks/puppet-syntax_spec.rb

@@ -35,21 +35,4 @@ describe 'PuppetSyntax rake tasks' do
     expect(list).to include(known_eyaml_subdir)
     expect(list.count).to eq 4
   end
-
-  it 'should check manifests relative to Rakefile' do
-    if RSpec::Version::STRING < '3'
-      pending
-    else
-      skip('needs to be done')
-    end
-  end
-
-  it 'should check templates relative to Rakefile' do
-    if RSpec::Version::STRING < '3'
-      pending
-    else
-      skip('needs to be done')
-    end
-  end
-
 end

data/spec/puppet-syntax/templates_spec.rb

@@ -117,7 +117,7 @@ describe PuppetSyntax::Templates do
 
         expect(res.size).to eq(2)
         expect(res[0]).to match(/This Type-Name has no effect/)
-        expect(res[1]).to match(/Syntax error at '}' at \S*\/fail_error_also.epp:2:4/)
+        expect(res[1]).to match(/Syntax error at '}' \(file: \S*\/fail_error_also.epp, line: 2, column: 4\)/)
       end
 
       context "when the 'epp_only' options is set" do

data/spec/puppet-syntax_spec.rb

@@ -6,8 +6,8 @@ describe PuppetSyntax do
     PuppetSyntax.app_management = false if Puppet.version.to_i < 5
   end
 
-  it 'should default exclude_paths to empty array' do
-    expect(PuppetSyntax.exclude_paths).to be_empty
+  it 'should default exclude_paths to include the pkg directory' do
+    expect(PuppetSyntax.exclude_paths).to include('pkg/**/*')
   end
 
   it 'should support setting exclude_paths' do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet-syntax
 version: !ruby/object:Gem::Version
-  version: 2.4.1
+  version: 2.4.2
 platform: ruby
 authors:
 - Vox Pupuli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-06-29 00:00:00.000000000 Z
+date: 2019-02-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -80,7 +80,6 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- appveyor.yml
 - jenkins.sh
 - lib/puppet-syntax.rb
 - lib/puppet-syntax/hiera.rb
@@ -93,6 +92,7 @@ files:
 - spec/fixtures/hiera/data/hiera_2.eyaml
 - spec/fixtures/hiera/data/test/hiera_3.yaml
 - spec/fixtures/hiera/data/test/hiera_4.eyaml
+- spec/fixtures/hiera/hiera_bad.eyaml
 - spec/fixtures/hiera/hiera_bad.yaml
 - spec/fixtures/hiera/hiera_bad_18.yaml
 - spec/fixtures/hiera/hiera_badkey.yaml
@@ -141,8 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
 summary: Syntax checks for Puppet manifests, templates, and Hiera YAML
@@ -151,6 +150,7 @@ test_files:
 - spec/fixtures/hiera/data/hiera_2.eyaml
 - spec/fixtures/hiera/data/test/hiera_3.yaml
 - spec/fixtures/hiera/data/test/hiera_4.eyaml
+- spec/fixtures/hiera/hiera_bad.eyaml
 - spec/fixtures/hiera/hiera_bad.yaml
 - spec/fixtures/hiera/hiera_bad_18.yaml
 - spec/fixtures/hiera/hiera_badkey.yaml

data/appveyor.yml

@@ -1,38 +0,0 @@
-build: off
-
-branches:
-  only:
-    - master
-
-# ruby versions under test
-environment:
-  matrix:
-    - RUBY_VERSION: 21
-      PUPPET_VERSION: "~> 3.8.7"
-    - RUBY_VERSION: 21
-      PUPPET_VERSION: "~> 4.8.0"
-    - RUBY_VERSION: 23-x64
-      PUPPET_VERSION: "~> 4.9.0"
-    - RUBY_VERSION: 23-x64
-      PUPPET_VERSION: "> 0"
-    - RUBY_VERSION: 23-x64
-      PUPPET_VERSION: "git://github.com/puppetlabs/puppet.git#master"
-
-matrix:
-  allow_failures:
-    - RUBY_VERSION: 23-x64
-      PUPPET_VERSION: "git://github.com/puppetlabs/puppet.git#master"
-      
-install:
-  - SET PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
-  - SET LOG_SPEC_ORDER=true
-  - bundle install --jobs 4 --retry 2 --without development
-
-before_test:
-  - type Gemfile.lock
-  - ruby -v
-  - gem -v
-  - bundle -v
-
-test_script:
-  - bundle exec rake spec