puppet 0.24.9 → 0.25.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CHANGELOG +18680 -1241
- data/CHANGELOG.old +1705 -0
- data/LICENSE +2 -2
- data/README +1 -1
- data/README.queueing +126 -0
- data/README.rst +4 -4
- data/Rakefile +62 -216
- data/bin/filebucket +6 -117
- data/bin/pi +50 -0
- data/bin/puppet +7 -188
- data/bin/puppetdoc +7 -198
- data/bin/ralsh +4 -191
- data/conf/auth.conf +94 -0
- data/conf/gentoo/init.d/puppetmaster +30 -30
- data/conf/osx/PackageInfo.plist +30 -30
- data/conf/osx/createpackage.sh +23 -18
- data/conf/osx/preflight +8 -0
- data/conf/puppet-queue.conf +10 -0
- data/conf/redhat/client.init +52 -41
- data/conf/redhat/logrotate +1 -0
- data/conf/redhat/puppet.spec +74 -36
- data/conf/redhat/rundir-perms.patch +28 -0
- data/conf/redhat/server.init +48 -43
- data/conf/redhat/server.sysconfig +4 -4
- data/conf/solaris/smf/puppetd.xml +53 -53
- data/conf/solaris/smf/puppetmasterd.xml +53 -53
- data/conf/solaris/smf/svc-puppetd +4 -4
- data/conf/solaris/smf/svc-puppetmasterd +3 -3
- data/conf/suse/client.init +4 -4
- data/conf/suse/puppet.spec +14 -14
- data/conf/suse/server.init +17 -17
- data/examples/etc/init.d/sleeper +8 -8
- data/examples/mac_dscl.pp +2 -2
- data/examples/mac_dscl_revert.pp +1 -1
- data/examples/mcx_dock_default.pp +108 -108
- data/examples/mcx_dock_full.pp +108 -108
- data/examples/mcx_nogroup.pp +108 -108
- data/examples/modules/sample-module/lib/puppet/parser/functions/hostname_to_dn.rb +5 -5
- data/examples/modules/sample-module/manifests/init.pp +2 -2
- data/examples/relationships +1 -1
- data/ext/autotest/config +6 -6
- data/ext/bin/sleeper +12 -12
- data/ext/dbfix.sql +21 -21
- data/ext/emacs/puppet-mode.el +42 -41
- data/ext/extlookup.rb +183 -0
- data/ext/ldap/puppet.schema +2 -1
- data/ext/logcheck/puppet +1 -1
- data/ext/module_puppet +7 -7
- data/ext/nagios/check_puppet.rb +83 -83
- data/ext/nagios/naggen +302 -0
- data/ext/puppet-test +61 -18
- data/ext/puppetlisten/puppetlisten.rb +76 -0
- data/ext/puppetlisten/puppetrun.rb +39 -0
- data/ext/puppetstoredconfigclean.rb +29 -29
- data/ext/rack/README +73 -0
- data/ext/rack/files/apache2.conf +38 -0
- data/ext/rack/files/config.ru +18 -0
- data/ext/rack/manifest.pp +59 -0
- data/ext/vim/syntax/puppet.vim +54 -35
- data/install.rb +37 -26
- data/lib/puppet.rb +15 -227
- data/lib/puppet/agent.rb +134 -0
- data/lib/puppet/agent/locker.rb +42 -0
- data/lib/puppet/agent/runner.rb +65 -0
- data/lib/puppet/application.rb +313 -0
- data/lib/puppet/application/filebucket.rb +87 -0
- data/lib/puppet/application/pi.rb +214 -0
- data/lib/puppet/application/puppet.rb +177 -0
- data/lib/puppet/application/puppetca.rb +71 -0
- data/lib/puppet/application/puppetd.rb +256 -0
- data/lib/puppet/application/puppetdoc.rb +222 -0
- data/lib/puppet/application/puppetmasterd.rb +168 -0
- data/lib/puppet/application/puppetqd.rb +96 -0
- data/lib/puppet/application/puppetrun.rb +219 -0
- data/lib/puppet/application/ralsh.rb +168 -0
- data/lib/puppet/configurer.rb +177 -0
- data/lib/puppet/configurer/downloader.rb +79 -0
- data/lib/puppet/configurer/fact_handler.rb +68 -0
- data/lib/puppet/configurer/plugin_handler.rb +26 -0
- data/lib/puppet/daemon.rb +78 -28
- data/lib/puppet/defaults.rb +239 -166
- data/lib/puppet/dsl.rb +7 -7
- data/lib/puppet/external/dot.rb +271 -271
- data/lib/puppet/external/event-loop/better-definers.rb +298 -298
- data/lib/puppet/external/event-loop/event-loop.rb +274 -274
- data/lib/puppet/external/event-loop/signal-system.rb +163 -163
- data/lib/puppet/external/lock.rb +1 -1
- data/lib/puppet/external/nagios.rb +20 -20
- data/lib/puppet/external/nagios/base.rb +3 -3
- data/lib/puppet/external/nagios/grammar.ry +185 -0
- data/lib/puppet/external/nagios/makefile +9 -0
- data/lib/puppet/external/nagios/parser.rb +1 -1
- data/lib/puppet/feature/json.rb +2 -0
- data/lib/puppet/feature/rack.rb +24 -0
- data/lib/puppet/feature/rails.rb +23 -33
- data/lib/puppet/feature/rubygems.rb +6 -0
- data/lib/puppet/feature/stomp.rb +6 -0
- data/lib/puppet/file_serving/{file_base.rb → base.rb} +10 -9
- data/lib/puppet/file_serving/configuration.rb +61 -61
- data/lib/puppet/file_serving/configuration/parser.rb +24 -29
- data/lib/puppet/file_serving/content.rb +26 -11
- data/lib/puppet/file_serving/fileset.rb +54 -19
- data/lib/puppet/file_serving/indirection_hooks.rb +12 -24
- data/lib/puppet/file_serving/metadata.rb +8 -8
- data/lib/puppet/file_serving/mount.rb +9 -151
- data/lib/puppet/file_serving/mount/file.rb +126 -0
- data/lib/puppet/file_serving/mount/modules.rb +25 -0
- data/lib/puppet/file_serving/mount/plugins.rb +27 -0
- data/lib/puppet/file_serving/terminus_helper.rb +9 -4
- data/lib/puppet/indirector.rb +6 -4
- data/lib/puppet/indirector/active_record.rb +28 -0
- data/lib/puppet/indirector/catalog/active_record.rb +36 -0
- data/lib/puppet/indirector/catalog/compiler.rb +50 -24
- data/lib/puppet/indirector/catalog/queue.rb +5 -0
- data/lib/puppet/indirector/catalog/rest.rb +6 -0
- data/lib/puppet/indirector/catalog/yaml.rb +2 -4
- data/lib/puppet/indirector/certificate/ca.rb +9 -0
- data/lib/puppet/indirector/certificate/file.rb +9 -0
- data/lib/puppet/indirector/certificate/rest.rb +9 -0
- data/lib/puppet/indirector/certificate_request/ca.rb +14 -0
- data/lib/puppet/indirector/certificate_request/file.rb +8 -0
- data/lib/puppet/indirector/certificate_request/rest.rb +9 -0
- data/lib/puppet/indirector/certificate_revocation_list/ca.rb +8 -0
- data/lib/puppet/indirector/certificate_revocation_list/file.rb +8 -0
- data/lib/puppet/indirector/certificate_revocation_list/rest.rb +9 -0
- data/lib/puppet/indirector/direct_file_server.rb +4 -8
- data/lib/puppet/indirector/exec.rb +2 -6
- data/lib/puppet/indirector/facts/active_record.rb +36 -0
- data/lib/puppet/indirector/facts/facter.rb +30 -22
- data/lib/puppet/indirector/facts/rest.rb +6 -0
- data/lib/puppet/indirector/file.rb +1 -0
- data/lib/puppet/indirector/file_content/rest.rb +0 -1
- data/lib/puppet/indirector/file_metadata/file.rb +2 -2
- data/lib/puppet/indirector/file_metadata/rest.rb +0 -1
- data/lib/puppet/indirector/file_server.rb +31 -18
- data/lib/puppet/indirector/indirection.rb +46 -33
- data/lib/puppet/indirector/key/ca.rb +12 -0
- data/lib/puppet/indirector/key/file.rb +42 -0
- data/lib/puppet/indirector/node/active_record.rb +13 -0
- data/lib/puppet/indirector/node/ldap.rb +1 -1
- data/lib/puppet/indirector/queue.rb +83 -0
- data/lib/puppet/indirector/report/processor.rb +1 -1
- data/lib/puppet/indirector/report/rest.rb +7 -0
- data/lib/puppet/indirector/request.rb +158 -15
- data/lib/puppet/indirector/rest.rb +74 -36
- data/lib/puppet/indirector/runner/rest.rb +7 -0
- data/lib/puppet/indirector/ssl_file.rb +174 -0
- data/lib/puppet/indirector/terminus.rb +4 -4
- data/lib/puppet/indirector/yaml.rb +1 -1
- data/lib/puppet/metatype/manager.rb +3 -3
- data/lib/puppet/module.rb +99 -124
- data/lib/puppet/network/authconfig.rb +57 -42
- data/lib/puppet/network/authstore.rb +58 -10
- data/lib/puppet/network/client.rb +0 -2
- data/lib/puppet/network/client/ca.rb +1 -1
- data/lib/puppet/network/client/dipper.rb +7 -2
- data/lib/puppet/network/format.rb +123 -0
- data/lib/puppet/network/format_handler.rb +156 -0
- data/lib/puppet/network/formats.rb +123 -0
- data/lib/puppet/network/handler/filebucket.rb +1 -1
- data/lib/puppet/network/handler/fileserver.rb +43 -35
- data/lib/puppet/network/handler/master.rb +4 -4
- data/lib/puppet/network/handler/report.rb +1 -1
- data/lib/puppet/network/handler/resource.rb +16 -20
- data/lib/puppet/network/handler/runner.rb +9 -42
- data/lib/puppet/network/http.rb +4 -4
- data/lib/puppet/network/http/api.rb +4 -0
- data/lib/puppet/network/http/api/v1.rb +65 -0
- data/lib/puppet/network/http/handler.rb +163 -56
- data/lib/puppet/network/http/mongrel.rb +19 -15
- data/lib/puppet/network/http/mongrel/rest.rb +35 -17
- data/lib/puppet/network/http/rack.rb +62 -0
- data/lib/puppet/network/http/rack/httphandler.rb +34 -0
- data/lib/puppet/network/http/rack/rest.rb +79 -0
- data/lib/puppet/network/http/rack/xmlrpc.rb +65 -0
- data/lib/puppet/network/http/webrick.rb +89 -16
- data/lib/puppet/network/http/webrick/rest.rb +24 -11
- data/lib/puppet/network/http_pool.rb +28 -29
- data/lib/puppet/network/http_server/mongrel.rb +8 -10
- data/lib/puppet/network/http_server/webrick.rb +1 -3
- data/lib/puppet/network/rest_authconfig.rb +89 -0
- data/lib/puppet/network/rest_authorization.rb +25 -0
- data/lib/puppet/network/rights.rb +230 -27
- data/lib/puppet/network/server.rb +133 -31
- data/lib/puppet/network/xmlrpc/client.rb +5 -5
- data/lib/puppet/network/xmlrpc/webrick_servlet.rb +6 -6
- data/lib/puppet/node.rb +28 -21
- data/lib/puppet/node/environment.rb +48 -0
- data/lib/puppet/node/facts.rb +21 -0
- data/lib/puppet/parameter.rb +291 -219
- data/lib/puppet/parser/ast.rb +1 -0
- data/lib/puppet/parser/ast/astarray.rb +5 -1
- data/lib/puppet/parser/ast/boolean_operator.rb +3 -3
- data/lib/puppet/parser/ast/caseopt.rb +10 -0
- data/lib/puppet/parser/ast/casestatement.rb +12 -27
- data/lib/puppet/parser/ast/collection.rb +31 -0
- data/lib/puppet/parser/ast/collexpr.rb +18 -11
- data/lib/puppet/parser/ast/comparison_operator.rb +1 -1
- data/lib/puppet/parser/ast/definition.rb +6 -2
- data/lib/puppet/parser/ast/function.rb +7 -2
- data/lib/puppet/parser/ast/ifstatement.rb +11 -6
- data/lib/puppet/parser/ast/leaf.rb +106 -3
- data/lib/puppet/parser/ast/match_operator.rb +31 -0
- data/lib/puppet/parser/ast/node.rb +10 -6
- data/lib/puppet/parser/ast/resource_defaults.rb +2 -2
- data/lib/puppet/parser/ast/resource_override.rb +1 -1
- data/lib/puppet/parser/ast/resource_reference.rb +11 -3
- data/lib/puppet/parser/ast/selector.rb +14 -32
- data/lib/puppet/parser/ast/vardef.rb +1 -1
- data/lib/puppet/parser/collector.rb +67 -15
- data/lib/puppet/parser/compiler.rb +21 -53
- data/lib/puppet/parser/files.rb +92 -0
- data/lib/puppet/parser/functions.rb +3 -3
- data/lib/puppet/parser/functions/defined.rb +3 -3
- data/lib/puppet/parser/functions/fqdn_rand.rb +3 -3
- data/lib/puppet/parser/functions/inline_template.rb +4 -4
- data/lib/puppet/parser/functions/regsubst.rb +37 -35
- data/lib/puppet/parser/functions/require.rb +34 -0
- data/lib/puppet/parser/functions/shellquote.rb +41 -0
- data/lib/puppet/parser/functions/split.rb +29 -0
- data/lib/puppet/parser/functions/sprintf.rb +6 -6
- data/lib/puppet/parser/functions/template.rb +4 -4
- data/lib/puppet/parser/functions/versioncmp.rb +22 -1
- data/lib/puppet/parser/grammar.ra +812 -0
- data/lib/puppet/parser/interpreter.rb +4 -4
- data/lib/puppet/parser/lexer.rb +44 -15
- data/lib/puppet/parser/loaded_code.rb +115 -0
- data/lib/puppet/parser/makefile +8 -0
- data/lib/puppet/parser/parser.rb +1080 -928
- data/lib/puppet/parser/parser_support.rb +118 -96
- data/lib/puppet/parser/resource.rb +56 -126
- data/lib/puppet/parser/resource/param.rb +2 -76
- data/lib/puppet/parser/resource/reference.rb +15 -8
- data/lib/puppet/parser/scope.rb +68 -35
- data/lib/puppet/parser/templatewrapper.rb +8 -8
- data/lib/puppet/parser/yaml_trimmer.rb +11 -0
- data/lib/puppet/property.rb +69 -124
- data/lib/puppet/property/list.rb +3 -3
- data/lib/puppet/provider.rb +5 -5
- data/lib/puppet/provider/augeas/augeas.rb +119 -118
- data/lib/puppet/provider/computer/computer.rb +3 -3
- data/lib/puppet/provider/confine/variable.rb +1 -1
- data/lib/puppet/provider/cron/crontab.rb +8 -7
- data/lib/puppet/provider/group/directoryservice.rb +2 -2
- data/lib/puppet/provider/group/groupadd.rb +1 -1
- data/lib/puppet/provider/group/ldap.rb +3 -3
- data/lib/puppet/provider/group/pw.rb +1 -1
- data/lib/puppet/provider/host/parsed.rb +3 -3
- data/lib/puppet/provider/ldap.rb +1 -3
- data/lib/puppet/provider/macauthorization/macauthorization.rb +62 -55
- data/lib/puppet/provider/mailalias/aliases.rb +9 -1
- data/lib/puppet/provider/maillist/mailman.rb +8 -4
- data/lib/puppet/provider/mcx/mcxcontent.rb +11 -11
- data/lib/puppet/provider/mount/parsed.rb +2 -2
- data/lib/puppet/provider/nameservice.rb +6 -6
- data/lib/puppet/provider/nameservice/directoryservice.rb +83 -87
- data/lib/puppet/provider/package/appdmg.rb +10 -9
- data/lib/puppet/provider/package/apple.rb +1 -3
- data/lib/puppet/provider/package/apt.rb +5 -5
- data/lib/puppet/provider/package/aptitude.rb +1 -1
- data/lib/puppet/provider/package/aptrpm.rb +1 -1
- data/lib/puppet/provider/package/darwinport.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +2 -2
- data/lib/puppet/provider/package/fink.rb +6 -6
- data/lib/puppet/provider/package/freebsd.rb +1 -1
- data/lib/puppet/provider/package/gem.rb +2 -2
- data/lib/puppet/provider/package/hpux.rb +5 -5
- data/lib/puppet/provider/package/pkgdmg.rb +30 -22
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/ports.rb +1 -1
- data/lib/puppet/provider/package/rpm.rb +5 -5
- data/lib/puppet/provider/package/rug.rb +1 -1
- data/lib/puppet/provider/package/sun.rb +7 -7
- data/lib/puppet/provider/package/up2date.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +2 -2
- data/lib/puppet/provider/package/yumhelper.py +2 -2
- data/lib/puppet/provider/port/parsed.rb +1 -1
- data/lib/puppet/provider/selmodule/semodule.rb +3 -3
- data/lib/puppet/provider/service/base.rb +21 -12
- data/lib/puppet/provider/service/daemontools.rb +86 -49
- data/lib/puppet/provider/service/debian.rb +20 -12
- data/lib/puppet/provider/service/freebsd.rb +5 -5
- data/lib/puppet/provider/service/gentoo.rb +2 -2
- data/lib/puppet/provider/service/init.rb +21 -33
- data/lib/puppet/provider/service/launchd.rb +120 -48
- data/lib/puppet/provider/service/redhat.rb +12 -21
- data/lib/puppet/provider/service/runit.rb +19 -9
- data/lib/puppet/provider/service/smf.rb +49 -34
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +34 -0
- data/lib/puppet/provider/sshkey/parsed.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +12 -29
- data/lib/puppet/provider/user/hpux.rb +3 -3
- data/lib/puppet/provider/user/ldap.rb +2 -2
- data/lib/puppet/provider/zfs/solaris.rb +1 -1
- data/lib/puppet/provider/zone/solaris.rb +4 -4
- data/lib/puppet/provider/zpool/solaris.rb +3 -3
- data/lib/puppet/rails.rb +9 -9
- data/lib/puppet/rails/benchmark.rb +69 -0
- data/lib/puppet/rails/database/001_add_created_at_to_all_tables.rb +5 -5
- data/lib/puppet/rails/database/002_remove_duplicated_index_on_all_tables.rb +2 -2
- data/lib/puppet/rails/database/003_add_environment_to_host.rb +1 -1
- data/lib/puppet/rails/database/schema.rb +8 -8
- data/lib/puppet/rails/fact_value.rb +1 -1
- data/lib/puppet/rails/host.rb +211 -93
- data/lib/puppet/rails/param_name.rb +5 -1
- data/lib/puppet/rails/param_value.rb +29 -2
- data/lib/puppet/rails/puppet_tag.rb +5 -0
- data/lib/puppet/rails/resource.rb +120 -20
- data/lib/puppet/rails/resource_tag.rb +1 -1
- data/lib/puppet/rails/source_file.rb +1 -1
- data/lib/puppet/reference/configuration.rb +14 -14
- data/lib/puppet/reference/function.rb +1 -1
- data/lib/puppet/reference/metaparameter.rb +48 -0
- data/lib/puppet/reference/providers.rb +6 -6
- data/lib/puppet/reference/type.rb +1 -37
- data/lib/puppet/relationship.rb +57 -30
- data/lib/puppet/reports/rrdgraph.rb +4 -4
- data/lib/puppet/reports/store.rb +3 -3
- data/lib/puppet/reports/tagmail.rb +15 -15
- data/lib/puppet/resource.rb +265 -0
- data/lib/puppet/{node → resource}/catalog.rb +188 -112
- data/lib/puppet/{resource_reference.rb → resource/reference.rb} +46 -24
- data/lib/puppet/simple_graph.rb +165 -27
- data/lib/puppet/ssl.rb +7 -0
- data/lib/puppet/ssl/base.rb +62 -0
- data/lib/puppet/ssl/certificate.rb +34 -0
- data/lib/puppet/ssl/certificate_authority.rb +298 -0
- data/lib/puppet/ssl/certificate_authority/interface.rb +118 -0
- data/lib/puppet/ssl/certificate_factory.rb +145 -0
- data/lib/puppet/ssl/certificate_request.rb +51 -0
- data/lib/puppet/ssl/certificate_revocation_list.rb +86 -0
- data/lib/puppet/ssl/host.rb +271 -0
- data/lib/puppet/ssl/inventory.rb +52 -0
- data/lib/puppet/ssl/key.rb +56 -0
- data/lib/puppet/sslcertificates.rb +6 -6
- data/lib/puppet/sslcertificates/ca.rb +15 -15
- data/lib/puppet/sslcertificates/certificate.rb +4 -4
- data/lib/puppet/sslcertificates/inventory.rb +3 -3
- data/lib/puppet/transaction.rb +113 -139
- data/lib/puppet/transaction/change.rb +6 -6
- data/lib/puppet/transaction/event.rb +1 -1
- data/lib/puppet/transaction/report.rb +7 -1
- data/lib/puppet/transportable.rb +28 -28
- data/lib/puppet/type.rb +263 -688
- data/lib/puppet/type/augeas.rb +3 -2
- data/lib/puppet/type/component.rb +28 -95
- data/lib/puppet/type/computer.rb +10 -10
- data/lib/puppet/type/cron.rb +19 -14
- data/lib/puppet/type/exec.rb +21 -20
- data/lib/puppet/type/file.rb +306 -633
- data/lib/puppet/type/file/checksum.rb +10 -11
- data/lib/puppet/type/file/content.rb +83 -22
- data/lib/puppet/type/file/ensure.rb +15 -9
- data/lib/puppet/type/file/group.rb +7 -1
- data/lib/puppet/type/file/mode.rb +1 -1
- data/lib/puppet/type/file/owner.rb +9 -3
- data/lib/puppet/type/file/selcontext.rb +4 -4
- data/lib/puppet/type/file/source.rb +78 -179
- data/lib/puppet/type/file/target.rb +3 -3
- data/lib/puppet/type/file/type.rb +2 -2
- data/lib/puppet/type/filebucket.rb +33 -54
- data/lib/puppet/type/group.rb +8 -8
- data/lib/puppet/type/host.rb +7 -7
- data/lib/puppet/type/k5login.rb +2 -2
- data/lib/puppet/type/macauthorization.rb +77 -52
- data/lib/puppet/type/mailalias.rb +2 -2
- data/lib/puppet/type/maillist.rb +2 -2
- data/lib/puppet/type/mcx.rb +3 -3
- data/lib/puppet/type/mount.rb +16 -11
- data/lib/puppet/type/notify.rb +4 -4
- data/lib/puppet/type/package.rb +6 -28
- data/lib/puppet/type/port.rb +1 -1
- data/lib/puppet/type/resources.rb +19 -19
- data/lib/puppet/type/schedule.rb +18 -20
- data/lib/puppet/type/selmodule.rb +1 -1
- data/lib/puppet/type/service.rb +11 -7
- data/lib/puppet/type/ssh_authorized_key.rb +26 -9
- data/lib/puppet/type/sshkey.rb +2 -2
- data/lib/puppet/type/tidy.rb +285 -289
- data/lib/puppet/type/user.rb +9 -7
- data/lib/puppet/type/yumrepo.rb +17 -16
- data/lib/puppet/type/zone.rb +8 -7
- data/lib/puppet/util.rb +11 -36
- data/lib/puppet/util/autoload.rb +31 -19
- data/lib/puppet/util/autoload/file_cache.rb +115 -0
- data/lib/puppet/util/backups.rb +86 -0
- data/lib/puppet/util/cacher.rb +135 -0
- data/lib/puppet/util/checksums.rb +11 -1
- data/lib/puppet/util/classgen.rb +1 -1
- data/lib/puppet/util/config_store.rb +2 -2
- data/lib/puppet/util/constant_inflector.rb +1 -1
- data/lib/puppet/util/diff.rb +2 -2
- data/lib/puppet/util/docs.rb +9 -3
- data/lib/puppet/util/execution.rb +1 -1
- data/lib/puppet/util/feature.rb +27 -20
- data/lib/puppet/util/fileparsing.rb +3 -3
- data/lib/puppet/util/filetype.rb +8 -6
- data/lib/puppet/util/graph.rb +5 -5
- data/lib/puppet/util/inifile.rb +5 -5
- data/lib/puppet/util/json.rb +13 -0
- data/lib/puppet/util/ldap/connection.rb +2 -2
- data/lib/puppet/util/log.rb +48 -31
- data/lib/puppet/util/metric.rb +4 -4
- data/lib/puppet/util/monkey_patches.rb +43 -0
- data/lib/puppet/util/nagios_maker.rb +1 -1
- data/lib/puppet/util/package.rb +4 -4
- data/lib/puppet/util/pidlock.rb +59 -59
- data/lib/puppet/util/posix.rb +13 -52
- data/lib/puppet/util/provider_features.rb +3 -3
- data/lib/puppet/util/queue.rb +96 -0
- data/lib/puppet/util/queue/stomp.rb +47 -0
- data/lib/puppet/util/rails/cache_accumulator.rb +65 -0
- data/lib/puppet/util/rails/collection_merger.rb +0 -39
- data/lib/puppet/util/rails/reference_serializer.rb +17 -3
- data/lib/puppet/util/rdoc.rb +1 -0
- data/lib/puppet/util/rdoc/code_objects.rb +5 -1
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +5 -5
- data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +13 -13
- data/lib/puppet/util/rdoc/parser.rb +28 -32
- data/lib/puppet/util/reference.rb +29 -8
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +12 -6
- data/lib/puppet/util/settings.rb +203 -578
- data/lib/puppet/util/settings/boolean_setting.rb +33 -0
- data/lib/puppet/util/settings/file_setting.rb +119 -0
- data/lib/puppet/util/settings/setting.rb +110 -0
- data/lib/puppet/util/subclass_loader.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +2 -2
- data/lib/puppet/util/tagging.rb +1 -1
- data/lib/puppet/util/warnings.rb +17 -9
- data/man/man8/filebucket.8 +2 -2
- data/man/man8/pi.8 +2 -2
- data/man/man8/puppet.8 +3 -4
- data/man/man8/puppet.conf.8 +63 -63
- data/man/man8/puppetca.8 +2 -2
- data/man/man8/puppetd.8 +2 -2
- data/man/man8/puppetdoc.8 +2 -2
- data/man/man8/puppetmasterd.8 +2 -2
- data/man/man8/puppetrun.8 +2 -2
- data/man/man8/ralsh.8 +3 -3
- data/sbin/puppetca +102 -0
- data/sbin/puppetd +159 -0
- data/sbin/puppetmasterd +66 -0
- data/sbin/puppetqd +53 -0
- data/sbin/puppetrun +130 -0
- data/spec/Rakefile +2 -2
- data/spec/integration/application/puppet.rb +33 -0
- data/spec/integration/bin/puppetmasterd.rb +110 -0
- data/spec/integration/configurer.rb +18 -0
- data/spec/integration/defaults.rb +158 -7
- data/spec/integration/file_serving/content.rb +2 -0
- data/spec/integration/file_serving/fileset.rb +14 -0
- data/spec/integration/file_serving/metadata.rb +2 -0
- data/spec/integration/file_serving/terminus_helper.rb +22 -0
- data/spec/integration/indirector/catalog/compiler.rb +67 -0
- data/spec/integration/indirector/catalog/queue.rb +61 -0
- data/spec/integration/indirector/certificate/rest.rb +69 -0
- data/spec/integration/indirector/certificate_request/rest.rb +89 -0
- data/spec/integration/indirector/certificate_revocation_list/rest.rb +77 -0
- data/spec/integration/indirector/direct_file_server.rb +16 -23
- data/spec/integration/indirector/file_content/file_server.rb +75 -0
- data/spec/integration/indirector/report/rest.rb +95 -0
- data/spec/integration/indirector/rest.rb +207 -147
- data/spec/integration/network/client.rb +19 -0
- data/spec/integration/network/formats.rb +110 -0
- data/spec/integration/network/handler.rb +25 -0
- data/spec/integration/network/server/mongrel.rb +26 -8
- data/spec/integration/network/server/webrick.rb +49 -11
- data/spec/integration/node/environment.rb +58 -0
- data/spec/integration/node/facts.rb +4 -2
- data/spec/integration/parser/compiler.rb +29 -0
- data/spec/integration/parser/functions/require.rb +67 -0
- data/spec/integration/provider/mailalias/aliases.rb +25 -0
- data/spec/integration/{node → resource}/catalog.rb +17 -10
- data/spec/integration/ssl/certificate_authority.rb +135 -0
- data/spec/integration/ssl/certificate_request.rb +59 -0
- data/spec/integration/ssl/certificate_revocation_list.rb +42 -0
- data/spec/integration/ssl/host.rb +90 -0
- data/spec/integration/transaction.rb +66 -0
- data/spec/integration/transaction/report.rb +2 -5
- data/spec/integration/type.rb +22 -0
- data/spec/integration/type/file.rb +458 -0
- data/spec/integration/type/package.rb +1 -1
- data/spec/integration/type/tidy.rb +27 -0
- data/spec/integration/util/autoload.rb +114 -0
- data/spec/integration/util/feature.rb +54 -0
- data/spec/integration/util/file_locking.rb +2 -1
- data/spec/integration/util/settings.rb +27 -0
- data/spec/lib/puppet_spec/files.rb +9 -0
- data/spec/monkey_patches/add_confine_and_runnable_to_rspec_dsl.rb +1 -0
- data/spec/monkey_patches/alias_should_to_must.rb +1 -0
- data/spec/shared_behaviours/file_server_terminus.rb +14 -11
- data/spec/shared_behaviours/file_serving.rb +13 -17
- data/spec/spec_helper.rb +22 -5
- data/spec/unit/agent.rb +259 -0
- data/spec/unit/agent/locker.rb +100 -0
- data/spec/unit/agent/runner.rb +118 -0
- data/spec/unit/application.rb +420 -0
- data/spec/unit/application/filebucket.rb +220 -0
- data/spec/unit/application/pi.rb +84 -0
- data/spec/unit/application/puppet.rb +404 -0
- data/spec/unit/application/puppetca.rb +142 -0
- data/spec/unit/application/puppetd.rb +502 -0
- data/spec/unit/application/puppetdoc.rb +345 -0
- data/spec/unit/application/puppetmasterd.rb +456 -0
- data/spec/unit/application/puppetqd.rb +186 -0
- data/spec/unit/application/puppetrun.rb +279 -0
- data/spec/unit/application/ralsh.rb +237 -0
- data/spec/unit/configurer.rb +232 -0
- data/spec/unit/configurer/downloader.rb +188 -0
- data/spec/unit/configurer/fact_handler.rb +150 -0
- data/spec/unit/configurer/plugin_handler.rb +112 -0
- data/spec/unit/daemon.rb +287 -0
- data/spec/unit/file_serving/{file_base.rb → base.rb} +39 -31
- data/spec/unit/file_serving/configuration.rb +104 -93
- data/spec/unit/file_serving/configuration/parser.rb +64 -18
- data/spec/unit/file_serving/content.rb +65 -26
- data/spec/unit/file_serving/fileset.rb +116 -14
- data/spec/unit/file_serving/indirection_hooks.rb +34 -95
- data/spec/unit/file_serving/metadata.rb +27 -40
- data/spec/unit/file_serving/mount.rb +7 -118
- data/spec/unit/file_serving/mount/file.rb +188 -0
- data/spec/unit/file_serving/mount/modules.rb +63 -0
- data/spec/unit/file_serving/mount/plugins.rb +61 -0
- data/spec/unit/file_serving/terminus_helper.rb +39 -27
- data/spec/unit/indirector.rb +6 -1
- data/spec/unit/indirector/active_record.rb +76 -0
- data/spec/unit/indirector/catalog/active_record.rb +122 -0
- data/spec/unit/indirector/catalog/compiler.rb +222 -118
- data/spec/unit/indirector/catalog/queue.rb +20 -0
- data/spec/unit/indirector/catalog/rest.rb +11 -0
- data/spec/unit/indirector/catalog/yaml.rb +6 -6
- data/spec/unit/indirector/certificate/ca.rb +28 -0
- data/spec/unit/indirector/certificate/file.rb +28 -0
- data/spec/unit/indirector/certificate/rest.rb +23 -0
- data/spec/unit/indirector/certificate_request/ca.rb +19 -0
- data/spec/unit/indirector/certificate_request/file.rb +19 -0
- data/spec/unit/indirector/certificate_request/rest.rb +23 -0
- data/spec/unit/indirector/certificate_revocation_list/ca.rb +21 -0
- data/spec/unit/indirector/certificate_revocation_list/file.rb +20 -0
- data/spec/unit/indirector/certificate_revocation_list/rest.rb +23 -0
- data/spec/unit/indirector/direct_file_server.rb +3 -8
- data/spec/unit/indirector/exec.rb +6 -1
- data/spec/unit/indirector/facts/active_record.rb +104 -0
- data/spec/unit/indirector/facts/facter.rb +53 -12
- data/spec/unit/indirector/facts/rest.rb +11 -0
- data/spec/unit/indirector/file.rb +8 -1
- data/spec/unit/indirector/file_metadata/file.rb +5 -5
- data/spec/unit/indirector/file_server.rb +181 -98
- data/spec/unit/indirector/indirection.rb +102 -38
- data/spec/unit/indirector/key/ca.rb +28 -0
- data/spec/unit/indirector/key/file.rb +104 -0
- data/spec/unit/indirector/node/active_record.rb +34 -0
- data/spec/unit/indirector/node/ldap.rb +1 -1
- data/spec/unit/indirector/node/rest.rb +2 -2
- data/spec/unit/indirector/queue.rb +123 -0
- data/spec/unit/indirector/report/rest.rb +28 -0
- data/spec/unit/indirector/request.rb +221 -0
- data/spec/unit/indirector/rest.rb +343 -334
- data/spec/unit/indirector/runner/rest.rb +11 -0
- data/spec/unit/indirector/ssl_file.rb +280 -0
- data/spec/unit/module.rb +180 -180
- data/spec/unit/network/authconfig.rb +292 -0
- data/spec/unit/network/authstore.rb +94 -0
- data/spec/unit/network/client.rb +2 -2
- data/spec/unit/network/client/dipper.rb +16 -0
- data/spec/unit/network/format.rb +191 -0
- data/spec/unit/network/format_handler.rb +306 -0
- data/spec/unit/network/formats.rb +249 -0
- data/spec/unit/network/handler/fileserver.rb +2 -5
- data/spec/unit/network/http.rb +3 -3
- data/spec/unit/network/http/api/v1.rb +122 -0
- data/spec/unit/network/http/handler.rb +448 -0
- data/spec/unit/network/http/mongrel.rb +46 -32
- data/spec/unit/network/http/mongrel/rest.rb +174 -319
- data/spec/unit/network/http/rack.rb +102 -0
- data/spec/unit/network/http/rack/rest.rb +199 -0
- data/spec/unit/network/http/rack/xmlrpc.rb +157 -0
- data/spec/unit/network/http/webrick.rb +249 -37
- data/spec/unit/network/http/webrick/rest.rb +113 -279
- data/spec/unit/network/http_pool.rb +86 -110
- data/spec/unit/network/rest_authconfig.rb +146 -0
- data/spec/unit/network/rest_authorization.rb +43 -0
- data/spec/unit/network/rights.rb +519 -0
- data/spec/unit/network/server.rb +475 -257
- data/spec/unit/node.rb +43 -10
- data/spec/unit/node/environment.rb +143 -9
- data/spec/unit/node/facts.rb +77 -24
- data/spec/unit/other/selinux.rb +85 -0
- data/spec/unit/other/transbucket.rb +29 -13
- data/spec/unit/other/transobject.rb +35 -15
- data/spec/unit/parameter.rb +378 -5
- data/spec/unit/parser/ast.rb +1 -1
- data/spec/unit/parser/ast/arithmetic_operator.rb +17 -17
- data/spec/unit/parser/ast/astarray.rb +16 -10
- data/spec/unit/parser/ast/boolean_operator.rb +2 -2
- data/spec/unit/parser/ast/casestatement.rb +143 -0
- data/spec/unit/parser/ast/collection.rb +63 -0
- data/spec/unit/parser/ast/collexpr.rb +31 -8
- data/spec/unit/parser/ast/comparison_operator.rb +9 -9
- data/spec/unit/parser/ast/definition.rb +18 -0
- data/spec/unit/parser/ast/function.rb +6 -0
- data/spec/unit/parser/ast/ifstatement.rb +75 -0
- data/spec/unit/parser/ast/leaf.rb +261 -0
- data/spec/unit/parser/ast/match_operator.rb +50 -0
- data/spec/unit/parser/ast/minus.rb +1 -1
- data/spec/unit/parser/ast/node.rb +20 -0
- data/spec/unit/parser/ast/not.rb +1 -1
- data/spec/unit/parser/ast/resource_override.rb +5 -5
- data/spec/unit/parser/ast/resource_reference.rb +11 -5
- data/spec/unit/parser/ast/selector.rb +156 -0
- data/spec/unit/parser/ast/vardef.rb +11 -11
- data/spec/unit/parser/collector.rb +167 -48
- data/spec/unit/parser/compiler.rb +128 -104
- data/spec/unit/parser/files.rb +190 -0
- data/spec/unit/parser/functions/inline_template.rb +0 -0
- data/spec/unit/parser/functions/regsubst.rb +42 -42
- data/spec/unit/parser/functions/require.rb +36 -0
- data/spec/unit/parser/functions/shellquote.rb +92 -0
- data/spec/unit/parser/functions/split.rb +51 -0
- data/spec/unit/parser/functions/sprintf.rb +11 -11
- data/spec/unit/parser/functions/template.rb +0 -0
- data/spec/unit/parser/functions/versioncmp.rb +2 -2
- data/spec/unit/parser/interpreter.rb +16 -7
- data/spec/unit/parser/lexer.rb +72 -12
- data/spec/unit/parser/loaded_code.rb +198 -0
- data/spec/unit/parser/parser.rb +215 -28
- data/spec/unit/parser/resource.rb +131 -22
- data/spec/unit/parser/scope.rb +207 -12
- data/spec/unit/parser/templatewrapper.rb +8 -3
- data/spec/unit/property.rb +270 -16
- data/spec/unit/property/list.rb +12 -6
- data/spec/unit/provider.rb +31 -0
- data/spec/unit/provider/augeas/augeas.rb +61 -33
- data/spec/unit/provider/macauthorization.rb +29 -29
- data/spec/unit/provider/mcx/mcxcontent.rb +4 -4
- data/spec/unit/provider/mount/parsed.rb +5 -8
- data/spec/unit/provider/naginator.rb +0 -0
- data/spec/unit/provider/package/apt.rb +6 -6
- data/spec/unit/provider/package/pkgdmg.rb +73 -0
- data/spec/unit/provider/selboolean.rb +1 -1
- data/spec/unit/provider/selmodule.rb +2 -2
- data/spec/unit/provider/service/daemontools.rb +40 -15
- data/spec/unit/provider/service/debian.rb +89 -0
- data/spec/unit/provider/service/init.rb +106 -0
- data/spec/unit/provider/service/launchd.rb +71 -13
- data/spec/unit/provider/service/redhat.rb +94 -0
- data/spec/unit/provider/service/runit.rb +14 -2
- data/spec/unit/provider/ssh_authorized_key/parsed.rb +66 -2
- data/spec/unit/provider/user/ldap.rb +1 -1
- data/spec/unit/provider/user/user_role_add.rb +1 -1
- data/spec/unit/provider/zfs/solaris.rb +18 -6
- data/spec/unit/provider/zone/solaris.rb +1 -1
- data/spec/unit/rails.rb +16 -22
- data/spec/unit/rails/host.rb +163 -0
- data/spec/unit/rails/param_value.rb +49 -0
- data/spec/unit/rails/resource.rb +87 -0
- data/spec/unit/relationship.rb +141 -29
- data/spec/unit/resource.rb +504 -0
- data/spec/unit/resource/catalog.rb +1061 -0
- data/spec/unit/resource/reference.rb +111 -0
- data/spec/unit/simple_graph.rb +448 -191
- data/spec/unit/ssl/certificate.rb +124 -0
- data/spec/unit/ssl/certificate_authority.rb +741 -0
- data/spec/unit/ssl/certificate_authority/interface.rb +269 -0
- data/spec/unit/ssl/certificate_factory.rb +107 -0
- data/spec/unit/ssl/certificate_request.rb +193 -0
- data/spec/unit/ssl/certificate_revocation_list.rb +180 -0
- data/spec/unit/ssl/host.rb +704 -0
- data/spec/unit/ssl/inventory.rb +180 -0
- data/spec/unit/ssl/key.rb +198 -0
- data/spec/unit/transaction.rb +65 -2
- data/spec/unit/transaction/change.rb +1 -1
- data/spec/unit/transaction/report.rb +1 -1
- data/spec/unit/type.rb +361 -8
- data/spec/unit/type/augeas.rb +30 -37
- data/spec/unit/type/component.rb +63 -0
- data/spec/unit/type/computer.rb +17 -21
- data/spec/unit/type/exec.rb +27 -2
- data/spec/unit/type/file.rb +704 -83
- data/spec/unit/type/file/content.rb +253 -15
- data/spec/unit/type/file/ensure.rb +65 -2
- data/spec/unit/type/file/group.rb +5 -0
- data/spec/unit/type/file/owner.rb +5 -0
- data/spec/unit/type/file/selinux.rb +12 -16
- data/spec/unit/type/file/source.rb +264 -0
- data/spec/unit/type/filebucket.rb +74 -0
- data/spec/unit/type/group.rb +1 -5
- data/spec/unit/type/macauthorization.rb +59 -26
- data/spec/unit/type/mcx.rb +8 -16
- data/spec/unit/type/mount.rb +8 -16
- data/spec/unit/type/noop_metaparam.rb +0 -2
- data/spec/unit/type/package.rb +13 -23
- data/spec/unit/type/resources.rb +4 -7
- data/spec/unit/type/schedule.rb +1 -7
- data/spec/unit/type/selboolean.rb +4 -6
- data/spec/unit/type/service.rb +23 -33
- data/spec/unit/type/ssh_authorized_key.rb +25 -14
- data/spec/unit/type/tidy.rb +329 -21
- data/spec/unit/type/user.rb +18 -10
- data/spec/unit/type/zfs.rb +6 -6
- data/spec/unit/util/autoload.rb +94 -3
- data/spec/unit/util/autoload/file_cache.rb +183 -0
- data/spec/unit/util/backups.rb +159 -0
- data/spec/unit/util/cache_accumulator.rb +69 -0
- data/spec/unit/util/cacher.rb +185 -0
- data/spec/unit/util/checksums.rb +9 -1
- data/spec/unit/util/feature.rb +72 -0
- data/spec/unit/util/filetype.rb +1 -11
- data/spec/unit/util/json.rb +21 -0
- data/spec/unit/util/log.rb +45 -0
- data/spec/unit/util/package.rb +2 -2
- data/spec/unit/util/queue.rb +88 -0
- data/spec/unit/util/queue/stomp.rb +140 -0
- data/spec/unit/util/reference_serializer.rb +52 -0
- data/spec/unit/util/selinux.rb +5 -3
- data/spec/unit/util/settings.rb +413 -264
- data/spec/unit/util/settings/file_setting.rb +223 -0
- data/spec/unit/util/storage.rb +11 -11
- data/spec/unit/util/warnings.rb +21 -17
- data/test/Rakefile +6 -5
- data/test/certmgr/ca.rb +5 -5
- data/test/certmgr/certmgr.rb +4 -4
- data/test/data/providers/cron/crontab.allthree +2 -2
- data/test/data/providers/cron/crontab.envNcomment +1 -1
- data/test/data/providers/cron/crontab.envNname +1 -1
- data/test/data/providers/cron/crontab.multirecords +1 -1
- data/test/data/providers/cron/crontab_collections.yaml +14 -14
- data/test/data/providers/cron/crontab_multiple_with_env.yaml +6 -6
- data/test/data/providers/cron/crontab_sample_records.yaml +102 -102
- data/test/data/providers/mailalias/aliases/test1 +28 -0
- data/test/data/providers/package/testpackages.yaml +6 -6
- data/test/data/reports/1.yaml +17 -17
- data/test/data/reports/tagmail_passers.conf +2 -2
- data/test/data/snippets/append.pp +5 -5
- data/test/data/snippets/casestatement.pp +9 -2
- data/test/data/snippets/classincludes.pp +1 -1
- data/test/data/snippets/collection_override.pp +8 -0
- data/test/data/snippets/fqparents.pp +2 -2
- data/test/data/snippets/ifexpression.pp +12 -0
- data/test/data/snippets/multilinecomments.pp +5 -1
- data/test/data/snippets/selectorvalues.pp +7 -0
- data/test/data/types/hosts/1 +1 -1
- data/test/data/types/hosts/2 +3 -3
- data/test/data/types/hosts/solaris +2 -2
- data/test/data/types/mount/freebsd.fstab +7 -7
- data/test/data/types/mount/solaris.fstab +10 -10
- data/test/data/types/port/1 +472 -472
- data/test/data/types/port/darwin +4347 -4347
- data/test/language/ast.rb +3 -2
- data/test/language/ast/casestatement.rb +12 -12
- data/test/language/ast/resource.rb +4 -4
- data/test/language/ast/resource_reference.rb +5 -5
- data/test/language/ast/selector.rb +11 -11
- data/test/language/ast/variable.rb +4 -4
- data/test/language/functions.rb +16 -16
- data/test/language/parser.rb +89 -111
- data/test/language/resource.rb +3 -88
- data/test/language/scope.rb +14 -55
- data/test/language/snippets.rb +31 -31
- data/test/lib/puppettest.rb +12 -12
- data/test/lib/puppettest/certificates.rb +2 -2
- data/test/lib/puppettest/exetest.rb +0 -1
- data/test/lib/puppettest/fakes.rb +1 -1
- data/test/lib/puppettest/parsertesting.rb +9 -4
- data/test/lib/puppettest/railstesting.rb +3 -3
- data/test/lib/puppettest/servertest.rb +1 -1
- data/test/lib/puppettest/support/assertions.rb +2 -2
- data/test/lib/puppettest/support/collection.rb +1 -1
- data/test/lib/puppettest/support/resources.rb +7 -7
- data/test/lib/puppettest/support/utils.rb +10 -16
- data/test/lib/puppettest/testcase.rb +2 -1
- data/test/network/authconfig.rb +1 -1
- data/test/network/authorization.rb +1 -1
- data/test/network/authstore.rb +57 -14
- data/test/network/client/ca.rb +1 -0
- data/test/network/client/resource.rb +12 -50
- data/test/network/client_request.rb +1 -1
- data/test/network/handler/bucket.rb +2 -2
- data/test/network/handler/fileserver.rb +17 -21
- data/test/network/handler/master.rb +5 -5
- data/test/network/handler/report.rb +3 -3
- data/test/network/handler/resource.rb +29 -75
- data/test/network/handler/runner.rb +8 -58
- data/test/network/rights.rb +1 -1
- data/test/network/server/mongrel_test.rb +15 -1
- data/test/network/server/webrick.rb +0 -36
- data/test/network/xmlrpc/webrick_servlet.rb +5 -5
- data/test/other/dsl.rb +3 -3
- data/test/other/events.rb +15 -15
- data/test/other/puppet.rb +2 -32
- data/test/other/relationships.rb +21 -148
- data/test/other/report.rb +20 -23
- data/test/other/transactions.rb +110 -298
- data/test/puppet/defaults.rb +1 -1
- data/test/puppet/tc_suidmanager.rb +1 -1
- data/test/rails/railsparameter.rb +4 -4
- data/test/ral/manager/attributes.rb +12 -68
- data/test/ral/manager/instances.rb +3 -19
- data/test/ral/manager/manager.rb +7 -7
- data/test/ral/manager/provider.rb +7 -7
- data/test/ral/manager/type.rb +54 -349
- data/test/ral/providers/cron/crontab.rb +14 -14
- data/test/ral/providers/group.rb +5 -6
- data/test/ral/providers/host/parsed.rb +3 -3
- data/test/ral/providers/mailalias/aliases.rb +4 -4
- data/test/ral/providers/package.rb +3 -3
- data/test/ral/providers/package/aptitude.rb +55 -55
- data/test/ral/providers/package/aptrpm.rb +7 -7
- data/test/ral/providers/parsedfile.rb +10 -14
- data/test/ral/providers/port/parsed.rb +6 -6
- data/test/ral/providers/provider.rb +10 -10
- data/test/ral/providers/service/base.rb +32 -32
- data/test/ral/providers/sshkey/parsed.rb +14 -14
- data/test/ral/providers/user.rb +16 -17
- data/test/ral/providers/user/useradd.rb +19 -22
- data/test/ral/type/cron.rb +21 -28
- data/test/ral/type/exec.rb +57 -60
- data/test/ral/type/file.rb +88 -862
- data/test/ral/type/file/target.rb +21 -70
- data/test/ral/type/fileignoresource.rb +37 -44
- data/test/ral/type/filesources.rb +43 -473
- data/test/ral/type/group.rb +6 -7
- data/test/ral/type/host.rb +14 -30
- data/test/ral/type/mailalias.rb +3 -3
- data/test/ral/type/port.rb +5 -5
- data/test/ral/type/resources.rb +37 -37
- data/test/ral/type/service.rb +3 -3
- data/test/ral/type/sshkey.rb +34 -39
- data/test/ral/type/user.rb +15 -14
- data/test/ral/type/yumrepo.rb +18 -17
- data/test/ral/type/zone.rb +4 -6
- data/test/test +9 -9
- data/test/util/fileparsing.rb +10 -10
- data/test/util/inifile.rb +6 -6
- data/test/util/instance_loader.rb +1 -1
- data/test/util/log.rb +2 -2
- data/test/util/metrics.rb +1 -6
- data/test/util/package.rb +1 -1
- data/test/util/pidlock.rb +116 -116
- data/test/util/settings.rb +40 -429
- data/test/util/storage.rb +5 -5
- data/test/util/subclass_loader.rb +0 -7
- data/test/util/utiltest.rb +10 -29
- metadata +1369 -941
- data/bin/puppetca +0 -363
- data/bin/puppetd +0 -439
- data/bin/puppetmasterd +0 -289
- data/bin/puppetrun +0 -369
- data/conf/redhat/lsb-config.patch +0 -51
- data/conf/redhat/no-chuser-0.15.1.patch +0 -38
- data/conf/redhat/no-lockdir.patch +0 -13
- data/examples/mac_netinfo.pp +0 -5
- data/ext/passenger/README +0 -63
- data/ext/passenger/apache2.conf +0 -29
- data/ext/passenger/config.ru +0 -40
- data/lib/puppet/config_stores/rest.rb +0 -60
- data/lib/puppet/executables/client/certhandler.rb +0 -82
- data/lib/puppet/indirector/file_content/modules.rb +0 -11
- data/lib/puppet/indirector/file_metadata/modules.rb +0 -17
- data/lib/puppet/indirector/module_files.rb +0 -82
- data/lib/puppet/indirector/ssl_rsa.rb +0 -5
- data/lib/puppet/indirector/ssl_rsa/file.rb +0 -33
- data/lib/puppet/network/client/master.rb +0 -524
- data/lib/puppet/network/http_server/rack.rb +0 -148
- data/lib/puppet/pgraph.rb +0 -121
- data/lib/puppet/provider/group/netinfo.rb +0 -15
- data/lib/puppet/provider/host/netinfo.rb +0 -19
- data/lib/puppet/provider/mount/netinfo.rb +0 -37
- data/lib/puppet/provider/nameservice/netinfo.rb +0 -224
- data/lib/puppet/provider/user/netinfo.rb +0 -111
- data/lib/puppet/util/fact_store.rb +0 -59
- data/lib/puppet/util/uri_helper.rb +0 -22
- data/spec/integration/file_serving/configuration.rb +0 -43
- data/spec/integration/indirector/module_files.rb +0 -57
- data/spec/unit/executables/client/certhandler.rb +0 -135
- data/spec/unit/indirector/file_content/modules.rb +0 -18
- data/spec/unit/indirector/file_metadata/modules.rb +0 -42
- data/spec/unit/indirector/module_files.rb +0 -259
- data/spec/unit/indirector/ssl_rsa/file.rb +0 -121
- data/spec/unit/network/client/master.rb +0 -442
- data/spec/unit/node/catalog.rb +0 -865
- data/spec/unit/other/pgraph.rb +0 -210
- data/spec/unit/resource_reference.rb +0 -73
- data/spec/unit/util/uri_helper.rb +0 -41
- data/test/data/snippets/ifexpression.rb +0 -6
- data/test/executables/filebucket.rb +0 -51
- data/test/executables/puppetbin.rb +0 -104
- data/test/executables/puppetca.rb +0 -115
- data/test/executables/puppetd.rb +0 -55
- data/test/executables/puppetmasterd.rb +0 -147
- data/test/network/client/client.rb +0 -195
- data/test/network/client/master.rb +0 -490
- data/test/network/daemon.rb +0 -70
- data/test/network/handler/handler.rb +0 -63
- data/test/other/overrides.rb +0 -107
- data/test/puppet/conffiles.rb +0 -107
- data/test/rails/ast.rb +0 -73
- data/test/rails/configuration.rb +0 -71
- data/test/rails/host.rb +0 -154
- data/test/rails/railsresource.rb +0 -251
- data/test/ral/providers/host/netinfo.rb +0 -56
- data/test/ral/providers/mount/netinfo.rb +0 -79
- data/test/ral/type/basic.rb +0 -85
- data/test/ral/type/filebucket.rb +0 -157
- data/test/ral/type/parameter.rb +0 -174
- data/test/ral/type/property.rb +0 -388
- data/test/ral/type/tidy.rb +0 -291
- data/test/util/autoload.rb +0 -145
- data/test/util/features.rb +0 -95
@@ -0,0 +1,124 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require File.dirname(__FILE__) + '/../../spec_helper'
|
4
|
+
|
5
|
+
require 'puppet/ssl/certificate'
|
6
|
+
|
7
|
+
describe Puppet::SSL::Certificate do
|
8
|
+
before do
|
9
|
+
@class = Puppet::SSL::Certificate
|
10
|
+
end
|
11
|
+
|
12
|
+
after do
|
13
|
+
@class.instance_variable_set("@ca_location", nil)
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should be extended with the Indirector module" do
|
17
|
+
@class.metaclass.should be_include(Puppet::Indirector)
|
18
|
+
end
|
19
|
+
|
20
|
+
it "should indirect certificate" do
|
21
|
+
@class.indirection.name.should == :certificate
|
22
|
+
end
|
23
|
+
|
24
|
+
it "should only support the text format" do
|
25
|
+
@class.supported_formats.should == [:s]
|
26
|
+
end
|
27
|
+
|
28
|
+
describe "when converting from a string" do
|
29
|
+
it "should create a certificate instance with its name set to the certificate subject and its content set to the extracted certificate" do
|
30
|
+
cert = stub 'certificate', :subject => "/CN=Foo.madstop.com"
|
31
|
+
OpenSSL::X509::Certificate.expects(:new).with("my certificate").returns(cert)
|
32
|
+
|
33
|
+
mycert = stub 'sslcert'
|
34
|
+
mycert.expects(:content=).with(cert)
|
35
|
+
|
36
|
+
@class.expects(:new).with("foo.madstop.com").returns mycert
|
37
|
+
|
38
|
+
@class.from_s("my certificate")
|
39
|
+
end
|
40
|
+
|
41
|
+
it "should create multiple certificate instances when asked" do
|
42
|
+
cert1 = stub 'cert1'
|
43
|
+
@class.expects(:from_s).with("cert1").returns cert1
|
44
|
+
cert2 = stub 'cert2'
|
45
|
+
@class.expects(:from_s).with("cert2").returns cert2
|
46
|
+
|
47
|
+
@class.from_multiple_s("cert1\n---\ncert2").should == [cert1, cert2]
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
describe "when converting to a string" do
|
52
|
+
before do
|
53
|
+
@certificate = @class.new("myname")
|
54
|
+
end
|
55
|
+
|
56
|
+
it "should return an empty string when it has no certificate" do
|
57
|
+
@certificate.to_s.should == ""
|
58
|
+
end
|
59
|
+
|
60
|
+
it "should convert the certificate to pem format" do
|
61
|
+
certificate = mock 'certificate', :to_pem => "pem"
|
62
|
+
@certificate.content = certificate
|
63
|
+
@certificate.to_s.should == "pem"
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should be able to convert multiple instances to a string" do
|
67
|
+
cert2 = @class.new("foo")
|
68
|
+
@certificate.expects(:to_s).returns "cert1"
|
69
|
+
cert2.expects(:to_s).returns "cert2"
|
70
|
+
|
71
|
+
@class.to_multiple_s([@certificate, cert2]).should == "cert1\n---\ncert2"
|
72
|
+
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
describe "when managing instances" do
|
77
|
+
before do
|
78
|
+
@certificate = @class.new("myname")
|
79
|
+
end
|
80
|
+
|
81
|
+
it "should have a name attribute" do
|
82
|
+
@certificate.name.should == "myname"
|
83
|
+
end
|
84
|
+
|
85
|
+
it "should convert its name to a string and downcase it" do
|
86
|
+
@class.new(:MyName).name.should == "myname"
|
87
|
+
end
|
88
|
+
|
89
|
+
it "should have a content attribute" do
|
90
|
+
@certificate.should respond_to(:content)
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should return a nil expiration if there is no actual certificate" do
|
94
|
+
@certificate.stubs(:content).returns nil
|
95
|
+
|
96
|
+
@certificate.expiration.should be_nil
|
97
|
+
end
|
98
|
+
|
99
|
+
it "should use the expiration of the certificate as its expiration date" do
|
100
|
+
cert = stub 'cert'
|
101
|
+
@certificate.stubs(:content).returns cert
|
102
|
+
|
103
|
+
cert.expects(:not_after).returns "sometime"
|
104
|
+
|
105
|
+
@certificate.expiration.should == "sometime"
|
106
|
+
end
|
107
|
+
|
108
|
+
it "should be able to read certificates from disk" do
|
109
|
+
path = "/my/path"
|
110
|
+
File.expects(:read).with(path).returns("my certificate")
|
111
|
+
certificate = mock 'certificate'
|
112
|
+
OpenSSL::X509::Certificate.expects(:new).with("my certificate").returns(certificate)
|
113
|
+
@certificate.read(path).should equal(certificate)
|
114
|
+
@certificate.content.should equal(certificate)
|
115
|
+
end
|
116
|
+
|
117
|
+
it "should have a :to_text method that it delegates to the actual key" do
|
118
|
+
real_certificate = mock 'certificate'
|
119
|
+
real_certificate.expects(:to_text).returns "certificatetext"
|
120
|
+
@certificate.content = real_certificate
|
121
|
+
@certificate.to_text.should == "certificatetext"
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
@@ -0,0 +1,741 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require File.dirname(__FILE__) + '/../../spec_helper'
|
4
|
+
|
5
|
+
require 'puppet/ssl/certificate_authority'
|
6
|
+
|
7
|
+
describe Puppet::SSL::CertificateAuthority do
|
8
|
+
after do
|
9
|
+
Puppet::Util::Cacher.expire
|
10
|
+
Puppet.settings.clearused
|
11
|
+
end
|
12
|
+
|
13
|
+
def stub_ca_host
|
14
|
+
@key = mock 'key'
|
15
|
+
@key.stubs(:content).returns "cakey"
|
16
|
+
@cacert = mock 'certificate'
|
17
|
+
@cacert.stubs(:content).returns "cacertificate"
|
18
|
+
|
19
|
+
@host = stub 'ssl_host', :key => @key, :certificate => @cacert, :name => Puppet::SSL::Host.ca_name
|
20
|
+
end
|
21
|
+
|
22
|
+
it "should have a class method for returning a singleton instance" do
|
23
|
+
Puppet::SSL::CertificateAuthority.should respond_to(:instance)
|
24
|
+
end
|
25
|
+
|
26
|
+
describe "when finding an existing instance" do
|
27
|
+
describe "and the host is a CA host and the proces name is 'puppetmasterd'" do
|
28
|
+
before do
|
29
|
+
Puppet.settings.stubs(:value).with(:ca).returns true
|
30
|
+
Puppet.settings.stubs(:value).with(:name).returns "puppetmasterd"
|
31
|
+
|
32
|
+
@ca = mock('ca')
|
33
|
+
Puppet::SSL::CertificateAuthority.stubs(:new).returns @ca
|
34
|
+
end
|
35
|
+
|
36
|
+
it "should return an instance" do
|
37
|
+
Puppet::SSL::CertificateAuthority.instance.should equal(@ca)
|
38
|
+
end
|
39
|
+
|
40
|
+
it "should always return the same instance" do
|
41
|
+
Puppet::SSL::CertificateAuthority.instance.should equal(Puppet::SSL::CertificateAuthority.instance)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
describe "and the host is not a CA host" do
|
46
|
+
it "should return nil" do
|
47
|
+
Puppet.settings.stubs(:value).with(:ca).returns false
|
48
|
+
Puppet.settings.stubs(:value).with(:name).returns "puppetmasterd"
|
49
|
+
|
50
|
+
ca = mock('ca')
|
51
|
+
Puppet::SSL::CertificateAuthority.expects(:new).never
|
52
|
+
Puppet::SSL::CertificateAuthority.instance.should be_nil
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
describe "and the process name is not 'puppetmasterd'" do
|
57
|
+
it "should return nil" do
|
58
|
+
Puppet.settings.stubs(:value).with(:ca).returns true
|
59
|
+
Puppet.settings.stubs(:value).with(:name).returns "puppetd"
|
60
|
+
|
61
|
+
ca = mock('ca')
|
62
|
+
Puppet::SSL::CertificateAuthority.expects(:new).never
|
63
|
+
Puppet::SSL::CertificateAuthority.instance.should be_nil
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
describe "when initializing" do
|
69
|
+
before do
|
70
|
+
Puppet.settings.stubs(:use)
|
71
|
+
Puppet.settings.stubs(:value).returns "ca_testing"
|
72
|
+
|
73
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:setup)
|
74
|
+
end
|
75
|
+
|
76
|
+
it "should always set its name to the value of :certname" do
|
77
|
+
Puppet.settings.expects(:value).with(:certname).returns "ca_testing"
|
78
|
+
|
79
|
+
Puppet::SSL::CertificateAuthority.new.name.should == "ca_testing"
|
80
|
+
end
|
81
|
+
|
82
|
+
it "should create an SSL::Host instance whose name is the 'ca_name'" do
|
83
|
+
Puppet::SSL::Host.expects(:ca_name).returns "caname"
|
84
|
+
|
85
|
+
host = stub 'host'
|
86
|
+
Puppet::SSL::Host.expects(:new).with("caname").returns host
|
87
|
+
|
88
|
+
Puppet::SSL::CertificateAuthority.new
|
89
|
+
end
|
90
|
+
|
91
|
+
it "should use the :main, :ca, and :ssl settings sections" do
|
92
|
+
Puppet.settings.expects(:use).with(:main, :ssl, :ca)
|
93
|
+
Puppet::SSL::CertificateAuthority.new
|
94
|
+
end
|
95
|
+
|
96
|
+
it "should create an inventory instance" do
|
97
|
+
Puppet::SSL::Inventory.expects(:new).returns "inventory"
|
98
|
+
|
99
|
+
Puppet::SSL::CertificateAuthority.new.inventory.should == "inventory"
|
100
|
+
end
|
101
|
+
|
102
|
+
it "should make sure the CA is set up" do
|
103
|
+
Puppet::SSL::CertificateAuthority.any_instance.expects(:setup)
|
104
|
+
|
105
|
+
Puppet::SSL::CertificateAuthority.new
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
describe "when setting itself up" do
|
110
|
+
it "should generate the CA certificate if it does not have one" do
|
111
|
+
Puppet.settings.stubs :use
|
112
|
+
|
113
|
+
host = stub 'host'
|
114
|
+
Puppet::SSL::Host.stubs(:new).returns host
|
115
|
+
|
116
|
+
host.expects(:certificate).returns nil
|
117
|
+
|
118
|
+
Puppet::SSL::CertificateAuthority.any_instance.expects(:generate_ca_certificate)
|
119
|
+
Puppet::SSL::CertificateAuthority.new
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
describe "when retrieving the certificate revocation list" do
|
124
|
+
before do
|
125
|
+
Puppet.settings.stubs(:use)
|
126
|
+
Puppet.settings.stubs(:value).returns "ca_testing"
|
127
|
+
Puppet.settings.stubs(:value).with(:cacrl).returns "/my/crl"
|
128
|
+
|
129
|
+
cert = stub("certificate", :content => "real_cert")
|
130
|
+
key = stub("key", :content => "real_key")
|
131
|
+
@host = stub 'host', :certificate => cert, :name => "hostname", :key => key
|
132
|
+
|
133
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:setup)
|
134
|
+
@ca = Puppet::SSL::CertificateAuthority.new
|
135
|
+
|
136
|
+
@ca.stubs(:host).returns @host
|
137
|
+
end
|
138
|
+
|
139
|
+
it "should return any found CRL instance" do
|
140
|
+
crl = mock 'crl'
|
141
|
+
Puppet::SSL::CertificateRevocationList.expects(:find).returns crl
|
142
|
+
@ca.crl.should equal(crl)
|
143
|
+
end
|
144
|
+
|
145
|
+
it "should create, generate, and save a new CRL instance of no CRL can be found" do
|
146
|
+
crl = mock 'crl'
|
147
|
+
Puppet::SSL::CertificateRevocationList.expects(:find).returns nil
|
148
|
+
|
149
|
+
Puppet::SSL::CertificateRevocationList.expects(:new).returns crl
|
150
|
+
|
151
|
+
crl.expects(:generate).with(@ca.host.certificate.content, @ca.host.key.content)
|
152
|
+
crl.expects(:save)
|
153
|
+
|
154
|
+
@ca.crl.should equal(crl)
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
describe "when generating a self-signed CA certificate" do
|
159
|
+
before do
|
160
|
+
Puppet.settings.stubs(:use)
|
161
|
+
Puppet.settings.stubs(:value).returns "ca_testing"
|
162
|
+
|
163
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:setup)
|
164
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:crl)
|
165
|
+
@ca = Puppet::SSL::CertificateAuthority.new
|
166
|
+
|
167
|
+
@host = stub 'host', :key => mock("key"), :name => "hostname", :certificate => mock('certificate')
|
168
|
+
|
169
|
+
Puppet::SSL::CertificateRequest.any_instance.stubs(:generate)
|
170
|
+
|
171
|
+
@ca.stubs(:host).returns @host
|
172
|
+
end
|
173
|
+
|
174
|
+
it "should create and store a password at :capass" do
|
175
|
+
Puppet.settings.expects(:value).with(:capass).returns "/path/to/pass"
|
176
|
+
|
177
|
+
FileTest.expects(:exist?).with("/path/to/pass").returns false
|
178
|
+
|
179
|
+
fh = mock 'filehandle'
|
180
|
+
Puppet.settings.expects(:write).with(:capass).yields fh
|
181
|
+
|
182
|
+
fh.expects(:print).with { |s| s.length > 18 }
|
183
|
+
|
184
|
+
@ca.stubs(:sign)
|
185
|
+
|
186
|
+
@ca.generate_ca_certificate
|
187
|
+
end
|
188
|
+
|
189
|
+
it "should generate a key if one does not exist" do
|
190
|
+
@ca.stubs :generate_password
|
191
|
+
@ca.stubs :sign
|
192
|
+
|
193
|
+
@ca.host.expects(:key).returns nil
|
194
|
+
@ca.host.expects(:generate_key)
|
195
|
+
|
196
|
+
@ca.generate_ca_certificate
|
197
|
+
end
|
198
|
+
|
199
|
+
it "should create and sign a self-signed cert using the CA name" do
|
200
|
+
request = mock 'request'
|
201
|
+
Puppet::SSL::CertificateRequest.expects(:new).with(@ca.host.name).returns request
|
202
|
+
request.expects(:generate).with(@ca.host.key)
|
203
|
+
|
204
|
+
@ca.expects(:sign).with(@host.name, :ca, request)
|
205
|
+
|
206
|
+
@ca.stubs :generate_password
|
207
|
+
|
208
|
+
@ca.generate_ca_certificate
|
209
|
+
end
|
210
|
+
|
211
|
+
it "should generate its CRL" do
|
212
|
+
@ca.stubs :generate_password
|
213
|
+
@ca.stubs :sign
|
214
|
+
|
215
|
+
@ca.host.expects(:key).returns nil
|
216
|
+
@ca.host.expects(:generate_key)
|
217
|
+
|
218
|
+
@ca.expects(:crl)
|
219
|
+
|
220
|
+
@ca.generate_ca_certificate
|
221
|
+
end
|
222
|
+
end
|
223
|
+
|
224
|
+
describe "when signing" do
|
225
|
+
before do
|
226
|
+
Puppet.settings.stubs(:use)
|
227
|
+
|
228
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:password?).returns true
|
229
|
+
|
230
|
+
stub_ca_host
|
231
|
+
|
232
|
+
Puppet::SSL::Host.expects(:new).with(Puppet::SSL::Host.ca_name).returns @host
|
233
|
+
|
234
|
+
@ca = Puppet::SSL::CertificateAuthority.new
|
235
|
+
|
236
|
+
@name = "myhost"
|
237
|
+
@real_cert = stub 'realcert', :sign => nil
|
238
|
+
@cert = stub 'certificate', :content => @real_cert
|
239
|
+
|
240
|
+
Puppet::SSL::Certificate.stubs(:new).returns @cert
|
241
|
+
|
242
|
+
@cert.stubs(:content=)
|
243
|
+
@cert.stubs(:save)
|
244
|
+
|
245
|
+
# Stub out the factory
|
246
|
+
@factory = stub 'factory', :result => "my real cert"
|
247
|
+
Puppet::SSL::CertificateFactory.stubs(:new).returns @factory
|
248
|
+
|
249
|
+
@request = stub 'request', :content => "myrequest", :name => @name
|
250
|
+
|
251
|
+
# And the inventory
|
252
|
+
@inventory = stub 'inventory', :add => nil
|
253
|
+
@ca.stubs(:inventory).returns @inventory
|
254
|
+
|
255
|
+
Puppet::SSL::CertificateRequest.stubs(:destroy)
|
256
|
+
end
|
257
|
+
|
258
|
+
describe "and calculating the next certificate serial number" do
|
259
|
+
before do
|
260
|
+
@path = "/path/to/serial"
|
261
|
+
Puppet.settings.stubs(:value).with(:serial).returns @path
|
262
|
+
|
263
|
+
@filehandle = stub 'filehandle', :<< => @filehandle
|
264
|
+
Puppet.settings.stubs(:readwritelock).with(:serial).yields @filehandle
|
265
|
+
end
|
266
|
+
|
267
|
+
it "should default to 0x1 for the first serial number" do
|
268
|
+
@ca.next_serial.should == 0x1
|
269
|
+
end
|
270
|
+
|
271
|
+
it "should return the current content of the serial file" do
|
272
|
+
FileTest.stubs(:exist?).with(@path).returns true
|
273
|
+
File.expects(:read).with(@path).returns "0002"
|
274
|
+
|
275
|
+
@ca.next_serial.should == 2
|
276
|
+
end
|
277
|
+
|
278
|
+
it "should write the next serial number to the serial file as hex" do
|
279
|
+
@filehandle.expects(:<<).with("0002")
|
280
|
+
|
281
|
+
@ca.next_serial
|
282
|
+
end
|
283
|
+
|
284
|
+
it "should lock the serial file while writing" do
|
285
|
+
Puppet.settings.expects(:readwritelock).with(:serial)
|
286
|
+
|
287
|
+
@ca.next_serial
|
288
|
+
end
|
289
|
+
end
|
290
|
+
|
291
|
+
describe "its own certificate" do
|
292
|
+
before do
|
293
|
+
@serial = 10
|
294
|
+
@ca.stubs(:next_serial).returns @serial
|
295
|
+
end
|
296
|
+
|
297
|
+
it "should not look up a certificate request for the host" do
|
298
|
+
Puppet::SSL::CertificateRequest.expects(:find).never
|
299
|
+
|
300
|
+
@ca.sign(@name, :ca, @request)
|
301
|
+
end
|
302
|
+
|
303
|
+
it "should use a certificate type of :ca" do
|
304
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
305
|
+
args[0] == :ca
|
306
|
+
end.returns @factory
|
307
|
+
@ca.sign(@name, :ca, @request)
|
308
|
+
end
|
309
|
+
|
310
|
+
it "should pass the provided CSR as the CSR" do
|
311
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
312
|
+
args[1] == "myrequest"
|
313
|
+
end.returns @factory
|
314
|
+
@ca.sign(@name, :ca, @request)
|
315
|
+
end
|
316
|
+
|
317
|
+
it "should use the provided CSR's content as the issuer" do
|
318
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
319
|
+
args[2] == "myrequest"
|
320
|
+
end.returns @factory
|
321
|
+
@ca.sign(@name, :ca, @request)
|
322
|
+
end
|
323
|
+
|
324
|
+
it "should pass the next serial as the serial number" do
|
325
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
326
|
+
args[3] == @serial
|
327
|
+
end.returns @factory
|
328
|
+
@ca.sign(@name, :ca, @request)
|
329
|
+
end
|
330
|
+
|
331
|
+
it "should save the resulting certificate" do
|
332
|
+
@cert.expects(:save)
|
333
|
+
|
334
|
+
@ca.sign(@name, :ca, @request)
|
335
|
+
end
|
336
|
+
end
|
337
|
+
|
338
|
+
describe "another host's certificate" do
|
339
|
+
before do
|
340
|
+
@serial = 10
|
341
|
+
@ca.stubs(:next_serial).returns @serial
|
342
|
+
|
343
|
+
Puppet::SSL::CertificateRequest.stubs(:find).with(@name).returns @request
|
344
|
+
@cert.stubs :save
|
345
|
+
end
|
346
|
+
|
347
|
+
it "should use a certificate type of :server" do
|
348
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
349
|
+
args[0] == :server
|
350
|
+
end.returns @factory
|
351
|
+
|
352
|
+
@ca.sign(@name)
|
353
|
+
end
|
354
|
+
|
355
|
+
it "should use look up a CSR for the host in the :ca_file terminus" do
|
356
|
+
Puppet::SSL::CertificateRequest.expects(:find).with(@name).returns @request
|
357
|
+
|
358
|
+
@ca.sign(@name)
|
359
|
+
end
|
360
|
+
|
361
|
+
it "should fail if no CSR can be found for the host" do
|
362
|
+
Puppet::SSL::CertificateRequest.expects(:find).with(@name).returns nil
|
363
|
+
|
364
|
+
lambda { @ca.sign(@name) }.should raise_error(ArgumentError)
|
365
|
+
end
|
366
|
+
|
367
|
+
it "should use the CA certificate as the issuer" do
|
368
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
369
|
+
args[2] == @cacert.content
|
370
|
+
end.returns @factory
|
371
|
+
@ca.sign(@name)
|
372
|
+
end
|
373
|
+
|
374
|
+
it "should pass the next serial as the serial number" do
|
375
|
+
Puppet::SSL::CertificateFactory.expects(:new).with do |*args|
|
376
|
+
args[3] == @serial
|
377
|
+
end.returns @factory
|
378
|
+
@ca.sign(@name)
|
379
|
+
end
|
380
|
+
|
381
|
+
it "should sign the resulting certificate using its real key and a digest" do
|
382
|
+
digest = mock 'digest'
|
383
|
+
OpenSSL::Digest::SHA1.expects(:new).returns digest
|
384
|
+
|
385
|
+
key = stub 'key', :content => "real_key"
|
386
|
+
@ca.host.stubs(:key).returns key
|
387
|
+
|
388
|
+
@cert.content.expects(:sign).with("real_key", digest)
|
389
|
+
@ca.sign(@name)
|
390
|
+
end
|
391
|
+
|
392
|
+
it "should save the resulting certificate" do
|
393
|
+
@cert.expects(:save)
|
394
|
+
@ca.sign(@name)
|
395
|
+
end
|
396
|
+
|
397
|
+
it "should remove the host's certificate request" do
|
398
|
+
Puppet::SSL::CertificateRequest.expects(:destroy).with(@name)
|
399
|
+
|
400
|
+
@ca.sign(@name)
|
401
|
+
end
|
402
|
+
end
|
403
|
+
|
404
|
+
it "should create a certificate instance with the content set to the newly signed x509 certificate" do
|
405
|
+
@serial = 10
|
406
|
+
@ca.stubs(:next_serial).returns @serial
|
407
|
+
|
408
|
+
Puppet::SSL::CertificateRequest.stubs(:find).with(@name).returns @request
|
409
|
+
@cert.stubs :save
|
410
|
+
Puppet::SSL::Certificate.expects(:new).with(@name).returns @cert
|
411
|
+
|
412
|
+
@ca.sign(@name)
|
413
|
+
end
|
414
|
+
|
415
|
+
it "should return the certificate instance" do
|
416
|
+
@ca.stubs(:next_serial).returns @serial
|
417
|
+
Puppet::SSL::CertificateRequest.stubs(:find).with(@name).returns @request
|
418
|
+
@cert.stubs :save
|
419
|
+
@ca.sign(@name).should equal(@cert)
|
420
|
+
end
|
421
|
+
|
422
|
+
it "should add the certificate to its inventory" do
|
423
|
+
@ca.stubs(:next_serial).returns @serial
|
424
|
+
@inventory.expects(:add).with(@cert)
|
425
|
+
|
426
|
+
Puppet::SSL::CertificateRequest.stubs(:find).with(@name).returns @request
|
427
|
+
@cert.stubs :save
|
428
|
+
@ca.sign(@name)
|
429
|
+
end
|
430
|
+
|
431
|
+
it "should have a method for triggering autosigning of available CSRs" do
|
432
|
+
@ca.should respond_to(:autosign)
|
433
|
+
end
|
434
|
+
|
435
|
+
describe "when autosigning certificates" do
|
436
|
+
it "should do nothing if autosign is disabled" do
|
437
|
+
Puppet.settings.expects(:value).with(:autosign).returns 'false'
|
438
|
+
|
439
|
+
Puppet::SSL::CertificateRequest.expects(:search).never
|
440
|
+
@ca.autosign
|
441
|
+
end
|
442
|
+
|
443
|
+
it "should do nothing if no autosign.conf exists" do
|
444
|
+
Puppet.settings.expects(:value).with(:autosign).returns '/auto/sign'
|
445
|
+
FileTest.expects(:exist?).with("/auto/sign").returns false
|
446
|
+
|
447
|
+
Puppet::SSL::CertificateRequest.expects(:search).never
|
448
|
+
@ca.autosign
|
449
|
+
end
|
450
|
+
|
451
|
+
describe "and autosign is enabled and the autosign.conf file exists" do
|
452
|
+
before do
|
453
|
+
Puppet.settings.stubs(:value).with(:autosign).returns '/auto/sign'
|
454
|
+
FileTest.stubs(:exist?).with("/auto/sign").returns true
|
455
|
+
File.stubs(:readlines).with("/auto/sign").returns ["one\n", "two\n"]
|
456
|
+
|
457
|
+
Puppet::SSL::CertificateRequest.stubs(:search).returns []
|
458
|
+
|
459
|
+
@store = stub 'store', :allow => nil
|
460
|
+
Puppet::Network::AuthStore.stubs(:new).returns @store
|
461
|
+
end
|
462
|
+
|
463
|
+
describe "when creating the AuthStore instance to verify autosigning" do
|
464
|
+
it "should create an AuthStore with each line in the configuration file allowed to be autosigned" do
|
465
|
+
Puppet::Network::AuthStore.expects(:new).returns @store
|
466
|
+
|
467
|
+
@store.expects(:allow).with("one")
|
468
|
+
@store.expects(:allow).with("two")
|
469
|
+
|
470
|
+
@ca.autosign
|
471
|
+
end
|
472
|
+
|
473
|
+
it "should reparse the autosign configuration on each call" do
|
474
|
+
Puppet::Network::AuthStore.expects(:new).times(2).returns @store
|
475
|
+
|
476
|
+
@ca.autosign
|
477
|
+
@ca.autosign
|
478
|
+
end
|
479
|
+
|
480
|
+
it "should ignore comments" do
|
481
|
+
File.stubs(:readlines).with("/auto/sign").returns ["one\n", "#two\n"]
|
482
|
+
|
483
|
+
@store.expects(:allow).with("one")
|
484
|
+
@ca.autosign
|
485
|
+
end
|
486
|
+
|
487
|
+
it "should ignore blank lines" do
|
488
|
+
File.stubs(:readlines).with("/auto/sign").returns ["one\n", "\n"]
|
489
|
+
|
490
|
+
@store.expects(:allow).with("one")
|
491
|
+
@ca.autosign
|
492
|
+
end
|
493
|
+
end
|
494
|
+
|
495
|
+
it "should sign all CSRs whose hostname matches the autosign configuration" do
|
496
|
+
csr1 = mock 'csr1'
|
497
|
+
csr2 = mock 'csr2'
|
498
|
+
Puppet::SSL::CertificateRequest.stubs(:search).returns [csr1, csr2]
|
499
|
+
end
|
500
|
+
|
501
|
+
it "should not sign CSRs whose hostname does not match the autosign configuration" do
|
502
|
+
csr1 = mock 'csr1'
|
503
|
+
csr2 = mock 'csr2'
|
504
|
+
Puppet::SSL::CertificateRequest.stubs(:search).returns [csr1, csr2]
|
505
|
+
end
|
506
|
+
end
|
507
|
+
end
|
508
|
+
end
|
509
|
+
|
510
|
+
describe "when managing certificate clients" do
|
511
|
+
before do
|
512
|
+
Puppet.settings.stubs(:use)
|
513
|
+
|
514
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:password?).returns true
|
515
|
+
|
516
|
+
stub_ca_host
|
517
|
+
|
518
|
+
Puppet::SSL::Host.expects(:new).returns @host
|
519
|
+
Puppet::SSL::CertificateAuthority.any_instance.stubs(:host).returns @host
|
520
|
+
|
521
|
+
@cacert = mock 'certificate'
|
522
|
+
@cacert.stubs(:content).returns "cacertificate"
|
523
|
+
@ca = Puppet::SSL::CertificateAuthority.new
|
524
|
+
end
|
525
|
+
|
526
|
+
it "should have a method for acting on the SSL files" do
|
527
|
+
@ca.should respond_to(:apply)
|
528
|
+
end
|
529
|
+
|
530
|
+
describe "when applying a method to a set of hosts" do
|
531
|
+
it "should fail if no subjects have been specified" do
|
532
|
+
lambda { @ca.apply(:generate) }.should raise_error(ArgumentError)
|
533
|
+
end
|
534
|
+
|
535
|
+
it "should create an Interface instance with the specified method and the subjects" do
|
536
|
+
Puppet::SSL::CertificateAuthority::Interface.expects(:new).with(:generate, :hosts).returns(stub('applier', :apply => nil))
|
537
|
+
@ca.apply(:generate, :to => :hosts)
|
538
|
+
end
|
539
|
+
|
540
|
+
it "should apply the Interface with itself as the argument" do
|
541
|
+
applier = stub('applier')
|
542
|
+
applier.expects(:apply).with(@ca)
|
543
|
+
Puppet::SSL::CertificateAuthority::Interface.expects(:new).returns applier
|
544
|
+
@ca.apply(:generate, :to => :ca_testing)
|
545
|
+
end
|
546
|
+
end
|
547
|
+
|
548
|
+
it "should be able to list waiting certificate requests" do
|
549
|
+
req1 = stub 'req1', :name => "one"
|
550
|
+
req2 = stub 'req2', :name => "two"
|
551
|
+
Puppet::SSL::CertificateRequest.expects(:search).with("*").returns [req1, req2]
|
552
|
+
|
553
|
+
@ca.waiting?.should == %w{one two}
|
554
|
+
end
|
555
|
+
|
556
|
+
it "should delegate removing hosts to the Host class" do
|
557
|
+
Puppet::SSL::Host.expects(:destroy).with("myhost")
|
558
|
+
|
559
|
+
@ca.destroy("myhost")
|
560
|
+
end
|
561
|
+
|
562
|
+
it "should be able to verify certificates" do
|
563
|
+
@ca.should respond_to(:verify)
|
564
|
+
end
|
565
|
+
|
566
|
+
it "should list certificates as the sorted list of all existing signed certificates" do
|
567
|
+
cert1 = stub 'cert1', :name => "cert1"
|
568
|
+
cert2 = stub 'cert2', :name => "cert2"
|
569
|
+
Puppet::SSL::Certificate.expects(:search).with("*").returns [cert1, cert2]
|
570
|
+
@ca.list.should == %w{cert1 cert2}
|
571
|
+
end
|
572
|
+
|
573
|
+
describe "and printing certificates" do
|
574
|
+
it "should return nil if the certificate cannot be found" do
|
575
|
+
Puppet::SSL::Certificate.expects(:find).with("myhost").returns nil
|
576
|
+
@ca.print("myhost").should be_nil
|
577
|
+
end
|
578
|
+
|
579
|
+
it "should print certificates by calling :to_text on the host's certificate" do
|
580
|
+
cert1 = stub 'cert1', :name => "cert1", :to_text => "mytext"
|
581
|
+
Puppet::SSL::Certificate.expects(:find).with("myhost").returns cert1
|
582
|
+
@ca.print("myhost").should == "mytext"
|
583
|
+
end
|
584
|
+
end
|
585
|
+
|
586
|
+
describe "and verifying certificates" do
|
587
|
+
before do
|
588
|
+
@store = stub 'store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true, :flags= => nil
|
589
|
+
|
590
|
+
OpenSSL::X509::Store.stubs(:new).returns @store
|
591
|
+
|
592
|
+
Puppet.settings.stubs(:value).returns "crtstuff"
|
593
|
+
|
594
|
+
@cert = stub 'cert', :content => "mycert"
|
595
|
+
Puppet::SSL::Certificate.stubs(:find).returns @cert
|
596
|
+
|
597
|
+
@crl = stub('crl', :content => "mycrl")
|
598
|
+
|
599
|
+
@ca.stubs(:crl).returns @crl
|
600
|
+
end
|
601
|
+
|
602
|
+
it "should fail if the host's certificate cannot be found" do
|
603
|
+
Puppet::SSL::Certificate.expects(:find).with("me").returns(nil)
|
604
|
+
|
605
|
+
lambda { @ca.verify("me") }.should raise_error(ArgumentError)
|
606
|
+
end
|
607
|
+
|
608
|
+
it "should create an SSL Store to verify" do
|
609
|
+
OpenSSL::X509::Store.expects(:new).returns @store
|
610
|
+
|
611
|
+
@ca.verify("me")
|
612
|
+
end
|
613
|
+
|
614
|
+
it "should add the CA Certificate to the store" do
|
615
|
+
Puppet.settings.stubs(:value).with(:cacert).returns "/ca/cert"
|
616
|
+
@store.expects(:add_file).with "/ca/cert"
|
617
|
+
|
618
|
+
@ca.verify("me")
|
619
|
+
end
|
620
|
+
|
621
|
+
it "should add the CRL to the store if the crl is enabled" do
|
622
|
+
@store.expects(:add_crl).with "mycrl"
|
623
|
+
|
624
|
+
@ca.verify("me")
|
625
|
+
end
|
626
|
+
|
627
|
+
it "should set the store purpose to OpenSSL::X509::PURPOSE_SSL_CLIENT" do
|
628
|
+
Puppet.settings.stubs(:value).with(:cacert).returns "/ca/cert"
|
629
|
+
@store.expects(:add_file).with "/ca/cert"
|
630
|
+
|
631
|
+
@ca.verify("me")
|
632
|
+
end
|
633
|
+
|
634
|
+
it "should set the store flags to check the crl" do
|
635
|
+
@store.expects(:flags=).with OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
|
636
|
+
|
637
|
+
@ca.verify("me")
|
638
|
+
end
|
639
|
+
|
640
|
+
it "should use the store to verify the certificate" do
|
641
|
+
@cert.expects(:content).returns "mycert"
|
642
|
+
|
643
|
+
@store.expects(:verify).with("mycert").returns true
|
644
|
+
|
645
|
+
@ca.verify("me")
|
646
|
+
end
|
647
|
+
|
648
|
+
it "should fail if the verification returns false" do
|
649
|
+
@cert.expects(:content).returns "mycert"
|
650
|
+
|
651
|
+
@store.expects(:verify).with("mycert").returns false
|
652
|
+
|
653
|
+
lambda { @ca.verify("me") }.should raise_error
|
654
|
+
end
|
655
|
+
end
|
656
|
+
|
657
|
+
describe "and revoking certificates" do
|
658
|
+
before do
|
659
|
+
@crl = mock 'crl'
|
660
|
+
@ca.stubs(:crl).returns @crl
|
661
|
+
|
662
|
+
@ca.stubs(:next_serial).returns 10
|
663
|
+
|
664
|
+
@real_cert = stub 'real_cert', :serial => 15
|
665
|
+
@cert = stub 'cert', :content => @real_cert
|
666
|
+
Puppet::SSL::Certificate.stubs(:find).returns @cert
|
667
|
+
|
668
|
+
end
|
669
|
+
|
670
|
+
it "should fail if the certificate revocation list is disabled" do
|
671
|
+
@ca.stubs(:crl).returns false
|
672
|
+
|
673
|
+
lambda { @ca.revoke('ca_testing') }.should raise_error(ArgumentError)
|
674
|
+
|
675
|
+
end
|
676
|
+
|
677
|
+
it "should delegate the revocation to its CRL" do
|
678
|
+
@ca.crl.expects(:revoke)
|
679
|
+
|
680
|
+
@ca.revoke('host')
|
681
|
+
end
|
682
|
+
|
683
|
+
it "should get the serial number from the local certificate if it exists" do
|
684
|
+
@ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
|
685
|
+
|
686
|
+
Puppet::SSL::Certificate.expects(:find).with("host").returns @cert
|
687
|
+
|
688
|
+
@ca.revoke('host')
|
689
|
+
end
|
690
|
+
|
691
|
+
it "should get the serial number from inventory if no local certificate exists" do
|
692
|
+
real_cert = stub 'real_cert', :serial => 15
|
693
|
+
cert = stub 'cert', :content => real_cert
|
694
|
+
Puppet::SSL::Certificate.expects(:find).with("host").returns nil
|
695
|
+
|
696
|
+
@ca.inventory.expects(:serial).with("host").returns 16
|
697
|
+
|
698
|
+
@ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
|
699
|
+
@ca.revoke('host')
|
700
|
+
end
|
701
|
+
end
|
702
|
+
|
703
|
+
it "should be able to generate a complete new SSL host" do
|
704
|
+
@ca.should respond_to(:generate)
|
705
|
+
end
|
706
|
+
|
707
|
+
describe "and generating certificates" do
|
708
|
+
before do
|
709
|
+
@host = stub 'host', :generate_certificate_request => nil
|
710
|
+
Puppet::SSL::Host.stubs(:new).returns @host
|
711
|
+
Puppet::SSL::Certificate.stubs(:find).returns nil
|
712
|
+
|
713
|
+
@ca.stubs(:sign)
|
714
|
+
end
|
715
|
+
|
716
|
+
it "should fail if a certificate already exists for the host" do
|
717
|
+
Puppet::SSL::Certificate.expects(:find).with("him").returns "something"
|
718
|
+
|
719
|
+
lambda { @ca.generate("him") }.should raise_error(ArgumentError)
|
720
|
+
end
|
721
|
+
|
722
|
+
it "should create a new Host instance with the correct name" do
|
723
|
+
Puppet::SSL::Host.expects(:new).with("him").returns @host
|
724
|
+
|
725
|
+
@ca.generate("him")
|
726
|
+
end
|
727
|
+
|
728
|
+
it "should use the Host to generate the certificate request" do
|
729
|
+
@host.expects :generate_certificate_request
|
730
|
+
|
731
|
+
@ca.generate("him")
|
732
|
+
end
|
733
|
+
|
734
|
+
it "should sign the generated request" do
|
735
|
+
@ca.expects(:sign).with("him")
|
736
|
+
|
737
|
+
@ca.generate("him")
|
738
|
+
end
|
739
|
+
end
|
740
|
+
end
|
741
|
+
end
|