RubyGems - puppet - Versions diffs - 2.6.18 → 2.7.1 - Mend

puppet 2.6.18 → 2.7.1

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (1050) hide show

data/CHANGELOG +733 -187
data/LICENSE +13 -13
data/README.md +5 -9
data/Rakefile +1 -1
data/conf/auth.conf +8 -3
data/conf/redhat/puppet.spec +21 -110
data/conf/solaris/pkginfo +3 -4
data/conf/suse/puppet.spec +1 -1
data/ext/cert_inspector +140 -0
data/ext/nagios/naggen +12 -5
data/ext/puppet-test +11 -5
data/ext/vim/README +1 -2
data/ext/yaml_nodes.rb +11 -5
data/install.rb +1 -54
data/lib/puppet.rb +6 -10
data/lib/puppet/application.rb +23 -32
data/lib/puppet/application/agent.rb +228 -7
data/lib/puppet/application/apply.rb +108 -36
data/lib/puppet/application/catalog.rb +4 -0
data/lib/puppet/application/cert.rb +128 -17
data/lib/puppet/application/certificate.rb +18 -0
data/lib/puppet/application/certificate_request.rb +4 -0
data/lib/puppet/application/certificate_revocation_list.rb +4 -0
data/lib/puppet/application/config.rb +4 -0
data/lib/puppet/application/describe.rb +53 -0
data/lib/puppet/application/device.rb +255 -0
data/lib/puppet/application/doc.rb +92 -6
data/lib/puppet/application/face_base.rb +246 -0
data/lib/puppet/application/facts.rb +4 -0
data/lib/puppet/application/file.rb +4 -0
data/lib/puppet/application/filebucket.rb +102 -0
data/lib/puppet/application/help.rb +4 -0
data/lib/puppet/application/indirection_base.rb +4 -0
data/lib/puppet/application/inspect.rb +21 -23
data/lib/puppet/application/key.rb +4 -0
data/lib/puppet/application/kick.rb +131 -4
data/lib/puppet/application/man.rb +4 -0
data/lib/puppet/application/master.rb +108 -40
data/lib/puppet/application/node.rb +4 -0
data/lib/puppet/application/parser.rb +5 -0
data/lib/puppet/application/plugin.rb +3 -0
data/lib/puppet/application/queue.rb +75 -13
data/lib/puppet/application/report.rb +4 -0
data/lib/puppet/application/resource.rb +115 -23
data/lib/puppet/application/resource_type.rb +4 -0
data/lib/puppet/application/secret_agent.rb +6 -0
data/lib/puppet/application/status.rb +4 -0
data/lib/puppet/configurer.rb +57 -61
data/lib/puppet/configurer/fact_handler.rb +1 -6
data/lib/puppet/daemon.rb +2 -2
data/lib/puppet/defaults.rb +30 -88
data/lib/puppet/dsl/resource_type_api.rb +19 -31
data/lib/puppet/external/nagios/parser.rb +1 -1
data/lib/puppet/face.rb +12 -0
data/lib/puppet/face/catalog.rb +130 -0
data/lib/puppet/face/catalog/select.rb +49 -0
data/lib/puppet/face/certificate.rb +115 -0
data/lib/puppet/face/certificate_request.rb +55 -0
data/lib/puppet/face/certificate_revocation_list.rb +60 -0
data/lib/puppet/face/config.rb +45 -0
data/lib/puppet/face/facts.rb +81 -0
data/lib/puppet/face/file.rb +47 -0
data/lib/puppet/face/file/download.rb +54 -0
data/lib/puppet/face/file/store.rb +21 -0
data/lib/puppet/face/help.rb +131 -0
data/lib/puppet/face/help/action.erb +53 -0
data/lib/puppet/face/help/face.erb +79 -0
data/lib/puppet/face/help/global.erb +19 -0
data/lib/puppet/face/help/man.erb +136 -0
data/lib/puppet/face/key.rb +15 -0
data/lib/puppet/face/man.rb +93 -0
data/lib/puppet/face/node.rb +43 -0
data/lib/puppet/face/parser.rb +42 -0
data/lib/puppet/face/plugin.rb +55 -0
data/lib/puppet/face/report.rb +56 -0
data/lib/puppet/face/resource.rb +53 -0
data/lib/puppet/face/resource_type.rb +81 -0
data/lib/puppet/face/secret_agent.rb +54 -0
data/lib/puppet/face/status.rb +52 -0
data/lib/puppet/feature/ssh.rb +4 -0
data/lib/puppet/file_bucket/dipper.rb +3 -3
data/lib/puppet/file_bucket/file.rb +6 -5
data/lib/puppet/file_bucket/file/indirection_hooks.rb +9 -0
data/lib/puppet/file_serving/configuration.rb +1 -2
data/lib/puppet/file_serving/content.rb +2 -1
data/lib/puppet/file_serving/{terminus_selector.rb → indirection_hooks.rb} +3 -2
data/lib/puppet/file_serving/metadata.rb +2 -1
data/lib/puppet/file_serving/mount/modules.rb +5 -4
data/lib/puppet/indirector.rb +16 -43
data/lib/puppet/indirector/catalog/active_record.rb +1 -1
data/lib/puppet/indirector/catalog/compiler.rb +5 -15
data/lib/puppet/indirector/catalog/static_compiler.rb +137 -0
data/lib/puppet/indirector/certificate_request/ca.rb +8 -0
data/lib/puppet/indirector/certificate_status.rb +4 -0
data/lib/puppet/indirector/certificate_status/file.rb +82 -0
data/lib/puppet/indirector/certificate_status/rest.rb +10 -0
data/lib/puppet/indirector/couch.rb +5 -3
data/lib/puppet/indirector/exec.rb +3 -3
data/lib/puppet/indirector/face.rb +127 -0
data/lib/puppet/indirector/facts/network_device.rb +25 -0
data/lib/puppet/indirector/file.rb +79 -0
data/lib/puppet/indirector/file_bucket_file/file.rb +0 -4
data/lib/puppet/indirector/indirection.rb +1 -2
data/lib/puppet/indirector/inventory/yaml.rb +81 -0
data/lib/puppet/indirector/report/processor.rb +0 -2
data/lib/puppet/indirector/request.rb +0 -4
data/lib/puppet/indirector/resource/ral.rb +0 -4
data/lib/puppet/indirector/resource_type/parser.rb +19 -3
data/lib/puppet/indirector/rest.rb +11 -5
data/lib/puppet/indirector/run/local.rb +0 -4
data/lib/puppet/indirector/ssl_file.rb +1 -5
data/lib/puppet/indirector/terminus.rb +3 -26
data/lib/puppet/indirector/yaml.rb +0 -5
data/lib/puppet/interface.rb +156 -0
data/lib/puppet/interface/action.rb +284 -0
data/lib/puppet/interface/action_builder.rb +74 -0
data/lib/puppet/interface/action_manager.rb +70 -0
data/lib/puppet/interface/documentation.rb +230 -0
data/lib/puppet/interface/face_collection.rb +137 -0
data/lib/puppet/interface/option.rb +108 -0
data/lib/puppet/interface/option_builder.rb +54 -0
data/lib/puppet/interface/option_manager.rb +67 -0
data/lib/puppet/metatype/manager.rb +20 -7
data/lib/puppet/module.rb +1 -1
data/lib/puppet/network/client.rb +179 -0
data/lib/puppet/network/client/ca.rb +56 -0
data/lib/puppet/network/client/file.rb +6 -0
data/lib/puppet/network/client/proxy.rb +27 -0
data/lib/puppet/network/client/report.rb +26 -0
data/lib/puppet/network/client/runner.rb +10 -0
data/lib/puppet/network/client/status.rb +4 -0
data/lib/puppet/network/format.rb +1 -1
data/lib/puppet/network/formats.rb +63 -0
data/lib/puppet/network/handler/ca.rb +106 -16
data/lib/puppet/network/handler/filebucket.rb +2 -4
data/lib/puppet/network/handler/fileserver.rb +3 -2
data/lib/puppet/network/handler/master.rb +5 -3
data/lib/puppet/network/handler/report.rb +0 -2
data/lib/puppet/network/handler/runner.rb +0 -2
data/lib/puppet/network/handler/status.rb +0 -2
data/lib/puppet/network/http/api/v1.rb +11 -3
data/lib/puppet/network/http/handler.rb +26 -35
data/lib/puppet/network/http/rack/rest.rb +2 -7
data/lib/puppet/network/http/webrick.rb +1 -2
data/lib/puppet/network/http_pool.rb +8 -17
data/lib/puppet/network/http_server/mongrel.rb +1 -0
data/lib/puppet/network/http_server/webrick.rb +155 -0
data/lib/puppet/network/rest_authconfig.rb +4 -3
data/lib/puppet/network/rest_authorization.rb +2 -2
data/lib/puppet/network/rights.rb +4 -9
data/lib/puppet/network/server.rb +1 -1
data/lib/puppet/network/xmlrpc/client.rb +211 -0
data/lib/puppet/node.rb +2 -1
data/lib/puppet/node/environment.rb +30 -3
data/lib/puppet/node/facts.rb +15 -15
data/lib/puppet/node/inventory.rb +7 -0
data/lib/puppet/parser/ast.rb +6 -2
data/lib/puppet/parser/ast/astarray.rb +12 -23
data/lib/puppet/parser/ast/caseopt.rb +12 -24
data/lib/puppet/parser/ast/definition.rb +17 -0
data/lib/puppet/parser/ast/hostclass.rb +29 -0
data/lib/puppet/parser/ast/leaf.rb +2 -2
data/lib/puppet/parser/ast/node.rb +20 -0
data/lib/puppet/parser/ast/resource.rb +42 -50
data/lib/puppet/parser/ast/resource_instance.rb +9 -0
data/lib/puppet/parser/ast/resource_override.rb +2 -3
data/lib/puppet/parser/ast/resource_reference.rb +1 -1
data/lib/puppet/parser/ast/top_level_construct.rb +4 -0
data/lib/puppet/parser/ast/vardef.rb +1 -1
data/lib/puppet/parser/compiler.rb +16 -17
data/lib/puppet/parser/functions/create_resources.rb +47 -0
data/lib/puppet/parser/functions/extlookup.rb +2 -7
data/lib/puppet/parser/functions/fqdn_rand.rb +2 -2
data/lib/puppet/parser/functions/sha1.rb +1 -1
data/lib/puppet/parser/grammar.ra +67 -144
data/lib/puppet/parser/lexer.rb +1 -1
data/lib/puppet/parser/parser.rb +1190 -1262
data/lib/puppet/parser/parser_support.rb +48 -73
data/lib/puppet/parser/resource.rb +2 -19
data/lib/puppet/parser/scope.rb +33 -103
data/lib/puppet/parser/templatewrapper.rb +21 -22
data/lib/puppet/parser/type_loader.rb +60 -35
data/lib/puppet/provider/aixobject.rb +393 -0
data/lib/puppet/provider/augeas/augeas.rb +37 -15
data/lib/puppet/provider/cisco.rb +9 -0
data/lib/puppet/provider/cron/crontab.rb +1 -7
data/lib/puppet/provider/exec/posix.rb +3 -6
data/lib/puppet/provider/exec/shell.rb +2 -11
data/lib/puppet/provider/file/posix.rb +1 -1
data/lib/puppet/provider/file/win32.rb +1 -1
data/lib/puppet/provider/group/aix.rb +141 -0
data/lib/puppet/provider/group/directoryservice.rb +0 -14
data/lib/puppet/provider/host/parsed.rb +23 -55
data/lib/puppet/provider/interface/base.rb +0 -0
data/lib/puppet/provider/interface/cisco.rb +27 -0
data/lib/puppet/provider/mcx/mcxcontent.rb +57 -96
data/lib/puppet/provider/mount/parsed.rb +1 -1
data/lib/puppet/provider/naginator.rb +1 -9
data/lib/puppet/provider/nameservice/directoryservice.rb +41 -26
data/lib/puppet/provider/network_device.rb +68 -0
data/lib/puppet/provider/package/appdmg.rb +13 -13
data/lib/puppet/provider/package/aptitude.rb +0 -1
data/lib/puppet/provider/package/pip.rb +109 -0
data/lib/puppet/provider/package/pkgdmg.rb +24 -32
data/lib/puppet/provider/package/pkgutil.rb +175 -0
data/lib/puppet/provider/package/yum.rb +8 -1
data/lib/puppet/provider/service/daemontools.rb +1 -1
data/lib/puppet/provider/service/launchd.rb +1 -1
data/lib/puppet/provider/service/smf.rb +3 -3
data/lib/puppet/provider/service/upstart.rb +73 -0
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +9 -10
data/lib/puppet/provider/user/aix.rb +353 -0
data/lib/puppet/provider/user/directoryservice.rb +0 -14
data/lib/puppet/provider/user/user_role_add.rb +17 -32
data/lib/puppet/provider/vlan/cisco.rb +28 -0
data/lib/puppet/provider/zfs/solaris.rb +1 -1
data/lib/puppet/provider/zone/solaris.rb +3 -0
data/lib/puppet/provider/zpool/solaris.rb +7 -5
data/lib/puppet/rails.rb +1 -1
data/lib/puppet/rails/benchmark.rb +1 -1
data/lib/puppet/rails/fact_name.rb +1 -0
data/lib/puppet/rails/host.rb +0 -7
data/lib/puppet/reference/configuration.rb +26 -101
data/lib/puppet/reports/store.rb +3 -7
data/lib/puppet/resource.rb +1 -1
data/lib/puppet/resource/catalog.rb +86 -36
data/lib/puppet/resource/type.rb +10 -15
data/lib/puppet/resource/type_collection.rb +55 -63
data/lib/puppet/simple_graph.rb +370 -269
data/lib/puppet/ssl/base.rb +0 -8
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_authority.rb +24 -109
data/lib/puppet/ssl/certificate_authority/interface.rb +19 -66
data/lib/puppet/ssl/certificate_factory.rb +91 -112
data/lib/puppet/ssl/certificate_request.rb +15 -98
data/lib/puppet/ssl/certificate_revocation_list.rb +1 -1
data/lib/puppet/ssl/host.rb +85 -51
data/lib/puppet/ssl/inventory.rb +1 -1
data/lib/puppet/sslcertificates.rb +146 -0
data/lib/puppet/sslcertificates/ca.rb +375 -0
data/lib/puppet/sslcertificates/certificate.rb +255 -0
data/lib/puppet/sslcertificates/inventory.rb +38 -0
data/lib/puppet/sslcertificates/support.rb +146 -0
data/lib/puppet/status.rb +1 -1
data/lib/puppet/transaction.rb +163 -94
data/lib/puppet/transaction/event.rb +1 -1
data/lib/puppet/transaction/event_manager.rb +19 -3
data/lib/puppet/transaction/report.rb +9 -3
data/lib/puppet/type.rb +107 -62
data/lib/puppet/type/augeas.rb +10 -14
data/lib/puppet/type/cron.rb +13 -14
data/lib/puppet/type/exec.rb +0 -9
data/lib/puppet/type/file.rb +20 -29
data/lib/puppet/type/file/ctime.rb +1 -1
data/lib/puppet/type/file/ensure.rb +1 -1
data/lib/puppet/type/file/group.rb +1 -1
data/lib/puppet/type/file/mode.rb +1 -1
data/lib/puppet/type/file/mtime.rb +1 -1
data/lib/puppet/type/file/selcontext.rb +1 -1
data/lib/puppet/type/file/source.rb +3 -3
data/lib/puppet/type/file/type.rb +1 -1
data/lib/puppet/type/group.rb +36 -0
data/lib/puppet/type/host.rb +18 -43
data/lib/puppet/type/interface.rb +109 -0
data/lib/puppet/type/k5login.rb +1 -4
data/lib/puppet/type/macauthorization.rb +3 -3
data/lib/puppet/type/mcx.rb +2 -21
data/lib/puppet/type/router.rb +14 -0
data/lib/puppet/type/schedule.rb +2 -0
data/lib/puppet/type/service.rb +2 -0
data/lib/puppet/type/sshkey.rb +6 -1
data/lib/puppet/type/tidy.rb +12 -12
data/lib/puppet/type/user.rb +36 -9
data/lib/puppet/type/vlan.rb +26 -0
data/lib/puppet/type/whit.rb +13 -1
data/lib/puppet/type/zfs.rb +100 -8
data/lib/puppet/type/zone.rb +45 -1
data/lib/puppet/type/zpool.rb +1 -0
data/lib/puppet/util.rb +63 -91
data/lib/puppet/util/autoload.rb +16 -14
data/lib/puppet/util/classgen.rb +13 -1
data/lib/puppet/util/command_line.rb +109 -22
data/lib/puppet/util/log.rb +1 -0
data/lib/puppet/util/log/destinations.rb +16 -4
data/lib/puppet/util/logging.rb +11 -0
data/lib/puppet/util/monkey_patches.rb +7 -77
data/lib/puppet/util/network_device.rb +17 -0
data/lib/puppet/util/network_device/base.rb +27 -0
data/lib/puppet/util/network_device/cisco.rb +4 -0
data/lib/puppet/util/network_device/cisco/device.rb +256 -0
data/lib/puppet/util/network_device/cisco/facts.rb +72 -0
data/lib/puppet/util/network_device/cisco/interface.rb +82 -0
data/lib/puppet/util/network_device/config.rb +93 -0
data/lib/puppet/util/network_device/ipcalc.rb +68 -0
data/lib/puppet/util/network_device/transport.rb +3 -0
data/lib/puppet/util/network_device/transport/base.rb +26 -0
data/lib/puppet/util/network_device/transport/ssh.rb +121 -0
data/lib/puppet/util/network_device/transport/telnet.rb +42 -0
data/lib/puppet/util/rdoc.rb +4 -10
data/lib/puppet/util/rdoc/parser.rb +34 -23
data/lib/puppet/util/reference.rb +7 -8
data/lib/puppet/util/selinux.rb +2 -2
data/lib/puppet/util/settings.rb +1 -6
data/lib/puppet/util/settings/file_setting.rb +0 -1
data/lib/puppet/util/suidmanager.rb +30 -79
data/lib/puppet/util/zaml.rb +41 -40
data/man/man5/puppet.conf.5 +291 -873
data/man/man8/filebucket.8 +47 -71
data/man/man8/pi.8 +44 -10
data/man/man8/puppet-agent.8 +154 -0
data/man/man8/puppet-apply.8 +75 -0
data/man/man8/puppet-catalog.8 +286 -0
data/man/man8/puppet-cert.8 +97 -0
data/man/man8/puppet-certificate.8 +229 -0
data/man/man8/puppet-certificate_request.8 +168 -0
data/man/man8/puppet-certificate_revocation_list.8 +165 -0
data/man/man8/puppet-config.8 +80 -0
data/man/man8/puppet-describe.8 +51 -0
data/man/man8/puppet-device.8 +86 -0
data/man/man8/puppet-doc.8 +101 -0
data/man/man8/puppet-facts.8 +217 -0
data/man/man8/puppet-file.8 +225 -0
data/man/man8/puppet-filebucket.8 +81 -0
data/man/man8/puppet-help.8 +71 -0
data/man/man8/puppet-inspect.8 +28 -0
data/man/man8/puppet-key.8 +126 -0
data/man/man8/puppet-kick.8 +95 -0
data/man/man8/puppet-man.8 +74 -0
data/man/man8/puppet-master.8 +74 -0
data/man/man8/puppet-node.8 +171 -0
data/man/man8/puppet-parser.8 +71 -0
data/man/man8/puppet-plugin.8 +77 -0
data/man/man8/puppet-queue.8 +55 -0
data/man/man8/puppet-report.8 +187 -0
data/man/man8/puppet-resource.8 +84 -0
data/man/man8/puppet-resource_type.8 +214 -0
data/man/man8/puppet-secret_agent.8 +74 -0
data/man/man8/puppet-status.8 +150 -0
data/man/man8/puppet.8 +2 -2
data/man/man8/puppetca.8 +64 -136
data/man/man8/puppetd.8 +99 -228
data/man/man8/puppetdoc.8 +41 -48
data/man/man8/puppetmasterd.8 +54 -32
data/man/man8/puppetqd.8 +45 -10
data/man/man8/puppetrun.8 +56 -134
data/man/man8/ralsh.8 +48 -49
data/spec/fixtures/faulty_face/puppet/face/syntax.rb +8 -0
data/spec/fixtures/integration/provider/mailalias/aliases/test1 +28 -0
data/spec/fixtures/unit/parser/lexer/aliastest.pp +16 -0
data/spec/fixtures/unit/parser/lexer/append.pp +11 -0
data/spec/fixtures/unit/parser/lexer/argumentdefaults.pp +14 -0
data/spec/fixtures/unit/parser/lexer/arithmetic_expression.pp +8 -0
data/spec/fixtures/unit/parser/lexer/arraytrailingcomma.pp +3 -0
data/spec/fixtures/unit/parser/lexer/casestatement.pp +65 -0
data/spec/fixtures/unit/parser/lexer/classheirarchy.pp +15 -0
data/spec/fixtures/unit/parser/lexer/classincludes.pp +17 -0
data/spec/fixtures/unit/parser/lexer/classpathtest.pp +11 -0
data/spec/fixtures/unit/parser/lexer/collection.pp +10 -0
data/spec/fixtures/unit/parser/lexer/collection_override.pp +8 -0
data/spec/fixtures/unit/parser/lexer/collection_within_virtual_definitions.pp +20 -0
data/spec/fixtures/unit/parser/lexer/componentmetaparams.pp +11 -0
data/spec/fixtures/unit/parser/lexer/componentrequire.pp +8 -0
data/spec/fixtures/unit/parser/lexer/deepclassheirarchy.pp +23 -0
data/spec/fixtures/unit/parser/lexer/defineoverrides.pp +17 -0
data/spec/fixtures/unit/parser/lexer/emptyclass.pp +9 -0
data/spec/fixtures/unit/parser/lexer/emptyexec.pp +3 -0
data/spec/fixtures/unit/parser/lexer/emptyifelse.pp +9 -0
data/spec/fixtures/unit/parser/lexer/falsevalues.pp +3 -0
data/spec/fixtures/unit/parser/lexer/filecreate.pp +11 -0
data/spec/fixtures/unit/parser/lexer/fqdefinition.pp +5 -0
data/spec/fixtures/unit/parser/lexer/fqparents.pp +11 -0
data/spec/fixtures/unit/parser/lexer/funccomma.pp +5 -0
data/spec/fixtures/unit/parser/lexer/hash.pp +33 -0
data/spec/fixtures/unit/parser/lexer/ifexpression.pp +12 -0
data/spec/fixtures/unit/parser/lexer/implicititeration.pp +15 -0
data/spec/fixtures/unit/parser/lexer/multilinecomments.pp +10 -0
data/spec/fixtures/unit/parser/lexer/multipleclass.pp +9 -0
data/spec/fixtures/unit/parser/lexer/multipleinstances.pp +7 -0
data/spec/fixtures/unit/parser/lexer/multisubs.pp +13 -0
data/spec/fixtures/unit/parser/lexer/namevartest.pp +9 -0
data/spec/fixtures/unit/parser/lexer/scopetest.pp +13 -0
data/spec/fixtures/unit/parser/lexer/selectorvalues.pp +49 -0
data/spec/fixtures/unit/parser/lexer/simpledefaults.pp +5 -0
data/spec/fixtures/unit/parser/lexer/simpleselector.pp +38 -0
data/spec/fixtures/unit/parser/lexer/singleary.pp +19 -0
data/spec/fixtures/unit/parser/lexer/singlequote.pp +11 -0
data/spec/fixtures/unit/parser/lexer/singleselector.pp +22 -0
data/spec/fixtures/unit/parser/lexer/subclass_name_duplication.pp +11 -0
data/spec/fixtures/unit/parser/lexer/tag.pp +9 -0
data/spec/fixtures/unit/parser/lexer/tagged.pp +35 -0
data/spec/fixtures/unit/parser/lexer/virtualresources.pp +14 -0
data/spec/fixtures/unit/provider/host/parsed/valid_hosts +19 -0
data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +144 -0
data/spec/fixtures/unit/provider/mount/parsed/aix.mount +7 -0
data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +6 -0
data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +8 -0
data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +3 -0
data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +17 -0
data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +11 -0
data/spec/fixtures/unit/provider/mount/parsed/linux.mount +5 -0
data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +9 -0
data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +8 -0
data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +4 -0
data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +4 -0
data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +11 -0
data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +6 -0
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +7 -0
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +3 -0
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +1 -0
data/spec/fixtures/unit/reports/tagmail/tagmail_failers.conf +3 -0
data/spec/fixtures/unit/reports/tagmail/tagmail_passers.conf +30 -0
data/spec/fixtures/unit/util/rdoc/basic.pp +16 -0
data/spec/integration/application/apply_spec.rb +2 -5
data/spec/integration/application/doc_spec.rb +5 -6
data/spec/integration/configurer_spec.rb +10 -6
data/spec/integration/defaults_spec.rb +18 -52
data/spec/integration/faces/documentation_spec.rb +55 -0
data/spec/integration/file_serving/content_spec.rb +10 -3
data/spec/integration/file_serving/fileset_spec.rb +2 -3
data/spec/integration/file_serving/metadata_spec.rb +10 -3
data/spec/integration/file_serving/terminus_helper_spec.rb +2 -3
data/spec/integration/indirector/catalog/compiler_spec.rb +7 -12
data/spec/integration/indirector/catalog/queue_spec.rb +3 -4
data/spec/integration/indirector/direct_file_server_spec.rb +2 -2
data/spec/integration/indirector/file_content/file_server_spec.rb +7 -7
data/spec/integration/indirector/file_metadata/file_server_spec.rb +2 -2
data/spec/integration/indirector/node/ldap_spec.rb +3 -4
data/spec/integration/network/client_spec.rb +18 -0
data/spec/integration/network/formats_spec.rb +3 -4
data/spec/integration/network/handler_spec.rb +3 -4
data/spec/integration/network/server/mongrel_spec.rb +3 -4
data/spec/integration/network/server/webrick_spec.rb +4 -4
data/spec/integration/node/environment_spec.rb +2 -3
data/spec/integration/node/facts_spec.rb +6 -6
data/spec/integration/node_spec.rb +16 -16
data/spec/integration/parser/collector_spec.rb +3 -4
data/spec/integration/parser/compiler_spec.rb +43 -3
data/spec/integration/parser/functions/require_spec.rb +2 -3
data/spec/integration/parser/functions_spec.rb +3 -4
data/spec/integration/parser/parser_spec.rb +7 -6
data/spec/integration/parser/ruby_manifest_spec.rb +2 -3
data/spec/integration/provider/mailalias/aliases_spec.rb +5 -19
data/spec/integration/provider/mount_spec.rb +2 -2
data/spec/integration/provider/package_spec.rb +3 -4
data/spec/integration/provider/service/init_spec.rb +4 -6
data/spec/integration/reference/providers_spec.rb +2 -3
data/spec/integration/reports_spec.rb +2 -2
data/spec/integration/resource/catalog_spec.rb +6 -7
data/spec/integration/resource/type_collection_spec.rb +2 -3
data/spec/integration/ssl/certificate_authority_spec.rb +7 -7
data/spec/integration/ssl/certificate_request_spec.rb +7 -7
data/spec/integration/ssl/certificate_revocation_list_spec.rb +2 -2
data/spec/integration/ssl/host_spec.rb +4 -4
data/spec/integration/transaction/report_spec.rb +3 -3
data/spec/integration/transaction_spec.rb +61 -6
data/spec/integration/type/file_spec.rb +10 -8
data/spec/integration/type/package_spec.rb +2 -3
data/spec/integration/type/tidy_spec.rb +2 -3
data/spec/integration/type_spec.rb +2 -14
data/spec/integration/util/autoload_spec.rb +2 -3
data/spec/integration/util/feature_spec.rb +2 -3
data/spec/integration/util/file_locking_spec.rb +3 -4
data/spec/integration/util/rdoc/parser_spec.rb +3 -4
data/spec/integration/util/settings_spec.rb +2 -3
data/spec/lib/matchers/json.rb +111 -0
data/spec/lib/puppet/face/basetest.rb +46 -0
data/spec/lib/puppet/face/huzzah.rb +7 -0
data/spec/lib/puppet/face/version_matching.rb +12 -0
data/spec/lib/puppet_spec/files.rb +38 -5
data/spec/lib/puppet_spec/fixtures.rb +28 -0
data/spec/lib/puppet_spec/matchers.rb +87 -0
data/spec/lib/puppet_spec/verbose.rb +0 -0
data/spec/monkey_patches/alias_should_to_must.rb +0 -0
data/spec/monkey_patches/publicize_methods.rb +0 -0
data/spec/shared_behaviours/all_parsedfile_providers.rb +21 -0
data/spec/shared_behaviours/an_indirector_face.rb +6 -0
data/spec/shared_behaviours/documentation_on_faces.rb +263 -0
data/spec/shared_behaviours/file_server_terminus.rb +1 -1
data/spec/shared_behaviours/file_serving.rb +61 -70
data/spec/shared_behaviours/memory_terminus.rb +0 -0
data/spec/shared_behaviours/path_parameters.rb +0 -0
data/spec/shared_behaviours/things_that_declare_options.rb +150 -0
data/spec/spec.opts +0 -2
data/spec/spec_helper.rb +33 -75
data/spec/unit/agent/locker_spec.rb +2 -3
data/spec/unit/agent_spec.rb +2 -2
data/spec/unit/application/agent_spec.rb +51 -76
data/spec/unit/application/apply_spec.rb +86 -150
data/spec/unit/application/cert_spec.rb +8 -30
data/spec/unit/application/certificate_spec.rb +20 -0
data/spec/unit/application/config_spec.rb +9 -0
data/spec/unit/application/describe_spec.rb +2 -3
data/spec/unit/application/device_spec.rb +342 -0
data/spec/unit/application/doc_spec.rb +11 -18
data/spec/unit/application/face_base_spec.rb +360 -0
data/spec/unit/application/facts_spec.rb +27 -0
data/spec/unit/application/filebucket_spec.rb +7 -18
data/spec/unit/application/indirection_base_spec.rb +42 -0
data/spec/unit/application/inspect_spec.rb +7 -13
data/spec/unit/application/kick_spec.rb +15 -38
data/spec/unit/application/master_spec.rb +25 -81
data/spec/unit/application/queue_spec.rb +12 -22
data/spec/unit/application/resource_spec.rb +19 -53
data/spec/unit/application/secret_agent_spec.rb +32 -0
data/spec/unit/application_spec.rb +65 -34
data/spec/unit/configurer/downloader_spec.rb +2 -3
data/spec/unit/configurer/fact_handler_spec.rb +39 -46
data/spec/unit/configurer/plugin_handler_spec.rb +2 -3
data/spec/unit/configurer_spec.rb +329 -411
data/spec/unit/daemon_spec.rb +7 -14
data/spec/unit/dsl/resource_api_spec.rb +2 -3
data/spec/unit/dsl/resource_type_api_spec.rb +24 -37
data/spec/unit/face/catalog_spec.rb +7 -0
data/spec/unit/face/certificate_request_spec.rb +7 -0
data/spec/unit/face/certificate_revocation_list_spec.rb +7 -0
data/spec/unit/face/certificate_spec.rb +23 -0
data/spec/unit/face/config_spec.rb +24 -0
data/spec/unit/face/facts_spec.rb +23 -0
data/spec/unit/face/file_spec.rb +12 -0
data/spec/unit/face/help_spec.rb +129 -0
data/spec/unit/face/key_spec.rb +7 -0
data/spec/unit/face/node_spec.rb +7 -0
data/spec/unit/face/plugin_spec.rb +10 -0
data/spec/unit/face/report_spec.rb +7 -0
data/spec/unit/face/resource_spec.rb +7 -0
data/spec/unit/face/resource_type_spec.rb +7 -0
data/spec/unit/face/secret_agent_spec.rb +25 -0
data/spec/unit/face_spec.rb +1 -0
data/spec/unit/file_bucket/dipper_spec.rb +7 -8
data/spec/unit/file_bucket/file_spec.rb +7 -16
data/spec/unit/file_collection/lookup_spec.rb +2 -3
data/spec/unit/file_collection_spec.rb +2 -3
data/spec/unit/file_serving/base_spec.rb +2 -3
data/spec/unit/file_serving/configuration/parser_spec.rb +2 -3
data/spec/unit/file_serving/configuration_spec.rb +31 -40
data/spec/unit/file_serving/content_spec.rb +6 -3
data/spec/unit/file_serving/fileset_spec.rb +2 -3
data/spec/unit/file_serving/{terminus_selector_spec.rb → indirection_hooks_spec.rb} +14 -13
data/spec/unit/file_serving/metadata_spec.rb +6 -3
data/spec/unit/file_serving/mount/file_spec.rb +2 -3
data/spec/unit/file_serving/mount/modules_spec.rb +2 -11
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -3
data/spec/unit/file_serving/mount_spec.rb +2 -3
data/spec/unit/file_serving/terminus_helper_spec.rb +2 -2
data/spec/unit/indirector/active_record_spec.rb +5 -7
data/spec/unit/indirector/catalog/active_record_spec.rb +2 -3
data/spec/unit/indirector/catalog/compiler_spec.rb +30 -50
data/spec/unit/indirector/catalog/queue_spec.rb +2 -3
data/spec/unit/indirector/catalog/rest_spec.rb +2 -3
data/spec/unit/indirector/catalog/yaml_spec.rb +2 -3
data/spec/unit/indirector/certificate/ca_spec.rb +2 -2
data/spec/unit/indirector/certificate/file_spec.rb +2 -2
data/spec/unit/indirector/certificate/rest_spec.rb +2 -3
data/spec/unit/indirector/certificate_request/ca_spec.rb +47 -2
data/spec/unit/indirector/certificate_request/file_spec.rb +2 -2
data/spec/unit/indirector/certificate_request/rest_spec.rb +2 -3
data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +2 -2
data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +2 -2
data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +2 -3
data/spec/unit/indirector/certificate_status/file_spec.rb +187 -0
data/spec/unit/indirector/certificate_status/rest_spec.rb +14 -0
data/spec/unit/indirector/code_spec.rb +6 -8
data/spec/unit/indirector/direct_file_server_spec.rb +6 -7
data/spec/unit/indirector/envelope_spec.rb +2 -3
data/spec/unit/indirector/exec_spec.rb +12 -13
data/spec/unit/indirector/face_spec.rb +68 -0
data/spec/unit/indirector/facts/active_record_spec.rb +2 -3
data/spec/unit/indirector/facts/couch_spec.rb +71 -66
data/spec/unit/indirector/facts/facter_spec.rb +2 -2
data/spec/unit/indirector/facts/inventory_active_record_spec.rb +20 -20
data/spec/unit/indirector/facts/network_device_spec.rb +89 -0
data/spec/unit/indirector/facts/rest_spec.rb +2 -3
data/spec/unit/indirector/facts/yaml_spec.rb +2 -3
data/spec/unit/indirector/file_bucket_file/file_spec.rb +17 -18
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +2 -3
data/spec/unit/indirector/file_content/file_server_spec.rb +2 -2
data/spec/unit/indirector/file_content/file_spec.rb +2 -2
data/spec/unit/indirector/file_content/rest_spec.rb +2 -3
data/spec/unit/indirector/file_metadata/file_server_spec.rb +2 -2
data/spec/unit/indirector/file_metadata/file_spec.rb +2 -2
data/spec/unit/indirector/file_metadata/rest_spec.rb +2 -3
data/spec/unit/indirector/file_server_spec.rb +8 -7
data/spec/unit/indirector/file_spec.rb +179 -0
data/spec/unit/indirector/indirection_spec.rb +3 -24
data/spec/unit/indirector/inventory/yaml_spec.rb +220 -0
data/spec/unit/indirector/key/ca_spec.rb +2 -2
data/spec/unit/indirector/key/file_spec.rb +2 -2
data/spec/unit/indirector/ldap_spec.rb +6 -8
data/spec/unit/indirector/memory_spec.rb +5 -7
data/spec/unit/indirector/node/active_record_spec.rb +2 -3
data/spec/unit/indirector/node/exec_spec.rb +3 -4
data/spec/unit/indirector/node/ldap_spec.rb +3 -4
data/spec/unit/indirector/node/memory_spec.rb +2 -3
data/spec/unit/indirector/node/plain_spec.rb +2 -3
data/spec/unit/indirector/node/rest_spec.rb +2 -3
data/spec/unit/indirector/node/yaml_spec.rb +2 -3
data/spec/unit/indirector/plain_spec.rb +5 -7
data/spec/unit/indirector/queue_spec.rb +11 -14
data/spec/unit/indirector/report/processor_spec.rb +7 -9
data/spec/unit/indirector/report/rest_spec.rb +2 -3
data/spec/unit/indirector/report/yaml_spec.rb +3 -4
data/spec/unit/indirector/request_spec.rb +3 -25
data/spec/unit/indirector/resource/ral_spec.rb +3 -4
data/spec/unit/indirector/resource/rest_spec.rb +2 -3
data/spec/unit/indirector/resource_type/parser_spec.rb +87 -13
data/spec/unit/indirector/resource_type/rest_spec.rb +2 -3
data/spec/unit/indirector/rest_spec.rb +45 -16
data/spec/unit/indirector/run/local_spec.rb +2 -3
data/spec/unit/indirector/run/rest_spec.rb +2 -3
data/spec/unit/indirector/ssl_file_spec.rb +9 -27
data/spec/unit/indirector/status/rest_spec.rb +2 -3
data/spec/unit/indirector/terminus_spec.rb +180 -187
data/spec/unit/indirector/yaml_spec.rb +9 -23
data/spec/unit/indirector_spec.rb +61 -79
data/spec/unit/interface/action_builder_spec.rb +214 -0
data/spec/unit/interface/action_manager_spec.rb +282 -0
data/spec/unit/interface/action_spec.rb +545 -0
data/spec/unit/interface/documentation_spec.rb +34 -0
data/spec/unit/interface/face_collection_spec.rb +180 -0
data/spec/unit/interface/option_builder_spec.rb +77 -0
data/spec/unit/interface/option_spec.rb +100 -0
data/spec/unit/interface_spec.rb +228 -0
data/spec/unit/module_spec.rb +34 -10
data/spec/unit/network/authconfig_spec.rb +3 -4
data/spec/unit/network/authstore_spec.rb +3 -4
data/spec/unit/network/client_spec.rb +45 -0
data/spec/unit/network/format_handler_spec.rb +2 -3
data/spec/unit/network/format_spec.rb +2 -3
data/spec/unit/network/formats_spec.rb +107 -3
data/spec/unit/network/handler/fileserver_spec.rb +3 -4
data/spec/unit/network/http/api/v1_spec.rb +61 -27
data/spec/unit/network/http/compression_spec.rb +2 -3
data/spec/unit/network/http/handler_spec.rb +78 -109
data/spec/unit/network/http/mongrel/rest_spec.rb +3 -4
data/spec/unit/network/http/mongrel_spec.rb +6 -6
data/spec/unit/network/http/rack/rest_spec.rb +2 -20
data/spec/unit/network/http/rack/xmlrpc_spec.rb +2 -3
data/spec/unit/network/http/rack_spec.rb +2 -3
data/spec/unit/network/http/webrick/rest_spec.rb +3 -4
data/spec/unit/network/http/webrick_spec.rb +4 -8
data/spec/unit/network/http_pool_spec.rb +82 -95
data/spec/unit/network/http_spec.rb +2 -2
data/spec/unit/network/rest_authconfig_spec.rb +9 -42
data/spec/unit/network/rights_spec.rb +6 -7
data/spec/unit/network/server_spec.rb +2 -2
data/spec/unit/network/xmlrpc/client_spec.rb +172 -0
data/spec/unit/node/environment_spec.rb +63 -7
data/spec/unit/node/facts_spec.rb +9 -13
data/spec/unit/node_spec.rb +5 -13
data/spec/unit/other/selinux_spec.rb +2 -3
data/spec/unit/other/transbucket_spec.rb +2 -3
data/spec/unit/other/transobject_spec.rb +2 -3
data/spec/unit/parameter/path_spec.rb +2 -2
data/spec/unit/parameter/value_collection_spec.rb +2 -3
data/spec/unit/parameter/value_spec.rb +2 -3
data/spec/unit/parameter_spec.rb +2 -3
data/spec/unit/parser/ast/arithmetic_operator_spec.rb +2 -13
data/spec/unit/parser/ast/astarray_spec.rb +18 -36
data/spec/unit/parser/ast/asthash_spec.rb +4 -4
data/spec/unit/parser/ast/boolean_operator_spec.rb +2 -3
data/spec/unit/parser/ast/casestatement_spec.rb +17 -14
data/spec/unit/parser/ast/collection_spec.rb +2 -3
data/spec/unit/parser/ast/collexpr_spec.rb +2 -3
data/spec/unit/parser/ast/comparison_operator_spec.rb +4 -5
data/spec/unit/parser/ast/definition_spec.rb +21 -0
data/spec/unit/parser/ast/function_spec.rb +3 -4
data/spec/unit/parser/ast/hostclass_spec.rb +72 -0
data/spec/unit/parser/ast/ifstatement_spec.rb +2 -3
data/spec/unit/parser/ast/in_operator_spec.rb +2 -3
data/spec/unit/parser/ast/leaf_spec.rb +23 -19
data/spec/unit/parser/ast/match_operator_spec.rb +2 -3
data/spec/unit/parser/ast/minus_spec.rb +2 -3
data/spec/unit/parser/ast/node_spec.rb +30 -0
data/spec/unit/parser/ast/nop_spec.rb +2 -3
data/spec/unit/parser/ast/not_spec.rb +2 -3
data/spec/unit/parser/ast/relationship_spec.rb +2 -3
data/spec/unit/parser/ast/resource_defaults_spec.rb +2 -3
data/spec/unit/parser/ast/resource_override_spec.rb +2 -3
data/spec/unit/parser/ast/resource_reference_spec.rb +21 -8
data/spec/unit/parser/ast/resource_spec.rb +24 -13
data/spec/unit/parser/ast/selector_spec.rb +3 -4
data/spec/unit/parser/ast/vardef_spec.rb +15 -9
data/spec/unit/parser/ast_spec.rb +2 -3
data/spec/unit/parser/collector_spec.rb +2 -3
data/spec/unit/parser/compiler_spec.rb +62 -35
data/spec/unit/parser/files_spec.rb +2 -3
data/spec/unit/parser/functions/create_resources_spec.rb +137 -0
data/spec/unit/parser/functions/defined_spec.rb +5 -3
data/spec/unit/parser/functions/extlookup_spec.rb +10 -10
data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -13
data/spec/unit/parser/functions/generate_spec.rb +5 -3
data/spec/unit/parser/functions/include_spec.rb +5 -3
data/spec/unit/parser/functions/inline_template_spec.rb +6 -17
data/spec/unit/parser/functions/realize_spec.rb +5 -3
data/spec/unit/parser/functions/regsubst_spec.rb +5 -3
data/spec/unit/parser/functions/require_spec.rb +5 -3
data/spec/unit/parser/functions/shellquote_spec.rb +8 -6
data/spec/unit/parser/functions/split_spec.rb +5 -3
data/spec/unit/parser/functions/sprintf_spec.rb +5 -3
data/spec/unit/parser/functions/tag_spec.rb +5 -3
data/spec/unit/parser/functions/template_spec.rb +6 -21
data/spec/unit/parser/functions/versioncmp_spec.rb +5 -3
data/spec/unit/parser/functions_spec.rb +2 -3
data/spec/unit/parser/lexer_spec.rb +3 -7
data/spec/unit/parser/parser_spec.rb +71 -90
data/spec/unit/parser/relationship_spec.rb +2 -3
data/spec/unit/parser/resource_spec.rb +6 -65
data/spec/unit/parser/scope_spec.rb +28 -179
data/spec/unit/parser/templatewrapper_spec.rb +25 -43
data/spec/unit/parser/type_loader_spec.rb +120 -78
data/spec/unit/property/ensure_spec.rb +2 -3
data/spec/unit/property/keyvalue_spec.rb +4 -8
data/spec/unit/property/list_spec.rb +2 -3
data/spec/unit/property/ordered_list_spec.rb +2 -3
data/spec/unit/property_spec.rb +2 -3
data/spec/unit/provider/augeas/augeas_spec.rb +80 -3
data/spec/unit/provider/cisco_spec.rb +16 -0
data/spec/unit/provider/confine/exists_spec.rb +2 -3
data/spec/unit/provider/confine/false_spec.rb +2 -3
data/spec/unit/provider/confine/feature_spec.rb +2 -3
data/spec/unit/provider/confine/true_spec.rb +2 -3
data/spec/unit/provider/confine/variable_spec.rb +2 -3
data/spec/unit/provider/confine_collection_spec.rb +2 -3
data/spec/unit/provider/confine_spec.rb +2 -3
data/spec/unit/provider/confiner_spec.rb +2 -3
data/spec/unit/provider/exec/posix_spec.rb +2 -2
data/spec/unit/provider/exec/shell_spec.rb +2 -2
data/spec/unit/provider/group/groupadd_spec.rb +2 -3
data/spec/unit/provider/group/ldap_spec.rb +2 -2
data/spec/unit/provider/host/parsed_spec.rb +197 -0
data/spec/unit/provider/interface/cisco_spec.rb +58 -0
data/spec/unit/provider/ldap_spec.rb +2 -2
data/spec/unit/provider/macauthorization_spec.rb +2 -2
data/spec/unit/provider/mcx/mcxcontent_spec.rb +2 -21
data/spec/unit/provider/mount/parsed_spec.rb +61 -86
data/spec/unit/provider/mount_spec.rb +2 -3
data/spec/unit/provider/naginator_spec.rb +2 -3
data/spec/unit/provider/nameservice/directoryservice_spec.rb +2 -63
data/spec/unit/provider/network_device_spec.rb +153 -0
data/spec/unit/provider/package/aix_spec.rb +2 -3
data/spec/unit/provider/package/apt_spec.rb +2 -3
data/spec/unit/provider/package/dpkg_spec.rb +2 -3
data/spec/unit/provider/package/freebsd_spec.rb +2 -3
data/spec/unit/provider/package/gem_spec.rb +2 -3
data/spec/unit/provider/package/hpux_spec.rb +2 -3
data/spec/unit/provider/package/macports_spec.rb +2 -2
data/spec/unit/provider/package/nim_spec.rb +2 -3
data/spec/unit/provider/package/pip_spec.rb +180 -0
data/spec/unit/provider/package/pkg_spec.rb +2 -3
data/spec/unit/provider/package/pkgdmg_spec.rb +49 -56
data/spec/unit/provider/package/pkgutil_spec.rb +182 -0
data/spec/unit/provider/package/yum_spec.rb +66 -0
data/spec/unit/provider/package/zypper_spec.rb +2 -3
data/spec/unit/provider/parsedfile_spec.rb +2 -3
data/spec/unit/provider/selboolean_spec.rb +2 -3
data/spec/unit/provider/selmodule_spec.rb +2 -2
data/spec/unit/provider/service/daemontools_spec.rb +2 -2
data/spec/unit/provider/service/debian_spec.rb +2 -2
data/spec/unit/provider/service/freebsd_spec.rb +2 -3
data/spec/unit/provider/service/init_spec.rb +3 -3
data/spec/unit/provider/service/launchd_spec.rb +2 -2
data/spec/unit/provider/service/redhat_spec.rb +2 -2
data/spec/unit/provider/service/runit_spec.rb +2 -2
data/spec/unit/provider/service/smf_spec.rb +137 -0
data/spec/unit/provider/service/src_spec.rb +7 -7
data/spec/unit/provider/service/upstart.rb +48 -0
data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +28 -47
data/spec/unit/provider/sshkey/parsed_spec.rb +2 -3
data/spec/unit/provider/user/hpux_spec.rb +2 -3
data/spec/unit/provider/user/ldap_spec.rb +2 -2
data/spec/unit/provider/user/user_role_add_spec.rb +15 -53
data/spec/unit/provider/user/useradd_spec.rb +2 -3
data/spec/unit/provider/vlan/cisco_spec.rb +56 -0
data/spec/unit/provider/zfs/solaris_spec.rb +4 -4
data/spec/unit/provider/zone/solaris_spec.rb +2 -3
data/spec/unit/provider/zpool/solaris_spec.rb +33 -4
data/spec/unit/provider_spec.rb +2 -3
data/spec/unit/puppet/provider/README.markdown +4 -0
data/spec/unit/puppet/type/README.markdown +4 -0
data/spec/unit/puppet_spec.rb +2 -2
data/spec/unit/rails/host_spec.rb +2 -11
data/spec/unit/rails/param_value_spec.rb +2 -3
data/spec/unit/rails/resource_spec.rb +2 -3
data/spec/unit/rails_spec.rb +2 -3
data/spec/unit/relationship_spec.rb +2 -2
data/spec/unit/reports/http_spec.rb +2 -3
data/spec/unit/reports/rrdgraph_spec.rb +2 -3
data/spec/unit/reports/store_spec.rb +2 -17
data/spec/unit/reports/tagmail_spec.rb +4 -8
data/spec/unit/reports_spec.rb +2 -3
data/spec/unit/resource/catalog_spec.rb +15 -74
data/spec/unit/resource/status_spec.rb +3 -4
data/spec/unit/resource/type_collection_helper_spec.rb +2 -3
data/spec/unit/resource/type_collection_spec.rb +69 -81
data/spec/unit/resource/type_spec.rb +26 -44
data/spec/unit/resource_spec.rb +3 -4
data/spec/unit/run_spec.rb +2 -3
data/spec/unit/simple_graph_spec.rb +434 -80
data/spec/unit/ssl/base_spec.rb +3 -4
data/spec/unit/ssl/certificate_authority/interface_spec.rb +56 -96
data/spec/unit/ssl/certificate_authority_spec.rb +71 -246
data/spec/unit/ssl/certificate_factory_spec.rb +72 -93
data/spec/unit/ssl/certificate_request_spec.rb +11 -76
data/spec/unit/ssl/certificate_revocation_list_spec.rb +4 -5
data/spec/unit/ssl/certificate_spec.rb +2 -34
data/spec/unit/ssl/host_spec.rb +202 -207
data/spec/unit/ssl/inventory_spec.rb +4 -5
data/spec/unit/ssl/key_spec.rb +2 -3
data/spec/unit/sslcertificates/ca_spec.rb +110 -0
data/spec/unit/status_spec.rb +8 -5
data/spec/unit/transaction/event_manager_spec.rb +2 -3
data/spec/unit/transaction/event_spec.rb +7 -8
data/spec/unit/transaction/report_spec.rb +25 -14
data/spec/unit/transaction/resource_harness_spec.rb +2 -4
data/spec/unit/transaction_spec.rb +31 -28
data/spec/unit/transportable_spec.rb +0 -0
data/spec/unit/type/augeas_spec.rb +3 -4
data/spec/unit/type/component_spec.rb +2 -3
data/spec/unit/type/computer_spec.rb +2 -3
data/spec/unit/type/cron_spec.rb +12 -3
data/spec/unit/type/exec_spec.rb +2 -32
data/spec/unit/type/file/checksum_spec.rb +2 -3
data/spec/unit/type/file/content_spec.rb +2 -3
data/spec/unit/type/file/ctime.rb +2 -3
data/spec/unit/type/file/ensure_spec.rb +2 -3
data/spec/unit/type/file/group_spec.rb +2 -3
data/spec/unit/type/file/mtime.rb +2 -3
data/spec/unit/type/file/owner_spec.rb +2 -3
data/spec/unit/type/file/selinux_spec.rb +2 -3
data/spec/unit/type/file/source_spec.rb +9 -10
data/spec/unit/type/file/type.rb +2 -3
data/spec/unit/type/file_spec.rb +15 -30
data/spec/unit/type/filebucket_spec.rb +2 -3
data/spec/unit/type/group_spec.rb +4 -5
data/spec/unit/type/host_spec.rb +129 -0
data/spec/unit/type/interface_spec.rb +98 -0
data/spec/unit/type/macauthorization_spec.rb +2 -3
data/spec/unit/type/maillist_spec.rb +2 -3
data/spec/unit/type/mcx_spec.rb +2 -23
data/spec/unit/type/mount_spec.rb +41 -18
data/spec/unit/type/nagios_spec.rb +2 -3
data/spec/unit/type/noop_metaparam_spec.rb +2 -3
data/spec/unit/type/package_spec.rb +2 -3
data/spec/unit/type/resources_spec.rb +3 -4
data/spec/unit/type/schedule_spec.rb +19 -12
data/spec/unit/type/selboolean_spec.rb +2 -3
data/spec/unit/type/selmodule_spec.rb +2 -3
data/spec/unit/type/service_spec.rb +6 -3
data/spec/unit/type/ssh_authorized_key_spec.rb +2 -3
data/spec/unit/type/sshkey_spec.rb +70 -0
data/spec/unit/type/stage_spec.rb +2 -3
data/spec/unit/type/tidy_spec.rb +4 -4
data/spec/unit/type/user_spec.rb +2 -11
data/spec/unit/type/vlan_spec.rb +45 -0
data/spec/unit/type/whit_spec.rb +4 -5
data/spec/unit/type/zfs_spec.rb +2 -3
data/spec/unit/type/zone_spec.rb +22 -3
data/spec/unit/type/zpool_spec.rb +2 -3
data/spec/unit/type_spec.rb +2 -69
data/spec/unit/util/autoload/file_cache_spec.rb +2 -3
data/spec/unit/util/autoload_spec.rb +6 -7
data/spec/unit/util/backups_spec.rb +2 -3
data/spec/unit/util/cache_accumulator_spec.rb +2 -3
data/spec/unit/util/cacher_spec.rb +3 -4
data/spec/unit/util/checksums_spec.rb +2 -2
data/spec/unit/util/command_line_spec.rb +11 -8
data/spec/unit/util/constant_inflector_spec.rb +2 -2
data/spec/unit/util/errors_spec.rb +2 -3
data/spec/unit/util/execution_spec.rb +2 -3
data/spec/unit/util/execution_stub_spec.rb +2 -3
data/spec/unit/util/feature_spec.rb +2 -3
data/spec/unit/util/file_locking_spec.rb +4 -5
data/spec/unit/util/filetype_spec.rb +2 -3
data/spec/unit/util/inline_docs_spec.rb +2 -3
data/spec/unit/util/ldap/connection_spec.rb +2 -2
data/spec/unit/util/ldap/generator_spec.rb +2 -2
data/spec/unit/util/ldap/manager_spec.rb +2 -2
data/spec/unit/util/loadedfile_spec.rb +2 -3
data/spec/unit/util/log/destinations_spec.rb +2 -3
data/spec/unit/util/log_spec.rb +6 -7
data/spec/unit/util/logging_spec.rb +27 -3
data/spec/unit/util/metric_spec.rb +2 -3
data/spec/unit/util/monkey_patches_spec.rb +48 -10
data/spec/unit/util/nagios_maker_spec.rb +2 -2
data/spec/unit/util/network_device/cisco/device_spec.rb +408 -0
data/spec/unit/util/network_device/cisco/facts_spec.rb +63 -0
data/spec/unit/util/network_device/cisco/interface_spec.rb +89 -0
data/spec/unit/util/network_device/config_spec.rb +102 -0
data/spec/unit/util/network_device/ipcalc_spec.rb +63 -0
data/spec/unit/util/network_device/transport/base_spec.rb +42 -0
data/spec/unit/util/network_device/transport/ssh_spec.rb +219 -0
data/spec/unit/util/network_device/transport/telnet_spec.rb +76 -0
data/spec/unit/util/network_device_spec.rb +50 -0
data/spec/unit/util/package_spec.rb +2 -3
data/spec/unit/util/posix_spec.rb +2 -3
data/spec/unit/util/pson_spec.rb +3 -4
data/spec/unit/util/queue/stomp_spec.rb +4 -5
data/spec/unit/util/queue_spec.rb +2 -3
data/spec/unit/util/rdoc/parser_spec.rb +17 -12
data/spec/unit/util/rdoc_spec.rb +19 -58
data/spec/unit/util/reference_serializer_spec.rb +2 -3
data/spec/unit/util/resource_template_spec.rb +2 -3
data/spec/unit/util/run_mode_spec.rb +2 -3
data/spec/unit/util/selinux_spec.rb +4 -5
data/spec/unit/util/settings/file_setting_spec.rb +2 -7
data/spec/unit/util/settings_spec.rb +2 -24
data/spec/unit/util/storage_spec.rb +2 -3
data/spec/unit/util/tagging_spec.rb +2 -2
data/spec/unit/util/user_attr_spec.rb +2 -3
data/spec/unit/util/warnings_spec.rb +2 -3
data/spec/unit/util/zaml_spec.rb +23 -53
data/spec/watchr.rb +146 -0
data/tasks/rake/gem.rake +5 -4
data/tasks/rake/git_workflow.rake +62 -51
data/tasks/rake/manpages.rake +69 -0
data/test/certmgr/certmgr.rb +308 -0
data/test/certmgr/inventory.rb +69 -0
data/test/certmgr/support.rb +105 -0
data/test/data/providers/host/parsed/valid_hosts +19 -0
data/test/language/ast.rb +1 -1
data/test/language/ast/variable.rb +1 -1
data/test/language/functions.rb +8 -9
data/test/language/parser.rb +44 -52
data/test/language/scope.rb +13 -24
data/test/language/snippets.rb +11 -2
data/test/language/transportable.rb +1 -1
data/test/lib/puppettest.rb +2 -2
data/test/lib/puppettest/exetest.rb +1 -1
data/test/lib/puppettest/parsertesting.rb +5 -8
data/test/lib/puppettest/servertest.rb +1 -0
data/test/lib/puppettest/support/assertions.rb +6 -1
data/test/lib/puppettest/support/utils.rb +0 -19
data/test/network/authconfig.rb +1 -1
data/test/network/authorization.rb +1 -1
data/test/network/authstore.rb +1 -1
data/test/network/client/ca.rb +69 -0
data/test/network/client/dipper.rb +34 -0
data/test/network/client_request.rb +1 -1
data/test/network/handler/ca.rb +273 -0
data/test/network/handler/fileserver.rb +1 -1
data/test/network/handler/master.rb +13 -9
data/test/network/handler/report.rb +1 -1
data/test/network/handler/runner.rb +1 -1
data/test/network/rights.rb +1 -1
data/test/network/server/mongrel_test.rb +99 -0
data/test/network/server/webrick.rb +128 -0
data/test/network/xmlrpc/client.rb +45 -0
data/test/network/xmlrpc/processor.rb +1 -1
data/test/network/xmlrpc/server.rb +1 -1
data/test/network/xmlrpc/webrick_servlet.rb +1 -1
data/test/other/provider.rb +1 -1
data/test/other/puppet.rb +1 -1
data/test/other/relationships.rb +11 -18
data/test/other/report.rb +1 -1
data/test/other/transactions.rb +2 -35
data/test/puppet/defaults.rb +1 -1
data/test/puppet/errortest.rb +1 -1
data/test/puppet/tc_suidmanager.rb +120 -0
data/test/rails/rails.rb +2 -1
data/test/rails/railsparameter.rb +2 -2
data/test/ral/manager/attributes.rb +1 -1
data/test/ral/manager/instances.rb +1 -1
data/test/ral/manager/manager.rb +1 -1
data/test/ral/manager/provider.rb +1 -1
data/test/ral/manager/type.rb +1 -1
data/test/ral/providers/cron/crontab.rb +1 -1
data/test/ral/providers/group.rb +1 -1
data/test/ral/providers/host/parsed.rb +1 -203
data/test/ral/providers/mailalias/aliases.rb +1 -1
data/test/ral/providers/nameservice.rb +1 -1
data/test/ral/providers/package.rb +1 -1
data/test/ral/providers/package/aptitude.rb +1 -1
data/test/ral/providers/package/aptrpm.rb +1 -1
data/test/ral/providers/parsedfile.rb +1 -1
data/test/ral/providers/port/parsed.rb +1 -1
data/test/ral/providers/provider.rb +1 -1
data/test/ral/providers/service/base.rb +1 -1
data/test/ral/providers/sshkey/parsed.rb +1 -1
data/test/ral/providers/user.rb +1 -1
data/test/ral/providers/user/useradd.rb +1 -1
data/test/ral/type/cron.rb +1 -1
data/test/ral/type/exec.rb +1 -42
data/test/ral/type/file.rb +1 -1
data/test/ral/type/file/target.rb +6 -19
data/test/ral/type/fileignoresource.rb +1 -1
data/test/ral/type/filesources.rb +61 -1
data/test/ral/type/host.rb +1 -1
data/test/ral/type/mailalias.rb +1 -1
data/test/ral/type/port.rb +1 -1
data/test/ral/type/resources.rb +1 -1
data/test/ral/type/service.rb +1 -1
data/test/ral/type/sshkey.rb +1 -1
data/test/ral/type/user.rb +1 -1
data/test/ral/type/yumrepo.rb +1 -1
data/test/ral/type/zone.rb +1 -1
data/test/test +2 -2
data/test/util/classgen.rb +1 -1
data/test/util/execution.rb +1 -1
data/test/util/fileparsing.rb +1 -1
data/test/util/inifile.rb +1 -1
data/test/util/instance_loader.rb +1 -1
data/test/util/log.rb +1 -1
data/test/util/metrics.rb +1 -1
data/test/util/package.rb +1 -1
data/test/util/pidlock.rb +1 -1
data/test/util/settings.rb +1 -1
data/test/util/storage.rb +1 -1
data/test/util/subclass_loader.rb +1 -1
data/test/util/utiltest.rb +1 -1
metadata +312 -48
data/CHANGELOG.old +0 -1705
data/CONTRIBUTING.md +0 -299
data/COPYING +0 -340
data/README.queueing +0 -126
data/ext/upload_facts.rb +0 -120
data/ext/vim/ftplugin/puppet.vim +0 -94
data/ext/vim/indent/puppet.vim +0 -76
data/lib/puppet/indirector/errors.rb +0 -5
data/lib/puppet/indirector/facts/inventory_service.rb +0 -20
data/lib/puppet/indirector/file_bucket_file/selector.rb +0 -53
data/lib/puppet/indirector/file_content/selector.rb +0 -30
data/lib/puppet/indirector/file_metadata/selector.rb +0 -30
data/lib/puppet/indirector/resource/validator.rb +0 -8
data/lib/puppet/util/command_line/filebucket +0 -97
data/lib/puppet/util/command_line/pi +0 -48
data/lib/puppet/util/command_line/puppet +0 -73
data/lib/puppet/util/command_line/puppetca +0 -131
data/lib/puppet/util/command_line/puppetd +0 -188
data/lib/puppet/util/command_line/puppetdoc +0 -67
data/lib/puppet/util/command_line/puppetmasterd +0 -70
data/lib/puppet/util/command_line/puppetqd +0 -53
data/lib/puppet/util/command_line/puppetrun +0 -125
data/lib/puppet/util/command_line/ralsh +0 -89
data/spec/integration/file_bucket/file_spec.rb +0 -44
data/spec/integration/indirector/bucket_file/rest_spec.rb +0 -77
data/spec/integration/indirector/certificate/rest_spec.rb +0 -69
data/spec/integration/indirector/certificate_request/rest_spec.rb +0 -89
data/spec/integration/indirector/certificate_revocation_list/rest_spec.rb +0 -85
data/spec/integration/indirector/report/rest_spec.rb +0 -93
data/spec/shared_behaviours/file_serving_model.rb +0 -73
data/spec/unit/indirector/facts/inventory_service_spec.rb +0 -22
data/spec/unit/indirector/file_bucket_file/selector_spec.rb +0 -29
data/spec/unit/indirector/file_content/selector_spec.rb +0 -10
data/spec/unit/indirector/file_metadata/selector_spec.rb +0 -11
data/spec/unit/network/handler/ca_spec.rb +0 -87
data/spec/unit/network/rest_authorization_spec.rb +0 -43
data/spec/unit/provider/package/appdmg_spec.rb +0 -42
data/spec/unit/type/k5login_spec.rb +0 -115
data/spec/unit/util/suidmanager_spec.rb +0 -220
data/spec/unit/util_spec.rb +0 -104

data/lib/puppet/ssl/certificate_request.rb CHANGED

@@ -5,7 +5,20 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
   wraps OpenSSL::X509::Request
   extend Puppet::Indirector
-  indirects :certificate_request, :terminus_class => :file
+  # If auto-signing is on, sign any certificate requests as they are saved.
+  module AutoSigner
+    def save(instance, key = nil)
+      super
+      # Try to autosign the CSR.
+      if ca = Puppet::SSL::CertificateAuthority.instance
+        ca.autosign
+      end
+    end
+  end
+  indirects :certificate_request, :terminus_class => :file, :extend => AutoSigner
   # Convert a string into an instance.
   def self.from_s(string)
@@ -22,12 +35,8 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     [:s]
   end
-  def extension_factory
-    @ef ||= OpenSSL::X509::ExtensionFactory.new
-  end
   # How to create a certificate request with our system defaults.
-  def generate(key, options = {})
+  def generate(key)
     Puppet.info "Creating a new SSL certificate request for #{name}"
     # Support either an actual SSL key, or a Puppet key.
@@ -42,19 +51,6 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     csr.version = 0
     csr.subject = OpenSSL::X509::Name.new([["CN", common_name]])
     csr.public_key = key.public_key
-    if options[:dns_alt_names] then
-      names = options[:dns_alt_names].split(/\s*,\s*/).map(&:strip) + [name]
-      names = names.sort.uniq.map {|name| "DNS:#{name}" }.join(", ")
-      names = extension_factory.create_extension("subjectAltName", names, false)
-      extReq = OpenSSL::ASN1::Set([OpenSSL::ASN1::Sequence([names])])
-      # We only support the standard request extensions.  If you really need
-      # msExtReq support, let us know and we can restore them. --daniel 2011-10-10
-      csr.add_attribute(OpenSSL::X509::Attribute.new("extReq", extReq))
-    end
     csr.sign(key, OpenSSL::Digest::MD5.new)
     raise Puppet::Error, "CSR sign verification failed; you need to clean the certificate request for #{name} on the server" unless csr.verify(key.public_key)
@@ -63,83 +59,4 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     Puppet.info "Certificate Request fingerprint (md5): #{fingerprint}"
     @content
   end
-  def save(args = {})
-    super()
-    # Try to autosign the CSR.
-    if ca = Puppet::SSL::CertificateAuthority.instance
-      ca.autosign
-    end
-  end
-  # Return the set of extensions requested on this CSR, in a form designed to
-  # be useful to Ruby: a hash.  Which, not coincidentally, you can pass
-  # successfully to the OpenSSL constructor later, if you want.
-  def request_extensions
-    raise Puppet::Error, "CSR needs content to extract fields" unless @content
-    # Prefer the standard extReq, but accept the Microsoft specific version as
-    # a fallback, if the standard version isn't found.
-    ext = @content.attributes.find {|x| x.oid == "extReq" } or
-      @content.attributes.find {|x| x.oid == "msExtReq" }
-    return [] unless ext
-    # Assert the structure and extract the names into an array of arrays.
-    unless ext.value.is_a? OpenSSL::ASN1::Set
-      raise Puppet::Error, "In #{ext.oid}, expected Set but found #{ext.value.class}"
-    end
-    unless ext.value.value.is_a? Array
-      raise Puppet::Error, "In #{ext.oid}, expected Set[Array] but found #{ext.value.value.class}"
-    end
-    unless ext.value.value.length == 1
-      raise Puppet::Error, "In #{ext.oid}, expected Set[Array[...]], but found #{ext.value.value.length} items in the array"
-    end
-    san = ext.value.value.first
-    unless san.is_a? OpenSSL::ASN1::Sequence
-      raise Puppet::Error, "In #{ext.oid}, expected Set[Array[Sequence[...]]], but found #{san.class}"
-    end
-    san = san.value
-    # OK, now san should be the array of items, validate that...
-    index = -1
-    san.map do |name|
-      index += 1
-      unless name.is_a? OpenSSL::ASN1::Sequence
-        raise Puppet::Error, "In #{ext.oid}, expected request extension record #{index} to be a Sequence, but found #{name.class}"
-      end
-      name = name.value
-      # OK, turn that into an extension, to unpack the content.  Lovely that
-      # we have to swap the order of arguments to the underlying method, or
-      # perhaps that the ASN.1 representation chose to pack them in a
-      # strange order where the optional component comes *earlier* than the
-      # fixed component in the sequence.
-      case name.length
-      when 2
-        ev = OpenSSL::X509::Extension.new(name[0].value, name[1].value)
-        { "oid" => ev.oid, "value" => ev.value }
-      when 3
-        ev = OpenSSL::X509::Extension.new(name[0].value, name[2].value, name[1].value)
-        { "oid" => ev.oid, "value" => ev.value, "critical" => ev.critical? }
-      else
-        raise Puppet::Error, "In #{ext.oid}, expected extension record #{index} to have two or three items, but found #{name.length}"
-      end
-    end.flatten
-  end
-  def subject_alt_names
-    @subject_alt_names ||= request_extensions.
-      select {|x| x["oid"] = "subjectAltName" }.
-      map {|x| x["value"].split(/\s*,\s*/) }.
-      flatten.
-      sort.
-      uniq
-  end
 end

data/lib/puppet/ssl/certificate_revocation_list.rb CHANGED

@@ -79,6 +79,6 @@ class Puppet::SSL::CertificateRevocationList < Puppet::SSL::Base
     @content.sign(cakey, OpenSSL::Digest::SHA1.new)
-    save
+    Puppet::SSL::CertificateRevocationList.indirection.save(self)
   end
 end

data/lib/puppet/ssl/host.rb CHANGED

@@ -1,3 +1,4 @@
+require 'puppet/indirector'
 require 'puppet/ssl'
 require 'puppet/ssl/key'
 require 'puppet/ssl/certificate'
@@ -15,11 +16,17 @@ class Puppet::SSL::Host
   CertificateRequest = Puppet::SSL::CertificateRequest
   CertificateRevocationList = Puppet::SSL::CertificateRevocationList
+  extend Puppet::Indirector
+  indirects :certificate_status, :terminus_class => :file
   attr_reader :name
   attr_accessor :ca
   attr_writer :key, :certificate, :certificate_request
+  # This accessor is used in instances for indirector requests to hold desired state
+  attr_accessor :desired_state
   class << self
     include Puppet::Util::Cacher
@@ -43,31 +50,38 @@ class Puppet::SSL::Host
   # Configure how our various classes interact with their various terminuses.
   def self.configure_indirection(terminus, cache = nil)
-    Certificate.terminus_class = terminus
-    CertificateRequest.terminus_class = terminus
-    CertificateRevocationList.terminus_class = terminus
+    Certificate.indirection.terminus_class = terminus
+    CertificateRequest.indirection.terminus_class = terminus
+    CertificateRevocationList.indirection.terminus_class = terminus
+    host_map = {:ca => :file, :file => nil, :rest => :rest}
+    if term = host_map[terminus]
+      self.indirection.terminus_class = term
+    else
+      self.indirection.reset_terminus_class
+    end
     if cache
       # This is weird; we don't actually cache our keys, we
       # use what would otherwise be the cache as our normal
       # terminus.
-      Key.terminus_class = cache
+      Key.indirection.terminus_class = cache
     else
-      Key.terminus_class = terminus
+      Key.indirection.terminus_class = terminus
     end
     if cache
-      Certificate.cache_class = cache
-      CertificateRequest.cache_class = cache
-      CertificateRevocationList.cache_class = cache
+      Certificate.indirection.cache_class = cache
+      CertificateRequest.indirection.cache_class = cache
+      CertificateRevocationList.indirection.cache_class = cache
     else
       # Make sure we have no cache configured.  puppet master
       # switches the configurations around a bit, so it's important
       # that we specify the configs for absolutely everything, every
       # time.
-      Certificate.cache_class = nil
-      CertificateRequest.cache_class = nil
-      CertificateRevocationList.cache_class = nil
+      Certificate.indirection.cache_class = nil
+      CertificateRequest.indirection.cache_class = nil
+      CertificateRevocationList.indirection.cache_class = nil
     end
   end
@@ -85,30 +99,34 @@ class Puppet::SSL::Host
   # Specify how we expect to interact with our certificate authority.
   def self.ca_location=(mode)
-    raise ArgumentError, "CA Mode can only be #{CA_MODES.collect { |m| m.to_s }.join(", ")}" unless CA_MODES.include?(mode)
+    modes = CA_MODES.collect { |m, vals| m.to_s }.join(", ")
+    raise ArgumentError, "CA Mode can only be one of: #{modes}" unless CA_MODES.include?(mode)
     @ca_location = mode
     configure_indirection(*CA_MODES[@ca_location])
   end
-  # Remove all traces of a given host
+  # Puppet::SSL::Host is actually indirected now so the original implementation
+  # has been moved into the certificate_status indirector.  This method is in-use
+  # in `puppet cert -c <certname>`.
   def self.destroy(name)
-    [Key, Certificate, CertificateRequest].collect { |part| part.destroy(name) }.any? { |x| x }
+    indirection.destroy(name)
   end
-  # Search for more than one host, optionally only specifying
-  # an interest in hosts with a given file type.
-  # This just allows our non-indirected class to have one of
-  # indirection methods.
-  def self.search(options = {})
-    classlist = [options[:for] || [Key, CertificateRequest, Certificate]].flatten
-    # Collect the results from each class, flatten them, collect all of the names, make the name list unique,
-    # then create a Host instance for each one.
-    classlist.collect { |klass| klass.search }.flatten.collect { |r| r.name }.uniq.collect do |name|
-      new(name)
+  def self.from_pson(pson)
+    instance = new(pson["name"])
+    if pson["desired_state"]
+      instance.desired_state = pson["desired_state"]
     end
+    instance
+  end
+  # Puppet::SSL::Host is actually indirected now so the original implementation
+  # has been moved into the certificate_status indirector.  This method does not
+  # appear to be in use in `puppet cert -l`.
+  def self.search(options = {})
+    indirection.search("*", options)
   end
   # Is this a ca host, meaning that all of its files go in the CA location?
@@ -117,7 +135,7 @@ class Puppet::SSL::Host
   end
   def key
-    @key ||= Key.find(name)
+    @key ||= Key.indirection.find(name)
   end
   # This is the private key; we can create it from scratch
@@ -126,7 +144,7 @@ class Puppet::SSL::Host
     @key = Key.new(name)
     @key.generate
     begin
-      @key.save
+      Key.indirection.save(@key)
     rescue
       @key = nil
       raise
@@ -135,31 +153,16 @@ class Puppet::SSL::Host
   end
   def certificate_request
-    @certificate_request ||= CertificateRequest.find(name)
-  end
-  def this_csr_is_for_the_current_host
-    name == Puppet[:certname].downcase
+    @certificate_request ||= CertificateRequest.indirection.find(name)
   end
   # Our certificate request requires the key but that's all.
-  def generate_certificate_request(options = {})
+  def generate_certificate_request
     generate_key unless key
-    # If this is for the current machine...
-    if this_csr_is_for_the_current_host
-      # ...add our configured dns_alt_names
-      if Puppet[:dns_alt_names] and Puppet[:dns_alt_names] != ''
-        options[:dns_alt_names] ||= Puppet[:dns_alt_names]
-      elsif Puppet::SSL::CertificateAuthority.ca? and fqdn = Facter.value(:fqdn) and domain = Facter.value(:domain)
-        options[:dns_alt_names] = "puppet, #{fqdn}, puppet.#{domain}"
-      end
-    end
     @certificate_request = CertificateRequest.new(name)
-    @certificate_request.generate(key.content, options)
+    @certificate_request.generate(key.content)
     begin
-      @certificate_request.save
+      CertificateRequest.indirection.save(@certificate_request)
     rescue
       @certificate_request = nil
       raise
@@ -174,8 +177,8 @@ class Puppet::SSL::Host
       # get the CA cert first, since it's required for the normal cert
       # to be of any use.
-      return nil unless Certificate.find("ca") unless ca?
-      return nil unless @certificate = Certificate.find(name)
+      return nil unless Certificate.indirection.find("ca") unless ca?
+      return nil unless @certificate = Certificate.indirection.find(name)
       unless certificate_matches_key?
         raise Puppet::Error, "Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key"
@@ -200,13 +203,12 @@ class Puppet::SSL::Host
     # should use it to sign our request; else, just try to read
     # the cert.
     if ! certificate and ca = Puppet::SSL::CertificateAuthority.instance
-      ca.sign(self.name, true)
+      ca.sign(self.name)
     end
   end
   def initialize(name = nil)
     @name = (name || Puppet[:certname]).downcase
-    Puppet::SSL::Base.validate_certname(@name)
     @key = @certificate = @certificate_request = nil
     @ca = (name == self.class.ca_name)
   end
@@ -228,7 +230,7 @@ class Puppet::SSL::Host
       @ssl_store.add_file(Puppet[:localcacert])
       # If there's a CRL, add it to our store.
-      if crl = Puppet::SSL::CertificateRevocationList.find(CA_NAME)
+      if crl = Puppet::SSL::CertificateRevocationList.indirection.find(CA_NAME)
         @ssl_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK if Puppet.settings[:certificate_revocation]
         @ssl_store.add_crl(crl.content)
       end
@@ -237,6 +239,24 @@ class Puppet::SSL::Host
     @ssl_store
   end
+  def to_pson(*args)
+    my_cert = Puppet::SSL::Certificate.indirection.find(name)
+    pson_hash = { :name  => name }
+    my_state = state
+    pson_hash[:state] = my_state
+    pson_hash[:desired_state] = desired_state if desired_state
+    if my_state == 'requested'
+      pson_hash[:fingerprint] = certificate_request.fingerprint
+    else
+      pson_hash[:fingerprint] = my_cert.fingerprint
+    end
+    pson_hash.to_pson(*args)
+  end
   # Attempt to retrieve a cert, if we don't already have one.
   def wait_for_cert(time)
     begin
@@ -273,6 +293,20 @@ class Puppet::SSL::Host
       end
     end
   end
+  def state
+    my_cert = Puppet::SSL::Certificate.indirection.find(name)
+    if certificate_request
+      return 'requested'
+    end
+    begin
+      Puppet::SSL::CertificateAuthority.new.verify(my_cert)
+      return 'signed'
+    rescue Puppet::SSL::CertificateAuthority::CertificateVerificationError
+      return 'revoked'
+    end
+  end
 end
 require 'puppet/ssl/certificate_authority'

data/lib/puppet/ssl/inventory.rb CHANGED

@@ -36,7 +36,7 @@ class Puppet::SSL::Inventory
       f.print "# Inventory of signed certificates\n# SERIAL NOT_BEFORE NOT_AFTER SUBJECT\n"
     end
-    Puppet::SSL::Certificate.search("*").each { |cert| add(cert) }
+    Puppet::SSL::Certificate.indirection.search("*").each { |cert| add(cert) }
   end
   # Find the serial number for a given certificate.

data/lib/puppet/sslcertificates.rb ADDED

@@ -0,0 +1,146 @@
+# The library for manipulating SSL certs.
+require 'puppet'
+raise Puppet::Error, "You must have the Ruby openssl library installed" unless Puppet.features.openssl?
+module Puppet::SSLCertificates
+  #def self.mkcert(type, name, dnsnames, ttl, issuercert, issuername, serial, publickey)
+  def self.mkcert(hash)
+    [:type, :name, :ttl, :issuer, :serial, :publickey].each { |param|
+      raise ArgumentError, "mkcert called without #{param}" unless hash.include?(param)
+    }
+    cert = OpenSSL::X509::Certificate.new
+    # Make the certificate valid as of yesterday, because
+    # so many people's clocks are out of sync.
+    from = Time.now - (60*60*24)
+    cert.subject = hash[:name]
+    if hash[:issuer]
+      cert.issuer = hash[:issuer].subject
+    else
+      # we're a self-signed cert
+      cert.issuer = hash[:name]
+    end
+    cert.not_before = from
+    cert.not_after = from + hash[:ttl]
+    cert.version = 2 # X509v3
+    cert.public_key = hash[:publickey]
+    cert.serial = hash[:serial]
+    basic_constraint = nil
+    key_usage = nil
+    ext_key_usage = nil
+    subject_alt_name = []
+    ef = OpenSSL::X509::ExtensionFactory.new
+    ef.subject_certificate = cert
+    if hash[:issuer]
+      ef.issuer_certificate = hash[:issuer]
+    else
+      ef.issuer_certificate = cert
+    end
+    ex = []
+    case hash[:type]
+    when :ca
+      basic_constraint = "CA:TRUE"
+      key_usage = %w{cRLSign keyCertSign}
+    when :terminalsubca
+      basic_constraint = "CA:TRUE,pathlen:0"
+      key_usage = %w{cRLSign keyCertSign}
+    when :server
+      basic_constraint = "CA:FALSE"
+      dnsnames = Puppet[:certdnsnames]
+      name = hash[:name].to_s.sub(%r{/CN=},'')
+      if dnsnames != ""
+        dnsnames.split(':').each { |d| subject_alt_name << 'DNS:' + d }
+        subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+      elsif name == Facter.value(:fqdn) # we're a CA server, and thus probably the server
+        subject_alt_name << 'DNS:' + "puppet" # Add 'puppet' as an alias
+        subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+        subject_alt_name << 'DNS:' + name.sub(/^[^.]+./, "puppet.") # add puppet.domain as an alias
+      end
+      key_usage = %w{digitalSignature keyEncipherment}
+      ext_key_usage = %w{serverAuth clientAuth emailProtection}
+    when :ocsp
+      basic_constraint = "CA:FALSE"
+      key_usage = %w{nonRepudiation digitalSignature}
+      ext_key_usage = %w{serverAuth OCSPSigning}
+    when :client
+      basic_constraint = "CA:FALSE"
+      key_usage = %w{nonRepudiation digitalSignature keyEncipherment}
+      ext_key_usage = %w{clientAuth emailProtection}
+      ex << ef.create_extension("nsCertType", "client,email")
+    else
+      raise Puppet::Error, "unknown cert type '#{hash[:type]}'"
+    end
+      ex << ef.create_extension(
+        "nsComment",
+          "Puppet Ruby/OpenSSL Generated Certificate")
+    ex << ef.create_extension("basicConstraints", basic_constraint, true)
+    ex << ef.create_extension("subjectKeyIdentifier", "hash")
+    ex << ef.create_extension("keyUsage", key_usage.join(",")) if key_usage
+    ex << ef.create_extension("extendedKeyUsage", ext_key_usage.join(",")) if ext_key_usage
+    ex << ef.create_extension("subjectAltName", subject_alt_name.join(",")) if ! subject_alt_name.empty?
+    #if @ca_config[:cdp_location] then
+    #  ex << ef.create_extension("crlDistributionPoints",
+    #                            @ca_config[:cdp_location])
+    #end
+    #if @ca_config[:ocsp_location] then
+    #  ex << ef.create_extension("authorityInfoAccess",
+    #                            "OCSP;" << @ca_config[:ocsp_location])
+    #end
+    cert.extensions = ex
+    # for some reason this _must_ be the last extension added
+    ex << ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") if hash[:type] == :ca
+    cert
+  end
+  def self.mkhash(dir, cert, certfile)
+    # Make sure the hash is zero-padded to 8 chars
+    hash = "%08x" % cert.issuer.hash
+    hashpath = nil
+    10.times { |i|
+      path = File.join(dir, "#{hash}.#{i}")
+      if FileTest.exists?(path)
+        if FileTest.symlink?(path)
+          dest = File.readlink(path)
+          if dest == certfile
+            # the correct link already exists
+            hashpath = path
+            break
+          else
+            next
+          end
+        else
+          next
+        end
+      end
+      File.symlink(certfile, path)
+      hashpath = path
+      break
+    }
+    hashpath
+  end
+  require 'puppet/sslcertificates/certificate'
+  require 'puppet/sslcertificates/inventory'
+  require 'puppet/sslcertificates/ca'
+end