puppet 2.6.7 → 2.6.8

data/spec/lib/puppet_spec/verbose.rb

@@ -0,0 +1,9 @@
+# Support code for running stuff with warnings disabled.
+module Kernel
+  def with_verbose_disabled
+    verbose, $VERBOSE = $VERBOSE, nil
+    result = yield
+    $VERBOSE = verbose
+    return result
+  end
+end

data/spec/shared_behaviours/path_parameters.rb

@@ -0,0 +1,185 @@
+# In order to use this correctly you must define a method to get an instance
+# of the type being tested, so that this code can remain generic:
+#
+#    it_should_behave_like "all path parameters", :path do
+#      def instance(path)
+#        Puppet::Type.type(:example).new(
+#          :name => 'foo', :require => 'bar', :path_param => path
+#        )
+#      end
+#
+# That method will be invoked for each test to create the instance that we
+# subsequently test through the system; you should ensure that the minimum of
+# possible attributes are set to keep the tests clean.
+#
+# You must also pass the symbolic name of the parameter being tested to the
+# block, and optionally can pass a hash of additional options to the block.
+#
+# The known options are:
+#  :array :: boolean, does this support arrays of paths, default true.
+
+shared_examples_for "all pathname parameters with arrays" do |win32|
+  path_types = {
+    "unix absolute"  => "/foo/bar",
+    "unix relative"  => "foo/bar",
+    "win32 absolute" => %q{\foo\bar},
+    "win32 relative" => %q{foo\bar},
+    "drive absolute" => %q{c:\foo\bar},
+    "drive relative" => %q{c:foo\bar}
+  }
+
+  describe "when given an array of paths" do
+    (1..path_types.length).each do |n|
+      path_types.keys.combination(n) do |set|
+        data = path_types.collect { |k, v| set.member?(k) ? v : nil } .compact
+        reject = true
+        only_absolute = set.find { |k| k =~ /relative/ } .nil?
+        only_unix     = set.reject { |k| k =~ /unix/ } .length == 0
+
+        if only_absolute and (only_unix or win32) then
+          reject = false
+        end
+
+        it "should #{reject ? 'reject' : 'accept'} #{set.join(", ")}" do
+          if reject then
+            expect { instance(data) }.
+              should raise_error Puppet::Error, /fully qualified/
+          else
+            instance = instance(data)
+            instance[@param].should == data
+          end
+        end
+
+        it "should #{reject ? 'reject' : 'accept'} #{set.join(", ")} doubled" do
+          if reject then
+            expect { instance(data + data) }.
+              should raise_error Puppet::Error, /fully qualified/
+          else
+            instance = instance(data + data)
+            instance[@param].should == (data + data)
+          end
+        end
+      end
+    end
+  end
+end
+
+
+shared_examples_for "all path parameters" do |param, options|
+  # Extract and process options to the block.
+  options ||= {}
+  array = options[:array].nil? ? true : options.delete(:array)
+  if options.keys.length > 0 then
+    fail "unknown options for 'all path parameters': " +
+      options.keys.sort.join(', ')
+  end
+
+  def instance(path)
+    fail "we didn't implement the 'instance(path)' method in the it_should_behave_like block"
+  end
+
+  ########################################################################
+  # The actual testing code...
+  before :all do
+    @param = param
+  end
+
+  before :each do
+    @file_separator = File::SEPARATOR
+  end
+  after :each do
+    with_verbose_disabled do
+      verbose, $VERBOSE = $VERBOSE, nil
+      File::SEPARATOR = @file_separator
+      $VERBOSE = verbose
+    end
+  end
+
+  describe "on a Unix-like platform it" do
+    before :each do
+      with_verbose_disabled do
+        File::SEPARATOR = '/'
+      end
+      Puppet.features.stubs(:microsoft_windows?).returns(false)
+      Puppet.features.stubs(:posix?).returns(true)
+    end
+
+    if array then
+      it_should_behave_like "all pathname parameters with arrays", false
+    end
+
+    it "should accept a fully qualified path" do
+      path = File.join('', 'foo')
+      instance = instance(path)
+      instance[@param].should == path
+    end
+
+    it "should give a useful error when the path is not absolute" do
+      path = 'foo'
+      expect { instance(path) }.
+        should raise_error Puppet::Error, /fully qualified/
+    end
+
+    { "Unix" => '/', "Win32" => '\\' }.each do |style, slash|
+      %w{q Q a A z Z c C}.sort.each do |drive|
+        it "should reject drive letter '#{drive}' with #{style} path separators" do
+          path = "#{drive}:#{slash}Program Files"
+          expect { instance(path) }.
+            should raise_error Puppet::Error, /fully qualified/
+        end
+      end
+    end
+  end
+
+  describe "on a Windows-like platform it" do
+    before :each do
+      with_verbose_disabled do
+        File::SEPARATOR = '\\'
+      end
+      Puppet.features.stubs(:microsoft_windows?).returns(true)
+      Puppet.features.stubs(:posix?).returns(false)
+    end
+
+    if array then
+      it_should_behave_like "all pathname parameters with arrays", true
+    end
+
+    it "should accept a fully qualified path" do
+      path = File.join('', 'foo')
+      instance = instance(path)
+      instance[@param].should == path
+    end
+
+    it "should give a useful error when the path is not absolute" do
+      path = 'foo'
+      expect { instance(path) }.
+        should raise_error Puppet::Error, /fully qualified/
+    end
+
+    it "also accepts Unix style path separators" do
+      path = '/Program Files'
+      instance = instance(path)
+      instance[@param].should == path
+    end
+
+    { "Unix" => '/', "Win32" => '\\' }.each do |style, slash|
+      %w{q Q a A z Z c C}.sort.each do |drive|
+        it "should accept drive letter '#{drive}' with #{style} path separators " do
+          path = "#{drive}:#{slash}Program Files"
+          instance = instance(path)
+          instance[@param].should == path
+        end
+      end
+    end
+
+    { "UNC paths"            => %q{\\foo\bar},
+      "unparsed local paths" => %q{\\?\c:\foo},
+      "unparsed UNC paths"   => %q{\\?\foo\bar}
+    }.each do |name, path|
+      it "should accept #{name} as absolute" do
+        instance = instance(path)
+        instance[@param].should == path
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -23,10 +23,16 @@ end
 module PuppetTest
 end
 
+require 'pathname'
+require 'lib/puppet_spec/verbose'
 require 'lib/puppet_spec/files'
 require 'monkey_patches/alias_should_to_must'
 require 'monkey_patches/publicize_methods'
 
+Pathname.glob("#{dir}/shared_behaviours/**/*.rb") do |behaviour|
+  require behaviour.relative_path_from(Pathname.new(dir))
+end
+
 RSpec.configure do |config|
   config.mock_with :mocha
 

data/spec/unit/application/agent_spec.rb

@@ -179,6 +179,7 @@ describe Puppet::Application::Agent do
       Puppet.settings.stubs(:print_config)
       Puppet::SSL::Host.stubs(:ca_location=)
       Puppet::Transaction::Report.stubs(:terminus_class=)
+      Puppet::Transaction::Report.stubs(:cache_class=)
       Puppet::Resource::Catalog.stubs(:terminus_class=)
       Puppet::Resource::Catalog.stubs(:cache_class=)
       Puppet::Node::Facts.stubs(:terminus_class=)
@@ -309,6 +310,12 @@ describe Puppet::Application::Agent do
       @puppetd.setup
     end
 
+    it "should tell the report handler to cache locally as yaml" do
+      Puppet::Transaction::Report.expects(:cache_class=).with(:yaml)
+
+      @puppetd.setup
+    end
+
     it "should change the catalog_terminus setting to 'rest'" do
       Puppet.expects(:[]=).with(:catalog_terminus, :rest)
       @puppetd.setup

data/spec/unit/application/apply_spec.rb

@@ -56,6 +56,7 @@ describe Puppet::Application::Apply do
       Puppet.stubs(:parse_config)
       Puppet::FileBucket::Dipper.stubs(:new)
       STDIN.stubs(:read)
+      Puppet::Transaction::Report.stubs(:cache_class=)
 
       @apply.options.stubs(:[]).with(any_parameters)
     end
@@ -113,6 +114,11 @@ describe Puppet::Application::Apply do
       lambda { @apply.setup }.should raise_error(SystemExit)
     end
 
+    it "should tell the report handler to cache locally as yaml" do
+      Puppet::Transaction::Report.expects(:cache_class=).with(:yaml)
+
+      @apply.setup
+    end
   end
 
   describe "when executing" do

data/spec/unit/application/master_spec.rb

@@ -176,8 +176,8 @@ describe Puppet::Application::Master do
       lambda { @master.setup }.should raise_error(SystemExit)
     end
 
-    it "should tell Puppet.settings to use :main,:ssl and :master category" do
-      Puppet.settings.expects(:use).with(:main,:master,:ssl)
+    it "should tell Puppet.settings to use :main,:ssl,:master and :metrics category" do
+      Puppet.settings.expects(:use).with(:main,:master,:ssl,:metrics)
 
       @master.setup
     end

data/spec/unit/configurer_spec.rb

@@ -81,6 +81,7 @@ describe Puppet::Configurer, "when executing a catalog run" do
     @catalog = Puppet::Resource::Catalog.new
     @catalog.stubs(:apply)
     @agent.stubs(:retrieve_catalog).returns @catalog
+    @agent.stubs(:save_last_run_summary)
 
     Puppet::Util::Log.stubs(:newdestination)
     Puppet::Util::Log.stubs(:close)
@@ -225,9 +226,12 @@ describe Puppet::Configurer, "when executing a catalog run" do
 end
 
 describe Puppet::Configurer, "when sending a report" do
+  include PuppetSpec::Files
+
   before do
     Puppet.settings.stubs(:use).returns(true)
     @configurer = Puppet::Configurer.new
+    Puppet[:lastrunfile] = tmpfile('last_run_file')
 
     @report = Puppet::Transaction::Report.new("apply")
     @trans = stub 'transaction'
@@ -268,6 +272,20 @@ describe Puppet::Configurer, "when sending a report" do
     @configurer.send_report(@report, nil)
   end
 
+  it "should save the last run summary if reporting is enabled" do
+    Puppet.settings[:report] = true
+
+    @configurer.expects(:save_last_run_summary).with(@report)
+    @configurer.send_report(@report, nil)
+  end
+
+  it "should save the last run summary if reporting is disabled" do
+    Puppet.settings[:report] = false
+
+    @configurer.expects(:save_last_run_summary).with(@report)
+    @configurer.send_report(@report, nil)
+  end
+
   it "should log but not fail if saving the report fails" do
     Puppet.settings[:report] = true
 
@@ -278,6 +296,36 @@ describe Puppet::Configurer, "when sending a report" do
   end
 end
 
+describe Puppet::Configurer, "when saving the summary report file" do
+  before do
+    Puppet.settings.stubs(:use).returns(true)
+    @configurer = Puppet::Configurer.new
+
+    @report = stub 'report'
+    @trans = stub 'transaction'
+    @lastrunfd = stub 'lastrunfd'
+    Puppet::Util::FileLocking.stubs(:writelock).yields(@lastrunfd)
+  end
+
+  it "should write the raw summary to the lastrunfile setting value" do
+    Puppet::Util::FileLocking.expects(:writelock).with(Puppet[:lastrunfile], 0660)
+    @configurer.save_last_run_summary(@report)
+  end
+
+  it "should write the raw summary as yaml" do
+    @report.expects(:raw_summary).returns("summary")
+    @lastrunfd.expects(:print).with(YAML.dump("summary"))
+    @configurer.save_last_run_summary(@report)
+  end
+
+  it "should log but not fail if saving the last run summary fails" do
+    Puppet::Util::FileLocking.expects(:writelock).raises "exception"
+    Puppet.expects(:err)
+    lambda { @configurer.save_last_run_summary(@report) }.should_not raise_error
+  end
+
+end
+
 describe Puppet::Configurer, "when retrieving a catalog" do
   before do
     Puppet.settings.stubs(:use).returns(true)

data/spec/unit/file_serving/fileset_spec.rb

@@ -13,6 +13,14 @@ describe Puppet::FileServing::Fileset, " when initializing" do
     proc { Puppet::FileServing::Fileset.new("some/file") }.should raise_error(ArgumentError)
   end
 
+  it "should not fail if the path is fully qualified, with a trailing separator" do
+    path = "/some/path/with/trailing/separator"
+    path_with_separator = "#{path}#{File::SEPARATOR}"
+    File.stubs(:lstat).with(path).returns stub('stat')
+    fileset = Puppet::FileServing::Fileset.new(path_with_separator)
+    fileset.path.should == path
+  end
+
   it "should fail if its path does not exist" do
     File.expects(:lstat).with("/some/file").returns nil
     proc { Puppet::FileServing::Fileset.new("/some/file") }.should raise_error(ArgumentError)

data/spec/unit/indirector/certificate_status/#file_spec.rb#

@@ -0,0 +1,188 @@
+#!/usr/bin/env ruby
+
+require File.expand_path(File.dirname(__FILE__) + '/../../../spec_helper.rb')
+require 'puppet/ssl/host'
+require 'puppet/indirector/certificate_status'
+require 'tempfile'
+
+describe "Puppet::Indirector::CertificateStatus::File" do
+  include PuppetSpec::Files
+
+  before do
+    Puppet::SSL::CertificateAuthority.stubs(:ca?).returns true
+    @terminus = Puppet::SSL::Host.indirection.terminus(:file)
+
+    @tmpdir = tmpdir("certificate_status_ca_testing")
+    Puppet[:confdir] = @tmpdir
+    Puppet[:vardir] = @tmpdir
+
+    # localcacert is where each client stores the CA certificate
+    # cacert is where the master stores the CA certificate
+    # Since we need to play the role of both for testing we need them to be the same and exist
+    Puppet[:cacert] = Puppet[:localcacert]
+  end
+
+  def generate_csr(host)
+    host.generate_key
+    csr = Puppet::SSL::CertificateRequest.new(host.name)
+    csr.generate(host.key.content)
+    Puppet::SSL::CertificateRequest.indirection.save(csr)
+  end
+
+  def sign_csr(host)
+    host.desired_state = "signed"
+    @terminus.save(Puppet::Indirector::Request.new(:certificate_status, :save, host.name, host))
+  end
+
+  def generate_signed_cert(host)
+    generate_csr(host)
+    sign_csr(host)
+
+    @terminus.find(Puppet::Indirector::Request.new(:certificate_status, :find, host.name, host))
+  end
+
+  def generate_revoked_cert(host)
+    generate_signed_cert(host)
+
+    host.desired_state = "revoked"
+
+    @terminus.save(Puppet::Indirector::Request.new(:certificate_status, :save, host.name, host))
+  end
+
+  it "should be a terminus on SSL::Host" do
+    @terminus.should be_instance_of(Puppet::Indirector::CertificateStatus::File)
+  end
+
+  it "should create a CA instance if none is present" do
+    @terminus.ca.should be_instance_of(Puppet::SSL::CertificateAuthority)
+  end
+
+  describe "when creating the CA" do
+    it "should fail if it is not a valid CA" do
+      Puppet::SSL::CertificateAuthority.expects(:ca?).returns false
+      lambda { @terminus.ca }.should raise_error(ArgumentError, "This process is not configured as a certificate authority")
+    end
+  end
+
+  it "should be indirected with the name 'certificate_status'" do
+    Puppet::SSL::Host.indirection.name.should == :certificate_status
+  end
+
+  describe "when finding" do
+    before do
+      @host = Puppet::SSL::Host.new("foo")
+      Puppet.settings.use(:main)
+    end
+
+    it "should return the Puppet::SSL::Host when a CSR exists for the host" do
+      generate_csr(@host)
+      request = Puppet::Indirector::Request.new(:certificate_status, :find, "foo", @host)
+
+      retrieved_host = @terminus.find(request)
+
+      retrieved_host.name.should == @host.name
+      retrieved_host.certificate_request.content.to_s.chomp.should == @host.certificate_request.content.to_s.chomp
+    end
+
+    it "should return the Puppet::SSL::Host when a public key exist for the host" do
+      generate_signed_cert(@host)
+      request = Puppet::Indirector::Request.new(:certificate_status, :find, "foo", @host)
+
+      retrieved_host = @terminus.find(request)
+
+      retrieved_host.name.should == @host.name
+      retrieved_host.certificate.content.to_s.chomp.should == @host.certificate.content.to_s.chomp
+    end
+
+    it "should return nil when neither a CSR nor public key exist for the host" do
+      request = Puppet::Indirector::Request.new(:certificate_status, :find, "foo", @host)
+      @terminus.find(request).should == nil
+    end
+  end
+
+  describe "when saving" do
+    before do
+      @host = Puppet::SSL::Host.new("foobar")
+      Puppet.settings.use(:main)
+    end
+
+    describe "when signing a cert" do
+      before do
+        @host.desired_state = "signed"
+        @request = Puppet::Indirector::Request.new(:certificate_status, :save, "foobar", @host)
+      end
+
+      it "should fail if no CSR is on disk" do
+        lambda { @terminus.save(@request) }.should raise_error(Puppet::Error, /certificate request/)
+      end
+
+      it "should sign the on-disk CSR when it is present" do
+        signed_host = generate_signed_cert(@host)
+
+        signed_host.state.should == "signed"
+        Puppet::SSL::Certificate.indirection.find("foobar").should be_instance_of(Puppet::SSL::Certificate)
+      end
+    end
+
+    describe "when revoking a cert" do
+      before do
+        @request = Puppet::Indirector::Request.new(:certificate_status, :save, "foobar", @host)
+      end
+
+      it "should fail if no certificate is on disk" do
+        @host.desired_state = "revoked"
+        lambda { @terminus.save(@request) }.should raise_error(Puppet::Error, /Cannot revoke/)
+      end
+
+      it "should revoke the certificate when it is present" do
+        generate_revoked_cert(@host)
+
+        @host.state.should == 'revoked'
+      end
+    end
+  end
+
+  describe "when deleting" do
+    before do
+      Puppet.settings.use(:main)
+    end
+
+    it "should not delete anything if no certificate, request, or key is on disk" do
+      host = Puppet::SSL::Host.new("clean_me")
+      request = Puppet::Indirector::Request.new(:certificate_status, :delete, "clean_me", host)
+      @terminus.destroy(request).should == "Nothing was deleted"
+    end
+
+    it "should clean certs, cert requests, keys" do
+      signed_host = Puppet::SSL::Host.new("clean_signed_cert")
+      generate_signed_cert(signed_host)
+      signed_request = Puppet::Indirector::Request.new(:certificate_status, :delete, "clean_signed_cert", signed_host)
+      @terminus.destroy(signed_request).should == "Deleted for host clean_signed_cert: Puppet::SSL::Certificate, Puppet::SSL::Key"
+
+      requested_host = Puppet::SSL::Host.new("clean_csr")
+      generate_csr(requested_host)
+      csr_request = Puppet::Indirector::Request.new(:certificate_status, :delete, "clean_csr", requested_host)
+      @terminus.destroy(csr_request).should == "Deleted for 'host clean_signed_cert': Puppet::SSL::CertificateRequest, Puppet::SSL::Key"
+    end
+  end
+
+  describe "when searching" do
+    it "should return a list of all hosts with certificate requests, signed certs, or revoked certs" do
+      Puppet.settings.use(:main)
+
+      signed_host = Puppet::SSL::Host.new("signed_host")
+      generate_signed_cert(signed_host)
+
+      requested_host = Puppet::SSL::Host.new("requested_host")
+      generate_csr(requested_host)
+
+      revoked_host = Puppet::SSL::Host.new("revoked_host")
+      generate_revoked_cert(revoked_host)
+
+      retrieved_hosts = @terminus.search(Puppet::Indirector::Request.new(:certificate_status, :search, "all", signed_host))
+
+      results = retrieved_hosts.map {|h| [h.name, h.state]}.sort{ |h,i| h[0] <=> i[0] }
+      results.should == [["ca","signed"],["requested_host","requested"],["revoked_host","revoked"],["signed_host","signed"]]
+    end
+  end
+end