puppet 3.0.0.rc5 → 3.0.0.rc7

data/lib/puppet/application/master.rb

@@ -29,7 +29,7 @@ class Puppet::Application::Master < Puppet::Application
   end
 
   def help
-    <<-HELP
+    <<-'HELP'
 
 puppet-master(8) -- The puppet master daemon
 ========
@@ -186,7 +186,7 @@ Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License
 
     unless options[:rack]
       require 'puppet/network/server'
-      @daemon.server = Puppet::Network::Server.new()
+      @daemon.server = Puppet::Network::Server.new(Puppet[:bindaddress], Puppet[:masterport])
       @daemon.daemonize if Puppet[:daemonize]
     else
       require 'puppet/network/http/rack'

data/lib/puppet/application/queue.rb

@@ -4,7 +4,7 @@ require 'puppet/util'
 class Puppet::Application::Queue < Puppet::Application
 
   attr_accessor :daemon
-  
+
   def app_defaults()
     super.merge( :pidfile => "$rundir/queue.pid" )
   end
@@ -140,6 +140,8 @@ Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License
   end
 
   def setup
+    Puppet.warning "Puppet queue is deprecated. See http://links.puppetlabs.com/puppet-queue-deprecation"
+
     unless Puppet.features.stomp?
       raise ArgumentError, "Could not load the 'stomp' library, which must be present for queueing to work.  You must install the required library."
     end

data/lib/puppet/application/resource.rb

@@ -33,7 +33,7 @@ class Puppet::Application::Resource < Puppet::Application
   end
 
   def help
-    <<-HELP
+    <<-'HELP'
 
 puppet-resource(8) -- The resource abstraction layer shell
 ========

data/lib/puppet/configurer.rb

@@ -3,13 +3,11 @@ require 'sync'
 require 'timeout'
 require 'puppet/network/http_pool'
 require 'puppet/util'
-require 'puppet/util/config_timeout'
 
 class Puppet::Configurer
   require 'puppet/configurer/fact_handler'
   require 'puppet/configurer/plugin_handler'
 
-  extend Puppet::Util::ConfigTimeout
   include Puppet::Configurer::FactHandler
   include Puppet::Configurer::PluginHandler
 
@@ -142,12 +140,18 @@ class Puppet::Configurer
         fact_options = get_facts(options)
       end
 
-      if node = Puppet::Node.indirection.find(Puppet[:node_name_value], :environment => @environment, :ignore_cache => true)
-        if node.environment.to_s != @environment
-          Puppet.warning "Local environment: \"#{@environment}\" doesn't match server specified node environment \"#{node.environment}\", switching agent to \"#{node.environment}\"."
-          @environment = node.environment.to_s
-          fact_options = nil
+      begin
+        if node = Puppet::Node.indirection.find(Puppet[:node_name_value],
+            :environment => @environment, :ignore_cache => true)
+          if node.environment.to_s != @environment
+            Puppet.warning "Local environment: \"#{@environment}\" doesn't match server specified node environment \"#{node.environment}\", switching agent to \"#{node.environment}\"."
+            @environment = node.environment.to_s
+            fact_options = nil
+          end
         end
+      rescue Puppet::Error, Net::HTTPError => detail
+        Puppet.warning("Unable to fetch my node definition, but the agent run will continue:")
+        Puppet.warning(detail)
       end
 
       fact_options = get_facts(options) unless fact_options

data/lib/puppet/configurer/downloader.rb

@@ -1,10 +1,7 @@
 require 'puppet/configurer'
 require 'puppet/resource/catalog'
-require 'puppet/util/config_timeout'
 
 class Puppet::Configurer::Downloader
-  extend Puppet::Util::ConfigTimeout
-  
   attr_reader :name, :path, :source, :ignore
 
   # Evaluate our download, returning the list of changed values.
@@ -13,7 +10,7 @@ class Puppet::Configurer::Downloader
 
     files = []
     begin
-      ::Timeout.timeout(self.class.timeout_interval) do
+      ::Timeout.timeout(Puppet[:configtimeout]) do
         catalog.apply do |trans|
           trans.changed?.find_all do |resource|
             yield resource if block_given?

data/lib/puppet/daemon.rb

@@ -158,11 +158,11 @@ class Puppet::Daemon
     # input is strange or badly formed by returning 0.  Integer will raise,
     # which we don't want, and we want to protect against -1 or below.
     next_agent_run = 0
-    agent_run_interval = [Puppet[:runinterval].to_i, 0].max
+    agent_run_interval = [Puppet[:runinterval], 0].max
 
     # We may not want to reparse; that can be disable.  Fun times.
     next_reparse = 0
-    reparse_interval = Puppet[:filetimeout].to_i
+    reparse_interval = Puppet[:filetimeout]
 
     loop do
       now = Time.now.to_i
@@ -182,7 +182,7 @@ class Puppet::Daemon
 
         # The time to the next reparse might have changed, so recalculate
         # now.  That way we react dynamically to reconfiguration.
-        reparse_interval = Puppet[:filetimeout].to_i
+        reparse_interval = Puppet[:filetimeout]
 
         # Set up the next reparse check based on the new reparse_interval.
         if reparse_interval > 0
@@ -193,7 +193,7 @@ class Puppet::Daemon
         # We should also recalculate the agent run interval, and adjust the
         # next time it is scheduled to run, just in case.  In the event that
         # we made no change the result will be a zero second adjustment.
-        new_run_interval    = [Puppet[:runinterval].to_i, 0].max
+        new_run_interval    = [Puppet[:runinterval], 0].max
         next_agent_run     += agent_run_interval - new_run_interval
         agent_run_interval  = new_run_interval
       end

data/lib/puppet/defaults.rb

@@ -27,20 +27,6 @@ module Puppet
         :default  => nil,
         :desc     => "The name of the application, if we are running as one.  The\n" +
             "default is essentially $0 without the path or `.rb`.",
-    },
-
-    ## This setting needs to go away.  As a first step, we could just make it a first-class property of the Settings
-    ##  class, instead of treating it as a normal setting.  There are places where the Settings class tries to use
-    ##  the value of run_mode to help in resolving other values, and that is no good for nobody.  It would cause
-    ##  infinite recursion and stack overflows without some chicanery... so, it needs to be cleaned up.
-    ##
-    ## As a longer term goal I think we should be looking into getting rid of run_mode altogether, but that is going
-    ##  to be a larger undertaking, as it is being branched on in a lot of places in the current code.
-    ##
-    ## --cprice 2012-03-16
-    :run_mode => {
-        :default  => nil,
-        :desc     => "The effective 'run mode' of the application: master, agent, or user.",
     }
   )
 
@@ -141,7 +127,7 @@ module Puppet
           ENV["PATH"] = "" if ENV["PATH"].nil?
           ENV["PATH"] = value unless value == "none"
           paths = ENV["PATH"].split(File::PATH_SEPARATOR)
-          %w{/usr/sbin /sbin}.each do |path|
+          Puppet::Util::Platform.default_paths.each do |path|
             ENV["PATH"] += File::PATH_SEPARATOR + path unless paths.include?(path)
           end
           value
@@ -225,10 +211,12 @@ module Puppet
       :desc       => "The YAML file containing indirector route configuration.",
     },
     :node_terminus => {
+      :type       => :terminus,
       :default    => "plain",
       :desc       => "Where to find information about nodes.",
     },
     :data_binding_terminus => {
+      :type    => :terminus,
       :default => "hiera",
       :desc    => "Where to retrive information about data.",
     },
@@ -238,26 +226,36 @@ module Puppet
       :type    => :file,
     },
     :catalog_terminus => {
+      :type       => :terminus,
       :default    => "compiler",
       :desc       => "Where to get node catalogs.  This is useful to change if, for instance,
       you'd like to pre-compile catalogs and store them in memcached or some other easily-accessed store.",
     },
+    :catalog_cache_terminus => {
+      :type       => :terminus,
+      :default    => nil,
+      :desc       => "How to store cached catalogs. Valid values are 'json' and 'yaml'. The agent application defaults to 'json'."
+    },
     :facts_terminus => {
       :default => 'facter',
       :desc => "The node facts terminus.",
+      :call_hook => :on_initialize_and_write,
       :hook => proc do |value|
         require 'puppet/node/facts'
         # Cache to YAML if we're uploading facts away
         if %w[rest inventory_service].include? value.to_s
+          Puppet.info "configuring the YAML fact cache because a remote terminus is active"
           Puppet::Node::Facts.indirection.cache_class = :yaml
         end
       end
     },
     :inventory_terminus => {
+      :type       => :terminus,
       :default    => "$facts_terminus",
       :desc       => "Should usually be the same as the facts terminus",
     },
     :default_file_terminus => {
+      :type       => :terminus,
       :default    => "rest",
       :desc       => "The default source for files if no server is given in a
       uri, e.g. puppet:///file. The default of `rest` causes the file to be
@@ -281,10 +279,11 @@ module Puppet
       :desc       => "The HTTP proxy port to use for outgoing connections",
     },
     :filetimeout => {
-      :default    => 15,
-      :desc       => "The minimum time to wait (in seconds) between checking for updates in
+      :default    => "15s",
+      :type       => :duration,
+      :desc       => "The minimum time to wait between checking for updates in
       configuration files.  This timeout determines how quickly Puppet checks whether
-      a file (such as manifests or templates) has changed on disk.",
+      a file (such as manifests or templates) has changed on disk. Can be specified as a duration.",
     },
     :queue_type => {
       :default    => "stomp",
@@ -303,7 +302,7 @@ module Puppet
         :default  => false,
         :type     => :boolean,
         :desc     => "Whether to use a queueing system to provide asynchronous database integration.
-      Requires that `puppet queue` be running and that 'PSON' support for ruby be installed.",
+      Requires that `puppet queue` be running.",
         :hook     => proc do |value|
           if value
             # This reconfigures the terminii for Node, Facts, and Catalog
@@ -311,6 +310,7 @@ module Puppet
 
             # But then we modify the configuration
             Puppet::Resource::Catalog.indirection.cache_class = :queue
+            Puppet.settings[:catalog_cache_terminus] = :queue
           else
             raise "Cannot disable asynchronous storeconfigs in a running process"
           end
@@ -565,6 +565,12 @@ EOT
         :type     => :boolean,
         :desc     => "Whether certificate revocation should be supported by downloading a Certificate Revocation List (CRL)
             to all clients.  If enabled, CA chaining will almost definitely not work.",
+    },
+    :certificate_expire_warning => {
+      :default  => "60d",
+      :type     => :duration,
+      :desc     => "The window of time leading up to a certificate's expiration that a notification
+        will be logged. This applies to CA, master, and agent certificates. Can be specified as a duration."
     }
   )
 
@@ -669,11 +675,8 @@ EOT
     },
     :ca_ttl => {
       :default    => "5y",
-      :desc       => "The default TTL for new certificates; valid values
-      must be an integer, optionally followed by one of the units
-      'y' (years of 365 days), 'd' (days), 'h' (hours), or
-      's' (seconds). The unit defaults to seconds.  Examples are '3600'
-      (one hour) and '1825d', which is the same as '5y' (5 years) ",
+      :type       => :duration,
+      :desc       => "The default TTL for new certificates. Can be specified as a duration."
     },
     :ca_md => {
       :default    => "md5",
@@ -713,21 +716,14 @@ EOT
       :pidfile => {
           :type => :file,
           :default  => "$rundir/${run_mode}.pid",
-          :desc     => "The pid file",
+          :desc     => "The file containing the PID of a running process.  " <<
+                       "This file is intended to be used by service management " <<
+                       "frameworks and monitoring systems to determine if a " <<
+                       "puppet process is still in the process table.",
       },
       :bindaddress => {
-        :default    => "",
-        :desc       => "The address a listening server should bind to.  Mongrel servers
-        default to 127.0.0.1 and WEBrick defaults to 0.0.0.0.",
-      },
-      :servertype => {
-        :default => "webrick", :desc => "The type of server to use.  Currently supported
-        options are webrick and mongrel.  If you use mongrel, you will need
-        a proxy in front of the process or processes, since Mongrel cannot
-        speak SSL.",
-
-        :call_hook => :on_define_and_write, # Call our hook with the default value, so we always get the correct bind address set.
-        :hook => proc { |value|  value == "webrick" ? Puppet.settings[:bindaddress] = "0.0.0.0" : Puppet.settings[:bindaddress] = "127.0.0.1" if Puppet.settings[:bindaddress] == "" }
+        :default    => "0.0.0.0",
+        :desc       => "The address a listening server should bind to.",
       }
   )
 
@@ -815,17 +811,15 @@ EOT
     },
     :ssl_client_header => {
       :default    => "HTTP_X_CLIENT_DN",
-      :desc       => "The header containing an authenticated
-      client's SSL DN.  Only used with Mongrel.  This header must be set by the proxy
-      to the authenticated client's SSL DN (e.g., `/CN=puppet.puppetlabs.com`).
-      See http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel for more information.",
+      :desc       => "The header containing an authenticated client's SSL DN.
+      This header must be set by the proxy to the authenticated client's SSL
+      DN (e.g., `/CN=puppet.puppetlabs.com`).",
     },
     :ssl_client_verify_header => {
       :default    => "HTTP_X_CLIENT_VERIFY",
-      :desc       => "The header containing the status
-      message of the client verification. Only used with Mongrel.  This header must be set by the proxy
-      to 'SUCCESS' if the client successfully authenticated, and anything else otherwise.
-      See http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel for more information.",
+      :desc       => "The header containing the status message of the client
+      verification. This header must be set by the proxy to 'SUCCESS' if the
+      client successfully authenticated, and anything else otherwise.",
     },
     # To make sure this directory is created before we try to use it on the server, we need
     # it to be in the server section (#1138).
@@ -888,8 +882,9 @@ EOT
     },
     :rrdinterval => {
       :default  => "$runinterval",
+      :type     => :duration,
       :desc     => "How often RRD should expect data.
-            This should match how often the hosts report back to the server.",
+            This should match how often the hosts report back to the server. Can be specified as a duration.",
     }
   )
 
@@ -1008,11 +1003,12 @@ EOT
       :desc       => "Whether puppet agent should be run in noop mode.",
     },
     :runinterval => {
-      :default  => 1800, # 30 minutes
+      :default  => "30m",
+      :type     => :duration,
       :desc     => "How often puppet agent applies the client configuration; in seconds.
           Note that a runinterval of 0 means \"run continuously\" rather than
           \"never run.\" If you want puppet agent to never run, you should start
-          it with the `--no-client` option.",
+          it with the `--no-client` option. Can be specified as a duration.",
     },
     :listen => {
       :default    => false,
@@ -1053,10 +1049,11 @@ EOT
       can be guaranteed to support this format, but it will be used for all
       classes that support it.",
     },
-    :agent_pidfile => {
-      :default    => "$statedir/agent.pid",
-    :type         => :file,
-      :desc       => "A lock file to indicate that a puppet agent run is currently in progress.  File contains the pid of the running process.",
+    :agent_catalog_run_lockfile => {
+      :default    => "$statedir/agent_catalog_run.lock",
+      :type       => :string, # (#2888) Ensure this file is not added to the settings catalog.
+      :desc       => "A lock file to indicate that a puppet agent catalog run is currently in progress.  " +
+                     "The file contains the pid of the process that holds the lock on the catalog run.",
     },
     :agent_disabled_lockfile => {
         :default    => "$statedir/agent_disabled.lock",
@@ -1094,8 +1091,9 @@ EOT
     },
     :splaylimit => {
       :default    => "$runinterval",
+      :type       => :duration,
       :desc       => "The maximum time to delay before runs.  Defaults to being the same as the
-      run interval.",
+      run interval. Can be specified as a duration.",
     },
     :splay => {
       :default    => false,
@@ -1110,10 +1108,11 @@ EOT
       :desc     => "Where FileBucket files are stored locally."
     },
     :configtimeout => {
-      :default  => 120,
+      :default  => "2m",
+      :type     => :duration,
       :desc     => "How long the client should wait for the configuration to be retrieved
       before considering it a failure.  This can help reduce flapping if too
-      many clients contact the server at one time.",
+      many clients contact the server at one time. Can be specified as a duration.",
     },
     :report_server => {
       :default  => "$server",
@@ -1171,10 +1170,12 @@ EOT
       compression, but if it supports it, this setting might reduce performance on high-speed LANs.",
     },
     :waitforcert => {
-        :default  => 120, # 2 minutes
-        :desc     => "The time interval, specified in seconds, 'puppet agent' should connect to the server
-            and ask it to sign a certificate request. This is useful for the initial setup of a
-            puppet client. You can turn off waiting for certificates by specifying a time of 0.",
+      :default  => "2m",
+      :type     => :duration,
+      :desc     => "The time interval 'puppet agent' should connect to the server
+      and ask it to sign a certificate request. This is useful for the initial setup of a
+      puppet client. You can turn off waiting for certificates by specifying a time of 0.
+      Can be specified as a duration.",
     }
   )
 
@@ -1465,8 +1466,10 @@ You can adjust the backend using the storeconfigs_backend setting.",
         require 'puppet/node'
         require 'puppet/node/facts'
         if value
-          Puppet.settings[:async_storeconfigs] or
+          if not Puppet.settings[:async_storeconfigs]
             Puppet::Resource::Catalog.indirection.cache_class = :store_configs
+            Puppet.settings[:catalog_cache_terminus] = :store_configs
+          end
           Puppet::Node::Facts.indirection.cache_class = :store_configs
           Puppet::Node.indirection.cache_class = :store_configs
 
@@ -1475,6 +1478,7 @@ You can adjust the backend using the storeconfigs_backend setting.",
       end
     },
     :storeconfigs_backend => {
+      :type => :terminus,
       :default => "active_record",
       :desc => "Configure the backend terminus used for StoreConfigs.
 By default, this uses the ActiveRecord store, which directly talks to the

data/lib/puppet/external/dot.rb

@@ -35,7 +35,7 @@ module DOT
     'fontcolor',   # default: black; type face color
     'fontname',    # default: Times-Roman; font family
     'fontsize',    # default: 14; point size of label
-    'group',       # name of node�s group
+    'group',       # name of node's group
     'height',      # default: .5; height in inches
     'label',       # default: node name; any string
     'layer',       # default: overlay range; all, id or id:id

data/lib/puppet/external/pson/common.rb

@@ -321,6 +321,21 @@ module PSON
   rescue PSON::NestingError
     raise ArgumentError, "exceed depth limit"
   end
+
+
+  # Provide a smarter wrapper for changing string encoding that works with
+  # both Ruby 1.8 (iconv) and 1.9 (String#encode).  Thankfully they seem to
+  # have compatible input syntax, at least for the encodings we touch.
+  if String.method_defined?("encode")
+    def encode(to, from, string)
+      string.encode(to, from)
+    end
+  else
+    require 'iconv'
+    def encode(to, from, string)
+      Iconv.conv(to, from, string)
+    end
+  end
 end
 
 module ::Kernel