puppet 3.3.2 → 3.4.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CONTRIBUTING.md +22 -0
- data/Gemfile +11 -2
- data/README.md +13 -17
- data/README_DEVELOPER.md +1 -1
- data/Rakefile +1 -1
- data/examples/hiera/README.md +4 -4
- data/ext/debian/puppetmaster.init +1 -0
- data/ext/debian/rules +2 -5
- data/ext/nagios/check_puppet.rb +7 -7
- data/ext/osx/file_mapping.yaml +1 -1
- data/ext/osx/preflight.erb +34 -19
- data/ext/rack/{files/config.ru → config.ru} +0 -0
- data/ext/rack/{files/apache2.conf → example-passenger-vhost.conf} +6 -0
- data/ext/redhat/puppet.spec.erb +20 -2
- data/ext/systemd/{puppetagent.service → puppet.service} +0 -0
- data/lib/hiera_puppet.rb +2 -2
- data/lib/puppet/agent.rb +1 -6
- data/lib/puppet/application.rb +15 -2
- data/lib/puppet/application/agent.rb +2 -7
- data/lib/puppet/application/apply.rb +8 -13
- data/lib/puppet/application/cert.rb +47 -7
- data/lib/puppet/application/device.rb +1 -6
- data/lib/puppet/application/face_base.rb +1 -1
- data/lib/puppet/application/filebucket.rb +1 -1
- data/lib/puppet/application/inspect.rb +3 -12
- data/lib/puppet/application/master.rb +1 -6
- data/lib/puppet/application/queue.rb +1 -6
- data/lib/puppet/application/resource.rb +2 -6
- data/lib/puppet/coercion.rb +11 -0
- data/lib/puppet/configurer.rb +5 -3
- data/lib/puppet/configurer/downloader.rb +3 -1
- data/lib/puppet/configurer/plugin_handler.rb +10 -0
- data/lib/puppet/confine.rb +80 -0
- data/lib/puppet/{provider/confine → confine}/exists.rb +3 -3
- data/lib/puppet/{provider/confine → confine}/false.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/feature.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/true.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/variable.rb +2 -2
- data/lib/puppet/{provider/confine_collection.rb → confine_collection.rb} +4 -4
- data/lib/puppet/{provider/confiner.rb → confiner.rb} +4 -4
- data/lib/puppet/daemon.rb +2 -6
- data/lib/puppet/data_binding.rb +2 -30
- data/lib/puppet/defaults.rb +283 -174
- data/lib/puppet/error.rb +1 -0
- data/lib/puppet/external/nagios.rb +0 -2
- data/lib/puppet/external/nagios/base.rb +4 -3
- data/lib/puppet/external/nagios/grammar.ry +173 -112
- data/lib/puppet/external/nagios/parser.rb +233 -184
- data/lib/puppet/face/file/store.rb +1 -1
- data/lib/puppet/face/module/generate.rb +5 -7
- data/lib/puppet/face/parser.rb +12 -2
- data/lib/puppet/face/plugin.rb +6 -0
- data/lib/puppet/feature/base.rb +16 -0
- data/lib/puppet/feature/external_facts.rb +5 -0
- data/lib/puppet/feature/libuser.rb +1 -1
- data/lib/puppet/feature/msgpack.rb +1 -0
- data/lib/puppet/feature/rails.rb +2 -2
- data/lib/puppet/file_bucket/dipper.rb +8 -6
- data/lib/puppet/file_bucket/file.rb +17 -1
- data/lib/puppet/file_serving/base.rb +21 -10
- data/lib/puppet/file_serving/configuration.rb +5 -7
- data/lib/puppet/file_serving/configuration/parser.rb +1 -1
- data/lib/puppet/file_serving/content.rb +1 -1
- data/lib/puppet/file_serving/fileset.rb +3 -3
- data/lib/puppet/file_serving/metadata.rb +22 -18
- data/lib/puppet/file_serving/mount/file.rb +1 -1
- data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
- data/lib/puppet/file_system.rb +3 -0
- data/lib/puppet/file_system/file.rb +261 -0
- data/lib/puppet/file_system/file18.rb +5 -0
- data/lib/puppet/file_system/file19.rb +5 -0
- data/lib/puppet/file_system/file19windows.rb +113 -0
- data/lib/puppet/file_system/memory_file.rb +31 -0
- data/lib/puppet/file_system/tempfile.rb +20 -0
- data/lib/puppet/indirector/active_record.rb +1 -0
- data/lib/puppet/indirector/catalog/compiler.rb +28 -0
- data/lib/puppet/indirector/certificate_request/memory.rb +6 -0
- data/lib/puppet/indirector/data_binding/hiera.rb +46 -2
- data/lib/puppet/indirector/direct_file_server.rb +2 -2
- data/lib/puppet/indirector/facts/facter.rb +25 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +60 -74
- data/lib/puppet/indirector/indirection.rb +5 -1
- data/lib/puppet/indirector/json.rb +1 -1
- data/lib/puppet/indirector/key/ca.rb +4 -0
- data/lib/puppet/indirector/key/file.rb +7 -3
- data/lib/puppet/indirector/key/memory.rb +6 -0
- data/lib/puppet/indirector/node/write_only_yaml.rb +2 -2
- data/lib/puppet/indirector/request.rb +17 -11
- data/lib/puppet/indirector/resource/ral.rb +5 -0
- data/lib/puppet/indirector/resource/rest.rb +1 -0
- data/lib/puppet/indirector/resource/store_configs.rb +4 -0
- data/lib/puppet/indirector/rest.rb +2 -1
- data/lib/puppet/indirector/ssl_file.rb +7 -7
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/indirector/yaml.rb +3 -3
- data/lib/puppet/interface/documentation.rb +4 -11
- data/lib/puppet/module.rb +19 -6
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/dependency.rb +7 -3
- data/lib/puppet/module_tool/metadata.rb +6 -2
- data/lib/puppet/module_tool/tar.rb +2 -1
- data/lib/puppet/module_tool/tar/gnu.rb +6 -2
- data/lib/puppet/module_tool/tar/mini.rb +2 -0
- data/lib/puppet/module_tool/tar/solaris.rb +2 -5
- data/lib/puppet/network/authconfig.rb +0 -2
- data/lib/puppet/network/authentication.rb +1 -1
- data/lib/puppet/network/authstore.rb +6 -7
- data/lib/puppet/network/format.rb +2 -3
- data/lib/puppet/network/format_handler.rb +16 -11
- data/lib/puppet/network/format_support.rb +14 -0
- data/lib/puppet/network/formats.rb +26 -0
- data/lib/puppet/network/http/connection.rb +8 -41
- data/lib/puppet/network/http/handler.rb +28 -32
- data/lib/puppet/network/http/webrick.rb +15 -22
- data/lib/puppet/network/http_pool.rb +43 -9
- data/lib/puppet/network/rights.rb +0 -0
- data/lib/puppet/node.rb +24 -8
- data/lib/puppet/node/environment.rb +18 -20
- data/lib/puppet/node/facts.rb +23 -6
- data/lib/puppet/parameter.rb +15 -2
- data/lib/puppet/parameter/boolean.rb +5 -0
- data/lib/puppet/parameter/value_collection.rb +6 -4
- data/lib/puppet/parser/ast/resourceparam.rb +2 -1
- data/lib/puppet/parser/compiler.rb +25 -9
- data/lib/puppet/parser/files.rb +1 -1
- data/lib/puppet/parser/functions.rb +12 -21
- data/lib/puppet/parser/functions/collect.rb +6 -35
- data/lib/puppet/parser/functions/contain.rb +26 -0
- data/lib/puppet/parser/functions/create_resources.rb +5 -0
- data/lib/puppet/parser/functions/extlookup.rb +2 -2
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/{reject.rb → filter.rb} +13 -12
- data/lib/puppet/parser/functions/fqdn_rand.rb +13 -5
- data/lib/puppet/parser/functions/include.rb +18 -1
- data/lib/puppet/parser/functions/map.rb +44 -0
- data/lib/puppet/parser/functions/select.rb +6 -38
- data/lib/puppet/parser/lexer.rb +1 -1
- data/lib/puppet/parser/parser_support.rb +1 -1
- data/lib/puppet/parser/resource.rb +6 -45
- data/lib/puppet/parser/scope.rb +33 -2
- data/lib/puppet/parser/type_loader.rb +4 -60
- data/lib/puppet/pops/binder/bindings_loader.rb +1 -1
- data/lib/puppet/pops/binder/config/binder_config.rb +3 -3
- data/lib/puppet/pops/binder/hiera2/bindings_provider.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/confdir_hiera_scheme.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/module_hiera_scheme.rb +2 -2
- data/lib/puppet/pops/issues.rb +4 -0
- data/lib/puppet/pops/model/ast_transformer.rb +4 -1
- data/lib/puppet/pops/model/model_label_provider.rb +1 -1
- data/lib/puppet/pops/parser/egrammar.ra +5 -24
- data/lib/puppet/pops/parser/eparser.rb +859 -902
- data/lib/puppet/pops/parser/lexer.rb +48 -30
- data/lib/puppet/pops/parser/parser_support.rb +1 -1
- data/lib/puppet/pops/patterns.rb +4 -4
- data/lib/puppet/pops/utils.rb +1 -1
- data/lib/puppet/pops/validation/checker3_1.rb +25 -20
- data/lib/puppet/provider.rb +23 -6
- data/lib/puppet/provider/aixobject.rb +0 -0
- data/lib/puppet/provider/augeas/augeas.rb +21 -5
- data/lib/puppet/provider/confine.rb +5 -79
- data/lib/puppet/provider/cron/crontab.rb +0 -0
- data/lib/puppet/provider/exec.rb +9 -7
- data/lib/puppet/provider/exec/posix.rb +10 -1
- data/lib/puppet/provider/exec/windows.rb +1 -1
- data/lib/puppet/provider/file/posix.rb +1 -0
- data/lib/puppet/provider/file/windows.rb +16 -5
- data/lib/puppet/provider/group/aix.rb +0 -0
- data/lib/puppet/provider/group/windows_adsi.rb +33 -1
- data/lib/puppet/provider/macauthorization/macauthorization.rb +1 -1
- data/lib/puppet/provider/mailalias/aliases.rb +0 -0
- data/lib/puppet/provider/maillist/mailman.rb +0 -0
- data/lib/puppet/provider/mount/parsed.rb +0 -0
- data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
- data/lib/puppet/provider/package/appdmg.rb +1 -1
- data/lib/puppet/provider/package/apple.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +1 -1
- data/lib/puppet/provider/package/aptitude.rb +0 -0
- data/lib/puppet/provider/package/blastwave.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/fink.rb +1 -1
- data/lib/puppet/provider/package/freebsd.rb +0 -0
- data/lib/puppet/provider/package/gem.rb +0 -0
- data/lib/puppet/provider/package/macports.rb +0 -0
- data/lib/puppet/provider/package/msi.rb +4 -10
- data/lib/puppet/provider/package/nim.rb +8 -8
- data/lib/puppet/provider/package/openbsd.rb +1 -1
- data/lib/puppet/provider/package/opkg.rb +0 -0
- data/lib/puppet/provider/package/pacman.rb +2 -2
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgutil.rb +1 -1
- data/lib/puppet/provider/package/ports.rb +0 -0
- data/lib/puppet/provider/package/rpm.rb +39 -3
- data/lib/puppet/provider/package/sun.rb +3 -3
- data/lib/puppet/provider/package/sunfreeware.rb +0 -0
- data/lib/puppet/provider/package/windows.rb +12 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +2 -2
- data/lib/puppet/provider/parsedfile.rb +0 -0
- data/lib/puppet/provider/port/parsed.rb +0 -0
- data/lib/puppet/provider/service/base.rb +0 -0
- data/lib/puppet/provider/service/bsd.rb +3 -3
- data/lib/puppet/provider/service/daemontools.rb +8 -8
- data/lib/puppet/provider/service/debian.rb +0 -0
- data/lib/puppet/provider/service/freebsd.rb +3 -3
- data/lib/puppet/provider/service/init.rb +5 -4
- data/lib/puppet/provider/service/launchd.rb +35 -24
- data/lib/puppet/provider/service/openbsd.rb +23 -0
- data/lib/puppet/provider/service/redhat.rb +0 -0
- data/lib/puppet/provider/service/runit.rb +3 -3
- data/lib/puppet/provider/service/smf.rb +0 -0
- data/lib/puppet/provider/service/src.rb +0 -0
- data/lib/puppet/provider/service/systemd.rb +0 -0
- data/lib/puppet/provider/service/upstart.rb +3 -3
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +2 -2
- data/lib/puppet/provider/sshkey/parsed.rb +0 -0
- data/lib/puppet/provider/user/aix.rb +0 -0
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +1 -1
- data/lib/puppet/provider/zone/solaris.rb +1 -1
- data/lib/puppet/rails/benchmark.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -2
- data/lib/puppet/reference/indirection.rb +12 -14
- data/lib/puppet/relationship.rb +7 -4
- data/lib/puppet/reports.rb +2 -2
- data/lib/puppet/reports/rrdgraph.rb +1 -1
- data/lib/puppet/reports/store.rb +3 -3
- data/lib/puppet/reports/tagmail.rb +2 -2
- data/lib/puppet/resource.rb +66 -8
- data/lib/puppet/resource/catalog.rb +18 -25
- data/lib/puppet/resource/status.rb +10 -4
- data/lib/puppet/run.rb +6 -2
- data/lib/puppet/settings.rb +39 -119
- data/lib/puppet/settings/base_setting.rb +8 -9
- data/lib/puppet/settings/directory_setting.rb +8 -0
- data/lib/puppet/settings/file_setting.rb +35 -1
- data/lib/puppet/settings/priority_setting.rb +42 -0
- data/lib/puppet/ssl.rb +4 -0
- data/lib/puppet/ssl/certificate.rb +18 -0
- data/lib/puppet/ssl/certificate_authority.rb +101 -72
- data/lib/puppet/ssl/certificate_authority/autosign_command.rb +44 -0
- data/lib/puppet/ssl/certificate_authority/interface.rb +21 -17
- data/lib/puppet/ssl/certificate_factory.rb +38 -12
- data/lib/puppet/ssl/certificate_request.rb +201 -47
- data/lib/puppet/ssl/certificate_request_attributes.rb +34 -0
- data/lib/puppet/ssl/certificate_revocation_list.rb +2 -2
- data/lib/puppet/ssl/host.rb +21 -10
- data/lib/puppet/ssl/inventory.rb +6 -10
- data/lib/puppet/ssl/key.rb +1 -1
- data/lib/puppet/ssl/oids.rb +78 -0
- data/lib/puppet/ssl/validator.rb +41 -97
- data/lib/puppet/ssl/validator/default_validator.rb +153 -0
- data/lib/puppet/ssl/validator/no_validator.rb +17 -0
- data/lib/puppet/status.rb +4 -0
- data/lib/puppet/test/test_helper.rb +5 -0
- data/lib/puppet/transaction.rb +13 -0
- data/lib/puppet/transaction/event.rb +8 -3
- data/lib/puppet/transaction/report.rb +6 -2
- data/lib/puppet/transaction/resource_harness.rb +173 -115
- data/lib/puppet/type.rb +30 -13
- data/lib/puppet/type/augeas.rb +12 -46
- data/lib/puppet/type/component.rb +1 -7
- data/lib/puppet/type/cron.rb +0 -0
- data/lib/puppet/type/exec.rb +13 -1
- data/lib/puppet/type/file.rb +19 -10
- data/lib/puppet/type/file/checksum.rb +0 -0
- data/lib/puppet/type/file/content.rb +3 -0
- data/lib/puppet/type/file/ensure.rb +33 -15
- data/lib/puppet/type/file/group.rb +0 -0
- data/lib/puppet/type/file/mode.rb +6 -2
- data/lib/puppet/type/file/owner.rb +0 -0
- data/lib/puppet/type/file/source.rb +65 -14
- data/lib/puppet/type/file/target.rb +6 -6
- data/lib/puppet/type/file/type.rb +0 -0
- data/lib/puppet/type/filebucket.rb +0 -0
- data/lib/puppet/type/group.rb +18 -0
- data/lib/puppet/type/host.rb +0 -0
- data/lib/puppet/type/k5login.rb +4 -4
- data/lib/puppet/type/mailalias.rb +0 -0
- data/lib/puppet/type/maillist.rb +0 -0
- data/lib/puppet/type/mount.rb +15 -1
- data/lib/puppet/type/package.rb +7 -1
- data/lib/puppet/type/port.rb +0 -0
- data/lib/puppet/type/schedule.rb +9 -4
- data/lib/puppet/type/service.rb +1 -1
- data/lib/puppet/type/sshkey.rb +0 -0
- data/lib/puppet/type/tidy.rb +1 -1
- data/lib/puppet/type/user.rb +3 -0
- data/lib/puppet/type/yumrepo.rb +8 -6
- data/lib/puppet/type/zpool.rb +0 -0
- data/lib/puppet/util.rb +4 -31
- data/lib/puppet/util/adsi.rb +73 -17
- data/lib/puppet/util/autoload.rb +3 -3
- data/lib/puppet/util/backups.rb +4 -4
- data/lib/puppet/util/cacher.rb +7 -13
- data/lib/puppet/util/checksums.rb +2 -2
- data/lib/puppet/util/classgen.rb +3 -1
- data/lib/puppet/util/colors.rb +1 -0
- data/lib/puppet/util/command_line.rb +5 -0
- data/lib/puppet/util/docs.rb +33 -27
- data/lib/puppet/util/execution.rb +42 -18
- data/lib/puppet/util/filetype.rb +3 -3
- data/lib/puppet/util/instance_loader.rb +2 -2
- data/lib/puppet/util/instrumentation.rb +23 -42
- data/lib/puppet/util/instrumentation/data.rb +11 -4
- data/lib/puppet/util/instrumentation/indirection_probe.rb +11 -4
- data/lib/puppet/util/instrumentation/instrumentable.rb +7 -14
- data/lib/puppet/util/instrumentation/listener.rb +15 -8
- data/lib/puppet/util/instrumentation/listeners/log.rb +4 -10
- data/lib/puppet/util/instrumentation/listeners/performance.rb +8 -14
- data/lib/puppet/util/limits.rb +12 -0
- data/lib/puppet/util/lockfile.rb +2 -2
- data/lib/puppet/util/log.rb +14 -6
- data/lib/puppet/util/log/destinations.rb +23 -1
- data/lib/puppet/util/metric.rb +9 -3
- data/lib/puppet/util/monkey_patches.rb +7 -2
- data/lib/puppet/util/network_device/config.rb +1 -1
- data/lib/puppet/util/plugins.rb +1 -1
- data/lib/puppet/util/posix.rb +0 -0
- data/lib/puppet/util/profiler.rb +7 -2
- data/lib/puppet/util/provider_features.rb +2 -2
- data/lib/puppet/util/rdoc.rb +28 -30
- data/lib/puppet/util/rdoc/code_objects.rb +75 -25
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +1 -1
- data/lib/puppet/util/rdoc/parser.rb +12 -487
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +477 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc1.rb +19 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +14 -0
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +1 -1
- data/lib/puppet/util/storage.rb +2 -2
- data/lib/puppet/util/suidmanager.rb +1 -1
- data/lib/puppet/util/tag_set.rb +29 -0
- data/lib/puppet/util/tagging.rb +8 -24
- data/lib/puppet/util/watched_file.rb +1 -1
- data/lib/puppet/util/watcher.rb +1 -1
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/windows/access_control_entry.rb +84 -0
- data/lib/puppet/util/windows/access_control_list.rb +106 -0
- data/lib/puppet/util/windows/file.rb +213 -0
- data/lib/puppet/util/windows/process.rb +199 -0
- data/lib/puppet/util/windows/root_certs.rb +52 -37
- data/lib/puppet/util/windows/security.rb +270 -245
- data/lib/puppet/util/windows/security_descriptor.rb +62 -0
- data/lib/puppet/util/windows/sid.rb +26 -4
- data/lib/puppet/version.rb +2 -2
- data/spec/fixtures/releases/jamtur01-apache/lib/puppet/provider/a2mod/debian.rb +1 -1
- data/spec/fixtures/unit/indirector/{hiera → data_binding/hiera}/global.yaml +0 -0
- data/spec/fixtures/unit/indirector/data_binding/hiera/invalid.yaml +1 -0
- data/spec/fixtures/unit/module/trailing-comma.json +24 -0
- data/spec/fixtures/unit/util/monkey_patches/x509.pem +32 -0
- data/spec/integration/application/apply_spec.rb +1 -1
- data/spec/integration/application/doc_spec.rb +1 -1
- data/spec/integration/configurer_spec.rb +4 -2
- data/spec/integration/data_binding.rb +100 -0
- data/spec/integration/indirector/catalog/compiler_spec.rb +16 -13
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -5
- data/spec/integration/indirector/file_content/file_server_spec.rb +2 -2
- data/spec/integration/node/facts_spec.rb +1 -1
- data/spec/integration/node_spec.rb +1 -1
- data/spec/integration/parser/compiler_spec.rb +90 -0
- data/spec/integration/parser/parser_spec.rb +2 -2
- data/spec/integration/provider/cron/crontab_spec.rb +3 -5
- data/spec/integration/resource/catalog_spec.rb +1 -1
- data/spec/integration/ssl/autosign_spec.rb +90 -0
- data/spec/integration/ssl/certificate_authority_spec.rb +62 -69
- data/spec/integration/ssl/certificate_revocation_list_spec.rb +1 -1
- data/spec/integration/ssl/host_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +13 -13
- data/spec/integration/type/exec_spec.rb +2 -2
- data/spec/integration/type/file_spec.rb +287 -45
- data/spec/integration/type/tidy_spec.rb +3 -3
- data/spec/integration/util/rdoc/parser_spec.rb +236 -35
- data/spec/integration/util/settings_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +22 -0
- data/spec/integration/util/windows/security_spec.rb +316 -106
- data/spec/lib/matchers/containment_matchers.rb +52 -0
- data/spec/lib/puppet_spec/compiler.rb +6 -0
- data/spec/lib/puppet_spec/files.rb +20 -21
- data/spec/shared_behaviours/documentation_on_faces.rb +3 -3
- data/spec/shared_behaviours/file_server_terminus.rb +2 -2
- data/spec/shared_contexts/platform.rb +1 -0
- data/spec/spec_helper.rb +13 -1
- data/spec/unit/agent_spec.rb +0 -12
- data/spec/unit/application/agent_spec.rb +4 -4
- data/spec/unit/application/apply_spec.rb +18 -2
- data/spec/unit/application/cert_spec.rb +8 -6
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/application/filebucket_spec.rb +1 -1
- data/spec/unit/application/inspect_spec.rb +1 -1
- data/spec/unit/application_spec.rb +24 -0
- data/spec/unit/configurer/downloader_spec.rb +8 -7
- data/spec/unit/configurer/fact_handler_spec.rb +23 -0
- data/spec/unit/configurer/plugin_handler_spec.rb +7 -2
- data/spec/unit/configurer_spec.rb +15 -5
- data/spec/unit/{provider/confine → confine}/exists_spec.rb +12 -12
- data/spec/unit/{provider/confine → confine}/false_spec.rb +9 -9
- data/spec/unit/{provider/confine → confine}/feature_spec.rb +10 -10
- data/spec/unit/{provider/confine → confine}/true_spec.rb +7 -7
- data/spec/unit/{provider/confine → confine}/variable_spec.rb +16 -16
- data/spec/unit/{provider/confine_collection_spec.rb → confine_collection_spec.rb} +30 -30
- data/spec/unit/{provider/confine_spec.rb → confine_spec.rb} +11 -11
- data/spec/unit/{provider/confiner_spec.rb → confiner_spec.rb} +4 -4
- data/spec/unit/face/parser_spec.rb +54 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/base_spec.rb +32 -9
- data/spec/unit/file_serving/configuration_spec.rb +7 -7
- data/spec/unit/file_serving/content_spec.rb +12 -7
- data/spec/unit/file_serving/fileset_spec.rb +57 -27
- data/spec/unit/file_serving/metadata_spec.rb +74 -12
- data/spec/unit/file_serving/mount/file_spec.rb +10 -10
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +73 -0
- data/spec/unit/file_system/file_spec.rb +486 -0
- data/spec/unit/file_system/tempfile_spec.rb +48 -0
- data/spec/unit/graph/relationship_graph_spec.rb +0 -6
- data/spec/unit/hiera_puppet_spec.rb +2 -2
- data/spec/unit/indirector/catalog/compiler_spec.rb +15 -19
- data/spec/unit/indirector/certificate_status/file_spec.rb +30 -40
- data/spec/unit/indirector/data_binding/hiera_spec.rb +95 -2
- data/spec/unit/indirector/direct_file_server_spec.rb +6 -6
- data/spec/unit/indirector/facts/facter_spec.rb +33 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +61 -52
- data/spec/unit/indirector/file_metadata/file_spec.rb +2 -2
- data/spec/unit/indirector/file_server_spec.rb +4 -4
- data/spec/unit/indirector/json_spec.rb +4 -4
- data/spec/unit/indirector/key/file_spec.rb +13 -14
- data/spec/unit/indirector/resource/ral_spec.rb +7 -0
- data/spec/unit/indirector/resource/store_configs_spec.rb +11 -0
- data/spec/unit/indirector/rest_spec.rb +7 -3
- data/spec/unit/indirector/ssl_file_spec.rb +14 -17
- data/spec/unit/indirector/yaml_spec.rb +4 -4
- data/spec/unit/module_spec.rb +43 -15
- data/spec/unit/module_tool/tar/gnu_spec.rb +2 -2
- data/spec/unit/module_tool/tar/solaris_spec.rb +2 -2
- data/spec/unit/module_tool/tar_spec.rb +45 -0
- data/spec/unit/network/authconfig_spec.rb +2 -1
- data/spec/unit/network/authentication_spec.rb +2 -2
- data/spec/unit/network/format_handler_spec.rb +2 -2
- data/spec/unit/network/formats_spec.rb +24 -0
- data/spec/unit/network/http/connection_spec.rb +76 -199
- data/spec/unit/network/http/handler_spec.rb +33 -34
- data/spec/unit/network/http_pool_spec.rb +8 -5
- data/spec/unit/node/environment_spec.rb +76 -90
- data/spec/unit/node/facts_spec.rb +20 -3
- data/spec/unit/node_spec.rb +43 -0
- data/spec/unit/parameter/boolean_spec.rb +22 -12
- data/spec/unit/parser/ast/resourceparam_spec.rb +51 -0
- data/spec/unit/parser/compiler_spec.rb +103 -35
- data/spec/unit/parser/eparser_adapter_spec.rb +12 -12
- data/spec/unit/parser/files_spec.rb +11 -11
- data/spec/unit/parser/functions/contain_spec.rb +185 -0
- data/spec/unit/parser/functions/create_resources_spec.rb +13 -5
- data/spec/unit/parser/functions/generate_spec.rb +1 -1
- data/spec/unit/parser/functions_spec.rb +2 -2
- data/spec/unit/parser/lexer_spec.rb +1 -1
- data/spec/unit/parser/methods/each_spec.rb +1 -1
- data/spec/unit/parser/methods/{select_spec.rb → filter_spec.rb} +11 -11
- data/spec/unit/parser/methods/map_spec.rb +95 -0
- data/spec/unit/parser/methods/reduce_spec.rb +12 -11
- data/spec/unit/parser/methods/shared.rb +5 -5
- data/spec/unit/parser/methods/slice_spec.rb +13 -13
- data/spec/unit/parser/parser_spec.rb +1 -1
- data/spec/unit/parser/resource/param_spec.rb +44 -0
- data/spec/unit/parser/resource_spec.rb +16 -15
- data/spec/unit/pops/model/ast_transformer_spec.rb +18 -4
- data/spec/unit/pops/parser/lexer_spec.rb +22 -5
- data/spec/unit/pops/parser/parse_calls_spec.rb +5 -5
- data/spec/unit/pops/transformer/transform_calls_spec.rb +6 -6
- data/spec/unit/pops/transformer/transform_containers_spec.rb +2 -2
- data/spec/unit/pops/validator/validator_spec.rb +31 -0
- data/spec/unit/provider/augeas/augeas_spec.rb +57 -2
- data/spec/unit/provider/exec/posix_spec.rb +8 -3
- data/spec/unit/provider/file/posix_spec.rb +2 -2
- data/spec/unit/provider/group/windows_adsi_spec.rb +70 -3
- data/spec/unit/provider/nameservice/directoryservice_spec.rb +3 -3
- data/spec/unit/provider/package/apt_spec.rb +1 -1
- data/spec/unit/provider/package/msi_spec.rb +15 -42
- data/spec/unit/provider/package/openbsd_spec.rb +3 -3
- data/spec/unit/provider/package/rpm_spec.rb +56 -13
- data/spec/unit/provider/package/windows_spec.rb +15 -19
- data/spec/unit/provider/service/base_spec.rb +1 -1
- data/spec/unit/provider/service/daemontools_spec.rb +18 -8
- data/spec/unit/provider/service/freebsd_spec.rb +3 -3
- data/spec/unit/provider/service/gentoo_spec.rb +5 -2
- data/spec/unit/provider/service/init_spec.rb +17 -17
- data/spec/unit/provider/service/launchd_spec.rb +76 -23
- data/spec/unit/provider/service/openbsd_spec.rb +125 -0
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +12 -5
- data/spec/unit/provider/service/upstart_spec.rb +4 -4
- data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +5 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +4 -4
- data/spec/unit/provider/zone/solaris_spec.rb +1 -1
- data/spec/unit/provider_spec.rb +2 -2
- data/spec/unit/reports/http_spec.rb +19 -34
- data/spec/unit/reports/store_spec.rb +2 -2
- data/spec/unit/resource/catalog_spec.rb +81 -11
- data/spec/unit/resource/status_spec.rb +11 -1
- data/spec/unit/resource/type_spec.rb +30 -1
- data/spec/unit/resource_spec.rb +40 -4
- data/spec/unit/settings/file_setting_spec.rb +2 -2
- data/spec/unit/settings/path_setting_spec.rb +2 -2
- data/spec/unit/settings/priority_setting_spec.rb +66 -0
- data/spec/unit/settings_spec.rb +16 -31
- data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +30 -0
- data/spec/unit/ssl/certificate_authority_spec.rb +129 -134
- data/spec/unit/ssl/certificate_factory_spec.rb +18 -0
- data/spec/unit/ssl/certificate_request_attributes_spec.rb +61 -0
- data/spec/unit/ssl/certificate_request_spec.rb +103 -0
- data/spec/unit/ssl/certificate_spec.rb +31 -18
- data/spec/unit/ssl/host_spec.rb +34 -8
- data/spec/unit/ssl/inventory_spec.rb +27 -62
- data/spec/unit/ssl/key_spec.rb +4 -4
- data/spec/unit/ssl/oids_spec.rb +48 -0
- data/spec/unit/ssl/validator_spec.rb +49 -6
- data/spec/unit/status_spec.rb +9 -0
- data/spec/unit/transaction/event_spec.rb +1 -9
- data/spec/unit/transaction/report_spec.rb +20 -1
- data/spec/unit/transaction/resource_harness_spec.rb +60 -210
- data/spec/unit/transaction_spec.rb +54 -8
- data/spec/unit/type/component_spec.rb +2 -2
- data/spec/unit/type/exec_spec.rb +14 -7
- data/spec/unit/type/file/content_spec.rb +13 -2
- data/spec/unit/type/file/ctime_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +48 -2
- data/spec/unit/type/file/mtime_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +177 -7
- data/spec/unit/type/file_spec.rb +63 -71
- data/spec/unit/type/group_spec.rb +20 -0
- data/spec/unit/type/k5login_spec.rb +3 -3
- data/spec/unit/type/mount_spec.rb +53 -0
- data/spec/unit/type/nagios_spec.rb +216 -0
- data/spec/unit/type/package_spec.rb +7 -1
- data/spec/unit/type/schedule_spec.rb +6 -0
- data/spec/unit/type/service_spec.rb +3 -3
- data/spec/unit/type/tidy_spec.rb +14 -14
- data/spec/unit/type/user_spec.rb +9 -0
- data/spec/unit/type_spec.rb +86 -4
- data/spec/unit/util/adsi_spec.rb +120 -12
- data/spec/unit/util/autoload_spec.rb +14 -14
- data/spec/unit/util/backups_spec.rb +29 -21
- data/spec/unit/util/checksums_spec.rb +2 -1
- data/spec/unit/util/command_line_spec.rb +41 -0
- data/spec/unit/util/docs_spec.rb +91 -0
- data/spec/unit/util/execution_spec.rb +26 -2
- data/spec/unit/util/filetype_spec.rb +7 -7
- data/spec/unit/util/lockfile_spec.rb +2 -2
- data/spec/unit/util/log/destinations_spec.rb +32 -0
- data/spec/unit/util/monkey_patches_spec.rb +41 -0
- data/spec/unit/util/pidlock_spec.rb +6 -6
- data/spec/unit/util/rdoc/parser_spec.rb +15 -13
- data/spec/unit/util/rdoc_spec.rb +18 -24
- data/spec/unit/util/resource_template_spec.rb +3 -3
- data/spec/unit/util/selinux_spec.rb +4 -2
- data/spec/unit/util/storage_spec.rb +4 -4
- data/spec/unit/util/suidmanager_spec.rb +7 -0
- data/spec/unit/util/tag_set_spec.rb +46 -0
- data/spec/unit/util/tagging_spec.rb +82 -45
- data/spec/unit/util/watcher_spec.rb +4 -1
- data/spec/unit/util/windows/access_control_entry_spec.rb +67 -0
- data/spec/unit/util/windows/access_control_list_spec.rb +133 -0
- data/spec/unit/util/windows/root_certs_spec.rb +10 -8
- data/spec/unit/util/windows/security_descriptor_spec.rb +117 -0
- data/spec/unit/util/windows/sid_spec.rb +69 -0
- data/spec/unit/util_spec.rb +7 -7
- data/tasks/ci.rake +17 -36
- metadata +2811 -2746
- checksums.yaml +0 -7
- data/examples/mac_automount.pp +0 -16
- data/examples/mcx_dock_absent.pp +0 -4
- data/examples/mcx_dock_default.pp +0 -118
- data/examples/mcx_dock_full.pp +0 -125
- data/examples/mcx_dock_invalid.pp +0 -9
- data/examples/mcx_nogroup.pp +0 -118
- data/examples/mcx_notexists_absent.pp +0 -4
- data/ext/rack/README +0 -58
- data/ext/rack/manifest.pp +0 -59
- data/lib/puppet/external/lock.rb +0 -63
- data/lib/puppet/indirector/hiera.rb +0 -39
- data/lib/puppet/parser/functions/foreach.rb +0 -95
- data/spec/integration/network/server/webrick_spec.rb +0 -76
- data/spec/integration/parser/functions_spec.rb +0 -16
- data/spec/unit/indirector/hiera_spec.rb +0 -154
- data/spec/unit/parser/methods/collect_spec.rb +0 -153
- data/spec/unit/parser/methods/foreach_spec.rb +0 -91
- data/spec/unit/parser/methods/reject_spec.rb +0 -73
- data/spec/unit/resource/resource_type.json +0 -34
data/spec/unit/ssl/key_spec.rb
CHANGED
@@ -71,7 +71,7 @@ describe Puppet::SSL::Key do
|
|
71
71
|
end
|
72
72
|
|
73
73
|
it "should not try to use the provided password file if the file does not exist" do
|
74
|
-
|
74
|
+
Puppet::FileSystem::File.stubs(:exist?).returns false
|
75
75
|
@key.password_file = "/path/to/password"
|
76
76
|
|
77
77
|
path = "/my/path"
|
@@ -84,7 +84,7 @@ describe Puppet::SSL::Key do
|
|
84
84
|
end
|
85
85
|
|
86
86
|
it "should read the key with the password retrieved from the password file if one is provided" do
|
87
|
-
|
87
|
+
Puppet::FileSystem::File.stubs(:exist?).returns true
|
88
88
|
@key.password_file = "/path/to/password"
|
89
89
|
|
90
90
|
path = "/my/path"
|
@@ -154,7 +154,7 @@ describe Puppet::SSL::Key do
|
|
154
154
|
|
155
155
|
describe "with a password file set" do
|
156
156
|
it "should return a nil password if the password file does not exist" do
|
157
|
-
|
157
|
+
Puppet::FileSystem::File.expects(:exist?).with("/path/to/pass").returns false
|
158
158
|
File.expects(:read).with("/path/to/pass").never
|
159
159
|
|
160
160
|
@instance.password_file = "/path/to/pass"
|
@@ -163,7 +163,7 @@ describe Puppet::SSL::Key do
|
|
163
163
|
end
|
164
164
|
|
165
165
|
it "should return the contents of the password file as its password" do
|
166
|
-
|
166
|
+
Puppet::FileSystem::File.expects(:exist?).with("/path/to/pass").returns true
|
167
167
|
File.expects(:read).with("/path/to/pass").returns "my password"
|
168
168
|
|
169
169
|
@instance.password_file = "/path/to/pass"
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet/ssl/oids'
|
3
|
+
|
4
|
+
describe Puppet::SSL::Oids do
|
5
|
+
describe "defining application OIDs" do
|
6
|
+
|
7
|
+
{
|
8
|
+
'puppetlabs' => '1.3.6.1.4.1.34380',
|
9
|
+
'ppCertExt' => '1.3.6.1.4.1.34380.1',
|
10
|
+
'ppRegCertExt' => '1.3.6.1.4.1.34380.1.1',
|
11
|
+
'pp_uuid' => '1.3.6.1.4.1.34380.1.1.1',
|
12
|
+
'pp_instance_id' => '1.3.6.1.4.1.34380.1.1.2',
|
13
|
+
'pp_image_name' => '1.3.6.1.4.1.34380.1.1.3',
|
14
|
+
'pp_preshared_key' => '1.3.6.1.4.1.34380.1.1.4',
|
15
|
+
'ppPrivCertExt' => '1.3.6.1.4.1.34380.1.2',
|
16
|
+
}.each_pair do |sn, oid|
|
17
|
+
it "defines #{sn} as #{oid}" do
|
18
|
+
object_id = OpenSSL::ASN1::ObjectId.new(sn)
|
19
|
+
expect(object_id.oid).to eq oid
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
describe "checking if an OID is a subtree of another OID" do
|
25
|
+
|
26
|
+
it "can determine if an OID is contained in another OID" do
|
27
|
+
described_class.subtree_of?('1.3.6.1', '1.3.6.1.4.1').should be_true
|
28
|
+
described_class.subtree_of?('1.3.6.1.4.1', '1.3.6.1').should be_false
|
29
|
+
end
|
30
|
+
|
31
|
+
it "returns true if an OID is compared against itself and exclusive is false" do
|
32
|
+
described_class.subtree_of?('1.3.6.1', '1.3.6.1', false).should be_true
|
33
|
+
end
|
34
|
+
|
35
|
+
it "returns false if an OID is compared against itself and exclusive is true" do
|
36
|
+
described_class.subtree_of?('1.3.6.1', '1.3.6.1', true).should be_false
|
37
|
+
end
|
38
|
+
|
39
|
+
it "can compare OIDs defined as short names" do
|
40
|
+
described_class.subtree_of?('IANA', '1.3.6.1.4.1').should be_true
|
41
|
+
described_class.subtree_of?('1.3.6.1', 'enterprises').should be_true
|
42
|
+
end
|
43
|
+
|
44
|
+
it "returns false when an invalid OID shortname is passed" do
|
45
|
+
described_class.subtree_of?('IANA', 'bananas').should be_false
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
-
require 'puppet/ssl
|
2
|
+
require 'puppet/ssl'
|
3
3
|
require 'puppet/ssl/configuration'
|
4
4
|
|
5
|
-
describe Puppet::SSL::Validator do
|
5
|
+
describe Puppet::SSL::Validator::DefaultValidator do
|
6
6
|
let(:ssl_context) do
|
7
7
|
mock('OpenSSL::X509::StoreContext')
|
8
8
|
end
|
@@ -14,8 +14,16 @@ describe Puppet::SSL::Validator do
|
|
14
14
|
:ca_auth_file => Puppet[:ssl_client_ca_auth])
|
15
15
|
end
|
16
16
|
|
17
|
+
let(:ssl_host) do
|
18
|
+
stub('ssl_host',
|
19
|
+
:ssl_store => nil,
|
20
|
+
:certificate => stub('cert', :content => nil),
|
21
|
+
:key => stub('key', :content => nil))
|
22
|
+
end
|
23
|
+
|
17
24
|
subject do
|
18
|
-
described_class.new(
|
25
|
+
described_class.new(ssl_configuration,
|
26
|
+
ssl_host)
|
19
27
|
end
|
20
28
|
|
21
29
|
before :each do
|
@@ -49,17 +57,20 @@ describe Puppet::SSL::Validator do
|
|
49
57
|
before :each do
|
50
58
|
ssl_context.stubs(:error_string).returns("Something went wrong.")
|
51
59
|
end
|
60
|
+
|
52
61
|
it 'does not make the error available via #verify_errors' do
|
53
62
|
subject.call(true, ssl_context)
|
54
63
|
subject.verify_errors.should == []
|
55
64
|
end
|
56
65
|
end
|
66
|
+
|
57
67
|
context 'and the chain is valid' do
|
58
68
|
it 'is true for each CA certificate in the chain' do
|
59
69
|
(cert_chain.length - 1).times do
|
60
70
|
subject.call(true, ssl_context).should be_true
|
61
71
|
end
|
62
72
|
end
|
73
|
+
|
63
74
|
it 'is true for the SSL certificate ending the chain' do
|
64
75
|
(cert_chain.length - 1).times do
|
65
76
|
subject.call(true, ssl_context)
|
@@ -67,17 +78,20 @@ describe Puppet::SSL::Validator do
|
|
67
78
|
subject.call(true, ssl_context).should be_true
|
68
79
|
end
|
69
80
|
end
|
81
|
+
|
70
82
|
context 'and the chain is invalid' do
|
71
83
|
before :each do
|
72
84
|
ssl_configuration.stubs(:read_file).
|
73
85
|
with(Puppet[:localcacert]).
|
74
86
|
returns(agent_ca)
|
75
87
|
end
|
88
|
+
|
76
89
|
it 'is true for each CA certificate in the chain' do
|
77
90
|
(cert_chain.length - 1).times do
|
78
91
|
subject.call(true, ssl_context).should be_true
|
79
92
|
end
|
80
93
|
end
|
94
|
+
|
81
95
|
it 'is false for the SSL certificate ending the chain' do
|
82
96
|
(cert_chain.length - 1).times do
|
83
97
|
subject.call(true, ssl_context)
|
@@ -85,13 +99,16 @@ describe Puppet::SSL::Validator do
|
|
85
99
|
subject.call(true, ssl_context).should be_false
|
86
100
|
end
|
87
101
|
end
|
102
|
+
|
88
103
|
context 'an error is raised inside of #call' do
|
89
104
|
before :each do
|
90
105
|
ssl_context.expects(:current_cert).raises(StandardError, "BOOM!")
|
91
106
|
end
|
107
|
+
|
92
108
|
it 'is false' do
|
93
109
|
subject.call(true, ssl_context).should be_false
|
94
110
|
end
|
111
|
+
|
95
112
|
it 'makes the error available through #verify_errors' do
|
96
113
|
subject.call(true, ssl_context)
|
97
114
|
subject.verify_errors.should == ["BOOM!"]
|
@@ -100,11 +117,28 @@ describe Puppet::SSL::Validator do
|
|
100
117
|
end
|
101
118
|
end
|
102
119
|
|
103
|
-
describe '#
|
104
|
-
it '
|
120
|
+
describe '#setup_connection' do
|
121
|
+
it 'updates the connection for verification' do
|
122
|
+
subject.stubs(:ssl_certificates_are_present?).returns(true)
|
105
123
|
connection = mock('Net::HTTP')
|
124
|
+
|
125
|
+
connection.expects(:cert_store=).with(ssl_host.ssl_store)
|
126
|
+
connection.expects(:ca_file=).with(ssl_configuration.ca_auth_file)
|
127
|
+
connection.expects(:cert=).with(ssl_host.certificate.content)
|
128
|
+
connection.expects(:key=).with(ssl_host.key.content)
|
106
129
|
connection.expects(:verify_callback=).with(subject)
|
107
|
-
|
130
|
+
connection.expects(:verify_mode=).with(OpenSSL::SSL::VERIFY_PEER)
|
131
|
+
|
132
|
+
subject.setup_connection(connection)
|
133
|
+
end
|
134
|
+
|
135
|
+
it 'does not perform verification if certificate files are missing' do
|
136
|
+
subject.stubs(:ssl_certificates_are_present?).returns(false)
|
137
|
+
connection = mock('Net::HTTP')
|
138
|
+
|
139
|
+
connection.expects(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
|
140
|
+
|
141
|
+
subject.setup_connection(connection)
|
108
142
|
end
|
109
143
|
end
|
110
144
|
|
@@ -120,17 +154,21 @@ describe Puppet::SSL::Validator do
|
|
120
154
|
before :each do
|
121
155
|
subject.stubs(:has_authz_peer_cert).returns(true)
|
122
156
|
end
|
157
|
+
|
123
158
|
it 'is true' do
|
124
159
|
subject.valid_peer?.should be_true
|
125
160
|
end
|
126
161
|
end
|
162
|
+
|
127
163
|
context 'when the peer presents an invalid chain' do
|
128
164
|
before :each do
|
129
165
|
subject.stubs(:has_authz_peer_cert).returns(false)
|
130
166
|
end
|
167
|
+
|
131
168
|
it 'is false' do
|
132
169
|
subject.valid_peer?.should be_false
|
133
170
|
end
|
171
|
+
|
134
172
|
it 'makes a helpful error message available via #verify_errors' do
|
135
173
|
subject.valid_peer?
|
136
174
|
subject.verify_errors.should == [expected_authz_error_msg]
|
@@ -143,22 +181,27 @@ describe Puppet::SSL::Validator do
|
|
143
181
|
it 'returns true when the SSL cert is issued by the Master CA' do
|
144
182
|
subject.has_authz_peer_cert(cert_chain, [root_ca_cert]).should be_true
|
145
183
|
end
|
184
|
+
|
146
185
|
it 'returns true when the SSL cert is issued by the Agent CA' do
|
147
186
|
subject.has_authz_peer_cert(cert_chain_agent_ca, [root_ca_cert]).should be_true
|
148
187
|
end
|
149
188
|
end
|
189
|
+
|
150
190
|
context 'when the Master CA is listed as authorized' do
|
151
191
|
it 'returns false when the SSL cert is issued by the Master CA' do
|
152
192
|
subject.has_authz_peer_cert(cert_chain, [master_ca_cert]).should be_true
|
153
193
|
end
|
194
|
+
|
154
195
|
it 'returns true when the SSL cert is issued by the Agent CA' do
|
155
196
|
subject.has_authz_peer_cert(cert_chain_agent_ca, [master_ca_cert]).should be_false
|
156
197
|
end
|
157
198
|
end
|
199
|
+
|
158
200
|
context 'when the Agent CA is listed as authorized' do
|
159
201
|
it 'returns true when the SSL cert is issued by the Master CA' do
|
160
202
|
subject.has_authz_peer_cert(cert_chain, [agent_ca_cert]).should be_false
|
161
203
|
end
|
204
|
+
|
162
205
|
it 'returns true when the SSL cert is issued by the Agent CA' do
|
163
206
|
subject.has_authz_peer_cert(cert_chain_agent_ca, [agent_ca_cert]).should be_true
|
164
207
|
end
|
data/spec/unit/status_spec.rb
CHANGED
@@ -37,4 +37,13 @@ describe Puppet::Status do
|
|
37
37
|
new_status = Puppet::Status.convert_from('yaml', status.render('yaml'))
|
38
38
|
new_status.should equal_attributes_of(status)
|
39
39
|
end
|
40
|
+
|
41
|
+
it "serializes to PSON that conforms to the status schema", :unless => Puppet.features.microsoft_windows? do
|
42
|
+
schema = JSON.parse(File.read('api/schemas/status.json'))
|
43
|
+
status = Puppet::Status.new
|
44
|
+
status.version = Puppet.version
|
45
|
+
|
46
|
+
JSON::Validator.validate!(JSON_META_SCHEMA, schema)
|
47
|
+
JSON::Validator.validate!(schema, status.render('pson'))
|
48
|
+
end
|
40
49
|
end
|
@@ -15,14 +15,6 @@ end
|
|
15
15
|
describe Puppet::Transaction::Event do
|
16
16
|
include PuppetSpec::Files
|
17
17
|
|
18
|
-
[:previous_value, :desired_value, :property, :name, :message, :file, :line, :tags, :audited].each do |attr|
|
19
|
-
it "should support #{attr}" do
|
20
|
-
event = Puppet::Transaction::Event.new
|
21
|
-
event.send(attr.to_s + "=", "foo")
|
22
|
-
event.send(attr).should == "foo"
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
18
|
it "should support resource" do
|
27
19
|
event = Puppet::Transaction::Event.new
|
28
20
|
event.resource = TestResource.new
|
@@ -101,7 +93,7 @@ describe Puppet::Transaction::Event do
|
|
101
93
|
end
|
102
94
|
|
103
95
|
it "should set the tags to the event tags" do
|
104
|
-
Puppet::Util::Log.expects(:new).with { |args| args[:tags]
|
96
|
+
Puppet::Util::Log.expects(:new).with { |args| args[:tags].to_a.should =~ %w{one two} }
|
105
97
|
Puppet::Transaction::Event.new(:tags => %w{one two}).send_log
|
106
98
|
end
|
107
99
|
|
@@ -4,6 +4,19 @@ require 'spec_helper'
|
|
4
4
|
require 'puppet'
|
5
5
|
require 'puppet/transaction/report'
|
6
6
|
|
7
|
+
# the json-schema gem doesn't support windows
|
8
|
+
if not Puppet.features.microsoft_windows?
|
9
|
+
REPORT_SCHEMA_URI = File.join(File.dirname(__FILE__), '../../../api/schemas/report.json')
|
10
|
+
REPORT_SCHEMA = JSON.parse(File.read(REPORT_SCHEMA_URI))
|
11
|
+
|
12
|
+
describe "report schema" do
|
13
|
+
it "should validate against the json meta-schema" do
|
14
|
+
JSON::Validator.validate!(JSON_META_SCHEMA, REPORT_SCHEMA)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
19
|
+
|
7
20
|
describe Puppet::Transaction::Report do
|
8
21
|
include PuppetSpec::Files
|
9
22
|
before do
|
@@ -392,6 +405,12 @@ describe Puppet::Transaction::Report do
|
|
392
405
|
expect_equivalent_reports(tripped, report)
|
393
406
|
end
|
394
407
|
|
408
|
+
it "generates pson which validates against the report schema", :unless => Puppet.features.microsoft_windows? do
|
409
|
+
Puppet[:report_serialization_format] = "pson"
|
410
|
+
report = generate_report
|
411
|
+
JSON::Validator.validate!(REPORT_SCHEMA, report.render)
|
412
|
+
end
|
413
|
+
|
395
414
|
it "can make a round trip through yaml" do
|
396
415
|
Puppet[:report_serialization_format] = "yaml"
|
397
416
|
report = generate_report
|
@@ -458,7 +477,7 @@ describe Puppet::Transaction::Report do
|
|
458
477
|
status = Puppet::Resource::Status.new(Puppet::Type.type(:notify).new(:title => "a resource"))
|
459
478
|
status.changed = true
|
460
479
|
|
461
|
-
report = Puppet::Transaction::Report.new('
|
480
|
+
report = Puppet::Transaction::Report.new('apply', 1357986, 'test_environment', "df34516e-4050-402d-a166-05b03b940749")
|
462
481
|
report << Puppet::Util::Log.new(:level => :warning, :message => "log message")
|
463
482
|
report.add_times("timing", 4)
|
464
483
|
report.add_resource_status(status)
|
@@ -127,6 +127,34 @@ describe Puppet::Transaction::ResourceHarness do
|
|
127
127
|
false
|
128
128
|
end
|
129
129
|
end
|
130
|
+
|
131
|
+
newproperty(:brillig) do
|
132
|
+
desc "A property that raises a StandardError exception when you test if it's insync?"
|
133
|
+
def sync
|
134
|
+
end
|
135
|
+
|
136
|
+
def retrieve
|
137
|
+
:absent
|
138
|
+
end
|
139
|
+
|
140
|
+
def insync?(reference_value)
|
141
|
+
raise ZeroDivisionError.new('brillig')
|
142
|
+
end
|
143
|
+
end
|
144
|
+
|
145
|
+
newproperty(:slithy) do
|
146
|
+
desc "A property that raises an Exception when you test if it's insync?"
|
147
|
+
def sync
|
148
|
+
end
|
149
|
+
|
150
|
+
def retrieve
|
151
|
+
:absent
|
152
|
+
end
|
153
|
+
|
154
|
+
def insync?(reference_value)
|
155
|
+
raise Exception.new('slithy')
|
156
|
+
end
|
157
|
+
end
|
130
158
|
end
|
131
159
|
stubProvider
|
132
160
|
end
|
@@ -164,6 +192,35 @@ describe Puppet::Transaction::ResourceHarness do
|
|
164
192
|
end
|
165
193
|
end
|
166
194
|
|
195
|
+
describe "when a StandardError exception occurs during insync?" do
|
196
|
+
before :each do
|
197
|
+
stub_provider = make_stub_provider
|
198
|
+
@resource = stub_provider.new :name => 'name', :brillig => 1
|
199
|
+
@resource.expects(:err).never
|
200
|
+
end
|
201
|
+
|
202
|
+
it "should record a failure event" do
|
203
|
+
@status = @harness.evaluate(@resource)
|
204
|
+
@status.events[0].name.to_s.should == 'brillig_changed'
|
205
|
+
@status.events[0].property.should == 'brillig'
|
206
|
+
@status.events[0].status.should == 'failure'
|
207
|
+
end
|
208
|
+
end
|
209
|
+
|
210
|
+
describe "when an Exception occurs during insync?" do
|
211
|
+
before :each do
|
212
|
+
stub_provider = make_stub_provider
|
213
|
+
@resource = stub_provider.new :name => 'name', :slithy => 1
|
214
|
+
@resource.expects(:err).never
|
215
|
+
end
|
216
|
+
|
217
|
+
it "should log and pass the exception through" do
|
218
|
+
lambda { @harness.evaluate(@resource) }.should raise_error(Exception, /slithy/)
|
219
|
+
@logs.first.message.should == "change from absent to 1 failed: slithy"
|
220
|
+
@logs.first.level.should == :err
|
221
|
+
end
|
222
|
+
end
|
223
|
+
|
167
224
|
describe "when auditing" do
|
168
225
|
it "should not call insync? on parameters that are merely audited" do
|
169
226
|
stub_provider = make_stub_provider
|
@@ -180,7 +237,9 @@ describe Puppet::Transaction::ResourceHarness do
|
|
180
237
|
File.open(test_file, 'w').close
|
181
238
|
resource = Puppet::Type.type(:file).new :path => test_file, :audit => ['group'], :backup => false
|
182
239
|
resource.expects(:err).never # make sure no exceptions get swallowed
|
240
|
+
|
183
241
|
status = @harness.evaluate(resource)
|
242
|
+
|
184
243
|
status.events.each do |event|
|
185
244
|
event.status.should != 'failure'
|
186
245
|
end
|
@@ -188,222 +247,13 @@ describe Puppet::Transaction::ResourceHarness do
|
|
188
247
|
end
|
189
248
|
|
190
249
|
describe "when applying changes" do
|
191
|
-
[false, true].each do |noop_mode|; describe (noop_mode ? "in noop mode" : "in normal mode") do
|
192
|
-
[nil, @mode_750].each do |machine_state|; describe (machine_state ? "with a file initially present" : "with no file initially present") do
|
193
|
-
[nil, @mode_750, @mode_755].each do |yaml_mode|
|
194
|
-
[nil, :file, :absent].each do |yaml_ensure|; describe "with mode=#{yaml_mode.inspect} and ensure=#{yaml_ensure.inspect} stored in state.yml" do
|
195
|
-
[false, true].each do |auditing_ensure|
|
196
|
-
[false, true].each do |auditing_mode|
|
197
|
-
auditing = []
|
198
|
-
auditing.push(:mode) if auditing_mode
|
199
|
-
auditing.push(:ensure) if auditing_ensure
|
200
|
-
[nil, :file, :absent].each do |ensure_property| # what we set "ensure" to in the manifest
|
201
|
-
[nil, @mode_750, @mode_755].each do |mode_property| # what we set "mode" to in the manifest
|
202
|
-
manifest_settings = {}
|
203
|
-
manifest_settings[:audit] = auditing if !auditing.empty?
|
204
|
-
manifest_settings[:ensure] = ensure_property if ensure_property
|
205
|
-
manifest_settings[:mode] = mode_property if mode_property
|
206
|
-
describe "with manifest settings #{manifest_settings.inspect}" do; it "should behave properly" do
|
207
|
-
# Set up preconditions
|
208
|
-
test_file = tmpfile('foo')
|
209
|
-
if machine_state
|
210
|
-
File.open(test_file, 'w', machine_state.to_i(8)).close
|
211
|
-
end
|
212
|
-
|
213
|
-
Puppet[:noop] = noop_mode
|
214
|
-
params = { :path => test_file, :backup => false }
|
215
|
-
params.merge!(manifest_settings)
|
216
|
-
resource = Puppet::Type.type(:file).new params
|
217
|
-
|
218
|
-
@harness.cache(resource, :mode, yaml_mode) if yaml_mode
|
219
|
-
@harness.cache(resource, :ensure, yaml_ensure) if yaml_ensure
|
220
|
-
|
221
|
-
fake_time = Time.utc(2011, 'jan', 3, 12, 24, 0)
|
222
|
-
Time.stubs(:now).returns(fake_time) # So that Puppet::Resource::Status objects will compare properly
|
223
|
-
|
224
|
-
resource.expects(:err).never # make sure no exceptions get swallowed
|
225
|
-
status = @harness.evaluate(resource) # do the thing
|
226
|
-
|
227
|
-
# check that the state of the machine has been properly updated
|
228
|
-
expected_logs = []
|
229
|
-
expected_status_events = []
|
230
|
-
if auditing_mode
|
231
|
-
@harness.cached(resource, :mode).should == (machine_state || :absent)
|
232
|
-
else
|
233
|
-
@harness.cached(resource, :mode).should == yaml_mode
|
234
|
-
end
|
235
|
-
if auditing_ensure
|
236
|
-
@harness.cached(resource, :ensure).should == (machine_state ? :file : :absent)
|
237
|
-
else
|
238
|
-
@harness.cached(resource, :ensure).should == yaml_ensure
|
239
|
-
end
|
240
|
-
if ensure_property == :file
|
241
|
-
file_would_be_there_if_not_noop = true
|
242
|
-
elsif ensure_property == nil
|
243
|
-
file_would_be_there_if_not_noop = machine_state != nil
|
244
|
-
else # ensure_property == :absent
|
245
|
-
file_would_be_there_if_not_noop = false
|
246
|
-
end
|
247
|
-
file_should_be_there = noop_mode ? machine_state != nil : file_would_be_there_if_not_noop
|
248
|
-
File.exists?(test_file).should == file_should_be_there
|
249
|
-
if file_should_be_there
|
250
|
-
if noop_mode
|
251
|
-
expected_file_mode = machine_state
|
252
|
-
else
|
253
|
-
expected_file_mode = mode_property || machine_state
|
254
|
-
end
|
255
|
-
if !expected_file_mode
|
256
|
-
# we didn't specify a mode and the file was created, so mode comes from umode
|
257
|
-
else
|
258
|
-
file_mode = File.stat(test_file).mode & 0777
|
259
|
-
file_mode.should == expected_file_mode.to_i(8)
|
260
|
-
end
|
261
|
-
end
|
262
|
-
|
263
|
-
# Test log output for the "mode" parameter
|
264
|
-
previously_recorded_mode_already_logged = false
|
265
|
-
mode_status_msg = nil
|
266
|
-
if machine_state && file_would_be_there_if_not_noop && mode_property && machine_state != mode_property
|
267
|
-
if noop_mode
|
268
|
-
what_happened = "current_value #{machine_state}, should be #{mode_property} (noop)"
|
269
|
-
expected_status = 'noop'
|
270
|
-
else
|
271
|
-
what_happened = "mode changed '#{machine_state}' to '#{mode_property}'"
|
272
|
-
expected_status = 'success'
|
273
|
-
end
|
274
|
-
if auditing_mode && yaml_mode && yaml_mode != machine_state
|
275
|
-
previously_recorded_mode_already_logged = true
|
276
|
-
mode_status_msg = "#{what_happened} (previously recorded value was #{yaml_mode})"
|
277
|
-
else
|
278
|
-
mode_status_msg = what_happened
|
279
|
-
end
|
280
|
-
expected_logs << "notice: /#{resource}/mode: #{mode_status_msg}"
|
281
|
-
end
|
282
|
-
if @harness.cached(resource, :mode) && @harness.cached(resource, :mode) != yaml_mode
|
283
|
-
if yaml_mode
|
284
|
-
unless previously_recorded_mode_already_logged
|
285
|
-
mode_status_msg = "audit change: previously recorded value #{yaml_mode} has been changed to #{@harness.cached(resource, :mode)}"
|
286
|
-
expected_logs << "notice: /#{resource}/mode: #{mode_status_msg}"
|
287
|
-
expected_status = 'audit'
|
288
|
-
end
|
289
|
-
else
|
290
|
-
expected_logs << "notice: /#{resource}/mode: audit change: newly-recorded value #{@harness.cached(resource, :mode)}"
|
291
|
-
end
|
292
|
-
end
|
293
|
-
if mode_status_msg
|
294
|
-
expected_status_events << Puppet::Transaction::Event.new(
|
295
|
-
:source_description => "/#{resource}/mode", :resource => resource, :file => nil,
|
296
|
-
:line => nil, :tags => %w{file}, :desired_value => mode_property,
|
297
|
-
:historical_value => yaml_mode, :message => mode_status_msg, :name => :mode_changed,
|
298
|
-
:previous_value => machine_state || :absent, :property => :mode, :status => expected_status,
|
299
|
-
:audited => auditing_mode)
|
300
|
-
end
|
301
|
-
|
302
|
-
# Test log output for the "ensure" parameter
|
303
|
-
previously_recorded_ensure_already_logged = false
|
304
|
-
ensure_status_msg = nil
|
305
|
-
if file_would_be_there_if_not_noop != (machine_state != nil)
|
306
|
-
if noop_mode
|
307
|
-
what_happened = "current_value #{machine_state ? 'file' : 'absent'}, should be #{file_would_be_there_if_not_noop ? 'file' : 'absent'} (noop)"
|
308
|
-
expected_status = 'noop'
|
309
|
-
else
|
310
|
-
what_happened = file_would_be_there_if_not_noop ? 'created' : 'removed'
|
311
|
-
expected_status = 'success'
|
312
|
-
end
|
313
|
-
if auditing_ensure && yaml_ensure && yaml_ensure != (machine_state ? :file : :absent)
|
314
|
-
previously_recorded_ensure_already_logged = true
|
315
|
-
ensure_status_msg = "#{what_happened} (previously recorded value was #{yaml_ensure})"
|
316
|
-
else
|
317
|
-
ensure_status_msg = "#{what_happened}"
|
318
|
-
end
|
319
|
-
expected_logs << "notice: /#{resource}/ensure: #{ensure_status_msg}"
|
320
|
-
end
|
321
|
-
if @harness.cached(resource, :ensure) && @harness.cached(resource, :ensure) != yaml_ensure
|
322
|
-
if yaml_ensure
|
323
|
-
unless previously_recorded_ensure_already_logged
|
324
|
-
ensure_status_msg = "audit change: previously recorded value #{yaml_ensure} has been changed to #{@harness.cached(resource, :ensure)}"
|
325
|
-
expected_logs << "notice: /#{resource}/ensure: #{ensure_status_msg}"
|
326
|
-
expected_status = 'audit'
|
327
|
-
end
|
328
|
-
else
|
329
|
-
expected_logs << "notice: /#{resource}/ensure: audit change: newly-recorded value #{@harness.cached(resource, :ensure)}"
|
330
|
-
end
|
331
|
-
end
|
332
|
-
if ensure_status_msg
|
333
|
-
if ensure_property == :file
|
334
|
-
ensure_event_name = :file_created
|
335
|
-
elsif ensure_property == nil
|
336
|
-
ensure_event_name = :file_changed
|
337
|
-
else # ensure_property == :absent
|
338
|
-
ensure_event_name = :file_removed
|
339
|
-
end
|
340
|
-
expected_status_events << Puppet::Transaction::Event.new(
|
341
|
-
:source_description => "/#{resource}/ensure", :resource => resource, :file => nil,
|
342
|
-
:line => nil, :tags => %w{file}, :desired_value => ensure_property,
|
343
|
-
:historical_value => yaml_ensure, :message => ensure_status_msg, :name => ensure_event_name,
|
344
|
-
:previous_value => machine_state ? :file : :absent, :property => :ensure,
|
345
|
-
:status => expected_status, :audited => auditing_ensure)
|
346
|
-
end
|
347
|
-
|
348
|
-
# Actually check the logs.
|
349
|
-
@logs.map {|l| "#{l.level}: #{l.source}: #{l.message}"}.should =~ expected_logs
|
350
|
-
|
351
|
-
# All the log messages should show up as events except the "newly-recorded" ones.
|
352
|
-
expected_event_logs = @logs.reject {|l| l.message =~ /newly-recorded/ }
|
353
|
-
status.events.map {|e| e.message}.should =~ expected_event_logs.map {|l| l.message }
|
354
|
-
events_to_hash(status.events).should =~ events_to_hash(expected_status_events)
|
355
|
-
|
356
|
-
# Check change count - this is the number of changes that actually occurred.
|
357
|
-
expected_change_count = 0
|
358
|
-
if (machine_state != nil) != file_should_be_there
|
359
|
-
expected_change_count = 1
|
360
|
-
elsif machine_state != nil
|
361
|
-
if expected_file_mode != machine_state
|
362
|
-
expected_change_count = 1
|
363
|
-
end
|
364
|
-
end
|
365
|
-
status.change_count.should == expected_change_count
|
366
|
-
|
367
|
-
# Check out of sync count - this is the number
|
368
|
-
# of changes that would have occurred in
|
369
|
-
# non-noop mode.
|
370
|
-
expected_out_of_sync_count = 0
|
371
|
-
if (machine_state != nil) != file_would_be_there_if_not_noop
|
372
|
-
expected_out_of_sync_count = 1
|
373
|
-
elsif machine_state != nil
|
374
|
-
if mode_property != nil && mode_property != machine_state
|
375
|
-
expected_out_of_sync_count = 1
|
376
|
-
end
|
377
|
-
end
|
378
|
-
if !noop_mode
|
379
|
-
expected_out_of_sync_count.should == expected_change_count
|
380
|
-
end
|
381
|
-
status.out_of_sync_count.should == expected_out_of_sync_count
|
382
|
-
|
383
|
-
# Check legacy summary fields
|
384
|
-
status.changed.should == (expected_change_count != 0)
|
385
|
-
status.out_of_sync.should == (expected_out_of_sync_count != 0)
|
386
|
-
|
387
|
-
# Check the :synced field on state.yml
|
388
|
-
synced_should_be_set = !noop_mode && status.changed
|
389
|
-
(@harness.cached(resource, :synced) != nil).should == synced_should_be_set
|
390
|
-
end; end
|
391
|
-
end
|
392
|
-
end
|
393
|
-
end
|
394
|
-
end
|
395
|
-
end; end
|
396
|
-
end
|
397
|
-
end; end
|
398
|
-
end; end
|
399
|
-
|
400
250
|
it "should not apply changes if allow_changes?() returns false" do
|
401
251
|
test_file = tmpfile('foo')
|
402
252
|
resource = Puppet::Type.type(:file).new :path => test_file, :backup => false, :ensure => :file
|
403
253
|
resource.expects(:err).never # make sure no exceptions get swallowed
|
404
254
|
@harness.expects(:allow_changes?).with(resource).returns false
|
405
255
|
status = @harness.evaluate(resource)
|
406
|
-
File.
|
256
|
+
Puppet::FileSystem::File.exist?(test_file).should == false
|
407
257
|
end
|
408
258
|
end
|
409
259
|
|