RubyGems - puppet - Versions diffs - 5.3.4 → 6.29.0 - Mend

puppet 5.3.4 → 6.29.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (2105) hide show

checksums.yaml +7 -0
data/CODEOWNERS +11 -0
data/CODE_OF_CONDUCT.md +70 -0
data/CONTRIBUTING.md +59 -55
data/Gemfile +52 -70
data/Gemfile.lock +251 -0
data/Guardfile.example +76 -0
data/LICENSE +189 -4
data/README.md +31 -37
data/Rakefile +53 -52
data/conf/auth.conf +7 -2
data/conf/environment.conf +1 -1
data/conf/fileserver.conf +1 -1
data/conf/puppet.conf +4 -4
data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +19 -20
data/{ext → examples}/nagios/check_puppet.rb +2 -2
data/ext/README.md +13 -0
data/ext/build_defaults.yaml +1 -2
data/ext/hiera/hiera.yaml +1 -1
data/ext/osx/puppet.plist +2 -0
data/ext/project_data.yaml +16 -12
data/ext/redhat/client.init +2 -2
data/ext/solaris/smf/puppet +11 -11
data/ext/solaris/smf/puppet.xml +2 -0
data/ext/windows/service/daemon.rb +40 -10
data/install.rb +8 -27
data/lib/hiera/puppet_function.rb +1 -1
data/lib/hiera/scope.rb +31 -2
data/lib/hiera_puppet.rb +2 -1
data/lib/puppet/agent/locker.rb +0 -7
data/lib/puppet/agent.rb +68 -26
data/lib/puppet/application/agent.rb +107 -59
data/lib/puppet/application/apply.rb +144 -74
data/lib/puppet/application/cert.rb +27 -285
data/lib/puppet/application/describe.rb +10 -15
data/lib/puppet/application/device.rb +241 -89
data/lib/puppet/application/doc.rb +8 -5
data/lib/puppet/application/face_base.rb +23 -16
data/lib/puppet/application/facts.rb +5 -0
data/lib/puppet/application/filebucket.rb +51 -16
data/lib/puppet/application/lookup.rb +92 -20
data/lib/puppet/application/plugin.rb +1 -0
data/lib/puppet/application/resource.rb +39 -23
data/lib/puppet/application/script.rb +264 -0
data/lib/puppet/application/ssl.rb +288 -0
data/lib/puppet/application.rb +25 -9
data/lib/puppet/application_support.rb +9 -3
data/lib/puppet/concurrent/lock.rb +16 -0
data/lib/puppet/concurrent/synchronized.rb +15 -0
data/lib/puppet/concurrent/thread_local_singleton.rb +17 -0
data/lib/puppet/concurrent.rb +2 -0
data/lib/puppet/configurer/downloader.rb +36 -18
data/lib/puppet/configurer/fact_handler.rb +5 -1
data/lib/puppet/configurer/plugin_handler.rb +36 -11
data/lib/puppet/configurer.rb +367 -152
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/confine/boolean.rb +45 -0
data/lib/puppet/confine/false.rb +7 -1
data/lib/puppet/confine/true.rb +7 -1
data/lib/puppet/confine/variable.rb +1 -1
data/lib/puppet/confine.rb +6 -3
data/lib/puppet/confine_collection.rb +2 -1
data/lib/puppet/context/trusted_information.rb +48 -4
data/lib/puppet/context.rb +120 -48
data/lib/puppet/daemon.rb +17 -30
data/lib/puppet/datatypes/error.rb +21 -0
data/lib/puppet/datatypes/impl/error.rb +40 -0
data/lib/puppet/datatypes.rb +213 -0
data/lib/puppet/defaults.rb +651 -371
data/lib/puppet/environments.rb +218 -105
data/lib/puppet/error.rb +52 -4
data/lib/puppet/etc.rb +26 -7
data/lib/puppet/external/dot.rb +23 -24
data/lib/puppet/external/pson/pure/generator.rb +1 -1
data/lib/puppet/external/pson/pure/parser.rb +3 -2
data/lib/puppet/face/catalog.rb +20 -1
data/lib/puppet/face/config.rb +167 -32
data/lib/puppet/face/epp.rb +52 -15
data/lib/puppet/face/facts.rb +210 -0
data/lib/puppet/face/generate.rb +2 -0
data/lib/puppet/face/help/action.erb +5 -1
data/lib/puppet/face/help/face.erb +2 -1
data/lib/puppet/face/help/global.erb +2 -2
data/lib/puppet/face/help/man.erb +1 -1
data/lib/puppet/face/help.rb +80 -41
data/lib/puppet/face/key.rb +1 -1
data/lib/puppet/face/man.rb +55 -12
data/lib/puppet/face/module/build.rb +5 -54
data/lib/puppet/face/module/changes.rb +2 -1
data/lib/puppet/face/module/generate.rb +6 -243
data/lib/puppet/face/module/install.rb +1 -4
data/lib/puppet/face/module/list.rb +5 -10
data/lib/puppet/face/module/search.rb +13 -4
data/lib/puppet/face/module/uninstall.rb +2 -5
data/lib/puppet/face/module/upgrade.rb +2 -5
data/lib/puppet/face/node/clean.rb +26 -12
data/lib/puppet/face/node.rb +3 -3
data/lib/puppet/face/parser.rb +78 -12
data/lib/puppet/face/plugin.rb +9 -4
data/lib/puppet/face/status.rb +3 -3
data/lib/puppet/facter_impl.rb +96 -0
data/lib/puppet/feature/base.rb +9 -28
data/lib/puppet/feature/bolt.rb +3 -0
data/lib/puppet/feature/eventlog.rb +1 -1
data/lib/puppet/ffi/posix/constants.rb +14 -0
data/lib/puppet/ffi/posix/functions.rb +24 -0
data/lib/puppet/ffi/posix.rb +10 -0
data/lib/puppet/file_bucket/dipper.rb +5 -5
data/lib/puppet/file_bucket/file.rb +0 -2
data/lib/puppet/file_serving/base.rb +16 -16
data/lib/puppet/file_serving/configuration/parser.rb +2 -0
data/lib/puppet/file_serving/configuration.rb +5 -1
data/lib/puppet/file_serving/fileset.rb +17 -5
data/lib/puppet/file_serving/http_metadata.rb +19 -5
data/lib/puppet/file_serving/metadata.rb +12 -4
data/lib/puppet/file_serving/mount/file.rb +6 -5
data/lib/puppet/file_serving/mount/locales.rb +3 -3
data/lib/puppet/file_serving/mount/modules.rb +4 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +3 -3
data/lib/puppet/file_serving/mount/plugins.rb +3 -3
data/lib/puppet/file_serving/mount/scripts.rb +24 -0
data/lib/puppet/file_serving/mount/tasks.rb +4 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +45 -11
data/lib/puppet/file_system/jruby.rb +23 -0
data/lib/puppet/file_system/memory_file.rb +15 -2
data/lib/puppet/file_system/memory_impl.rb +13 -0
data/lib/puppet/file_system/posix.rb +3 -2
data/lib/puppet/file_system/uniquefile.rb +15 -17
data/lib/puppet/file_system/windows.rb +85 -2
data/lib/puppet/file_system.rb +29 -15
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/errors.rb +5 -5
data/lib/puppet/forge/repository.rb +28 -87
data/lib/puppet/forge.rb +45 -22
data/lib/puppet/functions/abs.rb +61 -0
data/lib/puppet/functions/alert.rb +1 -1
data/lib/puppet/functions/all.rb +15 -11
data/lib/puppet/functions/annotate.rb +11 -11
data/lib/puppet/functions/any.rb +15 -11
data/lib/puppet/functions/assert_type.rb +7 -7
data/lib/puppet/functions/binary_file.rb +14 -2
data/lib/puppet/functions/break.rb +34 -9
data/lib/puppet/functions/call.rb +43 -5
data/lib/puppet/functions/camelcase.rb +62 -0
data/lib/puppet/functions/capitalize.rb +61 -0
data/lib/puppet/functions/ceiling.rb +37 -0
data/lib/puppet/functions/chomp.rb +57 -0
data/lib/puppet/functions/chop.rb +67 -0
data/lib/puppet/functions/compare.rb +125 -0
data/lib/puppet/functions/contain.rb +25 -3
data/lib/puppet/functions/convert_to.rb +34 -0
data/lib/puppet/functions/crit.rb +1 -1
data/lib/puppet/functions/debug.rb +1 -1
data/lib/puppet/functions/defined.rb +11 -12
data/lib/puppet/functions/dig.rb +47 -3
data/lib/puppet/functions/downcase.rb +89 -0
data/lib/puppet/functions/each.rb +20 -16
data/lib/puppet/functions/emerg.rb +1 -1
data/lib/puppet/functions/empty.rb +85 -0
data/lib/puppet/functions/epp.rb +5 -4
data/lib/puppet/functions/err.rb +1 -1
data/lib/puppet/functions/eyaml_lookup_key.rb +21 -15
data/lib/puppet/functions/filter.rb +31 -23
data/lib/puppet/functions/find_file.rb +15 -2
data/lib/puppet/functions/find_template.rb +63 -0
data/lib/puppet/functions/flatten.rb +64 -0
data/lib/puppet/functions/floor.rb +37 -0
data/lib/puppet/functions/get.rb +150 -0
data/lib/puppet/functions/getvar.rb +87 -0
data/lib/puppet/functions/group_by.rb +62 -0
data/lib/puppet/functions/hiera.rb +11 -11
data/lib/puppet/functions/hiera_array.rb +11 -11
data/lib/puppet/functions/hiera_hash.rb +12 -12
data/lib/puppet/functions/hiera_include.rb +15 -15
data/lib/puppet/functions/hocon_data.rb +1 -1
data/lib/puppet/functions/include.rb +34 -2
data/lib/puppet/functions/index.rb +167 -0
data/lib/puppet/functions/info.rb +1 -1
data/lib/puppet/functions/inline_epp.rb +8 -7
data/lib/puppet/functions/join.rb +56 -0
data/lib/puppet/functions/json_data.rb +3 -3
data/lib/puppet/functions/keys.rb +25 -0
data/lib/puppet/functions/length.rb +44 -0
data/lib/puppet/functions/lest.rb +39 -1
data/lib/puppet/functions/lookup.rb +3 -2
data/lib/puppet/functions/lstrip.rb +58 -0
data/lib/puppet/functions/map.rb +22 -18
data/lib/puppet/functions/match.rb +19 -9
data/lib/puppet/functions/max.rb +183 -0
data/lib/puppet/functions/min.rb +182 -0
data/lib/puppet/functions/module_directory.rb +41 -0
data/lib/puppet/functions/new.rb +987 -8
data/lib/puppet/functions/next.rb +20 -10
data/lib/puppet/functions/notice.rb +1 -1
data/lib/puppet/functions/partition.rb +62 -0
data/lib/puppet/functions/reduce.rb +9 -11
data/lib/puppet/functions/regsubst.rb +60 -35
data/lib/puppet/functions/require.rb +42 -2
data/lib/puppet/functions/return.rb +2 -9
data/lib/puppet/functions/reverse_each.rb +72 -3
data/lib/puppet/functions/round.rb +24 -0
data/lib/puppet/functions/rstrip.rb +58 -0
data/lib/puppet/functions/size.rb +15 -0
data/lib/puppet/functions/slice.rb +23 -9
data/lib/puppet/functions/sort.rb +74 -0
data/lib/puppet/functions/split.rb +12 -10
data/lib/puppet/functions/step.rb +74 -2
data/lib/puppet/functions/strftime.rb +179 -10
data/lib/puppet/functions/strip.rb +58 -0
data/lib/puppet/functions/then.rb +65 -2
data/lib/puppet/functions/tree_each.rb +32 -35
data/lib/puppet/functions/type.rb +42 -1
data/lib/puppet/functions/unique.rb +13 -13
data/lib/puppet/functions/unwrap.rb +25 -6
data/lib/puppet/functions/upcase.rb +89 -0
data/lib/puppet/functions/values.rb +25 -0
data/lib/puppet/functions/versioncmp.rb +7 -3
data/lib/puppet/functions/warning.rb +1 -1
data/lib/puppet/functions/with.rb +9 -7
data/lib/puppet/functions/yaml_data.rb +11 -9
data/lib/puppet/functions.rb +208 -91
data/lib/puppet/generate/type.rb +12 -2
data/lib/puppet/gettext/config.rb +31 -8
data/lib/puppet/gettext/module_translations.rb +5 -5
data/lib/puppet/gettext/stubs.rb +1 -1
data/lib/puppet/graph/rb_tree_map.rb +2 -2
data/lib/puppet/graph/relationship_graph.rb +2 -1
data/lib/puppet/graph/simple_graph.rb +16 -10
data/lib/puppet/graph.rb +0 -2
data/lib/puppet/http/client.rb +468 -0
data/lib/puppet/http/errors.rb +32 -0
data/lib/puppet/http/external_client.rb +90 -0
data/lib/puppet/http/redirector.rb +89 -0
data/lib/puppet/http/resolver/server_list.rb +91 -0
data/lib/puppet/http/resolver/settings.rb +26 -0
data/lib/puppet/http/resolver/srv.rb +45 -0
data/lib/puppet/http/resolver.rb +58 -0
data/lib/puppet/http/response.rb +120 -0
data/lib/puppet/http/retry_after_handler.rb +86 -0
data/lib/puppet/http/service/ca.rb +112 -0
data/lib/puppet/http/service/compiler.rb +393 -0
data/lib/puppet/http/service/file_server.rb +207 -0
data/lib/puppet/http/service/puppetserver.rb +39 -0
data/lib/puppet/http/service/report.rb +66 -0
data/lib/puppet/http/service.rb +196 -0
data/lib/puppet/http/session.rb +131 -0
data/lib/puppet/http.rb +37 -0
data/lib/puppet/indirector/catalog/compiler.rb +60 -22
data/lib/puppet/indirector/catalog/json.rb +14 -3
data/lib/puppet/indirector/catalog/rest.rb +35 -0
data/lib/puppet/indirector/catalog/yaml.rb +0 -16
data/lib/puppet/indirector/certificate/file.rb +1 -1
data/lib/puppet/indirector/certificate/rest.rb +3 -1
data/lib/puppet/indirector/certificate_request/file.rb +1 -0
data/lib/puppet/indirector/certificate_request/memory.rb +1 -0
data/lib/puppet/indirector/certificate_request/rest.rb +1 -0
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/face.rb +2 -2
data/lib/puppet/indirector/fact_search.rb +60 -0
data/lib/puppet/indirector/facts/facter.rb +31 -12
data/lib/puppet/indirector/facts/json.rb +27 -0
data/lib/puppet/indirector/facts/rest.rb +63 -0
data/lib/puppet/indirector/facts/yaml.rb +7 -64
data/lib/puppet/indirector/file_bucket_file/file.rb +7 -3
data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
data/lib/puppet/indirector/file_content/http.rb +8 -1
data/lib/puppet/indirector/file_content/rest.rb +30 -0
data/lib/puppet/indirector/file_metadata/http.rb +28 -8
data/lib/puppet/indirector/file_metadata/rest.rb +53 -0
data/lib/puppet/indirector/file_server.rb +5 -3
data/lib/puppet/indirector/hiera.rb +6 -0
data/lib/puppet/indirector/indirection.rb +59 -31
data/lib/puppet/indirector/json.rb +6 -2
data/lib/puppet/indirector/key/file.rb +2 -6
data/lib/puppet/indirector/key/memory.rb +1 -0
data/lib/puppet/indirector/msgpack.rb +2 -2
data/lib/puppet/indirector/node/exec.rb +4 -5
data/lib/puppet/indirector/node/json.rb +8 -0
data/lib/puppet/indirector/node/rest.rb +24 -0
data/lib/puppet/indirector/node/yaml.rb +0 -6
data/lib/puppet/indirector/report/json.rb +34 -0
data/lib/puppet/indirector/report/processor.rb +4 -3
data/lib/puppet/indirector/report/rest.rb +19 -0
data/lib/puppet/indirector/report/yaml.rb +23 -0
data/lib/puppet/indirector/request.rb +49 -28
data/lib/puppet/indirector/resource/ral.rb +7 -4
data/lib/puppet/indirector/resource/validator.rb +1 -1
data/lib/puppet/indirector/rest.rb +30 -66
data/lib/puppet/indirector/ssl_file.rb +13 -52
data/lib/puppet/indirector/status/rest.rb +18 -0
data/lib/puppet/indirector/terminus.rb +11 -4
data/lib/puppet/indirector/yaml.rb +5 -5
data/lib/puppet/indirector.rb +3 -3
data/lib/puppet/info_service/class_information_service.rb +1 -1
data/lib/puppet/info_service/plan_information_service.rb +36 -0
data/lib/puppet/info_service/task_information_service.rb +7 -3
data/lib/puppet/info_service.rb +9 -0
data/lib/puppet/interface/action.rb +23 -10
data/lib/puppet/interface/action_builder.rb +8 -0
data/lib/puppet/interface/action_manager.rb +2 -1
data/lib/puppet/interface/documentation.rb +11 -7
data/lib/puppet/interface/face_collection.rb +9 -4
data/lib/puppet/interface/option.rb +4 -2
data/lib/puppet/interface/option_manager.rb +5 -3
data/lib/puppet/interface.rb +5 -3
data/lib/puppet/loaders.rb +10 -1
data/lib/puppet/metatype/manager.rb +81 -83
data/lib/puppet/module/plan.rb +159 -0
data/lib/puppet/module/task.rb +216 -32
data/lib/puppet/module.rb +51 -39
data/lib/puppet/module_tool/applications/application.rb +7 -6
data/lib/puppet/module_tool/applications/checksummer.rb +3 -3
data/lib/puppet/module_tool/applications/installer.rb +72 -13
data/lib/puppet/module_tool/applications/uninstaller.rb +6 -5
data/lib/puppet/module_tool/applications/unpacker.rb +4 -4
data/lib/puppet/module_tool/applications/upgrader.rb +12 -8
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/module_tool/contents_description.rb +2 -1
data/lib/puppet/module_tool/dependency.rb +1 -1
data/lib/puppet/module_tool/errors/shared.rb +34 -2
data/lib/puppet/module_tool/installed_modules.rb +3 -3
data/lib/puppet/module_tool/local_tarball.rb +3 -3
data/lib/puppet/module_tool/metadata.rb +5 -8
data/lib/puppet/module_tool/shared_behaviors.rb +8 -7
data/lib/puppet/module_tool/tar/mini.rb +14 -4
data/lib/puppet/module_tool.rb +4 -6
data/lib/puppet/network/authconfig.rb +5 -16
data/lib/puppet/network/authstore.rb +3 -2
data/lib/puppet/network/format_support.rb +15 -10
data/lib/puppet/network/formats.rb +168 -10
data/lib/puppet/network/http/api/indirected_routes.rb +31 -20
data/lib/puppet/network/http/api/master/v3/environment.rb +5 -2
data/lib/puppet/network/http/api/master/v3/environments.rb +2 -3
data/lib/puppet/network/http/api.rb +1 -10
data/lib/puppet/network/http/base_pool.rb +36 -0
data/lib/puppet/network/http/compression.rb +8 -1
data/lib/puppet/network/http/connection.rb +59 -36
data/lib/puppet/network/http/connection_adapter.rb +184 -0
data/lib/puppet/network/http/error.rb +3 -3
data/lib/puppet/network/http/factory.rb +16 -18
data/lib/puppet/network/http/handler.rb +60 -27
data/lib/puppet/network/http/nocache_pool.rb +11 -4
data/lib/puppet/network/http/pool.rb +24 -16
data/lib/puppet/network/http/request.rb +2 -1
data/lib/puppet/network/http/route.rb +4 -3
data/lib/puppet/network/http/session.rb +3 -2
data/lib/puppet/network/http/site.rb +5 -1
data/lib/puppet/network/http.rb +2 -7
data/lib/puppet/network/http_pool.rb +35 -1
data/lib/puppet/network/resolver.rb +140 -67
data/lib/puppet/network/rights.rb +3 -2
data/lib/puppet/network/uri.rb +18 -0
data/lib/puppet/node/environment.rb +65 -62
data/lib/puppet/node/facts.rb +28 -1
data/lib/puppet/node.rb +65 -8
data/lib/puppet/pal/catalog_compiler.rb +108 -0
data/lib/puppet/pal/compiler.rb +222 -0
data/lib/puppet/pal/function_signature.rb +52 -0
data/lib/puppet/pal/json_catalog_encoder.rb +67 -0
data/lib/puppet/pal/pal_api.rb +15 -0
data/lib/puppet/pal/pal_impl.rb +588 -0
data/lib/puppet/pal/plan_signature.rb +71 -0
data/lib/puppet/pal/script_compiler.rb +73 -0
data/lib/puppet/pal/task_signature.rb +58 -0
data/lib/puppet/parameter/boolean.rb +1 -1
data/lib/puppet/parameter/value_collection.rb +8 -8
data/lib/puppet/parameter.rb +17 -10
data/lib/puppet/parser/abstract_compiler.rb +36 -0
data/lib/puppet/parser/ast/branch.rb +4 -4
data/lib/puppet/parser/ast/leaf.rb +10 -4
data/lib/puppet/parser/ast/pops_bridge.rb +34 -68
data/lib/puppet/parser/ast/resourceparam.rb +1 -1
data/lib/puppet/parser/ast.rb +5 -9
data/lib/puppet/parser/catalog_compiler.rb +56 -0
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +3 -1
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +9 -2
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/compiler.rb +73 -93
data/lib/puppet/parser/environment_compiler.rb +4 -1
data/lib/puppet/parser/files.rb +2 -1
data/lib/puppet/parser/functions/assert_type.rb +3 -3
data/lib/puppet/parser/functions/create_resources.rb +18 -14
data/lib/puppet/parser/functions/each.rb +2 -2
data/lib/puppet/parser/functions/epp.rb +3 -3
data/lib/puppet/parser/functions/fail.rb +8 -1
data/lib/puppet/parser/functions/filter.rb +3 -2
data/lib/puppet/parser/functions/fqdn_rand.rb +27 -4
data/lib/puppet/parser/functions/generate.rb +8 -7
data/lib/puppet/parser/functions/hiera.rb +4 -4
data/lib/puppet/parser/functions/hiera_array.rb +5 -5
data/lib/puppet/parser/functions/hiera_hash.rb +6 -6
data/lib/puppet/parser/functions/hiera_include.rb +10 -11
data/lib/puppet/parser/functions/inline_epp.rb +5 -5
data/lib/puppet/parser/functions/inline_template.rb +7 -1
data/lib/puppet/parser/functions/lest.rb +1 -1
data/lib/puppet/parser/functions/lookup.rb +1 -1
data/lib/puppet/parser/functions/map.rb +1 -1
data/lib/puppet/parser/functions/new.rb +32 -47
data/lib/puppet/parser/functions/realize.rb +6 -0
data/lib/puppet/parser/functions/reduce.rb +1 -1
data/lib/puppet/parser/functions/return.rb +22 -1
data/lib/puppet/parser/functions/reverse_each.rb +2 -2
data/lib/puppet/parser/functions/scanf.rb +1 -1
data/lib/puppet/parser/functions/sha256.rb +5 -0
data/lib/puppet/parser/functions/sprintf.rb +12 -1
data/lib/puppet/parser/functions/step.rb +1 -1
data/lib/puppet/parser/functions/tag.rb +6 -0
data/lib/puppet/parser/functions/tagged.rb +6 -3
data/lib/puppet/parser/functions/template.rb +5 -0
data/lib/puppet/parser/functions/then.rb +1 -1
data/lib/puppet/parser/functions/with.rb +4 -4
data/lib/puppet/parser/functions.rb +60 -17
data/lib/puppet/parser/parser_factory.rb +1 -1
data/lib/puppet/parser/relationship.rb +2 -1
data/lib/puppet/parser/resource/param.rb +18 -5
data/lib/puppet/parser/resource.rb +11 -8
data/lib/puppet/parser/scope.rb +48 -22
data/lib/puppet/parser/script_compiler.rb +123 -0
data/lib/puppet/parser/templatewrapper.rb +4 -2
data/lib/puppet/parser/type_loader.rb +15 -14
data/lib/puppet/parser.rb +1 -0
data/lib/puppet/plugins/configuration.rb +5 -1
data/lib/puppet/pops/adaptable.rb +8 -17
data/lib/puppet/pops/adapters.rb +22 -4
data/lib/puppet/pops/evaluator/access_operator.rb +39 -5
data/lib/puppet/pops/evaluator/closure.rb +19 -9
data/lib/puppet/pops/evaluator/collector_transformer.rb +1 -1
data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +4 -4
data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +3 -2
data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +2 -1
data/lib/puppet/pops/evaluator/compare_operator.rb +7 -5
data/lib/puppet/pops/evaluator/deferred_resolver.rb +132 -0
data/lib/puppet/pops/evaluator/epp_evaluator.rb +15 -2
data/lib/puppet/pops/evaluator/evaluator_impl.rb +82 -16
data/lib/puppet/pops/evaluator/external_syntax_support.rb +6 -5
data/lib/puppet/pops/evaluator/literal_evaluator.rb +1 -1
data/lib/puppet/pops/evaluator/runtime3_converter.rb +24 -5
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +5 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +18 -21
data/lib/puppet/pops/functions/dispatch.rb +13 -6
data/lib/puppet/pops/functions/function.rb +2 -2
data/lib/puppet/pops/issue_reporter.rb +18 -1
data/lib/puppet/pops/issues.rb +73 -10
data/lib/puppet/pops/loader/base_loader.rb +14 -2
data/lib/puppet/pops/loader/dependency_loader.rb +11 -2
data/lib/puppet/pops/loader/gem_support.rb +4 -2
data/lib/puppet/pops/loader/generic_plan_instantiator.rb +28 -0
data/lib/puppet/pops/loader/loader.rb +26 -5
data/lib/puppet/pops/loader/loader_paths.rb +221 -32
data/lib/puppet/pops/loader/module_loaders.rb +242 -40
data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +93 -0
data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +9 -9
data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +39 -0
data/lib/puppet/pops/loader/ruby_function_instantiator.rb +1 -2
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +121 -0
data/lib/puppet/pops/loader/runtime3_type_loader.rb +10 -3
data/lib/puppet/pops/loader/static_loader.rb +23 -44
data/lib/puppet/pops/loader/task_instantiator.rb +44 -0
data/lib/puppet/pops/loader/type_definition_instantiator.rb +8 -1
data/lib/puppet/pops/loaders.rb +169 -50
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/data_dig_function_provider.rb +1 -1
data/lib/puppet/pops/lookup/global_data_provider.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +16 -2
data/lib/puppet/pops/lookup/interpolation.rb +3 -2
data/lib/puppet/pops/lookup/invocation.rb +10 -3
data/lib/puppet/pops/lookup/key_recorder.rb +18 -0
data/lib/puppet/pops/lookup/lookup_adapter.rb +65 -9
data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
data/lib/puppet/pops/lookup.rb +1 -0
data/lib/puppet/pops/merge_strategy.rb +22 -18
data/lib/puppet/pops/model/ast.pp +19 -0
data/lib/puppet/pops/model/ast.rb +129 -1
data/lib/puppet/pops/model/ast_transformer.rb +1 -1
data/lib/puppet/pops/model/factory.rb +93 -13
data/lib/puppet/pops/model/model_label_provider.rb +9 -1
data/lib/puppet/pops/model/model_tree_dumper.rb +16 -1
data/lib/puppet/pops/model/pn_transformer.rb +401 -0
data/lib/puppet/pops/model/tree_dumper.rb +1 -1
data/lib/puppet/pops/parser/code_merger.rb +4 -4
data/lib/puppet/pops/parser/egrammar.ra +60 -18
data/lib/puppet/pops/parser/eparser.rb +1926 -1745
data/lib/puppet/pops/parser/epp_parser.rb +1 -1
data/lib/puppet/pops/parser/epp_support.rb +9 -6
data/lib/puppet/pops/parser/evaluating_parser.rb +9 -12
data/lib/puppet/pops/parser/heredoc_support.rb +20 -10
data/lib/puppet/pops/parser/interpolation_support.rb +16 -11
data/lib/puppet/pops/parser/lexer2.rb +109 -100
data/lib/puppet/pops/parser/lexer_support.rb +5 -4
data/lib/puppet/pops/parser/locatable.rb +1 -1
data/lib/puppet/pops/parser/locator.rb +116 -103
data/lib/puppet/pops/parser/parser_support.rb +14 -5
data/lib/puppet/pops/parser/pn_parser.rb +317 -0
data/lib/puppet/pops/parser/slurp_support.rb +1 -3
data/lib/puppet/pops/pcore.rb +43 -10
data/lib/puppet/pops/pn.rb +236 -0
data/lib/puppet/pops/puppet_stack.rb +55 -37
data/lib/puppet/pops/resource/param.rb +1 -1
data/lib/puppet/pops/resource/resource_type_impl.rb +4 -2
data/lib/puppet/pops/serialization/abstract_reader.rb +4 -0
data/lib/puppet/pops/serialization/abstract_writer.rb +6 -0
data/lib/puppet/pops/serialization/extension.rb +1 -0
data/lib/puppet/pops/serialization/from_data_converter.rb +68 -13
data/lib/puppet/pops/serialization/json.rb +7 -7
data/lib/puppet/pops/serialization/json_path.rb +5 -4
data/lib/puppet/pops/serialization/object.rb +3 -4
data/lib/puppet/pops/serialization/serializer.rb +2 -1
data/lib/puppet/pops/serialization/to_data_converter.rb +24 -12
data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
data/lib/puppet/pops/serialization.rb +4 -2
data/lib/puppet/pops/time/timespan.rb +4 -6
data/lib/puppet/pops/types/class_loader.rb +6 -3
data/lib/puppet/pops/types/implementation_registry.rb +28 -35
data/lib/puppet/pops/types/iterable.rb +68 -13
data/lib/puppet/pops/types/p_binary_type.rb +1 -2
data/lib/puppet/pops/types/p_init_type.rb +1 -1
data/lib/puppet/pops/types/p_meta_type.rb +5 -1
data/lib/puppet/pops/types/p_object_type.rb +152 -17
data/lib/puppet/pops/types/p_object_type_extension.rb +228 -0
data/lib/puppet/pops/types/p_sem_ver_range_type.rb +0 -1
data/lib/puppet/pops/types/p_sem_ver_type.rb +18 -4
data/lib/puppet/pops/types/p_sensitive_type.rb +11 -1
data/lib/puppet/pops/types/p_timespan_type.rb +4 -4
data/lib/puppet/pops/types/p_type_set_type.rb +28 -2
data/lib/puppet/pops/types/p_uri_type.rb +190 -0
data/lib/puppet/pops/types/puppet_object.rb +15 -1
data/lib/puppet/pops/types/ruby_generator.rb +49 -58
data/lib/puppet/pops/types/string_converter.rb +55 -23
data/lib/puppet/pops/types/tree_iterators.rb +5 -1
data/lib/puppet/pops/types/type_acceptor.rb +1 -1
data/lib/puppet/pops/types/type_calculator.rb +45 -16
data/lib/puppet/pops/types/type_factory.rb +46 -9
data/lib/puppet/pops/types/type_formatter.rb +79 -17
data/lib/puppet/pops/types/type_mismatch_describer.rb +3 -3
data/lib/puppet/pops/types/type_parser.rb +112 -15
data/lib/puppet/pops/types/type_with_members.rb +43 -0
data/lib/puppet/pops/types/types.rb +231 -115
data/lib/puppet/pops/utils.rb +2 -2
data/lib/puppet/pops/validation/checker4_0.rb +181 -12
data/lib/puppet/pops/validation/tasks_checker.rb +105 -0
data/lib/puppet/pops/validation/validator_factory_4_0.rb +14 -8
data/lib/puppet/pops/validation.rb +13 -20
data/lib/puppet/pops/visitor.rb +12 -6
data/lib/puppet/pops.rb +2 -1
data/lib/puppet/property/ensure.rb +3 -2
data/lib/puppet/property/keyvalue.rb +72 -9
data/lib/puppet/property/list.rb +3 -2
data/lib/puppet/property.rb +21 -18
data/lib/puppet/provider/aix_object.rb +485 -0
data/lib/puppet/provider/exec/posix.rb +16 -4
data/lib/puppet/provider/exec.rb +71 -64
data/lib/puppet/provider/file/posix.rb +11 -3
data/lib/puppet/provider/file/windows.rb +50 -2
data/lib/puppet/provider/group/aix.rb +69 -113
data/lib/puppet/provider/group/groupadd.rb +92 -24
data/lib/puppet/provider/group/ldap.rb +7 -4
data/lib/puppet/provider/group/pw.rb +4 -2
data/lib/puppet/provider/group/windows_adsi.rb +12 -8
data/lib/puppet/provider/ldap.rb +8 -4
data/lib/puppet/provider/nameservice/directoryservice.rb +12 -8
data/lib/puppet/provider/nameservice/objectadd.rb +13 -24
data/lib/puppet/provider/nameservice/pw.rb +14 -14
data/lib/puppet/provider/nameservice.rb +20 -29
data/lib/puppet/provider/network_device.rb +4 -2
data/lib/puppet/provider/package/aix.rb +21 -4
data/lib/puppet/provider/package/appdmg.rb +4 -3
data/lib/puppet/provider/package/apple.rb +2 -2
data/lib/puppet/provider/package/apt.rb +156 -10
data/lib/puppet/provider/package/aptitude.rb +7 -1
data/lib/puppet/provider/package/blastwave.rb +2 -1
data/lib/puppet/provider/package/dnf.rb +7 -4
data/lib/puppet/provider/package/dnfmodule.rb +141 -0
data/lib/puppet/provider/package/dpkg.rb +51 -14
data/lib/puppet/provider/package/fink.rb +22 -4
data/lib/puppet/provider/package/gem.rb +151 -53
data/lib/puppet/provider/package/macports.rb +8 -5
data/lib/puppet/provider/package/nim.rb +19 -10
data/lib/puppet/provider/package/openbsd.rb +30 -12
data/lib/puppet/provider/package/opkg.rb +2 -1
data/lib/puppet/provider/package/pacman.rb +9 -12
data/lib/puppet/provider/package/pip.rb +271 -115
data/lib/puppet/provider/package/pip2.rb +17 -0
data/lib/puppet/provider/package/pip3.rb +2 -5
data/lib/puppet/provider/package/pkg.rb +57 -10
data/lib/puppet/provider/package/pkgdmg.rb +8 -7
data/lib/puppet/provider/package/pkgng.rb +56 -26
data/lib/puppet/provider/package/pkgutil.rb +4 -3
data/lib/puppet/provider/package/portage.rb +32 -23
data/lib/puppet/provider/package/portupgrade.rb +2 -1
data/lib/puppet/provider/package/puppet_gem.rb +12 -3
data/lib/puppet/provider/package/puppetserver_gem.rb +171 -0
data/lib/puppet/provider/package/rpm.rb +87 -242
data/lib/puppet/provider/package/sun.rb +2 -2
data/lib/puppet/provider/package/windows/exe_package.rb +45 -10
data/lib/puppet/provider/package/windows/msi_package.rb +8 -0
data/lib/puppet/provider/package/windows/package.rb +14 -4
data/lib/puppet/provider/package/windows.rb +21 -4
data/lib/puppet/provider/package/yum.rb +143 -39
data/lib/puppet/provider/package/zypper.rb +68 -7
data/lib/puppet/provider/package.rb +4 -1
data/lib/puppet/provider/package_targetable.rb +69 -0
data/lib/puppet/provider/parsedfile.rb +43 -12
data/lib/puppet/provider/service/base.rb +10 -7
data/lib/puppet/provider/service/daemontools.rb +9 -9
data/lib/puppet/provider/service/debian.rb +3 -0
data/lib/puppet/provider/service/init.rb +11 -9
data/lib/puppet/provider/service/launchd.rb +49 -17
data/lib/puppet/provider/service/openbsd.rb +1 -1
data/lib/puppet/provider/service/rcng.rb +2 -2
data/lib/puppet/provider/service/redhat.rb +3 -2
data/lib/puppet/provider/service/runit.rb +2 -8
data/lib/puppet/provider/service/service.rb +2 -1
data/lib/puppet/provider/service/smf.rb +60 -6
data/lib/puppet/provider/service/systemd.rb +70 -26
data/lib/puppet/provider/service/upstart.rb +39 -13
data/lib/puppet/provider/service/windows.rb +117 -41
data/lib/puppet/provider/user/aix.rb +223 -244
data/lib/puppet/provider/user/directoryservice.rb +72 -16
data/lib/puppet/provider/user/hpux.rb +2 -2
data/lib/puppet/provider/user/ldap.rb +8 -4
data/lib/puppet/provider/user/openbsd.rb +3 -2
data/lib/puppet/provider/user/pw.rb +15 -5
data/lib/puppet/provider/user/user_role_add.rb +17 -5
data/lib/puppet/provider/user/useradd.rb +237 -62
data/lib/puppet/provider/user/windows_adsi.rb +26 -2
data/lib/puppet/provider.rb +41 -19
data/lib/puppet/reference/configuration.rb +12 -3
data/lib/puppet/reference/indirection.rb +2 -2
data/lib/puppet/reference/metaparameter.rb +1 -3
data/lib/puppet/reference/providers.rb +6 -7
data/lib/puppet/reference/report.rb +1 -1
data/lib/puppet/reference/type.rb +14 -19
data/lib/puppet/relationship.rb +4 -9
data/lib/puppet/reports/http.rb +15 -8
data/lib/puppet/reports/store.rb +1 -1
data/lib/puppet/reports.rb +3 -3
data/lib/puppet/resource/capability_finder.rb +18 -14
data/lib/puppet/resource/catalog.rb +49 -64
data/lib/puppet/resource/status.rb +11 -3
data/lib/puppet/resource/type.rb +28 -11
data/lib/puppet/resource/type_collection.rb +27 -20
data/lib/puppet/resource.rb +100 -24
data/lib/puppet/rest/errors.rb +15 -0
data/lib/puppet/rest/response.rb +35 -0
data/lib/puppet/rest/route.rb +85 -0
data/lib/puppet/rest/routes.rb +135 -0
data/lib/puppet/runtime.rb +66 -0
data/lib/puppet/settings/alias_setting.rb +37 -0
data/lib/puppet/settings/base_setting.rb +34 -4
data/lib/puppet/settings/config_file.rb +5 -5
data/lib/puppet/settings/environment_conf.rb +12 -2
data/lib/puppet/settings/file_setting.rb +3 -2
data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
data/lib/puppet/settings/ini_file.rb +67 -12
data/lib/puppet/settings/server_list_setting.rb +9 -0
data/lib/puppet/settings/ttl_setting.rb +5 -0
data/lib/puppet/settings.rb +220 -67
data/lib/puppet/ssl/base.rb +4 -11
data/lib/puppet/ssl/certificate.rb +11 -4
data/lib/puppet/ssl/certificate_request.rb +31 -23
data/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
data/lib/puppet/ssl/certificate_signer.rb +11 -0
data/lib/puppet/ssl/error.rb +26 -0
data/lib/puppet/ssl/host.rb +291 -186
data/lib/puppet/ssl/key.rb +5 -7
data/lib/puppet/ssl/oids.rb +4 -3
data/lib/puppet/ssl/openssl_loader.rb +24 -0
data/lib/puppet/ssl/ssl_context.rb +30 -0
data/lib/puppet/ssl/ssl_provider.rb +333 -0
data/lib/puppet/ssl/state_machine.rb +472 -0
data/lib/puppet/ssl/validator/default_validator.rb +61 -25
data/lib/puppet/ssl/validator/no_validator.rb +3 -1
data/lib/puppet/ssl/validator.rb +2 -1
data/lib/puppet/ssl/verifier.rb +140 -0
data/lib/puppet/ssl/verifier_adapter.rb +58 -0
data/lib/puppet/ssl.rb +9 -3
data/lib/puppet/syntax_checkers/base64.rb +1 -1
data/lib/puppet/syntax_checkers/epp.rb +34 -0
data/lib/puppet/syntax_checkers/json.rb +1 -1
data/lib/puppet/syntax_checkers/pp.rb +34 -0
data/lib/puppet/test/test_helper.rb +33 -18
data/lib/puppet/thread_local.rb +7 -0
data/lib/puppet/transaction/additional_resource_generator.rb +3 -3
data/lib/puppet/transaction/event.rb +40 -16
data/lib/puppet/transaction/event_manager.rb +17 -5
data/lib/puppet/transaction/persistence.rb +22 -2
data/lib/puppet/transaction/report.rb +57 -34
data/lib/puppet/transaction/resource_harness.rb +9 -4
data/lib/puppet/transaction.rb +77 -23
data/lib/puppet/trusted_external.rb +41 -0
data/lib/puppet/type/component.rb +2 -1
data/lib/puppet/type/exec.rb +156 -66
data/lib/puppet/type/file/checksum.rb +10 -4
data/lib/puppet/type/file/checksum_value.rb +4 -3
data/lib/puppet/type/file/content.rb +24 -8
data/lib/puppet/type/file/ctime.rb +2 -1
data/lib/puppet/type/file/data_sync.rb +8 -3
data/lib/puppet/type/file/ensure.rb +11 -8
data/lib/puppet/type/file/mode.rb +15 -3
data/lib/puppet/type/file/mtime.rb +2 -1
data/lib/puppet/type/file/selcontext.rb +2 -1
data/lib/puppet/type/file/source.rb +98 -75
data/lib/puppet/type/file/target.rb +2 -1
data/lib/puppet/type/file/type.rb +2 -1
data/lib/puppet/type/file.rb +146 -51
data/lib/puppet/type/filebucket.rb +15 -11
data/lib/puppet/type/group.rb +43 -12
data/lib/puppet/type/notify.rb +6 -5
data/lib/puppet/type/package.rb +185 -35
data/lib/puppet/type/resources.rb +15 -4
data/lib/puppet/type/schedule.rb +59 -99
data/lib/puppet/type/service.rb +76 -25
data/lib/puppet/type/stage.rb +1 -1
data/lib/puppet/type/tidy.rb +57 -18
data/lib/puppet/type/user.rb +186 -101
data/lib/puppet/type.rb +159 -90
data/lib/puppet/util/at_fork.rb +1 -1
data/lib/puppet/util/autoload.rb +51 -62
data/lib/puppet/util/backups.rb +1 -1
data/lib/puppet/util/character_encoding.rb +11 -29
data/lib/puppet/util/checksums.rb +101 -7
data/lib/puppet/util/classgen.rb +12 -12
data/lib/puppet/util/command_line/trollop.rb +1 -1
data/lib/puppet/util/command_line.rb +16 -10
data/lib/puppet/util/connection.rb +88 -0
data/lib/puppet/util/diff.rb +4 -2
data/lib/puppet/util/errors.rb +0 -2
data/lib/puppet/util/execution.rb +28 -11
data/lib/puppet/util/fact_dif.rb +81 -0
data/lib/puppet/util/feature.rb +77 -43
data/lib/puppet/util/fileparsing.rb +79 -46
data/lib/puppet/util/filetype.rb +62 -13
data/lib/puppet/util/http_proxy.rb +37 -25
data/lib/puppet/util/inifile.rb +3 -4
data/lib/puppet/util/instance_loader.rb +16 -29
data/lib/puppet/util/json.rb +89 -0
data/lib/puppet/util/json_lockfile.rb +3 -3
data/lib/puppet/util/ldap/connection.rb +11 -9
data/lib/puppet/util/ldap/manager.rb +6 -3
data/lib/puppet/util/log/destinations.rb +21 -17
data/lib/puppet/util/log.rb +26 -17
data/lib/puppet/util/logging.rb +36 -47
data/lib/puppet/util/metric.rb +4 -3
data/lib/puppet/util/monkey_patches.rb +76 -23
data/lib/puppet/util/network_device/base.rb +1 -1
data/lib/puppet/util/network_device/config.rb +2 -3
data/lib/puppet/util/package/version/debian.rb +175 -0
data/lib/puppet/util/package/version/gem.rb +15 -0
data/lib/puppet/util/package/version/pip.rb +167 -0
data/lib/puppet/util/package/version/range/eq.rb +14 -0
data/lib/puppet/util/package/version/range/gt.rb +14 -0
data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/lt.rb +14 -0
data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/min_max.rb +21 -0
data/lib/puppet/util/package/version/range/simple.rb +11 -0
data/lib/puppet/util/package/version/range.rb +53 -0
data/lib/puppet/util/package/version/rpm.rb +73 -0
data/lib/puppet/util/package.rb +25 -16
data/lib/puppet/util/pidlock.rb +45 -5
data/lib/puppet/util/platform.rb +48 -0
data/lib/puppet/util/plist.rb +10 -4
data/lib/puppet/util/posix.rb +69 -3
data/lib/puppet/util/provider_features.rb +5 -10
data/lib/puppet/util/rdoc/code_objects.rb +2 -1
data/lib/puppet/util/rdoc/generators/puppet_generator.rb +6 -4
data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +2 -2
data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
data/lib/puppet/util/rdoc.rb +2 -2
data/lib/puppet/util/reference.rb +10 -16
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/rpm_compare.rb +193 -0
data/lib/puppet/util/rubygems.rb +6 -14
data/lib/puppet/util/run_mode.rb +6 -2
data/lib/puppet/util/selinux.rb +41 -8
data/lib/puppet/util/skip_tags.rb +4 -0
data/lib/puppet/util/ssl.rb +31 -1
data/lib/puppet/util/storage.rb +13 -2
data/lib/puppet/util/suidmanager.rb +8 -7
data/lib/puppet/util/symbolic_file_mode.rb +29 -17
data/lib/puppet/util/tag_set.rb +1 -1
data/lib/puppet/util/tagging.rb +19 -5
data/lib/puppet/util/warnings.rb +0 -2
data/lib/puppet/util/windows/adsi.rb +305 -206
data/lib/puppet/util/windows/api_types.rb +60 -33
data/lib/puppet/util/windows/com.rb +2 -1
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/file.rb +20 -2
data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
data/lib/puppet/util/windows/principal.rb +24 -14
data/lib/puppet/util/windows/process.rb +93 -4
data/lib/puppet/util/windows/registry.rb +48 -16
data/lib/puppet/util/windows/root_certs.rb +1 -1
data/lib/puppet/util/windows/security.rb +66 -16
data/lib/puppet/util/windows/service.rb +1147 -0
data/lib/puppet/util/windows/sid.rb +68 -12
data/lib/puppet/util/windows/user.rb +254 -14
data/lib/puppet/util/windows.rb +23 -2
data/lib/puppet/util/yaml.rb +62 -7
data/lib/puppet/util.rb +130 -55
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +18 -18
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/vendor.rb +1 -1
data/lib/puppet/version.rb +2 -5
data/lib/puppet/x509/cert_provider.rb +355 -0
data/lib/puppet/x509/pem_store.rb +55 -0
data/lib/puppet/x509.rb +7 -0
data/lib/puppet.rb +83 -36
data/lib/puppet_pal.rb +8 -0
data/locales/puppet.pot +5 -9763
data/man/man5/puppet.conf.5 +651 -390
data/man/man8/puppet-agent.8 +88 -67
data/man/man8/puppet-apply.8 +8 -5
data/man/man8/puppet-catalog.8 +39 -11
data/man/man8/puppet-config.8 +42 -8
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +55 -22
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +35 -13
data/man/man8/puppet-facts.8 +144 -6
data/man/man8/puppet-filebucket.8 +58 -12
data/man/man8/puppet-generate.8 +2 -2
data/man/man8/puppet-help.8 +7 -4
data/man/man8/puppet-key.8 +9 -15
data/man/man8/puppet-lookup.8 +10 -7
data/man/man8/puppet-man.8 +11 -5
data/man/man8/puppet-module.8 +28 -106
data/man/man8/puppet-node.8 +13 -13
data/man/man8/puppet-parser.8 +32 -9
data/man/man8/puppet-plugin.8 +2 -2
data/man/man8/puppet-report.8 +9 -6
data/man/man8/puppet-resource.8 +2 -2
data/man/man8/puppet-script.8 +70 -0
data/man/man8/puppet-ssl.8 +59 -0
data/man/man8/puppet-status.8 +7 -7
data/man/man8/puppet.8 +12 -3
data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +92 -0
data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
data/{lib/puppet/vendor/semantic_puppet → spec/fixtures/integration/l10n/envs/prod/modules/demo}/locales/config.yaml +8 -4
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
data/spec/fixtures/ssl/127.0.0.1-key.pem +117 -0
data/spec/fixtures/ssl/127.0.0.1.pem +69 -0
data/spec/fixtures/ssl/bad-basic-constraints.pem +81 -0
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +81 -0
data/spec/fixtures/ssl/ca.pem +81 -0
data/spec/fixtures/ssl/crl.pem +40 -0
data/spec/fixtures/ssl/ec-key.pem +18 -0
data/spec/fixtures/ssl/ec.pem +49 -0
data/spec/fixtures/ssl/encrypted-ec-key.pem +21 -0
data/spec/fixtures/ssl/encrypted-key.pem +120 -0
data/spec/fixtures/ssl/intermediate-agent-crl.pem +40 -0
data/spec/fixtures/ssl/intermediate-agent.pem +81 -0
data/spec/fixtures/ssl/intermediate-crl.pem +46 -0
data/spec/fixtures/ssl/intermediate.pem +81 -0
data/spec/fixtures/ssl/netlock-arany-utf8.pem +23 -0
data/spec/fixtures/ssl/oid-key.pem +117 -0
data/spec/fixtures/ssl/oid.pem +69 -0
data/spec/fixtures/ssl/pluto-key.pem +117 -0
data/spec/fixtures/ssl/pluto.pem +66 -0
data/spec/fixtures/ssl/request-key.pem +117 -0
data/spec/fixtures/ssl/request.pem +60 -0
data/spec/fixtures/ssl/revoked-key.pem +117 -0
data/spec/fixtures/ssl/revoked.pem +66 -0
data/spec/fixtures/ssl/signed-key.pem +117 -0
data/spec/fixtures/ssl/signed.pem +66 -0
data/spec/fixtures/ssl/tampered-cert.pem +66 -0
data/spec/fixtures/ssl/tampered-csr.pem +60 -0
data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +117 -0
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +69 -0
data/spec/fixtures/ssl/unknown-ca-key.pem +117 -0
data/spec/fixtures/ssl/unknown-ca.pem +81 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.json +76 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/functions/hiera/hiera/backend/hieraspec_backend.rb +22 -0
data/spec/fixtures/unit/functions/lookup/hiera/backend/custom_backend.rb +18 -0
data/spec/fixtures/unit/functions/lookup/hiera/backend/other_backend.rb +7 -0
data/spec/fixtures/unit/pops/binder/bindings_composer/ok/modules/awesome2/lib/puppet_x/awesome2/echo_scheme_handler.rb +1 -1
data/spec/fixtures/unit/pops/loaders/loaders/dependent_modules_with_metadata/modules/user/manifests/init.pp +6 -6
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load.rb +11 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load2.rb +11 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load3.rb +11 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load4.rb +11 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load5.rb +12 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/func_with_syntax_error.rb +9 -0
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/good_func_load.rb +9 -0
data/spec/fixtures/unit/provider/aix_object/aix_colon_list_real_world_input.out +1 -0
data/spec/fixtures/unit/provider/aix_object/aix_colon_list_real_world_output.out +1 -0
data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.query +7 -1
data/spec/fixtures/unit/provider/package/pkgng/pkg.query.zsh +1 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
data/spec/fixtures/unit/provider/parsedfile/aliases.txt +2 -0
data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +6 -0
data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +13 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +36 -0
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
data/spec/integration/agent/logging_spec.rb +7 -9
data/spec/integration/application/agent_spec.rb +848 -0
data/spec/integration/application/apply_spec.rb +338 -178
data/spec/integration/application/doc_spec.rb +16 -7
data/spec/integration/application/filebucket_spec.rb +255 -0
data/spec/integration/application/help_spec.rb +42 -0
data/spec/integration/application/lookup_spec.rb +105 -40
data/spec/integration/application/module_spec.rb +89 -0
data/spec/integration/application/plugin_spec.rb +123 -0
data/spec/integration/application/resource_spec.rb +68 -0
data/spec/integration/application/ssl_spec.rb +20 -0
data/spec/integration/configurer_spec.rb +109 -12
data/spec/integration/data_binding_spec.rb +83 -0
data/spec/integration/defaults_spec.rb +30 -19
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/environments/setting_hooks_spec.rb +1 -1
data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
data/spec/integration/http/client_spec.rb +213 -0
data/spec/integration/indirector/catalog/compiler_spec.rb +10 -11
data/spec/integration/indirector/direct_file_server_spec.rb +2 -4
data/spec/integration/indirector/facts/facter_spec.rb +112 -63
data/spec/integration/indirector/file_content/file_server_spec.rb +7 -8
data/spec/integration/indirector/file_metadata/file_server_spec.rb +7 -8
data/spec/integration/l10n/compiler_spec.rb +37 -0
data/spec/integration/network/authconfig_spec.rb +23 -24
data/spec/integration/network/formats_spec.rb +0 -1
data/spec/integration/network/http/api/indirected_routes_spec.rb +9 -38
data/spec/integration/network/http_pool_spec.rb +293 -0
data/spec/integration/node/environment_spec.rb +16 -2
data/spec/integration/node/facts_spec.rb +9 -10
data/spec/integration/node_spec.rb +6 -11
data/spec/integration/parser/catalog_spec.rb +8 -8
data/spec/integration/parser/collection_spec.rb +6 -11
data/spec/integration/parser/compiler_spec.rb +60 -30
data/spec/integration/parser/pcore_resource_spec.rb +13 -3
data/spec/integration/parser/scope_spec.rb +3 -3
data/spec/integration/parser/script_compiler_spec.rb +113 -0
data/spec/integration/parser/undef_param_spec.rb +1 -1
data/spec/integration/provider/file/windows_spec.rb +162 -0
data/spec/integration/resource/catalog_spec.rb +14 -17
data/spec/integration/resource/type_collection_spec.rb +3 -8
data/spec/integration/transaction/report_spec.rb +12 -17
data/spec/integration/transaction_spec.rb +37 -39
data/spec/integration/type/exec_spec.rb +71 -47
data/spec/integration/type/file_spec.rb +142 -42
data/spec/integration/type/notify_spec.rb +46 -0
data/spec/integration/type/package_spec.rb +27 -31
data/spec/integration/type/tidy_spec.rb +1 -2
data/spec/integration/type_spec.rb +1 -3
data/spec/integration/util/autoload_spec.rb +10 -8
data/spec/integration/util/execution_spec.rb +54 -5
data/spec/integration/util/rdoc/parser_spec.rb +14 -25
data/spec/integration/util/settings_spec.rb +2 -2
data/spec/integration/util/windows/adsi_spec.rb +116 -8
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
data/spec/integration/util/windows/principal_spec.rb +33 -4
data/spec/integration/util/windows/process_spec.rb +28 -44
data/spec/integration/util/windows/registry_spec.rb +130 -53
data/spec/integration/util/windows/security_spec.rb +103 -12
data/spec/integration/util/windows/user_spec.rb +108 -29
data/spec/integration/util_spec.rb +9 -38
data/spec/lib/matchers/json.rb +13 -19
data/{lib/puppet/ssl → spec/lib/puppet}/certificate_factory.rb +7 -8
data/spec/lib/puppet/test_ca.rb +164 -0
data/spec/lib/puppet_spec/compiler.rb +28 -1
data/spec/lib/puppet_spec/files.rb +28 -24
data/spec/lib/puppet_spec/fixtures.rb +24 -0
data/spec/lib/puppet_spec/https.rb +95 -0
data/spec/lib/puppet_spec/language.rb +34 -35
data/spec/lib/puppet_spec/matchers.rb +0 -93
data/spec/lib/puppet_spec/module_tool/shared_functions.rb +3 -3
data/spec/lib/puppet_spec/modules.rb +39 -4
data/spec/lib/puppet_spec/puppetserver.rb +179 -0
data/spec/lib/puppet_spec/scope.rb +1 -2
data/spec/lib/puppet_spec/settings.rb +7 -1
data/spec/lib/puppet_spec/ssl.rb +265 -0
data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
data/spec/shared_behaviours/file_server_terminus.rb +8 -11
data/spec/shared_behaviours/file_serving.rb +6 -8
data/spec/shared_behaviours/hiera_indirections.rb +3 -4
data/spec/shared_behaviours/iterative_functions.rb +0 -1
data/spec/shared_behaviours/memory_terminus.rb +2 -2
data/spec/shared_behaviours/path_parameters.rb +1 -1
data/spec/shared_behaviours/things_that_declare_options.rb +2 -2
data/spec/shared_contexts/checksum.rb +4 -1
data/spec/shared_contexts/digests.rb +46 -1
data/spec/shared_contexts/https.rb +29 -0
data/spec/shared_contexts/l10n.rb +32 -0
data/spec/shared_contexts/types_setup.rb +10 -3
data/spec/shared_examples/rhel_package_provider.rb +112 -70
data/spec/spec_helper.rb +49 -22
data/spec/unit/agent/disabler_spec.rb +4 -5
data/spec/unit/agent/locker_spec.rb +12 -13
data/spec/unit/agent_spec.rb +181 -104
data/spec/unit/application/agent_spec.rb +159 -130
data/spec/unit/application/apply_spec.rb +199 -145
data/spec/unit/application/config_spec.rb +224 -5
data/spec/unit/application/describe_spec.rb +88 -51
data/spec/unit/application/device_spec.rb +424 -300
data/spec/unit/application/doc_spec.rb +46 -48
data/spec/unit/application/face_base_spec.rb +69 -68
data/spec/unit/application/facts_spec.rb +518 -9
data/spec/unit/application/filebucket_spec.rb +98 -74
data/spec/unit/application/indirection_base_spec.rb +8 -6
data/spec/unit/application/lookup_spec.rb +176 -47
data/spec/unit/application/man_spec.rb +52 -0
data/spec/unit/application/resource_spec.rb +76 -51
data/spec/unit/application/ssl_spec.rb +458 -0
data/spec/unit/application_spec.rb +171 -94
data/spec/unit/capability_spec.rb +17 -15
data/spec/unit/{ssl/certificate_factory_spec.rb → certificate_factory_spec.rb} +11 -22
data/spec/unit/concurrent/lock_spec.rb +29 -0
data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
data/spec/unit/configurer/downloader_spec.rb +41 -21
data/spec/unit/configurer/fact_handler_spec.rb +6 -11
data/spec/unit/configurer/plugin_handler_spec.rb +71 -48
data/spec/unit/configurer_spec.rb +851 -480
data/spec/unit/confine/exists_spec.rb +17 -15
data/spec/unit/confine/false_spec.rb +32 -6
data/spec/unit/confine/feature_spec.rb +7 -5
data/spec/unit/confine/true_spec.rb +32 -6
data/spec/unit/confine/variable_spec.rb +14 -15
data/spec/unit/confine_collection_spec.rb +28 -29
data/spec/unit/confine_spec.rb +36 -14
data/spec/unit/confiner_spec.rb +10 -11
data/spec/unit/context/trusted_information_spec.rb +68 -5
data/spec/unit/context_spec.rb +119 -38
data/spec/unit/daemon_spec.rb +39 -107
data/spec/unit/data_providers/function_data_provider_spec.rb +0 -1
data/spec/unit/data_providers/hiera_data_provider_spec.rb +4 -5
data/spec/unit/datatypes_spec.rb +352 -0
data/spec/unit/defaults_spec.rb +182 -19
data/spec/unit/environments_spec.rb +592 -104
data/spec/unit/etc_spec.rb +52 -29
data/spec/unit/external/pson_spec.rb +0 -1
data/spec/unit/face/config_spec.rb +247 -33
data/spec/unit/face/epp_face_spec.rb +63 -9
data/spec/unit/face/facts_spec.rb +70 -1
data/spec/unit/face/generate_spec.rb +68 -5
data/spec/unit/face/help_spec.rb +67 -74
data/spec/unit/face/key_spec.rb +0 -1
data/spec/unit/face/module/install_spec.rb +3 -5
data/spec/unit/face/module/list_spec.rb +2 -73
data/spec/unit/face/module/search_spec.rb +39 -9
data/spec/unit/face/module/uninstall_spec.rb +4 -8
data/spec/unit/face/node_spec.rb +22 -59
data/spec/unit/face/parser_spec.rb +177 -25
data/spec/unit/face/plugin_spec.rb +56 -19
data/spec/unit/face/status_spec.rb +0 -1
data/spec/unit/facter_impl_spec.rb +31 -0
data/spec/unit/file_bucket/dipper_spec.rb +39 -28
data/spec/unit/file_bucket/file_spec.rb +0 -2
data/spec/unit/file_serving/base_spec.rb +17 -21
data/spec/unit/file_serving/configuration/parser_spec.rb +49 -28
data/spec/unit/file_serving/configuration_spec.rb +77 -70
data/spec/unit/file_serving/content_spec.rb +10 -12
data/spec/unit/file_serving/fileset_spec.rb +123 -59
data/spec/unit/file_serving/http_metadata_spec.rb +38 -14
data/spec/unit/file_serving/metadata_spec.rb +41 -42
data/spec/unit/file_serving/mount/file_spec.rb +31 -32
data/spec/unit/file_serving/mount/locales_spec.rb +25 -26
data/spec/unit/file_serving/mount/modules_spec.rb +14 -15
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +25 -26
data/spec/unit/file_serving/mount/plugins_spec.rb +25 -26
data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
data/spec/unit/file_serving/mount/tasks_spec.rb +14 -15
data/spec/unit/file_serving/mount_spec.rb +0 -1
data/spec/unit/file_serving/terminus_helper_spec.rb +47 -45
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -29
data/spec/unit/file_system/path_pattern_spec.rb +1 -1
data/spec/unit/file_system/uniquefile_spec.rb +41 -6
data/spec/unit/file_system_spec.rb +330 -9
data/spec/unit/forge/errors_spec.rb +1 -1
data/spec/unit/forge/forge_spec.rb +14 -57
data/spec/unit/forge/module_release_spec.rb +161 -48
data/spec/unit/forge/repository_spec.rb +66 -163
data/spec/unit/forge_spec.rb +47 -114
data/spec/unit/functions/abs_spec.rb +70 -0
data/spec/unit/functions/assert_type_spec.rb +2 -2
data/spec/unit/functions/binary_file_spec.rb +3 -3
data/spec/unit/functions/break_spec.rb +34 -2
data/spec/unit/functions/call_spec.rb +59 -5
data/spec/unit/functions/camelcase_spec.rb +34 -0
data/spec/unit/functions/capitalize_spec.rb +34 -0
data/spec/unit/functions/ceiling_spec.rb +65 -0
data/spec/unit/functions/chomp_spec.rb +46 -0
data/spec/unit/functions/chop_spec.rb +38 -0
data/spec/unit/functions/compare_spec.rb +147 -0
data/spec/unit/functions/contain_spec.rb +2 -3
data/spec/unit/functions/convert_to_spec.rb +25 -0
data/spec/unit/functions/defined_spec.rb +0 -1
data/spec/unit/functions/downcase_spec.rb +34 -0
data/spec/unit/functions/empty_spec.rb +87 -0
data/spec/unit/functions/epp_spec.rb +13 -5
data/spec/unit/functions/filter_spec.rb +4 -4
data/spec/unit/functions/find_file_spec.rb +7 -7
data/spec/unit/functions/find_template_spec.rb +69 -0
data/spec/unit/functions/flatten_spec.rb +31 -0
data/spec/unit/functions/floor_spec.rb +65 -0
data/spec/unit/functions/get_spec.rb +135 -0
data/spec/unit/functions/getvar_spec.rb +121 -0
data/spec/unit/functions/group_by_spec.rb +40 -0
data/spec/unit/functions/hiera_spec.rb +14 -48
data/spec/unit/functions/include_spec.rb +16 -5
data/spec/unit/functions/index_spec.rb +184 -0
data/spec/unit/functions/inline_epp_spec.rb +27 -2
data/spec/unit/functions/join_spec.rb +33 -0
data/spec/unit/functions/keys_spec.rb +31 -0
data/spec/unit/functions/length_spec.rb +50 -0
data/spec/unit/functions/logging_spec.rb +11 -3
data/spec/unit/functions/lookup_fixture_spec.rb +1 -2
data/spec/unit/functions/lookup_spec.rb +165 -63
data/spec/unit/functions/lstrip_spec.rb +30 -0
data/spec/unit/functions/match_spec.rb +21 -4
data/spec/unit/functions/max_spec.rb +129 -0
data/spec/unit/functions/min_spec.rb +129 -0
data/spec/unit/functions/module_directory_spec.rb +43 -0
data/spec/unit/functions/new_spec.rb +30 -14
data/spec/unit/functions/partition_spec.rb +40 -0
data/spec/unit/functions/regsubst_spec.rb +3 -4
data/spec/unit/functions/require_spec.rb +1 -2
data/spec/unit/functions/round_spec.rb +41 -0
data/spec/unit/functions/rstrip_spec.rb +30 -0
data/spec/unit/functions/shared.rb +15 -6
data/spec/unit/functions/size_spec.rb +50 -0
data/spec/unit/functions/sort_spec.rb +79 -0
data/spec/unit/functions/split_spec.rb +3 -4
data/spec/unit/functions/step_spec.rb +1 -1
data/spec/unit/functions/strftime_spec.rb +2 -2
data/spec/unit/functions/strip_spec.rb +30 -0
data/spec/unit/functions/tree_each_spec.rb +49 -0
data/spec/unit/functions/unwrap_spec.rb +8 -0
data/spec/unit/functions/upcase_spec.rb +34 -0
data/spec/unit/functions/values_spec.rb +30 -0
data/spec/unit/functions/versioncmp_spec.rb +43 -9
data/spec/unit/functions4_spec.rb +154 -86
data/spec/unit/gettext/config_spec.rb +45 -14
data/spec/unit/gettext/module_loading_spec.rb +7 -7
data/spec/unit/graph/rb_tree_map_spec.rb +0 -2
data/spec/unit/graph/relationship_graph_spec.rb +1 -2
data/spec/unit/graph/simple_graph_spec.rb +51 -12
data/spec/unit/hiera/scope_spec.rb +7 -0
data/spec/unit/hiera_puppet_spec.rb +20 -20
data/spec/unit/http/client_spec.rb +938 -0
data/spec/unit/http/external_client_spec.rb +201 -0
data/spec/unit/http/resolver_spec.rb +133 -0
data/spec/unit/http/response_spec.rb +75 -0
data/spec/unit/http/service/ca_spec.rb +198 -0
data/spec/unit/http/service/compiler_spec.rb +806 -0
data/spec/unit/http/service/file_server_spec.rb +307 -0
data/spec/unit/http/service/puppetserver_spec.rb +82 -0
data/spec/unit/http/service/report_spec.rb +117 -0
data/spec/unit/http/service_spec.rb +144 -0
data/spec/unit/http/session_spec.rb +307 -0
data/spec/unit/indirector/catalog/compiler_spec.rb +343 -194
data/spec/unit/indirector/catalog/json_spec.rb +10 -5
data/spec/unit/indirector/catalog/msgpack_spec.rb +0 -1
data/spec/unit/indirector/catalog/rest_spec.rb +67 -3
data/spec/unit/indirector/catalog/store_configs_spec.rb +0 -1
data/spec/unit/indirector/catalog/yaml_spec.rb +0 -1
data/spec/unit/indirector/certificate/file_spec.rb +0 -9
data/spec/unit/indirector/certificate/rest_spec.rb +8 -10
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -1
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -1
data/spec/unit/indirector/direct_file_server_spec.rb +47 -50
data/spec/unit/indirector/envelope_spec.rb +1 -2
data/spec/unit/indirector/exec_spec.rb +29 -24
data/spec/unit/indirector/face_spec.rb +8 -9
data/spec/unit/indirector/facts/facter_spec.rb +131 -43
data/spec/unit/indirector/facts/json_spec.rb +255 -0
data/spec/unit/indirector/facts/network_device_spec.rb +8 -9
data/spec/unit/indirector/facts/rest_spec.rb +99 -0
data/spec/unit/indirector/facts/store_configs_spec.rb +0 -1
data/spec/unit/indirector/facts/yaml_spec.rb +95 -79
data/spec/unit/indirector/file_bucket_file/file_spec.rb +156 -100
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -3
data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -9
data/spec/unit/indirector/file_content/file_server_spec.rb +0 -1
data/spec/unit/indirector/file_content/file_spec.rb +0 -1
data/spec/unit/indirector/file_content/rest_spec.rb +53 -3
data/spec/unit/indirector/file_content/selector_spec.rb +0 -1
data/spec/unit/indirector/file_metadata/file_server_spec.rb +0 -1
data/spec/unit/indirector/file_metadata/file_spec.rb +12 -13
data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -3
data/spec/unit/indirector/file_metadata/selector_spec.rb +0 -1
data/spec/unit/indirector/file_server_spec.rb +143 -137
data/spec/unit/indirector/indirection_spec.rb +296 -231
data/spec/unit/indirector/json_spec.rb +10 -12
data/spec/unit/indirector/key/file_spec.rb +20 -39
data/spec/unit/indirector/memory_spec.rb +6 -7
data/spec/unit/indirector/msgpack_spec.rb +10 -12
data/spec/unit/indirector/node/exec_spec.rb +43 -23
data/spec/unit/indirector/node/json_spec.rb +33 -0
data/spec/unit/indirector/node/memory_spec.rb +2 -4
data/spec/unit/indirector/node/msgpack_spec.rb +0 -1
data/spec/unit/indirector/node/plain_spec.rb +2 -4
data/spec/unit/indirector/node/rest_spec.rb +57 -3
data/spec/unit/indirector/node/store_configs_spec.rb +0 -1
data/spec/unit/indirector/node/yaml_spec.rb +0 -1
data/spec/unit/indirector/none_spec.rb +5 -5
data/spec/unit/indirector/plain_spec.rb +7 -8
data/spec/unit/indirector/report/json_spec.rb +72 -0
data/spec/unit/indirector/report/msgpack_spec.rb +0 -1
data/spec/unit/indirector/report/processor_spec.rb +21 -22
data/spec/unit/indirector/report/rest_spec.rb +58 -52
data/spec/unit/indirector/report/yaml_spec.rb +72 -9
data/spec/unit/indirector/request_spec.rb +27 -29
data/spec/unit/indirector/resource/ral_spec.rb +40 -82
data/spec/unit/indirector/resource/store_configs_spec.rb +0 -1
data/spec/unit/indirector/rest_spec.rb +166 -107
data/spec/unit/indirector/ssl_file_spec.rb +99 -122
data/spec/unit/indirector/status/local_spec.rb +0 -1
data/spec/unit/indirector/status/rest_spec.rb +43 -3
data/spec/unit/indirector/terminus_spec.rb +29 -29
data/spec/unit/indirector/yaml_spec.rb +92 -70
data/spec/unit/indirector_spec.rb +2 -4
data/spec/unit/info_service_spec.rb +195 -11
data/spec/unit/interface/action_builder_spec.rb +0 -1
data/spec/unit/interface/action_manager_spec.rb +1 -2
data/spec/unit/interface/action_spec.rb +36 -13
data/spec/unit/interface/documentation_spec.rb +0 -1
data/spec/unit/interface/face_collection_spec.rb +19 -12
data/spec/unit/interface_spec.rb +6 -6
data/spec/unit/module_spec.rb +135 -113
data/spec/unit/module_tool/applications/installer_spec.rb +116 -13
data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
data/spec/unit/module_tool/applications/uninstaller_spec.rb +16 -0
data/spec/unit/module_tool/applications/unpacker_spec.rb +17 -17
data/spec/unit/module_tool/applications/upgrader_spec.rb +11 -5
data/spec/unit/module_tool/install_directory_spec.rb +8 -8
data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
data/spec/unit/module_tool/tar/mini_spec.rb +32 -12
data/spec/unit/module_tool/tar_spec.rb +12 -13
data/spec/unit/module_tool_spec.rb +7 -34
data/spec/unit/network/auth_config_parser_spec.rb +11 -13
data/spec/unit/network/authconfig_spec.rb +16 -20
data/spec/unit/network/authorization_spec.rb +4 -5
data/spec/unit/network/authstore_spec.rb +0 -16
data/spec/unit/network/format_handler_spec.rb +0 -1
data/spec/unit/network/format_spec.rb +9 -10
data/spec/unit/network/format_support_spec.rb +29 -29
data/spec/unit/network/formats_spec.rb +82 -18
data/spec/unit/network/http/api/indirected_routes_spec.rb +54 -48
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +7 -9
data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -2
data/spec/unit/network/http/api/master/v3/environments_spec.rb +11 -23
data/spec/unit/network/http/api_spec.rb +0 -28
data/spec/unit/network/http/compression_spec.rb +27 -25
data/spec/unit/network/http/connection_spec.rb +537 -275
data/spec/unit/network/http/factory_spec.rb +82 -36
data/spec/unit/network/http/handler_spec.rb +10 -23
data/spec/unit/network/http/nocache_pool_spec.rb +32 -11
data/spec/unit/network/http/pool_spec.rb +166 -59
data/spec/unit/network/http/request_spec.rb +0 -2
data/spec/unit/network/http/response_spec.rb +11 -13
data/spec/unit/network/http/route_spec.rb +0 -1
data/spec/unit/network/http/session_spec.rb +9 -3
data/spec/unit/network/http/site_spec.rb +7 -1
data/spec/unit/network/http_pool_spec.rb +99 -48
data/spec/unit/network/http_spec.rb +1 -2
data/spec/unit/network/resolver_spec.rb +103 -29
data/spec/unit/network/rights_spec.rb +52 -53
data/spec/unit/network/uri_spec.rb +47 -0
data/spec/unit/node/environment_spec.rb +72 -24
data/spec/unit/node/facts_spec.rb +20 -8
data/spec/unit/node_spec.rb +38 -23
data/spec/unit/other/selinux_spec.rb +0 -72
data/spec/unit/parameter/boolean_spec.rb +1 -2
data/spec/unit/parameter/package_options_spec.rb +1 -2
data/spec/unit/parameter/path_spec.rb +0 -1
data/spec/unit/parameter/value_collection_spec.rb +0 -1
data/spec/unit/parameter/value_spec.rb +0 -1
data/spec/unit/parameter_spec.rb +9 -9
data/spec/unit/parser/ast/block_expression_spec.rb +7 -9
data/spec/unit/parser/ast/leaf_spec.rb +20 -21
data/spec/unit/parser/compiler_spec.rb +93 -114
data/spec/unit/parser/environment_compiler_spec.rb +67 -23
data/spec/unit/parser/files_spec.rb +0 -1
data/spec/unit/parser/functions/create_resources_spec.rb +10 -1
data/spec/unit/parser/functions/digest_spec.rb +0 -5
data/spec/unit/parser/functions/fail_spec.rb +2 -7
data/spec/unit/parser/functions/file_spec.rb +13 -18
data/spec/unit/parser/functions/fqdn_rand_spec.rb +39 -2
data/spec/unit/parser/functions/generate_spec.rb +36 -39
data/spec/unit/parser/functions/inline_template_spec.rb +7 -5
data/spec/unit/parser/functions/realize_spec.rb +9 -0
data/spec/unit/parser/functions/regsubst_spec.rb +0 -5
data/spec/unit/parser/functions/scanf_spec.rb +0 -5
data/spec/unit/parser/functions/shellquote_spec.rb +0 -1
data/spec/unit/parser/functions/split_spec.rb +0 -5
data/spec/unit/parser/functions/sprintf_spec.rb +0 -5
data/spec/unit/parser/functions/tag_spec.rb +8 -6
data/spec/unit/parser/functions/tagged_spec.rb +36 -0
data/spec/unit/parser/functions/template_spec.rb +21 -17
data/spec/unit/parser/functions/versioncmp_spec.rb +1 -6
data/spec/unit/parser/functions_spec.rb +28 -4
data/spec/unit/parser/relationship_spec.rb +0 -1
data/spec/unit/parser/resource/param_spec.rb +1 -1
data/spec/unit/parser/resource_spec.rb +53 -48
data/spec/unit/parser/scope_spec.rb +72 -39
data/spec/unit/parser/templatewrapper_spec.rb +25 -15
data/spec/unit/parser/type_loader_spec.rb +18 -20
data/spec/unit/plan_spec.rb +65 -0
data/spec/unit/pops/adaptable_spec.rb +0 -2
data/spec/unit/pops/benchmark_spec.rb +0 -1
data/spec/unit/pops/evaluator/access_ops_spec.rb +0 -1
data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +10 -1
data/spec/unit/pops/evaluator/basic_expressions_spec.rb +0 -1
data/spec/unit/pops/evaluator/collections_ops_spec.rb +0 -1
data/spec/unit/pops/evaluator/comparison_ops_spec.rb +0 -1
data/spec/unit/pops/evaluator/conditionals_spec.rb +1 -2
data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +133 -17
data/spec/unit/pops/evaluator/logical_ops_spec.rb +0 -1
data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +24 -11
data/spec/unit/pops/evaluator/string_interpolation_spec.rb +0 -1
data/spec/unit/pops/evaluator/variables_spec.rb +0 -1
data/spec/unit/pops/factory_rspec_helper.rb +1 -1
data/spec/unit/pops/factory_spec.rb +8 -9
data/spec/unit/pops/issues_spec.rb +40 -26
data/spec/unit/pops/loaders/dependency_loader_spec.rb +2 -2
data/spec/unit/pops/loaders/loader_spec.rb +516 -0
data/spec/unit/pops/loaders/loaders_spec.rb +294 -46
data/spec/unit/pops/loaders/module_loaders_spec.rb +112 -0
data/spec/unit/pops/loaders/static_loader_spec.rb +16 -44
data/spec/unit/pops/lookup/context_spec.rb +0 -1
data/spec/unit/pops/lookup/interpolation_spec.rb +7 -3
data/spec/unit/pops/lookup/lookup_spec.rb +81 -0
data/spec/unit/pops/merge_strategy_spec.rb +0 -1
data/spec/unit/pops/migration_spec.rb +3 -5
data/spec/unit/pops/model/model_spec.rb +5 -1
data/spec/unit/pops/model/pn_transformer_spec.rb +56 -0
data/spec/unit/pops/parser/lexer2_spec.rb +89 -26
data/spec/unit/pops/parser/locator_spec.rb +63 -1
data/spec/unit/pops/parser/parse_application_spec.rb +0 -1
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +42 -10
data/spec/unit/pops/parser/parse_calls_spec.rb +28 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -1
data/spec/unit/pops/parser/parse_conditionals_spec.rb +12 -1
data/spec/unit/pops/parser/parse_containers_spec.rb +2 -14
data/spec/unit/pops/parser/parse_functions_spec.rb +1 -1
data/spec/unit/pops/parser/parse_heredoc_spec.rb +124 -12
data/spec/unit/pops/parser/parse_lambda_spec.rb +1 -1
data/spec/unit/pops/parser/parse_plan_spec.rb +47 -0
data/spec/unit/pops/parser/parse_resource_spec.rb +35 -36
data/spec/unit/pops/parser/parse_site_spec.rb +0 -1
data/spec/unit/pops/parser/pn_parser_spec.rb +100 -0
data/spec/unit/pops/pn_spec.rb +147 -0
data/spec/unit/pops/puppet_stack_spec.rb +38 -9
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -1
data/spec/unit/pops/serialization/packer_spec.rb +8 -0
data/spec/unit/pops/serialization/serialization_spec.rb +37 -5
data/spec/unit/pops/serialization/to_from_hr_spec.rb +74 -4
data/spec/unit/pops/serialization/to_stringified_spec.rb +162 -0
data/spec/unit/pops/types/deferred_spec.rb +87 -0
data/spec/unit/pops/types/error_spec.rb +207 -0
data/spec/unit/pops/types/iterable_spec.rb +1 -1
data/spec/unit/pops/types/p_init_type_spec.rb +98 -0
data/spec/unit/pops/types/p_object_type_spec.rb +298 -13
data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
data/spec/unit/pops/types/p_timespan_type_spec.rb +33 -4
data/spec/unit/pops/types/p_timestamp_type_spec.rb +28 -2
data/spec/unit/pops/types/p_type_set_type_spec.rb +106 -2
data/spec/unit/pops/types/p_uri_type_spec.rb +191 -0
data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
data/spec/unit/pops/types/ruby_generator_spec.rb +87 -54
data/spec/unit/pops/types/string_converter_spec.rb +39 -6
data/spec/unit/pops/types/task_spec.rb +411 -0
data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
data/spec/unit/pops/types/type_calculator_spec.rb +120 -53
data/spec/unit/pops/types/type_formatter_spec.rb +31 -13
data/spec/unit/pops/types/type_mismatch_describer_spec.rb +9 -0
data/spec/unit/pops/types/type_parser_spec.rb +26 -14
data/spec/unit/pops/types/types_spec.rb +99 -6
data/spec/unit/pops/validator/validator_spec.rb +455 -7
data/spec/unit/pops/visitor_spec.rb +0 -1
data/spec/unit/property/boolean_spec.rb +1 -1
data/spec/unit/property/ensure_spec.rb +0 -1
data/spec/unit/property/keyvalue_spec.rb +127 -38
data/spec/unit/property/list_spec.rb +26 -27
data/spec/unit/property/ordered_list_spec.rb +10 -14
data/spec/unit/property_spec.rb +55 -46
data/spec/unit/provider/aix_object_spec.rb +821 -0
data/spec/unit/provider/command_spec.rb +9 -9
data/spec/unit/provider/exec/posix_spec.rb +38 -15
data/spec/unit/provider/exec/shell_spec.rb +2 -2
data/spec/unit/provider/exec/windows_spec.rb +4 -6
data/spec/unit/provider/exec_spec.rb +210 -1
data/spec/unit/provider/file/posix_spec.rb +22 -24
data/spec/unit/provider/file/windows_spec.rb +17 -19
data/spec/unit/provider/group/aix_spec.rb +91 -0
data/spec/unit/provider/group/groupadd_spec.rb +237 -29
data/spec/unit/provider/group/ldap_spec.rb +33 -36
data/spec/unit/provider/group/pw_spec.rb +15 -18
data/spec/unit/provider/group/windows_adsi_spec.rb +173 -68
data/spec/unit/provider/ldap_spec.rb +61 -63
data/spec/unit/provider/nameservice/directoryservice_spec.rb +102 -109
data/spec/unit/provider/nameservice_spec.rb +99 -100
data/spec/unit/provider/package/aix_spec.rb +48 -22
data/spec/unit/provider/package/appdmg_spec.rb +13 -13
data/spec/unit/provider/package/apt_spec.rb +174 -37
data/spec/unit/provider/package/aptitude_spec.rb +8 -7
data/spec/unit/provider/package/aptrpm_spec.rb +8 -13
data/spec/unit/provider/package/base_spec.rb +7 -6
data/spec/unit/provider/package/dnf_spec.rb +43 -18
data/spec/unit/provider/package/dnfmodule_spec.rb +256 -0
data/spec/unit/provider/package/dpkg_spec.rb +348 -137
data/spec/unit/provider/package/freebsd_spec.rb +15 -18
data/spec/unit/provider/package/gem_spec.rb +210 -83
data/spec/unit/provider/package/hpux_spec.rb +15 -18
data/spec/unit/provider/package/macports_spec.rb +56 -54
data/spec/unit/provider/package/nim_spec.rb +76 -59
data/spec/unit/provider/package/openbsd_spec.rb +62 -49
data/spec/unit/provider/package/opkg_spec.rb +23 -26
data/spec/unit/provider/package/pacman_spec.rb +103 -133
data/spec/unit/provider/package/pip2_spec.rb +36 -0
data/spec/unit/provider/package/pip3_spec.rb +20 -6
data/spec/unit/provider/package/pip_spec.rb +252 -157
data/spec/unit/provider/package/pkg_spec.rb +194 -98
data/spec/unit/provider/package/pkgdmg_spec.rb +64 -66
data/spec/unit/provider/package/pkgin_spec.rb +21 -24
data/spec/unit/provider/package/pkgng_spec.rb +80 -38
data/spec/unit/provider/package/pkgutil_spec.rb +45 -49
data/spec/unit/provider/package/portage_spec.rb +89 -74
data/spec/unit/provider/package/puppet_gem_spec.rb +53 -21
data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
data/spec/unit/provider/package/rpm_spec.rb +280 -261
data/spec/unit/provider/package/sun_spec.rb +16 -18
data/spec/unit/provider/package/tdnf_spec.rb +9 -12
data/spec/unit/provider/package/up2date_spec.rb +2 -4
data/spec/unit/provider/package/urpmi_spec.rb +18 -14
data/spec/unit/provider/package/windows/exe_package_spec.rb +32 -18
data/spec/unit/provider/package/windows/msi_package_spec.rb +20 -23
data/spec/unit/provider/package/windows/package_spec.rb +38 -43
data/spec/unit/provider/package/windows_spec.rb +51 -36
data/spec/unit/provider/package/yum_spec.rb +442 -13
data/spec/unit/provider/package/zypper_spec.rb +202 -106
data/spec/unit/provider/package_targetable_spec.rb +60 -0
data/spec/unit/provider/parsedfile_spec.rb +81 -46
data/spec/unit/provider/service/base_spec.rb +6 -11
data/spec/unit/provider/service/bsd_spec.rb +52 -51
data/spec/unit/provider/service/daemontools_spec.rb +71 -52
data/spec/unit/provider/service/debian_spec.rb +51 -53
data/spec/unit/provider/service/freebsd_spec.rb +21 -21
data/spec/unit/provider/service/gentoo_spec.rb +78 -82
data/spec/unit/provider/service/init_spec.rb +117 -67
data/spec/unit/provider/service/launchd_spec.rb +196 -114
data/spec/unit/provider/service/openbsd_spec.rb +98 -92
data/spec/unit/provider/service/openrc_spec.rb +73 -75
data/spec/unit/provider/service/openwrt_spec.rb +36 -44
data/spec/unit/provider/service/rcng_spec.rb +20 -21
data/spec/unit/provider/service/redhat_spec.rb +76 -58
data/spec/unit/provider/service/runit_spec.rb +62 -43
data/spec/unit/provider/service/smf_spec.rb +143 -73
data/spec/unit/provider/service/src_spec.rb +60 -69
data/spec/unit/provider/service/systemd_spec.rb +330 -155
data/spec/unit/provider/service/upstart_spec.rb +106 -84
data/spec/unit/provider/service/windows_spec.rb +336 -91
data/spec/unit/provider/user/aix_spec.rb +263 -112
data/spec/unit/provider/user/directoryservice_spec.rb +229 -124
data/spec/unit/provider/user/hpux_spec.rb +19 -20
data/spec/unit/provider/user/ldap_spec.rb +80 -83
data/spec/unit/provider/user/openbsd_spec.rb +11 -12
data/spec/unit/provider/user/pw_spec.rb +82 -44
data/spec/unit/provider/user/user_role_add_spec.rb +109 -92
data/spec/unit/provider/user/useradd_spec.rb +479 -90
data/spec/unit/provider/user/windows_adsi_spec.rb +144 -63
data/spec/unit/provider_spec.rb +241 -47
data/spec/unit/puppet_pal_2pec.rb +1033 -0
data/spec/unit/puppet_pal_catalog_spec.rb +962 -0
data/spec/unit/puppet_pal_spec.rb +3 -0
data/spec/unit/puppet_spec.rb +58 -25
data/spec/unit/relationship_spec.rb +0 -1
data/spec/unit/reports/http_spec.rb +70 -54
data/spec/unit/reports/store_spec.rb +20 -17
data/spec/unit/reports_spec.rb +12 -14
data/spec/unit/resource/capability_finder_spec.rb +31 -29
data/spec/unit/resource/catalog_spec.rb +104 -82
data/spec/unit/resource/status_spec.rb +23 -12
data/spec/unit/resource/type_collection_spec.rb +19 -17
data/spec/unit/resource/type_spec.rb +52 -38
data/spec/unit/resource_spec.rb +207 -49
data/spec/unit/rest/route_spec.rb +132 -0
data/spec/unit/scheduler/job_spec.rb +0 -1
data/spec/unit/scheduler/scheduler_spec.rb +0 -1
data/spec/unit/scheduler/splay_job_spec.rb +1 -2
data/spec/unit/settings/array_setting_spec.rb +1 -1
data/spec/unit/settings/autosign_setting_spec.rb +11 -11
data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
data/spec/unit/settings/config_file_spec.rb +9 -1
data/spec/unit/settings/directory_setting_spec.rb +2 -7
data/spec/unit/settings/duration_setting_spec.rb +1 -2
data/spec/unit/settings/enum_setting_spec.rb +1 -1
data/spec/unit/settings/environment_conf_spec.rb +4 -6
data/spec/unit/settings/file_setting_spec.rb +54 -48
data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
data/spec/unit/settings/ini_file_spec.rb +314 -5
data/spec/unit/settings/path_setting_spec.rb +2 -3
data/spec/unit/settings/priority_setting_spec.rb +1 -2
data/spec/unit/settings/server_list_setting_spec.rb +21 -0
data/spec/unit/settings/string_setting_spec.rb +14 -15
data/spec/unit/settings/terminus_setting_spec.rb +1 -2
data/spec/unit/settings/value_translator_spec.rb +0 -1
data/spec/unit/settings_spec.rb +905 -448
data/spec/unit/ssl/base_spec.rb +13 -15
data/spec/unit/ssl/certificate_request_attributes_spec.rb +21 -8
data/spec/unit/ssl/certificate_request_spec.rb +84 -65
data/spec/unit/ssl/certificate_spec.rb +34 -32
data/spec/unit/ssl/digest_spec.rb +0 -1
data/spec/unit/ssl/host_spec.rb +336 -649
data/spec/unit/ssl/key_spec.rb +31 -49
data/spec/unit/ssl/oids_spec.rb +1 -0
data/spec/unit/ssl/ssl_provider_spec.rb +630 -0
data/spec/unit/ssl/state_machine_spec.rb +983 -0
data/spec/unit/ssl/validator_spec.rb +74 -214
data/spec/unit/ssl/verifier_spec.rb +123 -0
data/spec/unit/task_spec.rb +216 -27
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/additional_resource_generator_spec.rb +66 -72
data/spec/unit/transaction/event_manager_spec.rb +114 -89
data/spec/unit/transaction/event_spec.rb +16 -15
data/spec/unit/transaction/persistence_spec.rb +83 -27
data/spec/unit/transaction/report_spec.rb +55 -27
data/spec/unit/transaction/resource_harness_spec.rb +72 -33
data/spec/unit/transaction_spec.rb +328 -115
data/spec/unit/type/component_spec.rb +0 -1
data/spec/unit/type/exec_spec.rb +210 -95
data/spec/unit/type/file/checksum_spec.rb +29 -10
data/spec/unit/type/file/checksum_value_spec.rb +31 -32
data/spec/unit/type/file/content_spec.rb +72 -58
data/spec/unit/type/file/ctime_spec.rb +0 -1
data/spec/unit/type/file/ensure_spec.rb +13 -15
data/spec/unit/type/file/group_spec.rb +5 -7
data/spec/unit/type/file/mode_spec.rb +4 -6
data/spec/unit/type/file/mtime_spec.rb +0 -1
data/spec/unit/type/file/owner_spec.rb +6 -8
data/spec/unit/type/file/selinux_spec.rb +16 -21
data/spec/unit/type/file/source_spec.rb +186 -126
data/spec/unit/type/file/type_spec.rb +0 -1
data/spec/unit/type/file_spec.rb +321 -267
data/spec/unit/type/filebucket_spec.rb +12 -11
data/spec/unit/type/group_spec.rb +32 -11
data/spec/unit/type/noop_metaparam_spec.rb +1 -2
data/spec/unit/type/package/package_settings_spec.rb +44 -23
data/spec/unit/type/package_spec.rb +76 -54
data/spec/unit/type/resources_spec.rb +105 -75
data/spec/unit/type/schedule_spec.rb +29 -29
data/spec/unit/type/service_spec.rb +252 -76
data/spec/unit/type/stage_spec.rb +0 -1
data/spec/unit/type/tidy_spec.rb +92 -61
data/spec/unit/type/user_spec.rb +79 -143
data/spec/unit/type/whit_spec.rb +0 -1
data/spec/unit/type_spec.rb +288 -140
data/spec/unit/util/at_fork_spec.rb +21 -21
data/spec/unit/util/autoload_spec.rb +126 -94
data/spec/unit/util/backups_spec.rb +33 -35
data/spec/unit/util/character_encoding_spec.rb +5 -48
data/spec/unit/util/checksums_spec.rb +57 -42
data/spec/unit/util/colors_spec.rb +1 -2
data/spec/unit/util/command_line_spec.rb +50 -25
data/spec/unit/util/constant_inflector_spec.rb +0 -1
data/spec/unit/util/diff_spec.rb +12 -5
data/spec/unit/util/docs_spec.rb +1 -1
data/spec/unit/util/errors_spec.rb +0 -1
data/spec/unit/util/execution_spec.rb +288 -167
data/spec/unit/util/execution_stub_spec.rb +2 -3
data/spec/unit/util/feature_spec.rb +56 -29
data/spec/unit/util/filetype_spec.rb +62 -50
data/spec/unit/util/http_proxy_spec.rb +178 -17
data/spec/unit/util/inifile_spec.rb +70 -52
data/spec/unit/util/json_lockfile_spec.rb +3 -5
data/spec/unit/util/json_spec.rb +126 -0
data/spec/unit/util/ldap/connection_spec.rb +26 -25
data/spec/unit/util/ldap/generator_spec.rb +0 -1
data/spec/unit/util/ldap/manager_spec.rb +100 -129
data/spec/unit/util/lockfile_spec.rb +1 -2
data/spec/unit/util/log/destinations_spec.rb +68 -37
data/spec/unit/util/log_spec.rb +55 -151
data/spec/unit/util/logging_spec.rb +323 -105
data/spec/unit/util/metric_spec.rb +0 -1
data/spec/unit/util/monkey_patches_spec.rb +23 -13
data/spec/unit/util/multi_match_spec.rb +0 -1
data/spec/unit/util/network_device/config_spec.rb +0 -1
data/spec/unit/util/network_device/transport/base_spec.rb +5 -6
data/spec/unit/util/network_device_spec.rb +7 -9
data/spec/unit/util/package/version/debian_spec.rb +83 -0
data/spec/unit/util/package/version/pip_spec.rb +464 -0
data/spec/unit/util/package/version/range_spec.rb +175 -0
data/spec/unit/util/package/version/rpm_spec.rb +121 -0
data/spec/unit/util/package_spec.rb +0 -1
data/spec/unit/util/pidlock_spec.rb +130 -15
data/spec/unit/util/plist_spec.rb +66 -33
data/spec/unit/util/posix_spec.rb +426 -47
data/spec/unit/util/profiler/object_counts_spec.rb +2 -1
data/spec/unit/util/rdoc_spec.rb +9 -10
data/spec/unit/util/reference_spec.rb +0 -1
data/spec/unit/util/resource_template_spec.rb +20 -20
data/spec/unit/util/retry_action_spec.rb +7 -8
data/spec/unit/util/rpm_compare_spec.rb +196 -0
data/spec/unit/util/rubygems_spec.rb +8 -43
data/spec/unit/util/run_mode_spec.rb +16 -17
data/spec/unit/util/selinux_spec.rb +204 -98
data/spec/unit/util/skip_tags_spec.rb +14 -0
data/spec/unit/util/splayer_spec.rb +8 -9
data/spec/unit/util/ssl_spec.rb +0 -1
data/spec/unit/util/storage_spec.rb +125 -12
data/spec/unit/util/suidmanager_spec.rb +83 -91
data/spec/unit/util/symbolic_file_mode_spec.rb +0 -1
data/spec/unit/util/tag_set_spec.rb +8 -2
data/spec/unit/util/tagging_spec.rb +27 -9
data/spec/unit/util/terminal_spec.rb +9 -10
data/spec/unit/util/user_attr_spec.rb +1 -2
data/spec/unit/util/warnings_spec.rb +3 -4
data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
data/spec/unit/util/watcher_spec.rb +51 -21
data/spec/unit/util/windows/access_control_entry_spec.rb +1 -2
data/spec/unit/util/windows/access_control_list_spec.rb +1 -2
data/spec/unit/util/windows/adsi_spec.rb +285 -137
data/spec/unit/util/windows/api_types_spec.rb +105 -42
data/spec/unit/util/windows/eventlog_spec.rb +10 -13
data/spec/unit/util/windows/file_spec.rb +0 -1
data/spec/unit/util/windows/root_certs_spec.rb +1 -2
data/spec/unit/util/windows/security_descriptor_spec.rb +1 -3
data/spec/unit/util/windows/service_spec.rb +677 -0
data/spec/unit/util/windows/sid_spec.rb +131 -21
data/spec/unit/util/windows/string_spec.rb +1 -2
data/spec/unit/util/windows_spec.rb +23 -0
data/spec/unit/util/yaml_spec.rb +193 -34
data/spec/unit/util_spec.rb +110 -130
data/spec/unit/version_spec.rb +6 -6
data/spec/unit/x509/cert_provider_spec.rb +606 -0
data/spec/unit/x509/pem_store_spec.rb +160 -0
data/tasks/benchmark.rake +41 -0
data/tasks/ci.rake +0 -5
data/tasks/generate_cert_fixtures.rake +194 -0
data/tasks/manpages.rake +15 -36
data/tasks/parallel.rake +3 -3
data/tasks/parser.rake +11 -3
metadata +3497 -3514
data/COMMITTERS.md +0 -244
data/MAINTAINERS +0 -66
data/ext/README.environment +0 -8
data/ext/autotest/Rakefile +0 -8
data/ext/autotest/config +0 -43
data/ext/autotest/readme.rst +0 -16
data/ext/cert_inspector +0 -140
data/ext/dbfix.sql +0 -132
data/ext/debian/README.Debian +0 -8
data/ext/debian/README.source +0 -2
data/ext/debian/TODO.Debian +0 -1
data/ext/debian/changelog.erb +0 -1122
data/ext/debian/compat +0 -1
data/ext/debian/control +0 -144
data/ext/debian/copyright +0 -361
data/ext/debian/docs +0 -1
data/ext/debian/fileserver.conf +0 -41
data/ext/debian/puppet-common.dirs +0 -13
data/ext/debian/puppet-common.install +0 -3
data/ext/debian/puppet-common.lintian-overrides +0 -5
data/ext/debian/puppet-common.manpages +0 -28
data/ext/debian/puppet-common.postinst +0 -35
data/ext/debian/puppet-common.postrm +0 -33
data/ext/debian/puppet-el.dirs +0 -1
data/ext/debian/puppet-el.emacsen-install +0 -25
data/ext/debian/puppet-el.emacsen-remove +0 -11
data/ext/debian/puppet-el.emacsen-startup +0 -9
data/ext/debian/puppet-el.install +0 -1
data/ext/debian/puppet-testsuite.install +0 -2
data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
data/ext/debian/puppet.lintian-overrides +0 -3
data/ext/debian/puppet.logrotate +0 -20
data/ext/debian/puppet.postinst +0 -20
data/ext/debian/puppet.postrm +0 -20
data/ext/debian/puppet.preinst +0 -20
data/ext/debian/puppetmaster-common.install +0 -2
data/ext/debian/puppetmaster-common.manpages +0 -2
data/ext/debian/puppetmaster-common.postinst +0 -6
data/ext/debian/puppetmaster-passenger.dirs +0 -4
data/ext/debian/puppetmaster-passenger.postinst +0 -162
data/ext/debian/puppetmaster-passenger.postrm +0 -61
data/ext/debian/puppetmaster.README.debian +0 -17
data/ext/debian/puppetmaster.default +0 -14
data/ext/debian/puppetmaster.init +0 -137
data/ext/debian/puppetmaster.lintian-overrides +0 -3
data/ext/debian/puppetmaster.postinst +0 -20
data/ext/debian/puppetmaster.postrm +0 -5
data/ext/debian/puppetmaster.preinst +0 -22
data/ext/debian/rules +0 -132
data/ext/debian/source/format +0 -1
data/ext/debian/source/options +0 -1
data/ext/debian/vim-puppet.README.Debian +0 -13
data/ext/debian/vim-puppet.dirs +0 -5
data/ext/debian/vim-puppet.yaml +0 -7
data/ext/debian/watch +0 -2
data/ext/envpuppet +0 -139
data/ext/envpuppet.bat +0 -14
data/ext/freebsd/puppetd +0 -26
data/ext/freebsd/puppetmasterd +0 -26
data/ext/gentoo/conf.d/puppet +0 -5
data/ext/gentoo/conf.d/puppetmaster +0 -12
data/ext/gentoo/init.d/puppet +0 -38
data/ext/gentoo/init.d/puppetmaster +0 -51
data/ext/gentoo/puppet/fileserver.conf +0 -41
data/ext/ips/puppet-agent +0 -44
data/ext/ips/puppet-master +0 -44
data/ext/ips/puppet.p5m.erb +0 -12
data/ext/ips/puppetagent.xml +0 -42
data/ext/ips/puppetmaster.xml +0 -42
data/ext/ips/rules +0 -19
data/ext/ips/transforms +0 -34
data/ext/ldap/puppet.schema +0 -24
data/ext/logcheck/puppet +0 -23
data/ext/osx/file_mapping.yaml +0 -33
data/ext/osx/postflight.erb +0 -109
data/ext/osx/preflight.erb +0 -52
data/ext/osx/prototype.plist.erb +0 -38
data/ext/puppet-test +0 -477
data/ext/pure_ruby_dsl/dsl_test.rb +0 -7
data/ext/rack/config.ru +0 -44
data/ext/rack/example-passenger-vhost.conf +0 -57
data/ext/redhat/fileserver.conf +0 -41
data/ext/redhat/logrotate +0 -21
data/ext/redhat/puppet.spec.erb +0 -846
data/ext/redhat/server.init +0 -128
data/ext/redhat/server.sysconfig +0 -13
data/ext/solaris/pkginfo +0 -6
data/ext/solaris/smf/puppetd.xml +0 -77
data/ext/solaris/smf/puppetmasterd.xml +0 -77
data/ext/solaris/smf/svc-puppetd +0 -64
data/ext/solaris/smf/svc-puppetmasterd +0 -60
data/ext/suse/puppet.spec +0 -310
data/ext/suse/server.init +0 -173
data/ext/upload_facts.rb +0 -119
data/ext/windows/eventlog/Rakefile +0 -32
data/ext/windows/eventlog/puppetres.dll +0 -0
data/ext/windows/eventlog/puppetres.mc +0 -18
data/ext/yaml_nodes.rb +0 -105
data/lib/puppet/application/ca.rb +0 -11
data/lib/puppet/application/certificate.rb +0 -17
data/lib/puppet/application/certificate_request.rb +0 -7
data/lib/puppet/application/certificate_revocation_list.rb +0 -7
data/lib/puppet/application/master.rb +0 -317
data/lib/puppet/bindings.rb +0 -148
data/lib/puppet/configurer/downloader_factory.rb +0 -44
data/lib/puppet/external/nagios/base.rb +0 -472
data/lib/puppet/external/nagios/grammar.ry +0 -248
data/lib/puppet/external/nagios/makefile +0 -9
data/lib/puppet/external/nagios/parser.rb +0 -400
data/lib/puppet/external/nagios.rb +0 -46
data/lib/puppet/face/ca.rb +0 -266
data/lib/puppet/face/certificate.rb +0 -165
data/lib/puppet/face/certificate_request.rb +0 -56
data/lib/puppet/face/certificate_revocation_list.rb +0 -56
data/lib/puppet/feature/rack.rb +0 -19
data/lib/puppet/graph/random_prioritizer.rb +0 -16
data/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
data/lib/puppet/indirector/certificate/ca.rb +0 -9
data/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
data/lib/puppet/indirector/certificate_request/ca.rb +0 -22
data/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
data/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
data/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
data/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
data/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -22
data/lib/puppet/indirector/certificate_status/file.rb +0 -91
data/lib/puppet/indirector/certificate_status/rest.rb +0 -11
data/lib/puppet/indirector/certificate_status.rb +0 -4
data/lib/puppet/indirector/key/ca.rb +0 -16
data/lib/puppet/indirector/key/disabled_ca.rb +0 -22
data/lib/puppet/indirector/ldap.rb +0 -80
data/lib/puppet/indirector/node/ldap.rb +0 -259
data/lib/puppet/indirector/node/write_only_yaml.rb +0 -39
data/lib/puppet/module_tool/applications/builder.rb +0 -148
data/lib/puppet/module_tool/skeleton/templates/generator/Gemfile +0 -18
data/lib/puppet/module_tool/skeleton/templates/generator/README.md.erb +0 -89
data/lib/puppet/module_tool/skeleton/templates/generator/Rakefile +0 -32
data/lib/puppet/module_tool/skeleton/templates/generator/examples/init.pp.erb +0 -12
data/lib/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +0 -48
data/lib/puppet/module_tool/skeleton/templates/generator/metadata.json.erb +0 -1
data/lib/puppet/module_tool/skeleton/templates/generator/spec/classes/init_spec.rb.erb +0 -6
data/lib/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +0 -1
data/lib/puppet/network/http/api/ca/v1.rb +0 -11
data/lib/puppet/network/http/api/ca.rb +0 -2
data/lib/puppet/network/http/rack/rest.rb +0 -162
data/lib/puppet/network/http/rack.rb +0 -33
data/lib/puppet/network/http/webrick/rest.rb +0 -114
data/lib/puppet/network/http/webrick.rb +0 -123
data/lib/puppet/network/server.rb +0 -39
data/lib/puppet/pops/loader/null_loader.rb +0 -60
data/lib/puppet/provider/aixobject.rb +0 -392
data/lib/puppet/provider/augeas/augeas.rb +0 -567
data/lib/puppet/provider/cisco.rb +0 -9
data/lib/puppet/provider/computer/computer.rb +0 -20
data/lib/puppet/provider/cron/crontab.rb +0 -297
data/lib/puppet/provider/host/parsed.rb +0 -46
data/lib/puppet/provider/interface/cisco.rb +0 -27
data/lib/puppet/provider/macauthorization/macauthorization.rb +0 -298
data/lib/puppet/provider/mailalias/aliases.rb +0 -50
data/lib/puppet/provider/maillist/mailman.rb +0 -108
data/lib/puppet/provider/mcx/mcxcontent.rb +0 -173
data/lib/puppet/provider/mount/parsed.rb +0 -282
data/lib/puppet/provider/mount.rb +0 -59
data/lib/puppet/provider/naginator.rb +0 -63
data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +0 -590
data/lib/puppet/provider/selboolean/getsetsebool.rb +0 -47
data/lib/puppet/provider/selmodule/semodule.rb +0 -140
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +0 -105
data/lib/puppet/provider/sshkey/parsed.rb +0 -50
data/lib/puppet/provider/vlan/cisco.rb +0 -28
data/lib/puppet/provider/yumrepo/inifile.rb +0 -305
data/lib/puppet/provider/zfs/zfs.rb +0 -88
data/lib/puppet/provider/zone/solaris.rb +0 -364
data/lib/puppet/provider/zpool/zpool.rb +0 -125
data/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
data/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
data/lib/puppet/ssl/certificate_authority.rb +0 -553
data/lib/puppet/ssl/certificate_revocation_list.rb +0 -110
data/lib/puppet/ssl/configuration.rb +0 -61
data/lib/puppet/ssl/inventory.rb +0 -55
data/lib/puppet/type/augeas.rb +0 -211
data/lib/puppet/type/computer.rb +0 -66
data/lib/puppet/type/cron.rb +0 -475
data/lib/puppet/type/host.rb +0 -95
data/lib/puppet/type/interface.rb +0 -121
data/lib/puppet/type/k5login.rb +0 -88
data/lib/puppet/type/macauthorization.rb +0 -167
data/lib/puppet/type/mailalias.rb +0 -46
data/lib/puppet/type/maillist.rb +0 -62
data/lib/puppet/type/mcx.rb +0 -98
data/lib/puppet/type/mount.rb +0 -310
data/lib/puppet/type/nagios_command.rb +0 -3
data/lib/puppet/type/nagios_contact.rb +0 -3
data/lib/puppet/type/nagios_contactgroup.rb +0 -3
data/lib/puppet/type/nagios_host.rb +0 -3
data/lib/puppet/type/nagios_hostdependency.rb +0 -3
data/lib/puppet/type/nagios_hostescalation.rb +0 -3
data/lib/puppet/type/nagios_hostextinfo.rb +0 -3
data/lib/puppet/type/nagios_hostgroup.rb +0 -3
data/lib/puppet/type/nagios_service.rb +0 -3
data/lib/puppet/type/nagios_servicedependency.rb +0 -3
data/lib/puppet/type/nagios_serviceescalation.rb +0 -3
data/lib/puppet/type/nagios_serviceextinfo.rb +0 -3
data/lib/puppet/type/nagios_servicegroup.rb +0 -3
data/lib/puppet/type/nagios_timeperiod.rb +0 -3
data/lib/puppet/type/router.rb +0 -17
data/lib/puppet/type/scheduled_task.rb +0 -183
data/lib/puppet/type/selboolean.rb +0 -26
data/lib/puppet/type/selmodule.rb +0 -59
data/lib/puppet/type/ssh_authorized_key.rb +0 -143
data/lib/puppet/type/sshkey.rb +0 -83
data/lib/puppet/type/vlan.rb +0 -26
data/lib/puppet/type/yumrepo.rb +0 -409
data/lib/puppet/type/zfs.rb +0 -150
data/lib/puppet/type/zone.rb +0 -382
data/lib/puppet/type/zpool.rb +0 -91
data/lib/puppet/util/methodhelper.rb +0 -32
data/lib/puppet/util/nagios_maker.rb +0 -85
data/lib/puppet/util/network_device/cisco/device.rb +0 -285
data/lib/puppet/util/network_device/cisco/facts.rb +0 -72
data/lib/puppet/util/network_device/cisco/interface.rb +0 -94
data/lib/puppet/util/network_device/cisco.rb +0 -4
data/lib/puppet/util/network_device/ipcalc.rb +0 -68
data/lib/puppet/util/network_device/transport/ssh.rb +0 -126
data/lib/puppet/util/network_device/transport/telnet.rb +0 -47
data/lib/puppet/util/windows/taskscheduler.rb +0 -1276
data/lib/puppet/vendor/deep_merge/CHANGELOG +0 -45
data/lib/puppet/vendor/deep_merge/Gemfile +0 -3
data/lib/puppet/vendor/deep_merge/LICENSE +0 -21
data/lib/puppet/vendor/deep_merge/PUPPET_README.md +0 -6
data/lib/puppet/vendor/deep_merge/README.md +0 -113
data/lib/puppet/vendor/deep_merge/Rakefile +0 -19
data/lib/puppet/vendor/deep_merge/deep_merge.gemspec +0 -35
data/lib/puppet/vendor/deep_merge/lib/deep_merge/core.rb +0 -210
data/lib/puppet/vendor/deep_merge/lib/deep_merge/deep_merge_hash.rb +0 -28
data/lib/puppet/vendor/deep_merge/lib/deep_merge/rails_compat.rb +0 -27
data/lib/puppet/vendor/deep_merge/lib/deep_merge.rb +0 -2
data/lib/puppet/vendor/deep_merge/test/test_deep_merge.rb +0 -608
data/lib/puppet/vendor/load_deep_merge.rb +0 -1
data/lib/puppet/vendor/load_semantic.rb +0 -1
data/lib/puppet/vendor/load_semantic_puppet.rb +0 -1
data/lib/puppet/vendor/semantic/lib/semantic.rb +0 -5
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph.rb +0 -60
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph_node.rb +0 -117
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/module_release.rb +0 -58
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/source.rb +0 -25
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/unsatisfiable_graph.rb +0 -31
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency.rb +0 -181
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/gem_version.rb +0 -3
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version.rb +0 -203
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version_range.rb +0 -758
data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet.rb +0 -11
data/locales/ja/puppet.po +0 -11234
data/man/man8/puppet-ca.8 +0 -196
data/man/man8/puppet-cert.8 +0 -118
data/man/man8/puppet-certificate.8 +0 -240
data/man/man8/puppet-certificate_request.8 +0 -161
data/man/man8/puppet-certificate_revocation_list.8 +0 -139
data/man/man8/puppet-master.8 +0 -85
data/spec/fixtures/integration/provider/cron/crontab/create_normal_entry +0 -19
data/spec/fixtures/integration/provider/cron/crontab/create_special_entry +0 -18
data/spec/fixtures/integration/provider/cron/crontab/crontab_user1 +0 -15
data/spec/fixtures/integration/provider/cron/crontab/crontab_user2 +0 -4
data/spec/fixtures/integration/provider/cron/crontab/modify_entry +0 -13
data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input1 +0 -15
data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input2 +0 -6
data/spec/fixtures/integration/provider/cron/crontab/purged +0 -8
data/spec/fixtures/integration/provider/cron/crontab/remove_named_resource +0 -12
data/spec/fixtures/integration/provider/cron/crontab/remove_unnamed_resource +0 -14
data/spec/fixtures/integration/provider/cron/crontab/unspecialized +0 -15
data/spec/fixtures/integration/provider/mailalias/aliases/test1 +0 -31
data/spec/fixtures/integration/provider/sshkey/sample +0 -21
data/spec/fixtures/unit/provider/augeas/augeas/augeas/lenses/test.aug +0 -13
data/spec/fixtures/unit/provider/augeas/augeas/etc/fstab +0 -10
data/spec/fixtures/unit/provider/augeas/augeas/etc/hosts +0 -6
data/spec/fixtures/unit/provider/augeas/augeas/etc/test +0 -3
data/spec/fixtures/unit/provider/augeas/augeas/test.aug +0 -13
data/spec/fixtures/unit/provider/host/parsed/valid_hosts +0 -19
data/spec/fixtures/unit/provider/mount/mount-output.aix.txt +0 -7
data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +0 -152
data/spec/fixtures/unit/provider/mount/parsed/aix.mount +0 -11
data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +0 -6
data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +0 -8
data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +0 -3
data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +0 -17
data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +0 -11
data/spec/fixtures/unit/provider/mount/parsed/linux.mount +0 -5
data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +0 -9
data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +0 -8
data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +0 -4
data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +0 -4
data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +0 -11
data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +0 -6
data/spec/fixtures/unit/provider/naginator/define_empty_param +0 -6
data/spec/fixtures/unit/provider/package/pkgng/pkg.info +0 -8
data/spec/fixtures/unit/provider/package/pkgng/pkg.query_absent +0 -1
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +0 -7
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +0 -3
data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +0 -1
data/spec/fixtures/unit/provider/sshkey/parsed/sample +0 -21
data/spec/fixtures/unit/provider/sshkey/parsed/sample_with_blank_lines +0 -8
data/spec/fixtures/unit/provider/zfs/zfs/zfs-list.out +0 -2
data/spec/fixtures/unit/provider/zpool/zpool/zpool-list.out +0 -2
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +0 -24
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +0 -24
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +0 -24
data/spec/integration/faces/ca_spec.rb +0 -354
data/spec/integration/faces/config_spec.rb +0 -80
data/spec/integration/faces/documentation_spec.rb +0 -58
data/spec/integration/faces/plugin_spec.rb +0 -59
data/spec/integration/file_bucket/file_spec.rb +0 -69
data/spec/integration/file_serving/content_spec.rb +0 -8
data/spec/integration/file_serving/fileset_spec.rb +0 -13
data/spec/integration/file_serving/metadata_spec.rb +0 -9
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -21
data/spec/integration/file_system/uniquefile_spec.rb +0 -29
data/spec/integration/indirector/node/ldap_spec.rb +0 -14
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/provider/cron/crontab_spec.rb +0 -242
data/spec/integration/provider/mailalias/aliases_spec.rb +0 -10
data/spec/integration/provider/mount_spec.rb +0 -161
data/spec/integration/provider/service/init_spec.rb +0 -46
data/spec/integration/provider/service/systemd_spec.rb +0 -20
data/spec/integration/provider/service/windows_spec.rb +0 -49
data/spec/integration/provider/ssh_authorized_key_spec.rb +0 -219
data/spec/integration/provider/sshkey_spec.rb +0 -159
data/spec/integration/provider/yumrepo_spec.rb +0 -130
data/spec/integration/reference/providers_spec.rb +0 -16
data/spec/integration/reports_spec.rb +0 -14
data/spec/integration/ssl/autosign_spec.rb +0 -145
data/spec/integration/ssl/certificate_authority_spec.rb +0 -162
data/spec/integration/ssl/certificate_request_spec.rb +0 -47
data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -34
data/spec/integration/ssl/host_spec.rb +0 -81
data/spec/integration/ssl/key_spec.rb +0 -104
data/spec/integration/test/test_helper_spec.rb +0 -32
data/spec/integration/type/nagios_spec.rb +0 -71
data/spec/integration/type/user_spec.rb +0 -64
data/spec/lib/matchers/include.rb +0 -27
data/spec/lib/matchers/include_spec.rb +0 -32
data/spec/shared_behaviours/file_serving_model.rb +0 -72
data/spec/unit/application/cert_spec.rb +0 -240
data/spec/unit/application/certificate_spec.rb +0 -22
data/spec/unit/application/master_spec.rb +0 -404
data/spec/unit/configurer/downloader_factory_spec.rb +0 -129
data/spec/unit/face/ca_spec.rb +0 -10
data/spec/unit/face/catalog_spec.rb +0 -7
data/spec/unit/face/certificate_request_spec.rb +0 -10
data/spec/unit/face/certificate_revocation_list_spec.rb +0 -10
data/spec/unit/face/certificate_spec.rb +0 -231
data/spec/unit/face/module/build_spec.rb +0 -69
data/spec/unit/face/module_spec.rb +0 -3
data/spec/unit/graph/title_hash_prioritizer_spec.rb +0 -49
data/spec/unit/indirector/certificate/ca_spec.rb +0 -23
data/spec/unit/indirector/certificate/disabled_ca_spec.rb +0 -33
data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -57
data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +0 -33
data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +0 -16
data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +0 -33
data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +0 -17
data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +0 -34
data/spec/unit/indirector/certificate_status/file_spec.rb +0 -191
data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -18
data/spec/unit/indirector/code_spec.rb +0 -31
data/spec/unit/indirector/key/ca_spec.rb +0 -23
data/spec/unit/indirector/key/disabled_ca_spec.rb +0 -33
data/spec/unit/indirector/ldap_spec.rb +0 -137
data/spec/unit/indirector/node/ldap_spec.rb +0 -462
data/spec/unit/indirector/node/write_only_yaml_spec.rb +0 -12
data/spec/unit/indirector/store_configs_spec.rb +0 -8
data/spec/unit/man_spec.rb +0 -32
data/spec/unit/module_tool/applications/builder_spec.rb +0 -432
data/spec/unit/network/http/api/ca/v1_spec.rb +0 -26
data/spec/unit/network/http/rack/rest_spec.rb +0 -325
data/spec/unit/network/http/rack_spec.rb +0 -43
data/spec/unit/network/http/webrick/rest_spec.rb +0 -231
data/spec/unit/network/http/webrick_spec.rb +0 -280
data/spec/unit/network/server_spec.rb +0 -95
data/spec/unit/provider/aixobject_spec.rb +0 -101
data/spec/unit/provider/augeas/augeas_spec.rb +0 -1025
data/spec/unit/provider/cisco_spec.rb +0 -15
data/spec/unit/provider/cron/crontab_spec.rb +0 -207
data/spec/unit/provider/cron/parsed_spec.rb +0 -358
data/spec/unit/provider/host/parsed_spec.rb +0 -233
data/spec/unit/provider/interface/cisco_spec.rb +0 -57
data/spec/unit/provider/macauthorization_spec.rb +0 -155
data/spec/unit/provider/mcx/mcxcontent_spec.rb +0 -192
data/spec/unit/provider/mount/parsed_spec.rb +0 -317
data/spec/unit/provider/mount_spec.rb +0 -165
data/spec/unit/provider/naginator_spec.rb +0 -79
data/spec/unit/provider/network_device_spec.rb +0 -152
data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +0 -2060
data/spec/unit/provider/selboolean_spec.rb +0 -36
data/spec/unit/provider/selmodule-example.pp +0 -0
data/spec/unit/provider/selmodule_spec.rb +0 -79
data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -277
data/spec/unit/provider/sshkey/parsed_spec.rb +0 -95
data/spec/unit/provider/vlan/cisco_spec.rb +0 -55
data/spec/unit/provider/yumrepo/inifile_spec.rb +0 -326
data/spec/unit/provider/zfs/zfs_spec.rb +0 -112
data/spec/unit/provider/zone/solaris_spec.rb +0 -247
data/spec/unit/provider/zpool/zpool_spec.rb +0 -251
data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +0 -30
data/spec/unit/ssl/certificate_authority/interface_spec.rb +0 -560
data/spec/unit/ssl/certificate_authority_spec.rb +0 -1184
data/spec/unit/ssl/certificate_revocation_list_spec.rb +0 -196
data/spec/unit/ssl/configuration_spec.rb +0 -141
data/spec/unit/ssl/inventory_spec.rb +0 -151
data/spec/unit/type/augeas_spec.rb +0 -119
data/spec/unit/type/computer_spec.rb +0 -80
data/spec/unit/type/cron_spec.rb +0 -543
data/spec/unit/type/host_spec.rb +0 -681
data/spec/unit/type/interface_spec.rb +0 -129
data/spec/unit/type/k5login_spec.rb +0 -115
data/spec/unit/type/macauthorization_spec.rb +0 -113
data/spec/unit/type/mailalias_spec.rb +0 -49
data/spec/unit/type/maillist_spec.rb +0 -41
data/spec/unit/type/mcx_spec.rb +0 -79
data/spec/unit/type/mount_spec.rb +0 -634
data/spec/unit/type/nagios_spec.rb +0 -313
data/spec/unit/type/scheduled_task_spec.rb +0 -103
data/spec/unit/type/selboolean_spec.rb +0 -44
data/spec/unit/type/selmodule_spec.rb +0 -17
data/spec/unit/type/ssh_authorized_key_spec.rb +0 -258
data/spec/unit/type/sshkey_spec.rb +0 -77
data/spec/unit/type/vlan_spec.rb +0 -44
data/spec/unit/type/yumrepo_spec.rb +0 -398
data/spec/unit/type/zfs_spec.rb +0 -46
data/spec/unit/type/zone_spec.rb +0 -172
data/spec/unit/type/zpool_spec.rb +0 -109
data/spec/unit/util/nagios_maker_spec.rb +0 -122
data/spec/unit/util/network_device/cisco/device_spec.rb +0 -482
data/spec/unit/util/network_device/cisco/facts_spec.rb +0 -64
data/spec/unit/util/network_device/cisco/interface_spec.rb +0 -88
data/spec/unit/util/network_device/ipcalc_spec.rb +0 -62
data/spec/unit/util/network_device/transport/ssh_spec.rb +0 -218
data/spec/unit/util/network_device/transport/telnet_spec.rb +0 -86
data/spec/watchr.rb +0 -138

data/spec/unit/ssl/host_spec.rb CHANGED Viewed

@@ -1,8 +1,10 @@
-#! /usr/bin/env ruby
 require 'spec_helper'
+require 'puppet/test_ca'
 require 'puppet/ssl/host'
 require 'matchers/json'
+require 'puppet_spec/ssl'
+require 'puppet/rest/routes'
 def base_json_comparison(result, json_hash)
   expect(result["fingerprint"]).to eq(json_hash["fingerprint"])
@@ -10,13 +12,11 @@ def base_json_comparison(result, json_hash)
   expect(result["state"]).to       eq(json_hash["desired_state"])
 end
-describe Puppet::SSL::Host do
+describe Puppet::SSL::Host, if: !Puppet::Util::Platform.jruby? do
   include JSONMatchers
   include PuppetSpec::Files
   before do
-    Puppet::SSL::Host.indirection.terminus_class = :file
     # Get a safe temporary file
     dir = tmpdir("ssl_host_testing")
     Puppet.settings[:confdir] = dir
@@ -29,7 +29,6 @@ describe Puppet::SSL::Host do
   after do
     # Cleaned out any cached localhost instance.
     Puppet::SSL::Host.reset
-    Puppet::SSL::Host.ca_location = :none
   end
   it "should use any provided name as its name" do
@@ -37,80 +36,68 @@ describe Puppet::SSL::Host do
   end
   it "should retrieve its public key from its private key" do
-    realkey = mock 'realkey'
-    key = stub 'key', :content => realkey
-    Puppet::SSL::Key.indirection.stubs(:find).returns(key)
-    pubkey = mock 'public_key'
-    realkey.expects(:public_key).returns pubkey
+    realkey = double('realkey')
+    key = double('key', :content => realkey)
+    allow(Puppet::SSL::Key.indirection).to receive(:find).and_return(key)
+    pubkey = double('public_key')
+    expect(realkey).to receive(:public_key).and_return(pubkey)
     expect(@host.public_key).to equal(pubkey)
   end
-  it "should default to being a non-ca host" do
-    expect(@host.ca?).to be_falsey
-  end
-  it "should be a ca host if its name matches the CA_NAME" do
-    Puppet::SSL::Host.stubs(:ca_name).returns "yayca"
-    expect(Puppet::SSL::Host.new("yayca")).to be_ca
-  end
-  it "should have a method for determining the CA location" do
-    expect(Puppet::SSL::Host).to respond_to(:ca_location)
-  end
-  it "should have a method for specifying the CA location" do
-    expect(Puppet::SSL::Host).to respond_to(:ca_location=)
-  end
+  describe 'localhost' do
+    before(:each) do
+      allow_any_instance_of(Puppet::SSL::Host).to receive(:certificate).and_return(nil)
+      allow_any_instance_of(Puppet::SSL::Host).to receive(:generate)
+    end
-  it "should have a method for retrieving the default ssl host" do
-    expect(Puppet::SSL::Host).to respond_to(:ca_location=)
-  end
+    it "is deprecated" do
+      Puppet::SSL::Host.localhost
-  it "should have a method for producing an instance to manage the local host's keys" do
-    expect(Puppet::SSL::Host).to respond_to(:localhost)
-  end
+      expect(@logs).to include(an_object_having_attributes(message: /Puppet::SSL::Host is deprecated/))
+    end
-  it "should allow to reset localhost" do
-    previous_host = Puppet::SSL::Host.localhost
-    Puppet::SSL::Host.reset
-    expect(Puppet::SSL::Host.localhost).not_to eq(previous_host)
-  end
+    it "should allow to reset localhost" do
+      previous_host = Puppet::SSL::Host.localhost
+      Puppet::SSL::Host.reset
+      expect(Puppet::SSL::Host.localhost).not_to eq(previous_host)
+    end
-  it "should generate the certificate for the localhost instance if no certificate is available" do
-    host = stub 'host', :key => nil
-    Puppet::SSL::Host.expects(:new).returns host
+    it "should generate the certificate for the localhost instance if no certificate is available" do
+      host = double('host', :key => nil)
+      expect(Puppet::SSL::Host).to receive(:new).and_return(host)
-    host.expects(:certificate).returns nil
-    host.expects(:generate)
+      expect(host).to receive(:certificate).and_return(nil)
+      expect(host).to receive(:generate)
-    expect(Puppet::SSL::Host.localhost).to equal(host)
-  end
+      expect(Puppet::SSL::Host.localhost).to equal(host)
+    end
-  it "should create a localhost cert if no cert is available and it is a CA with autosign and it is using DNS alt names", :unless => Puppet.features.microsoft_windows? do
-    Puppet[:autosign] = true
-    Puppet[:confdir] = tmpdir('conf')
-    Puppet[:dns_alt_names] = "foo,bar,baz"
-    ca = Puppet::SSL::CertificateAuthority.new
-    Puppet::SSL::CertificateAuthority.stubs(:instance).returns ca
+    it "should always read the key for the localhost instance in from disk" do
+      host = double('host', :certificate => "eh")
+      expect(host).to receive(:key)
+      expect(Puppet::SSL::Host).to receive(:new).and_return(host)
-    localhost = Puppet::SSL::Host.localhost
-    cert = localhost.certificate
+      Puppet::SSL::Host.localhost
+    end
-    expect(cert).to be_a(Puppet::SSL::Certificate)
-    expect(cert.subject_alt_names).to match_array(%W[DNS:#{Puppet[:certname]} DNS:foo DNS:bar DNS:baz])
+    it "should cache the localhost instance" do
+      host = double('host', :certificate => "eh", :key => 'foo')
+      expect(Puppet::SSL::Host).to receive(:new).once.and_return(host)
+      expect(Puppet::SSL::Host.localhost).to eq(Puppet::SSL::Host.localhost)
+    end
   end
   context "with dns_alt_names" do
     before :each do
-      @key = stub('key content')
-      key = stub('key', :generate => true, :content => @key)
-      Puppet::SSL::Key.stubs(:new).returns key
-      Puppet::SSL::Key.indirection.stubs(:save).with(key)
+      @key = double('key content')
+      key = double('key', :generate => true, :content => @key)
+      allow(Puppet::SSL::Key).to receive(:new).and_return(key)
+      allow(Puppet::SSL::Key.indirection).to receive(:save).with(key)
-      @cr = stub('certificate request')
-      Puppet::SSL::CertificateRequest.stubs(:new).returns @cr
-      Puppet::SSL::CertificateRequest.indirection.stubs(:save).with(@cr)
+      @cr = double('certificate request', :render => "csr pem")
+      allow(Puppet::SSL::CertificateRequest).to receive(:new).and_return(@cr)
+      allow_any_instance_of(Puppet::SSL::Host).to receive(:submit_certificate_request)
     end
     describe "explicitly specified" do
@@ -119,78 +106,17 @@ describe Puppet::SSL::Host do
       end
       it "should not include subjectAltName if not the local node" do
-        @cr.expects(:generate).with(@key, {})
+        expect(@cr).to receive(:generate).with(@key, {})
-        Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
+        Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate_certificate_request
       end
-      it "should include subjectAltName if I am a CA" do
-        @cr.expects(:generate).
-          with(@key, { :dns_alt_names => Puppet[:dns_alt_names] })
+      it "should include subjectAltName if the local node" do
+        expect(@cr).to receive(:generate).with(@key, { :dns_alt_names => 'one, two' })
-        Puppet::SSL::Host.localhost
+        Puppet::SSL::Host.new(Puppet[:certname]).generate_certificate_request
       end
     end
-    describe "implicitly defaulted" do
-      let(:ca) { stub('ca', :sign => nil) }
-      before :each do
-        Puppet[:dns_alt_names] = ''
-        Puppet::SSL::CertificateAuthority.stubs(:instance).returns ca
-      end
-      it "should not include defaults if we're not the CA" do
-        Puppet::SSL::CertificateAuthority.stubs(:ca?).returns false
-        @cr.expects(:generate).with(@key, {})
-        Puppet::SSL::Host.localhost
-      end
-      it "should not include defaults if not the local node" do
-        Puppet::SSL::CertificateAuthority.stubs(:ca?).returns true
-        @cr.expects(:generate).with(@key, {})
-        Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
-      end
-      it "should not include defaults if we can't resolve our fqdn" do
-        Puppet::SSL::CertificateAuthority.stubs(:ca?).returns true
-        Facter.stubs(:value).with(:fqdn).returns nil
-        @cr.expects(:generate).with(@key, {})
-        Puppet::SSL::Host.localhost
-      end
-      it "should provide defaults if we're bootstrapping the local master" do
-        Puppet::SSL::CertificateAuthority.stubs(:ca?).returns true
-        Facter.stubs(:value).with(:fqdn).returns 'web.foo.com'
-        Facter.stubs(:value).with(:domain).returns 'foo.com'
-        @cr.expects(:generate).with(@key, {:dns_alt_names => "puppet, web.foo.com, puppet.foo.com"})
-        Puppet::SSL::Host.localhost
-      end
-    end
-  end
-  it "should always read the key for the localhost instance in from disk" do
-    host = stub 'host', :certificate => "eh"
-    Puppet::SSL::Host.expects(:new).returns host
-    host.expects(:key)
-    Puppet::SSL::Host.localhost
-  end
-  it "should cache the localhost instance" do
-    host = stub 'host', :certificate => "eh", :key => 'foo'
-    Puppet::SSL::Host.expects(:new).once.returns host
-    expect(Puppet::SSL::Host.localhost).to eq(Puppet::SSL::Host.localhost)
   end
   it "should be able to verify its certificate matches its key" do
@@ -199,177 +125,56 @@ describe Puppet::SSL::Host do
   it "should consider the certificate invalid if it cannot find a key" do
     host = Puppet::SSL::Host.new("foo")
-    certificate = mock('cert', :fingerprint => 'DEADBEEF')
-    host.expects(:certificate).twice.returns certificate
-    host.expects(:key).returns nil
-    expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, "No private key with which to validate certificate with fingerprint: DEADBEEF")
+    certificate = double('cert', :fingerprint => 'DEADBEEF')
+    expect(host).to receive(:key).and_return(nil)
+    expect { host.validate_certificate_with_key(certificate) }.to raise_error(Puppet::Error, "No private key with which to validate certificate with fingerprint: DEADBEEF")
   end
   it "should consider the certificate invalid if it cannot find a certificate" do
     host = Puppet::SSL::Host.new("foo")
-    host.expects(:key).never
-    host.expects(:certificate).returns nil
-    expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, "No certificate to validate.")
+    expect(host).not_to receive(:key)
+    expect { host.validate_certificate_with_key(nil) }.to raise_error(Puppet::Error, "No certificate to validate.")
   end
   it "should consider the certificate invalid if the SSL certificate's key verification fails" do
     host = Puppet::SSL::Host.new("foo")
-    key = mock 'key', :content => "private_key"
-    sslcert = mock 'sslcert'
-    certificate = mock 'cert', {:content => sslcert, :fingerprint => 'DEADBEEF'}
-    host.stubs(:key).returns key
-    host.stubs(:certificate).returns certificate
-    sslcert.expects(:check_private_key).with("private_key").returns false
-    expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, /DEADBEEF/)
+    key = double('key', :content => "private_key")
+    sslcert = double('sslcert')
+    certificate = double('cert', {:content => sslcert, :fingerprint => 'DEADBEEF'})
+    allow(host).to receive(:key).and_return(key)
+    expect(sslcert).to receive(:check_private_key).with("private_key").and_return(false)
+    expect { host.validate_certificate_with_key(certificate) }.to raise_error(Puppet::Error, /DEADBEEF/)
   end
   it "should consider the certificate valid if the SSL certificate's key verification succeeds" do
     host = Puppet::SSL::Host.new("foo")
-    key = mock 'key', :content => "private_key"
-    sslcert = mock 'sslcert'
-    certificate = mock 'cert', :content => sslcert
-    host.stubs(:key).returns key
-    host.stubs(:certificate).returns certificate
-    sslcert.expects(:check_private_key).with("private_key").returns true
-    expect{ host.validate_certificate_with_key }.not_to raise_error
-  end
-  describe "when specifying the CA location" do
-    it "should support the location ':local'" do
-      expect { Puppet::SSL::Host.ca_location = :local }.not_to raise_error
-    end
-    it "should support the location ':remote'" do
-      expect { Puppet::SSL::Host.ca_location = :remote }.not_to raise_error
-    end
-    it "should support the location ':none'" do
-      expect { Puppet::SSL::Host.ca_location = :none }.not_to raise_error
-    end
-    it "should support the location ':only'" do
-      expect { Puppet::SSL::Host.ca_location = :only }.not_to raise_error
-    end
-    it "should not support other modes" do
-      expect { Puppet::SSL::Host.ca_location = :whatever }.to raise_error(ArgumentError)
-    end
-    describe "as 'local'" do
-      before do
-        Puppet::SSL::Host.ca_location = :local
-      end
-      it "should set the cache class for Certificate, CertificateRevocationList, and CertificateRequest as :file" do
-        expect(Puppet::SSL::Certificate.indirection.cache_class).to eq(:file)
-        expect(Puppet::SSL::CertificateRequest.indirection.cache_class).to eq(:file)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.cache_class).to eq(:file)
-      end
-      it "should set the terminus class for Key and Host as :file" do
-        expect(Puppet::SSL::Key.indirection.terminus_class).to eq(:file)
-        expect(Puppet::SSL::Host.indirection.terminus_class).to eq(:file)
-      end
-      it "should set the terminus class for Certificate, CertificateRevocationList, and CertificateRequest as :ca" do
-        expect(Puppet::SSL::Certificate.indirection.terminus_class).to eq(:ca)
-        expect(Puppet::SSL::CertificateRequest.indirection.terminus_class).to eq(:ca)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.terminus_class).to eq(:ca)
-      end
-    end
-    describe "as 'remote'" do
-      before do
-        Puppet::SSL::Host.ca_location = :remote
-      end
-      it "should set the cache class for Certificate, CertificateRevocationList, and CertificateRequest as :file" do
-        expect(Puppet::SSL::Certificate.indirection.cache_class).to eq(:file)
-        expect(Puppet::SSL::CertificateRequest.indirection.cache_class).to eq(:file)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.cache_class).to eq(:file)
-      end
-      it "should set the terminus class for Key as :file" do
-        expect(Puppet::SSL::Key.indirection.terminus_class).to eq(:file)
-      end
-      it "should set the terminus class for Host, Certificate, CertificateRevocationList, and CertificateRequest as :rest" do
-        expect(Puppet::SSL::Host.indirection.terminus_class).to eq(:rest)
-        expect(Puppet::SSL::Certificate.indirection.terminus_class).to eq(:rest)
-        expect(Puppet::SSL::CertificateRequest.indirection.terminus_class).to eq(:rest)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.terminus_class).to eq(:rest)
-      end
-    end
-    describe "as 'only'" do
-      before do
-        Puppet::SSL::Host.ca_location = :only
-      end
-      it "should set the terminus class for Key, Certificate, CertificateRevocationList, and CertificateRequest as :ca" do
-        expect(Puppet::SSL::Key.indirection.terminus_class).to eq(:ca)
-        expect(Puppet::SSL::Certificate.indirection.terminus_class).to eq(:ca)
-        expect(Puppet::SSL::CertificateRequest.indirection.terminus_class).to eq(:ca)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.terminus_class).to eq(:ca)
-      end
-      it "should set the cache class for Certificate, CertificateRevocationList, and CertificateRequest to nil" do
-        expect(Puppet::SSL::Certificate.indirection.cache_class).to be_nil
-        expect(Puppet::SSL::CertificateRequest.indirection.cache_class).to be_nil
-        expect(Puppet::SSL::CertificateRevocationList.indirection.cache_class).to be_nil
-      end
-      it "should set the terminus class for Host to :file" do
-        expect(Puppet::SSL::Host.indirection.terminus_class).to eq(:file)
-      end
-    end
-    describe "as 'none'" do
-      before do
-        Puppet::SSL::Host.ca_location = :none
-      end
-      it "should set the terminus class for Key, Certificate, CertificateRevocationList, and CertificateRequest as :file" do
-        expect(Puppet::SSL::Key.indirection.terminus_class).to eq(:disabled_ca)
-        expect(Puppet::SSL::Certificate.indirection.terminus_class).to eq(:disabled_ca)
-        expect(Puppet::SSL::CertificateRequest.indirection.terminus_class).to eq(:disabled_ca)
-        expect(Puppet::SSL::CertificateRevocationList.indirection.terminus_class).to eq(:disabled_ca)
-      end
-      it "should set the terminus class for Host to 'none'" do
-        expect { Puppet::SSL::Host.indirection.terminus_class }.to raise_error(Puppet::DevError)
-      end
-    end
+    key = double('key', :content => "private_key")
+    sslcert = double('sslcert')
+    certificate = double('cert', :content => sslcert)
+    allow(host).to receive(:key).and_return(key)
+    expect(sslcert).to receive(:check_private_key).with("private_key").and_return(true)
+    expect{ host.validate_certificate_with_key(certificate) }.not_to raise_error
   end
-  it "should have a class method for destroying all files related to a given host" do
-    expect(Puppet::SSL::Host).to respond_to(:destroy)
+  it "should output agent-specific commands when validation fails" do
+    host = Puppet::SSL::Host.new("foo")
+    key = double('key', :content => "private_key")
+    sslcert = double('sslcert')
+    certificate = double('cert', {:content => sslcert, :fingerprint => 'DEADBEEF'})
+    allow(host).to receive(:key).and_return(key)
+    expect(sslcert).to receive(:check_private_key).with("private_key").and_return(false)
+    expect { host.validate_certificate_with_key(certificate) }.to raise_error(Puppet::Error, /puppet ssl clean \n/)
   end
-  describe "when destroying a host's SSL files" do
-    before do
-      Puppet::SSL::Key.indirection.stubs(:destroy).returns false
-      Puppet::SSL::Certificate.indirection.stubs(:destroy).returns false
-      Puppet::SSL::CertificateRequest.indirection.stubs(:destroy).returns false
-    end
-    it "should destroy its certificate, certificate request, and key" do
-      Puppet::SSL::Key.indirection.expects(:destroy).with("myhost")
-      Puppet::SSL::Certificate.indirection.expects(:destroy).with("myhost")
-      Puppet::SSL::CertificateRequest.indirection.expects(:destroy).with("myhost")
-      Puppet::SSL::Host.destroy("myhost")
-    end
-    it "should return true if any of the classes returned true" do
-      Puppet::SSL::Certificate.indirection.expects(:destroy).with("myhost").returns true
-      expect(Puppet::SSL::Host.destroy("myhost")).to be_truthy
-    end
-    it "should report that nothing was deleted if none of the classes returned true" do
-      expect(Puppet::SSL::Host.destroy("myhost")).to eq("Nothing was deleted")
-    end
+  it "should output device-specific commands when validation fails" do
+    Puppet[:certname] = "device.example.com"
+    host = Puppet::SSL::Host.new("device.example.com", true)
+    key = double('key', :content => "private_key")
+    sslcert = double('sslcert')
+    certificate = double('cert', {:content => sslcert, :fingerprint => 'DEADBEEF'})
+    allow(host).to receive(:key).and_return(key)
+    expect(sslcert).to receive(:check_private_key).with("private_key").and_return(false)
+    expect { host.validate_certificate_with_key(certificate) }.to raise_error(Puppet::Error, /puppet ssl clean --target device.example.com/)
   end
   describe "when initializing" do
@@ -382,11 +187,6 @@ describe Puppet::SSL::Host do
     it "should downcase a passed in name" do
       expect(Puppet::SSL::Host.new("Host.Domain.Com").name).to eq("host.domain.com")
     end
-    it "should indicate that it is a CA host if its name matches the ca_name constant" do
-      Puppet::SSL::Host.stubs(:ca_name).returns "myca"
-      expect(Puppet::SSL::Host.new("myca")).to be_ca
-    end
   end
   describe "when managing its private key" do
@@ -397,104 +197,98 @@ describe Puppet::SSL::Host do
     end
     it "should return nil if the key is not set and cannot be found" do
-      Puppet::SSL::Key.indirection.expects(:find).with("myname").returns(nil)
+      expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(nil)
       expect(@host.key).to be_nil
     end
     it "should find the key in the Key class and return the Puppet instance" do
-      Puppet::SSL::Key.indirection.expects(:find).with("myname").returns(@key)
+      expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(@key)
       expect(@host.key).to equal(@key)
     end
     it "should be able to generate and save a new key" do
-      Puppet::SSL::Key.expects(:new).with("myname").returns(@key)
+      expect(Puppet::SSL::Key).to receive(:new).with("myname").and_return(@key)
-      @key.expects(:generate)
-      Puppet::SSL::Key.indirection.expects(:save)
+      expect(@key).to receive(:generate)
+      expect(Puppet::SSL::Key.indirection).to receive(:save)
       expect(@host.generate_key).to be_truthy
       expect(@host.key).to equal(@key)
     end
     it "should not retain keys that could not be saved" do
-      Puppet::SSL::Key.expects(:new).with("myname").returns(@key)
+      expect(Puppet::SSL::Key).to receive(:new).with("myname").and_return(@key)
-      @key.stubs(:generate)
-      Puppet::SSL::Key.indirection.expects(:save).raises "eh"
+      expect(@key).to receive(:generate)
+      expect(Puppet::SSL::Key.indirection).to receive(:save).and_raise("eh")
       expect { @host.generate_key }.to raise_error(RuntimeError)
       expect(@host.key).to be_nil
     end
     it "should return any previously found key without requerying" do
-      Puppet::SSL::Key.indirection.expects(:find).with("myname").returns(@key).once
+      expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(@key).once
       expect(@host.key).to equal(@key)
       expect(@host.key).to equal(@key)
     end
   end
   describe "when managing its certificate request" do
-    before do
-      @realrequest = "real request"
-      @request = Puppet::SSL::CertificateRequest.new("myname")
-      @request.content = @realrequest
+    before(:all) do
+      @pki = PuppetSpec::SSL.create_chained_pki
     end
-    it "should return nil if the key is not set and cannot be found" do
-      Puppet::SSL::CertificateRequest.indirection.expects(:find).with("myname").returns(nil)
-      expect(@host.certificate_request).to be_nil
+    before(:each) do
+      Puppet[:requestdir] = tmpdir('requests')
     end
-    it "should find the request in the Key class and return it and return the Puppet SSL request" do
-      Puppet::SSL::CertificateRequest.indirection.expects(:find).with("myname").returns @request
-      expect(@host.certificate_request).to equal(@request)
-    end
+    let(:key) { Puppet::SSL::Key.from_s(@pki[:leaf_key].to_s, @host.name) }
     it "should generate a new key when generating the cert request if no key exists" do
-      Puppet::SSL::CertificateRequest.expects(:new).with("myname").returns @request
-      key = stub 'key', :public_key => mock("public_key"), :content => "mycontent"
+      expect(@host).to receive(:key).exactly(2).times.and_return(nil, key)
+      expect(@host).to receive(:generate_key).and_return(key)
-      @host.expects(:key).times(2).returns(nil).then.returns(key)
-      @host.expects(:generate_key).returns(key)
-      @request.stubs(:generate)
-      Puppet::SSL::CertificateRequest.indirection.stubs(:save)
+      allow(@host).to receive(:submit_certificate_request)
       @host.generate_certificate_request
+      expect(Puppet::FileSystem.exist?(File.join(Puppet[:requestdir], "#{@host.name}.pem"))).to be true
     end
     it "should be able to generate and save a new request using the private key" do
-      Puppet::SSL::CertificateRequest.expects(:new).with("myname").returns @request
-      key = stub 'key', :public_key => mock("public_key"), :content => "mycontent"
-      @host.stubs(:key).returns(key)
-      @request.expects(:generate).with("mycontent", {})
-      Puppet::SSL::CertificateRequest.indirection.expects(:save).with(@request)
+      allow(@host).to receive(:key).and_return(key)
+      allow(@host).to receive(:submit_certificate_request)
       expect(@host.generate_certificate_request).to be_truthy
-      expect(@host.certificate_request).to equal(@request)
+      expect(Puppet::FileSystem.exist?(File.join(Puppet[:requestdir], "#{@host.name}.pem"))).to be true
+    end
+    it "should send a new request to the CA for signing" do
+      allow(@host).to receive(:ssl_store).and_return(double("ssl store"))
+      allow(@host).to receive(:key).and_return(key)
+      request = double("request")
+      allow(request).to receive(:generate)
+      expect(request).to receive(:render).and_return("my request").twice
+      expect(Puppet::SSL::CertificateRequest).to receive(:new).and_return(request)
+      expect(Puppet::Rest::Routes).to receive(:put_certificate_request)
+        .with("my request", @host.name, anything)
+        .and_return(nil)
+      expect(@host.generate_certificate_request).to be true
     end
     it "should return any previously found request without requerying" do
-      Puppet::SSL::CertificateRequest.indirection.expects(:find).with("myname").returns(@request).once
+      request = double("request")
+      expect(@host).to receive(:load_certificate_request_from_file).and_return(request).once
-      expect(@host.certificate_request).to equal(@request)
-      expect(@host.certificate_request).to equal(@request)
+      expect(@host.certificate_request).to equal(request)
+      expect(@host.certificate_request).to equal(request)
     end
     it "should not keep its certificate request in memory if the request cannot be saved" do
-      Puppet::SSL::CertificateRequest.expects(:new).with("myname").returns @request
-      key = stub 'key', :public_key => mock("public_key"), :content => "mycontent"
-      @host.stubs(:key).returns(key)
-      @request.stubs(:generate)
-      @request.stubs(:name).returns("myname")
-      terminus = stub 'terminus'
-      terminus.stubs(:validate)
-      Puppet::SSL::CertificateRequest.indirection.expects(:prepare).returns(terminus)
-      terminus.expects(:save).with { |req| req.instance == @request && req.key == "myname" }.raises "eh"
+      allow(@host).to receive(:key).and_return(key)
+      allow(@host).to receive(:submit_certificate_request)
+      expect(Puppet::Util).to receive(:replace_file).and_raise(RuntimeError)
       expect { @host.generate_certificate_request }.to raise_error(RuntimeError)
@@ -503,114 +297,113 @@ describe Puppet::SSL::Host do
   end
   describe "when managing its certificate" do
-    before do
-      @realcert = mock 'certificate'
-      @cert = stub 'cert', :content => @realcert
-      @host.stubs(:key).returns mock("key")
-      @host.stubs(:validate_certificate_with_key)
+    before(:all) do
+      @pki = PuppetSpec::SSL.create_chained_pki
     end
-    it "should find the CA certificate if it does not have a certificate" do
-      Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).returns mock("cacert")
-      Puppet::SSL::Certificate.indirection.stubs(:find).with("myname").returns @cert
-      @host.certificate
+    before(:each) do
+      Puppet[:certdir] = tmpdir('certs')
+      allow(@host).to receive(:key).and_return(double("key"))
+      allow(@host).to receive(:validate_certificate_with_key)
+      allow(@host).to receive(:ssl_store).and_return(double("ssl store"))
     end
-    it "should not find the CA certificate if it is the CA host" do
-      @host.expects(:ca?).returns true
-      Puppet::SSL::Certificate.indirection.stubs(:find)
-      Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).never
+    let(:ca_cert_response) { @pki[:ca_bundle] }
+    let(:crl_response) { @pki[:crl_chain] }
+    let(:host_cert_response) { @pki[:unrevoked_leaf_node_cert] }
+    it "should find the CA certificate and save it to disk" do
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate/#{@host.name}}).to_return(status: 404)
       @host.certificate
+      actual_ca_bundle = Puppet::FileSystem.read(Puppet[:localcacert])
+      expect(actual_ca_bundle).to match(/BEGIN CERTIFICATE.*END CERTIFICATE.*BEGIN CERTIFICATE/m)
     end
-    it "should return nil if it cannot find a CA certificate" do
-      Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).returns nil
-      Puppet::SSL::Certificate.indirection.expects(:find).with("myname").never
+    it "should raise if it cannot find a CA certificate" do
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 404)
-      expect(@host.certificate).to be_nil
+      expect(@host).not_to receive(:get_host_certificate)
+      expect {
+        @host.certificate
+      }.to raise_error(Puppet::Error, /CA certificate is missing from the server/)
     end
     it "should find the key if it does not have one" do
-      Puppet::SSL::Certificate.indirection.stubs(:find)
-      @host.expects(:key).returns mock("key")
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+      expect(@host).to receive(:get_host_certificate).and_return(nil)
+      expect(@host).to receive(:key).and_return(double("key"))
       @host.certificate
     end
     it "should generate the key if one cannot be found" do
-      Puppet::SSL::Certificate.indirection.stubs(:find)
-      @host.expects(:key).returns nil
-      @host.expects(:generate_key)
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+      expect(@host).to receive(:get_host_certificate).and_return(nil)
+      expect(@host).to receive(:key).and_return(nil)
+      expect(@host).to receive(:generate_key)
       @host.certificate
     end
-    it "should find the certificate in the Certificate class and return the Puppet certificate instance" do
-      Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).returns mock("cacert")
-      Puppet::SSL::Certificate.indirection.expects(:find).with("myname").returns @cert
-      expect(@host.certificate).to equal(@cert)
-    end
+    it "should find the host certificate, write it to file, and return the Puppet certificate instance" do
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate/#{@host.name}}).to_return(status: 200, body: host_cert_response.to_pem)
-    it "should return any previously found certificate" do
-      Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).returns mock("cacert")
-      Puppet::SSL::Certificate.indirection.expects(:find).with("myname").returns(@cert).once
-      expect(@host.certificate).to equal(@cert)
-      expect(@host.certificate).to equal(@cert)
+      expected_cert = Puppet::SSL::Certificate.from_s(@pki[:unrevoked_leaf_node_cert])
+      actual_cert = @host.certificate
+      expect(actual_cert).to be_a(Puppet::SSL::Certificate)
+      expect(actual_cert.to_s).to eq(expected_cert.to_s)
+      host_cert_from_file = Puppet::FileSystem.read(File.join(Puppet[:certdir], "#{@host.name}.pem"))
+      expect(host_cert_from_file).to eq(expected_cert.to_s)
     end
-  end
-  it "should have a method for listing certificate hosts" do
-    expect(Puppet::SSL::Host).to respond_to(:search)
-  end
-  describe "when listing certificate hosts" do
-    it "should default to listing all clients with any file types" do
-      Puppet::SSL::Key.indirection.expects(:search).returns []
-      Puppet::SSL::Certificate.indirection.expects(:search).returns []
-      Puppet::SSL::CertificateRequest.indirection.expects(:search).returns []
-      Puppet::SSL::Host.search
-    end
+    it "should return any previously found certificate" do
+      cert = double('cert')
+      stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+      stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+      expect(@host).to receive(:get_host_certificate).and_return(cert).once
-    it "should be able to list only clients with a key" do
-      Puppet::SSL::Key.indirection.expects(:search).returns []
-      Puppet::SSL::Certificate.indirection.expects(:search).never
-      Puppet::SSL::CertificateRequest.indirection.expects(:search).never
-      Puppet::SSL::Host.search :for => Puppet::SSL::Key
+      expect(@host.certificate).to equal(cert)
+      expect(@host.certificate).to equal(cert)
     end
-    it "should be able to list only clients with a certificate" do
-      Puppet::SSL::Key.indirection.expects(:search).never
-      Puppet::SSL::Certificate.indirection.expects(:search).returns []
-      Puppet::SSL::CertificateRequest.indirection.expects(:search).never
-      Puppet::SSL::Host.search :for => Puppet::SSL::Certificate
-    end
+    context 'invalid certificates' do
+      it "should raise if the CA certificate downloaded from CA is invalid" do
+        stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: 'garbage')
-    it "should be able to list only clients with a certificate request" do
-      Puppet::SSL::Key.indirection.expects(:search).never
-      Puppet::SSL::Certificate.indirection.expects(:search).never
-      Puppet::SSL::CertificateRequest.indirection.expects(:search).returns []
-      Puppet::SSL::Host.search :for => Puppet::SSL::CertificateRequest
-    end
+        expect { @host.certificate }.to raise_error(OpenSSL::X509::CertificateError, /Failed to parse CA certificates as PEM/)
+      end
-    it "should return a Host instance created with the name of each found instance" do
-      key  = stub 'key',  :name => "key",  :to_ary => nil
-      cert = stub 'cert', :name => "cert", :to_ary => nil
-      csr  = stub 'csr',  :name => "csr",  :to_ary => nil
+      it "should warn if the host certificate downloaded from CA is invalid" do
+        stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+        stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+        stub_request(:get, %r{puppet-ca/v1/certificate/#{@host.name}}).to_return(status: 200, body: 'garbage')
-      Puppet::SSL::Key.indirection.expects(:search).returns [key]
-      Puppet::SSL::Certificate.indirection.expects(:search).returns [cert]
-      Puppet::SSL::CertificateRequest.indirection.expects(:search).returns [csr]
+        expect { @host.certificate }.to raise_error(Puppet::Error, /did not contain a valid certificate for #{@host.name}/)
+      end
-      returned = []
-      %w{key cert csr}.each do |name|
-        result = mock(name)
-        returned << result
-        Puppet::SSL::Host.expects(:new).with(name).returns result
+      it 'should warn if the CA certificate loaded from disk is invalid' do
+        Puppet::FileSystem.open(Puppet[:localcacert], nil, "w:ASCII") do |f|
+          f.puts 'garbage'
+        end
+        expect { @host.certificate }.to raise_error(OpenSSL::X509::CertificateError, /Failed to parse CA certificates as PEM/)
       end
-      result = Puppet::SSL::Host.search
-      returned.each do |r|
-        expect(result).to be_include(r)
+      it 'should warn if the host certificate loaded from disk in invalid' do
+        stub_request(:get, %r{puppet-ca/v1/certificate/ca}).to_return(status: 200, body: ca_cert_response)
+        stub_request(:get, %r{puppet-ca/v1/certificate_revocation_list/ca}).to_return(status: 200, body: crl_response)
+        Puppet::FileSystem.open(File.join(Puppet[:certdir], "#{@host.name}.pem"), nil, "w:ASCII") do |f|
+          f.puts 'garbage'
+        end
+        expect { @host.certificate }.to raise_error(Puppet::Error, /The certificate.*invalid/)
       end
     end
   end
@@ -622,145 +415,151 @@ describe Puppet::SSL::Host do
   describe "when generating files" do
     before do
       @host = Puppet::SSL::Host.new("me")
-      @host.stubs(:generate_key)
-      @host.stubs(:generate_certificate_request)
+      allow(@host).to receive(:generate_key)
+      allow(@host).to receive(:generate_certificate_request)
+      allow(@host).to receive(:certificate_request)
+      allow(@host).to receive(:certificate)
     end
     it "should generate a key if one is not present" do
-      @host.stubs(:key).returns nil
-      @host.expects(:generate_key)
+      allow(@host).to receive(:key).and_return nil
+      expect(@host).to receive(:generate_key)
       @host.generate
     end
     it "should generate a certificate request if one is not present" do
-      @host.expects(:certificate_request).returns nil
-      @host.expects(:generate_certificate_request)
+      expect(@host).to receive(:certificate_request).and_return nil
+      expect(@host).to receive(:generate_certificate_request)
       @host.generate
     end
-    describe "and it can create a certificate authority" do
-      before do
-        @ca = mock 'ca'
-        Puppet::SSL::CertificateAuthority.stubs(:instance).returns @ca
-      end
-      it "should use the CA to sign its certificate request if it does not have a certificate" do
-        @host.expects(:certificate).returns nil
-        @ca.expects(:sign).with(@host.name, {allow_dns_alt_names: true})
-        @host.generate
-      end
-    end
-    describe "and it cannot create a certificate authority" do
-      before do
-        Puppet::SSL::CertificateAuthority.stubs(:instance).returns nil
-      end
-      it "should seek its certificate" do
-        @host.expects(:certificate)
-        @host.generate
-      end
-    end
   end
   it "should have a method for creating an SSL store" do
     expect(Puppet::SSL::Host.new("me")).to respond_to(:ssl_store)
   end
-  it "should always return the same store" do
-    host = Puppet::SSL::Host.new("foo")
-    store = mock 'store'
-    store.stub_everything
-    OpenSSL::X509::Store.expects(:new).returns store
-    expect(host.ssl_store).to equal(host.ssl_store)
-  end
   describe "when creating an SSL store" do
     before do
-      @host = Puppet::SSL::Host.new("me")
-      @store = mock 'store'
-      @store.stub_everything
-      OpenSSL::X509::Store.stubs(:new).returns @store
       Puppet[:localcacert] = "ssl_host_testing"
-      Puppet::SSL::CertificateRevocationList.indirection.stubs(:find).returns(nil)
     end
     it "should accept a purpose" do
-      @store.expects(:purpose=).with "my special purpose"
-      @host.ssl_store("my special purpose")
-    end
+      store = double('store', :add_file => nil)
+      expect(OpenSSL::X509::Store).to receive(:new).and_return(store)
+      expect(store).to receive(:purpose=).with(OpenSSL::X509::PURPOSE_SSL_SERVER)
+      host = Puppet::SSL::Host.new("me")
+      host.crl_usage = false
-    it "should default to OpenSSL::X509::PURPOSE_ANY as the purpose" do
-      @store.expects(:purpose=).with OpenSSL::X509::PURPOSE_ANY
-      @host.ssl_store
+      host.ssl_store(OpenSSL::X509::PURPOSE_SSL_SERVER)
     end
-    it "should add the local CA cert file" do
-      Puppet[:localcacert] = "/ca/cert/file"
-      @store.expects(:add_file).with Puppet[:localcacert]
-      @host.ssl_store
+    context "and the CRL is not on disk" do
+      before do
+        @pki = PuppetSpec::SSL.create_chained_pki
+        @revoked_cert = @pki[:revoked_root_node_cert]
+        localcacert = Puppet.settings[:localcacert]
+        Puppet::Util.replace_file(localcacert, 0644) {|f| f.write @pki[:ca_bundle] }
+      end
+      after do
+        Puppet::FileSystem.unlink(Puppet.settings[:localcacert])
+        Puppet::FileSystem.unlink(Puppet.settings[:hostcrl])
+      end
+      it "retrieves it from the server" do
+        expect(Puppet::Rest::Routes).to receive(:get_crls)
+          .with(Puppet::SSL::CA_NAME, anything)
+          .and_return(@pki[:crl_chain])
+        @host.ssl_store
+        expect(Puppet::FileSystem.read(Puppet.settings[:hostcrl], :encoding => Encoding::UTF_8)).to eq(@pki[:crl_chain])
+      end
     end
     describe "and a CRL is available" do
       before do
-        @crl = stub 'crl', :content => "real_crl"
-        Puppet::SSL::CertificateRevocationList.indirection.stubs(:find).returns @crl
+        pki = PuppetSpec::SSL.create_chained_pki
+        @revoked_cert_from_self_signed_root          = pki[:revoked_root_node_cert]
+        @revoked_cert_from_ca_with_untrusted_chain   = pki[:revoked_leaf_node_cert]
+        @unrevoked_cert_from_self_signed_root        = pki[:unrevoked_root_node_cert]
+        @unrevoked_cert_from_revoked_ca              = pki[:unrevoked_int_node_cert]
+        @unrevoked_cert_from_ca_with_untrusted_chain = pki[:unrevoked_leaf_node_cert]
+        localcacert = Puppet.settings[:localcacert]
+        hostcrl     = Puppet.settings[:hostcrl]
+        Puppet::Util.replace_file(localcacert, 0644) {|f| f.write pki[:ca_bundle] }
+        Puppet::Util.replace_file(hostcrl, 0644)     {|f| f.write pki[:crl_chain] }
       end
-      [true, 'chain'].each do |crl_setting|
+      after do
+        Puppet::FileSystem.unlink(Puppet.settings[:localcacert])
+        Puppet::FileSystem.unlink(Puppet.settings[:hostcrl])
+      end
+      [true, :chain].each do |crl_setting|
         describe "and 'certificate_revocation' is #{crl_setting}" do
           before do
-            Puppet[:certificate_revocation] = crl_setting
+            @host = Puppet::SSL::Host.new(crl_setting.to_s)
+            @host.crl_usage = crl_setting
           end
-          it "should add the CRL" do
-            @store.expects(:add_crl).with "real_crl"
-            @host.ssl_store
+          it "should verify unrevoked certs" do
+            expect(
+              @host.ssl_store.verify(@unrevoked_cert_from_self_signed_root)
+            ).to be true
           end
-          it "should set the flags to OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK" do
-            @store.expects(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK)
-            @host.ssl_store
+          it "should not verify revoked certs" do
+            [@revoked_cert_from_self_signed_root,
+             @revoked_cert_from_ca_with_untrusted_chain,
+             @unrevoked_cert_from_revoked_ca,
+             @unrevoked_cert_from_ca_with_untrusted_chain].each do |cert|
+              expect(@host.ssl_store.verify(cert)).to be false
+            end
           end
         end
       end
       describe "and 'certificate_revocation' is leaf" do
         before do
-          Puppet[:certificate_revocation] = 'leaf'
+          @host = Puppet::SSL::Host.new("leaf")
+          @host.crl_usage = :leaf
         end
-        it "should add the CRL" do
-          @store.expects(:add_crl).with "real_crl"
-          @host.ssl_store
+        it "should verify unrevoked certs regardless of signing CA's revocation status" do
+          [@unrevoked_cert_from_self_signed_root,
+           @unrevoked_cert_from_revoked_ca,
+           @unrevoked_cert_from_ca_with_untrusted_chain].each do |cert|
+            expect(@host.ssl_store.verify(cert)).to be true
+          end
         end
-        it "should set the flags to OpenSSL::X509::V_FLAG_CRL_CHECK" do
-          @store.expects(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK)
-          @host.ssl_store
+        it "should not verify certs revoked by their signing CA" do
+          [@revoked_cert_from_self_signed_root,
+           @revoked_cert_from_ca_with_untrusted_chain].each do |cert|
+            expect(@host.ssl_store.verify(cert)).to be false
+          end
         end
       end
       describe "and 'certificate_revocation' is false" do
         before do
-          Puppet[:certificate_revocation] = false
-        end
-        it "should not add the CRL" do
-          @store.expects(:add_crl).never
-          @host.ssl_store
+          @host = Puppet::SSL::Host.new("host")
+          @host.crl_usage = false
         end
-        it "should not set the flags" do
-          @store.expects(:flags=).never
-          @host.ssl_store
+        it "should verify valid certs regardless of revocation status" do
+          [@revoked_cert_from_self_signed_root,
+           @revoked_cert_from_ca_with_untrusted_chain,
+           @unrevoked_cert_from_self_signed_root,
+           @unrevoked_cert_from_revoked_ca,
+           @unrevoked_cert_from_ca_with_untrusted_chain].each do |cert|
+            expect(@host.ssl_store.verify(cert)).to be true
+          end
         end
       end
     end
@@ -772,187 +571,75 @@ describe Puppet::SSL::Host do
     end
     it "should generate its certificate request and attempt to read the certificate again if no certificate is found" do
-      @host.expects(:certificate).times(2).returns(nil).then.returns "foo"
-      @host.expects(:generate)
+      expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
+      expect(@host).to receive(:generate)
       @host.wait_for_cert(1)
     end
     it "should catch and log errors during CSR saving" do
-      @host.expects(:certificate).times(2).returns(nil).then.returns "foo"
-      @host.expects(:generate).raises(RuntimeError).then.returns nil
-      @host.stubs(:sleep)
+      expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
+      times_generate_called = 0
+      expect(@host).to receive(:generate) do
+        times_generate_called += 1
+        raise RuntimeError if times_generate_called == 1
+        nil
+      end
+      allow(@host).to receive(:sleep)
       @host.wait_for_cert(1)
     end
     it "should sleep and retry after failures saving the CSR if waitforcert is enabled" do
-      @host.expects(:certificate).times(2).returns(nil).then.returns "foo"
-      @host.expects(:generate).raises(RuntimeError).then.returns nil
-      @host.expects(:sleep).with(1)
+      expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
+      times_generate_called = 0
+      expect(@host).to receive(:generate) do
+        times_generate_called += 1
+        raise RuntimeError if times_generate_called == 1
+        nil
+      end
+      expect(@host).to receive(:sleep).with(1)
       @host.wait_for_cert(1)
     end
     it "should exit after failures saving the CSR of waitforcert is disabled" do
-      @host.expects(:certificate).returns(nil)
-      @host.expects(:generate).raises(RuntimeError)
-      @host.expects(:puts)
+      expect(@host).to receive(:certificate).and_return(nil)
+      expect(@host).to receive(:generate).and_raise(RuntimeError)
+      expect(@host).to receive(:puts)
       expect { @host.wait_for_cert(0) }.to exit_with 1
     end
     it "should exit if the wait time is 0 and it can neither find nor retrieve a certificate" do
-      @host.stubs(:certificate).returns nil
-      @host.expects(:generate)
-      @host.expects(:puts)
+      allow(@host).to receive(:certificate).and_return(nil)
+      expect(@host).to receive(:generate)
+      expect(@host).to receive(:puts)
       expect { @host.wait_for_cert(0) }.to exit_with 1
     end
     it "should sleep for the specified amount of time if no certificate is found after generating its certificate request" do
-      @host.expects(:certificate).times(3).returns(nil).then.returns(nil).then.returns "foo"
-      @host.expects(:generate)
+      expect(@host).to receive(:certificate).exactly(3).times().and_return(nil, nil, "foo")
+      expect(@host).to receive(:generate)
-      @host.expects(:sleep).with(1)
+      expect(@host).to receive(:sleep).with(1)
       @host.wait_for_cert(1)
     end
     it "should catch and log exceptions during certificate retrieval" do
-      @host.expects(:certificate).times(3).returns(nil).then.raises(RuntimeError).then.returns("foo")
-      @host.stubs(:generate)
-      @host.stubs(:sleep)
-      Puppet.expects(:err)
-      @host.wait_for_cert(1)
-    end
-  end
-  describe "when handling JSON", :unless => Puppet.features.microsoft_windows? do
-    include PuppetSpec::Files
-    before do
-      Puppet[:vardir] = tmpdir("ssl_test_vardir")
-      Puppet[:ssldir] = tmpdir("ssl_test_ssldir")
-      # localcacert is where each client stores the CA certificate
-      # cacert is where the master stores the CA certificate
-      # Since we need to play the role of both for testing we need them to be the same and exist
-      Puppet[:cacert] = Puppet[:localcacert]
-      @ca=Puppet::SSL::CertificateAuthority.new
-    end
-    describe "when converting to JSON" do
-      let(:host) do
-        Puppet::SSL::Host.new("bazinga")
-      end
-      let(:json_hash) do
-        {
-          "fingerprint"   => host.certificate_request.fingerprint,
-          "desired_state" => 'requested',
-          "name"          => host.name
-        }
-      end
-      it "should be able to identify a host with an unsigned certificate request" do
-        host.generate_certificate_request
-        result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-        base_json_comparison result, json_hash
-      end
-      it "should validate against the schema" do
-        host.generate_certificate_request
-        expect(host.to_json).to validate_against('api/schemas/host.json')
-      end
-      describe "explicit fingerprints" do
-        [:SHA1, :SHA256, :SHA512].each do |md|
-          it "should include #{md}" do
-            mds = md.to_s
-            host.generate_certificate_request
-            json_hash["fingerprints"] = {}
-            json_hash["fingerprints"][mds] = host.certificate_request.fingerprint(md)
-            result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-            base_json_comparison result, json_hash
-            expect(result["fingerprints"][mds]).to eq(json_hash["fingerprints"][mds])
-          end
-        end
-      end
-      describe "dns_alt_names" do
-        describe "when not specified" do
-          it "should include the dns_alt_names associated with the certificate" do
-            host.generate_certificate_request
-            json_hash["desired_alt_names"] = host.certificate_request.subject_alt_names
-            result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-            base_json_comparison result, json_hash
-            expect(result["dns_alt_names"]).to eq(json_hash["desired_alt_names"])
-          end
-        end
-        [ "",
-          "test, alt, names"
-        ].each do |alt_names|
-          describe "when #{alt_names}" do
-            before(:each) do
-              host.generate_certificate_request :dns_alt_names => alt_names
-            end
-            it "should include the dns_alt_names associated with the certificate" do
-              json_hash["desired_alt_names"] = host.certificate_request.subject_alt_names
-              result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-              base_json_comparison result, json_hash
-              expect(result["dns_alt_names"]).to eq(json_hash["desired_alt_names"])
-            end
-            it "should validate against the schema" do
-              expect(host.to_json).to validate_against('api/schemas/host.json')
-            end
-          end
+      times_certificate_called = 0
+      expect(@host).to receive(:certificate) do
+        times_certificate_called += 1
+        if times_certificate_called == 1
+          return nil
+        elsif times_certificate_called == 2
+          raise RuntimeError
         end
-      end
+        "foo"
+      end.exactly(3).times()
+      allow(@host).to receive(:generate)
+      allow(@host).to receive(:sleep)
-      it "should be able to identify a host with a signed certificate" do
-        host.generate_certificate_request
-        @ca.sign(host.name)
-        json_hash = {
-          "fingerprint"          => Puppet::SSL::Certificate.indirection.find(host.name).fingerprint,
-          "desired_state"        => 'signed',
-          "name"                 => host.name,
-        }
-        result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-        base_json_comparison result, json_hash
-      end
-      it "should be able to identify a host with a revoked certificate" do
-        host.generate_certificate_request
-        @ca.sign(host.name)
-        @ca.revoke(host.name)
-        json_hash["fingerprint"] = Puppet::SSL::Certificate.indirection.find(host.name).fingerprint
-        json_hash["desired_state"] = 'revoked'
+      expect(Puppet).to receive(:log_exception).at_least(:once)
-        result = JSON.parse(Puppet::SSL::Host.new(host.name).to_json)
-        base_json_comparison result, json_hash
-      end
-    end
-    describe "when converting from JSON" do
-      it "should return a Puppet::SSL::Host object with the specified desired state" do
-        host = Puppet::SSL::Host.new("bazinga")
-        host.desired_state="signed"
-        json_hash = {
-          "name"  => host.name,
-          "desired_state" => host.desired_state,
-        }
-        generated_host = Puppet::SSL::Host.from_data_hash(json_hash)
-        expect(generated_host.desired_state).to eq(host.desired_state)
-        expect(generated_host.name).to eq(host.name)
-      end
+      @host.wait_for_cert(1)
     end
   end
 end