puppet 5.3.4 → 6.29.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/CODEOWNERS +11 -0
- data/CODE_OF_CONDUCT.md +70 -0
- data/CONTRIBUTING.md +59 -55
- data/Gemfile +52 -70
- data/Gemfile.lock +251 -0
- data/Guardfile.example +76 -0
- data/LICENSE +189 -4
- data/README.md +31 -37
- data/Rakefile +53 -52
- data/conf/auth.conf +7 -2
- data/conf/environment.conf +1 -1
- data/conf/fileserver.conf +1 -1
- data/conf/puppet.conf +4 -4
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +19 -20
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/ext/build_defaults.yaml +1 -2
- data/ext/hiera/hiera.yaml +1 -1
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +16 -12
- data/ext/redhat/client.init +2 -2
- data/ext/solaris/smf/puppet +11 -11
- data/ext/solaris/smf/puppet.xml +2 -0
- data/ext/windows/service/daemon.rb +40 -10
- data/install.rb +8 -27
- data/lib/hiera/puppet_function.rb +1 -1
- data/lib/hiera/scope.rb +31 -2
- data/lib/hiera_puppet.rb +2 -1
- data/lib/puppet/agent/locker.rb +0 -7
- data/lib/puppet/agent.rb +68 -26
- data/lib/puppet/application/agent.rb +107 -59
- data/lib/puppet/application/apply.rb +144 -74
- data/lib/puppet/application/cert.rb +27 -285
- data/lib/puppet/application/describe.rb +10 -15
- data/lib/puppet/application/device.rb +241 -89
- data/lib/puppet/application/doc.rb +8 -5
- data/lib/puppet/application/face_base.rb +23 -16
- data/lib/puppet/application/facts.rb +5 -0
- data/lib/puppet/application/filebucket.rb +51 -16
- data/lib/puppet/application/lookup.rb +92 -20
- data/lib/puppet/application/plugin.rb +1 -0
- data/lib/puppet/application/resource.rb +39 -23
- data/lib/puppet/application/script.rb +264 -0
- data/lib/puppet/application/ssl.rb +288 -0
- data/lib/puppet/application.rb +25 -9
- data/lib/puppet/application_support.rb +9 -3
- data/lib/puppet/concurrent/lock.rb +16 -0
- data/lib/puppet/concurrent/synchronized.rb +15 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +17 -0
- data/lib/puppet/concurrent.rb +2 -0
- data/lib/puppet/configurer/downloader.rb +36 -18
- data/lib/puppet/configurer/fact_handler.rb +5 -1
- data/lib/puppet/configurer/plugin_handler.rb +36 -11
- data/lib/puppet/configurer.rb +367 -152
- data/lib/puppet/confine/any.rb +1 -1
- data/lib/puppet/confine/boolean.rb +45 -0
- data/lib/puppet/confine/false.rb +7 -1
- data/lib/puppet/confine/true.rb +7 -1
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/confine.rb +6 -3
- data/lib/puppet/confine_collection.rb +2 -1
- data/lib/puppet/context/trusted_information.rb +48 -4
- data/lib/puppet/context.rb +120 -48
- data/lib/puppet/daemon.rb +17 -30
- data/lib/puppet/datatypes/error.rb +21 -0
- data/lib/puppet/datatypes/impl/error.rb +40 -0
- data/lib/puppet/datatypes.rb +213 -0
- data/lib/puppet/defaults.rb +651 -371
- data/lib/puppet/environments.rb +218 -105
- data/lib/puppet/error.rb +52 -4
- data/lib/puppet/etc.rb +26 -7
- data/lib/puppet/external/dot.rb +23 -24
- data/lib/puppet/external/pson/pure/generator.rb +1 -1
- data/lib/puppet/external/pson/pure/parser.rb +3 -2
- data/lib/puppet/face/catalog.rb +20 -1
- data/lib/puppet/face/config.rb +167 -32
- data/lib/puppet/face/epp.rb +52 -15
- data/lib/puppet/face/facts.rb +210 -0
- data/lib/puppet/face/generate.rb +2 -0
- data/lib/puppet/face/help/action.erb +5 -1
- data/lib/puppet/face/help/face.erb +2 -1
- data/lib/puppet/face/help/global.erb +2 -2
- data/lib/puppet/face/help/man.erb +1 -1
- data/lib/puppet/face/help.rb +80 -41
- data/lib/puppet/face/key.rb +1 -1
- data/lib/puppet/face/man.rb +55 -12
- data/lib/puppet/face/module/build.rb +5 -54
- data/lib/puppet/face/module/changes.rb +2 -1
- data/lib/puppet/face/module/generate.rb +6 -243
- data/lib/puppet/face/module/install.rb +1 -4
- data/lib/puppet/face/module/list.rb +5 -10
- data/lib/puppet/face/module/search.rb +13 -4
- data/lib/puppet/face/module/uninstall.rb +2 -5
- data/lib/puppet/face/module/upgrade.rb +2 -5
- data/lib/puppet/face/node/clean.rb +26 -12
- data/lib/puppet/face/node.rb +3 -3
- data/lib/puppet/face/parser.rb +78 -12
- data/lib/puppet/face/plugin.rb +9 -4
- data/lib/puppet/face/status.rb +3 -3
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/feature/base.rb +9 -28
- data/lib/puppet/feature/bolt.rb +3 -0
- data/lib/puppet/feature/eventlog.rb +1 -1
- data/lib/puppet/ffi/posix/constants.rb +14 -0
- data/lib/puppet/ffi/posix/functions.rb +24 -0
- data/lib/puppet/ffi/posix.rb +10 -0
- data/lib/puppet/file_bucket/dipper.rb +5 -5
- data/lib/puppet/file_bucket/file.rb +0 -2
- data/lib/puppet/file_serving/base.rb +16 -16
- data/lib/puppet/file_serving/configuration/parser.rb +2 -0
- data/lib/puppet/file_serving/configuration.rb +5 -1
- data/lib/puppet/file_serving/fileset.rb +17 -5
- data/lib/puppet/file_serving/http_metadata.rb +19 -5
- data/lib/puppet/file_serving/metadata.rb +12 -4
- data/lib/puppet/file_serving/mount/file.rb +6 -5
- data/lib/puppet/file_serving/mount/locales.rb +3 -3
- data/lib/puppet/file_serving/mount/modules.rb +4 -2
- data/lib/puppet/file_serving/mount/pluginfacts.rb +3 -3
- data/lib/puppet/file_serving/mount/plugins.rb +3 -3
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_serving/mount/tasks.rb +4 -2
- data/lib/puppet/file_serving/terminus_selector.rb +7 -8
- data/lib/puppet/file_system/file_impl.rb +45 -11
- data/lib/puppet/file_system/jruby.rb +23 -0
- data/lib/puppet/file_system/memory_file.rb +15 -2
- data/lib/puppet/file_system/memory_impl.rb +13 -0
- data/lib/puppet/file_system/posix.rb +3 -2
- data/lib/puppet/file_system/uniquefile.rb +15 -17
- data/lib/puppet/file_system/windows.rb +85 -2
- data/lib/puppet/file_system.rb +29 -15
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/errors.rb +5 -5
- data/lib/puppet/forge/repository.rb +28 -87
- data/lib/puppet/forge.rb +45 -22
- data/lib/puppet/functions/abs.rb +61 -0
- data/lib/puppet/functions/alert.rb +1 -1
- data/lib/puppet/functions/all.rb +15 -11
- data/lib/puppet/functions/annotate.rb +11 -11
- data/lib/puppet/functions/any.rb +15 -11
- data/lib/puppet/functions/assert_type.rb +7 -7
- data/lib/puppet/functions/binary_file.rb +14 -2
- data/lib/puppet/functions/break.rb +34 -9
- data/lib/puppet/functions/call.rb +43 -5
- data/lib/puppet/functions/camelcase.rb +62 -0
- data/lib/puppet/functions/capitalize.rb +61 -0
- data/lib/puppet/functions/ceiling.rb +37 -0
- data/lib/puppet/functions/chomp.rb +57 -0
- data/lib/puppet/functions/chop.rb +67 -0
- data/lib/puppet/functions/compare.rb +125 -0
- data/lib/puppet/functions/contain.rb +25 -3
- data/lib/puppet/functions/convert_to.rb +34 -0
- data/lib/puppet/functions/crit.rb +1 -1
- data/lib/puppet/functions/debug.rb +1 -1
- data/lib/puppet/functions/defined.rb +11 -12
- data/lib/puppet/functions/dig.rb +47 -3
- data/lib/puppet/functions/downcase.rb +89 -0
- data/lib/puppet/functions/each.rb +20 -16
- data/lib/puppet/functions/emerg.rb +1 -1
- data/lib/puppet/functions/empty.rb +85 -0
- data/lib/puppet/functions/epp.rb +5 -4
- data/lib/puppet/functions/err.rb +1 -1
- data/lib/puppet/functions/eyaml_lookup_key.rb +21 -15
- data/lib/puppet/functions/filter.rb +31 -23
- data/lib/puppet/functions/find_file.rb +15 -2
- data/lib/puppet/functions/find_template.rb +63 -0
- data/lib/puppet/functions/flatten.rb +64 -0
- data/lib/puppet/functions/floor.rb +37 -0
- data/lib/puppet/functions/get.rb +150 -0
- data/lib/puppet/functions/getvar.rb +87 -0
- data/lib/puppet/functions/group_by.rb +62 -0
- data/lib/puppet/functions/hiera.rb +11 -11
- data/lib/puppet/functions/hiera_array.rb +11 -11
- data/lib/puppet/functions/hiera_hash.rb +12 -12
- data/lib/puppet/functions/hiera_include.rb +15 -15
- data/lib/puppet/functions/hocon_data.rb +1 -1
- data/lib/puppet/functions/include.rb +34 -2
- data/lib/puppet/functions/index.rb +167 -0
- data/lib/puppet/functions/info.rb +1 -1
- data/lib/puppet/functions/inline_epp.rb +8 -7
- data/lib/puppet/functions/join.rb +56 -0
- data/lib/puppet/functions/json_data.rb +3 -3
- data/lib/puppet/functions/keys.rb +25 -0
- data/lib/puppet/functions/length.rb +44 -0
- data/lib/puppet/functions/lest.rb +39 -1
- data/lib/puppet/functions/lookup.rb +3 -2
- data/lib/puppet/functions/lstrip.rb +58 -0
- data/lib/puppet/functions/map.rb +22 -18
- data/lib/puppet/functions/match.rb +19 -9
- data/lib/puppet/functions/max.rb +183 -0
- data/lib/puppet/functions/min.rb +182 -0
- data/lib/puppet/functions/module_directory.rb +41 -0
- data/lib/puppet/functions/new.rb +987 -8
- data/lib/puppet/functions/next.rb +20 -10
- data/lib/puppet/functions/notice.rb +1 -1
- data/lib/puppet/functions/partition.rb +62 -0
- data/lib/puppet/functions/reduce.rb +9 -11
- data/lib/puppet/functions/regsubst.rb +60 -35
- data/lib/puppet/functions/require.rb +42 -2
- data/lib/puppet/functions/return.rb +2 -9
- data/lib/puppet/functions/reverse_each.rb +72 -3
- data/lib/puppet/functions/round.rb +24 -0
- data/lib/puppet/functions/rstrip.rb +58 -0
- data/lib/puppet/functions/size.rb +15 -0
- data/lib/puppet/functions/slice.rb +23 -9
- data/lib/puppet/functions/sort.rb +74 -0
- data/lib/puppet/functions/split.rb +12 -10
- data/lib/puppet/functions/step.rb +74 -2
- data/lib/puppet/functions/strftime.rb +179 -10
- data/lib/puppet/functions/strip.rb +58 -0
- data/lib/puppet/functions/then.rb +65 -2
- data/lib/puppet/functions/tree_each.rb +32 -35
- data/lib/puppet/functions/type.rb +42 -1
- data/lib/puppet/functions/unique.rb +13 -13
- data/lib/puppet/functions/unwrap.rb +25 -6
- data/lib/puppet/functions/upcase.rb +89 -0
- data/lib/puppet/functions/values.rb +25 -0
- data/lib/puppet/functions/versioncmp.rb +7 -3
- data/lib/puppet/functions/warning.rb +1 -1
- data/lib/puppet/functions/with.rb +9 -7
- data/lib/puppet/functions/yaml_data.rb +11 -9
- data/lib/puppet/functions.rb +208 -91
- data/lib/puppet/generate/type.rb +12 -2
- data/lib/puppet/gettext/config.rb +31 -8
- data/lib/puppet/gettext/module_translations.rb +5 -5
- data/lib/puppet/gettext/stubs.rb +1 -1
- data/lib/puppet/graph/rb_tree_map.rb +2 -2
- data/lib/puppet/graph/relationship_graph.rb +2 -1
- data/lib/puppet/graph/simple_graph.rb +16 -10
- data/lib/puppet/graph.rb +0 -2
- data/lib/puppet/http/client.rb +468 -0
- data/lib/puppet/http/errors.rb +32 -0
- data/lib/puppet/http/external_client.rb +90 -0
- data/lib/puppet/http/redirector.rb +89 -0
- data/lib/puppet/http/resolver/server_list.rb +91 -0
- data/lib/puppet/http/resolver/settings.rb +26 -0
- data/lib/puppet/http/resolver/srv.rb +45 -0
- data/lib/puppet/http/resolver.rb +58 -0
- data/lib/puppet/http/response.rb +120 -0
- data/lib/puppet/http/retry_after_handler.rb +86 -0
- data/lib/puppet/http/service/ca.rb +112 -0
- data/lib/puppet/http/service/compiler.rb +393 -0
- data/lib/puppet/http/service/file_server.rb +207 -0
- data/lib/puppet/http/service/puppetserver.rb +39 -0
- data/lib/puppet/http/service/report.rb +66 -0
- data/lib/puppet/http/service.rb +196 -0
- data/lib/puppet/http/session.rb +131 -0
- data/lib/puppet/http.rb +37 -0
- data/lib/puppet/indirector/catalog/compiler.rb +60 -22
- data/lib/puppet/indirector/catalog/json.rb +14 -3
- data/lib/puppet/indirector/catalog/rest.rb +35 -0
- data/lib/puppet/indirector/catalog/yaml.rb +0 -16
- data/lib/puppet/indirector/certificate/file.rb +1 -1
- data/lib/puppet/indirector/certificate/rest.rb +3 -1
- data/lib/puppet/indirector/certificate_request/file.rb +1 -0
- data/lib/puppet/indirector/certificate_request/memory.rb +1 -0
- data/lib/puppet/indirector/certificate_request/rest.rb +1 -0
- data/lib/puppet/indirector/exec.rb +1 -1
- data/lib/puppet/indirector/face.rb +2 -2
- data/lib/puppet/indirector/fact_search.rb +60 -0
- data/lib/puppet/indirector/facts/facter.rb +31 -12
- data/lib/puppet/indirector/facts/json.rb +27 -0
- data/lib/puppet/indirector/facts/rest.rb +63 -0
- data/lib/puppet/indirector/facts/yaml.rb +7 -64
- data/lib/puppet/indirector/file_bucket_file/file.rb +7 -3
- data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
- data/lib/puppet/indirector/file_content/http.rb +8 -1
- data/lib/puppet/indirector/file_content/rest.rb +30 -0
- data/lib/puppet/indirector/file_metadata/http.rb +28 -8
- data/lib/puppet/indirector/file_metadata/rest.rb +53 -0
- data/lib/puppet/indirector/file_server.rb +5 -3
- data/lib/puppet/indirector/hiera.rb +6 -0
- data/lib/puppet/indirector/indirection.rb +59 -31
- data/lib/puppet/indirector/json.rb +6 -2
- data/lib/puppet/indirector/key/file.rb +2 -6
- data/lib/puppet/indirector/key/memory.rb +1 -0
- data/lib/puppet/indirector/msgpack.rb +2 -2
- data/lib/puppet/indirector/node/exec.rb +4 -5
- data/lib/puppet/indirector/node/json.rb +8 -0
- data/lib/puppet/indirector/node/rest.rb +24 -0
- data/lib/puppet/indirector/node/yaml.rb +0 -6
- data/lib/puppet/indirector/report/json.rb +34 -0
- data/lib/puppet/indirector/report/processor.rb +4 -3
- data/lib/puppet/indirector/report/rest.rb +19 -0
- data/lib/puppet/indirector/report/yaml.rb +23 -0
- data/lib/puppet/indirector/request.rb +49 -28
- data/lib/puppet/indirector/resource/ral.rb +7 -4
- data/lib/puppet/indirector/resource/validator.rb +1 -1
- data/lib/puppet/indirector/rest.rb +30 -66
- data/lib/puppet/indirector/ssl_file.rb +13 -52
- data/lib/puppet/indirector/status/rest.rb +18 -0
- data/lib/puppet/indirector/terminus.rb +11 -4
- data/lib/puppet/indirector/yaml.rb +5 -5
- data/lib/puppet/indirector.rb +3 -3
- data/lib/puppet/info_service/class_information_service.rb +1 -1
- data/lib/puppet/info_service/plan_information_service.rb +36 -0
- data/lib/puppet/info_service/task_information_service.rb +7 -3
- data/lib/puppet/info_service.rb +9 -0
- data/lib/puppet/interface/action.rb +23 -10
- data/lib/puppet/interface/action_builder.rb +8 -0
- data/lib/puppet/interface/action_manager.rb +2 -1
- data/lib/puppet/interface/documentation.rb +11 -7
- data/lib/puppet/interface/face_collection.rb +9 -4
- data/lib/puppet/interface/option.rb +4 -2
- data/lib/puppet/interface/option_manager.rb +5 -3
- data/lib/puppet/interface.rb +5 -3
- data/lib/puppet/loaders.rb +10 -1
- data/lib/puppet/metatype/manager.rb +81 -83
- data/lib/puppet/module/plan.rb +159 -0
- data/lib/puppet/module/task.rb +216 -32
- data/lib/puppet/module.rb +51 -39
- data/lib/puppet/module_tool/applications/application.rb +7 -6
- data/lib/puppet/module_tool/applications/checksummer.rb +3 -3
- data/lib/puppet/module_tool/applications/installer.rb +72 -13
- data/lib/puppet/module_tool/applications/uninstaller.rb +6 -5
- data/lib/puppet/module_tool/applications/unpacker.rb +4 -4
- data/lib/puppet/module_tool/applications/upgrader.rb +12 -8
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/contents_description.rb +2 -1
- data/lib/puppet/module_tool/dependency.rb +1 -1
- data/lib/puppet/module_tool/errors/shared.rb +34 -2
- data/lib/puppet/module_tool/installed_modules.rb +3 -3
- data/lib/puppet/module_tool/local_tarball.rb +3 -3
- data/lib/puppet/module_tool/metadata.rb +5 -8
- data/lib/puppet/module_tool/shared_behaviors.rb +8 -7
- data/lib/puppet/module_tool/tar/mini.rb +14 -4
- data/lib/puppet/module_tool.rb +4 -6
- data/lib/puppet/network/authconfig.rb +5 -16
- data/lib/puppet/network/authstore.rb +3 -2
- data/lib/puppet/network/format_support.rb +15 -10
- data/lib/puppet/network/formats.rb +168 -10
- data/lib/puppet/network/http/api/indirected_routes.rb +31 -20
- data/lib/puppet/network/http/api/master/v3/environment.rb +5 -2
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -3
- data/lib/puppet/network/http/api.rb +1 -10
- data/lib/puppet/network/http/base_pool.rb +36 -0
- data/lib/puppet/network/http/compression.rb +8 -1
- data/lib/puppet/network/http/connection.rb +59 -36
- data/lib/puppet/network/http/connection_adapter.rb +184 -0
- data/lib/puppet/network/http/error.rb +3 -3
- data/lib/puppet/network/http/factory.rb +16 -18
- data/lib/puppet/network/http/handler.rb +60 -27
- data/lib/puppet/network/http/nocache_pool.rb +11 -4
- data/lib/puppet/network/http/pool.rb +24 -16
- data/lib/puppet/network/http/request.rb +2 -1
- data/lib/puppet/network/http/route.rb +4 -3
- data/lib/puppet/network/http/session.rb +3 -2
- data/lib/puppet/network/http/site.rb +5 -1
- data/lib/puppet/network/http.rb +2 -7
- data/lib/puppet/network/http_pool.rb +35 -1
- data/lib/puppet/network/resolver.rb +140 -67
- data/lib/puppet/network/rights.rb +3 -2
- data/lib/puppet/network/uri.rb +18 -0
- data/lib/puppet/node/environment.rb +65 -62
- data/lib/puppet/node/facts.rb +28 -1
- data/lib/puppet/node.rb +65 -8
- data/lib/puppet/pal/catalog_compiler.rb +108 -0
- data/lib/puppet/pal/compiler.rb +222 -0
- data/lib/puppet/pal/function_signature.rb +52 -0
- data/lib/puppet/pal/json_catalog_encoder.rb +67 -0
- data/lib/puppet/pal/pal_api.rb +15 -0
- data/lib/puppet/pal/pal_impl.rb +588 -0
- data/lib/puppet/pal/plan_signature.rb +71 -0
- data/lib/puppet/pal/script_compiler.rb +73 -0
- data/lib/puppet/pal/task_signature.rb +58 -0
- data/lib/puppet/parameter/boolean.rb +1 -1
- data/lib/puppet/parameter/value_collection.rb +8 -8
- data/lib/puppet/parameter.rb +17 -10
- data/lib/puppet/parser/abstract_compiler.rb +36 -0
- data/lib/puppet/parser/ast/branch.rb +4 -4
- data/lib/puppet/parser/ast/leaf.rb +10 -4
- data/lib/puppet/parser/ast/pops_bridge.rb +34 -68
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/ast.rb +5 -9
- data/lib/puppet/parser/catalog_compiler.rb +56 -0
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +3 -1
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +9 -2
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/compiler.rb +73 -93
- data/lib/puppet/parser/environment_compiler.rb +4 -1
- data/lib/puppet/parser/files.rb +2 -1
- data/lib/puppet/parser/functions/assert_type.rb +3 -3
- data/lib/puppet/parser/functions/create_resources.rb +18 -14
- data/lib/puppet/parser/functions/each.rb +2 -2
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/fail.rb +8 -1
- data/lib/puppet/parser/functions/filter.rb +3 -2
- data/lib/puppet/parser/functions/fqdn_rand.rb +27 -4
- data/lib/puppet/parser/functions/generate.rb +8 -7
- data/lib/puppet/parser/functions/hiera.rb +4 -4
- data/lib/puppet/parser/functions/hiera_array.rb +5 -5
- data/lib/puppet/parser/functions/hiera_hash.rb +6 -6
- data/lib/puppet/parser/functions/hiera_include.rb +10 -11
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/parser/functions/inline_template.rb +7 -1
- data/lib/puppet/parser/functions/lest.rb +1 -1
- data/lib/puppet/parser/functions/lookup.rb +1 -1
- data/lib/puppet/parser/functions/map.rb +1 -1
- data/lib/puppet/parser/functions/new.rb +32 -47
- data/lib/puppet/parser/functions/realize.rb +6 -0
- data/lib/puppet/parser/functions/reduce.rb +1 -1
- data/lib/puppet/parser/functions/return.rb +22 -1
- data/lib/puppet/parser/functions/reverse_each.rb +2 -2
- data/lib/puppet/parser/functions/scanf.rb +1 -1
- data/lib/puppet/parser/functions/sha256.rb +5 -0
- data/lib/puppet/parser/functions/sprintf.rb +12 -1
- data/lib/puppet/parser/functions/step.rb +1 -1
- data/lib/puppet/parser/functions/tag.rb +6 -0
- data/lib/puppet/parser/functions/tagged.rb +6 -3
- data/lib/puppet/parser/functions/template.rb +5 -0
- data/lib/puppet/parser/functions/then.rb +1 -1
- data/lib/puppet/parser/functions/with.rb +4 -4
- data/lib/puppet/parser/functions.rb +60 -17
- data/lib/puppet/parser/parser_factory.rb +1 -1
- data/lib/puppet/parser/relationship.rb +2 -1
- data/lib/puppet/parser/resource/param.rb +18 -5
- data/lib/puppet/parser/resource.rb +11 -8
- data/lib/puppet/parser/scope.rb +48 -22
- data/lib/puppet/parser/script_compiler.rb +123 -0
- data/lib/puppet/parser/templatewrapper.rb +4 -2
- data/lib/puppet/parser/type_loader.rb +15 -14
- data/lib/puppet/parser.rb +1 -0
- data/lib/puppet/plugins/configuration.rb +5 -1
- data/lib/puppet/pops/adaptable.rb +8 -17
- data/lib/puppet/pops/adapters.rb +22 -4
- data/lib/puppet/pops/evaluator/access_operator.rb +39 -5
- data/lib/puppet/pops/evaluator/closure.rb +19 -9
- data/lib/puppet/pops/evaluator/collector_transformer.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +4 -4
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +3 -2
- data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +2 -1
- data/lib/puppet/pops/evaluator/compare_operator.rb +7 -5
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +132 -0
- data/lib/puppet/pops/evaluator/epp_evaluator.rb +15 -2
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +82 -16
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +6 -5
- data/lib/puppet/pops/evaluator/literal_evaluator.rb +1 -1
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +24 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +5 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +18 -21
- data/lib/puppet/pops/functions/dispatch.rb +13 -6
- data/lib/puppet/pops/functions/function.rb +2 -2
- data/lib/puppet/pops/issue_reporter.rb +18 -1
- data/lib/puppet/pops/issues.rb +73 -10
- data/lib/puppet/pops/loader/base_loader.rb +14 -2
- data/lib/puppet/pops/loader/dependency_loader.rb +11 -2
- data/lib/puppet/pops/loader/gem_support.rb +4 -2
- data/lib/puppet/pops/loader/generic_plan_instantiator.rb +28 -0
- data/lib/puppet/pops/loader/loader.rb +26 -5
- data/lib/puppet/pops/loader/loader_paths.rb +221 -32
- data/lib/puppet/pops/loader/module_loaders.rb +242 -40
- data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +93 -0
- data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +9 -9
- data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +39 -0
- data/lib/puppet/pops/loader/ruby_function_instantiator.rb +1 -2
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +121 -0
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +10 -3
- data/lib/puppet/pops/loader/static_loader.rb +23 -44
- data/lib/puppet/pops/loader/task_instantiator.rb +44 -0
- data/lib/puppet/pops/loader/type_definition_instantiator.rb +8 -1
- data/lib/puppet/pops/loaders.rb +169 -50
- data/lib/puppet/pops/lookup/context.rb +1 -1
- data/lib/puppet/pops/lookup/data_dig_function_provider.rb +1 -1
- data/lib/puppet/pops/lookup/global_data_provider.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +16 -2
- data/lib/puppet/pops/lookup/interpolation.rb +3 -2
- data/lib/puppet/pops/lookup/invocation.rb +10 -3
- data/lib/puppet/pops/lookup/key_recorder.rb +18 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +65 -9
- data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
- data/lib/puppet/pops/lookup.rb +1 -0
- data/lib/puppet/pops/merge_strategy.rb +22 -18
- data/lib/puppet/pops/model/ast.pp +19 -0
- data/lib/puppet/pops/model/ast.rb +129 -1
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +93 -13
- data/lib/puppet/pops/model/model_label_provider.rb +9 -1
- data/lib/puppet/pops/model/model_tree_dumper.rb +16 -1
- data/lib/puppet/pops/model/pn_transformer.rb +401 -0
- data/lib/puppet/pops/model/tree_dumper.rb +1 -1
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +60 -18
- data/lib/puppet/pops/parser/eparser.rb +1926 -1745
- data/lib/puppet/pops/parser/epp_parser.rb +1 -1
- data/lib/puppet/pops/parser/epp_support.rb +9 -6
- data/lib/puppet/pops/parser/evaluating_parser.rb +9 -12
- data/lib/puppet/pops/parser/heredoc_support.rb +20 -10
- data/lib/puppet/pops/parser/interpolation_support.rb +16 -11
- data/lib/puppet/pops/parser/lexer2.rb +109 -100
- data/lib/puppet/pops/parser/lexer_support.rb +5 -4
- data/lib/puppet/pops/parser/locatable.rb +1 -1
- data/lib/puppet/pops/parser/locator.rb +116 -103
- data/lib/puppet/pops/parser/parser_support.rb +14 -5
- data/lib/puppet/pops/parser/pn_parser.rb +317 -0
- data/lib/puppet/pops/parser/slurp_support.rb +1 -3
- data/lib/puppet/pops/pcore.rb +43 -10
- data/lib/puppet/pops/pn.rb +236 -0
- data/lib/puppet/pops/puppet_stack.rb +55 -37
- data/lib/puppet/pops/resource/param.rb +1 -1
- data/lib/puppet/pops/resource/resource_type_impl.rb +4 -2
- data/lib/puppet/pops/serialization/abstract_reader.rb +4 -0
- data/lib/puppet/pops/serialization/abstract_writer.rb +6 -0
- data/lib/puppet/pops/serialization/extension.rb +1 -0
- data/lib/puppet/pops/serialization/from_data_converter.rb +68 -13
- data/lib/puppet/pops/serialization/json.rb +7 -7
- data/lib/puppet/pops/serialization/json_path.rb +5 -4
- data/lib/puppet/pops/serialization/object.rb +3 -4
- data/lib/puppet/pops/serialization/serializer.rb +2 -1
- data/lib/puppet/pops/serialization/to_data_converter.rb +24 -12
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
- data/lib/puppet/pops/serialization.rb +4 -2
- data/lib/puppet/pops/time/timespan.rb +4 -6
- data/lib/puppet/pops/types/class_loader.rb +6 -3
- data/lib/puppet/pops/types/implementation_registry.rb +28 -35
- data/lib/puppet/pops/types/iterable.rb +68 -13
- data/lib/puppet/pops/types/p_binary_type.rb +1 -2
- data/lib/puppet/pops/types/p_init_type.rb +1 -1
- data/lib/puppet/pops/types/p_meta_type.rb +5 -1
- data/lib/puppet/pops/types/p_object_type.rb +152 -17
- data/lib/puppet/pops/types/p_object_type_extension.rb +228 -0
- data/lib/puppet/pops/types/p_sem_ver_range_type.rb +0 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +18 -4
- data/lib/puppet/pops/types/p_sensitive_type.rb +11 -1
- data/lib/puppet/pops/types/p_timespan_type.rb +4 -4
- data/lib/puppet/pops/types/p_type_set_type.rb +28 -2
- data/lib/puppet/pops/types/p_uri_type.rb +190 -0
- data/lib/puppet/pops/types/puppet_object.rb +15 -1
- data/lib/puppet/pops/types/ruby_generator.rb +49 -58
- data/lib/puppet/pops/types/string_converter.rb +55 -23
- data/lib/puppet/pops/types/tree_iterators.rb +5 -1
- data/lib/puppet/pops/types/type_acceptor.rb +1 -1
- data/lib/puppet/pops/types/type_calculator.rb +45 -16
- data/lib/puppet/pops/types/type_factory.rb +46 -9
- data/lib/puppet/pops/types/type_formatter.rb +79 -17
- data/lib/puppet/pops/types/type_mismatch_describer.rb +3 -3
- data/lib/puppet/pops/types/type_parser.rb +112 -15
- data/lib/puppet/pops/types/type_with_members.rb +43 -0
- data/lib/puppet/pops/types/types.rb +231 -115
- data/lib/puppet/pops/utils.rb +2 -2
- data/lib/puppet/pops/validation/checker4_0.rb +181 -12
- data/lib/puppet/pops/validation/tasks_checker.rb +105 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +14 -8
- data/lib/puppet/pops/validation.rb +13 -20
- data/lib/puppet/pops/visitor.rb +12 -6
- data/lib/puppet/pops.rb +2 -1
- data/lib/puppet/property/ensure.rb +3 -2
- data/lib/puppet/property/keyvalue.rb +72 -9
- data/lib/puppet/property/list.rb +3 -2
- data/lib/puppet/property.rb +21 -18
- data/lib/puppet/provider/aix_object.rb +485 -0
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/exec.rb +71 -64
- data/lib/puppet/provider/file/posix.rb +11 -3
- data/lib/puppet/provider/file/windows.rb +50 -2
- data/lib/puppet/provider/group/aix.rb +69 -113
- data/lib/puppet/provider/group/groupadd.rb +92 -24
- data/lib/puppet/provider/group/ldap.rb +7 -4
- data/lib/puppet/provider/group/pw.rb +4 -2
- data/lib/puppet/provider/group/windows_adsi.rb +12 -8
- data/lib/puppet/provider/ldap.rb +8 -4
- data/lib/puppet/provider/nameservice/directoryservice.rb +12 -8
- data/lib/puppet/provider/nameservice/objectadd.rb +13 -24
- data/lib/puppet/provider/nameservice/pw.rb +14 -14
- data/lib/puppet/provider/nameservice.rb +20 -29
- data/lib/puppet/provider/network_device.rb +4 -2
- data/lib/puppet/provider/package/aix.rb +21 -4
- data/lib/puppet/provider/package/appdmg.rb +4 -3
- data/lib/puppet/provider/package/apple.rb +2 -2
- data/lib/puppet/provider/package/apt.rb +156 -10
- data/lib/puppet/provider/package/aptitude.rb +7 -1
- data/lib/puppet/provider/package/blastwave.rb +2 -1
- data/lib/puppet/provider/package/dnf.rb +7 -4
- data/lib/puppet/provider/package/dnfmodule.rb +141 -0
- data/lib/puppet/provider/package/dpkg.rb +51 -14
- data/lib/puppet/provider/package/fink.rb +22 -4
- data/lib/puppet/provider/package/gem.rb +151 -53
- data/lib/puppet/provider/package/macports.rb +8 -5
- data/lib/puppet/provider/package/nim.rb +19 -10
- data/lib/puppet/provider/package/openbsd.rb +30 -12
- data/lib/puppet/provider/package/opkg.rb +2 -1
- data/lib/puppet/provider/package/pacman.rb +9 -12
- data/lib/puppet/provider/package/pip.rb +271 -115
- data/lib/puppet/provider/package/pip2.rb +17 -0
- data/lib/puppet/provider/package/pip3.rb +2 -5
- data/lib/puppet/provider/package/pkg.rb +57 -10
- data/lib/puppet/provider/package/pkgdmg.rb +8 -7
- data/lib/puppet/provider/package/pkgng.rb +56 -26
- data/lib/puppet/provider/package/pkgutil.rb +4 -3
- data/lib/puppet/provider/package/portage.rb +32 -23
- data/lib/puppet/provider/package/portupgrade.rb +2 -1
- data/lib/puppet/provider/package/puppet_gem.rb +12 -3
- data/lib/puppet/provider/package/puppetserver_gem.rb +171 -0
- data/lib/puppet/provider/package/rpm.rb +87 -242
- data/lib/puppet/provider/package/sun.rb +2 -2
- data/lib/puppet/provider/package/windows/exe_package.rb +45 -10
- data/lib/puppet/provider/package/windows/msi_package.rb +8 -0
- data/lib/puppet/provider/package/windows/package.rb +14 -4
- data/lib/puppet/provider/package/windows.rb +21 -4
- data/lib/puppet/provider/package/yum.rb +143 -39
- data/lib/puppet/provider/package/zypper.rb +68 -7
- data/lib/puppet/provider/package.rb +4 -1
- data/lib/puppet/provider/package_targetable.rb +69 -0
- data/lib/puppet/provider/parsedfile.rb +43 -12
- data/lib/puppet/provider/service/base.rb +10 -7
- data/lib/puppet/provider/service/daemontools.rb +9 -9
- data/lib/puppet/provider/service/debian.rb +3 -0
- data/lib/puppet/provider/service/init.rb +11 -9
- data/lib/puppet/provider/service/launchd.rb +49 -17
- data/lib/puppet/provider/service/openbsd.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +3 -2
- data/lib/puppet/provider/service/runit.rb +2 -8
- data/lib/puppet/provider/service/service.rb +2 -1
- data/lib/puppet/provider/service/smf.rb +60 -6
- data/lib/puppet/provider/service/systemd.rb +70 -26
- data/lib/puppet/provider/service/upstart.rb +39 -13
- data/lib/puppet/provider/service/windows.rb +117 -41
- data/lib/puppet/provider/user/aix.rb +223 -244
- data/lib/puppet/provider/user/directoryservice.rb +72 -16
- data/lib/puppet/provider/user/hpux.rb +2 -2
- data/lib/puppet/provider/user/ldap.rb +8 -4
- data/lib/puppet/provider/user/openbsd.rb +3 -2
- data/lib/puppet/provider/user/pw.rb +15 -5
- data/lib/puppet/provider/user/user_role_add.rb +17 -5
- data/lib/puppet/provider/user/useradd.rb +237 -62
- data/lib/puppet/provider/user/windows_adsi.rb +26 -2
- data/lib/puppet/provider.rb +41 -19
- data/lib/puppet/reference/configuration.rb +12 -3
- data/lib/puppet/reference/indirection.rb +2 -2
- data/lib/puppet/reference/metaparameter.rb +1 -3
- data/lib/puppet/reference/providers.rb +6 -7
- data/lib/puppet/reference/report.rb +1 -1
- data/lib/puppet/reference/type.rb +14 -19
- data/lib/puppet/relationship.rb +4 -9
- data/lib/puppet/reports/http.rb +15 -8
- data/lib/puppet/reports/store.rb +1 -1
- data/lib/puppet/reports.rb +3 -3
- data/lib/puppet/resource/capability_finder.rb +18 -14
- data/lib/puppet/resource/catalog.rb +49 -64
- data/lib/puppet/resource/status.rb +11 -3
- data/lib/puppet/resource/type.rb +28 -11
- data/lib/puppet/resource/type_collection.rb +27 -20
- data/lib/puppet/resource.rb +100 -24
- data/lib/puppet/rest/errors.rb +15 -0
- data/lib/puppet/rest/response.rb +35 -0
- data/lib/puppet/rest/route.rb +85 -0
- data/lib/puppet/rest/routes.rb +135 -0
- data/lib/puppet/runtime.rb +66 -0
- data/lib/puppet/settings/alias_setting.rb +37 -0
- data/lib/puppet/settings/base_setting.rb +34 -4
- data/lib/puppet/settings/config_file.rb +5 -5
- data/lib/puppet/settings/environment_conf.rb +12 -2
- data/lib/puppet/settings/file_setting.rb +3 -2
- data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
- data/lib/puppet/settings/ini_file.rb +67 -12
- data/lib/puppet/settings/server_list_setting.rb +9 -0
- data/lib/puppet/settings/ttl_setting.rb +5 -0
- data/lib/puppet/settings.rb +220 -67
- data/lib/puppet/ssl/base.rb +4 -11
- data/lib/puppet/ssl/certificate.rb +11 -4
- data/lib/puppet/ssl/certificate_request.rb +31 -23
- data/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
- data/lib/puppet/ssl/certificate_signer.rb +11 -0
- data/lib/puppet/ssl/error.rb +26 -0
- data/lib/puppet/ssl/host.rb +291 -186
- data/lib/puppet/ssl/key.rb +5 -7
- data/lib/puppet/ssl/oids.rb +4 -3
- data/lib/puppet/ssl/openssl_loader.rb +24 -0
- data/lib/puppet/ssl/ssl_context.rb +30 -0
- data/lib/puppet/ssl/ssl_provider.rb +333 -0
- data/lib/puppet/ssl/state_machine.rb +472 -0
- data/lib/puppet/ssl/validator/default_validator.rb +61 -25
- data/lib/puppet/ssl/validator/no_validator.rb +3 -1
- data/lib/puppet/ssl/validator.rb +2 -1
- data/lib/puppet/ssl/verifier.rb +140 -0
- data/lib/puppet/ssl/verifier_adapter.rb +58 -0
- data/lib/puppet/ssl.rb +9 -3
- data/lib/puppet/syntax_checkers/base64.rb +1 -1
- data/lib/puppet/syntax_checkers/epp.rb +34 -0
- data/lib/puppet/syntax_checkers/json.rb +1 -1
- data/lib/puppet/syntax_checkers/pp.rb +34 -0
- data/lib/puppet/test/test_helper.rb +33 -18
- data/lib/puppet/thread_local.rb +7 -0
- data/lib/puppet/transaction/additional_resource_generator.rb +3 -3
- data/lib/puppet/transaction/event.rb +40 -16
- data/lib/puppet/transaction/event_manager.rb +17 -5
- data/lib/puppet/transaction/persistence.rb +22 -2
- data/lib/puppet/transaction/report.rb +57 -34
- data/lib/puppet/transaction/resource_harness.rb +9 -4
- data/lib/puppet/transaction.rb +77 -23
- data/lib/puppet/trusted_external.rb +41 -0
- data/lib/puppet/type/component.rb +2 -1
- data/lib/puppet/type/exec.rb +156 -66
- data/lib/puppet/type/file/checksum.rb +10 -4
- data/lib/puppet/type/file/checksum_value.rb +4 -3
- data/lib/puppet/type/file/content.rb +24 -8
- data/lib/puppet/type/file/ctime.rb +2 -1
- data/lib/puppet/type/file/data_sync.rb +8 -3
- data/lib/puppet/type/file/ensure.rb +11 -8
- data/lib/puppet/type/file/mode.rb +15 -3
- data/lib/puppet/type/file/mtime.rb +2 -1
- data/lib/puppet/type/file/selcontext.rb +2 -1
- data/lib/puppet/type/file/source.rb +98 -75
- data/lib/puppet/type/file/target.rb +2 -1
- data/lib/puppet/type/file/type.rb +2 -1
- data/lib/puppet/type/file.rb +146 -51
- data/lib/puppet/type/filebucket.rb +15 -11
- data/lib/puppet/type/group.rb +43 -12
- data/lib/puppet/type/notify.rb +6 -5
- data/lib/puppet/type/package.rb +185 -35
- data/lib/puppet/type/resources.rb +15 -4
- data/lib/puppet/type/schedule.rb +59 -99
- data/lib/puppet/type/service.rb +76 -25
- data/lib/puppet/type/stage.rb +1 -1
- data/lib/puppet/type/tidy.rb +57 -18
- data/lib/puppet/type/user.rb +186 -101
- data/lib/puppet/type.rb +159 -90
- data/lib/puppet/util/at_fork.rb +1 -1
- data/lib/puppet/util/autoload.rb +51 -62
- data/lib/puppet/util/backups.rb +1 -1
- data/lib/puppet/util/character_encoding.rb +11 -29
- data/lib/puppet/util/checksums.rb +101 -7
- data/lib/puppet/util/classgen.rb +12 -12
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/command_line.rb +16 -10
- data/lib/puppet/util/connection.rb +88 -0
- data/lib/puppet/util/diff.rb +4 -2
- data/lib/puppet/util/errors.rb +0 -2
- data/lib/puppet/util/execution.rb +28 -11
- data/lib/puppet/util/fact_dif.rb +81 -0
- data/lib/puppet/util/feature.rb +77 -43
- data/lib/puppet/util/fileparsing.rb +79 -46
- data/lib/puppet/util/filetype.rb +62 -13
- data/lib/puppet/util/http_proxy.rb +37 -25
- data/lib/puppet/util/inifile.rb +3 -4
- data/lib/puppet/util/instance_loader.rb +16 -29
- data/lib/puppet/util/json.rb +89 -0
- data/lib/puppet/util/json_lockfile.rb +3 -3
- data/lib/puppet/util/ldap/connection.rb +11 -9
- data/lib/puppet/util/ldap/manager.rb +6 -3
- data/lib/puppet/util/log/destinations.rb +21 -17
- data/lib/puppet/util/log.rb +26 -17
- data/lib/puppet/util/logging.rb +36 -47
- data/lib/puppet/util/metric.rb +4 -3
- data/lib/puppet/util/monkey_patches.rb +76 -23
- data/lib/puppet/util/network_device/base.rb +1 -1
- data/lib/puppet/util/network_device/config.rb +2 -3
- data/lib/puppet/util/package/version/debian.rb +175 -0
- data/lib/puppet/util/package/version/gem.rb +15 -0
- data/lib/puppet/util/package/version/pip.rb +167 -0
- data/lib/puppet/util/package/version/range/eq.rb +14 -0
- data/lib/puppet/util/package/version/range/gt.rb +14 -0
- data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/lt.rb +14 -0
- data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/min_max.rb +21 -0
- data/lib/puppet/util/package/version/range/simple.rb +11 -0
- data/lib/puppet/util/package/version/range.rb +53 -0
- data/lib/puppet/util/package/version/rpm.rb +73 -0
- data/lib/puppet/util/package.rb +25 -16
- data/lib/puppet/util/pidlock.rb +45 -5
- data/lib/puppet/util/platform.rb +48 -0
- data/lib/puppet/util/plist.rb +10 -4
- data/lib/puppet/util/posix.rb +69 -3
- data/lib/puppet/util/provider_features.rb +5 -10
- data/lib/puppet/util/rdoc/code_objects.rb +2 -1
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +6 -4
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +2 -2
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
- data/lib/puppet/util/rdoc.rb +2 -2
- data/lib/puppet/util/reference.rb +10 -16
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/rpm_compare.rb +193 -0
- data/lib/puppet/util/rubygems.rb +6 -14
- data/lib/puppet/util/run_mode.rb +6 -2
- data/lib/puppet/util/selinux.rb +41 -8
- data/lib/puppet/util/skip_tags.rb +4 -0
- data/lib/puppet/util/ssl.rb +31 -1
- data/lib/puppet/util/storage.rb +13 -2
- data/lib/puppet/util/suidmanager.rb +8 -7
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/tag_set.rb +1 -1
- data/lib/puppet/util/tagging.rb +19 -5
- data/lib/puppet/util/warnings.rb +0 -2
- data/lib/puppet/util/windows/adsi.rb +305 -206
- data/lib/puppet/util/windows/api_types.rb +60 -33
- data/lib/puppet/util/windows/com.rb +2 -1
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/file.rb +20 -2
- data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
- data/lib/puppet/util/windows/principal.rb +24 -14
- data/lib/puppet/util/windows/process.rb +93 -4
- data/lib/puppet/util/windows/registry.rb +48 -16
- data/lib/puppet/util/windows/root_certs.rb +1 -1
- data/lib/puppet/util/windows/security.rb +66 -16
- data/lib/puppet/util/windows/service.rb +1147 -0
- data/lib/puppet/util/windows/sid.rb +68 -12
- data/lib/puppet/util/windows/user.rb +254 -14
- data/lib/puppet/util/windows.rb +23 -2
- data/lib/puppet/util/yaml.rb +62 -7
- data/lib/puppet/util.rb +130 -55
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +18 -18
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +2 -5
- data/lib/puppet/x509/cert_provider.rb +355 -0
- data/lib/puppet/x509/pem_store.rb +55 -0
- data/lib/puppet/x509.rb +7 -0
- data/lib/puppet.rb +83 -36
- data/lib/puppet_pal.rb +8 -0
- data/locales/puppet.pot +5 -9763
- data/man/man5/puppet.conf.5 +651 -390
- data/man/man8/puppet-agent.8 +88 -67
- data/man/man8/puppet-apply.8 +8 -5
- data/man/man8/puppet-catalog.8 +39 -11
- data/man/man8/puppet-config.8 +42 -8
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +55 -22
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +35 -13
- data/man/man8/puppet-facts.8 +144 -6
- data/man/man8/puppet-filebucket.8 +58 -12
- data/man/man8/puppet-generate.8 +2 -2
- data/man/man8/puppet-help.8 +7 -4
- data/man/man8/puppet-key.8 +9 -15
- data/man/man8/puppet-lookup.8 +10 -7
- data/man/man8/puppet-man.8 +11 -5
- data/man/man8/puppet-module.8 +28 -106
- data/man/man8/puppet-node.8 +13 -13
- data/man/man8/puppet-parser.8 +32 -9
- data/man/man8/puppet-plugin.8 +2 -2
- data/man/man8/puppet-report.8 +9 -6
- data/man/man8/puppet-resource.8 +2 -2
- data/man/man8/puppet-script.8 +70 -0
- data/man/man8/puppet-ssl.8 +59 -0
- data/man/man8/puppet-status.8 +7 -7
- data/man/man8/puppet.8 +12 -3
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +92 -0
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/{lib/puppet/vendor/semantic_puppet → spec/fixtures/integration/l10n/envs/prod/modules/demo}/locales/config.yaml +8 -4
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/fixtures/ssl/127.0.0.1-key.pem +117 -0
- data/spec/fixtures/ssl/127.0.0.1.pem +69 -0
- data/spec/fixtures/ssl/bad-basic-constraints.pem +81 -0
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +81 -0
- data/spec/fixtures/ssl/ca.pem +81 -0
- data/spec/fixtures/ssl/crl.pem +40 -0
- data/spec/fixtures/ssl/ec-key.pem +18 -0
- data/spec/fixtures/ssl/ec.pem +49 -0
- data/spec/fixtures/ssl/encrypted-ec-key.pem +21 -0
- data/spec/fixtures/ssl/encrypted-key.pem +120 -0
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +40 -0
- data/spec/fixtures/ssl/intermediate-agent.pem +81 -0
- data/spec/fixtures/ssl/intermediate-crl.pem +46 -0
- data/spec/fixtures/ssl/intermediate.pem +81 -0
- data/spec/fixtures/ssl/netlock-arany-utf8.pem +23 -0
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +117 -0
- data/spec/fixtures/ssl/pluto.pem +66 -0
- data/spec/fixtures/ssl/request-key.pem +117 -0
- data/spec/fixtures/ssl/request.pem +60 -0
- data/spec/fixtures/ssl/revoked-key.pem +117 -0
- data/spec/fixtures/ssl/revoked.pem +66 -0
- data/spec/fixtures/ssl/signed-key.pem +117 -0
- data/spec/fixtures/ssl/signed.pem +66 -0
- data/spec/fixtures/ssl/tampered-cert.pem +66 -0
- data/spec/fixtures/ssl/tampered-csr.pem +60 -0
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +117 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +69 -0
- data/spec/fixtures/ssl/unknown-ca-key.pem +117 -0
- data/spec/fixtures/ssl/unknown-ca.pem +81 -0
- data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
- data/spec/fixtures/unit/forge/bacula.json +76 -0
- data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
- data/spec/fixtures/unit/functions/hiera/hiera/backend/hieraspec_backend.rb +22 -0
- data/spec/fixtures/unit/functions/lookup/hiera/backend/custom_backend.rb +18 -0
- data/spec/fixtures/unit/functions/lookup/hiera/backend/other_backend.rb +7 -0
- data/spec/fixtures/unit/pops/binder/bindings_composer/ok/modules/awesome2/lib/puppet_x/awesome2/echo_scheme_handler.rb +1 -1
- data/spec/fixtures/unit/pops/loaders/loaders/dependent_modules_with_metadata/modules/user/manifests/init.pp +6 -6
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load2.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load3.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load4.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load5.rb +12 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/func_with_syntax_error.rb +9 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/good_func_load.rb +9 -0
- data/spec/fixtures/unit/provider/aix_object/aix_colon_list_real_world_input.out +1 -0
- data/spec/fixtures/unit/provider/aix_object/aix_colon_list_real_world_output.out +1 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.query +7 -1
- data/spec/fixtures/unit/provider/package/pkgng/pkg.query.zsh +1 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
- data/spec/fixtures/unit/provider/parsedfile/aliases.txt +2 -0
- data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +6 -0
- data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +13 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +36 -0
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
- data/spec/integration/agent/logging_spec.rb +7 -9
- data/spec/integration/application/agent_spec.rb +848 -0
- data/spec/integration/application/apply_spec.rb +338 -178
- data/spec/integration/application/doc_spec.rb +16 -7
- data/spec/integration/application/filebucket_spec.rb +255 -0
- data/spec/integration/application/help_spec.rb +42 -0
- data/spec/integration/application/lookup_spec.rb +105 -40
- data/spec/integration/application/module_spec.rb +89 -0
- data/spec/integration/application/plugin_spec.rb +123 -0
- data/spec/integration/application/resource_spec.rb +68 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/configurer_spec.rb +109 -12
- data/spec/integration/data_binding_spec.rb +83 -0
- data/spec/integration/defaults_spec.rb +30 -19
- data/spec/integration/directory_environments_spec.rb +17 -17
- data/spec/integration/environments/setting_hooks_spec.rb +1 -1
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/http/client_spec.rb +213 -0
- data/spec/integration/indirector/catalog/compiler_spec.rb +10 -11
- data/spec/integration/indirector/direct_file_server_spec.rb +2 -4
- data/spec/integration/indirector/facts/facter_spec.rb +112 -63
- data/spec/integration/indirector/file_content/file_server_spec.rb +7 -8
- data/spec/integration/indirector/file_metadata/file_server_spec.rb +7 -8
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/network/authconfig_spec.rb +23 -24
- data/spec/integration/network/formats_spec.rb +0 -1
- data/spec/integration/network/http/api/indirected_routes_spec.rb +9 -38
- data/spec/integration/network/http_pool_spec.rb +293 -0
- data/spec/integration/node/environment_spec.rb +16 -2
- data/spec/integration/node/facts_spec.rb +9 -10
- data/spec/integration/node_spec.rb +6 -11
- data/spec/integration/parser/catalog_spec.rb +8 -8
- data/spec/integration/parser/collection_spec.rb +6 -11
- data/spec/integration/parser/compiler_spec.rb +60 -30
- data/spec/integration/parser/pcore_resource_spec.rb +13 -3
- data/spec/integration/parser/scope_spec.rb +3 -3
- data/spec/integration/parser/script_compiler_spec.rb +113 -0
- data/spec/integration/parser/undef_param_spec.rb +1 -1
- data/spec/integration/provider/file/windows_spec.rb +162 -0
- data/spec/integration/resource/catalog_spec.rb +14 -17
- data/spec/integration/resource/type_collection_spec.rb +3 -8
- data/spec/integration/transaction/report_spec.rb +12 -17
- data/spec/integration/transaction_spec.rb +37 -39
- data/spec/integration/type/exec_spec.rb +71 -47
- data/spec/integration/type/file_spec.rb +142 -42
- data/spec/integration/type/notify_spec.rb +46 -0
- data/spec/integration/type/package_spec.rb +27 -31
- data/spec/integration/type/tidy_spec.rb +1 -2
- data/spec/integration/type_spec.rb +1 -3
- data/spec/integration/util/autoload_spec.rb +10 -8
- data/spec/integration/util/execution_spec.rb +54 -5
- data/spec/integration/util/rdoc/parser_spec.rb +14 -25
- data/spec/integration/util/settings_spec.rb +2 -2
- data/spec/integration/util/windows/adsi_spec.rb +116 -8
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
- data/spec/integration/util/windows/principal_spec.rb +33 -4
- data/spec/integration/util/windows/process_spec.rb +28 -44
- data/spec/integration/util/windows/registry_spec.rb +130 -53
- data/spec/integration/util/windows/security_spec.rb +103 -12
- data/spec/integration/util/windows/user_spec.rb +108 -29
- data/spec/integration/util_spec.rb +9 -38
- data/spec/lib/matchers/json.rb +13 -19
- data/{lib/puppet/ssl → spec/lib/puppet}/certificate_factory.rb +7 -8
- data/spec/lib/puppet/test_ca.rb +164 -0
- data/spec/lib/puppet_spec/compiler.rb +28 -1
- data/spec/lib/puppet_spec/files.rb +28 -24
- data/spec/lib/puppet_spec/fixtures.rb +24 -0
- data/spec/lib/puppet_spec/https.rb +95 -0
- data/spec/lib/puppet_spec/language.rb +34 -35
- data/spec/lib/puppet_spec/matchers.rb +0 -93
- data/spec/lib/puppet_spec/module_tool/shared_functions.rb +3 -3
- data/spec/lib/puppet_spec/modules.rb +39 -4
- data/spec/lib/puppet_spec/puppetserver.rb +179 -0
- data/spec/lib/puppet_spec/scope.rb +1 -2
- data/spec/lib/puppet_spec/settings.rb +7 -1
- data/spec/lib/puppet_spec/ssl.rb +265 -0
- data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_behaviours/file_server_terminus.rb +8 -11
- data/spec/shared_behaviours/file_serving.rb +6 -8
- data/spec/shared_behaviours/hiera_indirections.rb +3 -4
- data/spec/shared_behaviours/iterative_functions.rb +0 -1
- data/spec/shared_behaviours/memory_terminus.rb +2 -2
- data/spec/shared_behaviours/path_parameters.rb +1 -1
- data/spec/shared_behaviours/things_that_declare_options.rb +2 -2
- data/spec/shared_contexts/checksum.rb +4 -1
- data/spec/shared_contexts/digests.rb +46 -1
- data/spec/shared_contexts/https.rb +29 -0
- data/spec/shared_contexts/l10n.rb +32 -0
- data/spec/shared_contexts/types_setup.rb +10 -3
- data/spec/shared_examples/rhel_package_provider.rb +112 -70
- data/spec/spec_helper.rb +49 -22
- data/spec/unit/agent/disabler_spec.rb +4 -5
- data/spec/unit/agent/locker_spec.rb +12 -13
- data/spec/unit/agent_spec.rb +181 -104
- data/spec/unit/application/agent_spec.rb +159 -130
- data/spec/unit/application/apply_spec.rb +199 -145
- data/spec/unit/application/config_spec.rb +224 -5
- data/spec/unit/application/describe_spec.rb +88 -51
- data/spec/unit/application/device_spec.rb +424 -300
- data/spec/unit/application/doc_spec.rb +46 -48
- data/spec/unit/application/face_base_spec.rb +69 -68
- data/spec/unit/application/facts_spec.rb +518 -9
- data/spec/unit/application/filebucket_spec.rb +98 -74
- data/spec/unit/application/indirection_base_spec.rb +8 -6
- data/spec/unit/application/lookup_spec.rb +176 -47
- data/spec/unit/application/man_spec.rb +52 -0
- data/spec/unit/application/resource_spec.rb +76 -51
- data/spec/unit/application/ssl_spec.rb +458 -0
- data/spec/unit/application_spec.rb +171 -94
- data/spec/unit/capability_spec.rb +17 -15
- data/spec/unit/{ssl/certificate_factory_spec.rb → certificate_factory_spec.rb} +11 -22
- data/spec/unit/concurrent/lock_spec.rb +29 -0
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
- data/spec/unit/configurer/downloader_spec.rb +41 -21
- data/spec/unit/configurer/fact_handler_spec.rb +6 -11
- data/spec/unit/configurer/plugin_handler_spec.rb +71 -48
- data/spec/unit/configurer_spec.rb +851 -480
- data/spec/unit/confine/exists_spec.rb +17 -15
- data/spec/unit/confine/false_spec.rb +32 -6
- data/spec/unit/confine/feature_spec.rb +7 -5
- data/spec/unit/confine/true_spec.rb +32 -6
- data/spec/unit/confine/variable_spec.rb +14 -15
- data/spec/unit/confine_collection_spec.rb +28 -29
- data/spec/unit/confine_spec.rb +36 -14
- data/spec/unit/confiner_spec.rb +10 -11
- data/spec/unit/context/trusted_information_spec.rb +68 -5
- data/spec/unit/context_spec.rb +119 -38
- data/spec/unit/daemon_spec.rb +39 -107
- data/spec/unit/data_providers/function_data_provider_spec.rb +0 -1
- data/spec/unit/data_providers/hiera_data_provider_spec.rb +4 -5
- data/spec/unit/datatypes_spec.rb +352 -0
- data/spec/unit/defaults_spec.rb +182 -19
- data/spec/unit/environments_spec.rb +592 -104
- data/spec/unit/etc_spec.rb +52 -29
- data/spec/unit/external/pson_spec.rb +0 -1
- data/spec/unit/face/config_spec.rb +247 -33
- data/spec/unit/face/epp_face_spec.rb +63 -9
- data/spec/unit/face/facts_spec.rb +70 -1
- data/spec/unit/face/generate_spec.rb +68 -5
- data/spec/unit/face/help_spec.rb +67 -74
- data/spec/unit/face/key_spec.rb +0 -1
- data/spec/unit/face/module/install_spec.rb +3 -5
- data/spec/unit/face/module/list_spec.rb +2 -73
- data/spec/unit/face/module/search_spec.rb +39 -9
- data/spec/unit/face/module/uninstall_spec.rb +4 -8
- data/spec/unit/face/node_spec.rb +22 -59
- data/spec/unit/face/parser_spec.rb +177 -25
- data/spec/unit/face/plugin_spec.rb +56 -19
- data/spec/unit/face/status_spec.rb +0 -1
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +39 -28
- data/spec/unit/file_bucket/file_spec.rb +0 -2
- data/spec/unit/file_serving/base_spec.rb +17 -21
- data/spec/unit/file_serving/configuration/parser_spec.rb +49 -28
- data/spec/unit/file_serving/configuration_spec.rb +77 -70
- data/spec/unit/file_serving/content_spec.rb +10 -12
- data/spec/unit/file_serving/fileset_spec.rb +123 -59
- data/spec/unit/file_serving/http_metadata_spec.rb +38 -14
- data/spec/unit/file_serving/metadata_spec.rb +41 -42
- data/spec/unit/file_serving/mount/file_spec.rb +31 -32
- data/spec/unit/file_serving/mount/locales_spec.rb +25 -26
- data/spec/unit/file_serving/mount/modules_spec.rb +14 -15
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +25 -26
- data/spec/unit/file_serving/mount/plugins_spec.rb +25 -26
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_serving/mount/tasks_spec.rb +14 -15
- data/spec/unit/file_serving/mount_spec.rb +0 -1
- data/spec/unit/file_serving/terminus_helper_spec.rb +47 -45
- data/spec/unit/file_serving/terminus_selector_spec.rb +45 -29
- data/spec/unit/file_system/path_pattern_spec.rb +1 -1
- data/spec/unit/file_system/uniquefile_spec.rb +41 -6
- data/spec/unit/file_system_spec.rb +330 -9
- data/spec/unit/forge/errors_spec.rb +1 -1
- data/spec/unit/forge/forge_spec.rb +14 -57
- data/spec/unit/forge/module_release_spec.rb +161 -48
- data/spec/unit/forge/repository_spec.rb +66 -163
- data/spec/unit/forge_spec.rb +47 -114
- data/spec/unit/functions/abs_spec.rb +70 -0
- data/spec/unit/functions/assert_type_spec.rb +2 -2
- data/spec/unit/functions/binary_file_spec.rb +3 -3
- data/spec/unit/functions/break_spec.rb +34 -2
- data/spec/unit/functions/call_spec.rb +59 -5
- data/spec/unit/functions/camelcase_spec.rb +34 -0
- data/spec/unit/functions/capitalize_spec.rb +34 -0
- data/spec/unit/functions/ceiling_spec.rb +65 -0
- data/spec/unit/functions/chomp_spec.rb +46 -0
- data/spec/unit/functions/chop_spec.rb +38 -0
- data/spec/unit/functions/compare_spec.rb +147 -0
- data/spec/unit/functions/contain_spec.rb +2 -3
- data/spec/unit/functions/convert_to_spec.rb +25 -0
- data/spec/unit/functions/defined_spec.rb +0 -1
- data/spec/unit/functions/downcase_spec.rb +34 -0
- data/spec/unit/functions/empty_spec.rb +87 -0
- data/spec/unit/functions/epp_spec.rb +13 -5
- data/spec/unit/functions/filter_spec.rb +4 -4
- data/spec/unit/functions/find_file_spec.rb +7 -7
- data/spec/unit/functions/find_template_spec.rb +69 -0
- data/spec/unit/functions/flatten_spec.rb +31 -0
- data/spec/unit/functions/floor_spec.rb +65 -0
- data/spec/unit/functions/get_spec.rb +135 -0
- data/spec/unit/functions/getvar_spec.rb +121 -0
- data/spec/unit/functions/group_by_spec.rb +40 -0
- data/spec/unit/functions/hiera_spec.rb +14 -48
- data/spec/unit/functions/include_spec.rb +16 -5
- data/spec/unit/functions/index_spec.rb +184 -0
- data/spec/unit/functions/inline_epp_spec.rb +27 -2
- data/spec/unit/functions/join_spec.rb +33 -0
- data/spec/unit/functions/keys_spec.rb +31 -0
- data/spec/unit/functions/length_spec.rb +50 -0
- data/spec/unit/functions/logging_spec.rb +11 -3
- data/spec/unit/functions/lookup_fixture_spec.rb +1 -2
- data/spec/unit/functions/lookup_spec.rb +165 -63
- data/spec/unit/functions/lstrip_spec.rb +30 -0
- data/spec/unit/functions/match_spec.rb +21 -4
- data/spec/unit/functions/max_spec.rb +129 -0
- data/spec/unit/functions/min_spec.rb +129 -0
- data/spec/unit/functions/module_directory_spec.rb +43 -0
- data/spec/unit/functions/new_spec.rb +30 -14
- data/spec/unit/functions/partition_spec.rb +40 -0
- data/spec/unit/functions/regsubst_spec.rb +3 -4
- data/spec/unit/functions/require_spec.rb +1 -2
- data/spec/unit/functions/round_spec.rb +41 -0
- data/spec/unit/functions/rstrip_spec.rb +30 -0
- data/spec/unit/functions/shared.rb +15 -6
- data/spec/unit/functions/size_spec.rb +50 -0
- data/spec/unit/functions/sort_spec.rb +79 -0
- data/spec/unit/functions/split_spec.rb +3 -4
- data/spec/unit/functions/step_spec.rb +1 -1
- data/spec/unit/functions/strftime_spec.rb +2 -2
- data/spec/unit/functions/strip_spec.rb +30 -0
- data/spec/unit/functions/tree_each_spec.rb +49 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions/upcase_spec.rb +34 -0
- data/spec/unit/functions/values_spec.rb +30 -0
- data/spec/unit/functions/versioncmp_spec.rb +43 -9
- data/spec/unit/functions4_spec.rb +154 -86
- data/spec/unit/gettext/config_spec.rb +45 -14
- data/spec/unit/gettext/module_loading_spec.rb +7 -7
- data/spec/unit/graph/rb_tree_map_spec.rb +0 -2
- data/spec/unit/graph/relationship_graph_spec.rb +1 -2
- data/spec/unit/graph/simple_graph_spec.rb +51 -12
- data/spec/unit/hiera/scope_spec.rb +7 -0
- data/spec/unit/hiera_puppet_spec.rb +20 -20
- data/spec/unit/http/client_spec.rb +938 -0
- data/spec/unit/http/external_client_spec.rb +201 -0
- data/spec/unit/http/resolver_spec.rb +133 -0
- data/spec/unit/http/response_spec.rb +75 -0
- data/spec/unit/http/service/ca_spec.rb +198 -0
- data/spec/unit/http/service/compiler_spec.rb +806 -0
- data/spec/unit/http/service/file_server_spec.rb +307 -0
- data/spec/unit/http/service/puppetserver_spec.rb +82 -0
- data/spec/unit/http/service/report_spec.rb +117 -0
- data/spec/unit/http/service_spec.rb +144 -0
- data/spec/unit/http/session_spec.rb +307 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +343 -194
- data/spec/unit/indirector/catalog/json_spec.rb +10 -5
- data/spec/unit/indirector/catalog/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/catalog/rest_spec.rb +67 -3
- data/spec/unit/indirector/catalog/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/catalog/yaml_spec.rb +0 -1
- data/spec/unit/indirector/certificate/file_spec.rb +0 -9
- data/spec/unit/indirector/certificate/rest_spec.rb +8 -10
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -1
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -1
- data/spec/unit/indirector/direct_file_server_spec.rb +47 -50
- data/spec/unit/indirector/envelope_spec.rb +1 -2
- data/spec/unit/indirector/exec_spec.rb +29 -24
- data/spec/unit/indirector/face_spec.rb +8 -9
- data/spec/unit/indirector/facts/facter_spec.rb +131 -43
- data/spec/unit/indirector/facts/json_spec.rb +255 -0
- data/spec/unit/indirector/facts/network_device_spec.rb +8 -9
- data/spec/unit/indirector/facts/rest_spec.rb +99 -0
- data/spec/unit/indirector/facts/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/facts/yaml_spec.rb +95 -79
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +156 -100
- data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -9
- data/spec/unit/indirector/file_content/file_server_spec.rb +0 -1
- data/spec/unit/indirector/file_content/file_spec.rb +0 -1
- data/spec/unit/indirector/file_content/rest_spec.rb +53 -3
- data/spec/unit/indirector/file_content/selector_spec.rb +0 -1
- data/spec/unit/indirector/file_metadata/file_server_spec.rb +0 -1
- data/spec/unit/indirector/file_metadata/file_spec.rb +12 -13
- data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -3
- data/spec/unit/indirector/file_metadata/selector_spec.rb +0 -1
- data/spec/unit/indirector/file_server_spec.rb +143 -137
- data/spec/unit/indirector/indirection_spec.rb +296 -231
- data/spec/unit/indirector/json_spec.rb +10 -12
- data/spec/unit/indirector/key/file_spec.rb +20 -39
- data/spec/unit/indirector/memory_spec.rb +6 -7
- data/spec/unit/indirector/msgpack_spec.rb +10 -12
- data/spec/unit/indirector/node/exec_spec.rb +43 -23
- data/spec/unit/indirector/node/json_spec.rb +33 -0
- data/spec/unit/indirector/node/memory_spec.rb +2 -4
- data/spec/unit/indirector/node/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/node/plain_spec.rb +2 -4
- data/spec/unit/indirector/node/rest_spec.rb +57 -3
- data/spec/unit/indirector/node/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/node/yaml_spec.rb +0 -1
- data/spec/unit/indirector/none_spec.rb +5 -5
- data/spec/unit/indirector/plain_spec.rb +7 -8
- data/spec/unit/indirector/report/json_spec.rb +72 -0
- data/spec/unit/indirector/report/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/report/processor_spec.rb +21 -22
- data/spec/unit/indirector/report/rest_spec.rb +58 -52
- data/spec/unit/indirector/report/yaml_spec.rb +72 -9
- data/spec/unit/indirector/request_spec.rb +27 -29
- data/spec/unit/indirector/resource/ral_spec.rb +40 -82
- data/spec/unit/indirector/resource/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/rest_spec.rb +166 -107
- data/spec/unit/indirector/ssl_file_spec.rb +99 -122
- data/spec/unit/indirector/status/local_spec.rb +0 -1
- data/spec/unit/indirector/status/rest_spec.rb +43 -3
- data/spec/unit/indirector/terminus_spec.rb +29 -29
- data/spec/unit/indirector/yaml_spec.rb +92 -70
- data/spec/unit/indirector_spec.rb +2 -4
- data/spec/unit/info_service_spec.rb +195 -11
- data/spec/unit/interface/action_builder_spec.rb +0 -1
- data/spec/unit/interface/action_manager_spec.rb +1 -2
- data/spec/unit/interface/action_spec.rb +36 -13
- data/spec/unit/interface/documentation_spec.rb +0 -1
- data/spec/unit/interface/face_collection_spec.rb +19 -12
- data/spec/unit/interface_spec.rb +6 -6
- data/spec/unit/module_spec.rb +135 -113
- data/spec/unit/module_tool/applications/installer_spec.rb +116 -13
- data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
- data/spec/unit/module_tool/applications/uninstaller_spec.rb +16 -0
- data/spec/unit/module_tool/applications/unpacker_spec.rb +17 -17
- data/spec/unit/module_tool/applications/upgrader_spec.rb +11 -5
- data/spec/unit/module_tool/install_directory_spec.rb +8 -8
- data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
- data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
- data/spec/unit/module_tool/tar/mini_spec.rb +32 -12
- data/spec/unit/module_tool/tar_spec.rb +12 -13
- data/spec/unit/module_tool_spec.rb +7 -34
- data/spec/unit/network/auth_config_parser_spec.rb +11 -13
- data/spec/unit/network/authconfig_spec.rb +16 -20
- data/spec/unit/network/authorization_spec.rb +4 -5
- data/spec/unit/network/authstore_spec.rb +0 -16
- data/spec/unit/network/format_handler_spec.rb +0 -1
- data/spec/unit/network/format_spec.rb +9 -10
- data/spec/unit/network/format_support_spec.rb +29 -29
- data/spec/unit/network/formats_spec.rb +82 -18
- data/spec/unit/network/http/api/indirected_routes_spec.rb +54 -48
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +7 -9
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -2
- data/spec/unit/network/http/api/master/v3/environments_spec.rb +11 -23
- data/spec/unit/network/http/api_spec.rb +0 -28
- data/spec/unit/network/http/compression_spec.rb +27 -25
- data/spec/unit/network/http/connection_spec.rb +537 -275
- data/spec/unit/network/http/factory_spec.rb +82 -36
- data/spec/unit/network/http/handler_spec.rb +10 -23
- data/spec/unit/network/http/nocache_pool_spec.rb +32 -11
- data/spec/unit/network/http/pool_spec.rb +166 -59
- data/spec/unit/network/http/request_spec.rb +0 -2
- data/spec/unit/network/http/response_spec.rb +11 -13
- data/spec/unit/network/http/route_spec.rb +0 -1
- data/spec/unit/network/http/session_spec.rb +9 -3
- data/spec/unit/network/http/site_spec.rb +7 -1
- data/spec/unit/network/http_pool_spec.rb +99 -48
- data/spec/unit/network/http_spec.rb +1 -2
- data/spec/unit/network/resolver_spec.rb +103 -29
- data/spec/unit/network/rights_spec.rb +52 -53
- data/spec/unit/network/uri_spec.rb +47 -0
- data/spec/unit/node/environment_spec.rb +72 -24
- data/spec/unit/node/facts_spec.rb +20 -8
- data/spec/unit/node_spec.rb +38 -23
- data/spec/unit/other/selinux_spec.rb +0 -72
- data/spec/unit/parameter/boolean_spec.rb +1 -2
- data/spec/unit/parameter/package_options_spec.rb +1 -2
- data/spec/unit/parameter/path_spec.rb +0 -1
- data/spec/unit/parameter/value_collection_spec.rb +0 -1
- data/spec/unit/parameter/value_spec.rb +0 -1
- data/spec/unit/parameter_spec.rb +9 -9
- data/spec/unit/parser/ast/block_expression_spec.rb +7 -9
- data/spec/unit/parser/ast/leaf_spec.rb +20 -21
- data/spec/unit/parser/compiler_spec.rb +93 -114
- data/spec/unit/parser/environment_compiler_spec.rb +67 -23
- data/spec/unit/parser/files_spec.rb +0 -1
- data/spec/unit/parser/functions/create_resources_spec.rb +10 -1
- data/spec/unit/parser/functions/digest_spec.rb +0 -5
- data/spec/unit/parser/functions/fail_spec.rb +2 -7
- data/spec/unit/parser/functions/file_spec.rb +13 -18
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +39 -2
- data/spec/unit/parser/functions/generate_spec.rb +36 -39
- data/spec/unit/parser/functions/inline_template_spec.rb +7 -5
- data/spec/unit/parser/functions/realize_spec.rb +9 -0
- data/spec/unit/parser/functions/regsubst_spec.rb +0 -5
- data/spec/unit/parser/functions/scanf_spec.rb +0 -5
- data/spec/unit/parser/functions/shellquote_spec.rb +0 -1
- data/spec/unit/parser/functions/split_spec.rb +0 -5
- data/spec/unit/parser/functions/sprintf_spec.rb +0 -5
- data/spec/unit/parser/functions/tag_spec.rb +8 -6
- data/spec/unit/parser/functions/tagged_spec.rb +36 -0
- data/spec/unit/parser/functions/template_spec.rb +21 -17
- data/spec/unit/parser/functions/versioncmp_spec.rb +1 -6
- data/spec/unit/parser/functions_spec.rb +28 -4
- data/spec/unit/parser/relationship_spec.rb +0 -1
- data/spec/unit/parser/resource/param_spec.rb +1 -1
- data/spec/unit/parser/resource_spec.rb +53 -48
- data/spec/unit/parser/scope_spec.rb +72 -39
- data/spec/unit/parser/templatewrapper_spec.rb +25 -15
- data/spec/unit/parser/type_loader_spec.rb +18 -20
- data/spec/unit/plan_spec.rb +65 -0
- data/spec/unit/pops/adaptable_spec.rb +0 -2
- data/spec/unit/pops/benchmark_spec.rb +0 -1
- data/spec/unit/pops/evaluator/access_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +10 -1
- data/spec/unit/pops/evaluator/basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/evaluator/collections_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/comparison_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/conditionals_spec.rb +1 -2
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +133 -17
- data/spec/unit/pops/evaluator/logical_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +24 -11
- data/spec/unit/pops/evaluator/string_interpolation_spec.rb +0 -1
- data/spec/unit/pops/evaluator/variables_spec.rb +0 -1
- data/spec/unit/pops/factory_rspec_helper.rb +1 -1
- data/spec/unit/pops/factory_spec.rb +8 -9
- data/spec/unit/pops/issues_spec.rb +40 -26
- data/spec/unit/pops/loaders/dependency_loader_spec.rb +2 -2
- data/spec/unit/pops/loaders/loader_spec.rb +516 -0
- data/spec/unit/pops/loaders/loaders_spec.rb +294 -46
- data/spec/unit/pops/loaders/module_loaders_spec.rb +112 -0
- data/spec/unit/pops/loaders/static_loader_spec.rb +16 -44
- data/spec/unit/pops/lookup/context_spec.rb +0 -1
- data/spec/unit/pops/lookup/interpolation_spec.rb +7 -3
- data/spec/unit/pops/lookup/lookup_spec.rb +81 -0
- data/spec/unit/pops/merge_strategy_spec.rb +0 -1
- data/spec/unit/pops/migration_spec.rb +3 -5
- data/spec/unit/pops/model/model_spec.rb +5 -1
- data/spec/unit/pops/model/pn_transformer_spec.rb +56 -0
- data/spec/unit/pops/parser/lexer2_spec.rb +89 -26
- data/spec/unit/pops/parser/locator_spec.rb +63 -1
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +42 -10
- data/spec/unit/pops/parser/parse_calls_spec.rb +28 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_conditionals_spec.rb +12 -1
- data/spec/unit/pops/parser/parse_containers_spec.rb +2 -14
- data/spec/unit/pops/parser/parse_functions_spec.rb +1 -1
- data/spec/unit/pops/parser/parse_heredoc_spec.rb +124 -12
- data/spec/unit/pops/parser/parse_lambda_spec.rb +1 -1
- data/spec/unit/pops/parser/parse_plan_spec.rb +47 -0
- data/spec/unit/pops/parser/parse_resource_spec.rb +35 -36
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -1
- data/spec/unit/pops/parser/pn_parser_spec.rb +100 -0
- data/spec/unit/pops/pn_spec.rb +147 -0
- data/spec/unit/pops/puppet_stack_spec.rb +38 -9
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -1
- data/spec/unit/pops/serialization/packer_spec.rb +8 -0
- data/spec/unit/pops/serialization/serialization_spec.rb +37 -5
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +74 -4
- data/spec/unit/pops/serialization/to_stringified_spec.rb +162 -0
- data/spec/unit/pops/types/deferred_spec.rb +87 -0
- data/spec/unit/pops/types/error_spec.rb +207 -0
- data/spec/unit/pops/types/iterable_spec.rb +1 -1
- data/spec/unit/pops/types/p_init_type_spec.rb +98 -0
- data/spec/unit/pops/types/p_object_type_spec.rb +298 -13
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_timespan_type_spec.rb +33 -4
- data/spec/unit/pops/types/p_timestamp_type_spec.rb +28 -2
- data/spec/unit/pops/types/p_type_set_type_spec.rb +106 -2
- data/spec/unit/pops/types/p_uri_type_spec.rb +191 -0
- data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
- data/spec/unit/pops/types/ruby_generator_spec.rb +87 -54
- data/spec/unit/pops/types/string_converter_spec.rb +39 -6
- data/spec/unit/pops/types/task_spec.rb +411 -0
- data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
- data/spec/unit/pops/types/type_calculator_spec.rb +120 -53
- data/spec/unit/pops/types/type_formatter_spec.rb +31 -13
- data/spec/unit/pops/types/type_mismatch_describer_spec.rb +9 -0
- data/spec/unit/pops/types/type_parser_spec.rb +26 -14
- data/spec/unit/pops/types/types_spec.rb +99 -6
- data/spec/unit/pops/validator/validator_spec.rb +455 -7
- data/spec/unit/pops/visitor_spec.rb +0 -1
- data/spec/unit/property/boolean_spec.rb +1 -1
- data/spec/unit/property/ensure_spec.rb +0 -1
- data/spec/unit/property/keyvalue_spec.rb +127 -38
- data/spec/unit/property/list_spec.rb +26 -27
- data/spec/unit/property/ordered_list_spec.rb +10 -14
- data/spec/unit/property_spec.rb +55 -46
- data/spec/unit/provider/aix_object_spec.rb +821 -0
- data/spec/unit/provider/command_spec.rb +9 -9
- data/spec/unit/provider/exec/posix_spec.rb +38 -15
- data/spec/unit/provider/exec/shell_spec.rb +2 -2
- data/spec/unit/provider/exec/windows_spec.rb +4 -6
- data/spec/unit/provider/exec_spec.rb +210 -1
- data/spec/unit/provider/file/posix_spec.rb +22 -24
- data/spec/unit/provider/file/windows_spec.rb +17 -19
- data/spec/unit/provider/group/aix_spec.rb +91 -0
- data/spec/unit/provider/group/groupadd_spec.rb +237 -29
- data/spec/unit/provider/group/ldap_spec.rb +33 -36
- data/spec/unit/provider/group/pw_spec.rb +15 -18
- data/spec/unit/provider/group/windows_adsi_spec.rb +173 -68
- data/spec/unit/provider/ldap_spec.rb +61 -63
- data/spec/unit/provider/nameservice/directoryservice_spec.rb +102 -109
- data/spec/unit/provider/nameservice_spec.rb +99 -100
- data/spec/unit/provider/package/aix_spec.rb +48 -22
- data/spec/unit/provider/package/appdmg_spec.rb +13 -13
- data/spec/unit/provider/package/apt_spec.rb +174 -37
- data/spec/unit/provider/package/aptitude_spec.rb +8 -7
- data/spec/unit/provider/package/aptrpm_spec.rb +8 -13
- data/spec/unit/provider/package/base_spec.rb +7 -6
- data/spec/unit/provider/package/dnf_spec.rb +43 -18
- data/spec/unit/provider/package/dnfmodule_spec.rb +256 -0
- data/spec/unit/provider/package/dpkg_spec.rb +348 -137
- data/spec/unit/provider/package/freebsd_spec.rb +15 -18
- data/spec/unit/provider/package/gem_spec.rb +210 -83
- data/spec/unit/provider/package/hpux_spec.rb +15 -18
- data/spec/unit/provider/package/macports_spec.rb +56 -54
- data/spec/unit/provider/package/nim_spec.rb +76 -59
- data/spec/unit/provider/package/openbsd_spec.rb +62 -49
- data/spec/unit/provider/package/opkg_spec.rb +23 -26
- data/spec/unit/provider/package/pacman_spec.rb +103 -133
- data/spec/unit/provider/package/pip2_spec.rb +36 -0
- data/spec/unit/provider/package/pip3_spec.rb +20 -6
- data/spec/unit/provider/package/pip_spec.rb +252 -157
- data/spec/unit/provider/package/pkg_spec.rb +194 -98
- data/spec/unit/provider/package/pkgdmg_spec.rb +64 -66
- data/spec/unit/provider/package/pkgin_spec.rb +21 -24
- data/spec/unit/provider/package/pkgng_spec.rb +80 -38
- data/spec/unit/provider/package/pkgutil_spec.rb +45 -49
- data/spec/unit/provider/package/portage_spec.rb +89 -74
- data/spec/unit/provider/package/puppet_gem_spec.rb +53 -21
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
- data/spec/unit/provider/package/rpm_spec.rb +280 -261
- data/spec/unit/provider/package/sun_spec.rb +16 -18
- data/spec/unit/provider/package/tdnf_spec.rb +9 -12
- data/spec/unit/provider/package/up2date_spec.rb +2 -4
- data/spec/unit/provider/package/urpmi_spec.rb +18 -14
- data/spec/unit/provider/package/windows/exe_package_spec.rb +32 -18
- data/spec/unit/provider/package/windows/msi_package_spec.rb +20 -23
- data/spec/unit/provider/package/windows/package_spec.rb +38 -43
- data/spec/unit/provider/package/windows_spec.rb +51 -36
- data/spec/unit/provider/package/yum_spec.rb +442 -13
- data/spec/unit/provider/package/zypper_spec.rb +202 -106
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/parsedfile_spec.rb +81 -46
- data/spec/unit/provider/service/base_spec.rb +6 -11
- data/spec/unit/provider/service/bsd_spec.rb +52 -51
- data/spec/unit/provider/service/daemontools_spec.rb +71 -52
- data/spec/unit/provider/service/debian_spec.rb +51 -53
- data/spec/unit/provider/service/freebsd_spec.rb +21 -21
- data/spec/unit/provider/service/gentoo_spec.rb +78 -82
- data/spec/unit/provider/service/init_spec.rb +117 -67
- data/spec/unit/provider/service/launchd_spec.rb +196 -114
- data/spec/unit/provider/service/openbsd_spec.rb +98 -92
- data/spec/unit/provider/service/openrc_spec.rb +73 -75
- data/spec/unit/provider/service/openwrt_spec.rb +36 -44
- data/spec/unit/provider/service/rcng_spec.rb +20 -21
- data/spec/unit/provider/service/redhat_spec.rb +76 -58
- data/spec/unit/provider/service/runit_spec.rb +62 -43
- data/spec/unit/provider/service/smf_spec.rb +143 -73
- data/spec/unit/provider/service/src_spec.rb +60 -69
- data/spec/unit/provider/service/systemd_spec.rb +330 -155
- data/spec/unit/provider/service/upstart_spec.rb +106 -84
- data/spec/unit/provider/service/windows_spec.rb +336 -91
- data/spec/unit/provider/user/aix_spec.rb +263 -112
- data/spec/unit/provider/user/directoryservice_spec.rb +229 -124
- data/spec/unit/provider/user/hpux_spec.rb +19 -20
- data/spec/unit/provider/user/ldap_spec.rb +80 -83
- data/spec/unit/provider/user/openbsd_spec.rb +11 -12
- data/spec/unit/provider/user/pw_spec.rb +82 -44
- data/spec/unit/provider/user/user_role_add_spec.rb +109 -92
- data/spec/unit/provider/user/useradd_spec.rb +479 -90
- data/spec/unit/provider/user/windows_adsi_spec.rb +144 -63
- data/spec/unit/provider_spec.rb +241 -47
- data/spec/unit/puppet_pal_2pec.rb +1033 -0
- data/spec/unit/puppet_pal_catalog_spec.rb +962 -0
- data/spec/unit/puppet_pal_spec.rb +3 -0
- data/spec/unit/puppet_spec.rb +58 -25
- data/spec/unit/relationship_spec.rb +0 -1
- data/spec/unit/reports/http_spec.rb +70 -54
- data/spec/unit/reports/store_spec.rb +20 -17
- data/spec/unit/reports_spec.rb +12 -14
- data/spec/unit/resource/capability_finder_spec.rb +31 -29
- data/spec/unit/resource/catalog_spec.rb +104 -82
- data/spec/unit/resource/status_spec.rb +23 -12
- data/spec/unit/resource/type_collection_spec.rb +19 -17
- data/spec/unit/resource/type_spec.rb +52 -38
- data/spec/unit/resource_spec.rb +207 -49
- data/spec/unit/rest/route_spec.rb +132 -0
- data/spec/unit/scheduler/job_spec.rb +0 -1
- data/spec/unit/scheduler/scheduler_spec.rb +0 -1
- data/spec/unit/scheduler/splay_job_spec.rb +1 -2
- data/spec/unit/settings/array_setting_spec.rb +1 -1
- data/spec/unit/settings/autosign_setting_spec.rb +11 -11
- data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
- data/spec/unit/settings/config_file_spec.rb +9 -1
- data/spec/unit/settings/directory_setting_spec.rb +2 -7
- data/spec/unit/settings/duration_setting_spec.rb +1 -2
- data/spec/unit/settings/enum_setting_spec.rb +1 -1
- data/spec/unit/settings/environment_conf_spec.rb +4 -6
- data/spec/unit/settings/file_setting_spec.rb +54 -48
- data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
- data/spec/unit/settings/ini_file_spec.rb +314 -5
- data/spec/unit/settings/path_setting_spec.rb +2 -3
- data/spec/unit/settings/priority_setting_spec.rb +1 -2
- data/spec/unit/settings/server_list_setting_spec.rb +21 -0
- data/spec/unit/settings/string_setting_spec.rb +14 -15
- data/spec/unit/settings/terminus_setting_spec.rb +1 -2
- data/spec/unit/settings/value_translator_spec.rb +0 -1
- data/spec/unit/settings_spec.rb +905 -448
- data/spec/unit/ssl/base_spec.rb +13 -15
- data/spec/unit/ssl/certificate_request_attributes_spec.rb +21 -8
- data/spec/unit/ssl/certificate_request_spec.rb +84 -65
- data/spec/unit/ssl/certificate_spec.rb +34 -32
- data/spec/unit/ssl/digest_spec.rb +0 -1
- data/spec/unit/ssl/host_spec.rb +336 -649
- data/spec/unit/ssl/key_spec.rb +31 -49
- data/spec/unit/ssl/oids_spec.rb +1 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +630 -0
- data/spec/unit/ssl/state_machine_spec.rb +983 -0
- data/spec/unit/ssl/validator_spec.rb +74 -214
- data/spec/unit/ssl/verifier_spec.rb +123 -0
- data/spec/unit/task_spec.rb +216 -27
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction/additional_resource_generator_spec.rb +66 -72
- data/spec/unit/transaction/event_manager_spec.rb +114 -89
- data/spec/unit/transaction/event_spec.rb +16 -15
- data/spec/unit/transaction/persistence_spec.rb +83 -27
- data/spec/unit/transaction/report_spec.rb +55 -27
- data/spec/unit/transaction/resource_harness_spec.rb +72 -33
- data/spec/unit/transaction_spec.rb +328 -115
- data/spec/unit/type/component_spec.rb +0 -1
- data/spec/unit/type/exec_spec.rb +210 -95
- data/spec/unit/type/file/checksum_spec.rb +29 -10
- data/spec/unit/type/file/checksum_value_spec.rb +31 -32
- data/spec/unit/type/file/content_spec.rb +72 -58
- data/spec/unit/type/file/ctime_spec.rb +0 -1
- data/spec/unit/type/file/ensure_spec.rb +13 -15
- data/spec/unit/type/file/group_spec.rb +5 -7
- data/spec/unit/type/file/mode_spec.rb +4 -6
- data/spec/unit/type/file/mtime_spec.rb +0 -1
- data/spec/unit/type/file/owner_spec.rb +6 -8
- data/spec/unit/type/file/selinux_spec.rb +16 -21
- data/spec/unit/type/file/source_spec.rb +186 -126
- data/spec/unit/type/file/type_spec.rb +0 -1
- data/spec/unit/type/file_spec.rb +321 -267
- data/spec/unit/type/filebucket_spec.rb +12 -11
- data/spec/unit/type/group_spec.rb +32 -11
- data/spec/unit/type/noop_metaparam_spec.rb +1 -2
- data/spec/unit/type/package/package_settings_spec.rb +44 -23
- data/spec/unit/type/package_spec.rb +76 -54
- data/spec/unit/type/resources_spec.rb +105 -75
- data/spec/unit/type/schedule_spec.rb +29 -29
- data/spec/unit/type/service_spec.rb +252 -76
- data/spec/unit/type/stage_spec.rb +0 -1
- data/spec/unit/type/tidy_spec.rb +92 -61
- data/spec/unit/type/user_spec.rb +79 -143
- data/spec/unit/type/whit_spec.rb +0 -1
- data/spec/unit/type_spec.rb +288 -140
- data/spec/unit/util/at_fork_spec.rb +21 -21
- data/spec/unit/util/autoload_spec.rb +126 -94
- data/spec/unit/util/backups_spec.rb +33 -35
- data/spec/unit/util/character_encoding_spec.rb +5 -48
- data/spec/unit/util/checksums_spec.rb +57 -42
- data/spec/unit/util/colors_spec.rb +1 -2
- data/spec/unit/util/command_line_spec.rb +50 -25
- data/spec/unit/util/constant_inflector_spec.rb +0 -1
- data/spec/unit/util/diff_spec.rb +12 -5
- data/spec/unit/util/docs_spec.rb +1 -1
- data/spec/unit/util/errors_spec.rb +0 -1
- data/spec/unit/util/execution_spec.rb +288 -167
- data/spec/unit/util/execution_stub_spec.rb +2 -3
- data/spec/unit/util/feature_spec.rb +56 -29
- data/spec/unit/util/filetype_spec.rb +62 -50
- data/spec/unit/util/http_proxy_spec.rb +178 -17
- data/spec/unit/util/inifile_spec.rb +70 -52
- data/spec/unit/util/json_lockfile_spec.rb +3 -5
- data/spec/unit/util/json_spec.rb +126 -0
- data/spec/unit/util/ldap/connection_spec.rb +26 -25
- data/spec/unit/util/ldap/generator_spec.rb +0 -1
- data/spec/unit/util/ldap/manager_spec.rb +100 -129
- data/spec/unit/util/lockfile_spec.rb +1 -2
- data/spec/unit/util/log/destinations_spec.rb +68 -37
- data/spec/unit/util/log_spec.rb +55 -151
- data/spec/unit/util/logging_spec.rb +323 -105
- data/spec/unit/util/metric_spec.rb +0 -1
- data/spec/unit/util/monkey_patches_spec.rb +23 -13
- data/spec/unit/util/multi_match_spec.rb +0 -1
- data/spec/unit/util/network_device/config_spec.rb +0 -1
- data/spec/unit/util/network_device/transport/base_spec.rb +5 -6
- data/spec/unit/util/network_device_spec.rb +7 -9
- data/spec/unit/util/package/version/debian_spec.rb +83 -0
- data/spec/unit/util/package/version/pip_spec.rb +464 -0
- data/spec/unit/util/package/version/range_spec.rb +175 -0
- data/spec/unit/util/package/version/rpm_spec.rb +121 -0
- data/spec/unit/util/package_spec.rb +0 -1
- data/spec/unit/util/pidlock_spec.rb +130 -15
- data/spec/unit/util/plist_spec.rb +66 -33
- data/spec/unit/util/posix_spec.rb +426 -47
- data/spec/unit/util/profiler/object_counts_spec.rb +2 -1
- data/spec/unit/util/rdoc_spec.rb +9 -10
- data/spec/unit/util/reference_spec.rb +0 -1
- data/spec/unit/util/resource_template_spec.rb +20 -20
- data/spec/unit/util/retry_action_spec.rb +7 -8
- data/spec/unit/util/rpm_compare_spec.rb +196 -0
- data/spec/unit/util/rubygems_spec.rb +8 -43
- data/spec/unit/util/run_mode_spec.rb +16 -17
- data/spec/unit/util/selinux_spec.rb +204 -98
- data/spec/unit/util/skip_tags_spec.rb +14 -0
- data/spec/unit/util/splayer_spec.rb +8 -9
- data/spec/unit/util/ssl_spec.rb +0 -1
- data/spec/unit/util/storage_spec.rb +125 -12
- data/spec/unit/util/suidmanager_spec.rb +83 -91
- data/spec/unit/util/symbolic_file_mode_spec.rb +0 -1
- data/spec/unit/util/tag_set_spec.rb +8 -2
- data/spec/unit/util/tagging_spec.rb +27 -9
- data/spec/unit/util/terminal_spec.rb +9 -10
- data/spec/unit/util/user_attr_spec.rb +1 -2
- data/spec/unit/util/warnings_spec.rb +3 -4
- data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
- data/spec/unit/util/watcher_spec.rb +51 -21
- data/spec/unit/util/windows/access_control_entry_spec.rb +1 -2
- data/spec/unit/util/windows/access_control_list_spec.rb +1 -2
- data/spec/unit/util/windows/adsi_spec.rb +285 -137
- data/spec/unit/util/windows/api_types_spec.rb +105 -42
- data/spec/unit/util/windows/eventlog_spec.rb +10 -13
- data/spec/unit/util/windows/file_spec.rb +0 -1
- data/spec/unit/util/windows/root_certs_spec.rb +1 -2
- data/spec/unit/util/windows/security_descriptor_spec.rb +1 -3
- data/spec/unit/util/windows/service_spec.rb +677 -0
- data/spec/unit/util/windows/sid_spec.rb +131 -21
- data/spec/unit/util/windows/string_spec.rb +1 -2
- data/spec/unit/util/windows_spec.rb +23 -0
- data/spec/unit/util/yaml_spec.rb +193 -34
- data/spec/unit/util_spec.rb +110 -130
- data/spec/unit/version_spec.rb +6 -6
- data/spec/unit/x509/cert_provider_spec.rb +606 -0
- data/spec/unit/x509/pem_store_spec.rb +160 -0
- data/tasks/benchmark.rake +41 -0
- data/tasks/ci.rake +0 -5
- data/tasks/generate_cert_fixtures.rake +194 -0
- data/tasks/manpages.rake +15 -36
- data/tasks/parallel.rake +3 -3
- data/tasks/parser.rake +11 -3
- metadata +3497 -3514
- data/COMMITTERS.md +0 -244
- data/MAINTAINERS +0 -66
- data/ext/README.environment +0 -8
- data/ext/autotest/Rakefile +0 -8
- data/ext/autotest/config +0 -43
- data/ext/autotest/readme.rst +0 -16
- data/ext/cert_inspector +0 -140
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -361
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/envpuppet +0 -139
- data/ext/envpuppet.bat +0 -14
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -33
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/puppet-test +0 -477
- data/ext/pure_ruby_dsl/dsl_test.rb +0 -7
- data/ext/rack/config.ru +0 -44
- data/ext/rack/example-passenger-vhost.conf +0 -57
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -846
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -64
- data/ext/solaris/smf/svc-puppetmasterd +0 -60
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/upload_facts.rb +0 -119
- data/ext/windows/eventlog/Rakefile +0 -32
- data/ext/windows/eventlog/puppetres.dll +0 -0
- data/ext/windows/eventlog/puppetres.mc +0 -18
- data/ext/yaml_nodes.rb +0 -105
- data/lib/puppet/application/ca.rb +0 -11
- data/lib/puppet/application/certificate.rb +0 -17
- data/lib/puppet/application/certificate_request.rb +0 -7
- data/lib/puppet/application/certificate_revocation_list.rb +0 -7
- data/lib/puppet/application/master.rb +0 -317
- data/lib/puppet/bindings.rb +0 -148
- data/lib/puppet/configurer/downloader_factory.rb +0 -44
- data/lib/puppet/external/nagios/base.rb +0 -472
- data/lib/puppet/external/nagios/grammar.ry +0 -248
- data/lib/puppet/external/nagios/makefile +0 -9
- data/lib/puppet/external/nagios/parser.rb +0 -400
- data/lib/puppet/external/nagios.rb +0 -46
- data/lib/puppet/face/ca.rb +0 -266
- data/lib/puppet/face/certificate.rb +0 -165
- data/lib/puppet/face/certificate_request.rb +0 -56
- data/lib/puppet/face/certificate_revocation_list.rb +0 -56
- data/lib/puppet/feature/rack.rb +0 -19
- data/lib/puppet/graph/random_prioritizer.rb +0 -16
- data/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
- data/lib/puppet/indirector/certificate/ca.rb +0 -9
- data/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
- data/lib/puppet/indirector/certificate_request/ca.rb +0 -22
- data/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
- data/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
- data/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
- data/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
- data/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -22
- data/lib/puppet/indirector/certificate_status/file.rb +0 -91
- data/lib/puppet/indirector/certificate_status/rest.rb +0 -11
- data/lib/puppet/indirector/certificate_status.rb +0 -4
- data/lib/puppet/indirector/key/ca.rb +0 -16
- data/lib/puppet/indirector/key/disabled_ca.rb +0 -22
- data/lib/puppet/indirector/ldap.rb +0 -80
- data/lib/puppet/indirector/node/ldap.rb +0 -259
- data/lib/puppet/indirector/node/write_only_yaml.rb +0 -39
- data/lib/puppet/module_tool/applications/builder.rb +0 -148
- data/lib/puppet/module_tool/skeleton/templates/generator/Gemfile +0 -18
- data/lib/puppet/module_tool/skeleton/templates/generator/README.md.erb +0 -89
- data/lib/puppet/module_tool/skeleton/templates/generator/Rakefile +0 -32
- data/lib/puppet/module_tool/skeleton/templates/generator/examples/init.pp.erb +0 -12
- data/lib/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +0 -48
- data/lib/puppet/module_tool/skeleton/templates/generator/metadata.json.erb +0 -1
- data/lib/puppet/module_tool/skeleton/templates/generator/spec/classes/init_spec.rb.erb +0 -6
- data/lib/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +0 -1
- data/lib/puppet/network/http/api/ca/v1.rb +0 -11
- data/lib/puppet/network/http/api/ca.rb +0 -2
- data/lib/puppet/network/http/rack/rest.rb +0 -162
- data/lib/puppet/network/http/rack.rb +0 -33
- data/lib/puppet/network/http/webrick/rest.rb +0 -114
- data/lib/puppet/network/http/webrick.rb +0 -123
- data/lib/puppet/network/server.rb +0 -39
- data/lib/puppet/pops/loader/null_loader.rb +0 -60
- data/lib/puppet/provider/aixobject.rb +0 -392
- data/lib/puppet/provider/augeas/augeas.rb +0 -567
- data/lib/puppet/provider/cisco.rb +0 -9
- data/lib/puppet/provider/computer/computer.rb +0 -20
- data/lib/puppet/provider/cron/crontab.rb +0 -297
- data/lib/puppet/provider/host/parsed.rb +0 -46
- data/lib/puppet/provider/interface/cisco.rb +0 -27
- data/lib/puppet/provider/macauthorization/macauthorization.rb +0 -298
- data/lib/puppet/provider/mailalias/aliases.rb +0 -50
- data/lib/puppet/provider/maillist/mailman.rb +0 -108
- data/lib/puppet/provider/mcx/mcxcontent.rb +0 -173
- data/lib/puppet/provider/mount/parsed.rb +0 -282
- data/lib/puppet/provider/mount.rb +0 -59
- data/lib/puppet/provider/naginator.rb +0 -63
- data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +0 -590
- data/lib/puppet/provider/selboolean/getsetsebool.rb +0 -47
- data/lib/puppet/provider/selmodule/semodule.rb +0 -140
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +0 -105
- data/lib/puppet/provider/sshkey/parsed.rb +0 -50
- data/lib/puppet/provider/vlan/cisco.rb +0 -28
- data/lib/puppet/provider/yumrepo/inifile.rb +0 -305
- data/lib/puppet/provider/zfs/zfs.rb +0 -88
- data/lib/puppet/provider/zone/solaris.rb +0 -364
- data/lib/puppet/provider/zpool/zpool.rb +0 -125
- data/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
- data/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
- data/lib/puppet/ssl/certificate_authority.rb +0 -553
- data/lib/puppet/ssl/certificate_revocation_list.rb +0 -110
- data/lib/puppet/ssl/configuration.rb +0 -61
- data/lib/puppet/ssl/inventory.rb +0 -55
- data/lib/puppet/type/augeas.rb +0 -211
- data/lib/puppet/type/computer.rb +0 -66
- data/lib/puppet/type/cron.rb +0 -475
- data/lib/puppet/type/host.rb +0 -95
- data/lib/puppet/type/interface.rb +0 -121
- data/lib/puppet/type/k5login.rb +0 -88
- data/lib/puppet/type/macauthorization.rb +0 -167
- data/lib/puppet/type/mailalias.rb +0 -46
- data/lib/puppet/type/maillist.rb +0 -62
- data/lib/puppet/type/mcx.rb +0 -98
- data/lib/puppet/type/mount.rb +0 -310
- data/lib/puppet/type/nagios_command.rb +0 -3
- data/lib/puppet/type/nagios_contact.rb +0 -3
- data/lib/puppet/type/nagios_contactgroup.rb +0 -3
- data/lib/puppet/type/nagios_host.rb +0 -3
- data/lib/puppet/type/nagios_hostdependency.rb +0 -3
- data/lib/puppet/type/nagios_hostescalation.rb +0 -3
- data/lib/puppet/type/nagios_hostextinfo.rb +0 -3
- data/lib/puppet/type/nagios_hostgroup.rb +0 -3
- data/lib/puppet/type/nagios_service.rb +0 -3
- data/lib/puppet/type/nagios_servicedependency.rb +0 -3
- data/lib/puppet/type/nagios_serviceescalation.rb +0 -3
- data/lib/puppet/type/nagios_serviceextinfo.rb +0 -3
- data/lib/puppet/type/nagios_servicegroup.rb +0 -3
- data/lib/puppet/type/nagios_timeperiod.rb +0 -3
- data/lib/puppet/type/router.rb +0 -17
- data/lib/puppet/type/scheduled_task.rb +0 -183
- data/lib/puppet/type/selboolean.rb +0 -26
- data/lib/puppet/type/selmodule.rb +0 -59
- data/lib/puppet/type/ssh_authorized_key.rb +0 -143
- data/lib/puppet/type/sshkey.rb +0 -83
- data/lib/puppet/type/vlan.rb +0 -26
- data/lib/puppet/type/yumrepo.rb +0 -409
- data/lib/puppet/type/zfs.rb +0 -150
- data/lib/puppet/type/zone.rb +0 -382
- data/lib/puppet/type/zpool.rb +0 -91
- data/lib/puppet/util/methodhelper.rb +0 -32
- data/lib/puppet/util/nagios_maker.rb +0 -85
- data/lib/puppet/util/network_device/cisco/device.rb +0 -285
- data/lib/puppet/util/network_device/cisco/facts.rb +0 -72
- data/lib/puppet/util/network_device/cisco/interface.rb +0 -94
- data/lib/puppet/util/network_device/cisco.rb +0 -4
- data/lib/puppet/util/network_device/ipcalc.rb +0 -68
- data/lib/puppet/util/network_device/transport/ssh.rb +0 -126
- data/lib/puppet/util/network_device/transport/telnet.rb +0 -47
- data/lib/puppet/util/windows/taskscheduler.rb +0 -1276
- data/lib/puppet/vendor/deep_merge/CHANGELOG +0 -45
- data/lib/puppet/vendor/deep_merge/Gemfile +0 -3
- data/lib/puppet/vendor/deep_merge/LICENSE +0 -21
- data/lib/puppet/vendor/deep_merge/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/deep_merge/README.md +0 -113
- data/lib/puppet/vendor/deep_merge/Rakefile +0 -19
- data/lib/puppet/vendor/deep_merge/deep_merge.gemspec +0 -35
- data/lib/puppet/vendor/deep_merge/lib/deep_merge/core.rb +0 -210
- data/lib/puppet/vendor/deep_merge/lib/deep_merge/deep_merge_hash.rb +0 -28
- data/lib/puppet/vendor/deep_merge/lib/deep_merge/rails_compat.rb +0 -27
- data/lib/puppet/vendor/deep_merge/lib/deep_merge.rb +0 -2
- data/lib/puppet/vendor/deep_merge/test/test_deep_merge.rb +0 -608
- data/lib/puppet/vendor/load_deep_merge.rb +0 -1
- data/lib/puppet/vendor/load_semantic.rb +0 -1
- data/lib/puppet/vendor/load_semantic_puppet.rb +0 -1
- data/lib/puppet/vendor/semantic/lib/semantic.rb +0 -5
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph.rb +0 -60
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph_node.rb +0 -117
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/module_release.rb +0 -58
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/source.rb +0 -25
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/unsatisfiable_graph.rb +0 -31
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency.rb +0 -181
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/gem_version.rb +0 -3
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version.rb +0 -203
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version_range.rb +0 -758
- data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet.rb +0 -11
- data/locales/ja/puppet.po +0 -11234
- data/man/man8/puppet-ca.8 +0 -196
- data/man/man8/puppet-cert.8 +0 -118
- data/man/man8/puppet-certificate.8 +0 -240
- data/man/man8/puppet-certificate_request.8 +0 -161
- data/man/man8/puppet-certificate_revocation_list.8 +0 -139
- data/man/man8/puppet-master.8 +0 -85
- data/spec/fixtures/integration/provider/cron/crontab/create_normal_entry +0 -19
- data/spec/fixtures/integration/provider/cron/crontab/create_special_entry +0 -18
- data/spec/fixtures/integration/provider/cron/crontab/crontab_user1 +0 -15
- data/spec/fixtures/integration/provider/cron/crontab/crontab_user2 +0 -4
- data/spec/fixtures/integration/provider/cron/crontab/modify_entry +0 -13
- data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input1 +0 -15
- data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input2 +0 -6
- data/spec/fixtures/integration/provider/cron/crontab/purged +0 -8
- data/spec/fixtures/integration/provider/cron/crontab/remove_named_resource +0 -12
- data/spec/fixtures/integration/provider/cron/crontab/remove_unnamed_resource +0 -14
- data/spec/fixtures/integration/provider/cron/crontab/unspecialized +0 -15
- data/spec/fixtures/integration/provider/mailalias/aliases/test1 +0 -31
- data/spec/fixtures/integration/provider/sshkey/sample +0 -21
- data/spec/fixtures/unit/provider/augeas/augeas/augeas/lenses/test.aug +0 -13
- data/spec/fixtures/unit/provider/augeas/augeas/etc/fstab +0 -10
- data/spec/fixtures/unit/provider/augeas/augeas/etc/hosts +0 -6
- data/spec/fixtures/unit/provider/augeas/augeas/etc/test +0 -3
- data/spec/fixtures/unit/provider/augeas/augeas/test.aug +0 -13
- data/spec/fixtures/unit/provider/host/parsed/valid_hosts +0 -19
- data/spec/fixtures/unit/provider/mount/mount-output.aix.txt +0 -7
- data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +0 -152
- data/spec/fixtures/unit/provider/mount/parsed/aix.mount +0 -11
- data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +0 -6
- data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +0 -8
- data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +0 -3
- data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +0 -17
- data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +0 -11
- data/spec/fixtures/unit/provider/mount/parsed/linux.mount +0 -5
- data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +0 -9
- data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +0 -8
- data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +0 -4
- data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +0 -4
- data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +0 -11
- data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +0 -6
- data/spec/fixtures/unit/provider/naginator/define_empty_param +0 -6
- data/spec/fixtures/unit/provider/package/pkgng/pkg.info +0 -8
- data/spec/fixtures/unit/provider/package/pkgng/pkg.query_absent +0 -1
- data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +0 -7
- data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +0 -3
- data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +0 -1
- data/spec/fixtures/unit/provider/sshkey/parsed/sample +0 -21
- data/spec/fixtures/unit/provider/sshkey/parsed/sample_with_blank_lines +0 -8
- data/spec/fixtures/unit/provider/zfs/zfs/zfs-list.out +0 -2
- data/spec/fixtures/unit/provider/zpool/zpool/zpool-list.out +0 -2
- data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +0 -24
- data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +0 -24
- data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +0 -24
- data/spec/integration/faces/ca_spec.rb +0 -354
- data/spec/integration/faces/config_spec.rb +0 -80
- data/spec/integration/faces/documentation_spec.rb +0 -58
- data/spec/integration/faces/plugin_spec.rb +0 -59
- data/spec/integration/file_bucket/file_spec.rb +0 -69
- data/spec/integration/file_serving/content_spec.rb +0 -8
- data/spec/integration/file_serving/fileset_spec.rb +0 -13
- data/spec/integration/file_serving/metadata_spec.rb +0 -9
- data/spec/integration/file_serving/terminus_helper_spec.rb +0 -21
- data/spec/integration/file_system/uniquefile_spec.rb +0 -29
- data/spec/integration/indirector/node/ldap_spec.rb +0 -14
- data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
- data/spec/integration/provider/cron/crontab_spec.rb +0 -242
- data/spec/integration/provider/mailalias/aliases_spec.rb +0 -10
- data/spec/integration/provider/mount_spec.rb +0 -161
- data/spec/integration/provider/service/init_spec.rb +0 -46
- data/spec/integration/provider/service/systemd_spec.rb +0 -20
- data/spec/integration/provider/service/windows_spec.rb +0 -49
- data/spec/integration/provider/ssh_authorized_key_spec.rb +0 -219
- data/spec/integration/provider/sshkey_spec.rb +0 -159
- data/spec/integration/provider/yumrepo_spec.rb +0 -130
- data/spec/integration/reference/providers_spec.rb +0 -16
- data/spec/integration/reports_spec.rb +0 -14
- data/spec/integration/ssl/autosign_spec.rb +0 -145
- data/spec/integration/ssl/certificate_authority_spec.rb +0 -162
- data/spec/integration/ssl/certificate_request_spec.rb +0 -47
- data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -34
- data/spec/integration/ssl/host_spec.rb +0 -81
- data/spec/integration/ssl/key_spec.rb +0 -104
- data/spec/integration/test/test_helper_spec.rb +0 -32
- data/spec/integration/type/nagios_spec.rb +0 -71
- data/spec/integration/type/user_spec.rb +0 -64
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/shared_behaviours/file_serving_model.rb +0 -72
- data/spec/unit/application/cert_spec.rb +0 -240
- data/spec/unit/application/certificate_spec.rb +0 -22
- data/spec/unit/application/master_spec.rb +0 -404
- data/spec/unit/configurer/downloader_factory_spec.rb +0 -129
- data/spec/unit/face/ca_spec.rb +0 -10
- data/spec/unit/face/catalog_spec.rb +0 -7
- data/spec/unit/face/certificate_request_spec.rb +0 -10
- data/spec/unit/face/certificate_revocation_list_spec.rb +0 -10
- data/spec/unit/face/certificate_spec.rb +0 -231
- data/spec/unit/face/module/build_spec.rb +0 -69
- data/spec/unit/face/module_spec.rb +0 -3
- data/spec/unit/graph/title_hash_prioritizer_spec.rb +0 -49
- data/spec/unit/indirector/certificate/ca_spec.rb +0 -23
- data/spec/unit/indirector/certificate/disabled_ca_spec.rb +0 -33
- data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -57
- data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +0 -33
- data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +0 -16
- data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +0 -33
- data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +0 -17
- data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +0 -34
- data/spec/unit/indirector/certificate_status/file_spec.rb +0 -191
- data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -18
- data/spec/unit/indirector/code_spec.rb +0 -31
- data/spec/unit/indirector/key/ca_spec.rb +0 -23
- data/spec/unit/indirector/key/disabled_ca_spec.rb +0 -33
- data/spec/unit/indirector/ldap_spec.rb +0 -137
- data/spec/unit/indirector/node/ldap_spec.rb +0 -462
- data/spec/unit/indirector/node/write_only_yaml_spec.rb +0 -12
- data/spec/unit/indirector/store_configs_spec.rb +0 -8
- data/spec/unit/man_spec.rb +0 -32
- data/spec/unit/module_tool/applications/builder_spec.rb +0 -432
- data/spec/unit/network/http/api/ca/v1_spec.rb +0 -26
- data/spec/unit/network/http/rack/rest_spec.rb +0 -325
- data/spec/unit/network/http/rack_spec.rb +0 -43
- data/spec/unit/network/http/webrick/rest_spec.rb +0 -231
- data/spec/unit/network/http/webrick_spec.rb +0 -280
- data/spec/unit/network/server_spec.rb +0 -95
- data/spec/unit/provider/aixobject_spec.rb +0 -101
- data/spec/unit/provider/augeas/augeas_spec.rb +0 -1025
- data/spec/unit/provider/cisco_spec.rb +0 -15
- data/spec/unit/provider/cron/crontab_spec.rb +0 -207
- data/spec/unit/provider/cron/parsed_spec.rb +0 -358
- data/spec/unit/provider/host/parsed_spec.rb +0 -233
- data/spec/unit/provider/interface/cisco_spec.rb +0 -57
- data/spec/unit/provider/macauthorization_spec.rb +0 -155
- data/spec/unit/provider/mcx/mcxcontent_spec.rb +0 -192
- data/spec/unit/provider/mount/parsed_spec.rb +0 -317
- data/spec/unit/provider/mount_spec.rb +0 -165
- data/spec/unit/provider/naginator_spec.rb +0 -79
- data/spec/unit/provider/network_device_spec.rb +0 -152
- data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +0 -2060
- data/spec/unit/provider/selboolean_spec.rb +0 -36
- data/spec/unit/provider/selmodule-example.pp +0 -0
- data/spec/unit/provider/selmodule_spec.rb +0 -79
- data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -277
- data/spec/unit/provider/sshkey/parsed_spec.rb +0 -95
- data/spec/unit/provider/vlan/cisco_spec.rb +0 -55
- data/spec/unit/provider/yumrepo/inifile_spec.rb +0 -326
- data/spec/unit/provider/zfs/zfs_spec.rb +0 -112
- data/spec/unit/provider/zone/solaris_spec.rb +0 -247
- data/spec/unit/provider/zpool/zpool_spec.rb +0 -251
- data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +0 -30
- data/spec/unit/ssl/certificate_authority/interface_spec.rb +0 -560
- data/spec/unit/ssl/certificate_authority_spec.rb +0 -1184
- data/spec/unit/ssl/certificate_revocation_list_spec.rb +0 -196
- data/spec/unit/ssl/configuration_spec.rb +0 -141
- data/spec/unit/ssl/inventory_spec.rb +0 -151
- data/spec/unit/type/augeas_spec.rb +0 -119
- data/spec/unit/type/computer_spec.rb +0 -80
- data/spec/unit/type/cron_spec.rb +0 -543
- data/spec/unit/type/host_spec.rb +0 -681
- data/spec/unit/type/interface_spec.rb +0 -129
- data/spec/unit/type/k5login_spec.rb +0 -115
- data/spec/unit/type/macauthorization_spec.rb +0 -113
- data/spec/unit/type/mailalias_spec.rb +0 -49
- data/spec/unit/type/maillist_spec.rb +0 -41
- data/spec/unit/type/mcx_spec.rb +0 -79
- data/spec/unit/type/mount_spec.rb +0 -634
- data/spec/unit/type/nagios_spec.rb +0 -313
- data/spec/unit/type/scheduled_task_spec.rb +0 -103
- data/spec/unit/type/selboolean_spec.rb +0 -44
- data/spec/unit/type/selmodule_spec.rb +0 -17
- data/spec/unit/type/ssh_authorized_key_spec.rb +0 -258
- data/spec/unit/type/sshkey_spec.rb +0 -77
- data/spec/unit/type/vlan_spec.rb +0 -44
- data/spec/unit/type/yumrepo_spec.rb +0 -398
- data/spec/unit/type/zfs_spec.rb +0 -46
- data/spec/unit/type/zone_spec.rb +0 -172
- data/spec/unit/type/zpool_spec.rb +0 -109
- data/spec/unit/util/nagios_maker_spec.rb +0 -122
- data/spec/unit/util/network_device/cisco/device_spec.rb +0 -482
- data/spec/unit/util/network_device/cisco/facts_spec.rb +0 -64
- data/spec/unit/util/network_device/cisco/interface_spec.rb +0 -88
- data/spec/unit/util/network_device/ipcalc_spec.rb +0 -62
- data/spec/unit/util/network_device/transport/ssh_spec.rb +0 -218
- data/spec/unit/util/network_device/transport/telnet_spec.rb +0 -86
- data/spec/watchr.rb +0 -138
@@ -0,0 +1,630 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Puppet::SSL::SSLProvider do
|
4
|
+
include PuppetSpec::Files
|
5
|
+
|
6
|
+
let(:global_cacerts) { [ cert_fixture('ca.pem'), cert_fixture('intermediate.pem') ] }
|
7
|
+
let(:global_crls) { [ crl_fixture('crl.pem'), crl_fixture('intermediate-crl.pem') ] }
|
8
|
+
let(:wrong_key) { OpenSSL::PKey::RSA.new(512) }
|
9
|
+
|
10
|
+
context 'when creating an insecure context' do
|
11
|
+
let(:sslctx) { subject.create_insecure_context }
|
12
|
+
|
13
|
+
it 'has an empty list of trusted certs' do
|
14
|
+
expect(sslctx.cacerts).to eq([])
|
15
|
+
end
|
16
|
+
|
17
|
+
it 'has an empty list of crls' do
|
18
|
+
expect(sslctx.crls).to eq([])
|
19
|
+
end
|
20
|
+
|
21
|
+
it 'has an empty chain' do
|
22
|
+
expect(sslctx.client_chain).to eq([])
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'has a nil private key and cert' do
|
26
|
+
expect(sslctx.private_key).to be_nil
|
27
|
+
expect(sslctx.client_cert).to be_nil
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'does not authenticate the server' do
|
31
|
+
expect(sslctx.verify_peer).to eq(false)
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'raises if the frozen context is modified' do
|
35
|
+
expect {
|
36
|
+
sslctx.cacerts = []
|
37
|
+
}.to raise_error(/can't modify frozen/)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
context 'when creating an root ssl context with CA certs' do
|
42
|
+
let(:config) { { cacerts: [], crls: [], revocation: false } }
|
43
|
+
|
44
|
+
it 'accepts empty list of certs and crls' do
|
45
|
+
sslctx = subject.create_root_context(**config)
|
46
|
+
expect(sslctx.cacerts).to eq([])
|
47
|
+
expect(sslctx.crls).to eq([])
|
48
|
+
end
|
49
|
+
|
50
|
+
it 'accepts valid root certs' do
|
51
|
+
certs = [cert_fixture('ca.pem')]
|
52
|
+
sslctx = subject.create_root_context(**config.merge(cacerts: certs))
|
53
|
+
expect(sslctx.cacerts).to eq(certs)
|
54
|
+
end
|
55
|
+
|
56
|
+
it 'accepts valid intermediate certs' do
|
57
|
+
certs = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
|
58
|
+
sslctx = subject.create_root_context(**config.merge(cacerts: certs))
|
59
|
+
expect(sslctx.cacerts).to eq(certs)
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'accepts expired CA certs' do
|
63
|
+
expired = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
|
64
|
+
expired.each { |x509| x509.not_after = Time.at(0) }
|
65
|
+
|
66
|
+
sslctx = subject.create_root_context(**config.merge(cacerts: expired))
|
67
|
+
expect(sslctx.cacerts).to eq(expired)
|
68
|
+
end
|
69
|
+
|
70
|
+
it 'raises if the frozen context is modified' do
|
71
|
+
sslctx = subject.create_root_context(**config)
|
72
|
+
expect {
|
73
|
+
sslctx.verify_peer = false
|
74
|
+
}.to raise_error(/can't modify frozen/)
|
75
|
+
end
|
76
|
+
|
77
|
+
it 'verifies peer' do
|
78
|
+
sslctx = subject.create_root_context(**config)
|
79
|
+
expect(sslctx.verify_peer).to eq(true)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
context 'when creating a system ssl context' do
|
84
|
+
it 'accepts empty list of CA certs' do
|
85
|
+
sslctx = subject.create_system_context(cacerts: [])
|
86
|
+
expect(sslctx.cacerts).to eq([])
|
87
|
+
end
|
88
|
+
|
89
|
+
it 'accepts valid root certs' do
|
90
|
+
certs = [cert_fixture('ca.pem')]
|
91
|
+
sslctx = subject.create_system_context(cacerts: certs)
|
92
|
+
expect(sslctx.cacerts).to eq(certs)
|
93
|
+
end
|
94
|
+
|
95
|
+
it 'accepts valid intermediate certs' do
|
96
|
+
certs = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
|
97
|
+
sslctx = subject.create_system_context(cacerts: certs)
|
98
|
+
expect(sslctx.cacerts).to eq(certs)
|
99
|
+
end
|
100
|
+
|
101
|
+
it 'accepts expired CA certs' do
|
102
|
+
expired = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
|
103
|
+
expired.each { |x509| x509.not_after = Time.at(0) }
|
104
|
+
|
105
|
+
sslctx = subject.create_system_context(cacerts: expired)
|
106
|
+
expect(sslctx.cacerts).to eq(expired)
|
107
|
+
end
|
108
|
+
|
109
|
+
it 'raises if the frozen context is modified' do
|
110
|
+
sslctx = subject.create_system_context(cacerts: [])
|
111
|
+
expect {
|
112
|
+
sslctx.verify_peer = false
|
113
|
+
}.to raise_error(/can't modify frozen/)
|
114
|
+
end
|
115
|
+
|
116
|
+
it 'trusts system ca store by default' do
|
117
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:set_default_paths)
|
118
|
+
|
119
|
+
subject.create_system_context(cacerts: [])
|
120
|
+
end
|
121
|
+
|
122
|
+
it 'trusts an external ca store' do
|
123
|
+
path = tmpfile('system_cacerts')
|
124
|
+
File.write(path, cert_fixture('ca.pem').to_pem)
|
125
|
+
|
126
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:add_file).with(path)
|
127
|
+
|
128
|
+
subject.create_system_context(cacerts: [], path: path)
|
129
|
+
end
|
130
|
+
|
131
|
+
it 'verifies peer' do
|
132
|
+
sslctx = subject.create_system_context(cacerts: [])
|
133
|
+
expect(sslctx.verify_peer).to eq(true)
|
134
|
+
end
|
135
|
+
|
136
|
+
it 'disable revocation' do
|
137
|
+
sslctx = subject.create_system_context(cacerts: [])
|
138
|
+
expect(sslctx.revocation).to eq(false)
|
139
|
+
end
|
140
|
+
|
141
|
+
it 'sets client cert and private key to nil' do
|
142
|
+
sslctx = subject.create_system_context(cacerts: [])
|
143
|
+
expect(sslctx.client_cert).to be_nil
|
144
|
+
expect(sslctx.private_key).to be_nil
|
145
|
+
end
|
146
|
+
|
147
|
+
it 'includes the client cert and private key when requested' do
|
148
|
+
Puppet[:hostcert] = fixtures('ssl/signed.pem')
|
149
|
+
Puppet[:hostprivkey] = fixtures('ssl/signed-key.pem')
|
150
|
+
sslctx = subject.create_system_context(cacerts: [], include_client_cert: true)
|
151
|
+
expect(sslctx.client_cert).to be_an(OpenSSL::X509::Certificate)
|
152
|
+
expect(sslctx.private_key).to be_an(OpenSSL::PKey::RSA)
|
153
|
+
end
|
154
|
+
|
155
|
+
it 'ignores non-existent client cert and private key when requested' do
|
156
|
+
Puppet[:certname] = 'doesnotexist'
|
157
|
+
sslctx = subject.create_system_context(cacerts: [], include_client_cert: true)
|
158
|
+
expect(sslctx.client_cert).to be_nil
|
159
|
+
expect(sslctx.private_key).to be_nil
|
160
|
+
end
|
161
|
+
|
162
|
+
it 'warns if the client cert does not exist' do
|
163
|
+
Puppet[:certname] = 'missingcert'
|
164
|
+
Puppet[:hostprivkey] = fixtures('ssl/signed-key.pem')
|
165
|
+
|
166
|
+
expect(Puppet).to receive(:warning).with("Client certificate for 'missingcert' does not exist")
|
167
|
+
subject.create_system_context(cacerts: [], include_client_cert: true)
|
168
|
+
end
|
169
|
+
|
170
|
+
it 'warns if the private key does not exist' do
|
171
|
+
Puppet[:certname] = 'missingkey'
|
172
|
+
Puppet[:hostcert] = fixtures('ssl/signed.pem')
|
173
|
+
|
174
|
+
expect(Puppet).to receive(:warning).with("Private key for 'missingkey' does not exist")
|
175
|
+
subject.create_system_context(cacerts: [], include_client_cert: true)
|
176
|
+
end
|
177
|
+
|
178
|
+
it 'raises if client cert and private key are mismatched' do
|
179
|
+
Puppet[:hostcert] = fixtures('ssl/signed.pem')
|
180
|
+
Puppet[:hostprivkey] = fixtures('ssl/127.0.0.1-key.pem')
|
181
|
+
|
182
|
+
expect {
|
183
|
+
subject.create_system_context(cacerts: [], include_client_cert: true)
|
184
|
+
}.to raise_error(Puppet::SSL::SSLError,
|
185
|
+
"The certificate for 'CN=signed' does not match its private key")
|
186
|
+
end
|
187
|
+
|
188
|
+
it 'trusts additional system certs' do
|
189
|
+
path = tmpfile('system_cacerts')
|
190
|
+
File.write(path, cert_fixture('ca.pem').to_pem)
|
191
|
+
|
192
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:add_file).with(path)
|
193
|
+
|
194
|
+
subject.create_system_context(cacerts: [], path: path)
|
195
|
+
end
|
196
|
+
|
197
|
+
it 'ignores empty files' do
|
198
|
+
path = tmpfile('system_cacerts')
|
199
|
+
FileUtils.touch(path)
|
200
|
+
|
201
|
+
subject.create_system_context(cacerts: [], path: path)
|
202
|
+
|
203
|
+
expect(@logs).to eq([])
|
204
|
+
end
|
205
|
+
|
206
|
+
it 'prints an error if it is not a file' do
|
207
|
+
path = tmpdir('system_cacerts')
|
208
|
+
|
209
|
+
subject.create_system_context(cacerts: [], path: path)
|
210
|
+
|
211
|
+
expect(@logs).to include(an_object_having_attributes(level: :warning, message: /^The 'ssl_trust_store' setting does not refer to a file and will be ignored/))
|
212
|
+
end
|
213
|
+
end
|
214
|
+
|
215
|
+
context 'when creating an ssl context with crls' do
|
216
|
+
let(:config) { { cacerts: global_cacerts, crls: global_crls} }
|
217
|
+
|
218
|
+
it 'accepts valid CRLs' do
|
219
|
+
certs = [cert_fixture('ca.pem')]
|
220
|
+
crls = [crl_fixture('crl.pem')]
|
221
|
+
sslctx = subject.create_root_context(**config.merge(cacerts: certs, crls: crls))
|
222
|
+
expect(sslctx.crls).to eq(crls)
|
223
|
+
end
|
224
|
+
|
225
|
+
it 'accepts valid CRLs for intermediate certs' do
|
226
|
+
certs = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
|
227
|
+
crls = [crl_fixture('crl.pem'), crl_fixture('intermediate-crl.pem')]
|
228
|
+
sslctx = subject.create_root_context(**config.merge(cacerts: certs, crls: crls))
|
229
|
+
expect(sslctx.crls).to eq(crls)
|
230
|
+
end
|
231
|
+
|
232
|
+
it 'accepts expired CRLs' do
|
233
|
+
expired = [crl_fixture('crl.pem'), crl_fixture('intermediate-crl.pem')]
|
234
|
+
expired.each { |x509| x509.last_update = Time.at(0) }
|
235
|
+
|
236
|
+
sslctx = subject.create_root_context(**config.merge(crls: expired))
|
237
|
+
expect(sslctx.crls).to eq(expired)
|
238
|
+
end
|
239
|
+
|
240
|
+
it 'verifies peer' do
|
241
|
+
sslctx = subject.create_root_context(**config)
|
242
|
+
expect(sslctx.verify_peer).to eq(true)
|
243
|
+
end
|
244
|
+
end
|
245
|
+
|
246
|
+
context 'when creating an ssl context with client certs' do
|
247
|
+
let(:client_cert) { cert_fixture('signed.pem') }
|
248
|
+
let(:private_key) { key_fixture('signed-key.pem') }
|
249
|
+
let(:config) { { cacerts: global_cacerts, crls: global_crls, client_cert: client_cert, private_key: private_key } }
|
250
|
+
|
251
|
+
it 'raises if CA certs are missing' do
|
252
|
+
expect {
|
253
|
+
subject.create_context(**config.merge(cacerts: nil))
|
254
|
+
}.to raise_error(ArgumentError, /CA certs are missing/)
|
255
|
+
end
|
256
|
+
|
257
|
+
it 'raises if CRLs are are missing' do
|
258
|
+
expect {
|
259
|
+
subject.create_context(**config.merge(crls: nil))
|
260
|
+
}.to raise_error(ArgumentError, /CRLs are missing/)
|
261
|
+
end
|
262
|
+
|
263
|
+
it 'raises if private key is missing' do
|
264
|
+
expect {
|
265
|
+
subject.create_context(**config.merge(private_key: nil))
|
266
|
+
}.to raise_error(ArgumentError, /Private key is missing/)
|
267
|
+
end
|
268
|
+
|
269
|
+
it 'raises if client cert is missing' do
|
270
|
+
expect {
|
271
|
+
subject.create_context(**config.merge(client_cert: nil))
|
272
|
+
}.to raise_error(ArgumentError, /Client cert is missing/)
|
273
|
+
end
|
274
|
+
|
275
|
+
it 'accepts RSA keys' do
|
276
|
+
sslctx = subject.create_context(**config)
|
277
|
+
expect(sslctx.private_key).to eq(private_key)
|
278
|
+
end
|
279
|
+
|
280
|
+
it 'accepts EC keys' do
|
281
|
+
ec_key = ec_key_fixture('ec-key.pem')
|
282
|
+
ec_cert = cert_fixture('ec.pem')
|
283
|
+
sslctx = subject.create_context(**config.merge(client_cert: ec_cert, private_key: ec_key))
|
284
|
+
expect(sslctx.private_key).to eq(ec_key)
|
285
|
+
end
|
286
|
+
|
287
|
+
it 'raises if private key is unsupported' do
|
288
|
+
dsa_key = OpenSSL::PKey::DSA.new
|
289
|
+
expect {
|
290
|
+
subject.create_context(**config.merge(private_key: dsa_key))
|
291
|
+
}.to raise_error(Puppet::SSL::SSLError, /Unsupported key 'OpenSSL::PKey::DSA'/)
|
292
|
+
end
|
293
|
+
|
294
|
+
it 'resolves the client chain from leaf to root' do
|
295
|
+
sslctx = subject.create_context(**config)
|
296
|
+
expect(
|
297
|
+
sslctx.client_chain.map(&:subject).map(&:to_utf8)
|
298
|
+
).to eq(['CN=signed', 'CN=Test CA Subauthority', 'CN=Test CA'])
|
299
|
+
end
|
300
|
+
|
301
|
+
it 'raises if client cert signature is invalid' do
|
302
|
+
client_cert.sign(wrong_key, OpenSSL::Digest::SHA256.new)
|
303
|
+
expect {
|
304
|
+
subject.create_context(**config.merge(client_cert: client_cert))
|
305
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
306
|
+
"Invalid signature for certificate 'CN=signed'")
|
307
|
+
end
|
308
|
+
|
309
|
+
it 'raises if client cert and private key are mismatched' do
|
310
|
+
expect {
|
311
|
+
subject.create_context(**config.merge(private_key: wrong_key))
|
312
|
+
}.to raise_error(Puppet::SSL::SSLError,
|
313
|
+
"The certificate for 'CN=signed' does not match its private key")
|
314
|
+
end
|
315
|
+
|
316
|
+
it "raises if client cert's public key has been replaced" do
|
317
|
+
expect {
|
318
|
+
subject.create_context(**config.merge(client_cert: cert_fixture('tampered-cert.pem')))
|
319
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
320
|
+
"Invalid signature for certificate 'CN=signed'")
|
321
|
+
end
|
322
|
+
|
323
|
+
# This option is only available in openssl 1.1
|
324
|
+
# OpenSSL 1.1.1h no longer reports expired root CAs when using "verify".
|
325
|
+
# This regression was fixed in 1.1.1i, so only skip this test if we're on
|
326
|
+
# the affected version.
|
327
|
+
# See: https://github.com/openssl/openssl/pull/13585
|
328
|
+
if Puppet::Util::Package.versioncmp(OpenSSL::OPENSSL_LIBRARY_VERSION.split[1], '1.1.1h') != 0
|
329
|
+
it 'raises if root cert signature is invalid', if: defined?(OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE) do
|
330
|
+
ca = global_cacerts.first
|
331
|
+
ca.sign(wrong_key, OpenSSL::Digest::SHA256.new)
|
332
|
+
|
333
|
+
expect {
|
334
|
+
subject.create_context(**config.merge(cacerts: global_cacerts))
|
335
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
336
|
+
"Invalid signature for certificate 'CN=Test CA'")
|
337
|
+
end
|
338
|
+
end
|
339
|
+
|
340
|
+
it 'raises if intermediate CA signature is invalid' do
|
341
|
+
int = global_cacerts.last
|
342
|
+
int.sign(wrong_key, OpenSSL::Digest::SHA256.new)
|
343
|
+
|
344
|
+
expect {
|
345
|
+
subject.create_context(**config.merge(cacerts: global_cacerts))
|
346
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
347
|
+
"Invalid signature for certificate 'CN=Test CA Subauthority'")
|
348
|
+
end
|
349
|
+
|
350
|
+
it 'raises if CRL signature for root CA is invalid', unless: Puppet::Util::Platform.jruby? do
|
351
|
+
crl = global_crls.first
|
352
|
+
crl.sign(wrong_key, OpenSSL::Digest::SHA256.new)
|
353
|
+
|
354
|
+
expect {
|
355
|
+
subject.create_context(**config.merge(crls: global_crls))
|
356
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
357
|
+
"Invalid signature for CRL issued by 'CN=Test CA'")
|
358
|
+
end
|
359
|
+
|
360
|
+
it 'raises if CRL signature for intermediate CA is invalid', unless: Puppet::Util::Platform.jruby? do
|
361
|
+
crl = global_crls.last
|
362
|
+
crl.sign(wrong_key, OpenSSL::Digest::SHA256.new)
|
363
|
+
|
364
|
+
expect {
|
365
|
+
subject.create_context(**config.merge(crls: global_crls))
|
366
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
367
|
+
"Invalid signature for CRL issued by 'CN=Test CA Subauthority'")
|
368
|
+
end
|
369
|
+
|
370
|
+
it 'raises if client cert is revoked' do
|
371
|
+
expect {
|
372
|
+
subject.create_context(**config.merge(private_key: key_fixture('revoked-key.pem'), client_cert: cert_fixture('revoked.pem')))
|
373
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
374
|
+
"Certificate 'CN=revoked' is revoked")
|
375
|
+
end
|
376
|
+
|
377
|
+
it 'warns if intermediate issuer is missing' do
|
378
|
+
expect(Puppet).to receive(:warning).with("The issuer 'CN=Test CA Subauthority' of certificate 'CN=signed' cannot be found locally")
|
379
|
+
|
380
|
+
subject.create_context(**config.merge(cacerts: [cert_fixture('ca.pem')]))
|
381
|
+
end
|
382
|
+
|
383
|
+
it 'raises if root issuer is missing' do
|
384
|
+
expect {
|
385
|
+
subject.create_context(**config.merge(cacerts: [cert_fixture('intermediate.pem')]))
|
386
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
387
|
+
"The issuer 'CN=Test CA' of certificate 'CN=Test CA Subauthority' is missing")
|
388
|
+
end
|
389
|
+
|
390
|
+
it 'raises if cert is not valid yet', unless: Puppet::Util::Platform.jruby? do
|
391
|
+
client_cert.not_before = Time.now + (5 * 60 * 60)
|
392
|
+
expect {
|
393
|
+
subject.create_context(**config.merge(client_cert: client_cert))
|
394
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
395
|
+
"The certificate 'CN=signed' is not yet valid, verify time is synchronized")
|
396
|
+
end
|
397
|
+
|
398
|
+
it 'raises if cert is expired', unless: Puppet::Util::Platform.jruby? do
|
399
|
+
client_cert.not_after = Time.at(0)
|
400
|
+
expect {
|
401
|
+
subject.create_context(**config.merge(client_cert: client_cert))
|
402
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
403
|
+
"The certificate 'CN=signed' has expired, verify time is synchronized")
|
404
|
+
end
|
405
|
+
|
406
|
+
it 'raises if crl is not valid yet', unless: Puppet::Util::Platform.jruby? do
|
407
|
+
future_crls = global_crls
|
408
|
+
# invalidate the CRL issued by the root
|
409
|
+
future_crls.first.last_update = Time.now + (5 * 60 * 60)
|
410
|
+
|
411
|
+
expect {
|
412
|
+
subject.create_context(**config.merge(crls: future_crls))
|
413
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
414
|
+
"The CRL issued by 'CN=Test CA' is not yet valid, verify time is synchronized")
|
415
|
+
end
|
416
|
+
|
417
|
+
it 'raises if crl is expired', unless: Puppet::Util::Platform.jruby? do
|
418
|
+
past_crls = global_crls
|
419
|
+
# invalidate the CRL issued by the root
|
420
|
+
past_crls.first.next_update = Time.at(0)
|
421
|
+
|
422
|
+
expect {
|
423
|
+
subject.create_context(**config.merge(crls: past_crls))
|
424
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
425
|
+
"The CRL issued by 'CN=Test CA' has expired, verify time is synchronized")
|
426
|
+
end
|
427
|
+
|
428
|
+
it 'raises if the root CRL is missing' do
|
429
|
+
crls = [crl_fixture('intermediate-crl.pem')]
|
430
|
+
expect {
|
431
|
+
subject.create_context(**config.merge(crls: crls, revocation: :chain))
|
432
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
433
|
+
"The CRL issued by 'CN=Test CA' is missing")
|
434
|
+
end
|
435
|
+
|
436
|
+
it 'raises if the intermediate CRL is missing' do
|
437
|
+
crls = [crl_fixture('crl.pem')]
|
438
|
+
expect {
|
439
|
+
subject.create_context(**config.merge(crls: crls))
|
440
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
441
|
+
"The CRL issued by 'CN=Test CA Subauthority' is missing")
|
442
|
+
end
|
443
|
+
|
444
|
+
it "doesn't raise if the root CRL is missing and we're just checking the leaf" do
|
445
|
+
crls = [crl_fixture('intermediate-crl.pem')]
|
446
|
+
subject.create_context(**config.merge(crls: crls, revocation: :leaf))
|
447
|
+
end
|
448
|
+
|
449
|
+
it "doesn't raise if the intermediate CRL is missing and revocation checking is disabled" do
|
450
|
+
crls = [crl_fixture('crl.pem')]
|
451
|
+
subject.create_context(**config.merge(crls: crls, revocation: false))
|
452
|
+
end
|
453
|
+
|
454
|
+
it "doesn't raise if both CRLs are missing and revocation checking is disabled" do
|
455
|
+
subject.create_context(**config.merge(crls: [], revocation: false))
|
456
|
+
end
|
457
|
+
|
458
|
+
# OpenSSL < 1.1 does not verify basicConstraints
|
459
|
+
it "raises if root CA's isCA basic constraint is false", unless: Puppet::Util::Platform.jruby? || OpenSSL::OPENSSL_VERSION_NUMBER < 0x10100000 do
|
460
|
+
certs = [cert_fixture('bad-basic-constraints.pem'), cert_fixture('intermediate.pem')]
|
461
|
+
|
462
|
+
expect {
|
463
|
+
subject.create_context(**config.merge(cacerts: certs, crls: [], revocation: false))
|
464
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
465
|
+
"Certificate 'CN=Test CA' failed verification (24): invalid CA certificate")
|
466
|
+
end
|
467
|
+
|
468
|
+
# OpenSSL < 1.1 does not verify basicConstraints
|
469
|
+
it "raises if intermediate CA's isCA basic constraint is false", unless: Puppet::Util::Platform.jruby? || OpenSSL::OPENSSL_VERSION_NUMBER < 0x10100000 do
|
470
|
+
certs = [cert_fixture('ca.pem'), cert_fixture('bad-int-basic-constraints.pem')]
|
471
|
+
|
472
|
+
expect {
|
473
|
+
subject.create_context(**config.merge(cacerts: certs, crls: [], revocation: false))
|
474
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
475
|
+
"Certificate 'CN=Test CA Subauthority' failed verification (24): invalid CA certificate")
|
476
|
+
end
|
477
|
+
|
478
|
+
it 'accepts CA certs in any order' do
|
479
|
+
sslctx = subject.create_context(**config.merge(cacerts: global_cacerts.reverse))
|
480
|
+
# certs in ruby+openssl 1.0.x are not comparable, so compare subjects
|
481
|
+
expect(sslctx.client_chain.map(&:subject).map(&:to_utf8)).to contain_exactly('CN=Test CA', 'CN=Test CA Subauthority', 'CN=signed')
|
482
|
+
end
|
483
|
+
|
484
|
+
it 'accepts CRLs in any order' do
|
485
|
+
sslctx = subject.create_context(**config.merge(crls: global_crls.reverse))
|
486
|
+
# certs in ruby+openssl 1.0.x are not comparable, so compare subjects
|
487
|
+
expect(sslctx.client_chain.map(&:subject).map(&:to_utf8)).to contain_exactly('CN=Test CA', 'CN=Test CA Subauthority', 'CN=signed')
|
488
|
+
end
|
489
|
+
|
490
|
+
it 'raises if the frozen context is modified' do
|
491
|
+
sslctx = subject.create_context(**config)
|
492
|
+
expect {
|
493
|
+
sslctx.verify_peer = false
|
494
|
+
}.to raise_error(/can't modify frozen/)
|
495
|
+
end
|
496
|
+
|
497
|
+
it 'verifies peer' do
|
498
|
+
sslctx = subject.create_context(**config)
|
499
|
+
expect(sslctx.verify_peer).to eq(true)
|
500
|
+
end
|
501
|
+
|
502
|
+
it 'does not trust the system ca store by default' do
|
503
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:set_default_paths).never
|
504
|
+
|
505
|
+
subject.create_context(**config)
|
506
|
+
end
|
507
|
+
|
508
|
+
it 'trusts the system ca store' do
|
509
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:set_default_paths)
|
510
|
+
|
511
|
+
subject.create_context(**config.merge(include_system_store: true))
|
512
|
+
end
|
513
|
+
end
|
514
|
+
|
515
|
+
context 'when loading an ssl context' do
|
516
|
+
let(:client_cert) { cert_fixture('signed.pem') }
|
517
|
+
let(:private_key) { key_fixture('signed-key.pem') }
|
518
|
+
let(:doesnt_exist) { '/does/not/exist' }
|
519
|
+
|
520
|
+
before :each do
|
521
|
+
Puppet[:localcacert] = file_containing('global_cacerts', global_cacerts.first.to_pem)
|
522
|
+
Puppet[:hostcrl] = file_containing('global_crls', global_crls.first.to_pem)
|
523
|
+
|
524
|
+
Puppet[:certname] = 'signed'
|
525
|
+
Puppet[:privatekeydir] = tmpdir('privatekeydir')
|
526
|
+
File.write(File.join(Puppet[:privatekeydir], 'signed.pem'), private_key.to_pem)
|
527
|
+
|
528
|
+
Puppet[:certdir] = tmpdir('privatekeydir')
|
529
|
+
File.write(File.join(Puppet[:certdir], 'signed.pem'), client_cert.to_pem)
|
530
|
+
end
|
531
|
+
|
532
|
+
it 'raises if CA certs are missing' do
|
533
|
+
Puppet[:localcacert] = doesnt_exist
|
534
|
+
|
535
|
+
expect {
|
536
|
+
subject.load_context
|
537
|
+
}.to raise_error(Puppet::Error, /The CA certificates are missing from/)
|
538
|
+
end
|
539
|
+
|
540
|
+
it 'raises if the CRL is missing' do
|
541
|
+
Puppet[:hostcrl] = doesnt_exist
|
542
|
+
|
543
|
+
expect {
|
544
|
+
subject.load_context
|
545
|
+
}.to raise_error(Puppet::Error, /The CRL is missing from/)
|
546
|
+
end
|
547
|
+
|
548
|
+
it 'does not raise if the CRL is missing and revocation is disabled' do
|
549
|
+
Puppet[:hostcrl] = doesnt_exist
|
550
|
+
|
551
|
+
subject.load_context(revocation: false)
|
552
|
+
end
|
553
|
+
|
554
|
+
it 'raises if the private key is missing' do
|
555
|
+
Puppet[:privatekeydir] = doesnt_exist
|
556
|
+
|
557
|
+
expect {
|
558
|
+
subject.load_context
|
559
|
+
}.to raise_error(Puppet::Error, /The private key is missing from/)
|
560
|
+
end
|
561
|
+
|
562
|
+
it 'raises if the client cert is missing' do
|
563
|
+
Puppet[:certdir] = doesnt_exist
|
564
|
+
|
565
|
+
expect {
|
566
|
+
subject.load_context
|
567
|
+
}.to raise_error(Puppet::Error, /The client certificate is missing from/)
|
568
|
+
end
|
569
|
+
|
570
|
+
it 'loads the private key and client cert' do
|
571
|
+
ssl_context = subject.load_context
|
572
|
+
|
573
|
+
expect(ssl_context.private_key).to be_an(OpenSSL::PKey::RSA)
|
574
|
+
expect(ssl_context.client_cert).to be_an(OpenSSL::X509::Certificate)
|
575
|
+
end
|
576
|
+
|
577
|
+
it 'loads a password protected key and client cert' do
|
578
|
+
FileUtils.cp(File.join(PuppetSpec::FIXTURE_DIR, 'ssl', 'encrypted-key.pem'), File.join(Puppet[:privatekeydir], 'signed.pem'))
|
579
|
+
|
580
|
+
ssl_context = subject.load_context(password: '74695716c8b6')
|
581
|
+
|
582
|
+
expect(ssl_context.private_key).to be_an(OpenSSL::PKey::RSA)
|
583
|
+
expect(ssl_context.client_cert).to be_an(OpenSSL::X509::Certificate)
|
584
|
+
end
|
585
|
+
|
586
|
+
it 'raises if the password is incorrect' do
|
587
|
+
FileUtils.cp(File.join(PuppetSpec::FIXTURE_DIR, 'ssl', 'encrypted-key.pem'), File.join(Puppet[:privatekeydir], 'signed.pem'))
|
588
|
+
|
589
|
+
expect {
|
590
|
+
subject.load_context(password: 'wrongpassword')
|
591
|
+
}.to raise_error(Puppet::SSL::SSLError, /Failed to load private key for host 'signed': Could not parse PKey/)
|
592
|
+
end
|
593
|
+
|
594
|
+
it 'does not trust the system ca store by default' do
|
595
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:set_default_paths).never
|
596
|
+
|
597
|
+
subject.load_context
|
598
|
+
end
|
599
|
+
|
600
|
+
it 'trusts the system ca store' do
|
601
|
+
expect_any_instance_of(OpenSSL::X509::Store).to receive(:set_default_paths)
|
602
|
+
|
603
|
+
subject.load_context(include_system_store: true)
|
604
|
+
end
|
605
|
+
end
|
606
|
+
|
607
|
+
context 'when verifying requests' do
|
608
|
+
let(:csr) { request_fixture('request.pem') }
|
609
|
+
|
610
|
+
it 'accepts valid requests' do
|
611
|
+
private_key = key_fixture('request-key.pem')
|
612
|
+
expect(subject.verify_request(csr, private_key.public_key)).to eq(csr)
|
613
|
+
end
|
614
|
+
|
615
|
+
it "raises if the CSR was signed by a private key that doesn't match public key" do
|
616
|
+
expect {
|
617
|
+
subject.verify_request(csr, wrong_key.public_key)
|
618
|
+
}.to raise_error(Puppet::SSL::SSLError,
|
619
|
+
"The CSR for host 'CN=pending' does not match the public key")
|
620
|
+
end
|
621
|
+
|
622
|
+
it "raises if the CSR was tampered with" do
|
623
|
+
csr = request_fixture('tampered-csr.pem')
|
624
|
+
expect {
|
625
|
+
subject.verify_request(csr, csr.public_key)
|
626
|
+
}.to raise_error(Puppet::SSL::SSLError,
|
627
|
+
"The CSR for host 'CN=signed' does not match the public key")
|
628
|
+
end
|
629
|
+
end
|
630
|
+
end
|