puppet 5.5.12-x64-mingw32 → 5.5.13-x64-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +0 -5
- data/Gemfile.lock +11 -11
- data/lib/puppet/application/filebucket.rb +4 -0
- data/lib/puppet/configurer.rb +9 -3
- data/lib/puppet/indirector/request.rb +26 -15
- data/lib/puppet/indirector/rest.rb +16 -7
- data/lib/puppet/network/http/connection.rb +15 -7
- data/lib/puppet/transaction/event_manager.rb +1 -5
- data/lib/puppet/type/file/source.rb +0 -1
- data/lib/puppet/util/http_proxy.rb +3 -2
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +108 -36
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-ca.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-cert.8 +1 -1
- data/man/man8/puppet-certificate.8 +1 -1
- data/man/man8/puppet-certificate_request.8 +1 -1
- data/man/man8/puppet-certificate_revocation_list.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-master.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/agent/logging_spec.rb +5 -7
- data/spec/integration/application/apply_spec.rb +28 -26
- data/spec/integration/application/doc_spec.rb +1 -2
- data/spec/integration/application/lookup_spec.rb +5 -5
- data/spec/integration/configurer_spec.rb +5 -6
- data/spec/integration/defaults_spec.rb +5 -6
- data/spec/integration/directory_environments_spec.rb +1 -1
- data/spec/integration/faces/ca_spec.rb +2 -3
- data/spec/integration/faces/config_spec.rb +3 -4
- data/spec/integration/faces/documentation_spec.rb +0 -1
- data/spec/integration/faces/plugin_spec.rb +1 -1
- data/spec/integration/file_bucket/file_spec.rb +3 -5
- data/spec/integration/file_serving/content_spec.rb +0 -1
- data/spec/integration/file_serving/fileset_spec.rb +0 -1
- data/spec/integration/file_serving/metadata_spec.rb +0 -1
- data/spec/integration/file_serving/terminus_helper_spec.rb +0 -1
- data/spec/integration/indirector/catalog/compiler_spec.rb +10 -11
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -1
- data/spec/integration/indirector/facts/facter_spec.rb +5 -5
- data/spec/integration/indirector/file_content/file_server_spec.rb +7 -8
- data/spec/integration/indirector/file_metadata/file_server_spec.rb +7 -8
- data/spec/integration/indirector/node/ldap_spec.rb +2 -3
- data/spec/integration/network/authconfig_spec.rb +23 -24
- data/spec/integration/network/formats_spec.rb +0 -1
- data/spec/integration/network/http/api/indirected_routes_spec.rb +0 -1
- data/spec/integration/node/environment_spec.rb +0 -1
- data/spec/integration/node/facts_spec.rb +9 -10
- data/spec/integration/node_spec.rb +6 -7
- data/spec/integration/parser/catalog_spec.rb +4 -2
- data/spec/integration/parser/collection_spec.rb +1 -2
- data/spec/integration/parser/compiler_spec.rb +6 -6
- data/spec/integration/parser/scope_spec.rb +1 -1
- data/spec/integration/parser/undef_param_spec.rb +1 -1
- data/spec/integration/provider/cron/crontab_spec.rb +8 -10
- data/spec/integration/provider/mailalias/aliases_spec.rb +0 -1
- data/spec/integration/provider/mount_spec.rb +9 -9
- data/spec/integration/provider/service/init_spec.rb +4 -5
- data/spec/integration/provider/service/systemd_spec.rb +0 -2
- data/spec/integration/provider/service/windows_spec.rb +1 -2
- data/spec/integration/provider/ssh_authorized_key_spec.rb +6 -8
- data/spec/integration/provider/sshkey_spec.rb +6 -12
- data/spec/integration/provider/yumrepo_spec.rb +8 -12
- data/spec/integration/reference/providers_spec.rb +0 -1
- data/spec/integration/reports_spec.rb +1 -2
- data/spec/integration/resource/catalog_spec.rb +14 -17
- data/spec/integration/resource/type_collection_spec.rb +4 -5
- data/spec/integration/ssl/certificate_authority_spec.rb +0 -1
- data/spec/integration/ssl/certificate_request_spec.rb +0 -1
- data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -1
- data/spec/integration/ssl/host_spec.rb +0 -1
- data/spec/integration/ssl/key_spec.rb +0 -1
- data/spec/integration/test/test_helper_spec.rb +1 -2
- data/spec/integration/transaction/report_spec.rb +6 -11
- data/spec/integration/transaction_spec.rb +18 -19
- data/spec/integration/type/exec_spec.rb +0 -1
- data/spec/integration/type/file_spec.rb +13 -14
- data/spec/integration/type/nagios_spec.rb +3 -5
- data/spec/integration/type/package_spec.rb +19 -23
- data/spec/integration/type/tidy_spec.rb +1 -2
- data/spec/integration/type/user_spec.rb +0 -1
- data/spec/integration/type_spec.rb +0 -1
- data/spec/integration/util/autoload_spec.rb +1 -2
- data/spec/integration/util/rdoc/parser_spec.rb +0 -1
- data/spec/integration/util/settings_spec.rb +0 -1
- data/spec/integration/util/windows/adsi_spec.rb +3 -5
- data/spec/integration/util/windows/principal_spec.rb +0 -1
- data/spec/integration/util/windows/process_spec.rb +4 -6
- data/spec/integration/util/windows/registry_spec.rb +41 -51
- data/spec/integration/util/windows/security_spec.rb +2 -4
- data/spec/integration/util/windows/user_spec.rb +18 -20
- data/spec/integration/util_spec.rb +4 -7
- data/spec/lib/puppet_spec/compiler.rb +1 -1
- data/spec/lib/puppet_spec/files.rb +0 -1
- data/spec/lib/puppet_spec/module_tool/shared_functions.rb +1 -1
- data/spec/lib/puppet_spec/scope.rb +1 -2
- data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
- data/spec/shared_behaviours/file_server_terminus.rb +8 -9
- data/spec/shared_behaviours/file_serving.rb +6 -8
- data/spec/shared_behaviours/file_serving_model.rb +4 -6
- data/spec/shared_behaviours/hiera_indirections.rb +3 -4
- data/spec/shared_behaviours/iterative_functions.rb +0 -1
- data/spec/shared_behaviours/memory_terminus.rb +2 -2
- data/spec/shared_examples/rhel_package_provider.rb +112 -70
- data/spec/spec_helper.rb +11 -2
- data/spec/unit/agent/disabler_spec.rb +4 -5
- data/spec/unit/agent/locker_spec.rb +12 -13
- data/spec/unit/agent_spec.rb +80 -85
- data/spec/unit/application/agent_spec.rb +88 -93
- data/spec/unit/application/apply_spec.rb +78 -79
- data/spec/unit/application/cert_spec.rb +42 -49
- data/spec/unit/application/certificate_spec.rb +2 -3
- data/spec/unit/application/config_spec.rb +0 -1
- data/spec/unit/application/describe_spec.rb +6 -7
- data/spec/unit/application/device_spec.rb +175 -184
- data/spec/unit/application/doc_spec.rb +44 -46
- data/spec/unit/application/face_base_spec.rb +61 -62
- data/spec/unit/application/facts_spec.rb +3 -4
- data/spec/unit/application/filebucket_spec.rb +66 -74
- data/spec/unit/application/indirection_base_spec.rb +8 -6
- data/spec/unit/application/lookup_spec.rb +26 -26
- data/spec/unit/application/master_spec.rb +95 -95
- data/spec/unit/application/resource_spec.rb +42 -48
- data/spec/unit/application_spec.rb +74 -84
- data/spec/unit/capability_spec.rb +9 -6
- data/spec/unit/configurer/downloader_spec.rb +20 -21
- data/spec/unit/configurer/fact_handler_spec.rb +2 -3
- data/spec/unit/configurer/plugin_handler_spec.rb +41 -8
- data/spec/unit/configurer_spec.rb +190 -193
- data/spec/unit/confine/exists_spec.rb +17 -15
- data/spec/unit/confine/false_spec.rb +5 -6
- data/spec/unit/confine/feature_spec.rb +7 -5
- data/spec/unit/confine/true_spec.rb +5 -6
- data/spec/unit/confine/variable_spec.rb +14 -15
- data/spec/unit/confine_collection_spec.rb +28 -29
- data/spec/unit/confine_spec.rb +13 -14
- data/spec/unit/confiner_spec.rb +10 -11
- data/spec/unit/context/trusted_information_spec.rb +1 -1
- data/spec/unit/daemon_spec.rb +34 -35
- data/spec/unit/data_providers/function_data_provider_spec.rb +0 -1
- data/spec/unit/data_providers/hiera_data_provider_spec.rb +0 -1
- data/spec/unit/datatypes_spec.rb +3 -4
- data/spec/unit/defaults_spec.rb +17 -12
- data/spec/unit/environments_spec.rb +7 -7
- data/spec/unit/etc_spec.rb +30 -32
- data/spec/unit/external/pson_spec.rb +0 -1
- data/spec/unit/face/ca_spec.rb +0 -1
- data/spec/unit/face/catalog_spec.rb +0 -1
- data/spec/unit/face/certificate_request_spec.rb +0 -1
- data/spec/unit/face/certificate_revocation_list_spec.rb +0 -1
- data/spec/unit/face/certificate_spec.rb +7 -10
- data/spec/unit/face/config_spec.rb +31 -35
- data/spec/unit/face/epp_face_spec.rb +3 -4
- data/spec/unit/face/facts_spec.rb +5 -6
- data/spec/unit/face/generate_spec.rb +4 -5
- data/spec/unit/face/help_spec.rb +7 -8
- data/spec/unit/face/key_spec.rb +0 -1
- data/spec/unit/face/man_spec.rb +1 -2
- data/spec/unit/face/module/build_spec.rb +17 -17
- data/spec/unit/face/module/install_spec.rb +3 -5
- data/spec/unit/face/module/list_spec.rb +2 -12
- data/spec/unit/face/module/search_spec.rb +11 -9
- data/spec/unit/face/module/uninstall_spec.rb +4 -8
- data/spec/unit/face/node_spec.rb +33 -34
- data/spec/unit/face/parser_spec.rb +3 -3
- data/spec/unit/face/plugin_spec.rb +36 -9
- data/spec/unit/face/status_spec.rb +0 -1
- data/spec/unit/file_bucket/dipper_spec.rb +24 -20
- data/spec/unit/file_bucket/file_spec.rb +0 -2
- data/spec/unit/file_serving/base_spec.rb +16 -17
- data/spec/unit/file_serving/configuration/parser_spec.rb +27 -28
- data/spec/unit/file_serving/configuration_spec.rb +63 -66
- data/spec/unit/file_serving/content_spec.rb +10 -11
- data/spec/unit/file_serving/fileset_spec.rb +63 -58
- data/spec/unit/file_serving/http_metadata_spec.rb +8 -7
- data/spec/unit/file_serving/metadata_spec.rb +36 -36
- data/spec/unit/file_serving/mount/file_spec.rb +31 -32
- data/spec/unit/file_serving/mount/locales_spec.rb +23 -24
- data/spec/unit/file_serving/mount/modules_spec.rb +14 -15
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +23 -24
- data/spec/unit/file_serving/mount/plugins_spec.rb +23 -24
- data/spec/unit/file_serving/mount/tasks_spec.rb +14 -15
- data/spec/unit/file_serving/mount_spec.rb +0 -1
- data/spec/unit/file_serving/terminus_helper_spec.rb +37 -42
- data/spec/unit/file_serving/terminus_selector_spec.rb +12 -13
- data/spec/unit/file_system/uniquefile_spec.rb +4 -4
- data/spec/unit/file_system_spec.rb +2 -2
- data/spec/unit/forge/errors_spec.rb +1 -1
- data/spec/unit/forge/forge_spec.rb +13 -14
- data/spec/unit/forge/module_release_spec.rb +18 -18
- data/spec/unit/forge/repository_spec.rb +29 -30
- data/spec/unit/forge_spec.rb +15 -11
- data/spec/unit/functions/binary_file_spec.rb +3 -3
- data/spec/unit/functions/contain_spec.rb +0 -2
- data/spec/unit/functions/defined_spec.rb +0 -1
- data/spec/unit/functions/epp_spec.rb +2 -2
- data/spec/unit/functions/find_file_spec.rb +7 -7
- data/spec/unit/functions/include_spec.rb +0 -4
- data/spec/unit/functions/lookup_fixture_spec.rb +0 -1
- data/spec/unit/functions/lookup_spec.rb +1 -2
- data/spec/unit/functions/module_directory_spec.rb +12 -12
- data/spec/unit/functions/require_spec.rb +0 -3
- data/spec/unit/functions/shared.rb +5 -8
- data/spec/unit/functions/versioncmp_spec.rb +1 -2
- data/spec/unit/functions4_spec.rb +7 -8
- data/spec/unit/gettext/config_spec.rb +4 -4
- data/spec/unit/gettext/module_loading_spec.rb +7 -7
- data/spec/unit/graph/rb_tree_map_spec.rb +0 -2
- data/spec/unit/graph/relationship_graph_spec.rb +1 -2
- data/spec/unit/graph/simple_graph_spec.rb +8 -9
- data/spec/unit/hiera_puppet_spec.rb +20 -20
- data/spec/unit/indirector/catalog/compiler_spec.rb +147 -149
- data/spec/unit/indirector/catalog/json_spec.rb +1 -2
- data/spec/unit/indirector/catalog/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/catalog/rest_spec.rb +0 -1
- data/spec/unit/indirector/catalog/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/catalog/yaml_spec.rb +0 -1
- data/spec/unit/indirector/certificate/ca_spec.rb +2 -4
- data/spec/unit/indirector/certificate/disabled_ca_spec.rb +1 -2
- data/spec/unit/indirector/certificate/file_spec.rb +2 -3
- data/spec/unit/indirector/certificate/rest_spec.rb +8 -10
- data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -1
- data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +1 -2
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -1
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -1
- data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +1 -2
- data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +1 -2
- data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +1 -2
- data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +2 -3
- data/spec/unit/indirector/certificate_status/file_spec.rb +2 -3
- data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -1
- data/spec/unit/indirector/code_spec.rb +5 -6
- data/spec/unit/indirector/direct_file_server_spec.rb +33 -27
- data/spec/unit/indirector/envelope_spec.rb +1 -2
- data/spec/unit/indirector/exec_spec.rb +15 -14
- data/spec/unit/indirector/face_spec.rb +9 -9
- data/spec/unit/indirector/facts/facter_spec.rb +37 -43
- data/spec/unit/indirector/facts/network_device_spec.rb +8 -9
- data/spec/unit/indirector/facts/rest_spec.rb +7 -8
- data/spec/unit/indirector/facts/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/facts/yaml_spec.rb +2 -4
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +3 -4
- data/spec/unit/indirector/file_bucket_file/rest_spec.rb +0 -1
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +4 -5
- data/spec/unit/indirector/file_content/file_server_spec.rb +0 -1
- data/spec/unit/indirector/file_content/file_spec.rb +0 -1
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -1
- data/spec/unit/indirector/file_content/selector_spec.rb +0 -1
- data/spec/unit/indirector/file_metadata/file_server_spec.rb +0 -1
- data/spec/unit/indirector/file_metadata/file_spec.rb +12 -13
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -1
- data/spec/unit/indirector/file_metadata/selector_spec.rb +0 -1
- data/spec/unit/indirector/file_server_spec.rb +99 -93
- data/spec/unit/indirector/indirection_spec.rb +242 -226
- data/spec/unit/indirector/json_spec.rb +7 -9
- data/spec/unit/indirector/key/ca_spec.rb +2 -3
- data/spec/unit/indirector/key/disabled_ca_spec.rb +1 -2
- data/spec/unit/indirector/key/file_spec.rb +25 -26
- data/spec/unit/indirector/ldap_spec.rb +34 -41
- data/spec/unit/indirector/memory_spec.rb +6 -7
- data/spec/unit/indirector/msgpack_spec.rb +7 -9
- data/spec/unit/indirector/node/exec_spec.rb +6 -6
- data/spec/unit/indirector/node/ldap_spec.rb +74 -76
- data/spec/unit/indirector/node/memory_spec.rb +2 -4
- data/spec/unit/indirector/node/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/node/plain_spec.rb +2 -4
- data/spec/unit/indirector/node/rest_spec.rb +0 -1
- data/spec/unit/indirector/node/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/node/write_only_yaml_spec.rb +1 -2
- data/spec/unit/indirector/node/yaml_spec.rb +0 -1
- data/spec/unit/indirector/none_spec.rb +5 -5
- data/spec/unit/indirector/plain_spec.rb +7 -8
- data/spec/unit/indirector/report/msgpack_spec.rb +0 -1
- data/spec/unit/indirector/report/processor_spec.rb +21 -22
- data/spec/unit/indirector/report/rest_spec.rb +11 -12
- data/spec/unit/indirector/report/yaml_spec.rb +0 -1
- data/spec/unit/indirector/request_spec.rb +11 -12
- data/spec/unit/indirector/resource/ral_spec.rb +47 -54
- data/spec/unit/indirector/resource/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/rest_spec.rb +113 -110
- data/spec/unit/indirector/ssl_file_spec.rb +74 -77
- data/spec/unit/indirector/status/local_spec.rb +0 -1
- data/spec/unit/indirector/status/rest_spec.rb +0 -1
- data/spec/unit/indirector/store_configs_spec.rb +0 -1
- data/spec/unit/indirector/terminus_spec.rb +31 -29
- data/spec/unit/indirector/yaml_spec.rb +33 -32
- data/spec/unit/indirector_spec.rb +1 -2
- data/spec/unit/info_service_spec.rb +3 -1
- data/spec/unit/interface/action_builder_spec.rb +0 -1
- data/spec/unit/interface/action_manager_spec.rb +0 -1
- data/spec/unit/interface/action_spec.rb +2 -3
- data/spec/unit/interface/documentation_spec.rb +0 -1
- data/spec/unit/interface/face_collection_spec.rb +19 -12
- data/spec/unit/interface_spec.rb +3 -3
- data/spec/unit/man_spec.rb +3 -4
- data/spec/unit/module_spec.rb +46 -51
- data/spec/unit/module_tool/applications/builder_spec.rb +5 -5
- data/spec/unit/module_tool/applications/installer_spec.rb +10 -11
- data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
- data/spec/unit/module_tool/applications/uninstaller_spec.rb +1 -2
- data/spec/unit/module_tool/applications/unpacker_spec.rb +13 -13
- data/spec/unit/module_tool/applications/upgrader_spec.rb +5 -5
- data/spec/unit/module_tool/install_directory_spec.rb +8 -8
- data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
- data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
- data/spec/unit/module_tool/tar/mini_spec.rb +12 -12
- data/spec/unit/module_tool/tar_spec.rb +12 -13
- data/spec/unit/module_tool_spec.rb +7 -12
- data/spec/unit/network/auth_config_parser_spec.rb +11 -13
- data/spec/unit/network/authconfig_spec.rb +17 -18
- data/spec/unit/network/authorization_spec.rb +4 -5
- data/spec/unit/network/authstore_spec.rb +0 -1
- data/spec/unit/network/format_handler_spec.rb +0 -1
- data/spec/unit/network/format_spec.rb +9 -10
- data/spec/unit/network/format_support_spec.rb +28 -29
- data/spec/unit/network/formats_spec.rb +4 -5
- data/spec/unit/network/http/api/ca/v1_spec.rb +1 -1
- data/spec/unit/network/http/api/indirected_routes_spec.rb +22 -29
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +2 -2
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -1
- data/spec/unit/network/http/api/master/v3/environments_spec.rb +6 -7
- data/spec/unit/network/http/api_spec.rb +1 -3
- data/spec/unit/network/http/compression_spec.rb +21 -22
- data/spec/unit/network/http/connection_spec.rb +39 -36
- data/spec/unit/network/http/factory_spec.rb +5 -6
- data/spec/unit/network/http/handler_spec.rb +9 -18
- data/spec/unit/network/http/nocache_pool_spec.rb +6 -7
- data/spec/unit/network/http/pool_spec.rb +28 -29
- data/spec/unit/network/http/rack/rest_spec.rb +24 -27
- data/spec/unit/network/http/rack_spec.rb +5 -6
- data/spec/unit/network/http/request_spec.rb +0 -2
- data/spec/unit/network/http/response_spec.rb +11 -13
- data/spec/unit/network/http/route_spec.rb +0 -1
- data/spec/unit/network/http/session_spec.rb +1 -2
- data/spec/unit/network/http/site_spec.rb +0 -1
- data/spec/unit/network/http/webrick/rest_spec.rb +40 -41
- data/spec/unit/network/http/webrick_spec.rb +49 -52
- data/spec/unit/network/http_pool_spec.rb +18 -9
- data/spec/unit/network/http_spec.rb +0 -1
- data/spec/unit/network/resolver_spec.rb +16 -17
- data/spec/unit/network/rights_spec.rb +52 -53
- data/spec/unit/network/server_spec.rb +12 -13
- data/spec/unit/node/environment_spec.rb +16 -14
- data/spec/unit/node/facts_spec.rb +5 -7
- data/spec/unit/node_spec.rb +4 -10
- data/spec/unit/other/selinux_spec.rb +2 -3
- data/spec/unit/parameter/boolean_spec.rb +1 -2
- data/spec/unit/parameter/package_options_spec.rb +1 -2
- data/spec/unit/parameter/path_spec.rb +0 -1
- data/spec/unit/parameter/value_collection_spec.rb +0 -1
- data/spec/unit/parameter/value_spec.rb +0 -1
- data/spec/unit/parameter_spec.rb +9 -9
- data/spec/unit/parser/ast/block_expression_spec.rb +6 -8
- data/spec/unit/parser/ast/leaf_spec.rb +20 -21
- data/spec/unit/parser/compiler_spec.rb +84 -96
- data/spec/unit/parser/environment_compiler_spec.rb +11 -9
- data/spec/unit/parser/files_spec.rb +0 -1
- data/spec/unit/parser/functions/create_resources_spec.rb +1 -1
- data/spec/unit/parser/functions/digest_spec.rb +0 -1
- data/spec/unit/parser/functions/fail_spec.rb +1 -2
- data/spec/unit/parser/functions/file_spec.rb +13 -14
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +5 -6
- data/spec/unit/parser/functions/generate_spec.rb +7 -8
- data/spec/unit/parser/functions/inline_template_spec.rb +0 -1
- data/spec/unit/parser/functions/regsubst_spec.rb +0 -1
- data/spec/unit/parser/functions/scanf_spec.rb +0 -1
- data/spec/unit/parser/functions/shellquote_spec.rb +0 -1
- data/spec/unit/parser/functions/split_spec.rb +0 -1
- data/spec/unit/parser/functions/sprintf_spec.rb +0 -1
- data/spec/unit/parser/functions/tag_spec.rb +1 -2
- data/spec/unit/parser/functions/tagged_spec.rb +2 -3
- data/spec/unit/parser/functions/template_spec.rb +13 -13
- data/spec/unit/parser/functions/versioncmp_spec.rb +1 -2
- data/spec/unit/parser/functions_spec.rb +3 -4
- data/spec/unit/parser/relationship_spec.rb +0 -1
- data/spec/unit/parser/resource_spec.rb +42 -42
- data/spec/unit/parser/scope_spec.rb +39 -35
- data/spec/unit/parser/templatewrapper_spec.rb +11 -12
- data/spec/unit/parser/type_loader_spec.rb +17 -19
- data/spec/unit/pops/adaptable_spec.rb +0 -1
- data/spec/unit/pops/benchmark_spec.rb +0 -1
- data/spec/unit/pops/evaluator/access_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/evaluator/collections_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/comparison_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/conditionals_spec.rb +0 -1
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +6 -6
- data/spec/unit/pops/evaluator/logical_ops_spec.rb +0 -1
- data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +0 -1
- data/spec/unit/pops/evaluator/string_interpolation_spec.rb +0 -1
- data/spec/unit/pops/evaluator/variables_spec.rb +0 -1
- data/spec/unit/pops/factory_spec.rb +3 -4
- data/spec/unit/pops/issues_spec.rb +19 -20
- data/spec/unit/pops/loaders/loader_spec.rb +8 -4
- data/spec/unit/pops/loaders/loaders_spec.rb +30 -27
- data/spec/unit/pops/lookup/context_spec.rb +0 -1
- data/spec/unit/pops/lookup/interpolation_spec.rb +2 -3
- data/spec/unit/pops/merge_strategy_spec.rb +0 -1
- data/spec/unit/pops/migration_spec.rb +3 -5
- data/spec/unit/pops/model/model_spec.rb +0 -1
- data/spec/unit/pops/model/pn_transformer_spec.rb +0 -1
- data/spec/unit/pops/parser/locator_spec.rb +3 -6
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_calls_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_conditionals_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_plan_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_resource_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -1
- data/spec/unit/pops/parser/pn_parser_spec.rb +0 -1
- data/spec/unit/pops/pn_spec.rb +0 -1
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -1
- data/spec/unit/pops/serialization/serialization_spec.rb +1 -1
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
- data/spec/unit/pops/types/ruby_generator_spec.rb +2 -2
- data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
- data/spec/unit/pops/types/type_calculator_spec.rb +36 -36
- data/spec/unit/pops/types/type_parser_spec.rb +13 -13
- data/spec/unit/pops/validator/validator_spec.rb +1 -2
- data/spec/unit/pops/visitor_spec.rb +0 -1
- data/spec/unit/property/boolean_spec.rb +1 -1
- data/spec/unit/property/ensure_spec.rb +0 -1
- data/spec/unit/property/keyvalue_spec.rb +32 -34
- data/spec/unit/property/list_spec.rb +26 -27
- data/spec/unit/property/ordered_list_spec.rb +10 -14
- data/spec/unit/property_spec.rb +42 -43
- data/spec/unit/provider/aix_object_spec.rb +47 -45
- data/spec/unit/provider/augeas/augeas_spec.rb +192 -192
- data/spec/unit/provider/cisco_spec.rb +1 -2
- data/spec/unit/provider/command_spec.rb +9 -9
- data/spec/unit/provider/cron/crontab_spec.rb +10 -11
- data/spec/unit/provider/cron/parsed_spec.rb +22 -24
- data/spec/unit/provider/exec/posix_spec.rb +6 -7
- data/spec/unit/provider/exec/shell_spec.rb +0 -1
- data/spec/unit/provider/exec/windows_spec.rb +2 -4
- data/spec/unit/provider/exec_spec.rb +0 -1
- data/spec/unit/provider/file/posix_spec.rb +22 -24
- data/spec/unit/provider/file/windows_spec.rb +15 -17
- data/spec/unit/provider/group/aix_spec.rb +3 -2
- data/spec/unit/provider/group/groupadd_spec.rb +30 -26
- data/spec/unit/provider/group/ldap_spec.rb +18 -18
- data/spec/unit/provider/group/pw_spec.rb +11 -11
- data/spec/unit/provider/group/windows_adsi_spec.rb +54 -54
- data/spec/unit/provider/host/parsed_spec.rb +6 -6
- data/spec/unit/provider/interface/cisco_spec.rb +20 -24
- data/spec/unit/provider/ldap_spec.rb +61 -62
- data/spec/unit/provider/macauthorization_spec.rb +26 -47
- data/spec/unit/provider/mcx/mcxcontent_spec.rb +45 -47
- data/spec/unit/provider/mount/parsed_spec.rb +18 -24
- data/spec/unit/provider/mount_spec.rb +57 -66
- data/spec/unit/provider/naginator_spec.rb +13 -14
- data/spec/unit/provider/nameservice/directoryservice_spec.rb +35 -36
- data/spec/unit/provider/nameservice_spec.rb +38 -40
- data/spec/unit/provider/network_device_spec.rb +28 -28
- data/spec/unit/provider/package/aix_spec.rb +15 -15
- data/spec/unit/provider/package/appdmg_spec.rb +13 -13
- data/spec/unit/provider/package/apt_spec.rb +44 -27
- data/spec/unit/provider/package/aptitude_spec.rb +6 -7
- data/spec/unit/provider/package/aptrpm_spec.rb +7 -12
- data/spec/unit/provider/package/base_spec.rb +4 -4
- data/spec/unit/provider/package/dnf_spec.rb +14 -16
- data/spec/unit/provider/package/dpkg_spec.rb +52 -52
- data/spec/unit/provider/package/freebsd_spec.rb +11 -11
- data/spec/unit/provider/package/gem_spec.rb +51 -43
- data/spec/unit/provider/package/hpux_spec.rb +8 -8
- data/spec/unit/provider/package/macports_spec.rb +46 -42
- data/spec/unit/provider/package/nim_spec.rb +30 -39
- data/spec/unit/provider/package/openbsd_spec.rb +36 -39
- data/spec/unit/provider/package/opkg_spec.rb +23 -26
- data/spec/unit/provider/package/pacman_spec.rb +97 -118
- data/spec/unit/provider/package/pip_spec.rb +69 -71
- data/spec/unit/provider/package/pkg_spec.rb +109 -109
- data/spec/unit/provider/package/pkgdmg_spec.rb +65 -63
- data/spec/unit/provider/package/pkgin_spec.rb +10 -8
- data/spec/unit/provider/package/pkgng_spec.rb +17 -18
- data/spec/unit/provider/package/pkgutil_spec.rb +45 -49
- data/spec/unit/provider/package/portage_spec.rb +70 -74
- data/spec/unit/provider/package/puppet_gem_spec.rb +28 -8
- data/spec/unit/provider/package/rpm_spec.rb +53 -64
- data/spec/unit/provider/package/sun_spec.rb +16 -18
- data/spec/unit/provider/package/tdnf_spec.rb +2 -2
- data/spec/unit/provider/package/up2date_spec.rb +2 -4
- data/spec/unit/provider/package/urpmi_spec.rb +15 -17
- data/spec/unit/provider/package/windows/exe_package_spec.rb +12 -15
- data/spec/unit/provider/package/windows/msi_package_spec.rb +19 -22
- data/spec/unit/provider/package/windows/package_spec.rb +37 -42
- data/spec/unit/provider/package/windows_spec.rb +36 -32
- data/spec/unit/provider/package/yum_spec.rb +4 -4
- data/spec/unit/provider/package/zypper_spec.rb +87 -87
- data/spec/unit/provider/parsedfile_spec.rb +44 -45
- data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +120 -130
- data/spec/unit/provider/selboolean_spec.rb +9 -11
- data/spec/unit/provider/selmodule_spec.rb +20 -22
- data/spec/unit/provider/service/base_spec.rb +4 -5
- data/spec/unit/provider/service/bsd_spec.rb +27 -29
- data/spec/unit/provider/service/daemontools_spec.rb +35 -35
- data/spec/unit/provider/service/debian_spec.rb +37 -37
- data/spec/unit/provider/service/freebsd_spec.rb +18 -18
- data/spec/unit/provider/service/gentoo_spec.rb +50 -56
- data/spec/unit/provider/service/init_spec.rb +55 -55
- data/spec/unit/provider/service/launchd_spec.rb +138 -116
- data/spec/unit/provider/service/openbsd_spec.rb +50 -50
- data/spec/unit/provider/service/openrc_spec.rb +43 -46
- data/spec/unit/provider/service/openwrt_spec.rb +26 -32
- data/spec/unit/provider/service/rcng_spec.rb +14 -14
- data/spec/unit/provider/service/redhat_spec.rb +45 -43
- data/spec/unit/provider/service/runit_spec.rb +29 -27
- data/spec/unit/provider/service/smf_spec.rb +74 -66
- data/spec/unit/provider/service/src_spec.rb +46 -47
- data/spec/unit/provider/service/systemd_spec.rb +93 -98
- data/spec/unit/provider/service/upstart_spec.rb +74 -72
- data/spec/unit/provider/service/windows_spec.rb +33 -41
- data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +54 -68
- data/spec/unit/provider/sshkey/parsed_spec.rb +7 -8
- data/spec/unit/provider/user/aix_spec.rb +31 -31
- data/spec/unit/provider/user/directoryservice_spec.rb +109 -114
- data/spec/unit/provider/user/hpux_spec.rb +15 -15
- data/spec/unit/provider/user/ldap_spec.rb +57 -57
- data/spec/unit/provider/user/openbsd_spec.rb +10 -12
- data/spec/unit/provider/user/pw_spec.rb +37 -35
- data/spec/unit/provider/user/user_role_add_spec.rb +93 -93
- data/spec/unit/provider/user/useradd_spec.rb +93 -92
- data/spec/unit/provider/user/windows_adsi_spec.rb +59 -60
- data/spec/unit/provider/vlan/cisco_spec.rb +10 -12
- data/spec/unit/provider/yumrepo/inifile_spec.rb +75 -80
- data/spec/unit/provider/zfs/zfs_spec.rb +26 -21
- data/spec/unit/provider/zone/solaris_spec.rb +56 -42
- data/spec/unit/provider/zpool/zpool_spec.rb +19 -20
- data/spec/unit/provider_spec.rb +29 -29
- data/spec/unit/puppet_pal_2pec.rb +4 -5
- data/spec/unit/puppet_pal_spec.rb +0 -1
- data/spec/unit/puppet_spec.rb +7 -8
- data/spec/unit/relationship_spec.rb +0 -1
- data/spec/unit/reports/http_spec.rb +21 -23
- data/spec/unit/reports/store_spec.rb +3 -4
- data/spec/unit/reports_spec.rb +12 -14
- data/spec/unit/resource/capability_finder_spec.rb +18 -16
- data/spec/unit/resource/catalog_spec.rb +72 -68
- data/spec/unit/resource/status_spec.rb +6 -8
- data/spec/unit/resource/type_collection_spec.rb +17 -18
- data/spec/unit/resource/type_spec.rb +34 -35
- data/spec/unit/resource_spec.rb +36 -32
- data/spec/unit/scheduler/job_spec.rb +0 -1
- data/spec/unit/scheduler/scheduler_spec.rb +0 -1
- data/spec/unit/scheduler/splay_job_spec.rb +1 -2
- data/spec/unit/settings/array_setting_spec.rb +1 -1
- data/spec/unit/settings/autosign_setting_spec.rb +9 -9
- data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
- data/spec/unit/settings/config_file_spec.rb +0 -1
- data/spec/unit/settings/directory_setting_spec.rb +2 -7
- data/spec/unit/settings/duration_setting_spec.rb +1 -2
- data/spec/unit/settings/enum_setting_spec.rb +1 -1
- data/spec/unit/settings/environment_conf_spec.rb +4 -6
- data/spec/unit/settings/file_setting_spec.rb +44 -46
- data/spec/unit/settings/path_setting_spec.rb +1 -2
- data/spec/unit/settings/priority_setting_spec.rb +1 -2
- data/spec/unit/settings/string_setting_spec.rb +14 -15
- data/spec/unit/settings/terminus_setting_spec.rb +1 -2
- data/spec/unit/settings/value_translator_spec.rb +0 -1
- data/spec/unit/settings_spec.rb +226 -233
- data/spec/unit/ssl/base_spec.rb +14 -15
- data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +6 -7
- data/spec/unit/ssl/certificate_authority/interface_spec.rb +116 -113
- data/spec/unit/ssl/certificate_authority_spec.rb +258 -268
- data/spec/unit/ssl/certificate_factory_spec.rb +3 -5
- data/spec/unit/ssl/certificate_request_attributes_spec.rb +2 -3
- data/spec/unit/ssl/certificate_request_spec.rb +66 -67
- data/spec/unit/ssl/certificate_revocation_list_spec.rb +3 -4
- data/spec/unit/ssl/certificate_spec.rb +23 -25
- data/spec/unit/ssl/configuration_spec.rb +1 -4
- data/spec/unit/ssl/digest_spec.rb +0 -1
- data/spec/unit/ssl/host_spec.rb +217 -188
- data/spec/unit/ssl/inventory_spec.rb +25 -21
- data/spec/unit/ssl/key_spec.rb +30 -31
- data/spec/unit/ssl/validator_spec.rb +40 -40
- data/spec/unit/task_spec.rb +6 -7
- data/spec/unit/transaction/additional_resource_generator_spec.rb +6 -5
- data/spec/unit/transaction/event_manager_spec.rb +88 -88
- data/spec/unit/transaction/event_spec.rb +16 -15
- data/spec/unit/transaction/persistence_spec.rb +16 -17
- data/spec/unit/transaction/report_spec.rb +11 -12
- data/spec/unit/transaction/resource_harness_spec.rb +28 -33
- data/spec/unit/transaction_spec.rb +98 -100
- data/spec/unit/type/augeas_spec.rb +11 -10
- data/spec/unit/type/component_spec.rb +0 -1
- data/spec/unit/type/computer_spec.rb +7 -10
- data/spec/unit/type/cron_spec.rb +3 -7
- data/spec/unit/type/exec_spec.rb +60 -56
- data/spec/unit/type/file/checksum_spec.rb +9 -10
- data/spec/unit/type/file/checksum_value_spec.rb +31 -32
- data/spec/unit/type/file/content_spec.rb +58 -61
- data/spec/unit/type/file/ctime_spec.rb +0 -1
- data/spec/unit/type/file/ensure_spec.rb +12 -13
- data/spec/unit/type/file/group_spec.rb +5 -7
- data/spec/unit/type/file/mode_spec.rb +4 -6
- data/spec/unit/type/file/mtime_spec.rb +0 -1
- data/spec/unit/type/file/owner_spec.rb +6 -8
- data/spec/unit/type/file/selinux_spec.rb +17 -19
- data/spec/unit/type/file/source_spec.rb +104 -101
- data/spec/unit/type/file/type_spec.rb +0 -1
- data/spec/unit/type/file_spec.rb +195 -185
- data/spec/unit/type/filebucket_spec.rb +4 -5
- data/spec/unit/type/group_spec.rb +6 -8
- data/spec/unit/type/host_spec.rb +2 -3
- data/spec/unit/type/interface_spec.rb +2 -3
- data/spec/unit/type/k5login_spec.rb +3 -4
- data/spec/unit/type/macauthorization_spec.rb +6 -8
- data/spec/unit/type/mailalias_spec.rb +2 -3
- data/spec/unit/type/maillist_spec.rb +6 -9
- data/spec/unit/type/mcx_spec.rb +4 -8
- data/spec/unit/type/mount_spec.rb +26 -38
- data/spec/unit/type/nagios_spec.rb +0 -1
- data/spec/unit/type/noop_metaparam_spec.rb +1 -2
- data/spec/unit/type/package/package_settings_spec.rb +44 -23
- data/spec/unit/type/package_spec.rb +53 -54
- data/spec/unit/type/resources_spec.rb +86 -88
- data/spec/unit/type/schedule_spec.rb +24 -26
- data/spec/unit/type/scheduled_task_spec.rb +1 -2
- data/spec/unit/type/selboolean_spec.rb +5 -6
- data/spec/unit/type/selmodule_spec.rb +0 -1
- data/spec/unit/type/service_spec.rb +47 -47
- data/spec/unit/type/ssh_authorized_key_spec.rb +5 -35
- data/spec/unit/type/sshkey_spec.rb +0 -2
- data/spec/unit/type/stage_spec.rb +0 -1
- data/spec/unit/type/tidy_spec.rb +61 -62
- data/spec/unit/type/user_spec.rb +41 -27
- data/spec/unit/type/vlan_spec.rb +2 -4
- data/spec/unit/type/whit_spec.rb +0 -1
- data/spec/unit/type/zfs_spec.rb +6 -7
- data/spec/unit/type/zone_spec.rb +14 -4
- data/spec/unit/type/zpool_spec.rb +4 -5
- data/spec/unit/type_spec.rb +54 -53
- data/spec/unit/util/at_fork_spec.rb +18 -19
- data/spec/unit/util/autoload_spec.rb +53 -54
- data/spec/unit/util/backups_spec.rb +34 -35
- data/spec/unit/util/character_encoding_spec.rb +8 -8
- data/spec/unit/util/checksums_spec.rb +38 -39
- data/spec/unit/util/colors_spec.rb +1 -2
- data/spec/unit/util/command_line_spec.rb +24 -25
- data/spec/unit/util/constant_inflector_spec.rb +0 -1
- data/spec/unit/util/diff_spec.rb +7 -8
- data/spec/unit/util/errors_spec.rb +0 -1
- data/spec/unit/util/execution_spec.rb +187 -162
- data/spec/unit/util/execution_stub_spec.rb +0 -1
- data/spec/unit/util/feature_spec.rb +13 -13
- data/spec/unit/util/filetype_spec.rb +49 -49
- data/spec/unit/util/http_proxy_spec.rb +12 -12
- data/spec/unit/util/inifile_spec.rb +26 -31
- data/spec/unit/util/json_lockfile_spec.rb +3 -5
- data/spec/unit/util/ldap/connection_spec.rb +26 -25
- data/spec/unit/util/ldap/generator_spec.rb +0 -1
- data/spec/unit/util/ldap/manager_spec.rb +102 -101
- data/spec/unit/util/lockfile_spec.rb +0 -1
- data/spec/unit/util/log/destinations_spec.rb +30 -33
- data/spec/unit/util/log_spec.rb +35 -36
- data/spec/unit/util/logging_spec.rb +58 -66
- data/spec/unit/util/metric_spec.rb +0 -1
- data/spec/unit/util/monkey_patches_spec.rb +7 -9
- data/spec/unit/util/multi_match_spec.rb +0 -1
- data/spec/unit/util/nagios_maker_spec.rb +35 -36
- data/spec/unit/util/network_device/cisco/device_spec.rb +59 -50
- data/spec/unit/util/network_device/cisco/facts_spec.rb +4 -5
- data/spec/unit/util/network_device/cisco/interface_spec.rb +29 -20
- data/spec/unit/util/network_device/config_spec.rb +0 -1
- data/spec/unit/util/network_device/ipcalc_spec.rb +0 -1
- data/spec/unit/util/network_device/transport/base_spec.rb +5 -6
- data/spec/unit/util/network_device/transport/ssh_spec.rb +94 -60
- data/spec/unit/util/network_device/transport/telnet_spec.rb +18 -14
- data/spec/unit/util/network_device_spec.rb +7 -9
- data/spec/unit/util/package_spec.rb +0 -1
- data/spec/unit/util/pidlock_spec.rb +13 -14
- data/spec/unit/util/plist_spec.rb +40 -33
- data/spec/unit/util/posix_spec.rb +54 -51
- data/spec/unit/util/rdoc_spec.rb +9 -10
- data/spec/unit/util/reference_spec.rb +0 -1
- data/spec/unit/util/resource_template_spec.rb +20 -20
- data/spec/unit/util/retry_action_spec.rb +7 -8
- data/spec/unit/util/rubygems_spec.rb +14 -14
- data/spec/unit/util/run_mode_spec.rb +3 -4
- data/spec/unit/util/selinux_spec.rb +79 -72
- data/spec/unit/util/splayer_spec.rb +8 -9
- data/spec/unit/util/ssl_spec.rb +0 -1
- data/spec/unit/util/storage_spec.rb +3 -4
- data/spec/unit/util/suidmanager_spec.rb +45 -54
- data/spec/unit/util/symbolic_file_mode_spec.rb +0 -1
- data/spec/unit/util/tag_set_spec.rb +0 -1
- data/spec/unit/util/tagging_spec.rb +0 -1
- data/spec/unit/util/terminal_spec.rb +9 -10
- data/spec/unit/util/user_attr_spec.rb +1 -2
- data/spec/unit/util/warnings_spec.rb +3 -4
- data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
- data/spec/unit/util/watcher_spec.rb +51 -21
- data/spec/unit/util/windows/access_control_entry_spec.rb +0 -1
- data/spec/unit/util/windows/access_control_list_spec.rb +0 -1
- data/spec/unit/util/windows/adsi_spec.rb +136 -138
- data/spec/unit/util/windows/api_types_spec.rb +0 -1
- data/spec/unit/util/windows/eventlog_spec.rb +9 -12
- data/spec/unit/util/windows/file_spec.rb +0 -1
- data/spec/unit/util/windows/root_certs_spec.rb +0 -1
- data/spec/unit/util/windows/security_descriptor_spec.rb +0 -2
- data/spec/unit/util/windows/service_spec.rb +66 -68
- data/spec/unit/util/windows/sid_spec.rb +11 -13
- data/spec/unit/util/windows/string_spec.rb +0 -1
- data/spec/unit/util_spec.rb +55 -59
- data/spec/unit/version_spec.rb +6 -6
- metadata +2 -2
data/spec/unit/ssl/host_spec.rb
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
#! /usr/bin/env ruby
|
|
2
1
|
require 'spec_helper'
|
|
3
2
|
|
|
4
3
|
require 'puppet/ssl/host'
|
|
@@ -37,11 +36,11 @@ describe Puppet::SSL::Host do
|
|
|
37
36
|
end
|
|
38
37
|
|
|
39
38
|
it "should retrieve its public key from its private key" do
|
|
40
|
-
realkey =
|
|
41
|
-
key =
|
|
42
|
-
Puppet::SSL::Key.indirection.
|
|
43
|
-
pubkey =
|
|
44
|
-
realkey.
|
|
39
|
+
realkey = double('realkey')
|
|
40
|
+
key = double('key', :content => realkey)
|
|
41
|
+
allow(Puppet::SSL::Key.indirection).to receive(:find).and_return(key)
|
|
42
|
+
pubkey = double('public_key')
|
|
43
|
+
expect(realkey).to receive(:public_key).and_return(pubkey)
|
|
45
44
|
|
|
46
45
|
expect(@host.public_key).to equal(pubkey)
|
|
47
46
|
end
|
|
@@ -51,7 +50,7 @@ describe Puppet::SSL::Host do
|
|
|
51
50
|
end
|
|
52
51
|
|
|
53
52
|
it "should be a ca host if its name matches the CA_NAME" do
|
|
54
|
-
Puppet::SSL::Host.
|
|
53
|
+
allow(Puppet::SSL::Host).to receive(:ca_name).and_return("yayca")
|
|
55
54
|
expect(Puppet::SSL::Host.new("yayca")).to be_ca
|
|
56
55
|
end
|
|
57
56
|
|
|
@@ -78,11 +77,11 @@ describe Puppet::SSL::Host do
|
|
|
78
77
|
end
|
|
79
78
|
|
|
80
79
|
it "should generate the certificate for the localhost instance if no certificate is available" do
|
|
81
|
-
host =
|
|
82
|
-
Puppet::SSL::Host.
|
|
80
|
+
host = double('host', :key => nil)
|
|
81
|
+
expect(Puppet::SSL::Host).to receive(:new).and_return(host)
|
|
83
82
|
|
|
84
|
-
host.
|
|
85
|
-
host.
|
|
83
|
+
expect(host).to receive(:certificate).and_return(nil)
|
|
84
|
+
expect(host).to receive(:generate)
|
|
86
85
|
|
|
87
86
|
expect(Puppet::SSL::Host.localhost).to equal(host)
|
|
88
87
|
end
|
|
@@ -92,7 +91,7 @@ describe Puppet::SSL::Host do
|
|
|
92
91
|
Puppet[:confdir] = tmpdir('conf')
|
|
93
92
|
Puppet[:dns_alt_names] = "foo,bar,baz"
|
|
94
93
|
ca = Puppet::SSL::CertificateAuthority.new
|
|
95
|
-
Puppet::SSL::CertificateAuthority.
|
|
94
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:instance).and_return(ca)
|
|
96
95
|
|
|
97
96
|
localhost = Puppet::SSL::Host.localhost
|
|
98
97
|
cert = localhost.certificate
|
|
@@ -103,14 +102,14 @@ describe Puppet::SSL::Host do
|
|
|
103
102
|
|
|
104
103
|
context "with dns_alt_names" do
|
|
105
104
|
before :each do
|
|
106
|
-
@key =
|
|
107
|
-
key =
|
|
108
|
-
Puppet::SSL::Key.
|
|
109
|
-
Puppet::SSL::Key.indirection.
|
|
105
|
+
@key = double('key content')
|
|
106
|
+
key = double('key', :generate => true, :content => @key)
|
|
107
|
+
allow(Puppet::SSL::Key).to receive(:new).and_return(key)
|
|
108
|
+
allow(Puppet::SSL::Key.indirection).to receive(:save).with(key)
|
|
110
109
|
|
|
111
|
-
@cr =
|
|
112
|
-
Puppet::SSL::CertificateRequest.
|
|
113
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
110
|
+
@cr = double('certificate request')
|
|
111
|
+
allow(Puppet::SSL::CertificateRequest).to receive(:new).and_return(@cr)
|
|
112
|
+
allow(Puppet::SSL::CertificateRequest.indirection).to receive(:save).with(@cr)
|
|
114
113
|
end
|
|
115
114
|
|
|
116
115
|
describe "explicitly specified" do
|
|
@@ -119,13 +118,13 @@ describe Puppet::SSL::Host do
|
|
|
119
118
|
end
|
|
120
119
|
|
|
121
120
|
it "should not include subjectAltName if not the local node" do
|
|
122
|
-
@cr.
|
|
121
|
+
expect(@cr).to receive(:generate).with(@key, {})
|
|
123
122
|
|
|
124
123
|
Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
|
|
125
124
|
end
|
|
126
125
|
|
|
127
126
|
it "should include subjectAltName if I am a CA" do
|
|
128
|
-
@cr.
|
|
127
|
+
expect(@cr).to receive(:generate).
|
|
129
128
|
with(@key, { :dns_alt_names => Puppet[:dns_alt_names] })
|
|
130
129
|
|
|
131
130
|
Puppet::SSL::Host.localhost
|
|
@@ -133,45 +132,45 @@ describe Puppet::SSL::Host do
|
|
|
133
132
|
end
|
|
134
133
|
|
|
135
134
|
describe "implicitly defaulted" do
|
|
136
|
-
let(:ca) {
|
|
135
|
+
let(:ca) { double('ca', :sign => nil) }
|
|
137
136
|
|
|
138
137
|
before :each do
|
|
139
138
|
Puppet[:dns_alt_names] = ''
|
|
140
139
|
|
|
141
|
-
Puppet::SSL::CertificateAuthority.
|
|
140
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:instance).and_return(ca)
|
|
142
141
|
end
|
|
143
142
|
|
|
144
143
|
it "should not include defaults if we're not the CA" do
|
|
145
|
-
Puppet::SSL::CertificateAuthority.
|
|
144
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:ca?).and_return(false)
|
|
146
145
|
|
|
147
|
-
@cr.
|
|
146
|
+
expect(@cr).to receive(:generate).with(@key, {})
|
|
148
147
|
|
|
149
148
|
Puppet::SSL::Host.localhost
|
|
150
149
|
end
|
|
151
150
|
|
|
152
151
|
it "should not include defaults if not the local node" do
|
|
153
|
-
Puppet::SSL::CertificateAuthority.
|
|
152
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:ca?).and_return(true)
|
|
154
153
|
|
|
155
|
-
@cr.
|
|
154
|
+
expect(@cr).to receive(:generate).with(@key, {})
|
|
156
155
|
|
|
157
156
|
Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
|
|
158
157
|
end
|
|
159
158
|
|
|
160
159
|
it "should not include defaults if we can't resolve our fqdn" do
|
|
161
|
-
Puppet::SSL::CertificateAuthority.
|
|
162
|
-
Facter.
|
|
160
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:ca?).and_return(true)
|
|
161
|
+
allow(Facter).to receive(:value).with(:fqdn).and_return(nil)
|
|
163
162
|
|
|
164
|
-
@cr.
|
|
163
|
+
expect(@cr).to receive(:generate).with(@key, {})
|
|
165
164
|
|
|
166
165
|
Puppet::SSL::Host.localhost
|
|
167
166
|
end
|
|
168
167
|
|
|
169
168
|
it "should provide defaults if we're bootstrapping the local master" do
|
|
170
|
-
Puppet::SSL::CertificateAuthority.
|
|
171
|
-
Facter.
|
|
172
|
-
Facter.
|
|
169
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:ca?).and_return(true)
|
|
170
|
+
allow(Facter).to receive(:value).with(:fqdn).and_return('web.foo.com')
|
|
171
|
+
allow(Facter).to receive(:value).with(:domain).and_return('foo.com')
|
|
173
172
|
|
|
174
|
-
@cr.
|
|
173
|
+
expect(@cr).to receive(:generate).with(@key, {:dns_alt_names => "puppet, web.foo.com, puppet.foo.com"})
|
|
175
174
|
|
|
176
175
|
Puppet::SSL::Host.localhost
|
|
177
176
|
end
|
|
@@ -179,17 +178,17 @@ describe Puppet::SSL::Host do
|
|
|
179
178
|
end
|
|
180
179
|
|
|
181
180
|
it "should always read the key for the localhost instance in from disk" do
|
|
182
|
-
host =
|
|
183
|
-
Puppet::SSL::Host.
|
|
181
|
+
host = double('host', :certificate => "eh")
|
|
182
|
+
expect(Puppet::SSL::Host).to receive(:new).and_return(host)
|
|
184
183
|
|
|
185
|
-
host.
|
|
184
|
+
expect(host).to receive(:key)
|
|
186
185
|
|
|
187
186
|
Puppet::SSL::Host.localhost
|
|
188
187
|
end
|
|
189
188
|
|
|
190
189
|
it "should cache the localhost instance" do
|
|
191
|
-
host =
|
|
192
|
-
Puppet::SSL::Host.
|
|
190
|
+
host = double('host', :certificate => "eh", :key => 'foo')
|
|
191
|
+
expect(Puppet::SSL::Host).to receive(:new).once.and_return(host)
|
|
193
192
|
expect(Puppet::SSL::Host.localhost).to eq(Puppet::SSL::Host.localhost)
|
|
194
193
|
end
|
|
195
194
|
|
|
@@ -199,38 +198,38 @@ describe Puppet::SSL::Host do
|
|
|
199
198
|
|
|
200
199
|
it "should consider the certificate invalid if it cannot find a key" do
|
|
201
200
|
host = Puppet::SSL::Host.new("foo")
|
|
202
|
-
certificate =
|
|
203
|
-
host.
|
|
204
|
-
host.
|
|
201
|
+
certificate = double('cert', :fingerprint => 'DEADBEEF')
|
|
202
|
+
expect(host).to receive(:certificate).twice.and_return(certificate)
|
|
203
|
+
expect(host).to receive(:key).and_return(nil)
|
|
205
204
|
expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, "No private key with which to validate certificate with fingerprint: DEADBEEF")
|
|
206
205
|
end
|
|
207
206
|
|
|
208
207
|
it "should consider the certificate invalid if it cannot find a certificate" do
|
|
209
208
|
host = Puppet::SSL::Host.new("foo")
|
|
210
|
-
host.
|
|
211
|
-
host.
|
|
209
|
+
expect(host).not_to receive(:key)
|
|
210
|
+
expect(host).to receive(:certificate).and_return(nil)
|
|
212
211
|
expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, "No certificate to validate.")
|
|
213
212
|
end
|
|
214
213
|
|
|
215
214
|
it "should consider the certificate invalid if the SSL certificate's key verification fails" do
|
|
216
215
|
host = Puppet::SSL::Host.new("foo")
|
|
217
|
-
key =
|
|
218
|
-
sslcert =
|
|
219
|
-
certificate =
|
|
220
|
-
host.
|
|
221
|
-
host.
|
|
222
|
-
sslcert.
|
|
216
|
+
key = double('key', :content => "private_key")
|
|
217
|
+
sslcert = double('sslcert')
|
|
218
|
+
certificate = double('cert', {:content => sslcert, :fingerprint => 'DEADBEEF'})
|
|
219
|
+
allow(host).to receive(:key).and_return(key)
|
|
220
|
+
allow(host).to receive(:certificate).and_return(certificate)
|
|
221
|
+
expect(sslcert).to receive(:check_private_key).with("private_key").and_return(false)
|
|
223
222
|
expect { host.validate_certificate_with_key }.to raise_error(Puppet::Error, /DEADBEEF/)
|
|
224
223
|
end
|
|
225
224
|
|
|
226
225
|
it "should consider the certificate valid if the SSL certificate's key verification succeeds" do
|
|
227
226
|
host = Puppet::SSL::Host.new("foo")
|
|
228
|
-
key =
|
|
229
|
-
sslcert =
|
|
230
|
-
certificate =
|
|
231
|
-
host.
|
|
232
|
-
host.
|
|
233
|
-
sslcert.
|
|
227
|
+
key = double('key', :content => "private_key")
|
|
228
|
+
sslcert = double('sslcert')
|
|
229
|
+
certificate = double('cert', :content => sslcert)
|
|
230
|
+
allow(host).to receive(:key).and_return(key)
|
|
231
|
+
allow(host).to receive(:certificate).and_return(certificate)
|
|
232
|
+
expect(sslcert).to receive(:check_private_key).with("private_key").and_return(true)
|
|
234
233
|
expect{ host.validate_certificate_with_key }.not_to raise_error
|
|
235
234
|
end
|
|
236
235
|
|
|
@@ -348,21 +347,21 @@ describe Puppet::SSL::Host do
|
|
|
348
347
|
|
|
349
348
|
describe "when destroying a host's SSL files" do
|
|
350
349
|
before do
|
|
351
|
-
Puppet::SSL::Key.indirection.
|
|
352
|
-
Puppet::SSL::Certificate.indirection.
|
|
353
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
350
|
+
allow(Puppet::SSL::Key.indirection).to receive(:destroy).and_return(false)
|
|
351
|
+
allow(Puppet::SSL::Certificate.indirection).to receive(:destroy).and_return(false)
|
|
352
|
+
allow(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy).and_return(false)
|
|
354
353
|
end
|
|
355
354
|
|
|
356
355
|
it "should destroy its certificate, certificate request, and key" do
|
|
357
|
-
Puppet::SSL::Key.indirection.
|
|
358
|
-
Puppet::SSL::Certificate.indirection.
|
|
359
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
356
|
+
expect(Puppet::SSL::Key.indirection).to receive(:destroy).with("myhost")
|
|
357
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:destroy).with("myhost")
|
|
358
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy).with("myhost")
|
|
360
359
|
|
|
361
360
|
Puppet::SSL::Host.destroy("myhost")
|
|
362
361
|
end
|
|
363
362
|
|
|
364
363
|
it "should return true if any of the classes returned true" do
|
|
365
|
-
Puppet::SSL::Certificate.indirection.
|
|
364
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:destroy).with("myhost").and_return(true)
|
|
366
365
|
|
|
367
366
|
expect(Puppet::SSL::Host.destroy("myhost")).to be_truthy
|
|
368
367
|
end
|
|
@@ -384,7 +383,7 @@ describe Puppet::SSL::Host do
|
|
|
384
383
|
end
|
|
385
384
|
|
|
386
385
|
it "should indicate that it is a CA host if its name matches the ca_name constant" do
|
|
387
|
-
Puppet::SSL::Host.
|
|
386
|
+
allow(Puppet::SSL::Host).to receive(:ca_name).and_return("myca")
|
|
388
387
|
expect(Puppet::SSL::Host.new("myca")).to be_ca
|
|
389
388
|
end
|
|
390
389
|
end
|
|
@@ -397,37 +396,37 @@ describe Puppet::SSL::Host do
|
|
|
397
396
|
end
|
|
398
397
|
|
|
399
398
|
it "should return nil if the key is not set and cannot be found" do
|
|
400
|
-
Puppet::SSL::Key.indirection.
|
|
399
|
+
expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(nil)
|
|
401
400
|
expect(@host.key).to be_nil
|
|
402
401
|
end
|
|
403
402
|
|
|
404
403
|
it "should find the key in the Key class and return the Puppet instance" do
|
|
405
|
-
Puppet::SSL::Key.indirection.
|
|
404
|
+
expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(@key)
|
|
406
405
|
expect(@host.key).to equal(@key)
|
|
407
406
|
end
|
|
408
407
|
|
|
409
408
|
it "should be able to generate and save a new key" do
|
|
410
|
-
Puppet::SSL::Key.
|
|
409
|
+
expect(Puppet::SSL::Key).to receive(:new).with("myname").and_return(@key)
|
|
411
410
|
|
|
412
|
-
@key.
|
|
413
|
-
Puppet::SSL::Key.indirection.
|
|
411
|
+
expect(@key).to receive(:generate)
|
|
412
|
+
expect(Puppet::SSL::Key.indirection).to receive(:save)
|
|
414
413
|
|
|
415
414
|
expect(@host.generate_key).to be_truthy
|
|
416
415
|
expect(@host.key).to equal(@key)
|
|
417
416
|
end
|
|
418
417
|
|
|
419
418
|
it "should not retain keys that could not be saved" do
|
|
420
|
-
Puppet::SSL::Key.
|
|
419
|
+
expect(Puppet::SSL::Key).to receive(:new).with("myname").and_return(@key)
|
|
421
420
|
|
|
422
|
-
@key.
|
|
423
|
-
Puppet::SSL::Key.indirection.
|
|
421
|
+
expect(@key).to receive(:generate)
|
|
422
|
+
expect(Puppet::SSL::Key.indirection).to receive(:save).and_raise("eh")
|
|
424
423
|
|
|
425
424
|
expect { @host.generate_key }.to raise_error(RuntimeError)
|
|
426
425
|
expect(@host.key).to be_nil
|
|
427
426
|
end
|
|
428
427
|
|
|
429
428
|
it "should return any previously found key without requerying" do
|
|
430
|
-
Puppet::SSL::Key.indirection.
|
|
429
|
+
expect(Puppet::SSL::Key.indirection).to receive(:find).with("myname").and_return(@key).once
|
|
431
430
|
expect(@host.key).to equal(@key)
|
|
432
431
|
expect(@host.key).to equal(@key)
|
|
433
432
|
end
|
|
@@ -441,60 +440,63 @@ describe Puppet::SSL::Host do
|
|
|
441
440
|
end
|
|
442
441
|
|
|
443
442
|
it "should return nil if the key is not set and cannot be found" do
|
|
444
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
443
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myname").and_return(nil)
|
|
445
444
|
expect(@host.certificate_request).to be_nil
|
|
446
445
|
end
|
|
447
446
|
|
|
448
447
|
it "should find the request in the Key class and return it and return the Puppet SSL request" do
|
|
449
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
448
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myname").and_return(@request)
|
|
450
449
|
|
|
451
450
|
expect(@host.certificate_request).to equal(@request)
|
|
452
451
|
end
|
|
453
452
|
|
|
454
453
|
it "should generate a new key when generating the cert request if no key exists" do
|
|
455
|
-
Puppet::SSL::CertificateRequest.
|
|
454
|
+
expect(Puppet::SSL::CertificateRequest).to receive(:new).with("myname").and_return(@request)
|
|
456
455
|
|
|
457
|
-
key =
|
|
456
|
+
key = double('key', :public_key => double("public_key"), :content => "mycontent")
|
|
458
457
|
|
|
459
|
-
@host.
|
|
460
|
-
@host.
|
|
458
|
+
expect(@host).to receive(:key).twice.and_return(nil, key)
|
|
459
|
+
expect(@host).to receive(:generate_key).and_return(key)
|
|
461
460
|
|
|
462
|
-
@request.
|
|
463
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
461
|
+
allow(@request).to receive(:generate)
|
|
462
|
+
allow(Puppet::SSL::CertificateRequest.indirection).to receive(:save)
|
|
464
463
|
|
|
465
464
|
@host.generate_certificate_request
|
|
466
465
|
end
|
|
467
466
|
|
|
468
467
|
it "should be able to generate and save a new request using the private key" do
|
|
469
|
-
Puppet::SSL::CertificateRequest.
|
|
468
|
+
expect(Puppet::SSL::CertificateRequest).to receive(:new).with("myname").and_return(@request)
|
|
470
469
|
|
|
471
|
-
key =
|
|
472
|
-
@host.
|
|
473
|
-
@request.
|
|
474
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
470
|
+
key = double('key', :public_key => double("public_key"), :content => "mycontent")
|
|
471
|
+
allow(@host).to receive(:key).and_return(key)
|
|
472
|
+
expect(@request).to receive(:generate).with("mycontent", {})
|
|
473
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:save).with(@request)
|
|
475
474
|
|
|
476
475
|
expect(@host.generate_certificate_request).to be_truthy
|
|
477
476
|
expect(@host.certificate_request).to equal(@request)
|
|
478
477
|
end
|
|
479
478
|
|
|
480
479
|
it "should return any previously found request without requerying" do
|
|
481
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
480
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myname").and_return(@request).once
|
|
482
481
|
|
|
483
482
|
expect(@host.certificate_request).to equal(@request)
|
|
484
483
|
expect(@host.certificate_request).to equal(@request)
|
|
485
484
|
end
|
|
486
485
|
|
|
487
486
|
it "should not keep its certificate request in memory if the request cannot be saved" do
|
|
488
|
-
Puppet::SSL::CertificateRequest.
|
|
489
|
-
|
|
490
|
-
key =
|
|
491
|
-
@host.
|
|
492
|
-
@request.
|
|
493
|
-
@request.
|
|
494
|
-
terminus =
|
|
495
|
-
terminus.
|
|
496
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
497
|
-
terminus.
|
|
487
|
+
expect(Puppet::SSL::CertificateRequest).to receive(:new).with("myname").and_return(@request)
|
|
488
|
+
|
|
489
|
+
key = double('key', :public_key => double("public_key"), :content => "mycontent")
|
|
490
|
+
allow(@host).to receive(:key).and_return(key)
|
|
491
|
+
allow(@request).to receive(:generate)
|
|
492
|
+
allow(@request).to receive(:name).and_return("myname")
|
|
493
|
+
terminus = double('terminus')
|
|
494
|
+
allow(terminus).to receive(:validate)
|
|
495
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:prepare).and_return(terminus)
|
|
496
|
+
expect(terminus).to receive(:save) do |req|
|
|
497
|
+
expect(req.instance).to eq(@request)
|
|
498
|
+
expect(req.key).to eq("myname")
|
|
499
|
+
end.and_raise("eh")
|
|
498
500
|
|
|
499
501
|
expect { @host.generate_certificate_request }.to raise_error(RuntimeError)
|
|
500
502
|
|
|
@@ -504,55 +506,55 @@ describe Puppet::SSL::Host do
|
|
|
504
506
|
|
|
505
507
|
describe "when managing its certificate" do
|
|
506
508
|
before do
|
|
507
|
-
@realcert =
|
|
508
|
-
@cert =
|
|
509
|
-
@host.
|
|
510
|
-
@host.
|
|
509
|
+
@realcert = double('certificate')
|
|
510
|
+
@cert = double('cert', :content => @realcert)
|
|
511
|
+
allow(@host).to receive(:key).and_return(double("key"))
|
|
512
|
+
allow(@host).to receive(:validate_certificate_with_key)
|
|
511
513
|
end
|
|
512
514
|
|
|
513
515
|
it "should find the CA certificate if it does not have a certificate" do
|
|
514
|
-
Puppet::SSL::Certificate.indirection.
|
|
515
|
-
Puppet::SSL::Certificate.indirection.
|
|
516
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).and_return(double("cacert"))
|
|
517
|
+
allow(Puppet::SSL::Certificate.indirection).to receive(:find).with("myname").and_return(@cert)
|
|
516
518
|
@host.certificate
|
|
517
519
|
end
|
|
518
520
|
|
|
519
521
|
it "should not find the CA certificate if it is the CA host" do
|
|
520
|
-
@host.
|
|
521
|
-
Puppet::SSL::Certificate.indirection.
|
|
522
|
-
Puppet::SSL::Certificate.indirection.
|
|
522
|
+
expect(@host).to receive(:ca?).and_return(true)
|
|
523
|
+
allow(Puppet::SSL::Certificate.indirection).to receive(:find)
|
|
524
|
+
expect(Puppet::SSL::Certificate.indirection).not_to receive(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true)
|
|
523
525
|
|
|
524
526
|
@host.certificate
|
|
525
527
|
end
|
|
526
528
|
|
|
527
529
|
it "should return nil if it cannot find a CA certificate" do
|
|
528
|
-
Puppet::SSL::Certificate.indirection.
|
|
529
|
-
Puppet::SSL::Certificate.indirection.
|
|
530
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).and_return(nil)
|
|
531
|
+
expect(Puppet::SSL::Certificate.indirection).not_to receive(:find).with("myname")
|
|
530
532
|
|
|
531
533
|
expect(@host.certificate).to be_nil
|
|
532
534
|
end
|
|
533
535
|
|
|
534
536
|
it "should find the key if it does not have one" do
|
|
535
|
-
Puppet::SSL::Certificate.indirection.
|
|
536
|
-
@host.
|
|
537
|
+
allow(Puppet::SSL::Certificate.indirection).to receive(:find)
|
|
538
|
+
expect(@host).to receive(:key).and_return(double("key"))
|
|
537
539
|
@host.certificate
|
|
538
540
|
end
|
|
539
541
|
|
|
540
542
|
it "should generate the key if one cannot be found" do
|
|
541
|
-
Puppet::SSL::Certificate.indirection.
|
|
542
|
-
@host.
|
|
543
|
-
@host.
|
|
543
|
+
allow(Puppet::SSL::Certificate.indirection).to receive(:find)
|
|
544
|
+
expect(@host).to receive(:key).and_return(nil)
|
|
545
|
+
expect(@host).to receive(:generate_key)
|
|
544
546
|
@host.certificate
|
|
545
547
|
end
|
|
546
548
|
|
|
547
549
|
it "should find the certificate in the Certificate class and return the Puppet certificate instance" do
|
|
548
|
-
Puppet::SSL::Certificate.indirection.
|
|
549
|
-
Puppet::SSL::Certificate.indirection.
|
|
550
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).and_return(double("cacert"))
|
|
551
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myname").and_return(@cert)
|
|
550
552
|
expect(@host.certificate).to equal(@cert)
|
|
551
553
|
end
|
|
552
554
|
|
|
553
555
|
it "should return any previously found certificate" do
|
|
554
|
-
Puppet::SSL::Certificate.indirection.
|
|
555
|
-
Puppet::SSL::Certificate.indirection.
|
|
556
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(Puppet::SSL::CA_NAME, :fail_on_404 => true).and_return(double("cacert"))
|
|
557
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myname").and_return(@cert).once
|
|
556
558
|
|
|
557
559
|
expect(@host.certificate).to equal(@cert)
|
|
558
560
|
expect(@host.certificate).to equal(@cert)
|
|
@@ -565,47 +567,47 @@ describe Puppet::SSL::Host do
|
|
|
565
567
|
|
|
566
568
|
describe "when listing certificate hosts" do
|
|
567
569
|
it "should default to listing all clients with any file types" do
|
|
568
|
-
Puppet::SSL::Key.indirection.
|
|
569
|
-
Puppet::SSL::Certificate.indirection.
|
|
570
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
570
|
+
expect(Puppet::SSL::Key.indirection).to receive(:search).and_return([])
|
|
571
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:search).and_return([])
|
|
572
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:search).and_return([])
|
|
571
573
|
Puppet::SSL::Host.search
|
|
572
574
|
end
|
|
573
575
|
|
|
574
576
|
it "should be able to list only clients with a key" do
|
|
575
|
-
Puppet::SSL::Key.indirection.
|
|
576
|
-
Puppet::SSL::Certificate.indirection.
|
|
577
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
577
|
+
expect(Puppet::SSL::Key.indirection).to receive(:search).and_return([])
|
|
578
|
+
expect(Puppet::SSL::Certificate.indirection).not_to receive(:search)
|
|
579
|
+
expect(Puppet::SSL::CertificateRequest.indirection).not_to receive(:search)
|
|
578
580
|
Puppet::SSL::Host.search :for => Puppet::SSL::Key
|
|
579
581
|
end
|
|
580
582
|
|
|
581
583
|
it "should be able to list only clients with a certificate" do
|
|
582
|
-
Puppet::SSL::Key.indirection.
|
|
583
|
-
Puppet::SSL::Certificate.indirection.
|
|
584
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
584
|
+
expect(Puppet::SSL::Key.indirection).not_to receive(:search)
|
|
585
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:search).and_return([])
|
|
586
|
+
expect(Puppet::SSL::CertificateRequest.indirection).not_to receive(:search)
|
|
585
587
|
Puppet::SSL::Host.search :for => Puppet::SSL::Certificate
|
|
586
588
|
end
|
|
587
589
|
|
|
588
590
|
it "should be able to list only clients with a certificate request" do
|
|
589
|
-
Puppet::SSL::Key.indirection.
|
|
590
|
-
Puppet::SSL::Certificate.indirection.
|
|
591
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
591
|
+
expect(Puppet::SSL::Key.indirection).not_to receive(:search)
|
|
592
|
+
expect(Puppet::SSL::Certificate.indirection).not_to receive(:search)
|
|
593
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:search).and_return([])
|
|
592
594
|
Puppet::SSL::Host.search :for => Puppet::SSL::CertificateRequest
|
|
593
595
|
end
|
|
594
596
|
|
|
595
597
|
it "should return a Host instance created with the name of each found instance" do
|
|
596
|
-
key =
|
|
597
|
-
cert =
|
|
598
|
-
csr =
|
|
598
|
+
key = double('key', :name => "key", :to_ary => nil)
|
|
599
|
+
cert = double('cert', :name => "cert", :to_ary => nil)
|
|
600
|
+
csr = double('csr', :name => "csr", :to_ary => nil)
|
|
599
601
|
|
|
600
|
-
Puppet::SSL::Key.indirection.
|
|
601
|
-
Puppet::SSL::Certificate.indirection.
|
|
602
|
-
Puppet::SSL::CertificateRequest.indirection.
|
|
602
|
+
expect(Puppet::SSL::Key.indirection).to receive(:search).and_return([key])
|
|
603
|
+
expect(Puppet::SSL::Certificate.indirection).to receive(:search).and_return([cert])
|
|
604
|
+
expect(Puppet::SSL::CertificateRequest.indirection).to receive(:search).and_return([csr])
|
|
603
605
|
|
|
604
606
|
returned = []
|
|
605
607
|
%w{key cert csr}.each do |name|
|
|
606
|
-
result =
|
|
608
|
+
result = double(name)
|
|
607
609
|
returned << result
|
|
608
|
-
Puppet::SSL::Host.
|
|
610
|
+
expect(Puppet::SSL::Host).to receive(:new).with(name).and_return(result)
|
|
609
611
|
end
|
|
610
612
|
|
|
611
613
|
result = Puppet::SSL::Host.search
|
|
@@ -622,34 +624,34 @@ describe Puppet::SSL::Host do
|
|
|
622
624
|
describe "when generating files" do
|
|
623
625
|
before do
|
|
624
626
|
@host = Puppet::SSL::Host.new("me")
|
|
625
|
-
@host.
|
|
626
|
-
@host.
|
|
627
|
+
allow(@host).to receive(:generate_key)
|
|
628
|
+
allow(@host).to receive(:generate_certificate_request)
|
|
627
629
|
end
|
|
628
630
|
|
|
629
631
|
it "should generate a key if one is not present" do
|
|
630
|
-
@host.
|
|
631
|
-
@host.
|
|
632
|
+
allow(@host).to receive(:key).and_return nil
|
|
633
|
+
expect(@host).to receive(:generate_key)
|
|
632
634
|
|
|
633
635
|
@host.generate
|
|
634
636
|
end
|
|
635
637
|
|
|
636
638
|
it "should generate a certificate request if one is not present" do
|
|
637
|
-
@host.
|
|
638
|
-
@host.
|
|
639
|
+
expect(@host).to receive(:certificate_request).and_return nil
|
|
640
|
+
expect(@host).to receive(:generate_certificate_request)
|
|
639
641
|
|
|
640
642
|
@host.generate
|
|
641
643
|
end
|
|
642
644
|
|
|
643
645
|
describe "and it can create a certificate authority" do
|
|
644
646
|
before do
|
|
645
|
-
@ca =
|
|
646
|
-
Puppet::SSL::CertificateAuthority.
|
|
647
|
+
@ca = double('ca')
|
|
648
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:instance).and_return(@ca)
|
|
647
649
|
end
|
|
648
650
|
|
|
649
651
|
it "should use the CA to sign its certificate request if it does not have a certificate" do
|
|
650
|
-
@host.
|
|
652
|
+
expect(@host).to receive(:certificate).and_return(nil)
|
|
651
653
|
|
|
652
|
-
@ca.
|
|
654
|
+
expect(@ca).to receive(:sign).with(@host.name, {allow_dns_alt_names: true})
|
|
653
655
|
|
|
654
656
|
@host.generate
|
|
655
657
|
end
|
|
@@ -657,11 +659,11 @@ describe Puppet::SSL::Host do
|
|
|
657
659
|
|
|
658
660
|
describe "and it cannot create a certificate authority" do
|
|
659
661
|
before do
|
|
660
|
-
Puppet::SSL::CertificateAuthority.
|
|
662
|
+
allow(Puppet::SSL::CertificateAuthority).to receive(:instance).and_return(nil)
|
|
661
663
|
end
|
|
662
664
|
|
|
663
665
|
it "should seek its certificate" do
|
|
664
|
-
@host.
|
|
666
|
+
expect(@host).to receive(:certificate)
|
|
665
667
|
|
|
666
668
|
@host.generate
|
|
667
669
|
end
|
|
@@ -674,44 +676,52 @@ describe Puppet::SSL::Host do
|
|
|
674
676
|
|
|
675
677
|
it "should always return the same store" do
|
|
676
678
|
host = Puppet::SSL::Host.new("foo")
|
|
677
|
-
store =
|
|
678
|
-
|
|
679
|
-
|
|
679
|
+
store = double(
|
|
680
|
+
'store',
|
|
681
|
+
:purpose= => nil,
|
|
682
|
+
:add_file => nil,
|
|
683
|
+
)
|
|
684
|
+
expect(OpenSSL::X509::Store).to receive(:new).and_return(store)
|
|
680
685
|
expect(host.ssl_store).to equal(host.ssl_store)
|
|
681
686
|
end
|
|
682
687
|
|
|
683
688
|
describe "when creating an SSL store" do
|
|
684
689
|
before do
|
|
685
690
|
@host = Puppet::SSL::Host.new("me")
|
|
686
|
-
@store =
|
|
687
|
-
|
|
688
|
-
|
|
691
|
+
@store = double(
|
|
692
|
+
'store',
|
|
693
|
+
:purpose= => nil,
|
|
694
|
+
:add_file => nil,
|
|
695
|
+
:add_crl => nil,
|
|
696
|
+
:flags= => nil,
|
|
697
|
+
)
|
|
698
|
+
allow(OpenSSL::X509::Store).to receive(:new).and_return(@store)
|
|
689
699
|
|
|
690
700
|
Puppet[:localcacert] = "ssl_host_testing"
|
|
691
701
|
|
|
692
|
-
Puppet::SSL::CertificateRevocationList.indirection.
|
|
702
|
+
allow(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(nil)
|
|
693
703
|
end
|
|
694
704
|
|
|
695
705
|
it "should accept a purpose" do
|
|
696
|
-
@store.
|
|
706
|
+
expect(@store).to receive(:purpose=).with("my special purpose")
|
|
697
707
|
@host.ssl_store("my special purpose")
|
|
698
708
|
end
|
|
699
709
|
|
|
700
710
|
it "should default to OpenSSL::X509::PURPOSE_ANY as the purpose" do
|
|
701
|
-
@store.
|
|
711
|
+
expect(@store).to receive(:purpose=).with(OpenSSL::X509::PURPOSE_ANY)
|
|
702
712
|
@host.ssl_store
|
|
703
713
|
end
|
|
704
714
|
|
|
705
715
|
it "should add the local CA cert file" do
|
|
706
716
|
Puppet[:localcacert] = "/ca/cert/file"
|
|
707
|
-
@store.
|
|
717
|
+
expect(@store).to receive(:add_file).with(Puppet[:localcacert])
|
|
708
718
|
@host.ssl_store
|
|
709
719
|
end
|
|
710
720
|
|
|
711
721
|
describe "and a CRL is available" do
|
|
712
722
|
before do
|
|
713
|
-
@crl =
|
|
714
|
-
Puppet::SSL::CertificateRevocationList.indirection.
|
|
723
|
+
@crl = double('crl', :content => "real_crl")
|
|
724
|
+
allow(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(@crl)
|
|
715
725
|
end
|
|
716
726
|
|
|
717
727
|
[true, 'chain'].each do |crl_setting|
|
|
@@ -721,12 +731,12 @@ describe Puppet::SSL::Host do
|
|
|
721
731
|
end
|
|
722
732
|
|
|
723
733
|
it "should add the CRL" do
|
|
724
|
-
@store.
|
|
734
|
+
expect(@store).to receive(:add_crl).with("real_crl")
|
|
725
735
|
@host.ssl_store
|
|
726
736
|
end
|
|
727
737
|
|
|
728
738
|
it "should set the flags to OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK" do
|
|
729
|
-
@store.
|
|
739
|
+
expect(@store).to receive(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL | OpenSSL::X509::V_FLAG_CRL_CHECK)
|
|
730
740
|
@host.ssl_store
|
|
731
741
|
end
|
|
732
742
|
end
|
|
@@ -738,12 +748,12 @@ describe Puppet::SSL::Host do
|
|
|
738
748
|
end
|
|
739
749
|
|
|
740
750
|
it "should add the CRL" do
|
|
741
|
-
@store.
|
|
751
|
+
expect(@store).to receive(:add_crl).with("real_crl")
|
|
742
752
|
@host.ssl_store
|
|
743
753
|
end
|
|
744
754
|
|
|
745
755
|
it "should set the flags to OpenSSL::X509::V_FLAG_CRL_CHECK" do
|
|
746
|
-
@store.
|
|
756
|
+
expect(@store).to receive(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK)
|
|
747
757
|
@host.ssl_store
|
|
748
758
|
end
|
|
749
759
|
end
|
|
@@ -754,12 +764,12 @@ describe Puppet::SSL::Host do
|
|
|
754
764
|
end
|
|
755
765
|
|
|
756
766
|
it "should not add the CRL" do
|
|
757
|
-
@store.
|
|
767
|
+
expect(@store).not_to receive(:add_crl)
|
|
758
768
|
@host.ssl_store
|
|
759
769
|
end
|
|
760
770
|
|
|
761
771
|
it "should not set the flags" do
|
|
762
|
-
@store.
|
|
772
|
+
expect(@store).not_to receive(:flags=)
|
|
763
773
|
@host.ssl_store
|
|
764
774
|
end
|
|
765
775
|
end
|
|
@@ -772,54 +782,73 @@ describe Puppet::SSL::Host do
|
|
|
772
782
|
end
|
|
773
783
|
|
|
774
784
|
it "should generate its certificate request and attempt to read the certificate again if no certificate is found" do
|
|
775
|
-
@host.
|
|
776
|
-
@host.
|
|
785
|
+
expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
|
|
786
|
+
expect(@host).to receive(:generate)
|
|
777
787
|
@host.wait_for_cert(1)
|
|
778
788
|
end
|
|
779
789
|
|
|
780
790
|
it "should catch and log errors during CSR saving" do
|
|
781
|
-
@host.
|
|
782
|
-
|
|
783
|
-
@host.
|
|
791
|
+
expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
|
|
792
|
+
times_generate_called = 0
|
|
793
|
+
expect(@host).to receive(:generate) do
|
|
794
|
+
times_generate_called += 1
|
|
795
|
+
raise RuntimeError if times_generate_called == 1
|
|
796
|
+
nil
|
|
797
|
+
end
|
|
798
|
+
allow(@host).to receive(:sleep)
|
|
784
799
|
@host.wait_for_cert(1)
|
|
785
800
|
end
|
|
786
801
|
|
|
787
802
|
it "should sleep and retry after failures saving the CSR if waitforcert is enabled" do
|
|
788
|
-
@host.
|
|
789
|
-
|
|
790
|
-
@host.
|
|
803
|
+
expect(@host).to receive(:certificate).twice.and_return(nil, "foo")
|
|
804
|
+
times_generate_called = 0
|
|
805
|
+
expect(@host).to receive(:generate) do
|
|
806
|
+
times_generate_called += 1
|
|
807
|
+
raise RuntimeError if times_generate_called == 1
|
|
808
|
+
nil
|
|
809
|
+
end
|
|
810
|
+
expect(@host).to receive(:sleep).with(1)
|
|
791
811
|
@host.wait_for_cert(1)
|
|
792
812
|
end
|
|
793
813
|
|
|
794
814
|
it "should exit after failures saving the CSR of waitforcert is disabled" do
|
|
795
|
-
@host.
|
|
796
|
-
@host.
|
|
797
|
-
@host.
|
|
815
|
+
expect(@host).to receive(:certificate).and_return(nil)
|
|
816
|
+
expect(@host).to receive(:generate).and_raise(RuntimeError)
|
|
817
|
+
expect(@host).to receive(:puts)
|
|
798
818
|
expect { @host.wait_for_cert(0) }.to exit_with 1
|
|
799
819
|
end
|
|
800
820
|
|
|
801
821
|
it "should exit if the wait time is 0 and it can neither find nor retrieve a certificate" do
|
|
802
|
-
@host.
|
|
803
|
-
@host.
|
|
804
|
-
@host.
|
|
822
|
+
allow(@host).to receive(:certificate).and_return(nil)
|
|
823
|
+
expect(@host).to receive(:generate)
|
|
824
|
+
expect(@host).to receive(:puts)
|
|
805
825
|
expect { @host.wait_for_cert(0) }.to exit_with 1
|
|
806
826
|
end
|
|
807
827
|
|
|
808
828
|
it "should sleep for the specified amount of time if no certificate is found after generating its certificate request" do
|
|
809
|
-
@host.
|
|
810
|
-
@host.
|
|
829
|
+
expect(@host).to receive(:certificate).exactly(3).times().and_return(nil, nil, "foo")
|
|
830
|
+
expect(@host).to receive(:generate)
|
|
811
831
|
|
|
812
|
-
@host.
|
|
832
|
+
expect(@host).to receive(:sleep).with(1)
|
|
813
833
|
|
|
814
834
|
@host.wait_for_cert(1)
|
|
815
835
|
end
|
|
816
836
|
|
|
817
837
|
it "should catch and log exceptions during certificate retrieval" do
|
|
818
|
-
|
|
819
|
-
@host.
|
|
820
|
-
|
|
838
|
+
times_certificate_called = 0
|
|
839
|
+
expect(@host).to receive(:certificate) do
|
|
840
|
+
times_certificate_called += 1
|
|
841
|
+
if times_certificate_called == 1
|
|
842
|
+
return nil
|
|
843
|
+
elsif times_certificate_called == 2
|
|
844
|
+
raise RuntimeError
|
|
845
|
+
end
|
|
846
|
+
"foo"
|
|
847
|
+
end.exactly(3).times()
|
|
848
|
+
allow(@host).to receive(:generate)
|
|
849
|
+
allow(@host).to receive(:sleep)
|
|
821
850
|
|
|
822
|
-
Puppet.
|
|
851
|
+
expect(Puppet).to receive(:err).twice
|
|
823
852
|
|
|
824
853
|
@host.wait_for_cert(1)
|
|
825
854
|
end
|