RubyGems - puppet - Versions diffs - 5.5.16-x64-mingw32 → 5.5.21-x64-mingw32 - Mend

puppet 5.5.16-x64-mingw32 → 5.5.21-x64-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (359) hide show

checksums.yaml +4 -4
data/CODEOWNERS +10 -10
data/Gemfile +2 -3
data/Gemfile.lock +57 -52
data/ext/build_defaults.yaml +1 -0
data/ext/cert_inspector +3 -3
data/ext/project_data.yaml +2 -2
data/ext/puppet-test +2 -2
data/ext/regexp_nodes/regexp_nodes.rb +4 -4
data/ext/windows/service/daemon.rb +54 -8
data/install.rb +6 -24
data/lib/puppet.rb +5 -2
data/lib/puppet/agent.rb +5 -13
data/lib/puppet/application.rb +1 -1
data/lib/puppet/application/agent.rb +15 -1
data/lib/puppet/application/apply.rb +2 -2
data/lib/puppet/application/describe.rb +3 -9
data/lib/puppet/application/device.rb +4 -4
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/filebucket.rb +13 -0
data/lib/puppet/application/lookup.rb +1 -1
data/lib/puppet/application/resource.rb +4 -4
data/lib/puppet/application/script.rb +2 -2
data/lib/puppet/configurer.rb +86 -28
data/lib/puppet/configurer/downloader.rb +2 -6
data/lib/puppet/daemon.rb +1 -1
data/lib/puppet/defaults.rb +82 -38
data/lib/puppet/error.rb +9 -1
data/lib/puppet/external/nagios/base.rb +1 -1
data/lib/puppet/face/ca.rb +1 -1
data/lib/puppet/face/config.rb +10 -48
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/module/list.rb +5 -5
data/lib/puppet/face/module/search.rb +1 -1
data/lib/puppet/face/module/uninstall.rb +1 -1
data/lib/puppet/face/module/upgrade.rb +1 -1
data/lib/puppet/face/plugin.rb +9 -2
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_system.rb +0 -8
data/lib/puppet/file_system/memory_file.rb +1 -1
data/lib/puppet/file_system/posix.rb +3 -2
data/lib/puppet/file_system/uniquefile.rb +4 -0
data/lib/puppet/forge.rb +3 -3
data/lib/puppet/functions/epp.rb +4 -4
data/lib/puppet/functions/inline_epp.rb +5 -5
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/gettext/module_translations.rb +1 -1
data/lib/puppet/graph/rb_tree_map.rb +2 -2
data/lib/puppet/graph/simple_graph.rb +6 -5
data/lib/puppet/indirector/catalog/compiler.rb +8 -0
data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
data/lib/puppet/indirector/hiera.rb +2 -0
data/lib/puppet/indirector/resource/ral.rb +1 -3
data/lib/puppet/indirector/resource/validator.rb +1 -1
data/lib/puppet/interface.rb +2 -1
data/lib/puppet/loaders.rb +0 -1
data/lib/puppet/metatype/manager.rb +1 -1
data/lib/puppet/module.rb +1 -1
data/lib/puppet/module_tool/applications/builder.rb +1 -1
data/lib/puppet/module_tool/applications/installer.rb +1 -1
data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
data/lib/puppet/module_tool/metadata.rb +1 -1
data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
data/lib/puppet/module_tool/tar/mini.rb +12 -2
data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/connection.rb +14 -12
data/lib/puppet/network/http/factory.rb +1 -11
data/lib/puppet/network/http/pool.rb +7 -1
data/lib/puppet/network/http/rack/rest.rb +2 -2
data/lib/puppet/network/http/site.rb +1 -1
data/lib/puppet/network/resolver.rb +2 -2
data/lib/puppet/node/environment.rb +4 -2
data/lib/puppet/parameter.rb +8 -0
data/lib/puppet/parser/ast.rb +1 -1
data/lib/puppet/parser/ast/resourceparam.rb +1 -1
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +3 -0
data/lib/puppet/parser/functions.rb +1 -1
data/lib/puppet/parser/functions/epp.rb +3 -3
data/lib/puppet/parser/functions/inline_epp.rb +5 -5
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loaders.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
data/lib/puppet/pops/merge_strategy.rb +22 -18
data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
data/lib/puppet/pops/parser/locator.rb +1 -1
data/lib/puppet/pops/parser/pn_parser.rb +17 -16
data/lib/puppet/pops/puppet_stack.rb +51 -48
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
data/lib/puppet/pops/types/string_converter.rb +10 -10
data/lib/puppet/pops/types/type_calculator.rb +24 -0
data/lib/puppet/pops/types/types.rb +3 -3
data/lib/puppet/pops/validation/checker4_0.rb +10 -0
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/property.rb +1 -1
data/lib/puppet/property/ensure.rb +1 -1
data/lib/puppet/provider/augeas/augeas.rb +1 -1
data/lib/puppet/provider/cron/crontab.rb +1 -1
data/lib/puppet/provider/exec.rb +6 -2
data/lib/puppet/provider/file/posix.rb +5 -0
data/lib/puppet/provider/group/groupadd.rb +19 -19
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/mailalias/aliases.rb +1 -1
data/lib/puppet/provider/mount.rb +1 -1
data/lib/puppet/provider/mount/parsed.rb +8 -8
data/lib/puppet/provider/nameservice.rb +10 -3
data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
data/lib/puppet/provider/nameservice/pw.rb +2 -2
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +14 -3
data/lib/puppet/provider/package/dnf.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +141 -0
data/lib/puppet/provider/package/dpkg.rb +16 -18
data/lib/puppet/provider/package/fink.rb +20 -3
data/lib/puppet/provider/package/openbsd.rb +14 -2
data/lib/puppet/provider/package/pip.rb +37 -10
data/lib/puppet/provider/package/pkg.rb +18 -5
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +4 -4
data/lib/puppet/provider/package/rpm.rb +57 -19
data/lib/puppet/provider/package/windows/package.rb +1 -1
data/lib/puppet/provider/package/yum.rb +35 -24
data/lib/puppet/provider/package/zypper.rb +1 -0
data/lib/puppet/provider/package_targetable.rb +5 -4
data/lib/puppet/provider/parsedfile.rb +1 -1
data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
data/lib/puppet/provider/selmodule/semodule.rb +43 -26
data/lib/puppet/provider/service/daemontools.rb +9 -9
data/lib/puppet/provider/service/launchd.rb +20 -5
data/lib/puppet/provider/service/openbsd.rb +1 -1
data/lib/puppet/provider/service/rcng.rb +2 -2
data/lib/puppet/provider/service/runit.rb +2 -8
data/lib/puppet/provider/service/systemd.rb +35 -22
data/lib/puppet/provider/service/windows.rb +8 -0
data/lib/puppet/provider/user/directoryservice.rb +31 -6
data/lib/puppet/provider/user/hpux.rb +1 -1
data/lib/puppet/provider/user/pw.rb +12 -3
data/lib/puppet/provider/user/user_role_add.rb +5 -1
data/lib/puppet/provider/user/useradd.rb +62 -27
data/lib/puppet/provider/user/windows_adsi.rb +4 -5
data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
data/lib/puppet/reference/indirection.rb +2 -2
data/lib/puppet/reference/metaparameter.rb +1 -3
data/lib/puppet/reference/providers.rb +1 -1
data/lib/puppet/reference/type.rb +3 -9
data/lib/puppet/reports.rb +1 -1
data/lib/puppet/resource.rb +18 -1
data/lib/puppet/resource/catalog.rb +1 -1
data/lib/puppet/resource/type.rb +8 -0
data/lib/puppet/settings.rb +43 -3
data/lib/puppet/settings/environment_conf.rb +1 -0
data/lib/puppet/ssl/certificate.rb +2 -1
data/lib/puppet/ssl/certificate_authority.rb +6 -5
data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
data/lib/puppet/ssl/certificate_factory.rb +2 -2
data/lib/puppet/ssl/host.rb +3 -3
data/lib/puppet/ssl/oids.rb +1 -1
data/lib/puppet/test/test_helper.rb +15 -10
data/lib/puppet/transaction/report.rb +1 -1
data/lib/puppet/transaction/resource_harness.rb +1 -1
data/lib/puppet/type.rb +15 -4
data/lib/puppet/type/cron.rb +1 -1
data/lib/puppet/type/exec.rb +21 -9
data/lib/puppet/type/file.rb +14 -2
data/lib/puppet/type/file/data_sync.rb +5 -1
data/lib/puppet/type/group.rb +4 -2
data/lib/puppet/type/interface.rb +1 -1
data/lib/puppet/type/notify.rb +3 -2
data/lib/puppet/type/package.rb +107 -8
data/lib/puppet/type/schedule.rb +1 -1
data/lib/puppet/type/selboolean.rb +17 -3
data/lib/puppet/type/service.rb +9 -10
data/lib/puppet/type/user.rb +6 -24
data/lib/puppet/type/yumrepo.rb +3 -7
data/lib/puppet/util.rb +47 -25
data/lib/puppet/util/command_line/trollop.rb +1 -1
data/lib/puppet/util/execution.rb +4 -3
data/lib/puppet/util/http_proxy.rb +24 -16
data/lib/puppet/util/instance_loader.rb +1 -1
data/lib/puppet/util/log.rb +1 -1
data/lib/puppet/util/log/destinations.rb +3 -12
data/lib/puppet/util/logging.rb +30 -18
data/lib/puppet/util/metric.rb +2 -2
data/lib/puppet/util/monkey_patches.rb +1 -1
data/lib/puppet/util/nagios_maker.rb +2 -2
data/lib/puppet/util/network_device/cisco/device.rb +1 -1
data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
data/lib/puppet/util/pidlock.rb +12 -6
data/lib/puppet/util/plist.rb +6 -0
data/lib/puppet/util/provider_features.rb +2 -4
data/lib/puppet/util/rdoc.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/selinux.rb +8 -2
data/lib/puppet/util/windows/adsi.rb +60 -30
data/lib/puppet/util/windows/api_types.rb +45 -32
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +16 -15
data/lib/puppet/util/windows/registry.rb +17 -15
data/lib/puppet/util/windows/security.rb +3 -0
data/lib/puppet/util/windows/service.rb +149 -4
data/lib/puppet/util/windows/sid.rb +4 -3
data/lib/puppet/vendor.rb +1 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet_pal.rb +2 -2
data/locales/puppet.pot +479 -443
data/man/man5/puppet.conf.5 +38 -8
data/man/man8/puppet-agent.8 +2 -2
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-ca.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-cert.8 +1 -1
data/man/man8/puppet-certificate.8 +1 -1
data/man/man8/puppet-certificate_request.8 +1 -1
data/man/man8/puppet-certificate_revocation_list.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +16 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-master.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/integration/configurer_spec.rb +52 -0
data/spec/integration/defaults_spec.rb +1 -2
data/spec/integration/indirector/facts/facter_spec.rb +4 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/provider/service/systemd_spec.rb +8 -5
data/spec/integration/type/file_spec.rb +28 -0
data/spec/integration/type/notify_spec.rb +46 -0
data/spec/integration/util/execution_spec.rb +27 -0
data/spec/integration/util/windows/adsi_spec.rb +6 -1
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/unit/agent_spec.rb +34 -26
data/spec/unit/application/agent_spec.rb +18 -0
data/spec/unit/application/apply_spec.rb +2 -12
data/spec/unit/application/device_spec.rb +1 -1
data/spec/unit/configurer/fact_handler_spec.rb +0 -4
data/spec/unit/configurer_spec.rb +377 -397
data/spec/unit/daemon_spec.rb +0 -1
data/spec/unit/face/facts_spec.rb +9 -0
data/spec/unit/face/plugin_spec.rb +8 -0
data/spec/unit/file_system/uniquefile_spec.rb +11 -0
data/spec/unit/forge/forge_spec.rb +1 -3
data/spec/unit/forge/repository_spec.rb +1 -3
data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
data/spec/unit/indirector/resource/ral_spec.rb +4 -4
data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
data/spec/unit/network/http/connection_spec.rb +43 -1
data/spec/unit/network/http/factory_spec.rb +27 -5
data/spec/unit/network/http/pool_spec.rb +32 -0
data/spec/unit/node_spec.rb +7 -4
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
data/spec/unit/pops/validator/validator_spec.rb +7 -0
data/spec/unit/provider/exec_spec.rb +209 -0
data/spec/unit/provider/group/groupadd_spec.rb +30 -1
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +13 -2
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
data/spec/unit/provider/package/dnf_spec.rb +7 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
data/spec/unit/provider/package/dpkg_spec.rb +35 -7
data/spec/unit/provider/package/openbsd_spec.rb +17 -0
data/spec/unit/provider/package/pip_spec.rb +93 -22
data/spec/unit/provider/package/pkg_spec.rb +13 -1
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +36 -0
data/spec/unit/provider/package/portage_spec.rb +4 -4
data/spec/unit/provider/package/rpm_spec.rb +150 -16
data/spec/unit/provider/package/yum_spec.rb +66 -0
data/spec/unit/provider/package/zypper_spec.rb +13 -0
data/spec/unit/provider/package_targetable_spec.rb +60 -0
data/spec/unit/provider/selmodule_spec.rb +118 -47
data/spec/unit/provider/service/daemontools_spec.rb +24 -0
data/spec/unit/provider/service/launchd_spec.rb +28 -0
data/spec/unit/provider/service/runit_spec.rb +24 -0
data/spec/unit/provider/service/systemd_spec.rb +109 -36
data/spec/unit/provider/service/windows_spec.rb +20 -0
data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
data/spec/unit/provider/user/hpux_spec.rb +2 -2
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/pw_spec.rb +37 -0
data/spec/unit/provider/user/useradd_spec.rb +122 -15
data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
data/spec/unit/puppet_pal_2pec.rb +3 -0
data/spec/unit/resource_spec.rb +26 -1
data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
data/spec/unit/ssl/certificate_spec.rb +7 -0
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction_spec.rb +18 -0
data/spec/unit/type/exec_spec.rb +15 -12
data/spec/unit/type/file/content_spec.rb +9 -3
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/file_spec.rb +9 -4
data/spec/unit/type/package_spec.rb +8 -0
data/spec/unit/type/schedule_spec.rb +3 -1
data/spec/unit/type/selboolean_spec.rb +4 -6
data/spec/unit/type/service_spec.rb +25 -8
data/spec/unit/type/user_spec.rb +32 -26
data/spec/unit/type/yumrepo_spec.rb +30 -0
data/spec/unit/type_spec.rb +40 -0
data/spec/unit/util/execution_spec.rb +16 -0
data/spec/unit/util/http_proxy_spec.rb +121 -1
data/spec/unit/util/log/destinations_spec.rb +2 -26
data/spec/unit/util/log_spec.rb +0 -112
data/spec/unit/util/logging_spec.rb +200 -0
data/spec/unit/util/pidlock_spec.rb +67 -40
data/spec/unit/util/plist_spec.rb +20 -0
data/spec/unit/util/windows/adsi_spec.rb +55 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +9 -0
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/tasks/manpages.rake +1 -0
metadata +18 -13
data/ext/windows/eventlog/Rakefile +0 -32
data/ext/windows/eventlog/puppetres.dll +0 -0
data/ext/windows/eventlog/puppetres.mc +0 -18
data/lib/puppet/pops/loader/null_loader.rb +0 -60
data/locales/ja/puppet.po +0 -12114
data/spec/integration/test/test_helper_spec.rb +0 -31

data/spec/unit/network/http/factory_spec.rb CHANGED

@@ -42,10 +42,11 @@ describe Puppet::Network::HTTP::Factory do
   context "proxy settings" do
     let(:proxy_host) { 'myhost' }
     let(:proxy_port) { 432 }
+    let(:proxy_user) { 'mo' }
+    let(:proxy_pass) { 'password' }
-    it "should not set a proxy if the value is 'none'" do
+    it "should not set a proxy if the http_proxy_host setting is 'none'" do
       Puppet[:http_proxy_host] = 'none'
-      expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
       conn = create_connection(site)
       expect(conn.proxy_address).to be_nil
@@ -54,7 +55,18 @@ describe Puppet::Network::HTTP::Factory do
     it 'should not set a proxy if a no_proxy env var matches the destination' do
       Puppet[:http_proxy_host] = proxy_host
       Puppet[:http_proxy_port] = proxy_port
-      expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(true)
+      Puppet::Util.withenv('NO_PROXY' => site.host) do
+        conn = create_connection(site)
+        expect(conn.proxy_address).to be_nil
+        expect(conn.proxy_port).to be_nil
+      end
+    end
+    it 'should not set a proxy if the no_proxy setting matches the destination' do
+      Puppet[:http_proxy_host] = proxy_host
+      Puppet[:http_proxy_port] = proxy_port
+      Puppet[:no_proxy] = site.host
       conn = create_connection(site)
       expect(conn.proxy_address).to be_nil
@@ -63,7 +75,6 @@ describe Puppet::Network::HTTP::Factory do
     it 'sets proxy_address' do
       Puppet[:http_proxy_host] = proxy_host
-      expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
       conn = create_connection(site)
       expect(conn.proxy_address).to eq(proxy_host)
@@ -72,11 +83,22 @@ describe Puppet::Network::HTTP::Factory do
     it 'sets proxy address and port' do
       Puppet[:http_proxy_host] = proxy_host
       Puppet[:http_proxy_port] = proxy_port
-      expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
       conn = create_connection(site)
       expect(conn.proxy_port).to eq(proxy_port)
     end
+    it 'sets proxy user and password' do
+      Puppet[:http_proxy_host] = proxy_host
+      Puppet[:http_proxy_port] = proxy_port
+      Puppet[:http_proxy_user] = proxy_user
+      Puppet[:http_proxy_password] = proxy_pass
+      conn = create_connection(site)
+      expect(conn.proxy_user).to eq(proxy_user)
+      expect(conn.proxy_pass).to eq(proxy_pass)
+    end
   end
   context 'socket timeouts' do

data/spec/unit/network/http/pool_spec.rb CHANGED

@@ -60,6 +60,8 @@ describe Puppet::Network::HTTP::Pool do
     it 'returns the connection to the pool' do
       conn = create_connection(site)
+      expect(conn).to receive(:started?).and_return(true)
       pool = create_pool
       pool.release(site, conn)
@@ -137,6 +139,7 @@ describe Puppet::Network::HTTP::Pool do
       it 'releases HTTP connections' do
         conn = create_connection(site)
         expect(conn).to receive(:use_ssl?).and_return(false)
+        expect(conn).to receive(:started?).and_return(true)
         pool = create_pool_with_connections(site, conn)
         expect(pool).to receive(:release).with(site, conn)
@@ -148,6 +151,7 @@ describe Puppet::Network::HTTP::Pool do
         conn = create_connection(site)
         expect(conn).to receive(:use_ssl?).and_return(true)
         expect(conn).to receive(:verify_mode).and_return(OpenSSL::SSL::VERIFY_PEER)
+        expect(conn).to receive(:started?).and_return(true)
         pool = create_pool_with_connections(site, conn)
         expect(pool).to receive(:release).with(site, conn)
@@ -166,6 +170,19 @@ describe Puppet::Network::HTTP::Pool do
         pool.with_connection(site, verify) {|c| }
       end
+      it "doesn't add a closed  connection back to the pool" do
+        http = Net::HTTP.new(site.addr)
+        http.use_ssl = true
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        http.start
+        pool = create_pool_with_connections(site, http)
+        pool.with_connection(site, verify) {|c| c.finish}
+        expect(pool.pool[site]).to be_empty
+      end
     end
   end
@@ -228,6 +245,7 @@ describe Puppet::Network::HTTP::Pool do
     it 'finishes expired connections' do
       conn = create_connection(site)
+      allow(conn).to receive(:started?).and_return(true)
       expect(conn).to receive(:finish)
       pool = create_pool_with_expired_connections(site, conn)
@@ -241,6 +259,7 @@ describe Puppet::Network::HTTP::Pool do
       expect(Puppet).to receive(:log_exception).with(be_a(IOError), "Failed to close connection for #{site}: read timeout")
       conn = create_connection(site)
+      expect(conn).to receive(:started?).and_return(true)
       expect(conn).to receive(:finish).and_raise(IOError, 'read timeout')
       pool = create_pool_with_expired_connections(site, conn)
@@ -289,10 +308,23 @@ describe Puppet::Network::HTTP::Pool do
     it 'closes all cached connections' do
       conn = create_connection(site)
+      allow(conn).to receive(:started?).and_return(true)
       expect(conn).to receive(:finish)
       pool = create_pool_with_connections(site, conn)
       pool.close
     end
+    it 'allows a connection to be closed multiple times safely' do
+      http = Net::HTTP.new(site.addr)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      http.start
+      pool = create_pool
+      expect(pool.close_connection(site, http)).to eq(true)
+      expect(pool.close_connection(site, http)).to eq(false)
+    end
   end
 end

data/spec/unit/node_spec.rb CHANGED

@@ -414,7 +414,9 @@ end
 describe Puppet::Node, "when generating the list of names to search through" do
   before do
-    @node = Puppet::Node.new("foo.domain.com", :parameters => {"hostname" => "yay", "domain" => "domain.com"})
+    Puppet[:strict_hostname_checking] = false
+    @node = Puppet::Node.new("foo.domain.com",
+                             :parameters => {"hostname" => "yay", "domain" => "domain.com"})
   end
   it "returns an array of names" do
@@ -445,7 +447,6 @@ describe Puppet::Node, "when generating the list of names to search through" do
   describe "and :node_name is set to 'cert'" do
     before do
-      Puppet[:strict_hostname_checking] = false
       Puppet[:node_name] = "cert"
     end
@@ -454,8 +455,11 @@ describe Puppet::Node, "when generating the list of names to search through" do
     end
     describe "and strict hostname checking is enabled" do
-      it "only uses the passed-in key" do
+      before do
         Puppet[:strict_hostname_checking] = true
+      end
+      it "only uses the passed-in key" do
         expect(@node.names).to eq(["foo.domain.com"])
       end
     end
@@ -463,7 +467,6 @@ describe Puppet::Node, "when generating the list of names to search through" do
   describe "and :node_name is set to 'facter'" do
     before do
-      Puppet[:strict_hostname_checking] = false
       Puppet[:node_name] = "facter"
     end

data/spec/unit/parser/environment_compiler_spec.rb CHANGED

@@ -367,6 +367,13 @@ EOS
       }.to raise_error(/'Cap\[cap\]' is exported by both 'Prod\[one\]' and 'Prod\[two\]'/)
     end
+    it "issues deprecation warnings" do
+      expect {compile_collect_log(MANIFEST_WO_NODE)}.not_to raise_error
+      expect(warnings).to include(/Capability Mapping is deprecated/) # there are two of these
+      expect(warnings).to include(/Application is deprecated/)
+      expect(warnings).to include(/Site Definition is deprecated/)
+    end
     context "for producing node" do
       let(:compiled_node) { Puppet::Node.new('first', :environment => env) }
       let(:compiled_catalog) { compile_to_catalog(MANIFEST, compiled_node)}

data/spec/unit/pops/evaluator/evaluating_parser_spec.rb CHANGED

@@ -442,21 +442,26 @@ describe 'Puppet::Pops::Evaluator::EvaluatorImpl' do
       }.each do |source, coerced_val|
           it "should warn about numeric coercion in '#{source}' when strict = warning" do
             Puppet[:strict] = :warning
+            expect(Puppet::Pops::Evaluator::Runtime3Support::EvaluationError).not_to receive(:new)
             collect_notices(source)
             expect(warnings).to include(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
           end
           it "should not warn about numeric coercion in '#{source}' if strict = off" do
             Puppet[:strict] = :off
+            expect(Puppet::Pops::Evaluator::Runtime3Support::EvaluationError).not_to receive(:new)
             collect_notices(source)
             expect(warnings).to_not include(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
           end
         it "should error when finding numeric coercion in '#{source}' if strict = error" do
           Puppet[:strict] = :error
-          expect { parser.evaluate_string(scope, source, __FILE__) }.to raise_error(
-            /The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/
-            )
+          expect {
+            parser.evaluate_string(scope, source, __FILE__)
+          }.to raise_error {|error|
+            expect(error.message).to match(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
+            expect(error.backtrace.first).to match(/runtime3_support\.rb.+optionally_fail/)
+          }
         end
       end

data/spec/unit/pops/validator/validator_spec.rb CHANGED

@@ -599,6 +599,13 @@ describe "validating 4x" do
     end
   end
+  context 'for hash keys' do
+    it "should not allow reassignment of hash keys" do
+      source = "$my_hash = {'one' => '1', 'two' => '2' }; $my_hash['one']='1.5'"
+      expect(validate(parse(source))).to have_issue(Puppet::Pops::Issues::ILLEGAL_INDEXED_ASSIGNMENT)
+    end
+  end
   context 'for parameter names' do
     ['class', 'define'].each do |word|
       it "should require that #{word} parameter names are unique" do

data/spec/unit/provider/exec_spec.rb CHANGED

@@ -1,7 +1,12 @@
 require 'spec_helper'
 require 'puppet/provider/exec'
+require 'puppet_spec/compiler'
+require 'puppet_spec/files'
 describe Puppet::Provider::Exec do
+  include PuppetSpec::Compiler
+  include PuppetSpec::Files
   describe "#extractexe" do
     it "should return the first element of an array" do
       expect(subject.extractexe(['one', 'two'])).to eq('one')
@@ -31,4 +36,208 @@ describe Puppet::Provider::Exec do
       end
     end
   end
+  context "when handling sensitive data" do
+    before :each do
+      Puppet[:log_level] = 'debug'
+    end
+    let(:supersecret) { 'supersecret' }
+    let(:path) do
+      if Puppet::Util::Platform.windows?
+        # The `apply_compiled_manifest` helper doesn't add the `path` fact, so
+        # we can't reference that in our manifest. Windows PATHs can contain
+        # double quotes and trailing backslashes, which confuse HEREDOC
+        # interpolation below. So sanitize it:
+        ENV['PATH'].split(File::PATH_SEPARATOR).map do |dir|
+          dir.gsub(/"/, '\"').gsub(/\\$/, '')
+        end.join(File::PATH_SEPARATOR)
+      else
+        ENV['PATH']
+      end
+    end
+    def ruby_exit_0
+      "ruby -e 'exit 0'"
+    end
+    def echo_from_ruby_exit_0(message)
+      # Escape double quotes due to HEREDOC interpolation below
+      "ruby -e 'puts \"#{message}\"; exit 0'".gsub(/"/, '\"')
+    end
+    def echo_from_ruby_exit_1(message)
+      # Escape double quotes due to HEREDOC interpolation below
+      "ruby -e 'puts \"#{message}\"; exit 1'".gsub(/"/, '\"')
+    end
+    context "when validating the command" do
+      it "redacts the arguments if the command is relative" do
+        expect {
+          apply_compiled_manifest(<<-MANIFEST)
+            exec { 'echo':
+              command => Sensitive.new('echo #{supersecret}')
+            }
+          MANIFEST
+        }.to raise_error do |err|
+          expect(err).to be_a(Puppet::Error)
+          expect(err.message).to match(/'echo' is not qualified and no path was specified. Please qualify the command or specify a path./)
+          expect(err.message).to_not match(/#{supersecret}/)
+        end
+      end
+      it "redacts the arguments if the command is a directory" do
+        dir = tmpdir('exec')
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'echo':
+            command => Sensitive.new('#{dir} #{supersecret}'),
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :err, message: /'#{dir}' is a directory, not a file/))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+      end
+      it "redacts the arguments if the command isn't executable" do
+        file = tmpfile('exec')
+        Puppet::FileSystem.touch(file)
+        Puppet::FileSystem.chmod(0644, file)
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'echo':
+            command => Sensitive.new('#{file} #{supersecret}'),
+          }
+        MANIFEST
+        # Execute permission works differently on Windows, but execute will fail since the
+        # file doesn't have a valid extension and isn't a valid executable. The raised error
+        # will be Errno::EIO, which is not useful. The Windows execute code needs to raise
+        # Puppet::Util::Windows::Error so the Win32 error message is preserved.
+        pending("PUP-3561 Needs to raise a meaningful Puppet::Error") if Puppet::Util::Platform.windows?
+        expect(@logs).to include(an_object_having_attributes(level: :err, message: /'#{file}' is not executable/))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+      end
+      it "redacts the arguments if the relative command cannot be resolved using the path parameter" do
+        file = File.basename(tmpfile('exec'))
+        dir = tmpdir('exec')
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'echo':
+            command => Sensitive.new('#{file} #{supersecret}'),
+            path    => "#{dir}",
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :err, message: /Could not find command '#{file}'/))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+      end
+    end
+    it "redacts the command on success" do
+      command = echo_from_ruby_exit_0(supersecret)
+      apply_compiled_manifest(<<-MANIFEST)
+        exec { 'true':
+          command => Sensitive.new("#{command}"),
+          path    => "#{path}",
+        }
+      MANIFEST
+      expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
+      expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+      expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
+      expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+    end
+    it "redacts the command on failure" do
+      command = echo_from_ruby_exit_1(supersecret)
+      apply_compiled_manifest(<<-MANIFEST)
+        exec { 'false':
+          command => Sensitive.new("#{command}"),
+          path    => "#{path}",
+        }
+      MANIFEST
+      expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[false\]/))
+      expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+      expect(@logs).to include(an_object_having_attributes(level: :err, message: "[command redacted] returned 1 instead of one of [0]"))
+      expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+    end
+    context "when handling checks" do
+      let(:onlyifsecret) { "onlyifsecret" }
+      let(:unlesssecret) { "unlesssecret" }
+      it "redacts command and onlyif outputs" do
+        onlyif = echo_from_ruby_exit_0(onlyifsecret)
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'true':
+            command => Sensitive.new("#{ruby_exit_0}"),
+            onlyif  => Sensitive.new("#{onlyif}"),
+            path    => "#{path}",
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
+        expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{onlyifsecret}/))
+      end
+      it "redacts the command that would have been executed but didn't due to onlyif" do
+        command = echo_from_ruby_exit_0(supersecret)
+        onlyif = echo_from_ruby_exit_1(onlyifsecret)
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'true':
+            command => Sensitive.new("#{command}"),
+            onlyif  => Sensitive.new("#{onlyif}"),
+            path    => "#{path}",
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "'[command redacted]' won't be executed because of failed check 'onlyif'"))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{onlyifsecret}/))
+      end
+      it "redacts command and unless outputs" do
+        unlesscmd = echo_from_ruby_exit_1(unlesssecret)
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'true':
+            command => Sensitive.new("#{ruby_exit_0}"),
+            unless  => Sensitive.new("#{unlesscmd}"),
+            path    => "#{path}",
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
+        expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{unlesssecret}/))
+      end
+      it "redacts the command that would have been executed but didn't due to unless" do
+        command = echo_from_ruby_exit_0(supersecret)
+        unlesscmd = echo_from_ruby_exit_0(unlesssecret)
+        apply_compiled_manifest(<<-MANIFEST)
+          exec { 'true':
+            command => Sensitive.new("#{command}"),
+            unless  => Sensitive.new("#{unlesscmd}"),
+            path    => "#{path}",
+          }
+        MANIFEST
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
+        expect(@logs).to include(an_object_having_attributes(level: :debug, message: "'[command redacted]' won't be executed because of failed check 'unless'"))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
+        expect(@logs).to_not include(an_object_having_attributes(message: /#{unlesssecret}/))
+      end
+    end
+  end
 end