puppet 5.5.16-x64-mingw32 → 5.5.21-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +10 -10
- data/Gemfile +2 -3
- data/Gemfile.lock +57 -52
- data/ext/build_defaults.yaml +1 -0
- data/ext/cert_inspector +3 -3
- data/ext/project_data.yaml +2 -2
- data/ext/puppet-test +2 -2
- data/ext/regexp_nodes/regexp_nodes.rb +4 -4
- data/ext/windows/service/daemon.rb +54 -8
- data/install.rb +6 -24
- data/lib/puppet.rb +5 -2
- data/lib/puppet/agent.rb +5 -13
- data/lib/puppet/application.rb +1 -1
- data/lib/puppet/application/agent.rb +15 -1
- data/lib/puppet/application/apply.rb +2 -2
- data/lib/puppet/application/describe.rb +3 -9
- data/lib/puppet/application/device.rb +4 -4
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +13 -0
- data/lib/puppet/application/lookup.rb +1 -1
- data/lib/puppet/application/resource.rb +4 -4
- data/lib/puppet/application/script.rb +2 -2
- data/lib/puppet/configurer.rb +86 -28
- data/lib/puppet/configurer/downloader.rb +2 -6
- data/lib/puppet/daemon.rb +1 -1
- data/lib/puppet/defaults.rb +82 -38
- data/lib/puppet/error.rb +9 -1
- data/lib/puppet/external/nagios/base.rb +1 -1
- data/lib/puppet/face/ca.rb +1 -1
- data/lib/puppet/face/config.rb +10 -48
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/face/module/list.rb +5 -5
- data/lib/puppet/face/module/search.rb +1 -1
- data/lib/puppet/face/module/uninstall.rb +1 -1
- data/lib/puppet/face/module/upgrade.rb +1 -1
- data/lib/puppet/face/plugin.rb +9 -2
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_system.rb +0 -8
- data/lib/puppet/file_system/memory_file.rb +1 -1
- data/lib/puppet/file_system/posix.rb +3 -2
- data/lib/puppet/file_system/uniquefile.rb +4 -0
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/epp.rb +4 -4
- data/lib/puppet/functions/inline_epp.rb +5 -5
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph/rb_tree_map.rb +2 -2
- data/lib/puppet/graph/simple_graph.rb +6 -5
- data/lib/puppet/indirector/catalog/compiler.rb +8 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +2 -0
- data/lib/puppet/indirector/resource/ral.rb +1 -3
- data/lib/puppet/indirector/resource/validator.rb +1 -1
- data/lib/puppet/interface.rb +2 -1
- data/lib/puppet/loaders.rb +0 -1
- data/lib/puppet/metatype/manager.rb +1 -1
- data/lib/puppet/module.rb +1 -1
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
- data/lib/puppet/module_tool/metadata.rb +1 -1
- data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
- data/lib/puppet/module_tool/tar/mini.rb +12 -2
- data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/connection.rb +14 -12
- data/lib/puppet/network/http/factory.rb +1 -11
- data/lib/puppet/network/http/pool.rb +7 -1
- data/lib/puppet/network/http/rack/rest.rb +2 -2
- data/lib/puppet/network/http/site.rb +1 -1
- data/lib/puppet/network/resolver.rb +2 -2
- data/lib/puppet/node/environment.rb +4 -2
- data/lib/puppet/parameter.rb +8 -0
- data/lib/puppet/parser/ast.rb +1 -1
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +3 -0
- data/lib/puppet/parser/functions.rb +1 -1
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
- data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/loaders.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
- data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
- data/lib/puppet/pops/merge_strategy.rb +22 -18
- data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
- data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
- data/lib/puppet/pops/parser/locator.rb +1 -1
- data/lib/puppet/pops/parser/pn_parser.rb +17 -16
- data/lib/puppet/pops/puppet_stack.rb +51 -48
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
- data/lib/puppet/pops/types/string_converter.rb +10 -10
- data/lib/puppet/pops/types/type_calculator.rb +24 -0
- data/lib/puppet/pops/types/types.rb +3 -3
- data/lib/puppet/pops/validation/checker4_0.rb +10 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/property.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/provider/augeas/augeas.rb +1 -1
- data/lib/puppet/provider/cron/crontab.rb +1 -1
- data/lib/puppet/provider/exec.rb +6 -2
- data/lib/puppet/provider/file/posix.rb +5 -0
- data/lib/puppet/provider/group/groupadd.rb +19 -19
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/mailalias/aliases.rb +1 -1
- data/lib/puppet/provider/mount.rb +1 -1
- data/lib/puppet/provider/mount/parsed.rb +8 -8
- data/lib/puppet/provider/nameservice.rb +10 -3
- data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +2 -2
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +14 -3
- data/lib/puppet/provider/package/dnf.rb +1 -1
- data/lib/puppet/provider/package/dnfmodule.rb +141 -0
- data/lib/puppet/provider/package/dpkg.rb +16 -18
- data/lib/puppet/provider/package/fink.rb +20 -3
- data/lib/puppet/provider/package/openbsd.rb +14 -2
- data/lib/puppet/provider/package/pip.rb +37 -10
- data/lib/puppet/provider/package/pkg.rb +18 -5
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +4 -4
- data/lib/puppet/provider/package/rpm.rb +57 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +35 -24
- data/lib/puppet/provider/package/zypper.rb +1 -0
- data/lib/puppet/provider/package_targetable.rb +5 -4
- data/lib/puppet/provider/parsedfile.rb +1 -1
- data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
- data/lib/puppet/provider/selmodule/semodule.rb +43 -26
- data/lib/puppet/provider/service/daemontools.rb +9 -9
- data/lib/puppet/provider/service/launchd.rb +20 -5
- data/lib/puppet/provider/service/openbsd.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +2 -2
- data/lib/puppet/provider/service/runit.rb +2 -8
- data/lib/puppet/provider/service/systemd.rb +35 -22
- data/lib/puppet/provider/service/windows.rb +8 -0
- data/lib/puppet/provider/user/directoryservice.rb +31 -6
- data/lib/puppet/provider/user/hpux.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +12 -3
- data/lib/puppet/provider/user/user_role_add.rb +5 -1
- data/lib/puppet/provider/user/useradd.rb +62 -27
- data/lib/puppet/provider/user/windows_adsi.rb +4 -5
- data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
- data/lib/puppet/reference/indirection.rb +2 -2
- data/lib/puppet/reference/metaparameter.rb +1 -3
- data/lib/puppet/reference/providers.rb +1 -1
- data/lib/puppet/reference/type.rb +3 -9
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/resource.rb +18 -1
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type.rb +8 -0
- data/lib/puppet/settings.rb +43 -3
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +2 -1
- data/lib/puppet/ssl/certificate_authority.rb +6 -5
- data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
- data/lib/puppet/ssl/certificate_factory.rb +2 -2
- data/lib/puppet/ssl/host.rb +3 -3
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/test/test_helper.rb +15 -10
- data/lib/puppet/transaction/report.rb +1 -1
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +15 -4
- data/lib/puppet/type/cron.rb +1 -1
- data/lib/puppet/type/exec.rb +21 -9
- data/lib/puppet/type/file.rb +14 -2
- data/lib/puppet/type/file/data_sync.rb +5 -1
- data/lib/puppet/type/group.rb +4 -2
- data/lib/puppet/type/interface.rb +1 -1
- data/lib/puppet/type/notify.rb +3 -2
- data/lib/puppet/type/package.rb +107 -8
- data/lib/puppet/type/schedule.rb +1 -1
- data/lib/puppet/type/selboolean.rb +17 -3
- data/lib/puppet/type/service.rb +9 -10
- data/lib/puppet/type/user.rb +6 -24
- data/lib/puppet/type/yumrepo.rb +3 -7
- data/lib/puppet/util.rb +47 -25
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/execution.rb +4 -3
- data/lib/puppet/util/http_proxy.rb +24 -16
- data/lib/puppet/util/instance_loader.rb +1 -1
- data/lib/puppet/util/log.rb +1 -1
- data/lib/puppet/util/log/destinations.rb +3 -12
- data/lib/puppet/util/logging.rb +30 -18
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +1 -1
- data/lib/puppet/util/nagios_maker.rb +2 -2
- data/lib/puppet/util/network_device/cisco/device.rb +1 -1
- data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
- data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
- data/lib/puppet/util/pidlock.rb +12 -6
- data/lib/puppet/util/plist.rb +6 -0
- data/lib/puppet/util/provider_features.rb +2 -4
- data/lib/puppet/util/rdoc.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +8 -2
- data/lib/puppet/util/windows/adsi.rb +60 -30
- data/lib/puppet/util/windows/api_types.rb +45 -32
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +16 -15
- data/lib/puppet/util/windows/registry.rb +17 -15
- data/lib/puppet/util/windows/security.rb +3 -0
- data/lib/puppet/util/windows/service.rb +149 -4
- data/lib/puppet/util/windows/sid.rb +4 -3
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +479 -443
- data/man/man5/puppet.conf.5 +38 -8
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-ca.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-cert.8 +1 -1
- data/man/man8/puppet-certificate.8 +1 -1
- data/man/man8/puppet-certificate_request.8 +1 -1
- data/man/man8/puppet-certificate_revocation_list.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +16 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-master.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/integration/configurer_spec.rb +52 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/indirector/facts/facter_spec.rb +4 -0
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/provider/service/systemd_spec.rb +8 -5
- data/spec/integration/type/file_spec.rb +28 -0
- data/spec/integration/type/notify_spec.rb +46 -0
- data/spec/integration/util/execution_spec.rb +27 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/unit/agent_spec.rb +34 -26
- data/spec/unit/application/agent_spec.rb +18 -0
- data/spec/unit/application/apply_spec.rb +2 -12
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/configurer/fact_handler_spec.rb +0 -4
- data/spec/unit/configurer_spec.rb +377 -397
- data/spec/unit/daemon_spec.rb +0 -1
- data/spec/unit/face/facts_spec.rb +9 -0
- data/spec/unit/face/plugin_spec.rb +8 -0
- data/spec/unit/file_system/uniquefile_spec.rb +11 -0
- data/spec/unit/forge/forge_spec.rb +1 -3
- data/spec/unit/forge/repository_spec.rb +1 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
- data/spec/unit/indirector/resource/ral_spec.rb +4 -4
- data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
- data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
- data/spec/unit/network/http/connection_spec.rb +43 -1
- data/spec/unit/network/http/factory_spec.rb +27 -5
- data/spec/unit/network/http/pool_spec.rb +32 -0
- data/spec/unit/node_spec.rb +7 -4
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
- data/spec/unit/pops/validator/validator_spec.rb +7 -0
- data/spec/unit/provider/exec_spec.rb +209 -0
- data/spec/unit/provider/group/groupadd_spec.rb +30 -1
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +13 -2
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
- data/spec/unit/provider/package/dnf_spec.rb +7 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
- data/spec/unit/provider/package/dpkg_spec.rb +35 -7
- data/spec/unit/provider/package/openbsd_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +93 -22
- data/spec/unit/provider/package/pkg_spec.rb +13 -1
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +36 -0
- data/spec/unit/provider/package/portage_spec.rb +4 -4
- data/spec/unit/provider/package/rpm_spec.rb +150 -16
- data/spec/unit/provider/package/yum_spec.rb +66 -0
- data/spec/unit/provider/package/zypper_spec.rb +13 -0
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/selmodule_spec.rb +118 -47
- data/spec/unit/provider/service/daemontools_spec.rb +24 -0
- data/spec/unit/provider/service/launchd_spec.rb +28 -0
- data/spec/unit/provider/service/runit_spec.rb +24 -0
- data/spec/unit/provider/service/systemd_spec.rb +109 -36
- data/spec/unit/provider/service/windows_spec.rb +20 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
- data/spec/unit/provider/user/hpux_spec.rb +2 -2
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/pw_spec.rb +37 -0
- data/spec/unit/provider/user/useradd_spec.rb +122 -15
- data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
- data/spec/unit/puppet_pal_2pec.rb +3 -0
- data/spec/unit/resource_spec.rb +26 -1
- data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
- data/spec/unit/ssl/certificate_spec.rb +7 -0
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction_spec.rb +18 -0
- data/spec/unit/type/exec_spec.rb +15 -12
- data/spec/unit/type/file/content_spec.rb +9 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/file_spec.rb +9 -4
- data/spec/unit/type/package_spec.rb +8 -0
- data/spec/unit/type/schedule_spec.rb +3 -1
- data/spec/unit/type/selboolean_spec.rb +4 -6
- data/spec/unit/type/service_spec.rb +25 -8
- data/spec/unit/type/user_spec.rb +32 -26
- data/spec/unit/type/yumrepo_spec.rb +30 -0
- data/spec/unit/type_spec.rb +40 -0
- data/spec/unit/util/execution_spec.rb +16 -0
- data/spec/unit/util/http_proxy_spec.rb +121 -1
- data/spec/unit/util/log/destinations_spec.rb +2 -26
- data/spec/unit/util/log_spec.rb +0 -112
- data/spec/unit/util/logging_spec.rb +200 -0
- data/spec/unit/util/pidlock_spec.rb +67 -40
- data/spec/unit/util/plist_spec.rb +20 -0
- data/spec/unit/util/windows/adsi_spec.rb +55 -4
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +9 -0
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/tasks/manpages.rake +1 -0
- metadata +18 -13
- data/ext/windows/eventlog/Rakefile +0 -32
- data/ext/windows/eventlog/puppetres.dll +0 -0
- data/ext/windows/eventlog/puppetres.mc +0 -18
- data/lib/puppet/pops/loader/null_loader.rb +0 -60
- data/locales/ja/puppet.po +0 -12114
- data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -148,6 +148,11 @@ describe Puppet::Type.type(:service).provider(:windows), :if => Puppet.features.
|
|
148
148
|
expect(provider.enabled?).to eq(:manual)
|
149
149
|
end
|
150
150
|
|
151
|
+
it "should report a service with a startup type of delayed as delayed" do
|
152
|
+
expect(service_util).to receive(:service_start_type).with(name).and_return(:SERVICE_DELAYED_AUTO_START)
|
153
|
+
expect(provider.enabled?).to eq(:delayed)
|
154
|
+
end
|
155
|
+
|
151
156
|
it "should report a service with a startup type of disabled as false" do
|
152
157
|
expect(service_util).to receive(:service_start_type).with(name).and_return(:SERVICE_DISABLED)
|
153
158
|
expect(provider.enabled?).to eq(:false)
|
@@ -213,4 +218,19 @@ describe Puppet::Type.type(:service).provider(:windows), :if => Puppet.features.
|
|
213
218
|
}.to raise_error(Puppet::Error, /Cannot enable #{name}/)
|
214
219
|
end
|
215
220
|
end
|
221
|
+
|
222
|
+
describe "#delayed_start" do
|
223
|
+
it "should set service start type to Service_Config_Delayed_Auto_Start (delayed) when delayed" do
|
224
|
+
expect(service_util).to receive(:set_startup_mode).with(name, :SERVICE_AUTO_START, true)
|
225
|
+
provider.delayed_start
|
226
|
+
end
|
227
|
+
|
228
|
+
it "raises an error if set_startup_mode fails" do
|
229
|
+
expect(service_util).to receive(:set_startup_mode).with(name, :SERVICE_AUTO_START, true).and_raise(Puppet::Error.new('foobar'))
|
230
|
+
|
231
|
+
expect {
|
232
|
+
provider.delayed_start
|
233
|
+
}.to raise_error(Puppet::Error, /Cannot enable #{name}/)
|
234
|
+
end
|
235
|
+
end
|
216
236
|
end
|
@@ -196,6 +196,17 @@ describe Puppet::Type.type(:user).provider(:directoryservice) do
|
|
196
196
|
}
|
197
197
|
end
|
198
198
|
|
199
|
+
let (:dsimport_preamble) do
|
200
|
+
'0x0A 0x5C 0x3A 0x2C dsRecTypeStandard:Users 2 dsAttrTypeStandard:RecordName base64:dsAttrTypeNative:ShadowHashData'
|
201
|
+
end
|
202
|
+
|
203
|
+
let (:dsimport_contents) do
|
204
|
+
<<-DSIMPORT
|
205
|
+
#{dsimport_preamble}
|
206
|
+
#{username}:#{Base64.strict_encode64(sha512_embedded_bplist)}
|
207
|
+
DSIMPORT
|
208
|
+
end
|
209
|
+
|
199
210
|
# The below represents output of 'dscl -plist . readall /Users' converted to
|
200
211
|
# a native Ruby hash if only one user were installed on the system.
|
201
212
|
# This lets us check the behavior of all the methods necessary to return a
|
@@ -960,6 +971,24 @@ end
|
|
960
971
|
end
|
961
972
|
end
|
962
973
|
|
974
|
+
describe '#set_shadow_hash_data' do
|
975
|
+
let(:users_plist) { {'ShadowHashData' => ['string_data'] } }
|
976
|
+
|
977
|
+
it 'should flush the plist data to disk on OS X < 10.15' do
|
978
|
+
allow(provider.class).to receive(:get_os_version).and_return('10.12')
|
979
|
+
|
980
|
+
expect(provider).to receive(:write_users_plist_to_disk)
|
981
|
+
provider.set_shadow_hash_data(users_plist, pbkdf2_embedded_plist)
|
982
|
+
end
|
983
|
+
|
984
|
+
it 'should flush the plist data a temporary file on OS X >= 10.15' do
|
985
|
+
allow(provider.class).to receive(:get_os_version).and_return('10.15')
|
986
|
+
|
987
|
+
expect(provider).to receive(:write_and_import_shadow_hash_data)
|
988
|
+
provider.set_shadow_hash_data(users_plist, pbkdf2_embedded_plist)
|
989
|
+
end
|
990
|
+
end
|
991
|
+
|
963
992
|
describe '#set_salted_pbkdf2' do
|
964
993
|
let(:users_plist) { {'ShadowHashData' => ['string_data'] } }
|
965
994
|
let(:entropy_shadow_hash_data) do
|
@@ -1011,6 +1040,18 @@ end
|
|
1011
1040
|
end
|
1012
1041
|
end
|
1013
1042
|
|
1043
|
+
describe '#write_and_import_shadow_hash_data' do
|
1044
|
+
it 'should save the passed plist to a temporary file and import it' do
|
1045
|
+
tmpfile = double('tempfile', :path => "/tmp/dsimport_#{username}", :flush => nil)
|
1046
|
+
allow(Tempfile).to receive(:create).and_yield(tmpfile)
|
1047
|
+
allow(provider).to receive(:dscl).with('.', 'delete', user_path, 'ShadowHashData')
|
1048
|
+
|
1049
|
+
expect(tmpfile).to receive(:write).with(dsimport_contents)
|
1050
|
+
expect(provider).to receive(:dsimport).with(tmpfile.path, '/Local/Default', 'M')
|
1051
|
+
provider.write_and_import_shadow_hash_data(sha512_embedded_bplist)
|
1052
|
+
end
|
1053
|
+
end
|
1054
|
+
|
1014
1055
|
describe '#merge_attribute_with_dscl' do
|
1015
1056
|
it 'should raise an error if a dscl command raises an error' do
|
1016
1057
|
expect(provider).to receive(:dscl).with('.', '-merge', user_path, 'GeneratedUID', 'GUID').and_raise(Puppet::ExecutionFailure, 'boom')
|
@@ -56,14 +56,14 @@ describe Puppet::Type.type(:user).provider(:hpuxuseradd), :unless => Puppet.feat
|
|
56
56
|
it "should add modprpw to modifycmd if Trusted System" do
|
57
57
|
allow(resource).to receive(:allowdupe?).and_return(true)
|
58
58
|
expect(provider).to receive(:exec_getprpw).with('root','-m uid').and_return('uid=0')
|
59
|
-
expect(provider).to receive(:execute).with(['/usr/sam/lbin/usermod.sam', '-u', 1000, '-o', 'testuser', '
|
59
|
+
expect(provider).to receive(:execute).with(['/usr/sam/lbin/usermod.sam', '-F', '-u', 1000, '-o', 'testuser', ';', '/usr/lbin/modprpw', '-v', '-l', 'testuser'], hash_including(custom_environment: {}))
|
60
60
|
provider.uid = 1000
|
61
61
|
end
|
62
62
|
|
63
63
|
it "should not add modprpw if not Trusted System" do
|
64
64
|
allow(resource).to receive(:allowdupe?).and_return(true)
|
65
65
|
expect(provider).to receive(:exec_getprpw).with('root','-m uid').and_return('System is not trusted')
|
66
|
-
expect(provider).to receive(:execute).with(['/usr/sam/lbin/usermod.sam', '-u', 1000, '-o', 'testuser'
|
66
|
+
expect(provider).to receive(:execute).with(['/usr/sam/lbin/usermod.sam', '-F', '-u', 1000, '-o', 'testuser'], hash_including(custom_environment: {}))
|
67
67
|
provider.uid = 1000
|
68
68
|
end
|
69
69
|
end
|
@@ -45,6 +45,7 @@ describe Puppet::Type.type(:user).provider(:openbsd) do
|
|
45
45
|
describe "#addcmd" do
|
46
46
|
it "should return an array with the full command and expiry as MM/DD/YY" do
|
47
47
|
allow(Facter).to receive(:value).with(:osfamily).and_return('OpenBSD')
|
48
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease)
|
48
49
|
resource[:expiry] = "1997-06-01"
|
49
50
|
expect(provider.addcmd).to eq(['/usr/sbin/useradd', '-e', 'June 01 1997', 'myuser'])
|
50
51
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
+
require 'open3'
|
2
3
|
|
3
4
|
RSpec::Matchers.define_negated_matcher :excluding, :include
|
4
5
|
|
@@ -81,6 +82,23 @@ describe Puppet::Type.type(:user).provider(:pw) do
|
|
81
82
|
provider.create
|
82
83
|
end
|
83
84
|
|
85
|
+
it "should call execute with sensitive true when the password property is set" do
|
86
|
+
Puppet::Util::Log.level = :debug
|
87
|
+
resource[:password] = "abc123"
|
88
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: true))
|
89
|
+
popen = double("popen", :puts => nil, :close => nil)
|
90
|
+
expect(Open3).to receive(:popen3).and_return(popen)
|
91
|
+
expect(popen).to receive(:puts).with("abc123")
|
92
|
+
provider.create
|
93
|
+
expect(@logs).not_to be_any {|log| log.level == :debug and log.message =~ /abc123/}
|
94
|
+
end
|
95
|
+
|
96
|
+
it "should call execute with sensitive false when a non-sensitive property is set" do
|
97
|
+
resource[:managehome] = true
|
98
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: false))
|
99
|
+
provider.create
|
100
|
+
end
|
101
|
+
|
84
102
|
it "should use -s with the correct argument when the shell property is set" do
|
85
103
|
resource[:shell] = "/bin/sh"
|
86
104
|
expect(provider).to receive(:execute).with(include("-s").and(include("/bin/sh")), kind_of(Hash))
|
@@ -209,5 +227,24 @@ describe Puppet::Type.type(:user).provider(:pw) do
|
|
209
227
|
expect(provider).to receive(:execute).with(include("-u").and(include(54321)), hash_including(custom_environment: {}))
|
210
228
|
provider.uid = 54321
|
211
229
|
end
|
230
|
+
|
231
|
+
it "should print a debug message with sensitive data redacted when the password property is set" do
|
232
|
+
Puppet::Util::Log.level = :debug
|
233
|
+
resource[:password] = "*"
|
234
|
+
popen = double("popen", :puts => nil, :close => nil)
|
235
|
+
expect(Open3).to receive(:popen3).and_return(popen)
|
236
|
+
expect(popen).to receive(:puts).with("abc123")
|
237
|
+
provider.password = "abc123"
|
238
|
+
|
239
|
+
expect(@logs).not_to be_any {|log| log.level == :debug and log.message =~ /abc123/}
|
240
|
+
end
|
241
|
+
|
242
|
+
it "should call execute with sensitive false when a non-sensitive property is set" do
|
243
|
+
Puppet::Util::Log.level = :debug
|
244
|
+
resource[:home] = "/home/testuser"
|
245
|
+
resource[:managehome] = true
|
246
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: false))
|
247
|
+
provider.home = "/newhome/testuser"
|
248
|
+
end
|
212
249
|
end
|
213
250
|
end
|
@@ -44,29 +44,54 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
44
44
|
allow(provider).to receive(:exists?).and_return(false)
|
45
45
|
end
|
46
46
|
|
47
|
-
it "should
|
48
|
-
|
47
|
+
it "should not redact the command from debug logs if there is no password" do
|
48
|
+
described_class.has_feature :manages_passwords
|
49
49
|
resource[:ensure] = :present
|
50
|
-
expect(provider).to receive(:execute).with(
|
50
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: false))
|
51
51
|
provider.create
|
52
52
|
end
|
53
53
|
|
54
|
-
it "should
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
54
|
+
it "should redact the command from debug logs if there is a password" do
|
55
|
+
described_class.has_feature :manages_passwords
|
56
|
+
resource2 = Puppet::Type.type(:user).new(
|
57
|
+
:name => 'myuser',
|
58
|
+
:password => 'a pass word',
|
59
|
+
:managehome => :false,
|
60
|
+
:system => :false,
|
61
|
+
:provider => provider,
|
62
|
+
)
|
63
|
+
resource2[:ensure] = :present
|
64
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: true))
|
59
65
|
provider.create
|
60
66
|
end
|
61
67
|
|
62
|
-
it "should
|
63
|
-
allow(
|
68
|
+
it "should add -g when no gid is specified and group already exists" do
|
69
|
+
allow(Puppet::Util).to receive(:gid).and_return(true)
|
64
70
|
resource[:ensure] = :present
|
65
|
-
|
66
|
-
expect(provider).to receive(:execute).with(['/usr/sbin/useradd', '-G', 'group1,group2', '-M', 'myuser'], kind_of(Hash))
|
71
|
+
expect(provider).to receive(:execute).with(include('-g'), kind_of(Hash))
|
67
72
|
provider.create
|
68
73
|
end
|
69
74
|
|
75
|
+
context "when setting groups" do
|
76
|
+
it "uses -G to set groups" do
|
77
|
+
allow(Facter).to receive(:value).with(:osfamily).and_return('Solaris')
|
78
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease)
|
79
|
+
resource[:ensure] = :present
|
80
|
+
resource[:groups] = ['group1', 'group2']
|
81
|
+
expect(provider).to receive(:execute).with(['/usr/sbin/useradd', '-G', 'group1,group2', 'myuser'], kind_of(Hash))
|
82
|
+
provider.create
|
83
|
+
end
|
84
|
+
|
85
|
+
it "uses -G to set groups with -M on supported systems" do
|
86
|
+
allow(Facter).to receive(:value).with(:osfamily).and_return('RedHat')
|
87
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease)
|
88
|
+
resource[:ensure] = :present
|
89
|
+
resource[:groups] = ['group1', 'group2']
|
90
|
+
expect(provider).to receive(:execute).with(['/usr/sbin/useradd', '-G', 'group1,group2', '-M', 'myuser'], kind_of(Hash))
|
91
|
+
provider.create
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
70
95
|
it "should add -o when allowdupe is enabled and the user is being created" do
|
71
96
|
resource[:allowdupe] = true
|
72
97
|
expect(provider).to receive(:execute).with(include('-o'), kind_of(Hash))
|
@@ -165,6 +190,27 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
165
190
|
end
|
166
191
|
end
|
167
192
|
|
193
|
+
describe 'when modifying the password' do
|
194
|
+
before do
|
195
|
+
described_class.has_feature :libuser
|
196
|
+
described_class.has_feature :manages_passwords
|
197
|
+
#Setting any resource value here initializes needed variables and methods in the resource and provider
|
198
|
+
#Setting a password value here initializes the existence and management of the password parameter itself
|
199
|
+
#Otherwise, this value would not need to be initialized for the test
|
200
|
+
resource[:password] = ''
|
201
|
+
end
|
202
|
+
|
203
|
+
it "should not call execute with sensitive if non-sensitive data is changed" do
|
204
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: false))
|
205
|
+
provider.home = 'foo/bar'
|
206
|
+
end
|
207
|
+
|
208
|
+
it "should call execute with sensitive if sensitive data is changed" do
|
209
|
+
expect(provider).to receive(:execute).with(kind_of(Array), hash_including(sensitive: true))
|
210
|
+
provider.password = 'bird bird bird'
|
211
|
+
end
|
212
|
+
end
|
213
|
+
|
168
214
|
describe '#modify' do
|
169
215
|
describe "on systems with the libuser and forcelocal=false" do
|
170
216
|
before do
|
@@ -273,6 +319,65 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
273
319
|
expect(provider).to receive(:execute).with(['/usr/sbin/usermod', '-e', '', 'myuser'], hash_including(custom_environment: {}))
|
274
320
|
provider.expiry = :absent
|
275
321
|
end
|
322
|
+
|
323
|
+
it "should use -e with -1 when the expiry property is removed on SLES11" do
|
324
|
+
allow(Facter).to receive(:value).with(:operatingsystem).and_return('SLES')
|
325
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease).and_return('11')
|
326
|
+
resource[:expiry] = :absent
|
327
|
+
expect(provider).to receive(:execute).with(['/usr/sbin/usermod', '-e', -1, 'myuser'], hash_including(custom_environment: {}))
|
328
|
+
provider.expiry = :absent
|
329
|
+
end
|
330
|
+
end
|
331
|
+
|
332
|
+
describe "#comment" do
|
333
|
+
before { described_class.has_feature :libuser }
|
334
|
+
|
335
|
+
let(:content) { "myuser:x:x:x:local comment:x:x" }
|
336
|
+
|
337
|
+
it "should return the local comment string when forcelocal is true" do
|
338
|
+
resource[:forcelocal] = true
|
339
|
+
allow(File).to receive(:read).with('/etc/passwd').and_return(content)
|
340
|
+
expect(provider.comment).to eq('local comment')
|
341
|
+
end
|
342
|
+
|
343
|
+
it "should fall back to nameservice comment string when forcelocal is false" do
|
344
|
+
resource[:forcelocal] = false
|
345
|
+
allow(provider).to receive(:get).with(:comment).and_return('remote comment')
|
346
|
+
expect(provider).not_to receive(:localcomment)
|
347
|
+
expect(provider.comment).to eq('remote comment')
|
348
|
+
end
|
349
|
+
end
|
350
|
+
|
351
|
+
describe "#finduser" do
|
352
|
+
before { allow(File).to receive(:read).with('/etc/passwd').and_return(content) }
|
353
|
+
|
354
|
+
let(:content) { "sample_account:sample_password:sample_uid:sample_gid:sample_gecos:sample_directory:sample_shell" }
|
355
|
+
let(:output) do
|
356
|
+
{
|
357
|
+
account: 'sample_account',
|
358
|
+
password: 'sample_password',
|
359
|
+
uid: 'sample_uid',
|
360
|
+
gid: 'sample_gid',
|
361
|
+
gecos: 'sample_gecos',
|
362
|
+
directory: 'sample_directory',
|
363
|
+
shell: 'sample_shell',
|
364
|
+
}
|
365
|
+
end
|
366
|
+
|
367
|
+
[:account, :password, :uid, :gid, :gecos, :directory, :shell].each do |key|
|
368
|
+
it "finds an user by #{key} when asked" do
|
369
|
+
expect(provider.finduser(key, "sample_#{key}")).to eq(output)
|
370
|
+
end
|
371
|
+
end
|
372
|
+
|
373
|
+
it "returns false when specified key/value pair is not found" do
|
374
|
+
expect(provider.finduser(:account, 'invalid_account')).to eq(false)
|
375
|
+
end
|
376
|
+
|
377
|
+
it "reads the user file only once per resource" do
|
378
|
+
expect(File).to receive(:read).with('/etc/passwd').once
|
379
|
+
5.times { provider.finduser(:account, 'sample_account') }
|
380
|
+
end
|
276
381
|
end
|
277
382
|
|
278
383
|
describe "#check_allow_dup" do
|
@@ -328,15 +433,17 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
328
433
|
provider.delete
|
329
434
|
end
|
330
435
|
|
331
|
-
it "should use -M flag if home is not managed
|
436
|
+
it "should use -M flag if home is not managed on a supported system" do
|
332
437
|
allow(Facter).to receive(:value).with(:osfamily).and_return("RedHat")
|
438
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease)
|
333
439
|
resource[:managehome] = :false
|
334
440
|
expect(provider).to receive(:execute).with(include('-M'), kind_of(Hash))
|
335
441
|
provider.create
|
336
442
|
end
|
337
443
|
|
338
|
-
it "should not use -M flag if home is not managed
|
339
|
-
allow(Facter).to receive(:value).with(:osfamily).and_return("
|
444
|
+
it "should not use -M flag if home is not managed on an unsupported system" do
|
445
|
+
allow(Facter).to receive(:value).with(:osfamily).and_return("Suse")
|
446
|
+
allow(Facter).to receive(:value).with(:operatingsystemmajrelease).and_return("11")
|
340
447
|
resource[:managehome] = :false
|
341
448
|
expect(provider).to receive(:execute).with(excluding('-M'), kind_of(Hash))
|
342
449
|
provider.create
|
@@ -78,9 +78,9 @@ describe Puppet::Type.type(:user).provider(:windows_adsi), :if => Puppet.feature
|
|
78
78
|
let(:group3) { double(:account => 'group3', :domain => '.', :sid => 'group3sid') }
|
79
79
|
|
80
80
|
before :each do
|
81
|
-
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group1').and_return(group1)
|
82
|
-
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group2').and_return(group2)
|
83
|
-
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group3').and_return(group3)
|
81
|
+
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group1', any_args).and_return(group1)
|
82
|
+
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group2', any_args).and_return(group2)
|
83
|
+
allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).with('group3', any_args).and_return(group3)
|
84
84
|
end
|
85
85
|
|
86
86
|
it "should return true for same lists of members" do
|
@@ -714,6 +714,9 @@ describe 'Puppet Pal' do
|
|
714
714
|
|
715
715
|
context 'facts are supported such that' do
|
716
716
|
it 'they are obtained if they are not given' do
|
717
|
+
facts = Puppet::Node::Facts.new(Puppet[:certname], 'puppetversion' => Puppet.version)
|
718
|
+
Puppet::Node::Facts.indirection.save(facts)
|
719
|
+
|
717
720
|
testing_env_dir # creates the structure
|
718
721
|
result = Puppet::Pal.in_tmp_environment('pal_env', modulepath: modulepath ) do |ctx|
|
719
722
|
ctx.with_script_compiler {|c| c.evaluate_string("$facts =~ Hash and $facts[puppetversion] == '#{Puppet.version}'") }
|
data/spec/unit/resource_spec.rb
CHANGED
@@ -747,7 +747,8 @@ describe Puppet::Resource do
|
|
747
747
|
@resource = Puppet::Resource.new("one::two", "/my/file",
|
748
748
|
:parameters => {
|
749
749
|
:noop => true,
|
750
|
-
:foo =>
|
750
|
+
:foo => [:one, "two"],
|
751
|
+
:bar => 'a\'b',
|
751
752
|
:ensure => 'present',
|
752
753
|
}
|
753
754
|
)
|
@@ -757,10 +758,34 @@ describe Puppet::Resource do
|
|
757
758
|
expect(@resource.to_hierayaml).to eq <<-HEREDOC.gsub(/^\s{8}/, '')
|
758
759
|
/my/file:
|
759
760
|
ensure: 'present'
|
761
|
+
bar : 'a\\'b'
|
760
762
|
foo : ['one', 'two']
|
761
763
|
noop : true
|
762
764
|
HEREDOC
|
763
765
|
end
|
766
|
+
|
767
|
+
it "should convert some types to String" do
|
768
|
+
expect(@resource.to_hiera_hash).to eq(
|
769
|
+
"/my/file" => {
|
770
|
+
'ensure' => "present",
|
771
|
+
'bar' => "a'b",
|
772
|
+
'foo' => ["one", "two"],
|
773
|
+
'noop' => true
|
774
|
+
}
|
775
|
+
)
|
776
|
+
end
|
777
|
+
|
778
|
+
it "accepts symbolic titles" do
|
779
|
+
res = Puppet::Resource.new(:file, "/my/file", :parameters => { 'ensure' => "present" })
|
780
|
+
|
781
|
+
expect(res.to_hiera_hash.keys).to eq(["/my/file"])
|
782
|
+
end
|
783
|
+
|
784
|
+
it "emits an empty parameters hash" do
|
785
|
+
res = Puppet::Resource.new(:file, "/my/file")
|
786
|
+
|
787
|
+
expect(res.to_hiera_hash).to eq({"/my/file" => {}})
|
788
|
+
end
|
764
789
|
end
|
765
790
|
describe "when converting to json" do
|
766
791
|
# LAK:NOTE For all of these tests, we convert back to the resource so we can
|
@@ -876,9 +876,8 @@ describe Puppet::SSL::CertificateAuthority do
|
|
876
876
|
@ca.verify("me")
|
877
877
|
end
|
878
878
|
|
879
|
-
it "should set the store purpose to OpenSSL::X509::
|
880
|
-
|
881
|
-
expect(@store).to receive(:add_file).with(cacert)
|
879
|
+
it "should set the store purpose to OpenSSL::X509::PURPOSE_ANY" do
|
880
|
+
expect(@store).to receive(:purpose=).with OpenSSL::X509::PURPOSE_ANY
|
882
881
|
|
883
882
|
@ca.verify("me")
|
884
883
|
end
|
@@ -138,6 +138,13 @@ describe Puppet::SSL::Certificate do
|
|
138
138
|
expect(cert.custom_extensions).to include('oid' => '1.3.6.1.4.1.34380.1.2.1', 'value' => 'x509 :(')
|
139
139
|
end
|
140
140
|
|
141
|
+
it "returns extensions under the ppAuthCertExt" do
|
142
|
+
exts = {'pp_auth_role' => 'taketwo'}
|
143
|
+
cert = build_cert(:extension_requests => exts)
|
144
|
+
sign_wrapped_cert(cert)
|
145
|
+
expect(cert.custom_extensions).to include('oid' => 'pp_auth_role', 'value' => 'taketwo')
|
146
|
+
end
|
147
|
+
|
141
148
|
it "doesn't return standard extensions" do
|
142
149
|
cert = build_cert(:dns_alt_names => 'foo')
|
143
150
|
expect(cert.custom_extensions).to be_empty
|