puppet 5.5.16 → 5.5.21
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +10 -10
- data/Gemfile +2 -3
- data/Gemfile.lock +57 -52
- data/ext/build_defaults.yaml +1 -0
- data/ext/cert_inspector +3 -3
- data/ext/project_data.yaml +2 -2
- data/ext/puppet-test +2 -2
- data/ext/regexp_nodes/regexp_nodes.rb +4 -4
- data/ext/windows/service/daemon.rb +54 -8
- data/install.rb +6 -24
- data/lib/puppet.rb +5 -2
- data/lib/puppet/agent.rb +5 -13
- data/lib/puppet/application.rb +1 -1
- data/lib/puppet/application/agent.rb +15 -1
- data/lib/puppet/application/apply.rb +2 -2
- data/lib/puppet/application/describe.rb +3 -9
- data/lib/puppet/application/device.rb +4 -4
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +13 -0
- data/lib/puppet/application/lookup.rb +1 -1
- data/lib/puppet/application/resource.rb +4 -4
- data/lib/puppet/application/script.rb +2 -2
- data/lib/puppet/configurer.rb +86 -28
- data/lib/puppet/configurer/downloader.rb +2 -6
- data/lib/puppet/daemon.rb +1 -1
- data/lib/puppet/defaults.rb +82 -38
- data/lib/puppet/error.rb +9 -1
- data/lib/puppet/external/nagios/base.rb +1 -1
- data/lib/puppet/face/ca.rb +1 -1
- data/lib/puppet/face/config.rb +10 -48
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/face/module/list.rb +5 -5
- data/lib/puppet/face/module/search.rb +1 -1
- data/lib/puppet/face/module/uninstall.rb +1 -1
- data/lib/puppet/face/module/upgrade.rb +1 -1
- data/lib/puppet/face/plugin.rb +9 -2
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_system.rb +0 -8
- data/lib/puppet/file_system/memory_file.rb +1 -1
- data/lib/puppet/file_system/posix.rb +3 -2
- data/lib/puppet/file_system/uniquefile.rb +4 -0
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/epp.rb +4 -4
- data/lib/puppet/functions/inline_epp.rb +5 -5
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph/rb_tree_map.rb +2 -2
- data/lib/puppet/graph/simple_graph.rb +6 -5
- data/lib/puppet/indirector/catalog/compiler.rb +8 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +2 -0
- data/lib/puppet/indirector/resource/ral.rb +1 -3
- data/lib/puppet/indirector/resource/validator.rb +1 -1
- data/lib/puppet/interface.rb +2 -1
- data/lib/puppet/loaders.rb +0 -1
- data/lib/puppet/metatype/manager.rb +1 -1
- data/lib/puppet/module.rb +1 -1
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
- data/lib/puppet/module_tool/metadata.rb +1 -1
- data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
- data/lib/puppet/module_tool/tar/mini.rb +12 -2
- data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/connection.rb +14 -12
- data/lib/puppet/network/http/factory.rb +1 -11
- data/lib/puppet/network/http/pool.rb +7 -1
- data/lib/puppet/network/http/rack/rest.rb +2 -2
- data/lib/puppet/network/http/site.rb +1 -1
- data/lib/puppet/network/resolver.rb +2 -2
- data/lib/puppet/node/environment.rb +4 -2
- data/lib/puppet/parameter.rb +8 -0
- data/lib/puppet/parser/ast.rb +1 -1
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +3 -0
- data/lib/puppet/parser/functions.rb +1 -1
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
- data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/loaders.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
- data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
- data/lib/puppet/pops/merge_strategy.rb +22 -18
- data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
- data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
- data/lib/puppet/pops/parser/locator.rb +1 -1
- data/lib/puppet/pops/parser/pn_parser.rb +17 -16
- data/lib/puppet/pops/puppet_stack.rb +51 -48
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
- data/lib/puppet/pops/types/string_converter.rb +10 -10
- data/lib/puppet/pops/types/type_calculator.rb +24 -0
- data/lib/puppet/pops/types/types.rb +3 -3
- data/lib/puppet/pops/validation/checker4_0.rb +10 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/property.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/provider/augeas/augeas.rb +1 -1
- data/lib/puppet/provider/cron/crontab.rb +1 -1
- data/lib/puppet/provider/exec.rb +6 -2
- data/lib/puppet/provider/file/posix.rb +5 -0
- data/lib/puppet/provider/group/groupadd.rb +19 -19
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/mailalias/aliases.rb +1 -1
- data/lib/puppet/provider/mount.rb +1 -1
- data/lib/puppet/provider/mount/parsed.rb +8 -8
- data/lib/puppet/provider/nameservice.rb +10 -3
- data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +2 -2
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +14 -3
- data/lib/puppet/provider/package/dnf.rb +1 -1
- data/lib/puppet/provider/package/dnfmodule.rb +141 -0
- data/lib/puppet/provider/package/dpkg.rb +16 -18
- data/lib/puppet/provider/package/fink.rb +20 -3
- data/lib/puppet/provider/package/openbsd.rb +14 -2
- data/lib/puppet/provider/package/pip.rb +37 -10
- data/lib/puppet/provider/package/pkg.rb +18 -5
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +4 -4
- data/lib/puppet/provider/package/rpm.rb +57 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +35 -24
- data/lib/puppet/provider/package/zypper.rb +1 -0
- data/lib/puppet/provider/package_targetable.rb +5 -4
- data/lib/puppet/provider/parsedfile.rb +1 -1
- data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
- data/lib/puppet/provider/selmodule/semodule.rb +43 -26
- data/lib/puppet/provider/service/daemontools.rb +9 -9
- data/lib/puppet/provider/service/launchd.rb +20 -5
- data/lib/puppet/provider/service/openbsd.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +2 -2
- data/lib/puppet/provider/service/runit.rb +2 -8
- data/lib/puppet/provider/service/systemd.rb +35 -22
- data/lib/puppet/provider/service/windows.rb +8 -0
- data/lib/puppet/provider/user/directoryservice.rb +31 -6
- data/lib/puppet/provider/user/hpux.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +12 -3
- data/lib/puppet/provider/user/user_role_add.rb +5 -1
- data/lib/puppet/provider/user/useradd.rb +62 -27
- data/lib/puppet/provider/user/windows_adsi.rb +4 -5
- data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
- data/lib/puppet/reference/indirection.rb +2 -2
- data/lib/puppet/reference/metaparameter.rb +1 -3
- data/lib/puppet/reference/providers.rb +1 -1
- data/lib/puppet/reference/type.rb +3 -9
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/resource.rb +18 -1
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type.rb +8 -0
- data/lib/puppet/settings.rb +43 -3
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +2 -1
- data/lib/puppet/ssl/certificate_authority.rb +6 -5
- data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
- data/lib/puppet/ssl/certificate_factory.rb +2 -2
- data/lib/puppet/ssl/host.rb +3 -3
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/test/test_helper.rb +15 -10
- data/lib/puppet/transaction/report.rb +1 -1
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +15 -4
- data/lib/puppet/type/cron.rb +1 -1
- data/lib/puppet/type/exec.rb +21 -9
- data/lib/puppet/type/file.rb +14 -2
- data/lib/puppet/type/file/data_sync.rb +5 -1
- data/lib/puppet/type/group.rb +4 -2
- data/lib/puppet/type/interface.rb +1 -1
- data/lib/puppet/type/notify.rb +3 -2
- data/lib/puppet/type/package.rb +107 -8
- data/lib/puppet/type/schedule.rb +1 -1
- data/lib/puppet/type/selboolean.rb +17 -3
- data/lib/puppet/type/service.rb +9 -10
- data/lib/puppet/type/user.rb +6 -24
- data/lib/puppet/type/yumrepo.rb +3 -7
- data/lib/puppet/util.rb +47 -25
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/execution.rb +4 -3
- data/lib/puppet/util/http_proxy.rb +24 -16
- data/lib/puppet/util/instance_loader.rb +1 -1
- data/lib/puppet/util/log.rb +1 -1
- data/lib/puppet/util/log/destinations.rb +3 -12
- data/lib/puppet/util/logging.rb +30 -18
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +1 -1
- data/lib/puppet/util/nagios_maker.rb +2 -2
- data/lib/puppet/util/network_device/cisco/device.rb +1 -1
- data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
- data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
- data/lib/puppet/util/pidlock.rb +12 -6
- data/lib/puppet/util/plist.rb +6 -0
- data/lib/puppet/util/provider_features.rb +2 -4
- data/lib/puppet/util/rdoc.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +8 -2
- data/lib/puppet/util/windows/adsi.rb +60 -30
- data/lib/puppet/util/windows/api_types.rb +45 -32
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +16 -15
- data/lib/puppet/util/windows/registry.rb +17 -15
- data/lib/puppet/util/windows/security.rb +3 -0
- data/lib/puppet/util/windows/service.rb +149 -4
- data/lib/puppet/util/windows/sid.rb +4 -3
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +479 -443
- data/man/man5/puppet.conf.5 +38 -8
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-ca.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-cert.8 +1 -1
- data/man/man8/puppet-certificate.8 +1 -1
- data/man/man8/puppet-certificate_request.8 +1 -1
- data/man/man8/puppet-certificate_revocation_list.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +16 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-master.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/integration/configurer_spec.rb +52 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/indirector/facts/facter_spec.rb +4 -0
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/provider/service/systemd_spec.rb +8 -5
- data/spec/integration/type/file_spec.rb +28 -0
- data/spec/integration/type/notify_spec.rb +46 -0
- data/spec/integration/util/execution_spec.rb +27 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/unit/agent_spec.rb +34 -26
- data/spec/unit/application/agent_spec.rb +18 -0
- data/spec/unit/application/apply_spec.rb +2 -12
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/configurer/fact_handler_spec.rb +0 -4
- data/spec/unit/configurer_spec.rb +377 -397
- data/spec/unit/daemon_spec.rb +0 -1
- data/spec/unit/face/facts_spec.rb +9 -0
- data/spec/unit/face/plugin_spec.rb +8 -0
- data/spec/unit/file_system/uniquefile_spec.rb +11 -0
- data/spec/unit/forge/forge_spec.rb +1 -3
- data/spec/unit/forge/repository_spec.rb +1 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
- data/spec/unit/indirector/resource/ral_spec.rb +4 -4
- data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
- data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
- data/spec/unit/network/http/connection_spec.rb +43 -1
- data/spec/unit/network/http/factory_spec.rb +27 -5
- data/spec/unit/network/http/pool_spec.rb +32 -0
- data/spec/unit/node_spec.rb +7 -4
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
- data/spec/unit/pops/validator/validator_spec.rb +7 -0
- data/spec/unit/provider/exec_spec.rb +209 -0
- data/spec/unit/provider/group/groupadd_spec.rb +30 -1
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +13 -2
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
- data/spec/unit/provider/package/dnf_spec.rb +7 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
- data/spec/unit/provider/package/dpkg_spec.rb +35 -7
- data/spec/unit/provider/package/openbsd_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +93 -22
- data/spec/unit/provider/package/pkg_spec.rb +13 -1
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +36 -0
- data/spec/unit/provider/package/portage_spec.rb +4 -4
- data/spec/unit/provider/package/rpm_spec.rb +150 -16
- data/spec/unit/provider/package/yum_spec.rb +66 -0
- data/spec/unit/provider/package/zypper_spec.rb +13 -0
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/selmodule_spec.rb +118 -47
- data/spec/unit/provider/service/daemontools_spec.rb +24 -0
- data/spec/unit/provider/service/launchd_spec.rb +28 -0
- data/spec/unit/provider/service/runit_spec.rb +24 -0
- data/spec/unit/provider/service/systemd_spec.rb +109 -36
- data/spec/unit/provider/service/windows_spec.rb +20 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
- data/spec/unit/provider/user/hpux_spec.rb +2 -2
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/pw_spec.rb +37 -0
- data/spec/unit/provider/user/useradd_spec.rb +122 -15
- data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
- data/spec/unit/puppet_pal_2pec.rb +3 -0
- data/spec/unit/resource_spec.rb +26 -1
- data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
- data/spec/unit/ssl/certificate_spec.rb +7 -0
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction_spec.rb +18 -0
- data/spec/unit/type/exec_spec.rb +15 -12
- data/spec/unit/type/file/content_spec.rb +9 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/file_spec.rb +9 -4
- data/spec/unit/type/package_spec.rb +8 -0
- data/spec/unit/type/schedule_spec.rb +3 -1
- data/spec/unit/type/selboolean_spec.rb +4 -6
- data/spec/unit/type/service_spec.rb +25 -8
- data/spec/unit/type/user_spec.rb +32 -26
- data/spec/unit/type/yumrepo_spec.rb +30 -0
- data/spec/unit/type_spec.rb +40 -0
- data/spec/unit/util/execution_spec.rb +16 -0
- data/spec/unit/util/http_proxy_spec.rb +121 -1
- data/spec/unit/util/log/destinations_spec.rb +2 -26
- data/spec/unit/util/log_spec.rb +0 -112
- data/spec/unit/util/logging_spec.rb +200 -0
- data/spec/unit/util/pidlock_spec.rb +67 -40
- data/spec/unit/util/plist_spec.rb +20 -0
- data/spec/unit/util/windows/adsi_spec.rb +55 -4
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +9 -0
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/tasks/manpages.rake +1 -0
- metadata +16 -11
- data/ext/windows/eventlog/Rakefile +0 -32
- data/ext/windows/eventlog/puppetres.dll +0 -0
- data/ext/windows/eventlog/puppetres.mc +0 -18
- data/lib/puppet/pops/loader/null_loader.rb +0 -60
- data/locales/ja/puppet.po +0 -12114
- data/spec/integration/test/test_helper_spec.rb +0 -31
|
@@ -42,10 +42,11 @@ describe Puppet::Network::HTTP::Factory do
|
|
|
42
42
|
context "proxy settings" do
|
|
43
43
|
let(:proxy_host) { 'myhost' }
|
|
44
44
|
let(:proxy_port) { 432 }
|
|
45
|
+
let(:proxy_user) { 'mo' }
|
|
46
|
+
let(:proxy_pass) { 'password' }
|
|
45
47
|
|
|
46
|
-
it "should not set a proxy if the
|
|
48
|
+
it "should not set a proxy if the http_proxy_host setting is 'none'" do
|
|
47
49
|
Puppet[:http_proxy_host] = 'none'
|
|
48
|
-
expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
|
|
49
50
|
conn = create_connection(site)
|
|
50
51
|
|
|
51
52
|
expect(conn.proxy_address).to be_nil
|
|
@@ -54,7 +55,18 @@ describe Puppet::Network::HTTP::Factory do
|
|
|
54
55
|
it 'should not set a proxy if a no_proxy env var matches the destination' do
|
|
55
56
|
Puppet[:http_proxy_host] = proxy_host
|
|
56
57
|
Puppet[:http_proxy_port] = proxy_port
|
|
57
|
-
|
|
58
|
+
Puppet::Util.withenv('NO_PROXY' => site.host) do
|
|
59
|
+
conn = create_connection(site)
|
|
60
|
+
|
|
61
|
+
expect(conn.proxy_address).to be_nil
|
|
62
|
+
expect(conn.proxy_port).to be_nil
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
it 'should not set a proxy if the no_proxy setting matches the destination' do
|
|
67
|
+
Puppet[:http_proxy_host] = proxy_host
|
|
68
|
+
Puppet[:http_proxy_port] = proxy_port
|
|
69
|
+
Puppet[:no_proxy] = site.host
|
|
58
70
|
conn = create_connection(site)
|
|
59
71
|
|
|
60
72
|
expect(conn.proxy_address).to be_nil
|
|
@@ -63,7 +75,6 @@ describe Puppet::Network::HTTP::Factory do
|
|
|
63
75
|
|
|
64
76
|
it 'sets proxy_address' do
|
|
65
77
|
Puppet[:http_proxy_host] = proxy_host
|
|
66
|
-
expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
|
|
67
78
|
conn = create_connection(site)
|
|
68
79
|
|
|
69
80
|
expect(conn.proxy_address).to eq(proxy_host)
|
|
@@ -72,11 +83,22 @@ describe Puppet::Network::HTTP::Factory do
|
|
|
72
83
|
it 'sets proxy address and port' do
|
|
73
84
|
Puppet[:http_proxy_host] = proxy_host
|
|
74
85
|
Puppet[:http_proxy_port] = proxy_port
|
|
75
|
-
expect(Puppet::Util::HttpProxy).to receive(:no_proxy?).and_return(false)
|
|
76
86
|
conn = create_connection(site)
|
|
77
87
|
|
|
78
88
|
expect(conn.proxy_port).to eq(proxy_port)
|
|
79
89
|
end
|
|
90
|
+
|
|
91
|
+
it 'sets proxy user and password' do
|
|
92
|
+
Puppet[:http_proxy_host] = proxy_host
|
|
93
|
+
Puppet[:http_proxy_port] = proxy_port
|
|
94
|
+
Puppet[:http_proxy_user] = proxy_user
|
|
95
|
+
Puppet[:http_proxy_password] = proxy_pass
|
|
96
|
+
|
|
97
|
+
conn = create_connection(site)
|
|
98
|
+
|
|
99
|
+
expect(conn.proxy_user).to eq(proxy_user)
|
|
100
|
+
expect(conn.proxy_pass).to eq(proxy_pass)
|
|
101
|
+
end
|
|
80
102
|
end
|
|
81
103
|
|
|
82
104
|
context 'socket timeouts' do
|
|
@@ -60,6 +60,8 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
60
60
|
|
|
61
61
|
it 'returns the connection to the pool' do
|
|
62
62
|
conn = create_connection(site)
|
|
63
|
+
expect(conn).to receive(:started?).and_return(true)
|
|
64
|
+
|
|
63
65
|
pool = create_pool
|
|
64
66
|
pool.release(site, conn)
|
|
65
67
|
|
|
@@ -137,6 +139,7 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
137
139
|
it 'releases HTTP connections' do
|
|
138
140
|
conn = create_connection(site)
|
|
139
141
|
expect(conn).to receive(:use_ssl?).and_return(false)
|
|
142
|
+
expect(conn).to receive(:started?).and_return(true)
|
|
140
143
|
|
|
141
144
|
pool = create_pool_with_connections(site, conn)
|
|
142
145
|
expect(pool).to receive(:release).with(site, conn)
|
|
@@ -148,6 +151,7 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
148
151
|
conn = create_connection(site)
|
|
149
152
|
expect(conn).to receive(:use_ssl?).and_return(true)
|
|
150
153
|
expect(conn).to receive(:verify_mode).and_return(OpenSSL::SSL::VERIFY_PEER)
|
|
154
|
+
expect(conn).to receive(:started?).and_return(true)
|
|
151
155
|
|
|
152
156
|
pool = create_pool_with_connections(site, conn)
|
|
153
157
|
expect(pool).to receive(:release).with(site, conn)
|
|
@@ -166,6 +170,19 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
166
170
|
|
|
167
171
|
pool.with_connection(site, verify) {|c| }
|
|
168
172
|
end
|
|
173
|
+
|
|
174
|
+
it "doesn't add a closed connection back to the pool" do
|
|
175
|
+
http = Net::HTTP.new(site.addr)
|
|
176
|
+
http.use_ssl = true
|
|
177
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
178
|
+
http.start
|
|
179
|
+
|
|
180
|
+
pool = create_pool_with_connections(site, http)
|
|
181
|
+
|
|
182
|
+
pool.with_connection(site, verify) {|c| c.finish}
|
|
183
|
+
|
|
184
|
+
expect(pool.pool[site]).to be_empty
|
|
185
|
+
end
|
|
169
186
|
end
|
|
170
187
|
end
|
|
171
188
|
|
|
@@ -228,6 +245,7 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
228
245
|
|
|
229
246
|
it 'finishes expired connections' do
|
|
230
247
|
conn = create_connection(site)
|
|
248
|
+
allow(conn).to receive(:started?).and_return(true)
|
|
231
249
|
expect(conn).to receive(:finish)
|
|
232
250
|
|
|
233
251
|
pool = create_pool_with_expired_connections(site, conn)
|
|
@@ -241,6 +259,7 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
241
259
|
expect(Puppet).to receive(:log_exception).with(be_a(IOError), "Failed to close connection for #{site}: read timeout")
|
|
242
260
|
|
|
243
261
|
conn = create_connection(site)
|
|
262
|
+
expect(conn).to receive(:started?).and_return(true)
|
|
244
263
|
expect(conn).to receive(:finish).and_raise(IOError, 'read timeout')
|
|
245
264
|
|
|
246
265
|
pool = create_pool_with_expired_connections(site, conn)
|
|
@@ -289,10 +308,23 @@ describe Puppet::Network::HTTP::Pool do
|
|
|
289
308
|
|
|
290
309
|
it 'closes all cached connections' do
|
|
291
310
|
conn = create_connection(site)
|
|
311
|
+
allow(conn).to receive(:started?).and_return(true)
|
|
292
312
|
expect(conn).to receive(:finish)
|
|
293
313
|
|
|
294
314
|
pool = create_pool_with_connections(site, conn)
|
|
295
315
|
pool.close
|
|
296
316
|
end
|
|
317
|
+
|
|
318
|
+
it 'allows a connection to be closed multiple times safely' do
|
|
319
|
+
http = Net::HTTP.new(site.addr)
|
|
320
|
+
http.use_ssl = true
|
|
321
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
322
|
+
http.start
|
|
323
|
+
|
|
324
|
+
pool = create_pool
|
|
325
|
+
|
|
326
|
+
expect(pool.close_connection(site, http)).to eq(true)
|
|
327
|
+
expect(pool.close_connection(site, http)).to eq(false)
|
|
328
|
+
end
|
|
297
329
|
end
|
|
298
330
|
end
|
data/spec/unit/node_spec.rb
CHANGED
|
@@ -414,7 +414,9 @@ end
|
|
|
414
414
|
|
|
415
415
|
describe Puppet::Node, "when generating the list of names to search through" do
|
|
416
416
|
before do
|
|
417
|
-
|
|
417
|
+
Puppet[:strict_hostname_checking] = false
|
|
418
|
+
@node = Puppet::Node.new("foo.domain.com",
|
|
419
|
+
:parameters => {"hostname" => "yay", "domain" => "domain.com"})
|
|
418
420
|
end
|
|
419
421
|
|
|
420
422
|
it "returns an array of names" do
|
|
@@ -445,7 +447,6 @@ describe Puppet::Node, "when generating the list of names to search through" do
|
|
|
445
447
|
|
|
446
448
|
describe "and :node_name is set to 'cert'" do
|
|
447
449
|
before do
|
|
448
|
-
Puppet[:strict_hostname_checking] = false
|
|
449
450
|
Puppet[:node_name] = "cert"
|
|
450
451
|
end
|
|
451
452
|
|
|
@@ -454,8 +455,11 @@ describe Puppet::Node, "when generating the list of names to search through" do
|
|
|
454
455
|
end
|
|
455
456
|
|
|
456
457
|
describe "and strict hostname checking is enabled" do
|
|
457
|
-
|
|
458
|
+
before do
|
|
458
459
|
Puppet[:strict_hostname_checking] = true
|
|
460
|
+
end
|
|
461
|
+
|
|
462
|
+
it "only uses the passed-in key" do
|
|
459
463
|
expect(@node.names).to eq(["foo.domain.com"])
|
|
460
464
|
end
|
|
461
465
|
end
|
|
@@ -463,7 +467,6 @@ describe Puppet::Node, "when generating the list of names to search through" do
|
|
|
463
467
|
|
|
464
468
|
describe "and :node_name is set to 'facter'" do
|
|
465
469
|
before do
|
|
466
|
-
Puppet[:strict_hostname_checking] = false
|
|
467
470
|
Puppet[:node_name] = "facter"
|
|
468
471
|
end
|
|
469
472
|
|
|
@@ -367,6 +367,13 @@ EOS
|
|
|
367
367
|
}.to raise_error(/'Cap\[cap\]' is exported by both 'Prod\[one\]' and 'Prod\[two\]'/)
|
|
368
368
|
end
|
|
369
369
|
|
|
370
|
+
it "issues deprecation warnings" do
|
|
371
|
+
expect {compile_collect_log(MANIFEST_WO_NODE)}.not_to raise_error
|
|
372
|
+
expect(warnings).to include(/Capability Mapping is deprecated/) # there are two of these
|
|
373
|
+
expect(warnings).to include(/Application is deprecated/)
|
|
374
|
+
expect(warnings).to include(/Site Definition is deprecated/)
|
|
375
|
+
end
|
|
376
|
+
|
|
370
377
|
context "for producing node" do
|
|
371
378
|
let(:compiled_node) { Puppet::Node.new('first', :environment => env) }
|
|
372
379
|
let(:compiled_catalog) { compile_to_catalog(MANIFEST, compiled_node)}
|
|
@@ -442,21 +442,26 @@ describe 'Puppet::Pops::Evaluator::EvaluatorImpl' do
|
|
|
442
442
|
}.each do |source, coerced_val|
|
|
443
443
|
it "should warn about numeric coercion in '#{source}' when strict = warning" do
|
|
444
444
|
Puppet[:strict] = :warning
|
|
445
|
+
expect(Puppet::Pops::Evaluator::Runtime3Support::EvaluationError).not_to receive(:new)
|
|
445
446
|
collect_notices(source)
|
|
446
447
|
expect(warnings).to include(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
|
|
447
448
|
end
|
|
448
449
|
|
|
449
450
|
it "should not warn about numeric coercion in '#{source}' if strict = off" do
|
|
450
451
|
Puppet[:strict] = :off
|
|
452
|
+
expect(Puppet::Pops::Evaluator::Runtime3Support::EvaluationError).not_to receive(:new)
|
|
451
453
|
collect_notices(source)
|
|
452
454
|
expect(warnings).to_not include(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
|
|
453
455
|
end
|
|
454
456
|
|
|
455
457
|
it "should error when finding numeric coercion in '#{source}' if strict = error" do
|
|
456
458
|
Puppet[:strict] = :error
|
|
457
|
-
expect {
|
|
458
|
-
|
|
459
|
-
|
|
459
|
+
expect {
|
|
460
|
+
parser.evaluate_string(scope, source, __FILE__)
|
|
461
|
+
}.to raise_error {|error|
|
|
462
|
+
expect(error.message).to match(/The string '#{coerced_val}' was automatically coerced to the numerical value #{coerced_val}/)
|
|
463
|
+
expect(error.backtrace.first).to match(/runtime3_support\.rb.+optionally_fail/)
|
|
464
|
+
}
|
|
460
465
|
end
|
|
461
466
|
end
|
|
462
467
|
|
|
@@ -599,6 +599,13 @@ describe "validating 4x" do
|
|
|
599
599
|
end
|
|
600
600
|
end
|
|
601
601
|
|
|
602
|
+
context 'for hash keys' do
|
|
603
|
+
it "should not allow reassignment of hash keys" do
|
|
604
|
+
source = "$my_hash = {'one' => '1', 'two' => '2' }; $my_hash['one']='1.5'"
|
|
605
|
+
expect(validate(parse(source))).to have_issue(Puppet::Pops::Issues::ILLEGAL_INDEXED_ASSIGNMENT)
|
|
606
|
+
end
|
|
607
|
+
end
|
|
608
|
+
|
|
602
609
|
context 'for parameter names' do
|
|
603
610
|
['class', 'define'].each do |word|
|
|
604
611
|
it "should require that #{word} parameter names are unique" do
|
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
require 'puppet/provider/exec'
|
|
3
|
+
require 'puppet_spec/compiler'
|
|
4
|
+
require 'puppet_spec/files'
|
|
3
5
|
|
|
4
6
|
describe Puppet::Provider::Exec do
|
|
7
|
+
include PuppetSpec::Compiler
|
|
8
|
+
include PuppetSpec::Files
|
|
9
|
+
|
|
5
10
|
describe "#extractexe" do
|
|
6
11
|
it "should return the first element of an array" do
|
|
7
12
|
expect(subject.extractexe(['one', 'two'])).to eq('one')
|
|
@@ -31,4 +36,208 @@ describe Puppet::Provider::Exec do
|
|
|
31
36
|
end
|
|
32
37
|
end
|
|
33
38
|
end
|
|
39
|
+
|
|
40
|
+
context "when handling sensitive data" do
|
|
41
|
+
before :each do
|
|
42
|
+
Puppet[:log_level] = 'debug'
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
let(:supersecret) { 'supersecret' }
|
|
46
|
+
let(:path) do
|
|
47
|
+
if Puppet::Util::Platform.windows?
|
|
48
|
+
# The `apply_compiled_manifest` helper doesn't add the `path` fact, so
|
|
49
|
+
# we can't reference that in our manifest. Windows PATHs can contain
|
|
50
|
+
# double quotes and trailing backslashes, which confuse HEREDOC
|
|
51
|
+
# interpolation below. So sanitize it:
|
|
52
|
+
ENV['PATH'].split(File::PATH_SEPARATOR).map do |dir|
|
|
53
|
+
dir.gsub(/"/, '\"').gsub(/\\$/, '')
|
|
54
|
+
end.join(File::PATH_SEPARATOR)
|
|
55
|
+
else
|
|
56
|
+
ENV['PATH']
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def ruby_exit_0
|
|
61
|
+
"ruby -e 'exit 0'"
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def echo_from_ruby_exit_0(message)
|
|
65
|
+
# Escape double quotes due to HEREDOC interpolation below
|
|
66
|
+
"ruby -e 'puts \"#{message}\"; exit 0'".gsub(/"/, '\"')
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def echo_from_ruby_exit_1(message)
|
|
70
|
+
# Escape double quotes due to HEREDOC interpolation below
|
|
71
|
+
"ruby -e 'puts \"#{message}\"; exit 1'".gsub(/"/, '\"')
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
context "when validating the command" do
|
|
75
|
+
it "redacts the arguments if the command is relative" do
|
|
76
|
+
expect {
|
|
77
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
78
|
+
exec { 'echo':
|
|
79
|
+
command => Sensitive.new('echo #{supersecret}')
|
|
80
|
+
}
|
|
81
|
+
MANIFEST
|
|
82
|
+
}.to raise_error do |err|
|
|
83
|
+
expect(err).to be_a(Puppet::Error)
|
|
84
|
+
expect(err.message).to match(/'echo' is not qualified and no path was specified. Please qualify the command or specify a path./)
|
|
85
|
+
expect(err.message).to_not match(/#{supersecret}/)
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
it "redacts the arguments if the command is a directory" do
|
|
90
|
+
dir = tmpdir('exec')
|
|
91
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
92
|
+
exec { 'echo':
|
|
93
|
+
command => Sensitive.new('#{dir} #{supersecret}'),
|
|
94
|
+
}
|
|
95
|
+
MANIFEST
|
|
96
|
+
expect(@logs).to include(an_object_having_attributes(level: :err, message: /'#{dir}' is a directory, not a file/))
|
|
97
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
it "redacts the arguments if the command isn't executable" do
|
|
101
|
+
file = tmpfile('exec')
|
|
102
|
+
Puppet::FileSystem.touch(file)
|
|
103
|
+
Puppet::FileSystem.chmod(0644, file)
|
|
104
|
+
|
|
105
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
106
|
+
exec { 'echo':
|
|
107
|
+
command => Sensitive.new('#{file} #{supersecret}'),
|
|
108
|
+
}
|
|
109
|
+
MANIFEST
|
|
110
|
+
# Execute permission works differently on Windows, but execute will fail since the
|
|
111
|
+
# file doesn't have a valid extension and isn't a valid executable. The raised error
|
|
112
|
+
# will be Errno::EIO, which is not useful. The Windows execute code needs to raise
|
|
113
|
+
# Puppet::Util::Windows::Error so the Win32 error message is preserved.
|
|
114
|
+
pending("PUP-3561 Needs to raise a meaningful Puppet::Error") if Puppet::Util::Platform.windows?
|
|
115
|
+
expect(@logs).to include(an_object_having_attributes(level: :err, message: /'#{file}' is not executable/))
|
|
116
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
it "redacts the arguments if the relative command cannot be resolved using the path parameter" do
|
|
120
|
+
file = File.basename(tmpfile('exec'))
|
|
121
|
+
dir = tmpdir('exec')
|
|
122
|
+
|
|
123
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
124
|
+
exec { 'echo':
|
|
125
|
+
command => Sensitive.new('#{file} #{supersecret}'),
|
|
126
|
+
path => "#{dir}",
|
|
127
|
+
}
|
|
128
|
+
MANIFEST
|
|
129
|
+
expect(@logs).to include(an_object_having_attributes(level: :err, message: /Could not find command '#{file}'/))
|
|
130
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
it "redacts the command on success" do
|
|
135
|
+
command = echo_from_ruby_exit_0(supersecret)
|
|
136
|
+
|
|
137
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
138
|
+
exec { 'true':
|
|
139
|
+
command => Sensitive.new("#{command}"),
|
|
140
|
+
path => "#{path}",
|
|
141
|
+
}
|
|
142
|
+
MANIFEST
|
|
143
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
|
|
144
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
145
|
+
expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
|
|
146
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
it "redacts the command on failure" do
|
|
150
|
+
command = echo_from_ruby_exit_1(supersecret)
|
|
151
|
+
|
|
152
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
153
|
+
exec { 'false':
|
|
154
|
+
command => Sensitive.new("#{command}"),
|
|
155
|
+
path => "#{path}",
|
|
156
|
+
}
|
|
157
|
+
MANIFEST
|
|
158
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[false\]/))
|
|
159
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
160
|
+
expect(@logs).to include(an_object_having_attributes(level: :err, message: "[command redacted] returned 1 instead of one of [0]"))
|
|
161
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
context "when handling checks" do
|
|
165
|
+
let(:onlyifsecret) { "onlyifsecret" }
|
|
166
|
+
let(:unlesssecret) { "unlesssecret" }
|
|
167
|
+
|
|
168
|
+
it "redacts command and onlyif outputs" do
|
|
169
|
+
onlyif = echo_from_ruby_exit_0(onlyifsecret)
|
|
170
|
+
|
|
171
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
172
|
+
exec { 'true':
|
|
173
|
+
command => Sensitive.new("#{ruby_exit_0}"),
|
|
174
|
+
onlyif => Sensitive.new("#{onlyif}"),
|
|
175
|
+
path => "#{path}",
|
|
176
|
+
}
|
|
177
|
+
MANIFEST
|
|
178
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
|
|
179
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
|
|
180
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
181
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
|
|
182
|
+
expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
|
|
183
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{onlyifsecret}/))
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
it "redacts the command that would have been executed but didn't due to onlyif" do
|
|
187
|
+
command = echo_from_ruby_exit_0(supersecret)
|
|
188
|
+
onlyif = echo_from_ruby_exit_1(onlyifsecret)
|
|
189
|
+
|
|
190
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
191
|
+
exec { 'true':
|
|
192
|
+
command => Sensitive.new("#{command}"),
|
|
193
|
+
onlyif => Sensitive.new("#{onlyif}"),
|
|
194
|
+
path => "#{path}",
|
|
195
|
+
}
|
|
196
|
+
MANIFEST
|
|
197
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
|
|
198
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
199
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
|
|
200
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "'[command redacted]' won't be executed because of failed check 'onlyif'"))
|
|
201
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
202
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{onlyifsecret}/))
|
|
203
|
+
end
|
|
204
|
+
|
|
205
|
+
it "redacts command and unless outputs" do
|
|
206
|
+
unlesscmd = echo_from_ruby_exit_1(unlesssecret)
|
|
207
|
+
|
|
208
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
209
|
+
exec { 'true':
|
|
210
|
+
command => Sensitive.new("#{ruby_exit_0}"),
|
|
211
|
+
unless => Sensitive.new("#{unlesscmd}"),
|
|
212
|
+
path => "#{path}",
|
|
213
|
+
}
|
|
214
|
+
MANIFEST
|
|
215
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
|
|
216
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing '[redacted]'", source: /Exec\[true\]/))
|
|
217
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
218
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
|
|
219
|
+
expect(@logs).to include(an_object_having_attributes(level: :notice, message: "executed successfully"))
|
|
220
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{unlesssecret}/))
|
|
221
|
+
end
|
|
222
|
+
|
|
223
|
+
it "redacts the command that would have been executed but didn't due to unless" do
|
|
224
|
+
command = echo_from_ruby_exit_0(supersecret)
|
|
225
|
+
unlesscmd = echo_from_ruby_exit_0(unlesssecret)
|
|
226
|
+
|
|
227
|
+
apply_compiled_manifest(<<-MANIFEST)
|
|
228
|
+
exec { 'true':
|
|
229
|
+
command => Sensitive.new("#{command}"),
|
|
230
|
+
unless => Sensitive.new("#{unlesscmd}"),
|
|
231
|
+
path => "#{path}",
|
|
232
|
+
}
|
|
233
|
+
MANIFEST
|
|
234
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing check '[redacted]'"))
|
|
235
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'", source: "Puppet"))
|
|
236
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "[output redacted]"))
|
|
237
|
+
expect(@logs).to include(an_object_having_attributes(level: :debug, message: "'[command redacted]' won't be executed because of failed check 'unless'"))
|
|
238
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{supersecret}/))
|
|
239
|
+
expect(@logs).to_not include(an_object_having_attributes(message: /#{unlesssecret}/))
|
|
240
|
+
end
|
|
241
|
+
end
|
|
242
|
+
end
|
|
34
243
|
end
|