puppet 5.5.22-universal-darwin → 6.0.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (1407) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +46 -72
  3. data/Gemfile.lock +86 -102
  4. data/MAINTAINERS +47 -0
  5. data/Rakefile +15 -19
  6. data/ext/build_defaults.yaml +0 -1
  7. data/ext/cert_inspector +3 -3
  8. data/ext/debian/copyright +0 -22
  9. data/ext/project_data.yaml +8 -10
  10. data/ext/puppet-test +2 -2
  11. data/ext/redhat/puppet.spec.erb +0 -4
  12. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  13. data/ext/solaris/smf/puppet.xml +0 -2
  14. data/ext/solaris/smf/svc-puppetd +1 -8
  15. data/ext/solaris/smf/svc-puppetmasterd +1 -8
  16. data/ext/windows/eventlog/Rakefile +32 -0
  17. data/ext/windows/eventlog/puppetres.dll +0 -0
  18. data/ext/windows/eventlog/puppetres.mc +18 -0
  19. data/ext/windows/service/daemon.rb +8 -54
  20. data/install.rb +24 -6
  21. data/lib/hiera/scope.rb +0 -7
  22. data/lib/puppet.rb +10 -21
  23. data/lib/puppet/agent.rb +13 -5
  24. data/lib/puppet/application.rb +10 -8
  25. data/lib/puppet/application/agent.rb +3 -21
  26. data/lib/puppet/application/apply.rb +22 -12
  27. data/lib/puppet/application/cert.rb +25 -180
  28. data/lib/puppet/application/describe.rb +9 -3
  29. data/lib/puppet/application/device.rb +41 -74
  30. data/lib/puppet/application/doc.rb +5 -3
  31. data/lib/puppet/application/filebucket.rb +1 -23
  32. data/lib/puppet/application/lookup.rb +2 -2
  33. data/lib/puppet/application/resource.rb +4 -4
  34. data/lib/puppet/application/script.rb +3 -3
  35. data/lib/puppet/application/ssl.rb +133 -0
  36. data/lib/puppet/application_support.rb +1 -2
  37. data/lib/puppet/configurer.rb +62 -127
  38. data/lib/puppet/configurer/downloader.rb +17 -34
  39. data/lib/puppet/configurer/fact_handler.rb +5 -1
  40. data/lib/puppet/configurer/plugin_handler.rb +2 -3
  41. data/lib/puppet/confine/false.rb +1 -7
  42. data/lib/puppet/confine/true.rb +1 -7
  43. data/lib/puppet/daemon.rb +2 -2
  44. data/lib/puppet/datatypes.rb +1 -1
  45. data/lib/puppet/defaults.rb +126 -286
  46. data/lib/puppet/environments.rb +2 -7
  47. data/lib/puppet/error.rb +14 -10
  48. data/lib/puppet/etc.rb +4 -25
  49. data/lib/puppet/external/dot.rb +23 -17
  50. data/lib/puppet/face/config.rb +50 -12
  51. data/lib/puppet/face/epp.rb +2 -2
  52. data/lib/puppet/face/facts.rb +1 -1
  53. data/lib/puppet/face/help.rb +21 -7
  54. data/lib/puppet/face/help/global.erb +2 -2
  55. data/lib/puppet/face/module/build.rb +4 -59
  56. data/lib/puppet/face/module/generate.rb +5 -247
  57. data/lib/puppet/face/module/install.rb +0 -4
  58. data/lib/puppet/face/module/list.rb +5 -10
  59. data/lib/puppet/face/module/search.rb +2 -2
  60. data/lib/puppet/face/module/uninstall.rb +1 -5
  61. data/lib/puppet/face/module/upgrade.rb +1 -5
  62. data/lib/puppet/face/node/clean.rb +14 -10
  63. data/lib/puppet/face/plugin.rb +2 -9
  64. data/lib/puppet/feature/base.rb +7 -26
  65. data/lib/puppet/feature/eventlog.rb +1 -1
  66. data/lib/puppet/file_bucket/dipper.rb +1 -1
  67. data/lib/puppet/file_serving/base.rb +7 -7
  68. data/lib/puppet/file_serving/fileset.rb +2 -2
  69. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  70. data/lib/puppet/file_serving/metadata.rb +4 -3
  71. data/lib/puppet/file_serving/mount/locales.rb +2 -1
  72. data/lib/puppet/file_serving/mount/pluginfacts.rb +2 -1
  73. data/lib/puppet/file_serving/mount/plugins.rb +2 -1
  74. data/lib/puppet/file_system.rb +8 -0
  75. data/lib/puppet/file_system/memory_file.rb +1 -1
  76. data/lib/puppet/file_system/posix.rb +2 -3
  77. data/lib/puppet/file_system/uniquefile.rb +0 -4
  78. data/lib/puppet/forge.rb +8 -12
  79. data/lib/puppet/functions.rb +138 -0
  80. data/lib/puppet/functions/abs.rb +61 -0
  81. data/lib/puppet/functions/call.rb +38 -2
  82. data/lib/puppet/functions/camelcase.rb +62 -0
  83. data/lib/puppet/functions/capitalize.rb +61 -0
  84. data/lib/puppet/functions/ceiling.rb +37 -0
  85. data/lib/puppet/functions/chomp.rb +57 -0
  86. data/lib/puppet/functions/chop.rb +67 -0
  87. data/lib/puppet/functions/compare.rb +125 -0
  88. data/lib/puppet/functions/convert_to.rb +3 -2
  89. data/lib/puppet/functions/dig.rb +21 -1
  90. data/lib/puppet/functions/downcase.rb +89 -0
  91. data/lib/puppet/functions/epp.rb +4 -4
  92. data/lib/puppet/functions/eyaml_lookup_key.rb +4 -5
  93. data/lib/puppet/functions/filter.rb +7 -6
  94. data/lib/puppet/functions/floor.rb +37 -0
  95. data/lib/puppet/functions/get.rb +150 -0
  96. data/lib/puppet/functions/getvar.rb +87 -0
  97. data/lib/puppet/functions/inline_epp.rb +5 -5
  98. data/lib/puppet/functions/lstrip.rb +58 -0
  99. data/lib/puppet/functions/max.rb +183 -0
  100. data/lib/puppet/functions/min.rb +182 -0
  101. data/lib/puppet/functions/new.rb +3 -8
  102. data/lib/puppet/functions/reduce.rb +4 -2
  103. data/lib/puppet/functions/reverse_each.rb +1 -1
  104. data/lib/puppet/functions/round.rb +24 -0
  105. data/lib/puppet/functions/rstrip.rb +58 -0
  106. data/lib/puppet/functions/size.rb +15 -0
  107. data/lib/puppet/functions/sort.rb +74 -0
  108. data/lib/puppet/functions/step.rb +1 -1
  109. data/lib/puppet/functions/strip.rb +58 -0
  110. data/lib/puppet/functions/upcase.rb +89 -0
  111. data/lib/puppet/functions/yaml_data.rb +4 -5
  112. data/lib/puppet/gettext/config.rb +1 -1
  113. data/lib/puppet/gettext/module_translations.rb +1 -1
  114. data/lib/puppet/graph.rb +0 -2
  115. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  116. data/lib/puppet/graph/simple_graph.rb +10 -7
  117. data/lib/puppet/indirector/catalog/compiler.rb +0 -8
  118. data/lib/puppet/indirector/catalog/json.rb +14 -3
  119. data/lib/puppet/indirector/catalog/yaml.rb +0 -16
  120. data/lib/puppet/indirector/certificate/file.rb +0 -1
  121. data/lib/puppet/indirector/facts/yaml.rb +4 -2
  122. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  123. data/lib/puppet/indirector/hiera.rb +0 -6
  124. data/lib/puppet/indirector/indirection.rb +8 -12
  125. data/lib/puppet/indirector/key/file.rb +1 -6
  126. data/lib/puppet/indirector/node/exec.rb +1 -3
  127. data/lib/puppet/indirector/node/yaml.rb +0 -6
  128. data/lib/puppet/indirector/request.rb +20 -27
  129. data/lib/puppet/indirector/resource/ral.rb +3 -1
  130. data/lib/puppet/indirector/resource/validator.rb +1 -1
  131. data/lib/puppet/indirector/rest.rb +7 -65
  132. data/lib/puppet/indirector/ssl_file.rb +3 -44
  133. data/lib/puppet/indirector/terminus.rb +1 -1
  134. data/lib/puppet/indirector/yaml.rb +4 -4
  135. data/lib/puppet/info_service/task_information_service.rb +7 -3
  136. data/lib/puppet/interface.rb +2 -3
  137. data/lib/puppet/interface/action.rb +2 -5
  138. data/lib/puppet/interface/face_collection.rb +3 -1
  139. data/lib/puppet/loaders.rb +2 -0
  140. data/lib/puppet/metatype/manager.rb +3 -5
  141. data/lib/puppet/module.rb +5 -31
  142. data/lib/puppet/module/task.rb +208 -30
  143. data/lib/puppet/module_tool.rb +2 -5
  144. data/lib/puppet/module_tool/applications.rb +0 -1
  145. data/lib/puppet/module_tool/applications/application.rb +1 -1
  146. data/lib/puppet/module_tool/applications/installer.rb +7 -8
  147. data/lib/puppet/module_tool/applications/uninstaller.rb +4 -5
  148. data/lib/puppet/module_tool/applications/unpacker.rb +1 -1
  149. data/lib/puppet/module_tool/applications/upgrader.rb +5 -6
  150. data/lib/puppet/module_tool/installed_modules.rb +2 -2
  151. data/lib/puppet/module_tool/local_tarball.rb +3 -3
  152. data/lib/puppet/module_tool/metadata.rb +1 -2
  153. data/lib/puppet/module_tool/shared_behaviors.rb +6 -6
  154. data/lib/puppet/module_tool/tar/mini.rb +2 -12
  155. data/lib/puppet/network/authconfig.rb +0 -13
  156. data/lib/puppet/network/format_support.rb +13 -8
  157. data/lib/puppet/network/formats.rb +93 -2
  158. data/lib/puppet/network/http.rb +0 -2
  159. data/lib/puppet/network/http/api.rb +1 -10
  160. data/lib/puppet/network/http/api/indirected_routes.rb +22 -16
  161. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -3
  162. data/lib/puppet/network/http/connection.rb +14 -57
  163. data/lib/puppet/network/http/factory.rb +13 -7
  164. data/lib/puppet/network/http/handler.rb +59 -27
  165. data/lib/puppet/network/http/pool.rb +1 -7
  166. data/lib/puppet/network/http/site.rb +1 -1
  167. data/lib/puppet/network/resolver.rb +140 -67
  168. data/lib/puppet/node.rb +1 -2
  169. data/lib/puppet/node/environment.rb +5 -30
  170. data/lib/puppet/node/facts.rb +11 -1
  171. data/lib/puppet/parameter.rb +4 -7
  172. data/lib/puppet/parser/ast.rb +5 -9
  173. data/lib/puppet/parser/ast/branch.rb +3 -3
  174. data/lib/puppet/parser/ast/leaf.rb +5 -0
  175. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  176. data/lib/puppet/parser/catalog_compiler.rb +32 -0
  177. data/lib/puppet/parser/compiler.rb +2 -3
  178. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -2
  179. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -2
  180. data/lib/puppet/parser/environment_compiler.rb +0 -3
  181. data/lib/puppet/parser/functions.rb +48 -18
  182. data/lib/puppet/parser/functions/epp.rb +3 -3
  183. data/lib/puppet/parser/functions/filter.rb +1 -1
  184. data/lib/puppet/parser/functions/generate.rb +1 -1
  185. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  186. data/lib/puppet/parser/resource.rb +2 -4
  187. data/lib/puppet/parser/resource/param.rb +12 -11
  188. data/lib/puppet/parser/scope.rb +6 -8
  189. data/lib/puppet/parser/script_compiler.rb +7 -2
  190. data/lib/puppet/pops.rb +1 -0
  191. data/lib/puppet/pops/adaptable.rb +13 -7
  192. data/lib/puppet/pops/adapters.rb +18 -8
  193. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  194. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +4 -4
  195. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  196. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  197. data/lib/puppet/pops/evaluator/compare_operator.rb +3 -1
  198. data/lib/puppet/pops/evaluator/deferred_resolver.rb +127 -0
  199. data/lib/puppet/pops/evaluator/evaluator_impl.rb +17 -2
  200. data/lib/puppet/pops/evaluator/external_syntax_support.rb +2 -3
  201. data/lib/puppet/pops/evaluator/runtime3_converter.rb +23 -4
  202. data/lib/puppet/pops/evaluator/runtime3_support.rb +7 -8
  203. data/lib/puppet/pops/functions/dispatch.rb +6 -0
  204. data/lib/puppet/pops/issues.rb +9 -10
  205. data/lib/puppet/pops/loader/loader.rb +1 -1
  206. data/lib/puppet/pops/loader/loader_paths.rb +5 -3
  207. data/lib/puppet/pops/loader/module_loaders.rb +47 -21
  208. data/lib/puppet/pops/loader/null_loader.rb +60 -0
  209. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +54 -0
  210. data/lib/puppet/pops/loader/static_loader.rb +0 -36
  211. data/lib/puppet/pops/loader/task_instantiator.rb +72 -44
  212. data/lib/puppet/pops/loaders.rb +21 -33
  213. data/lib/puppet/pops/lookup/hiera_config.rb +1 -2
  214. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  215. data/lib/puppet/pops/merge_strategy.rb +18 -22
  216. data/lib/puppet/pops/model/ast.pp +16 -0
  217. data/lib/puppet/pops/model/ast.rb +94 -0
  218. data/lib/puppet/pops/model/factory.rb +17 -38
  219. data/lib/puppet/pops/model/model_label_provider.rb +8 -1
  220. data/lib/puppet/pops/parser/egrammar.ra +14 -3
  221. data/lib/puppet/pops/parser/eparser.rb +1537 -1492
  222. data/lib/puppet/pops/parser/epp_support.rb +6 -2
  223. data/lib/puppet/pops/parser/heredoc_support.rb +8 -17
  224. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  225. data/lib/puppet/pops/parser/lexer2.rb +2 -7
  226. data/lib/puppet/pops/parser/locator.rb +87 -107
  227. data/lib/puppet/pops/parser/parser_support.rb +2 -11
  228. data/lib/puppet/pops/parser/pn_parser.rb +16 -17
  229. data/lib/puppet/pops/pcore.rb +19 -8
  230. data/lib/puppet/pops/puppet_stack.rb +48 -51
  231. data/lib/puppet/pops/resource/resource_type_impl.rb +0 -2
  232. data/lib/puppet/pops/serialization.rb +3 -2
  233. data/lib/puppet/pops/serialization/from_data_converter.rb +4 -3
  234. data/lib/puppet/pops/serialization/to_data_converter.rb +3 -3
  235. data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
  236. data/lib/puppet/pops/types/iterable.rb +8 -34
  237. data/lib/puppet/pops/types/p_binary_type.rb +1 -2
  238. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  239. data/lib/puppet/pops/types/p_object_type.rb +3 -0
  240. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  241. data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
  242. data/lib/puppet/pops/types/p_type_set_type.rb +0 -4
  243. data/lib/puppet/pops/types/string_converter.rb +12 -21
  244. data/lib/puppet/pops/types/type_calculator.rb +0 -24
  245. data/lib/puppet/pops/types/type_factory.rb +17 -0
  246. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  247. data/lib/puppet/pops/types/types.rb +7 -32
  248. data/lib/puppet/pops/validation/checker4_0.rb +23 -33
  249. data/lib/puppet/pops/validation/tasks_checker.rb +47 -6
  250. data/lib/puppet/pops/validation/validator_factory_4_0.rb +7 -10
  251. data/lib/puppet/property.rb +1 -1
  252. data/lib/puppet/property/ensure.rb +1 -1
  253. data/lib/puppet/provider.rb +14 -2
  254. data/lib/puppet/provider/exec.rb +58 -59
  255. data/lib/puppet/provider/file/posix.rb +0 -5
  256. data/lib/puppet/provider/file/windows.rb +2 -50
  257. data/lib/puppet/provider/group/aix.rb +2 -18
  258. data/lib/puppet/provider/group/groupadd.rb +19 -19
  259. data/lib/puppet/provider/group/windows_adsi.rb +4 -11
  260. data/lib/puppet/provider/nameservice.rb +28 -11
  261. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  262. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  263. data/lib/puppet/provider/package.rb +0 -2
  264. data/lib/puppet/provider/package/aix.rb +2 -17
  265. data/lib/puppet/provider/package/apt.rb +3 -14
  266. data/lib/puppet/provider/package/dnf.rb +3 -3
  267. data/lib/puppet/provider/package/dpkg.rb +7 -18
  268. data/lib/puppet/provider/package/fink.rb +3 -20
  269. data/lib/puppet/provider/package/gem.rb +43 -105
  270. data/lib/puppet/provider/package/openbsd.rb +2 -14
  271. data/lib/puppet/provider/package/pip.rb +108 -160
  272. data/lib/puppet/provider/package/pip3.rb +1 -1
  273. data/lib/puppet/provider/package/pkg.rb +5 -18
  274. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  275. data/lib/puppet/provider/package/pkgng.rb +4 -16
  276. data/lib/puppet/provider/package/portage.rb +6 -6
  277. data/lib/puppet/provider/package/puppet_gem.rb +2 -7
  278. data/lib/puppet/provider/package/rpm.rb +33 -82
  279. data/lib/puppet/provider/package/windows.rb +2 -6
  280. data/lib/puppet/provider/package/windows/exe_package.rb +10 -16
  281. data/lib/puppet/provider/package/windows/msi_package.rb +0 -8
  282. data/lib/puppet/provider/package/windows/package.rb +2 -10
  283. data/lib/puppet/provider/package/yum.rb +25 -37
  284. data/lib/puppet/provider/package/zypper.rb +0 -1
  285. data/lib/puppet/provider/parsedfile.rb +5 -26
  286. data/lib/puppet/provider/service/base.rb +1 -1
  287. data/lib/puppet/provider/service/daemontools.rb +9 -9
  288. data/lib/puppet/provider/service/debian.rb +1 -0
  289. data/lib/puppet/provider/service/launchd.rb +8 -39
  290. data/lib/puppet/provider/service/openbsd.rb +1 -1
  291. data/lib/puppet/provider/service/rcng.rb +2 -2
  292. data/lib/puppet/provider/service/runit.rb +8 -2
  293. data/lib/puppet/provider/service/smf.rb +0 -54
  294. data/lib/puppet/provider/service/systemd.rb +24 -35
  295. data/lib/puppet/provider/service/upstart.rb +1 -3
  296. data/lib/puppet/provider/service/windows.rb +3 -23
  297. data/lib/puppet/provider/user/aix.rb +2 -48
  298. data/lib/puppet/provider/user/directoryservice.rb +8 -45
  299. data/lib/puppet/provider/user/hpux.rb +1 -1
  300. data/lib/puppet/provider/user/pw.rb +3 -12
  301. data/lib/puppet/provider/user/user_role_add.rb +1 -5
  302. data/lib/puppet/provider/user/useradd.rb +44 -74
  303. data/lib/puppet/provider/user/windows_adsi.rb +0 -7
  304. data/lib/puppet/reference/indirection.rb +2 -2
  305. data/lib/puppet/reference/metaparameter.rb +3 -1
  306. data/lib/puppet/reference/providers.rb +1 -1
  307. data/lib/puppet/reference/type.rb +9 -3
  308. data/lib/puppet/reports.rb +3 -3
  309. data/lib/puppet/resource.rb +22 -22
  310. data/lib/puppet/resource/catalog.rb +8 -14
  311. data/lib/puppet/resource/type.rb +1 -10
  312. data/lib/puppet/rest/client.rb +83 -0
  313. data/lib/puppet/rest/errors.rb +14 -0
  314. data/lib/puppet/rest/response.rb +34 -0
  315. data/lib/puppet/rest/route.rb +84 -0
  316. data/lib/puppet/rest/routes.rb +154 -0
  317. data/lib/puppet/rest/ssl_context.rb +13 -0
  318. data/lib/puppet/settings.rb +9 -54
  319. data/lib/puppet/settings/config_file.rb +1 -2
  320. data/lib/puppet/settings/environment_conf.rb +0 -1
  321. data/lib/puppet/settings/file_setting.rb +1 -1
  322. data/lib/puppet/settings/server_list_setting.rb +0 -9
  323. data/lib/puppet/ssl.rb +0 -1
  324. data/lib/puppet/ssl/base.rb +1 -9
  325. data/lib/puppet/ssl/certificate.rb +7 -4
  326. data/lib/puppet/ssl/certificate_request.rb +6 -14
  327. data/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
  328. data/lib/puppet/ssl/host.rb +400 -174
  329. data/lib/puppet/ssl/key.rb +1 -5
  330. data/lib/puppet/ssl/oids.rb +3 -3
  331. data/lib/puppet/ssl/validator/default_validator.rb +33 -49
  332. data/lib/puppet/test/test_helper.rb +12 -18
  333. data/lib/puppet/transaction.rb +7 -12
  334. data/lib/puppet/transaction/event.rb +37 -14
  335. data/lib/puppet/transaction/event_manager.rb +3 -11
  336. data/lib/puppet/transaction/persistence.rb +1 -1
  337. data/lib/puppet/transaction/report.rb +1 -1
  338. data/lib/puppet/transaction/resource_harness.rb +2 -5
  339. data/lib/puppet/type.rb +7 -10
  340. data/lib/puppet/type/exec.rb +16 -50
  341. data/lib/puppet/type/file.rb +7 -16
  342. data/lib/puppet/type/file/content.rb +2 -3
  343. data/lib/puppet/type/file/data_sync.rb +1 -5
  344. data/lib/puppet/type/file/mode.rb +2 -7
  345. data/lib/puppet/type/file/source.rb +2 -1
  346. data/lib/puppet/type/filebucket.rb +8 -12
  347. data/lib/puppet/type/group.rb +3 -33
  348. data/lib/puppet/type/notify.rb +2 -3
  349. data/lib/puppet/type/package.rb +18 -154
  350. data/lib/puppet/type/resources.rb +2 -12
  351. data/lib/puppet/type/schedule.rb +34 -96
  352. data/lib/puppet/type/service.rb +10 -9
  353. data/lib/puppet/type/tidy.rb +1 -1
  354. data/lib/puppet/type/user.rb +30 -14
  355. data/lib/puppet/util.rb +28 -52
  356. data/lib/puppet/util/autoload.rb +62 -56
  357. data/lib/puppet/util/character_encoding.rb +0 -22
  358. data/lib/puppet/util/classgen.rb +0 -6
  359. data/lib/puppet/util/command_line.rb +4 -7
  360. data/lib/puppet/util/command_line/trollop.rb +1 -1
  361. data/lib/puppet/util/connection.rb +74 -0
  362. data/lib/puppet/util/execution.rb +7 -22
  363. data/lib/puppet/util/feature.rb +63 -41
  364. data/lib/puppet/util/fileparsing.rb +27 -5
  365. data/lib/puppet/util/filetype.rb +8 -56
  366. data/lib/puppet/util/http_proxy.rb +18 -27
  367. data/lib/puppet/util/instance_loader.rb +3 -21
  368. data/lib/puppet/util/json.rb +0 -8
  369. data/lib/puppet/util/ldap/connection.rb +7 -7
  370. data/lib/puppet/util/log.rb +3 -8
  371. data/lib/puppet/util/log/destinations.rb +13 -5
  372. data/lib/puppet/util/logging.rb +19 -31
  373. data/lib/puppet/util/metric.rb +2 -2
  374. data/lib/puppet/util/monkey_patches.rb +1 -1
  375. data/lib/puppet/util/network_device/base.rb +1 -1
  376. data/lib/puppet/util/pidlock.rb +3 -23
  377. data/lib/puppet/util/platform.rb +3 -0
  378. data/lib/puppet/util/plist.rb +0 -6
  379. data/lib/puppet/util/posix.rb +0 -15
  380. data/lib/puppet/util/provider_features.rb +6 -7
  381. data/lib/puppet/util/rdoc.rb +2 -2
  382. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  383. data/lib/puppet/util/reference.rb +8 -7
  384. data/lib/puppet/util/resource_template.rb +1 -1
  385. data/lib/puppet/util/rubygems.rb +1 -13
  386. data/lib/puppet/util/run_mode.rb +1 -1
  387. data/lib/puppet/util/selinux.rb +3 -9
  388. data/lib/puppet/util/ssl.rb +40 -1
  389. data/lib/puppet/util/storage.rb +1 -13
  390. data/lib/puppet/util/suidmanager.rb +7 -5
  391. data/lib/puppet/util/tag_set.rb +1 -1
  392. data/lib/puppet/util/tagging.rb +1 -1
  393. data/lib/puppet/util/windows.rb +15 -0
  394. data/lib/puppet/util/windows/adsi.rb +7 -116
  395. data/lib/puppet/util/windows/api_types.rb +33 -46
  396. data/lib/puppet/util/windows/eventlog.rb +6 -1
  397. data/lib/puppet/util/windows/principal.rb +6 -8
  398. data/lib/puppet/util/windows/process.rb +3 -94
  399. data/lib/puppet/util/windows/registry.rb +14 -46
  400. data/lib/puppet/util/windows/security.rb +2 -40
  401. data/lib/puppet/util/windows/service.rb +72 -431
  402. data/lib/puppet/util/windows/sid.rb +3 -4
  403. data/lib/puppet/util/windows/user.rb +9 -17
  404. data/lib/puppet/util/yaml.rb +41 -5
  405. data/lib/puppet/vendor.rb +1 -1
  406. data/lib/puppet/version.rb +1 -1
  407. data/lib/puppet_pal.rb +246 -23
  408. data/locales/ja/puppet.po +11128 -0
  409. data/locales/puppet.pot +1321 -2527
  410. data/man/man5/puppet.conf.5 +31 -191
  411. data/man/man8/puppet-agent.8 +2 -2
  412. data/man/man8/puppet-apply.8 +1 -1
  413. data/man/man8/puppet-catalog.8 +1 -1
  414. data/man/man8/puppet-config.8 +3 -3
  415. data/man/man8/puppet-describe.8 +1 -1
  416. data/man/man8/puppet-device.8 +19 -23
  417. data/man/man8/puppet-doc.8 +1 -1
  418. data/man/man8/puppet-epp.8 +1 -1
  419. data/man/man8/puppet-facts.8 +1 -1
  420. data/man/man8/puppet-filebucket.8 +2 -21
  421. data/man/man8/puppet-generate.8 +1 -1
  422. data/man/man8/puppet-help.8 +1 -1
  423. data/man/man8/puppet-key.8 +1 -7
  424. data/man/man8/puppet-lookup.8 +1 -1
  425. data/man/man8/puppet-man.8 +1 -1
  426. data/man/man8/puppet-module.8 +10 -100
  427. data/man/man8/puppet-node.8 +4 -7
  428. data/man/man8/puppet-parser.8 +1 -1
  429. data/man/man8/puppet-plugin.8 +1 -1
  430. data/man/man8/puppet-report.8 +1 -1
  431. data/man/man8/puppet-resource.8 +1 -1
  432. data/man/man8/puppet-script.8 +1 -1
  433. data/man/man8/puppet-ssl.8 +28 -0
  434. data/man/man8/puppet-status.8 +1 -1
  435. data/man/man8/puppet.8 +12 -3
  436. data/spec/fixtures/unit/functions/hiera/hiera/backend/hieraspec_backend.rb +22 -0
  437. data/spec/fixtures/unit/functions/lookup/hiera/backend/custom_backend.rb +18 -0
  438. data/spec/fixtures/unit/functions/lookup/hiera/backend/other_backend.rb +7 -0
  439. data/spec/fixtures/unit/pops/loaders/loaders/dependent_modules_with_metadata/modules/user/manifests/init.pp +6 -6
  440. data/spec/fixtures/unit/provider/package/pkgng/pkg.info +0 -1
  441. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +0 -2
  442. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +0 -9
  443. data/spec/integration/agent/logging_spec.rb +9 -7
  444. data/spec/integration/application/apply_spec.rb +31 -26
  445. data/spec/integration/application/doc_spec.rb +2 -1
  446. data/spec/integration/application/lookup_spec.rb +5 -5
  447. data/spec/integration/configurer_spec.rb +8 -76
  448. data/spec/integration/data_binding_spec.rb +1 -1
  449. data/spec/integration/defaults_spec.rb +13 -16
  450. data/spec/integration/directory_environments_spec.rb +1 -1
  451. data/spec/integration/faces/config_spec.rb +4 -3
  452. data/spec/integration/faces/documentation_spec.rb +1 -0
  453. data/spec/integration/faces/plugin_spec.rb +49 -29
  454. data/spec/integration/file_bucket/file_spec.rb +4 -19
  455. data/spec/integration/file_serving/content_spec.rb +1 -0
  456. data/spec/integration/file_serving/fileset_spec.rb +1 -0
  457. data/spec/integration/file_serving/metadata_spec.rb +1 -0
  458. data/spec/integration/file_serving/terminus_helper_spec.rb +1 -0
  459. data/spec/integration/file_system/uniquefile_spec.rb +26 -29
  460. data/spec/integration/indirector/catalog/compiler_spec.rb +11 -10
  461. data/spec/integration/indirector/direct_file_server_spec.rb +1 -1
  462. data/spec/integration/indirector/facts/facter_spec.rb +8 -22
  463. data/spec/integration/indirector/file_content/file_server_spec.rb +8 -7
  464. data/spec/integration/indirector/file_metadata/file_server_spec.rb +8 -7
  465. data/spec/integration/network/authconfig_spec.rb +24 -23
  466. data/spec/integration/network/formats_spec.rb +1 -0
  467. data/spec/integration/network/http/api/indirected_routes_spec.rb +6 -34
  468. data/spec/integration/node/environment_spec.rb +2 -1
  469. data/spec/integration/node/facts_spec.rb +10 -9
  470. data/spec/integration/node_spec.rb +7 -10
  471. data/spec/integration/parser/catalog_spec.rb +8 -6
  472. data/spec/integration/parser/collection_spec.rb +9 -4
  473. data/spec/integration/parser/compiler_spec.rb +7 -25
  474. data/spec/integration/parser/scope_spec.rb +1 -1
  475. data/spec/integration/parser/undef_param_spec.rb +1 -1
  476. data/spec/integration/provider/service/init_spec.rb +9 -6
  477. data/spec/integration/provider/service/systemd_spec.rb +14 -11
  478. data/spec/integration/provider/service/windows_spec.rb +11 -8
  479. data/spec/integration/reference/providers_spec.rb +7 -0
  480. data/spec/integration/reports_spec.rb +2 -1
  481. data/spec/integration/resource/catalog_spec.rb +17 -14
  482. data/spec/integration/resource/type_collection_spec.rb +5 -4
  483. data/spec/integration/ssl/certificate_request_spec.rb +1 -2
  484. data/spec/integration/ssl/host_spec.rb +17 -24
  485. data/spec/integration/ssl/key_spec.rb +7 -2
  486. data/spec/integration/test/test_helper_spec.rb +32 -0
  487. data/spec/integration/transaction/report_spec.rb +14 -9
  488. data/spec/integration/type/exec_spec.rb +2 -1
  489. data/spec/integration/type/file_spec.rb +38 -46
  490. data/spec/integration/type/package_spec.rb +25 -21
  491. data/spec/integration/type/tidy_spec.rb +2 -1
  492. data/spec/integration/type_spec.rb +1 -0
  493. data/spec/integration/util/autoload_spec.rb +11 -7
  494. data/spec/integration/util/execution_spec.rb +5 -32
  495. data/spec/integration/util/rdoc/parser_spec.rb +14 -23
  496. data/spec/integration/util/settings_spec.rb +2 -1
  497. data/spec/integration/util/windows/adsi_spec.rb +8 -11
  498. data/spec/integration/util/windows/principal_spec.rb +2 -1
  499. data/spec/integration/util/windows/process_spec.rb +9 -7
  500. data/spec/integration/util/windows/registry_spec.rb +46 -127
  501. data/spec/integration/util/windows/security_spec.rb +15 -16
  502. data/spec/integration/util/windows/user_spec.rb +29 -66
  503. data/spec/integration/util_spec.rb +10 -7
  504. data/spec/lib/matchers/json.rb +12 -18
  505. data/{lib/puppet/ssl → spec/lib/puppet}/certificate_factory.rb +5 -6
  506. data/spec/lib/puppet/test_ca.rb +109 -0
  507. data/spec/lib/puppet_spec/compiler.rb +28 -1
  508. data/spec/lib/puppet_spec/files.rb +29 -23
  509. data/spec/lib/puppet_spec/module_tool/shared_functions.rb +1 -1
  510. data/spec/lib/puppet_spec/modules.rb +11 -1
  511. data/spec/lib/puppet_spec/scope.rb +2 -1
  512. data/spec/lib/puppet_spec/ssl.rb +265 -0
  513. data/spec/lib/puppet_spec/validators.rb +37 -0
  514. data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
  515. data/spec/shared_behaviours/file_server_terminus.rb +9 -8
  516. data/spec/shared_behaviours/file_serving.rb +8 -6
  517. data/spec/shared_behaviours/file_serving_model.rb +5 -22
  518. data/spec/shared_behaviours/hiera_indirections.rb +4 -3
  519. data/spec/shared_behaviours/iterative_functions.rb +1 -0
  520. data/spec/shared_behaviours/memory_terminus.rb +2 -2
  521. data/spec/shared_behaviours/path_parameters.rb +1 -1
  522. data/spec/shared_contexts/types_setup.rb +0 -2
  523. data/spec/shared_examples/rhel_package_provider.rb +70 -112
  524. data/spec/spec_helper.rb +1 -15
  525. data/spec/unit/agent/disabler_spec.rb +5 -4
  526. data/spec/unit/agent/locker_spec.rb +13 -12
  527. data/spec/unit/agent_spec.rb +102 -105
  528. data/spec/unit/application/agent_spec.rb +95 -114
  529. data/spec/unit/application/apply_spec.rb +92 -119
  530. data/spec/unit/application/config_spec.rb +1 -0
  531. data/spec/unit/application/describe_spec.rb +7 -6
  532. data/spec/unit/application/device_spec.rb +180 -181
  533. data/spec/unit/application/doc_spec.rb +46 -44
  534. data/spec/unit/application/face_base_spec.rb +62 -61
  535. data/spec/unit/application/facts_spec.rb +4 -3
  536. data/spec/unit/application/filebucket_spec.rb +74 -66
  537. data/spec/unit/application/indirection_base_spec.rb +6 -8
  538. data/spec/unit/application/lookup_spec.rb +44 -37
  539. data/spec/unit/application/resource_spec.rb +48 -42
  540. data/spec/unit/application/ssl_spec.rb +322 -0
  541. data/spec/unit/application_spec.rb +108 -90
  542. data/spec/unit/capability_spec.rb +15 -16
  543. data/spec/unit/{ssl/certificate_factory_spec.rb → certificate_factory_spec.rb} +13 -20
  544. data/spec/unit/configurer/downloader_spec.rb +22 -31
  545. data/spec/unit/configurer/fact_handler_spec.rb +7 -2
  546. data/spec/unit/configurer/plugin_handler_spec.rb +8 -41
  547. data/spec/unit/configurer_spec.rb +475 -520
  548. data/spec/unit/confine/exists_spec.rb +15 -17
  549. data/spec/unit/confine/false_spec.rb +6 -32
  550. data/spec/unit/confine/feature_spec.rb +5 -7
  551. data/spec/unit/confine/true_spec.rb +6 -32
  552. data/spec/unit/confine/variable_spec.rb +15 -14
  553. data/spec/unit/confine_collection_spec.rb +29 -28
  554. data/spec/unit/confine_spec.rb +14 -13
  555. data/spec/unit/confiner_spec.rb +11 -10
  556. data/spec/unit/context/trusted_information_spec.rb +4 -3
  557. data/spec/unit/daemon_spec.rb +38 -35
  558. data/spec/unit/data_providers/function_data_provider_spec.rb +1 -0
  559. data/spec/unit/data_providers/hiera_data_provider_spec.rb +1 -0
  560. data/spec/unit/datatypes_spec.rb +4 -3
  561. data/spec/unit/defaults_spec.rb +61 -32
  562. data/spec/unit/environments_spec.rb +7 -7
  563. data/spec/unit/etc_spec.rb +29 -52
  564. data/spec/unit/external/pson_spec.rb +1 -0
  565. data/spec/unit/face/catalog_spec.rb +1 -0
  566. data/spec/unit/face/config_spec.rb +35 -31
  567. data/spec/unit/face/epp_face_spec.rb +4 -3
  568. data/spec/unit/face/facts_spec.rb +6 -14
  569. data/spec/unit/face/generate_spec.rb +5 -4
  570. data/spec/unit/face/help_spec.rb +8 -7
  571. data/spec/unit/face/key_spec.rb +1 -0
  572. data/spec/unit/face/man_spec.rb +2 -1
  573. data/spec/unit/face/module/install_spec.rb +5 -3
  574. data/spec/unit/face/module/list_spec.rb +12 -62
  575. data/spec/unit/face/module/search_spec.rb +9 -11
  576. data/spec/unit/face/module/uninstall_spec.rb +8 -4
  577. data/spec/unit/face/node_spec.rb +30 -52
  578. data/spec/unit/face/parser_spec.rb +3 -3
  579. data/spec/unit/face/plugin_spec.rb +9 -44
  580. data/spec/unit/face/status_spec.rb +1 -0
  581. data/spec/unit/file_bucket/dipper_spec.rb +24 -28
  582. data/spec/unit/file_bucket/file_spec.rb +2 -0
  583. data/spec/unit/file_serving/base_spec.rb +18 -20
  584. data/spec/unit/file_serving/configuration/parser_spec.rb +28 -27
  585. data/spec/unit/file_serving/configuration_spec.rb +66 -63
  586. data/spec/unit/file_serving/content_spec.rb +11 -10
  587. data/spec/unit/file_serving/fileset_spec.rb +58 -63
  588. data/spec/unit/file_serving/http_metadata_spec.rb +7 -8
  589. data/spec/unit/file_serving/metadata_spec.rb +40 -40
  590. data/spec/unit/file_serving/mount/file_spec.rb +32 -31
  591. data/spec/unit/file_serving/mount/locales_spec.rb +26 -25
  592. data/spec/unit/file_serving/mount/modules_spec.rb +15 -14
  593. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +26 -25
  594. data/spec/unit/file_serving/mount/plugins_spec.rb +26 -25
  595. data/spec/unit/file_serving/mount/tasks_spec.rb +15 -14
  596. data/spec/unit/file_serving/mount_spec.rb +1 -0
  597. data/spec/unit/file_serving/terminus_helper_spec.rb +42 -37
  598. data/spec/unit/file_serving/terminus_selector_spec.rb +13 -12
  599. data/spec/unit/file_system/path_pattern_spec.rb +1 -1
  600. data/spec/unit/file_system/uniquefile_spec.rb +6 -17
  601. data/spec/unit/file_system_spec.rb +9 -6
  602. data/spec/unit/forge/errors_spec.rb +1 -1
  603. data/spec/unit/forge/forge_spec.rb +16 -15
  604. data/spec/unit/forge/module_release_spec.rb +18 -18
  605. data/spec/unit/forge/repository_spec.rb +30 -27
  606. data/spec/unit/forge_spec.rb +11 -15
  607. data/spec/unit/functions/abs_spec.rb +70 -0
  608. data/spec/unit/functions/binary_file_spec.rb +3 -3
  609. data/spec/unit/functions/call_spec.rb +59 -5
  610. data/spec/unit/functions/camelcase_spec.rb +34 -0
  611. data/spec/unit/functions/capitalize_spec.rb +34 -0
  612. data/spec/unit/functions/ceiling_spec.rb +65 -0
  613. data/spec/unit/functions/chomp_spec.rb +46 -0
  614. data/spec/unit/functions/chop_spec.rb +38 -0
  615. data/spec/unit/functions/compare_spec.rb +147 -0
  616. data/spec/unit/functions/contain_spec.rb +2 -0
  617. data/spec/unit/functions/convert_to_spec.rb +3 -0
  618. data/spec/unit/functions/defined_spec.rb +1 -0
  619. data/spec/unit/functions/downcase_spec.rb +34 -0
  620. data/spec/unit/functions/epp_spec.rb +2 -2
  621. data/spec/unit/functions/filter_spec.rb +4 -4
  622. data/spec/unit/functions/find_file_spec.rb +7 -7
  623. data/spec/unit/functions/floor_spec.rb +65 -0
  624. data/spec/unit/functions/get_spec.rb +135 -0
  625. data/spec/unit/functions/getvar_spec.rb +121 -0
  626. data/spec/unit/functions/hiera_spec.rb +14 -48
  627. data/spec/unit/functions/include_spec.rb +4 -0
  628. data/spec/unit/functions/lookup_fixture_spec.rb +1 -0
  629. data/spec/unit/functions/lookup_spec.rb +37 -62
  630. data/spec/unit/functions/lstrip_spec.rb +30 -0
  631. data/spec/unit/functions/match_spec.rb +3 -4
  632. data/spec/unit/functions/max_spec.rb +129 -0
  633. data/spec/unit/functions/min_spec.rb +129 -0
  634. data/spec/unit/functions/module_directory_spec.rb +12 -12
  635. data/spec/unit/functions/new_spec.rb +0 -15
  636. data/spec/unit/functions/regsubst_spec.rb +3 -4
  637. data/spec/unit/functions/require_spec.rb +3 -0
  638. data/spec/unit/functions/round_spec.rb +41 -0
  639. data/spec/unit/functions/rstrip_spec.rb +30 -0
  640. data/spec/unit/functions/shared.rb +8 -5
  641. data/spec/unit/functions/size_spec.rb +50 -0
  642. data/spec/unit/functions/sort_spec.rb +79 -0
  643. data/spec/unit/functions/split_spec.rb +3 -4
  644. data/spec/unit/functions/strip_spec.rb +30 -0
  645. data/spec/unit/functions/upcase_spec.rb +34 -0
  646. data/spec/unit/functions/versioncmp_spec.rb +4 -4
  647. data/spec/unit/functions4_spec.rb +78 -51
  648. data/spec/unit/gettext/config_spec.rb +4 -4
  649. data/spec/unit/gettext/module_loading_spec.rb +7 -7
  650. data/spec/unit/graph/rb_tree_map_spec.rb +2 -0
  651. data/spec/unit/graph/relationship_graph_spec.rb +2 -1
  652. data/spec/unit/graph/simple_graph_spec.rb +52 -11
  653. data/spec/unit/hiera/scope_spec.rb +0 -7
  654. data/spec/unit/hiera_puppet_spec.rb +20 -20
  655. data/spec/unit/indirector/catalog/compiler_spec.rb +166 -183
  656. data/spec/unit/indirector/catalog/json_spec.rb +2 -1
  657. data/spec/unit/indirector/catalog/msgpack_spec.rb +1 -0
  658. data/spec/unit/indirector/catalog/rest_spec.rb +1 -0
  659. data/spec/unit/indirector/catalog/store_configs_spec.rb +1 -0
  660. data/spec/unit/indirector/catalog/yaml_spec.rb +1 -0
  661. data/spec/unit/indirector/certificate/file_spec.rb +1 -8
  662. data/spec/unit/indirector/certificate/rest_spec.rb +10 -8
  663. data/spec/unit/indirector/certificate_request/file_spec.rb +1 -0
  664. data/spec/unit/indirector/certificate_request/rest_spec.rb +1 -0
  665. data/spec/unit/indirector/direct_file_server_spec.rb +49 -57
  666. data/spec/unit/indirector/envelope_spec.rb +2 -1
  667. data/spec/unit/indirector/exec_spec.rb +31 -26
  668. data/spec/unit/indirector/face_spec.rb +9 -9
  669. data/spec/unit/indirector/facts/facter_spec.rb +43 -37
  670. data/spec/unit/indirector/facts/network_device_spec.rb +9 -8
  671. data/spec/unit/indirector/facts/rest_spec.rb +8 -7
  672. data/spec/unit/indirector/facts/store_configs_spec.rb +1 -0
  673. data/spec/unit/indirector/facts/yaml_spec.rb +90 -77
  674. data/spec/unit/indirector/file_bucket_file/file_spec.rb +13 -9
  675. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +1 -0
  676. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +5 -4
  677. data/spec/unit/indirector/file_content/file_server_spec.rb +1 -0
  678. data/spec/unit/indirector/file_content/file_spec.rb +1 -0
  679. data/spec/unit/indirector/file_content/rest_spec.rb +1 -0
  680. data/spec/unit/indirector/file_content/selector_spec.rb +1 -0
  681. data/spec/unit/indirector/file_metadata/file_server_spec.rb +1 -0
  682. data/spec/unit/indirector/file_metadata/file_spec.rb +13 -12
  683. data/spec/unit/indirector/file_metadata/rest_spec.rb +1 -0
  684. data/spec/unit/indirector/file_metadata/selector_spec.rb +1 -0
  685. data/spec/unit/indirector/file_server_spec.rb +145 -145
  686. data/spec/unit/indirector/indirection_spec.rb +226 -249
  687. data/spec/unit/indirector/json_spec.rb +9 -7
  688. data/spec/unit/indirector/key/file_spec.rb +22 -38
  689. data/spec/unit/indirector/memory_spec.rb +7 -6
  690. data/spec/unit/indirector/msgpack_spec.rb +9 -7
  691. data/spec/unit/indirector/node/exec_spec.rb +43 -22
  692. data/spec/unit/indirector/node/memory_spec.rb +4 -2
  693. data/spec/unit/indirector/node/msgpack_spec.rb +1 -0
  694. data/spec/unit/indirector/node/plain_spec.rb +4 -2
  695. data/spec/unit/indirector/node/rest_spec.rb +1 -0
  696. data/spec/unit/indirector/node/store_configs_spec.rb +1 -0
  697. data/spec/unit/indirector/node/yaml_spec.rb +1 -0
  698. data/spec/unit/indirector/none_spec.rb +5 -5
  699. data/spec/unit/indirector/plain_spec.rb +8 -7
  700. data/spec/unit/indirector/report/msgpack_spec.rb +1 -0
  701. data/spec/unit/indirector/report/processor_spec.rb +22 -21
  702. data/spec/unit/indirector/report/rest_spec.rb +12 -11
  703. data/spec/unit/indirector/report/yaml_spec.rb +1 -0
  704. data/spec/unit/indirector/request_spec.rb +18 -15
  705. data/spec/unit/indirector/resource/ral_spec.rb +55 -47
  706. data/spec/unit/indirector/resource/store_configs_spec.rb +1 -0
  707. data/spec/unit/indirector/rest_spec.rb +110 -113
  708. data/spec/unit/indirector/ssl_file_spec.rb +100 -119
  709. data/spec/unit/indirector/status/local_spec.rb +1 -0
  710. data/spec/unit/indirector/status/rest_spec.rb +1 -0
  711. data/spec/unit/indirector/store_configs_spec.rb +1 -0
  712. data/spec/unit/indirector/terminus_spec.rb +30 -32
  713. data/spec/unit/indirector/yaml_spec.rb +90 -68
  714. data/spec/unit/indirector_spec.rb +2 -1
  715. data/spec/unit/info_service_spec.rb +144 -10
  716. data/spec/unit/interface/action_builder_spec.rb +1 -0
  717. data/spec/unit/interface/action_manager_spec.rb +1 -0
  718. data/spec/unit/interface/action_spec.rb +3 -2
  719. data/spec/unit/interface/documentation_spec.rb +1 -0
  720. data/spec/unit/interface/face_collection_spec.rb +12 -19
  721. data/spec/unit/interface_spec.rb +3 -3
  722. data/spec/unit/man_spec.rb +4 -3
  723. data/spec/unit/module_spec.rb +52 -102
  724. data/spec/unit/module_tool/applications/installer_spec.rb +13 -12
  725. data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
  726. data/spec/unit/module_tool/applications/uninstaller_spec.rb +2 -1
  727. data/spec/unit/module_tool/applications/unpacker_spec.rb +13 -13
  728. data/spec/unit/module_tool/applications/upgrader_spec.rb +6 -6
  729. data/spec/unit/module_tool/install_directory_spec.rb +8 -8
  730. data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
  731. data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
  732. data/spec/unit/module_tool/tar/mini_spec.rb +12 -12
  733. data/spec/unit/module_tool/tar_spec.rb +13 -12
  734. data/spec/unit/module_tool_spec.rb +12 -29
  735. data/spec/unit/network/auth_config_parser_spec.rb +13 -11
  736. data/spec/unit/network/authconfig_spec.rb +18 -17
  737. data/spec/unit/network/authorization_spec.rb +5 -4
  738. data/spec/unit/network/authstore_spec.rb +1 -0
  739. data/spec/unit/network/format_handler_spec.rb +1 -0
  740. data/spec/unit/network/format_spec.rb +10 -9
  741. data/spec/unit/network/format_support_spec.rb +29 -28
  742. data/spec/unit/network/formats_spec.rb +31 -4
  743. data/spec/unit/network/http/api/indirected_routes_spec.rb +41 -51
  744. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +7 -9
  745. data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -2
  746. data/spec/unit/network/http/api/master/v3/environments_spec.rb +7 -6
  747. data/spec/unit/network/http/api_spec.rb +2 -26
  748. data/spec/unit/network/http/compression_spec.rb +28 -24
  749. data/spec/unit/network/http/connection_spec.rb +122 -72
  750. data/spec/unit/network/http/factory_spec.rb +11 -40
  751. data/spec/unit/network/http/handler_spec.rb +18 -9
  752. data/spec/unit/network/http/nocache_pool_spec.rb +7 -6
  753. data/spec/unit/network/http/pool_spec.rb +29 -60
  754. data/spec/unit/network/http/request_spec.rb +2 -0
  755. data/spec/unit/network/http/response_spec.rb +13 -11
  756. data/spec/unit/network/http/route_spec.rb +1 -0
  757. data/spec/unit/network/http/session_spec.rb +2 -1
  758. data/spec/unit/network/http/site_spec.rb +1 -0
  759. data/spec/unit/network/http_pool_spec.rb +9 -18
  760. data/spec/unit/network/http_spec.rb +1 -0
  761. data/spec/unit/network/resolver_spec.rb +104 -28
  762. data/spec/unit/network/rights_spec.rb +53 -52
  763. data/spec/unit/node/environment_spec.rb +17 -18
  764. data/spec/unit/node/facts_spec.rb +21 -6
  765. data/spec/unit/node_spec.rb +23 -17
  766. data/spec/unit/other/selinux_spec.rb +1 -71
  767. data/spec/unit/parameter/boolean_spec.rb +2 -1
  768. data/spec/unit/parameter/package_options_spec.rb +2 -1
  769. data/spec/unit/parameter/path_spec.rb +1 -0
  770. data/spec/unit/parameter/value_collection_spec.rb +1 -0
  771. data/spec/unit/parameter/value_spec.rb +1 -0
  772. data/spec/unit/parameter_spec.rb +9 -9
  773. data/spec/unit/parser/ast/block_expression_spec.rb +8 -6
  774. data/spec/unit/parser/ast/leaf_spec.rb +21 -20
  775. data/spec/unit/parser/compiler_spec.rb +96 -84
  776. data/spec/unit/parser/environment_compiler_spec.rb +16 -23
  777. data/spec/unit/parser/files_spec.rb +1 -0
  778. data/spec/unit/parser/functions/create_resources_spec.rb +1 -1
  779. data/spec/unit/parser/functions/digest_spec.rb +1 -4
  780. data/spec/unit/parser/functions/fail_spec.rb +2 -5
  781. data/spec/unit/parser/functions/file_spec.rb +14 -17
  782. data/spec/unit/parser/functions/fqdn_rand_spec.rb +6 -5
  783. data/spec/unit/parser/functions/generate_spec.rb +37 -38
  784. data/spec/unit/parser/functions/inline_template_spec.rb +1 -4
  785. data/spec/unit/parser/functions/regsubst_spec.rb +1 -4
  786. data/spec/unit/parser/functions/scanf_spec.rb +1 -4
  787. data/spec/unit/parser/functions/shellquote_spec.rb +1 -0
  788. data/spec/unit/parser/functions/split_spec.rb +1 -4
  789. data/spec/unit/parser/functions/sprintf_spec.rb +1 -4
  790. data/spec/unit/parser/functions/tag_spec.rb +2 -5
  791. data/spec/unit/parser/functions/tagged_spec.rb +3 -6
  792. data/spec/unit/parser/functions/template_spec.rb +13 -17
  793. data/spec/unit/parser/functions/versioncmp_spec.rb +2 -5
  794. data/spec/unit/parser/functions_spec.rb +29 -3
  795. data/spec/unit/parser/relationship_spec.rb +1 -0
  796. data/spec/unit/parser/resource/param_spec.rb +1 -1
  797. data/spec/unit/parser/resource_spec.rb +42 -42
  798. data/spec/unit/parser/scope_spec.rb +35 -39
  799. data/spec/unit/parser/templatewrapper_spec.rb +12 -11
  800. data/spec/unit/parser/type_loader_spec.rb +19 -17
  801. data/spec/unit/pops/adaptable_spec.rb +1 -0
  802. data/spec/unit/pops/benchmark_spec.rb +1 -0
  803. data/spec/unit/pops/evaluator/access_ops_spec.rb +1 -0
  804. data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +11 -0
  805. data/spec/unit/pops/evaluator/basic_expressions_spec.rb +1 -0
  806. data/spec/unit/pops/evaluator/collections_ops_spec.rb +1 -0
  807. data/spec/unit/pops/evaluator/comparison_ops_spec.rb +1 -0
  808. data/spec/unit/pops/evaluator/conditionals_spec.rb +1 -0
  809. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +78 -18
  810. data/spec/unit/pops/evaluator/logical_ops_spec.rb +1 -0
  811. data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +5 -4
  812. data/spec/unit/pops/evaluator/string_interpolation_spec.rb +1 -0
  813. data/spec/unit/pops/evaluator/variables_spec.rb +1 -0
  814. data/spec/unit/pops/factory_spec.rb +4 -3
  815. data/spec/unit/pops/issues_spec.rb +20 -19
  816. data/spec/unit/pops/loaders/dependency_loader_spec.rb +2 -2
  817. data/spec/unit/pops/loaders/loader_spec.rb +12 -36
  818. data/spec/unit/pops/loaders/loaders_spec.rb +57 -54
  819. data/spec/unit/pops/loaders/module_loaders_spec.rb +35 -3
  820. data/spec/unit/pops/loaders/static_loader_spec.rb +0 -36
  821. data/spec/unit/pops/lookup/context_spec.rb +1 -0
  822. data/spec/unit/pops/lookup/interpolation_spec.rb +3 -2
  823. data/spec/unit/pops/merge_strategy_spec.rb +1 -0
  824. data/spec/unit/pops/migration_spec.rb +5 -3
  825. data/spec/unit/pops/model/model_spec.rb +1 -0
  826. data/spec/unit/pops/model/pn_transformer_spec.rb +1 -0
  827. data/spec/unit/pops/parser/lexer2_spec.rb +60 -21
  828. data/spec/unit/pops/parser/locator_spec.rb +6 -48
  829. data/spec/unit/pops/parser/parse_application_spec.rb +1 -0
  830. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +1 -0
  831. data/spec/unit/pops/parser/parse_calls_spec.rb +1 -0
  832. data/spec/unit/pops/parser/parse_capabilities_spec.rb +1 -0
  833. data/spec/unit/pops/parser/parse_conditionals_spec.rb +1 -0
  834. data/spec/unit/pops/parser/parse_containers_spec.rb +1 -0
  835. data/spec/unit/pops/parser/parse_heredoc_spec.rb +12 -124
  836. data/spec/unit/pops/parser/parse_plan_spec.rb +1 -0
  837. data/spec/unit/pops/parser/parse_resource_spec.rb +1 -0
  838. data/spec/unit/pops/parser/parse_site_spec.rb +1 -0
  839. data/spec/unit/pops/parser/pn_parser_spec.rb +1 -0
  840. data/spec/unit/pops/pn_spec.rb +1 -0
  841. data/spec/unit/pops/resource/resource_type_impl_spec.rb +1 -0
  842. data/spec/unit/pops/serialization/serialization_spec.rb +7 -5
  843. data/spec/unit/pops/serialization/to_from_hr_spec.rb +29 -4
  844. data/spec/unit/pops/serialization/to_stringified_spec.rb +157 -0
  845. data/spec/unit/pops/types/deferred_spec.rb +87 -0
  846. data/spec/unit/pops/types/p_object_type_spec.rb +20 -0
  847. data/spec/unit/pops/types/p_timespan_type_spec.rb +0 -22
  848. data/spec/unit/pops/types/p_timestamp_type_spec.rb +0 -19
  849. data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
  850. data/spec/unit/pops/types/ruby_generator_spec.rb +2 -2
  851. data/spec/unit/pops/types/string_converter_spec.rb +11 -22
  852. data/spec/unit/pops/types/task_spec.rb +148 -16
  853. data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
  854. data/spec/unit/pops/types/type_calculator_spec.rb +36 -36
  855. data/spec/unit/pops/types/type_mismatch_describer_spec.rb +0 -9
  856. data/spec/unit/pops/types/type_parser_spec.rb +13 -13
  857. data/spec/unit/pops/types/types_spec.rb +12 -6
  858. data/spec/unit/pops/validator/validator_spec.rb +162 -82
  859. data/spec/unit/pops/visitor_spec.rb +1 -0
  860. data/spec/unit/property/boolean_spec.rb +1 -1
  861. data/spec/unit/property/ensure_spec.rb +1 -0
  862. data/spec/unit/property/keyvalue_spec.rb +34 -32
  863. data/spec/unit/property/list_spec.rb +27 -26
  864. data/spec/unit/property/ordered_list_spec.rb +14 -10
  865. data/spec/unit/property_spec.rb +53 -43
  866. data/spec/unit/provider/aix_object_spec.rb +45 -47
  867. data/spec/unit/provider/command_spec.rb +9 -9
  868. data/spec/unit/provider/exec/posix_spec.rb +9 -8
  869. data/spec/unit/provider/exec/shell_spec.rb +3 -1
  870. data/spec/unit/provider/exec/windows_spec.rb +6 -4
  871. data/spec/unit/provider/exec_spec.rb +1 -209
  872. data/spec/unit/provider/file/posix_spec.rb +24 -22
  873. data/spec/unit/provider/file/windows_spec.rb +19 -17
  874. data/spec/unit/provider/group/aix_spec.rb +7 -22
  875. data/spec/unit/provider/group/groupadd_spec.rb +27 -60
  876. data/spec/unit/provider/group/ldap_spec.rb +36 -33
  877. data/spec/unit/provider/group/pw_spec.rb +18 -15
  878. data/spec/unit/provider/group/windows_adsi_spec.rb +80 -128
  879. data/spec/unit/provider/ldap_spec.rb +62 -61
  880. data/spec/unit/provider/nameservice/directoryservice_spec.rb +109 -102
  881. data/spec/unit/provider/nameservice_spec.rb +41 -39
  882. data/spec/unit/provider/package/aix_spec.rb +22 -48
  883. data/spec/unit/provider/package/appdmg_spec.rb +13 -13
  884. data/spec/unit/provider/package/apt_spec.rb +35 -60
  885. data/spec/unit/provider/package/aptitude_spec.rb +7 -7
  886. data/spec/unit/provider/package/aptrpm_spec.rb +13 -8
  887. data/spec/unit/provider/package/base_spec.rb +4 -4
  888. data/spec/unit/provider/package/dnf_spec.rb +23 -34
  889. data/spec/unit/provider/package/dpkg_spec.rb +72 -114
  890. data/spec/unit/provider/package/freebsd_spec.rb +18 -15
  891. data/spec/unit/provider/package/gem_spec.rb +86 -163
  892. data/spec/unit/provider/package/hpux_spec.rb +18 -15
  893. data/spec/unit/provider/package/macports_spec.rb +54 -56
  894. data/spec/unit/provider/package/nim_spec.rb +49 -33
  895. data/spec/unit/provider/package/openbsd_spec.rb +49 -60
  896. data/spec/unit/provider/package/opkg_spec.rb +26 -23
  897. data/spec/unit/provider/package/pacman_spec.rb +118 -97
  898. data/spec/unit/provider/package/pip3_spec.rb +6 -20
  899. data/spec/unit/provider/package/pip_spec.rb +129 -185
  900. data/spec/unit/provider/package/pkg_spec.rb +119 -129
  901. data/spec/unit/provider/package/pkgdmg_spec.rb +63 -65
  902. data/spec/unit/provider/package/pkgin_spec.rb +23 -20
  903. data/spec/unit/provider/package/pkgng_spec.rb +35 -67
  904. data/spec/unit/provider/package/pkgutil_spec.rb +49 -45
  905. data/spec/unit/provider/package/portage_spec.rb +76 -72
  906. data/spec/unit/provider/package/puppet_gem_spec.rb +21 -45
  907. data/spec/unit/provider/package/rpm_spec.rb +79 -291
  908. data/spec/unit/provider/package/sun_spec.rb +18 -16
  909. data/spec/unit/provider/package/tdnf_spec.rb +12 -9
  910. data/spec/unit/provider/package/up2date_spec.rb +4 -2
  911. data/spec/unit/provider/package/urpmi_spec.rb +17 -15
  912. data/spec/unit/provider/package/windows/exe_package_spec.rb +18 -15
  913. data/spec/unit/provider/package/windows/msi_package_spec.rb +23 -20
  914. data/spec/unit/provider/package/windows/package_spec.rb +43 -38
  915. data/spec/unit/provider/package/windows_spec.rb +36 -51
  916. data/spec/unit/provider/package/yum_spec.rb +24 -128
  917. data/spec/unit/provider/package/zypper_spec.rb +106 -117
  918. data/spec/unit/provider/parsedfile_spec.rb +45 -44
  919. data/spec/unit/provider/service/base_spec.rb +6 -5
  920. data/spec/unit/provider/service/bsd_spec.rb +54 -47
  921. data/spec/unit/provider/service/daemontools_spec.rb +53 -70
  922. data/spec/unit/provider/service/debian_spec.rb +58 -46
  923. data/spec/unit/provider/service/freebsd_spec.rb +23 -20
  924. data/spec/unit/provider/service/gentoo_spec.rb +81 -74
  925. data/spec/unit/provider/service/init_spec.rb +66 -65
  926. data/spec/unit/provider/service/launchd_spec.rb +114 -181
  927. data/spec/unit/provider/service/openbsd_spec.rb +94 -87
  928. data/spec/unit/provider/service/openrc_spec.rb +74 -70
  929. data/spec/unit/provider/service/openwrt_spec.rb +38 -30
  930. data/spec/unit/provider/service/rcng_spec.rb +24 -19
  931. data/spec/unit/provider/service/redhat_spec.rb +60 -60
  932. data/spec/unit/provider/service/runit_spec.rb +44 -61
  933. data/spec/unit/provider/service/smf_spec.rb +74 -143
  934. data/spec/unit/provider/service/src_spec.rb +69 -60
  935. data/spec/unit/provider/service/systemd_spec.rb +160 -222
  936. data/spec/unit/provider/service/upstart_spec.rb +99 -83
  937. data/spec/unit/provider/service/windows_spec.rb +42 -84
  938. data/spec/unit/provider/user/aix_spec.rb +24 -65
  939. data/spec/unit/provider/user/directoryservice_spec.rb +114 -187
  940. data/spec/unit/provider/user/hpux_spec.rb +21 -17
  941. data/spec/unit/provider/user/ldap_spec.rb +83 -80
  942. data/spec/unit/provider/user/openbsd_spec.rb +12 -11
  943. data/spec/unit/provider/user/pw_spec.rb +44 -80
  944. data/spec/unit/provider/user/user_role_add_spec.rb +94 -94
  945. data/spec/unit/provider/user/useradd_spec.rb +100 -208
  946. data/spec/unit/provider/user/windows_adsi_spec.rb +63 -62
  947. data/spec/unit/provider_spec.rb +189 -41
  948. data/spec/unit/puppet_pal_2pec.rb +26 -12
  949. data/spec/unit/puppet_pal_catalog_spec.rb +801 -0
  950. data/spec/unit/puppet_pal_spec.rb +2 -8
  951. data/spec/unit/puppet_spec.rb +7 -27
  952. data/spec/unit/relationship_spec.rb +1 -0
  953. data/spec/unit/reports/http_spec.rb +23 -21
  954. data/spec/unit/reports/store_spec.rb +4 -3
  955. data/spec/unit/reports_spec.rb +14 -12
  956. data/spec/unit/resource/capability_finder_spec.rb +26 -29
  957. data/spec/unit/resource/catalog_spec.rb +77 -81
  958. data/spec/unit/resource/status_spec.rb +8 -6
  959. data/spec/unit/resource/type_collection_spec.rb +18 -17
  960. data/spec/unit/resource/type_spec.rb +35 -34
  961. data/spec/unit/resource_spec.rb +79 -67
  962. data/spec/unit/rest/client_spec.rb +135 -0
  963. data/spec/unit/rest/route_spec.rb +132 -0
  964. data/spec/unit/scheduler/job_spec.rb +1 -0
  965. data/spec/unit/scheduler/scheduler_spec.rb +1 -0
  966. data/spec/unit/scheduler/splay_job_spec.rb +2 -1
  967. data/spec/unit/settings/array_setting_spec.rb +1 -1
  968. data/spec/unit/settings/autosign_setting_spec.rb +9 -9
  969. data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
  970. data/spec/unit/settings/config_file_spec.rb +10 -0
  971. data/spec/unit/settings/directory_setting_spec.rb +7 -2
  972. data/spec/unit/settings/duration_setting_spec.rb +2 -1
  973. data/spec/unit/settings/enum_setting_spec.rb +1 -1
  974. data/spec/unit/settings/environment_conf_spec.rb +6 -4
  975. data/spec/unit/settings/file_setting_spec.rb +50 -46
  976. data/spec/unit/settings/ini_file_spec.rb +2 -4
  977. data/spec/unit/settings/path_setting_spec.rb +3 -2
  978. data/spec/unit/settings/priority_setting_spec.rb +2 -1
  979. data/spec/unit/settings/string_setting_spec.rb +15 -14
  980. data/spec/unit/settings/terminus_setting_spec.rb +2 -1
  981. data/spec/unit/settings/value_translator_spec.rb +1 -0
  982. data/spec/unit/settings_spec.rb +226 -253
  983. data/spec/unit/ssl/base_spec.rb +15 -14
  984. data/spec/unit/ssl/certificate_request_attributes_spec.rb +22 -8
  985. data/spec/unit/ssl/certificate_request_spec.rb +63 -92
  986. data/spec/unit/ssl/certificate_spec.rb +29 -37
  987. data/spec/unit/ssl/digest_spec.rb +1 -0
  988. data/spec/unit/ssl/host_spec.rb +305 -685
  989. data/spec/unit/ssl/key_spec.rb +34 -46
  990. data/spec/unit/ssl/validator_spec.rb +70 -203
  991. data/spec/unit/task_spec.rb +172 -26
  992. data/spec/unit/transaction/additional_resource_generator_spec.rb +68 -67
  993. data/spec/unit/transaction/event_manager_spec.rb +84 -95
  994. data/spec/unit/transaction/event_spec.rb +15 -16
  995. data/spec/unit/transaction/persistence_spec.rb +18 -17
  996. data/spec/unit/transaction/report_spec.rb +24 -18
  997. data/spec/unit/transaction/resource_harness_spec.rb +33 -72
  998. data/spec/unit/transaction_spec.rb +106 -176
  999. data/spec/unit/type/component_spec.rb +1 -0
  1000. data/spec/unit/type/exec_spec.rb +66 -120
  1001. data/spec/unit/type/file/checksum_spec.rb +11 -10
  1002. data/spec/unit/type/file/checksum_value_spec.rb +32 -31
  1003. data/spec/unit/type/file/content_spec.rb +62 -65
  1004. data/spec/unit/type/file/ctime_spec.rb +1 -0
  1005. data/spec/unit/type/file/ensure_spec.rb +13 -12
  1006. data/spec/unit/type/file/group_spec.rb +7 -5
  1007. data/spec/unit/type/file/mode_spec.rb +6 -4
  1008. data/spec/unit/type/file/mtime_spec.rb +1 -0
  1009. data/spec/unit/type/file/owner_spec.rb +8 -6
  1010. data/spec/unit/type/file/selinux_spec.rb +19 -17
  1011. data/spec/unit/type/file/source_spec.rb +110 -113
  1012. data/spec/unit/type/file/type_spec.rb +1 -0
  1013. data/spec/unit/type/file_spec.rb +190 -204
  1014. data/spec/unit/type/filebucket_spec.rb +10 -11
  1015. data/spec/unit/type/group_spec.rb +9 -15
  1016. data/spec/unit/type/noop_metaparam_spec.rb +2 -1
  1017. data/spec/unit/type/package/package_settings_spec.rb +23 -44
  1018. data/spec/unit/type/package_spec.rb +64 -61
  1019. data/spec/unit/type/resources_spec.rb +101 -103
  1020. data/spec/unit/type/schedule_spec.rb +28 -28
  1021. data/spec/unit/type/service_spec.rb +85 -76
  1022. data/spec/unit/type/stage_spec.rb +1 -0
  1023. data/spec/unit/type/tidy_spec.rb +63 -62
  1024. data/spec/unit/type/user_spec.rb +26 -147
  1025. data/spec/unit/type/whit_spec.rb +1 -0
  1026. data/spec/unit/type_spec.rb +164 -125
  1027. data/spec/unit/util/at_fork_spec.rb +19 -18
  1028. data/spec/unit/util/autoload_spec.rb +122 -93
  1029. data/spec/unit/util/backups_spec.rb +35 -34
  1030. data/spec/unit/util/character_encoding_spec.rb +5 -48
  1031. data/spec/unit/util/checksums_spec.rb +39 -38
  1032. data/spec/unit/util/colors_spec.rb +2 -1
  1033. data/spec/unit/util/command_line_spec.rb +20 -40
  1034. data/spec/unit/util/constant_inflector_spec.rb +1 -0
  1035. data/spec/unit/util/diff_spec.rb +8 -7
  1036. data/spec/unit/util/errors_spec.rb +1 -0
  1037. data/spec/unit/util/execution_spec.rb +167 -285
  1038. data/spec/unit/util/execution_stub_spec.rb +3 -2
  1039. data/spec/unit/util/feature_spec.rb +46 -28
  1040. data/spec/unit/util/filetype_spec.rb +53 -61
  1041. data/spec/unit/util/http_proxy_spec.rb +13 -133
  1042. data/spec/unit/util/inifile_spec.rb +31 -26
  1043. data/spec/unit/util/json_lockfile_spec.rb +5 -3
  1044. data/spec/unit/util/ldap/connection_spec.rb +25 -26
  1045. data/spec/unit/util/ldap/generator_spec.rb +1 -0
  1046. data/spec/unit/util/ldap/manager_spec.rb +102 -118
  1047. data/spec/unit/util/lockfile_spec.rb +2 -1
  1048. data/spec/unit/util/log/destinations_spec.rb +40 -23
  1049. data/spec/unit/util/log_spec.rb +146 -48
  1050. data/spec/unit/util/logging_spec.rb +114 -252
  1051. data/spec/unit/util/metric_spec.rb +1 -0
  1052. data/spec/unit/util/monkey_patches_spec.rb +12 -24
  1053. data/spec/unit/util/multi_match_spec.rb +1 -0
  1054. data/spec/unit/util/network_device/config_spec.rb +1 -0
  1055. data/spec/unit/util/network_device/transport/base_spec.rb +6 -5
  1056. data/spec/unit/util/network_device_spec.rb +9 -7
  1057. data/spec/unit/util/package_spec.rb +1 -0
  1058. data/spec/unit/util/pidlock_spec.rb +14 -86
  1059. data/spec/unit/util/plist_spec.rb +33 -60
  1060. data/spec/unit/util/posix_spec.rb +47 -78
  1061. data/spec/unit/util/profiler/object_counts_spec.rb +2 -1
  1062. data/spec/unit/util/rdoc_spec.rb +10 -9
  1063. data/spec/unit/util/reference_spec.rb +1 -0
  1064. data/spec/unit/util/resource_template_spec.rb +20 -20
  1065. data/spec/unit/util/retry_action_spec.rb +8 -7
  1066. data/spec/unit/util/rubygems_spec.rb +7 -41
  1067. data/spec/unit/util/run_mode_spec.rb +11 -10
  1068. data/spec/unit/util/selinux_spec.rb +73 -84
  1069. data/spec/unit/util/splayer_spec.rb +9 -8
  1070. data/spec/unit/util/ssl_spec.rb +1 -0
  1071. data/spec/unit/util/storage_spec.rb +17 -111
  1072. data/spec/unit/util/suidmanager_spec.rb +58 -47
  1073. data/spec/unit/util/symbolic_file_mode_spec.rb +1 -0
  1074. data/spec/unit/util/tag_set_spec.rb +9 -1
  1075. data/spec/unit/util/tagging_spec.rb +12 -0
  1076. data/spec/unit/util/terminal_spec.rb +10 -9
  1077. data/spec/unit/util/user_attr_spec.rb +2 -1
  1078. data/spec/unit/util/warnings_spec.rb +4 -3
  1079. data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
  1080. data/spec/unit/util/watcher_spec.rb +21 -51
  1081. data/spec/unit/util/windows/access_control_entry_spec.rb +2 -1
  1082. data/spec/unit/util/windows/access_control_list_spec.rb +2 -1
  1083. data/spec/unit/util/windows/adsi_spec.rb +134 -278
  1084. data/spec/unit/util/windows/api_types_spec.rb +42 -105
  1085. data/spec/unit/util/windows/eventlog_spec.rb +13 -10
  1086. data/spec/unit/util/windows/file_spec.rb +1 -0
  1087. data/spec/unit/util/windows/root_certs_spec.rb +1 -0
  1088. data/spec/unit/util/windows/security_descriptor_spec.rb +3 -1
  1089. data/spec/unit/util/windows/service_spec.rb +180 -432
  1090. data/spec/unit/util/windows/sid_spec.rb +17 -15
  1091. data/spec/unit/util/windows/string_spec.rb +2 -1
  1092. data/spec/unit/util/yaml_spec.rb +162 -28
  1093. data/spec/unit/util_spec.rb +74 -119
  1094. data/spec/unit/version_spec.rb +6 -6
  1095. data/tasks/benchmark.rake +5 -1
  1096. data/tasks/ci.rake +0 -5
  1097. data/tasks/manpages.rake +9 -2
  1098. data/tasks/parser.rake +11 -3
  1099. metadata +156 -473
  1100. data/CODEOWNERS +0 -30
  1101. data/ext/rack/config.ru +0 -44
  1102. data/ext/rack/example-passenger-vhost.conf +0 -57
  1103. data/lib/puppet/application/ca.rb +0 -11
  1104. data/lib/puppet/application/certificate.rb +0 -17
  1105. data/lib/puppet/application/certificate_request.rb +0 -7
  1106. data/lib/puppet/application/certificate_revocation_list.rb +0 -7
  1107. data/lib/puppet/application/master.rb +0 -319
  1108. data/lib/puppet/confine/boolean.rb +0 -45
  1109. data/lib/puppet/external/nagios.rb +0 -46
  1110. data/lib/puppet/external/nagios/base.rb +0 -472
  1111. data/lib/puppet/external/nagios/grammar.ry +0 -248
  1112. data/lib/puppet/external/nagios/makefile +0 -9
  1113. data/lib/puppet/external/nagios/parser.rb +0 -400
  1114. data/lib/puppet/face/ca.rb +0 -266
  1115. data/lib/puppet/face/certificate.rb +0 -167
  1116. data/lib/puppet/face/certificate_request.rb +0 -56
  1117. data/lib/puppet/face/certificate_revocation_list.rb +0 -56
  1118. data/lib/puppet/feature/rack.rb +0 -19
  1119. data/lib/puppet/graph/random_prioritizer.rb +0 -16
  1120. data/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
  1121. data/lib/puppet/indirector/certificate/ca.rb +0 -9
  1122. data/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
  1123. data/lib/puppet/indirector/certificate_request/ca.rb +0 -22
  1124. data/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
  1125. data/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
  1126. data/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
  1127. data/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
  1128. data/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -22
  1129. data/lib/puppet/indirector/certificate_status.rb +0 -4
  1130. data/lib/puppet/indirector/certificate_status/file.rb +0 -91
  1131. data/lib/puppet/indirector/certificate_status/rest.rb +0 -11
  1132. data/lib/puppet/indirector/key/ca.rb +0 -16
  1133. data/lib/puppet/indirector/key/disabled_ca.rb +0 -22
  1134. data/lib/puppet/indirector/ldap.rb +0 -86
  1135. data/lib/puppet/indirector/node/ldap.rb +0 -275
  1136. data/lib/puppet/indirector/node/write_only_yaml.rb +0 -39
  1137. data/lib/puppet/module_tool/applications/builder.rb +0 -152
  1138. data/lib/puppet/module_tool/skeleton/templates/generator/Gemfile +0 -18
  1139. data/lib/puppet/module_tool/skeleton/templates/generator/README.md.erb +0 -89
  1140. data/lib/puppet/module_tool/skeleton/templates/generator/Rakefile +0 -32
  1141. data/lib/puppet/module_tool/skeleton/templates/generator/examples/init.pp.erb +0 -12
  1142. data/lib/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +0 -48
  1143. data/lib/puppet/module_tool/skeleton/templates/generator/metadata.json.erb +0 -1
  1144. data/lib/puppet/module_tool/skeleton/templates/generator/spec/classes/init_spec.rb.erb +0 -6
  1145. data/lib/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +0 -1
  1146. data/lib/puppet/network/http/api/ca.rb +0 -2
  1147. data/lib/puppet/network/http/api/ca/v1.rb +0 -11
  1148. data/lib/puppet/network/http/rack.rb +0 -33
  1149. data/lib/puppet/network/http/rack/rest.rb +0 -162
  1150. data/lib/puppet/network/http/webrick.rb +0 -124
  1151. data/lib/puppet/network/http/webrick/rest.rb +0 -114
  1152. data/lib/puppet/network/server.rb +0 -39
  1153. data/lib/puppet/provider/augeas/augeas.rb +0 -767
  1154. data/lib/puppet/provider/cisco.rb +0 -9
  1155. data/lib/puppet/provider/computer/computer.rb +0 -20
  1156. data/lib/puppet/provider/cron/crontab.rb +0 -297
  1157. data/lib/puppet/provider/host/parsed.rb +0 -46
  1158. data/lib/puppet/provider/interface/cisco.rb +0 -27
  1159. data/lib/puppet/provider/macauthorization/macauthorization.rb +0 -298
  1160. data/lib/puppet/provider/mailalias/aliases.rb +0 -50
  1161. data/lib/puppet/provider/maillist/mailman.rb +0 -108
  1162. data/lib/puppet/provider/mcx/mcxcontent.rb +0 -173
  1163. data/lib/puppet/provider/mount.rb +0 -76
  1164. data/lib/puppet/provider/mount/parsed.rb +0 -285
  1165. data/lib/puppet/provider/naginator.rb +0 -63
  1166. data/lib/puppet/provider/package/dnfmodule.rb +0 -141
  1167. data/lib/puppet/provider/package_targetable.rb +0 -69
  1168. data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +0 -590
  1169. data/lib/puppet/provider/selboolean/getsetsebool.rb +0 -47
  1170. data/lib/puppet/provider/selmodule/semodule.rb +0 -157
  1171. data/lib/puppet/provider/ssh_authorized_key/parsed.rb +0 -105
  1172. data/lib/puppet/provider/sshkey/parsed.rb +0 -50
  1173. data/lib/puppet/provider/vlan/cisco.rb +0 -28
  1174. data/lib/puppet/provider/yumrepo/inifile.rb +0 -315
  1175. data/lib/puppet/provider/zfs/zfs.rb +0 -108
  1176. data/lib/puppet/provider/zone/solaris.rb +0 -364
  1177. data/lib/puppet/provider/zpool/zpool.rb +0 -125
  1178. data/lib/puppet/ssl/certificate_authority.rb +0 -554
  1179. data/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
  1180. data/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
  1181. data/lib/puppet/ssl/certificate_revocation_list.rb +0 -111
  1182. data/lib/puppet/ssl/configuration.rb +0 -61
  1183. data/lib/puppet/ssl/inventory.rb +0 -55
  1184. data/lib/puppet/type/augeas.rb +0 -211
  1185. data/lib/puppet/type/computer.rb +0 -66
  1186. data/lib/puppet/type/cron.rb +0 -480
  1187. data/lib/puppet/type/host.rb +0 -95
  1188. data/lib/puppet/type/interface.rb +0 -121
  1189. data/lib/puppet/type/k5login.rb +0 -165
  1190. data/lib/puppet/type/macauthorization.rb +0 -167
  1191. data/lib/puppet/type/mailalias.rb +0 -46
  1192. data/lib/puppet/type/maillist.rb +0 -62
  1193. data/lib/puppet/type/mcx.rb +0 -98
  1194. data/lib/puppet/type/mount.rb +0 -314
  1195. data/lib/puppet/type/nagios_command.rb +0 -3
  1196. data/lib/puppet/type/nagios_contact.rb +0 -3
  1197. data/lib/puppet/type/nagios_contactgroup.rb +0 -3
  1198. data/lib/puppet/type/nagios_host.rb +0 -3
  1199. data/lib/puppet/type/nagios_hostdependency.rb +0 -3
  1200. data/lib/puppet/type/nagios_hostescalation.rb +0 -3
  1201. data/lib/puppet/type/nagios_hostextinfo.rb +0 -3
  1202. data/lib/puppet/type/nagios_hostgroup.rb +0 -3
  1203. data/lib/puppet/type/nagios_service.rb +0 -3
  1204. data/lib/puppet/type/nagios_servicedependency.rb +0 -3
  1205. data/lib/puppet/type/nagios_serviceescalation.rb +0 -3
  1206. data/lib/puppet/type/nagios_serviceextinfo.rb +0 -3
  1207. data/lib/puppet/type/nagios_servicegroup.rb +0 -3
  1208. data/lib/puppet/type/nagios_timeperiod.rb +0 -3
  1209. data/lib/puppet/type/router.rb +0 -17
  1210. data/lib/puppet/type/scheduled_task.rb +0 -183
  1211. data/lib/puppet/type/selboolean.rb +0 -40
  1212. data/lib/puppet/type/selmodule.rb +0 -58
  1213. data/lib/puppet/type/ssh_authorized_key.rb +0 -143
  1214. data/lib/puppet/type/sshkey.rb +0 -83
  1215. data/lib/puppet/type/vlan.rb +0 -26
  1216. data/lib/puppet/type/yumrepo.rb +0 -430
  1217. data/lib/puppet/type/zfs.rb +0 -154
  1218. data/lib/puppet/type/zone.rb +0 -382
  1219. data/lib/puppet/type/zpool.rb +0 -91
  1220. data/lib/puppet/util/methodhelper.rb +0 -32
  1221. data/lib/puppet/util/nagios_maker.rb +0 -85
  1222. data/lib/puppet/util/network_device/cisco.rb +0 -4
  1223. data/lib/puppet/util/network_device/cisco/device.rb +0 -285
  1224. data/lib/puppet/util/network_device/cisco/facts.rb +0 -72
  1225. data/lib/puppet/util/network_device/cisco/interface.rb +0 -94
  1226. data/lib/puppet/util/network_device/ipcalc.rb +0 -68
  1227. data/lib/puppet/util/network_device/transport/ssh.rb +0 -126
  1228. data/lib/puppet/util/network_device/transport/telnet.rb +0 -47
  1229. data/lib/puppet/util/windows/taskscheduler.rb +0 -1267
  1230. data/lib/puppet/vendor/load_semantic.rb +0 -1
  1231. data/lib/puppet/vendor/load_semantic_puppet.rb +0 -1
  1232. data/lib/puppet/vendor/semantic/lib/semantic.rb +0 -5
  1233. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet.rb +0 -11
  1234. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency.rb +0 -181
  1235. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph.rb +0 -60
  1236. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph_node.rb +0 -117
  1237. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/module_release.rb +0 -58
  1238. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/source.rb +0 -25
  1239. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/unsatisfiable_graph.rb +0 -31
  1240. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/gem_version.rb +0 -3
  1241. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version.rb +0 -203
  1242. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version_range.rb +0 -758
  1243. data/lib/puppet/vendor/semantic_puppet/locales/config.yaml +0 -21
  1244. data/man/man8/puppet-ca.8 +0 -196
  1245. data/man/man8/puppet-cert.8 +0 -118
  1246. data/man/man8/puppet-certificate.8 +0 -240
  1247. data/man/man8/puppet-certificate_request.8 +0 -161
  1248. data/man/man8/puppet-certificate_revocation_list.8 +0 -139
  1249. data/man/man8/puppet-master.8 +0 -85
  1250. data/spec/fixtures/integration/provider/cron/crontab/create_normal_entry +0 -19
  1251. data/spec/fixtures/integration/provider/cron/crontab/create_special_entry +0 -18
  1252. data/spec/fixtures/integration/provider/cron/crontab/crontab_user1 +0 -15
  1253. data/spec/fixtures/integration/provider/cron/crontab/crontab_user2 +0 -4
  1254. data/spec/fixtures/integration/provider/cron/crontab/modify_entry +0 -13
  1255. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input1 +0 -15
  1256. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input2 +0 -6
  1257. data/spec/fixtures/integration/provider/cron/crontab/purged +0 -8
  1258. data/spec/fixtures/integration/provider/cron/crontab/remove_named_resource +0 -12
  1259. data/spec/fixtures/integration/provider/cron/crontab/remove_unnamed_resource +0 -14
  1260. data/spec/fixtures/integration/provider/cron/crontab/unspecialized +0 -15
  1261. data/spec/fixtures/integration/provider/mailalias/aliases/test1 +0 -32
  1262. data/spec/fixtures/integration/provider/sshkey/sample +0 -21
  1263. data/spec/fixtures/unit/provider/augeas/augeas/augeas/lenses/test.aug +0 -13
  1264. data/spec/fixtures/unit/provider/augeas/augeas/etc/fstab +0 -10
  1265. data/spec/fixtures/unit/provider/augeas/augeas/etc/hosts +0 -6
  1266. data/spec/fixtures/unit/provider/augeas/augeas/etc/test +0 -3
  1267. data/spec/fixtures/unit/provider/augeas/augeas/test.aug +0 -13
  1268. data/spec/fixtures/unit/provider/host/parsed/valid_hosts +0 -19
  1269. data/spec/fixtures/unit/provider/mount/mount-output.aix.txt +0 -7
  1270. data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +0 -152
  1271. data/spec/fixtures/unit/provider/mount/parsed/aix.mount +0 -11
  1272. data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +0 -6
  1273. data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +0 -9
  1274. data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +0 -4
  1275. data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +0 -17
  1276. data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +0 -12
  1277. data/spec/fixtures/unit/provider/mount/parsed/linux.mount +0 -6
  1278. data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +0 -10
  1279. data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +0 -9
  1280. data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +0 -5
  1281. data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +0 -5
  1282. data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +0 -11
  1283. data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +0 -6
  1284. data/spec/fixtures/unit/provider/naginator/define_empty_param +0 -6
  1285. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +0 -19
  1286. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +0 -9
  1287. data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +0 -6
  1288. data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +0 -13
  1289. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +0 -7
  1290. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +0 -3
  1291. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +0 -1
  1292. data/spec/fixtures/unit/provider/sshkey/parsed/sample +0 -21
  1293. data/spec/fixtures/unit/provider/sshkey/parsed/sample_with_blank_lines +0 -8
  1294. data/spec/fixtures/unit/provider/zfs/zfs/zfs-list.out +0 -2
  1295. data/spec/fixtures/unit/provider/zpool/zpool/zpool-list.out +0 -2
  1296. data/spec/integration/faces/ca_spec.rb +0 -353
  1297. data/spec/integration/indirector/node/ldap_spec.rb +0 -13
  1298. data/spec/integration/network/http_pool_spec.rb +0 -120
  1299. data/spec/integration/provider/cron/crontab_spec.rb +0 -240
  1300. data/spec/integration/provider/file/windows_spec.rb +0 -162
  1301. data/spec/integration/provider/mailalias/aliases_spec.rb +0 -9
  1302. data/spec/integration/provider/mount_spec.rb +0 -163
  1303. data/spec/integration/provider/ssh_authorized_key_spec.rb +0 -217
  1304. data/spec/integration/provider/sshkey_spec.rb +0 -153
  1305. data/spec/integration/provider/yumrepo_spec.rb +0 -126
  1306. data/spec/integration/ssl/autosign_spec.rb +0 -145
  1307. data/spec/integration/ssl/certificate_authority_spec.rb +0 -161
  1308. data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -33
  1309. data/spec/integration/transaction_spec.rb +0 -553
  1310. data/spec/integration/type/nagios_spec.rb +0 -69
  1311. data/spec/integration/type/notify_spec.rb +0 -46
  1312. data/spec/integration/type/user_spec.rb +0 -63
  1313. data/spec/lib/puppet_spec/https.rb +0 -166
  1314. data/spec/unit/application/cert_spec.rb +0 -272
  1315. data/spec/unit/application/certificate_spec.rb +0 -21
  1316. data/spec/unit/application/master_spec.rb +0 -414
  1317. data/spec/unit/face/ca_spec.rb +0 -9
  1318. data/spec/unit/face/certificate_request_spec.rb +0 -9
  1319. data/spec/unit/face/certificate_revocation_list_spec.rb +0 -9
  1320. data/spec/unit/face/certificate_spec.rb +0 -228
  1321. data/spec/unit/face/module/build_spec.rb +0 -69
  1322. data/spec/unit/graph/title_hash_prioritizer_spec.rb +0 -50
  1323. data/spec/unit/indirector/certificate/ca_spec.rb +0 -21
  1324. data/spec/unit/indirector/certificate/disabled_ca_spec.rb +0 -32
  1325. data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -56
  1326. data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +0 -32
  1327. data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +0 -15
  1328. data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +0 -32
  1329. data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +0 -16
  1330. data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +0 -33
  1331. data/spec/unit/indirector/certificate_status/file_spec.rb +0 -190
  1332. data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -17
  1333. data/spec/unit/indirector/code_spec.rb +0 -30
  1334. data/spec/unit/indirector/key/ca_spec.rb +0 -22
  1335. data/spec/unit/indirector/key/disabled_ca_spec.rb +0 -32
  1336. data/spec/unit/indirector/ldap_spec.rb +0 -151
  1337. data/spec/unit/indirector/node/ldap_spec.rb +0 -463
  1338. data/spec/unit/indirector/node/write_only_yaml_spec.rb +0 -11
  1339. data/spec/unit/module_tool/applications/builder_spec.rb +0 -439
  1340. data/spec/unit/network/http/api/ca/v1_spec.rb +0 -26
  1341. data/spec/unit/network/http/rack/rest_spec.rb +0 -322
  1342. data/spec/unit/network/http/rack_spec.rb +0 -42
  1343. data/spec/unit/network/http/webrick/rest_spec.rb +0 -230
  1344. data/spec/unit/network/http/webrick_spec.rb +0 -277
  1345. data/spec/unit/network/server_spec.rb +0 -94
  1346. data/spec/unit/provider/augeas/augeas_spec.rb +0 -1096
  1347. data/spec/unit/provider/cisco_spec.rb +0 -14
  1348. data/spec/unit/provider/cron/crontab_spec.rb +0 -206
  1349. data/spec/unit/provider/cron/parsed_spec.rb +0 -355
  1350. data/spec/unit/provider/host/parsed_spec.rb +0 -219
  1351. data/spec/unit/provider/interface/cisco_spec.rb +0 -53
  1352. data/spec/unit/provider/macauthorization_spec.rb +0 -134
  1353. data/spec/unit/provider/mcx/mcxcontent_spec.rb +0 -190
  1354. data/spec/unit/provider/mount/parsed_spec.rb +0 -318
  1355. data/spec/unit/provider/mount_spec.rb +0 -169
  1356. data/spec/unit/provider/naginator_spec.rb +0 -78
  1357. data/spec/unit/provider/network_device_spec.rb +0 -152
  1358. data/spec/unit/provider/package/dnfmodule_spec.rb +0 -247
  1359. data/spec/unit/provider/package_targetable_spec.rb +0 -60
  1360. data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +0 -2050
  1361. data/spec/unit/provider/selboolean_spec.rb +0 -34
  1362. data/spec/unit/provider/selmodule-example.pp +0 -0
  1363. data/spec/unit/provider/selmodule_spec.rb +0 -154
  1364. data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -259
  1365. data/spec/unit/provider/sshkey/parsed_spec.rb +0 -92
  1366. data/spec/unit/provider/vlan/cisco_spec.rb +0 -53
  1367. data/spec/unit/provider/yumrepo/inifile_spec.rb +0 -413
  1368. data/spec/unit/provider/zfs/zfs_spec.rb +0 -171
  1369. data/spec/unit/provider/zone/solaris_spec.rb +0 -261
  1370. data/spec/unit/provider/zpool/zpool_spec.rb +0 -250
  1371. data/spec/unit/settings/server_list_setting_spec.rb +0 -21
  1372. data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +0 -29
  1373. data/spec/unit/ssl/certificate_authority/interface_spec.rb +0 -563
  1374. data/spec/unit/ssl/certificate_authority_spec.rb +0 -1165
  1375. data/spec/unit/ssl/certificate_revocation_list_spec.rb +0 -196
  1376. data/spec/unit/ssl/configuration_spec.rb +0 -138
  1377. data/spec/unit/ssl/inventory_spec.rb +0 -155
  1378. data/spec/unit/test/test_helper_spec.rb +0 -17
  1379. data/spec/unit/type/augeas_spec.rb +0 -120
  1380. data/spec/unit/type/computer_spec.rb +0 -77
  1381. data/spec/unit/type/cron_spec.rb +0 -539
  1382. data/spec/unit/type/host_spec.rb +0 -680
  1383. data/spec/unit/type/interface_spec.rb +0 -128
  1384. data/spec/unit/type/k5login_spec.rb +0 -204
  1385. data/spec/unit/type/macauthorization_spec.rb +0 -111
  1386. data/spec/unit/type/mailalias_spec.rb +0 -48
  1387. data/spec/unit/type/maillist_spec.rb +0 -38
  1388. data/spec/unit/type/mcx_spec.rb +0 -75
  1389. data/spec/unit/type/mount_spec.rb +0 -622
  1390. data/spec/unit/type/nagios_spec.rb +0 -312
  1391. data/spec/unit/type/scheduled_task_spec.rb +0 -117
  1392. data/spec/unit/type/selboolean_spec.rb +0 -41
  1393. data/spec/unit/type/selmodule_spec.rb +0 -16
  1394. data/spec/unit/type/ssh_authorized_key_spec.rb +0 -228
  1395. data/spec/unit/type/sshkey_spec.rb +0 -75
  1396. data/spec/unit/type/vlan_spec.rb +0 -42
  1397. data/spec/unit/type/yumrepo_spec.rb +0 -476
  1398. data/spec/unit/type/zfs_spec.rb +0 -45
  1399. data/spec/unit/type/zone_spec.rb +0 -182
  1400. data/spec/unit/type/zpool_spec.rb +0 -108
  1401. data/spec/unit/util/nagios_maker_spec.rb +0 -121
  1402. data/spec/unit/util/network_device/cisco/device_spec.rb +0 -491
  1403. data/spec/unit/util/network_device/cisco/facts_spec.rb +0 -63
  1404. data/spec/unit/util/network_device/cisco/interface_spec.rb +0 -97
  1405. data/spec/unit/util/network_device/ipcalc_spec.rb +0 -61
  1406. data/spec/unit/util/network_device/transport/ssh_spec.rb +0 -252
  1407. data/spec/unit/util/network_device/transport/telnet_spec.rb +0 -90
@@ -84,46 +84,6 @@ class Puppet::Settings
84
84
  "puppet.conf"
85
85
  end
86
86
 
87
- def stringify_settings(section, settings = :all)
88
- values_from_the_selected_section =
89
- values(nil, section.to_sym)
90
-
91
- loader_settings = {
92
- :environmentpath => values_from_the_selected_section.interpolate(:environmentpath),
93
- :basemodulepath => values_from_the_selected_section.interpolate(:basemodulepath),
94
- }
95
-
96
- Puppet.override(Puppet.base_context(loader_settings),
97
- _("New environment loaders generated from the requested section.")) do
98
- # And now we can lookup values that include those from environments configured from
99
- # the requested section
100
- values = values(Puppet[:environment].to_sym, section.to_sym)
101
-
102
- to_be_rendered = {}
103
- settings = Puppet.settings.to_a.collect(&:first) if settings == :all
104
- settings.sort.each do |setting_name|
105
- to_be_rendered[setting_name] = values.print(setting_name.to_sym)
106
- end
107
-
108
- stringifyhash(to_be_rendered)
109
- end
110
- end
111
-
112
- def stringifyhash(hash)
113
- newhash = {}
114
- hash.each do |key, val|
115
- key = key.to_s
116
- if val.is_a? Hash
117
- newhash[key] = stringifyhash(val)
118
- elsif val.is_a? Symbol
119
- newhash[key] = val.to_s
120
- else
121
- newhash[key] = val
122
- end
123
- end
124
- newhash
125
- end
126
-
127
87
  # Create a new collection of config settings.
128
88
  def initialize
129
89
  @config = {}
@@ -295,7 +255,7 @@ class Puppet::Settings
295
255
  @global_defaults_initialized
296
256
  end
297
257
 
298
- def initialize_global_settings(args = [], require_config = true)
258
+ def initialize_global_settings(args = [])
299
259
  raise Puppet::DevError, _("Attempting to initialize global default settings more than once!") if global_defaults_initialized?
300
260
 
301
261
  # The first two phases of the lifecycle of a puppet application are:
@@ -304,7 +264,7 @@ class Puppet::Settings
304
264
  # 2) Parse the puppet config file(s).
305
265
 
306
266
  parse_global_options(args)
307
- parse_config_files(require_config)
267
+ parse_config_files
308
268
 
309
269
  @global_defaults_initialized = true
310
270
  end
@@ -630,19 +590,14 @@ class Puppet::Settings
630
590
  end
631
591
 
632
592
  # Parse the configuration file. Just provides thread safety.
633
- def parse_config_files(require_config = true)
593
+ def parse_config_files
634
594
  file = which_configuration_file
635
595
  if Puppet::FileSystem.exist?(file)
636
596
  begin
637
597
  text = read_file(file)
638
598
  rescue => detail
639
- message = _("Could not load %{file}: %{detail}") % { file: file, detail: detail}
640
- if require_config
641
- Puppet.log_and_raise(detail, message)
642
- else
643
- Puppet.log_exception(detail, message)
644
- return
645
- end
599
+ Puppet.log_exception(detail, "Could not load #{file}: #{detail}")
600
+ return
646
601
  end
647
602
  else
648
603
  return
@@ -1229,10 +1184,10 @@ Generated on #{Time.now}.
1229
1184
  if !Puppet::FileSystem.symlink?(configured_environment_path)
1230
1185
  parameters = { :ensure => 'directory' }
1231
1186
  unless Puppet::FileSystem.exist?(configured_environment_path)
1232
- parameters[:mode] = '0750'
1187
+ parameters.merge!(:mode => '0750')
1233
1188
  if Puppet.features.root?
1234
- parameters[:owner] = Puppet[:user] if service_user_available?
1235
- parameters[:group] = Puppet[:group] if service_group_available?
1189
+ parameters.merge!(:owner => Puppet[:user]) if service_user_available?
1190
+ parameters.merge!(:group => Puppet[:group]) if service_group_available?
1236
1191
  end
1237
1192
  end
1238
1193
  catalog.add_resource(Puppet::Resource.new(:file, configured_environment_path, :parameters => parameters))
@@ -1242,7 +1197,7 @@ Generated on #{Time.now}.
1242
1197
 
1243
1198
  def add_user_resources(catalog, sections)
1244
1199
  return unless Puppet.features.root?
1245
- return if Puppet.features.microsoft_windows?
1200
+ return if Puppet::Util::Platform.windows?
1246
1201
  return unless self[:mkusers]
1247
1202
 
1248
1203
  @config.each do |name, setting|
@@ -25,8 +25,7 @@ class Puppet::Settings::ConfigFile
25
25
  allowed_section_names << 'main' unless allowed_section_names.include?('main')
26
26
  end
27
27
 
28
- # in Ruby 1.9.3 strings are not UTF-8 by default, so ensure text is treated properly
29
- ini = Puppet::Settings::IniFile.parse(StringIO.new(text).set_encoding(Encoding::UTF_8))
28
+ ini = Puppet::Settings::IniFile.parse(text.encode(Encoding::UTF_8))
30
29
  unique_sections_in(ini, file, allowed_section_names).each do |section_name|
31
30
  section = Section.new(section_name.to_sym)
32
31
  result.with_section(section)
@@ -159,7 +159,6 @@ class Puppet::Settings::EnvironmentConf
159
159
 
160
160
  return valid
161
161
  end
162
- private_class_method :validate
163
162
 
164
163
  def get_setting(setting_name, default = nil)
165
164
  value = raw_setting(setting_name)
@@ -156,7 +156,7 @@ class Puppet::Settings::FileSetting < Puppet::Settings::StringSetting
156
156
  end
157
157
 
158
158
  # REMIND fails on Windows because chown/chgrp functionality not supported yet
159
- if Puppet.features.root? and !Puppet.features.microsoft_windows?
159
+ if Puppet.features.root? and !Puppet::Util::Platform.windows?
160
160
  resource[:owner] = self.owner if self.owner
161
161
  resource[:group] = self.group if self.group
162
162
  end
@@ -4,15 +4,6 @@ class Puppet::Settings::ServerListSetting < Puppet::Settings::ArraySetting
4
4
  :server_list
5
5
  end
6
6
 
7
- def print(value)
8
- if value.is_a?(Array)
9
- #turn into a string
10
- value.map {|item| item.join(":") }.join(",")
11
- else
12
- value
13
- end
14
- end
15
-
16
7
  def munge(value)
17
8
  servers = super
18
9
  servers.map! { |server|
@@ -4,7 +4,6 @@ require 'openssl'
4
4
 
5
5
  module Puppet::SSL # :nodoc:
6
6
  CA_NAME = "ca"
7
- require 'puppet/ssl/configuration'
8
7
  require 'puppet/ssl/host'
9
8
  require 'puppet/ssl/oids'
10
9
  require 'puppet/ssl/validator'
@@ -34,11 +34,6 @@ class Puppet::SSL::Base
34
34
 
35
35
  attr_accessor :name, :content
36
36
 
37
- # Is this file for the CA?
38
- def ca?
39
- name == Puppet::SSL::Host.ca_name
40
- end
41
-
42
37
  def generate
43
38
  raise Puppet::DevError, _("%{class_name} did not override 'generate'") % { class_name: self.class }
44
39
  end
@@ -86,18 +81,15 @@ class Puppet::SSL::Base
86
81
 
87
82
  # Read content from disk appropriately.
88
83
  def read(path)
89
- # applies to Puppet::SSL::Certificate, Puppet::SSL::CertificateRequest, Puppet::SSL::CertificateRevocationList
84
+ # applies to Puppet::SSL::Certificate, Puppet::SSL::CertificateRequest
90
85
  # Puppet::SSL::Key uses this, but also provides its own override
91
86
  # nothing derives from Puppet::SSL::Certificate, but it is called by a number of other SSL Indirectors:
92
- # Puppet::SSL::Certificate::DisabledCa (:find, :save, :destroy)
93
87
  # Puppet::Indirector::CertificateStatus::File (.indirection.find)
94
88
  # Puppet::Network::HTTP::WEBrick (.indirection.find)
95
89
  # Puppet::Network::HTTP::RackREST (.from_instance)
96
90
  # Puppet::Network::HTTP::WEBrickREST (.from_instance)
97
- # Puppet::SSL::CertificateAuthority (.new, .indirection.find, .indirection.save)
98
91
  # Puppet::SSL::Host (.indirection.find)
99
92
  # Puppet::SSL::Inventory (.indirection.search, implements its own add / rebuild / serials with encoding UTF8)
100
- # Puppet::SSL::CertificateAuthority::Interface (.indirection.find)
101
93
  # Puppet::SSL::Validator::DefaultValidator (.from_instance) / Puppet::SSL::Validator::NoValidator does nothing
102
94
  @content = wrapped_class.new(Puppet::FileSystem.read(path, :encoding => Encoding::ASCII))
103
95
  end
@@ -21,12 +21,16 @@ DOC
21
21
  [:s]
22
22
  end
23
23
 
24
- def subject_alt_names
25
- alts = content.extensions.find{|ext| ext.oid == "subjectAltName"}
24
+ def self.subject_alt_names_for(cert)
25
+ alts = cert.extensions.find{|ext| ext.oid == "subjectAltName"}
26
26
  return [] unless alts
27
27
  alts.value.split(/\s*,\s*/)
28
28
  end
29
29
 
30
+ def subject_alt_names
31
+ self.class.subject_alt_names_for(content)
32
+ end
33
+
30
34
  def expiration
31
35
  return nil unless content
32
36
  content.not_after
@@ -50,8 +54,7 @@ DOC
50
54
  def custom_extensions
51
55
  custom_exts = content.extensions.select do |ext|
52
56
  Puppet::SSL::Oids.subtree_of?('ppRegCertExt', ext.oid) or
53
- Puppet::SSL::Oids.subtree_of?('ppPrivCertExt', ext.oid) or
54
- Puppet::SSL::Oids.subtree_of?('ppAuthCertExt', ext.oid)
57
+ Puppet::SSL::Oids.subtree_of?('ppPrivCertExt', ext.oid)
55
58
  end
56
59
 
57
60
  custom_exts.map do |ext|
@@ -30,19 +30,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
30
30
 
31
31
  extend Puppet::Indirector
32
32
 
33
- # If auto-signing is on, sign any certificate requests as they are saved.
34
- module AutoSigner
35
- def save(instance, key = nil)
36
- super
37
-
38
- # Try to autosign the CSR.
39
- if ca = Puppet::SSL::CertificateAuthority.instance
40
- ca.autosign(instance)
41
- end
42
- end
43
- end
44
-
45
- indirects :certificate_request, :terminus_class => :file, :extend => AutoSigner, :doc => <<DOC
33
+ indirects :certificate_request, :terminus_class => :file, :doc => <<DOC
46
34
  This indirection wraps an `OpenSSL::X509::Request` object, representing a certificate signing request (CSR).
47
35
  The indirection key is the certificate CN (generally a hostname).
48
36
  DOC
@@ -103,7 +91,11 @@ DOC
103
91
  raise Puppet::Error, _("CSR sign verification failed; you need to clean the certificate request for %{name} on the server") % { name: name } unless csr.verify(key.public_key)
104
92
 
105
93
  @content = csr
106
- Puppet.info _("Certificate Request fingerprint (%{digest}): %{hex_digest}") % { digest: digest.name, hex_digest: digest.to_hex }
94
+
95
+ # we won't be able to get the digest on jruby
96
+ if @content.signature_algorithm
97
+ Puppet.info _("Certificate Request fingerprint (%{digest}): %{hex_digest}") % { digest: digest.name, hex_digest: digest.to_hex }
98
+ end
107
99
  @content
108
100
  end
109
101
 
@@ -21,7 +21,7 @@ class Puppet::SSL::CertificateRequestAttributes
21
21
  def load
22
22
  Puppet.info(_("csr_attributes file loading from %{path}") % { path: path })
23
23
  if Puppet::FileSystem.exist?(path)
24
- hash = Puppet::Util::Yaml.load_file(path, {})
24
+ hash = Puppet::Util::Yaml.safe_load_file(path, [Symbol]) || {}
25
25
  if ! hash.is_a?(Hash)
26
26
  raise Puppet::Error, _("invalid CSR attributes, expected instance of Hash, received instance of %{klass}") % { klass: hash.class }
27
27
  end
@@ -1,10 +1,18 @@
1
- require 'puppet/indirector'
2
1
  require 'puppet/ssl'
3
2
  require 'puppet/ssl/key'
4
3
  require 'puppet/ssl/certificate'
5
4
  require 'puppet/ssl/certificate_request'
6
- require 'puppet/ssl/certificate_revocation_list'
7
5
  require 'puppet/ssl/certificate_request_attributes'
6
+ require 'puppet/rest/errors'
7
+ require 'puppet/rest/routes'
8
+ require 'puppet/rest/ssl_context'
9
+ begin
10
+ # This may fail when being loaded from Puppet Server. However loading the
11
+ # client monkey patches the SSL Store and we need to have those monkey
12
+ # patches in as soon as possible on the agent.
13
+ require 'puppet/rest/client'
14
+ rescue LoadError
15
+ end
8
16
 
9
17
  # The class that manages all aspects of our SSL certificates --
10
18
  # private keys, public keys, requests, etc.
@@ -14,21 +22,10 @@ class Puppet::SSL::Host
14
22
  CA_NAME = Puppet::SSL::CA_NAME
15
23
  Certificate = Puppet::SSL::Certificate
16
24
  CertificateRequest = Puppet::SSL::CertificateRequest
17
- CertificateRevocationList = Puppet::SSL::CertificateRevocationList
18
-
19
- extend Puppet::Indirector
20
- indirects :certificate_status, :terminus_class => :file, :doc => <<DOC
21
- This indirection represents the host that ties a key, certificate, and certificate request together.
22
- The indirection key is the certificate CN (generally a hostname).
23
- DOC
24
-
25
- attr_reader :name
26
- attr_accessor :ca
27
25
 
28
- attr_writer :key, :certificate, :certificate_request
26
+ attr_reader :name, :crl_path
29
27
 
30
- # This accessor is used in instances for indirector requests to hold desired state
31
- attr_accessor :desired_state
28
+ attr_writer :key, :certificate, :certificate_request, :crl_usage
32
29
 
33
30
  def self.localhost
34
31
  return @localhost if @localhost
@@ -42,28 +39,10 @@ DOC
42
39
  @localhost = nil
43
40
  end
44
41
 
45
- # This is the constant that people will use to mark that a given host is
46
- # a certificate authority.
47
- def self.ca_name
48
- CA_NAME
49
- end
50
-
51
- class << self
52
- attr_reader :ca_location
53
- end
54
-
55
42
  # Configure how our various classes interact with their various terminuses.
56
43
  def self.configure_indirection(terminus, cache = nil)
57
44
  Certificate.indirection.terminus_class = terminus
58
45
  CertificateRequest.indirection.terminus_class = terminus
59
- CertificateRevocationList.indirection.terminus_class = terminus
60
-
61
- host_map = {:ca => :file, :disabled_ca => nil, :file => nil, :rest => :rest}
62
- if term = host_map[terminus]
63
- self.indirection.terminus_class = term
64
- else
65
- self.indirection.reset_terminus_class
66
- end
67
46
 
68
47
  if cache
69
48
  # This is weird; we don't actually cache our keys, we
@@ -77,7 +56,6 @@ DOC
77
56
  if cache
78
57
  Certificate.indirection.cache_class = cache
79
58
  CertificateRequest.indirection.cache_class = cache
80
- CertificateRevocationList.indirection.cache_class = cache
81
59
  else
82
60
  # Make sure we have no cache configured. puppet master
83
61
  # switches the configurations around a bit, so it's important
@@ -85,39 +63,9 @@ DOC
85
63
  # time.
86
64
  Certificate.indirection.cache_class = nil
87
65
  CertificateRequest.indirection.cache_class = nil
88
- CertificateRevocationList.indirection.cache_class = nil
89
66
  end
90
67
  end
91
68
 
92
- CA_MODES = {
93
- # Our ca is local, so we use it as the ultimate source of information
94
- # And we cache files locally.
95
- :local => [:ca, :file],
96
- # We're a remote CA client.
97
- :remote => [:rest, :file],
98
- # We are the CA, so we don't have read/write access to the normal certificates.
99
- :only => [:ca],
100
- # We have no CA, so we just look in the local file store.
101
- :none => [:disabled_ca]
102
- }
103
-
104
- # Specify how we expect to interact with our certificate authority.
105
- def self.ca_location=(mode)
106
- modes = CA_MODES.collect { |m, vals| m.to_s }.join(", ")
107
- raise ArgumentError, _("CA Mode can only be one of: %{modes}") % { modes: modes } unless CA_MODES.include?(mode)
108
-
109
- @ca_location = mode
110
-
111
- configure_indirection(*CA_MODES[@ca_location])
112
- end
113
-
114
- # Puppet::SSL::Host is actually indirected now so the original implementation
115
- # has been moved into the certificate_status indirector. This method is in-use
116
- # in `puppet cert -c <certname>`.
117
- def self.destroy(name)
118
- indirection.destroy(name)
119
- end
120
-
121
69
  def self.from_data_hash(data)
122
70
  instance = new(data["name"])
123
71
  if data["desired_state"]
@@ -126,18 +74,6 @@ DOC
126
74
  instance
127
75
  end
128
76
 
129
- # Puppet::SSL::Host is actually indirected now so the original implementation
130
- # has been moved into the certificate_status indirector. This method does not
131
- # appear to be in use in `puppet cert -l`.
132
- def self.search(options = {})
133
- indirection.search("*", options)
134
- end
135
-
136
- # Is this a ca host, meaning that all of its files go in the CA location?
137
- def ca?
138
- ca
139
- end
140
-
141
77
  def key
142
78
  @key ||= Key.indirection.find(name)
143
79
  end
@@ -156,10 +92,6 @@ DOC
156
92
  true
157
93
  end
158
94
 
159
- def certificate_request
160
- @certificate_request ||= CertificateRequest.indirection.find(name)
161
- end
162
-
163
95
  # Our certificate request requires the key but that's all.
164
96
  def generate_certificate_request(options = {})
165
97
  generate_key unless key
@@ -169,8 +101,6 @@ DOC
169
101
  # ...add our configured dns_alt_names
170
102
  if Puppet[:dns_alt_names] and Puppet[:dns_alt_names] != ''
171
103
  options[:dns_alt_names] ||= Puppet[:dns_alt_names]
172
- elsif Puppet::SSL::CertificateAuthority.ca? and fqdn = Facter.value(:fqdn) and domain = Facter.value(:domain)
173
- options[:dns_alt_names] = "puppet, #{fqdn}, puppet.#{domain}"
174
104
  end
175
105
  end
176
106
 
@@ -183,7 +113,8 @@ DOC
183
113
  @certificate_request = CertificateRequest.new(name)
184
114
  @certificate_request.generate(key.content, options)
185
115
  begin
186
- CertificateRequest.indirection.save(@certificate_request)
116
+ submit_certificate_request(@certificate_request)
117
+ save_certificate_request(@certificate_request)
187
118
  rescue
188
119
  @certificate_request = nil
189
120
  raise
@@ -192,25 +123,38 @@ DOC
192
123
  true
193
124
  end
194
125
 
126
+ def http_client(ssl_context)
127
+ Puppet::Rest::Client.new(ssl_context: ssl_context)
128
+ end
129
+
195
130
  def certificate
196
131
  unless @certificate
197
132
  generate_key unless key
198
133
 
199
134
  # get the CA cert first, since it's required for the normal cert
200
- # to be of any use.
201
- return nil unless Certificate.indirection.find("ca", :fail_on_404 => true) unless ca?
202
- return nil unless @certificate = Certificate.indirection.find(name)
135
+ # to be of any use. If we can't get it, quit.
136
+ if !ensure_ca_certificate
137
+ return nil
138
+ end
139
+
140
+ cert = get_host_certificate
141
+ return nil unless cert
203
142
 
204
- validate_certificate_with_key
143
+ validate_certificate_with_key(cert)
144
+ @certificate = cert
205
145
  end
206
146
  @certificate
207
147
  end
208
148
 
209
- def validate_certificate_with_key
210
- raise Puppet::Error, _("No certificate to validate.") unless certificate
211
- raise Puppet::Error, _("No private key with which to validate certificate with fingerprint: %{fingerprint}") % { fingerprint: certificate.fingerprint } unless key
212
- unless certificate.content.check_private_key(key.content)
213
- raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: certificate.fingerprint, cert_name: Puppet[:certname], ssl_dir: Puppet[:ssldir], cert_dir: Puppet[:certdir].tr('/', '\\') }
149
+ # Validate that our private key matches the specified certificate.
150
+ #
151
+ # @param [Puppet::SSL::Certificate] cert the certificate to check
152
+ # @raises [Puppet::Error] if the private key does not match
153
+ def validate_certificate_with_key(cert)
154
+ raise Puppet::Error, _("No certificate to validate.") unless cert
155
+ raise Puppet::Error, _("No private key with which to validate certificate with fingerprint: %{fingerprint}") % { fingerprint: cert.fingerprint } unless key
156
+ unless cert.content.check_private_key(key.content)
157
+ raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: cert.fingerprint, cert_name: Puppet[:certname], ssl_dir: Puppet[:ssldir], cert_dir: Puppet[:certdir].gsub('/', '\\') }
214
158
  The certificate retrieved from the master does not match the agent's private key. Did you forget to run as root?
215
159
  Certificate fingerprint: %{fingerprint}
216
160
  To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certificate.
@@ -224,18 +168,93 @@ ERROR_STRING
224
168
  end
225
169
  end
226
170
 
171
+ def download_host_certificate
172
+ cert = download_certificate_from_ca(name)
173
+ return nil unless cert
174
+
175
+ validate_certificate_with_key(cert)
176
+ save_host_certificate(cert)
177
+ cert
178
+ end
179
+
180
+ # Search for an existing CSR for this host either cached on
181
+ # disk or stored by the CA. Returns nil if no request exists.
182
+ # @return [Puppet::SSL::CertificateRequest, nil]
183
+ def certificate_request
184
+ unless @certificate_request
185
+ if csr = load_certificate_request_from_file
186
+ @certificate_request = csr
187
+ elsif csr = download_csr_from_ca
188
+ @certificate_request = csr
189
+ end
190
+ end
191
+ @certificate_request
192
+ end
193
+
227
194
  # Generate all necessary parts of our ssl host.
228
195
  def generate
229
196
  generate_key unless key
230
- # ask indirector to find any existing requests and download them
197
+
231
198
  existing_request = certificate_request
232
199
 
233
200
  # if CSR downloaded from master, but the local keypair was just generated and
234
201
  # does not match the public key in the CSR, fail hard
235
- if !existing_request.nil? &&
236
- (key.content.public_key.to_s != existing_request.content.public_key.to_s)
202
+ validate_csr_with_key(existing_request, key) if existing_request
203
+
204
+ generate_certificate_request unless existing_request
205
+ end
237
206
 
238
- raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: existing_request.fingerprint, csr_public_key: existing_request.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, cert_name: Puppet[:certname], ssl_dir: Puppet[:ssldir], cert_dir: Puppet[:certdir].tr('/', '\\') }
207
+ # Generate a keypair, generate a CSR, and submit it. If a local key pair
208
+ # already exists it will be used to generate the CSR. If a local CSR already
209
+ # exists and matches the key then the existing CSR will be submitted. If the
210
+ # CSR and key do not match an exception will be raised.
211
+ #
212
+ # @return [Puppet::SSL::CertificateRequest, nil]
213
+ def submit_request
214
+ generate_key unless key
215
+
216
+ csr = load_certificate_request_from_file
217
+ if csr
218
+ if key.content.public_key.to_s != csr.content.public_key.to_s
219
+ Puppet.warning("The local CSR does not match the agent's public key. Generating a new CSR.")
220
+
221
+ request_path = certificate_request_location(name)
222
+ Puppet::FileSystem.unlink(request_path)
223
+ csr = nil
224
+ end
225
+ end
226
+
227
+ if csr
228
+ validate_csr_with_key(csr, key)
229
+ submit_certificate_request(csr)
230
+ @certificate_request = csr
231
+ else
232
+ generate_certificate_request
233
+ end
234
+
235
+ @certificate_request
236
+ end
237
+
238
+ def validate_local_csr_with_key(csr, key)
239
+ if key.content.public_key.to_s != csr.content.public_key.to_s
240
+ raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, cert_name: Puppet[:certname], ssl_dir: Puppet[:ssldir], cert_dir: Puppet[:certdir].gsub('/', '\\') }
241
+ The local CSR does not match the agent's public key.
242
+ CSR fingerprint: %{fingerprint}
243
+ CSR public key: %{csr_public_key}
244
+ Agent public key: %{agent_public_key}
245
+ To fix this, remove the CSR from the agent and then start a puppet run, which will automatically regenerate a CSR.
246
+ On the agent:
247
+ 1a. On most platforms: find %{ssl_dir} -name %{cert_name}.pem -delete
248
+ 1b. On Windows: del "%{cert_dir}\\%{cert_name}.pem" /f
249
+ 2. puppet agent -t
250
+ ERROR_STRING
251
+ end
252
+ end
253
+ private :validate_local_csr_with_key
254
+
255
+ def validate_csr_with_key(csr, key)
256
+ if key.content.public_key.to_s != csr.content.public_key.to_s
257
+ raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, cert_name: Puppet[:certname], ssl_dir: Puppet[:ssldir], cert_dir: Puppet[:certdir].gsub('/', '\\') }
239
258
  The CSR retrieved from the master does not match the agent's public key.
240
259
  CSR fingerprint: %{fingerprint}
241
260
  CSR public key: %{csr_public_key}
@@ -249,21 +268,15 @@ On the agent:
249
268
  2. puppet agent -t
250
269
  ERROR_STRING
251
270
  end
252
- generate_certificate_request unless existing_request
253
-
254
- # If we can get a CA instance, then we're a valid CA, and we
255
- # should use it to sign our request; else, just try to read
256
- # the cert.
257
- if ! certificate and ca = Puppet::SSL::CertificateAuthority.instance
258
- ca.sign(self.name, {allow_dns_alt_names: true})
259
- end
260
271
  end
272
+ private :validate_csr_with_key
261
273
 
262
274
  def initialize(name = nil)
263
275
  @name = (name || Puppet[:certname]).downcase
264
276
  Puppet::SSL::Base.validate_certname(@name)
265
277
  @key = @certificate = @certificate_request = nil
266
- @ca = (name == self.class.ca_name)
278
+ @crl_usage = Puppet.settings[:certificate_revocation]
279
+ @crl_path = Puppet.settings[:hostcrl]
267
280
  end
268
281
 
269
282
  # Extract the public key from the private key.
@@ -271,6 +284,14 @@ ERROR_STRING
271
284
  key.content.public_key
272
285
  end
273
286
 
287
+ def use_crl?
288
+ !!@crl_usage
289
+ end
290
+
291
+ def use_crl_chain?
292
+ @crl_usage == true || @crl_usage == :chain
293
+ end
294
+
274
295
  # Create/return a store that uses our SSL info to validate
275
296
  # connections.
276
297
  def ssl_store(purpose = OpenSSL::X509::PURPOSE_ANY)
@@ -280,49 +301,6 @@ ERROR_STRING
280
301
  @ssl_store
281
302
  end
282
303
 
283
- def to_data_hash
284
- my_cert = Puppet::SSL::Certificate.indirection.find(name)
285
- result = { 'name' => name }
286
-
287
- my_state = state
288
-
289
- result['state'] = my_state
290
- result['desired_state'] = desired_state if desired_state
291
-
292
- thing_to_use = (my_state == 'requested') ? certificate_request : my_cert
293
-
294
- # this is for backwards-compatibility
295
- # we should deprecate it and transition people to using
296
- # json[:fingerprints][:default]
297
- # It appears that we have no internal consumers of this api
298
- # --jeffweiss 30 aug 2012
299
- result['fingerprint'] = thing_to_use.fingerprint
300
-
301
- # The above fingerprint doesn't tell us what message digest algorithm was used
302
- # No problem, except that the default is changing between 2.7 and 3.0. Also, as
303
- # we move to FIPS 140-2 compliance, MD5 is no longer allowed (and, gasp, will
304
- # segfault in rubies older than 1.9.3)
305
- # So, when we add the newer fingerprints, we're explicit about the hashing
306
- # algorithm used.
307
- # --jeffweiss 31 july 2012
308
- result['fingerprints'] = {}
309
- result['fingerprints']['default'] = thing_to_use.fingerprint
310
-
311
- suitable_message_digest_algorithms.each do |md|
312
- result['fingerprints'][md.to_s] = thing_to_use.fingerprint md
313
- end
314
- result['dns_alt_names'] = thing_to_use.subject_alt_names
315
-
316
- result
317
- end
318
-
319
- # eventually we'll probably want to move this somewhere else or make it
320
- # configurable
321
- # --jeffweiss 29 aug 2012
322
- def suitable_message_digest_algorithms
323
- [:SHA1, :SHA224, :SHA256, :SHA384, :SHA512]
324
- end
325
-
326
304
  # Attempt to retrieve a cert, if we don't already have one.
327
305
  def wait_for_cert(time)
328
306
  begin
@@ -345,7 +323,7 @@ ERROR_STRING
345
323
  exit(1)
346
324
  end
347
325
 
348
- loop do
326
+ while true
349
327
  sleep time
350
328
  begin
351
329
  break if certificate
@@ -356,45 +334,293 @@ ERROR_STRING
356
334
  end
357
335
  end
358
336
 
359
- def state
360
- if certificate_request
361
- return 'requested'
337
+ # Saves the given certificate to disc, at a location determined by this
338
+ # host's configuration.
339
+ # @param [Puppet::SSL::Certificate] cert the cert to save
340
+ def save_host_certificate(cert)
341
+ file_path = certificate_location(name)
342
+ Puppet::Util.replace_file(file_path, 0644) do |f|
343
+ f.write(cert.to_s)
344
+ end
345
+ end
346
+
347
+ private
348
+
349
+ # Load a previously generated CSR from disk
350
+ # @return [Puppet::SSL::CertificateRequest, nil]
351
+ def load_certificate_request_from_file
352
+ request_path = certificate_request_location(name)
353
+ if Puppet::FileSystem.exist?(request_path)
354
+ Puppet::SSL::CertificateRequest.from_s(Puppet::FileSystem.read(request_path))
362
355
  end
356
+ end
363
357
 
358
+ # Download the CSR for this host from the CA. Returns nil if the CA
359
+ # has no saved CSR for this host.
360
+ # @raises [Puppet::Error] if the response from the server is not a valid
361
+ # CSR or an error occurs while fetching.
362
+ # @return [Puppet::SSL::CertificateRequest, nil]
363
+ def download_csr_from_ca
364
364
  begin
365
- Puppet::SSL::CertificateAuthority.new.verify(name)
366
- return 'signed'
367
- rescue Puppet::SSL::CertificateAuthority::CertificateVerificationError
368
- return 'revoked'
365
+ body = Puppet::Rest::Routes.get_certificate_request(
366
+ name, Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_PEER, ssl_store))
367
+ begin
368
+ Puppet::SSL::CertificateRequest.from_s(body)
369
+ rescue OpenSSL::X509::RequestError => e
370
+ raise Puppet::Error, _("Response from the CA did not contain a valid certificate request: %{message}") % { message: e.message }
371
+ end
372
+ rescue Puppet::Rest::ResponseError => e
373
+ if e.response.code.to_i == 404
374
+ nil
375
+ else
376
+ raise Puppet::Error, _('Could not download certificate request: %{message}') % { message: e.message }
377
+ end
369
378
  end
370
379
  end
380
+ # Submit the CSR to the CA via an HTTP PUT request.
381
+ # @param [Puppet::SSL::CertificateRequest] csr the request to submit
382
+ def submit_certificate_request(csr)
383
+ Puppet::Rest::Routes.put_certificate_request(
384
+ csr.render, name, Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_PEER, ssl_store))
385
+ end
371
386
 
372
- private
387
+ def save_certificate_request(csr)
388
+ Puppet::Util.replace_file(certificate_request_location(name), 0644) do |file|
389
+ file.write(csr.render)
390
+ end
391
+ end
392
+
393
+ # @param crl_string [String] CRLs read from disk or obtained from server
394
+ # @return [Array<OpenSSL::X509::CRL>] CRLs from chain
395
+ # @raise [Puppet::Error<OpenSSL::X509::CRLError>] if the CRL chain is malformed
396
+ def process_crl_string(crl_string)
397
+ delimiters = /-----BEGIN X509 CRL-----.*?-----END X509 CRL-----/m
398
+ crl_string.scan(delimiters).map do |crl|
399
+ begin
400
+ OpenSSL::X509::CRL.new(crl)
401
+ rescue OpenSSL::X509::CRLError => e
402
+ raise Puppet::Error.new(
403
+ _("Failed attempting to load CRL from %{crl_path}! The CRL below caused the error '%{error}':\n%{crl}" % {crl_path: crl_path, error: e.message, crl: crl}),
404
+ e)
405
+ end
406
+ end
407
+ end
408
+
409
+ # @param path [String] Path to CRL Chain
410
+ # @return [Array<OpenSSL::X509::CRL>] CRLs from chain
411
+ # @raise [Puppet::Error<OpenSSL::X509::CRLError>] if the CRL chain is malformed
412
+ def load_crls(path)
413
+ crls_pems = Puppet::FileSystem.read(path, encoding: Encoding::UTF_8)
414
+ process_crl_string(crls_pems)
415
+ end
416
+
417
+ # Ensures that the CA certificate is available for either generating or
418
+ # validating the host's cert.
419
+ # It will first check on disk, then try to download it.
420
+ # @raise [Puppet::Error] if text form of found certificate bundle is invalid
421
+ # and cannot be loaded into cert objects
422
+ # @return [Boolean] true if the CA certificate was found, false otherwise
423
+ def ensure_ca_certificate
424
+ file_path = certificate_location(CA_NAME)
425
+ if Puppet::FileSystem.exist?(file_path)
426
+ begin
427
+ # This load ensures that the file contents is a valid cert bundle.
428
+ # If the text is malformed, load_certificate_bundle will raise.
429
+ load_certificate_bundle(Puppet::FileSystem.read(file_path))
430
+ rescue Puppet::Error => e
431
+ raise Puppet::Error, _("The CA certificate at %{file_path} is invalid: %{message}") % { file_path: file_path, message: e.message }
432
+ end
433
+ else
434
+ bundle = download_ca_certificate_bundle
435
+ if bundle
436
+ save_bundle(bundle, certificate_location(CA_NAME))
437
+ true
438
+ else
439
+ false
440
+ end
441
+ end
442
+ end
443
+ public :ensure_ca_certificate
444
+
445
+ # Creates an arry of SSL Certificate objects from a PEM-encoding string
446
+ # of one or more certs.
447
+ # @param [String] bundle_string PEM-encoded string of certs
448
+ # @return [[OpenSSL::X509::Certificate], nil] the certs loaded from the
449
+ # input string, or nil if none could be loaded
450
+ def load_certificate_bundle(bundle_string)
451
+ delimiters = /-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m
452
+ certs = bundle_string.scan(delimiters)
453
+
454
+ if certs.empty?
455
+ raise Puppet::Error, _("No valid PEM-encoded certificates.")
456
+ end
457
+
458
+ certs.map do |cert|
459
+ begin
460
+ OpenSSL::X509::Certificate.new(cert)
461
+ rescue OpenSSL::X509::CertificateError => e
462
+ raise Puppet::Error, _("Could not parse certificate: %{message}") % { message: e.message }
463
+ end
464
+ end
465
+ end
466
+
467
+ # Fetches and saves the crl bundle from the CA server without validating
468
+ # its contents. Takes an optional store to use with the http_client,
469
+ # necessary for initial download of the CRL because `build_ssl_store`
470
+ # calls this `download_and_save_crl_bundle`. If there is an error during
471
+ # this downloading process, the file should not be replaced at all. This
472
+ # streams the file directly to disk to avoid loading the entire CRL in memory.
473
+ # @param [OpenSSL::X509::Store] store optional ssl_store to use with http_client
474
+ # @raise [Puppet::Error<Puppet::Rest::ResponseError>] if bad response from server
475
+ # @return nil
476
+ def download_and_save_crl_bundle(store=nil)
477
+ begin
478
+ # If no SSL store was supplied, use this host's SSL store
479
+ store ||= ssl_store
480
+ Puppet::Util.replace_file(crl_path, 0644) do |file|
481
+ result = Puppet::Rest::Routes.get_crls(CA_NAME, Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_PEER, store))
482
+ file.write(result)
483
+ end
484
+ rescue Puppet::Rest::ResponseError => e
485
+ raise Puppet::Error, _('Could not download CRLs: %{message}') % { message: e.message }
486
+ end
487
+ end
488
+
489
+ # Fetches the CA certificate bundle from the CA server
490
+ # @raise [Puppet::Error] if response from the server is not a valid certificate
491
+ # bundle
492
+ # @return [[OpenSSL::X509::Certificate]] the certs loaded from the response
493
+ def download_ca_certificate_bundle
494
+ begin
495
+ cert_bundle = Puppet::Rest::Routes.get_certificate(
496
+ CA_NAME,
497
+ Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_NONE)
498
+ )
499
+ # This load ensures that the response body is a valid cert bundle.
500
+ # If the text is malformed, load_certificate_bundle will raise.
501
+ begin
502
+ load_certificate_bundle(cert_bundle)
503
+ rescue Puppet::Error => e
504
+ raise Puppet::Error, _("Response from the CA did not contain a valid CA certificate: %{message}") % { message: e.message }
505
+ end
506
+ rescue Puppet::Rest::ResponseError => e
507
+ raise Puppet::Error, _('Could not download CA certificate: %{message}') % { message: e.message }
508
+ end
509
+ end
510
+
511
+ # Saves the given bundle to disk to a specified file path.
512
+ # @param bundle [[OpenSSL::X509::Certificate/CRL]] the certs to save
513
+ # @param location [String] place on disk to save bundle
514
+ def save_bundle(cert_bundle, location)
515
+ Puppet::Util.replace_file(location, 0644) do |f|
516
+ bundle_string = cert_bundle.map(&:to_pem).join("\n")
517
+ f.write(bundle_string)
518
+ end
519
+ end
520
+
521
+ # Attempts to load or fetch this host's certificate. Returns nil if
522
+ # no certificate could be found.
523
+ # @return [Puppet::SSL::Certificate, nil]
524
+ def get_host_certificate
525
+ if cert = check_for_certificate_on_disk(name)
526
+ return cert
527
+ elsif cert = download_certificate_from_ca(name)
528
+ save_host_certificate(cert)
529
+ return cert
530
+ else
531
+ return nil
532
+ end
533
+ end
373
534
 
374
- def build_ssl_store(purpose)
535
+ # Checks for the requested certificate on disc, at a location
536
+ # determined by this host's configuration.
537
+ # @name [String] name the name of the cert to look for
538
+ # @raise [Puppet::Error] if contents of certificate file is invalid
539
+ # and could not be loaded
540
+ # @return [Puppet::SSL::Certificate, nil]
541
+ def check_for_certificate_on_disk(cert_name)
542
+ file_path = certificate_location(cert_name)
543
+ if Puppet::FileSystem.exist?(file_path)
544
+ begin
545
+ Puppet::SSL::Certificate.from_s(Puppet::FileSystem.read(file_path))
546
+ rescue OpenSSL::X509::CertificateError
547
+ raise Puppet::Error, _("The certificate at %{file_path} is invalid. Could not load.") % { file_path: file_path }
548
+ end
549
+ end
550
+ end
551
+ public :check_for_certificate_on_disk
552
+
553
+ # Attempts to download this host's certificate from the CA server.
554
+ # Returns nil if the CA does not yet have a signed cert for this host.
555
+ # @param [String] name then name of the cert to fetch
556
+ # @raise [Puppet::Error] if response from the CA does not contain a valid
557
+ # certificate
558
+ # @return [Puppet::SSL::Certificate, nil]
559
+ def download_certificate_from_ca(cert_name)
560
+ begin
561
+ cert = Puppet::Rest::Routes.get_certificate(
562
+ cert_name,
563
+ Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_PEER, ssl_store)
564
+ )
565
+ begin
566
+ Puppet::SSL::Certificate.from_s(cert)
567
+ rescue OpenSSL::X509::CertificateError
568
+ raise Puppet::Error, _("Response from the CA did not contain a valid certificate for %{cert_name}.") % { cert_name: cert_name }
569
+ end
570
+ rescue Puppet::Rest::ResponseError => e
571
+ if e.response.code.to_i == 404
572
+ Puppet.debug _("No certificate for %{cert_name} on CA") % { cert_name: cert_name }
573
+ nil
574
+ else
575
+ raise Puppet::Rest::ResponseError, _("Could not download host certificate: %{message}") % { message: e.message }
576
+ end
577
+ end
578
+ end
579
+
580
+ # Returns the file path for the named certificate, based on this host's
581
+ # configuration.
582
+ # @param [String] name the name of the cert to find
583
+ # @return [String] file path to the cert's location
584
+ def certificate_location(cert_name)
585
+ cert_name == CA_NAME ? Puppet[:localcacert] : File.join(Puppet[:certdir], "#{cert_name}.pem")
586
+ end
587
+
588
+ # Returns the file path for the named CSR, based on this host's configuration.
589
+ # @param [String] name the name of the CSR to find
590
+ # @return [String] file path to the CSR's location
591
+ def certificate_request_location(cert_name)
592
+ File.join(Puppet[:requestdir], "#{cert_name}.pem")
593
+ end
594
+
595
+ # @param [OpenSSL::X509::PURPOSE_*] constant defining the kinds of certs
596
+ # this store can verify
597
+ # @return [OpenSSL::X509::Store]
598
+ # @raise [OpenSSL::X509::StoreError] if localcacert is malformed or non-existant
599
+ # @raise [Puppet::Error] if the CRL chain is malformed
600
+ # @raise [Errno::ENOENT] if the CRL does not exist on disk but use_crl? is true
601
+ def build_ssl_store(purpose=OpenSSL::X509::PURPOSE_ANY)
375
602
  store = OpenSSL::X509::Store.new
376
603
  store.purpose = purpose
377
604
 
378
605
  # Use the file path here, because we don't want to cause
379
606
  # a lookup in the middle of setting our ssl connection.
380
- store.add_file(Puppet[:localcacert])
381
-
382
- # If we're doing revocation and there's a CRL, add it to our store.
383
- if Puppet.lookup(:certificate_revocation)
384
- if crl = Puppet::SSL::CertificateRevocationList.indirection.find(CA_NAME)
385
- flags = OpenSSL::X509::V_FLAG_CRL_CHECK
386
- if Puppet.lookup(:certificate_revocation) == :chain
387
- flags |= OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
388
- end
389
-
390
- store.flags = flags
391
- store.add_crl(crl.content)
392
- else
393
- Puppet.debug _("Certificate revocation checking is enabled but a CRL cannot be found; CRL checking will not be performed.")
607
+ store.add_file(Puppet.settings[:localcacert])
608
+
609
+ if use_crl?
610
+ if !Puppet::FileSystem.exist?(crl_path)
611
+ download_and_save_crl_bundle(store)
394
612
  end
613
+
614
+ crls = load_crls(crl_path)
615
+
616
+ flags = OpenSSL::X509::V_FLAG_CRL_CHECK
617
+ if use_crl_chain?
618
+ flags |= OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
619
+ end
620
+
621
+ store.flags = flags
622
+ crls.each {|crl| store.add_crl(crl) }
395
623
  end
396
624
  store
397
625
  end
398
626
  end
399
-
400
- require 'puppet/ssl/certificate_authority'