puppet 5.5.22-x64-mingw32 → 6.0.0-x64-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (1407) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +46 -72
  3. data/Gemfile.lock +86 -102
  4. data/MAINTAINERS +47 -0
  5. data/Rakefile +15 -19
  6. data/ext/build_defaults.yaml +0 -1
  7. data/ext/cert_inspector +3 -3
  8. data/ext/debian/copyright +0 -22
  9. data/ext/project_data.yaml +8 -10
  10. data/ext/puppet-test +2 -2
  11. data/ext/redhat/puppet.spec.erb +0 -4
  12. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  13. data/ext/solaris/smf/puppet.xml +0 -2
  14. data/ext/solaris/smf/svc-puppetd +1 -8
  15. data/ext/solaris/smf/svc-puppetmasterd +1 -8
  16. data/ext/windows/eventlog/Rakefile +32 -0
  17. data/ext/windows/eventlog/puppetres.dll +0 -0
  18. data/ext/windows/eventlog/puppetres.mc +18 -0
  19. data/ext/windows/service/daemon.rb +8 -54
  20. data/install.rb +24 -6
  21. data/lib/hiera/scope.rb +0 -7
  22. data/lib/puppet.rb +10 -21
  23. data/lib/puppet/agent.rb +13 -5
  24. data/lib/puppet/application.rb +10 -8
  25. data/lib/puppet/application/agent.rb +3 -21
  26. data/lib/puppet/application/apply.rb +22 -12
  27. data/lib/puppet/application/cert.rb +25 -180
  28. data/lib/puppet/application/describe.rb +9 -3
  29. data/lib/puppet/application/device.rb +41 -74
  30. data/lib/puppet/application/doc.rb +5 -3
  31. data/lib/puppet/application/filebucket.rb +1 -23
  32. data/lib/puppet/application/lookup.rb +2 -2
  33. data/lib/puppet/application/resource.rb +4 -4
  34. data/lib/puppet/application/script.rb +3 -3
  35. data/lib/puppet/application/ssl.rb +133 -0
  36. data/lib/puppet/application_support.rb +1 -2
  37. data/lib/puppet/configurer.rb +62 -127
  38. data/lib/puppet/configurer/downloader.rb +17 -34
  39. data/lib/puppet/configurer/fact_handler.rb +5 -1
  40. data/lib/puppet/configurer/plugin_handler.rb +2 -3
  41. data/lib/puppet/confine/false.rb +1 -7
  42. data/lib/puppet/confine/true.rb +1 -7
  43. data/lib/puppet/daemon.rb +2 -2
  44. data/lib/puppet/datatypes.rb +1 -1
  45. data/lib/puppet/defaults.rb +126 -286
  46. data/lib/puppet/environments.rb +2 -7
  47. data/lib/puppet/error.rb +14 -10
  48. data/lib/puppet/etc.rb +4 -25
  49. data/lib/puppet/external/dot.rb +23 -17
  50. data/lib/puppet/face/config.rb +50 -12
  51. data/lib/puppet/face/epp.rb +2 -2
  52. data/lib/puppet/face/facts.rb +1 -1
  53. data/lib/puppet/face/help.rb +21 -7
  54. data/lib/puppet/face/help/global.erb +2 -2
  55. data/lib/puppet/face/module/build.rb +4 -59
  56. data/lib/puppet/face/module/generate.rb +5 -247
  57. data/lib/puppet/face/module/install.rb +0 -4
  58. data/lib/puppet/face/module/list.rb +5 -10
  59. data/lib/puppet/face/module/search.rb +2 -2
  60. data/lib/puppet/face/module/uninstall.rb +1 -5
  61. data/lib/puppet/face/module/upgrade.rb +1 -5
  62. data/lib/puppet/face/node/clean.rb +14 -10
  63. data/lib/puppet/face/plugin.rb +2 -9
  64. data/lib/puppet/feature/base.rb +7 -26
  65. data/lib/puppet/feature/eventlog.rb +1 -1
  66. data/lib/puppet/file_bucket/dipper.rb +1 -1
  67. data/lib/puppet/file_serving/base.rb +7 -7
  68. data/lib/puppet/file_serving/fileset.rb +2 -2
  69. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  70. data/lib/puppet/file_serving/metadata.rb +4 -3
  71. data/lib/puppet/file_serving/mount/locales.rb +2 -1
  72. data/lib/puppet/file_serving/mount/pluginfacts.rb +2 -1
  73. data/lib/puppet/file_serving/mount/plugins.rb +2 -1
  74. data/lib/puppet/file_system.rb +8 -0
  75. data/lib/puppet/file_system/memory_file.rb +1 -1
  76. data/lib/puppet/file_system/posix.rb +2 -3
  77. data/lib/puppet/file_system/uniquefile.rb +0 -4
  78. data/lib/puppet/forge.rb +8 -12
  79. data/lib/puppet/functions.rb +138 -0
  80. data/lib/puppet/functions/abs.rb +61 -0
  81. data/lib/puppet/functions/call.rb +38 -2
  82. data/lib/puppet/functions/camelcase.rb +62 -0
  83. data/lib/puppet/functions/capitalize.rb +61 -0
  84. data/lib/puppet/functions/ceiling.rb +37 -0
  85. data/lib/puppet/functions/chomp.rb +57 -0
  86. data/lib/puppet/functions/chop.rb +67 -0
  87. data/lib/puppet/functions/compare.rb +125 -0
  88. data/lib/puppet/functions/convert_to.rb +3 -2
  89. data/lib/puppet/functions/dig.rb +21 -1
  90. data/lib/puppet/functions/downcase.rb +89 -0
  91. data/lib/puppet/functions/epp.rb +4 -4
  92. data/lib/puppet/functions/eyaml_lookup_key.rb +4 -5
  93. data/lib/puppet/functions/filter.rb +7 -6
  94. data/lib/puppet/functions/floor.rb +37 -0
  95. data/lib/puppet/functions/get.rb +150 -0
  96. data/lib/puppet/functions/getvar.rb +87 -0
  97. data/lib/puppet/functions/inline_epp.rb +5 -5
  98. data/lib/puppet/functions/lstrip.rb +58 -0
  99. data/lib/puppet/functions/max.rb +183 -0
  100. data/lib/puppet/functions/min.rb +182 -0
  101. data/lib/puppet/functions/new.rb +3 -8
  102. data/lib/puppet/functions/reduce.rb +4 -2
  103. data/lib/puppet/functions/reverse_each.rb +1 -1
  104. data/lib/puppet/functions/round.rb +24 -0
  105. data/lib/puppet/functions/rstrip.rb +58 -0
  106. data/lib/puppet/functions/size.rb +15 -0
  107. data/lib/puppet/functions/sort.rb +74 -0
  108. data/lib/puppet/functions/step.rb +1 -1
  109. data/lib/puppet/functions/strip.rb +58 -0
  110. data/lib/puppet/functions/upcase.rb +89 -0
  111. data/lib/puppet/functions/yaml_data.rb +4 -5
  112. data/lib/puppet/gettext/config.rb +1 -1
  113. data/lib/puppet/gettext/module_translations.rb +1 -1
  114. data/lib/puppet/graph.rb +0 -2
  115. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  116. data/lib/puppet/graph/simple_graph.rb +10 -7
  117. data/lib/puppet/indirector/catalog/compiler.rb +0 -8
  118. data/lib/puppet/indirector/catalog/json.rb +14 -3
  119. data/lib/puppet/indirector/catalog/yaml.rb +0 -16
  120. data/lib/puppet/indirector/certificate/file.rb +0 -1
  121. data/lib/puppet/indirector/facts/yaml.rb +4 -2
  122. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  123. data/lib/puppet/indirector/hiera.rb +0 -6
  124. data/lib/puppet/indirector/indirection.rb +8 -12
  125. data/lib/puppet/indirector/key/file.rb +1 -6
  126. data/lib/puppet/indirector/node/exec.rb +1 -3
  127. data/lib/puppet/indirector/node/yaml.rb +0 -6
  128. data/lib/puppet/indirector/request.rb +20 -27
  129. data/lib/puppet/indirector/resource/ral.rb +3 -1
  130. data/lib/puppet/indirector/resource/validator.rb +1 -1
  131. data/lib/puppet/indirector/rest.rb +7 -65
  132. data/lib/puppet/indirector/ssl_file.rb +3 -44
  133. data/lib/puppet/indirector/terminus.rb +1 -1
  134. data/lib/puppet/indirector/yaml.rb +4 -4
  135. data/lib/puppet/info_service/task_information_service.rb +7 -3
  136. data/lib/puppet/interface.rb +2 -3
  137. data/lib/puppet/interface/action.rb +2 -5
  138. data/lib/puppet/interface/face_collection.rb +3 -1
  139. data/lib/puppet/loaders.rb +2 -0
  140. data/lib/puppet/metatype/manager.rb +3 -5
  141. data/lib/puppet/module.rb +5 -31
  142. data/lib/puppet/module/task.rb +208 -30
  143. data/lib/puppet/module_tool.rb +2 -5
  144. data/lib/puppet/module_tool/applications.rb +0 -1
  145. data/lib/puppet/module_tool/applications/application.rb +1 -1
  146. data/lib/puppet/module_tool/applications/installer.rb +7 -8
  147. data/lib/puppet/module_tool/applications/uninstaller.rb +4 -5
  148. data/lib/puppet/module_tool/applications/unpacker.rb +1 -1
  149. data/lib/puppet/module_tool/applications/upgrader.rb +5 -6
  150. data/lib/puppet/module_tool/installed_modules.rb +2 -2
  151. data/lib/puppet/module_tool/local_tarball.rb +3 -3
  152. data/lib/puppet/module_tool/metadata.rb +1 -2
  153. data/lib/puppet/module_tool/shared_behaviors.rb +6 -6
  154. data/lib/puppet/module_tool/tar/mini.rb +2 -12
  155. data/lib/puppet/network/authconfig.rb +0 -13
  156. data/lib/puppet/network/format_support.rb +13 -8
  157. data/lib/puppet/network/formats.rb +93 -2
  158. data/lib/puppet/network/http.rb +0 -2
  159. data/lib/puppet/network/http/api.rb +1 -10
  160. data/lib/puppet/network/http/api/indirected_routes.rb +22 -16
  161. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -3
  162. data/lib/puppet/network/http/connection.rb +14 -57
  163. data/lib/puppet/network/http/factory.rb +13 -7
  164. data/lib/puppet/network/http/handler.rb +59 -27
  165. data/lib/puppet/network/http/pool.rb +1 -7
  166. data/lib/puppet/network/http/site.rb +1 -1
  167. data/lib/puppet/network/resolver.rb +140 -67
  168. data/lib/puppet/node.rb +1 -2
  169. data/lib/puppet/node/environment.rb +5 -30
  170. data/lib/puppet/node/facts.rb +11 -1
  171. data/lib/puppet/parameter.rb +4 -7
  172. data/lib/puppet/parser/ast.rb +5 -9
  173. data/lib/puppet/parser/ast/branch.rb +3 -3
  174. data/lib/puppet/parser/ast/leaf.rb +5 -0
  175. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  176. data/lib/puppet/parser/catalog_compiler.rb +32 -0
  177. data/lib/puppet/parser/compiler.rb +2 -3
  178. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -2
  179. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -2
  180. data/lib/puppet/parser/environment_compiler.rb +0 -3
  181. data/lib/puppet/parser/functions.rb +48 -18
  182. data/lib/puppet/parser/functions/epp.rb +3 -3
  183. data/lib/puppet/parser/functions/filter.rb +1 -1
  184. data/lib/puppet/parser/functions/generate.rb +1 -1
  185. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  186. data/lib/puppet/parser/resource.rb +2 -4
  187. data/lib/puppet/parser/resource/param.rb +12 -11
  188. data/lib/puppet/parser/scope.rb +6 -8
  189. data/lib/puppet/parser/script_compiler.rb +7 -2
  190. data/lib/puppet/pops.rb +1 -0
  191. data/lib/puppet/pops/adaptable.rb +13 -7
  192. data/lib/puppet/pops/adapters.rb +18 -8
  193. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  194. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +4 -4
  195. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  196. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  197. data/lib/puppet/pops/evaluator/compare_operator.rb +3 -1
  198. data/lib/puppet/pops/evaluator/deferred_resolver.rb +127 -0
  199. data/lib/puppet/pops/evaluator/evaluator_impl.rb +17 -2
  200. data/lib/puppet/pops/evaluator/external_syntax_support.rb +2 -3
  201. data/lib/puppet/pops/evaluator/runtime3_converter.rb +23 -4
  202. data/lib/puppet/pops/evaluator/runtime3_support.rb +7 -8
  203. data/lib/puppet/pops/functions/dispatch.rb +6 -0
  204. data/lib/puppet/pops/issues.rb +9 -10
  205. data/lib/puppet/pops/loader/loader.rb +1 -1
  206. data/lib/puppet/pops/loader/loader_paths.rb +5 -3
  207. data/lib/puppet/pops/loader/module_loaders.rb +47 -21
  208. data/lib/puppet/pops/loader/null_loader.rb +60 -0
  209. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +54 -0
  210. data/lib/puppet/pops/loader/static_loader.rb +0 -36
  211. data/lib/puppet/pops/loader/task_instantiator.rb +72 -44
  212. data/lib/puppet/pops/loaders.rb +21 -33
  213. data/lib/puppet/pops/lookup/hiera_config.rb +1 -2
  214. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  215. data/lib/puppet/pops/merge_strategy.rb +18 -22
  216. data/lib/puppet/pops/model/ast.pp +16 -0
  217. data/lib/puppet/pops/model/ast.rb +94 -0
  218. data/lib/puppet/pops/model/factory.rb +17 -38
  219. data/lib/puppet/pops/model/model_label_provider.rb +8 -1
  220. data/lib/puppet/pops/parser/egrammar.ra +14 -3
  221. data/lib/puppet/pops/parser/eparser.rb +1537 -1492
  222. data/lib/puppet/pops/parser/epp_support.rb +6 -2
  223. data/lib/puppet/pops/parser/heredoc_support.rb +8 -17
  224. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  225. data/lib/puppet/pops/parser/lexer2.rb +2 -7
  226. data/lib/puppet/pops/parser/locator.rb +87 -107
  227. data/lib/puppet/pops/parser/parser_support.rb +2 -11
  228. data/lib/puppet/pops/parser/pn_parser.rb +16 -17
  229. data/lib/puppet/pops/pcore.rb +19 -8
  230. data/lib/puppet/pops/puppet_stack.rb +48 -51
  231. data/lib/puppet/pops/resource/resource_type_impl.rb +0 -2
  232. data/lib/puppet/pops/serialization.rb +3 -2
  233. data/lib/puppet/pops/serialization/from_data_converter.rb +4 -3
  234. data/lib/puppet/pops/serialization/to_data_converter.rb +3 -3
  235. data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
  236. data/lib/puppet/pops/types/iterable.rb +8 -34
  237. data/lib/puppet/pops/types/p_binary_type.rb +1 -2
  238. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  239. data/lib/puppet/pops/types/p_object_type.rb +3 -0
  240. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  241. data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
  242. data/lib/puppet/pops/types/p_type_set_type.rb +0 -4
  243. data/lib/puppet/pops/types/string_converter.rb +12 -21
  244. data/lib/puppet/pops/types/type_calculator.rb +0 -24
  245. data/lib/puppet/pops/types/type_factory.rb +17 -0
  246. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  247. data/lib/puppet/pops/types/types.rb +7 -32
  248. data/lib/puppet/pops/validation/checker4_0.rb +23 -33
  249. data/lib/puppet/pops/validation/tasks_checker.rb +47 -6
  250. data/lib/puppet/pops/validation/validator_factory_4_0.rb +7 -10
  251. data/lib/puppet/property.rb +1 -1
  252. data/lib/puppet/property/ensure.rb +1 -1
  253. data/lib/puppet/provider.rb +14 -2
  254. data/lib/puppet/provider/exec.rb +58 -59
  255. data/lib/puppet/provider/file/posix.rb +0 -5
  256. data/lib/puppet/provider/file/windows.rb +2 -50
  257. data/lib/puppet/provider/group/aix.rb +2 -18
  258. data/lib/puppet/provider/group/groupadd.rb +19 -19
  259. data/lib/puppet/provider/group/windows_adsi.rb +4 -11
  260. data/lib/puppet/provider/nameservice.rb +28 -11
  261. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  262. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  263. data/lib/puppet/provider/package.rb +0 -2
  264. data/lib/puppet/provider/package/aix.rb +2 -17
  265. data/lib/puppet/provider/package/apt.rb +3 -14
  266. data/lib/puppet/provider/package/dnf.rb +3 -3
  267. data/lib/puppet/provider/package/dpkg.rb +7 -18
  268. data/lib/puppet/provider/package/fink.rb +3 -20
  269. data/lib/puppet/provider/package/gem.rb +43 -105
  270. data/lib/puppet/provider/package/openbsd.rb +2 -14
  271. data/lib/puppet/provider/package/pip.rb +108 -160
  272. data/lib/puppet/provider/package/pip3.rb +1 -1
  273. data/lib/puppet/provider/package/pkg.rb +5 -18
  274. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  275. data/lib/puppet/provider/package/pkgng.rb +4 -16
  276. data/lib/puppet/provider/package/portage.rb +6 -6
  277. data/lib/puppet/provider/package/puppet_gem.rb +2 -7
  278. data/lib/puppet/provider/package/rpm.rb +33 -82
  279. data/lib/puppet/provider/package/windows.rb +2 -6
  280. data/lib/puppet/provider/package/windows/exe_package.rb +10 -16
  281. data/lib/puppet/provider/package/windows/msi_package.rb +0 -8
  282. data/lib/puppet/provider/package/windows/package.rb +2 -10
  283. data/lib/puppet/provider/package/yum.rb +25 -37
  284. data/lib/puppet/provider/package/zypper.rb +0 -1
  285. data/lib/puppet/provider/parsedfile.rb +5 -26
  286. data/lib/puppet/provider/service/base.rb +1 -1
  287. data/lib/puppet/provider/service/daemontools.rb +9 -9
  288. data/lib/puppet/provider/service/debian.rb +1 -0
  289. data/lib/puppet/provider/service/launchd.rb +8 -39
  290. data/lib/puppet/provider/service/openbsd.rb +1 -1
  291. data/lib/puppet/provider/service/rcng.rb +2 -2
  292. data/lib/puppet/provider/service/runit.rb +8 -2
  293. data/lib/puppet/provider/service/smf.rb +0 -54
  294. data/lib/puppet/provider/service/systemd.rb +24 -35
  295. data/lib/puppet/provider/service/upstart.rb +1 -3
  296. data/lib/puppet/provider/service/windows.rb +3 -23
  297. data/lib/puppet/provider/user/aix.rb +2 -48
  298. data/lib/puppet/provider/user/directoryservice.rb +8 -45
  299. data/lib/puppet/provider/user/hpux.rb +1 -1
  300. data/lib/puppet/provider/user/pw.rb +3 -12
  301. data/lib/puppet/provider/user/user_role_add.rb +1 -5
  302. data/lib/puppet/provider/user/useradd.rb +44 -74
  303. data/lib/puppet/provider/user/windows_adsi.rb +0 -7
  304. data/lib/puppet/reference/indirection.rb +2 -2
  305. data/lib/puppet/reference/metaparameter.rb +3 -1
  306. data/lib/puppet/reference/providers.rb +1 -1
  307. data/lib/puppet/reference/type.rb +9 -3
  308. data/lib/puppet/reports.rb +3 -3
  309. data/lib/puppet/resource.rb +22 -22
  310. data/lib/puppet/resource/catalog.rb +8 -14
  311. data/lib/puppet/resource/type.rb +1 -10
  312. data/lib/puppet/rest/client.rb +83 -0
  313. data/lib/puppet/rest/errors.rb +14 -0
  314. data/lib/puppet/rest/response.rb +34 -0
  315. data/lib/puppet/rest/route.rb +84 -0
  316. data/lib/puppet/rest/routes.rb +154 -0
  317. data/lib/puppet/rest/ssl_context.rb +13 -0
  318. data/lib/puppet/settings.rb +9 -54
  319. data/lib/puppet/settings/config_file.rb +1 -2
  320. data/lib/puppet/settings/environment_conf.rb +0 -1
  321. data/lib/puppet/settings/file_setting.rb +1 -1
  322. data/lib/puppet/settings/server_list_setting.rb +0 -9
  323. data/lib/puppet/ssl.rb +0 -1
  324. data/lib/puppet/ssl/base.rb +1 -9
  325. data/lib/puppet/ssl/certificate.rb +7 -4
  326. data/lib/puppet/ssl/certificate_request.rb +6 -14
  327. data/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
  328. data/lib/puppet/ssl/host.rb +400 -174
  329. data/lib/puppet/ssl/key.rb +1 -5
  330. data/lib/puppet/ssl/oids.rb +3 -3
  331. data/lib/puppet/ssl/validator/default_validator.rb +33 -49
  332. data/lib/puppet/test/test_helper.rb +12 -18
  333. data/lib/puppet/transaction.rb +7 -12
  334. data/lib/puppet/transaction/event.rb +37 -14
  335. data/lib/puppet/transaction/event_manager.rb +3 -11
  336. data/lib/puppet/transaction/persistence.rb +1 -1
  337. data/lib/puppet/transaction/report.rb +1 -1
  338. data/lib/puppet/transaction/resource_harness.rb +2 -5
  339. data/lib/puppet/type.rb +7 -10
  340. data/lib/puppet/type/exec.rb +16 -50
  341. data/lib/puppet/type/file.rb +7 -16
  342. data/lib/puppet/type/file/content.rb +2 -3
  343. data/lib/puppet/type/file/data_sync.rb +1 -5
  344. data/lib/puppet/type/file/mode.rb +2 -7
  345. data/lib/puppet/type/file/source.rb +2 -1
  346. data/lib/puppet/type/filebucket.rb +8 -12
  347. data/lib/puppet/type/group.rb +3 -33
  348. data/lib/puppet/type/notify.rb +2 -3
  349. data/lib/puppet/type/package.rb +18 -154
  350. data/lib/puppet/type/resources.rb +2 -12
  351. data/lib/puppet/type/schedule.rb +34 -96
  352. data/lib/puppet/type/service.rb +10 -9
  353. data/lib/puppet/type/tidy.rb +1 -1
  354. data/lib/puppet/type/user.rb +30 -14
  355. data/lib/puppet/util.rb +28 -52
  356. data/lib/puppet/util/autoload.rb +62 -56
  357. data/lib/puppet/util/character_encoding.rb +0 -22
  358. data/lib/puppet/util/classgen.rb +0 -6
  359. data/lib/puppet/util/command_line.rb +4 -7
  360. data/lib/puppet/util/command_line/trollop.rb +1 -1
  361. data/lib/puppet/util/connection.rb +74 -0
  362. data/lib/puppet/util/execution.rb +7 -22
  363. data/lib/puppet/util/feature.rb +63 -41
  364. data/lib/puppet/util/fileparsing.rb +27 -5
  365. data/lib/puppet/util/filetype.rb +8 -56
  366. data/lib/puppet/util/http_proxy.rb +18 -27
  367. data/lib/puppet/util/instance_loader.rb +3 -21
  368. data/lib/puppet/util/json.rb +0 -8
  369. data/lib/puppet/util/ldap/connection.rb +7 -7
  370. data/lib/puppet/util/log.rb +3 -8
  371. data/lib/puppet/util/log/destinations.rb +13 -5
  372. data/lib/puppet/util/logging.rb +19 -31
  373. data/lib/puppet/util/metric.rb +2 -2
  374. data/lib/puppet/util/monkey_patches.rb +1 -1
  375. data/lib/puppet/util/network_device/base.rb +1 -1
  376. data/lib/puppet/util/pidlock.rb +3 -23
  377. data/lib/puppet/util/platform.rb +3 -0
  378. data/lib/puppet/util/plist.rb +0 -6
  379. data/lib/puppet/util/posix.rb +0 -15
  380. data/lib/puppet/util/provider_features.rb +6 -7
  381. data/lib/puppet/util/rdoc.rb +2 -2
  382. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  383. data/lib/puppet/util/reference.rb +8 -7
  384. data/lib/puppet/util/resource_template.rb +1 -1
  385. data/lib/puppet/util/rubygems.rb +1 -13
  386. data/lib/puppet/util/run_mode.rb +1 -1
  387. data/lib/puppet/util/selinux.rb +3 -9
  388. data/lib/puppet/util/ssl.rb +40 -1
  389. data/lib/puppet/util/storage.rb +1 -13
  390. data/lib/puppet/util/suidmanager.rb +7 -5
  391. data/lib/puppet/util/tag_set.rb +1 -1
  392. data/lib/puppet/util/tagging.rb +1 -1
  393. data/lib/puppet/util/windows.rb +15 -0
  394. data/lib/puppet/util/windows/adsi.rb +7 -116
  395. data/lib/puppet/util/windows/api_types.rb +33 -46
  396. data/lib/puppet/util/windows/eventlog.rb +6 -1
  397. data/lib/puppet/util/windows/principal.rb +6 -8
  398. data/lib/puppet/util/windows/process.rb +3 -94
  399. data/lib/puppet/util/windows/registry.rb +14 -46
  400. data/lib/puppet/util/windows/security.rb +2 -40
  401. data/lib/puppet/util/windows/service.rb +72 -431
  402. data/lib/puppet/util/windows/sid.rb +3 -4
  403. data/lib/puppet/util/windows/user.rb +9 -17
  404. data/lib/puppet/util/yaml.rb +41 -5
  405. data/lib/puppet/vendor.rb +1 -1
  406. data/lib/puppet/version.rb +1 -1
  407. data/lib/puppet_pal.rb +246 -23
  408. data/locales/ja/puppet.po +11128 -0
  409. data/locales/puppet.pot +1321 -2527
  410. data/man/man5/puppet.conf.5 +31 -191
  411. data/man/man8/puppet-agent.8 +2 -2
  412. data/man/man8/puppet-apply.8 +1 -1
  413. data/man/man8/puppet-catalog.8 +1 -1
  414. data/man/man8/puppet-config.8 +3 -3
  415. data/man/man8/puppet-describe.8 +1 -1
  416. data/man/man8/puppet-device.8 +19 -23
  417. data/man/man8/puppet-doc.8 +1 -1
  418. data/man/man8/puppet-epp.8 +1 -1
  419. data/man/man8/puppet-facts.8 +1 -1
  420. data/man/man8/puppet-filebucket.8 +2 -21
  421. data/man/man8/puppet-generate.8 +1 -1
  422. data/man/man8/puppet-help.8 +1 -1
  423. data/man/man8/puppet-key.8 +1 -7
  424. data/man/man8/puppet-lookup.8 +1 -1
  425. data/man/man8/puppet-man.8 +1 -1
  426. data/man/man8/puppet-module.8 +10 -100
  427. data/man/man8/puppet-node.8 +4 -7
  428. data/man/man8/puppet-parser.8 +1 -1
  429. data/man/man8/puppet-plugin.8 +1 -1
  430. data/man/man8/puppet-report.8 +1 -1
  431. data/man/man8/puppet-resource.8 +1 -1
  432. data/man/man8/puppet-script.8 +1 -1
  433. data/man/man8/puppet-ssl.8 +28 -0
  434. data/man/man8/puppet-status.8 +1 -1
  435. data/man/man8/puppet.8 +12 -3
  436. data/spec/fixtures/unit/functions/hiera/hiera/backend/hieraspec_backend.rb +22 -0
  437. data/spec/fixtures/unit/functions/lookup/hiera/backend/custom_backend.rb +18 -0
  438. data/spec/fixtures/unit/functions/lookup/hiera/backend/other_backend.rb +7 -0
  439. data/spec/fixtures/unit/pops/loaders/loaders/dependent_modules_with_metadata/modules/user/manifests/init.pp +6 -6
  440. data/spec/fixtures/unit/provider/package/pkgng/pkg.info +0 -1
  441. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +0 -2
  442. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +0 -9
  443. data/spec/integration/agent/logging_spec.rb +9 -7
  444. data/spec/integration/application/apply_spec.rb +31 -26
  445. data/spec/integration/application/doc_spec.rb +2 -1
  446. data/spec/integration/application/lookup_spec.rb +5 -5
  447. data/spec/integration/configurer_spec.rb +8 -76
  448. data/spec/integration/data_binding_spec.rb +1 -1
  449. data/spec/integration/defaults_spec.rb +13 -16
  450. data/spec/integration/directory_environments_spec.rb +1 -1
  451. data/spec/integration/faces/config_spec.rb +4 -3
  452. data/spec/integration/faces/documentation_spec.rb +1 -0
  453. data/spec/integration/faces/plugin_spec.rb +49 -29
  454. data/spec/integration/file_bucket/file_spec.rb +4 -19
  455. data/spec/integration/file_serving/content_spec.rb +1 -0
  456. data/spec/integration/file_serving/fileset_spec.rb +1 -0
  457. data/spec/integration/file_serving/metadata_spec.rb +1 -0
  458. data/spec/integration/file_serving/terminus_helper_spec.rb +1 -0
  459. data/spec/integration/file_system/uniquefile_spec.rb +26 -29
  460. data/spec/integration/indirector/catalog/compiler_spec.rb +11 -10
  461. data/spec/integration/indirector/direct_file_server_spec.rb +1 -1
  462. data/spec/integration/indirector/facts/facter_spec.rb +8 -22
  463. data/spec/integration/indirector/file_content/file_server_spec.rb +8 -7
  464. data/spec/integration/indirector/file_metadata/file_server_spec.rb +8 -7
  465. data/spec/integration/network/authconfig_spec.rb +24 -23
  466. data/spec/integration/network/formats_spec.rb +1 -0
  467. data/spec/integration/network/http/api/indirected_routes_spec.rb +6 -34
  468. data/spec/integration/node/environment_spec.rb +2 -1
  469. data/spec/integration/node/facts_spec.rb +10 -9
  470. data/spec/integration/node_spec.rb +7 -10
  471. data/spec/integration/parser/catalog_spec.rb +8 -6
  472. data/spec/integration/parser/collection_spec.rb +9 -4
  473. data/spec/integration/parser/compiler_spec.rb +7 -25
  474. data/spec/integration/parser/scope_spec.rb +1 -1
  475. data/spec/integration/parser/undef_param_spec.rb +1 -1
  476. data/spec/integration/provider/service/init_spec.rb +9 -6
  477. data/spec/integration/provider/service/systemd_spec.rb +14 -11
  478. data/spec/integration/provider/service/windows_spec.rb +11 -8
  479. data/spec/integration/reference/providers_spec.rb +7 -0
  480. data/spec/integration/reports_spec.rb +2 -1
  481. data/spec/integration/resource/catalog_spec.rb +17 -14
  482. data/spec/integration/resource/type_collection_spec.rb +5 -4
  483. data/spec/integration/ssl/certificate_request_spec.rb +1 -2
  484. data/spec/integration/ssl/host_spec.rb +17 -24
  485. data/spec/integration/ssl/key_spec.rb +7 -2
  486. data/spec/integration/test/test_helper_spec.rb +32 -0
  487. data/spec/integration/transaction/report_spec.rb +14 -9
  488. data/spec/integration/type/exec_spec.rb +2 -1
  489. data/spec/integration/type/file_spec.rb +38 -46
  490. data/spec/integration/type/package_spec.rb +25 -21
  491. data/spec/integration/type/tidy_spec.rb +2 -1
  492. data/spec/integration/type_spec.rb +1 -0
  493. data/spec/integration/util/autoload_spec.rb +11 -7
  494. data/spec/integration/util/execution_spec.rb +5 -32
  495. data/spec/integration/util/rdoc/parser_spec.rb +14 -23
  496. data/spec/integration/util/settings_spec.rb +2 -1
  497. data/spec/integration/util/windows/adsi_spec.rb +8 -11
  498. data/spec/integration/util/windows/principal_spec.rb +2 -1
  499. data/spec/integration/util/windows/process_spec.rb +9 -7
  500. data/spec/integration/util/windows/registry_spec.rb +46 -127
  501. data/spec/integration/util/windows/security_spec.rb +15 -16
  502. data/spec/integration/util/windows/user_spec.rb +29 -66
  503. data/spec/integration/util_spec.rb +10 -7
  504. data/spec/lib/matchers/json.rb +12 -18
  505. data/{lib/puppet/ssl → spec/lib/puppet}/certificate_factory.rb +5 -6
  506. data/spec/lib/puppet/test_ca.rb +109 -0
  507. data/spec/lib/puppet_spec/compiler.rb +28 -1
  508. data/spec/lib/puppet_spec/files.rb +29 -23
  509. data/spec/lib/puppet_spec/module_tool/shared_functions.rb +1 -1
  510. data/spec/lib/puppet_spec/modules.rb +11 -1
  511. data/spec/lib/puppet_spec/scope.rb +2 -1
  512. data/spec/lib/puppet_spec/ssl.rb +265 -0
  513. data/spec/lib/puppet_spec/validators.rb +37 -0
  514. data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
  515. data/spec/shared_behaviours/file_server_terminus.rb +9 -8
  516. data/spec/shared_behaviours/file_serving.rb +8 -6
  517. data/spec/shared_behaviours/file_serving_model.rb +5 -22
  518. data/spec/shared_behaviours/hiera_indirections.rb +4 -3
  519. data/spec/shared_behaviours/iterative_functions.rb +1 -0
  520. data/spec/shared_behaviours/memory_terminus.rb +2 -2
  521. data/spec/shared_behaviours/path_parameters.rb +1 -1
  522. data/spec/shared_contexts/types_setup.rb +0 -2
  523. data/spec/shared_examples/rhel_package_provider.rb +70 -112
  524. data/spec/spec_helper.rb +1 -15
  525. data/spec/unit/agent/disabler_spec.rb +5 -4
  526. data/spec/unit/agent/locker_spec.rb +13 -12
  527. data/spec/unit/agent_spec.rb +102 -105
  528. data/spec/unit/application/agent_spec.rb +95 -114
  529. data/spec/unit/application/apply_spec.rb +92 -119
  530. data/spec/unit/application/config_spec.rb +1 -0
  531. data/spec/unit/application/describe_spec.rb +7 -6
  532. data/spec/unit/application/device_spec.rb +180 -181
  533. data/spec/unit/application/doc_spec.rb +46 -44
  534. data/spec/unit/application/face_base_spec.rb +62 -61
  535. data/spec/unit/application/facts_spec.rb +4 -3
  536. data/spec/unit/application/filebucket_spec.rb +74 -66
  537. data/spec/unit/application/indirection_base_spec.rb +6 -8
  538. data/spec/unit/application/lookup_spec.rb +44 -37
  539. data/spec/unit/application/resource_spec.rb +48 -42
  540. data/spec/unit/application/ssl_spec.rb +322 -0
  541. data/spec/unit/application_spec.rb +108 -90
  542. data/spec/unit/capability_spec.rb +15 -16
  543. data/spec/unit/{ssl/certificate_factory_spec.rb → certificate_factory_spec.rb} +13 -20
  544. data/spec/unit/configurer/downloader_spec.rb +22 -31
  545. data/spec/unit/configurer/fact_handler_spec.rb +7 -2
  546. data/spec/unit/configurer/plugin_handler_spec.rb +8 -41
  547. data/spec/unit/configurer_spec.rb +475 -520
  548. data/spec/unit/confine/exists_spec.rb +15 -17
  549. data/spec/unit/confine/false_spec.rb +6 -32
  550. data/spec/unit/confine/feature_spec.rb +5 -7
  551. data/spec/unit/confine/true_spec.rb +6 -32
  552. data/spec/unit/confine/variable_spec.rb +15 -14
  553. data/spec/unit/confine_collection_spec.rb +29 -28
  554. data/spec/unit/confine_spec.rb +14 -13
  555. data/spec/unit/confiner_spec.rb +11 -10
  556. data/spec/unit/context/trusted_information_spec.rb +4 -3
  557. data/spec/unit/daemon_spec.rb +38 -35
  558. data/spec/unit/data_providers/function_data_provider_spec.rb +1 -0
  559. data/spec/unit/data_providers/hiera_data_provider_spec.rb +1 -0
  560. data/spec/unit/datatypes_spec.rb +4 -3
  561. data/spec/unit/defaults_spec.rb +61 -32
  562. data/spec/unit/environments_spec.rb +7 -7
  563. data/spec/unit/etc_spec.rb +29 -52
  564. data/spec/unit/external/pson_spec.rb +1 -0
  565. data/spec/unit/face/catalog_spec.rb +1 -0
  566. data/spec/unit/face/config_spec.rb +35 -31
  567. data/spec/unit/face/epp_face_spec.rb +4 -3
  568. data/spec/unit/face/facts_spec.rb +6 -14
  569. data/spec/unit/face/generate_spec.rb +5 -4
  570. data/spec/unit/face/help_spec.rb +8 -7
  571. data/spec/unit/face/key_spec.rb +1 -0
  572. data/spec/unit/face/man_spec.rb +2 -1
  573. data/spec/unit/face/module/install_spec.rb +5 -3
  574. data/spec/unit/face/module/list_spec.rb +12 -62
  575. data/spec/unit/face/module/search_spec.rb +9 -11
  576. data/spec/unit/face/module/uninstall_spec.rb +8 -4
  577. data/spec/unit/face/node_spec.rb +30 -52
  578. data/spec/unit/face/parser_spec.rb +3 -3
  579. data/spec/unit/face/plugin_spec.rb +9 -44
  580. data/spec/unit/face/status_spec.rb +1 -0
  581. data/spec/unit/file_bucket/dipper_spec.rb +24 -28
  582. data/spec/unit/file_bucket/file_spec.rb +2 -0
  583. data/spec/unit/file_serving/base_spec.rb +18 -20
  584. data/spec/unit/file_serving/configuration/parser_spec.rb +28 -27
  585. data/spec/unit/file_serving/configuration_spec.rb +66 -63
  586. data/spec/unit/file_serving/content_spec.rb +11 -10
  587. data/spec/unit/file_serving/fileset_spec.rb +58 -63
  588. data/spec/unit/file_serving/http_metadata_spec.rb +7 -8
  589. data/spec/unit/file_serving/metadata_spec.rb +40 -40
  590. data/spec/unit/file_serving/mount/file_spec.rb +32 -31
  591. data/spec/unit/file_serving/mount/locales_spec.rb +26 -25
  592. data/spec/unit/file_serving/mount/modules_spec.rb +15 -14
  593. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +26 -25
  594. data/spec/unit/file_serving/mount/plugins_spec.rb +26 -25
  595. data/spec/unit/file_serving/mount/tasks_spec.rb +15 -14
  596. data/spec/unit/file_serving/mount_spec.rb +1 -0
  597. data/spec/unit/file_serving/terminus_helper_spec.rb +42 -37
  598. data/spec/unit/file_serving/terminus_selector_spec.rb +13 -12
  599. data/spec/unit/file_system/path_pattern_spec.rb +1 -1
  600. data/spec/unit/file_system/uniquefile_spec.rb +6 -17
  601. data/spec/unit/file_system_spec.rb +9 -6
  602. data/spec/unit/forge/errors_spec.rb +1 -1
  603. data/spec/unit/forge/forge_spec.rb +16 -15
  604. data/spec/unit/forge/module_release_spec.rb +18 -18
  605. data/spec/unit/forge/repository_spec.rb +30 -27
  606. data/spec/unit/forge_spec.rb +11 -15
  607. data/spec/unit/functions/abs_spec.rb +70 -0
  608. data/spec/unit/functions/binary_file_spec.rb +3 -3
  609. data/spec/unit/functions/call_spec.rb +59 -5
  610. data/spec/unit/functions/camelcase_spec.rb +34 -0
  611. data/spec/unit/functions/capitalize_spec.rb +34 -0
  612. data/spec/unit/functions/ceiling_spec.rb +65 -0
  613. data/spec/unit/functions/chomp_spec.rb +46 -0
  614. data/spec/unit/functions/chop_spec.rb +38 -0
  615. data/spec/unit/functions/compare_spec.rb +147 -0
  616. data/spec/unit/functions/contain_spec.rb +2 -0
  617. data/spec/unit/functions/convert_to_spec.rb +3 -0
  618. data/spec/unit/functions/defined_spec.rb +1 -0
  619. data/spec/unit/functions/downcase_spec.rb +34 -0
  620. data/spec/unit/functions/epp_spec.rb +2 -2
  621. data/spec/unit/functions/filter_spec.rb +4 -4
  622. data/spec/unit/functions/find_file_spec.rb +7 -7
  623. data/spec/unit/functions/floor_spec.rb +65 -0
  624. data/spec/unit/functions/get_spec.rb +135 -0
  625. data/spec/unit/functions/getvar_spec.rb +121 -0
  626. data/spec/unit/functions/hiera_spec.rb +14 -48
  627. data/spec/unit/functions/include_spec.rb +4 -0
  628. data/spec/unit/functions/lookup_fixture_spec.rb +1 -0
  629. data/spec/unit/functions/lookup_spec.rb +37 -62
  630. data/spec/unit/functions/lstrip_spec.rb +30 -0
  631. data/spec/unit/functions/match_spec.rb +3 -4
  632. data/spec/unit/functions/max_spec.rb +129 -0
  633. data/spec/unit/functions/min_spec.rb +129 -0
  634. data/spec/unit/functions/module_directory_spec.rb +12 -12
  635. data/spec/unit/functions/new_spec.rb +0 -15
  636. data/spec/unit/functions/regsubst_spec.rb +3 -4
  637. data/spec/unit/functions/require_spec.rb +3 -0
  638. data/spec/unit/functions/round_spec.rb +41 -0
  639. data/spec/unit/functions/rstrip_spec.rb +30 -0
  640. data/spec/unit/functions/shared.rb +8 -5
  641. data/spec/unit/functions/size_spec.rb +50 -0
  642. data/spec/unit/functions/sort_spec.rb +79 -0
  643. data/spec/unit/functions/split_spec.rb +3 -4
  644. data/spec/unit/functions/strip_spec.rb +30 -0
  645. data/spec/unit/functions/upcase_spec.rb +34 -0
  646. data/spec/unit/functions/versioncmp_spec.rb +4 -4
  647. data/spec/unit/functions4_spec.rb +78 -51
  648. data/spec/unit/gettext/config_spec.rb +4 -4
  649. data/spec/unit/gettext/module_loading_spec.rb +7 -7
  650. data/spec/unit/graph/rb_tree_map_spec.rb +2 -0
  651. data/spec/unit/graph/relationship_graph_spec.rb +2 -1
  652. data/spec/unit/graph/simple_graph_spec.rb +52 -11
  653. data/spec/unit/hiera/scope_spec.rb +0 -7
  654. data/spec/unit/hiera_puppet_spec.rb +20 -20
  655. data/spec/unit/indirector/catalog/compiler_spec.rb +166 -183
  656. data/spec/unit/indirector/catalog/json_spec.rb +2 -1
  657. data/spec/unit/indirector/catalog/msgpack_spec.rb +1 -0
  658. data/spec/unit/indirector/catalog/rest_spec.rb +1 -0
  659. data/spec/unit/indirector/catalog/store_configs_spec.rb +1 -0
  660. data/spec/unit/indirector/catalog/yaml_spec.rb +1 -0
  661. data/spec/unit/indirector/certificate/file_spec.rb +1 -8
  662. data/spec/unit/indirector/certificate/rest_spec.rb +10 -8
  663. data/spec/unit/indirector/certificate_request/file_spec.rb +1 -0
  664. data/spec/unit/indirector/certificate_request/rest_spec.rb +1 -0
  665. data/spec/unit/indirector/direct_file_server_spec.rb +49 -57
  666. data/spec/unit/indirector/envelope_spec.rb +2 -1
  667. data/spec/unit/indirector/exec_spec.rb +31 -26
  668. data/spec/unit/indirector/face_spec.rb +9 -9
  669. data/spec/unit/indirector/facts/facter_spec.rb +43 -37
  670. data/spec/unit/indirector/facts/network_device_spec.rb +9 -8
  671. data/spec/unit/indirector/facts/rest_spec.rb +8 -7
  672. data/spec/unit/indirector/facts/store_configs_spec.rb +1 -0
  673. data/spec/unit/indirector/facts/yaml_spec.rb +90 -77
  674. data/spec/unit/indirector/file_bucket_file/file_spec.rb +13 -9
  675. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +1 -0
  676. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +5 -4
  677. data/spec/unit/indirector/file_content/file_server_spec.rb +1 -0
  678. data/spec/unit/indirector/file_content/file_spec.rb +1 -0
  679. data/spec/unit/indirector/file_content/rest_spec.rb +1 -0
  680. data/spec/unit/indirector/file_content/selector_spec.rb +1 -0
  681. data/spec/unit/indirector/file_metadata/file_server_spec.rb +1 -0
  682. data/spec/unit/indirector/file_metadata/file_spec.rb +13 -12
  683. data/spec/unit/indirector/file_metadata/rest_spec.rb +1 -0
  684. data/spec/unit/indirector/file_metadata/selector_spec.rb +1 -0
  685. data/spec/unit/indirector/file_server_spec.rb +145 -145
  686. data/spec/unit/indirector/indirection_spec.rb +226 -249
  687. data/spec/unit/indirector/json_spec.rb +9 -7
  688. data/spec/unit/indirector/key/file_spec.rb +22 -38
  689. data/spec/unit/indirector/memory_spec.rb +7 -6
  690. data/spec/unit/indirector/msgpack_spec.rb +9 -7
  691. data/spec/unit/indirector/node/exec_spec.rb +43 -22
  692. data/spec/unit/indirector/node/memory_spec.rb +4 -2
  693. data/spec/unit/indirector/node/msgpack_spec.rb +1 -0
  694. data/spec/unit/indirector/node/plain_spec.rb +4 -2
  695. data/spec/unit/indirector/node/rest_spec.rb +1 -0
  696. data/spec/unit/indirector/node/store_configs_spec.rb +1 -0
  697. data/spec/unit/indirector/node/yaml_spec.rb +1 -0
  698. data/spec/unit/indirector/none_spec.rb +5 -5
  699. data/spec/unit/indirector/plain_spec.rb +8 -7
  700. data/spec/unit/indirector/report/msgpack_spec.rb +1 -0
  701. data/spec/unit/indirector/report/processor_spec.rb +22 -21
  702. data/spec/unit/indirector/report/rest_spec.rb +12 -11
  703. data/spec/unit/indirector/report/yaml_spec.rb +1 -0
  704. data/spec/unit/indirector/request_spec.rb +18 -15
  705. data/spec/unit/indirector/resource/ral_spec.rb +55 -47
  706. data/spec/unit/indirector/resource/store_configs_spec.rb +1 -0
  707. data/spec/unit/indirector/rest_spec.rb +110 -113
  708. data/spec/unit/indirector/ssl_file_spec.rb +100 -119
  709. data/spec/unit/indirector/status/local_spec.rb +1 -0
  710. data/spec/unit/indirector/status/rest_spec.rb +1 -0
  711. data/spec/unit/indirector/store_configs_spec.rb +1 -0
  712. data/spec/unit/indirector/terminus_spec.rb +30 -32
  713. data/spec/unit/indirector/yaml_spec.rb +90 -68
  714. data/spec/unit/indirector_spec.rb +2 -1
  715. data/spec/unit/info_service_spec.rb +144 -10
  716. data/spec/unit/interface/action_builder_spec.rb +1 -0
  717. data/spec/unit/interface/action_manager_spec.rb +1 -0
  718. data/spec/unit/interface/action_spec.rb +3 -2
  719. data/spec/unit/interface/documentation_spec.rb +1 -0
  720. data/spec/unit/interface/face_collection_spec.rb +12 -19
  721. data/spec/unit/interface_spec.rb +3 -3
  722. data/spec/unit/man_spec.rb +4 -3
  723. data/spec/unit/module_spec.rb +52 -102
  724. data/spec/unit/module_tool/applications/installer_spec.rb +13 -12
  725. data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
  726. data/spec/unit/module_tool/applications/uninstaller_spec.rb +2 -1
  727. data/spec/unit/module_tool/applications/unpacker_spec.rb +13 -13
  728. data/spec/unit/module_tool/applications/upgrader_spec.rb +6 -6
  729. data/spec/unit/module_tool/install_directory_spec.rb +8 -8
  730. data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
  731. data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
  732. data/spec/unit/module_tool/tar/mini_spec.rb +12 -12
  733. data/spec/unit/module_tool/tar_spec.rb +13 -12
  734. data/spec/unit/module_tool_spec.rb +12 -29
  735. data/spec/unit/network/auth_config_parser_spec.rb +13 -11
  736. data/spec/unit/network/authconfig_spec.rb +18 -17
  737. data/spec/unit/network/authorization_spec.rb +5 -4
  738. data/spec/unit/network/authstore_spec.rb +1 -0
  739. data/spec/unit/network/format_handler_spec.rb +1 -0
  740. data/spec/unit/network/format_spec.rb +10 -9
  741. data/spec/unit/network/format_support_spec.rb +29 -28
  742. data/spec/unit/network/formats_spec.rb +31 -4
  743. data/spec/unit/network/http/api/indirected_routes_spec.rb +41 -51
  744. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +7 -9
  745. data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -2
  746. data/spec/unit/network/http/api/master/v3/environments_spec.rb +7 -6
  747. data/spec/unit/network/http/api_spec.rb +2 -26
  748. data/spec/unit/network/http/compression_spec.rb +28 -24
  749. data/spec/unit/network/http/connection_spec.rb +122 -72
  750. data/spec/unit/network/http/factory_spec.rb +11 -40
  751. data/spec/unit/network/http/handler_spec.rb +18 -9
  752. data/spec/unit/network/http/nocache_pool_spec.rb +7 -6
  753. data/spec/unit/network/http/pool_spec.rb +29 -60
  754. data/spec/unit/network/http/request_spec.rb +2 -0
  755. data/spec/unit/network/http/response_spec.rb +13 -11
  756. data/spec/unit/network/http/route_spec.rb +1 -0
  757. data/spec/unit/network/http/session_spec.rb +2 -1
  758. data/spec/unit/network/http/site_spec.rb +1 -0
  759. data/spec/unit/network/http_pool_spec.rb +9 -18
  760. data/spec/unit/network/http_spec.rb +1 -0
  761. data/spec/unit/network/resolver_spec.rb +104 -28
  762. data/spec/unit/network/rights_spec.rb +53 -52
  763. data/spec/unit/node/environment_spec.rb +17 -18
  764. data/spec/unit/node/facts_spec.rb +21 -6
  765. data/spec/unit/node_spec.rb +23 -17
  766. data/spec/unit/other/selinux_spec.rb +1 -71
  767. data/spec/unit/parameter/boolean_spec.rb +2 -1
  768. data/spec/unit/parameter/package_options_spec.rb +2 -1
  769. data/spec/unit/parameter/path_spec.rb +1 -0
  770. data/spec/unit/parameter/value_collection_spec.rb +1 -0
  771. data/spec/unit/parameter/value_spec.rb +1 -0
  772. data/spec/unit/parameter_spec.rb +9 -9
  773. data/spec/unit/parser/ast/block_expression_spec.rb +8 -6
  774. data/spec/unit/parser/ast/leaf_spec.rb +21 -20
  775. data/spec/unit/parser/compiler_spec.rb +96 -84
  776. data/spec/unit/parser/environment_compiler_spec.rb +16 -23
  777. data/spec/unit/parser/files_spec.rb +1 -0
  778. data/spec/unit/parser/functions/create_resources_spec.rb +1 -1
  779. data/spec/unit/parser/functions/digest_spec.rb +1 -4
  780. data/spec/unit/parser/functions/fail_spec.rb +2 -5
  781. data/spec/unit/parser/functions/file_spec.rb +14 -17
  782. data/spec/unit/parser/functions/fqdn_rand_spec.rb +6 -5
  783. data/spec/unit/parser/functions/generate_spec.rb +37 -38
  784. data/spec/unit/parser/functions/inline_template_spec.rb +1 -4
  785. data/spec/unit/parser/functions/regsubst_spec.rb +1 -4
  786. data/spec/unit/parser/functions/scanf_spec.rb +1 -4
  787. data/spec/unit/parser/functions/shellquote_spec.rb +1 -0
  788. data/spec/unit/parser/functions/split_spec.rb +1 -4
  789. data/spec/unit/parser/functions/sprintf_spec.rb +1 -4
  790. data/spec/unit/parser/functions/tag_spec.rb +2 -5
  791. data/spec/unit/parser/functions/tagged_spec.rb +3 -6
  792. data/spec/unit/parser/functions/template_spec.rb +13 -17
  793. data/spec/unit/parser/functions/versioncmp_spec.rb +2 -5
  794. data/spec/unit/parser/functions_spec.rb +29 -3
  795. data/spec/unit/parser/relationship_spec.rb +1 -0
  796. data/spec/unit/parser/resource/param_spec.rb +1 -1
  797. data/spec/unit/parser/resource_spec.rb +42 -42
  798. data/spec/unit/parser/scope_spec.rb +35 -39
  799. data/spec/unit/parser/templatewrapper_spec.rb +12 -11
  800. data/spec/unit/parser/type_loader_spec.rb +19 -17
  801. data/spec/unit/pops/adaptable_spec.rb +1 -0
  802. data/spec/unit/pops/benchmark_spec.rb +1 -0
  803. data/spec/unit/pops/evaluator/access_ops_spec.rb +1 -0
  804. data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +11 -0
  805. data/spec/unit/pops/evaluator/basic_expressions_spec.rb +1 -0
  806. data/spec/unit/pops/evaluator/collections_ops_spec.rb +1 -0
  807. data/spec/unit/pops/evaluator/comparison_ops_spec.rb +1 -0
  808. data/spec/unit/pops/evaluator/conditionals_spec.rb +1 -0
  809. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +78 -18
  810. data/spec/unit/pops/evaluator/logical_ops_spec.rb +1 -0
  811. data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +5 -4
  812. data/spec/unit/pops/evaluator/string_interpolation_spec.rb +1 -0
  813. data/spec/unit/pops/evaluator/variables_spec.rb +1 -0
  814. data/spec/unit/pops/factory_spec.rb +4 -3
  815. data/spec/unit/pops/issues_spec.rb +20 -19
  816. data/spec/unit/pops/loaders/dependency_loader_spec.rb +2 -2
  817. data/spec/unit/pops/loaders/loader_spec.rb +12 -36
  818. data/spec/unit/pops/loaders/loaders_spec.rb +57 -54
  819. data/spec/unit/pops/loaders/module_loaders_spec.rb +35 -3
  820. data/spec/unit/pops/loaders/static_loader_spec.rb +0 -36
  821. data/spec/unit/pops/lookup/context_spec.rb +1 -0
  822. data/spec/unit/pops/lookup/interpolation_spec.rb +3 -2
  823. data/spec/unit/pops/merge_strategy_spec.rb +1 -0
  824. data/spec/unit/pops/migration_spec.rb +5 -3
  825. data/spec/unit/pops/model/model_spec.rb +1 -0
  826. data/spec/unit/pops/model/pn_transformer_spec.rb +1 -0
  827. data/spec/unit/pops/parser/lexer2_spec.rb +60 -21
  828. data/spec/unit/pops/parser/locator_spec.rb +6 -48
  829. data/spec/unit/pops/parser/parse_application_spec.rb +1 -0
  830. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +1 -0
  831. data/spec/unit/pops/parser/parse_calls_spec.rb +1 -0
  832. data/spec/unit/pops/parser/parse_capabilities_spec.rb +1 -0
  833. data/spec/unit/pops/parser/parse_conditionals_spec.rb +1 -0
  834. data/spec/unit/pops/parser/parse_containers_spec.rb +1 -0
  835. data/spec/unit/pops/parser/parse_heredoc_spec.rb +12 -124
  836. data/spec/unit/pops/parser/parse_plan_spec.rb +1 -0
  837. data/spec/unit/pops/parser/parse_resource_spec.rb +1 -0
  838. data/spec/unit/pops/parser/parse_site_spec.rb +1 -0
  839. data/spec/unit/pops/parser/pn_parser_spec.rb +1 -0
  840. data/spec/unit/pops/pn_spec.rb +1 -0
  841. data/spec/unit/pops/resource/resource_type_impl_spec.rb +1 -0
  842. data/spec/unit/pops/serialization/serialization_spec.rb +7 -5
  843. data/spec/unit/pops/serialization/to_from_hr_spec.rb +29 -4
  844. data/spec/unit/pops/serialization/to_stringified_spec.rb +157 -0
  845. data/spec/unit/pops/types/deferred_spec.rb +87 -0
  846. data/spec/unit/pops/types/p_object_type_spec.rb +20 -0
  847. data/spec/unit/pops/types/p_timespan_type_spec.rb +0 -22
  848. data/spec/unit/pops/types/p_timestamp_type_spec.rb +0 -19
  849. data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
  850. data/spec/unit/pops/types/ruby_generator_spec.rb +2 -2
  851. data/spec/unit/pops/types/string_converter_spec.rb +11 -22
  852. data/spec/unit/pops/types/task_spec.rb +148 -16
  853. data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
  854. data/spec/unit/pops/types/type_calculator_spec.rb +36 -36
  855. data/spec/unit/pops/types/type_mismatch_describer_spec.rb +0 -9
  856. data/spec/unit/pops/types/type_parser_spec.rb +13 -13
  857. data/spec/unit/pops/types/types_spec.rb +12 -6
  858. data/spec/unit/pops/validator/validator_spec.rb +162 -82
  859. data/spec/unit/pops/visitor_spec.rb +1 -0
  860. data/spec/unit/property/boolean_spec.rb +1 -1
  861. data/spec/unit/property/ensure_spec.rb +1 -0
  862. data/spec/unit/property/keyvalue_spec.rb +34 -32
  863. data/spec/unit/property/list_spec.rb +27 -26
  864. data/spec/unit/property/ordered_list_spec.rb +14 -10
  865. data/spec/unit/property_spec.rb +53 -43
  866. data/spec/unit/provider/aix_object_spec.rb +45 -47
  867. data/spec/unit/provider/command_spec.rb +9 -9
  868. data/spec/unit/provider/exec/posix_spec.rb +9 -8
  869. data/spec/unit/provider/exec/shell_spec.rb +3 -1
  870. data/spec/unit/provider/exec/windows_spec.rb +6 -4
  871. data/spec/unit/provider/exec_spec.rb +1 -209
  872. data/spec/unit/provider/file/posix_spec.rb +24 -22
  873. data/spec/unit/provider/file/windows_spec.rb +19 -17
  874. data/spec/unit/provider/group/aix_spec.rb +7 -22
  875. data/spec/unit/provider/group/groupadd_spec.rb +27 -60
  876. data/spec/unit/provider/group/ldap_spec.rb +36 -33
  877. data/spec/unit/provider/group/pw_spec.rb +18 -15
  878. data/spec/unit/provider/group/windows_adsi_spec.rb +80 -128
  879. data/spec/unit/provider/ldap_spec.rb +62 -61
  880. data/spec/unit/provider/nameservice/directoryservice_spec.rb +109 -102
  881. data/spec/unit/provider/nameservice_spec.rb +41 -39
  882. data/spec/unit/provider/package/aix_spec.rb +22 -48
  883. data/spec/unit/provider/package/appdmg_spec.rb +13 -13
  884. data/spec/unit/provider/package/apt_spec.rb +35 -60
  885. data/spec/unit/provider/package/aptitude_spec.rb +7 -7
  886. data/spec/unit/provider/package/aptrpm_spec.rb +13 -8
  887. data/spec/unit/provider/package/base_spec.rb +4 -4
  888. data/spec/unit/provider/package/dnf_spec.rb +23 -34
  889. data/spec/unit/provider/package/dpkg_spec.rb +72 -114
  890. data/spec/unit/provider/package/freebsd_spec.rb +18 -15
  891. data/spec/unit/provider/package/gem_spec.rb +86 -163
  892. data/spec/unit/provider/package/hpux_spec.rb +18 -15
  893. data/spec/unit/provider/package/macports_spec.rb +54 -56
  894. data/spec/unit/provider/package/nim_spec.rb +49 -33
  895. data/spec/unit/provider/package/openbsd_spec.rb +49 -60
  896. data/spec/unit/provider/package/opkg_spec.rb +26 -23
  897. data/spec/unit/provider/package/pacman_spec.rb +118 -97
  898. data/spec/unit/provider/package/pip3_spec.rb +6 -20
  899. data/spec/unit/provider/package/pip_spec.rb +129 -185
  900. data/spec/unit/provider/package/pkg_spec.rb +119 -129
  901. data/spec/unit/provider/package/pkgdmg_spec.rb +63 -65
  902. data/spec/unit/provider/package/pkgin_spec.rb +23 -20
  903. data/spec/unit/provider/package/pkgng_spec.rb +35 -67
  904. data/spec/unit/provider/package/pkgutil_spec.rb +49 -45
  905. data/spec/unit/provider/package/portage_spec.rb +76 -72
  906. data/spec/unit/provider/package/puppet_gem_spec.rb +21 -45
  907. data/spec/unit/provider/package/rpm_spec.rb +79 -291
  908. data/spec/unit/provider/package/sun_spec.rb +18 -16
  909. data/spec/unit/provider/package/tdnf_spec.rb +12 -9
  910. data/spec/unit/provider/package/up2date_spec.rb +4 -2
  911. data/spec/unit/provider/package/urpmi_spec.rb +17 -15
  912. data/spec/unit/provider/package/windows/exe_package_spec.rb +18 -15
  913. data/spec/unit/provider/package/windows/msi_package_spec.rb +23 -20
  914. data/spec/unit/provider/package/windows/package_spec.rb +43 -38
  915. data/spec/unit/provider/package/windows_spec.rb +36 -51
  916. data/spec/unit/provider/package/yum_spec.rb +24 -128
  917. data/spec/unit/provider/package/zypper_spec.rb +106 -117
  918. data/spec/unit/provider/parsedfile_spec.rb +45 -44
  919. data/spec/unit/provider/service/base_spec.rb +6 -5
  920. data/spec/unit/provider/service/bsd_spec.rb +54 -47
  921. data/spec/unit/provider/service/daemontools_spec.rb +53 -70
  922. data/spec/unit/provider/service/debian_spec.rb +58 -46
  923. data/spec/unit/provider/service/freebsd_spec.rb +23 -20
  924. data/spec/unit/provider/service/gentoo_spec.rb +81 -74
  925. data/spec/unit/provider/service/init_spec.rb +66 -65
  926. data/spec/unit/provider/service/launchd_spec.rb +114 -181
  927. data/spec/unit/provider/service/openbsd_spec.rb +94 -87
  928. data/spec/unit/provider/service/openrc_spec.rb +74 -70
  929. data/spec/unit/provider/service/openwrt_spec.rb +38 -30
  930. data/spec/unit/provider/service/rcng_spec.rb +24 -19
  931. data/spec/unit/provider/service/redhat_spec.rb +60 -60
  932. data/spec/unit/provider/service/runit_spec.rb +44 -61
  933. data/spec/unit/provider/service/smf_spec.rb +74 -143
  934. data/spec/unit/provider/service/src_spec.rb +69 -60
  935. data/spec/unit/provider/service/systemd_spec.rb +160 -222
  936. data/spec/unit/provider/service/upstart_spec.rb +99 -83
  937. data/spec/unit/provider/service/windows_spec.rb +42 -84
  938. data/spec/unit/provider/user/aix_spec.rb +24 -65
  939. data/spec/unit/provider/user/directoryservice_spec.rb +114 -187
  940. data/spec/unit/provider/user/hpux_spec.rb +21 -17
  941. data/spec/unit/provider/user/ldap_spec.rb +83 -80
  942. data/spec/unit/provider/user/openbsd_spec.rb +12 -11
  943. data/spec/unit/provider/user/pw_spec.rb +44 -80
  944. data/spec/unit/provider/user/user_role_add_spec.rb +94 -94
  945. data/spec/unit/provider/user/useradd_spec.rb +100 -208
  946. data/spec/unit/provider/user/windows_adsi_spec.rb +63 -62
  947. data/spec/unit/provider_spec.rb +189 -41
  948. data/spec/unit/puppet_pal_2pec.rb +26 -12
  949. data/spec/unit/puppet_pal_catalog_spec.rb +801 -0
  950. data/spec/unit/puppet_pal_spec.rb +2 -8
  951. data/spec/unit/puppet_spec.rb +7 -27
  952. data/spec/unit/relationship_spec.rb +1 -0
  953. data/spec/unit/reports/http_spec.rb +23 -21
  954. data/spec/unit/reports/store_spec.rb +4 -3
  955. data/spec/unit/reports_spec.rb +14 -12
  956. data/spec/unit/resource/capability_finder_spec.rb +26 -29
  957. data/spec/unit/resource/catalog_spec.rb +77 -81
  958. data/spec/unit/resource/status_spec.rb +8 -6
  959. data/spec/unit/resource/type_collection_spec.rb +18 -17
  960. data/spec/unit/resource/type_spec.rb +35 -34
  961. data/spec/unit/resource_spec.rb +79 -67
  962. data/spec/unit/rest/client_spec.rb +135 -0
  963. data/spec/unit/rest/route_spec.rb +132 -0
  964. data/spec/unit/scheduler/job_spec.rb +1 -0
  965. data/spec/unit/scheduler/scheduler_spec.rb +1 -0
  966. data/spec/unit/scheduler/splay_job_spec.rb +2 -1
  967. data/spec/unit/settings/array_setting_spec.rb +1 -1
  968. data/spec/unit/settings/autosign_setting_spec.rb +9 -9
  969. data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
  970. data/spec/unit/settings/config_file_spec.rb +10 -0
  971. data/spec/unit/settings/directory_setting_spec.rb +7 -2
  972. data/spec/unit/settings/duration_setting_spec.rb +2 -1
  973. data/spec/unit/settings/enum_setting_spec.rb +1 -1
  974. data/spec/unit/settings/environment_conf_spec.rb +6 -4
  975. data/spec/unit/settings/file_setting_spec.rb +50 -46
  976. data/spec/unit/settings/ini_file_spec.rb +2 -4
  977. data/spec/unit/settings/path_setting_spec.rb +3 -2
  978. data/spec/unit/settings/priority_setting_spec.rb +2 -1
  979. data/spec/unit/settings/string_setting_spec.rb +15 -14
  980. data/spec/unit/settings/terminus_setting_spec.rb +2 -1
  981. data/spec/unit/settings/value_translator_spec.rb +1 -0
  982. data/spec/unit/settings_spec.rb +226 -253
  983. data/spec/unit/ssl/base_spec.rb +15 -14
  984. data/spec/unit/ssl/certificate_request_attributes_spec.rb +22 -8
  985. data/spec/unit/ssl/certificate_request_spec.rb +63 -92
  986. data/spec/unit/ssl/certificate_spec.rb +29 -37
  987. data/spec/unit/ssl/digest_spec.rb +1 -0
  988. data/spec/unit/ssl/host_spec.rb +305 -685
  989. data/spec/unit/ssl/key_spec.rb +34 -46
  990. data/spec/unit/ssl/validator_spec.rb +70 -203
  991. data/spec/unit/task_spec.rb +172 -26
  992. data/spec/unit/transaction/additional_resource_generator_spec.rb +68 -67
  993. data/spec/unit/transaction/event_manager_spec.rb +84 -95
  994. data/spec/unit/transaction/event_spec.rb +15 -16
  995. data/spec/unit/transaction/persistence_spec.rb +18 -17
  996. data/spec/unit/transaction/report_spec.rb +24 -18
  997. data/spec/unit/transaction/resource_harness_spec.rb +33 -72
  998. data/spec/unit/transaction_spec.rb +106 -176
  999. data/spec/unit/type/component_spec.rb +1 -0
  1000. data/spec/unit/type/exec_spec.rb +66 -120
  1001. data/spec/unit/type/file/checksum_spec.rb +11 -10
  1002. data/spec/unit/type/file/checksum_value_spec.rb +32 -31
  1003. data/spec/unit/type/file/content_spec.rb +62 -65
  1004. data/spec/unit/type/file/ctime_spec.rb +1 -0
  1005. data/spec/unit/type/file/ensure_spec.rb +13 -12
  1006. data/spec/unit/type/file/group_spec.rb +7 -5
  1007. data/spec/unit/type/file/mode_spec.rb +6 -4
  1008. data/spec/unit/type/file/mtime_spec.rb +1 -0
  1009. data/spec/unit/type/file/owner_spec.rb +8 -6
  1010. data/spec/unit/type/file/selinux_spec.rb +19 -17
  1011. data/spec/unit/type/file/source_spec.rb +110 -113
  1012. data/spec/unit/type/file/type_spec.rb +1 -0
  1013. data/spec/unit/type/file_spec.rb +190 -204
  1014. data/spec/unit/type/filebucket_spec.rb +10 -11
  1015. data/spec/unit/type/group_spec.rb +9 -15
  1016. data/spec/unit/type/noop_metaparam_spec.rb +2 -1
  1017. data/spec/unit/type/package/package_settings_spec.rb +23 -44
  1018. data/spec/unit/type/package_spec.rb +64 -61
  1019. data/spec/unit/type/resources_spec.rb +101 -103
  1020. data/spec/unit/type/schedule_spec.rb +28 -28
  1021. data/spec/unit/type/service_spec.rb +85 -76
  1022. data/spec/unit/type/stage_spec.rb +1 -0
  1023. data/spec/unit/type/tidy_spec.rb +63 -62
  1024. data/spec/unit/type/user_spec.rb +26 -147
  1025. data/spec/unit/type/whit_spec.rb +1 -0
  1026. data/spec/unit/type_spec.rb +164 -125
  1027. data/spec/unit/util/at_fork_spec.rb +19 -18
  1028. data/spec/unit/util/autoload_spec.rb +122 -93
  1029. data/spec/unit/util/backups_spec.rb +35 -34
  1030. data/spec/unit/util/character_encoding_spec.rb +5 -48
  1031. data/spec/unit/util/checksums_spec.rb +39 -38
  1032. data/spec/unit/util/colors_spec.rb +2 -1
  1033. data/spec/unit/util/command_line_spec.rb +20 -40
  1034. data/spec/unit/util/constant_inflector_spec.rb +1 -0
  1035. data/spec/unit/util/diff_spec.rb +8 -7
  1036. data/spec/unit/util/errors_spec.rb +1 -0
  1037. data/spec/unit/util/execution_spec.rb +167 -285
  1038. data/spec/unit/util/execution_stub_spec.rb +3 -2
  1039. data/spec/unit/util/feature_spec.rb +46 -28
  1040. data/spec/unit/util/filetype_spec.rb +53 -61
  1041. data/spec/unit/util/http_proxy_spec.rb +13 -133
  1042. data/spec/unit/util/inifile_spec.rb +31 -26
  1043. data/spec/unit/util/json_lockfile_spec.rb +5 -3
  1044. data/spec/unit/util/ldap/connection_spec.rb +25 -26
  1045. data/spec/unit/util/ldap/generator_spec.rb +1 -0
  1046. data/spec/unit/util/ldap/manager_spec.rb +102 -118
  1047. data/spec/unit/util/lockfile_spec.rb +2 -1
  1048. data/spec/unit/util/log/destinations_spec.rb +40 -23
  1049. data/spec/unit/util/log_spec.rb +146 -48
  1050. data/spec/unit/util/logging_spec.rb +114 -252
  1051. data/spec/unit/util/metric_spec.rb +1 -0
  1052. data/spec/unit/util/monkey_patches_spec.rb +12 -24
  1053. data/spec/unit/util/multi_match_spec.rb +1 -0
  1054. data/spec/unit/util/network_device/config_spec.rb +1 -0
  1055. data/spec/unit/util/network_device/transport/base_spec.rb +6 -5
  1056. data/spec/unit/util/network_device_spec.rb +9 -7
  1057. data/spec/unit/util/package_spec.rb +1 -0
  1058. data/spec/unit/util/pidlock_spec.rb +14 -86
  1059. data/spec/unit/util/plist_spec.rb +33 -60
  1060. data/spec/unit/util/posix_spec.rb +47 -78
  1061. data/spec/unit/util/profiler/object_counts_spec.rb +2 -1
  1062. data/spec/unit/util/rdoc_spec.rb +10 -9
  1063. data/spec/unit/util/reference_spec.rb +1 -0
  1064. data/spec/unit/util/resource_template_spec.rb +20 -20
  1065. data/spec/unit/util/retry_action_spec.rb +8 -7
  1066. data/spec/unit/util/rubygems_spec.rb +7 -41
  1067. data/spec/unit/util/run_mode_spec.rb +11 -10
  1068. data/spec/unit/util/selinux_spec.rb +73 -84
  1069. data/spec/unit/util/splayer_spec.rb +9 -8
  1070. data/spec/unit/util/ssl_spec.rb +1 -0
  1071. data/spec/unit/util/storage_spec.rb +17 -111
  1072. data/spec/unit/util/suidmanager_spec.rb +58 -47
  1073. data/spec/unit/util/symbolic_file_mode_spec.rb +1 -0
  1074. data/spec/unit/util/tag_set_spec.rb +9 -1
  1075. data/spec/unit/util/tagging_spec.rb +12 -0
  1076. data/spec/unit/util/terminal_spec.rb +10 -9
  1077. data/spec/unit/util/user_attr_spec.rb +2 -1
  1078. data/spec/unit/util/warnings_spec.rb +4 -3
  1079. data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
  1080. data/spec/unit/util/watcher_spec.rb +21 -51
  1081. data/spec/unit/util/windows/access_control_entry_spec.rb +2 -1
  1082. data/spec/unit/util/windows/access_control_list_spec.rb +2 -1
  1083. data/spec/unit/util/windows/adsi_spec.rb +134 -278
  1084. data/spec/unit/util/windows/api_types_spec.rb +42 -105
  1085. data/spec/unit/util/windows/eventlog_spec.rb +13 -10
  1086. data/spec/unit/util/windows/file_spec.rb +1 -0
  1087. data/spec/unit/util/windows/root_certs_spec.rb +1 -0
  1088. data/spec/unit/util/windows/security_descriptor_spec.rb +3 -1
  1089. data/spec/unit/util/windows/service_spec.rb +180 -432
  1090. data/spec/unit/util/windows/sid_spec.rb +17 -15
  1091. data/spec/unit/util/windows/string_spec.rb +2 -1
  1092. data/spec/unit/util/yaml_spec.rb +162 -28
  1093. data/spec/unit/util_spec.rb +74 -119
  1094. data/spec/unit/version_spec.rb +6 -6
  1095. data/tasks/benchmark.rake +5 -1
  1096. data/tasks/ci.rake +0 -5
  1097. data/tasks/manpages.rake +9 -2
  1098. data/tasks/parser.rake +11 -3
  1099. metadata +162 -479
  1100. data/CODEOWNERS +0 -30
  1101. data/ext/rack/config.ru +0 -44
  1102. data/ext/rack/example-passenger-vhost.conf +0 -57
  1103. data/lib/puppet/application/ca.rb +0 -11
  1104. data/lib/puppet/application/certificate.rb +0 -17
  1105. data/lib/puppet/application/certificate_request.rb +0 -7
  1106. data/lib/puppet/application/certificate_revocation_list.rb +0 -7
  1107. data/lib/puppet/application/master.rb +0 -319
  1108. data/lib/puppet/confine/boolean.rb +0 -45
  1109. data/lib/puppet/external/nagios.rb +0 -46
  1110. data/lib/puppet/external/nagios/base.rb +0 -472
  1111. data/lib/puppet/external/nagios/grammar.ry +0 -248
  1112. data/lib/puppet/external/nagios/makefile +0 -9
  1113. data/lib/puppet/external/nagios/parser.rb +0 -400
  1114. data/lib/puppet/face/ca.rb +0 -266
  1115. data/lib/puppet/face/certificate.rb +0 -167
  1116. data/lib/puppet/face/certificate_request.rb +0 -56
  1117. data/lib/puppet/face/certificate_revocation_list.rb +0 -56
  1118. data/lib/puppet/feature/rack.rb +0 -19
  1119. data/lib/puppet/graph/random_prioritizer.rb +0 -16
  1120. data/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
  1121. data/lib/puppet/indirector/certificate/ca.rb +0 -9
  1122. data/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
  1123. data/lib/puppet/indirector/certificate_request/ca.rb +0 -22
  1124. data/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
  1125. data/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
  1126. data/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
  1127. data/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
  1128. data/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -22
  1129. data/lib/puppet/indirector/certificate_status.rb +0 -4
  1130. data/lib/puppet/indirector/certificate_status/file.rb +0 -91
  1131. data/lib/puppet/indirector/certificate_status/rest.rb +0 -11
  1132. data/lib/puppet/indirector/key/ca.rb +0 -16
  1133. data/lib/puppet/indirector/key/disabled_ca.rb +0 -22
  1134. data/lib/puppet/indirector/ldap.rb +0 -86
  1135. data/lib/puppet/indirector/node/ldap.rb +0 -275
  1136. data/lib/puppet/indirector/node/write_only_yaml.rb +0 -39
  1137. data/lib/puppet/module_tool/applications/builder.rb +0 -152
  1138. data/lib/puppet/module_tool/skeleton/templates/generator/Gemfile +0 -18
  1139. data/lib/puppet/module_tool/skeleton/templates/generator/README.md.erb +0 -89
  1140. data/lib/puppet/module_tool/skeleton/templates/generator/Rakefile +0 -32
  1141. data/lib/puppet/module_tool/skeleton/templates/generator/examples/init.pp.erb +0 -12
  1142. data/lib/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +0 -48
  1143. data/lib/puppet/module_tool/skeleton/templates/generator/metadata.json.erb +0 -1
  1144. data/lib/puppet/module_tool/skeleton/templates/generator/spec/classes/init_spec.rb.erb +0 -6
  1145. data/lib/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +0 -1
  1146. data/lib/puppet/network/http/api/ca.rb +0 -2
  1147. data/lib/puppet/network/http/api/ca/v1.rb +0 -11
  1148. data/lib/puppet/network/http/rack.rb +0 -33
  1149. data/lib/puppet/network/http/rack/rest.rb +0 -162
  1150. data/lib/puppet/network/http/webrick.rb +0 -124
  1151. data/lib/puppet/network/http/webrick/rest.rb +0 -114
  1152. data/lib/puppet/network/server.rb +0 -39
  1153. data/lib/puppet/provider/augeas/augeas.rb +0 -767
  1154. data/lib/puppet/provider/cisco.rb +0 -9
  1155. data/lib/puppet/provider/computer/computer.rb +0 -20
  1156. data/lib/puppet/provider/cron/crontab.rb +0 -297
  1157. data/lib/puppet/provider/host/parsed.rb +0 -46
  1158. data/lib/puppet/provider/interface/cisco.rb +0 -27
  1159. data/lib/puppet/provider/macauthorization/macauthorization.rb +0 -298
  1160. data/lib/puppet/provider/mailalias/aliases.rb +0 -50
  1161. data/lib/puppet/provider/maillist/mailman.rb +0 -108
  1162. data/lib/puppet/provider/mcx/mcxcontent.rb +0 -173
  1163. data/lib/puppet/provider/mount.rb +0 -76
  1164. data/lib/puppet/provider/mount/parsed.rb +0 -285
  1165. data/lib/puppet/provider/naginator.rb +0 -63
  1166. data/lib/puppet/provider/package/dnfmodule.rb +0 -141
  1167. data/lib/puppet/provider/package_targetable.rb +0 -69
  1168. data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +0 -590
  1169. data/lib/puppet/provider/selboolean/getsetsebool.rb +0 -47
  1170. data/lib/puppet/provider/selmodule/semodule.rb +0 -157
  1171. data/lib/puppet/provider/ssh_authorized_key/parsed.rb +0 -105
  1172. data/lib/puppet/provider/sshkey/parsed.rb +0 -50
  1173. data/lib/puppet/provider/vlan/cisco.rb +0 -28
  1174. data/lib/puppet/provider/yumrepo/inifile.rb +0 -315
  1175. data/lib/puppet/provider/zfs/zfs.rb +0 -108
  1176. data/lib/puppet/provider/zone/solaris.rb +0 -364
  1177. data/lib/puppet/provider/zpool/zpool.rb +0 -125
  1178. data/lib/puppet/ssl/certificate_authority.rb +0 -554
  1179. data/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
  1180. data/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
  1181. data/lib/puppet/ssl/certificate_revocation_list.rb +0 -111
  1182. data/lib/puppet/ssl/configuration.rb +0 -61
  1183. data/lib/puppet/ssl/inventory.rb +0 -55
  1184. data/lib/puppet/type/augeas.rb +0 -211
  1185. data/lib/puppet/type/computer.rb +0 -66
  1186. data/lib/puppet/type/cron.rb +0 -480
  1187. data/lib/puppet/type/host.rb +0 -95
  1188. data/lib/puppet/type/interface.rb +0 -121
  1189. data/lib/puppet/type/k5login.rb +0 -165
  1190. data/lib/puppet/type/macauthorization.rb +0 -167
  1191. data/lib/puppet/type/mailalias.rb +0 -46
  1192. data/lib/puppet/type/maillist.rb +0 -62
  1193. data/lib/puppet/type/mcx.rb +0 -98
  1194. data/lib/puppet/type/mount.rb +0 -314
  1195. data/lib/puppet/type/nagios_command.rb +0 -3
  1196. data/lib/puppet/type/nagios_contact.rb +0 -3
  1197. data/lib/puppet/type/nagios_contactgroup.rb +0 -3
  1198. data/lib/puppet/type/nagios_host.rb +0 -3
  1199. data/lib/puppet/type/nagios_hostdependency.rb +0 -3
  1200. data/lib/puppet/type/nagios_hostescalation.rb +0 -3
  1201. data/lib/puppet/type/nagios_hostextinfo.rb +0 -3
  1202. data/lib/puppet/type/nagios_hostgroup.rb +0 -3
  1203. data/lib/puppet/type/nagios_service.rb +0 -3
  1204. data/lib/puppet/type/nagios_servicedependency.rb +0 -3
  1205. data/lib/puppet/type/nagios_serviceescalation.rb +0 -3
  1206. data/lib/puppet/type/nagios_serviceextinfo.rb +0 -3
  1207. data/lib/puppet/type/nagios_servicegroup.rb +0 -3
  1208. data/lib/puppet/type/nagios_timeperiod.rb +0 -3
  1209. data/lib/puppet/type/router.rb +0 -17
  1210. data/lib/puppet/type/scheduled_task.rb +0 -183
  1211. data/lib/puppet/type/selboolean.rb +0 -40
  1212. data/lib/puppet/type/selmodule.rb +0 -58
  1213. data/lib/puppet/type/ssh_authorized_key.rb +0 -143
  1214. data/lib/puppet/type/sshkey.rb +0 -83
  1215. data/lib/puppet/type/vlan.rb +0 -26
  1216. data/lib/puppet/type/yumrepo.rb +0 -430
  1217. data/lib/puppet/type/zfs.rb +0 -154
  1218. data/lib/puppet/type/zone.rb +0 -382
  1219. data/lib/puppet/type/zpool.rb +0 -91
  1220. data/lib/puppet/util/methodhelper.rb +0 -32
  1221. data/lib/puppet/util/nagios_maker.rb +0 -85
  1222. data/lib/puppet/util/network_device/cisco.rb +0 -4
  1223. data/lib/puppet/util/network_device/cisco/device.rb +0 -285
  1224. data/lib/puppet/util/network_device/cisco/facts.rb +0 -72
  1225. data/lib/puppet/util/network_device/cisco/interface.rb +0 -94
  1226. data/lib/puppet/util/network_device/ipcalc.rb +0 -68
  1227. data/lib/puppet/util/network_device/transport/ssh.rb +0 -126
  1228. data/lib/puppet/util/network_device/transport/telnet.rb +0 -47
  1229. data/lib/puppet/util/windows/taskscheduler.rb +0 -1267
  1230. data/lib/puppet/vendor/load_semantic.rb +0 -1
  1231. data/lib/puppet/vendor/load_semantic_puppet.rb +0 -1
  1232. data/lib/puppet/vendor/semantic/lib/semantic.rb +0 -5
  1233. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet.rb +0 -11
  1234. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency.rb +0 -181
  1235. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph.rb +0 -60
  1236. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph_node.rb +0 -117
  1237. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/module_release.rb +0 -58
  1238. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/source.rb +0 -25
  1239. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/unsatisfiable_graph.rb +0 -31
  1240. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/gem_version.rb +0 -3
  1241. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version.rb +0 -203
  1242. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version_range.rb +0 -758
  1243. data/lib/puppet/vendor/semantic_puppet/locales/config.yaml +0 -21
  1244. data/man/man8/puppet-ca.8 +0 -196
  1245. data/man/man8/puppet-cert.8 +0 -118
  1246. data/man/man8/puppet-certificate.8 +0 -240
  1247. data/man/man8/puppet-certificate_request.8 +0 -161
  1248. data/man/man8/puppet-certificate_revocation_list.8 +0 -139
  1249. data/man/man8/puppet-master.8 +0 -85
  1250. data/spec/fixtures/integration/provider/cron/crontab/create_normal_entry +0 -19
  1251. data/spec/fixtures/integration/provider/cron/crontab/create_special_entry +0 -18
  1252. data/spec/fixtures/integration/provider/cron/crontab/crontab_user1 +0 -15
  1253. data/spec/fixtures/integration/provider/cron/crontab/crontab_user2 +0 -4
  1254. data/spec/fixtures/integration/provider/cron/crontab/modify_entry +0 -13
  1255. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input1 +0 -15
  1256. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input2 +0 -6
  1257. data/spec/fixtures/integration/provider/cron/crontab/purged +0 -8
  1258. data/spec/fixtures/integration/provider/cron/crontab/remove_named_resource +0 -12
  1259. data/spec/fixtures/integration/provider/cron/crontab/remove_unnamed_resource +0 -14
  1260. data/spec/fixtures/integration/provider/cron/crontab/unspecialized +0 -15
  1261. data/spec/fixtures/integration/provider/mailalias/aliases/test1 +0 -32
  1262. data/spec/fixtures/integration/provider/sshkey/sample +0 -21
  1263. data/spec/fixtures/unit/provider/augeas/augeas/augeas/lenses/test.aug +0 -13
  1264. data/spec/fixtures/unit/provider/augeas/augeas/etc/fstab +0 -10
  1265. data/spec/fixtures/unit/provider/augeas/augeas/etc/hosts +0 -6
  1266. data/spec/fixtures/unit/provider/augeas/augeas/etc/test +0 -3
  1267. data/spec/fixtures/unit/provider/augeas/augeas/test.aug +0 -13
  1268. data/spec/fixtures/unit/provider/host/parsed/valid_hosts +0 -19
  1269. data/spec/fixtures/unit/provider/mount/mount-output.aix.txt +0 -7
  1270. data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +0 -152
  1271. data/spec/fixtures/unit/provider/mount/parsed/aix.mount +0 -11
  1272. data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +0 -6
  1273. data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +0 -9
  1274. data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +0 -4
  1275. data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +0 -17
  1276. data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +0 -12
  1277. data/spec/fixtures/unit/provider/mount/parsed/linux.mount +0 -6
  1278. data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +0 -10
  1279. data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +0 -9
  1280. data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +0 -5
  1281. data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +0 -5
  1282. data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +0 -11
  1283. data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +0 -6
  1284. data/spec/fixtures/unit/provider/naginator/define_empty_param +0 -6
  1285. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +0 -19
  1286. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +0 -9
  1287. data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +0 -6
  1288. data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +0 -13
  1289. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +0 -7
  1290. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +0 -3
  1291. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +0 -1
  1292. data/spec/fixtures/unit/provider/sshkey/parsed/sample +0 -21
  1293. data/spec/fixtures/unit/provider/sshkey/parsed/sample_with_blank_lines +0 -8
  1294. data/spec/fixtures/unit/provider/zfs/zfs/zfs-list.out +0 -2
  1295. data/spec/fixtures/unit/provider/zpool/zpool/zpool-list.out +0 -2
  1296. data/spec/integration/faces/ca_spec.rb +0 -353
  1297. data/spec/integration/indirector/node/ldap_spec.rb +0 -13
  1298. data/spec/integration/network/http_pool_spec.rb +0 -120
  1299. data/spec/integration/provider/cron/crontab_spec.rb +0 -240
  1300. data/spec/integration/provider/file/windows_spec.rb +0 -162
  1301. data/spec/integration/provider/mailalias/aliases_spec.rb +0 -9
  1302. data/spec/integration/provider/mount_spec.rb +0 -163
  1303. data/spec/integration/provider/ssh_authorized_key_spec.rb +0 -217
  1304. data/spec/integration/provider/sshkey_spec.rb +0 -153
  1305. data/spec/integration/provider/yumrepo_spec.rb +0 -126
  1306. data/spec/integration/ssl/autosign_spec.rb +0 -145
  1307. data/spec/integration/ssl/certificate_authority_spec.rb +0 -161
  1308. data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -33
  1309. data/spec/integration/transaction_spec.rb +0 -553
  1310. data/spec/integration/type/nagios_spec.rb +0 -69
  1311. data/spec/integration/type/notify_spec.rb +0 -46
  1312. data/spec/integration/type/user_spec.rb +0 -63
  1313. data/spec/lib/puppet_spec/https.rb +0 -166
  1314. data/spec/unit/application/cert_spec.rb +0 -272
  1315. data/spec/unit/application/certificate_spec.rb +0 -21
  1316. data/spec/unit/application/master_spec.rb +0 -414
  1317. data/spec/unit/face/ca_spec.rb +0 -9
  1318. data/spec/unit/face/certificate_request_spec.rb +0 -9
  1319. data/spec/unit/face/certificate_revocation_list_spec.rb +0 -9
  1320. data/spec/unit/face/certificate_spec.rb +0 -228
  1321. data/spec/unit/face/module/build_spec.rb +0 -69
  1322. data/spec/unit/graph/title_hash_prioritizer_spec.rb +0 -50
  1323. data/spec/unit/indirector/certificate/ca_spec.rb +0 -21
  1324. data/spec/unit/indirector/certificate/disabled_ca_spec.rb +0 -32
  1325. data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -56
  1326. data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +0 -32
  1327. data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +0 -15
  1328. data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +0 -32
  1329. data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +0 -16
  1330. data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +0 -33
  1331. data/spec/unit/indirector/certificate_status/file_spec.rb +0 -190
  1332. data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -17
  1333. data/spec/unit/indirector/code_spec.rb +0 -30
  1334. data/spec/unit/indirector/key/ca_spec.rb +0 -22
  1335. data/spec/unit/indirector/key/disabled_ca_spec.rb +0 -32
  1336. data/spec/unit/indirector/ldap_spec.rb +0 -151
  1337. data/spec/unit/indirector/node/ldap_spec.rb +0 -463
  1338. data/spec/unit/indirector/node/write_only_yaml_spec.rb +0 -11
  1339. data/spec/unit/module_tool/applications/builder_spec.rb +0 -439
  1340. data/spec/unit/network/http/api/ca/v1_spec.rb +0 -26
  1341. data/spec/unit/network/http/rack/rest_spec.rb +0 -322
  1342. data/spec/unit/network/http/rack_spec.rb +0 -42
  1343. data/spec/unit/network/http/webrick/rest_spec.rb +0 -230
  1344. data/spec/unit/network/http/webrick_spec.rb +0 -277
  1345. data/spec/unit/network/server_spec.rb +0 -94
  1346. data/spec/unit/provider/augeas/augeas_spec.rb +0 -1096
  1347. data/spec/unit/provider/cisco_spec.rb +0 -14
  1348. data/spec/unit/provider/cron/crontab_spec.rb +0 -206
  1349. data/spec/unit/provider/cron/parsed_spec.rb +0 -355
  1350. data/spec/unit/provider/host/parsed_spec.rb +0 -219
  1351. data/spec/unit/provider/interface/cisco_spec.rb +0 -53
  1352. data/spec/unit/provider/macauthorization_spec.rb +0 -134
  1353. data/spec/unit/provider/mcx/mcxcontent_spec.rb +0 -190
  1354. data/spec/unit/provider/mount/parsed_spec.rb +0 -318
  1355. data/spec/unit/provider/mount_spec.rb +0 -169
  1356. data/spec/unit/provider/naginator_spec.rb +0 -78
  1357. data/spec/unit/provider/network_device_spec.rb +0 -152
  1358. data/spec/unit/provider/package/dnfmodule_spec.rb +0 -247
  1359. data/spec/unit/provider/package_targetable_spec.rb +0 -60
  1360. data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +0 -2050
  1361. data/spec/unit/provider/selboolean_spec.rb +0 -34
  1362. data/spec/unit/provider/selmodule-example.pp +0 -0
  1363. data/spec/unit/provider/selmodule_spec.rb +0 -154
  1364. data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -259
  1365. data/spec/unit/provider/sshkey/parsed_spec.rb +0 -92
  1366. data/spec/unit/provider/vlan/cisco_spec.rb +0 -53
  1367. data/spec/unit/provider/yumrepo/inifile_spec.rb +0 -413
  1368. data/spec/unit/provider/zfs/zfs_spec.rb +0 -171
  1369. data/spec/unit/provider/zone/solaris_spec.rb +0 -261
  1370. data/spec/unit/provider/zpool/zpool_spec.rb +0 -250
  1371. data/spec/unit/settings/server_list_setting_spec.rb +0 -21
  1372. data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +0 -29
  1373. data/spec/unit/ssl/certificate_authority/interface_spec.rb +0 -563
  1374. data/spec/unit/ssl/certificate_authority_spec.rb +0 -1165
  1375. data/spec/unit/ssl/certificate_revocation_list_spec.rb +0 -196
  1376. data/spec/unit/ssl/configuration_spec.rb +0 -138
  1377. data/spec/unit/ssl/inventory_spec.rb +0 -155
  1378. data/spec/unit/test/test_helper_spec.rb +0 -17
  1379. data/spec/unit/type/augeas_spec.rb +0 -120
  1380. data/spec/unit/type/computer_spec.rb +0 -77
  1381. data/spec/unit/type/cron_spec.rb +0 -539
  1382. data/spec/unit/type/host_spec.rb +0 -680
  1383. data/spec/unit/type/interface_spec.rb +0 -128
  1384. data/spec/unit/type/k5login_spec.rb +0 -204
  1385. data/spec/unit/type/macauthorization_spec.rb +0 -111
  1386. data/spec/unit/type/mailalias_spec.rb +0 -48
  1387. data/spec/unit/type/maillist_spec.rb +0 -38
  1388. data/spec/unit/type/mcx_spec.rb +0 -75
  1389. data/spec/unit/type/mount_spec.rb +0 -622
  1390. data/spec/unit/type/nagios_spec.rb +0 -312
  1391. data/spec/unit/type/scheduled_task_spec.rb +0 -117
  1392. data/spec/unit/type/selboolean_spec.rb +0 -41
  1393. data/spec/unit/type/selmodule_spec.rb +0 -16
  1394. data/spec/unit/type/ssh_authorized_key_spec.rb +0 -228
  1395. data/spec/unit/type/sshkey_spec.rb +0 -75
  1396. data/spec/unit/type/vlan_spec.rb +0 -42
  1397. data/spec/unit/type/yumrepo_spec.rb +0 -476
  1398. data/spec/unit/type/zfs_spec.rb +0 -45
  1399. data/spec/unit/type/zone_spec.rb +0 -182
  1400. data/spec/unit/type/zpool_spec.rb +0 -108
  1401. data/spec/unit/util/nagios_maker_spec.rb +0 -121
  1402. data/spec/unit/util/network_device/cisco/device_spec.rb +0 -491
  1403. data/spec/unit/util/network_device/cisco/facts_spec.rb +0 -63
  1404. data/spec/unit/util/network_device/cisco/interface_spec.rb +0 -97
  1405. data/spec/unit/util/network_device/ipcalc_spec.rb +0 -61
  1406. data/spec/unit/util/network_device/transport/ssh_spec.rb +0 -252
  1407. data/spec/unit/util/network_device/transport/telnet_spec.rb +0 -90
@@ -1,1165 +0,0 @@
1
- # encoding: ASCII-8BIT
2
- require 'spec_helper'
3
-
4
- require 'puppet/ssl/certificate_authority'
5
-
6
- describe Puppet::SSL::CertificateAuthority do
7
- after do
8
- Puppet::SSL::CertificateAuthority.instance_variable_set(:@singleton_instance, nil)
9
- end
10
-
11
- def stub_ca_host
12
- @key = double('key')
13
- allow(@key).to receive(:content).and_return("cakey")
14
- @cacert = double('certificate')
15
- allow(@cacert).to receive(:content).and_return("cacertificate")
16
-
17
- @host = double('ssl_host', :key => @key, :certificate => @cacert, :name => Puppet::SSL::Host.ca_name)
18
- end
19
-
20
- it "should have a class method for returning a singleton instance" do
21
- expect(Puppet::SSL::CertificateAuthority).to respond_to(:instance)
22
- end
23
-
24
- describe "when finding an existing instance" do
25
- describe "and the host is a CA host and the run_mode is master" do
26
- before do
27
- Puppet[:ca] = true
28
- allow(Puppet.run_mode).to receive(:master?).and_return(true)
29
-
30
- @ca = double('ca')
31
- allow(Puppet::SSL::CertificateAuthority).to receive(:new).and_return(@ca)
32
- end
33
-
34
- it "should return an instance" do
35
- expect(Puppet::SSL::CertificateAuthority.instance).to equal(@ca)
36
- end
37
-
38
- it "should always return the same instance" do
39
- expect(Puppet::SSL::CertificateAuthority.instance).to equal(Puppet::SSL::CertificateAuthority.instance)
40
- end
41
- end
42
-
43
- describe "and the host is not a CA host" do
44
- it "should return nil" do
45
- Puppet[:ca] = false
46
- allow(Puppet.run_mode).to receive(:master?).and_return(true)
47
-
48
- expect(Puppet::SSL::CertificateAuthority).not_to receive(:new)
49
- expect(Puppet::SSL::CertificateAuthority.instance).to be_nil
50
- end
51
- end
52
-
53
- describe "and the run_mode is not master" do
54
- it "should return nil" do
55
- Puppet[:ca] = true
56
- allow(Puppet.run_mode).to receive(:master?).and_return(false)
57
-
58
- expect(Puppet::SSL::CertificateAuthority).not_to receive(:new)
59
- expect(Puppet::SSL::CertificateAuthority.instance).to be_nil
60
- end
61
- end
62
- end
63
-
64
- describe "when initializing" do
65
- before do
66
- allow(Puppet.settings).to receive(:use)
67
-
68
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
69
- end
70
-
71
- it "should always set its name to the value of :certname" do
72
- Puppet[:certname] = "ca_testing"
73
-
74
- expect(Puppet::SSL::CertificateAuthority.new.name).to eq("ca_testing")
75
- end
76
-
77
- it "should create an SSL::Host instance whose name is the 'ca_name'" do
78
- expect(Puppet::SSL::Host).to receive(:ca_name).and_return("caname")
79
-
80
- host = double('host')
81
- expect(Puppet::SSL::Host).to receive(:new).with("caname").and_return(host)
82
-
83
- Puppet::SSL::CertificateAuthority.new
84
- end
85
-
86
- it "should use the :main, :ca, and :ssl settings sections" do
87
- expect(Puppet.settings).to receive(:use).with(:main, :ssl, :ca)
88
- Puppet::SSL::CertificateAuthority.new
89
- end
90
-
91
- it "should make sure the CA is set up" do
92
- expect_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
93
-
94
- Puppet::SSL::CertificateAuthority.new
95
- end
96
- end
97
-
98
- describe "when setting itself up" do
99
- it "should generate the CA certificate if it does not have one" do
100
- allow(Puppet.settings).to receive(:use)
101
-
102
- host = double('host')
103
- allow(Puppet::SSL::Host).to receive(:new).and_return(host)
104
-
105
- expect(host).to receive(:certificate).and_return(nil)
106
-
107
- expect_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:generate_ca_certificate)
108
- Puppet::SSL::CertificateAuthority.new
109
- end
110
- end
111
-
112
- describe "when retrieving the certificate revocation list" do
113
- before do
114
- allow(Puppet.settings).to receive(:use)
115
- Puppet[:cacrl] = "/my/crl"
116
-
117
- cert = double("certificate", :content => "real_cert")
118
- key = double("key", :content => "real_key")
119
- @host = double('host', :certificate => cert, :name => "hostname", :key => key)
120
-
121
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
122
- @ca = Puppet::SSL::CertificateAuthority.new
123
-
124
- allow(@ca).to receive(:host).and_return(@host)
125
- end
126
-
127
- it "should return any found CRL instance" do
128
- crl = double('crl')
129
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(crl)
130
- expect(@ca.crl).to equal(crl)
131
- end
132
-
133
- it "should create, generate, and save a new CRL instance of no CRL can be found" do
134
- crl = Puppet::SSL::CertificateRevocationList.new("fakename")
135
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(nil)
136
-
137
- expect(Puppet::SSL::CertificateRevocationList).to receive(:new).and_return(crl)
138
-
139
- expect(crl).to receive(:generate).with(@ca.host.certificate.content, @ca.host.key.content)
140
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:save).with(crl)
141
-
142
- expect(@ca.crl).to equal(crl)
143
- end
144
- end
145
-
146
- describe "when generating a self-signed CA certificate" do
147
- before do
148
- allow(Puppet.settings).to receive(:use)
149
-
150
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
151
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:crl)
152
- @ca = Puppet::SSL::CertificateAuthority.new
153
-
154
- @host = double('host', :key => double("key"), :name => "hostname", :certificate => double('certificate'))
155
-
156
- allow_any_instance_of(Puppet::SSL::CertificateRequest).to receive(:generate)
157
-
158
- allow(@ca).to receive(:host).and_return(@host)
159
- end
160
-
161
- it "should create and store a password at :capass" do
162
- Puppet[:capass] = File.expand_path("/path/to/pass")
163
-
164
- expect(Puppet::FileSystem).to receive(:exist?).with(Puppet[:capass]).and_return(false)
165
-
166
- fh = StringIO.new
167
- expect(Puppet.settings.setting(:capass)).to receive(:open).with('w:ASCII').and_yield(fh)
168
-
169
- allow(@ca).to receive(:sign)
170
-
171
- @ca.generate_ca_certificate
172
-
173
- expect(fh.string.length).to be > 18
174
- end
175
-
176
- it "should generate a key if one does not exist" do
177
- allow(@ca).to receive(:generate_password)
178
- allow(@ca).to receive(:sign)
179
-
180
- expect(@ca.host).to receive(:key).and_return(nil)
181
- expect(@ca.host).to receive(:generate_key)
182
-
183
- @ca.generate_ca_certificate
184
- end
185
-
186
- it "should create and sign a self-signed cert using the CA name" do
187
- request = double('request')
188
- expect(Puppet::SSL::CertificateRequest).to receive(:new).with(@ca.host.name).and_return(request)
189
- expect(request).to receive(:generate).with(@ca.host.key)
190
- allow(request).to receive(:request_extensions).and_return([])
191
-
192
- expect(@ca).to receive(:sign).with(
193
- @host.name,
194
- {
195
- allow_dns_alt_names: false,
196
- self_signing_csr: request
197
- }
198
- )
199
-
200
- allow(@ca).to receive(:generate_password)
201
-
202
- @ca.generate_ca_certificate
203
- end
204
-
205
- it "should generate its CRL" do
206
- allow(@ca).to receive(:generate_password)
207
- allow(@ca).to receive(:sign)
208
-
209
- expect(@ca.host).to receive(:key).and_return(nil)
210
- expect(@ca.host).to receive(:generate_key)
211
-
212
- expect(@ca).to receive(:crl)
213
-
214
- @ca.generate_ca_certificate
215
- end
216
- end
217
-
218
- describe "when signing" do
219
- before do
220
- allow(Puppet.settings).to receive(:use)
221
-
222
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:password?).and_return(true)
223
-
224
- stub_ca_host
225
-
226
- expect(Puppet::SSL::Host).to receive(:new).with(Puppet::SSL::Host.ca_name).and_return(@host)
227
-
228
- @ca = Puppet::SSL::CertificateAuthority.new
229
-
230
- @name = "myhost"
231
- @real_cert = double('realcert', :sign => nil)
232
- @cert = Puppet::SSL::Certificate.new(@name)
233
- @cert.content = @real_cert
234
-
235
- allow(Puppet::SSL::Certificate).to receive(:new).and_return(@cert)
236
-
237
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
238
-
239
- # Stub out the factory
240
- allow(Puppet::SSL::CertificateFactory).to receive(:build).and_return(@cert.content)
241
-
242
- @request_content = double("request content stub", :subject => OpenSSL::X509::Name.new([['CN', @name]]), :public_key => double('public_key'))
243
- @request = double('request', :name => @name, :request_extensions => [], :subject_alt_names => [], :content => @request_content)
244
- allow(@request_content).to receive(:verify).and_return(true)
245
-
246
- # And the inventory
247
- @inventory = double('inventory', :add => nil)
248
- allow(@ca).to receive(:inventory).and_return(@inventory)
249
-
250
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy)
251
- end
252
-
253
- describe "its own certificate" do
254
- before do
255
- @serial = 10
256
- allow(@ca).to receive(:next_serial).and_return(@serial)
257
- end
258
-
259
- it "should not look up a certificate request for the host" do
260
- expect(Puppet::SSL::CertificateRequest.indirection).not_to receive(:find)
261
-
262
- @ca.sign(@name, {allow_dns_alt_names: true,
263
- self_signing_csr: @request})
264
- end
265
-
266
- it "should use a certificate type of :ca" do
267
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(:ca, any_args).and_return(@cert.content)
268
- @ca.sign(@name, {allow_dns_alt_names: true,
269
- self_signing_csr: @request})
270
- end
271
-
272
- it "should pass the provided CSR as the CSR" do
273
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, @request, any_args).and_return(@cert.content)
274
- @ca.sign(@name, {allow_dns_alt_names: true,
275
- self_signing_csr: @request})
276
- end
277
-
278
- it "should use the provided CSR's content as the issuer" do
279
- expect(Puppet::SSL::CertificateFactory).to receive(:build) do |*args|
280
- expect(args[2].subject.to_s).to eq("/CN=myhost")
281
- end.and_return(@cert.content)
282
- @ca.sign(@name, {allow_dns_alt_names: true,
283
- self_signing_csr: @request})
284
- end
285
-
286
- it "should pass the next serial as the serial number" do
287
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, anything, @serial).and_return(@cert.content)
288
- @ca.sign(@name, {allow_dns_alt_names: true,
289
- self_signing_csr: @request})
290
- end
291
-
292
- it "should sign the certificate request even if it contains alt names" do
293
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
294
-
295
- expect do
296
- @ca.sign(@name, {allow_dns_alt_names: false,
297
- self_signing_csr: @request})
298
- end.not_to raise_error
299
- end
300
-
301
- it "should save the resulting certificate" do
302
- expect(Puppet::SSL::Certificate.indirection).to receive(:save).with(@cert)
303
-
304
- @ca.sign(@name, {allow_dns_alt_names: true,
305
- self_signing_csr: @request})
306
- end
307
- end
308
-
309
- describe "another host's certificate" do
310
- before do
311
- @serial = 10
312
- allow(@ca).to receive(:next_serial).and_return(@serial)
313
-
314
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
315
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:save)
316
- end
317
-
318
- it "should use a certificate type of :server" do
319
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(:server, any_args).and_return(@cert.content)
320
-
321
- @ca.sign(@name)
322
- end
323
-
324
- it "should use look up a CSR for the host in the :ca_file terminus" do
325
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
326
-
327
- @ca.sign(@name)
328
- end
329
-
330
- it "should fail if no CSR can be found for the host" do
331
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(nil)
332
-
333
- expect { @ca.sign(@name) }.to raise_error(ArgumentError)
334
- end
335
-
336
- it "should fail if an unknown request extension is present" do
337
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "bananas",
338
- "value" => "delicious" }])
339
- expect {
340
- @ca.sign(@name)
341
- }.to raise_error(/CSR has request extensions that are not permitted/)
342
- end
343
-
344
- it "should reject auth extensions" do
345
- allow(@request).to receive(:request_extensions).and_return([{"oid" => "1.3.6.1.4.1.34380.1.3.1",
346
- "value" => "true"},
347
- {"oid" => "1.3.6.1.4.1.34380.1.3.13",
348
- "value" => "com"}])
349
-
350
- expect {
351
- @ca.sign(@name)
352
- }.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError,
353
- /CSR '#{@name}' contains authorization extensions (.*?, .*?).*/)
354
- end
355
-
356
- it "should not fail if the CSR contains auth extensions and they're allowed" do
357
- allow(@request).to receive(:request_extensions).and_return([{"oid" => "1.3.6.1.4.1.34380.1.3.1",
358
- "value" => "true"},
359
- {"oid" => "1.3.6.1.4.1.34380.1.3.13",
360
- "value" => "com"}])
361
- expect { @ca.sign(@name, {allow_authorization_extensions: true})}.to_not raise_error
362
- end
363
-
364
- it "should fail if the CSR contains alt names and they are not expected" do
365
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
366
-
367
- expect do
368
- @ca.sign(@name, {allow_dns_alt_names: false})
369
- end.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError, /CSR '#{@name}' contains subject alternative names \(.*?\), which are disallowed. Use `puppet cert --allow-dns-alt-names sign #{@name}` to sign this request./)
370
- end
371
-
372
- it "should not fail if the CSR does not contain alt names and they are expected" do
373
- allow(@request).to receive(:subject_alt_names).and_return([])
374
- expect { @ca.sign(@name, {allow_dns_alt_names: true}) }.to_not raise_error
375
- end
376
-
377
- it "should reject alt names by default" do
378
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
379
-
380
- expect do
381
- @ca.sign(@name)
382
- end.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError, /CSR '#{@name}' contains subject alternative names \(.*?\), which are disallowed. Use `puppet cert --allow-dns-alt-names sign #{@name}` to sign this request./)
383
- end
384
-
385
- it "should use the CA certificate as the issuer" do
386
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, @cacert.content, any_args).and_return(@cert.content)
387
- @ca.sign(@name)
388
- end
389
-
390
- it "should pass the next serial as the serial number" do
391
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, anything, @serial).and_return(@cert.content)
392
- @ca.sign(@name)
393
- end
394
-
395
- it "should sign the resulting certificate using its real key and a digest" do
396
- digest = double('digest')
397
- expect(OpenSSL::Digest::SHA256).to receive(:new).and_return(digest)
398
-
399
- key = double('key', :content => "real_key")
400
- allow(@ca.host).to receive(:key).and_return(key)
401
-
402
- expect(@cert.content).to receive(:sign).with("real_key", digest)
403
- @ca.sign(@name)
404
- end
405
-
406
- it "should save the resulting certificate" do
407
- allow(Puppet::SSL::Certificate.indirection).to receive(:save).with(@cert)
408
- @ca.sign(@name)
409
- end
410
-
411
- it "should remove the host's certificate request" do
412
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy).with(@name)
413
-
414
- @ca.sign(@name)
415
- end
416
-
417
- it "should check the internal signing policies" do
418
- expect(@ca).to receive(:check_internal_signing_policies).and_return(true)
419
- @ca.sign(@name)
420
- end
421
- end
422
-
423
- context "#check_internal_signing_policies" do
424
- before do
425
- @serial = 10
426
- allow(@ca).to receive(:next_serial).and_return(@serial)
427
-
428
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
429
- allow(@cert).to receive(:save)
430
- end
431
-
432
- it "should reject CSRs whose CN doesn't match the name for which we're signing them" do
433
- # Shorten this so the test doesn't take too long
434
- Puppet[:keylength] = 1024
435
- key = Puppet::SSL::Key.new('the_certname')
436
- key.generate
437
-
438
- csr = Puppet::SSL::CertificateRequest.new('the_certname')
439
- csr.generate(key)
440
-
441
- expect do
442
- @ca.check_internal_signing_policies('not_the_certname', csr)
443
- end.to raise_error(
444
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
445
- /common name "the_certname" does not match expected certname "not_the_certname"/
446
- )
447
- end
448
-
449
- describe "when validating the CN" do
450
- before :all do
451
- Puppet[:keylength] = 1024
452
- Puppet[:passfile] = '/f00'
453
- @signing_key = Puppet::SSL::Key.new('my_signing_key')
454
- @signing_key.generate
455
- end
456
-
457
- [
458
- 'completely_okay',
459
- 'sure, why not? :)',
460
- 'so+many(things)-are=allowed.',
461
- 'this"is#just&madness%you[see]',
462
- 'and even a (an?) \\!',
463
- 'waltz, nymph, for quick jigs vex bud.',
464
- '{552c04ca-bb1b-11e1-874b-60334b04494e}'
465
- ].each do |name|
466
- it "should accept #{name.inspect}" do
467
- csr = Puppet::SSL::CertificateRequest.new(name)
468
- csr.generate(@signing_key)
469
-
470
- @ca.check_internal_signing_policies(name, csr)
471
- end
472
- end
473
-
474
- [
475
- 'super/bad',
476
- "not\neven\tkind\rof",
477
- "ding\adong\a",
478
- "hidden\b\b\b\b\b\bmessage",
479
- "\xE2\x98\x83 :("
480
- ].each do |name|
481
- it "should reject #{name.inspect}" do
482
- # We aren't even allowed to make objects with these names, so let's
483
- # stub that to simulate an invalid one coming from outside Puppet
484
- allow(Puppet::SSL::CertificateRequest).to receive(:validate_certname)
485
- csr = Puppet::SSL::CertificateRequest.new(name)
486
- csr.generate(@signing_key)
487
-
488
- expect do
489
- @ca.check_internal_signing_policies(name, csr)
490
- end.to raise_error(
491
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
492
- /subject contains unprintable or non-ASCII characters/
493
- )
494
- end
495
- end
496
- end
497
-
498
- it "accepts numeric OIDs under the ppRegCertExt subtree" do
499
- exts = [{ 'oid' => '1.3.6.1.4.1.34380.1.1.1',
500
- 'value' => '657e4780-4cf5-11e3-8f96-0800200c9a66'}]
501
-
502
- allow(@request).to receive(:request_extensions).and_return(exts)
503
-
504
- expect {
505
- @ca.check_internal_signing_policies(@name, @request)
506
- }.to_not raise_error
507
- end
508
-
509
- it "accepts short name OIDs under the ppRegCertExt subtree" do
510
- exts = [{ 'oid' => 'pp_uuid',
511
- 'value' => '657e4780-4cf5-11e3-8f96-0800200c9a66'}]
512
-
513
- allow(@request).to receive(:request_extensions).and_return(exts)
514
-
515
- expect {
516
- @ca.check_internal_signing_policies(@name, @request)
517
- }.to_not raise_error
518
- end
519
-
520
- it "accepts OIDs under the ppPrivCertAttrs subtree" do
521
- exts = [{ 'oid' => '1.3.6.1.4.1.34380.1.2.1',
522
- 'value' => 'private extension'}]
523
-
524
- allow(@request).to receive(:request_extensions).and_return(exts)
525
-
526
- expect {
527
- @ca.check_internal_signing_policies(@name, @request)
528
- }.to_not raise_error
529
- end
530
-
531
-
532
- it "should reject a critical extension that isn't on the whitelist" do
533
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "banana",
534
- "value" => "yumm",
535
- "critical" => true }])
536
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
537
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
538
- /request extensions that are not permitted/
539
- )
540
- end
541
-
542
- it "should reject a non-critical extension that isn't on the whitelist" do
543
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "peach",
544
- "value" => "meh",
545
- "critical" => false }])
546
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
547
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
548
- /request extensions that are not permitted/
549
- )
550
- end
551
-
552
- it "should reject non-whitelist extensions even if a valid extension is present" do
553
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "peach",
554
- "value" => "meh",
555
- "critical" => false },
556
- { "oid" => "subjectAltName",
557
- "value" => "DNS:foo",
558
- "critical" => true }])
559
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
560
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
561
- /request extensions that are not permitted/
562
- )
563
- end
564
-
565
- it "should reject a subjectAltName for a non-DNS value" do
566
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo', 'email:bar@example.com'])
567
- expect {
568
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: true})
569
- }.to raise_error(
570
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
571
- /subjectAltName outside the DNS label space/
572
- )
573
- end
574
-
575
- it "should allow a subjectAltName if subject matches CA's certname" do
576
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo'])
577
- Puppet[:certname] = @name
578
-
579
- expect {
580
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: false})
581
- }.to_not raise_error
582
- end
583
-
584
- it "should reject a wildcard subject" do
585
- allow(@request.content).to receive(:subject).
586
- and_return(OpenSSL::X509::Name.new([["CN", "*.local"]]))
587
-
588
- expect { @ca.check_internal_signing_policies('*.local', @request) }.to raise_error(
589
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
590
- /subject contains a wildcard/
591
- )
592
- end
593
-
594
- it "should reject a wildcard subjectAltName" do
595
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo', 'DNS:*.bar'])
596
- expect {
597
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: true})
598
- }.to raise_error(
599
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
600
- /subjectAltName contains a wildcard/
601
- )
602
- end
603
- end
604
-
605
- it "should create a certificate instance with the content set to the newly signed x509 certificate" do
606
- @serial = 10
607
- allow(@ca).to receive(:next_serial).and_return(@serial)
608
-
609
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
610
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
611
- expect(Puppet::SSL::Certificate).to receive(:new).with(@name).and_return(@cert)
612
-
613
- @ca.sign(@name)
614
- end
615
-
616
- it "should return the certificate instance" do
617
- allow(@ca).to receive(:next_serial).and_return(@serial)
618
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
619
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
620
- expect(@ca.sign(@name)).to equal(@cert)
621
- end
622
-
623
- it "should add the certificate to its inventory" do
624
- allow(@ca).to receive(:next_serial).and_return(@serial)
625
- expect(@inventory).to receive(:add).with(@cert)
626
-
627
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
628
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
629
- @ca.sign(@name)
630
- end
631
-
632
- it "should have a method for triggering autosigning of available CSRs" do
633
- expect(@ca).to respond_to(:autosign)
634
- end
635
-
636
- describe "when autosigning certificates" do
637
- let(:csr) { Puppet::SSL::CertificateRequest.new("host") }
638
-
639
- describe "using the autosign setting" do
640
- let(:autosign) { File.expand_path("/auto/sign") }
641
-
642
- it "should do nothing if autosign is disabled" do
643
- Puppet[:autosign] = false
644
-
645
- expect(@ca).not_to receive(:sign)
646
- @ca.autosign(csr)
647
- end
648
-
649
- it "should do nothing if no autosign.conf exists" do
650
- Puppet[:autosign] = autosign
651
- non_existent_file = Puppet::FileSystem::MemoryFile.a_missing_file(autosign)
652
- Puppet::FileSystem.overlay(non_existent_file) do
653
- expect(@ca).not_to receive(:sign)
654
- @ca.autosign(csr)
655
- end
656
- end
657
-
658
- describe "and autosign is enabled and the autosign.conf file exists" do
659
- let(:store) { double('store', :allow => nil, :allowed? => false) }
660
-
661
- before do
662
- Puppet[:autosign] = autosign
663
- end
664
-
665
- describe "when creating the AuthStore instance to verify autosigning" do
666
- it "should create an AuthStore with each line in the configuration file allowed to be autosigned" do
667
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\ntwo\n")) do
668
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
669
-
670
- expect(store).to receive(:allow).with("one")
671
- expect(store).to receive(:allow).with("two")
672
-
673
- @ca.autosign(csr)
674
- end
675
- end
676
-
677
- it "should reparse the autosign configuration on each call" do
678
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one")) do
679
- allow(Puppet::Network::AuthStore).to receive(:new).twice.and_return(store)
680
-
681
- @ca.autosign(csr)
682
- @ca.autosign(csr)
683
- end
684
- end
685
-
686
- it "should ignore comments" do
687
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\n#two\n")) do
688
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
689
-
690
- expect(store).to receive(:allow).with("one")
691
-
692
- @ca.autosign(csr)
693
- end
694
- end
695
-
696
- it "should ignore blank lines" do
697
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\n\n")) do
698
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
699
-
700
- expect(store).to receive(:allow).with("one")
701
- @ca.autosign(csr)
702
- end
703
- end
704
- end
705
- end
706
- end
707
-
708
- describe "using the autosign command setting" do
709
- let(:cmd) { File.expand_path('/autosign_cmd') }
710
- let(:autosign_cmd) { double('autosign_command') }
711
- let(:autosign_executable) { Puppet::FileSystem::MemoryFile.an_executable(cmd) }
712
-
713
- before do
714
- Puppet[:autosign] = cmd
715
-
716
- allow(Puppet::SSL::CertificateAuthority::AutosignCommand).to receive(:new).and_return(autosign_cmd)
717
- end
718
-
719
- it "autosigns the CSR if the autosign command returned true" do
720
- Puppet::FileSystem.overlay(autosign_executable) do
721
- expect(autosign_cmd).to receive(:allowed?).with(csr).and_return(true)
722
-
723
- expect(@ca).to receive(:sign).with('host')
724
- @ca.autosign(csr)
725
- end
726
- end
727
-
728
- it "doesn't autosign the CSR if the autosign_command returned false" do
729
- Puppet::FileSystem.overlay(autosign_executable) do
730
- expect(autosign_cmd).to receive(:allowed?).with(csr).and_return(false)
731
-
732
- expect(@ca).not_to receive(:sign)
733
- @ca.autosign(csr)
734
- end
735
- end
736
- end
737
- end
738
- end
739
-
740
- describe "when managing certificate clients" do
741
- before do
742
- allow(Puppet.settings).to receive(:use)
743
-
744
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:password?).and_return(true)
745
-
746
- stub_ca_host
747
-
748
- expect(Puppet::SSL::Host).to receive(:new).and_return(@host)
749
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:host).and_return(@host)
750
-
751
- @cacert = double('certificate')
752
- allow(@cacert).to receive(:content).and_return("cacertificate")
753
- @ca = Puppet::SSL::CertificateAuthority.new
754
- end
755
-
756
- it "should be able to list waiting certificate requests" do
757
- req1 = double('req1', :name => "one")
758
- req2 = double('req2', :name => "two")
759
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:search).with("*").and_return([req1, req2])
760
-
761
- expect(@ca.waiting?).to eq(%w{one two})
762
- end
763
-
764
- it "should delegate removing hosts to the Host class" do
765
- expect(Puppet::SSL::Host).to receive(:destroy).with("myhost")
766
-
767
- @ca.destroy("myhost")
768
- end
769
-
770
- it "should be able to verify certificates" do
771
- expect(@ca).to respond_to(:verify)
772
- end
773
-
774
- it "should list certificates as the sorted list of all existing signed certificates" do
775
- cert1 = double('cert1', :name => "cert1")
776
- cert2 = double('cert2', :name => "cert2")
777
- expect(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([cert1, cert2])
778
- expect(@ca.list).to eq(%w{cert1 cert2})
779
- end
780
-
781
- it "should list the full certificates" do
782
- cert1 = double('cert1', :name => "cert1")
783
- cert2 = double('cert2', :name => "cert2")
784
- expect(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([cert1, cert2])
785
- expect(@ca.list_certificates).to eq([cert1, cert2])
786
- end
787
-
788
- it "should print a deprecation when using #list_certificates" do
789
- allow(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([:foo, :bar])
790
- expect(Puppet).to receive(:deprecation_warning).with(/list_certificates is deprecated/)
791
- @ca.list_certificates
792
- end
793
-
794
- describe "and printing certificates" do
795
- it "should return nil if the certificate cannot be found" do
796
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
797
- expect(@ca.print("myhost")).to be_nil
798
- end
799
-
800
- it "should print certificates by calling :to_text on the host's certificate" do
801
- cert1 = double('cert1', :name => "cert1", :to_text => "mytext")
802
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(cert1)
803
- expect(@ca.print("myhost")).to eq("mytext")
804
- end
805
- end
806
-
807
- describe "and fingerprinting certificates" do
808
- before :each do
809
- @cert = double('cert', :name => "cert", :fingerprint => "DIGEST")
810
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(@cert)
811
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost")
812
- end
813
-
814
- it "should raise an error if the certificate or CSR cannot be found" do
815
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
816
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost").and_return(nil)
817
- expect { @ca.fingerprint("myhost") }.to raise_error(ArgumentError, /Could not find a certificate/)
818
- end
819
-
820
- it "should try to find a CSR if no certificate can be found" do
821
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
822
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost").and_return(@cert)
823
- expect(@cert).to receive(:fingerprint)
824
- @ca.fingerprint("myhost")
825
- end
826
-
827
- it "should delegate to the certificate fingerprinting" do
828
- expect(@cert).to receive(:fingerprint)
829
- @ca.fingerprint("myhost")
830
- end
831
-
832
- it "should propagate the digest algorithm to the certificate fingerprinting system" do
833
- expect(@cert).to receive(:fingerprint).with(:digest)
834
- @ca.fingerprint("myhost", :digest)
835
- end
836
- end
837
-
838
- describe "and verifying certificates" do
839
- let(:cacert) { File.expand_path("/ca/cert") }
840
-
841
- before do
842
- @store = double('store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true, :flags= => nil)
843
-
844
- allow(OpenSSL::X509::Store).to receive(:new).and_return(@store)
845
-
846
- @cert = double('cert', :content => "mycert")
847
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).and_return(@cert)
848
-
849
- @crl = double('crl', :content => "mycrl")
850
-
851
- allow(@ca).to receive(:crl).and_return(@crl)
852
- end
853
-
854
- it "should fail if the host's certificate cannot be found" do
855
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("me").and_return(nil)
856
-
857
- expect { @ca.verify("me") }.to raise_error(ArgumentError)
858
- end
859
-
860
- it "should create an SSL Store to verify" do
861
- expect(OpenSSL::X509::Store).to receive(:new).and_return(@store)
862
-
863
- @ca.verify("me")
864
- end
865
-
866
- it "should add the CA Certificate to the store" do
867
- Puppet[:cacert] = cacert
868
- expect(@store).to receive(:add_file).with(cacert)
869
-
870
- @ca.verify("me")
871
- end
872
-
873
- it "should add the CRL to the store if the crl is enabled" do
874
- expect(@store).to receive(:add_crl).with("mycrl")
875
-
876
- @ca.verify("me")
877
- end
878
-
879
- it "should set the store purpose to OpenSSL::X509::PURPOSE_ANY" do
880
- expect(@store).to receive(:purpose=).with OpenSSL::X509::PURPOSE_ANY
881
-
882
- @ca.verify("me")
883
- end
884
-
885
- it "should set the store flags to check the crl" do
886
- expect(@store).to receive(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL | OpenSSL::X509::V_FLAG_CRL_CHECK)
887
-
888
- @ca.verify("me")
889
- end
890
-
891
- it "should use the store to verify the certificate" do
892
- expect(@cert).to receive(:content).and_return("mycert")
893
-
894
- expect(@store).to receive(:verify).with("mycert").and_return(true)
895
-
896
- @ca.verify("me")
897
- end
898
-
899
- it "should fail if the verification returns false" do
900
- expect(@cert).to receive(:content).and_return("mycert")
901
-
902
- expect(@store).to receive(:verify).with("mycert").and_return(false)
903
- expect(@store).to receive(:error)
904
- expect(@store).to receive(:error_string)
905
-
906
- expect { @ca.verify("me") }.to raise_error(Puppet::SSL::CertificateAuthority::CertificateVerificationError)
907
- end
908
-
909
- describe "certificate_is_alive?" do
910
- it "should return false if verification fails" do
911
- expect(@cert).to receive(:content).and_return("mycert")
912
-
913
- expect(@store).to receive(:verify).with("mycert").and_return(false)
914
-
915
- expect(@ca.certificate_is_alive?(@cert)).to be_falsey
916
- end
917
-
918
- it "should return true if verification passes" do
919
- expect(@cert).to receive(:content).and_return("mycert")
920
-
921
- expect(@store).to receive(:verify).with("mycert").and_return(true)
922
-
923
- expect(@ca.certificate_is_alive?(@cert)).to be_truthy
924
- end
925
-
926
- it "should use a cached instance of the x509 store" do
927
- allow(OpenSSL::X509::Store).to receive(:new).and_return(@store).once
928
-
929
- expect(@cert).to receive(:content).and_return("mycert")
930
-
931
- expect(@store).to receive(:verify).with("mycert").and_return(true)
932
-
933
- @ca.certificate_is_alive?(@cert)
934
- @ca.certificate_is_alive?(@cert)
935
- end
936
-
937
- it "should be deprecated" do
938
- expect(Puppet).to receive(:deprecation_warning).with(/certificate_is_alive\? is deprecated/)
939
- @ca.certificate_is_alive?(@cert)
940
- end
941
- end
942
- end
943
-
944
- describe "and revoking certificates" do
945
- before do
946
- @crl = double('crl')
947
- allow(@ca).to receive(:crl).and_return(@crl)
948
-
949
- allow(@ca).to receive(:next_serial).and_return(10)
950
-
951
- @real_cert = double('real_cert', :serial => 15)
952
- @cert = double('cert', :content => @real_cert)
953
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).and_return(@cert)
954
- end
955
-
956
- it "should fail if the certificate revocation list is disabled" do
957
- allow(@ca).to receive(:crl).and_return(false)
958
-
959
- expect { @ca.revoke('ca_testing') }.to raise_error(ArgumentError)
960
-
961
- end
962
-
963
- it "should delegate the revocation to its CRL" do
964
- expect(@ca.crl).to receive(:revoke)
965
-
966
- @ca.revoke('host')
967
- end
968
-
969
- it "should get the serial number from the local certificate if it exists" do
970
- expect(@ca.crl).to receive(:revoke).with(15, anything)
971
-
972
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(@cert)
973
-
974
- @ca.revoke('host')
975
- end
976
-
977
- it "should get the serial number from inventory if no local certificate exists" do
978
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
979
-
980
- expect(@ca.inventory).to receive(:serials).with("host").and_return([16])
981
-
982
- expect(@ca.crl).to receive(:revoke).with(16, anything)
983
- @ca.revoke('host')
984
- end
985
-
986
- it "should revoke all serials matching a name" do
987
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
988
-
989
- expect(@ca.inventory).to receive(:serials).with("host").and_return([16, 20, 25])
990
-
991
- expect(@ca.crl).to receive(:revoke).with(16, anything)
992
- expect(@ca.crl).to receive(:revoke).with(20, anything)
993
- expect(@ca.crl).to receive(:revoke).with(25, anything)
994
- @ca.revoke('host')
995
- end
996
-
997
- it "should raise an error if no certificate match" do
998
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
999
-
1000
- expect(@ca.inventory).to receive(:serials).with("host").and_return([])
1001
-
1002
- expect(@ca.crl).not_to receive(:revoke)
1003
- expect { @ca.revoke('host') }.to raise_error(ArgumentError, /Could not find a serial number for host/)
1004
- end
1005
-
1006
- context "revocation by serial number (#16798)" do
1007
- it "revokes when given a lower case hexadecimal formatted string" do
1008
- expect(@ca.crl).to receive(:revoke).with(15, anything)
1009
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("0xf").and_return(nil)
1010
-
1011
- @ca.revoke('0xf')
1012
- end
1013
-
1014
- it "revokes when given an upper case hexadecimal formatted string" do
1015
- expect(@ca.crl).to receive(:revoke).with(15, anything)
1016
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("0xF").and_return(nil)
1017
-
1018
- @ca.revoke('0xF')
1019
- end
1020
-
1021
- it "handles very large serial numbers" do
1022
- bighex = '0x4000000000000000000000000000000000000000'
1023
- bighex_int = 365375409332725729550921208179070754913983135744
1024
-
1025
- expect(@ca.crl).to receive(:revoke).with(bighex_int, anything)
1026
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(bighex).and_return(nil)
1027
-
1028
- @ca.revoke(bighex)
1029
- end
1030
- end
1031
- end
1032
-
1033
- it "should be able to generate a complete new SSL host" do
1034
- expect(@ca).to respond_to(:generate)
1035
- end
1036
- end
1037
- end
1038
-
1039
- require 'puppet/indirector/memory'
1040
-
1041
- module CertificateAuthorityGenerateSpecs
1042
- describe "CertificateAuthority.generate" do
1043
- def expect_to_increment_serial_file
1044
- expect(Puppet.settings.setting(:serial)).to receive(:exclusive_open)
1045
- end
1046
-
1047
- def expect_to_sign_a_cert
1048
- expect_to_increment_serial_file
1049
- end
1050
-
1051
- def expect_to_write_the_ca_password
1052
- expect(Puppet.settings.setting(:capass)).to receive(:open).with('w:ASCII')
1053
- end
1054
-
1055
- def expect_ca_initialization
1056
- expect_to_write_the_ca_password
1057
- expect_to_sign_a_cert
1058
- end
1059
-
1060
- INDIRECTED_CLASSES = [
1061
- Puppet::SSL::Certificate,
1062
- Puppet::SSL::CertificateRequest,
1063
- Puppet::SSL::CertificateRevocationList,
1064
- Puppet::SSL::Key,
1065
- ]
1066
-
1067
- INDIRECTED_CLASSES.each do |const|
1068
- class const::Memory < Puppet::Indirector::Memory
1069
-
1070
- # @return Array of all the indirector's values
1071
- #
1072
- # This mirrors Puppet::Indirector::SslFile#search which returns all files
1073
- # in the directory.
1074
- def search(request)
1075
- return @instances.values
1076
- end
1077
- end
1078
- end
1079
-
1080
- before do
1081
- allow(Puppet::SSL::Inventory).to receive(:new).and_return(double("Inventory", :add => nil))
1082
- INDIRECTED_CLASSES.each { |const| const.indirection.terminus_class = :memory }
1083
- end
1084
-
1085
- after do
1086
- INDIRECTED_CLASSES.each do |const|
1087
- const.indirection.terminus_class = :file
1088
- const.indirection.termini.clear
1089
- end
1090
- end
1091
-
1092
- describe "when generating certificates" do
1093
- let(:ca) { Puppet::SSL::CertificateAuthority.new }
1094
-
1095
- before do
1096
- expect_ca_initialization
1097
- end
1098
-
1099
- it "should fail if a certificate already exists for the host" do
1100
- cert = Puppet::SSL::Certificate.new('pre.existing')
1101
- Puppet::SSL::Certificate.indirection.save(cert)
1102
- expect { ca.generate(cert.name) }.to raise_error(ArgumentError, /a certificate already exists/i)
1103
- end
1104
-
1105
- describe "that do not yet exist" do
1106
- let(:cn) { "new.host" }
1107
-
1108
- def expect_cert_does_not_exist(cn)
1109
- expect( Puppet::SSL::Certificate.indirection.find(cn) ).to be_nil
1110
- end
1111
-
1112
- before do
1113
- expect_to_sign_a_cert
1114
- expect_cert_does_not_exist(cn)
1115
- end
1116
-
1117
- it "should return the created certificate" do
1118
- cert = ca.generate(cn)
1119
- expect( cert ).to be_kind_of(Puppet::SSL::Certificate)
1120
- expect( cert.name ).to eq(cn)
1121
- end
1122
-
1123
- it "should not have any subject_alt_names by default" do
1124
- cert = ca.generate(cn)
1125
- expect( cert.subject_alt_names ).to be_empty
1126
- end
1127
-
1128
- it "should have subject_alt_names if passed dns_alt_names" do
1129
- cert = ca.generate(cn, :dns_alt_names => 'foo,bar')
1130
- expect( cert.subject_alt_names ).to match_array(["DNS:#{cn}",'DNS:foo','DNS:bar'])
1131
- end
1132
-
1133
- context "if autosign is false" do
1134
- before do
1135
- Puppet[:autosign] = false
1136
- end
1137
-
1138
- it "should still generate and explicitly sign the request" do
1139
- cert = nil
1140
- cert = ca.generate(cn)
1141
- expect(cert.name).to eq(cn)
1142
- end
1143
- end
1144
-
1145
- context "if autosign is true (Redmine #6112)" do
1146
- def run_mode_must_be_master_for_autosign_to_be_attempted
1147
- allow(Puppet).to receive(:run_mode).and_return(Puppet::Util::RunMode[:master])
1148
- end
1149
-
1150
- before do
1151
- Puppet[:autosign] = true
1152
- run_mode_must_be_master_for_autosign_to_be_attempted
1153
- Puppet::Util::Log.level = :info
1154
- end
1155
-
1156
- it "should generate a cert without attempting to sign again" do
1157
- cert = ca.generate(cn)
1158
- expect(cert.name).to eq(cn)
1159
- expect(@logs.map(&:message)).to include("Autosigning #{cn}")
1160
- end
1161
- end
1162
- end
1163
- end
1164
- end
1165
- end