puppet 5.5.22-x86-mingw32 → 6.0.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (1407) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +46 -72
  3. data/Gemfile.lock +86 -102
  4. data/MAINTAINERS +47 -0
  5. data/Rakefile +15 -19
  6. data/ext/build_defaults.yaml +0 -1
  7. data/ext/cert_inspector +3 -3
  8. data/ext/debian/copyright +0 -22
  9. data/ext/project_data.yaml +8 -10
  10. data/ext/puppet-test +2 -2
  11. data/ext/redhat/puppet.spec.erb +0 -4
  12. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  13. data/ext/solaris/smf/puppet.xml +0 -2
  14. data/ext/solaris/smf/svc-puppetd +1 -8
  15. data/ext/solaris/smf/svc-puppetmasterd +1 -8
  16. data/ext/windows/eventlog/Rakefile +32 -0
  17. data/ext/windows/eventlog/puppetres.dll +0 -0
  18. data/ext/windows/eventlog/puppetres.mc +18 -0
  19. data/ext/windows/service/daemon.rb +8 -54
  20. data/install.rb +24 -6
  21. data/lib/hiera/scope.rb +0 -7
  22. data/lib/puppet.rb +10 -21
  23. data/lib/puppet/agent.rb +13 -5
  24. data/lib/puppet/application.rb +10 -8
  25. data/lib/puppet/application/agent.rb +3 -21
  26. data/lib/puppet/application/apply.rb +22 -12
  27. data/lib/puppet/application/cert.rb +25 -180
  28. data/lib/puppet/application/describe.rb +9 -3
  29. data/lib/puppet/application/device.rb +41 -74
  30. data/lib/puppet/application/doc.rb +5 -3
  31. data/lib/puppet/application/filebucket.rb +1 -23
  32. data/lib/puppet/application/lookup.rb +2 -2
  33. data/lib/puppet/application/resource.rb +4 -4
  34. data/lib/puppet/application/script.rb +3 -3
  35. data/lib/puppet/application/ssl.rb +133 -0
  36. data/lib/puppet/application_support.rb +1 -2
  37. data/lib/puppet/configurer.rb +62 -127
  38. data/lib/puppet/configurer/downloader.rb +17 -34
  39. data/lib/puppet/configurer/fact_handler.rb +5 -1
  40. data/lib/puppet/configurer/plugin_handler.rb +2 -3
  41. data/lib/puppet/confine/false.rb +1 -7
  42. data/lib/puppet/confine/true.rb +1 -7
  43. data/lib/puppet/daemon.rb +2 -2
  44. data/lib/puppet/datatypes.rb +1 -1
  45. data/lib/puppet/defaults.rb +126 -286
  46. data/lib/puppet/environments.rb +2 -7
  47. data/lib/puppet/error.rb +14 -10
  48. data/lib/puppet/etc.rb +4 -25
  49. data/lib/puppet/external/dot.rb +23 -17
  50. data/lib/puppet/face/config.rb +50 -12
  51. data/lib/puppet/face/epp.rb +2 -2
  52. data/lib/puppet/face/facts.rb +1 -1
  53. data/lib/puppet/face/help.rb +21 -7
  54. data/lib/puppet/face/help/global.erb +2 -2
  55. data/lib/puppet/face/module/build.rb +4 -59
  56. data/lib/puppet/face/module/generate.rb +5 -247
  57. data/lib/puppet/face/module/install.rb +0 -4
  58. data/lib/puppet/face/module/list.rb +5 -10
  59. data/lib/puppet/face/module/search.rb +2 -2
  60. data/lib/puppet/face/module/uninstall.rb +1 -5
  61. data/lib/puppet/face/module/upgrade.rb +1 -5
  62. data/lib/puppet/face/node/clean.rb +14 -10
  63. data/lib/puppet/face/plugin.rb +2 -9
  64. data/lib/puppet/feature/base.rb +7 -26
  65. data/lib/puppet/feature/eventlog.rb +1 -1
  66. data/lib/puppet/file_bucket/dipper.rb +1 -1
  67. data/lib/puppet/file_serving/base.rb +7 -7
  68. data/lib/puppet/file_serving/fileset.rb +2 -2
  69. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  70. data/lib/puppet/file_serving/metadata.rb +4 -3
  71. data/lib/puppet/file_serving/mount/locales.rb +2 -1
  72. data/lib/puppet/file_serving/mount/pluginfacts.rb +2 -1
  73. data/lib/puppet/file_serving/mount/plugins.rb +2 -1
  74. data/lib/puppet/file_system.rb +8 -0
  75. data/lib/puppet/file_system/memory_file.rb +1 -1
  76. data/lib/puppet/file_system/posix.rb +2 -3
  77. data/lib/puppet/file_system/uniquefile.rb +0 -4
  78. data/lib/puppet/forge.rb +8 -12
  79. data/lib/puppet/functions.rb +138 -0
  80. data/lib/puppet/functions/abs.rb +61 -0
  81. data/lib/puppet/functions/call.rb +38 -2
  82. data/lib/puppet/functions/camelcase.rb +62 -0
  83. data/lib/puppet/functions/capitalize.rb +61 -0
  84. data/lib/puppet/functions/ceiling.rb +37 -0
  85. data/lib/puppet/functions/chomp.rb +57 -0
  86. data/lib/puppet/functions/chop.rb +67 -0
  87. data/lib/puppet/functions/compare.rb +125 -0
  88. data/lib/puppet/functions/convert_to.rb +3 -2
  89. data/lib/puppet/functions/dig.rb +21 -1
  90. data/lib/puppet/functions/downcase.rb +89 -0
  91. data/lib/puppet/functions/epp.rb +4 -4
  92. data/lib/puppet/functions/eyaml_lookup_key.rb +4 -5
  93. data/lib/puppet/functions/filter.rb +7 -6
  94. data/lib/puppet/functions/floor.rb +37 -0
  95. data/lib/puppet/functions/get.rb +150 -0
  96. data/lib/puppet/functions/getvar.rb +87 -0
  97. data/lib/puppet/functions/inline_epp.rb +5 -5
  98. data/lib/puppet/functions/lstrip.rb +58 -0
  99. data/lib/puppet/functions/max.rb +183 -0
  100. data/lib/puppet/functions/min.rb +182 -0
  101. data/lib/puppet/functions/new.rb +3 -8
  102. data/lib/puppet/functions/reduce.rb +4 -2
  103. data/lib/puppet/functions/reverse_each.rb +1 -1
  104. data/lib/puppet/functions/round.rb +24 -0
  105. data/lib/puppet/functions/rstrip.rb +58 -0
  106. data/lib/puppet/functions/size.rb +15 -0
  107. data/lib/puppet/functions/sort.rb +74 -0
  108. data/lib/puppet/functions/step.rb +1 -1
  109. data/lib/puppet/functions/strip.rb +58 -0
  110. data/lib/puppet/functions/upcase.rb +89 -0
  111. data/lib/puppet/functions/yaml_data.rb +4 -5
  112. data/lib/puppet/gettext/config.rb +1 -1
  113. data/lib/puppet/gettext/module_translations.rb +1 -1
  114. data/lib/puppet/graph.rb +0 -2
  115. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  116. data/lib/puppet/graph/simple_graph.rb +10 -7
  117. data/lib/puppet/indirector/catalog/compiler.rb +0 -8
  118. data/lib/puppet/indirector/catalog/json.rb +14 -3
  119. data/lib/puppet/indirector/catalog/yaml.rb +0 -16
  120. data/lib/puppet/indirector/certificate/file.rb +0 -1
  121. data/lib/puppet/indirector/facts/yaml.rb +4 -2
  122. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  123. data/lib/puppet/indirector/hiera.rb +0 -6
  124. data/lib/puppet/indirector/indirection.rb +8 -12
  125. data/lib/puppet/indirector/key/file.rb +1 -6
  126. data/lib/puppet/indirector/node/exec.rb +1 -3
  127. data/lib/puppet/indirector/node/yaml.rb +0 -6
  128. data/lib/puppet/indirector/request.rb +20 -27
  129. data/lib/puppet/indirector/resource/ral.rb +3 -1
  130. data/lib/puppet/indirector/resource/validator.rb +1 -1
  131. data/lib/puppet/indirector/rest.rb +7 -65
  132. data/lib/puppet/indirector/ssl_file.rb +3 -44
  133. data/lib/puppet/indirector/terminus.rb +1 -1
  134. data/lib/puppet/indirector/yaml.rb +4 -4
  135. data/lib/puppet/info_service/task_information_service.rb +7 -3
  136. data/lib/puppet/interface.rb +2 -3
  137. data/lib/puppet/interface/action.rb +2 -5
  138. data/lib/puppet/interface/face_collection.rb +3 -1
  139. data/lib/puppet/loaders.rb +2 -0
  140. data/lib/puppet/metatype/manager.rb +3 -5
  141. data/lib/puppet/module.rb +5 -31
  142. data/lib/puppet/module/task.rb +208 -30
  143. data/lib/puppet/module_tool.rb +2 -5
  144. data/lib/puppet/module_tool/applications.rb +0 -1
  145. data/lib/puppet/module_tool/applications/application.rb +1 -1
  146. data/lib/puppet/module_tool/applications/installer.rb +7 -8
  147. data/lib/puppet/module_tool/applications/uninstaller.rb +4 -5
  148. data/lib/puppet/module_tool/applications/unpacker.rb +1 -1
  149. data/lib/puppet/module_tool/applications/upgrader.rb +5 -6
  150. data/lib/puppet/module_tool/installed_modules.rb +2 -2
  151. data/lib/puppet/module_tool/local_tarball.rb +3 -3
  152. data/lib/puppet/module_tool/metadata.rb +1 -2
  153. data/lib/puppet/module_tool/shared_behaviors.rb +6 -6
  154. data/lib/puppet/module_tool/tar/mini.rb +2 -12
  155. data/lib/puppet/network/authconfig.rb +0 -13
  156. data/lib/puppet/network/format_support.rb +13 -8
  157. data/lib/puppet/network/formats.rb +93 -2
  158. data/lib/puppet/network/http.rb +0 -2
  159. data/lib/puppet/network/http/api.rb +1 -10
  160. data/lib/puppet/network/http/api/indirected_routes.rb +22 -16
  161. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -3
  162. data/lib/puppet/network/http/connection.rb +14 -57
  163. data/lib/puppet/network/http/factory.rb +13 -7
  164. data/lib/puppet/network/http/handler.rb +59 -27
  165. data/lib/puppet/network/http/pool.rb +1 -7
  166. data/lib/puppet/network/http/site.rb +1 -1
  167. data/lib/puppet/network/resolver.rb +140 -67
  168. data/lib/puppet/node.rb +1 -2
  169. data/lib/puppet/node/environment.rb +5 -30
  170. data/lib/puppet/node/facts.rb +11 -1
  171. data/lib/puppet/parameter.rb +4 -7
  172. data/lib/puppet/parser/ast.rb +5 -9
  173. data/lib/puppet/parser/ast/branch.rb +3 -3
  174. data/lib/puppet/parser/ast/leaf.rb +5 -0
  175. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  176. data/lib/puppet/parser/catalog_compiler.rb +32 -0
  177. data/lib/puppet/parser/compiler.rb +2 -3
  178. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -2
  179. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -2
  180. data/lib/puppet/parser/environment_compiler.rb +0 -3
  181. data/lib/puppet/parser/functions.rb +48 -18
  182. data/lib/puppet/parser/functions/epp.rb +3 -3
  183. data/lib/puppet/parser/functions/filter.rb +1 -1
  184. data/lib/puppet/parser/functions/generate.rb +1 -1
  185. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  186. data/lib/puppet/parser/resource.rb +2 -4
  187. data/lib/puppet/parser/resource/param.rb +12 -11
  188. data/lib/puppet/parser/scope.rb +6 -8
  189. data/lib/puppet/parser/script_compiler.rb +7 -2
  190. data/lib/puppet/pops.rb +1 -0
  191. data/lib/puppet/pops/adaptable.rb +13 -7
  192. data/lib/puppet/pops/adapters.rb +18 -8
  193. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  194. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +4 -4
  195. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  196. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  197. data/lib/puppet/pops/evaluator/compare_operator.rb +3 -1
  198. data/lib/puppet/pops/evaluator/deferred_resolver.rb +127 -0
  199. data/lib/puppet/pops/evaluator/evaluator_impl.rb +17 -2
  200. data/lib/puppet/pops/evaluator/external_syntax_support.rb +2 -3
  201. data/lib/puppet/pops/evaluator/runtime3_converter.rb +23 -4
  202. data/lib/puppet/pops/evaluator/runtime3_support.rb +7 -8
  203. data/lib/puppet/pops/functions/dispatch.rb +6 -0
  204. data/lib/puppet/pops/issues.rb +9 -10
  205. data/lib/puppet/pops/loader/loader.rb +1 -1
  206. data/lib/puppet/pops/loader/loader_paths.rb +5 -3
  207. data/lib/puppet/pops/loader/module_loaders.rb +47 -21
  208. data/lib/puppet/pops/loader/null_loader.rb +60 -0
  209. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +54 -0
  210. data/lib/puppet/pops/loader/static_loader.rb +0 -36
  211. data/lib/puppet/pops/loader/task_instantiator.rb +72 -44
  212. data/lib/puppet/pops/loaders.rb +21 -33
  213. data/lib/puppet/pops/lookup/hiera_config.rb +1 -2
  214. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  215. data/lib/puppet/pops/merge_strategy.rb +18 -22
  216. data/lib/puppet/pops/model/ast.pp +16 -0
  217. data/lib/puppet/pops/model/ast.rb +94 -0
  218. data/lib/puppet/pops/model/factory.rb +17 -38
  219. data/lib/puppet/pops/model/model_label_provider.rb +8 -1
  220. data/lib/puppet/pops/parser/egrammar.ra +14 -3
  221. data/lib/puppet/pops/parser/eparser.rb +1537 -1492
  222. data/lib/puppet/pops/parser/epp_support.rb +6 -2
  223. data/lib/puppet/pops/parser/heredoc_support.rb +8 -17
  224. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  225. data/lib/puppet/pops/parser/lexer2.rb +2 -7
  226. data/lib/puppet/pops/parser/locator.rb +87 -107
  227. data/lib/puppet/pops/parser/parser_support.rb +2 -11
  228. data/lib/puppet/pops/parser/pn_parser.rb +16 -17
  229. data/lib/puppet/pops/pcore.rb +19 -8
  230. data/lib/puppet/pops/puppet_stack.rb +48 -51
  231. data/lib/puppet/pops/resource/resource_type_impl.rb +0 -2
  232. data/lib/puppet/pops/serialization.rb +3 -2
  233. data/lib/puppet/pops/serialization/from_data_converter.rb +4 -3
  234. data/lib/puppet/pops/serialization/to_data_converter.rb +3 -3
  235. data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
  236. data/lib/puppet/pops/types/iterable.rb +8 -34
  237. data/lib/puppet/pops/types/p_binary_type.rb +1 -2
  238. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  239. data/lib/puppet/pops/types/p_object_type.rb +3 -0
  240. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  241. data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
  242. data/lib/puppet/pops/types/p_type_set_type.rb +0 -4
  243. data/lib/puppet/pops/types/string_converter.rb +12 -21
  244. data/lib/puppet/pops/types/type_calculator.rb +0 -24
  245. data/lib/puppet/pops/types/type_factory.rb +17 -0
  246. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  247. data/lib/puppet/pops/types/types.rb +7 -32
  248. data/lib/puppet/pops/validation/checker4_0.rb +23 -33
  249. data/lib/puppet/pops/validation/tasks_checker.rb +47 -6
  250. data/lib/puppet/pops/validation/validator_factory_4_0.rb +7 -10
  251. data/lib/puppet/property.rb +1 -1
  252. data/lib/puppet/property/ensure.rb +1 -1
  253. data/lib/puppet/provider.rb +14 -2
  254. data/lib/puppet/provider/exec.rb +58 -59
  255. data/lib/puppet/provider/file/posix.rb +0 -5
  256. data/lib/puppet/provider/file/windows.rb +2 -50
  257. data/lib/puppet/provider/group/aix.rb +2 -18
  258. data/lib/puppet/provider/group/groupadd.rb +19 -19
  259. data/lib/puppet/provider/group/windows_adsi.rb +4 -11
  260. data/lib/puppet/provider/nameservice.rb +28 -11
  261. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  262. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  263. data/lib/puppet/provider/package.rb +0 -2
  264. data/lib/puppet/provider/package/aix.rb +2 -17
  265. data/lib/puppet/provider/package/apt.rb +3 -14
  266. data/lib/puppet/provider/package/dnf.rb +3 -3
  267. data/lib/puppet/provider/package/dpkg.rb +7 -18
  268. data/lib/puppet/provider/package/fink.rb +3 -20
  269. data/lib/puppet/provider/package/gem.rb +43 -105
  270. data/lib/puppet/provider/package/openbsd.rb +2 -14
  271. data/lib/puppet/provider/package/pip.rb +108 -160
  272. data/lib/puppet/provider/package/pip3.rb +1 -1
  273. data/lib/puppet/provider/package/pkg.rb +5 -18
  274. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  275. data/lib/puppet/provider/package/pkgng.rb +4 -16
  276. data/lib/puppet/provider/package/portage.rb +6 -6
  277. data/lib/puppet/provider/package/puppet_gem.rb +2 -7
  278. data/lib/puppet/provider/package/rpm.rb +33 -82
  279. data/lib/puppet/provider/package/windows.rb +2 -6
  280. data/lib/puppet/provider/package/windows/exe_package.rb +10 -16
  281. data/lib/puppet/provider/package/windows/msi_package.rb +0 -8
  282. data/lib/puppet/provider/package/windows/package.rb +2 -10
  283. data/lib/puppet/provider/package/yum.rb +25 -37
  284. data/lib/puppet/provider/package/zypper.rb +0 -1
  285. data/lib/puppet/provider/parsedfile.rb +5 -26
  286. data/lib/puppet/provider/service/base.rb +1 -1
  287. data/lib/puppet/provider/service/daemontools.rb +9 -9
  288. data/lib/puppet/provider/service/debian.rb +1 -0
  289. data/lib/puppet/provider/service/launchd.rb +8 -39
  290. data/lib/puppet/provider/service/openbsd.rb +1 -1
  291. data/lib/puppet/provider/service/rcng.rb +2 -2
  292. data/lib/puppet/provider/service/runit.rb +8 -2
  293. data/lib/puppet/provider/service/smf.rb +0 -54
  294. data/lib/puppet/provider/service/systemd.rb +24 -35
  295. data/lib/puppet/provider/service/upstart.rb +1 -3
  296. data/lib/puppet/provider/service/windows.rb +3 -23
  297. data/lib/puppet/provider/user/aix.rb +2 -48
  298. data/lib/puppet/provider/user/directoryservice.rb +8 -45
  299. data/lib/puppet/provider/user/hpux.rb +1 -1
  300. data/lib/puppet/provider/user/pw.rb +3 -12
  301. data/lib/puppet/provider/user/user_role_add.rb +1 -5
  302. data/lib/puppet/provider/user/useradd.rb +44 -74
  303. data/lib/puppet/provider/user/windows_adsi.rb +0 -7
  304. data/lib/puppet/reference/indirection.rb +2 -2
  305. data/lib/puppet/reference/metaparameter.rb +3 -1
  306. data/lib/puppet/reference/providers.rb +1 -1
  307. data/lib/puppet/reference/type.rb +9 -3
  308. data/lib/puppet/reports.rb +3 -3
  309. data/lib/puppet/resource.rb +22 -22
  310. data/lib/puppet/resource/catalog.rb +8 -14
  311. data/lib/puppet/resource/type.rb +1 -10
  312. data/lib/puppet/rest/client.rb +83 -0
  313. data/lib/puppet/rest/errors.rb +14 -0
  314. data/lib/puppet/rest/response.rb +34 -0
  315. data/lib/puppet/rest/route.rb +84 -0
  316. data/lib/puppet/rest/routes.rb +154 -0
  317. data/lib/puppet/rest/ssl_context.rb +13 -0
  318. data/lib/puppet/settings.rb +9 -54
  319. data/lib/puppet/settings/config_file.rb +1 -2
  320. data/lib/puppet/settings/environment_conf.rb +0 -1
  321. data/lib/puppet/settings/file_setting.rb +1 -1
  322. data/lib/puppet/settings/server_list_setting.rb +0 -9
  323. data/lib/puppet/ssl.rb +0 -1
  324. data/lib/puppet/ssl/base.rb +1 -9
  325. data/lib/puppet/ssl/certificate.rb +7 -4
  326. data/lib/puppet/ssl/certificate_request.rb +6 -14
  327. data/lib/puppet/ssl/certificate_request_attributes.rb +1 -1
  328. data/lib/puppet/ssl/host.rb +400 -174
  329. data/lib/puppet/ssl/key.rb +1 -5
  330. data/lib/puppet/ssl/oids.rb +3 -3
  331. data/lib/puppet/ssl/validator/default_validator.rb +33 -49
  332. data/lib/puppet/test/test_helper.rb +12 -18
  333. data/lib/puppet/transaction.rb +7 -12
  334. data/lib/puppet/transaction/event.rb +37 -14
  335. data/lib/puppet/transaction/event_manager.rb +3 -11
  336. data/lib/puppet/transaction/persistence.rb +1 -1
  337. data/lib/puppet/transaction/report.rb +1 -1
  338. data/lib/puppet/transaction/resource_harness.rb +2 -5
  339. data/lib/puppet/type.rb +7 -10
  340. data/lib/puppet/type/exec.rb +16 -50
  341. data/lib/puppet/type/file.rb +7 -16
  342. data/lib/puppet/type/file/content.rb +2 -3
  343. data/lib/puppet/type/file/data_sync.rb +1 -5
  344. data/lib/puppet/type/file/mode.rb +2 -7
  345. data/lib/puppet/type/file/source.rb +2 -1
  346. data/lib/puppet/type/filebucket.rb +8 -12
  347. data/lib/puppet/type/group.rb +3 -33
  348. data/lib/puppet/type/notify.rb +2 -3
  349. data/lib/puppet/type/package.rb +18 -154
  350. data/lib/puppet/type/resources.rb +2 -12
  351. data/lib/puppet/type/schedule.rb +34 -96
  352. data/lib/puppet/type/service.rb +10 -9
  353. data/lib/puppet/type/tidy.rb +1 -1
  354. data/lib/puppet/type/user.rb +30 -14
  355. data/lib/puppet/util.rb +28 -52
  356. data/lib/puppet/util/autoload.rb +62 -56
  357. data/lib/puppet/util/character_encoding.rb +0 -22
  358. data/lib/puppet/util/classgen.rb +0 -6
  359. data/lib/puppet/util/command_line.rb +4 -7
  360. data/lib/puppet/util/command_line/trollop.rb +1 -1
  361. data/lib/puppet/util/connection.rb +74 -0
  362. data/lib/puppet/util/execution.rb +7 -22
  363. data/lib/puppet/util/feature.rb +63 -41
  364. data/lib/puppet/util/fileparsing.rb +27 -5
  365. data/lib/puppet/util/filetype.rb +8 -56
  366. data/lib/puppet/util/http_proxy.rb +18 -27
  367. data/lib/puppet/util/instance_loader.rb +3 -21
  368. data/lib/puppet/util/json.rb +0 -8
  369. data/lib/puppet/util/ldap/connection.rb +7 -7
  370. data/lib/puppet/util/log.rb +3 -8
  371. data/lib/puppet/util/log/destinations.rb +13 -5
  372. data/lib/puppet/util/logging.rb +19 -31
  373. data/lib/puppet/util/metric.rb +2 -2
  374. data/lib/puppet/util/monkey_patches.rb +1 -1
  375. data/lib/puppet/util/network_device/base.rb +1 -1
  376. data/lib/puppet/util/pidlock.rb +3 -23
  377. data/lib/puppet/util/platform.rb +3 -0
  378. data/lib/puppet/util/plist.rb +0 -6
  379. data/lib/puppet/util/posix.rb +0 -15
  380. data/lib/puppet/util/provider_features.rb +6 -7
  381. data/lib/puppet/util/rdoc.rb +2 -2
  382. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  383. data/lib/puppet/util/reference.rb +8 -7
  384. data/lib/puppet/util/resource_template.rb +1 -1
  385. data/lib/puppet/util/rubygems.rb +1 -13
  386. data/lib/puppet/util/run_mode.rb +1 -1
  387. data/lib/puppet/util/selinux.rb +3 -9
  388. data/lib/puppet/util/ssl.rb +40 -1
  389. data/lib/puppet/util/storage.rb +1 -13
  390. data/lib/puppet/util/suidmanager.rb +7 -5
  391. data/lib/puppet/util/tag_set.rb +1 -1
  392. data/lib/puppet/util/tagging.rb +1 -1
  393. data/lib/puppet/util/windows.rb +15 -0
  394. data/lib/puppet/util/windows/adsi.rb +7 -116
  395. data/lib/puppet/util/windows/api_types.rb +33 -46
  396. data/lib/puppet/util/windows/eventlog.rb +6 -1
  397. data/lib/puppet/util/windows/principal.rb +6 -8
  398. data/lib/puppet/util/windows/process.rb +3 -94
  399. data/lib/puppet/util/windows/registry.rb +14 -46
  400. data/lib/puppet/util/windows/security.rb +2 -40
  401. data/lib/puppet/util/windows/service.rb +72 -431
  402. data/lib/puppet/util/windows/sid.rb +3 -4
  403. data/lib/puppet/util/windows/user.rb +9 -17
  404. data/lib/puppet/util/yaml.rb +41 -5
  405. data/lib/puppet/vendor.rb +1 -1
  406. data/lib/puppet/version.rb +1 -1
  407. data/lib/puppet_pal.rb +246 -23
  408. data/locales/ja/puppet.po +11128 -0
  409. data/locales/puppet.pot +1321 -2527
  410. data/man/man5/puppet.conf.5 +31 -191
  411. data/man/man8/puppet-agent.8 +2 -2
  412. data/man/man8/puppet-apply.8 +1 -1
  413. data/man/man8/puppet-catalog.8 +1 -1
  414. data/man/man8/puppet-config.8 +3 -3
  415. data/man/man8/puppet-describe.8 +1 -1
  416. data/man/man8/puppet-device.8 +19 -23
  417. data/man/man8/puppet-doc.8 +1 -1
  418. data/man/man8/puppet-epp.8 +1 -1
  419. data/man/man8/puppet-facts.8 +1 -1
  420. data/man/man8/puppet-filebucket.8 +2 -21
  421. data/man/man8/puppet-generate.8 +1 -1
  422. data/man/man8/puppet-help.8 +1 -1
  423. data/man/man8/puppet-key.8 +1 -7
  424. data/man/man8/puppet-lookup.8 +1 -1
  425. data/man/man8/puppet-man.8 +1 -1
  426. data/man/man8/puppet-module.8 +10 -100
  427. data/man/man8/puppet-node.8 +4 -7
  428. data/man/man8/puppet-parser.8 +1 -1
  429. data/man/man8/puppet-plugin.8 +1 -1
  430. data/man/man8/puppet-report.8 +1 -1
  431. data/man/man8/puppet-resource.8 +1 -1
  432. data/man/man8/puppet-script.8 +1 -1
  433. data/man/man8/puppet-ssl.8 +28 -0
  434. data/man/man8/puppet-status.8 +1 -1
  435. data/man/man8/puppet.8 +12 -3
  436. data/spec/fixtures/unit/functions/hiera/hiera/backend/hieraspec_backend.rb +22 -0
  437. data/spec/fixtures/unit/functions/lookup/hiera/backend/custom_backend.rb +18 -0
  438. data/spec/fixtures/unit/functions/lookup/hiera/backend/other_backend.rb +7 -0
  439. data/spec/fixtures/unit/pops/loaders/loaders/dependent_modules_with_metadata/modules/user/manifests/init.pp +6 -6
  440. data/spec/fixtures/unit/provider/package/pkgng/pkg.info +0 -1
  441. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +0 -2
  442. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +0 -9
  443. data/spec/integration/agent/logging_spec.rb +9 -7
  444. data/spec/integration/application/apply_spec.rb +31 -26
  445. data/spec/integration/application/doc_spec.rb +2 -1
  446. data/spec/integration/application/lookup_spec.rb +5 -5
  447. data/spec/integration/configurer_spec.rb +8 -76
  448. data/spec/integration/data_binding_spec.rb +1 -1
  449. data/spec/integration/defaults_spec.rb +13 -16
  450. data/spec/integration/directory_environments_spec.rb +1 -1
  451. data/spec/integration/faces/config_spec.rb +4 -3
  452. data/spec/integration/faces/documentation_spec.rb +1 -0
  453. data/spec/integration/faces/plugin_spec.rb +49 -29
  454. data/spec/integration/file_bucket/file_spec.rb +4 -19
  455. data/spec/integration/file_serving/content_spec.rb +1 -0
  456. data/spec/integration/file_serving/fileset_spec.rb +1 -0
  457. data/spec/integration/file_serving/metadata_spec.rb +1 -0
  458. data/spec/integration/file_serving/terminus_helper_spec.rb +1 -0
  459. data/spec/integration/file_system/uniquefile_spec.rb +26 -29
  460. data/spec/integration/indirector/catalog/compiler_spec.rb +11 -10
  461. data/spec/integration/indirector/direct_file_server_spec.rb +1 -1
  462. data/spec/integration/indirector/facts/facter_spec.rb +8 -22
  463. data/spec/integration/indirector/file_content/file_server_spec.rb +8 -7
  464. data/spec/integration/indirector/file_metadata/file_server_spec.rb +8 -7
  465. data/spec/integration/network/authconfig_spec.rb +24 -23
  466. data/spec/integration/network/formats_spec.rb +1 -0
  467. data/spec/integration/network/http/api/indirected_routes_spec.rb +6 -34
  468. data/spec/integration/node/environment_spec.rb +2 -1
  469. data/spec/integration/node/facts_spec.rb +10 -9
  470. data/spec/integration/node_spec.rb +7 -10
  471. data/spec/integration/parser/catalog_spec.rb +8 -6
  472. data/spec/integration/parser/collection_spec.rb +9 -4
  473. data/spec/integration/parser/compiler_spec.rb +7 -25
  474. data/spec/integration/parser/scope_spec.rb +1 -1
  475. data/spec/integration/parser/undef_param_spec.rb +1 -1
  476. data/spec/integration/provider/service/init_spec.rb +9 -6
  477. data/spec/integration/provider/service/systemd_spec.rb +14 -11
  478. data/spec/integration/provider/service/windows_spec.rb +11 -8
  479. data/spec/integration/reference/providers_spec.rb +7 -0
  480. data/spec/integration/reports_spec.rb +2 -1
  481. data/spec/integration/resource/catalog_spec.rb +17 -14
  482. data/spec/integration/resource/type_collection_spec.rb +5 -4
  483. data/spec/integration/ssl/certificate_request_spec.rb +1 -2
  484. data/spec/integration/ssl/host_spec.rb +17 -24
  485. data/spec/integration/ssl/key_spec.rb +7 -2
  486. data/spec/integration/test/test_helper_spec.rb +32 -0
  487. data/spec/integration/transaction/report_spec.rb +14 -9
  488. data/spec/integration/type/exec_spec.rb +2 -1
  489. data/spec/integration/type/file_spec.rb +38 -46
  490. data/spec/integration/type/package_spec.rb +25 -21
  491. data/spec/integration/type/tidy_spec.rb +2 -1
  492. data/spec/integration/type_spec.rb +1 -0
  493. data/spec/integration/util/autoload_spec.rb +11 -7
  494. data/spec/integration/util/execution_spec.rb +5 -32
  495. data/spec/integration/util/rdoc/parser_spec.rb +14 -23
  496. data/spec/integration/util/settings_spec.rb +2 -1
  497. data/spec/integration/util/windows/adsi_spec.rb +8 -11
  498. data/spec/integration/util/windows/principal_spec.rb +2 -1
  499. data/spec/integration/util/windows/process_spec.rb +9 -7
  500. data/spec/integration/util/windows/registry_spec.rb +46 -127
  501. data/spec/integration/util/windows/security_spec.rb +15 -16
  502. data/spec/integration/util/windows/user_spec.rb +29 -66
  503. data/spec/integration/util_spec.rb +10 -7
  504. data/spec/lib/matchers/json.rb +12 -18
  505. data/{lib/puppet/ssl → spec/lib/puppet}/certificate_factory.rb +5 -6
  506. data/spec/lib/puppet/test_ca.rb +109 -0
  507. data/spec/lib/puppet_spec/compiler.rb +28 -1
  508. data/spec/lib/puppet_spec/files.rb +29 -23
  509. data/spec/lib/puppet_spec/module_tool/shared_functions.rb +1 -1
  510. data/spec/lib/puppet_spec/modules.rb +11 -1
  511. data/spec/lib/puppet_spec/scope.rb +2 -1
  512. data/spec/lib/puppet_spec/ssl.rb +265 -0
  513. data/spec/lib/puppet_spec/validators.rb +37 -0
  514. data/spec/shared_behaviours/all_parsedfile_providers.rb +1 -1
  515. data/spec/shared_behaviours/file_server_terminus.rb +9 -8
  516. data/spec/shared_behaviours/file_serving.rb +8 -6
  517. data/spec/shared_behaviours/file_serving_model.rb +5 -22
  518. data/spec/shared_behaviours/hiera_indirections.rb +4 -3
  519. data/spec/shared_behaviours/iterative_functions.rb +1 -0
  520. data/spec/shared_behaviours/memory_terminus.rb +2 -2
  521. data/spec/shared_behaviours/path_parameters.rb +1 -1
  522. data/spec/shared_contexts/types_setup.rb +0 -2
  523. data/spec/shared_examples/rhel_package_provider.rb +70 -112
  524. data/spec/spec_helper.rb +1 -15
  525. data/spec/unit/agent/disabler_spec.rb +5 -4
  526. data/spec/unit/agent/locker_spec.rb +13 -12
  527. data/spec/unit/agent_spec.rb +102 -105
  528. data/spec/unit/application/agent_spec.rb +95 -114
  529. data/spec/unit/application/apply_spec.rb +92 -119
  530. data/spec/unit/application/config_spec.rb +1 -0
  531. data/spec/unit/application/describe_spec.rb +7 -6
  532. data/spec/unit/application/device_spec.rb +180 -181
  533. data/spec/unit/application/doc_spec.rb +46 -44
  534. data/spec/unit/application/face_base_spec.rb +62 -61
  535. data/spec/unit/application/facts_spec.rb +4 -3
  536. data/spec/unit/application/filebucket_spec.rb +74 -66
  537. data/spec/unit/application/indirection_base_spec.rb +6 -8
  538. data/spec/unit/application/lookup_spec.rb +44 -37
  539. data/spec/unit/application/resource_spec.rb +48 -42
  540. data/spec/unit/application/ssl_spec.rb +322 -0
  541. data/spec/unit/application_spec.rb +108 -90
  542. data/spec/unit/capability_spec.rb +15 -16
  543. data/spec/unit/{ssl/certificate_factory_spec.rb → certificate_factory_spec.rb} +13 -20
  544. data/spec/unit/configurer/downloader_spec.rb +22 -31
  545. data/spec/unit/configurer/fact_handler_spec.rb +7 -2
  546. data/spec/unit/configurer/plugin_handler_spec.rb +8 -41
  547. data/spec/unit/configurer_spec.rb +475 -520
  548. data/spec/unit/confine/exists_spec.rb +15 -17
  549. data/spec/unit/confine/false_spec.rb +6 -32
  550. data/spec/unit/confine/feature_spec.rb +5 -7
  551. data/spec/unit/confine/true_spec.rb +6 -32
  552. data/spec/unit/confine/variable_spec.rb +15 -14
  553. data/spec/unit/confine_collection_spec.rb +29 -28
  554. data/spec/unit/confine_spec.rb +14 -13
  555. data/spec/unit/confiner_spec.rb +11 -10
  556. data/spec/unit/context/trusted_information_spec.rb +4 -3
  557. data/spec/unit/daemon_spec.rb +38 -35
  558. data/spec/unit/data_providers/function_data_provider_spec.rb +1 -0
  559. data/spec/unit/data_providers/hiera_data_provider_spec.rb +1 -0
  560. data/spec/unit/datatypes_spec.rb +4 -3
  561. data/spec/unit/defaults_spec.rb +61 -32
  562. data/spec/unit/environments_spec.rb +7 -7
  563. data/spec/unit/etc_spec.rb +29 -52
  564. data/spec/unit/external/pson_spec.rb +1 -0
  565. data/spec/unit/face/catalog_spec.rb +1 -0
  566. data/spec/unit/face/config_spec.rb +35 -31
  567. data/spec/unit/face/epp_face_spec.rb +4 -3
  568. data/spec/unit/face/facts_spec.rb +6 -14
  569. data/spec/unit/face/generate_spec.rb +5 -4
  570. data/spec/unit/face/help_spec.rb +8 -7
  571. data/spec/unit/face/key_spec.rb +1 -0
  572. data/spec/unit/face/man_spec.rb +2 -1
  573. data/spec/unit/face/module/install_spec.rb +5 -3
  574. data/spec/unit/face/module/list_spec.rb +12 -62
  575. data/spec/unit/face/module/search_spec.rb +9 -11
  576. data/spec/unit/face/module/uninstall_spec.rb +8 -4
  577. data/spec/unit/face/node_spec.rb +30 -52
  578. data/spec/unit/face/parser_spec.rb +3 -3
  579. data/spec/unit/face/plugin_spec.rb +9 -44
  580. data/spec/unit/face/status_spec.rb +1 -0
  581. data/spec/unit/file_bucket/dipper_spec.rb +24 -28
  582. data/spec/unit/file_bucket/file_spec.rb +2 -0
  583. data/spec/unit/file_serving/base_spec.rb +18 -20
  584. data/spec/unit/file_serving/configuration/parser_spec.rb +28 -27
  585. data/spec/unit/file_serving/configuration_spec.rb +66 -63
  586. data/spec/unit/file_serving/content_spec.rb +11 -10
  587. data/spec/unit/file_serving/fileset_spec.rb +58 -63
  588. data/spec/unit/file_serving/http_metadata_spec.rb +7 -8
  589. data/spec/unit/file_serving/metadata_spec.rb +40 -40
  590. data/spec/unit/file_serving/mount/file_spec.rb +32 -31
  591. data/spec/unit/file_serving/mount/locales_spec.rb +26 -25
  592. data/spec/unit/file_serving/mount/modules_spec.rb +15 -14
  593. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +26 -25
  594. data/spec/unit/file_serving/mount/plugins_spec.rb +26 -25
  595. data/spec/unit/file_serving/mount/tasks_spec.rb +15 -14
  596. data/spec/unit/file_serving/mount_spec.rb +1 -0
  597. data/spec/unit/file_serving/terminus_helper_spec.rb +42 -37
  598. data/spec/unit/file_serving/terminus_selector_spec.rb +13 -12
  599. data/spec/unit/file_system/path_pattern_spec.rb +1 -1
  600. data/spec/unit/file_system/uniquefile_spec.rb +6 -17
  601. data/spec/unit/file_system_spec.rb +9 -6
  602. data/spec/unit/forge/errors_spec.rb +1 -1
  603. data/spec/unit/forge/forge_spec.rb +16 -15
  604. data/spec/unit/forge/module_release_spec.rb +18 -18
  605. data/spec/unit/forge/repository_spec.rb +30 -27
  606. data/spec/unit/forge_spec.rb +11 -15
  607. data/spec/unit/functions/abs_spec.rb +70 -0
  608. data/spec/unit/functions/binary_file_spec.rb +3 -3
  609. data/spec/unit/functions/call_spec.rb +59 -5
  610. data/spec/unit/functions/camelcase_spec.rb +34 -0
  611. data/spec/unit/functions/capitalize_spec.rb +34 -0
  612. data/spec/unit/functions/ceiling_spec.rb +65 -0
  613. data/spec/unit/functions/chomp_spec.rb +46 -0
  614. data/spec/unit/functions/chop_spec.rb +38 -0
  615. data/spec/unit/functions/compare_spec.rb +147 -0
  616. data/spec/unit/functions/contain_spec.rb +2 -0
  617. data/spec/unit/functions/convert_to_spec.rb +3 -0
  618. data/spec/unit/functions/defined_spec.rb +1 -0
  619. data/spec/unit/functions/downcase_spec.rb +34 -0
  620. data/spec/unit/functions/epp_spec.rb +2 -2
  621. data/spec/unit/functions/filter_spec.rb +4 -4
  622. data/spec/unit/functions/find_file_spec.rb +7 -7
  623. data/spec/unit/functions/floor_spec.rb +65 -0
  624. data/spec/unit/functions/get_spec.rb +135 -0
  625. data/spec/unit/functions/getvar_spec.rb +121 -0
  626. data/spec/unit/functions/hiera_spec.rb +14 -48
  627. data/spec/unit/functions/include_spec.rb +4 -0
  628. data/spec/unit/functions/lookup_fixture_spec.rb +1 -0
  629. data/spec/unit/functions/lookup_spec.rb +37 -62
  630. data/spec/unit/functions/lstrip_spec.rb +30 -0
  631. data/spec/unit/functions/match_spec.rb +3 -4
  632. data/spec/unit/functions/max_spec.rb +129 -0
  633. data/spec/unit/functions/min_spec.rb +129 -0
  634. data/spec/unit/functions/module_directory_spec.rb +12 -12
  635. data/spec/unit/functions/new_spec.rb +0 -15
  636. data/spec/unit/functions/regsubst_spec.rb +3 -4
  637. data/spec/unit/functions/require_spec.rb +3 -0
  638. data/spec/unit/functions/round_spec.rb +41 -0
  639. data/spec/unit/functions/rstrip_spec.rb +30 -0
  640. data/spec/unit/functions/shared.rb +8 -5
  641. data/spec/unit/functions/size_spec.rb +50 -0
  642. data/spec/unit/functions/sort_spec.rb +79 -0
  643. data/spec/unit/functions/split_spec.rb +3 -4
  644. data/spec/unit/functions/strip_spec.rb +30 -0
  645. data/spec/unit/functions/upcase_spec.rb +34 -0
  646. data/spec/unit/functions/versioncmp_spec.rb +4 -4
  647. data/spec/unit/functions4_spec.rb +78 -51
  648. data/spec/unit/gettext/config_spec.rb +4 -4
  649. data/spec/unit/gettext/module_loading_spec.rb +7 -7
  650. data/spec/unit/graph/rb_tree_map_spec.rb +2 -0
  651. data/spec/unit/graph/relationship_graph_spec.rb +2 -1
  652. data/spec/unit/graph/simple_graph_spec.rb +52 -11
  653. data/spec/unit/hiera/scope_spec.rb +0 -7
  654. data/spec/unit/hiera_puppet_spec.rb +20 -20
  655. data/spec/unit/indirector/catalog/compiler_spec.rb +166 -183
  656. data/spec/unit/indirector/catalog/json_spec.rb +2 -1
  657. data/spec/unit/indirector/catalog/msgpack_spec.rb +1 -0
  658. data/spec/unit/indirector/catalog/rest_spec.rb +1 -0
  659. data/spec/unit/indirector/catalog/store_configs_spec.rb +1 -0
  660. data/spec/unit/indirector/catalog/yaml_spec.rb +1 -0
  661. data/spec/unit/indirector/certificate/file_spec.rb +1 -8
  662. data/spec/unit/indirector/certificate/rest_spec.rb +10 -8
  663. data/spec/unit/indirector/certificate_request/file_spec.rb +1 -0
  664. data/spec/unit/indirector/certificate_request/rest_spec.rb +1 -0
  665. data/spec/unit/indirector/direct_file_server_spec.rb +49 -57
  666. data/spec/unit/indirector/envelope_spec.rb +2 -1
  667. data/spec/unit/indirector/exec_spec.rb +31 -26
  668. data/spec/unit/indirector/face_spec.rb +9 -9
  669. data/spec/unit/indirector/facts/facter_spec.rb +43 -37
  670. data/spec/unit/indirector/facts/network_device_spec.rb +9 -8
  671. data/spec/unit/indirector/facts/rest_spec.rb +8 -7
  672. data/spec/unit/indirector/facts/store_configs_spec.rb +1 -0
  673. data/spec/unit/indirector/facts/yaml_spec.rb +90 -77
  674. data/spec/unit/indirector/file_bucket_file/file_spec.rb +13 -9
  675. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +1 -0
  676. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +5 -4
  677. data/spec/unit/indirector/file_content/file_server_spec.rb +1 -0
  678. data/spec/unit/indirector/file_content/file_spec.rb +1 -0
  679. data/spec/unit/indirector/file_content/rest_spec.rb +1 -0
  680. data/spec/unit/indirector/file_content/selector_spec.rb +1 -0
  681. data/spec/unit/indirector/file_metadata/file_server_spec.rb +1 -0
  682. data/spec/unit/indirector/file_metadata/file_spec.rb +13 -12
  683. data/spec/unit/indirector/file_metadata/rest_spec.rb +1 -0
  684. data/spec/unit/indirector/file_metadata/selector_spec.rb +1 -0
  685. data/spec/unit/indirector/file_server_spec.rb +145 -145
  686. data/spec/unit/indirector/indirection_spec.rb +226 -249
  687. data/spec/unit/indirector/json_spec.rb +9 -7
  688. data/spec/unit/indirector/key/file_spec.rb +22 -38
  689. data/spec/unit/indirector/memory_spec.rb +7 -6
  690. data/spec/unit/indirector/msgpack_spec.rb +9 -7
  691. data/spec/unit/indirector/node/exec_spec.rb +43 -22
  692. data/spec/unit/indirector/node/memory_spec.rb +4 -2
  693. data/spec/unit/indirector/node/msgpack_spec.rb +1 -0
  694. data/spec/unit/indirector/node/plain_spec.rb +4 -2
  695. data/spec/unit/indirector/node/rest_spec.rb +1 -0
  696. data/spec/unit/indirector/node/store_configs_spec.rb +1 -0
  697. data/spec/unit/indirector/node/yaml_spec.rb +1 -0
  698. data/spec/unit/indirector/none_spec.rb +5 -5
  699. data/spec/unit/indirector/plain_spec.rb +8 -7
  700. data/spec/unit/indirector/report/msgpack_spec.rb +1 -0
  701. data/spec/unit/indirector/report/processor_spec.rb +22 -21
  702. data/spec/unit/indirector/report/rest_spec.rb +12 -11
  703. data/spec/unit/indirector/report/yaml_spec.rb +1 -0
  704. data/spec/unit/indirector/request_spec.rb +18 -15
  705. data/spec/unit/indirector/resource/ral_spec.rb +55 -47
  706. data/spec/unit/indirector/resource/store_configs_spec.rb +1 -0
  707. data/spec/unit/indirector/rest_spec.rb +110 -113
  708. data/spec/unit/indirector/ssl_file_spec.rb +100 -119
  709. data/spec/unit/indirector/status/local_spec.rb +1 -0
  710. data/spec/unit/indirector/status/rest_spec.rb +1 -0
  711. data/spec/unit/indirector/store_configs_spec.rb +1 -0
  712. data/spec/unit/indirector/terminus_spec.rb +30 -32
  713. data/spec/unit/indirector/yaml_spec.rb +90 -68
  714. data/spec/unit/indirector_spec.rb +2 -1
  715. data/spec/unit/info_service_spec.rb +144 -10
  716. data/spec/unit/interface/action_builder_spec.rb +1 -0
  717. data/spec/unit/interface/action_manager_spec.rb +1 -0
  718. data/spec/unit/interface/action_spec.rb +3 -2
  719. data/spec/unit/interface/documentation_spec.rb +1 -0
  720. data/spec/unit/interface/face_collection_spec.rb +12 -19
  721. data/spec/unit/interface_spec.rb +3 -3
  722. data/spec/unit/man_spec.rb +4 -3
  723. data/spec/unit/module_spec.rb +52 -102
  724. data/spec/unit/module_tool/applications/installer_spec.rb +13 -12
  725. data/spec/unit/module_tool/applications/searcher_spec.rb +3 -3
  726. data/spec/unit/module_tool/applications/uninstaller_spec.rb +2 -1
  727. data/spec/unit/module_tool/applications/unpacker_spec.rb +13 -13
  728. data/spec/unit/module_tool/applications/upgrader_spec.rb +6 -6
  729. data/spec/unit/module_tool/install_directory_spec.rb +8 -8
  730. data/spec/unit/module_tool/installed_modules_spec.rb +3 -3
  731. data/spec/unit/module_tool/tar/gnu_spec.rb +6 -6
  732. data/spec/unit/module_tool/tar/mini_spec.rb +12 -12
  733. data/spec/unit/module_tool/tar_spec.rb +13 -12
  734. data/spec/unit/module_tool_spec.rb +12 -29
  735. data/spec/unit/network/auth_config_parser_spec.rb +13 -11
  736. data/spec/unit/network/authconfig_spec.rb +18 -17
  737. data/spec/unit/network/authorization_spec.rb +5 -4
  738. data/spec/unit/network/authstore_spec.rb +1 -0
  739. data/spec/unit/network/format_handler_spec.rb +1 -0
  740. data/spec/unit/network/format_spec.rb +10 -9
  741. data/spec/unit/network/format_support_spec.rb +29 -28
  742. data/spec/unit/network/formats_spec.rb +31 -4
  743. data/spec/unit/network/http/api/indirected_routes_spec.rb +41 -51
  744. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +7 -9
  745. data/spec/unit/network/http/api/master/v3/environment_spec.rb +1 -2
  746. data/spec/unit/network/http/api/master/v3/environments_spec.rb +7 -6
  747. data/spec/unit/network/http/api_spec.rb +2 -26
  748. data/spec/unit/network/http/compression_spec.rb +28 -24
  749. data/spec/unit/network/http/connection_spec.rb +122 -72
  750. data/spec/unit/network/http/factory_spec.rb +11 -40
  751. data/spec/unit/network/http/handler_spec.rb +18 -9
  752. data/spec/unit/network/http/nocache_pool_spec.rb +7 -6
  753. data/spec/unit/network/http/pool_spec.rb +29 -60
  754. data/spec/unit/network/http/request_spec.rb +2 -0
  755. data/spec/unit/network/http/response_spec.rb +13 -11
  756. data/spec/unit/network/http/route_spec.rb +1 -0
  757. data/spec/unit/network/http/session_spec.rb +2 -1
  758. data/spec/unit/network/http/site_spec.rb +1 -0
  759. data/spec/unit/network/http_pool_spec.rb +9 -18
  760. data/spec/unit/network/http_spec.rb +1 -0
  761. data/spec/unit/network/resolver_spec.rb +104 -28
  762. data/spec/unit/network/rights_spec.rb +53 -52
  763. data/spec/unit/node/environment_spec.rb +17 -18
  764. data/spec/unit/node/facts_spec.rb +21 -6
  765. data/spec/unit/node_spec.rb +23 -17
  766. data/spec/unit/other/selinux_spec.rb +1 -71
  767. data/spec/unit/parameter/boolean_spec.rb +2 -1
  768. data/spec/unit/parameter/package_options_spec.rb +2 -1
  769. data/spec/unit/parameter/path_spec.rb +1 -0
  770. data/spec/unit/parameter/value_collection_spec.rb +1 -0
  771. data/spec/unit/parameter/value_spec.rb +1 -0
  772. data/spec/unit/parameter_spec.rb +9 -9
  773. data/spec/unit/parser/ast/block_expression_spec.rb +8 -6
  774. data/spec/unit/parser/ast/leaf_spec.rb +21 -20
  775. data/spec/unit/parser/compiler_spec.rb +96 -84
  776. data/spec/unit/parser/environment_compiler_spec.rb +16 -23
  777. data/spec/unit/parser/files_spec.rb +1 -0
  778. data/spec/unit/parser/functions/create_resources_spec.rb +1 -1
  779. data/spec/unit/parser/functions/digest_spec.rb +1 -4
  780. data/spec/unit/parser/functions/fail_spec.rb +2 -5
  781. data/spec/unit/parser/functions/file_spec.rb +14 -17
  782. data/spec/unit/parser/functions/fqdn_rand_spec.rb +6 -5
  783. data/spec/unit/parser/functions/generate_spec.rb +37 -38
  784. data/spec/unit/parser/functions/inline_template_spec.rb +1 -4
  785. data/spec/unit/parser/functions/regsubst_spec.rb +1 -4
  786. data/spec/unit/parser/functions/scanf_spec.rb +1 -4
  787. data/spec/unit/parser/functions/shellquote_spec.rb +1 -0
  788. data/spec/unit/parser/functions/split_spec.rb +1 -4
  789. data/spec/unit/parser/functions/sprintf_spec.rb +1 -4
  790. data/spec/unit/parser/functions/tag_spec.rb +2 -5
  791. data/spec/unit/parser/functions/tagged_spec.rb +3 -6
  792. data/spec/unit/parser/functions/template_spec.rb +13 -17
  793. data/spec/unit/parser/functions/versioncmp_spec.rb +2 -5
  794. data/spec/unit/parser/functions_spec.rb +29 -3
  795. data/spec/unit/parser/relationship_spec.rb +1 -0
  796. data/spec/unit/parser/resource/param_spec.rb +1 -1
  797. data/spec/unit/parser/resource_spec.rb +42 -42
  798. data/spec/unit/parser/scope_spec.rb +35 -39
  799. data/spec/unit/parser/templatewrapper_spec.rb +12 -11
  800. data/spec/unit/parser/type_loader_spec.rb +19 -17
  801. data/spec/unit/pops/adaptable_spec.rb +1 -0
  802. data/spec/unit/pops/benchmark_spec.rb +1 -0
  803. data/spec/unit/pops/evaluator/access_ops_spec.rb +1 -0
  804. data/spec/unit/pops/evaluator/arithmetic_ops_spec.rb +11 -0
  805. data/spec/unit/pops/evaluator/basic_expressions_spec.rb +1 -0
  806. data/spec/unit/pops/evaluator/collections_ops_spec.rb +1 -0
  807. data/spec/unit/pops/evaluator/comparison_ops_spec.rb +1 -0
  808. data/spec/unit/pops/evaluator/conditionals_spec.rb +1 -0
  809. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +78 -18
  810. data/spec/unit/pops/evaluator/logical_ops_spec.rb +1 -0
  811. data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +5 -4
  812. data/spec/unit/pops/evaluator/string_interpolation_spec.rb +1 -0
  813. data/spec/unit/pops/evaluator/variables_spec.rb +1 -0
  814. data/spec/unit/pops/factory_spec.rb +4 -3
  815. data/spec/unit/pops/issues_spec.rb +20 -19
  816. data/spec/unit/pops/loaders/dependency_loader_spec.rb +2 -2
  817. data/spec/unit/pops/loaders/loader_spec.rb +12 -36
  818. data/spec/unit/pops/loaders/loaders_spec.rb +57 -54
  819. data/spec/unit/pops/loaders/module_loaders_spec.rb +35 -3
  820. data/spec/unit/pops/loaders/static_loader_spec.rb +0 -36
  821. data/spec/unit/pops/lookup/context_spec.rb +1 -0
  822. data/spec/unit/pops/lookup/interpolation_spec.rb +3 -2
  823. data/spec/unit/pops/merge_strategy_spec.rb +1 -0
  824. data/spec/unit/pops/migration_spec.rb +5 -3
  825. data/spec/unit/pops/model/model_spec.rb +1 -0
  826. data/spec/unit/pops/model/pn_transformer_spec.rb +1 -0
  827. data/spec/unit/pops/parser/lexer2_spec.rb +60 -21
  828. data/spec/unit/pops/parser/locator_spec.rb +6 -48
  829. data/spec/unit/pops/parser/parse_application_spec.rb +1 -0
  830. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +1 -0
  831. data/spec/unit/pops/parser/parse_calls_spec.rb +1 -0
  832. data/spec/unit/pops/parser/parse_capabilities_spec.rb +1 -0
  833. data/spec/unit/pops/parser/parse_conditionals_spec.rb +1 -0
  834. data/spec/unit/pops/parser/parse_containers_spec.rb +1 -0
  835. data/spec/unit/pops/parser/parse_heredoc_spec.rb +12 -124
  836. data/spec/unit/pops/parser/parse_plan_spec.rb +1 -0
  837. data/spec/unit/pops/parser/parse_resource_spec.rb +1 -0
  838. data/spec/unit/pops/parser/parse_site_spec.rb +1 -0
  839. data/spec/unit/pops/parser/pn_parser_spec.rb +1 -0
  840. data/spec/unit/pops/pn_spec.rb +1 -0
  841. data/spec/unit/pops/resource/resource_type_impl_spec.rb +1 -0
  842. data/spec/unit/pops/serialization/serialization_spec.rb +7 -5
  843. data/spec/unit/pops/serialization/to_from_hr_spec.rb +29 -4
  844. data/spec/unit/pops/serialization/to_stringified_spec.rb +157 -0
  845. data/spec/unit/pops/types/deferred_spec.rb +87 -0
  846. data/spec/unit/pops/types/p_object_type_spec.rb +20 -0
  847. data/spec/unit/pops/types/p_timespan_type_spec.rb +0 -22
  848. data/spec/unit/pops/types/p_timestamp_type_spec.rb +0 -19
  849. data/spec/unit/pops/types/recursion_guard_spec.rb +10 -10
  850. data/spec/unit/pops/types/ruby_generator_spec.rb +2 -2
  851. data/spec/unit/pops/types/string_converter_spec.rb +11 -22
  852. data/spec/unit/pops/types/task_spec.rb +148 -16
  853. data/spec/unit/pops/types/type_asserter_spec.rb +2 -2
  854. data/spec/unit/pops/types/type_calculator_spec.rb +36 -36
  855. data/spec/unit/pops/types/type_mismatch_describer_spec.rb +0 -9
  856. data/spec/unit/pops/types/type_parser_spec.rb +13 -13
  857. data/spec/unit/pops/types/types_spec.rb +12 -6
  858. data/spec/unit/pops/validator/validator_spec.rb +162 -82
  859. data/spec/unit/pops/visitor_spec.rb +1 -0
  860. data/spec/unit/property/boolean_spec.rb +1 -1
  861. data/spec/unit/property/ensure_spec.rb +1 -0
  862. data/spec/unit/property/keyvalue_spec.rb +34 -32
  863. data/spec/unit/property/list_spec.rb +27 -26
  864. data/spec/unit/property/ordered_list_spec.rb +14 -10
  865. data/spec/unit/property_spec.rb +53 -43
  866. data/spec/unit/provider/aix_object_spec.rb +45 -47
  867. data/spec/unit/provider/command_spec.rb +9 -9
  868. data/spec/unit/provider/exec/posix_spec.rb +9 -8
  869. data/spec/unit/provider/exec/shell_spec.rb +3 -1
  870. data/spec/unit/provider/exec/windows_spec.rb +6 -4
  871. data/spec/unit/provider/exec_spec.rb +1 -209
  872. data/spec/unit/provider/file/posix_spec.rb +24 -22
  873. data/spec/unit/provider/file/windows_spec.rb +19 -17
  874. data/spec/unit/provider/group/aix_spec.rb +7 -22
  875. data/spec/unit/provider/group/groupadd_spec.rb +27 -60
  876. data/spec/unit/provider/group/ldap_spec.rb +36 -33
  877. data/spec/unit/provider/group/pw_spec.rb +18 -15
  878. data/spec/unit/provider/group/windows_adsi_spec.rb +80 -128
  879. data/spec/unit/provider/ldap_spec.rb +62 -61
  880. data/spec/unit/provider/nameservice/directoryservice_spec.rb +109 -102
  881. data/spec/unit/provider/nameservice_spec.rb +41 -39
  882. data/spec/unit/provider/package/aix_spec.rb +22 -48
  883. data/spec/unit/provider/package/appdmg_spec.rb +13 -13
  884. data/spec/unit/provider/package/apt_spec.rb +35 -60
  885. data/spec/unit/provider/package/aptitude_spec.rb +7 -7
  886. data/spec/unit/provider/package/aptrpm_spec.rb +13 -8
  887. data/spec/unit/provider/package/base_spec.rb +4 -4
  888. data/spec/unit/provider/package/dnf_spec.rb +23 -34
  889. data/spec/unit/provider/package/dpkg_spec.rb +72 -114
  890. data/spec/unit/provider/package/freebsd_spec.rb +18 -15
  891. data/spec/unit/provider/package/gem_spec.rb +86 -163
  892. data/spec/unit/provider/package/hpux_spec.rb +18 -15
  893. data/spec/unit/provider/package/macports_spec.rb +54 -56
  894. data/spec/unit/provider/package/nim_spec.rb +49 -33
  895. data/spec/unit/provider/package/openbsd_spec.rb +49 -60
  896. data/spec/unit/provider/package/opkg_spec.rb +26 -23
  897. data/spec/unit/provider/package/pacman_spec.rb +118 -97
  898. data/spec/unit/provider/package/pip3_spec.rb +6 -20
  899. data/spec/unit/provider/package/pip_spec.rb +129 -185
  900. data/spec/unit/provider/package/pkg_spec.rb +119 -129
  901. data/spec/unit/provider/package/pkgdmg_spec.rb +63 -65
  902. data/spec/unit/provider/package/pkgin_spec.rb +23 -20
  903. data/spec/unit/provider/package/pkgng_spec.rb +35 -67
  904. data/spec/unit/provider/package/pkgutil_spec.rb +49 -45
  905. data/spec/unit/provider/package/portage_spec.rb +76 -72
  906. data/spec/unit/provider/package/puppet_gem_spec.rb +21 -45
  907. data/spec/unit/provider/package/rpm_spec.rb +79 -291
  908. data/spec/unit/provider/package/sun_spec.rb +18 -16
  909. data/spec/unit/provider/package/tdnf_spec.rb +12 -9
  910. data/spec/unit/provider/package/up2date_spec.rb +4 -2
  911. data/spec/unit/provider/package/urpmi_spec.rb +17 -15
  912. data/spec/unit/provider/package/windows/exe_package_spec.rb +18 -15
  913. data/spec/unit/provider/package/windows/msi_package_spec.rb +23 -20
  914. data/spec/unit/provider/package/windows/package_spec.rb +43 -38
  915. data/spec/unit/provider/package/windows_spec.rb +36 -51
  916. data/spec/unit/provider/package/yum_spec.rb +24 -128
  917. data/spec/unit/provider/package/zypper_spec.rb +106 -117
  918. data/spec/unit/provider/parsedfile_spec.rb +45 -44
  919. data/spec/unit/provider/service/base_spec.rb +6 -5
  920. data/spec/unit/provider/service/bsd_spec.rb +54 -47
  921. data/spec/unit/provider/service/daemontools_spec.rb +53 -70
  922. data/spec/unit/provider/service/debian_spec.rb +58 -46
  923. data/spec/unit/provider/service/freebsd_spec.rb +23 -20
  924. data/spec/unit/provider/service/gentoo_spec.rb +81 -74
  925. data/spec/unit/provider/service/init_spec.rb +66 -65
  926. data/spec/unit/provider/service/launchd_spec.rb +114 -181
  927. data/spec/unit/provider/service/openbsd_spec.rb +94 -87
  928. data/spec/unit/provider/service/openrc_spec.rb +74 -70
  929. data/spec/unit/provider/service/openwrt_spec.rb +38 -30
  930. data/spec/unit/provider/service/rcng_spec.rb +24 -19
  931. data/spec/unit/provider/service/redhat_spec.rb +60 -60
  932. data/spec/unit/provider/service/runit_spec.rb +44 -61
  933. data/spec/unit/provider/service/smf_spec.rb +74 -143
  934. data/spec/unit/provider/service/src_spec.rb +69 -60
  935. data/spec/unit/provider/service/systemd_spec.rb +160 -222
  936. data/spec/unit/provider/service/upstart_spec.rb +99 -83
  937. data/spec/unit/provider/service/windows_spec.rb +42 -84
  938. data/spec/unit/provider/user/aix_spec.rb +24 -65
  939. data/spec/unit/provider/user/directoryservice_spec.rb +114 -187
  940. data/spec/unit/provider/user/hpux_spec.rb +21 -17
  941. data/spec/unit/provider/user/ldap_spec.rb +83 -80
  942. data/spec/unit/provider/user/openbsd_spec.rb +12 -11
  943. data/spec/unit/provider/user/pw_spec.rb +44 -80
  944. data/spec/unit/provider/user/user_role_add_spec.rb +94 -94
  945. data/spec/unit/provider/user/useradd_spec.rb +100 -208
  946. data/spec/unit/provider/user/windows_adsi_spec.rb +63 -62
  947. data/spec/unit/provider_spec.rb +189 -41
  948. data/spec/unit/puppet_pal_2pec.rb +26 -12
  949. data/spec/unit/puppet_pal_catalog_spec.rb +801 -0
  950. data/spec/unit/puppet_pal_spec.rb +2 -8
  951. data/spec/unit/puppet_spec.rb +7 -27
  952. data/spec/unit/relationship_spec.rb +1 -0
  953. data/spec/unit/reports/http_spec.rb +23 -21
  954. data/spec/unit/reports/store_spec.rb +4 -3
  955. data/spec/unit/reports_spec.rb +14 -12
  956. data/spec/unit/resource/capability_finder_spec.rb +26 -29
  957. data/spec/unit/resource/catalog_spec.rb +77 -81
  958. data/spec/unit/resource/status_spec.rb +8 -6
  959. data/spec/unit/resource/type_collection_spec.rb +18 -17
  960. data/spec/unit/resource/type_spec.rb +35 -34
  961. data/spec/unit/resource_spec.rb +79 -67
  962. data/spec/unit/rest/client_spec.rb +135 -0
  963. data/spec/unit/rest/route_spec.rb +132 -0
  964. data/spec/unit/scheduler/job_spec.rb +1 -0
  965. data/spec/unit/scheduler/scheduler_spec.rb +1 -0
  966. data/spec/unit/scheduler/splay_job_spec.rb +2 -1
  967. data/spec/unit/settings/array_setting_spec.rb +1 -1
  968. data/spec/unit/settings/autosign_setting_spec.rb +9 -9
  969. data/spec/unit/settings/certificate_revocation_setting_spec.rb +1 -1
  970. data/spec/unit/settings/config_file_spec.rb +10 -0
  971. data/spec/unit/settings/directory_setting_spec.rb +7 -2
  972. data/spec/unit/settings/duration_setting_spec.rb +2 -1
  973. data/spec/unit/settings/enum_setting_spec.rb +1 -1
  974. data/spec/unit/settings/environment_conf_spec.rb +6 -4
  975. data/spec/unit/settings/file_setting_spec.rb +50 -46
  976. data/spec/unit/settings/ini_file_spec.rb +2 -4
  977. data/spec/unit/settings/path_setting_spec.rb +3 -2
  978. data/spec/unit/settings/priority_setting_spec.rb +2 -1
  979. data/spec/unit/settings/string_setting_spec.rb +15 -14
  980. data/spec/unit/settings/terminus_setting_spec.rb +2 -1
  981. data/spec/unit/settings/value_translator_spec.rb +1 -0
  982. data/spec/unit/settings_spec.rb +226 -253
  983. data/spec/unit/ssl/base_spec.rb +15 -14
  984. data/spec/unit/ssl/certificate_request_attributes_spec.rb +22 -8
  985. data/spec/unit/ssl/certificate_request_spec.rb +63 -92
  986. data/spec/unit/ssl/certificate_spec.rb +29 -37
  987. data/spec/unit/ssl/digest_spec.rb +1 -0
  988. data/spec/unit/ssl/host_spec.rb +305 -685
  989. data/spec/unit/ssl/key_spec.rb +34 -46
  990. data/spec/unit/ssl/validator_spec.rb +70 -203
  991. data/spec/unit/task_spec.rb +172 -26
  992. data/spec/unit/transaction/additional_resource_generator_spec.rb +68 -67
  993. data/spec/unit/transaction/event_manager_spec.rb +84 -95
  994. data/spec/unit/transaction/event_spec.rb +15 -16
  995. data/spec/unit/transaction/persistence_spec.rb +18 -17
  996. data/spec/unit/transaction/report_spec.rb +24 -18
  997. data/spec/unit/transaction/resource_harness_spec.rb +33 -72
  998. data/spec/unit/transaction_spec.rb +106 -176
  999. data/spec/unit/type/component_spec.rb +1 -0
  1000. data/spec/unit/type/exec_spec.rb +66 -120
  1001. data/spec/unit/type/file/checksum_spec.rb +11 -10
  1002. data/spec/unit/type/file/checksum_value_spec.rb +32 -31
  1003. data/spec/unit/type/file/content_spec.rb +62 -65
  1004. data/spec/unit/type/file/ctime_spec.rb +1 -0
  1005. data/spec/unit/type/file/ensure_spec.rb +13 -12
  1006. data/spec/unit/type/file/group_spec.rb +7 -5
  1007. data/spec/unit/type/file/mode_spec.rb +6 -4
  1008. data/spec/unit/type/file/mtime_spec.rb +1 -0
  1009. data/spec/unit/type/file/owner_spec.rb +8 -6
  1010. data/spec/unit/type/file/selinux_spec.rb +19 -17
  1011. data/spec/unit/type/file/source_spec.rb +110 -113
  1012. data/spec/unit/type/file/type_spec.rb +1 -0
  1013. data/spec/unit/type/file_spec.rb +190 -204
  1014. data/spec/unit/type/filebucket_spec.rb +10 -11
  1015. data/spec/unit/type/group_spec.rb +9 -15
  1016. data/spec/unit/type/noop_metaparam_spec.rb +2 -1
  1017. data/spec/unit/type/package/package_settings_spec.rb +23 -44
  1018. data/spec/unit/type/package_spec.rb +64 -61
  1019. data/spec/unit/type/resources_spec.rb +101 -103
  1020. data/spec/unit/type/schedule_spec.rb +28 -28
  1021. data/spec/unit/type/service_spec.rb +85 -76
  1022. data/spec/unit/type/stage_spec.rb +1 -0
  1023. data/spec/unit/type/tidy_spec.rb +63 -62
  1024. data/spec/unit/type/user_spec.rb +26 -147
  1025. data/spec/unit/type/whit_spec.rb +1 -0
  1026. data/spec/unit/type_spec.rb +164 -125
  1027. data/spec/unit/util/at_fork_spec.rb +19 -18
  1028. data/spec/unit/util/autoload_spec.rb +122 -93
  1029. data/spec/unit/util/backups_spec.rb +35 -34
  1030. data/spec/unit/util/character_encoding_spec.rb +5 -48
  1031. data/spec/unit/util/checksums_spec.rb +39 -38
  1032. data/spec/unit/util/colors_spec.rb +2 -1
  1033. data/spec/unit/util/command_line_spec.rb +20 -40
  1034. data/spec/unit/util/constant_inflector_spec.rb +1 -0
  1035. data/spec/unit/util/diff_spec.rb +8 -7
  1036. data/spec/unit/util/errors_spec.rb +1 -0
  1037. data/spec/unit/util/execution_spec.rb +167 -285
  1038. data/spec/unit/util/execution_stub_spec.rb +3 -2
  1039. data/spec/unit/util/feature_spec.rb +46 -28
  1040. data/spec/unit/util/filetype_spec.rb +53 -61
  1041. data/spec/unit/util/http_proxy_spec.rb +13 -133
  1042. data/spec/unit/util/inifile_spec.rb +31 -26
  1043. data/spec/unit/util/json_lockfile_spec.rb +5 -3
  1044. data/spec/unit/util/ldap/connection_spec.rb +25 -26
  1045. data/spec/unit/util/ldap/generator_spec.rb +1 -0
  1046. data/spec/unit/util/ldap/manager_spec.rb +102 -118
  1047. data/spec/unit/util/lockfile_spec.rb +2 -1
  1048. data/spec/unit/util/log/destinations_spec.rb +40 -23
  1049. data/spec/unit/util/log_spec.rb +146 -48
  1050. data/spec/unit/util/logging_spec.rb +114 -252
  1051. data/spec/unit/util/metric_spec.rb +1 -0
  1052. data/spec/unit/util/monkey_patches_spec.rb +12 -24
  1053. data/spec/unit/util/multi_match_spec.rb +1 -0
  1054. data/spec/unit/util/network_device/config_spec.rb +1 -0
  1055. data/spec/unit/util/network_device/transport/base_spec.rb +6 -5
  1056. data/spec/unit/util/network_device_spec.rb +9 -7
  1057. data/spec/unit/util/package_spec.rb +1 -0
  1058. data/spec/unit/util/pidlock_spec.rb +14 -86
  1059. data/spec/unit/util/plist_spec.rb +33 -60
  1060. data/spec/unit/util/posix_spec.rb +47 -78
  1061. data/spec/unit/util/profiler/object_counts_spec.rb +2 -1
  1062. data/spec/unit/util/rdoc_spec.rb +10 -9
  1063. data/spec/unit/util/reference_spec.rb +1 -0
  1064. data/spec/unit/util/resource_template_spec.rb +20 -20
  1065. data/spec/unit/util/retry_action_spec.rb +8 -7
  1066. data/spec/unit/util/rubygems_spec.rb +7 -41
  1067. data/spec/unit/util/run_mode_spec.rb +11 -10
  1068. data/spec/unit/util/selinux_spec.rb +73 -84
  1069. data/spec/unit/util/splayer_spec.rb +9 -8
  1070. data/spec/unit/util/ssl_spec.rb +1 -0
  1071. data/spec/unit/util/storage_spec.rb +17 -111
  1072. data/spec/unit/util/suidmanager_spec.rb +58 -47
  1073. data/spec/unit/util/symbolic_file_mode_spec.rb +1 -0
  1074. data/spec/unit/util/tag_set_spec.rb +9 -1
  1075. data/spec/unit/util/tagging_spec.rb +12 -0
  1076. data/spec/unit/util/terminal_spec.rb +10 -9
  1077. data/spec/unit/util/user_attr_spec.rb +2 -1
  1078. data/spec/unit/util/warnings_spec.rb +4 -3
  1079. data/spec/unit/util/watcher/periodic_watcher_spec.rb +2 -2
  1080. data/spec/unit/util/watcher_spec.rb +21 -51
  1081. data/spec/unit/util/windows/access_control_entry_spec.rb +2 -1
  1082. data/spec/unit/util/windows/access_control_list_spec.rb +2 -1
  1083. data/spec/unit/util/windows/adsi_spec.rb +134 -278
  1084. data/spec/unit/util/windows/api_types_spec.rb +42 -105
  1085. data/spec/unit/util/windows/eventlog_spec.rb +13 -10
  1086. data/spec/unit/util/windows/file_spec.rb +1 -0
  1087. data/spec/unit/util/windows/root_certs_spec.rb +1 -0
  1088. data/spec/unit/util/windows/security_descriptor_spec.rb +3 -1
  1089. data/spec/unit/util/windows/service_spec.rb +180 -432
  1090. data/spec/unit/util/windows/sid_spec.rb +17 -15
  1091. data/spec/unit/util/windows/string_spec.rb +2 -1
  1092. data/spec/unit/util/yaml_spec.rb +162 -28
  1093. data/spec/unit/util_spec.rb +74 -119
  1094. data/spec/unit/version_spec.rb +6 -6
  1095. data/tasks/benchmark.rake +5 -1
  1096. data/tasks/ci.rake +0 -5
  1097. data/tasks/manpages.rake +9 -2
  1098. data/tasks/parser.rake +11 -3
  1099. metadata +162 -479
  1100. data/CODEOWNERS +0 -30
  1101. data/ext/rack/config.ru +0 -44
  1102. data/ext/rack/example-passenger-vhost.conf +0 -57
  1103. data/lib/puppet/application/ca.rb +0 -11
  1104. data/lib/puppet/application/certificate.rb +0 -17
  1105. data/lib/puppet/application/certificate_request.rb +0 -7
  1106. data/lib/puppet/application/certificate_revocation_list.rb +0 -7
  1107. data/lib/puppet/application/master.rb +0 -319
  1108. data/lib/puppet/confine/boolean.rb +0 -45
  1109. data/lib/puppet/external/nagios.rb +0 -46
  1110. data/lib/puppet/external/nagios/base.rb +0 -472
  1111. data/lib/puppet/external/nagios/grammar.ry +0 -248
  1112. data/lib/puppet/external/nagios/makefile +0 -9
  1113. data/lib/puppet/external/nagios/parser.rb +0 -400
  1114. data/lib/puppet/face/ca.rb +0 -266
  1115. data/lib/puppet/face/certificate.rb +0 -167
  1116. data/lib/puppet/face/certificate_request.rb +0 -56
  1117. data/lib/puppet/face/certificate_revocation_list.rb +0 -56
  1118. data/lib/puppet/feature/rack.rb +0 -19
  1119. data/lib/puppet/graph/random_prioritizer.rb +0 -16
  1120. data/lib/puppet/graph/title_hash_prioritizer.rb +0 -16
  1121. data/lib/puppet/indirector/certificate/ca.rb +0 -9
  1122. data/lib/puppet/indirector/certificate/disabled_ca.rb +0 -22
  1123. data/lib/puppet/indirector/certificate_request/ca.rb +0 -22
  1124. data/lib/puppet/indirector/certificate_request/disabled_ca.rb +0 -22
  1125. data/lib/puppet/indirector/certificate_revocation_list/ca.rb +0 -8
  1126. data/lib/puppet/indirector/certificate_revocation_list/disabled_ca.rb +0 -22
  1127. data/lib/puppet/indirector/certificate_revocation_list/file.rb +0 -8
  1128. data/lib/puppet/indirector/certificate_revocation_list/rest.rb +0 -22
  1129. data/lib/puppet/indirector/certificate_status.rb +0 -4
  1130. data/lib/puppet/indirector/certificate_status/file.rb +0 -91
  1131. data/lib/puppet/indirector/certificate_status/rest.rb +0 -11
  1132. data/lib/puppet/indirector/key/ca.rb +0 -16
  1133. data/lib/puppet/indirector/key/disabled_ca.rb +0 -22
  1134. data/lib/puppet/indirector/ldap.rb +0 -86
  1135. data/lib/puppet/indirector/node/ldap.rb +0 -275
  1136. data/lib/puppet/indirector/node/write_only_yaml.rb +0 -39
  1137. data/lib/puppet/module_tool/applications/builder.rb +0 -152
  1138. data/lib/puppet/module_tool/skeleton/templates/generator/Gemfile +0 -18
  1139. data/lib/puppet/module_tool/skeleton/templates/generator/README.md.erb +0 -89
  1140. data/lib/puppet/module_tool/skeleton/templates/generator/Rakefile +0 -32
  1141. data/lib/puppet/module_tool/skeleton/templates/generator/examples/init.pp.erb +0 -12
  1142. data/lib/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +0 -48
  1143. data/lib/puppet/module_tool/skeleton/templates/generator/metadata.json.erb +0 -1
  1144. data/lib/puppet/module_tool/skeleton/templates/generator/spec/classes/init_spec.rb.erb +0 -6
  1145. data/lib/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +0 -1
  1146. data/lib/puppet/network/http/api/ca.rb +0 -2
  1147. data/lib/puppet/network/http/api/ca/v1.rb +0 -11
  1148. data/lib/puppet/network/http/rack.rb +0 -33
  1149. data/lib/puppet/network/http/rack/rest.rb +0 -162
  1150. data/lib/puppet/network/http/webrick.rb +0 -124
  1151. data/lib/puppet/network/http/webrick/rest.rb +0 -114
  1152. data/lib/puppet/network/server.rb +0 -39
  1153. data/lib/puppet/provider/augeas/augeas.rb +0 -767
  1154. data/lib/puppet/provider/cisco.rb +0 -9
  1155. data/lib/puppet/provider/computer/computer.rb +0 -20
  1156. data/lib/puppet/provider/cron/crontab.rb +0 -297
  1157. data/lib/puppet/provider/host/parsed.rb +0 -46
  1158. data/lib/puppet/provider/interface/cisco.rb +0 -27
  1159. data/lib/puppet/provider/macauthorization/macauthorization.rb +0 -298
  1160. data/lib/puppet/provider/mailalias/aliases.rb +0 -50
  1161. data/lib/puppet/provider/maillist/mailman.rb +0 -108
  1162. data/lib/puppet/provider/mcx/mcxcontent.rb +0 -173
  1163. data/lib/puppet/provider/mount.rb +0 -76
  1164. data/lib/puppet/provider/mount/parsed.rb +0 -285
  1165. data/lib/puppet/provider/naginator.rb +0 -63
  1166. data/lib/puppet/provider/package/dnfmodule.rb +0 -141
  1167. data/lib/puppet/provider/package_targetable.rb +0 -69
  1168. data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +0 -590
  1169. data/lib/puppet/provider/selboolean/getsetsebool.rb +0 -47
  1170. data/lib/puppet/provider/selmodule/semodule.rb +0 -157
  1171. data/lib/puppet/provider/ssh_authorized_key/parsed.rb +0 -105
  1172. data/lib/puppet/provider/sshkey/parsed.rb +0 -50
  1173. data/lib/puppet/provider/vlan/cisco.rb +0 -28
  1174. data/lib/puppet/provider/yumrepo/inifile.rb +0 -315
  1175. data/lib/puppet/provider/zfs/zfs.rb +0 -108
  1176. data/lib/puppet/provider/zone/solaris.rb +0 -364
  1177. data/lib/puppet/provider/zpool/zpool.rb +0 -125
  1178. data/lib/puppet/ssl/certificate_authority.rb +0 -554
  1179. data/lib/puppet/ssl/certificate_authority/autosign_command.rb +0 -45
  1180. data/lib/puppet/ssl/certificate_authority/interface.rb +0 -324
  1181. data/lib/puppet/ssl/certificate_revocation_list.rb +0 -111
  1182. data/lib/puppet/ssl/configuration.rb +0 -61
  1183. data/lib/puppet/ssl/inventory.rb +0 -55
  1184. data/lib/puppet/type/augeas.rb +0 -211
  1185. data/lib/puppet/type/computer.rb +0 -66
  1186. data/lib/puppet/type/cron.rb +0 -480
  1187. data/lib/puppet/type/host.rb +0 -95
  1188. data/lib/puppet/type/interface.rb +0 -121
  1189. data/lib/puppet/type/k5login.rb +0 -165
  1190. data/lib/puppet/type/macauthorization.rb +0 -167
  1191. data/lib/puppet/type/mailalias.rb +0 -46
  1192. data/lib/puppet/type/maillist.rb +0 -62
  1193. data/lib/puppet/type/mcx.rb +0 -98
  1194. data/lib/puppet/type/mount.rb +0 -314
  1195. data/lib/puppet/type/nagios_command.rb +0 -3
  1196. data/lib/puppet/type/nagios_contact.rb +0 -3
  1197. data/lib/puppet/type/nagios_contactgroup.rb +0 -3
  1198. data/lib/puppet/type/nagios_host.rb +0 -3
  1199. data/lib/puppet/type/nagios_hostdependency.rb +0 -3
  1200. data/lib/puppet/type/nagios_hostescalation.rb +0 -3
  1201. data/lib/puppet/type/nagios_hostextinfo.rb +0 -3
  1202. data/lib/puppet/type/nagios_hostgroup.rb +0 -3
  1203. data/lib/puppet/type/nagios_service.rb +0 -3
  1204. data/lib/puppet/type/nagios_servicedependency.rb +0 -3
  1205. data/lib/puppet/type/nagios_serviceescalation.rb +0 -3
  1206. data/lib/puppet/type/nagios_serviceextinfo.rb +0 -3
  1207. data/lib/puppet/type/nagios_servicegroup.rb +0 -3
  1208. data/lib/puppet/type/nagios_timeperiod.rb +0 -3
  1209. data/lib/puppet/type/router.rb +0 -17
  1210. data/lib/puppet/type/scheduled_task.rb +0 -183
  1211. data/lib/puppet/type/selboolean.rb +0 -40
  1212. data/lib/puppet/type/selmodule.rb +0 -58
  1213. data/lib/puppet/type/ssh_authorized_key.rb +0 -143
  1214. data/lib/puppet/type/sshkey.rb +0 -83
  1215. data/lib/puppet/type/vlan.rb +0 -26
  1216. data/lib/puppet/type/yumrepo.rb +0 -430
  1217. data/lib/puppet/type/zfs.rb +0 -154
  1218. data/lib/puppet/type/zone.rb +0 -382
  1219. data/lib/puppet/type/zpool.rb +0 -91
  1220. data/lib/puppet/util/methodhelper.rb +0 -32
  1221. data/lib/puppet/util/nagios_maker.rb +0 -85
  1222. data/lib/puppet/util/network_device/cisco.rb +0 -4
  1223. data/lib/puppet/util/network_device/cisco/device.rb +0 -285
  1224. data/lib/puppet/util/network_device/cisco/facts.rb +0 -72
  1225. data/lib/puppet/util/network_device/cisco/interface.rb +0 -94
  1226. data/lib/puppet/util/network_device/ipcalc.rb +0 -68
  1227. data/lib/puppet/util/network_device/transport/ssh.rb +0 -126
  1228. data/lib/puppet/util/network_device/transport/telnet.rb +0 -47
  1229. data/lib/puppet/util/windows/taskscheduler.rb +0 -1267
  1230. data/lib/puppet/vendor/load_semantic.rb +0 -1
  1231. data/lib/puppet/vendor/load_semantic_puppet.rb +0 -1
  1232. data/lib/puppet/vendor/semantic/lib/semantic.rb +0 -5
  1233. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet.rb +0 -11
  1234. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency.rb +0 -181
  1235. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph.rb +0 -60
  1236. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/graph_node.rb +0 -117
  1237. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/module_release.rb +0 -58
  1238. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/source.rb +0 -25
  1239. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/dependency/unsatisfiable_graph.rb +0 -31
  1240. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/gem_version.rb +0 -3
  1241. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version.rb +0 -203
  1242. data/lib/puppet/vendor/semantic_puppet/lib/semantic_puppet/version_range.rb +0 -758
  1243. data/lib/puppet/vendor/semantic_puppet/locales/config.yaml +0 -21
  1244. data/man/man8/puppet-ca.8 +0 -196
  1245. data/man/man8/puppet-cert.8 +0 -118
  1246. data/man/man8/puppet-certificate.8 +0 -240
  1247. data/man/man8/puppet-certificate_request.8 +0 -161
  1248. data/man/man8/puppet-certificate_revocation_list.8 +0 -139
  1249. data/man/man8/puppet-master.8 +0 -85
  1250. data/spec/fixtures/integration/provider/cron/crontab/create_normal_entry +0 -19
  1251. data/spec/fixtures/integration/provider/cron/crontab/create_special_entry +0 -18
  1252. data/spec/fixtures/integration/provider/cron/crontab/crontab_user1 +0 -15
  1253. data/spec/fixtures/integration/provider/cron/crontab/crontab_user2 +0 -4
  1254. data/spec/fixtures/integration/provider/cron/crontab/modify_entry +0 -13
  1255. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input1 +0 -15
  1256. data/spec/fixtures/integration/provider/cron/crontab/moved_cronjob_input2 +0 -6
  1257. data/spec/fixtures/integration/provider/cron/crontab/purged +0 -8
  1258. data/spec/fixtures/integration/provider/cron/crontab/remove_named_resource +0 -12
  1259. data/spec/fixtures/integration/provider/cron/crontab/remove_unnamed_resource +0 -14
  1260. data/spec/fixtures/integration/provider/cron/crontab/unspecialized +0 -15
  1261. data/spec/fixtures/integration/provider/mailalias/aliases/test1 +0 -32
  1262. data/spec/fixtures/integration/provider/sshkey/sample +0 -21
  1263. data/spec/fixtures/unit/provider/augeas/augeas/augeas/lenses/test.aug +0 -13
  1264. data/spec/fixtures/unit/provider/augeas/augeas/etc/fstab +0 -10
  1265. data/spec/fixtures/unit/provider/augeas/augeas/etc/hosts +0 -6
  1266. data/spec/fixtures/unit/provider/augeas/augeas/etc/test +0 -3
  1267. data/spec/fixtures/unit/provider/augeas/augeas/test.aug +0 -13
  1268. data/spec/fixtures/unit/provider/host/parsed/valid_hosts +0 -19
  1269. data/spec/fixtures/unit/provider/mount/mount-output.aix.txt +0 -7
  1270. data/spec/fixtures/unit/provider/mount/parsed/aix.filesystems +0 -152
  1271. data/spec/fixtures/unit/provider/mount/parsed/aix.mount +0 -11
  1272. data/spec/fixtures/unit/provider/mount/parsed/darwin.mount +0 -6
  1273. data/spec/fixtures/unit/provider/mount/parsed/freebsd.fstab +0 -9
  1274. data/spec/fixtures/unit/provider/mount/parsed/freebsd.mount +0 -4
  1275. data/spec/fixtures/unit/provider/mount/parsed/hpux.mount +0 -17
  1276. data/spec/fixtures/unit/provider/mount/parsed/linux.fstab +0 -12
  1277. data/spec/fixtures/unit/provider/mount/parsed/linux.mount +0 -6
  1278. data/spec/fixtures/unit/provider/mount/parsed/netbsd.fstab +0 -10
  1279. data/spec/fixtures/unit/provider/mount/parsed/netbsd.mount +0 -9
  1280. data/spec/fixtures/unit/provider/mount/parsed/openbsd.fstab +0 -5
  1281. data/spec/fixtures/unit/provider/mount/parsed/openbsd.mount +0 -5
  1282. data/spec/fixtures/unit/provider/mount/parsed/solaris.fstab +0 -11
  1283. data/spec/fixtures/unit/provider/mount/parsed/solaris.mount +0 -6
  1284. data/spec/fixtures/unit/provider/naginator/define_empty_param +0 -6
  1285. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +0 -19
  1286. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +0 -9
  1287. data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +0 -6
  1288. data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +0 -13
  1289. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys +0 -7
  1290. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys1 +0 -3
  1291. data/spec/fixtures/unit/provider/ssh_authorized_key/parsed/authorized_keys2 +0 -1
  1292. data/spec/fixtures/unit/provider/sshkey/parsed/sample +0 -21
  1293. data/spec/fixtures/unit/provider/sshkey/parsed/sample_with_blank_lines +0 -8
  1294. data/spec/fixtures/unit/provider/zfs/zfs/zfs-list.out +0 -2
  1295. data/spec/fixtures/unit/provider/zpool/zpool/zpool-list.out +0 -2
  1296. data/spec/integration/faces/ca_spec.rb +0 -353
  1297. data/spec/integration/indirector/node/ldap_spec.rb +0 -13
  1298. data/spec/integration/network/http_pool_spec.rb +0 -120
  1299. data/spec/integration/provider/cron/crontab_spec.rb +0 -240
  1300. data/spec/integration/provider/file/windows_spec.rb +0 -162
  1301. data/spec/integration/provider/mailalias/aliases_spec.rb +0 -9
  1302. data/spec/integration/provider/mount_spec.rb +0 -163
  1303. data/spec/integration/provider/ssh_authorized_key_spec.rb +0 -217
  1304. data/spec/integration/provider/sshkey_spec.rb +0 -153
  1305. data/spec/integration/provider/yumrepo_spec.rb +0 -126
  1306. data/spec/integration/ssl/autosign_spec.rb +0 -145
  1307. data/spec/integration/ssl/certificate_authority_spec.rb +0 -161
  1308. data/spec/integration/ssl/certificate_revocation_list_spec.rb +0 -33
  1309. data/spec/integration/transaction_spec.rb +0 -553
  1310. data/spec/integration/type/nagios_spec.rb +0 -69
  1311. data/spec/integration/type/notify_spec.rb +0 -46
  1312. data/spec/integration/type/user_spec.rb +0 -63
  1313. data/spec/lib/puppet_spec/https.rb +0 -166
  1314. data/spec/unit/application/cert_spec.rb +0 -272
  1315. data/spec/unit/application/certificate_spec.rb +0 -21
  1316. data/spec/unit/application/master_spec.rb +0 -414
  1317. data/spec/unit/face/ca_spec.rb +0 -9
  1318. data/spec/unit/face/certificate_request_spec.rb +0 -9
  1319. data/spec/unit/face/certificate_revocation_list_spec.rb +0 -9
  1320. data/spec/unit/face/certificate_spec.rb +0 -228
  1321. data/spec/unit/face/module/build_spec.rb +0 -69
  1322. data/spec/unit/graph/title_hash_prioritizer_spec.rb +0 -50
  1323. data/spec/unit/indirector/certificate/ca_spec.rb +0 -21
  1324. data/spec/unit/indirector/certificate/disabled_ca_spec.rb +0 -32
  1325. data/spec/unit/indirector/certificate_request/ca_spec.rb +0 -56
  1326. data/spec/unit/indirector/certificate_request/disabled_ca_spec.rb +0 -32
  1327. data/spec/unit/indirector/certificate_revocation_list/ca_spec.rb +0 -15
  1328. data/spec/unit/indirector/certificate_revocation_list/disabled_ca_spec.rb +0 -32
  1329. data/spec/unit/indirector/certificate_revocation_list/file_spec.rb +0 -16
  1330. data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +0 -33
  1331. data/spec/unit/indirector/certificate_status/file_spec.rb +0 -190
  1332. data/spec/unit/indirector/certificate_status/rest_spec.rb +0 -17
  1333. data/spec/unit/indirector/code_spec.rb +0 -30
  1334. data/spec/unit/indirector/key/ca_spec.rb +0 -22
  1335. data/spec/unit/indirector/key/disabled_ca_spec.rb +0 -32
  1336. data/spec/unit/indirector/ldap_spec.rb +0 -151
  1337. data/spec/unit/indirector/node/ldap_spec.rb +0 -463
  1338. data/spec/unit/indirector/node/write_only_yaml_spec.rb +0 -11
  1339. data/spec/unit/module_tool/applications/builder_spec.rb +0 -439
  1340. data/spec/unit/network/http/api/ca/v1_spec.rb +0 -26
  1341. data/spec/unit/network/http/rack/rest_spec.rb +0 -322
  1342. data/spec/unit/network/http/rack_spec.rb +0 -42
  1343. data/spec/unit/network/http/webrick/rest_spec.rb +0 -230
  1344. data/spec/unit/network/http/webrick_spec.rb +0 -277
  1345. data/spec/unit/network/server_spec.rb +0 -94
  1346. data/spec/unit/provider/augeas/augeas_spec.rb +0 -1096
  1347. data/spec/unit/provider/cisco_spec.rb +0 -14
  1348. data/spec/unit/provider/cron/crontab_spec.rb +0 -206
  1349. data/spec/unit/provider/cron/parsed_spec.rb +0 -355
  1350. data/spec/unit/provider/host/parsed_spec.rb +0 -219
  1351. data/spec/unit/provider/interface/cisco_spec.rb +0 -53
  1352. data/spec/unit/provider/macauthorization_spec.rb +0 -134
  1353. data/spec/unit/provider/mcx/mcxcontent_spec.rb +0 -190
  1354. data/spec/unit/provider/mount/parsed_spec.rb +0 -318
  1355. data/spec/unit/provider/mount_spec.rb +0 -169
  1356. data/spec/unit/provider/naginator_spec.rb +0 -78
  1357. data/spec/unit/provider/network_device_spec.rb +0 -152
  1358. data/spec/unit/provider/package/dnfmodule_spec.rb +0 -247
  1359. data/spec/unit/provider/package_targetable_spec.rb +0 -60
  1360. data/spec/unit/provider/scheduled_task/win32_taskscheduler_spec.rb +0 -2050
  1361. data/spec/unit/provider/selboolean_spec.rb +0 -34
  1362. data/spec/unit/provider/selmodule-example.pp +0 -0
  1363. data/spec/unit/provider/selmodule_spec.rb +0 -154
  1364. data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -259
  1365. data/spec/unit/provider/sshkey/parsed_spec.rb +0 -92
  1366. data/spec/unit/provider/vlan/cisco_spec.rb +0 -53
  1367. data/spec/unit/provider/yumrepo/inifile_spec.rb +0 -413
  1368. data/spec/unit/provider/zfs/zfs_spec.rb +0 -171
  1369. data/spec/unit/provider/zone/solaris_spec.rb +0 -261
  1370. data/spec/unit/provider/zpool/zpool_spec.rb +0 -250
  1371. data/spec/unit/settings/server_list_setting_spec.rb +0 -21
  1372. data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +0 -29
  1373. data/spec/unit/ssl/certificate_authority/interface_spec.rb +0 -563
  1374. data/spec/unit/ssl/certificate_authority_spec.rb +0 -1165
  1375. data/spec/unit/ssl/certificate_revocation_list_spec.rb +0 -196
  1376. data/spec/unit/ssl/configuration_spec.rb +0 -138
  1377. data/spec/unit/ssl/inventory_spec.rb +0 -155
  1378. data/spec/unit/test/test_helper_spec.rb +0 -17
  1379. data/spec/unit/type/augeas_spec.rb +0 -120
  1380. data/spec/unit/type/computer_spec.rb +0 -77
  1381. data/spec/unit/type/cron_spec.rb +0 -539
  1382. data/spec/unit/type/host_spec.rb +0 -680
  1383. data/spec/unit/type/interface_spec.rb +0 -128
  1384. data/spec/unit/type/k5login_spec.rb +0 -204
  1385. data/spec/unit/type/macauthorization_spec.rb +0 -111
  1386. data/spec/unit/type/mailalias_spec.rb +0 -48
  1387. data/spec/unit/type/maillist_spec.rb +0 -38
  1388. data/spec/unit/type/mcx_spec.rb +0 -75
  1389. data/spec/unit/type/mount_spec.rb +0 -622
  1390. data/spec/unit/type/nagios_spec.rb +0 -312
  1391. data/spec/unit/type/scheduled_task_spec.rb +0 -117
  1392. data/spec/unit/type/selboolean_spec.rb +0 -41
  1393. data/spec/unit/type/selmodule_spec.rb +0 -16
  1394. data/spec/unit/type/ssh_authorized_key_spec.rb +0 -228
  1395. data/spec/unit/type/sshkey_spec.rb +0 -75
  1396. data/spec/unit/type/vlan_spec.rb +0 -42
  1397. data/spec/unit/type/yumrepo_spec.rb +0 -476
  1398. data/spec/unit/type/zfs_spec.rb +0 -45
  1399. data/spec/unit/type/zone_spec.rb +0 -182
  1400. data/spec/unit/type/zpool_spec.rb +0 -108
  1401. data/spec/unit/util/nagios_maker_spec.rb +0 -121
  1402. data/spec/unit/util/network_device/cisco/device_spec.rb +0 -491
  1403. data/spec/unit/util/network_device/cisco/facts_spec.rb +0 -63
  1404. data/spec/unit/util/network_device/cisco/interface_spec.rb +0 -97
  1405. data/spec/unit/util/network_device/ipcalc_spec.rb +0 -61
  1406. data/spec/unit/util/network_device/transport/ssh_spec.rb +0 -252
  1407. data/spec/unit/util/network_device/transport/telnet_spec.rb +0 -90
@@ -1,1165 +0,0 @@
1
- # encoding: ASCII-8BIT
2
- require 'spec_helper'
3
-
4
- require 'puppet/ssl/certificate_authority'
5
-
6
- describe Puppet::SSL::CertificateAuthority do
7
- after do
8
- Puppet::SSL::CertificateAuthority.instance_variable_set(:@singleton_instance, nil)
9
- end
10
-
11
- def stub_ca_host
12
- @key = double('key')
13
- allow(@key).to receive(:content).and_return("cakey")
14
- @cacert = double('certificate')
15
- allow(@cacert).to receive(:content).and_return("cacertificate")
16
-
17
- @host = double('ssl_host', :key => @key, :certificate => @cacert, :name => Puppet::SSL::Host.ca_name)
18
- end
19
-
20
- it "should have a class method for returning a singleton instance" do
21
- expect(Puppet::SSL::CertificateAuthority).to respond_to(:instance)
22
- end
23
-
24
- describe "when finding an existing instance" do
25
- describe "and the host is a CA host and the run_mode is master" do
26
- before do
27
- Puppet[:ca] = true
28
- allow(Puppet.run_mode).to receive(:master?).and_return(true)
29
-
30
- @ca = double('ca')
31
- allow(Puppet::SSL::CertificateAuthority).to receive(:new).and_return(@ca)
32
- end
33
-
34
- it "should return an instance" do
35
- expect(Puppet::SSL::CertificateAuthority.instance).to equal(@ca)
36
- end
37
-
38
- it "should always return the same instance" do
39
- expect(Puppet::SSL::CertificateAuthority.instance).to equal(Puppet::SSL::CertificateAuthority.instance)
40
- end
41
- end
42
-
43
- describe "and the host is not a CA host" do
44
- it "should return nil" do
45
- Puppet[:ca] = false
46
- allow(Puppet.run_mode).to receive(:master?).and_return(true)
47
-
48
- expect(Puppet::SSL::CertificateAuthority).not_to receive(:new)
49
- expect(Puppet::SSL::CertificateAuthority.instance).to be_nil
50
- end
51
- end
52
-
53
- describe "and the run_mode is not master" do
54
- it "should return nil" do
55
- Puppet[:ca] = true
56
- allow(Puppet.run_mode).to receive(:master?).and_return(false)
57
-
58
- expect(Puppet::SSL::CertificateAuthority).not_to receive(:new)
59
- expect(Puppet::SSL::CertificateAuthority.instance).to be_nil
60
- end
61
- end
62
- end
63
-
64
- describe "when initializing" do
65
- before do
66
- allow(Puppet.settings).to receive(:use)
67
-
68
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
69
- end
70
-
71
- it "should always set its name to the value of :certname" do
72
- Puppet[:certname] = "ca_testing"
73
-
74
- expect(Puppet::SSL::CertificateAuthority.new.name).to eq("ca_testing")
75
- end
76
-
77
- it "should create an SSL::Host instance whose name is the 'ca_name'" do
78
- expect(Puppet::SSL::Host).to receive(:ca_name).and_return("caname")
79
-
80
- host = double('host')
81
- expect(Puppet::SSL::Host).to receive(:new).with("caname").and_return(host)
82
-
83
- Puppet::SSL::CertificateAuthority.new
84
- end
85
-
86
- it "should use the :main, :ca, and :ssl settings sections" do
87
- expect(Puppet.settings).to receive(:use).with(:main, :ssl, :ca)
88
- Puppet::SSL::CertificateAuthority.new
89
- end
90
-
91
- it "should make sure the CA is set up" do
92
- expect_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
93
-
94
- Puppet::SSL::CertificateAuthority.new
95
- end
96
- end
97
-
98
- describe "when setting itself up" do
99
- it "should generate the CA certificate if it does not have one" do
100
- allow(Puppet.settings).to receive(:use)
101
-
102
- host = double('host')
103
- allow(Puppet::SSL::Host).to receive(:new).and_return(host)
104
-
105
- expect(host).to receive(:certificate).and_return(nil)
106
-
107
- expect_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:generate_ca_certificate)
108
- Puppet::SSL::CertificateAuthority.new
109
- end
110
- end
111
-
112
- describe "when retrieving the certificate revocation list" do
113
- before do
114
- allow(Puppet.settings).to receive(:use)
115
- Puppet[:cacrl] = "/my/crl"
116
-
117
- cert = double("certificate", :content => "real_cert")
118
- key = double("key", :content => "real_key")
119
- @host = double('host', :certificate => cert, :name => "hostname", :key => key)
120
-
121
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
122
- @ca = Puppet::SSL::CertificateAuthority.new
123
-
124
- allow(@ca).to receive(:host).and_return(@host)
125
- end
126
-
127
- it "should return any found CRL instance" do
128
- crl = double('crl')
129
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(crl)
130
- expect(@ca.crl).to equal(crl)
131
- end
132
-
133
- it "should create, generate, and save a new CRL instance of no CRL can be found" do
134
- crl = Puppet::SSL::CertificateRevocationList.new("fakename")
135
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:find).and_return(nil)
136
-
137
- expect(Puppet::SSL::CertificateRevocationList).to receive(:new).and_return(crl)
138
-
139
- expect(crl).to receive(:generate).with(@ca.host.certificate.content, @ca.host.key.content)
140
- expect(Puppet::SSL::CertificateRevocationList.indirection).to receive(:save).with(crl)
141
-
142
- expect(@ca.crl).to equal(crl)
143
- end
144
- end
145
-
146
- describe "when generating a self-signed CA certificate" do
147
- before do
148
- allow(Puppet.settings).to receive(:use)
149
-
150
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:setup)
151
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:crl)
152
- @ca = Puppet::SSL::CertificateAuthority.new
153
-
154
- @host = double('host', :key => double("key"), :name => "hostname", :certificate => double('certificate'))
155
-
156
- allow_any_instance_of(Puppet::SSL::CertificateRequest).to receive(:generate)
157
-
158
- allow(@ca).to receive(:host).and_return(@host)
159
- end
160
-
161
- it "should create and store a password at :capass" do
162
- Puppet[:capass] = File.expand_path("/path/to/pass")
163
-
164
- expect(Puppet::FileSystem).to receive(:exist?).with(Puppet[:capass]).and_return(false)
165
-
166
- fh = StringIO.new
167
- expect(Puppet.settings.setting(:capass)).to receive(:open).with('w:ASCII').and_yield(fh)
168
-
169
- allow(@ca).to receive(:sign)
170
-
171
- @ca.generate_ca_certificate
172
-
173
- expect(fh.string.length).to be > 18
174
- end
175
-
176
- it "should generate a key if one does not exist" do
177
- allow(@ca).to receive(:generate_password)
178
- allow(@ca).to receive(:sign)
179
-
180
- expect(@ca.host).to receive(:key).and_return(nil)
181
- expect(@ca.host).to receive(:generate_key)
182
-
183
- @ca.generate_ca_certificate
184
- end
185
-
186
- it "should create and sign a self-signed cert using the CA name" do
187
- request = double('request')
188
- expect(Puppet::SSL::CertificateRequest).to receive(:new).with(@ca.host.name).and_return(request)
189
- expect(request).to receive(:generate).with(@ca.host.key)
190
- allow(request).to receive(:request_extensions).and_return([])
191
-
192
- expect(@ca).to receive(:sign).with(
193
- @host.name,
194
- {
195
- allow_dns_alt_names: false,
196
- self_signing_csr: request
197
- }
198
- )
199
-
200
- allow(@ca).to receive(:generate_password)
201
-
202
- @ca.generate_ca_certificate
203
- end
204
-
205
- it "should generate its CRL" do
206
- allow(@ca).to receive(:generate_password)
207
- allow(@ca).to receive(:sign)
208
-
209
- expect(@ca.host).to receive(:key).and_return(nil)
210
- expect(@ca.host).to receive(:generate_key)
211
-
212
- expect(@ca).to receive(:crl)
213
-
214
- @ca.generate_ca_certificate
215
- end
216
- end
217
-
218
- describe "when signing" do
219
- before do
220
- allow(Puppet.settings).to receive(:use)
221
-
222
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:password?).and_return(true)
223
-
224
- stub_ca_host
225
-
226
- expect(Puppet::SSL::Host).to receive(:new).with(Puppet::SSL::Host.ca_name).and_return(@host)
227
-
228
- @ca = Puppet::SSL::CertificateAuthority.new
229
-
230
- @name = "myhost"
231
- @real_cert = double('realcert', :sign => nil)
232
- @cert = Puppet::SSL::Certificate.new(@name)
233
- @cert.content = @real_cert
234
-
235
- allow(Puppet::SSL::Certificate).to receive(:new).and_return(@cert)
236
-
237
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
238
-
239
- # Stub out the factory
240
- allow(Puppet::SSL::CertificateFactory).to receive(:build).and_return(@cert.content)
241
-
242
- @request_content = double("request content stub", :subject => OpenSSL::X509::Name.new([['CN', @name]]), :public_key => double('public_key'))
243
- @request = double('request', :name => @name, :request_extensions => [], :subject_alt_names => [], :content => @request_content)
244
- allow(@request_content).to receive(:verify).and_return(true)
245
-
246
- # And the inventory
247
- @inventory = double('inventory', :add => nil)
248
- allow(@ca).to receive(:inventory).and_return(@inventory)
249
-
250
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy)
251
- end
252
-
253
- describe "its own certificate" do
254
- before do
255
- @serial = 10
256
- allow(@ca).to receive(:next_serial).and_return(@serial)
257
- end
258
-
259
- it "should not look up a certificate request for the host" do
260
- expect(Puppet::SSL::CertificateRequest.indirection).not_to receive(:find)
261
-
262
- @ca.sign(@name, {allow_dns_alt_names: true,
263
- self_signing_csr: @request})
264
- end
265
-
266
- it "should use a certificate type of :ca" do
267
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(:ca, any_args).and_return(@cert.content)
268
- @ca.sign(@name, {allow_dns_alt_names: true,
269
- self_signing_csr: @request})
270
- end
271
-
272
- it "should pass the provided CSR as the CSR" do
273
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, @request, any_args).and_return(@cert.content)
274
- @ca.sign(@name, {allow_dns_alt_names: true,
275
- self_signing_csr: @request})
276
- end
277
-
278
- it "should use the provided CSR's content as the issuer" do
279
- expect(Puppet::SSL::CertificateFactory).to receive(:build) do |*args|
280
- expect(args[2].subject.to_s).to eq("/CN=myhost")
281
- end.and_return(@cert.content)
282
- @ca.sign(@name, {allow_dns_alt_names: true,
283
- self_signing_csr: @request})
284
- end
285
-
286
- it "should pass the next serial as the serial number" do
287
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, anything, @serial).and_return(@cert.content)
288
- @ca.sign(@name, {allow_dns_alt_names: true,
289
- self_signing_csr: @request})
290
- end
291
-
292
- it "should sign the certificate request even if it contains alt names" do
293
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
294
-
295
- expect do
296
- @ca.sign(@name, {allow_dns_alt_names: false,
297
- self_signing_csr: @request})
298
- end.not_to raise_error
299
- end
300
-
301
- it "should save the resulting certificate" do
302
- expect(Puppet::SSL::Certificate.indirection).to receive(:save).with(@cert)
303
-
304
- @ca.sign(@name, {allow_dns_alt_names: true,
305
- self_signing_csr: @request})
306
- end
307
- end
308
-
309
- describe "another host's certificate" do
310
- before do
311
- @serial = 10
312
- allow(@ca).to receive(:next_serial).and_return(@serial)
313
-
314
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
315
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:save)
316
- end
317
-
318
- it "should use a certificate type of :server" do
319
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(:server, any_args).and_return(@cert.content)
320
-
321
- @ca.sign(@name)
322
- end
323
-
324
- it "should use look up a CSR for the host in the :ca_file terminus" do
325
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
326
-
327
- @ca.sign(@name)
328
- end
329
-
330
- it "should fail if no CSR can be found for the host" do
331
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(nil)
332
-
333
- expect { @ca.sign(@name) }.to raise_error(ArgumentError)
334
- end
335
-
336
- it "should fail if an unknown request extension is present" do
337
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "bananas",
338
- "value" => "delicious" }])
339
- expect {
340
- @ca.sign(@name)
341
- }.to raise_error(/CSR has request extensions that are not permitted/)
342
- end
343
-
344
- it "should reject auth extensions" do
345
- allow(@request).to receive(:request_extensions).and_return([{"oid" => "1.3.6.1.4.1.34380.1.3.1",
346
- "value" => "true"},
347
- {"oid" => "1.3.6.1.4.1.34380.1.3.13",
348
- "value" => "com"}])
349
-
350
- expect {
351
- @ca.sign(@name)
352
- }.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError,
353
- /CSR '#{@name}' contains authorization extensions (.*?, .*?).*/)
354
- end
355
-
356
- it "should not fail if the CSR contains auth extensions and they're allowed" do
357
- allow(@request).to receive(:request_extensions).and_return([{"oid" => "1.3.6.1.4.1.34380.1.3.1",
358
- "value" => "true"},
359
- {"oid" => "1.3.6.1.4.1.34380.1.3.13",
360
- "value" => "com"}])
361
- expect { @ca.sign(@name, {allow_authorization_extensions: true})}.to_not raise_error
362
- end
363
-
364
- it "should fail if the CSR contains alt names and they are not expected" do
365
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
366
-
367
- expect do
368
- @ca.sign(@name, {allow_dns_alt_names: false})
369
- end.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError, /CSR '#{@name}' contains subject alternative names \(.*?\), which are disallowed. Use `puppet cert --allow-dns-alt-names sign #{@name}` to sign this request./)
370
- end
371
-
372
- it "should not fail if the CSR does not contain alt names and they are expected" do
373
- allow(@request).to receive(:subject_alt_names).and_return([])
374
- expect { @ca.sign(@name, {allow_dns_alt_names: true}) }.to_not raise_error
375
- end
376
-
377
- it "should reject alt names by default" do
378
- allow(@request).to receive(:subject_alt_names).and_return(%w[DNS:foo DNS:bar DNS:baz])
379
-
380
- expect do
381
- @ca.sign(@name)
382
- end.to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError, /CSR '#{@name}' contains subject alternative names \(.*?\), which are disallowed. Use `puppet cert --allow-dns-alt-names sign #{@name}` to sign this request./)
383
- end
384
-
385
- it "should use the CA certificate as the issuer" do
386
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, @cacert.content, any_args).and_return(@cert.content)
387
- @ca.sign(@name)
388
- end
389
-
390
- it "should pass the next serial as the serial number" do
391
- expect(Puppet::SSL::CertificateFactory).to receive(:build).with(anything, anything, anything, @serial).and_return(@cert.content)
392
- @ca.sign(@name)
393
- end
394
-
395
- it "should sign the resulting certificate using its real key and a digest" do
396
- digest = double('digest')
397
- expect(OpenSSL::Digest::SHA256).to receive(:new).and_return(digest)
398
-
399
- key = double('key', :content => "real_key")
400
- allow(@ca.host).to receive(:key).and_return(key)
401
-
402
- expect(@cert.content).to receive(:sign).with("real_key", digest)
403
- @ca.sign(@name)
404
- end
405
-
406
- it "should save the resulting certificate" do
407
- allow(Puppet::SSL::Certificate.indirection).to receive(:save).with(@cert)
408
- @ca.sign(@name)
409
- end
410
-
411
- it "should remove the host's certificate request" do
412
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:destroy).with(@name)
413
-
414
- @ca.sign(@name)
415
- end
416
-
417
- it "should check the internal signing policies" do
418
- expect(@ca).to receive(:check_internal_signing_policies).and_return(true)
419
- @ca.sign(@name)
420
- end
421
- end
422
-
423
- context "#check_internal_signing_policies" do
424
- before do
425
- @serial = 10
426
- allow(@ca).to receive(:next_serial).and_return(@serial)
427
-
428
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
429
- allow(@cert).to receive(:save)
430
- end
431
-
432
- it "should reject CSRs whose CN doesn't match the name for which we're signing them" do
433
- # Shorten this so the test doesn't take too long
434
- Puppet[:keylength] = 1024
435
- key = Puppet::SSL::Key.new('the_certname')
436
- key.generate
437
-
438
- csr = Puppet::SSL::CertificateRequest.new('the_certname')
439
- csr.generate(key)
440
-
441
- expect do
442
- @ca.check_internal_signing_policies('not_the_certname', csr)
443
- end.to raise_error(
444
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
445
- /common name "the_certname" does not match expected certname "not_the_certname"/
446
- )
447
- end
448
-
449
- describe "when validating the CN" do
450
- before :all do
451
- Puppet[:keylength] = 1024
452
- Puppet[:passfile] = '/f00'
453
- @signing_key = Puppet::SSL::Key.new('my_signing_key')
454
- @signing_key.generate
455
- end
456
-
457
- [
458
- 'completely_okay',
459
- 'sure, why not? :)',
460
- 'so+many(things)-are=allowed.',
461
- 'this"is#just&madness%you[see]',
462
- 'and even a (an?) \\!',
463
- 'waltz, nymph, for quick jigs vex bud.',
464
- '{552c04ca-bb1b-11e1-874b-60334b04494e}'
465
- ].each do |name|
466
- it "should accept #{name.inspect}" do
467
- csr = Puppet::SSL::CertificateRequest.new(name)
468
- csr.generate(@signing_key)
469
-
470
- @ca.check_internal_signing_policies(name, csr)
471
- end
472
- end
473
-
474
- [
475
- 'super/bad',
476
- "not\neven\tkind\rof",
477
- "ding\adong\a",
478
- "hidden\b\b\b\b\b\bmessage",
479
- "\xE2\x98\x83 :("
480
- ].each do |name|
481
- it "should reject #{name.inspect}" do
482
- # We aren't even allowed to make objects with these names, so let's
483
- # stub that to simulate an invalid one coming from outside Puppet
484
- allow(Puppet::SSL::CertificateRequest).to receive(:validate_certname)
485
- csr = Puppet::SSL::CertificateRequest.new(name)
486
- csr.generate(@signing_key)
487
-
488
- expect do
489
- @ca.check_internal_signing_policies(name, csr)
490
- end.to raise_error(
491
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
492
- /subject contains unprintable or non-ASCII characters/
493
- )
494
- end
495
- end
496
- end
497
-
498
- it "accepts numeric OIDs under the ppRegCertExt subtree" do
499
- exts = [{ 'oid' => '1.3.6.1.4.1.34380.1.1.1',
500
- 'value' => '657e4780-4cf5-11e3-8f96-0800200c9a66'}]
501
-
502
- allow(@request).to receive(:request_extensions).and_return(exts)
503
-
504
- expect {
505
- @ca.check_internal_signing_policies(@name, @request)
506
- }.to_not raise_error
507
- end
508
-
509
- it "accepts short name OIDs under the ppRegCertExt subtree" do
510
- exts = [{ 'oid' => 'pp_uuid',
511
- 'value' => '657e4780-4cf5-11e3-8f96-0800200c9a66'}]
512
-
513
- allow(@request).to receive(:request_extensions).and_return(exts)
514
-
515
- expect {
516
- @ca.check_internal_signing_policies(@name, @request)
517
- }.to_not raise_error
518
- end
519
-
520
- it "accepts OIDs under the ppPrivCertAttrs subtree" do
521
- exts = [{ 'oid' => '1.3.6.1.4.1.34380.1.2.1',
522
- 'value' => 'private extension'}]
523
-
524
- allow(@request).to receive(:request_extensions).and_return(exts)
525
-
526
- expect {
527
- @ca.check_internal_signing_policies(@name, @request)
528
- }.to_not raise_error
529
- end
530
-
531
-
532
- it "should reject a critical extension that isn't on the whitelist" do
533
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "banana",
534
- "value" => "yumm",
535
- "critical" => true }])
536
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
537
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
538
- /request extensions that are not permitted/
539
- )
540
- end
541
-
542
- it "should reject a non-critical extension that isn't on the whitelist" do
543
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "peach",
544
- "value" => "meh",
545
- "critical" => false }])
546
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
547
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
548
- /request extensions that are not permitted/
549
- )
550
- end
551
-
552
- it "should reject non-whitelist extensions even if a valid extension is present" do
553
- allow(@request).to receive(:request_extensions).and_return([{ "oid" => "peach",
554
- "value" => "meh",
555
- "critical" => false },
556
- { "oid" => "subjectAltName",
557
- "value" => "DNS:foo",
558
- "critical" => true }])
559
- expect { @ca.check_internal_signing_policies(@name, @request) }.to raise_error(
560
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
561
- /request extensions that are not permitted/
562
- )
563
- end
564
-
565
- it "should reject a subjectAltName for a non-DNS value" do
566
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo', 'email:bar@example.com'])
567
- expect {
568
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: true})
569
- }.to raise_error(
570
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
571
- /subjectAltName outside the DNS label space/
572
- )
573
- end
574
-
575
- it "should allow a subjectAltName if subject matches CA's certname" do
576
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo'])
577
- Puppet[:certname] = @name
578
-
579
- expect {
580
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: false})
581
- }.to_not raise_error
582
- end
583
-
584
- it "should reject a wildcard subject" do
585
- allow(@request.content).to receive(:subject).
586
- and_return(OpenSSL::X509::Name.new([["CN", "*.local"]]))
587
-
588
- expect { @ca.check_internal_signing_policies('*.local', @request) }.to raise_error(
589
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
590
- /subject contains a wildcard/
591
- )
592
- end
593
-
594
- it "should reject a wildcard subjectAltName" do
595
- allow(@request).to receive(:subject_alt_names).and_return(['DNS:foo', 'DNS:*.bar'])
596
- expect {
597
- @ca.check_internal_signing_policies(@name, @request, {allow_dns_alt_names: true})
598
- }.to raise_error(
599
- Puppet::SSL::CertificateAuthority::CertificateSigningError,
600
- /subjectAltName contains a wildcard/
601
- )
602
- end
603
- end
604
-
605
- it "should create a certificate instance with the content set to the newly signed x509 certificate" do
606
- @serial = 10
607
- allow(@ca).to receive(:next_serial).and_return(@serial)
608
-
609
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
610
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
611
- expect(Puppet::SSL::Certificate).to receive(:new).with(@name).and_return(@cert)
612
-
613
- @ca.sign(@name)
614
- end
615
-
616
- it "should return the certificate instance" do
617
- allow(@ca).to receive(:next_serial).and_return(@serial)
618
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
619
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
620
- expect(@ca.sign(@name)).to equal(@cert)
621
- end
622
-
623
- it "should add the certificate to its inventory" do
624
- allow(@ca).to receive(:next_serial).and_return(@serial)
625
- expect(@inventory).to receive(:add).with(@cert)
626
-
627
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with(@name).and_return(@request)
628
- allow(Puppet::SSL::Certificate.indirection).to receive(:save)
629
- @ca.sign(@name)
630
- end
631
-
632
- it "should have a method for triggering autosigning of available CSRs" do
633
- expect(@ca).to respond_to(:autosign)
634
- end
635
-
636
- describe "when autosigning certificates" do
637
- let(:csr) { Puppet::SSL::CertificateRequest.new("host") }
638
-
639
- describe "using the autosign setting" do
640
- let(:autosign) { File.expand_path("/auto/sign") }
641
-
642
- it "should do nothing if autosign is disabled" do
643
- Puppet[:autosign] = false
644
-
645
- expect(@ca).not_to receive(:sign)
646
- @ca.autosign(csr)
647
- end
648
-
649
- it "should do nothing if no autosign.conf exists" do
650
- Puppet[:autosign] = autosign
651
- non_existent_file = Puppet::FileSystem::MemoryFile.a_missing_file(autosign)
652
- Puppet::FileSystem.overlay(non_existent_file) do
653
- expect(@ca).not_to receive(:sign)
654
- @ca.autosign(csr)
655
- end
656
- end
657
-
658
- describe "and autosign is enabled and the autosign.conf file exists" do
659
- let(:store) { double('store', :allow => nil, :allowed? => false) }
660
-
661
- before do
662
- Puppet[:autosign] = autosign
663
- end
664
-
665
- describe "when creating the AuthStore instance to verify autosigning" do
666
- it "should create an AuthStore with each line in the configuration file allowed to be autosigned" do
667
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\ntwo\n")) do
668
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
669
-
670
- expect(store).to receive(:allow).with("one")
671
- expect(store).to receive(:allow).with("two")
672
-
673
- @ca.autosign(csr)
674
- end
675
- end
676
-
677
- it "should reparse the autosign configuration on each call" do
678
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one")) do
679
- allow(Puppet::Network::AuthStore).to receive(:new).twice.and_return(store)
680
-
681
- @ca.autosign(csr)
682
- @ca.autosign(csr)
683
- end
684
- end
685
-
686
- it "should ignore comments" do
687
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\n#two\n")) do
688
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
689
-
690
- expect(store).to receive(:allow).with("one")
691
-
692
- @ca.autosign(csr)
693
- end
694
- end
695
-
696
- it "should ignore blank lines" do
697
- Puppet::FileSystem.overlay(Puppet::FileSystem::MemoryFile.a_regular_file_containing(autosign, "one\n\n")) do
698
- allow(Puppet::Network::AuthStore).to receive(:new).and_return(store)
699
-
700
- expect(store).to receive(:allow).with("one")
701
- @ca.autosign(csr)
702
- end
703
- end
704
- end
705
- end
706
- end
707
-
708
- describe "using the autosign command setting" do
709
- let(:cmd) { File.expand_path('/autosign_cmd') }
710
- let(:autosign_cmd) { double('autosign_command') }
711
- let(:autosign_executable) { Puppet::FileSystem::MemoryFile.an_executable(cmd) }
712
-
713
- before do
714
- Puppet[:autosign] = cmd
715
-
716
- allow(Puppet::SSL::CertificateAuthority::AutosignCommand).to receive(:new).and_return(autosign_cmd)
717
- end
718
-
719
- it "autosigns the CSR if the autosign command returned true" do
720
- Puppet::FileSystem.overlay(autosign_executable) do
721
- expect(autosign_cmd).to receive(:allowed?).with(csr).and_return(true)
722
-
723
- expect(@ca).to receive(:sign).with('host')
724
- @ca.autosign(csr)
725
- end
726
- end
727
-
728
- it "doesn't autosign the CSR if the autosign_command returned false" do
729
- Puppet::FileSystem.overlay(autosign_executable) do
730
- expect(autosign_cmd).to receive(:allowed?).with(csr).and_return(false)
731
-
732
- expect(@ca).not_to receive(:sign)
733
- @ca.autosign(csr)
734
- end
735
- end
736
- end
737
- end
738
- end
739
-
740
- describe "when managing certificate clients" do
741
- before do
742
- allow(Puppet.settings).to receive(:use)
743
-
744
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:password?).and_return(true)
745
-
746
- stub_ca_host
747
-
748
- expect(Puppet::SSL::Host).to receive(:new).and_return(@host)
749
- allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:host).and_return(@host)
750
-
751
- @cacert = double('certificate')
752
- allow(@cacert).to receive(:content).and_return("cacertificate")
753
- @ca = Puppet::SSL::CertificateAuthority.new
754
- end
755
-
756
- it "should be able to list waiting certificate requests" do
757
- req1 = double('req1', :name => "one")
758
- req2 = double('req2', :name => "two")
759
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:search).with("*").and_return([req1, req2])
760
-
761
- expect(@ca.waiting?).to eq(%w{one two})
762
- end
763
-
764
- it "should delegate removing hosts to the Host class" do
765
- expect(Puppet::SSL::Host).to receive(:destroy).with("myhost")
766
-
767
- @ca.destroy("myhost")
768
- end
769
-
770
- it "should be able to verify certificates" do
771
- expect(@ca).to respond_to(:verify)
772
- end
773
-
774
- it "should list certificates as the sorted list of all existing signed certificates" do
775
- cert1 = double('cert1', :name => "cert1")
776
- cert2 = double('cert2', :name => "cert2")
777
- expect(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([cert1, cert2])
778
- expect(@ca.list).to eq(%w{cert1 cert2})
779
- end
780
-
781
- it "should list the full certificates" do
782
- cert1 = double('cert1', :name => "cert1")
783
- cert2 = double('cert2', :name => "cert2")
784
- expect(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([cert1, cert2])
785
- expect(@ca.list_certificates).to eq([cert1, cert2])
786
- end
787
-
788
- it "should print a deprecation when using #list_certificates" do
789
- allow(Puppet::SSL::Certificate.indirection).to receive(:search).with("*").and_return([:foo, :bar])
790
- expect(Puppet).to receive(:deprecation_warning).with(/list_certificates is deprecated/)
791
- @ca.list_certificates
792
- end
793
-
794
- describe "and printing certificates" do
795
- it "should return nil if the certificate cannot be found" do
796
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
797
- expect(@ca.print("myhost")).to be_nil
798
- end
799
-
800
- it "should print certificates by calling :to_text on the host's certificate" do
801
- cert1 = double('cert1', :name => "cert1", :to_text => "mytext")
802
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(cert1)
803
- expect(@ca.print("myhost")).to eq("mytext")
804
- end
805
- end
806
-
807
- describe "and fingerprinting certificates" do
808
- before :each do
809
- @cert = double('cert', :name => "cert", :fingerprint => "DIGEST")
810
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(@cert)
811
- allow(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost")
812
- end
813
-
814
- it "should raise an error if the certificate or CSR cannot be found" do
815
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
816
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost").and_return(nil)
817
- expect { @ca.fingerprint("myhost") }.to raise_error(ArgumentError, /Could not find a certificate/)
818
- end
819
-
820
- it "should try to find a CSR if no certificate can be found" do
821
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("myhost").and_return(nil)
822
- expect(Puppet::SSL::CertificateRequest.indirection).to receive(:find).with("myhost").and_return(@cert)
823
- expect(@cert).to receive(:fingerprint)
824
- @ca.fingerprint("myhost")
825
- end
826
-
827
- it "should delegate to the certificate fingerprinting" do
828
- expect(@cert).to receive(:fingerprint)
829
- @ca.fingerprint("myhost")
830
- end
831
-
832
- it "should propagate the digest algorithm to the certificate fingerprinting system" do
833
- expect(@cert).to receive(:fingerprint).with(:digest)
834
- @ca.fingerprint("myhost", :digest)
835
- end
836
- end
837
-
838
- describe "and verifying certificates" do
839
- let(:cacert) { File.expand_path("/ca/cert") }
840
-
841
- before do
842
- @store = double('store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true, :flags= => nil)
843
-
844
- allow(OpenSSL::X509::Store).to receive(:new).and_return(@store)
845
-
846
- @cert = double('cert', :content => "mycert")
847
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).and_return(@cert)
848
-
849
- @crl = double('crl', :content => "mycrl")
850
-
851
- allow(@ca).to receive(:crl).and_return(@crl)
852
- end
853
-
854
- it "should fail if the host's certificate cannot be found" do
855
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("me").and_return(nil)
856
-
857
- expect { @ca.verify("me") }.to raise_error(ArgumentError)
858
- end
859
-
860
- it "should create an SSL Store to verify" do
861
- expect(OpenSSL::X509::Store).to receive(:new).and_return(@store)
862
-
863
- @ca.verify("me")
864
- end
865
-
866
- it "should add the CA Certificate to the store" do
867
- Puppet[:cacert] = cacert
868
- expect(@store).to receive(:add_file).with(cacert)
869
-
870
- @ca.verify("me")
871
- end
872
-
873
- it "should add the CRL to the store if the crl is enabled" do
874
- expect(@store).to receive(:add_crl).with("mycrl")
875
-
876
- @ca.verify("me")
877
- end
878
-
879
- it "should set the store purpose to OpenSSL::X509::PURPOSE_ANY" do
880
- expect(@store).to receive(:purpose=).with OpenSSL::X509::PURPOSE_ANY
881
-
882
- @ca.verify("me")
883
- end
884
-
885
- it "should set the store flags to check the crl" do
886
- expect(@store).to receive(:flags=).with(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL | OpenSSL::X509::V_FLAG_CRL_CHECK)
887
-
888
- @ca.verify("me")
889
- end
890
-
891
- it "should use the store to verify the certificate" do
892
- expect(@cert).to receive(:content).and_return("mycert")
893
-
894
- expect(@store).to receive(:verify).with("mycert").and_return(true)
895
-
896
- @ca.verify("me")
897
- end
898
-
899
- it "should fail if the verification returns false" do
900
- expect(@cert).to receive(:content).and_return("mycert")
901
-
902
- expect(@store).to receive(:verify).with("mycert").and_return(false)
903
- expect(@store).to receive(:error)
904
- expect(@store).to receive(:error_string)
905
-
906
- expect { @ca.verify("me") }.to raise_error(Puppet::SSL::CertificateAuthority::CertificateVerificationError)
907
- end
908
-
909
- describe "certificate_is_alive?" do
910
- it "should return false if verification fails" do
911
- expect(@cert).to receive(:content).and_return("mycert")
912
-
913
- expect(@store).to receive(:verify).with("mycert").and_return(false)
914
-
915
- expect(@ca.certificate_is_alive?(@cert)).to be_falsey
916
- end
917
-
918
- it "should return true if verification passes" do
919
- expect(@cert).to receive(:content).and_return("mycert")
920
-
921
- expect(@store).to receive(:verify).with("mycert").and_return(true)
922
-
923
- expect(@ca.certificate_is_alive?(@cert)).to be_truthy
924
- end
925
-
926
- it "should use a cached instance of the x509 store" do
927
- allow(OpenSSL::X509::Store).to receive(:new).and_return(@store).once
928
-
929
- expect(@cert).to receive(:content).and_return("mycert")
930
-
931
- expect(@store).to receive(:verify).with("mycert").and_return(true)
932
-
933
- @ca.certificate_is_alive?(@cert)
934
- @ca.certificate_is_alive?(@cert)
935
- end
936
-
937
- it "should be deprecated" do
938
- expect(Puppet).to receive(:deprecation_warning).with(/certificate_is_alive\? is deprecated/)
939
- @ca.certificate_is_alive?(@cert)
940
- end
941
- end
942
- end
943
-
944
- describe "and revoking certificates" do
945
- before do
946
- @crl = double('crl')
947
- allow(@ca).to receive(:crl).and_return(@crl)
948
-
949
- allow(@ca).to receive(:next_serial).and_return(10)
950
-
951
- @real_cert = double('real_cert', :serial => 15)
952
- @cert = double('cert', :content => @real_cert)
953
- allow(Puppet::SSL::Certificate.indirection).to receive(:find).and_return(@cert)
954
- end
955
-
956
- it "should fail if the certificate revocation list is disabled" do
957
- allow(@ca).to receive(:crl).and_return(false)
958
-
959
- expect { @ca.revoke('ca_testing') }.to raise_error(ArgumentError)
960
-
961
- end
962
-
963
- it "should delegate the revocation to its CRL" do
964
- expect(@ca.crl).to receive(:revoke)
965
-
966
- @ca.revoke('host')
967
- end
968
-
969
- it "should get the serial number from the local certificate if it exists" do
970
- expect(@ca.crl).to receive(:revoke).with(15, anything)
971
-
972
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(@cert)
973
-
974
- @ca.revoke('host')
975
- end
976
-
977
- it "should get the serial number from inventory if no local certificate exists" do
978
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
979
-
980
- expect(@ca.inventory).to receive(:serials).with("host").and_return([16])
981
-
982
- expect(@ca.crl).to receive(:revoke).with(16, anything)
983
- @ca.revoke('host')
984
- end
985
-
986
- it "should revoke all serials matching a name" do
987
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
988
-
989
- expect(@ca.inventory).to receive(:serials).with("host").and_return([16, 20, 25])
990
-
991
- expect(@ca.crl).to receive(:revoke).with(16, anything)
992
- expect(@ca.crl).to receive(:revoke).with(20, anything)
993
- expect(@ca.crl).to receive(:revoke).with(25, anything)
994
- @ca.revoke('host')
995
- end
996
-
997
- it "should raise an error if no certificate match" do
998
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("host").and_return(nil)
999
-
1000
- expect(@ca.inventory).to receive(:serials).with("host").and_return([])
1001
-
1002
- expect(@ca.crl).not_to receive(:revoke)
1003
- expect { @ca.revoke('host') }.to raise_error(ArgumentError, /Could not find a serial number for host/)
1004
- end
1005
-
1006
- context "revocation by serial number (#16798)" do
1007
- it "revokes when given a lower case hexadecimal formatted string" do
1008
- expect(@ca.crl).to receive(:revoke).with(15, anything)
1009
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("0xf").and_return(nil)
1010
-
1011
- @ca.revoke('0xf')
1012
- end
1013
-
1014
- it "revokes when given an upper case hexadecimal formatted string" do
1015
- expect(@ca.crl).to receive(:revoke).with(15, anything)
1016
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with("0xF").and_return(nil)
1017
-
1018
- @ca.revoke('0xF')
1019
- end
1020
-
1021
- it "handles very large serial numbers" do
1022
- bighex = '0x4000000000000000000000000000000000000000'
1023
- bighex_int = 365375409332725729550921208179070754913983135744
1024
-
1025
- expect(@ca.crl).to receive(:revoke).with(bighex_int, anything)
1026
- expect(Puppet::SSL::Certificate.indirection).to receive(:find).with(bighex).and_return(nil)
1027
-
1028
- @ca.revoke(bighex)
1029
- end
1030
- end
1031
- end
1032
-
1033
- it "should be able to generate a complete new SSL host" do
1034
- expect(@ca).to respond_to(:generate)
1035
- end
1036
- end
1037
- end
1038
-
1039
- require 'puppet/indirector/memory'
1040
-
1041
- module CertificateAuthorityGenerateSpecs
1042
- describe "CertificateAuthority.generate" do
1043
- def expect_to_increment_serial_file
1044
- expect(Puppet.settings.setting(:serial)).to receive(:exclusive_open)
1045
- end
1046
-
1047
- def expect_to_sign_a_cert
1048
- expect_to_increment_serial_file
1049
- end
1050
-
1051
- def expect_to_write_the_ca_password
1052
- expect(Puppet.settings.setting(:capass)).to receive(:open).with('w:ASCII')
1053
- end
1054
-
1055
- def expect_ca_initialization
1056
- expect_to_write_the_ca_password
1057
- expect_to_sign_a_cert
1058
- end
1059
-
1060
- INDIRECTED_CLASSES = [
1061
- Puppet::SSL::Certificate,
1062
- Puppet::SSL::CertificateRequest,
1063
- Puppet::SSL::CertificateRevocationList,
1064
- Puppet::SSL::Key,
1065
- ]
1066
-
1067
- INDIRECTED_CLASSES.each do |const|
1068
- class const::Memory < Puppet::Indirector::Memory
1069
-
1070
- # @return Array of all the indirector's values
1071
- #
1072
- # This mirrors Puppet::Indirector::SslFile#search which returns all files
1073
- # in the directory.
1074
- def search(request)
1075
- return @instances.values
1076
- end
1077
- end
1078
- end
1079
-
1080
- before do
1081
- allow(Puppet::SSL::Inventory).to receive(:new).and_return(double("Inventory", :add => nil))
1082
- INDIRECTED_CLASSES.each { |const| const.indirection.terminus_class = :memory }
1083
- end
1084
-
1085
- after do
1086
- INDIRECTED_CLASSES.each do |const|
1087
- const.indirection.terminus_class = :file
1088
- const.indirection.termini.clear
1089
- end
1090
- end
1091
-
1092
- describe "when generating certificates" do
1093
- let(:ca) { Puppet::SSL::CertificateAuthority.new }
1094
-
1095
- before do
1096
- expect_ca_initialization
1097
- end
1098
-
1099
- it "should fail if a certificate already exists for the host" do
1100
- cert = Puppet::SSL::Certificate.new('pre.existing')
1101
- Puppet::SSL::Certificate.indirection.save(cert)
1102
- expect { ca.generate(cert.name) }.to raise_error(ArgumentError, /a certificate already exists/i)
1103
- end
1104
-
1105
- describe "that do not yet exist" do
1106
- let(:cn) { "new.host" }
1107
-
1108
- def expect_cert_does_not_exist(cn)
1109
- expect( Puppet::SSL::Certificate.indirection.find(cn) ).to be_nil
1110
- end
1111
-
1112
- before do
1113
- expect_to_sign_a_cert
1114
- expect_cert_does_not_exist(cn)
1115
- end
1116
-
1117
- it "should return the created certificate" do
1118
- cert = ca.generate(cn)
1119
- expect( cert ).to be_kind_of(Puppet::SSL::Certificate)
1120
- expect( cert.name ).to eq(cn)
1121
- end
1122
-
1123
- it "should not have any subject_alt_names by default" do
1124
- cert = ca.generate(cn)
1125
- expect( cert.subject_alt_names ).to be_empty
1126
- end
1127
-
1128
- it "should have subject_alt_names if passed dns_alt_names" do
1129
- cert = ca.generate(cn, :dns_alt_names => 'foo,bar')
1130
- expect( cert.subject_alt_names ).to match_array(["DNS:#{cn}",'DNS:foo','DNS:bar'])
1131
- end
1132
-
1133
- context "if autosign is false" do
1134
- before do
1135
- Puppet[:autosign] = false
1136
- end
1137
-
1138
- it "should still generate and explicitly sign the request" do
1139
- cert = nil
1140
- cert = ca.generate(cn)
1141
- expect(cert.name).to eq(cn)
1142
- end
1143
- end
1144
-
1145
- context "if autosign is true (Redmine #6112)" do
1146
- def run_mode_must_be_master_for_autosign_to_be_attempted
1147
- allow(Puppet).to receive(:run_mode).and_return(Puppet::Util::RunMode[:master])
1148
- end
1149
-
1150
- before do
1151
- Puppet[:autosign] = true
1152
- run_mode_must_be_master_for_autosign_to_be_attempted
1153
- Puppet::Util::Log.level = :info
1154
- end
1155
-
1156
- it "should generate a cert without attempting to sign again" do
1157
- cert = ca.generate(cn)
1158
- expect(cert.name).to eq(cn)
1159
- expect(@logs.map(&:message)).to include("Autosigning #{cn}")
1160
- end
1161
- end
1162
- end
1163
- end
1164
- end
1165
- end