puppet 5.5.3-universal-darwin → 5.5.6-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (71) hide show
  1. checksums.yaml +5 -5
  2. data/CONTRIBUTING.md +1 -4
  3. data/Gemfile +5 -1
  4. data/Gemfile.lock +167 -0
  5. data/Rakefile +4 -34
  6. data/ext/build_defaults.yaml +0 -2
  7. data/lib/puppet/application/cert.rb +3 -1
  8. data/lib/puppet/defaults.rb +55 -26
  9. data/lib/puppet/face/certificate.rb +2 -0
  10. data/lib/puppet/indirector/ldap.rb +6 -0
  11. data/lib/puppet/node/environment.rb +4 -2
  12. data/lib/puppet/parser/functions/tagged.rb +1 -4
  13. data/lib/puppet/pops/issues.rb +4 -0
  14. data/lib/puppet/pops/validation/checker4_0.rb +100 -0
  15. data/lib/puppet/pops/validation/validator_factory_4_0.rb +4 -3
  16. data/lib/puppet/provider/augeas/augeas.rb +198 -4
  17. data/lib/puppet/provider/service/smf.rb +2 -3
  18. data/lib/puppet/provider/service/upstart.rb +10 -2
  19. data/lib/puppet/test/test_helper.rb +0 -3
  20. data/lib/puppet/type/file/source.rb +10 -1
  21. data/lib/puppet/version.rb +1 -1
  22. data/locales/puppet.pot +132 -118
  23. data/man/man5/puppet.conf.5 +23 -23
  24. data/man/man8/puppet-agent.8 +1 -1
  25. data/man/man8/puppet-apply.8 +1 -1
  26. data/man/man8/puppet-ca.8 +3 -3
  27. data/man/man8/puppet-catalog.8 +1 -1
  28. data/man/man8/puppet-cert.8 +2 -2
  29. data/man/man8/puppet-certificate.8 +3 -3
  30. data/man/man8/puppet-certificate_request.8 +1 -1
  31. data/man/man8/puppet-certificate_revocation_list.8 +1 -1
  32. data/man/man8/puppet-config.8 +1 -1
  33. data/man/man8/puppet-describe.8 +1 -1
  34. data/man/man8/puppet-device.8 +1 -1
  35. data/man/man8/puppet-doc.8 +1 -1
  36. data/man/man8/puppet-epp.8 +1 -1
  37. data/man/man8/puppet-facts.8 +1 -1
  38. data/man/man8/puppet-filebucket.8 +1 -1
  39. data/man/man8/puppet-generate.8 +1 -1
  40. data/man/man8/puppet-help.8 +1 -1
  41. data/man/man8/puppet-key.8 +1 -1
  42. data/man/man8/puppet-lookup.8 +1 -1
  43. data/man/man8/puppet-man.8 +1 -1
  44. data/man/man8/puppet-master.8 +1 -1
  45. data/man/man8/puppet-module.8 +1 -1
  46. data/man/man8/puppet-node.8 +1 -1
  47. data/man/man8/puppet-parser.8 +1 -1
  48. data/man/man8/puppet-plugin.8 +1 -1
  49. data/man/man8/puppet-report.8 +1 -1
  50. data/man/man8/puppet-resource.8 +1 -1
  51. data/man/man8/puppet-script.8 +1 -1
  52. data/man/man8/puppet-status.8 +1 -1
  53. data/man/man8/puppet.8 +3 -3
  54. data/spec/integration/type/file_spec.rb +18 -3
  55. data/spec/integration/util/settings_spec.rb +1 -0
  56. data/spec/integration/util/windows/security_spec.rb +78 -1
  57. data/spec/unit/application/master_spec.rb +2 -0
  58. data/spec/unit/configurer/downloader_spec.rb +5 -0
  59. data/spec/unit/defaults_spec.rb +13 -0
  60. data/spec/unit/face/help_spec.rb +2 -1
  61. data/spec/unit/indirector/ldap_spec.rb +22 -1
  62. data/spec/unit/node/environment_spec.rb +14 -0
  63. data/spec/unit/parser/functions/tagged_spec.rb +16 -0
  64. data/spec/unit/pops/validator/validator_spec.rb +139 -4
  65. data/spec/unit/provider/augeas/augeas_spec.rb +66 -1
  66. data/spec/unit/provider/service/smf_spec.rb +2 -6
  67. data/spec/unit/provider/service/upstart_spec.rb +37 -0
  68. data/spec/unit/settings/autosign_setting_spec.rb +2 -2
  69. data/spec/unit/settings/file_setting_spec.rb +6 -0
  70. data/spec/unit/ssl/certificate_authority_spec.rb +1 -0
  71. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 0d601cb88fc86753ef545bccb3eae789570381d0
4
- data.tar.gz: f98f707edd4400a25e3d842229854ec866e292a5
2
+ SHA256:
3
+ metadata.gz: 35dab550cf5bc25b9c3df32cf6f404deb5cbf4f999351784af4cb034b8b98302
4
+ data.tar.gz: 75c6cfa1941b96787d07696d04f75dc2404634abbcb0d9adfd4c382b46d224c7
5
5
  SHA512:
6
- metadata.gz: 50bd6575f5483528f32195aa61a4dbf7ce762da281e33ab56df537e86c288b46c2bc8150e1b090d61653c142bd2ff701c5c7c02bab28628692b5e01c187a7c06
7
- data.tar.gz: 1d873442571c7bae8b2160327de136ac803d2e8be14d4774d63f2f07c252af9f9fba62adf4e0579787853975600fbdb340b6b5c8e3a4af9be8f38c6a2c68c30e
6
+ metadata.gz: 5e9d1b72fa5eee1c9651f58454ed02110ceaf59b5cc7b8ec6f224926d8f09640b46e1044f672bf74e0694514d83988de49211cde48b50034f49cb82ebde05358
7
+ data.tar.gz: aa0bd26341831fa71811e030b8a8cdf688682f52907d93058c18c74bd17b78b9abf79fe341517208230cbd31bdcc30191f0730e05300ee4e98f1fa95698b604c
data/CONTRIBUTING.md CHANGED
@@ -65,10 +65,7 @@ the [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev
65
65
  why this is a problem, and how the patch fixes the problem when applied.
66
66
  ```
67
67
  * Make sure you have added the necessary tests for your changes.
68
- * Run _all_ the tests to assure nothing else was accidentally broken. First
69
- install all the test dependencies with `bundle install --path .bundle`. Then
70
- either run all the tests serially with `bundle exec rspec spec` or in parallel
71
- with `bundle exec rake parallel:spec[process_count]`
68
+ * For details on how to run tests, please see [the quickstart guide](https://github.com/puppetlabs/puppet/blob/master/docs/quickstart.md)
72
69
 
73
70
  ## Writing Translatable Code
74
71
 
data/Gemfile CHANGED
@@ -12,6 +12,10 @@ def location_for(place, fake_version = nil)
12
12
  end
13
13
  end
14
14
 
15
+ group(:packaging) do
16
+ gem 'packaging', *location_for(ENV['PACKAGING_LOCATION'] || '~> 0.99')
17
+ end
18
+
15
19
  # C Ruby (MRI) or Rubinius, but NOT Windows
16
20
  platforms :ruby do
17
21
  gem 'pry', :group => :development
@@ -35,7 +39,7 @@ group(:development, :test) do
35
39
  # be removed here *yet* due to TravisCI / AppVeyor which call:
36
40
  # bundle install --without development
37
41
  # PUP-7433 describes work necessary to restructure this
38
- gem "rake", "10.1.1", :require => false
42
+ gem "rake", '~> 12.2.1', :require => false
39
43
  gem "rspec", "~> 3.1", :require => false
40
44
  gem "rspec-its", "~> 1.1", :require => false
41
45
  gem "rspec-collection_matchers", "~> 1.1", :require => false
data/Gemfile.lock ADDED
@@ -0,0 +1,167 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ puppet (5.5.6)
5
+ CFPropertyList (~> 2.2)
6
+ facter (>= 2.0.1, < 4)
7
+ fast_gettext (~> 1.1.2)
8
+ hiera (>= 3.2.1, < 4)
9
+ hocon (~> 1.0)
10
+ locale (~> 2.1)
11
+ multi_json (~> 1.13)
12
+ net-ssh (>= 3.0, < 5)
13
+
14
+ GEM
15
+ remote: https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/
16
+ specs:
17
+ CFPropertyList (2.3.6)
18
+ addressable (2.4.0)
19
+ artifactory (2.8.2)
20
+ ast (2.4.0)
21
+ builder (3.2.3)
22
+ coderay (1.1.2)
23
+ crack (0.4.3)
24
+ safe_yaml (~> 1.0.0)
25
+ diff-lcs (1.3)
26
+ facter (2.5.1)
27
+ fast_gettext (1.1.2)
28
+ gettext (3.2.9)
29
+ locale (>= 2.0.5)
30
+ text (>= 1.3.0)
31
+ gettext-setup (0.30)
32
+ fast_gettext (~> 1.1.0)
33
+ gettext (>= 3.0.2)
34
+ locale
35
+ hashdiff (0.3.7)
36
+ hiera (3.4.3)
37
+ hiera-eyaml (2.1.0)
38
+ highline (~> 1.6.19)
39
+ trollop (~> 2.0)
40
+ highline (1.6.21)
41
+ hocon (1.2.5)
42
+ hpricot (0.8.6)
43
+ json-schema (2.8.0)
44
+ addressable (>= 2.4)
45
+ locale (2.1.2)
46
+ memory_profiler (0.9.11)
47
+ metaclass (0.0.4)
48
+ method_source (0.9.0)
49
+ mocha (0.10.5)
50
+ metaclass (~> 0.0.1)
51
+ msgpack (1.2.4)
52
+ multi_json (1.13.1)
53
+ mustache (1.0.5)
54
+ net-ssh (4.2.0)
55
+ packaging (0.99.8)
56
+ artifactory
57
+ rake (~> 12.2.1)
58
+ parallel (1.12.1)
59
+ parser (2.5.1.2)
60
+ ast (~> 2.4.0)
61
+ powerpack (0.1.2)
62
+ pry (0.11.3)
63
+ coderay (~> 1.1.0)
64
+ method_source (~> 0.9.0)
65
+ puppet-lint (2.3.6)
66
+ puppet-syntax (2.4.1)
67
+ rake
68
+ puppetlabs_spec_helper (1.1.1)
69
+ mocha
70
+ puppet-lint
71
+ puppet-syntax
72
+ rake
73
+ rspec-puppet
74
+ racc (1.4.9)
75
+ rack (1.6.10)
76
+ rainbow (2.1.0)
77
+ rake (12.2.1)
78
+ rdiscount (2.2.0.1)
79
+ rdoc (4.3.0)
80
+ redcarpet (2.3.0)
81
+ ronn (0.7.3)
82
+ hpricot (>= 0.8.2)
83
+ mustache (>= 0.7.0)
84
+ rdiscount (>= 1.5.8)
85
+ rspec (3.8.0)
86
+ rspec-core (~> 3.8.0)
87
+ rspec-expectations (~> 3.8.0)
88
+ rspec-mocks (~> 3.8.0)
89
+ rspec-collection_matchers (1.1.3)
90
+ rspec-expectations (>= 2.99.0.beta1)
91
+ rspec-core (3.8.0)
92
+ rspec-support (~> 3.8.0)
93
+ rspec-expectations (3.8.1)
94
+ diff-lcs (>= 1.2.0, < 2.0)
95
+ rspec-support (~> 3.8.0)
96
+ rspec-its (1.2.0)
97
+ rspec-core (>= 3.0.0)
98
+ rspec-expectations (>= 3.0.0)
99
+ rspec-legacy_formatters (1.0.1)
100
+ rspec (~> 3.0)
101
+ rspec-mocks (3.8.0)
102
+ diff-lcs (>= 1.2.0, < 2.0)
103
+ rspec-support (~> 3.8.0)
104
+ rspec-puppet (2.6.15)
105
+ rspec
106
+ rspec-support (3.8.0)
107
+ rubocop (0.49.1)
108
+ parallel (~> 1.10)
109
+ parser (>= 2.3.3.1, < 3.0)
110
+ powerpack (~> 0.1)
111
+ rainbow (>= 1.99.1, < 3.0)
112
+ ruby-progressbar (~> 1.7)
113
+ unicode-display_width (~> 1.0, >= 1.0.1)
114
+ rubocop-i18n (1.2.0)
115
+ rubocop (~> 0.49.0)
116
+ ruby-prof (0.17.0)
117
+ ruby-progressbar (1.10.0)
118
+ safe_yaml (1.0.4)
119
+ text (1.3.1)
120
+ trollop (2.1.3)
121
+ unicode-display_width (1.4.0)
122
+ vcr (2.9.3)
123
+ webmock (1.24.6)
124
+ addressable (>= 2.3.6)
125
+ crack (>= 0.3.2)
126
+ hashdiff
127
+ yard (0.9.16)
128
+ yarjuf (2.0.0)
129
+ builder
130
+ rspec (~> 3)
131
+
132
+ PLATFORMS
133
+ ruby
134
+
135
+ DEPENDENCIES
136
+ addressable (< 2.5.0)
137
+ gettext-setup (~> 0.28)
138
+ hiera-eyaml
139
+ json-schema (~> 2.0)
140
+ memory_profiler
141
+ mocha (~> 0.10.5)
142
+ msgpack
143
+ packaging (~> 0.99)
144
+ pry
145
+ puppet!
146
+ puppetlabs_spec_helper
147
+ racc (= 1.4.9)
148
+ rack (~> 1.4)
149
+ rainbow (< 2.2.1)
150
+ rake (~> 12.2.1)
151
+ rdoc (~> 4.1)
152
+ redcarpet (~> 2.0)
153
+ ronn (~> 0.7.3)
154
+ rspec (~> 3.1)
155
+ rspec-collection_matchers (~> 1.1)
156
+ rspec-its (~> 1.1)
157
+ rspec-legacy_formatters (~> 1.0)
158
+ rubocop (~> 0.49.1)
159
+ rubocop-i18n (~> 1.2.0)
160
+ ruby-prof (>= 0.16.0)
161
+ vcr (~> 2.9)
162
+ webmock (~> 1.24)
163
+ yard
164
+ yarjuf (~> 2.0)
165
+
166
+ BUNDLED WITH
167
+ 1.16.2
data/Rakefile CHANGED
@@ -24,40 +24,10 @@ require 'open3'
24
24
  Dir['tasks/**/*.rake'].each { |t| load t }
25
25
 
26
26
  begin
27
- load File.join(RAKE_ROOT, 'ext', 'packaging', 'packaging.rake')
28
- rescue LoadError
29
- end
30
-
31
- build_defs_file = 'ext/build_defaults.yaml'
32
- if File.exist?(build_defs_file)
33
- begin
34
- require 'yaml'
35
- @build_defaults ||= YAML.load_file(build_defs_file)
36
- rescue Exception => e
37
- STDERR.puts "Unable to load yaml from #{build_defs_file}:"
38
- STDERR.puts e
39
- end
40
- @packaging_url = @build_defaults['packaging_url']
41
- @packaging_repo = @build_defaults['packaging_repo']
42
- raise "Could not find packaging url in #{build_defs_file}" if @packaging_url.nil?
43
- raise "Could not find packaging repo in #{build_defs_file}" if @packaging_repo.nil?
44
-
45
- namespace :package do
46
- desc "Bootstrap packaging automation, e.g. clone into packaging repo"
47
- task :bootstrap do
48
- if File.exist?("ext/#{@packaging_repo}")
49
- puts "It looks like you already have ext/#{@packaging_repo}. If you don't like it, blow it away with package:implode."
50
- else
51
- cd 'ext' do
52
- %x{git clone #{@packaging_url}}
53
- end
54
- end
55
- end
56
- desc "Remove all cloned packaging automation"
57
- task :implode do
58
- rm_rf "ext/#{@packaging_repo}"
59
- end
60
- end
27
+ require 'packaging'
28
+ Pkg::Util::RakeUtils.load_packaging_tasks
29
+ rescue LoadError => e
30
+ puts "Error loading packaging rake tasks: #{e}"
61
31
  end
62
32
 
63
33
  task :default do
@@ -1,6 +1,4 @@
1
1
  ---
2
- packaging_url: 'git://github.com/puppetlabs/packaging.git --branch=master'
3
- packaging_repo: 'packaging'
4
2
  packager: 'puppetlabs'
5
3
  gpg_key: '7F438280EF8D349F'
6
4
 
@@ -100,7 +100,7 @@ class Puppet::Application::Cert < Puppet::Application
100
100
  end
101
101
 
102
102
  def summary
103
- _("Manage certificates and requests")
103
+ _("Manage certificates and requests (Deprecated)")
104
104
  end
105
105
 
106
106
  def help
@@ -282,6 +282,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
282
282
  end
283
283
 
284
284
  def setup
285
+ deprecate
286
+
285
287
  require 'puppet/ssl/certificate_authority'
286
288
  exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
287
289
 
@@ -257,8 +257,9 @@ module Puppet
257
257
  on the CLI.",
258
258
  },
259
259
  :configprint => {
260
- :default => "",
261
- :desc => "Prints the value of a specific configuration setting. If the name of a
260
+ :default => "",
261
+ :deprecated => :completely,
262
+ :desc => "Prints the value of a specific configuration setting. If the name of a
262
263
  setting is provided for this, then the value is printed and puppet
263
264
  exits. Comma-separate multiple values. For a list of all values,
264
265
  specify 'all'. This setting is deprecated, the 'puppet config' command replaces this functionality.",
@@ -276,7 +277,7 @@ module Puppet
276
277
  :desc => "Whether to create the necessary user and group that puppet agent will run as.",
277
278
  },
278
279
  :manage_internal_file_permissions => {
279
- :default => true,
280
+ :default => ! Puppet::Util::Platform.windows?,
280
281
  :type => :boolean,
281
282
  :desc => "Whether Puppet should manage the owner, group, and mode of files it uses internally",
282
283
  },
@@ -752,11 +753,14 @@ change this setting; you also need to:
752
753
 
753
754
  * On the server: Stop Puppet Server.
754
755
  * On the CA server: Revoke and clean the server's old certificate. (`puppet cert clean <NAME>`)
756
+ (Note `puppet cert clean` is deprecated and will be replaced with `puppetserver ca clean`
757
+ in Puppet 6.)
755
758
  * On the server: Delete the old certificate (and any old certificate signing requests)
756
759
  from the [ssldir](https://puppet.com/docs/puppet/latest/dirs_ssldir.html).
757
760
  * On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to request a new certificate
758
761
  * On the CA server: Sign the certificate request, explicitly allowing alternate names
759
- (`puppet cert sign --allow-dns-alt-names <NAME>`).
762
+ (`puppet cert sign --allow-dns-alt-names <NAME>`). (Note `puppet cert sign` is deprecated
763
+ and will be replaced with `puppetserver ca sign` in Puppet 6.)
760
764
  * On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to retrieve the cert.
761
765
  * On the server: Start Puppet Server again.
762
766
 
@@ -977,7 +981,8 @@ EOT
977
981
  :ca,
978
982
  :ca_name => {
979
983
  :default => "Puppet CA: $certname",
980
- :desc => "The name to use the Certificate Authority certificate.",
984
+ :desc => "The name to use the Certificate Authority certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
985
+ :deprecated => :completely,
981
986
  },
982
987
  :cadir => {
983
988
  :default => "$ssldir/ca",
@@ -985,7 +990,8 @@ EOT
985
990
  :owner => "service",
986
991
  :group => "service",
987
992
  :mode => "0755",
988
- :desc => "The root directory for the certificate authority."
993
+ :desc => "The root directory for the certificate authority. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
994
+ :deprecated => :completely,
989
995
  },
990
996
  :cacert => {
991
997
  :default => "$cadir/ca_crt.pem",
@@ -993,7 +999,8 @@ EOT
993
999
  :owner => "service",
994
1000
  :group => "service",
995
1001
  :mode => "0644",
996
- :desc => "The CA certificate."
1002
+ :desc => "The CA certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1003
+ :deprecated => :completely,
997
1004
  },
998
1005
  :cakey => {
999
1006
  :default => "$cadir/ca_key.pem",
@@ -1001,7 +1008,8 @@ EOT
1001
1008
  :owner => "service",
1002
1009
  :group => "service",
1003
1010
  :mode => "0640",
1004
- :desc => "The CA private key."
1011
+ :desc => "The CA private key. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1012
+ :deprecated => :completely,
1005
1013
  },
1006
1014
  :capub => {
1007
1015
  :default => "$cadir/ca_pub.pem",
@@ -1009,7 +1017,8 @@ EOT
1009
1017
  :owner => "service",
1010
1018
  :group => "service",
1011
1019
  :mode => "0644",
1012
- :desc => "The CA public key."
1020
+ :desc => "The CA public key. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1021
+ :deprecated => :completely,
1013
1022
  },
1014
1023
  :cacrl => {
1015
1024
  :default => "$cadir/ca_crl.pem",
@@ -1017,7 +1026,8 @@ EOT
1017
1026
  :owner => "service",
1018
1027
  :group => "service",
1019
1028
  :mode => "0644",
1020
- :desc => "The certificate revocation list (CRL) for the CA. Will be used if present but otherwise ignored.",
1029
+ :desc => "The certificate revocation list (CRL) for the CA. Will be used if present but otherwise ignored. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1030
+ :deprecated => :completely,
1021
1031
  },
1022
1032
  :caprivatedir => {
1023
1033
  :default => "$cadir/private",
@@ -1025,7 +1035,8 @@ EOT
1025
1035
  :owner => "service",
1026
1036
  :group => "service",
1027
1037
  :mode => "0750",
1028
- :desc => "Where the CA stores private certificate information."
1038
+ :desc => "Where the CA stores private certificate information. This setting is deprecated and will be removed in Puppet 6.",
1039
+ :deprecated => :completely,
1029
1040
  },
1030
1041
  :csrdir => {
1031
1042
  :default => "$cadir/requests",
@@ -1033,7 +1044,8 @@ EOT
1033
1044
  :owner => "service",
1034
1045
  :group => "service",
1035
1046
  :mode => "0755",
1036
- :desc => "Where the CA stores certificate requests"
1047
+ :desc => "Where the CA stores certificate requests. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1048
+ :deprecated => :completely,
1037
1049
  },
1038
1050
  :signeddir => {
1039
1051
  :default => "$cadir/signed",
@@ -1041,7 +1053,8 @@ EOT
1041
1053
  :owner => "service",
1042
1054
  :group => "service",
1043
1055
  :mode => "0755",
1044
- :desc => "Where the CA stores signed certificates."
1056
+ :desc => "Where the CA stores signed certificates. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1057
+ :deprecated => :completely,
1045
1058
  },
1046
1059
  :capass => {
1047
1060
  :default => "$caprivatedir/ca.pass",
@@ -1049,7 +1062,8 @@ EOT
1049
1062
  :owner => "service",
1050
1063
  :group => "service",
1051
1064
  :mode => "0640",
1052
- :desc => "Where the CA stores the password for the private key."
1065
+ :desc => "Where the CA stores the password for the private key. This setting is deprecated and will be removed in Puppet 6.",
1066
+ :deprecated => :completely,
1053
1067
  },
1054
1068
  :serial => {
1055
1069
  :default => "$cadir/serial",
@@ -1057,13 +1071,17 @@ EOT
1057
1071
  :owner => "service",
1058
1072
  :group => "service",
1059
1073
  :mode => "0644",
1060
- :desc => "Where the serial number for certificates is stored."
1074
+ :desc => "Where the serial number for certificates is stored. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1075
+ :deprecated => :completely,
1061
1076
  },
1062
1077
  :autosign => {
1063
1078
  :default => "$confdir/autosign.conf",
1064
1079
  :type => :autosign,
1080
+ :deprecated => :completely,
1065
1081
  :desc => "Whether (and how) to autosign certificate requests. This setting
1066
1082
  is only relevant on a puppet master acting as a certificate authority (CA).
1083
+ This setting is also deprecated and will be replaced by one in Puppet Server's
1084
+ configs in Puppet 6.
1067
1085
 
1068
1086
  Valid values are true (autosigns all certificate requests; not recommended),
1069
1087
  false (disables autosigning certificates), or the absolute path to a file.
@@ -1090,14 +1108,15 @@ EOT
1090
1108
  :allow_duplicate_certs => {
1091
1109
  :default => false,
1092
1110
  :type => :boolean,
1093
- :desc => "Whether to allow a new certificate
1094
- request to overwrite an existing certificate.",
1111
+ :desc => "Whether to allow a new certificate request to overwrite an existing certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1112
+ :deprecated => :completely,
1095
1113
  },
1096
1114
  :ca_ttl => {
1097
1115
  :default => "5y",
1098
1116
  :type => :duration,
1099
1117
  :desc => "The default TTL for new certificates.
1100
- #{AS_DURATION}"
1118
+ #{AS_DURATION} This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1119
+ :deprecated => :completely,
1101
1120
  },
1102
1121
  :keylength => {
1103
1122
  :default => 4096,
@@ -1110,7 +1129,8 @@ EOT
1110
1129
  :owner => "service",
1111
1130
  :group => "service",
1112
1131
  :desc => "The inventory file. This is a text file to which the CA writes a
1113
- complete listing of all certificates."
1132
+ complete listing of all certificates. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
1133
+ :deprecated => :completely,
1114
1134
  }
1115
1135
  )
1116
1136
 
@@ -1142,6 +1162,7 @@ EOT
1142
1162
  :bindaddress => {
1143
1163
  :default => "*",
1144
1164
  :desc => "The address a listening server should bind to.",
1165
+ :deprecated => :completely,
1145
1166
  }
1146
1167
  )
1147
1168
 
@@ -1191,11 +1212,15 @@ EOT
1191
1212
  define_settings(:master,
1192
1213
  :user => {
1193
1214
  :default => "puppet",
1194
- :desc => "The user puppet master should run as.",
1215
+ :desc => "The user Puppet Server will run as. Used to ensure
1216
+ the agent side processes (agent, apply, etc) create files and
1217
+ directories readable by Puppet Server when necessary.",
1195
1218
  },
1196
1219
  :group => {
1197
1220
  :default => "puppet",
1198
- :desc => "The group puppet master should run as.",
1221
+ :desc => "The group Puppet Server will run as. Used to ensure
1222
+ the agent side processes (agent, apply, etc) create files and
1223
+ directories readable by Puppet Server when necessary.",
1199
1224
  },
1200
1225
  :default_manifest => {
1201
1226
  :default => "./manifests",
@@ -1241,6 +1266,7 @@ EOT
1241
1266
  :group => "service",
1242
1267
  :mode => "0660",
1243
1268
  :create => true,
1269
+ :deprecated => :completely,
1244
1270
  :desc => "Where the puppet master web server saves its access log. This is
1245
1271
  only used when running a WEBrick puppet master. When puppet master is
1246
1272
  running under a Rack server like Passenger, that web server will have
@@ -1248,9 +1274,9 @@ EOT
1248
1274
  },
1249
1275
  :masterport => {
1250
1276
  :default => 8140,
1251
- :desc => "The port for puppet master traffic. For puppet master,
1252
- this is the port to listen on; for puppet agent, this is the port
1253
- to make requests on. Both applications use this setting to get the port.",
1277
+ :desc => "The default port puppet subcommands use to communicate
1278
+ with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1279
+ overridden by more specific settings (see `ca_port`, `report_port`).",
1254
1280
  },
1255
1281
  :node_name => {
1256
1282
  :default => "cert",
@@ -1272,13 +1298,16 @@ EOT
1272
1298
  :rest_authconfig => {
1273
1299
  :default => "$confdir/auth.conf",
1274
1300
  :type => :file,
1301
+ :deprecated => :completely,
1275
1302
  :desc => "The configuration file that defines the rights to the different
1276
- rest indirections. This can be used as a fine-grained
1277
- authorization system for `puppet master`.",
1303
+ rest indirections. This can be used as a fine-grained authorization system for
1304
+ `puppet master`. The `puppet master` command is deprecated and Puppet Server
1305
+ uses its own auth.conf that must be placed within its configuration directory.",
1278
1306
  },
1279
1307
  :ca => {
1280
1308
  :default => true,
1281
1309
  :type => :boolean,
1310
+ :deprecated => :completely,
1282
1311
  :desc => "Whether the master should function as a certificate authority.",
1283
1312
  },
1284
1313
  :trusted_oid_mapping_file => {