puppet 5.5.3-universal-darwin → 5.5.6-universal-darwin

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 0d601cb88fc86753ef545bccb3eae789570381d0
-  data.tar.gz: f98f707edd4400a25e3d842229854ec866e292a5
+SHA256:
+  metadata.gz: 35dab550cf5bc25b9c3df32cf6f404deb5cbf4f999351784af4cb034b8b98302
+  data.tar.gz: 75c6cfa1941b96787d07696d04f75dc2404634abbcb0d9adfd4c382b46d224c7
 SHA512:
-  metadata.gz: 50bd6575f5483528f32195aa61a4dbf7ce762da281e33ab56df537e86c288b46c2bc8150e1b090d61653c142bd2ff701c5c7c02bab28628692b5e01c187a7c06
-  data.tar.gz: 1d873442571c7bae8b2160327de136ac803d2e8be14d4774d63f2f07c252af9f9fba62adf4e0579787853975600fbdb340b6b5c8e3a4af9be8f38c6a2c68c30e
+  metadata.gz: 5e9d1b72fa5eee1c9651f58454ed02110ceaf59b5cc7b8ec6f224926d8f09640b46e1044f672bf74e0694514d83988de49211cde48b50034f49cb82ebde05358
+  data.tar.gz: aa0bd26341831fa71811e030b8a8cdf688682f52907d93058c18c74bd17b78b9abf79fe341517208230cbd31bdcc30191f0730e05300ee4e98f1fa95698b604c

data/CONTRIBUTING.md

@@ -65,10 +65,7 @@ the [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev
       why this is a problem, and how the patch fixes the problem when applied.
   ```
 * Make sure you have added the necessary tests for your changes.
-* Run _all_ the tests to assure nothing else was accidentally broken. First
-  install all the test dependencies with `bundle install --path .bundle`. Then
-  either run all the tests serially with `bundle exec rspec spec` or in parallel
-  with `bundle exec rake parallel:spec[process_count]`
+* For details on how to run tests, please see [the quickstart guide](https://github.com/puppetlabs/puppet/blob/master/docs/quickstart.md)
 
 ## Writing Translatable Code
 

data/Gemfile

@@ -12,6 +12,10 @@ def location_for(place, fake_version = nil)
   end
 end
 
+group(:packaging) do
+  gem 'packaging', *location_for(ENV['PACKAGING_LOCATION'] || '~> 0.99')
+end
+
 # C Ruby (MRI) or Rubinius, but NOT Windows
 platforms :ruby do
   gem 'pry', :group => :development
@@ -35,7 +39,7 @@ group(:development, :test) do
   # be removed here *yet* due to TravisCI / AppVeyor which call:
   # bundle install --without development
   # PUP-7433 describes work necessary to restructure this
-  gem "rake", "10.1.1", :require => false
+  gem "rake", '~> 12.2.1', :require => false
   gem "rspec", "~> 3.1", :require => false
   gem "rspec-its", "~> 1.1", :require => false
   gem "rspec-collection_matchers", "~> 1.1", :require => false

data/Gemfile.lock

@@ -0,0 +1,167 @@
+PATH
+  remote: .
+  specs:
+    puppet (5.5.6)
+      CFPropertyList (~> 2.2)
+      facter (>= 2.0.1, < 4)
+      fast_gettext (~> 1.1.2)
+      hiera (>= 3.2.1, < 4)
+      hocon (~> 1.0)
+      locale (~> 2.1)
+      multi_json (~> 1.13)
+      net-ssh (>= 3.0, < 5)
+
+GEM
+  remote: https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/
+  specs:
+    CFPropertyList (2.3.6)
+    addressable (2.4.0)
+    artifactory (2.8.2)
+    ast (2.4.0)
+    builder (3.2.3)
+    coderay (1.1.2)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.3)
+    facter (2.5.1)
+    fast_gettext (1.1.2)
+    gettext (3.2.9)
+      locale (>= 2.0.5)
+      text (>= 1.3.0)
+    gettext-setup (0.30)
+      fast_gettext (~> 1.1.0)
+      gettext (>= 3.0.2)
+      locale
+    hashdiff (0.3.7)
+    hiera (3.4.3)
+    hiera-eyaml (2.1.0)
+      highline (~> 1.6.19)
+      trollop (~> 2.0)
+    highline (1.6.21)
+    hocon (1.2.5)
+    hpricot (0.8.6)
+    json-schema (2.8.0)
+      addressable (>= 2.4)
+    locale (2.1.2)
+    memory_profiler (0.9.11)
+    metaclass (0.0.4)
+    method_source (0.9.0)
+    mocha (0.10.5)
+      metaclass (~> 0.0.1)
+    msgpack (1.2.4)
+    multi_json (1.13.1)
+    mustache (1.0.5)
+    net-ssh (4.2.0)
+    packaging (0.99.8)
+      artifactory
+      rake (~> 12.2.1)
+    parallel (1.12.1)
+    parser (2.5.1.2)
+      ast (~> 2.4.0)
+    powerpack (0.1.2)
+    pry (0.11.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    puppet-lint (2.3.6)
+    puppet-syntax (2.4.1)
+      rake
+    puppetlabs_spec_helper (1.1.1)
+      mocha
+      puppet-lint
+      puppet-syntax
+      rake
+      rspec-puppet
+    racc (1.4.9)
+    rack (1.6.10)
+    rainbow (2.1.0)
+    rake (12.2.1)
+    rdiscount (2.2.0.1)
+    rdoc (4.3.0)
+    redcarpet (2.3.0)
+    ronn (0.7.3)
+      hpricot (>= 0.8.2)
+      mustache (>= 0.7.0)
+      rdiscount (>= 1.5.8)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-collection_matchers (1.1.3)
+      rspec-expectations (>= 2.99.0.beta1)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-its (1.2.0)
+      rspec-core (>= 3.0.0)
+      rspec-expectations (>= 3.0.0)
+    rspec-legacy_formatters (1.0.1)
+      rspec (~> 3.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-puppet (2.6.15)
+      rspec
+    rspec-support (3.8.0)
+    rubocop (0.49.1)
+      parallel (~> 1.10)
+      parser (>= 2.3.3.1, < 3.0)
+      powerpack (~> 0.1)
+      rainbow (>= 1.99.1, < 3.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    rubocop-i18n (1.2.0)
+      rubocop (~> 0.49.0)
+    ruby-prof (0.17.0)
+    ruby-progressbar (1.10.0)
+    safe_yaml (1.0.4)
+    text (1.3.1)
+    trollop (2.1.3)
+    unicode-display_width (1.4.0)
+    vcr (2.9.3)
+    webmock (1.24.6)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
+    yard (0.9.16)
+    yarjuf (2.0.0)
+      builder
+      rspec (~> 3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  addressable (< 2.5.0)
+  gettext-setup (~> 0.28)
+  hiera-eyaml
+  json-schema (~> 2.0)
+  memory_profiler
+  mocha (~> 0.10.5)
+  msgpack
+  packaging (~> 0.99)
+  pry
+  puppet!
+  puppetlabs_spec_helper
+  racc (= 1.4.9)
+  rack (~> 1.4)
+  rainbow (< 2.2.1)
+  rake (~> 12.2.1)
+  rdoc (~> 4.1)
+  redcarpet (~> 2.0)
+  ronn (~> 0.7.3)
+  rspec (~> 3.1)
+  rspec-collection_matchers (~> 1.1)
+  rspec-its (~> 1.1)
+  rspec-legacy_formatters (~> 1.0)
+  rubocop (~> 0.49.1)
+  rubocop-i18n (~> 1.2.0)
+  ruby-prof (>= 0.16.0)
+  vcr (~> 2.9)
+  webmock (~> 1.24)
+  yard
+  yarjuf (~> 2.0)
+
+BUNDLED WITH
+   1.16.2

data/Rakefile

@@ -24,40 +24,10 @@ require 'open3'
 Dir['tasks/**/*.rake'].each { |t| load t }
 
 begin
-  load File.join(RAKE_ROOT, 'ext', 'packaging', 'packaging.rake')
-rescue LoadError
-end
-
-build_defs_file = 'ext/build_defaults.yaml'
-if File.exist?(build_defs_file)
-  begin
-    require 'yaml'
-    @build_defaults ||= YAML.load_file(build_defs_file)
-  rescue Exception => e
-    STDERR.puts "Unable to load yaml from #{build_defs_file}:"
-    STDERR.puts e
-  end
-  @packaging_url  = @build_defaults['packaging_url']
-  @packaging_repo = @build_defaults['packaging_repo']
-  raise "Could not find packaging url in #{build_defs_file}" if @packaging_url.nil?
-  raise "Could not find packaging repo in #{build_defs_file}" if @packaging_repo.nil?
-
-  namespace :package do
-    desc "Bootstrap packaging automation, e.g. clone into packaging repo"
-    task :bootstrap do
-      if File.exist?("ext/#{@packaging_repo}")
-        puts "It looks like you already have ext/#{@packaging_repo}. If you don't like it, blow it away with package:implode."
-      else
-        cd 'ext' do
-          %x{git clone #{@packaging_url}}
-        end
-      end
-    end
-    desc "Remove all cloned packaging automation"
-    task :implode do
-      rm_rf "ext/#{@packaging_repo}"
-    end
-  end
+  require 'packaging'
+  Pkg::Util::RakeUtils.load_packaging_tasks
+rescue LoadError => e
+  puts "Error loading packaging rake tasks: #{e}"
 end
 
 task :default do

data/ext/build_defaults.yaml

@@ -1,6 +1,4 @@
 ---
-packaging_url: 'git://github.com/puppetlabs/packaging.git --branch=master'
-packaging_repo: 'packaging'
 packager: 'puppetlabs'
 gpg_key: '7F438280EF8D349F'
 

data/lib/puppet/application/cert.rb

@@ -100,7 +100,7 @@ class Puppet::Application::Cert < Puppet::Application
   end
 
   def summary
-    _("Manage certificates and requests")
+    _("Manage certificates and requests (Deprecated)")
   end
 
   def help
@@ -282,6 +282,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   end
 
   def setup
+    deprecate
+
     require 'puppet/ssl/certificate_authority'
     exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
 

data/lib/puppet/defaults.rb

@@ -257,8 +257,9 @@ module Puppet
           on the CLI.",
     },
     :configprint => {
-        :default  => "",
-        :desc     => "Prints the value of a specific configuration setting.  If the name of a
+        :default    => "",
+        :deprecated => :completely,
+        :desc       => "Prints the value of a specific configuration setting.  If the name of a
           setting is provided for this, then the value is printed and puppet
           exits.  Comma-separate multiple values.  For a list of all values,
           specify 'all'. This setting is deprecated, the 'puppet config' command replaces this functionality.",
@@ -276,7 +277,7 @@ module Puppet
         :desc     => "Whether to create the necessary user and group that puppet agent will run as.",
     },
     :manage_internal_file_permissions => {
-        :default  => true,
+        :default  => ! Puppet::Util::Platform.windows?,
         :type     => :boolean,
         :desc     => "Whether Puppet should manage the owner, group, and mode of files it uses internally",
     },
@@ -752,11 +753,14 @@ change this setting; you also need to:
 
 * On the server: Stop Puppet Server.
 * On the CA server: Revoke and clean the server's old certificate. (`puppet cert clean <NAME>`)
+  (Note `puppet cert clean` is deprecated and will be replaced with `puppetserver ca clean`
+  in Puppet 6.)
 * On the server: Delete the old certificate (and any old certificate signing requests)
   from the [ssldir](https://puppet.com/docs/puppet/latest/dirs_ssldir.html).
 * On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to request a new certificate
 * On the CA server: Sign the certificate request, explicitly allowing alternate names
-  (`puppet cert sign --allow-dns-alt-names <NAME>`).
+  (`puppet cert sign --allow-dns-alt-names <NAME>`). (Note `puppet cert sign` is deprecated
+  and will be replaced with `puppetserver ca sign` in Puppet 6.)
 * On the server: Run `puppet agent -t --ca_server <CA HOSTNAME>` to retrieve the cert.
 * On the server: Start Puppet Server again.
 
@@ -977,7 +981,8 @@ EOT
     :ca,
     :ca_name => {
       :default    => "Puppet CA: $certname",
-      :desc       => "The name to use the Certificate Authority certificate.",
+      :desc       => "The name to use the Certificate Authority certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :cadir => {
       :default => "$ssldir/ca",
@@ -985,7 +990,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0755",
-      :desc => "The root directory for the certificate authority."
+      :desc => "The root directory for the certificate authority. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :cacert => {
       :default => "$cadir/ca_crt.pem",
@@ -993,7 +999,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0644",
-      :desc => "The CA certificate."
+      :desc => "The CA certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :cakey => {
       :default => "$cadir/ca_key.pem",
@@ -1001,7 +1008,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0640",
-      :desc => "The CA private key."
+      :desc => "The CA private key. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :capub => {
       :default => "$cadir/ca_pub.pem",
@@ -1009,7 +1017,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0644",
-      :desc => "The CA public key."
+      :desc => "The CA public key. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :cacrl => {
       :default => "$cadir/ca_crl.pem",
@@ -1017,7 +1026,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0644",
-      :desc => "The certificate revocation list (CRL) for the CA. Will be used if present but otherwise ignored.",
+      :desc => "The certificate revocation list (CRL) for the CA. Will be used if present but otherwise ignored. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :caprivatedir => {
       :default => "$cadir/private",
@@ -1025,7 +1035,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0750",
-      :desc => "Where the CA stores private certificate information."
+      :desc => "Where the CA stores private certificate information. This setting is deprecated and will be removed in Puppet 6.",
+      :deprecated => :completely,
     },
     :csrdir => {
       :default => "$cadir/requests",
@@ -1033,7 +1044,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode  => "0755",
-      :desc => "Where the CA stores certificate requests"
+      :desc => "Where the CA stores certificate requests. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :signeddir => {
       :default => "$cadir/signed",
@@ -1041,7 +1053,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0755",
-      :desc => "Where the CA stores signed certificates."
+      :desc => "Where the CA stores signed certificates. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :capass => {
       :default => "$caprivatedir/ca.pass",
@@ -1049,7 +1062,8 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0640",
-      :desc => "Where the CA stores the password for the private key."
+      :desc => "Where the CA stores the password for the private key. This setting is deprecated and will be removed in Puppet 6.",
+      :deprecated => :completely,
     },
     :serial => {
       :default => "$cadir/serial",
@@ -1057,13 +1071,17 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => "0644",
-      :desc => "Where the serial number for certificates is stored."
+      :desc => "Where the serial number for certificates is stored. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :autosign => {
       :default => "$confdir/autosign.conf",
       :type => :autosign,
+      :deprecated => :completely,
       :desc => "Whether (and how) to autosign certificate requests. This setting
         is only relevant on a puppet master acting as a certificate authority (CA).
+        This setting is also deprecated and will be replaced by one in Puppet Server's
+        configs in Puppet 6.
 
         Valid values are true (autosigns all certificate requests; not recommended),
         false (disables autosigning certificates), or the absolute path to a file.
@@ -1090,14 +1108,15 @@ EOT
     :allow_duplicate_certs => {
       :default    => false,
       :type       => :boolean,
-      :desc       => "Whether to allow a new certificate
-      request to overwrite an existing certificate.",
+      :desc       => "Whether to allow a new certificate request to overwrite an existing certificate. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :ca_ttl => {
       :default    => "5y",
       :type       => :duration,
       :desc       => "The default TTL for new certificates.
-      #{AS_DURATION}"
+      #{AS_DURATION} This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     },
     :keylength => {
       :default    => 4096,
@@ -1110,7 +1129,8 @@ EOT
       :owner => "service",
       :group => "service",
       :desc => "The inventory file. This is a text file to which the CA writes a
-        complete listing of all certificates."
+        complete listing of all certificates. This setting is deprecated and will be replaced by one in Puppet Server's configs in Puppet 6.",
+      :deprecated => :completely,
     }
   )
 
@@ -1142,6 +1162,7 @@ EOT
       :bindaddress => {
         :default    => "*",
         :desc       => "The address a listening server should bind to.",
+        :deprecated  => :completely,
       }
   )
 
@@ -1191,11 +1212,15 @@ EOT
   define_settings(:master,
     :user => {
       :default    => "puppet",
-      :desc       => "The user puppet master should run as.",
+      :desc       => "The user Puppet Server will run as. Used to ensure
+      the agent side processes (agent, apply, etc) create files and
+      directories readable by Puppet Server when necessary.",
     },
     :group => {
       :default    => "puppet",
-      :desc       => "The group puppet master should run as.",
+      :desc       => "The group Puppet Server will run as. Used to ensure
+      the agent side processes (agent, apply, etc) create files and
+      directories readable by Puppet Server when necessary.",
     },
     :default_manifest => {
       :default    => "./manifests",
@@ -1241,6 +1266,7 @@ EOT
       :group => "service",
       :mode => "0660",
       :create => true,
+      :deprecated => :completely,
       :desc => "Where the puppet master web server saves its access log. This is
         only used when running a WEBrick puppet master. When puppet master is
         running under a Rack server like Passenger, that web server will have
@@ -1248,9 +1274,9 @@ EOT
     },
     :masterport => {
       :default    => 8140,
-      :desc       => "The port for puppet master traffic. For puppet master,
-      this is the port to listen on; for puppet agent, this is the port
-      to make requests on. Both applications use this setting to get the port.",
+      :desc       => "The default port puppet subcommands use to communicate
+      with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
+      overridden by more specific settings (see `ca_port`, `report_port`).",
     },
     :node_name => {
       :default    => "cert",
@@ -1272,13 +1298,16 @@ EOT
     :rest_authconfig => {
       :default    => "$confdir/auth.conf",
       :type       => :file,
+      :deprecated  => :completely,
       :desc       => "The configuration file that defines the rights to the different
-      rest indirections.  This can be used as a fine-grained
-      authorization system for `puppet master`.",
+      rest indirections.  This can be used as a fine-grained authorization system for
+      `puppet master`.  The `puppet master` command is deprecated and Puppet Server
+      uses its own auth.conf that must be placed within its configuration directory.",
     },
     :ca => {
       :default    => true,
       :type       => :boolean,
+      :deprecated  => :completely,
       :desc       => "Whether the master should function as a certificate authority.",
     },
     :trusted_oid_mapping_file => {