RubyGems - puppet - Versions diffs - 6.0.4-universal-darwin → 6.0.5-universal-darwin - Mend

puppet 6.0.4-universal-darwin → 6.0.5-universal-darwin

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (125) hide show

checksums.yaml +4 -4
data/Gemfile.lock +15 -15
data/Rakefile +3 -1
data/ext/solaris/smf/svc-puppetd +8 -1
data/ext/solaris/smf/svc-puppetmasterd +8 -1
data/lib/puppet/application/device.rb +48 -32
data/lib/puppet/application/ssl.rb +31 -17
data/lib/puppet/defaults.rb +2 -1
data/lib/puppet/face/config.rb +1 -1
data/lib/puppet/forge.rb +4 -1
data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +3 -1
data/lib/puppet/pops/model/pn_transformer.rb +5 -0
data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
data/lib/puppet/pops/types/string_converter.rb +11 -2
data/lib/puppet/provider/package/dnf.rb +2 -1
data/lib/puppet/provider/package/windows/exe_package.rb +13 -0
data/lib/puppet/provider/package/windows/msi_package.rb +8 -0
data/lib/puppet/provider/package/windows/package.rb +9 -1
data/lib/puppet/provider/package/yum.rb +1 -1
data/lib/puppet/provider/parsedfile.rb +25 -4
data/lib/puppet/provider/service/smf.rb +54 -0
data/lib/puppet/provider/service/systemd.rb +2 -0
data/lib/puppet/provider/service/upstart.rb +1 -0
data/lib/puppet/rest/route.rb +1 -1
data/lib/puppet/ssl/host.rb +23 -11
data/lib/puppet/transaction.rb +4 -1
data/lib/puppet/transaction/event_manager.rb +13 -1
data/lib/puppet/transaction/resource_harness.rb +3 -1
data/lib/puppet/util/command_line.rb +2 -3
data/lib/puppet/util/filetype.rb +36 -4
data/lib/puppet/util/selinux.rb +1 -1
data/lib/puppet/util/windows/api_types.rb +1 -1
data/lib/puppet/util/windows/registry.rb +29 -5
data/lib/puppet/util/windows/service.rb +106 -99
data/lib/puppet/version.rb +1 -1
data/locales/ja/puppet.po +232 -183
data/locales/puppet.pot +145 -117
data/man/man5/puppet.conf.5 +3 -3
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +2 -2
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +23 -19
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +6 -3
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +6 -0
data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +13 -0
data/spec/integration/ssl/key_spec.rb +0 -4
data/spec/integration/transaction_spec.rb +559 -0
data/spec/integration/util/windows/registry_spec.rb +39 -0
data/spec/unit/application/device_spec.rb +10 -7
data/spec/unit/application/lookup_spec.rb +2 -1
data/spec/unit/application/ssl_spec.rb +21 -2
data/spec/unit/forge/forge_spec.rb +4 -2
data/spec/unit/functions/logging_spec.rb +10 -3
data/spec/unit/indirector/yaml_spec.rb +1 -1
data/spec/unit/pops/loaders/loader_spec.rb +6 -7
data/spec/unit/pops/model/pn_transformer_spec.rb +4 -0
data/spec/unit/pops/types/p_timespan_type_spec.rb +22 -0
data/spec/unit/pops/types/p_timestamp_type_spec.rb +19 -0
data/spec/unit/pops/types/string_converter_spec.rb +20 -0
data/spec/unit/provider/group/ldap_spec.rb +22 -25
data/spec/unit/provider/group/pw_spec.rb +7 -10
data/spec/unit/provider/nameservice/directoryservice_spec.rb +97 -103
data/spec/unit/provider/package/aix_spec.rb +5 -8
data/spec/unit/provider/package/apt_spec.rb +3 -6
data/spec/unit/provider/package/dnf_spec.rb +36 -37
data/spec/unit/provider/package/dpkg_spec.rb +18 -21
data/spec/unit/provider/package/freebsd_spec.rb +4 -7
data/spec/unit/provider/package/gem_spec.rb +41 -41
data/spec/unit/provider/package/hpux_spec.rb +7 -10
data/spec/unit/provider/package/macports_spec.rb +13 -15
data/spec/unit/provider/package/nim_spec.rb +3 -10
data/spec/unit/provider/package/openbsd_spec.rb +14 -17
data/spec/unit/provider/package/pip3_spec.rb +3 -6
data/spec/unit/provider/package/pip_spec.rb +45 -49
data/spec/unit/provider/package/pkgin_spec.rb +13 -18
data/spec/unit/provider/package/pkgng_spec.rb +21 -24
data/spec/unit/provider/package/puppet_gem_spec.rb +6 -9
data/spec/unit/provider/package/tdnf_spec.rb +9 -12
data/spec/unit/provider/package/yum_spec.rb +30 -16
data/spec/unit/provider/package/zypper_spec.rb +17 -19
data/spec/unit/provider/service/bsd_spec.rb +7 -9
data/spec/unit/provider/service/daemontools_spec.rb +12 -16
data/spec/unit/provider/service/debian_spec.rb +6 -10
data/spec/unit/provider/service/freebsd_spec.rb +2 -2
data/spec/unit/provider/service/openbsd_spec.rb +13 -17
data/spec/unit/provider/service/rcng_spec.rb +2 -4
data/spec/unit/provider/service/redhat_spec.rb +12 -11
data/spec/unit/provider/service/runit_spec.rb +7 -14
data/spec/unit/provider/service/smf_spec.rb +77 -13
data/spec/unit/provider/service/src_spec.rb +11 -16
data/spec/unit/provider/service/systemd_spec.rb +18 -0
data/spec/unit/provider/user/hpux_spec.rb +3 -5
data/spec/unit/provider/user/ldap_spec.rb +29 -32
data/spec/unit/provider/user/pw_spec.rb +10 -13
data/spec/unit/rest/route_spec.rb +1 -1
data/spec/unit/ssl/host_spec.rb +21 -0
data/spec/unit/ssl/key_spec.rb +2 -4
data/spec/unit/transaction/event_manager_spec.rb +12 -1
data/spec/unit/transaction/resource_harness_spec.rb +18 -0
data/spec/unit/transaction_spec.rb +25 -0
data/spec/unit/util/filetype_spec.rb +13 -5
data/spec/unit/util/logging_spec.rb +0 -41
data/spec/unit/util/monkey_patches_spec.rb +18 -5
data/spec/unit/util/selinux_spec.rb +4 -0
metadata +8 -2

data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb CHANGED

@@ -51,7 +51,9 @@ class Puppet::Pops::Evaluator::Collectors::AbstractCollector
       objects.each do |res|
         unless @collected.include?(res.ref)
-          newres = Puppet::Parser::Resource.new(res.type, res.title, @overrides)
+          t = res.type
+          t = Puppet::Pops::Evaluator::Runtime3ResourceSupport.find_resource_type(scope, t)
+          newres = Puppet::Parser::Resource.new(t, res.title, @overrides)
           scope.compiler.add_override(newres)
         end
       end

data/lib/puppet/pops/model/pn_transformer.rb CHANGED

@@ -200,6 +200,11 @@ class PNTransformer
     PN::Call.new('nop')
   end
+  # Some elements may have a nil element instead of a Nop Expression
+  def transform_NilClass(e)
+    PN::Call.new('nop')
+  end
   def transform_NotExpression(e)
     PN::Call.new('!', transform(e.expr))
   end

data/lib/puppet/pops/types/p_timespan_type.rb CHANGED

@@ -65,9 +65,9 @@ module Types
       when String
         impl_class.parse(arg)
       when Integer
-        arg == impl_class.new(arg * Time::NSECS_PER_SEC)
+        impl_class.new(arg * Time::NSECS_PER_SEC)
       when Float
-        arg == (min ? -Float::INFINITY : Float::INFINITY) ? arg : impl_class.new(arg * Time::NSECS_PER_SEC)
+        impl_class.new(arg * Time::NSECS_PER_SEC)
       else
         raise ArgumentError, "Unable to create a #{impl_class.name} from a #{arg.class.name}" unless arg.nil? || arg == :default
         nil

data/lib/puppet/pops/types/string_converter.rb CHANGED

@@ -484,8 +484,17 @@ class StringConverter
     value_type = TypeCalculator.infer_set(value)
     if string_formats.is_a?(String)
-      # add the format given for the exact type
-      string_formats = { value_type => string_formats }
+      # For Array and Hash, the format is given as a Hash where 'format' key is the format for the collection itself
+      if Puppet::Pops::Types::PArrayType::DEFAULT.assignable?(value_type)
+        # add the format given for the exact type
+        string_formats = { Puppet::Pops::Types::PArrayType::DEFAULT => {'format' => string_formats }}
+      elsif Puppet::Pops::Types::PHashType::DEFAULT.assignable?(value_type)
+          # add the format given for the exact type
+          string_formats = { Puppet::Pops::Types::PHashType::DEFAULT => {'format' => string_formats }}
+      else
+        # add the format given for the exact type
+        string_formats = { value_type => string_formats }
+      end
     end
     case string_formats

data/lib/puppet/provider/package/dnf.rb CHANGED

@@ -30,7 +30,8 @@ Puppet::Type.type(:package).provide :dnf, :parent => :yum do
   defaultfor :operatingsystem => :fedora
   notdefaultfor :operatingsystem => :fedora, :operatingsystemmajrelease => (19..21).to_a
-  defaultfor :osfamily => :redhat, :operatingsystemmajrelease => ["8"]
+  defaultfor :osfamily => :redhat
+  notdefaultfor :osfamily => :redhat, :operatingsystemmajrelease => (4..7).to_a
   def self.update_command
     # In DNF, update is deprecated for upgrade

data/lib/puppet/provider/package/windows/exe_package.rb CHANGED

@@ -4,6 +4,19 @@ class Puppet::Provider::Package::Windows
   class ExePackage < Puppet::Provider::Package::Windows::Package
     attr_reader :uninstall_string
+    # registry values to load under each product entry in
+    # HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
+    # for this provider
+    REG_VALUE_NAMES = [
+      'DisplayVersion',
+      'UninstallString',
+      'ParentKeyName',
+      'Security Update',
+      'Update Rollup',
+      'Hotfix',
+      'WindowsInstaller',
+    ]
     # Return an instance of the package from the registry, or nil
     def self.from_registry(name, values)
       if valid?(name, values)

data/lib/puppet/provider/package/windows/msi_package.rb CHANGED

@@ -8,6 +8,14 @@ class Puppet::Provider::Package::Windows
     INSTALLSTATE_DEFAULT = 5 # product is installed for the current user
     INSTALLUILEVEL_NONE  = 2 # completely silent installation
+    # registry values to load under each product entry in
+    # HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
+    # for this provider
+    REG_VALUE_NAMES = [
+      'DisplayVersion',
+      'WindowsInstaller'
+    ]
     # Get the COM installer object, it's in a separate method for testing
     def self.installer
       # REMIND: when does the COM release happen?

data/lib/puppet/provider/package/windows/package.rb CHANGED

@@ -11,6 +11,14 @@ class Puppet::Provider::Package::Windows
     attr_reader :name, :version
+    REG_DISPLAY_VALUE_NAMES = [ 'DisplayName', 'QuietDisplayName' ]
+    def self.reg_value_names_to_load
+      REG_DISPLAY_VALUE_NAMES |
+      MsiPackage::REG_VALUE_NAMES |
+      ExePackage::REG_VALUE_NAMES
+    end
     # Enumerate each package. The appropriate package subclass
     # will be yielded.
     def self.each(&block)
@@ -37,7 +45,7 @@ class Puppet::Provider::Package::Windows
             open(hive, 'Software\Microsoft\Windows\CurrentVersion\Uninstall', mode) do |uninstall|
               each_key(uninstall) do |name, wtime|
                 open(hive, "#{uninstall.keyname}\\#{name}", mode) do |key|
-                  yield key, values(key)
+                  yield key, values_by_name(key, reg_value_names_to_load)
                 end
               end
             end

data/lib/puppet/provider/package/yum.rb CHANGED

@@ -23,7 +23,7 @@ Puppet::Type.type(:package).provide :yum, :parent => :rpm, :source => :rpm do
       end
   end
-  defaultfor :osfamily => :redhat
+defaultfor :osfamily => :redhat, :operatingsystemmajrelease => (4..7).to_a
   def self.prefetch(packages)
     raise Puppet::Error, _("The yum provider can only be used as root") if Process.euid != 0

data/lib/puppet/provider/parsedfile.rb CHANGED

@@ -10,11 +10,17 @@ require 'puppet/util/fileparsing'
 #
 # Once the provider prefetches the data, it's the resource's job to copy
 # that data over to the @is variables.
+#
+# NOTE: The prefetch method swallows FileReadErrors by treating the
+# corresponding target as an empty file. If you would like to turn this
+# behavior off, then set the raise_prefetch_errors class variable to
+# true. Doing so will error all resources associated with the failed
+# target.
 class Puppet::Provider::ParsedFile < Puppet::Provider
   extend Puppet::Util::FileParsing
   class << self
-    attr_accessor :default_target, :target
+    attr_accessor :default_target, :target, :raise_prefetch_errors
   end
   attr_accessor :property_hash
@@ -89,6 +95,10 @@ class Puppet::Provider::ParsedFile < Puppet::Provider
   # Flush all of the records relating to a specific target.
   def self.flush_target(target)
+    if @raise_prefetch_errors && @failed_prefetch_targets.key?(target)
+      raise Puppet::Error, _("Failed to read %{target}'s records when prefetching them. Reason: %{detail}") % { target: target, detail: @failed_prefetch_targets[target] }
+    end
     backup_target(target)
     records = target_records(target).reject { |r|
@@ -142,6 +152,10 @@ class Puppet::Provider::ParsedFile < Puppet::Provider
     @records = []
     @target_objects = {}
+    # Hash of <target> => <failure reason>.
+    @failed_prefetch_targets = {}
+    @raise_prefetch_errors = false
     @target = nil
     # Default to flat files
@@ -260,12 +274,19 @@ class Puppet::Provider::ParsedFile < Puppet::Provider
   # Prefetch an individual target.
   def self.prefetch_target(target)
     begin
       target_records = retrieve(target)
     rescue Puppet::Util::FileType::FileReadError => detail
-      puts detail.backtrace if Puppet[:trace]
-      Puppet.err _("Could not prefetch %{resource} provider '%{name}' target '%{target}': %{detail}. Treating as empty") % { resource: self.resource_type.name, name: self.name, target: target, detail: detail }
+      if @raise_prefetch_errors
+        # We will raise an error later in flush_target. This way,
+        # only the resources linked to our target will fail
+        # evaluation.
+        @failed_prefetch_targets[target] = detail.to_s
+      else
+        puts detail.backtrace if Puppet[:trace]
+        Puppet.err _("Could not prefetch %{resource} provider '%{name}' target '%{target}': %{detail}. Treating as empty") % { resource: self.resource_type.name, name: self.name, target: target, detail: detail }
+      end
       target_records = []
     end

data/lib/puppet/provider/service/smf.rb CHANGED

@@ -49,6 +49,52 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
    end
   end
+  # Returns the service's FMRI. We fail if multiple FMRIs correspond to
+  # @resource[:name].
+  #
+  # If the service does not exist or we fail to get any FMRIs from svcs,
+  # this method will raise a Puppet::Error
+  def service_fmri
+    return @fmri if @fmri
+    # `svcs -l` is better to use because we can detect service instances
+    # that have not yet been activated or enabled (i.e. it lets us detect
+    # services that svcadm has not yet touched). `svcs -H -o fmri` is a bit
+    # more limited.
+    lines = svcs("-l", @resource[:name]).chomp.lines.to_a
+    lines.select! { |line| line =~ /^fmri/ }
+    fmris = lines.map! { |line| line.split(' ')[-1].chomp }
+    unless fmris.length == 1
+      raise Puppet::Error, _("Failed to get the FMRI of the %{service} service: The pattern '%{service}' matches multiple FMRIs! These are the FMRIs it matches: %{all_fmris}") % { service: @resource[:name], all_fmris: fmris.join(', ') }
+    end
+    @fmri = fmris.first
+  end
+  # Returns true if the provider supports incomplete services.
+  def supports_incomplete_services?
+    Puppet::Util::Package.versioncmp(Facter.value(:operatingsystemrelease), '11.1') >= 0
+  end
+  # Returns true if the service is complete. A complete service is a service that
+  # has the general/complete property defined.
+  def complete_service?
+    unless supports_incomplete_services?
+      raise Puppet::Error, _("Cannot query if the %{service} service is complete: The concept of complete/incomplete services was introduced in Solaris 11.1. You are on a Solaris %{release} machine.") % { service: @resource[:name], release: Facter.value(:operatingsystemrelease) }
+    end
+    return @complete_service if @complete_service
+    # We need to use the service's FMRI when querying its config. because
+    # general/complete is an instance-specific property.
+    fmri = service_fmri
+    # Check if the general/complete property is defined. If it is undefined,
+    # then svccfg will not print anything to the console.
+    property_defn = svccfg("-s", fmri, "listprop", "general/complete").chomp
+    @complete_service = ! property_defn.empty?
+  end
   def enable
     self.start
   end
@@ -131,6 +177,14 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
     end
     begin
+      if supports_incomplete_services?
+        unless complete_service?
+          debug _("The %{service} service is incomplete so its status will be reported as :stopped. See `svcs -xv %{fmri}` for more details.") % { service: @resource[:name], fmri: service_fmri }
+          return :stopped
+        end
+      end
       # get the current state and the next state, and if the next
       # state is set (i.e. not "-") use it for state comparison
       states = service_states

data/lib/puppet/provider/service/systemd.rb CHANGED

@@ -26,6 +26,8 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
   defaultfor :operatingsystem => :amazon, :operatingsystemmajrelease => ["2"]
   defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid"]
+  defaultfor :operatingsystem => :LinuxMint
+  notdefaultfor :operatingsystem => :LinuxMint, :operatingsystemmajrelease => ["10", "11", "12", "13", "14", "15", "16", "17"] # These are using upstart
   defaultfor :operatingsystem => :ubuntu
   notdefaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["10.04", "12.04", "14.04", "14.10"] # These are using upstart
   defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ["3"]

data/lib/puppet/provider/service/upstart.rb CHANGED

@@ -17,6 +17,7 @@ Puppet::Type.type(:service).provide :upstart, :parent => :debian do
   ]
   defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["10.04", "12.04", "14.04", "14.10"]
+  defaultfor :operatingsystem => :LinuxMint, :operatingsystemmajrelease => ["10", "11", "12", "13", "14", "15", "16", "17"]
   commands :start   => "/sbin/start",
            :stop    => "/sbin/stop",

data/lib/puppet/rest/route.rb CHANGED

@@ -50,7 +50,7 @@ module Puppet::Rest
       end
       if Puppet[:use_srv_records]
-        dns_resolver.each_srv_record(@srv_service) do |srv_server, srv_port|
+        dns_resolver.each_srv_record(Puppet[:srv_domain], @srv_service) do |srv_server, srv_port|
           # Try each of the servers for this service in weighted order
           # until a working one is found.
           begin

data/lib/puppet/ssl/host.rb CHANGED

@@ -23,7 +23,7 @@ class Puppet::SSL::Host
   Certificate = Puppet::SSL::Certificate
   CertificateRequest = Puppet::SSL::CertificateRequest
-  attr_reader :name, :crl_path
+  attr_reader :name, :device, :crl_path
   attr_writer :key, :certificate, :certificate_request, :crl_usage
@@ -146,6 +146,17 @@ class Puppet::SSL::Host
     @certificate
   end
+  # The puppet parameters for commands output by the validate_ methods depend
+  # upon whether this is an agent or a device.
+  def clean_params
+    @device ? "--target #{Puppet[:certname]}" : ''
+  end
+  def puppet_params
+    @device ? "device -v --target #{Puppet[:certname]}" : 'agent -t'
+  end
   # Validate that our private key matches the specified certificate.
   #
   # @param [Puppet::SSL::Certificate] cert the certificate to check
@@ -154,15 +165,15 @@ class Puppet::SSL::Host
     raise Puppet::Error, _("No certificate to validate.") unless cert
     raise Puppet::Error, _("No private key with which to validate certificate with fingerprint: %{fingerprint}") % { fingerprint: cert.fingerprint } unless key
     unless cert.content.check_private_key(key.content)
-      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: cert.fingerprint, cert_name: Puppet[:certname] }
+      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: cert.fingerprint, cert_name: Puppet[:certname], clean_params: clean_params, puppet_params: puppet_params }
 The certificate retrieved from the master does not match the agent's private key. Did you forget to run as root?
 Certificate fingerprint: %{fingerprint}
 To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certificate.
 On the master:
   puppetserver ca clean --certname %{cert_name}
 On the agent:
-  1. puppet ssl clean
-  2. puppet agent -t
+  1. puppet ssl clean %{clean_params}
+  2. puppet %{puppet_params}
 ERROR_STRING
     end
   end
@@ -236,15 +247,15 @@ ERROR_STRING
   def validate_local_csr_with_key(csr, key)
     if key.content.public_key.to_s != csr.content.public_key.to_s
-      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text }
+      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, clean_params: clean_params, puppet_params: puppet_params }
 The local CSR does not match the agent's public key.
 CSR fingerprint: %{fingerprint}
 CSR public key: %{csr_public_key}
 Agent public key: %{agent_public_key}
 To fix this, remove the CSR from the agent and then start a puppet run, which will automatically regenerate a CSR.
 On the agent:
-  1. puppet ssl clean
-  2. puppet agent -t
+  1. puppet ssl clean %{clean_params}
+  2. puppet %{puppet_params}
 ERROR_STRING
     end
   end
@@ -252,7 +263,7 @@ ERROR_STRING
   def validate_csr_with_key(csr, key)
     if key.content.public_key.to_s != csr.content.public_key.to_s
-      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, cert_name: Puppet[:certname] }
+      raise Puppet::Error, _(<<ERROR_STRING) % { fingerprint: csr.fingerprint, csr_public_key: csr.content.public_key.to_text, agent_public_key: key.content.public_key.to_text, cert_name: Puppet[:certname], clean_params: clean_params, puppet_params: puppet_params }
 The CSR retrieved from the master does not match the agent's public key.
 CSR fingerprint: %{fingerprint}
 CSR public key: %{csr_public_key}
@@ -261,15 +272,16 @@ To fix this, remove the CSR from both the master and the agent and then start a
 On the master:
   puppetserver ca clean --certname %{cert_name}
 On the agent:
-  1. puppet ssl clean
-  2. puppet agent -t
+  1. puppet ssl clean %{clean_params}
+  2. puppet %{puppet_params}
 ERROR_STRING
     end
   end
   private :validate_csr_with_key
-  def initialize(name = nil)
+  def initialize(name = nil, device = false)
     @name = (name || Puppet[:certname]).downcase
+    @device = device
     Puppet::SSL::Base.validate_certname(@name)
     @key = @certificate = @certificate_request = nil
     @crl_usage = Puppet.settings[:certificate_revocation]

data/lib/puppet/transaction.rb CHANGED

@@ -56,6 +56,8 @@ class Puppet::Transaction
     @prefetched_providers = Hash.new { |h,k| h[k] = {} }
     @prefetch_failed_providers = Hash.new { |h,k| h[k] = {} }
+    @failed_dependencies_already_notified = Set.new()
   end
   # Invoke the pre_run_check hook in every resource in the catalog.
@@ -291,8 +293,9 @@ class Puppet::Transaction
     if s && s.dependency_failed?
       # See above. --daniel 2011-06-06
       unless suppress_report then
-        s.failed_dependencies.each do |dep|
+        s.failed_dependencies.find_all { |d| !(@failed_dependencies_already_notified.include?(d.ref)) }.each do |dep|
           resource.notice _("Dependency %{dep} has failures: %{status}") % { dep: dep, status: resource_status(dep).failed }
+          @failed_dependencies_already_notified.add(dep.ref)
         end
       end
     end

data/lib/puppet/transaction/event_manager.rb CHANGED

@@ -147,12 +147,18 @@ class Puppet::Transaction::EventManager
     resource.send(callback)
     if not resource.is_a?(Puppet::Type.type(:whit))
-      resource.notice n_("Triggered '%{callback}' from %{count} event", "Triggered '%{callback}' from %{count} events", events.length) % { count: events.length, callback: callback }
+      message = n_("Triggered '%{callback}' from %{count} event", "Triggered '%{callback}' from %{count} events", events.length) % { count: events.length, callback: callback }
+      resource.notice message
+      add_callback_status_event(resource, callback, message, "success")
     end
     return true
   rescue => detail
     resource_error_message = _("Failed to call %{callback}: %{detail}") % { callback: callback, detail: detail }
     resource.err resource_error_message
+    if not resource.is_a?(Puppet::Type.type(:whit))
+      add_callback_status_event(resource, callback, resource_error_message, "failure")
+    end
     transaction.resource_status(resource).failed_to_restart = true
     transaction.resource_status(resource).fail_with_event(resource_error_message)
@@ -160,6 +166,12 @@ class Puppet::Transaction::EventManager
     return false
   end
+  def add_callback_status_event(resource, callback, message, status)
+    options = { message: message, status: status, name: callback.to_s }
+    event = resource.event options
+    transaction.resource_status(resource) << event if event
+  end
   def process_noop_events(resource, callback, events)
     resource.notice n_("Would have triggered '%{callback}' from %{count} event", "Would have triggered '%{callback}' from %{count} events", events.length) % { count: events.length, callback: callback }

data/lib/puppet/transaction/resource_harness.rb CHANGED

@@ -158,7 +158,9 @@ class Puppet::Transaction::ResourceHarness
       raise
     ensure
       if event
-        event.calculate_corrective_change(@persistence.get_system_value(context.resource.ref, param.name.to_s))
+        name = param.name.to_s
+        event.message ||= _("could not create change error message for %{name}") % { name: name }
+        event.calculate_corrective_change(@persistence.get_system_value(context.resource.ref, name))
         context.record(event)
         event.send_log
         context.synced_params << param.name