puppet 6.0.9-x86-mingw32 → 6.0.10-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +16 -16
- data/lib/hiera/scope.rb +7 -0
- data/lib/puppet.rb +1 -1
- data/lib/puppet/application/device.rb +13 -3
- data/lib/puppet/application/ssl.rb +2 -0
- data/lib/puppet/configurer.rb +1 -1
- data/lib/puppet/network/http/connection.rb +2 -0
- data/lib/puppet/network/http/factory.rb +5 -0
- data/lib/puppet/pops/types/types.rb +5 -3
- data/lib/puppet/provider.rb +1 -2
- data/lib/puppet/provider/package.rb +2 -0
- data/lib/puppet/provider/package/dpkg.rb +15 -2
- data/lib/puppet/provider/package/gem.rb +65 -29
- data/lib/puppet/provider/package/pip.rb +135 -111
- data/lib/puppet/provider/package/pip3.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -1
- data/lib/puppet/provider/package/rpm.rb +27 -16
- data/lib/puppet/provider/package/yum.rb +2 -1
- data/lib/puppet/provider/package_targetable.rb +68 -0
- data/lib/puppet/provider/service/upstart.rb +5 -3
- data/lib/puppet/provider/user/useradd.rb +16 -13
- data/lib/puppet/settings/server_list_setting.rb +9 -0
- data/lib/puppet/ssl/host.rb +0 -11
- data/lib/puppet/ssl/validator/default_validator.rb +31 -0
- data/lib/puppet/type/package.rb +46 -9
- data/lib/puppet/util/pidlock.rb +3 -2
- data/lib/puppet/util/windows/process.rb +8 -8
- data/lib/puppet/util/windows/registry.rb +7 -1
- data/lib/puppet/util/windows/user.rb +14 -4
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +83 -79
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/network/http_pool_spec.rb +120 -0
- data/spec/integration/type/package_spec.rb +1 -1
- data/spec/integration/util/windows/registry_spec.rb +52 -0
- data/spec/integration/util/windows/user_spec.rb +19 -0
- data/spec/lib/puppet_spec/https.rb +166 -0
- data/spec/unit/application/ssl_spec.rb +5 -0
- data/spec/unit/configurer_spec.rb +1 -1
- data/spec/unit/functions/new_spec.rb +15 -0
- data/spec/unit/hiera/scope_spec.rb +7 -0
- data/spec/unit/indirector/resource/ral_spec.rb +1 -0
- data/spec/unit/network/http/connection_spec.rb +0 -96
- data/spec/unit/network/http/factory_spec.rb +6 -0
- data/spec/unit/provider/package/dpkg_spec.rb +18 -1
- data/spec/unit/provider/package/gem_spec.rb +101 -48
- data/spec/unit/provider/package/pip3_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +57 -67
- data/spec/unit/provider/package/puppet_gem_spec.rb +22 -6
- data/spec/unit/provider/package/rpm_spec.rb +116 -27
- data/spec/unit/provider/service/upstart_spec.rb +3 -22
- data/spec/unit/settings/server_list_setting_spec.rb +21 -0
- data/spec/unit/ssl/validator_spec.rb +2 -0
- data/spec/unit/util/pidlock_spec.rb +26 -0
- metadata +9 -5
- data/lib/puppet/rest/client.rb +0 -83
- data/spec/unit/rest/client_spec.rb +0 -166
@@ -33,35 +33,16 @@ describe 'Puppet::Type::Service::Provider::Upstart', unless: Puppet::Util::Platf
|
|
33
33
|
end
|
34
34
|
|
35
35
|
context "upstart daemon existence confine" do
|
36
|
-
# We have a separate method here because our search for the upstart daemon
|
37
|
-
# confine expects it to be the last confine declared in the upstart provider.
|
38
|
-
# If in the future we add other confines below it or change its order, these
|
39
|
-
# unit tests will fail. Placing knowledge of where this confine is located
|
40
|
-
# in one place makes updating it less painful in case we ever need to do this.
|
41
|
-
def assert_upstart_daemon_existence_confine_is(expected_value)
|
42
|
-
# Reload our provider to evaluate the :confine block
|
43
|
-
provider_class = Puppet::Type.type(:service).provider(:upstart)
|
44
|
-
|
45
|
-
upstart_daemon_existence_confine = provider_class.confine_collection.instance_variable_get(:@confines)[-1]
|
46
|
-
expect(upstart_daemon_existence_confine.valid?).to be(expected_value)
|
47
|
-
end
|
48
|
-
|
49
36
|
let(:initctl_version) { ['/sbin/initctl', 'version', '--quiet'] }
|
50
37
|
|
51
38
|
before(:each) do
|
52
|
-
# Stub out /sbin/initctl
|
53
39
|
allow(Puppet::Util).to receive(:which).with('/sbin/initctl').and_return('/sbin/initctl')
|
54
|
-
|
55
|
-
# Both of our tests are asserting the confine :true block that shells out to
|
56
|
-
# `initctl version --quiet`. Its expression is evaluated at provider load-time.
|
57
|
-
# Hence before each test, we want to reload the upstart provider so that the
|
58
|
-
# confine is re-evaluated.
|
59
|
-
Puppet::Type.type(:service).unprovide(:upstart)
|
60
40
|
end
|
61
41
|
|
62
42
|
it "should return true when the daemon is running" do
|
63
43
|
expect(Puppet::Util::Execution).to receive(:execute).with(initctl_version, instance_of(Hash))
|
64
|
-
|
44
|
+
|
45
|
+
expect(provider_class).to be_has_initctl
|
65
46
|
end
|
66
47
|
|
67
48
|
it "should return false when the daemon is not running" do
|
@@ -69,7 +50,7 @@ describe 'Puppet::Type::Service::Provider::Upstart', unless: Puppet::Util::Platf
|
|
69
50
|
.with(initctl_version, instance_of(Hash))
|
70
51
|
.and_raise(Puppet::ExecutionFailure, "initctl failed!")
|
71
52
|
|
72
|
-
|
53
|
+
expect(provider_class).to_not be_has_initctl
|
73
54
|
end
|
74
55
|
end
|
75
56
|
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet/settings/server_list_setting'
|
3
|
+
|
4
|
+
describe Puppet::Settings::ServerListSetting do
|
5
|
+
|
6
|
+
it "prints strings as strings" do
|
7
|
+
settings = Puppet::Settings.new
|
8
|
+
settings.define_settings(:main, neptune: {type: :server_list, desc: 'list of servers'})
|
9
|
+
server_list_setting = settings.setting(:neptune)
|
10
|
+
expect(server_list_setting.print("jupiter,mars")).to eq("jupiter,mars")
|
11
|
+
end
|
12
|
+
|
13
|
+
it "prints arrays as strings" do
|
14
|
+
settings = Puppet::Settings.new
|
15
|
+
settings.define_settings(:main, neptune: {type: :server_list, desc: 'list of servers'})
|
16
|
+
server_list_setting = settings.setting(:neptune)
|
17
|
+
expect(server_list_setting.print([["main", 1234],["production", 8140]])).to eq("main:1234,production:8140")
|
18
|
+
expect(server_list_setting.print([])).to eq("")
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
@@ -185,6 +185,7 @@ describe Puppet::SSL::Validator::DefaultValidator, unless: Puppet::Util::Platfor
|
|
185
185
|
allow(subject).to receive(:ssl_certificates_are_present?).and_return(true)
|
186
186
|
connection = double('Net::HTTP')
|
187
187
|
|
188
|
+
allow(connection).to receive(:address).and_return('puppet.com')
|
188
189
|
expect(connection).to receive(:cert_store=).with(ssl_host.ssl_store)
|
189
190
|
expect(connection).to receive(:ca_file=).with(ca_path)
|
190
191
|
expect(connection).to receive(:cert=).with(ssl_host.certificate.content)
|
@@ -200,6 +201,7 @@ describe Puppet::SSL::Validator::DefaultValidator, unless: Puppet::Util::Platfor
|
|
200
201
|
allow(subject).to receive(:ssl_certificates_are_present?).and_return(false)
|
201
202
|
connection = double('Net::HTTP')
|
202
203
|
|
204
|
+
allow(connection).to receive(:address).and_return('puppet.com')
|
203
205
|
expect(connection).to receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
|
204
206
|
|
205
207
|
subject.setup_connection(connection, ssl_host)
|
@@ -26,6 +26,18 @@ describe Puppet::Util::Pidlock, if: !Puppet::Util::Platform.jruby? do
|
|
26
26
|
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(@lock.lock_pid).and_return('C:\Program Files\Puppet Labs\Puppet\puppet\bin\ruby.exe')
|
27
27
|
else
|
28
28
|
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'comm=']).and_return('puppet')
|
29
|
+
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'args=']).and_return('puppet')
|
30
|
+
end
|
31
|
+
expect(@lock).to be_locked
|
32
|
+
end
|
33
|
+
|
34
|
+
it "should become locked if puppet is a gem" do
|
35
|
+
@lock.lock
|
36
|
+
unless Puppet::Util::Platform.windows?
|
37
|
+
expect(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'comm=']).and_return('ruby')
|
38
|
+
expect(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'args=']).and_return('ruby /root/puppet/.bundle/ruby/2.3.0/bin/puppet agent --no-daemonize -v')
|
39
|
+
else
|
40
|
+
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(@lock.lock_pid).and_return('C:\tools\ruby25\bin\ruby.exe')
|
29
41
|
end
|
30
42
|
expect(@lock).to be_locked
|
31
43
|
end
|
@@ -109,6 +121,18 @@ describe Puppet::Util::Pidlock, if: !Puppet::Util::Platform.jruby? do
|
|
109
121
|
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(@lock.lock_pid).and_return('C:\Program Files\Puppet Labs\Puppet\puppet\bin\ruby.exe')
|
110
122
|
else
|
111
123
|
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'comm=']).and_return('puppet')
|
124
|
+
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'args=']).and_return('puppet')
|
125
|
+
end
|
126
|
+
expect(@lock).to be_locked
|
127
|
+
end
|
128
|
+
|
129
|
+
it "should return true if locked when puppet as gem" do
|
130
|
+
@lock.lock
|
131
|
+
unless Puppet::Util::Platform.windows?
|
132
|
+
expect(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'comm=']).and_return('ruby')
|
133
|
+
expect(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', @lock.lock_pid, '-o', 'args=']).and_return('ruby /root/puppet/.bundle/ruby/2.3.0/bin/puppet agent --no-daemonize -v')
|
134
|
+
else
|
135
|
+
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(@lock.lock_pid).and_return('C:\tools\ruby25\bin\ruby.exe')
|
112
136
|
end
|
113
137
|
expect(@lock).to be_locked
|
114
138
|
end
|
@@ -159,6 +183,7 @@ describe Puppet::Util::Pidlock, if: !Puppet::Util::Platform.jruby? do
|
|
159
183
|
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(6789).and_return('C:\Program Files\Puppet Labs\Puppet\puppet\bin\ruby.exe')
|
160
184
|
else
|
161
185
|
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', 6789, '-o', 'comm=']).and_return('puppet')
|
186
|
+
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', 6789, '-o', 'args=']).and_return('puppet')
|
162
187
|
end
|
163
188
|
@lock.lock
|
164
189
|
expect(Puppet::FileSystem.exist?(@lockfile)).to be_truthy
|
@@ -188,6 +213,7 @@ describe Puppet::Util::Pidlock, if: !Puppet::Util::Platform.jruby? do
|
|
188
213
|
allow(Puppet::Util::Windows::Process).to receive(:get_process_image_name_by_pid).with(1234).and_return('C:\Program Files\Puppet Labs\Puppet\puppet\bin\ruby.exe')
|
189
214
|
else
|
190
215
|
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', 1234, '-o', 'comm=']).and_return('puppet')
|
216
|
+
allow(Puppet::Util::Execution).to receive(:execute).with(['ps', '-p', 1234, '-o', 'args=']).and_return('puppet')
|
191
217
|
end
|
192
218
|
# lock the file
|
193
219
|
@lock.lock
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.0.
|
4
|
+
version: 6.0.10
|
5
5
|
platform: x86-mingw32
|
6
6
|
authors:
|
7
7
|
- Puppet Labs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-07-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: facter
|
@@ -1101,6 +1101,7 @@ files:
|
|
1101
1101
|
- lib/puppet/provider/package/windows/package.rb
|
1102
1102
|
- lib/puppet/provider/package/yum.rb
|
1103
1103
|
- lib/puppet/provider/package/zypper.rb
|
1104
|
+
- lib/puppet/provider/package_targetable.rb
|
1104
1105
|
- lib/puppet/provider/parsedfile.rb
|
1105
1106
|
- lib/puppet/provider/service/base.rb
|
1106
1107
|
- lib/puppet/provider/service/bsd.rb
|
@@ -1149,7 +1150,6 @@ files:
|
|
1149
1150
|
- lib/puppet/resource/status.rb
|
1150
1151
|
- lib/puppet/resource/type.rb
|
1151
1152
|
- lib/puppet/resource/type_collection.rb
|
1152
|
-
- lib/puppet/rest/client.rb
|
1153
1153
|
- lib/puppet/rest/errors.rb
|
1154
1154
|
- lib/puppet/rest/response.rb
|
1155
1155
|
- lib/puppet/rest/route.rb
|
@@ -1798,6 +1798,7 @@ files:
|
|
1798
1798
|
- spec/integration/network/authconfig_spec.rb
|
1799
1799
|
- spec/integration/network/formats_spec.rb
|
1800
1800
|
- spec/integration/network/http/api/indirected_routes_spec.rb
|
1801
|
+
- spec/integration/network/http_pool_spec.rb
|
1801
1802
|
- spec/integration/node/environment_spec.rb
|
1802
1803
|
- spec/integration/node/facts_spec.rb
|
1803
1804
|
- spec/integration/node_spec.rb
|
@@ -1871,6 +1872,7 @@ files:
|
|
1871
1872
|
- spec/lib/puppet_spec/files.rb
|
1872
1873
|
- spec/lib/puppet_spec/fixtures.rb
|
1873
1874
|
- spec/lib/puppet_spec/handler.rb
|
1875
|
+
- spec/lib/puppet_spec/https.rb
|
1874
1876
|
- spec/lib/puppet_spec/language.rb
|
1875
1877
|
- spec/lib/puppet_spec/matchers.rb
|
1876
1878
|
- spec/lib/puppet_spec/module_tool/shared_functions.rb
|
@@ -2429,7 +2431,6 @@ files:
|
|
2429
2431
|
- spec/unit/resource/type_collection_spec.rb
|
2430
2432
|
- spec/unit/resource/type_spec.rb
|
2431
2433
|
- spec/unit/resource_spec.rb
|
2432
|
-
- spec/unit/rest/client_spec.rb
|
2433
2434
|
- spec/unit/rest/route_spec.rb
|
2434
2435
|
- spec/unit/scheduler/job_spec.rb
|
2435
2436
|
- spec/unit/scheduler/scheduler_spec.rb
|
@@ -2446,6 +2447,7 @@ files:
|
|
2446
2447
|
- spec/unit/settings/ini_file_spec.rb
|
2447
2448
|
- spec/unit/settings/path_setting_spec.rb
|
2448
2449
|
- spec/unit/settings/priority_setting_spec.rb
|
2450
|
+
- spec/unit/settings/server_list_setting_spec.rb
|
2449
2451
|
- spec/unit/settings/string_setting_spec.rb
|
2450
2452
|
- spec/unit/settings/terminus_setting_spec.rb
|
2451
2453
|
- spec/unit/settings/value_translator_spec.rb
|
@@ -3004,6 +3006,7 @@ test_files:
|
|
3004
3006
|
- spec/integration/network/authconfig_spec.rb
|
3005
3007
|
- spec/integration/network/formats_spec.rb
|
3006
3008
|
- spec/integration/network/http/api/indirected_routes_spec.rb
|
3009
|
+
- spec/integration/network/http_pool_spec.rb
|
3007
3010
|
- spec/integration/node/environment_spec.rb
|
3008
3011
|
- spec/integration/node/facts_spec.rb
|
3009
3012
|
- spec/integration/node_spec.rb
|
@@ -3077,6 +3080,7 @@ test_files:
|
|
3077
3080
|
- spec/lib/puppet_spec/files.rb
|
3078
3081
|
- spec/lib/puppet_spec/fixtures.rb
|
3079
3082
|
- spec/lib/puppet_spec/handler.rb
|
3083
|
+
- spec/lib/puppet_spec/https.rb
|
3080
3084
|
- spec/lib/puppet_spec/language.rb
|
3081
3085
|
- spec/lib/puppet_spec/matchers.rb
|
3082
3086
|
- spec/lib/puppet_spec/module_tool/shared_functions.rb
|
@@ -3635,7 +3639,6 @@ test_files:
|
|
3635
3639
|
- spec/unit/resource/type_collection_spec.rb
|
3636
3640
|
- spec/unit/resource/type_spec.rb
|
3637
3641
|
- spec/unit/resource_spec.rb
|
3638
|
-
- spec/unit/rest/client_spec.rb
|
3639
3642
|
- spec/unit/rest/route_spec.rb
|
3640
3643
|
- spec/unit/scheduler/job_spec.rb
|
3641
3644
|
- spec/unit/scheduler/scheduler_spec.rb
|
@@ -3652,6 +3655,7 @@ test_files:
|
|
3652
3655
|
- spec/unit/settings/ini_file_spec.rb
|
3653
3656
|
- spec/unit/settings/path_setting_spec.rb
|
3654
3657
|
- spec/unit/settings/priority_setting_spec.rb
|
3658
|
+
- spec/unit/settings/server_list_setting_spec.rb
|
3655
3659
|
- spec/unit/settings/string_setting_spec.rb
|
3656
3660
|
- spec/unit/settings/terminus_setting_spec.rb
|
3657
3661
|
- spec/unit/settings/value_translator_spec.rb
|
data/lib/puppet/rest/client.rb
DELETED
@@ -1,83 +0,0 @@
|
|
1
|
-
require 'httpclient'
|
2
|
-
|
3
|
-
require 'puppet'
|
4
|
-
require 'puppet/rest/response'
|
5
|
-
require 'puppet/rest/errors'
|
6
|
-
require 'puppet/util/ssl'
|
7
|
-
|
8
|
-
module Puppet::Rest
|
9
|
-
class Client
|
10
|
-
attr_reader :dns_resolver
|
11
|
-
|
12
|
-
# Create a new HTTP client for querying the given API.
|
13
|
-
# @param [Puppet::Rest::SSLContext] ssl_context the SSL configuration for this client
|
14
|
-
# @param [Integer] receive_timeout how long in seconds this client will wait
|
15
|
-
# for a response after making a request
|
16
|
-
# @param [HTTPClient] client the third-party HTTP client wrapped by this
|
17
|
-
# class. This param is only used for testing.
|
18
|
-
def initialize(ssl_context:,
|
19
|
-
receive_timeout: Puppet[:http_read_timeout],
|
20
|
-
client: HTTPClient.new(agent_name: nil,
|
21
|
-
default_header: {
|
22
|
-
'User-Agent' => Puppet[:http_user_agent],
|
23
|
-
'X-PUPPET-VERSION' => Puppet::PUPPETVERSION
|
24
|
-
}))
|
25
|
-
@client = client
|
26
|
-
@client.tcp_keepalive = true
|
27
|
-
@client.connect_timeout = Puppet[:http_connect_timeout]
|
28
|
-
@client.receive_timeout = receive_timeout
|
29
|
-
@client.transparent_gzip_decompression = true
|
30
|
-
|
31
|
-
if Puppet[:http_debug]
|
32
|
-
@client.debug_dev = $stderr
|
33
|
-
end
|
34
|
-
|
35
|
-
@ca_path = Puppet[:ssl_client_ca_auth] || Puppet[:localcacert]
|
36
|
-
@verifier = Puppet::SSL::Validator::DefaultValidator.new(@ca_path)
|
37
|
-
configure_verify_mode(ssl_context)
|
38
|
-
|
39
|
-
@dns_resolver = Puppet::Network::Resolver.new
|
40
|
-
end
|
41
|
-
|
42
|
-
# Make a GET request to the specified URL with the specified params.
|
43
|
-
# @param [URI::HTTPS] url the full path to query
|
44
|
-
# @param [Hash] query any URL params to add to send to the endpoint
|
45
|
-
# @param [Hash] header any additional entries to add to the default header
|
46
|
-
# @yields [String] chunks of the response body
|
47
|
-
# @raise [Puppet::Rest::ResponseError] if the response status is not OK
|
48
|
-
def get(url, query: nil, header: nil, &block)
|
49
|
-
begin
|
50
|
-
@client.get_content(url.to_s, { query: query, header: header }) do |chunk|
|
51
|
-
block.call(chunk)
|
52
|
-
end
|
53
|
-
rescue HTTPClient::BadResponseError => e
|
54
|
-
raise Puppet::Rest::ResponseError.new(e.message, Puppet::Rest::Response.new(e.res))
|
55
|
-
rescue OpenSSL::OpenSSLError => e
|
56
|
-
Puppet::Util::SSL.handle_connection_error(e, @verifier, url.host)
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
# Make a PUT request to the specified URL with the specified params.
|
61
|
-
# @param [URI::HTTPS] url the full path to query
|
62
|
-
# @param [String/Hash] body the contents of the PUT request
|
63
|
-
# @param [Hash] query any URL params to add to send to the endpoint
|
64
|
-
# @param [Hash] header any additional entries to add to the default header
|
65
|
-
# @return [Puppet::Rest::Response]
|
66
|
-
def put(url, body:, query: nil, header: nil)
|
67
|
-
begin
|
68
|
-
response = @client.put(url.to_s, body: body, query: query, header: header)
|
69
|
-
Puppet::Rest::Response.new(response)
|
70
|
-
rescue OpenSSL::OpenSSLError => e
|
71
|
-
Puppet::Util::SSL.handle_connection_error(e, @verifier, url.host)
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
private
|
76
|
-
|
77
|
-
def configure_verify_mode(ssl_context)
|
78
|
-
@client.ssl_config.verify_callback = @verifier
|
79
|
-
@client.ssl_config.cert_store = ssl_context.cert_store
|
80
|
-
@client.ssl_config.verify_mode = ssl_context.verify_mode
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
@@ -1,166 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
require 'puppet/rest/client'
|
4
|
-
require 'puppet/rest/ssl_context'
|
5
|
-
require 'puppet_spec/validators'
|
6
|
-
require 'puppet_spec/ssl'
|
7
|
-
|
8
|
-
describe Puppet::Rest::Client do
|
9
|
-
# Follows closely with spec/unit/network/http/connection_spec's
|
10
|
-
# 'ssl verifier' shared context
|
11
|
-
shared_examples 'connection error handling' do
|
12
|
-
let(:uri) { URI.parse('https://foo.com/blah') }
|
13
|
-
|
14
|
-
it 'provides a meaningful error message when cert validation fails' do
|
15
|
-
client.instance_variable_set(:@verifier,
|
16
|
-
ConstantErrorValidator.new(
|
17
|
-
error_string: 'foo'))
|
18
|
-
|
19
|
-
expect(http).to receive(:get_content).with(uri.to_s, query: nil, header: nil)
|
20
|
-
.and_raise(OpenSSL::OpenSSLError.new('certificate verify failed'))
|
21
|
-
expect{ client.get(uri) }.to raise_error do |error|
|
22
|
-
expect(error).to be_a(Puppet::Error)
|
23
|
-
expect(error.message).to include('foo')
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
it 'provides valuable error message when cert names do not match' do
|
28
|
-
cert = PuppetSpec::SSL.self_signed_ca(PuppetSpec::SSL.create_private_key,
|
29
|
-
'/CN=bar.com')
|
30
|
-
client.instance_variable_set(:@verifier,
|
31
|
-
ConstantErrorValidator.new(
|
32
|
-
peer_certs: [cert]))
|
33
|
-
expect(http).to receive(:get_content).with(uri.to_s, query: nil, header: nil)
|
34
|
-
.and_raise(OpenSSL::OpenSSLError.new('hostname does not match with server certificate'))
|
35
|
-
expect { client.get(uri) }.to raise_error do |error|
|
36
|
-
expect(error).to be_a(Puppet::Error)
|
37
|
-
expect(error.message).to include("Server hostname 'foo.com' did not match")
|
38
|
-
expect(error.message).to include('expected bar.com')
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
it 're-raises errors it does not understand' do
|
43
|
-
expect(http).to receive(:get_content).with(uri.to_s, query: nil, header: nil)
|
44
|
-
.and_raise(OpenSSL::OpenSSLError.new('other ssl error'))
|
45
|
-
expect{ client.get(uri) }.to raise_error do |error|
|
46
|
-
expect(error).to be_a(OpenSSL::OpenSSLError)
|
47
|
-
expect(error.message).to include('other ssl error')
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
context 'when creating a new client' do
|
53
|
-
let(:ssl_store) { double('store') }
|
54
|
-
let(:ssl_config) do
|
55
|
-
double(
|
56
|
-
'ssl config',
|
57
|
-
:cert_store= => nil,
|
58
|
-
:verify_callback= => nil,
|
59
|
-
:verify_mode= => nil,
|
60
|
-
)
|
61
|
-
end
|
62
|
-
let(:http) do
|
63
|
-
double(
|
64
|
-
'http',
|
65
|
-
:connect_timeout= => nil,
|
66
|
-
:receive_timeout= => nil,
|
67
|
-
:ssl_config => ssl_config,
|
68
|
-
:tcp_keepalive= => nil,
|
69
|
-
:transparent_gzip_decompression= => nil,
|
70
|
-
)
|
71
|
-
end
|
72
|
-
|
73
|
-
it 'initializes itself with basic defaults' do
|
74
|
-
expect(HTTPClient).to receive(:new).and_return(http)
|
75
|
-
allow(OpenSSL::X509::Store).to receive(:new).and_return(ssl_store)
|
76
|
-
# Configure connection with HTTP settings
|
77
|
-
Puppet[:http_read_timeout] = 120
|
78
|
-
Puppet[:http_connect_timeout] = 10
|
79
|
-
Puppet[:http_debug] = true
|
80
|
-
|
81
|
-
expect(http).to receive(:connect_timeout=).with(10)
|
82
|
-
expect(http).to receive(:receive_timeout=).with(120)
|
83
|
-
expect(http).to receive(:debug_dev=).with($stderr)
|
84
|
-
|
85
|
-
# Configure verify mode with SSL settings
|
86
|
-
expect(ssl_config).to receive(:cert_store=).with(ssl_store)
|
87
|
-
Puppet[:ssl_client_ca_auth] = '/fake/path'
|
88
|
-
Puppet[:hostcert] = '/fake/cert/path'
|
89
|
-
expect(ssl_config).to receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
|
90
|
-
|
91
|
-
Puppet::Rest::Client.new(ssl_context: Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_NONE))
|
92
|
-
end
|
93
|
-
|
94
|
-
it 'uses a given client and SSL store when provided' do
|
95
|
-
expect(ssl_config).to receive(:cert_store=).with(ssl_store)
|
96
|
-
Puppet::Rest::Client.new(client: http,
|
97
|
-
ssl_context: Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_PEER, ssl_store))
|
98
|
-
end
|
99
|
-
|
100
|
-
it 'configures a receive timeout when provided' do
|
101
|
-
expect(http).to receive(:receive_timeout=).with(10)
|
102
|
-
Puppet::Rest::Client.new(ssl_context: Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_NONE),
|
103
|
-
client: http, receive_timeout: 10)
|
104
|
-
end
|
105
|
-
end
|
106
|
-
|
107
|
-
context 'when making requests', focus: true do
|
108
|
-
let(:ssl_config) do
|
109
|
-
double(
|
110
|
-
'ssl config',
|
111
|
-
:cert_store= => nil,
|
112
|
-
:verify_callback= => nil,
|
113
|
-
:verify_mode= => nil,
|
114
|
-
)
|
115
|
-
end
|
116
|
-
let(:http) do
|
117
|
-
double(
|
118
|
-
'http',
|
119
|
-
:connect_timeout= => nil,
|
120
|
-
:receive_timeout= => nil,
|
121
|
-
:ssl_config => ssl_config,
|
122
|
-
:tcp_keepalive= => nil,
|
123
|
-
:transparent_gzip_decompression= => nil,
|
124
|
-
)
|
125
|
-
end
|
126
|
-
let(:client) { Puppet::Rest::Client.new(ssl_context: Puppet::Rest::SSLContext.new(OpenSSL::SSL::VERIFY_NONE), client: http) }
|
127
|
-
let(:url) { 'https://myserver.com:555/data' }
|
128
|
-
|
129
|
-
describe "#get" do
|
130
|
-
it 'makes a GET request given a URL, query hash, header hash, and streaming block' do
|
131
|
-
query = { 'environment' => 'production' }
|
132
|
-
header = { 'Accept' => 'text/plain' }
|
133
|
-
response_string = ''
|
134
|
-
chunk_processing = lambda { |chunk| response_string = chunk }
|
135
|
-
expect(http).to receive(:get_content).with(url, { query: query, header: header }).and_yield('response')
|
136
|
-
client.get(url, query: query, header: header, &chunk_processing)
|
137
|
-
expect(response_string).to eq('response')
|
138
|
-
end
|
139
|
-
|
140
|
-
it 'throws an exception when the response to the GET is not OK' do
|
141
|
-
fake_response = double('resp', :status => HTTP::Status::BAD_REQUEST)
|
142
|
-
expect(http).to receive(:get_content).with(url, query: nil, header: nil)
|
143
|
-
.and_raise(HTTPClient::BadResponseError.new('failed request', fake_response))
|
144
|
-
expect { client.get(url) }.to raise_error do |error|
|
145
|
-
expect(error.message).to eq('failed request')
|
146
|
-
expect(error.response).to be_a(Puppet::Rest::Response)
|
147
|
-
expect(error.response.status_code).to eq(400)
|
148
|
-
end
|
149
|
-
end
|
150
|
-
|
151
|
-
include_examples 'connection error handling'
|
152
|
-
end
|
153
|
-
|
154
|
-
describe "#put" do
|
155
|
-
it 'makes a PUT request given a URL, string body, query hash, and header hash' do
|
156
|
-
body = 'send to server'
|
157
|
-
query = { 'environment' => 'production' }
|
158
|
-
header = { 'Accept' => 'text/plain' }
|
159
|
-
expect(http).to receive(:put).with(url, { body: body, query: query, header: header })
|
160
|
-
client.put(url, body: body, query: query, header: header)
|
161
|
-
end
|
162
|
-
|
163
|
-
include_examples 'connection error handling'
|
164
|
-
end
|
165
|
-
end
|
166
|
-
end
|