puppet 6.10.1-universal-darwin → 6.11.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (242) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/Gemfile.lock +20 -12
  4. data/ext/project_data.yaml +3 -2
  5. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  6. data/ext/windows/service/daemon.rb +33 -8
  7. data/install.rb +6 -6
  8. data/lib/puppet.rb +8 -0
  9. data/lib/puppet/application.rb +1 -1
  10. data/lib/puppet/application/agent.rb +3 -0
  11. data/lib/puppet/application/apply.rb +2 -2
  12. data/lib/puppet/application/describe.rb +3 -9
  13. data/lib/puppet/application/device.rb +3 -0
  14. data/lib/puppet/application/doc.rb +1 -1
  15. data/lib/puppet/application/lookup.rb +1 -1
  16. data/lib/puppet/application/script.rb +2 -2
  17. data/lib/puppet/application/ssl.rb +25 -21
  18. data/lib/puppet/configurer.rb +42 -0
  19. data/lib/puppet/configurer/downloader.rb +2 -6
  20. data/lib/puppet/context/trusted_information.rb +42 -4
  21. data/lib/puppet/defaults.rb +19 -4
  22. data/lib/puppet/face/module/list.rb +5 -5
  23. data/lib/puppet/face/module/search.rb +1 -1
  24. data/lib/puppet/face/module/uninstall.rb +1 -1
  25. data/lib/puppet/face/module/upgrade.rb +1 -1
  26. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  27. data/lib/puppet/file_system.rb +0 -8
  28. data/lib/puppet/file_system/memory_file.rb +1 -1
  29. data/lib/puppet/file_system/posix.rb +3 -2
  30. data/lib/puppet/forge.rb +3 -3
  31. data/lib/puppet/functions.rb +1 -2
  32. data/lib/puppet/gettext/module_translations.rb +1 -1
  33. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  34. data/lib/puppet/graph/simple_graph.rb +4 -3
  35. data/lib/puppet/http.rb +29 -0
  36. data/lib/puppet/http/client.rb +156 -0
  37. data/lib/puppet/http/errors.rb +30 -0
  38. data/lib/puppet/http/redirector.rb +48 -0
  39. data/lib/puppet/http/resolver.rb +5 -0
  40. data/lib/puppet/http/resolver/settings.rb +5 -0
  41. data/lib/puppet/http/resolver/srv.rb +13 -0
  42. data/lib/puppet/http/response.rb +34 -0
  43. data/lib/puppet/http/retry_after_handler.rb +47 -0
  44. data/lib/puppet/http/service.rb +18 -0
  45. data/lib/puppet/http/service/ca.rb +49 -0
  46. data/lib/puppet/http/session.rb +55 -0
  47. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  48. data/lib/puppet/indirector/hiera.rb +2 -0
  49. data/lib/puppet/indirector/request.rb +1 -1
  50. data/lib/puppet/indirector/resource/ral.rb +1 -3
  51. data/lib/puppet/indirector/resource/validator.rb +1 -1
  52. data/lib/puppet/interface.rb +2 -1
  53. data/lib/puppet/interface/documentation.rb +1 -1
  54. data/lib/puppet/loaders.rb +0 -1
  55. data/lib/puppet/metatype/manager.rb +1 -1
  56. data/lib/puppet/module.rb +1 -1
  57. data/lib/puppet/module/task.rb +20 -4
  58. data/lib/puppet/module_tool/applications/installer.rb +1 -1
  59. data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
  60. data/lib/puppet/module_tool/metadata.rb +1 -1
  61. data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
  62. data/lib/puppet/module_tool/tar/mini.rb +1 -1
  63. data/lib/puppet/network/http.rb +2 -6
  64. data/lib/puppet/network/http/api/indirected_routes.rb +12 -11
  65. data/lib/puppet/network/http/connection.rb +10 -12
  66. data/lib/puppet/network/http/pool.rb +2 -0
  67. data/lib/puppet/network/http/site.rb +5 -1
  68. data/lib/puppet/network/resolver.rb +4 -4
  69. data/lib/puppet/node/environment.rb +4 -2
  70. data/lib/puppet/pal/pal_impl.rb +2 -2
  71. data/lib/puppet/parser/ast.rb +1 -1
  72. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  73. data/lib/puppet/parser/functions.rb +1 -1
  74. data/lib/puppet/parser/scope.rb +8 -7
  75. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  76. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  77. data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
  78. data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -7
  79. data/lib/puppet/pops/loader/module_loaders.rb +1 -1
  80. data/lib/puppet/pops/loader/task_instantiator.rb +4 -0
  81. data/lib/puppet/pops/loaders.rb +1 -1
  82. data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
  83. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  84. data/lib/puppet/pops/merge_strategy.rb +22 -18
  85. data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
  86. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  87. data/lib/puppet/pops/parser/locator.rb +1 -1
  88. data/lib/puppet/pops/parser/pn_parser.rb +17 -16
  89. data/lib/puppet/pops/puppet_stack.rb +52 -48
  90. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  91. data/lib/puppet/pops/types/p_uri_type.rb +1 -1
  92. data/lib/puppet/pops/types/string_converter.rb +10 -10
  93. data/lib/puppet/pops/types/types.rb +3 -3
  94. data/lib/puppet/property.rb +1 -1
  95. data/lib/puppet/property/ensure.rb +1 -1
  96. data/lib/puppet/provider/exec.rb +6 -2
  97. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  98. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  99. data/lib/puppet/provider/package/apt.rb +5 -1
  100. data/lib/puppet/provider/package/dnfmodule.rb +87 -0
  101. data/lib/puppet/provider/package/dpkg.rb +31 -17
  102. data/lib/puppet/provider/package/openbsd.rb +1 -1
  103. data/lib/puppet/provider/package/pip.rb +34 -9
  104. data/lib/puppet/provider/package/portage.rb +1 -1
  105. data/lib/puppet/provider/package/rpm.rb +5 -5
  106. data/lib/puppet/provider/package/windows/package.rb +1 -1
  107. data/lib/puppet/provider/package/yum.rb +1 -1
  108. data/lib/puppet/provider/parsedfile.rb +1 -1
  109. data/lib/puppet/provider/service/daemontools.rb +9 -9
  110. data/lib/puppet/provider/service/openbsd.rb +1 -1
  111. data/lib/puppet/provider/service/rcng.rb +2 -2
  112. data/lib/puppet/provider/service/runit.rb +2 -8
  113. data/lib/puppet/provider/service/systemd.rb +10 -10
  114. data/lib/puppet/provider/user/directoryservice.rb +1 -1
  115. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  116. data/lib/puppet/provider/user/useradd.rb +22 -13
  117. data/lib/puppet/provider/user/windows_adsi.rb +4 -5
  118. data/lib/puppet/reference/indirection.rb +2 -2
  119. data/lib/puppet/reference/metaparameter.rb +1 -3
  120. data/lib/puppet/reference/providers.rb +1 -1
  121. data/lib/puppet/reference/type.rb +3 -9
  122. data/lib/puppet/reports.rb +1 -1
  123. data/lib/puppet/resource.rb +1 -1
  124. data/lib/puppet/resource/catalog.rb +1 -1
  125. data/lib/puppet/rest/errors.rb +1 -0
  126. data/lib/puppet/rest/response.rb +1 -0
  127. data/lib/puppet/rest/route.rb +1 -0
  128. data/lib/puppet/rest/routes.rb +3 -0
  129. data/lib/puppet/runtime.rb +25 -0
  130. data/lib/puppet/settings.rb +3 -3
  131. data/lib/puppet/settings/environment_conf.rb +1 -0
  132. data/lib/puppet/ssl/host.rb +1 -1
  133. data/lib/puppet/ssl/oids.rb +1 -1
  134. data/lib/puppet/ssl/state_machine.rb +23 -15
  135. data/lib/puppet/test/test_helper.rb +1 -1
  136. data/lib/puppet/transaction/report.rb +1 -1
  137. data/lib/puppet/trusted_external.rb +13 -0
  138. data/lib/puppet/type.rb +1 -3
  139. data/lib/puppet/type/exec.rb +7 -3
  140. data/lib/puppet/type/file.rb +1 -2
  141. data/lib/puppet/type/file/source.rb +2 -2
  142. data/lib/puppet/type/package.rb +10 -3
  143. data/lib/puppet/type/schedule.rb +1 -1
  144. data/lib/puppet/type/service.rb +1 -1
  145. data/lib/puppet/util.rb +2 -2
  146. data/lib/puppet/util/command_line/trollop.rb +1 -1
  147. data/lib/puppet/util/http_proxy.rb +2 -10
  148. data/lib/puppet/util/log.rb +2 -2
  149. data/lib/puppet/util/log/destinations.rb +2 -2
  150. data/lib/puppet/util/logging.rb +2 -2
  151. data/lib/puppet/util/metric.rb +2 -2
  152. data/lib/puppet/util/platform.rb +15 -4
  153. data/lib/puppet/util/provider_features.rb +2 -4
  154. data/lib/puppet/util/rdoc.rb +1 -1
  155. data/lib/puppet/util/reference.rb +1 -1
  156. data/lib/puppet/util/resource_template.rb +1 -1
  157. data/lib/puppet/util/selinux.rb +3 -1
  158. data/lib/puppet/util/windows/registry.rb +7 -5
  159. data/lib/puppet/vendor.rb +1 -1
  160. data/lib/puppet/vendor/require_vendored.rb +0 -1
  161. data/lib/puppet/version.rb +1 -1
  162. data/lib/puppet/x509/cert_provider.rb +4 -1
  163. data/locales/puppet.pot +279 -203
  164. data/man/man5/puppet.conf.5 +30 -8
  165. data/man/man8/puppet-agent.8 +4 -1
  166. data/man/man8/puppet-apply.8 +1 -1
  167. data/man/man8/puppet-catalog.8 +1 -1
  168. data/man/man8/puppet-config.8 +1 -1
  169. data/man/man8/puppet-describe.8 +1 -1
  170. data/man/man8/puppet-device.8 +1 -1
  171. data/man/man8/puppet-doc.8 +1 -1
  172. data/man/man8/puppet-epp.8 +1 -1
  173. data/man/man8/puppet-facts.8 +1 -1
  174. data/man/man8/puppet-filebucket.8 +1 -1
  175. data/man/man8/puppet-generate.8 +1 -1
  176. data/man/man8/puppet-help.8 +1 -1
  177. data/man/man8/puppet-key.8 +1 -1
  178. data/man/man8/puppet-lookup.8 +1 -1
  179. data/man/man8/puppet-man.8 +1 -1
  180. data/man/man8/puppet-module.8 +1 -1
  181. data/man/man8/puppet-node.8 +1 -1
  182. data/man/man8/puppet-parser.8 +1 -1
  183. data/man/man8/puppet-plugin.8 +1 -1
  184. data/man/man8/puppet-report.8 +1 -1
  185. data/man/man8/puppet-resource.8 +1 -1
  186. data/man/man8/puppet-script.8 +1 -1
  187. data/man/man8/puppet-ssl.8 +1 -1
  188. data/man/man8/puppet-status.8 +1 -1
  189. data/man/man8/puppet.8 +2 -2
  190. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list-installed.txt +11 -0
  191. data/spec/integration/configurer_spec.rb +52 -0
  192. data/spec/lib/puppet/certificate_factory.rb +2 -2
  193. data/spec/spec_helper.rb +24 -0
  194. data/spec/unit/application/device_spec.rb +6 -0
  195. data/spec/unit/application/ssl_spec.rb +4 -7
  196. data/spec/unit/configurer_spec.rb +1 -0
  197. data/spec/unit/context/trusted_information_spec.rb +41 -2
  198. data/spec/unit/http/client_spec.rb +440 -0
  199. data/spec/unit/http/resolver_spec.rb +45 -0
  200. data/spec/unit/http/service/ca_spec.rb +106 -0
  201. data/spec/unit/http/service_spec.rb +32 -0
  202. data/spec/unit/http/session_spec.rb +102 -0
  203. data/spec/unit/indirector/resource/ral_spec.rb +4 -4
  204. data/spec/unit/network/http/connection_spec.rb +119 -145
  205. data/spec/unit/network/http/site_spec.rb +7 -0
  206. data/spec/unit/parser/scope_spec.rb +10 -0
  207. data/spec/unit/pops/loaders/loaders_spec.rb +13 -2
  208. data/spec/unit/pops/loaders/module_loaders_spec.rb +37 -0
  209. data/spec/unit/provider/exec_spec.rb +209 -0
  210. data/spec/unit/provider/package/dnfmodule_spec.rb +186 -0
  211. data/spec/unit/provider/package/dpkg_spec.rb +238 -78
  212. data/spec/unit/provider/package/pip_spec.rb +51 -6
  213. data/spec/unit/provider/service/daemontools_spec.rb +24 -0
  214. data/spec/unit/provider/service/runit_spec.rb +24 -0
  215. data/spec/unit/provider/service/systemd_spec.rb +25 -25
  216. data/spec/unit/provider/user/useradd_spec.rb +46 -0
  217. data/spec/unit/ssl/host_spec.rb +0 -5
  218. data/spec/unit/ssl/state_machine_spec.rb +16 -10
  219. data/spec/unit/type/exec_spec.rb +6 -12
  220. data/spec/unit/type/file_spec.rb +9 -4
  221. data/spec/unit/type/package_spec.rb +5 -0
  222. data/spec/unit/util/execution_spec.rb +16 -0
  223. data/spec/unit/util/http_proxy_spec.rb +79 -27
  224. data/spec/unit/util/log/destinations_spec.rb +7 -3
  225. metadata +45 -22
  226. data/lib/puppet/pops/loader/null_loader.rb +0 -60
  227. data/lib/puppet/vendor/deep_merge/CHANGELOG +0 -45
  228. data/lib/puppet/vendor/deep_merge/Gemfile +0 -3
  229. data/lib/puppet/vendor/deep_merge/LICENSE +0 -21
  230. data/lib/puppet/vendor/deep_merge/PUPPET_README.md +0 -6
  231. data/lib/puppet/vendor/deep_merge/README.md +0 -113
  232. data/lib/puppet/vendor/deep_merge/Rakefile +0 -19
  233. data/lib/puppet/vendor/deep_merge/deep_merge.gemspec +0 -35
  234. data/lib/puppet/vendor/deep_merge/lib/deep_merge.rb +0 -2
  235. data/lib/puppet/vendor/deep_merge/lib/deep_merge/core.rb +0 -210
  236. data/lib/puppet/vendor/deep_merge/lib/deep_merge/deep_merge_hash.rb +0 -28
  237. data/lib/puppet/vendor/deep_merge/lib/deep_merge/rails_compat.rb +0 -27
  238. data/lib/puppet/vendor/deep_merge/test/test_deep_merge.rb +0 -608
  239. data/lib/puppet/vendor/load_deep_merge.rb +0 -1
  240. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +0 -24
  241. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +0 -24
  242. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +0 -24
@@ -1,3 +1,4 @@
1
+ # @deprecated Use {Puppet::HTTP::Client} instead.
1
2
  module Puppet::Rest
2
3
  class ResponseError < Puppet::Error
3
4
  attr_reader :response
@@ -1,3 +1,4 @@
1
+ # @deprecated Use {Puppet::HTTP::Client} instead.
1
2
  module Puppet::Rest
2
3
  # This is a wrapper for the HTTP::Message class of the HTTPClient
3
4
  # gem. It is designed to wrap a message sent as an HTTP response.
@@ -1,6 +1,7 @@
1
1
  require 'uri'
2
2
  require 'puppet/util/connection'
3
3
 
4
+ # @deprecated Use {Puppet::HTTP::Client} instead.
4
5
  module Puppet::Rest
5
6
  class Route
6
7
  attr_reader :server
@@ -3,6 +3,7 @@ require 'puppet/rest/route'
3
3
  require 'puppet/network/http_pool'
4
4
  require 'puppet/network/http/compression'
5
5
 
6
+ # @deprecated Use {Puppet::HTTP::Client} instead.
6
7
  module Puppet::Rest
7
8
  module Routes
8
9
  extend Puppet::Network::HTTP::Compression.module
@@ -10,6 +11,8 @@ module Puppet::Rest
10
11
  ACCEPT_ENCODING = 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3'
11
12
 
12
13
  def self.ca
14
+ Puppet.deprecation_warning("Puppet::Rest::Routes is deprecated, use Puppet::HTTP::Client instead")
15
+
13
16
  @ca ||= Route.new(api: '/puppet-ca/v1/',
14
17
  server_setting: :ca_server,
15
18
  port_setting: :ca_port,
@@ -0,0 +1,25 @@
1
+ require 'puppet/http'
2
+
3
+ class Puppet::Runtime
4
+ include Singleton
5
+
6
+ def initialize
7
+ @runtime_services = {}
8
+ end
9
+ private :initialize
10
+
11
+ def [](name)
12
+ service = @runtime_services[name]
13
+ raise ArgumentError, "Unknown service #{name}" unless service
14
+
15
+ if service.is_a?(Proc)
16
+ @runtime_services[name] = service.call
17
+ else
18
+ service
19
+ end
20
+ end
21
+
22
+ def []=(name, impl)
23
+ @runtime_services[name] = impl
24
+ end
25
+ end
@@ -1242,10 +1242,10 @@ Generated on #{Time.now}.
1242
1242
  if !Puppet::FileSystem.symlink?(configured_environment_path)
1243
1243
  parameters = { :ensure => 'directory' }
1244
1244
  unless Puppet::FileSystem.exist?(configured_environment_path)
1245
- parameters.merge!(:mode => '0750')
1245
+ parameters[:mode] = '0750'
1246
1246
  if Puppet.features.root?
1247
- parameters.merge!(:owner => Puppet[:user]) if service_user_available?
1248
- parameters.merge!(:group => Puppet[:group]) if service_group_available?
1247
+ parameters[:owner] = Puppet[:user] if service_user_available?
1248
+ parameters[:group] = Puppet[:group] if service_group_available?
1249
1249
  end
1250
1250
  end
1251
1251
  catalog.add_resource(Puppet::Resource.new(:file, configured_environment_path, :parameters => parameters))
@@ -159,6 +159,7 @@ class Puppet::Settings::EnvironmentConf
159
159
 
160
160
  return valid
161
161
  end
162
+ private_class_method :validate
162
163
 
163
164
  def get_setting(setting_name, default = nil)
164
165
  value = raw_setting(setting_name)
@@ -279,7 +279,7 @@ ERROR_STRING
279
279
  exit(1)
280
280
  end
281
281
 
282
- while true
282
+ loop do
283
283
  sleep time
284
284
  begin
285
285
  break if certificate
@@ -101,7 +101,7 @@ module Puppet::SSL::Oids
101
101
  # shortname: 'myothershortname'
102
102
  # longname: 'Other Long name'
103
103
  def self.parse_custom_oid_file(custom_oid_file, map_key='oid_mapping')
104
- if File.exists?(custom_oid_file) && File.readable?(custom_oid_file)
104
+ if File.exist?(custom_oid_file) && File.readable?(custom_oid_file)
105
105
  mapping = nil
106
106
  begin
107
107
  mapping = Puppet::Util::Yaml.safe_load_file(custom_oid_file, [Symbol])
@@ -44,7 +44,8 @@ class Puppet::SSL::StateMachine
44
44
  if cacerts
45
45
  next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
46
46
  else
47
- pem = Puppet::Rest::Routes.get_certificate(Puppet::SSL::CA_NAME, @ssl_context)
47
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
48
+ pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
48
49
  if @machine.ca_fingerprint
49
50
  actual_digest = Puppet::SSL::Digest.new(@machine.digest, pem).to_hex
50
51
  expected_digest = @machine.ca_fingerprint.scan(/../).join(':').upcase
@@ -66,8 +67,8 @@ class Puppet::SSL::StateMachine
66
67
  NeedCRLs.new(@machine, next_ctx)
67
68
  rescue OpenSSL::X509::CertificateError => e
68
69
  Error.new(@machine, e.message, e)
69
- rescue Puppet::Rest::ResponseError => e
70
- if e.response.code.to_i == 404
70
+ rescue Puppet::HTTP::ResponseError => e
71
+ if e.response.code == 404
71
72
  to_error(_('CA certificate is missing from the server'), e)
72
73
  else
73
74
  to_error(_('Could not download CA certificate: %{message}') % { message: e.message }, e)
@@ -112,8 +113,8 @@ class Puppet::SSL::StateMachine
112
113
  NeedKey.new(@machine, next_ctx)
113
114
  rescue OpenSSL::X509::CRLError => e
114
115
  Error.new(@machine, e.message, e)
115
- rescue Puppet::Rest::ResponseError => e
116
- if e.response.code.to_i == 404
116
+ rescue Puppet::HTTP::ResponseError => e
117
+ if e.response.code == 404
117
118
  to_error(_('CRL is missing from the server'), e)
118
119
  else
119
120
  to_error(_('Could not download CRLs: %{message}') % { message: e.message }, e)
@@ -127,8 +128,8 @@ class Puppet::SSL::StateMachine
127
128
 
128
129
  # return the next_ctx containing the updated crl
129
130
  download_crl(ssl_ctx, last_update)
130
- rescue Puppet::Rest::ResponseError => e
131
- if e.response.code.to_i == 304
131
+ rescue Puppet::HTTP::ResponseError => e
132
+ if e.response.code == 304
132
133
  Puppet.info(_("CRL is unmodified, using existing CRL"))
133
134
  else
134
135
  Puppet.info(_("Failed to refresh CRL, using existing CRL: %{message}") % {message: e.message})
@@ -136,7 +137,7 @@ class Puppet::SSL::StateMachine
136
137
 
137
138
  # return the original ssl_ctx
138
139
  ssl_ctx
139
- rescue SystemCallError => e
140
+ rescue Puppet::HTTP::HTTPError => e
140
141
  Puppet.warning(_("Failed to refresh CRL, using existing CRL: %{message}") % {message: e.message})
141
142
 
142
143
  # return the original ssl_ctx
@@ -144,7 +145,8 @@ class Puppet::SSL::StateMachine
144
145
  end
145
146
 
146
147
  def download_crl(ssl_ctx, last_update)
147
- pem = Puppet::Rest::Routes.get_crls(Puppet::SSL::CA_NAME, ssl_ctx, if_modified_since: last_update)
148
+ route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
149
+ pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
148
150
  crls = @cert_provider.load_crls_from_pem(pem)
149
151
  # verify crls before saving
150
152
  next_ctx = @ssl_provider.create_root_context(cacerts: ssl_ctx[:cacerts], crls: crls)
@@ -211,11 +213,12 @@ class Puppet::SSL::StateMachine
211
213
  Puppet.debug(_("Generating and submitting a CSR"))
212
214
 
213
215
  csr = @cert_provider.create_request(Puppet[:certname], @private_key)
214
- Puppet::Rest::Routes.put_certificate_request(csr.to_pem, Puppet[:certname], @ssl_context)
216
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
217
+ route.put_certificate_request(Puppet[:certname], csr, ssl_context: @ssl_context)
215
218
  @cert_provider.save_request(Puppet[:certname], csr)
216
219
  NeedCert.new(@machine, @ssl_context, @private_key)
217
- rescue Puppet::Rest::ResponseError => e
218
- if e.response.code.to_i == 400
220
+ rescue Puppet::HTTP::ResponseError => e
221
+ if e.response.code == 400
219
222
  NeedCert.new(@machine, @ssl_context, @private_key)
220
223
  else
221
224
  to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
@@ -229,9 +232,11 @@ class Puppet::SSL::StateMachine
229
232
  def next_state
230
233
  Puppet.debug(_("Downloading client certificate"))
231
234
 
235
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
232
236
  cert = OpenSSL::X509::Certificate.new(
233
- Puppet::Rest::Routes.get_certificate(Puppet[:certname], @ssl_context)
237
+ route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)
234
238
  )
239
+ Puppet.info _("Downloaded certificate for %{name} from %{url}") % { name: Puppet[:certname], url: route.url }
235
240
  # verify client cert before saving
236
241
  next_ctx = @ssl_provider.create_context(
237
242
  cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: @private_key, client_cert: cert
@@ -243,8 +248,8 @@ class Puppet::SSL::StateMachine
243
248
  Error.new(@machine, e.message, e)
244
249
  rescue OpenSSL::X509::CertificateError => e
245
250
  Error.new(@machine, _("Failed to parse certificate: %{message}") % {message: e.message}, e)
246
- rescue Puppet::Rest::ResponseError => e
247
- if e.response.code.to_i == 404
251
+ rescue Puppet::HTTP::ResponseError => e
252
+ if e.response.code == 404
248
253
  Puppet.info(_("Certificate for %{certname} has not been signed yet") % {certname: Puppet[:certname]})
249
254
  $stdout.puts _("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}).") % { name: Puppet[:certname] }
250
255
  Wait.new(@machine)
@@ -277,6 +282,7 @@ class Puppet::SSL::StateMachine
277
282
 
278
283
  # our ssl directory may have been cleaned while we were
279
284
  # sleeping, start over from the top
285
+ @machine.session = Puppet.runtime['http'].create_session
280
286
  NeedCACerts.new(@machine)
281
287
  end
282
288
  end
@@ -305,6 +311,7 @@ class Puppet::SSL::StateMachine
305
311
  class Done < SSLState; end
306
312
 
307
313
  attr_reader :waitforcert, :wait_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
314
+ attr_accessor :session
308
315
 
309
316
  # Construct a state machine to manage the SSL initialization process. By
310
317
  # default, if the state machine encounters an exception, it will log the
@@ -343,6 +350,7 @@ class Puppet::SSL::StateMachine
343
350
  @lockfile = lockfile
344
351
  @digest = digest
345
352
  @ca_fingerprint = ca_fingerprint
353
+ @session = Puppet.runtime['http'].create_session
346
354
  end
347
355
 
348
356
  # Run the state machine for CA certs and CRLs.
@@ -135,7 +135,7 @@ module Puppet::Test
135
135
  Puppet.push_context(
136
136
  {
137
137
  trusted_information:
138
- Puppet::Context::TrustedInformation.new('local', 'testing', {}),
138
+ Puppet::Context::TrustedInformation.new('local', 'testing', {}, { "trusted_testhelper" => true }),
139
139
  ssl_context: Puppet::SSL::SSLContext.new(cacerts: []).freeze
140
140
  },
141
141
  "Context for specs")
@@ -346,7 +346,7 @@ class Puppet::Transaction::Report
346
346
  report = raw_summary
347
347
 
348
348
  ret = ""
349
- report.keys.sort { |a,b| a.to_s <=> b.to_s }.each do |key|
349
+ report.keys.sort_by(&:to_s).each do |key|
350
350
  ret += "#{Puppet::Util::Metric.labelize(key)}:\n"
351
351
 
352
352
  report[key].keys.sort { |a,b|
@@ -0,0 +1,13 @@
1
+ # A method for retrieving external trusted facts
2
+ module Puppet::TrustedExternal
3
+ def retrieve(certname)
4
+ command = Puppet[:trusted_external_command]
5
+ return nil unless command
6
+ result = Puppet::Util::Execution.execute([command, certname], {
7
+ :combine => false,
8
+ :failonfail => true,
9
+ })
10
+ JSON.parse(result)
11
+ end
12
+ module_function :retrieve
13
+ end
data/lib/puppet/type.rb CHANGED
@@ -1952,9 +1952,7 @@ end
1952
1952
  # Since we're mixing @doc with text from other sources, we must normalize
1953
1953
  # its indentation with scrub. But we don't need to manually scrub the
1954
1954
  # provider's doc string, since markdown_definitionlist sanitizes its inputs.
1955
- scrub(@doc) + "Available providers are:\n\n" + parenttype.providers.sort { |a,b|
1956
- a.to_s <=> b.to_s
1957
- }.collect { |i|
1955
+ scrub(@doc) + "Available providers are:\n\n" + parenttype.providers.sort_by(&:to_s).collect { |i|
1958
1956
  markdown_definitionlist( i, scrub(parenttype().provider(i).doc) )
1959
1957
  }.join
1960
1958
  end
@@ -165,9 +165,13 @@ module Puppet
165
165
  end
166
166
  end
167
167
  unless log == :false
168
- @output.split(/\n/).each { |line|
169
- self.send(log, line)
170
- }
168
+ if @resource.parameter(:command).sensitive
169
+ self.send(log, "[output redacted]")
170
+ else
171
+ @output.split(/\n/).each { |line|
172
+ self.send(log, line)
173
+ }
174
+ end
171
175
  end
172
176
  end
173
177
 
@@ -605,8 +605,7 @@ Puppet::Type.newtype(:file) do
605
605
  # remote system.
606
606
  mark_children_for_purging(children) if self.purge?
607
607
 
608
- # REVISIT: sort_by is more efficient?
609
- result = children.values.sort { |a, b| a[:path] <=> b[:path] }
608
+ result = children.values.sort_by { |a| a[:path] }
610
609
  remove_less_specific_files(result)
611
610
  end
612
611
 
@@ -220,11 +220,11 @@ module Puppet
220
220
  end
221
221
 
222
222
  def server?
223
- uri and uri.host
223
+ uri && uri.host && !uri.host.empty?
224
224
  end
225
225
 
226
226
  def server
227
- (uri and uri.host) or Puppet.settings[:server]
227
+ server? ? uri.host : Puppet.settings[:server]
228
228
  end
229
229
 
230
230
  def port
@@ -485,8 +485,8 @@ module Puppet
485
485
  end
486
486
 
487
487
  newparam(:flavor) do
488
- desc "OpenBSD supports 'flavors', which are further specifications for
489
- which type of package you want."
488
+ desc "OpenBSD and DNF modules support 'flavors', which are
489
+ further specifications for which type of package you want."
490
490
  end
491
491
 
492
492
  newparam(:install_only, :boolean => false, :parent => Puppet::Parameter::Boolean, :required_features => :install_only) do
@@ -548,7 +548,14 @@ module Puppet
548
548
  newparam(:allow_virtual, :boolean => true, :parent => Puppet::Parameter::Boolean, :required_features => :virtual_packages) do
549
549
  desc 'Specifies if virtual package names are allowed for install and uninstall.'
550
550
 
551
- defaultto true
551
+ defaultto do
552
+ provider_class = provider.class
553
+ if provider_class.respond_to?(:defaultto_allow_virtual)
554
+ provider_class.defaultto_allow_virtual
555
+ else
556
+ true
557
+ end
558
+ end
552
559
  end
553
560
 
554
561
  autorequire(:file) do
@@ -338,7 +338,7 @@ module Puppet
338
338
  end
339
339
 
340
340
  def weekday_integer?(value)
341
- value.is_a?(Integer) && (0..6).include?(value)
341
+ value.is_a?(Integer) && (0..6).cover?(value)
342
342
  end
343
343
 
344
344
  def weekday_string?(value)
@@ -231,7 +231,7 @@ module Puppet
231
231
  desc "The control variable used to manage services (originally for HP-UX).
232
232
  Defaults to the upcased service name plus `START` replacing dots with
233
233
  underscores, for those providers that support the `controllable` feature."
234
- defaultto { resource.name.gsub(".","_").upcase + "_START" if resource.provider.controllable? }
234
+ defaultto { resource.name.tr(".","_").upcase + "_START" if resource.provider.controllable? }
235
235
  end
236
236
 
237
237
  newparam :hasrestart do
data/lib/puppet/util.rb CHANGED
@@ -324,7 +324,7 @@ module Util
324
324
  params = { :scheme => 'file' }
325
325
 
326
326
  if Puppet::Util::Platform.windows?
327
- path = path.gsub(/\\/, '/')
327
+ path = path.tr('\\', '/')
328
328
 
329
329
  unc = /^\/\/([^\/]+)(\/.+)/.match(path)
330
330
  if unc
@@ -359,7 +359,7 @@ module Util
359
359
  path = URI.unescape(uri.path.encode(Encoding::UTF_8))
360
360
 
361
361
  if Puppet::Util::Platform.windows? && uri.scheme == 'file'
362
- if uri.host
362
+ if uri.host && !uri.host.empty?
363
363
  path = "//#{uri.host}" + path # UNC
364
364
  else
365
365
  path.sub!(/^\//, '')
@@ -215,7 +215,7 @@ class Parser
215
215
  opts[:type] = opts[:type] || type_from_default || :flag
216
216
 
217
217
  ## fill in :long
218
- opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.gsub("_", "-")
218
+ opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.tr("_", "-")
219
219
  opts[:long] =
220
220
  case opts[:long]
221
221
  when /^--([^-].*)$/
@@ -1,6 +1,6 @@
1
1
  require 'uri'
2
2
  require 'puppet/ssl/openssl_loader'
3
- require 'puppet/network/http'
3
+ require 'puppet/http'
4
4
 
5
5
  module Puppet::Util::HttpProxy
6
6
  def self.proxy(uri)
@@ -52,14 +52,6 @@ module Puppet::Util::HttpProxy
52
52
  host, port = d.split(':')
53
53
  host = Regexp.escape(host).gsub('\*', '.*')
54
54
 
55
- #If the host of this no_proxy value starts with '.', this entry is
56
- #a domain level entry. Don't pin the regex to the beginning of the entry.
57
- #If it does not start with a '.' then it is a host specific entry and
58
- #should be matched to the destination starting at the beginning.
59
- unless host =~ /^\\\./
60
- host = "^#{host}"
61
- end
62
-
63
55
  #If this no_proxy entry specifies a port, we want to match it against
64
56
  #the destination port. Otherwise just match hosts.
65
57
  if port
@@ -195,7 +187,7 @@ module Puppet::Util::HttpProxy
195
187
 
196
188
  headers = { 'Accept' => '*/*', 'User-Agent' => Puppet[:http_user_agent] }
197
189
  if Puppet.features.zlib?
198
- headers.merge!({"Accept-Encoding" => Puppet::Network::HTTP::Compression::ACCEPT_ENCODING})
190
+ headers["Accept-Encoding"] = Puppet::HTTP::ACCEPT_ENCODING
199
191
  end
200
192
 
201
193
  response = proxy.send(:head, current_uri, headers)
@@ -175,7 +175,7 @@ class Puppet::Util::Log
175
175
  # We only select the last 10 callers in the stack to avoid being spammy
176
176
  message = _("Received a Log attribute with invalid encoding:%{log_message}") %
177
177
  { log_message: Puppet::Util::CharacterEncoding.convert_to_utf_8(str.dump)}
178
- message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller[0..10].join("\n") }
178
+ message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller(1, 10).join("\n") }
179
179
  message
180
180
  end
181
181
  private_class_method :coerce_string
@@ -395,7 +395,7 @@ class Puppet::Util::Log
395
395
  end
396
396
 
397
397
  def to_report
398
- "#{time} #{source} (#{level}): #{to_s}"
398
+ "#{time} #{source} (#{level}): #{self}"
399
399
  end
400
400
 
401
401
  def to_s