puppet 6.11.1-x64-mingw32 → 6.16.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (395) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +3 -8
  3. data/CONTRIBUTING.md +7 -13
  4. data/Gemfile +1 -0
  5. data/Gemfile.lock +39 -36
  6. data/README.md +17 -24
  7. data/ext/build_defaults.yaml +1 -0
  8. data/ext/project_data.yaml +1 -1
  9. data/ext/windows/service/daemon.rb +25 -20
  10. data/lib/puppet.rb +52 -13
  11. data/lib/puppet/agent.rb +20 -14
  12. data/lib/puppet/application/agent.rb +12 -14
  13. data/lib/puppet/application/describe.rb +7 -5
  14. data/lib/puppet/application/device.rb +2 -2
  15. data/lib/puppet/application/filebucket.rb +19 -15
  16. data/lib/puppet/application/plugin.rb +1 -0
  17. data/lib/puppet/application/resource.rb +1 -1
  18. data/lib/puppet/application/ssl.rb +4 -4
  19. data/lib/puppet/concurrent.rb +2 -0
  20. data/lib/puppet/concurrent/lock.rb +16 -0
  21. data/lib/puppet/concurrent/synchronized.rb +15 -0
  22. data/lib/puppet/concurrent/thread_local_singleton.rb +14 -0
  23. data/lib/puppet/configurer.rb +85 -83
  24. data/lib/puppet/configurer/plugin_handler.rb +10 -1
  25. data/lib/puppet/context/trusted_information.rb +14 -8
  26. data/lib/puppet/daemon.rb +13 -27
  27. data/lib/puppet/defaults.rb +158 -40
  28. data/lib/puppet/environments.rb +30 -20
  29. data/lib/puppet/error.rb +9 -1
  30. data/lib/puppet/face/facts.rb +8 -5
  31. data/lib/puppet/face/help.rb +29 -3
  32. data/lib/puppet/face/module/search.rb +5 -0
  33. data/lib/puppet/face/plugin.rb +2 -2
  34. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  35. data/lib/puppet/file_system/file_impl.rb +13 -9
  36. data/lib/puppet/file_system/memory_file.rb +6 -0
  37. data/lib/puppet/file_system/memory_impl.rb +13 -0
  38. data/lib/puppet/file_system/uniquefile.rb +4 -0
  39. data/lib/puppet/file_system/windows.rb +7 -10
  40. data/lib/puppet/forge.rb +3 -3
  41. data/lib/puppet/forge/errors.rb +2 -2
  42. data/lib/puppet/forge/repository.rb +31 -86
  43. data/lib/puppet/functions/call.rb +1 -1
  44. data/lib/puppet/functions/camelcase.rb +2 -2
  45. data/lib/puppet/functions/epp.rb +4 -4
  46. data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
  47. data/lib/puppet/functions/filter.rb +1 -0
  48. data/lib/puppet/functions/find_file.rb +9 -9
  49. data/lib/puppet/functions/find_template.rb +63 -0
  50. data/lib/puppet/functions/inline_epp.rb +5 -5
  51. data/lib/puppet/functions/reduce.rb +2 -4
  52. data/lib/puppet/http.rb +7 -0
  53. data/lib/puppet/http/client.rb +341 -54
  54. data/lib/puppet/http/errors.rb +2 -0
  55. data/lib/puppet/http/external_client.rb +90 -0
  56. data/lib/puppet/http/redirector.rb +34 -0
  57. data/lib/puppet/http/resolver.rb +57 -1
  58. data/lib/puppet/http/resolver/server_list.rb +98 -0
  59. data/lib/puppet/http/resolver/settings.rb +23 -2
  60. data/lib/puppet/http/resolver/srv.rb +36 -4
  61. data/lib/puppet/http/response.rb +68 -1
  62. data/lib/puppet/http/retry_after_handler.rb +39 -0
  63. data/lib/puppet/http/service.rb +179 -3
  64. data/lib/puppet/http/service/ca.rb +84 -21
  65. data/lib/puppet/http/service/compiler.rb +319 -0
  66. data/lib/puppet/http/service/file_server.rb +206 -0
  67. data/lib/puppet/http/service/report.rb +66 -0
  68. data/lib/puppet/http/session.rb +106 -31
  69. data/lib/puppet/indirector/catalog/compiler.rb +10 -0
  70. data/lib/puppet/indirector/catalog/rest.rb +34 -0
  71. data/lib/puppet/indirector/facts/rest.rb +42 -0
  72. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  73. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  74. data/lib/puppet/indirector/file_content/http.rb +5 -0
  75. data/lib/puppet/indirector/file_content/rest.rb +30 -0
  76. data/lib/puppet/indirector/file_metadata/http.rb +4 -4
  77. data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
  78. data/lib/puppet/indirector/json.rb +1 -1
  79. data/lib/puppet/indirector/msgpack.rb +1 -1
  80. data/lib/puppet/indirector/node/rest.rb +24 -0
  81. data/lib/puppet/indirector/report/rest.rb +19 -0
  82. data/lib/puppet/indirector/report/yaml.rb +23 -0
  83. data/lib/puppet/indirector/rest.rb +12 -0
  84. data/lib/puppet/indirector/status/rest.rb +18 -0
  85. data/lib/puppet/loaders.rb +6 -0
  86. data/lib/puppet/metatype/manager.rb +80 -80
  87. data/lib/puppet/network/http/base_pool.rb +19 -1
  88. data/lib/puppet/network/http/compression.rb +7 -0
  89. data/lib/puppet/network/http/connection.rb +6 -0
  90. data/lib/puppet/network/http/connection_adapter.rb +182 -0
  91. data/lib/puppet/network/http/nocache_pool.rb +2 -0
  92. data/lib/puppet/network/http/pool.rb +13 -6
  93. data/lib/puppet/network/http_pool.rb +2 -1
  94. data/lib/puppet/node/environment.rb +24 -8
  95. data/lib/puppet/pal/catalog_compiler.rb +5 -0
  96. data/lib/puppet/pal/pal_impl.rb +9 -29
  97. data/lib/puppet/parser/ast/pops_bridge.rb +6 -11
  98. data/lib/puppet/parser/compiler.rb +42 -32
  99. data/lib/puppet/parser/functions.rb +18 -13
  100. data/lib/puppet/parser/functions/epp.rb +3 -3
  101. data/lib/puppet/parser/functions/filter.rb +1 -0
  102. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  103. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  104. data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
  105. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  106. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
  107. data/lib/puppet/pops/loaders.rb +7 -5
  108. data/lib/puppet/pops/lookup/invocation.rb +10 -3
  109. data/lib/puppet/pops/model/pn_transformer.rb +5 -9
  110. data/lib/puppet/pops/parser/evaluating_parser.rb +8 -11
  111. data/lib/puppet/pops/serialization/json_path.rb +3 -3
  112. data/lib/puppet/pops/time/timespan.rb +3 -5
  113. data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
  114. data/lib/puppet/pops/types/string_converter.rb +6 -9
  115. data/lib/puppet/pops/types/type_calculator.rb +30 -10
  116. data/lib/puppet/pops/types/type_formatter.rb +9 -11
  117. data/lib/puppet/pops/types/type_parser.rb +3 -3
  118. data/lib/puppet/pops/validation/checker4_0.rb +1 -1
  119. data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
  120. data/lib/puppet/provider/aix_object.rb +4 -2
  121. data/lib/puppet/provider/group/aix.rb +1 -0
  122. data/lib/puppet/provider/group/groupadd.rb +57 -24
  123. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  124. data/lib/puppet/provider/package/aix.rb +17 -2
  125. data/lib/puppet/provider/package/apt.rb +78 -4
  126. data/lib/puppet/provider/package/dnfmodule.rb +69 -15
  127. data/lib/puppet/provider/package/dpkg.rb +14 -7
  128. data/lib/puppet/provider/package/fink.rb +20 -3
  129. data/lib/puppet/provider/package/gem.rb +41 -7
  130. data/lib/puppet/provider/package/openbsd.rb +13 -1
  131. data/lib/puppet/provider/package/pacman.rb +2 -5
  132. data/lib/puppet/provider/package/pip.rb +143 -48
  133. data/lib/puppet/provider/package/pip3.rb +0 -2
  134. data/lib/puppet/provider/package/pkg.rb +18 -5
  135. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  136. data/lib/puppet/provider/package/pkgng.rb +16 -4
  137. data/lib/puppet/provider/package/portage.rb +5 -5
  138. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  139. data/lib/puppet/provider/package/rpm.rb +6 -213
  140. data/lib/puppet/provider/package/yum.rb +108 -24
  141. data/lib/puppet/provider/package/zypper.rb +59 -1
  142. data/lib/puppet/provider/package_targetable.rb +5 -4
  143. data/lib/puppet/provider/service/systemd.rb +23 -5
  144. data/lib/puppet/provider/user/aix.rb +1 -0
  145. data/lib/puppet/provider/user/directoryservice.rb +30 -5
  146. data/lib/puppet/provider/user/hpux.rb +1 -1
  147. data/lib/puppet/provider/user/useradd.rb +11 -8
  148. data/lib/puppet/reports/http.rb +13 -9
  149. data/lib/puppet/reports/store.rb +1 -1
  150. data/lib/puppet/resource/type_collection.rb +20 -16
  151. data/lib/puppet/runtime.rb +32 -1
  152. data/lib/puppet/settings.rb +4 -0
  153. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  154. data/lib/puppet/ssl.rb +1 -0
  155. data/lib/puppet/ssl/certificate.rb +2 -1
  156. data/lib/puppet/ssl/host.rb +4 -4
  157. data/lib/puppet/ssl/oids.rb +1 -0
  158. data/lib/puppet/ssl/ssl_provider.rb +20 -0
  159. data/lib/puppet/ssl/state_machine.rb +81 -35
  160. data/lib/puppet/ssl/verifier_adapter.rb +9 -1
  161. data/lib/puppet/test/test_helper.rb +7 -1
  162. data/lib/puppet/transaction.rb +33 -11
  163. data/lib/puppet/transaction/report.rb +2 -2
  164. data/lib/puppet/transaction/resource_harness.rb +1 -1
  165. data/lib/puppet/type.rb +7 -2
  166. data/lib/puppet/type/file.rb +13 -0
  167. data/lib/puppet/type/file/data_sync.rb +5 -1
  168. data/lib/puppet/type/file/source.rb +49 -58
  169. data/lib/puppet/type/group.rb +5 -4
  170. data/lib/puppet/type/package.rb +102 -10
  171. data/lib/puppet/type/service.rb +6 -8
  172. data/lib/puppet/type/user.rb +6 -30
  173. data/lib/puppet/util.rb +34 -11
  174. data/lib/puppet/util/at_fork.rb +1 -1
  175. data/lib/puppet/util/autoload.rb +4 -18
  176. data/lib/puppet/util/instance_loader.rb +14 -10
  177. data/lib/puppet/util/log/destinations.rb +2 -11
  178. data/lib/puppet/util/logging.rb +30 -18
  179. data/lib/puppet/util/package/version/debian.rb +175 -0
  180. data/lib/puppet/util/package/version/gem.rb +15 -0
  181. data/lib/puppet/util/package/version/pip.rb +167 -0
  182. data/lib/puppet/util/package/version/range.rb +53 -0
  183. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  184. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  185. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  186. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  187. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  188. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  189. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  190. data/lib/puppet/util/package/version/rpm.rb +73 -0
  191. data/lib/puppet/util/pidlock.rb +36 -10
  192. data/lib/puppet/util/platform.rb +5 -0
  193. data/lib/puppet/util/plist.rb +6 -0
  194. data/lib/puppet/util/rpm_compare.rb +193 -0
  195. data/lib/puppet/util/storage.rb +0 -1
  196. data/lib/puppet/util/windows/adsi.rb +50 -20
  197. data/lib/puppet/util/windows/process.rb +15 -14
  198. data/lib/puppet/util/windows/security.rb +1 -0
  199. data/lib/puppet/util/windows/sid.rb +3 -3
  200. data/lib/puppet/util/yaml.rb +1 -1
  201. data/lib/puppet/version.rb +1 -1
  202. data/lib/puppet/x509/cert_provider.rb +9 -5
  203. data/locales/puppet.pot +640 -521
  204. data/man/man5/puppet.conf.5 +88 -9
  205. data/man/man8/puppet-agent.8 +6 -6
  206. data/man/man8/puppet-apply.8 +1 -1
  207. data/man/man8/puppet-catalog.8 +1 -1
  208. data/man/man8/puppet-config.8 +1 -1
  209. data/man/man8/puppet-describe.8 +1 -1
  210. data/man/man8/puppet-device.8 +2 -2
  211. data/man/man8/puppet-doc.8 +1 -1
  212. data/man/man8/puppet-epp.8 +1 -1
  213. data/man/man8/puppet-facts.8 +1 -1
  214. data/man/man8/puppet-filebucket.8 +17 -2
  215. data/man/man8/puppet-generate.8 +1 -1
  216. data/man/man8/puppet-help.8 +6 -3
  217. data/man/man8/puppet-key.8 +1 -1
  218. data/man/man8/puppet-lookup.8 +1 -1
  219. data/man/man8/puppet-man.8 +1 -1
  220. data/man/man8/puppet-module.8 +4 -1
  221. data/man/man8/puppet-node.8 +1 -1
  222. data/man/man8/puppet-parser.8 +1 -1
  223. data/man/man8/puppet-plugin.8 +1 -1
  224. data/man/man8/puppet-report.8 +1 -1
  225. data/man/man8/puppet-resource.8 +1 -1
  226. data/man/man8/puppet-script.8 +1 -1
  227. data/man/man8/puppet-ssl.8 +2 -2
  228. data/man/man8/puppet-status.8 +1 -1
  229. data/man/man8/puppet.8 +2 -2
  230. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  231. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  232. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  233. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  234. data/spec/fixtures/unit/forge/bacula.json +76 -0
  235. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
  236. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  237. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  238. data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
  239. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  240. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
  241. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
  242. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
  243. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
  244. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
  245. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
  246. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
  247. data/spec/integration/application/agent_spec.rb +394 -0
  248. data/spec/integration/application/apply_spec.rb +132 -3
  249. data/spec/integration/application/filebucket_spec.rb +190 -0
  250. data/spec/integration/application/plugin_spec.rb +73 -0
  251. data/spec/integration/configurer_spec.rb +26 -7
  252. data/spec/integration/http/client_spec.rb +154 -0
  253. data/spec/integration/indirector/facts/facter_spec.rb +4 -0
  254. data/spec/integration/indirector/report/yaml.rb +83 -0
  255. data/spec/integration/module_tool/forge_spec.rb +51 -0
  256. data/spec/integration/network/http_pool_spec.rb +76 -20
  257. data/spec/integration/node/environment_spec.rb +15 -0
  258. data/spec/integration/util/windows/adsi_spec.rb +6 -1
  259. data/spec/lib/puppet/test_ca.rb +2 -2
  260. data/spec/lib/puppet_spec/https.rb +20 -9
  261. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  262. data/spec/shared_contexts/https.rb +29 -0
  263. data/spec/spec_helper.rb +6 -2
  264. data/spec/unit/agent_spec.rb +80 -26
  265. data/spec/unit/application/agent_spec.rb +9 -5
  266. data/spec/unit/application/apply_spec.rb +2 -12
  267. data/spec/unit/application/describe_spec.rb +88 -50
  268. data/spec/unit/application/device_spec.rb +2 -2
  269. data/spec/unit/application/filebucket_spec.rb +22 -2
  270. data/spec/unit/application/resource_spec.rb +2 -2
  271. data/spec/unit/concurrent/lock_spec.rb +29 -0
  272. data/spec/unit/configurer/fact_handler_spec.rb +0 -4
  273. data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
  274. data/spec/unit/configurer_spec.rb +400 -406
  275. data/spec/unit/context/trusted_information_spec.rb +17 -0
  276. data/spec/unit/daemon_spec.rb +5 -64
  277. data/spec/unit/defaults_spec.rb +38 -4
  278. data/spec/unit/environments_spec.rb +65 -28
  279. data/spec/unit/face/facts_spec.rb +24 -20
  280. data/spec/unit/face/module/search_spec.rb +17 -0
  281. data/spec/unit/face/plugin_spec.rb +12 -10
  282. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  283. data/spec/unit/file_system_spec.rb +26 -2
  284. data/spec/unit/forge/errors_spec.rb +1 -1
  285. data/spec/unit/forge/forge_spec.rb +12 -54
  286. data/spec/unit/forge/module_release_spec.rb +19 -6
  287. data/spec/unit/forge/repository_spec.rb +63 -157
  288. data/spec/unit/forge_spec.rb +46 -116
  289. data/spec/unit/functions/find_template_spec.rb +69 -0
  290. data/spec/unit/functions/lookup_spec.rb +13 -0
  291. data/spec/unit/http/client_spec.rb +395 -27
  292. data/spec/unit/http/external_client_spec.rb +201 -0
  293. data/spec/unit/http/resolver_spec.rb +81 -12
  294. data/spec/unit/http/response_spec.rb +69 -0
  295. data/spec/unit/http/service/ca_spec.rb +100 -7
  296. data/spec/unit/http/service/compiler_spec.rb +627 -0
  297. data/spec/unit/http/service/file_server_spec.rb +308 -0
  298. data/spec/unit/http/service/report_spec.rb +118 -0
  299. data/spec/unit/http/service_spec.rb +117 -4
  300. data/spec/unit/http/session_spec.rb +237 -19
  301. data/spec/unit/indirector/catalog/compiler_spec.rb +47 -29
  302. data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
  303. data/spec/unit/indirector/facts/rest_spec.rb +79 -24
  304. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  305. data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
  306. data/spec/unit/indirector/file_metadata/http_spec.rb +167 -0
  307. data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
  308. data/spec/unit/indirector/node/rest_spec.rb +57 -2
  309. data/spec/unit/indirector/report/rest_spec.rb +58 -51
  310. data/spec/unit/indirector/resource/ral_spec.rb +7 -8
  311. data/spec/unit/indirector/rest_spec.rb +13 -0
  312. data/spec/unit/indirector/status/rest_spec.rb +43 -2
  313. data/spec/unit/network/http/connection_spec.rb +549 -176
  314. data/spec/unit/network/http/nocache_pool_spec.rb +25 -3
  315. data/spec/unit/network/http/pool_spec.rb +89 -11
  316. data/spec/unit/network/http_pool_spec.rb +63 -57
  317. data/spec/unit/network/http_spec.rb +1 -1
  318. data/spec/unit/node/environment_spec.rb +16 -0
  319. data/spec/unit/node/facts_spec.rb +2 -1
  320. data/spec/unit/node_spec.rb +7 -4
  321. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
  322. data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
  323. data/spec/unit/pops/validator/validator_spec.rb +7 -2
  324. data/spec/unit/provider/aix_object_spec.rb +16 -2
  325. data/spec/unit/provider/group/groupadd_spec.rb +181 -56
  326. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  327. data/spec/unit/provider/package/aix_spec.rb +29 -0
  328. data/spec/unit/provider/package/apt_spec.rb +43 -2
  329. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  330. data/spec/unit/provider/package/dnfmodule_spec.rb +76 -15
  331. data/spec/unit/provider/package/dpkg_spec.rb +28 -6
  332. data/spec/unit/provider/package/gem_spec.rb +40 -0
  333. data/spec/unit/provider/package/openbsd_spec.rb +17 -0
  334. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  335. data/spec/unit/provider/package/pip_spec.rb +68 -19
  336. data/spec/unit/provider/package/pkg_spec.rb +15 -1
  337. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  338. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  339. data/spec/unit/provider/package/portage_spec.rb +9 -4
  340. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  341. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  342. data/spec/unit/provider/package/yum_spec.rb +292 -0
  343. data/spec/unit/provider/package/zypper_spec.rb +84 -0
  344. data/spec/unit/provider/package_targetable_spec.rb +60 -0
  345. data/spec/unit/provider/service/init_spec.rb +1 -0
  346. data/spec/unit/provider/service/openbsd_spec.rb +9 -0
  347. data/spec/unit/provider/service/openwrt_spec.rb +1 -0
  348. data/spec/unit/provider/service/redhat_spec.rb +9 -0
  349. data/spec/unit/provider/service/systemd_spec.rb +92 -12
  350. data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
  351. data/spec/unit/provider/user/hpux_spec.rb +2 -2
  352. data/spec/unit/provider/user/useradd_spec.rb +21 -8
  353. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  354. data/spec/unit/puppet_pal_2pec.rb +0 -26
  355. data/spec/unit/puppet_pal_catalog_spec.rb +46 -0
  356. data/spec/unit/puppet_spec.rb +47 -0
  357. data/spec/unit/reports/http_spec.rb +70 -52
  358. data/spec/unit/settings/autosign_setting_spec.rb +1 -1
  359. data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
  360. data/spec/unit/ssl/certificate_spec.rb +7 -0
  361. data/spec/unit/ssl/host_spec.rb +4 -2
  362. data/spec/unit/ssl/oids_spec.rb +1 -0
  363. data/spec/unit/ssl/ssl_provider_spec.rb +71 -0
  364. data/spec/unit/ssl/state_machine_spec.rb +99 -13
  365. data/spec/unit/transaction/persistence_spec.rb +1 -10
  366. data/spec/unit/transaction/report_spec.rb +4 -0
  367. data/spec/unit/transaction_spec.rb +45 -1
  368. data/spec/unit/type/file/content_spec.rb +9 -3
  369. data/spec/unit/type/file/ensure_spec.rb +1 -2
  370. data/spec/unit/type/file/source_spec.rb +86 -35
  371. data/spec/unit/type/package_spec.rb +8 -0
  372. data/spec/unit/type/service_spec.rb +9 -8
  373. data/spec/unit/type/user_spec.rb +1 -2
  374. data/spec/unit/util/at_fork_spec.rb +3 -2
  375. data/spec/unit/util/autoload_spec.rb +2 -1
  376. data/spec/unit/util/log/destinations_spec.rb +1 -29
  377. data/spec/unit/util/log_spec.rb +0 -138
  378. data/spec/unit/util/logging_spec.rb +200 -0
  379. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  380. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  381. data/spec/unit/util/package/version/range_spec.rb +175 -0
  382. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  383. data/spec/unit/util/pidlock_spec.rb +112 -42
  384. data/spec/unit/util/plist_spec.rb +20 -0
  385. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  386. data/spec/unit/util/storage_spec.rb +1 -8
  387. data/spec/unit/util/windows/adsi_spec.rb +55 -4
  388. data/spec/unit/util/windows/sid_spec.rb +2 -2
  389. data/spec/unit/x509/cert_provider_spec.rb +24 -4
  390. data/tasks/generate_cert_fixtures.rake +15 -1
  391. data/tasks/manpages.rake +6 -35
  392. metadata +92 -12
  393. data/COMMITTERS.md +0 -244
  394. data/spec/integration/faces/plugin_spec.rb +0 -61
  395. data/spec/lib/puppet_spec/validators.rb +0 -37
@@ -0,0 +1,154 @@
1
+ require 'spec_helper'
2
+ require 'puppet_spec/https'
3
+ require 'puppet_spec/files'
4
+
5
+ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
6
+ include PuppetSpec::Files
7
+ include_context "https client"
8
+
9
+ let(:wrong_hostname) { 'localhost' }
10
+ let(:client) { Puppet::HTTP::Client.new }
11
+ let(:ssl_provider) { Puppet::SSL::SSLProvider.new }
12
+ let(:root_context) { ssl_provider.create_root_context(cacerts: [https_server.ca_cert], crls: [https_server.ca_crl]) }
13
+
14
+ context "when verifying an HTTPS server" do
15
+ it "connects over SSL" do
16
+ https_server.start_server do |port|
17
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
18
+ expect(res).to be_success
19
+ end
20
+ end
21
+
22
+ it "raises connection error if we can't connect" do
23
+ Puppet[:http_connect_timeout] = '0s'
24
+
25
+ # get available port, but don't bind to it
26
+ tcps = TCPServer.new("127.0.0.1", 0)
27
+ port = tcps.connect_address.ip_port
28
+
29
+ expect {
30
+ client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
31
+ }.to raise_error(Puppet::HTTP::ConnectionError, %r{^Request to https://127.0.0.1:#{port} timed out connect operation after .* seconds})
32
+ end
33
+
34
+ it "raises if the server's cert doesn't match the hostname we connected to" do
35
+ https_server.start_server do |port|
36
+ expect {
37
+ client.get(URI("https://#{wrong_hostname}:#{port}"), options: {ssl_context: root_context})
38
+ }.to raise_error { |err|
39
+ expect(err).to be_instance_of(Puppet::SSL::CertMismatchError)
40
+ expect(err.message).to match(/Server hostname '#{wrong_hostname}' did not match server certificate; expected one of (.+)/)
41
+
42
+ md = err.message.match(/expected one of (.+)/)
43
+ expect(md[1].split(', ')).to contain_exactly('127.0.0.1', 'DNS:127.0.0.1', 'DNS:127.0.0.2')
44
+ }
45
+ end
46
+ end
47
+
48
+ it "raises if the server's CA is unknown" do
49
+ wrong_ca = cert_fixture('netlock-arany-utf8.pem')
50
+ alt_context = ssl_provider.create_root_context(cacerts: [wrong_ca], revocation: false)
51
+
52
+ https_server.start_server do |port|
53
+ expect {
54
+ client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: alt_context})
55
+ }.to raise_error(Puppet::SSL::CertVerifyError,
56
+ %r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
57
+ end
58
+ end
59
+
60
+ it "prints TLS protocol and ciphersuite in debug" do
61
+ Puppet[:log_level] = 'debug'
62
+ https_server.start_server do |port|
63
+ client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
64
+ # TLS version string can be TLSv1 or TLSv1.[1-3], but not TLSv1.0
65
+ expect(@logs).to include(
66
+ an_object_having_attributes(level: :debug, message: /Using TLSv1(\.[1-3])? with cipher .*/),
67
+ )
68
+ end
69
+ end
70
+ end
71
+
72
+ context "with client certs" do
73
+ let(:ctx_proc) {
74
+ -> ctx {
75
+ # configures the server to require the client to present a client cert
76
+ ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
77
+ }
78
+ }
79
+
80
+ it "mutually authenticates the connection" do
81
+ client_context = ssl_provider.create_context(
82
+ cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
83
+ client_cert: https_server.server_cert, private_key: https_server.server_key
84
+ )
85
+
86
+ https_server.start_server(ctx_proc: ctx_proc) do |port|
87
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
88
+ expect(res).to be_success
89
+ end
90
+ end
91
+ end
92
+
93
+ context "with a system trust store" do
94
+ it "connects when the client trusts the server's CA" do
95
+ system_context = ssl_provider.create_system_context(cacerts: [https_server.ca_cert])
96
+
97
+ https_server.start_server do |port|
98
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
99
+ expect(res).to be_success
100
+ end
101
+ end
102
+
103
+ it "connects when the server's CA is in the system store" do
104
+ # create a temp cacert bundle
105
+ ssl_file = tmpfile('systemstore')
106
+ File.write(ssl_file, https_server.ca_cert)
107
+
108
+ # override path to system cacert bundle, this must be done before
109
+ # the SSLContext is created and the call to X509::Store.set_default_paths
110
+ Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
111
+ system_context = ssl_provider.create_system_context(cacerts: [])
112
+ https_server.start_server do |port|
113
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
114
+ expect(res).to be_success
115
+ end
116
+ end
117
+ end
118
+
119
+ it "raises if the server's CA is not in the context or system store" do
120
+ system_context = ssl_provider.create_system_context(cacerts: [cert_fixture('netlock-arany-utf8.pem')])
121
+
122
+ https_server.start_server do |port|
123
+ expect {
124
+ client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
125
+ }.to raise_error(Puppet::SSL::CertVerifyError,
126
+ %r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
127
+ end
128
+ end
129
+ end
130
+
131
+ context 'persistent connections' do
132
+ it "detects when the server has closed the connection and reconnects" do
133
+ Puppet[:http_debug] = true
134
+
135
+ # advertise that we support keep-alive, but we don't really
136
+ response_proc = -> (req, res) {
137
+ res['Connection'] = 'Keep-Alive'
138
+ }
139
+
140
+ https_server.start_server(response_proc: response_proc) do |port|
141
+ uri = URI("https://127.0.0.1:#{port}")
142
+ kwargs = {headers: {'Content-Type' => 'text/plain'}, options: {ssl_context: root_context}}
143
+
144
+ expect {
145
+ expect(client.post(uri, '', **kwargs)).to be_success
146
+ # the server closes its connection after each request, so posting
147
+ # again will force ruby to detect that the remote side closed the
148
+ # connection, and reconnect
149
+ expect(client.post(uri, '', **kwargs)).to be_success
150
+ }.to output(/Conn close because of EOF/).to_stderr
151
+ end
152
+ end
153
+ end
154
+ end
@@ -7,6 +7,10 @@ describe Puppet::Node::Facts::Facter do
7
7
  include PuppetSpec::Files
8
8
  include PuppetSpec::Compiler
9
9
 
10
+ before :each do
11
+ Puppet::Node::Facts.indirection.terminus_class = :facter
12
+ end
13
+
10
14
  it "preserves case in fact values" do
11
15
  Facter.add(:downcase_test) do
12
16
  setcode do
@@ -0,0 +1,83 @@
1
+ require 'spec_helper'
2
+
3
+ require 'puppet/transaction/report'
4
+ require 'puppet/indirector/report/yaml'
5
+
6
+ describe Puppet::Transaction::Report::Yaml do
7
+ describe '#save' do
8
+ subject(:indirection) { described_class.indirection }
9
+
10
+ let(:request) { described_class.new }
11
+ let(:certname) { 'ziggy' }
12
+ let(:report) do
13
+ report = Puppet::Transaction::Report.new
14
+ report.host = certname
15
+ report
16
+ end
17
+ let(:file) { request.path(:me) }
18
+
19
+ before do
20
+ indirection.terminus_class = :yaml
21
+ end
22
+
23
+ it 'is saves a report' do
24
+ indirection.save(report)
25
+ end
26
+
27
+ it 'saves the instance of the report as YAML to disk' do
28
+ indirection.save(report)
29
+ content = Puppet::Util::Yaml.safe_load_file(
30
+ Puppet[:lastrunreport], [Puppet::Transaction::Report]
31
+ )
32
+ expect(content.host).to eq(certname)
33
+ end
34
+
35
+ it 'allows mode overwrite' do
36
+ Puppet.settings.setting(:lastrunreport).mode = '0644'
37
+ indirection.save(report)
38
+
39
+ if Puppet::Util::Platform.windows?
40
+ require 'puppet/util/windows/security'
41
+ mode = Puppet::Util::Windows::Security.get_mode(file)
42
+ else
43
+ mode = Puppet::FileSystem.stat(file).mode
44
+ end
45
+
46
+ expect(mode & 07777).to eq(0644)
47
+ end
48
+
49
+ context 'when mode is invalid' do
50
+ before do
51
+ Puppet.settings.setting(:lastrunreport).mode = '9999'
52
+ end
53
+
54
+ after do
55
+ Puppet.settings.setting(:lastrunreport).mode = '0644'
56
+ end
57
+
58
+ it 'raises Puppet::DevError ' do
59
+ expect{
60
+ indirection.save(report)
61
+ }.to raise_error(Puppet::DevError, "replace_file mode: 9999 is invalid")
62
+ end
63
+ end
64
+
65
+ context 'when repport is invalid' do
66
+ it 'logs error' do
67
+ expect(Puppet).to receive(:send_log).with(:err, /Could not save yaml ziggy: can't dump anonymous class/)
68
+
69
+ report.configuration_version = Class.new
70
+ indirection.save(report)
71
+ end
72
+ end
73
+
74
+ context 'when report cannot be saved' do
75
+ it 'raises Errno::EISDIR' do
76
+ FileUtils.mkdir_p(file)
77
+ expect {
78
+ indirection.save(report)
79
+ }.to raise_error(Errno::EISDIR, /last_run_report.yaml/)
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,51 @@
1
+ require 'spec_helper'
2
+ require 'puppet/forge'
3
+ require 'puppet_spec/https'
4
+
5
+ describe Puppet::Forge, unless: Puppet::Util::Platform.jruby? do
6
+ include PuppetSpec::Files
7
+ include_context "https client"
8
+
9
+ let(:wrong_hostname) { 'localhost' }
10
+ let(:server) { PuppetSpec::HTTPSServer.new }
11
+ let(:ssl_provider) { Puppet::SSL::SSLProvider.new }
12
+
13
+ let(:http_response) do
14
+ File.read(fixtures('unit/forge/bacula.json'))
15
+ end
16
+
17
+ let(:release_response) do
18
+ releases = JSON.parse(http_response)
19
+ releases['results'] = []
20
+ JSON.dump(releases)
21
+ end
22
+
23
+ it 'fetching module release entries' do
24
+ # create a temp cacert bundle
25
+ ssl_file = tmpfile('systemstore')
26
+ File.write(ssl_file, server.ca_cert)
27
+
28
+ # override path to system cacert bundle, this must be done before
29
+ # the SSLContext is created and the call to X509::Store.set_default_paths
30
+ Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
31
+ response_proc = -> (req, res) {
32
+ res.status = 200
33
+ res.body = release_response
34
+ }
35
+
36
+ server.start_server(response_proc: response_proc) do |port|
37
+ forge = described_class.new("https://127.0.0.1:#{port}")
38
+ forge.fetch('bacula')
39
+ end
40
+ end
41
+ end
42
+
43
+ it 'returns a valid exception when there is an SSL verification problem' do
44
+ server.start_server do |port|
45
+ forge = described_class.new("https://#{wrong_hostname}:#{port}")
46
+ expect {
47
+ forge.fetch('mymodule')
48
+ }.to raise_error Puppet::Forge::Errors::SSLVerifyError, %r{^Unable to verify the SSL certificate at https://#{wrong_hostname}}
49
+ end
50
+ end
51
+ end
@@ -24,14 +24,6 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
24
24
  let(:server) { PuppetSpec::HTTPSServer.new }
25
25
 
26
26
  context "when calling deprecated HttpPool methods" do
27
- let(:ssl_host) {
28
- # use server's cert/key as the client cert/key
29
- host = Puppet::SSL::Host.new
30
- host.key = Puppet::SSL::Key.from_instance(server.server_key, host.name)
31
- host.certificate = Puppet::SSL::Certificate.from_instance(server.server_cert, host.name)
32
- host
33
- }
34
-
35
27
  before(:each) do
36
28
  ssldir = tmpdir('http_pool')
37
29
  Puppet[:ssldir] = ssldir
@@ -43,16 +35,6 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
43
35
  File.write(Puppet[:hostprivkey], server.server_key.to_pem)
44
36
  end
45
37
 
46
- # Can't use `around(:each)` because it will cause ssl_host to be
47
- # created outside of any rspec example, and $confdir won't be set
48
- before(:each) do
49
- Puppet.push_context(ssl_host: ssl_host)
50
- end
51
-
52
- after (:each) do
53
- Puppet.pop_context
54
- end
55
-
56
38
  def connection(host, port)
57
39
  Puppet::Network::HttpPool.http_instance(host, port, use_ssl: true)
58
40
  end
@@ -98,8 +80,26 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
98
80
  %r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
99
81
  end
100
82
  end
101
- end
102
83
 
84
+ it "doesn't generate a Puppet::SSL::Host deprecation warning" do
85
+ server.start_server do |port|
86
+ http = connection(hostname, port)
87
+ res = http.get('/')
88
+ expect(res.code).to eq('200')
89
+ end
90
+
91
+ expect(@logs).to eq([])
92
+ end
93
+
94
+ it "detects when the server has closed the connection and reconnects" do
95
+ server.start_server do |port|
96
+ http = connection(hostname, port)
97
+
98
+ expect(http.request_get('/')).to be_a(Net::HTTPSuccess)
99
+ expect(http.request_get('/')).to be_a(Net::HTTPSuccess)
100
+ end
101
+ end
102
+ end
103
103
 
104
104
  context "when using single use HTTPS connections" do
105
105
  include_examples 'HTTPS client'
@@ -107,7 +107,7 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
107
107
 
108
108
  context "when using persistent HTTPS connections" do
109
109
  around :each do |example|
110
- pool = Puppet::Network::HTTP::Pool.new
110
+ pool = Puppet::Network::HTTP::Pool.new(15)
111
111
  Puppet.override(:http_pool => pool) do
112
112
  example.run
113
113
  end
@@ -116,6 +116,62 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
116
116
 
117
117
  include_examples 'HTTPS client'
118
118
  end
119
+
120
+ shared_examples_for "an HttpPool connection" do |klass, legacy_api|
121
+ before :each do
122
+ Puppet::Network::HttpPool.http_client_class = klass
123
+ end
124
+
125
+ it "connects using the scheme, host and port from the http instance" do
126
+ request_line = nil
127
+
128
+ response_proc = -> (req, res) {
129
+ request_line = req.request_line
130
+ }
131
+
132
+ server.start_server(response_proc: response_proc) do |port|
133
+ http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
134
+ path = "http://bogus.example.com:443/foo"
135
+ http.get(path)
136
+
137
+ if legacy_api
138
+ # The old API passed the bogus hostname which didn't match
139
+ # the host we connected to.
140
+ expect(request_line).to eq("GET http://bogus.example.com:443/foo HTTP/1.1\r\n")
141
+ else
142
+ expect(request_line).to eq("GET /foo HTTP/1.1\r\n")
143
+ end
144
+ end
145
+ end
146
+
147
+ it "requires the caller to URL encode the path" do
148
+ request_line = nil
149
+
150
+ response_proc = -> (req, res) {
151
+ request_line = req.request_line
152
+ }
153
+
154
+ server.start_server(response_proc: response_proc) do |port|
155
+ http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
156
+ encoded_url = "https://#{hostname}:#{port}/foo%20bar"
157
+ http.get(encoded_url)
158
+
159
+ if legacy_api
160
+ expect(request_line).to eq("GET #{encoded_url} HTTP/1.1\r\n")
161
+ else
162
+ expect(request_line).to eq("GET /foo%20bar HTTP/1.1\r\n")
163
+ end
164
+ end
165
+ end
166
+ end
167
+
168
+ describe Puppet::Network::HTTP::Connection do
169
+ it_behaves_like "an HttpPool connection", described_class, true
170
+ end
171
+
172
+ describe Puppet::Network::HTTP::ConnectionAdapter do
173
+ it_behaves_like "an HttpPool connection", described_class, false
174
+ end
119
175
  end
120
176
 
121
177
  context "when calling HttpPool.connection method" do
@@ -76,6 +76,21 @@ describe Puppet::Node::Environment do
76
76
  expect(mods[0].path).to eq(File.join(base, "dir1", "mod"))
77
77
  end
78
78
 
79
+ it "should not yield a module with the same name as a defined Bolt project" do
80
+ project_path = File.join(tmpfile('project'), 'bolt_project')
81
+ FileUtils.mkdir_p(project_path)
82
+ project = Struct.new("Project", :name, :path).new('project', project_path)
83
+
84
+ Puppet.override(bolt_project: project) do
85
+ base = tmpfile("base")
86
+ FileUtils.mkdir_p([File.join(base, 'project'), File.join(base, 'other')])
87
+ environment = Puppet::Node::Environment.create(:env, [base])
88
+ mods = environment.modules
89
+ expect(mods.length).to eq(2)
90
+ expect(mods.map(&:path)).to eq([project_path, File.join(base, 'other')])
91
+ end
92
+ end
93
+
79
94
  shared_examples_for "the environment's initial import" do |settings|
80
95
  it "a manifest referring to a directory invokes parsing of all its files in sorted order" do
81
96
  settings.each do |name, value|