puppet 6.11.1-x64-mingw32 → 6.16.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +3 -8
- data/CONTRIBUTING.md +7 -13
- data/Gemfile +1 -0
- data/Gemfile.lock +39 -36
- data/README.md +17 -24
- data/ext/build_defaults.yaml +1 -0
- data/ext/project_data.yaml +1 -1
- data/ext/windows/service/daemon.rb +25 -20
- data/lib/puppet.rb +52 -13
- data/lib/puppet/agent.rb +20 -14
- data/lib/puppet/application/agent.rb +12 -14
- data/lib/puppet/application/describe.rb +7 -5
- data/lib/puppet/application/device.rb +2 -2
- data/lib/puppet/application/filebucket.rb +19 -15
- data/lib/puppet/application/plugin.rb +1 -0
- data/lib/puppet/application/resource.rb +1 -1
- data/lib/puppet/application/ssl.rb +4 -4
- data/lib/puppet/concurrent.rb +2 -0
- data/lib/puppet/concurrent/lock.rb +16 -0
- data/lib/puppet/concurrent/synchronized.rb +15 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +14 -0
- data/lib/puppet/configurer.rb +85 -83
- data/lib/puppet/configurer/plugin_handler.rb +10 -1
- data/lib/puppet/context/trusted_information.rb +14 -8
- data/lib/puppet/daemon.rb +13 -27
- data/lib/puppet/defaults.rb +158 -40
- data/lib/puppet/environments.rb +30 -20
- data/lib/puppet/error.rb +9 -1
- data/lib/puppet/face/facts.rb +8 -5
- data/lib/puppet/face/help.rb +29 -3
- data/lib/puppet/face/module/search.rb +5 -0
- data/lib/puppet/face/plugin.rb +2 -2
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_system/file_impl.rb +13 -9
- data/lib/puppet/file_system/memory_file.rb +6 -0
- data/lib/puppet/file_system/memory_impl.rb +13 -0
- data/lib/puppet/file_system/uniquefile.rb +4 -0
- data/lib/puppet/file_system/windows.rb +7 -10
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/forge/errors.rb +2 -2
- data/lib/puppet/forge/repository.rb +31 -86
- data/lib/puppet/functions/call.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +2 -2
- data/lib/puppet/functions/epp.rb +4 -4
- data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
- data/lib/puppet/functions/filter.rb +1 -0
- data/lib/puppet/functions/find_file.rb +9 -9
- data/lib/puppet/functions/find_template.rb +63 -0
- data/lib/puppet/functions/inline_epp.rb +5 -5
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/http.rb +7 -0
- data/lib/puppet/http/client.rb +341 -54
- data/lib/puppet/http/errors.rb +2 -0
- data/lib/puppet/http/external_client.rb +90 -0
- data/lib/puppet/http/redirector.rb +34 -0
- data/lib/puppet/http/resolver.rb +57 -1
- data/lib/puppet/http/resolver/server_list.rb +98 -0
- data/lib/puppet/http/resolver/settings.rb +23 -2
- data/lib/puppet/http/resolver/srv.rb +36 -4
- data/lib/puppet/http/response.rb +68 -1
- data/lib/puppet/http/retry_after_handler.rb +39 -0
- data/lib/puppet/http/service.rb +179 -3
- data/lib/puppet/http/service/ca.rb +84 -21
- data/lib/puppet/http/service/compiler.rb +319 -0
- data/lib/puppet/http/service/file_server.rb +206 -0
- data/lib/puppet/http/service/report.rb +66 -0
- data/lib/puppet/http/session.rb +106 -31
- data/lib/puppet/indirector/catalog/compiler.rb +10 -0
- data/lib/puppet/indirector/catalog/rest.rb +34 -0
- data/lib/puppet/indirector/facts/rest.rb +42 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
- data/lib/puppet/indirector/file_content/http.rb +5 -0
- data/lib/puppet/indirector/file_content/rest.rb +30 -0
- data/lib/puppet/indirector/file_metadata/http.rb +4 -4
- data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
- data/lib/puppet/indirector/json.rb +1 -1
- data/lib/puppet/indirector/msgpack.rb +1 -1
- data/lib/puppet/indirector/node/rest.rb +24 -0
- data/lib/puppet/indirector/report/rest.rb +19 -0
- data/lib/puppet/indirector/report/yaml.rb +23 -0
- data/lib/puppet/indirector/rest.rb +12 -0
- data/lib/puppet/indirector/status/rest.rb +18 -0
- data/lib/puppet/loaders.rb +6 -0
- data/lib/puppet/metatype/manager.rb +80 -80
- data/lib/puppet/network/http/base_pool.rb +19 -1
- data/lib/puppet/network/http/compression.rb +7 -0
- data/lib/puppet/network/http/connection.rb +6 -0
- data/lib/puppet/network/http/connection_adapter.rb +182 -0
- data/lib/puppet/network/http/nocache_pool.rb +2 -0
- data/lib/puppet/network/http/pool.rb +13 -6
- data/lib/puppet/network/http_pool.rb +2 -1
- data/lib/puppet/node/environment.rb +24 -8
- data/lib/puppet/pal/catalog_compiler.rb +5 -0
- data/lib/puppet/pal/pal_impl.rb +9 -29
- data/lib/puppet/parser/ast/pops_bridge.rb +6 -11
- data/lib/puppet/parser/compiler.rb +42 -32
- data/lib/puppet/parser/functions.rb +18 -13
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/filter.rb +1 -0
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
- data/lib/puppet/pops/loaders.rb +7 -5
- data/lib/puppet/pops/lookup/invocation.rb +10 -3
- data/lib/puppet/pops/model/pn_transformer.rb +5 -9
- data/lib/puppet/pops/parser/evaluating_parser.rb +8 -11
- data/lib/puppet/pops/serialization/json_path.rb +3 -3
- data/lib/puppet/pops/time/timespan.rb +3 -5
- data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
- data/lib/puppet/pops/types/string_converter.rb +6 -9
- data/lib/puppet/pops/types/type_calculator.rb +30 -10
- data/lib/puppet/pops/types/type_formatter.rb +9 -11
- data/lib/puppet/pops/types/type_parser.rb +3 -3
- data/lib/puppet/pops/validation/checker4_0.rb +1 -1
- data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
- data/lib/puppet/provider/aix_object.rb +4 -2
- data/lib/puppet/provider/group/aix.rb +1 -0
- data/lib/puppet/provider/group/groupadd.rb +57 -24
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +78 -4
- data/lib/puppet/provider/package/dnfmodule.rb +69 -15
- data/lib/puppet/provider/package/dpkg.rb +14 -7
- data/lib/puppet/provider/package/fink.rb +20 -3
- data/lib/puppet/provider/package/gem.rb +41 -7
- data/lib/puppet/provider/package/openbsd.rb +13 -1
- data/lib/puppet/provider/package/pacman.rb +2 -5
- data/lib/puppet/provider/package/pip.rb +143 -48
- data/lib/puppet/provider/package/pip3.rb +0 -2
- data/lib/puppet/provider/package/pkg.rb +18 -5
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +5 -5
- data/lib/puppet/provider/package/puppet_gem.rb +6 -2
- data/lib/puppet/provider/package/rpm.rb +6 -213
- data/lib/puppet/provider/package/yum.rb +108 -24
- data/lib/puppet/provider/package/zypper.rb +59 -1
- data/lib/puppet/provider/package_targetable.rb +5 -4
- data/lib/puppet/provider/service/systemd.rb +23 -5
- data/lib/puppet/provider/user/aix.rb +1 -0
- data/lib/puppet/provider/user/directoryservice.rb +30 -5
- data/lib/puppet/provider/user/hpux.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +11 -8
- data/lib/puppet/reports/http.rb +13 -9
- data/lib/puppet/reports/store.rb +1 -1
- data/lib/puppet/resource/type_collection.rb +20 -16
- data/lib/puppet/runtime.rb +32 -1
- data/lib/puppet/settings.rb +4 -0
- data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
- data/lib/puppet/ssl.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +2 -1
- data/lib/puppet/ssl/host.rb +4 -4
- data/lib/puppet/ssl/oids.rb +1 -0
- data/lib/puppet/ssl/ssl_provider.rb +20 -0
- data/lib/puppet/ssl/state_machine.rb +81 -35
- data/lib/puppet/ssl/verifier_adapter.rb +9 -1
- data/lib/puppet/test/test_helper.rb +7 -1
- data/lib/puppet/transaction.rb +33 -11
- data/lib/puppet/transaction/report.rb +2 -2
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +7 -2
- data/lib/puppet/type/file.rb +13 -0
- data/lib/puppet/type/file/data_sync.rb +5 -1
- data/lib/puppet/type/file/source.rb +49 -58
- data/lib/puppet/type/group.rb +5 -4
- data/lib/puppet/type/package.rb +102 -10
- data/lib/puppet/type/service.rb +6 -8
- data/lib/puppet/type/user.rb +6 -30
- data/lib/puppet/util.rb +34 -11
- data/lib/puppet/util/at_fork.rb +1 -1
- data/lib/puppet/util/autoload.rb +4 -18
- data/lib/puppet/util/instance_loader.rb +14 -10
- data/lib/puppet/util/log/destinations.rb +2 -11
- data/lib/puppet/util/logging.rb +30 -18
- data/lib/puppet/util/package/version/debian.rb +175 -0
- data/lib/puppet/util/package/version/gem.rb +15 -0
- data/lib/puppet/util/package/version/pip.rb +167 -0
- data/lib/puppet/util/package/version/range.rb +53 -0
- data/lib/puppet/util/package/version/range/eq.rb +14 -0
- data/lib/puppet/util/package/version/range/gt.rb +14 -0
- data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/lt.rb +14 -0
- data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/min_max.rb +21 -0
- data/lib/puppet/util/package/version/range/simple.rb +11 -0
- data/lib/puppet/util/package/version/rpm.rb +73 -0
- data/lib/puppet/util/pidlock.rb +36 -10
- data/lib/puppet/util/platform.rb +5 -0
- data/lib/puppet/util/plist.rb +6 -0
- data/lib/puppet/util/rpm_compare.rb +193 -0
- data/lib/puppet/util/storage.rb +0 -1
- data/lib/puppet/util/windows/adsi.rb +50 -20
- data/lib/puppet/util/windows/process.rb +15 -14
- data/lib/puppet/util/windows/security.rb +1 -0
- data/lib/puppet/util/windows/sid.rb +3 -3
- data/lib/puppet/util/yaml.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +9 -5
- data/locales/puppet.pot +640 -521
- data/man/man5/puppet.conf.5 +88 -9
- data/man/man8/puppet-agent.8 +6 -6
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +17 -2
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +6 -3
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +4 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +2 -2
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
- data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
- data/spec/fixtures/ssl/unknown-ca.pem +59 -0
- data/spec/fixtures/unit/forge/bacula.json +76 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
- data/spec/integration/application/agent_spec.rb +394 -0
- data/spec/integration/application/apply_spec.rb +132 -3
- data/spec/integration/application/filebucket_spec.rb +190 -0
- data/spec/integration/application/plugin_spec.rb +73 -0
- data/spec/integration/configurer_spec.rb +26 -7
- data/spec/integration/http/client_spec.rb +154 -0
- data/spec/integration/indirector/facts/facter_spec.rb +4 -0
- data/spec/integration/indirector/report/yaml.rb +83 -0
- data/spec/integration/module_tool/forge_spec.rb +51 -0
- data/spec/integration/network/http_pool_spec.rb +76 -20
- data/spec/integration/node/environment_spec.rb +15 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/lib/puppet_spec/https.rb +20 -9
- data/spec/lib/puppet_spec/puppetserver.rb +119 -0
- data/spec/shared_contexts/https.rb +29 -0
- data/spec/spec_helper.rb +6 -2
- data/spec/unit/agent_spec.rb +80 -26
- data/spec/unit/application/agent_spec.rb +9 -5
- data/spec/unit/application/apply_spec.rb +2 -12
- data/spec/unit/application/describe_spec.rb +88 -50
- data/spec/unit/application/device_spec.rb +2 -2
- data/spec/unit/application/filebucket_spec.rb +22 -2
- data/spec/unit/application/resource_spec.rb +2 -2
- data/spec/unit/concurrent/lock_spec.rb +29 -0
- data/spec/unit/configurer/fact_handler_spec.rb +0 -4
- data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
- data/spec/unit/configurer_spec.rb +400 -406
- data/spec/unit/context/trusted_information_spec.rb +17 -0
- data/spec/unit/daemon_spec.rb +5 -64
- data/spec/unit/defaults_spec.rb +38 -4
- data/spec/unit/environments_spec.rb +65 -28
- data/spec/unit/face/facts_spec.rb +24 -20
- data/spec/unit/face/module/search_spec.rb +17 -0
- data/spec/unit/face/plugin_spec.rb +12 -10
- data/spec/unit/file_system/uniquefile_spec.rb +11 -0
- data/spec/unit/file_system_spec.rb +26 -2
- data/spec/unit/forge/errors_spec.rb +1 -1
- data/spec/unit/forge/forge_spec.rb +12 -54
- data/spec/unit/forge/module_release_spec.rb +19 -6
- data/spec/unit/forge/repository_spec.rb +63 -157
- data/spec/unit/forge_spec.rb +46 -116
- data/spec/unit/functions/find_template_spec.rb +69 -0
- data/spec/unit/functions/lookup_spec.rb +13 -0
- data/spec/unit/http/client_spec.rb +395 -27
- data/spec/unit/http/external_client_spec.rb +201 -0
- data/spec/unit/http/resolver_spec.rb +81 -12
- data/spec/unit/http/response_spec.rb +69 -0
- data/spec/unit/http/service/ca_spec.rb +100 -7
- data/spec/unit/http/service/compiler_spec.rb +627 -0
- data/spec/unit/http/service/file_server_spec.rb +308 -0
- data/spec/unit/http/service/report_spec.rb +118 -0
- data/spec/unit/http/service_spec.rb +117 -4
- data/spec/unit/http/session_spec.rb +237 -19
- data/spec/unit/indirector/catalog/compiler_spec.rb +47 -29
- data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
- data/spec/unit/indirector/facts/rest_spec.rb +79 -24
- data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
- data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
- data/spec/unit/indirector/file_metadata/http_spec.rb +167 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
- data/spec/unit/indirector/node/rest_spec.rb +57 -2
- data/spec/unit/indirector/report/rest_spec.rb +58 -51
- data/spec/unit/indirector/resource/ral_spec.rb +7 -8
- data/spec/unit/indirector/rest_spec.rb +13 -0
- data/spec/unit/indirector/status/rest_spec.rb +43 -2
- data/spec/unit/network/http/connection_spec.rb +549 -176
- data/spec/unit/network/http/nocache_pool_spec.rb +25 -3
- data/spec/unit/network/http/pool_spec.rb +89 -11
- data/spec/unit/network/http_pool_spec.rb +63 -57
- data/spec/unit/network/http_spec.rb +1 -1
- data/spec/unit/node/environment_spec.rb +16 -0
- data/spec/unit/node/facts_spec.rb +2 -1
- data/spec/unit/node_spec.rb +7 -4
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
- data/spec/unit/pops/validator/validator_spec.rb +7 -2
- data/spec/unit/provider/aix_object_spec.rb +16 -2
- data/spec/unit/provider/group/groupadd_spec.rb +181 -56
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +43 -2
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +76 -15
- data/spec/unit/provider/package/dpkg_spec.rb +28 -6
- data/spec/unit/provider/package/gem_spec.rb +40 -0
- data/spec/unit/provider/package/openbsd_spec.rb +17 -0
- data/spec/unit/provider/package/pacman_spec.rb +6 -21
- data/spec/unit/provider/package/pip_spec.rb +68 -19
- data/spec/unit/provider/package/pkg_spec.rb +15 -1
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +38 -0
- data/spec/unit/provider/package/portage_spec.rb +9 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
- data/spec/unit/provider/package/rpm_spec.rb +0 -212
- data/spec/unit/provider/package/yum_spec.rb +292 -0
- data/spec/unit/provider/package/zypper_spec.rb +84 -0
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/openbsd_spec.rb +9 -0
- data/spec/unit/provider/service/openwrt_spec.rb +1 -0
- data/spec/unit/provider/service/redhat_spec.rb +9 -0
- data/spec/unit/provider/service/systemd_spec.rb +92 -12
- data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
- data/spec/unit/provider/user/hpux_spec.rb +2 -2
- data/spec/unit/provider/user/useradd_spec.rb +21 -8
- data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
- data/spec/unit/puppet_pal_2pec.rb +0 -26
- data/spec/unit/puppet_pal_catalog_spec.rb +46 -0
- data/spec/unit/puppet_spec.rb +47 -0
- data/spec/unit/reports/http_spec.rb +70 -52
- data/spec/unit/settings/autosign_setting_spec.rb +1 -1
- data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
- data/spec/unit/ssl/certificate_spec.rb +7 -0
- data/spec/unit/ssl/host_spec.rb +4 -2
- data/spec/unit/ssl/oids_spec.rb +1 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +71 -0
- data/spec/unit/ssl/state_machine_spec.rb +99 -13
- data/spec/unit/transaction/persistence_spec.rb +1 -10
- data/spec/unit/transaction/report_spec.rb +4 -0
- data/spec/unit/transaction_spec.rb +45 -1
- data/spec/unit/type/file/content_spec.rb +9 -3
- data/spec/unit/type/file/ensure_spec.rb +1 -2
- data/spec/unit/type/file/source_spec.rb +86 -35
- data/spec/unit/type/package_spec.rb +8 -0
- data/spec/unit/type/service_spec.rb +9 -8
- data/spec/unit/type/user_spec.rb +1 -2
- data/spec/unit/util/at_fork_spec.rb +3 -2
- data/spec/unit/util/autoload_spec.rb +2 -1
- data/spec/unit/util/log/destinations_spec.rb +1 -29
- data/spec/unit/util/log_spec.rb +0 -138
- data/spec/unit/util/logging_spec.rb +200 -0
- data/spec/unit/util/package/version/debian_spec.rb +83 -0
- data/spec/unit/util/package/version/pip_spec.rb +464 -0
- data/spec/unit/util/package/version/range_spec.rb +175 -0
- data/spec/unit/util/package/version/rpm_spec.rb +121 -0
- data/spec/unit/util/pidlock_spec.rb +112 -42
- data/spec/unit/util/plist_spec.rb +20 -0
- data/spec/unit/util/rpm_compare_spec.rb +196 -0
- data/spec/unit/util/storage_spec.rb +1 -8
- data/spec/unit/util/windows/adsi_spec.rb +55 -4
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/spec/unit/x509/cert_provider_spec.rb +24 -4
- data/tasks/generate_cert_fixtures.rake +15 -1
- data/tasks/manpages.rake +6 -35
- metadata +92 -12
- data/COMMITTERS.md +0 -244
- data/spec/integration/faces/plugin_spec.rb +0 -61
- data/spec/lib/puppet_spec/validators.rb +0 -37
@@ -0,0 +1,154 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet_spec/https'
|
3
|
+
require 'puppet_spec/files'
|
4
|
+
|
5
|
+
describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
6
|
+
include PuppetSpec::Files
|
7
|
+
include_context "https client"
|
8
|
+
|
9
|
+
let(:wrong_hostname) { 'localhost' }
|
10
|
+
let(:client) { Puppet::HTTP::Client.new }
|
11
|
+
let(:ssl_provider) { Puppet::SSL::SSLProvider.new }
|
12
|
+
let(:root_context) { ssl_provider.create_root_context(cacerts: [https_server.ca_cert], crls: [https_server.ca_crl]) }
|
13
|
+
|
14
|
+
context "when verifying an HTTPS server" do
|
15
|
+
it "connects over SSL" do
|
16
|
+
https_server.start_server do |port|
|
17
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
18
|
+
expect(res).to be_success
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
it "raises connection error if we can't connect" do
|
23
|
+
Puppet[:http_connect_timeout] = '0s'
|
24
|
+
|
25
|
+
# get available port, but don't bind to it
|
26
|
+
tcps = TCPServer.new("127.0.0.1", 0)
|
27
|
+
port = tcps.connect_address.ip_port
|
28
|
+
|
29
|
+
expect {
|
30
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
31
|
+
}.to raise_error(Puppet::HTTP::ConnectionError, %r{^Request to https://127.0.0.1:#{port} timed out connect operation after .* seconds})
|
32
|
+
end
|
33
|
+
|
34
|
+
it "raises if the server's cert doesn't match the hostname we connected to" do
|
35
|
+
https_server.start_server do |port|
|
36
|
+
expect {
|
37
|
+
client.get(URI("https://#{wrong_hostname}:#{port}"), options: {ssl_context: root_context})
|
38
|
+
}.to raise_error { |err|
|
39
|
+
expect(err).to be_instance_of(Puppet::SSL::CertMismatchError)
|
40
|
+
expect(err.message).to match(/Server hostname '#{wrong_hostname}' did not match server certificate; expected one of (.+)/)
|
41
|
+
|
42
|
+
md = err.message.match(/expected one of (.+)/)
|
43
|
+
expect(md[1].split(', ')).to contain_exactly('127.0.0.1', 'DNS:127.0.0.1', 'DNS:127.0.0.2')
|
44
|
+
}
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
it "raises if the server's CA is unknown" do
|
49
|
+
wrong_ca = cert_fixture('netlock-arany-utf8.pem')
|
50
|
+
alt_context = ssl_provider.create_root_context(cacerts: [wrong_ca], revocation: false)
|
51
|
+
|
52
|
+
https_server.start_server do |port|
|
53
|
+
expect {
|
54
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: alt_context})
|
55
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
56
|
+
%r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
it "prints TLS protocol and ciphersuite in debug" do
|
61
|
+
Puppet[:log_level] = 'debug'
|
62
|
+
https_server.start_server do |port|
|
63
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
64
|
+
# TLS version string can be TLSv1 or TLSv1.[1-3], but not TLSv1.0
|
65
|
+
expect(@logs).to include(
|
66
|
+
an_object_having_attributes(level: :debug, message: /Using TLSv1(\.[1-3])? with cipher .*/),
|
67
|
+
)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
context "with client certs" do
|
73
|
+
let(:ctx_proc) {
|
74
|
+
-> ctx {
|
75
|
+
# configures the server to require the client to present a client cert
|
76
|
+
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
|
77
|
+
}
|
78
|
+
}
|
79
|
+
|
80
|
+
it "mutually authenticates the connection" do
|
81
|
+
client_context = ssl_provider.create_context(
|
82
|
+
cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
|
83
|
+
client_cert: https_server.server_cert, private_key: https_server.server_key
|
84
|
+
)
|
85
|
+
|
86
|
+
https_server.start_server(ctx_proc: ctx_proc) do |port|
|
87
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
|
88
|
+
expect(res).to be_success
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
context "with a system trust store" do
|
94
|
+
it "connects when the client trusts the server's CA" do
|
95
|
+
system_context = ssl_provider.create_system_context(cacerts: [https_server.ca_cert])
|
96
|
+
|
97
|
+
https_server.start_server do |port|
|
98
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
99
|
+
expect(res).to be_success
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
it "connects when the server's CA is in the system store" do
|
104
|
+
# create a temp cacert bundle
|
105
|
+
ssl_file = tmpfile('systemstore')
|
106
|
+
File.write(ssl_file, https_server.ca_cert)
|
107
|
+
|
108
|
+
# override path to system cacert bundle, this must be done before
|
109
|
+
# the SSLContext is created and the call to X509::Store.set_default_paths
|
110
|
+
Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
|
111
|
+
system_context = ssl_provider.create_system_context(cacerts: [])
|
112
|
+
https_server.start_server do |port|
|
113
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
114
|
+
expect(res).to be_success
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
119
|
+
it "raises if the server's CA is not in the context or system store" do
|
120
|
+
system_context = ssl_provider.create_system_context(cacerts: [cert_fixture('netlock-arany-utf8.pem')])
|
121
|
+
|
122
|
+
https_server.start_server do |port|
|
123
|
+
expect {
|
124
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
125
|
+
}.to raise_error(Puppet::SSL::CertVerifyError,
|
126
|
+
%r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
|
127
|
+
end
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
context 'persistent connections' do
|
132
|
+
it "detects when the server has closed the connection and reconnects" do
|
133
|
+
Puppet[:http_debug] = true
|
134
|
+
|
135
|
+
# advertise that we support keep-alive, but we don't really
|
136
|
+
response_proc = -> (req, res) {
|
137
|
+
res['Connection'] = 'Keep-Alive'
|
138
|
+
}
|
139
|
+
|
140
|
+
https_server.start_server(response_proc: response_proc) do |port|
|
141
|
+
uri = URI("https://127.0.0.1:#{port}")
|
142
|
+
kwargs = {headers: {'Content-Type' => 'text/plain'}, options: {ssl_context: root_context}}
|
143
|
+
|
144
|
+
expect {
|
145
|
+
expect(client.post(uri, '', **kwargs)).to be_success
|
146
|
+
# the server closes its connection after each request, so posting
|
147
|
+
# again will force ruby to detect that the remote side closed the
|
148
|
+
# connection, and reconnect
|
149
|
+
expect(client.post(uri, '', **kwargs)).to be_success
|
150
|
+
}.to output(/Conn close because of EOF/).to_stderr
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
@@ -7,6 +7,10 @@ describe Puppet::Node::Facts::Facter do
|
|
7
7
|
include PuppetSpec::Files
|
8
8
|
include PuppetSpec::Compiler
|
9
9
|
|
10
|
+
before :each do
|
11
|
+
Puppet::Node::Facts.indirection.terminus_class = :facter
|
12
|
+
end
|
13
|
+
|
10
14
|
it "preserves case in fact values" do
|
11
15
|
Facter.add(:downcase_test) do
|
12
16
|
setcode do
|
@@ -0,0 +1,83 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
require 'puppet/transaction/report'
|
4
|
+
require 'puppet/indirector/report/yaml'
|
5
|
+
|
6
|
+
describe Puppet::Transaction::Report::Yaml do
|
7
|
+
describe '#save' do
|
8
|
+
subject(:indirection) { described_class.indirection }
|
9
|
+
|
10
|
+
let(:request) { described_class.new }
|
11
|
+
let(:certname) { 'ziggy' }
|
12
|
+
let(:report) do
|
13
|
+
report = Puppet::Transaction::Report.new
|
14
|
+
report.host = certname
|
15
|
+
report
|
16
|
+
end
|
17
|
+
let(:file) { request.path(:me) }
|
18
|
+
|
19
|
+
before do
|
20
|
+
indirection.terminus_class = :yaml
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'is saves a report' do
|
24
|
+
indirection.save(report)
|
25
|
+
end
|
26
|
+
|
27
|
+
it 'saves the instance of the report as YAML to disk' do
|
28
|
+
indirection.save(report)
|
29
|
+
content = Puppet::Util::Yaml.safe_load_file(
|
30
|
+
Puppet[:lastrunreport], [Puppet::Transaction::Report]
|
31
|
+
)
|
32
|
+
expect(content.host).to eq(certname)
|
33
|
+
end
|
34
|
+
|
35
|
+
it 'allows mode overwrite' do
|
36
|
+
Puppet.settings.setting(:lastrunreport).mode = '0644'
|
37
|
+
indirection.save(report)
|
38
|
+
|
39
|
+
if Puppet::Util::Platform.windows?
|
40
|
+
require 'puppet/util/windows/security'
|
41
|
+
mode = Puppet::Util::Windows::Security.get_mode(file)
|
42
|
+
else
|
43
|
+
mode = Puppet::FileSystem.stat(file).mode
|
44
|
+
end
|
45
|
+
|
46
|
+
expect(mode & 07777).to eq(0644)
|
47
|
+
end
|
48
|
+
|
49
|
+
context 'when mode is invalid' do
|
50
|
+
before do
|
51
|
+
Puppet.settings.setting(:lastrunreport).mode = '9999'
|
52
|
+
end
|
53
|
+
|
54
|
+
after do
|
55
|
+
Puppet.settings.setting(:lastrunreport).mode = '0644'
|
56
|
+
end
|
57
|
+
|
58
|
+
it 'raises Puppet::DevError ' do
|
59
|
+
expect{
|
60
|
+
indirection.save(report)
|
61
|
+
}.to raise_error(Puppet::DevError, "replace_file mode: 9999 is invalid")
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
context 'when repport is invalid' do
|
66
|
+
it 'logs error' do
|
67
|
+
expect(Puppet).to receive(:send_log).with(:err, /Could not save yaml ziggy: can't dump anonymous class/)
|
68
|
+
|
69
|
+
report.configuration_version = Class.new
|
70
|
+
indirection.save(report)
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
context 'when report cannot be saved' do
|
75
|
+
it 'raises Errno::EISDIR' do
|
76
|
+
FileUtils.mkdir_p(file)
|
77
|
+
expect {
|
78
|
+
indirection.save(report)
|
79
|
+
}.to raise_error(Errno::EISDIR, /last_run_report.yaml/)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet/forge'
|
3
|
+
require 'puppet_spec/https'
|
4
|
+
|
5
|
+
describe Puppet::Forge, unless: Puppet::Util::Platform.jruby? do
|
6
|
+
include PuppetSpec::Files
|
7
|
+
include_context "https client"
|
8
|
+
|
9
|
+
let(:wrong_hostname) { 'localhost' }
|
10
|
+
let(:server) { PuppetSpec::HTTPSServer.new }
|
11
|
+
let(:ssl_provider) { Puppet::SSL::SSLProvider.new }
|
12
|
+
|
13
|
+
let(:http_response) do
|
14
|
+
File.read(fixtures('unit/forge/bacula.json'))
|
15
|
+
end
|
16
|
+
|
17
|
+
let(:release_response) do
|
18
|
+
releases = JSON.parse(http_response)
|
19
|
+
releases['results'] = []
|
20
|
+
JSON.dump(releases)
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'fetching module release entries' do
|
24
|
+
# create a temp cacert bundle
|
25
|
+
ssl_file = tmpfile('systemstore')
|
26
|
+
File.write(ssl_file, server.ca_cert)
|
27
|
+
|
28
|
+
# override path to system cacert bundle, this must be done before
|
29
|
+
# the SSLContext is created and the call to X509::Store.set_default_paths
|
30
|
+
Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
|
31
|
+
response_proc = -> (req, res) {
|
32
|
+
res.status = 200
|
33
|
+
res.body = release_response
|
34
|
+
}
|
35
|
+
|
36
|
+
server.start_server(response_proc: response_proc) do |port|
|
37
|
+
forge = described_class.new("https://127.0.0.1:#{port}")
|
38
|
+
forge.fetch('bacula')
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'returns a valid exception when there is an SSL verification problem' do
|
44
|
+
server.start_server do |port|
|
45
|
+
forge = described_class.new("https://#{wrong_hostname}:#{port}")
|
46
|
+
expect {
|
47
|
+
forge.fetch('mymodule')
|
48
|
+
}.to raise_error Puppet::Forge::Errors::SSLVerifyError, %r{^Unable to verify the SSL certificate at https://#{wrong_hostname}}
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -24,14 +24,6 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
|
|
24
24
|
let(:server) { PuppetSpec::HTTPSServer.new }
|
25
25
|
|
26
26
|
context "when calling deprecated HttpPool methods" do
|
27
|
-
let(:ssl_host) {
|
28
|
-
# use server's cert/key as the client cert/key
|
29
|
-
host = Puppet::SSL::Host.new
|
30
|
-
host.key = Puppet::SSL::Key.from_instance(server.server_key, host.name)
|
31
|
-
host.certificate = Puppet::SSL::Certificate.from_instance(server.server_cert, host.name)
|
32
|
-
host
|
33
|
-
}
|
34
|
-
|
35
27
|
before(:each) do
|
36
28
|
ssldir = tmpdir('http_pool')
|
37
29
|
Puppet[:ssldir] = ssldir
|
@@ -43,16 +35,6 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
|
|
43
35
|
File.write(Puppet[:hostprivkey], server.server_key.to_pem)
|
44
36
|
end
|
45
37
|
|
46
|
-
# Can't use `around(:each)` because it will cause ssl_host to be
|
47
|
-
# created outside of any rspec example, and $confdir won't be set
|
48
|
-
before(:each) do
|
49
|
-
Puppet.push_context(ssl_host: ssl_host)
|
50
|
-
end
|
51
|
-
|
52
|
-
after (:each) do
|
53
|
-
Puppet.pop_context
|
54
|
-
end
|
55
|
-
|
56
38
|
def connection(host, port)
|
57
39
|
Puppet::Network::HttpPool.http_instance(host, port, use_ssl: true)
|
58
40
|
end
|
@@ -98,8 +80,26 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
|
|
98
80
|
%r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
|
99
81
|
end
|
100
82
|
end
|
101
|
-
end
|
102
83
|
|
84
|
+
it "doesn't generate a Puppet::SSL::Host deprecation warning" do
|
85
|
+
server.start_server do |port|
|
86
|
+
http = connection(hostname, port)
|
87
|
+
res = http.get('/')
|
88
|
+
expect(res.code).to eq('200')
|
89
|
+
end
|
90
|
+
|
91
|
+
expect(@logs).to eq([])
|
92
|
+
end
|
93
|
+
|
94
|
+
it "detects when the server has closed the connection and reconnects" do
|
95
|
+
server.start_server do |port|
|
96
|
+
http = connection(hostname, port)
|
97
|
+
|
98
|
+
expect(http.request_get('/')).to be_a(Net::HTTPSuccess)
|
99
|
+
expect(http.request_get('/')).to be_a(Net::HTTPSuccess)
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
103
|
|
104
104
|
context "when using single use HTTPS connections" do
|
105
105
|
include_examples 'HTTPS client'
|
@@ -107,7 +107,7 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
|
|
107
107
|
|
108
108
|
context "when using persistent HTTPS connections" do
|
109
109
|
around :each do |example|
|
110
|
-
pool = Puppet::Network::HTTP::Pool.new
|
110
|
+
pool = Puppet::Network::HTTP::Pool.new(15)
|
111
111
|
Puppet.override(:http_pool => pool) do
|
112
112
|
example.run
|
113
113
|
end
|
@@ -116,6 +116,62 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
|
|
116
116
|
|
117
117
|
include_examples 'HTTPS client'
|
118
118
|
end
|
119
|
+
|
120
|
+
shared_examples_for "an HttpPool connection" do |klass, legacy_api|
|
121
|
+
before :each do
|
122
|
+
Puppet::Network::HttpPool.http_client_class = klass
|
123
|
+
end
|
124
|
+
|
125
|
+
it "connects using the scheme, host and port from the http instance" do
|
126
|
+
request_line = nil
|
127
|
+
|
128
|
+
response_proc = -> (req, res) {
|
129
|
+
request_line = req.request_line
|
130
|
+
}
|
131
|
+
|
132
|
+
server.start_server(response_proc: response_proc) do |port|
|
133
|
+
http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
|
134
|
+
path = "http://bogus.example.com:443/foo"
|
135
|
+
http.get(path)
|
136
|
+
|
137
|
+
if legacy_api
|
138
|
+
# The old API passed the bogus hostname which didn't match
|
139
|
+
# the host we connected to.
|
140
|
+
expect(request_line).to eq("GET http://bogus.example.com:443/foo HTTP/1.1\r\n")
|
141
|
+
else
|
142
|
+
expect(request_line).to eq("GET /foo HTTP/1.1\r\n")
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
it "requires the caller to URL encode the path" do
|
148
|
+
request_line = nil
|
149
|
+
|
150
|
+
response_proc = -> (req, res) {
|
151
|
+
request_line = req.request_line
|
152
|
+
}
|
153
|
+
|
154
|
+
server.start_server(response_proc: response_proc) do |port|
|
155
|
+
http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
|
156
|
+
encoded_url = "https://#{hostname}:#{port}/foo%20bar"
|
157
|
+
http.get(encoded_url)
|
158
|
+
|
159
|
+
if legacy_api
|
160
|
+
expect(request_line).to eq("GET #{encoded_url} HTTP/1.1\r\n")
|
161
|
+
else
|
162
|
+
expect(request_line).to eq("GET /foo%20bar HTTP/1.1\r\n")
|
163
|
+
end
|
164
|
+
end
|
165
|
+
end
|
166
|
+
end
|
167
|
+
|
168
|
+
describe Puppet::Network::HTTP::Connection do
|
169
|
+
it_behaves_like "an HttpPool connection", described_class, true
|
170
|
+
end
|
171
|
+
|
172
|
+
describe Puppet::Network::HTTP::ConnectionAdapter do
|
173
|
+
it_behaves_like "an HttpPool connection", described_class, false
|
174
|
+
end
|
119
175
|
end
|
120
176
|
|
121
177
|
context "when calling HttpPool.connection method" do
|
@@ -76,6 +76,21 @@ describe Puppet::Node::Environment do
|
|
76
76
|
expect(mods[0].path).to eq(File.join(base, "dir1", "mod"))
|
77
77
|
end
|
78
78
|
|
79
|
+
it "should not yield a module with the same name as a defined Bolt project" do
|
80
|
+
project_path = File.join(tmpfile('project'), 'bolt_project')
|
81
|
+
FileUtils.mkdir_p(project_path)
|
82
|
+
project = Struct.new("Project", :name, :path).new('project', project_path)
|
83
|
+
|
84
|
+
Puppet.override(bolt_project: project) do
|
85
|
+
base = tmpfile("base")
|
86
|
+
FileUtils.mkdir_p([File.join(base, 'project'), File.join(base, 'other')])
|
87
|
+
environment = Puppet::Node::Environment.create(:env, [base])
|
88
|
+
mods = environment.modules
|
89
|
+
expect(mods.length).to eq(2)
|
90
|
+
expect(mods.map(&:path)).to eq([project_path, File.join(base, 'other')])
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
79
94
|
shared_examples_for "the environment's initial import" do |settings|
|
80
95
|
it "a manifest referring to a directory invokes parsing of all its files in sorted order" do
|
81
96
|
settings.each do |name, value|
|