puppet 6.12.0-universal-darwin → 6.17.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (412) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -7
  3. data/CONTRIBUTING.md +7 -13
  4. data/Gemfile +4 -2
  5. data/Gemfile.lock +39 -36
  6. data/README.md +18 -25
  7. data/ext/project_data.yaml +1 -1
  8. data/ext/windows/service/daemon.rb +3 -3
  9. data/lib/puppet.rb +52 -13
  10. data/lib/puppet/agent.rb +20 -14
  11. data/lib/puppet/application/agent.rb +26 -17
  12. data/lib/puppet/application/describe.rb +7 -5
  13. data/lib/puppet/application/device.rb +2 -2
  14. data/lib/puppet/application/filebucket.rb +19 -15
  15. data/lib/puppet/application/plugin.rb +1 -0
  16. data/lib/puppet/application/resource.rb +1 -1
  17. data/lib/puppet/application/ssl.rb +4 -4
  18. data/lib/puppet/configurer.rb +65 -69
  19. data/lib/puppet/configurer/plugin_handler.rb +10 -1
  20. data/lib/puppet/confine.rb +1 -1
  21. data/lib/puppet/context/trusted_information.rb +14 -8
  22. data/lib/puppet/daemon.rb +13 -27
  23. data/lib/puppet/defaults.rb +154 -58
  24. data/lib/puppet/environments.rb +27 -20
  25. data/lib/puppet/face/facts.rb +8 -5
  26. data/lib/puppet/face/help.rb +29 -3
  27. data/lib/puppet/face/module/search.rb +5 -0
  28. data/lib/puppet/face/plugin.rb +2 -2
  29. data/lib/puppet/file_serving/http_metadata.rb +14 -2
  30. data/lib/puppet/file_serving/metadata.rb +4 -1
  31. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  32. data/lib/puppet/file_system/file_impl.rb +14 -10
  33. data/lib/puppet/file_system/memory_file.rb +6 -0
  34. data/lib/puppet/file_system/memory_impl.rb +13 -0
  35. data/lib/puppet/file_system/uniquefile.rb +12 -16
  36. data/lib/puppet/file_system/windows.rb +7 -10
  37. data/lib/puppet/forge.rb +1 -1
  38. data/lib/puppet/forge/cache.rb +1 -1
  39. data/lib/puppet/forge/repository.rb +4 -7
  40. data/lib/puppet/functions/call.rb +1 -1
  41. data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
  42. data/lib/puppet/functions/filter.rb +1 -0
  43. data/lib/puppet/functions/reduce.rb +2 -4
  44. data/lib/puppet/http.rb +5 -0
  45. data/lib/puppet/http/client.rb +293 -73
  46. data/lib/puppet/http/errors.rb +2 -0
  47. data/lib/puppet/http/external_client.rb +90 -0
  48. data/lib/puppet/http/redirector.rb +43 -7
  49. data/lib/puppet/http/resolver.rb +46 -3
  50. data/lib/puppet/http/resolver/server_list.rb +76 -16
  51. data/lib/puppet/http/resolver/settings.rb +23 -3
  52. data/lib/puppet/http/resolver/srv.rb +29 -3
  53. data/lib/puppet/http/response.rb +87 -1
  54. data/lib/puppet/http/retry_after_handler.rb +39 -0
  55. data/lib/puppet/http/service.rb +151 -7
  56. data/lib/puppet/http/service/ca.rb +76 -14
  57. data/lib/puppet/http/service/compiler.rb +319 -0
  58. data/lib/puppet/http/service/file_server.rb +206 -0
  59. data/lib/puppet/http/service/report.rb +49 -23
  60. data/lib/puppet/http/session.rb +103 -7
  61. data/lib/puppet/indirector.rb +1 -1
  62. data/lib/puppet/indirector/catalog/compiler.rb +10 -0
  63. data/lib/puppet/indirector/catalog/rest.rb +34 -0
  64. data/lib/puppet/indirector/facts/rest.rb +42 -0
  65. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  66. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  67. data/lib/puppet/indirector/file_content/http.rb +5 -0
  68. data/lib/puppet/indirector/file_content/rest.rb +30 -0
  69. data/lib/puppet/indirector/file_metadata/http.rb +27 -8
  70. data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
  71. data/lib/puppet/indirector/json.rb +1 -1
  72. data/lib/puppet/indirector/msgpack.rb +1 -1
  73. data/lib/puppet/indirector/node/rest.rb +24 -0
  74. data/lib/puppet/indirector/report/rest.rb +19 -0
  75. data/lib/puppet/indirector/report/yaml.rb +23 -0
  76. data/lib/puppet/indirector/request.rb +1 -1
  77. data/lib/puppet/indirector/rest.rb +12 -0
  78. data/lib/puppet/indirector/status/rest.rb +18 -0
  79. data/lib/puppet/loaders.rb +6 -0
  80. data/lib/puppet/metatype/manager.rb +80 -80
  81. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  82. data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
  83. data/lib/puppet/network/http/base_pool.rb +7 -2
  84. data/lib/puppet/network/http/compression.rb +7 -0
  85. data/lib/puppet/network/http/connection.rb +6 -0
  86. data/lib/puppet/network/http/connection_adapter.rb +184 -0
  87. data/lib/puppet/network/http/nocache_pool.rb +2 -0
  88. data/lib/puppet/network/http/pool.rb +13 -6
  89. data/lib/puppet/network/http_pool.rb +2 -1
  90. data/lib/puppet/node/environment.rb +11 -1
  91. data/lib/puppet/pal/catalog_compiler.rb +5 -0
  92. data/lib/puppet/pal/pal_impl.rb +4 -29
  93. data/lib/puppet/parser/ast/leaf.rb +5 -5
  94. data/lib/puppet/parser/ast/pops_bridge.rb +6 -15
  95. data/lib/puppet/parser/compiler.rb +43 -33
  96. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
  97. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
  98. data/lib/puppet/parser/environment_compiler.rb +4 -1
  99. data/lib/puppet/parser/functions.rb +18 -13
  100. data/lib/puppet/parser/functions/filter.rb +1 -0
  101. data/lib/puppet/parser/resource.rb +3 -2
  102. data/lib/puppet/parser/resource/param.rb +6 -0
  103. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  104. data/lib/puppet/pops/evaluator/evaluator_impl.rb +6 -6
  105. data/lib/puppet/pops/issues.rb +5 -0
  106. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
  107. data/lib/puppet/pops/loaders.rb +7 -5
  108. data/lib/puppet/pops/parser/evaluating_parser.rb +5 -7
  109. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
  110. data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
  111. data/lib/puppet/pops/types/type_calculator.rb +24 -0
  112. data/lib/puppet/pops/validation/checker4_0.rb +11 -1
  113. data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
  114. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
  115. data/lib/puppet/provider/aix_object.rb +4 -2
  116. data/lib/puppet/provider/group/aix.rb +1 -0
  117. data/lib/puppet/provider/group/groupadd.rb +57 -24
  118. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  119. data/lib/puppet/provider/package/aix.rb +17 -2
  120. data/lib/puppet/provider/package/apt.rb +78 -4
  121. data/lib/puppet/provider/package/aptitude.rb +1 -1
  122. data/lib/puppet/provider/package/dnfmodule.rb +69 -15
  123. data/lib/puppet/provider/package/dpkg.rb +14 -7
  124. data/lib/puppet/provider/package/fink.rb +20 -3
  125. data/lib/puppet/provider/package/gem.rb +41 -7
  126. data/lib/puppet/provider/package/openbsd.rb +13 -1
  127. data/lib/puppet/provider/package/pacman.rb +2 -5
  128. data/lib/puppet/provider/package/pip.rb +143 -48
  129. data/lib/puppet/provider/package/pip3.rb +0 -2
  130. data/lib/puppet/provider/package/pkg.rb +18 -5
  131. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  132. data/lib/puppet/provider/package/pkgng.rb +16 -4
  133. data/lib/puppet/provider/package/portage.rb +2 -2
  134. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  135. data/lib/puppet/provider/package/rpm.rb +6 -213
  136. data/lib/puppet/provider/package/yum.rb +109 -25
  137. data/lib/puppet/provider/package/zypper.rb +59 -1
  138. data/lib/puppet/provider/service/systemd.rb +22 -4
  139. data/lib/puppet/provider/service/windows.rb +23 -7
  140. data/lib/puppet/provider/user/aix.rb +1 -0
  141. data/lib/puppet/provider/user/directoryservice.rb +30 -5
  142. data/lib/puppet/provider/user/useradd.rb +22 -12
  143. data/lib/puppet/reports/http.rb +15 -9
  144. data/lib/puppet/reports/store.rb +1 -1
  145. data/lib/puppet/resource.rb +2 -1
  146. data/lib/puppet/resource/type.rb +8 -0
  147. data/lib/puppet/resource/type_collection.rb +20 -16
  148. data/lib/puppet/runtime.rb +31 -1
  149. data/lib/puppet/settings.rb +4 -0
  150. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  151. data/lib/puppet/ssl.rb +1 -0
  152. data/lib/puppet/ssl/certificate.rb +2 -1
  153. data/lib/puppet/ssl/host.rb +4 -4
  154. data/lib/puppet/ssl/oids.rb +1 -0
  155. data/lib/puppet/ssl/ssl_context.rb +2 -2
  156. data/lib/puppet/ssl/ssl_provider.rb +20 -1
  157. data/lib/puppet/ssl/state_machine.rb +81 -35
  158. data/lib/puppet/ssl/verifier_adapter.rb +9 -1
  159. data/lib/puppet/test/test_helper.rb +15 -11
  160. data/lib/puppet/transaction/report.rb +2 -2
  161. data/lib/puppet/transaction/resource_harness.rb +1 -1
  162. data/lib/puppet/trusted_external.rb +29 -1
  163. data/lib/puppet/type.rb +18 -6
  164. data/lib/puppet/type/file.rb +51 -13
  165. data/lib/puppet/type/file/checksum.rb +4 -4
  166. data/lib/puppet/type/file/source.rb +51 -60
  167. data/lib/puppet/type/group.rb +2 -2
  168. data/lib/puppet/type/package.rb +102 -10
  169. data/lib/puppet/type/service.rb +55 -8
  170. data/lib/puppet/type/user.rb +3 -28
  171. data/lib/puppet/util.rb +39 -15
  172. data/lib/puppet/util/at_fork.rb +1 -1
  173. data/lib/puppet/util/autoload.rb +4 -18
  174. data/lib/puppet/util/checksums.rb +19 -4
  175. data/lib/puppet/util/fileparsing.rb +2 -2
  176. data/lib/puppet/util/instance_loader.rb +14 -10
  177. data/lib/puppet/util/log/destinations.rb +2 -11
  178. data/lib/puppet/util/package/version/debian.rb +175 -0
  179. data/lib/puppet/util/package/version/gem.rb +15 -0
  180. data/lib/puppet/util/package/version/pip.rb +167 -0
  181. data/lib/puppet/util/package/version/range.rb +53 -0
  182. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  183. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  184. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  185. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  186. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  187. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  188. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  189. data/lib/puppet/util/package/version/rpm.rb +73 -0
  190. data/lib/puppet/util/pidlock.rb +36 -10
  191. data/lib/puppet/util/platform.rb +5 -0
  192. data/lib/puppet/util/plist.rb +6 -0
  193. data/lib/puppet/util/provider_features.rb +1 -1
  194. data/lib/puppet/util/reference.rb +1 -1
  195. data/lib/puppet/util/rpm_compare.rb +193 -0
  196. data/lib/puppet/util/storage.rb +0 -1
  197. data/lib/puppet/util/windows/adsi.rb +2 -2
  198. data/lib/puppet/util/windows/api_types.rb +45 -32
  199. data/lib/puppet/util/windows/eventlog.rb +1 -6
  200. data/lib/puppet/util/windows/principal.rb +8 -6
  201. data/lib/puppet/util/windows/process.rb +15 -14
  202. data/lib/puppet/util/windows/registry.rb +11 -11
  203. data/lib/puppet/util/windows/security.rb +1 -0
  204. data/lib/puppet/util/windows/service.rb +43 -26
  205. data/lib/puppet/util/windows/sid.rb +3 -3
  206. data/lib/puppet/util/windows/user.rb +23 -8
  207. data/lib/puppet/util/yaml.rb +1 -1
  208. data/lib/puppet/version.rb +1 -1
  209. data/locales/puppet.pot +707 -574
  210. data/man/man5/puppet.conf.5 +74 -14
  211. data/man/man8/puppet-agent.8 +7 -7
  212. data/man/man8/puppet-apply.8 +1 -1
  213. data/man/man8/puppet-catalog.8 +1 -1
  214. data/man/man8/puppet-config.8 +1 -1
  215. data/man/man8/puppet-describe.8 +1 -1
  216. data/man/man8/puppet-device.8 +2 -2
  217. data/man/man8/puppet-doc.8 +1 -1
  218. data/man/man8/puppet-epp.8 +1 -1
  219. data/man/man8/puppet-facts.8 +1 -1
  220. data/man/man8/puppet-filebucket.8 +17 -2
  221. data/man/man8/puppet-generate.8 +1 -1
  222. data/man/man8/puppet-help.8 +6 -3
  223. data/man/man8/puppet-key.8 +1 -1
  224. data/man/man8/puppet-lookup.8 +1 -1
  225. data/man/man8/puppet-man.8 +1 -1
  226. data/man/man8/puppet-module.8 +4 -1
  227. data/man/man8/puppet-node.8 +1 -1
  228. data/man/man8/puppet-parser.8 +1 -1
  229. data/man/man8/puppet-plugin.8 +1 -1
  230. data/man/man8/puppet-report.8 +1 -1
  231. data/man/man8/puppet-resource.8 +1 -1
  232. data/man/man8/puppet-script.8 +1 -1
  233. data/man/man8/puppet-ssl.8 +2 -2
  234. data/man/man8/puppet-status.8 +1 -1
  235. data/man/man8/puppet.8 +2 -2
  236. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  237. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  238. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  239. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  240. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
  241. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  242. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  243. data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
  244. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  245. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
  246. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
  247. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
  248. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
  249. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
  250. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
  251. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
  252. data/spec/integration/application/agent_spec.rb +483 -0
  253. data/spec/integration/application/apply_spec.rb +132 -3
  254. data/spec/integration/application/filebucket_spec.rb +190 -0
  255. data/spec/integration/application/plugin_spec.rb +73 -0
  256. data/spec/integration/configurer_spec.rb +26 -7
  257. data/spec/integration/defaults_spec.rb +1 -2
  258. data/spec/integration/http/client_spec.rb +47 -37
  259. data/spec/integration/indirector/facts/facter_spec.rb +4 -0
  260. data/spec/integration/indirector/report/yaml.rb +83 -0
  261. data/spec/integration/module_tool/forge_spec.rb +2 -15
  262. data/spec/integration/network/http_pool_spec.rb +93 -20
  263. data/spec/integration/node/environment_spec.rb +15 -0
  264. data/spec/integration/parser/compiler_spec.rb +11 -0
  265. data/spec/integration/type/file_spec.rb +1 -1
  266. data/spec/integration/util/windows/adsi_spec.rb +6 -1
  267. data/spec/integration/util/windows/registry_spec.rb +7 -7
  268. data/spec/integration/util/windows/user_spec.rb +40 -5
  269. data/spec/lib/puppet/test_ca.rb +2 -2
  270. data/spec/lib/puppet_spec/https.rb +16 -7
  271. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  272. data/spec/shared_contexts/https.rb +29 -0
  273. data/spec/unit/agent_spec.rb +80 -26
  274. data/spec/unit/application/agent_spec.rb +9 -5
  275. data/spec/unit/application/apply_spec.rb +2 -12
  276. data/spec/unit/application/describe_spec.rb +88 -50
  277. data/spec/unit/application/device_spec.rb +2 -2
  278. data/spec/unit/application/filebucket_spec.rb +22 -2
  279. data/spec/unit/application/resource_spec.rb +2 -2
  280. data/spec/unit/configurer/fact_handler_spec.rb +4 -8
  281. data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
  282. data/spec/unit/configurer_spec.rb +17 -18
  283. data/spec/unit/context/trusted_information_spec.rb +25 -2
  284. data/spec/unit/daemon_spec.rb +5 -64
  285. data/spec/unit/defaults_spec.rb +25 -2
  286. data/spec/unit/environments_spec.rb +65 -28
  287. data/spec/unit/face/facts_spec.rb +24 -20
  288. data/spec/unit/face/module/search_spec.rb +17 -0
  289. data/spec/unit/face/plugin_spec.rb +12 -10
  290. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  291. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  292. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  293. data/spec/unit/file_system_spec.rb +26 -2
  294. data/spec/unit/functions/lookup_spec.rb +13 -0
  295. data/spec/unit/http/client_spec.rb +327 -35
  296. data/spec/unit/http/external_client_spec.rb +201 -0
  297. data/spec/unit/http/resolver_spec.rb +34 -2
  298. data/spec/unit/http/response_spec.rb +75 -0
  299. data/spec/unit/http/service/ca_spec.rb +53 -11
  300. data/spec/unit/http/service/compiler_spec.rb +627 -0
  301. data/spec/unit/http/service/file_server_spec.rb +308 -0
  302. data/spec/unit/http/service/report_spec.rb +27 -9
  303. data/spec/unit/http/service_spec.rb +98 -5
  304. data/spec/unit/http/session_spec.rb +190 -7
  305. data/spec/unit/indirector/catalog/compiler_spec.rb +47 -29
  306. data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
  307. data/spec/unit/indirector/facts/rest_spec.rb +79 -24
  308. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  309. data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
  310. data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
  311. data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
  312. data/spec/unit/indirector/node/rest_spec.rb +57 -2
  313. data/spec/unit/indirector/report/rest_spec.rb +58 -51
  314. data/spec/unit/indirector/request_spec.rb +1 -1
  315. data/spec/unit/indirector/resource/ral_spec.rb +7 -8
  316. data/spec/unit/indirector/rest_spec.rb +13 -0
  317. data/spec/unit/indirector/status/rest_spec.rb +43 -2
  318. data/spec/unit/interface_spec.rb +3 -3
  319. data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
  320. data/spec/unit/network/http/connection_spec.rb +559 -175
  321. data/spec/unit/network/http/nocache_pool_spec.rb +25 -3
  322. data/spec/unit/network/http/pool_spec.rb +89 -11
  323. data/spec/unit/network/http_pool_spec.rb +63 -57
  324. data/spec/unit/network/http_spec.rb +1 -1
  325. data/spec/unit/node/environment_spec.rb +16 -0
  326. data/spec/unit/node/facts_spec.rb +2 -1
  327. data/spec/unit/node_spec.rb +7 -4
  328. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  329. data/spec/unit/parser/environment_compiler_spec.rb +7 -0
  330. data/spec/unit/parser/scope_spec.rb +1 -1
  331. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
  332. data/spec/unit/pops/loaders/loaders_spec.rb +1 -1
  333. data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
  334. data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
  335. data/spec/unit/pops/validator/validator_spec.rb +7 -2
  336. data/spec/unit/provider/aix_object_spec.rb +16 -2
  337. data/spec/unit/provider/group/groupadd_spec.rb +181 -56
  338. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  339. data/spec/unit/provider/package/aix_spec.rb +29 -0
  340. data/spec/unit/provider/package/apt_spec.rb +43 -2
  341. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  342. data/spec/unit/provider/package/dnfmodule_spec.rb +76 -15
  343. data/spec/unit/provider/package/dpkg_spec.rb +28 -6
  344. data/spec/unit/provider/package/gem_spec.rb +40 -0
  345. data/spec/unit/provider/package/openbsd_spec.rb +17 -0
  346. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  347. data/spec/unit/provider/package/pip_spec.rb +68 -19
  348. data/spec/unit/provider/package/pkg_spec.rb +15 -1
  349. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  350. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  351. data/spec/unit/provider/package/portage_spec.rb +5 -0
  352. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  353. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  354. data/spec/unit/provider/package/yum_spec.rb +292 -0
  355. data/spec/unit/provider/package/zypper_spec.rb +84 -0
  356. data/spec/unit/provider/service/init_spec.rb +1 -0
  357. data/spec/unit/provider/service/openbsd_spec.rb +9 -0
  358. data/spec/unit/provider/service/openwrt_spec.rb +1 -0
  359. data/spec/unit/provider/service/redhat_spec.rb +9 -0
  360. data/spec/unit/provider/service/systemd_spec.rb +92 -12
  361. data/spec/unit/provider/service/windows_spec.rb +22 -14
  362. data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
  363. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  364. data/spec/unit/provider/user/useradd_spec.rb +43 -24
  365. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  366. data/spec/unit/puppet_pal_2pec.rb +0 -26
  367. data/spec/unit/puppet_pal_catalog_spec.rb +46 -0
  368. data/spec/unit/puppet_spec.rb +47 -0
  369. data/spec/unit/reports/http_spec.rb +70 -52
  370. data/spec/unit/resource_spec.rb +3 -3
  371. data/spec/unit/settings/autosign_setting_spec.rb +1 -1
  372. data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
  373. data/spec/unit/ssl/certificate_spec.rb +7 -0
  374. data/spec/unit/ssl/host_spec.rb +4 -2
  375. data/spec/unit/ssl/oids_spec.rb +1 -0
  376. data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
  377. data/spec/unit/ssl/state_machine_spec.rb +99 -13
  378. data/spec/unit/test/test_helper_spec.rb +17 -0
  379. data/spec/unit/transaction/persistence_spec.rb +1 -10
  380. data/spec/unit/transaction/report_spec.rb +5 -1
  381. data/spec/unit/transaction_spec.rb +0 -2
  382. data/spec/unit/type/file/ensure_spec.rb +1 -2
  383. data/spec/unit/type/file/source_spec.rb +89 -38
  384. data/spec/unit/type/file_spec.rb +122 -96
  385. data/spec/unit/type/package_spec.rb +8 -0
  386. data/spec/unit/type/service_spec.rb +185 -8
  387. data/spec/unit/type/user_spec.rb +1 -2
  388. data/spec/unit/type_spec.rb +50 -0
  389. data/spec/unit/util/at_fork_spec.rb +3 -2
  390. data/spec/unit/util/autoload_spec.rb +2 -1
  391. data/spec/unit/util/checksums_spec.rb +16 -0
  392. data/spec/unit/util/log/destinations_spec.rb +1 -29
  393. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  394. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  395. data/spec/unit/util/package/version/range_spec.rb +175 -0
  396. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  397. data/spec/unit/util/pidlock_spec.rb +112 -42
  398. data/spec/unit/util/plist_spec.rb +20 -0
  399. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  400. data/spec/unit/util/storage_spec.rb +1 -8
  401. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  402. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  403. data/spec/unit/util/windows/service_spec.rb +4 -4
  404. data/spec/unit/util/windows/sid_spec.rb +2 -2
  405. data/spec/unit/util_spec.rb +3 -3
  406. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  407. data/tasks/generate_cert_fixtures.rake +15 -1
  408. data/tasks/manpages.rake +5 -35
  409. metadata +73 -12
  410. data/COMMITTERS.md +0 -244
  411. data/spec/integration/faces/plugin_spec.rb +0 -61
  412. data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -29,8 +29,17 @@ class Puppet::Configurer::PluginHandler
29
29
  result += plugin_fact_downloader.evaluate
30
30
  result += plugin_downloader.evaluate
31
31
 
32
+ # until file metadata/content are using the rest client, we need to check
33
+ # both :server_agent_version and the session to see if the server supports
34
+ # the "locales" mount
32
35
  server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
33
- if Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
36
+ locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
37
+ unless locales
38
+ session = Puppet.lookup(:http_session)
39
+ locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
40
+ end
41
+
42
+ if locales
34
43
  locales_downloader = Puppet::Configurer::Downloader.new(
35
44
  "locales",
36
45
  Puppet[:localedest],
@@ -26,7 +26,7 @@ class Puppet::Confine
26
26
  require "puppet/confine/#{name}"
27
27
  rescue LoadError => detail
28
28
  unless detail.to_s =~ /No such file|cannot load such file/i
29
- warn "Could not load confine test '#{name}': #{detail}"
29
+ Puppet.warning("Could not load confine test '#{name}': #{detail}")
30
30
  end
31
31
  # Could not find file
32
32
  if !Puppet[:always_retry_plugins]
@@ -29,11 +29,6 @@ class Puppet::Context::TrustedInformation
29
29
  # @return [String]
30
30
  attr_reader :hostname
31
31
 
32
- # Additional external facts loaded through `trusted_external_command`.
33
- #
34
- # @return [Hash]
35
- attr_reader :external
36
-
37
32
  def initialize(authenticated, certname, extensions, external = {})
38
33
  @authenticated = authenticated.freeze
39
34
  @certname = certname.freeze
@@ -46,11 +41,11 @@ class Puppet::Context::TrustedInformation
46
41
  end
47
42
  @hostname = hostname.freeze
48
43
  @domain = domain.freeze
49
- @external = external.freeze
44
+ @external = external.is_a?(Proc) ? external : external.freeze
50
45
  end
51
46
 
52
47
  def self.remote(authenticated, node_name, certificate)
53
- external = retrieve_trusted_external(node_name)
48
+ external = proc { retrieve_trusted_external(node_name) }
54
49
 
55
50
  if authenticated
56
51
  extensions = {}
@@ -70,8 +65,19 @@ class Puppet::Context::TrustedInformation
70
65
  def self.local(node)
71
66
  # Always trust local data by picking up the available parameters.
72
67
  client_cert = node ? node.parameters['clientcert'] : nil
68
+ external = proc { retrieve_trusted_external(client_cert) }
69
+
70
+ new('local', client_cert, {}, external)
71
+ end
73
72
 
74
- new('local', client_cert, {}, retrieve_trusted_external(client_cert))
73
+ # Additional external facts loaded through `trusted_external_command`.
74
+ #
75
+ # @return [Hash]
76
+ def external
77
+ if @external.is_a?(Proc)
78
+ @external = @external.call.freeze
79
+ end
80
+ @external
75
81
  end
76
82
 
77
83
  def self.retrieve_trusted_external(certname)
@@ -1,19 +1,15 @@
1
1
  require 'puppet/application'
2
2
  require 'puppet/scheduler'
3
3
 
4
- # Run periodic actions and a network server in a daemonized process.
4
+ # Run periodic actions in a daemonized process.
5
5
  #
6
- # A Daemon has 3 parts:
6
+ # A Daemon has 2 parts:
7
7
  # * config reparse
8
- # * (optional) an agent that responds to #run
9
- # * (optional) a server that response to #stop, #start, and #wait_for_shutdown
8
+ # * an agent that responds to #run
10
9
  #
11
- # The config reparse will occur periodically based on Settings. The server will
12
- # be started and is expected to manage its own run loop (and so not block the
13
- # start call). The server will, however, still be waited for by using the
14
- # #wait_for_shutdown method. The agent is run periodically and a time interval
15
- # based on Settings. The config reparse will update this time interval when
16
- # needed.
10
+ # The config reparse will occur periodically based on Settings. The agent
11
+ # is run periodically and a time interval based on Settings. The config
12
+ # reparse will update this time interval when needed.
17
13
  #
18
14
  # The Daemon is also responsible for signal handling, starting, stopping,
19
15
  # running the agent on demand, and reloading the entire process. It ensures
@@ -23,12 +19,14 @@ require 'puppet/scheduler'
23
19
  class Puppet::Daemon
24
20
  SIGNAL_CHECK_INTERVAL = 5
25
21
 
26
- attr_accessor :agent, :server, :argv
27
- attr_reader :signals
22
+ attr_accessor :argv
23
+ attr_reader :signals, :agent
28
24
 
29
- def initialize(pidfile, scheduler = Puppet::Scheduler::Scheduler.new())
25
+ def initialize(agent, pidfile, scheduler = Puppet::Scheduler::Scheduler.new())
26
+ raise Puppet::DevError, _("Daemons must have an agent") unless agent
30
27
  @scheduler = scheduler
31
28
  @pidfile = pidfile
29
+ @agent = agent
32
30
  @signals = []
33
31
  end
34
32
 
@@ -88,7 +86,6 @@ class Puppet::Daemon
88
86
  end
89
87
 
90
88
  def reload
91
- return unless agent
92
89
  agent.run({:splay => false})
93
90
  rescue Puppet::LockError
94
91
  Puppet.notice "Not triggering already-running agent"
@@ -96,7 +93,7 @@ class Puppet::Daemon
96
93
 
97
94
  def restart
98
95
  Puppet::Application.restart!
99
- reexec unless agent and agent.running?
96
+ reexec
100
97
  end
101
98
 
102
99
  def reopen_logs
@@ -129,8 +126,6 @@ class Puppet::Daemon
129
126
  def stop(args = {:exit => true})
130
127
  Puppet::Application.stop!
131
128
 
132
- server.stop if server
133
-
134
129
  remove_pidfile
135
130
 
136
131
  Puppet::Util::Log.close_all
@@ -140,16 +135,7 @@ class Puppet::Daemon
140
135
 
141
136
  def start
142
137
  create_pidfile
143
-
144
- raise Puppet::DevError, _("Daemons must have an agent, server, or both") unless agent or server
145
-
146
- # Start the listening server, if required.
147
- server.start if server
148
-
149
- # Finally, loop forever running events - or, at least, until we exit.
150
138
  run_event_loop
151
-
152
- server.wait_for_shutdown if server
153
139
  end
154
140
 
155
141
  private
@@ -165,6 +151,7 @@ class Puppet::Daemon
165
151
  @pidfile.unlock
166
152
  end
167
153
 
154
+ # Loop forever running events - or, at least, until we exit.
168
155
  def run_event_loop
169
156
  agent_run = Puppet::Scheduler.create_job(Puppet[:runinterval], Puppet[:splay], Puppet[:splaylimit]) do
170
157
  # Splay for the daemon is handled in the scheduler
@@ -189,7 +176,6 @@ class Puppet::Daemon
189
176
  end
190
177
 
191
178
  reparse_run.disable if Puppet[:filetimeout] == 0
192
- agent_run.disable unless agent
193
179
 
194
180
  @scheduler.run_loop([reparse_run, agent_run, signal_loop])
195
181
  end
@@ -65,26 +65,33 @@ module Puppet
65
65
 
66
66
  AS_DURATION = %q{This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y).}
67
67
 
68
- define_settings(:main,
69
- :facterng => {
68
+ # @api public
69
+ # @param args [Puppet::Settings] the settings object to define default settings for
70
+ # @return void
71
+ def self.initialize_default_settings!(settings)
72
+ settings.define_settings(:main,
73
+ :facterng => {
70
74
  :default => false,
71
75
  :type => :boolean,
72
76
  :desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
73
77
  the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
74
- This setting is still experimental and has been only included on Windows builds',
78
+ This setting is still experimental.',
75
79
  :hook => proc do |value|
76
- if value && Puppet::Util::Platform.windows?
77
- begin
78
- require 'facter-ng'
79
- rescue LoadError
80
- raise ArgumentError, 'facter-ng could not be loaded'
81
- end
82
- end
83
- end
84
- }
85
- )
86
-
87
- define_settings(:main,
80
+ if value
81
+ begin
82
+ original_facter = Object.const_get(:Facter)
83
+ Object.send(:remove_const, :Facter)
84
+
85
+ require 'facter-ng'
86
+ # It is required to re-setup logger for facter-ng
87
+ Puppet::Util::Logging.setup_facter_logging!
88
+ rescue LoadError
89
+ Object.const_set(:Facter, original_facter)
90
+ raise ArgumentError, 'facter-ng could not be loaded'
91
+ end
92
+ end
93
+ end
94
+ },
88
95
  :confdir => {
89
96
  :default => nil,
90
97
  :type => :directory,
@@ -121,7 +128,7 @@ module Puppet
121
128
  }
122
129
  )
123
130
 
124
- define_settings(:main,
131
+ settings.define_settings(:main,
125
132
  :logdir => {
126
133
  :default => nil,
127
134
  :type => :directory,
@@ -168,8 +175,8 @@ module Puppet
168
175
  valid = %w[deprecations undefined_variables undefined_resources]
169
176
  invalid = values - (values & valid)
170
177
  if not invalid.empty?
171
- raise ArgumentError, _("Cannot disable unrecognized warning types %{invalid}.") % { invalid: invalid.inspect } +
172
- ' ' + _("Valid values are %{values}.") % { values: valid.inspect}
178
+ raise ArgumentError, _("Cannot disable unrecognized warning types '%{invalid}'.") % { invalid: invalid.join(',') } +
179
+ ' ' + _("Valid values are '%{values}'.") % { values: valid.join(', ') }
173
180
  end
174
181
  end
175
182
  },
@@ -225,7 +232,7 @@ module Puppet
225
232
  }
226
233
  )
227
234
 
228
- define_settings(:main,
235
+ settings.define_settings(:main,
229
236
  :priority => {
230
237
  :default => nil,
231
238
  :type => :priority,
@@ -263,6 +270,13 @@ module Puppet
263
270
  major releases of Puppet. Should be used with caution, as in development
264
271
  features are experimental and can have unexpected effects."
265
272
  },
273
+ :versioned_environment_dirs => {
274
+ :default => false,
275
+ :type => :boolean,
276
+ :desc => "Whether or not to look for versioned environment directories,
277
+ symlinked from `$environmentpath/<environment>`. This is an experimental
278
+ feature and should be used with caution."
279
+ },
266
280
  :static_catalogs => {
267
281
  :default => true,
268
282
  :type => :boolean,
@@ -333,8 +347,7 @@ module Puppet
333
347
  :default => "ansi",
334
348
  :type => :string,
335
349
  :desc => "Whether to use colors when logging to the console. Valid values are
336
- `ansi` (equivalent to `true`), `html`, and `false`, which produces no color.
337
- Defaults to false on Windows, as its console does not support ansi colors.",
350
+ `ansi` (equivalent to `true`), `html`, and `false`, which produces no color."
338
351
  },
339
352
  :mkusers => {
340
353
  :default => false,
@@ -541,12 +554,12 @@ module Puppet
541
554
  :hiera_config => {
542
555
  :default => lambda do
543
556
  config = nil
544
- codedir = Puppet.settings[:codedir]
557
+ codedir = settings[:codedir]
545
558
  if codedir.is_a?(String)
546
559
  config = File.expand_path(File.join(codedir, 'hiera.yaml'))
547
560
  config = nil unless Puppet::FileSystem.exist?(config)
548
561
  end
549
- config = File.expand_path(File.join(Puppet.settings[:confdir], 'hiera.yaml')) if config.nil?
562
+ config = File.expand_path(File.join(settings[:confdir], 'hiera.yaml')) if config.nil?
550
563
  config
551
564
  end,
552
565
  :desc => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet master every time you edit it.",
@@ -576,13 +589,22 @@ module Puppet
576
589
  },
577
590
  :trusted_external_command => {
578
591
  :default => nil,
579
- :desc => "The external trusted facts script to use.
592
+ :type => :file_or_directory,
593
+ :desc => "The external trusted facts script or directory to use.
580
594
  This setting's value can be set to the path to an executable command that
581
- can produce external trusted facts. The command must:
595
+ can produce external trusted facts or to a directory containing those
596
+ executable commands. The command(s) must:
582
597
 
583
598
  * Take the name of a node as a command-line argument.
584
599
  * Return a JSON hash with the external trusted facts for this node.
585
- * For unknown or invalid nodes, exit with a non-zero exit code.",
600
+ * For unknown or invalid nodes, exit with a non-zero exit code.
601
+
602
+ If the setting points to an executable command, then the external trusted
603
+ facts will be stored in the 'external' key of the trusted facts hash. Otherwise
604
+ for each executable file in the directory, the external trusted facts will be
605
+ stored in the `<basename>` key of the `trusted['external']` hash. For example,
606
+ if the files foo.rb and bar.sh are in the directory, then `trusted['external']`
607
+ will be the hash `{ 'foo' => <foo.rb output>, 'bar' => <bar.sh output> }`.",
586
608
  },
587
609
  :default_file_terminus => {
588
610
  :type => :terminus,
@@ -610,7 +632,7 @@ module Puppet
610
632
  :http_proxy_password =>{
611
633
  :default => "none",
612
634
  :hook => proc do |value|
613
- if Puppet.settings[:http_proxy_password] =~ /[@!# \/]/
635
+ if settings[:http_proxy_password] =~ /[@!# \/]/
614
636
  raise "Passwords set in the http_proxy_password setting must be valid as part of a URL, and any reserved characters must be URL-encoded. We received: #{value}"
615
637
  end
616
638
  end,
@@ -754,7 +776,7 @@ API to expire the cache as needed
754
776
  }
755
777
  )
756
778
 
757
- Puppet.define_settings(:module_tool,
779
+ settings.define_settings(:module_tool,
758
780
  :module_repository => {
759
781
  :default => 'https://forgeapi.puppet.com',
760
782
  :desc => "The module repository",
@@ -773,7 +795,7 @@ API to expire the cache as needed
773
795
  }
774
796
  )
775
797
 
776
- Puppet.define_settings(
798
+ settings.define_settings(
777
799
  :main,
778
800
 
779
801
  # We have to downcase the fqdn, because the current ssl stuff (as opposed to in master) doesn't have good facilities for
@@ -854,13 +876,17 @@ This is useful for embedding a pre-shared key for autosigning policy executables
854
876
  ("challenge password") OID.
855
877
 
856
878
  Extension requests will be permanently embedded in the final certificate.
857
- Extension OIDs must be in the "ppRegCertExt" (`1.3.6.1.4.1.34380.1.1`) or
858
- "ppPrivCertExt" (`1.3.6.1.4.1.34380.1.2`) OID arcs. The ppRegCertExt arc is
879
+ Extension OIDs must be in the "ppRegCertExt" (`1.3.6.1.4.1.34380.1.1`),
880
+ "ppPrivCertExt" (`1.3.6.1.4.1.34380.1.2`), or
881
+ "ppAuthCertExt" (`1.3.6.1.4.1.34380.1.3`) OID arcs. The ppRegCertExt arc is
859
882
  reserved for four of the most common pieces of data to embed: `pp_uuid` (`.1`),
860
883
  `pp_instance_id` (`.2`), `pp_image_name` (`.3`), and `pp_preshared_key` (`.4`)
861
884
  --- in the YAML file, these can be referred to by their short descriptive names
862
885
  instead of their full OID. The ppPrivCertExt arc is unregulated, and can be used
863
- for site-specific extensions.
886
+ for site-specific extensions. The ppAuthCert arc is reserved for two pieces of
887
+ data to embed: `pp_authorization` (`.1`) and `pp_auth_role` (`.13`). As with
888
+ ppRegCertExt, in the YAML file, these can be referred to by their short
889
+ descriptive name instead of their full OID.
864
890
  EOT
865
891
  },
866
892
  :certdir => {
@@ -974,6 +1000,15 @@ EOT
974
1000
  and reject the CA certificate if the values do not match. This only applies
975
1001
  during the first download of the CA certificate."
976
1002
  },
1003
+ :ssl_trust_store => {
1004
+ :default => nil,
1005
+ :type => :file,
1006
+ :desc => "A file containing CA certificates in PEM format that puppet should trust
1007
+ when making HTTPS requests. This **only** applies to https requests to non-puppet
1008
+ infrastructure, such as retrieving file metadata and content from https file sources,
1009
+ puppet module tool and the 'http' report processor. This setting is ignored when
1010
+ making requests to puppet:// URLs such as catalog and report requests.",
1011
+ },
977
1012
  :ssl_client_ca_auth => {
978
1013
  :type => :file,
979
1014
  :mode => "0644",
@@ -1080,7 +1115,7 @@ EOT
1080
1115
  }
1081
1116
  )
1082
1117
 
1083
- define_settings(
1118
+ settings.define_settings(
1084
1119
  :ca,
1085
1120
  :ca_name => {
1086
1121
  :default => "Puppet CA: $certname",
@@ -1152,7 +1187,7 @@ EOT
1152
1187
  the request.
1153
1188
 
1154
1189
  For info on autosign configuration files, see
1155
- [the guide to Puppet's config files](https://puppet.com/docs/puppet/latest/config_about_settings.html).",
1190
+ [the guide to Puppet's config files](https://puppet.com/docs/puppet/latest/config_file_autosign.html).",
1156
1191
  },
1157
1192
  :allow_duplicate_certs => {
1158
1193
  :default => false,
@@ -1198,7 +1233,7 @@ EOT
1198
1233
 
1199
1234
  # Define the config default.
1200
1235
 
1201
- define_settings(:application,
1236
+ settings.define_settings(:application,
1202
1237
  :config_file_name => {
1203
1238
  :type => :string,
1204
1239
  :default => Puppet::Settings.default_config_file_name,
@@ -1223,7 +1258,7 @@ EOT
1223
1258
  },
1224
1259
  )
1225
1260
 
1226
- define_settings(:environment,
1261
+ settings.define_settings(:environment,
1227
1262
  :manifest => {
1228
1263
  :default => nil,
1229
1264
  :type => :file_or_directory,
@@ -1266,7 +1301,7 @@ EOT
1266
1301
  }
1267
1302
  )
1268
1303
 
1269
- define_settings(:master,
1304
+ settings.define_settings(:master,
1270
1305
  :user => {
1271
1306
  :default => "puppet",
1272
1307
  :desc => "The user Puppet Server will run as. Used to ensure
@@ -1323,13 +1358,23 @@ EOT
1323
1358
  overridden by more specific settings (see `ca_port`, `report_port`).",
1324
1359
  },
1325
1360
  :node_name => {
1326
- :default => "cert",
1361
+ :default => 'cert',
1362
+ :type => :enum,
1363
+ :values => ['cert', 'facter'],
1364
+ :deprecated => :completely,
1365
+ :hook => proc { |val|
1366
+ if val != 'cert'
1367
+ Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
1368
+ end
1369
+ },
1327
1370
  :desc => "How the puppet master determines the client's identity
1328
1371
  and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
1329
1372
  in particular for determining which 'node' statement applies to the client.
1330
1373
  Possible values are 'cert' (use the subject's CN in the client's
1331
1374
  certificate) and 'facter' (use the hostname that the client
1332
- reported in its facts)",
1375
+ reported in its facts).
1376
+
1377
+ This setting is deprecated, please use explicit fact matching for classification.",
1333
1378
  },
1334
1379
  :bucketdir => {
1335
1380
  :default => "$vardir/bucket",
@@ -1452,14 +1497,23 @@ EOT
1452
1497
  :desc => "Where the fileserver configuration is stored.",
1453
1498
  },
1454
1499
  :strict_hostname_checking => {
1455
- :default => false,
1500
+ :default => true,
1501
+ :type => :boolean,
1456
1502
  :desc => "Whether to only search for the complete
1457
- hostname as it is in the certificate when searching for node information
1458
- in the catalogs.",
1503
+ hostname as it is in the certificate when searching for node information
1504
+ in the catalogs or to match dot delimited segments of the cert's certname
1505
+ and the hostname, fqdn, and/or domain facts.
1506
+
1507
+ This setting is deprecated and will be removed in a future release.",
1508
+ :hook => proc { |val|
1509
+ if val != true
1510
+ Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
1511
+ end
1512
+ }
1459
1513
  }
1460
1514
  )
1461
1515
 
1462
- define_settings(:device,
1516
+ settings.define_settings(:device,
1463
1517
  :devicedir => {
1464
1518
  :default => "$vardir/devices",
1465
1519
  :type => :directory,
@@ -1474,7 +1528,7 @@ EOT
1474
1528
  }
1475
1529
  )
1476
1530
 
1477
- define_settings(:agent,
1531
+ settings.define_settings(:agent,
1478
1532
  :node_name_value => {
1479
1533
  :default => "$certname",
1480
1534
  :desc => "The explicit value used for the node name for all requests the agent
@@ -1499,7 +1553,7 @@ EOT
1499
1553
  :statefile => {
1500
1554
  :default => "$statedir/state.yaml",
1501
1555
  :type => :file,
1502
- :mode => "0660",
1556
+ :mode => "0640",
1503
1557
  :desc => "Where puppet agent and puppet master store state associated
1504
1558
  with the running configuration. In the case of puppet master,
1505
1559
  this file reflects the state discovered through interacting
@@ -1521,7 +1575,7 @@ EOT
1521
1575
  :transactionstorefile => {
1522
1576
  :default => "$statedir/transactionstore.yaml",
1523
1577
  :type => :file,
1524
- :mode => "0660",
1578
+ :mode => "0640",
1525
1579
  :desc => "Transactional storage file for persisting data between
1526
1580
  transactions for the purposes of infering information (such as
1527
1581
  corrective_change) on new data received."
@@ -1599,6 +1653,12 @@ EOT
1599
1653
  :default => lambda { Puppet::Settings.domain_fact },
1600
1654
  :desc => "The domain which will be queried to find the SRV records of servers to use.",
1601
1655
  },
1656
+ :http_extra_headers => {
1657
+ :default => [],
1658
+ :type => :http_extra_headers,
1659
+ :desc => "The list of extra headers that will be sent with http requests to the master.
1660
+ The header definition consists of a name and a value separated by a colon."
1661
+ },
1602
1662
  :ignoreschedules => {
1603
1663
  :default => false,
1604
1664
  :type => :boolean,
@@ -1755,10 +1815,27 @@ EOT
1755
1815
  :type => :boolean,
1756
1816
  :desc => "Whether to send reports after every transaction.",
1757
1817
  },
1818
+ :report_include_system_store => {
1819
+ :default => false,
1820
+ :type => :boolean,
1821
+ :desc => "Whether the 'http' report processor should include the system
1822
+ certificate store when submitting reports to HTTPS URLs. If false, then
1823
+ the 'http' processor will only trust HTTPS report servers whose certificates
1824
+ are issued by the puppet CA or one of its intermediate CAs. If true, the
1825
+ processor will additionally trust CA certificates in the system's
1826
+ certificate store."
1827
+ },
1758
1828
  :resubmit_facts => {
1759
1829
  :default => false,
1760
1830
  :type => :boolean,
1761
- :desc => "Whether to send updated facts after every transaction.",
1831
+ :desc => "Whether to send updated facts after every transaction. By default
1832
+ puppet only submits facts at the beginning of the transaction before applying a
1833
+ catalog. Since puppet can modify the state of the system, the value of the facts
1834
+ may change after puppet finishes. Therefore, any facts stored in puppetdb may not
1835
+ be consistent until the agent next runs, typically in 30 minutes. If this feature
1836
+ is enabled, puppet will resubmit facts after applying its catalog, ensuring facts
1837
+ for the node stored in puppetdb are current. However, this will double the fact
1838
+ submission load on puppetdb, so it is disabled by default.",
1762
1839
  },
1763
1840
  :lastrunfile => {
1764
1841
  :default => "$statedir/last_run_summary.yaml",
@@ -1822,12 +1899,31 @@ EOT
1822
1899
  certificate request to be signed. A value of `unlimited` will cause puppet agent
1823
1900
  to ask for a signed certificate indefinitely.
1824
1901
  #{AS_DURATION}",
1902
+ },
1903
+ :waitforlock => {
1904
+ :default => "0",
1905
+ :type => :duration,
1906
+ :desc => "How frequently puppet agent should try running when there is an
1907
+ already ongoing puppet agent instance.
1908
+
1909
+ This argument is by default disabled (value set to 0). In this case puppet agent will
1910
+ immediately exit if it cannot run at that moment. When a value other than 0 is set, this
1911
+ can also be used in combination with the `maxwaitforlock` argument.
1912
+ #{AS_DURATION}",
1913
+ },
1914
+ :maxwaitforlock => {
1915
+ :default => "1m",
1916
+ :type => :ttl,
1917
+ :desc => "The maximum amount of time the puppet agent should wait for an
1918
+ already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
1919
+ A value of `unlimited` will cause puppet agent to wait indefinitely.
1920
+ #{AS_DURATION}",
1825
1921
  }
1826
1922
  )
1827
1923
 
1828
1924
  # Plugin information.
1829
1925
 
1830
- define_settings(
1926
+ settings.define_settings(
1831
1927
  :main,
1832
1928
  :plugindest => {
1833
1929
  :type => :directory,
@@ -1870,7 +1966,7 @@ EOT
1870
1966
 
1871
1967
  # Central fact information.
1872
1968
 
1873
- define_settings(
1969
+ settings.define_settings(
1874
1970
  :main,
1875
1971
  :factpath => {
1876
1972
  :type => :path,
@@ -1887,7 +1983,7 @@ EOT
1887
1983
  }
1888
1984
  )
1889
1985
 
1890
- define_settings(
1986
+ settings.define_settings(
1891
1987
  :transaction,
1892
1988
  :tags => {
1893
1989
  :default => "",
@@ -1915,7 +2011,7 @@ EOT
1915
2011
  }
1916
2012
  )
1917
2013
 
1918
- define_settings(
2014
+ settings.define_settings(
1919
2015
  :main,
1920
2016
  :external_nodes => {
1921
2017
  :default => "none",
@@ -1940,7 +2036,7 @@ EOT
1940
2036
  }
1941
2037
  )
1942
2038
 
1943
- define_settings(
2039
+ settings.define_settings(
1944
2040
  :ldap,
1945
2041
  :ldapssl => {
1946
2042
  :default => false,
@@ -2009,7 +2105,7 @@ EOT
2009
2105
  }
2010
2106
  )
2011
2107
 
2012
- define_settings(:master,
2108
+ settings.define_settings(:master,
2013
2109
  :storeconfigs => {
2014
2110
  :default => false,
2015
2111
  :type => :boolean,
@@ -2027,7 +2123,7 @@ EOT
2027
2123
  require 'puppet/node/facts'
2028
2124
  if value
2029
2125
  Puppet::Resource::Catalog.indirection.set_global_setting(:cache_class, :store_configs)
2030
- Puppet.settings.override_default(:catalog_cache_terminus, :store_configs)
2126
+ settings.override_default(:catalog_cache_terminus, :store_configs)
2031
2127
  Puppet::Node::Facts.indirection.set_global_setting(:cache_class, :store_configs)
2032
2128
  Puppet::Resource.indirection.set_global_setting(:terminus_class, :store_configs)
2033
2129
  end
@@ -2042,7 +2138,7 @@ EOT
2042
2138
  }
2043
2139
  )
2044
2140
 
2045
- define_settings(:parser,
2141
+ settings.define_settings(:parser,
2046
2142
  :max_errors => {
2047
2143
  :default => 10,
2048
2144
  :desc => <<-'EOT'
@@ -2094,7 +2190,7 @@ EOT
2094
2190
  EOT
2095
2191
  }
2096
2192
  )
2097
- define_settings(:puppetdoc,
2193
+ settings.define_settings(:puppetdoc,
2098
2194
  :document_all => {
2099
2195
  :default => false,
2100
2196
  :type => :boolean,
@@ -2103,7 +2199,7 @@ EOT
2103
2199
  }
2104
2200
  )
2105
2201
 
2106
- define_settings(
2202
+ settings.define_settings(
2107
2203
  :main,
2108
2204
  :rich_data => {
2109
2205
  :default => true,
@@ -2120,5 +2216,5 @@ EOT
2120
2216
  EOT
2121
2217
  }
2122
2218
  )
2123
-
2219
+ end
2124
2220
  end