puppet 6.12.0-x86-mingw32 → 6.17.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (412) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -7
  3. data/CONTRIBUTING.md +7 -13
  4. data/Gemfile +4 -2
  5. data/Gemfile.lock +39 -36
  6. data/README.md +18 -25
  7. data/ext/project_data.yaml +1 -1
  8. data/ext/windows/service/daemon.rb +3 -3
  9. data/lib/puppet.rb +52 -13
  10. data/lib/puppet/agent.rb +20 -14
  11. data/lib/puppet/application/agent.rb +26 -17
  12. data/lib/puppet/application/describe.rb +7 -5
  13. data/lib/puppet/application/device.rb +2 -2
  14. data/lib/puppet/application/filebucket.rb +19 -15
  15. data/lib/puppet/application/plugin.rb +1 -0
  16. data/lib/puppet/application/resource.rb +1 -1
  17. data/lib/puppet/application/ssl.rb +4 -4
  18. data/lib/puppet/configurer.rb +65 -69
  19. data/lib/puppet/configurer/plugin_handler.rb +10 -1
  20. data/lib/puppet/confine.rb +1 -1
  21. data/lib/puppet/context/trusted_information.rb +14 -8
  22. data/lib/puppet/daemon.rb +13 -27
  23. data/lib/puppet/defaults.rb +154 -58
  24. data/lib/puppet/environments.rb +27 -20
  25. data/lib/puppet/face/facts.rb +8 -5
  26. data/lib/puppet/face/help.rb +29 -3
  27. data/lib/puppet/face/module/search.rb +5 -0
  28. data/lib/puppet/face/plugin.rb +2 -2
  29. data/lib/puppet/file_serving/http_metadata.rb +14 -2
  30. data/lib/puppet/file_serving/metadata.rb +4 -1
  31. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  32. data/lib/puppet/file_system/file_impl.rb +14 -10
  33. data/lib/puppet/file_system/memory_file.rb +6 -0
  34. data/lib/puppet/file_system/memory_impl.rb +13 -0
  35. data/lib/puppet/file_system/uniquefile.rb +12 -16
  36. data/lib/puppet/file_system/windows.rb +7 -10
  37. data/lib/puppet/forge.rb +1 -1
  38. data/lib/puppet/forge/cache.rb +1 -1
  39. data/lib/puppet/forge/repository.rb +4 -7
  40. data/lib/puppet/functions/call.rb +1 -1
  41. data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
  42. data/lib/puppet/functions/filter.rb +1 -0
  43. data/lib/puppet/functions/reduce.rb +2 -4
  44. data/lib/puppet/http.rb +5 -0
  45. data/lib/puppet/http/client.rb +293 -73
  46. data/lib/puppet/http/errors.rb +2 -0
  47. data/lib/puppet/http/external_client.rb +90 -0
  48. data/lib/puppet/http/redirector.rb +43 -7
  49. data/lib/puppet/http/resolver.rb +46 -3
  50. data/lib/puppet/http/resolver/server_list.rb +76 -16
  51. data/lib/puppet/http/resolver/settings.rb +23 -3
  52. data/lib/puppet/http/resolver/srv.rb +29 -3
  53. data/lib/puppet/http/response.rb +87 -1
  54. data/lib/puppet/http/retry_after_handler.rb +39 -0
  55. data/lib/puppet/http/service.rb +151 -7
  56. data/lib/puppet/http/service/ca.rb +76 -14
  57. data/lib/puppet/http/service/compiler.rb +319 -0
  58. data/lib/puppet/http/service/file_server.rb +206 -0
  59. data/lib/puppet/http/service/report.rb +49 -23
  60. data/lib/puppet/http/session.rb +103 -7
  61. data/lib/puppet/indirector.rb +1 -1
  62. data/lib/puppet/indirector/catalog/compiler.rb +10 -0
  63. data/lib/puppet/indirector/catalog/rest.rb +34 -0
  64. data/lib/puppet/indirector/facts/rest.rb +42 -0
  65. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  66. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  67. data/lib/puppet/indirector/file_content/http.rb +5 -0
  68. data/lib/puppet/indirector/file_content/rest.rb +30 -0
  69. data/lib/puppet/indirector/file_metadata/http.rb +27 -8
  70. data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
  71. data/lib/puppet/indirector/json.rb +1 -1
  72. data/lib/puppet/indirector/msgpack.rb +1 -1
  73. data/lib/puppet/indirector/node/rest.rb +24 -0
  74. data/lib/puppet/indirector/report/rest.rb +19 -0
  75. data/lib/puppet/indirector/report/yaml.rb +23 -0
  76. data/lib/puppet/indirector/request.rb +1 -1
  77. data/lib/puppet/indirector/rest.rb +12 -0
  78. data/lib/puppet/indirector/status/rest.rb +18 -0
  79. data/lib/puppet/loaders.rb +6 -0
  80. data/lib/puppet/metatype/manager.rb +80 -80
  81. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  82. data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
  83. data/lib/puppet/network/http/base_pool.rb +7 -2
  84. data/lib/puppet/network/http/compression.rb +7 -0
  85. data/lib/puppet/network/http/connection.rb +6 -0
  86. data/lib/puppet/network/http/connection_adapter.rb +184 -0
  87. data/lib/puppet/network/http/nocache_pool.rb +2 -0
  88. data/lib/puppet/network/http/pool.rb +13 -6
  89. data/lib/puppet/network/http_pool.rb +2 -1
  90. data/lib/puppet/node/environment.rb +11 -1
  91. data/lib/puppet/pal/catalog_compiler.rb +5 -0
  92. data/lib/puppet/pal/pal_impl.rb +4 -29
  93. data/lib/puppet/parser/ast/leaf.rb +5 -5
  94. data/lib/puppet/parser/ast/pops_bridge.rb +6 -15
  95. data/lib/puppet/parser/compiler.rb +43 -33
  96. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
  97. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
  98. data/lib/puppet/parser/environment_compiler.rb +4 -1
  99. data/lib/puppet/parser/functions.rb +18 -13
  100. data/lib/puppet/parser/functions/filter.rb +1 -0
  101. data/lib/puppet/parser/resource.rb +3 -2
  102. data/lib/puppet/parser/resource/param.rb +6 -0
  103. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  104. data/lib/puppet/pops/evaluator/evaluator_impl.rb +6 -6
  105. data/lib/puppet/pops/issues.rb +5 -0
  106. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
  107. data/lib/puppet/pops/loaders.rb +7 -5
  108. data/lib/puppet/pops/parser/evaluating_parser.rb +5 -7
  109. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
  110. data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
  111. data/lib/puppet/pops/types/type_calculator.rb +24 -0
  112. data/lib/puppet/pops/validation/checker4_0.rb +11 -1
  113. data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
  114. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
  115. data/lib/puppet/provider/aix_object.rb +4 -2
  116. data/lib/puppet/provider/group/aix.rb +1 -0
  117. data/lib/puppet/provider/group/groupadd.rb +57 -24
  118. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  119. data/lib/puppet/provider/package/aix.rb +17 -2
  120. data/lib/puppet/provider/package/apt.rb +78 -4
  121. data/lib/puppet/provider/package/aptitude.rb +1 -1
  122. data/lib/puppet/provider/package/dnfmodule.rb +69 -15
  123. data/lib/puppet/provider/package/dpkg.rb +14 -7
  124. data/lib/puppet/provider/package/fink.rb +20 -3
  125. data/lib/puppet/provider/package/gem.rb +41 -7
  126. data/lib/puppet/provider/package/openbsd.rb +13 -1
  127. data/lib/puppet/provider/package/pacman.rb +2 -5
  128. data/lib/puppet/provider/package/pip.rb +143 -48
  129. data/lib/puppet/provider/package/pip3.rb +0 -2
  130. data/lib/puppet/provider/package/pkg.rb +18 -5
  131. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  132. data/lib/puppet/provider/package/pkgng.rb +16 -4
  133. data/lib/puppet/provider/package/portage.rb +2 -2
  134. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  135. data/lib/puppet/provider/package/rpm.rb +6 -213
  136. data/lib/puppet/provider/package/yum.rb +109 -25
  137. data/lib/puppet/provider/package/zypper.rb +59 -1
  138. data/lib/puppet/provider/service/systemd.rb +22 -4
  139. data/lib/puppet/provider/service/windows.rb +23 -7
  140. data/lib/puppet/provider/user/aix.rb +1 -0
  141. data/lib/puppet/provider/user/directoryservice.rb +30 -5
  142. data/lib/puppet/provider/user/useradd.rb +22 -12
  143. data/lib/puppet/reports/http.rb +15 -9
  144. data/lib/puppet/reports/store.rb +1 -1
  145. data/lib/puppet/resource.rb +2 -1
  146. data/lib/puppet/resource/type.rb +8 -0
  147. data/lib/puppet/resource/type_collection.rb +20 -16
  148. data/lib/puppet/runtime.rb +31 -1
  149. data/lib/puppet/settings.rb +4 -0
  150. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  151. data/lib/puppet/ssl.rb +1 -0
  152. data/lib/puppet/ssl/certificate.rb +2 -1
  153. data/lib/puppet/ssl/host.rb +4 -4
  154. data/lib/puppet/ssl/oids.rb +1 -0
  155. data/lib/puppet/ssl/ssl_context.rb +2 -2
  156. data/lib/puppet/ssl/ssl_provider.rb +20 -1
  157. data/lib/puppet/ssl/state_machine.rb +81 -35
  158. data/lib/puppet/ssl/verifier_adapter.rb +9 -1
  159. data/lib/puppet/test/test_helper.rb +15 -11
  160. data/lib/puppet/transaction/report.rb +2 -2
  161. data/lib/puppet/transaction/resource_harness.rb +1 -1
  162. data/lib/puppet/trusted_external.rb +29 -1
  163. data/lib/puppet/type.rb +18 -6
  164. data/lib/puppet/type/file.rb +51 -13
  165. data/lib/puppet/type/file/checksum.rb +4 -4
  166. data/lib/puppet/type/file/source.rb +51 -60
  167. data/lib/puppet/type/group.rb +2 -2
  168. data/lib/puppet/type/package.rb +102 -10
  169. data/lib/puppet/type/service.rb +55 -8
  170. data/lib/puppet/type/user.rb +3 -28
  171. data/lib/puppet/util.rb +39 -15
  172. data/lib/puppet/util/at_fork.rb +1 -1
  173. data/lib/puppet/util/autoload.rb +4 -18
  174. data/lib/puppet/util/checksums.rb +19 -4
  175. data/lib/puppet/util/fileparsing.rb +2 -2
  176. data/lib/puppet/util/instance_loader.rb +14 -10
  177. data/lib/puppet/util/log/destinations.rb +2 -11
  178. data/lib/puppet/util/package/version/debian.rb +175 -0
  179. data/lib/puppet/util/package/version/gem.rb +15 -0
  180. data/lib/puppet/util/package/version/pip.rb +167 -0
  181. data/lib/puppet/util/package/version/range.rb +53 -0
  182. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  183. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  184. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  185. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  186. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  187. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  188. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  189. data/lib/puppet/util/package/version/rpm.rb +73 -0
  190. data/lib/puppet/util/pidlock.rb +36 -10
  191. data/lib/puppet/util/platform.rb +5 -0
  192. data/lib/puppet/util/plist.rb +6 -0
  193. data/lib/puppet/util/provider_features.rb +1 -1
  194. data/lib/puppet/util/reference.rb +1 -1
  195. data/lib/puppet/util/rpm_compare.rb +193 -0
  196. data/lib/puppet/util/storage.rb +0 -1
  197. data/lib/puppet/util/windows/adsi.rb +2 -2
  198. data/lib/puppet/util/windows/api_types.rb +45 -32
  199. data/lib/puppet/util/windows/eventlog.rb +1 -6
  200. data/lib/puppet/util/windows/principal.rb +8 -6
  201. data/lib/puppet/util/windows/process.rb +15 -14
  202. data/lib/puppet/util/windows/registry.rb +11 -11
  203. data/lib/puppet/util/windows/security.rb +1 -0
  204. data/lib/puppet/util/windows/service.rb +43 -26
  205. data/lib/puppet/util/windows/sid.rb +3 -3
  206. data/lib/puppet/util/windows/user.rb +23 -8
  207. data/lib/puppet/util/yaml.rb +1 -1
  208. data/lib/puppet/version.rb +1 -1
  209. data/locales/puppet.pot +707 -574
  210. data/man/man5/puppet.conf.5 +74 -14
  211. data/man/man8/puppet-agent.8 +7 -7
  212. data/man/man8/puppet-apply.8 +1 -1
  213. data/man/man8/puppet-catalog.8 +1 -1
  214. data/man/man8/puppet-config.8 +1 -1
  215. data/man/man8/puppet-describe.8 +1 -1
  216. data/man/man8/puppet-device.8 +2 -2
  217. data/man/man8/puppet-doc.8 +1 -1
  218. data/man/man8/puppet-epp.8 +1 -1
  219. data/man/man8/puppet-facts.8 +1 -1
  220. data/man/man8/puppet-filebucket.8 +17 -2
  221. data/man/man8/puppet-generate.8 +1 -1
  222. data/man/man8/puppet-help.8 +6 -3
  223. data/man/man8/puppet-key.8 +1 -1
  224. data/man/man8/puppet-lookup.8 +1 -1
  225. data/man/man8/puppet-man.8 +1 -1
  226. data/man/man8/puppet-module.8 +4 -1
  227. data/man/man8/puppet-node.8 +1 -1
  228. data/man/man8/puppet-parser.8 +1 -1
  229. data/man/man8/puppet-plugin.8 +1 -1
  230. data/man/man8/puppet-report.8 +1 -1
  231. data/man/man8/puppet-resource.8 +1 -1
  232. data/man/man8/puppet-script.8 +1 -1
  233. data/man/man8/puppet-ssl.8 +2 -2
  234. data/man/man8/puppet-status.8 +1 -1
  235. data/man/man8/puppet.8 +2 -2
  236. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  237. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  238. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  239. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  240. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
  241. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  242. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  243. data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
  244. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  245. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
  246. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
  247. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
  248. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
  249. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
  250. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
  251. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
  252. data/spec/integration/application/agent_spec.rb +483 -0
  253. data/spec/integration/application/apply_spec.rb +132 -3
  254. data/spec/integration/application/filebucket_spec.rb +190 -0
  255. data/spec/integration/application/plugin_spec.rb +73 -0
  256. data/spec/integration/configurer_spec.rb +26 -7
  257. data/spec/integration/defaults_spec.rb +1 -2
  258. data/spec/integration/http/client_spec.rb +47 -37
  259. data/spec/integration/indirector/facts/facter_spec.rb +4 -0
  260. data/spec/integration/indirector/report/yaml.rb +83 -0
  261. data/spec/integration/module_tool/forge_spec.rb +2 -15
  262. data/spec/integration/network/http_pool_spec.rb +93 -20
  263. data/spec/integration/node/environment_spec.rb +15 -0
  264. data/spec/integration/parser/compiler_spec.rb +11 -0
  265. data/spec/integration/type/file_spec.rb +1 -1
  266. data/spec/integration/util/windows/adsi_spec.rb +6 -1
  267. data/spec/integration/util/windows/registry_spec.rb +7 -7
  268. data/spec/integration/util/windows/user_spec.rb +40 -5
  269. data/spec/lib/puppet/test_ca.rb +2 -2
  270. data/spec/lib/puppet_spec/https.rb +16 -7
  271. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  272. data/spec/shared_contexts/https.rb +29 -0
  273. data/spec/unit/agent_spec.rb +80 -26
  274. data/spec/unit/application/agent_spec.rb +9 -5
  275. data/spec/unit/application/apply_spec.rb +2 -12
  276. data/spec/unit/application/describe_spec.rb +88 -50
  277. data/spec/unit/application/device_spec.rb +2 -2
  278. data/spec/unit/application/filebucket_spec.rb +22 -2
  279. data/spec/unit/application/resource_spec.rb +2 -2
  280. data/spec/unit/configurer/fact_handler_spec.rb +4 -8
  281. data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
  282. data/spec/unit/configurer_spec.rb +17 -18
  283. data/spec/unit/context/trusted_information_spec.rb +25 -2
  284. data/spec/unit/daemon_spec.rb +5 -64
  285. data/spec/unit/defaults_spec.rb +25 -2
  286. data/spec/unit/environments_spec.rb +65 -28
  287. data/spec/unit/face/facts_spec.rb +24 -20
  288. data/spec/unit/face/module/search_spec.rb +17 -0
  289. data/spec/unit/face/plugin_spec.rb +12 -10
  290. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  291. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  292. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  293. data/spec/unit/file_system_spec.rb +26 -2
  294. data/spec/unit/functions/lookup_spec.rb +13 -0
  295. data/spec/unit/http/client_spec.rb +327 -35
  296. data/spec/unit/http/external_client_spec.rb +201 -0
  297. data/spec/unit/http/resolver_spec.rb +34 -2
  298. data/spec/unit/http/response_spec.rb +75 -0
  299. data/spec/unit/http/service/ca_spec.rb +53 -11
  300. data/spec/unit/http/service/compiler_spec.rb +627 -0
  301. data/spec/unit/http/service/file_server_spec.rb +308 -0
  302. data/spec/unit/http/service/report_spec.rb +27 -9
  303. data/spec/unit/http/service_spec.rb +98 -5
  304. data/spec/unit/http/session_spec.rb +190 -7
  305. data/spec/unit/indirector/catalog/compiler_spec.rb +47 -29
  306. data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
  307. data/spec/unit/indirector/facts/rest_spec.rb +79 -24
  308. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  309. data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
  310. data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
  311. data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
  312. data/spec/unit/indirector/node/rest_spec.rb +57 -2
  313. data/spec/unit/indirector/report/rest_spec.rb +58 -51
  314. data/spec/unit/indirector/request_spec.rb +1 -1
  315. data/spec/unit/indirector/resource/ral_spec.rb +7 -8
  316. data/spec/unit/indirector/rest_spec.rb +13 -0
  317. data/spec/unit/indirector/status/rest_spec.rb +43 -2
  318. data/spec/unit/interface_spec.rb +3 -3
  319. data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
  320. data/spec/unit/network/http/connection_spec.rb +559 -175
  321. data/spec/unit/network/http/nocache_pool_spec.rb +25 -3
  322. data/spec/unit/network/http/pool_spec.rb +89 -11
  323. data/spec/unit/network/http_pool_spec.rb +63 -57
  324. data/spec/unit/network/http_spec.rb +1 -1
  325. data/spec/unit/node/environment_spec.rb +16 -0
  326. data/spec/unit/node/facts_spec.rb +2 -1
  327. data/spec/unit/node_spec.rb +7 -4
  328. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  329. data/spec/unit/parser/environment_compiler_spec.rb +7 -0
  330. data/spec/unit/parser/scope_spec.rb +1 -1
  331. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
  332. data/spec/unit/pops/loaders/loaders_spec.rb +1 -1
  333. data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
  334. data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
  335. data/spec/unit/pops/validator/validator_spec.rb +7 -2
  336. data/spec/unit/provider/aix_object_spec.rb +16 -2
  337. data/spec/unit/provider/group/groupadd_spec.rb +181 -56
  338. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  339. data/spec/unit/provider/package/aix_spec.rb +29 -0
  340. data/spec/unit/provider/package/apt_spec.rb +43 -2
  341. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  342. data/spec/unit/provider/package/dnfmodule_spec.rb +76 -15
  343. data/spec/unit/provider/package/dpkg_spec.rb +28 -6
  344. data/spec/unit/provider/package/gem_spec.rb +40 -0
  345. data/spec/unit/provider/package/openbsd_spec.rb +17 -0
  346. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  347. data/spec/unit/provider/package/pip_spec.rb +68 -19
  348. data/spec/unit/provider/package/pkg_spec.rb +15 -1
  349. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  350. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  351. data/spec/unit/provider/package/portage_spec.rb +5 -0
  352. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  353. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  354. data/spec/unit/provider/package/yum_spec.rb +292 -0
  355. data/spec/unit/provider/package/zypper_spec.rb +84 -0
  356. data/spec/unit/provider/service/init_spec.rb +1 -0
  357. data/spec/unit/provider/service/openbsd_spec.rb +9 -0
  358. data/spec/unit/provider/service/openwrt_spec.rb +1 -0
  359. data/spec/unit/provider/service/redhat_spec.rb +9 -0
  360. data/spec/unit/provider/service/systemd_spec.rb +92 -12
  361. data/spec/unit/provider/service/windows_spec.rb +22 -14
  362. data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
  363. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  364. data/spec/unit/provider/user/useradd_spec.rb +43 -24
  365. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  366. data/spec/unit/puppet_pal_2pec.rb +0 -26
  367. data/spec/unit/puppet_pal_catalog_spec.rb +46 -0
  368. data/spec/unit/puppet_spec.rb +47 -0
  369. data/spec/unit/reports/http_spec.rb +70 -52
  370. data/spec/unit/resource_spec.rb +3 -3
  371. data/spec/unit/settings/autosign_setting_spec.rb +1 -1
  372. data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
  373. data/spec/unit/ssl/certificate_spec.rb +7 -0
  374. data/spec/unit/ssl/host_spec.rb +4 -2
  375. data/spec/unit/ssl/oids_spec.rb +1 -0
  376. data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
  377. data/spec/unit/ssl/state_machine_spec.rb +99 -13
  378. data/spec/unit/test/test_helper_spec.rb +17 -0
  379. data/spec/unit/transaction/persistence_spec.rb +1 -10
  380. data/spec/unit/transaction/report_spec.rb +5 -1
  381. data/spec/unit/transaction_spec.rb +0 -2
  382. data/spec/unit/type/file/ensure_spec.rb +1 -2
  383. data/spec/unit/type/file/source_spec.rb +89 -38
  384. data/spec/unit/type/file_spec.rb +122 -96
  385. data/spec/unit/type/package_spec.rb +8 -0
  386. data/spec/unit/type/service_spec.rb +185 -8
  387. data/spec/unit/type/user_spec.rb +1 -2
  388. data/spec/unit/type_spec.rb +50 -0
  389. data/spec/unit/util/at_fork_spec.rb +3 -2
  390. data/spec/unit/util/autoload_spec.rb +2 -1
  391. data/spec/unit/util/checksums_spec.rb +16 -0
  392. data/spec/unit/util/log/destinations_spec.rb +1 -29
  393. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  394. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  395. data/spec/unit/util/package/version/range_spec.rb +175 -0
  396. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  397. data/spec/unit/util/pidlock_spec.rb +112 -42
  398. data/spec/unit/util/plist_spec.rb +20 -0
  399. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  400. data/spec/unit/util/storage_spec.rb +1 -8
  401. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  402. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  403. data/spec/unit/util/windows/service_spec.rb +4 -4
  404. data/spec/unit/util/windows/sid_spec.rb +2 -2
  405. data/spec/unit/util_spec.rb +3 -3
  406. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  407. data/tasks/generate_cert_fixtures.rake +15 -1
  408. data/tasks/manpages.rake +5 -35
  409. metadata +73 -12
  410. data/COMMITTERS.md +0 -244
  411. data/spec/integration/faces/plugin_spec.rb +0 -61
  412. data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -1,106 +1,5 @@
1
1
  ---
2
2
  http_interactions:
3
- - request:
4
- method: head
5
- uri: http://my-server/file
6
- body:
7
- encoding: US-ASCII
8
- string: ''
9
- headers:
10
- Accept:
11
- - ! '*/*'
12
- User-Agent:
13
- - Ruby
14
- response:
15
- status:
16
- code: 301
17
- message: ! 'Moved Permanently '
18
- headers:
19
- Location:
20
- - http://my-server/file/
21
- Server:
22
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
23
- Date:
24
- - Sun, 22 Mar 2015 22:57:44 GMT
25
- Content-Length:
26
- - '44'
27
- Connection:
28
- - Keep-Alive
29
- body:
30
- encoding: US-ASCII
31
- string: ''
32
- http_version:
33
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
34
- - request:
35
- method: head
36
- uri: http://my-server/file/
37
- body:
38
- encoding: US-ASCII
39
- string: ''
40
- headers:
41
- Accept:
42
- - ! '*/*'
43
- User-Agent:
44
- - Ruby
45
- response:
46
- status:
47
- code: 200
48
- message: ! 'OK '
49
- headers:
50
- Etag:
51
- - 62e0b-184a-550f415e
52
- Content-Type:
53
- - text/html
54
- Content-Length:
55
- - '6218'
56
- Last-Modified:
57
- - Sun, 22 Mar 2015 22:25:34 GMT
58
- Server:
59
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
60
- Date:
61
- - Sun, 22 Mar 2015 22:57:44 GMT
62
- Connection:
63
- - Keep-Alive
64
- body:
65
- encoding: US-ASCII
66
- string: ''
67
- http_version:
68
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
69
- - request:
70
- method: head
71
- uri: http://my-server/file/
72
- body:
73
- encoding: US-ASCII
74
- string: ''
75
- headers:
76
- Accept:
77
- - ! '*/*'
78
- User-Agent:
79
- - Ruby
80
- response:
81
- status:
82
- code: 200
83
- message: ! 'OK '
84
- headers:
85
- Etag:
86
- - 62e0b-184a-550f415e
87
- Content-Type:
88
- - text/html
89
- Content-Length:
90
- - '6218'
91
- Last-Modified:
92
- - Sun, 22 Mar 2015 22:25:34 GMT
93
- Server:
94
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
95
- Date:
96
- - Sun, 22 Mar 2015 22:57:44 GMT
97
- Connection:
98
- - Keep-Alive
99
- body:
100
- encoding: US-ASCII
101
- string: ''
102
- http_version:
103
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
104
3
  - request:
105
4
  method: head
106
5
  uri: http://my-server/file
@@ -169,7 +68,7 @@ http_interactions:
169
68
  recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
170
69
  - request:
171
70
  method: get
172
- uri: http://my-server/file/
71
+ uri: http://my-server/file
173
72
  body:
174
73
  encoding: US-ASCII
175
74
  string: ''
@@ -1,106 +1,5 @@
1
1
  ---
2
2
  http_interactions:
3
- - request:
4
- method: head
5
- uri: http://my-server/file
6
- body:
7
- encoding: US-ASCII
8
- string: ''
9
- headers:
10
- Accept:
11
- - ! '*/*'
12
- User-Agent:
13
- - Ruby
14
- response:
15
- status:
16
- code: 301
17
- message: ! 'Moved Permanently '
18
- headers:
19
- Location:
20
- - http://my-server/file/
21
- Server:
22
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
23
- Date:
24
- - Sun, 22 Mar 2015 22:57:44 GMT
25
- Content-Length:
26
- - '44'
27
- Connection:
28
- - Keep-Alive
29
- body:
30
- encoding: US-ASCII
31
- string: ''
32
- http_version:
33
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
34
- - request:
35
- method: head
36
- uri: http://my-server/file/
37
- body:
38
- encoding: US-ASCII
39
- string: ''
40
- headers:
41
- Accept:
42
- - ! '*/*'
43
- User-Agent:
44
- - Ruby
45
- response:
46
- status:
47
- code: 200
48
- message: ! 'OK '
49
- headers:
50
- Etag:
51
- - 62e0b-184a-550f415e
52
- Content-Type:
53
- - text/html
54
- Content-Length:
55
- - '6218'
56
- Last-Modified:
57
- - Sun, 22 Mar 2015 22:25:34 GMT
58
- Server:
59
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
60
- Date:
61
- - Sun, 22 Mar 2015 22:57:44 GMT
62
- Connection:
63
- - Keep-Alive
64
- body:
65
- encoding: US-ASCII
66
- string: ''
67
- http_version:
68
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
69
- - request:
70
- method: head
71
- uri: http://my-server/file/
72
- body:
73
- encoding: US-ASCII
74
- string: ''
75
- headers:
76
- Accept:
77
- - ! '*/*'
78
- User-Agent:
79
- - Ruby
80
- response:
81
- status:
82
- code: 200
83
- message: ! 'OK '
84
- headers:
85
- Etag:
86
- - 62e0b-184a-550f415e
87
- Content-Type:
88
- - text/html
89
- Content-Length:
90
- - '6218'
91
- Last-Modified:
92
- - Sun, 22 Mar 2015 22:25:34 GMT
93
- Server:
94
- - WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
95
- Date:
96
- - Sun, 22 Mar 2015 22:57:44 GMT
97
- Connection:
98
- - Keep-Alive
99
- body:
100
- encoding: US-ASCII
101
- string: ''
102
- http_version:
103
- recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
104
3
  - request:
105
4
  method: head
106
5
  uri: http://my-server/file
@@ -169,7 +68,7 @@ http_interactions:
169
68
  recorded_at: Sun, 22 Mar 2015 22:57:44 GMT
170
69
  - request:
171
70
  method: get
172
- uri: http://my-server/file/
71
+ uri: http://my-server/file
173
72
  body:
174
73
  encoding: US-ASCII
175
74
  string: ''
@@ -0,0 +1,483 @@
1
+ require 'spec_helper'
2
+ require 'puppet_spec/files'
3
+ require 'puppet_spec/puppetserver'
4
+ require 'puppet_spec/compiler'
5
+ require 'puppet_spec/https'
6
+
7
+ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
8
+ include PuppetSpec::Files
9
+ include PuppetSpec::Compiler
10
+ include_context "https client"
11
+
12
+ let(:server) { PuppetSpec::Puppetserver.new }
13
+ let(:agent) { Puppet::Application[:agent] }
14
+ let(:node) { Puppet::Node.new(Puppet[:certname], environment: 'production')}
15
+ let(:formatter) { Puppet::Network::FormatHandler.format(:rich_data_json) }
16
+
17
+ context 'server_list' do
18
+ before :each do
19
+ Puppet[:log_level] = 'debug'
20
+ end
21
+
22
+ it "uses the first server in the list" do
23
+ Puppet[:server_list] = '127.0.0.1'
24
+
25
+ server.start_server do |port|
26
+ Puppet[:masterport] = port
27
+ expect {
28
+ expect {
29
+ agent.command_line.args << '--test'
30
+ agent.run
31
+ }.to exit_with(0)
32
+ }.to output(%r{HTTP GET https://127.0.0.1:#{port}/status/v1/simple/master returned 200 OK}).to_stdout
33
+ end
34
+ end
35
+
36
+ it "falls back, recording the first viable server in the report" do
37
+ Puppet[:server_list] = "puppet.example.com,#{Puppet[:server]}"
38
+
39
+ server.start_server do |port|
40
+ Puppet[:masterport] = port
41
+ expect {
42
+ expect {
43
+ agent.command_line.args << '--test'
44
+ agent.run
45
+ }.to exit_with(0)
46
+ }.to output(%r{Unable to connect to server from server_list setting: Request to https://puppet.example.com:#{port}/status/v1/simple/master failed}).to_stdout
47
+
48
+ report = Puppet::Transaction::Report.convert_from(:yaml, File.read(Puppet[:lastrunreport]))
49
+ expect(report.master_used).to eq("127.0.0.1:#{port}")
50
+ end
51
+ end
52
+
53
+ it "doesn't write a report if no servers could be contacted" do
54
+ Puppet[:server_list] = "puppet.example.com"
55
+
56
+ expect {
57
+ expect {
58
+ expect {
59
+ agent.command_line.args << '--test'
60
+ agent.run
61
+ }.to exit_with(1)
62
+ }.to output(%r{Unable to connect to server from server_list setting: Could not select a functional puppet master from server_list: 'puppet.example.com'}).to_stdout
63
+ }.to output(/Error: Could not run Puppet configuration client: Could not select a functional puppet master from server_list: 'puppet.example.com'/).to_stderr
64
+
65
+ # I'd expect puppet to update the last run report even if the server_list was
66
+ # exhausted, but it doesn't work that way currently, see PUP-6708
67
+ expect(File).to_not be_exist(Puppet[:lastrunreport])
68
+ end
69
+
70
+ it "omits master_used when not using server_list" do
71
+ server.start_server do |port|
72
+ Puppet[:masterport] = port
73
+ expect {
74
+ expect {
75
+ agent.command_line.args << '--test'
76
+ agent.run
77
+ }.to exit_with(0)
78
+ }.to output(%r{Resolved service 'puppet' to https://127.0.0.1:#{port}/puppet/v3}).to_stdout
79
+ end
80
+
81
+ report = Puppet::Transaction::Report.convert_from(:yaml, File.read(Puppet[:lastrunreport]))
82
+ expect(report.master_used).to be_nil
83
+ end
84
+
85
+ it "server_list takes precedence over server" do
86
+ Puppet[:server] = 'notvalid.example.com'
87
+
88
+ server.start_server do |port|
89
+ Puppet[:server_list] = "127.0.0.1:#{port}"
90
+
91
+ expect {
92
+ agent.command_line.args << '--test'
93
+ agent.run
94
+ }.to exit_with(0)
95
+ .and output(%r{Debug: Resolved service 'puppet' to https://127.0.0.1:#{port}/puppet/v3}).to_stdout
96
+
97
+ report = Puppet::Transaction::Report.convert_from(:yaml, File.read(Puppet[:lastrunreport]))
98
+ expect(report.master_used).to eq("127.0.0.1:#{port}")
99
+ end
100
+ end
101
+ end
102
+
103
+ context 'rich data' do
104
+ it "applies deferred values" do
105
+ catalog_handler = -> (req, res) {
106
+ catalog = compile_to_catalog(<<-MANIFEST, node)
107
+ notify { 'deferred':
108
+ message => Deferred('join', [[1,2,3], ':'])
109
+ }
110
+ MANIFEST
111
+
112
+ res.body = formatter.render(catalog)
113
+ res['Content-Type'] = formatter.mime
114
+ }
115
+
116
+ server.start_server(mounts: {catalog: catalog_handler}) do |port|
117
+ Puppet[:masterport] = port
118
+ expect {
119
+ expect {
120
+ agent.command_line.args << '--test'
121
+ agent.run
122
+ }.to exit_with(2)
123
+ }.to output(%r{Notice: /Stage\[main\]/Main/Notify\[deferred\]/message: defined 'message' as '1:2:3'}).to_stdout
124
+ end
125
+ end
126
+
127
+ it "redacts sensitive values" do
128
+ catalog_handler = -> (req, res) {
129
+ catalog = compile_to_catalog(<<-MANIFEST, node)
130
+ notify { 'sensitive':
131
+ message => Sensitive('supersecret')
132
+ }
133
+ MANIFEST
134
+
135
+ res.body = formatter.render(catalog)
136
+ res['Content-Type'] = formatter.mime
137
+ }
138
+
139
+ server.start_server(mounts: {catalog: catalog_handler}) do |port|
140
+ Puppet[:masterport] = port
141
+ expect {
142
+ expect {
143
+ agent.command_line.args << '--test'
144
+ agent.run
145
+ }.to exit_with(2)
146
+ }.to output(a_string_matching(
147
+ /Notice: Sensitive \[value redacted\]/
148
+ ).and matching(
149
+ /Notify\[sensitive\]\/message: changed \[redacted\] to \[redacted\]/
150
+ )).to_stdout
151
+ end
152
+ end
153
+
154
+ it "applies binary data in a cached catalog" do
155
+ catalog = compile_to_catalog(<<-MANIFEST, node)
156
+ notify { 'some title':
157
+ message => Binary.new('aGk=')
158
+ }
159
+ MANIFEST
160
+
161
+ catalog_dir = File.join(Puppet[:client_datadir], 'catalog')
162
+ Puppet::FileSystem.mkpath(catalog_dir)
163
+ cached_catalog = "#{File.join(catalog_dir, Puppet[:certname])}.json"
164
+ File.write(cached_catalog, catalog.render(:rich_data_json))
165
+
166
+ expect {
167
+ Puppet[:report] = false
168
+ Puppet[:use_cached_catalog] = true
169
+ Puppet[:usecacheonfailure] = false
170
+ agent.command_line.args << '-t'
171
+ agent.run
172
+ }.to exit_with(2)
173
+ .and output(%r{defined 'message' as 'hi'}).to_stdout
174
+ end
175
+ end
176
+
177
+ context 'static catalogs' do
178
+ let(:path) { tmpfile('file') }
179
+ let(:metadata) { Puppet::FileServing::Metadata.new(path) }
180
+ let(:source) { "puppet:///modules/foo/foo.txt" }
181
+
182
+ before :each do
183
+ Puppet::FileSystem.touch(path)
184
+
185
+ metadata.collect
186
+ metadata.source = source
187
+ metadata.content_uri = "puppet:///modules/foo/files/foo.txt"
188
+ end
189
+
190
+ it 'uses inline file metadata to determine the file is insync' do
191
+ catalog_handler = -> (req, res) {
192
+ catalog = compile_to_catalog(<<-MANIFEST, node)
193
+ file { "#{path}":
194
+ ensure => file,
195
+ source => "#{source}"
196
+ }
197
+ MANIFEST
198
+ catalog.metadata = { path => metadata }
199
+
200
+ res.body = formatter.render(catalog)
201
+ res['Content-Type'] = formatter.mime
202
+ }
203
+
204
+ server.start_server(mounts: {catalog: catalog_handler}) do |port|
205
+ Puppet[:masterport] = port
206
+ expect {
207
+ expect {
208
+ agent.command_line.args << '--test'
209
+ agent.run
210
+ }.to exit_with(0)
211
+ }.to_not output(/content changed/).to_stdout
212
+ end
213
+ end
214
+
215
+ it 'retrieves file content using the content_uri from the inlined file metadata' do
216
+ # create file with binary content
217
+ binary_content = "\xC0\xFF".force_encoding('binary')
218
+ File.binwrite(path, binary_content)
219
+
220
+ # recollect metadata
221
+ metadata.collect
222
+
223
+ # overwrite local file so it is no longer in sync
224
+ File.binwrite(path, "")
225
+
226
+ catalog_handler = -> (req, res) {
227
+ catalog = compile_to_catalog(<<-MANIFEST, node)
228
+ file { "#{path}":
229
+ ensure => file,
230
+ source => "#{source}",
231
+ }
232
+ MANIFEST
233
+ catalog.metadata = { path => metadata }
234
+
235
+ res.body = formatter.render(catalog)
236
+ res['Content-Type'] = formatter.mime
237
+ }
238
+
239
+ static_file_content_handler = -> (req, res) {
240
+ res.body = binary_content
241
+ res['Content-Type'] = 'application/octet-stream'
242
+ }
243
+
244
+ mounts = {
245
+ catalog: catalog_handler,
246
+ static_file_content: static_file_content_handler
247
+ }
248
+
249
+ server.start_server(mounts: mounts) do |port|
250
+ Puppet[:masterport] = port
251
+ expect {
252
+ expect {
253
+ agent.command_line.args << '--test'
254
+ agent.run
255
+ }.to exit_with(2)
256
+ }.to output(/content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}4cf49285ae567157ebfba72bd04ccf32'/).to_stdout
257
+
258
+ # verify puppet restored binary content
259
+ expect(File.binread(path)).to eq(binary_content)
260
+ end
261
+ end
262
+ end
263
+
264
+ context 'https file sources' do
265
+ let(:path) { tmpfile('https_file_source') }
266
+ let(:response_body) { "from https server" }
267
+ let(:digest) { Digest::SHA1.hexdigest(response_body) }
268
+
269
+ it 'rejects HTTPS servers whose root cert is not in the system CA store' do
270
+ unknown_ca_cert = cert_fixture('unknown-ca.pem')
271
+ https = PuppetSpec::HTTPSServer.new(
272
+ ca_cert: unknown_ca_cert,
273
+ server_cert: cert_fixture('unknown-127.0.0.1.pem'),
274
+ server_key: key_fixture('unknown-127.0.0.1-key.pem')
275
+ )
276
+
277
+ # create a temp cacert bundle
278
+ ssl_file = tmpfile('systemstore')
279
+ # add CA cert that is neither the puppet CA nor unknown CA
280
+ File.write(ssl_file, cert_fixture('netlock-arany-utf8.pem').to_pem)
281
+
282
+ https.start_server do |https_port|
283
+ catalog_handler = -> (req, res) {
284
+ catalog = compile_to_catalog(<<-MANIFEST, node)
285
+ file { "#{path}":
286
+ ensure => file,
287
+ backup => false,
288
+ checksum => sha1,
289
+ checksum_value => '#{digest}',
290
+ source => "https://127.0.0.1:#{https_port}/path/to/file"
291
+ }
292
+ MANIFEST
293
+
294
+ res.body = formatter.render(catalog)
295
+ res['Content-Type'] = formatter.mime
296
+ }
297
+
298
+ server.start_server(mounts: {catalog: catalog_handler}) do |puppetserver_port|
299
+ Puppet[:masterport] = puppetserver_port
300
+
301
+ # override path to system cacert bundle, this must be done before
302
+ # the SSLContext is created and the call to X509::Store.set_default_paths
303
+ Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
304
+ expect {
305
+ agent.command_line.args << '--test'
306
+ agent.run
307
+ }.to exit_with(4)
308
+ .and output(/Notice: Applied catalog/).to_stdout
309
+ .and output(%r{Error: Could not retrieve file metadata for https://127.0.0.1:#{https_port}/path/to/file: certificate verify failed}).to_stderr
310
+ end
311
+
312
+ expect(File).to_not be_exist(path)
313
+ end
314
+ end
315
+ end
316
+
317
+ it 'accepts HTTPS servers whose cert is in the system CA store' do
318
+ unknown_ca_cert = cert_fixture('unknown-ca.pem')
319
+ https = PuppetSpec::HTTPSServer.new(
320
+ ca_cert: unknown_ca_cert,
321
+ server_cert: cert_fixture('unknown-127.0.0.1.pem'),
322
+ server_key: key_fixture('unknown-127.0.0.1-key.pem')
323
+ )
324
+
325
+ # create a temp cacert bundle
326
+ ssl_file = tmpfile('systemstore')
327
+ File.write(ssl_file, unknown_ca_cert.to_pem)
328
+
329
+ response_proc = -> (req, res) {
330
+ res.status = 200
331
+ res.body = response_body
332
+ }
333
+
334
+ https.start_server(response_proc: response_proc) do |https_port|
335
+ catalog_handler = -> (req, res) {
336
+ catalog = compile_to_catalog(<<-MANIFEST, node)
337
+ file { "#{path}":
338
+ ensure => file,
339
+ backup => false,
340
+ checksum => sha1,
341
+ checksum_value => '#{digest}',
342
+ source => "https://127.0.0.1:#{https_port}/path/to/file"
343
+ }
344
+ MANIFEST
345
+
346
+ res.body = formatter.render(catalog)
347
+ res['Content-Type'] = formatter.mime
348
+ }
349
+
350
+ server.start_server(mounts: {catalog: catalog_handler}) do |puppetserver_port|
351
+ Puppet[:masterport] = puppetserver_port
352
+
353
+ # override path to system cacert bundle, this must be done before
354
+ # the SSLContext is created and the call to X509::Store.set_default_paths
355
+ Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
356
+ expect {
357
+ agent.command_line.args << '--test'
358
+ agent.run
359
+ }.to exit_with(2)
360
+ .and output(%r{https_file_source.*/ensure: created}).to_stdout
361
+ end
362
+
363
+ expect(File.binread(path)).to eq("from https server")
364
+ end
365
+ end
366
+ end
367
+
368
+ it 'accepts HTTPS servers whose cert is in the external CA store' do
369
+ unknown_ca_cert = cert_fixture('unknown-ca.pem')
370
+ https = PuppetSpec::HTTPSServer.new(
371
+ ca_cert: unknown_ca_cert,
372
+ server_cert: cert_fixture('unknown-127.0.0.1.pem'),
373
+ server_key: key_fixture('unknown-127.0.0.1-key.pem')
374
+ )
375
+
376
+ # create a temp cacert bundle
377
+ ssl_file = tmpfile('systemstore')
378
+ File.write(ssl_file, unknown_ca_cert.to_pem)
379
+
380
+ response_proc = -> (req, res) {
381
+ res.status = 200
382
+ res.body = response_body
383
+ }
384
+
385
+ https.start_server(response_proc: response_proc) do |https_port|
386
+ catalog_handler = -> (req, res) {
387
+ catalog = compile_to_catalog(<<-MANIFEST, node)
388
+ file { "#{path}":
389
+ ensure => file,
390
+ backup => false,
391
+ checksum => sha1,
392
+ checksum_value => '#{digest}',
393
+ source => "https://127.0.0.1:#{https_port}/path/to/file"
394
+ }
395
+ MANIFEST
396
+
397
+ res.body = formatter.render(catalog)
398
+ res['Content-Type'] = formatter.mime
399
+ }
400
+
401
+ server.start_server(mounts: {catalog: catalog_handler}) do |puppetserver_port|
402
+ Puppet[:masterport] = puppetserver_port
403
+
404
+ # set path to external cacert bundle, this must be done before
405
+ # the SSLContext is created
406
+ Puppet[:ssl_trust_store] = ssl_file
407
+ expect {
408
+ agent.command_line.args << '--test'
409
+ agent.run
410
+ }.to exit_with(2)
411
+ .and output(%r{https_file_source.*/ensure: created}).to_stdout
412
+ end
413
+
414
+ expect(File.binread(path)).to eq("from https server")
415
+ end
416
+ end
417
+ end
418
+
419
+ context 'multiple agents running' do
420
+ it "exits if an agent is already running" do
421
+ path = Puppet[:agent_catalog_run_lockfile]
422
+
423
+ th = Thread.new {
424
+ %x{ruby -e "$0 = 'puppet'; File.write('#{path}', Process.pid); sleep(2)"}
425
+ }
426
+
427
+ until File.exists?(path) && File.size(path) > 0 do
428
+ sleep 0.1
429
+ end
430
+
431
+ expect {
432
+ agent.command_line.args << '--test'
433
+ agent.run
434
+ }.to exit_with(1).and output(/Run of Puppet configuration client already in progress; skipping/).to_stdout
435
+
436
+ th.kill # kill thread so we don't wait too much
437
+ end
438
+
439
+ it "waits for other agent run to finish before starting" do
440
+ server.start_server do |port|
441
+ path = Puppet[:agent_catalog_run_lockfile]
442
+ Puppet[:masterport] = port
443
+ Puppet[:waitforlock] = 1
444
+
445
+ th = Thread.new {
446
+ %x{ruby -e "$0 = 'puppet'; File.write('#{path}', Process.pid); sleep(2)"}
447
+ }
448
+
449
+ until File.exists?(path) && File.size(path) > 0 do
450
+ sleep 0.1
451
+ end
452
+
453
+ expect {
454
+ agent.command_line.args << '--test'
455
+ agent.run
456
+ }.to exit_with(0).and output(/Info: Will try again in #{Puppet[:waitforlock]} seconds./).to_stdout
457
+
458
+ th.kill # kill thread so we don't wait too much
459
+ end
460
+ end
461
+
462
+ it "exits if maxwaitforlock is exceeded" do
463
+ path = Puppet[:agent_catalog_run_lockfile]
464
+ Puppet[:waitforlock] = 1
465
+ Puppet[:maxwaitforlock] = 0
466
+
467
+ th = Thread.new {
468
+ %x{ruby -e "$0 = 'puppet'; File.write('#{path}', Process.pid); sleep(2)"}
469
+ }
470
+
471
+ until File.exists?(path) && File.size(path) > 0 do
472
+ sleep 0.1
473
+ end
474
+
475
+ expect {
476
+ agent.command_line.args << '--test'
477
+ agent.run
478
+ }.to exit_with(1).and output(/Exiting now because the maxwaitforlock timeout has been exceeded./).to_stdout
479
+
480
+ th.kill # kill thread so we don't wait too much
481
+ end
482
+ end
483
+ end