puppet 6.12.0 → 6.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c121885834ded259f002e574ca1ada8dc8ad318668d1234baa71496c58c8fe34
-  data.tar.gz: 71cfdf18ccace429a2d195a12152ab90b56b82f22435e3075db530ce511f5f34
+  metadata.gz: 77d2129b60ff6de7ba7a09cc3b6a5248977c58ae3787daf6d0cb2229c4bcc913
+  data.tar.gz: b69f4e35d6b46f3ee84c06f5179c30673ad1d893209d66397817810477bed9ff
 SHA512:
-  metadata.gz: c2434c6af3a1a975b0c64a405651e28462ab6651ea6f735418ae30447110f4712f6d425221f981ebb0361183eda36ee1a501be4d6eea42cf89a259f5727f0a15
-  data.tar.gz: ebcae5fa3568c1c96efec45dc5903f0c0ad1ca98b4d7dd26d7f1ec2122b8bc73fb3c062a668d58a979fa472d646b81b93c7d828c0bf3aa7a783f74f1200837d2
+  metadata.gz: b9f16ed09bc8bad983e06482145e6444e14bd871bde8ef01be4043dbcb8ec053e43af3c5b08417e8ca19e30400b847d14c39a302f1b96c84c7dd86154fdda7b1
+  data.tar.gz: 691779a9ace904f1f598fc86d0cbc670f46bd93b9f85d7a0414f6130b6e27078efc31a836424ebb876d364b55f7c38b71598e605c0e7f0b562035c5731be8e5a

data/Gemfile.lock

@@ -1,11 +1,11 @@
 PATH
   remote: .
   specs:
-    puppet (6.12.0)
+    puppet (6.13.0)
       CFPropertyList (~> 2.2)
       concurrent-ruby (~> 1.0)
       deep_merge (~> 1.0)
-      facter (>= 2.4.0, < 4)
+      facter (>= 2.4.0, < 5)
       fast_gettext (~> 1.1)
       hiera (>= 3.2.1, < 4)
       httpclient (~> 2.8)
@@ -22,14 +22,14 @@ GEM
     artifactory (2.8.2)
     ast (2.4.0)
     coderay (1.1.2)
-    concurrent-ruby (1.1.5)
+    concurrent-ruby (1.1.6)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
     csv (3.1.2)
     deep_merge (1.2.1)
     diff-lcs (1.3)
     docopt (0.6.1)
-    facter (2.5.6)
+    facter (2.5.7)
     fast_gettext (1.1.2)
     gettext (3.2.9)
       locale (>= 2.0.5)
@@ -40,7 +40,7 @@ GEM
       locale
     hashdiff (1.0.0)
     hiera (3.6.0)
-    hiera-eyaml (3.1.1)
+    hiera-eyaml (3.2.0)
       highline (~> 1.6.19)
       optimist
     highline (1.6.21)
@@ -49,15 +49,15 @@ GEM
     httpclient (2.8.3)
     json-schema (2.8.1)
       addressable (>= 2.4)
-    locale (2.1.2)
+    locale (2.1.3)
     memory_profiler (0.9.14)
     method_source (0.9.2)
     minitar (0.9)
-    msgpack (1.3.1)
+    msgpack (1.3.3)
     multi_json (1.14.1)
     mustache (1.1.1)
     optimist (3.0.0)
-    packaging (0.99.52)
+    packaging (0.99.56)
       artifactory (~> 2)
       rake (>= 12.3)
       release-metrics
@@ -111,14 +111,14 @@ GEM
       unicode-display_width (~> 1.0, >= 1.0.1)
     rubocop-i18n (1.2.0)
       rubocop (~> 0.49.0)
-    ruby-prof (1.1.0)
+    ruby-prof (1.2.0)
     ruby-progressbar (1.10.1)
     safe_yaml (1.0.5)
     semantic_puppet (1.0.2)
     text (1.3.1)
-    unicode-display_width (1.6.0)
-    vcr (5.0.0)
-    webmock (3.7.6)
+    unicode-display_width (1.6.1)
+    vcr (5.1.0)
+    webmock (3.8.2)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)

data/README.md

@@ -1,7 +1,7 @@
 Puppet
 ======
 
-[![Travis Status](https://travis-ci.org/puppetlabs/puppet.svg?branch=master)](https://travis-ci.org/puppetlabs/puppet)
+[![Travis Status](https://travis-ci.com/puppetlabs/puppet.svg?branch=master)](https://travis-ci.com/puppetlabs/puppet)
 [![Appveyor Status](https://ci.appveyor.com/api/projects/status/cvhpypd4504sevqq/branch/master?svg=true)](https://ci.appveyor.com/project/puppetlabs/puppet/branch/master)
 [![Gem Version](https://badge.fury.io/rb/puppet.svg)](https://badge.fury.io/rb/puppet)
 [![Inline docs](https://inch-ci.org/github/puppetlabs/puppet.svg)](https://inch-ci.org/github/puppetlabs/puppet)

data/ext/project_data.yaml

@@ -17,7 +17,7 @@ gem_forge_project: 'puppet'
 gem_required_ruby_version: '>= 2.3.0'
 gem_required_rubygems_version: '> 1.3.1'
 gem_runtime_dependencies:
-  facter: ['> 2.0.1', '< 4']
+  facter: ['> 2.0.1', '< 5']
   hiera: ['>= 3.2.1', '< 4']
   semantic_puppet: '~> 1.0'
   fast_gettext: '~> 1.1'

data/lib/puppet.rb

@@ -22,6 +22,7 @@ require 'puppet/external/pson/common'
 require 'puppet/external/pson/version'
 require 'puppet/external/pson/pure'
 require 'puppet/gettext/config'
+require 'puppet/defaults'
 
 
 #------------------------------------------------------------
@@ -60,6 +61,14 @@ module Puppet
     @@settings
   end
 
+  # The puppetserver project has its own settings class that is thread-aware; this
+  # method is here to allow the puppetserver to define its own custom settings class
+  # for multithreaded puppet. It is not intended for use outside of the puppetserver
+  # implmentation.
+  def self.replace_settings_object(new_settings)
+    @@settings = new_settings
+  end
+
   # Get the value for a setting
   #
   # @param [Symbol] param the setting to retrieve
@@ -87,6 +96,7 @@ module Puppet
 
   # Store a new default value.
   def self.define_settings(section, hash)
+    Puppet.deprecation_warning('The method Puppet.define_settings is deprecated and will be removed in a future release')
     @@settings.define_settings(section, hash)
   end
 
@@ -121,8 +131,9 @@ module Puppet
     Puppet::Util::RunMode[@@settings.preferred_run_mode]
   end
 
-  # Load all of the settings.
-  require 'puppet/defaults'
+  # Modify the settings with defaults defined in `initialize_default_settings` method in puppet/defaults.rb. This can
+  # be used in the initialization of new Puppet::Settings objects in the puppetserver project.
+  Puppet.initialize_default_settings!(settings)
 
   # Now that settings are loaded we have the code loaded to be able to issue
   # deprecation warnings. Warn if we're on a deprecated ruby version.
@@ -137,19 +148,23 @@ module Puppet
   #
   # @api public
   # @param args [Array<String>] the command line arguments to use for initialization
+  # @param require_config [Boolean] controls loading of Puppet configuration files
+  # @param global_settings [Boolean] controls push to global context after settings object initialization
   # @return [void]
-  def self.initialize_settings(args = [], require_config = true)
-    do_initialize_settings_for_run_mode(:user, args, require_config)
+  def self.initialize_settings(args = [], require_config = true, push_settings_globally = true)
+    do_initialize_settings_for_run_mode(:user, args, require_config, push_settings_globally)
   end
 
   # private helper method to provide the implementation details of initializing for a run mode,
   #  but allowing us to control where the deprecation warning is issued
-  def self.do_initialize_settings_for_run_mode(run_mode, args, require_config = true)
+  def self.do_initialize_settings_for_run_mode(run_mode, args, require_config = true, push_settings_globally = true)
     Puppet.settings.initialize_global_settings(args, require_config)
     run_mode = Puppet::Util::RunMode[run_mode]
     Puppet.settings.initialize_app_defaults(Puppet::Settings.app_defaults_for_run_mode(run_mode))
-    push_context_global(Puppet.base_context(Puppet.settings), "Initial context after settings initialization")
-    Puppet::Parser::Functions.reset
+    if push_settings_globally
+      push_context_global(Puppet.base_context(Puppet.settings), "Initial context after settings initialization")
+      Puppet::Parser::Functions.reset
+    end
   end
   private_class_method :do_initialize_settings_for_run_mode
 

data/lib/puppet/application/resource.rb

@@ -5,7 +5,7 @@ class Puppet::Application::Resource < Puppet::Application
   attr_accessor :host, :extra_params
 
   def preinit
-    @extra_params = []
+    @extra_params = [:provider]
   end
 
   option("--debug","-d")

data/lib/puppet/configurer.rb

@@ -1,5 +1,4 @@
 # The client for interacting with the puppetmaster config server.
-require 'sync'
 require 'timeout'
 require 'puppet/network/http_pool'
 require 'puppet/util'
@@ -468,21 +467,17 @@ class Puppet::Configurer
     ::Facter.clear
     facts = find_facts
 
-    saved_fact_terminus = Puppet::Node::Facts.indirection.terminus_class
-    begin
-      Puppet::Node::Facts.indirection.terminus_class = :rest
+    client = Puppet.runtime['http']
+    session = client.create_session
+    puppet = session.route_to(:puppet)
 
-      server = Puppet::Node::Facts::Rest.server
-      Puppet.info(_("Uploading facts for %{node} to %{server}") % {
-                    node: facts.name,
-                    server: server})
+    Puppet.info(_("Uploading facts for %{node} to %{server}") % {
+                  node: facts.name,
+                  server: puppet.url.hostname})
 
-      Puppet::Node::Facts.indirection.save(facts, nil, :environment => Puppet::Node::Environment.remote(@environment))
+    puppet.put_facts(facts.name, facts: facts, environment: Puppet.lookup(:current_environment).name.to_s)
 
-      return true
-    ensure
-      Puppet::Node::Facts.indirection.terminus_class = saved_fact_terminus
-    end
+    return true
   rescue => detail
     Puppet.log_exception(detail, _("Failed to submit facts: %{detail}") %
                                  { detail: detail })

data/lib/puppet/defaults.rb

@@ -65,26 +65,30 @@ module Puppet
 
   AS_DURATION = %q{This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y).}
 
-  define_settings(:main,
-    :facterng => {
+  # @api public
+  # @param args [Puppet::Settings] the settings object to define default settings for
+  # @return void
+  def self.initialize_default_settings!(settings)
+    settings.define_settings(:main,
+      :facterng => {
         :default => false,
         :type    => :boolean,
         :desc    => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
           the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
-          This setting is still experimental and has been only included on Windows builds',
+          This setting is still experimental.',
         :hook    => proc do |value|
-                      if value && Puppet::Util::Platform.windows?
-                        begin
-                          require 'facter-ng'
-                        rescue LoadError
-                          raise ArgumentError, 'facter-ng could not be loaded'
-                        end
-                      end
-                    end
-    }
-  )
-
-  define_settings(:main,
+          if value
+            begin
+              original_facter = Object.const_get(:Facter)
+              Object.send(:remove_const, :Facter)
+              require 'facter-ng'
+            rescue LoadError
+              Object.const_set(:Facter, original_facter)
+              raise ArgumentError, 'facter-ng could not be loaded'
+            end
+          end
+        end
+    },
     :confdir  => {
         :default  => nil,
         :type     => :directory,
@@ -121,7 +125,7 @@ module Puppet
     }
   )
 
-  define_settings(:main,
+  settings.define_settings(:main,
     :logdir => {
         :default  => nil,
         :type     => :directory,
@@ -168,8 +172,8 @@ module Puppet
         valid   = %w[deprecations undefined_variables undefined_resources]
         invalid = values - (values & valid)
         if not invalid.empty?
-          raise ArgumentError, _("Cannot disable unrecognized warning types %{invalid}.") % { invalid: invalid.inspect } +
-              ' ' + _("Valid values are %{values}.") % { values: valid.inspect}
+          raise ArgumentError, _("Cannot disable unrecognized warning types '%{invalid}'.") % { invalid: invalid.join(',') } +
+              ' ' + _("Valid values are '%{values}'.") % { values: valid.join(', ') }
         end
       end
     },
@@ -225,7 +229,7 @@ module Puppet
     }
   )
 
-  define_settings(:main,
+  settings.define_settings(:main,
     :priority => {
       :default => nil,
       :type    => :priority,
@@ -263,6 +267,13 @@ module Puppet
         major releases of Puppet. Should be used with caution, as in development
         features are experimental and can have unexpected effects."
     },
+    :versioned_environment_dirs => {
+      :default => false,
+      :type => :boolean,
+      :desc => "Whether or not to look for versioned environment directories,
+      symlinked from `$environmentpath/<environment>`. This is an experimental
+      feature and should be used with caution."
+    },
     :static_catalogs => {
       :default    => true,
       :type       => :boolean,
@@ -541,12 +552,12 @@ module Puppet
     :hiera_config => {
       :default => lambda do
         config = nil
-        codedir = Puppet.settings[:codedir]
+        codedir = settings[:codedir]
         if codedir.is_a?(String)
           config = File.expand_path(File.join(codedir, 'hiera.yaml'))
           config = nil unless Puppet::FileSystem.exist?(config)
         end
-        config = File.expand_path(File.join(Puppet.settings[:confdir], 'hiera.yaml')) if config.nil?
+        config = File.expand_path(File.join(settings[:confdir], 'hiera.yaml')) if config.nil?
         config
       end,
       :desc    => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet master every time you edit it.",
@@ -610,7 +621,7 @@ module Puppet
     :http_proxy_password =>{
       :default    => "none",
       :hook       => proc do |value|
-        if Puppet.settings[:http_proxy_password] =~ /[@!# \/]/
+        if settings[:http_proxy_password] =~ /[@!# \/]/
           raise "Passwords set in the http_proxy_password setting must be valid as part of a URL, and any reserved characters must be URL-encoded. We received: #{value}"
         end
       end,
@@ -754,7 +765,7 @@ API to expire the cache as needed
     }
   )
 
-  Puppet.define_settings(:module_tool,
+  settings.define_settings(:module_tool,
     :module_repository  => {
       :default  => 'https://forgeapi.puppet.com',
       :desc     => "The module repository",
@@ -773,7 +784,7 @@ API to expire the cache as needed
     }
   )
 
-    Puppet.define_settings(
+    settings.define_settings(
     :main,
 
     # We have to downcase the fqdn, because the current ssl stuff (as opposed to in master) doesn't have good facilities for
@@ -854,13 +865,17 @@ This is useful for embedding a pre-shared key for autosigning policy executables
 ("challenge password") OID.
 
 Extension requests will be permanently embedded in the final certificate.
-Extension OIDs must be in the "ppRegCertExt" (`1.3.6.1.4.1.34380.1.1`) or
-"ppPrivCertExt" (`1.3.6.1.4.1.34380.1.2`) OID arcs. The ppRegCertExt arc is
+Extension OIDs must be in the "ppRegCertExt" (`1.3.6.1.4.1.34380.1.1`),
+"ppPrivCertExt" (`1.3.6.1.4.1.34380.1.2`), or
+"ppAuthCertExt" (`1.3.6.1.4.1.34380.1.3`) OID arcs. The ppRegCertExt arc is
 reserved for four of the most common pieces of data to embed: `pp_uuid` (`.1`),
 `pp_instance_id` (`.2`), `pp_image_name` (`.3`), and `pp_preshared_key` (`.4`)
 --- in the YAML file, these can be referred to by their short descriptive names
 instead of their full OID. The ppPrivCertExt arc is unregulated, and can be used
-for site-specific extensions.
+for site-specific extensions. The ppAuthCert arc is reserved for two pieces of
+data to embed: `pp_authorization` (`.1`) and `pp_auth_role` (`.13`). As with
+ppRegCertExt, in the YAML file, these can be referred to by their short
+descriptive name instead of their full OID.
 EOT
     },
     :certdir => {
@@ -1080,7 +1095,7 @@ EOT
     }
   )
 
-    define_settings(
+    settings.define_settings(
     :ca,
     :ca_name => {
       :default => "Puppet CA: $certname",
@@ -1198,7 +1213,7 @@ EOT
 
   # Define the config default.
 
-    define_settings(:application,
+    settings.define_settings(:application,
       :config_file_name => {
           :type     => :string,
           :default  => Puppet::Settings.default_config_file_name,
@@ -1223,7 +1238,7 @@ EOT
       },
   )
 
-  define_settings(:environment,
+  settings.define_settings(:environment,
     :manifest => {
       :default    => nil,
       :type       => :file_or_directory,
@@ -1266,7 +1281,7 @@ EOT
     }
   )
 
-  define_settings(:master,
+  settings.define_settings(:master,
     :user => {
       :default    => "puppet",
       :desc       => "The user Puppet Server will run as. Used to ensure
@@ -1323,13 +1338,23 @@ EOT
       overridden by more specific settings (see `ca_port`, `report_port`).",
     },
     :node_name => {
-      :default    => "cert",
+      :default    => 'cert',
+      :type       => :enum,
+      :values     => ['cert', 'facter'],
+      :deprecated => :completely,
+      :hook       => proc { |val|
+        if val != 'cert'
+          Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
+        end
+      },
       :desc       => "How the puppet master determines the client's identity
       and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
       in particular for determining which 'node' statement applies to the client.
       Possible values are 'cert' (use the subject's CN in the client's
       certificate) and 'facter' (use the hostname that the client
-      reported in its facts)",
+      reported in its facts).
+
+      This setting is deprecated, please use explicit fact matching for classification.",
     },
     :bucketdir => {
       :default => "$vardir/bucket",
@@ -1452,14 +1477,23 @@ EOT
       :desc       => "Where the fileserver configuration is stored.",
     },
     :strict_hostname_checking => {
-      :default    => false,
+      :default    => true,
+      :type       => :boolean,
       :desc       => "Whether to only search for the complete
-            hostname as it is in the certificate when searching for node information
-            in the catalogs.",
+        hostname as it is in the certificate when searching for node information
+        in the catalogs or to match dot delimited segments of the cert's certname
+        and the hostname, fqdn, and/or domain facts.
+
+        This setting is deprecated and will be removed in a future release.",
+      :hook => proc { |val|
+        if val != true
+          Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
+        end
+      }
     }
   )
 
-  define_settings(:device,
+  settings.define_settings(:device,
     :devicedir =>  {
         :default  => "$vardir/devices",
         :type     => :directory,
@@ -1474,7 +1508,7 @@ EOT
     }
   )
 
-  define_settings(:agent,
+  settings.define_settings(:agent,
     :node_name_value => {
       :default => "$certname",
       :desc => "The explicit value used for the node name for all requests the agent
@@ -1827,7 +1861,7 @@ EOT
 
   # Plugin information.
 
-  define_settings(
+  settings.define_settings(
     :main,
     :plugindest => {
       :type       => :directory,
@@ -1870,7 +1904,7 @@ EOT
 
   # Central fact information.
 
-    define_settings(
+    settings.define_settings(
     :main,
     :factpath => {
       :type     => :path,
@@ -1887,7 +1921,7 @@ EOT
     }
   )
 
-  define_settings(
+  settings.define_settings(
     :transaction,
     :tags => {
       :default    => "",
@@ -1915,7 +1949,7 @@ EOT
     }
   )
 
-    define_settings(
+    settings.define_settings(
     :main,
     :external_nodes => {
         :default  => "none",
@@ -1940,7 +1974,7 @@ EOT
     }
     )
 
-        define_settings(
+        settings.define_settings(
         :ldap,
     :ldapssl => {
       :default  => false,
@@ -2009,7 +2043,7 @@ EOT
     }
   )
 
-  define_settings(:master,
+  settings.define_settings(:master,
     :storeconfigs => {
       :default  => false,
       :type     => :boolean,
@@ -2027,7 +2061,7 @@ EOT
         require 'puppet/node/facts'
         if value
           Puppet::Resource::Catalog.indirection.set_global_setting(:cache_class, :store_configs)
-          Puppet.settings.override_default(:catalog_cache_terminus, :store_configs)
+          settings.override_default(:catalog_cache_terminus, :store_configs)
           Puppet::Node::Facts.indirection.set_global_setting(:cache_class, :store_configs)
           Puppet::Resource.indirection.set_global_setting(:terminus_class, :store_configs)
         end
@@ -2042,7 +2076,7 @@ EOT
     }
   )
 
-  define_settings(:parser,
+  settings.define_settings(:parser,
    :max_errors => {
      :default => 10,
      :desc => <<-'EOT'
@@ -2094,7 +2128,7 @@ EOT
     EOT
     }
   )
-  define_settings(:puppetdoc,
+  settings.define_settings(:puppetdoc,
     :document_all => {
         :default  => false,
         :type     => :boolean,
@@ -2103,7 +2137,7 @@ EOT
     }
   )
 
-  define_settings(
+  settings.define_settings(
     :main,
     :rich_data => {
       :default  => true,
@@ -2120,5 +2154,5 @@ EOT
       EOT
     }
   )
-
+  end
 end