RubyGems - puppet - Versions diffs - 6.12.0 → 6.13.0 - Mend

puppet 6.12.0 → 6.13.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (144) hide show

checksums.yaml +4 -4
data/Gemfile.lock +12 -12
data/README.md +1 -1
data/ext/project_data.yaml +1 -1
data/lib/puppet.rb +22 -7
data/lib/puppet/application/resource.rb +1 -1
data/lib/puppet/configurer.rb +8 -13
data/lib/puppet/defaults.rb +83 -49
data/lib/puppet/environments.rb +26 -18
data/lib/puppet/face/facts.rb +8 -5
data/lib/puppet/file_system/memory_file.rb +6 -0
data/lib/puppet/file_system/memory_impl.rb +13 -0
data/lib/puppet/file_system/windows.rb +7 -10
data/lib/puppet/http.rb +2 -0
data/lib/puppet/http/client.rb +30 -0
data/lib/puppet/http/errors.rb +2 -0
data/lib/puppet/http/service.rb +61 -2
data/lib/puppet/http/service/compiler.rb +86 -0
data/lib/puppet/http/service/file_server.rb +85 -0
data/lib/puppet/http/service/report.rb +4 -8
data/lib/puppet/http/session.rb +8 -1
data/lib/puppet/indirector/catalog/compiler.rb +10 -0
data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
data/lib/puppet/indirector/json.rb +1 -1
data/lib/puppet/indirector/msgpack.rb +1 -1
data/lib/puppet/network/http/connection.rb +4 -0
data/lib/puppet/network/http/nocache_pool.rb +1 -0
data/lib/puppet/network/http/pool.rb +5 -1
data/lib/puppet/parser/ast/pops_bridge.rb +6 -11
data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
data/lib/puppet/pops/parser/evaluating_parser.rb +5 -7
data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
data/lib/puppet/pops/types/type_calculator.rb +24 -0
data/lib/puppet/pops/validation/checker4_0.rb +1 -1
data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
data/lib/puppet/provider/aix_object.rb +4 -2
data/lib/puppet/provider/group/aix.rb +1 -0
data/lib/puppet/provider/group/groupadd.rb +52 -24
data/lib/puppet/provider/package/apt.rb +14 -3
data/lib/puppet/provider/package/dnfmodule.rb +9 -2
data/lib/puppet/provider/package/dpkg.rb +14 -7
data/lib/puppet/provider/package/fink.rb +20 -3
data/lib/puppet/provider/package/openbsd.rb +13 -1
data/lib/puppet/provider/package/pkg.rb +18 -5
data/lib/puppet/provider/package/yum.rb +9 -5
data/lib/puppet/provider/user/aix.rb +1 -0
data/lib/puppet/provider/user/directoryservice.rb +30 -5
data/lib/puppet/provider/user/useradd.rb +6 -7
data/lib/puppet/reports/store.rb +1 -1
data/lib/puppet/settings.rb +2 -0
data/lib/puppet/ssl/certificate.rb +2 -1
data/lib/puppet/test/test_helper.rb +4 -0
data/lib/puppet/transaction/resource_harness.rb +1 -1
data/lib/puppet/type/group.rb +2 -2
data/lib/puppet/type/package.rb +63 -9
data/lib/puppet/type/user.rb +2 -2
data/lib/puppet/util/log/destinations.rb +1 -1
data/lib/puppet/util/pidlock.rb +26 -6
data/lib/puppet/util/plist.rb +6 -0
data/lib/puppet/util/storage.rb +0 -1
data/lib/puppet/util/yaml.rb +1 -1
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +127 -115
data/man/man5/puppet.conf.5 +21 -7
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +0 -35
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +0 -37
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +0 -37
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +0 -35
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +0 -33
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +0 -35
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +0 -35
data/spec/integration/configurer_spec.rb +26 -7
data/spec/integration/indirector/facts/facter_spec.rb +4 -0
data/spec/unit/application/apply_spec.rb +2 -12
data/spec/unit/application/resource_spec.rb +2 -2
data/spec/unit/configurer/fact_handler_spec.rb +0 -4
data/spec/unit/configurer_spec.rb +0 -3
data/spec/unit/defaults_spec.rb +1 -1
data/spec/unit/environments_spec.rb +57 -28
data/spec/unit/face/facts_spec.rb +24 -20
data/spec/unit/file_system_spec.rb +16 -2
data/spec/unit/http/client_spec.rb +6 -0
data/spec/unit/http/service/compiler_spec.rb +322 -0
data/spec/unit/http/service/file_server_spec.rb +219 -0
data/spec/unit/http/service/report_spec.rb +8 -1
data/spec/unit/http/service_spec.rb +4 -0
data/spec/unit/http/session_spec.rb +31 -0
data/spec/unit/indirector/catalog/compiler_spec.rb +46 -29
data/spec/unit/network/http/connection_spec.rb +23 -1
data/spec/unit/network/http/nocache_pool_spec.rb +3 -3
data/spec/unit/network/http/pool_spec.rb +32 -0
data/spec/unit/node/facts_spec.rb +2 -1
data/spec/unit/node_spec.rb +7 -4
data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
data/spec/unit/pops/validator/validator_spec.rb +7 -2
data/spec/unit/provider/aix_object_spec.rb +16 -2
data/spec/unit/provider/group/groupadd_spec.rb +167 -56
data/spec/unit/provider/package/apt_spec.rb +13 -2
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +22 -0
data/spec/unit/provider/package/dpkg_spec.rb +28 -6
data/spec/unit/provider/package/openbsd_spec.rb +17 -0
data/spec/unit/provider/package/pkg_spec.rb +15 -1
data/spec/unit/provider/package/yum_spec.rb +50 -0
data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
data/spec/unit/provider/user/useradd_spec.rb +13 -8
data/spec/unit/puppet_pal_2pec.rb +3 -0
data/spec/unit/puppet_pal_catalog_spec.rb +3 -0
data/spec/unit/puppet_spec.rb +14 -0
data/spec/unit/ssl/certificate_spec.rb +7 -0
data/spec/unit/transaction/persistence_spec.rb +1 -10
data/spec/unit/type/package_spec.rb +8 -0
data/spec/unit/type/user_spec.rb +0 -1
data/spec/unit/util/pidlock_spec.rb +38 -16
data/spec/unit/util/plist_spec.rb +20 -0
data/spec/unit/util/storage_spec.rb +1 -8
metadata +10 -4

data/lib/puppet/http/service/report.rb CHANGED Viewed

@@ -1,6 +1,5 @@
 class Puppet::HTTP::Service::Report < Puppet::HTTP::Service
   API = '/puppet/v3'.freeze
-  EXCLUDED_FORMATS = [:yaml, :b64_zlib_yaml, :dot]
   # puppet major version where JSON is enabled by default
   MAJOR_VERSION_JSON_DEFAULT = 5
@@ -12,17 +11,14 @@ class Puppet::HTTP::Service::Report < Puppet::HTTP::Service
   def put_report(name, report, environment:, ssl_context: nil)
     formatter = Puppet::Network::FormatHandler.format_for(Puppet[:preferred_serialization_format])
-    model = Puppet::Transaction::Report
-    network_formats = model.supported_formats - EXCLUDED_FORMATS
-    mime_types = network_formats.map { |f| model.get_format(f).mime }
+    headers = add_puppet_headers('Accept' => get_mime_types(Puppet::Transaction::Report).join(', '))
     response = @client.put(
       with_base_url("/report/#{name}"),
-      headers: add_puppet_headers('ACCEPT' => mime_types.join(', ')),
-      params: { :environment => environment },
+      headers: headers,
+      params: { environment: environment },
       content_type: formatter.mime,
-      body: formatter.render(report),
+      body: serialize(formatter, report),
       ssl_context: ssl_context
     )

data/lib/puppet/http/session.rb CHANGED Viewed

@@ -6,9 +6,16 @@ class Puppet::HTTP::Session
     @resolution_exceptions = []
   end
-  def route_to(name, ssl_context: nil)
+  def route_to(name, url: nil, ssl_context: nil)
     raise ArgumentError, "Unknown service #{name}" unless Puppet::HTTP::Service.valid_name?(name)
+    # short circuit if explicit URL host & port given
+    if url && url.host != nil && !url.host.empty?
+      service = Puppet::HTTP::Service.create_service(@client, name, url.host, url.port)
+      service.connect(ssl_context: ssl_context)
+      return service
+    end
     cached = @resolved_services[name]
     return cached if cached

data/lib/puppet/indirector/catalog/compiler.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+require 'puppet/environments'
 require 'puppet/node'
 require 'puppet/resource/catalog'
 require 'puppet/indirector/code'
@@ -173,6 +174,7 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
   # Initially restricted to files sourced from codedir via puppet:/// uri.
   def inline_metadata(catalog, checksum_type)
     environment_path = Pathname.new File.join(Puppet[:environmentpath], catalog.environment, "")
+    environment_path = Puppet::Environments::Directories.real_path(environment_path)
     list_of_resources = catalog.resources.find_all { |res| res.type == "File" }
     # TODO: get property/parameter defaults if entries are nil in the resource
@@ -393,9 +395,17 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
   # Initialize our server fact hash; we add these to each client, and they
   # won't change while we're running, so it's safe to cache the values.
+  #
+  # See also set_server_facts in Puppet::Server::Compiler in puppetserver.
   def set_server_facts
     @server_facts = {}
+    # Add our server Puppet Enterprise version, if available.
+    pe_version_file = '/opt/puppetlabs/server/pe_version'
+    if File.readable?(pe_version_file) and !File.zero?(pe_version_file)
+      @server_facts['pe_serverversion'] = File.read(pe_version_file).chomp
+    end
     # Add our server version to the fact list
     @server_facts["serverversion"] = Puppet.version.to_s

data/lib/puppet/indirector/file_bucket_file/file.rb CHANGED Viewed

@@ -250,7 +250,7 @@ module Puppet::FileBucketFile
     # @return [void]
     # @api private
     def copy_bucket_file_to_contents_file(contents_file, bucket_file)
-      Puppet::Util.replace_file(contents_file, 0440) do |of|
+      Puppet::FileSystem.replace_file(contents_file, 0440) do |of|
         # PUP-1044 writes all of the contents
         bucket_file.stream() do |src|
           FileUtils.copy_stream(src, of)

data/lib/puppet/indirector/json.rb CHANGED Viewed

@@ -14,7 +14,7 @@ class Puppet::Indirector::JSON < Puppet::Indirector::Terminus
     filename = path(request.key)
     FileUtils.mkdir_p(File.dirname(filename))
-    Puppet::Util.replace_file(filename, 0660) {|f| f.print to_json(request.instance).force_encoding(Encoding::BINARY) }
+    Puppet::FileSystem.replace_file(filename, 0660) {|f| f.print to_json(request.instance).force_encoding(Encoding::BINARY) }
   rescue TypeError => detail
     Puppet.log_exception(detail, _("Could not save %{json} %{request}: %{detail}") % { json: self.name, request: request.key, detail: detail })
   end

data/lib/puppet/indirector/msgpack.rb CHANGED Viewed

@@ -21,7 +21,7 @@ class Puppet::Indirector::Msgpack < Puppet::Indirector::Terminus
     filename = path(request.key)
     FileUtils.mkdir_p(File.dirname(filename))
-    Puppet::Util.replace_file(filename, 0660) {|f| f.print to_msgpack(request.instance) }
+    Puppet::FileSystem.replace_file(filename, 0660) {|f| f.print to_msgpack(request.instance) }
   rescue TypeError => detail
     Puppet.log_exception(detail, _("Could not save %{name} %{request}: %{detail}") % { name: self.name, request: request.key, detail: detail })
   end

data/lib/puppet/network/http/connection.rb CHANGED Viewed

@@ -213,6 +213,10 @@ module Puppet::Network::HTTP
               current_request[header] = value
             end
           when 429, 503
+            if connection.started?
+              Puppet.debug("Closing connection for #{current_site}")
+              connection.finish
+            end
             response = handle_retry_after(current_response)
           else
             response = current_response

data/lib/puppet/network/http/nocache_pool.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class Puppet::Network::HTTP::NoCachePool < Puppet::Network::HTTP::BasePool
     begin
       yield http
     ensure
+      return unless http.started?
       Puppet.debug("Closing connection for #{site}")
       http.finish
     end

data/lib/puppet/network/http/pool.rb CHANGED Viewed

@@ -33,7 +33,7 @@ class Puppet::Network::HTTP::Pool < Puppet::Network::HTTP::BasePool
       reuse = false
       raise detail
     ensure
-      if reuse
+      if reuse && http.started?
         release(site, verifier, http)
       else
         close_connection(site, http)
@@ -56,13 +56,17 @@ class Puppet::Network::HTTP::Pool < Puppet::Network::HTTP::BasePool
   end
   # Safely close a persistent connection.
+  # Don't try to close a connection that's already closed.
   #
   # @api private
   def close_connection(site, http)
+    return false unless http.started?
     Puppet.debug("Closing connection for #{site}")
     http.finish
+    true
   rescue => detail
     Puppet.log_exception(detail, _("Failed to close connection for %{site}: %{detail}") % { site: site, detail: detail })
+    nil
   end
   # Borrow and take ownership of a persistent connection. If a new

data/lib/puppet/parser/ast/pops_bridge.rb CHANGED Viewed

@@ -13,12 +13,6 @@ class Puppet::Parser::AST::PopsBridge
   # expression.
   #
   class Expression < Puppet::Parser::AST::Leaf
-    def initialize args
-      super
-      @@evaluator ||= Puppet::Pops::Parser::EvaluatingParser.new()
-    end
     def to_s
       Puppet::Pops::Model::ModelTreeDumper.new.dump(@value)
     end
@@ -29,8 +23,9 @@ class Puppet::Parser::AST::PopsBridge
     end
     def evaluate(scope)
-      object = @@evaluator.evaluate(scope, @value)
-      @@evaluator.convert_to_3x(object, scope)
+      evaluator = Puppet::Pops::Parser::EvaluatingParser.singleton
+      object = evaluator.evaluate(scope, @value)
+      evaluator.convert_to_3x(object, scope)
     end
     # Adapts to 3x where top level constructs needs to have each to iterate over children. Short circuit this
@@ -87,7 +82,6 @@ class Puppet::Parser::AST::PopsBridge
       @program_model = program_model
       @context = context
       @ast_transformer ||= Puppet::Pops::Model::AstTransformer.new(@context[:file])
-      @@evaluator ||= Puppet::Pops::Parser::EvaluatingParser.new()
     end
     # This is the 3x API, the 3x AST searches through all code to find the instructions that can be instantiated.
@@ -122,7 +116,7 @@ class Puppet::Parser::AST::PopsBridge
     end
     def evaluate(scope)
-      @@evaluator.evaluate(scope, program_model)
+      Puppet::Pops::Parser::EvaluatingParser.singleton.evaluate(scope, program_model)
     end
     # Adapts to 3x where top level constructs needs to have each to iterate over children. Short circuit this
@@ -178,8 +172,9 @@ class Puppet::Parser::AST::PopsBridge
       #
       scope = obtain_scope
       if scope
+        evaluator = Puppet::Pops::Parser::EvaluatingParser.singleton
         typed_parameters.each do |p|
-          result[p.name] =  @@evaluator.evaluate(scope, p.type_expr)
+          result[p.name] = evaluator.evaluate(scope, p.type_expr)
         end
       end
       result

data/lib/puppet/pops/evaluator/access_operator.rb CHANGED Viewed

@@ -20,14 +20,14 @@ class AccessOperator
     @semantic = access_expression
   end
-  def access (o, scope, *keys)
+  def access(o, scope, *keys)
     @@access_visitor.visit_this_2(self, o, scope, keys)
   end
   protected
   def access_Object(o, scope, keys)
-    type = Puppet::Pops::Types::TypeCalculator.infer(o)
+    type = Puppet::Pops::Types::TypeCalculator.infer_callable_methods_t(o)
     if type.is_a?(Puppet::Pops::Types::TypeWithMembers)
       access_func = type['[]']
       return access_func.invoke(o, scope, keys) unless access_func.nil?

data/lib/puppet/pops/evaluator/evaluator_impl.rb CHANGED Viewed

@@ -959,7 +959,7 @@ class EvaluatorImpl
     name = name.value # the string function name
     obj = receiver[0]
-    receiver_type = Types::TypeCalculator.infer(obj)
+    receiver_type = Types::TypeCalculator.infer_callable_methods_t(obj)
     if receiver_type.is_a?(Types::TypeWithMembers)
       member = receiver_type[name]
       unless member.nil?

data/lib/puppet/pops/loader/puppet_plan_instantiator.rb CHANGED Viewed

@@ -19,8 +19,17 @@ class PuppetPlanInstantiator
     # parse and validate
     result = parser.parse_string(pp_code_string, source_ref)
-    # Only one function is allowed (and no other definitions)
-    case result.definitions.size
+    # The parser attaches all definitions, including those nested in apply
+    # blocks, to the Program object. Node definitions in apply blocks are
+    # perfectly legal and don't count as the file containing multiple
+    # definitions for this purpose. By this point, we've already validated that
+    # there are no node definitions *outside* apply blocks, so we simply ignore
+    # them here.
+    definitions = result.definitions.reject { |definition| definition.is_a?(Puppet::Pops::Model::NodeDefinition) }
+    # Only one plan is allowed (and no other definitions)
+    case definitions.size
     when 0
       raise ArgumentError, _("The code loaded from %{source_ref} does not define the plan '%{plan_name}' - it is empty.") % { source_ref: source_ref, plan_name: typed_name.name }
     when 1
@@ -28,7 +37,7 @@ class PuppetPlanInstantiator
     else
       raise ArgumentError, _("The code loaded from %{source_ref} must contain only the plan '%{plan_name}' - it has additional definitions.") % { source_ref: source_ref, plan_name: typed_name.name }
     end
-    the_plan_definition = result.definitions[0]
+    the_plan_definition = definitions[0]
     unless the_plan_definition.is_a?(Model::PlanDefinition)
       raise ArgumentError, _("The code loaded from %{source_ref} does not define the plan '%{plan_name}' - no plan found.") % { source_ref: source_ref, plan_name: typed_name.name }

data/lib/puppet/pops/parser/evaluating_parser.rb CHANGED Viewed

@@ -15,7 +15,6 @@ class EvaluatingParser
   end
   def parse_string(s, file_source = nil)
-    @file_source = file_source
     clear()
     # Handling of syntax error can be much improved (in general), now it bails out of the parser
     # and does not have as rich information (when parsing a string), need to update it with the file source
@@ -24,20 +23,19 @@ class EvaluatingParser
     # Also a possible improvement (if the YAML parser returns positions) is to provide correct output of position.
     #
     begin
-      assert_and_report(parser.parse_string(s, file_source)).model
+      assert_and_report(parser.parse_string(s, file_source), file_source).model
     rescue Puppet::ParseErrorWithIssue => e
       raise e
     rescue Puppet::ParseError => e
       # TODO: This is not quite right, why does not the exception have the correct file?
-      e.file = @file_source unless e.file.is_a?(String) && !e.file.empty?
+      e.file = file_source unless e.file.is_a?(String) && !e.file.empty?
       raise e
     end
   end
   def parse_file(file)
-    @file_source = file
     clear()
-    assert_and_report(parser.parse_file(file)).model
+    assert_and_report(parser.parse_file(file), file).model
   end
   def evaluate_string(scope, s, file_source = nil)
@@ -96,10 +94,10 @@ class EvaluatingParser
     Validation::ValidatorFactory_4_0.new().validator(acceptor)
   end
-  def assert_and_report(parse_result)
+  def assert_and_report(parse_result, file_source)
     return nil unless parse_result
     if parse_result['source_ref'].nil? || parse_result['source_ref'] == ''
-      parse_result['source_ref'] = @file_source
+      parse_result['source_ref'] = file_source
     end
     validation_result = validate(parse_result.model)

data/lib/puppet/pops/types/p_object_type_extension.rb CHANGED Viewed

@@ -153,6 +153,16 @@ class PObjectTypeExtension < PAnyType
     @base_type.simple_name
   end
+  # @api private
+  def implementation_class(create = true)
+    @base_type.implementation_class(create)
+  end
+  # @api private
+  def parameter_info(impl_class)
+    @base_type.parameter_info(impl_class)
+  end
   protected
   # Checks that the given `param_values` hash contains all keys present in the `parameters` of

data/lib/puppet/pops/types/type_calculator.rb CHANGED Viewed

@@ -123,6 +123,30 @@ class TypeCalculator
     singleton.infer(o)
   end
+  # Infers a type if given object may have callable members, else returns nil.
+  # Caller must check for nil or if returned type supports members.
+  # This is a much cheaper call than doing a call to the general infer(o) method.
+  #
+  # @api private
+  def self.infer_callable_methods_t(o)
+    # If being a value that cannot have Pcore based methods callable from Puppet Language
+    if (o.is_a?(String) ||
+      o.is_a?(Numeric) ||
+      o.is_a?(TrueClass) ||
+      o.is_a?(FalseClass) ||
+      o.is_a?(Regexp) ||
+      o.instance_of?(Array) ||
+      o.instance_of?(Hash) ||
+      Types::PUndefType::DEFAULT.instance?(o)
+      )
+      return nil
+    end
+    # For other objects (e.g. PObjectType instances, and runtime types) full inference needed, since that will
+    # cover looking into the runtime type registry.
+    #
+    infer(o)
+  end
   # @api public
   def self.generalize(o)
     singleton.generalize(o)

data/lib/puppet/pops/validation/checker4_0.rb CHANGED Viewed

@@ -93,7 +93,7 @@ class Checker4_0 < Evaluator::LiteralEvaluator
     o = container(idx)
     idx -= 1
     case o
-    when NilClass, Model::HostClassDefinition, Model::Program
+    when NilClass, Model::ApplyExpression, Model::HostClassDefinition, Model::Program
       # ok, stop scanning parents
     when Model::BlockExpression
       c = container(idx)

data/lib/puppet/pops/validation/tasks_checker.rb CHANGED Viewed

@@ -40,7 +40,11 @@ class TasksChecker < Checker4_0
   end
   def check_NodeDefinition(o)
-    illegalTasksExpression(o)
+    if in_ApplyExpression?
+      super(o)
+    else
+      illegalTasksExpression(o)
+    end
   end
   def check_RelationshipExpression(o)

data/lib/puppet/provider/aix_object.rb CHANGED Viewed

@@ -330,8 +330,10 @@ class Puppet::Provider::AixObject < Puppet::Provider
   end
   def ia_module_args
-    return [] unless @resource[:ia_load_module]
-    ["-R", @resource[:ia_load_module].to_s]
+    raise ArgumentError, _("Cannot have both 'forcelocal' and 'ia_load_module' at the same time!") if @resource[:ia_load_module] && @resource[:forcelocal]
+    return ["-R", @resource[:ia_load_module].to_s] if @resource[:ia_load_module]
+    return ["-R", "files"] if @resource[:forcelocal]
+    []
   end
   def lscmd

data/lib/puppet/provider/group/aix.rb CHANGED Viewed

@@ -18,6 +18,7 @@ Puppet::Type.type(:group).provide :aix, :parent => Puppet::Provider::AixObject d
   # Provider features
   has_features :manages_aix_lam
   has_features :manages_members
+  has_features :manages_local_users_and_groups
   class << self
     # Used by the AIX user provider. Returns a hash of:

data/lib/puppet/provider/group/groupadd.rb CHANGED Viewed

@@ -2,9 +2,7 @@ require 'puppet/provider/nameservice/objectadd'
 require 'puppet/util/libuser'
 Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameService::ObjectAdd do
-  desc "Group management via `groupadd` and its ilk. The default for most platforms.
-  "
+  desc "Group management via `groupadd` and its ilk. The default for most platforms."
   commands :add => "groupadd", :delete => "groupdel", :modify => "groupmod"
@@ -16,7 +14,9 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
   optional_commands :localadd => "lgroupadd", :localdelete => "lgroupdel", :localmodify => "lgroupmod"
-  has_feature :libuser if Puppet.features.libuser?
+  has_feature :manages_local_users_and_groups, :manages_members if Puppet.features.libuser?
+  options :members, :flag => '-M', :method => :mem
   def exists?
     return !!localgid if @resource.forcelocal?
@@ -28,25 +28,9 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
     get(:gid)
   end
-  def findgroup(key, value)
-    group_file = "/etc/group"
-    group_keys = ['group_name', 'password', 'gid', 'user_list']
-    index = group_keys.index(key)
-    File.open(group_file) do |f|
-      f.each_line do |line|
-         group = line.split(":")
-         if group[index] == value
-             f.close
-             return group
-         end
-      end
-    end
-    false
-  end
   def localgid
-    group = findgroup('group_name', resource[:name])
-    return group[2] if group
+    group = findgroup(:group_name, resource[:name])
+    return group[:gid] if group
     false
   end
@@ -56,7 +40,7 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
     # to ensure consistent behaviour of the useradd provider when
     # using both useradd and luseradd
     if not @resource.allowdupe? and @resource.forcelocal?
-       if @resource.should(:gid) and findgroup('gid', @resource.should(:gid).to_s)
+       if @resource.should(:gid) and findgroup(:gid, @resource.should(:gid).to_s)
            raise(Puppet::Error, _("GID %{resource} already exists, use allowdupe to force group creation") % { resource: @resource.should(:gid).to_s })
        end
     elsif @resource.allowdupe? and not @resource.forcelocal?
@@ -65,6 +49,11 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
     []
   end
+  def create
+    super
+    set(:members, @resource[:members]) if @resource[:members]
+  end
   def addcmd
     if @resource.forcelocal?
       cmd = [command(:localadd)]
@@ -86,12 +75,18 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
   end
   def modifycmd(param, value)
-    if @resource.forcelocal?
+    if @resource.forcelocal? || @resource[:members]
       cmd = [command(:localmodify)]
       @custom_environment = Puppet::Util::Libuser.getenv
     else
       cmd = [command(:modify)]
     end
+    if param == :members
+      value = members_to_s(value)
+      purge_members if @resource[:auth_membership] && !members.empty?
+    end
     cmd << flag(param) << value
     # TODO the group type only really manages gid, so there are currently no
     # tests for this behavior
@@ -109,4 +104,37 @@ Puppet::Type.type(:group).provide :groupadd, :parent => Puppet::Provider::NameSe
       [command(:delete), @resource[:name]]
     end
   end
+  def members_insync?(current, should)
+    current.uniq.sort == @resource.parameter(:members).actual_should(current, should)
+  end
+  def members_to_s(current)
+    return '' if current.nil? || !current.kind_of?(Array)
+    current.join(',')
+  end
+  def purge_members
+    localmodify('-m', members_to_s(members), @resource.name)
+  end
+  def member_valid?(user)
+    !!Etc.getpwnam(user)
+  end
+  private
+  def findgroup(key, value)
+    group_file = "/etc/group"
+    group_keys = [:group_name, :password, :gid, :user_list]
+    index = group_keys.index(key)
+    @group_content ||= File.read(group_file)
+    @group_content.each_line do |line|
+      group = line.split(":")
+      if group[index] == value
+        return Hash[group_keys.zip(group)]
+      end
+    end
+    false
+  end
 end