RubyGems - puppet - Versions diffs - 6.13.0-x64-mingw32 → 6.18.0-x64-mingw32 - Mend

puppet 6.13.0-x64-mingw32 → 6.18.0-x64-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (461) hide show

checksums.yaml +4 -4
data/CODEOWNERS +2 -7
data/CONTRIBUTING.md +7 -13
data/Gemfile +4 -2
data/Gemfile.lock +36 -32
data/README.md +17 -24
data/ext/windows/service/daemon.rb +3 -3
data/lib/puppet.rb +33 -9
data/lib/puppet/agent.rb +20 -14
data/lib/puppet/application/agent.rb +26 -17
data/lib/puppet/application/apply.rb +18 -20
data/lib/puppet/application/describe.rb +7 -5
data/lib/puppet/application/device.rb +2 -2
data/lib/puppet/application/filebucket.rb +19 -15
data/lib/puppet/application/lookup.rb +16 -4
data/lib/puppet/application/plugin.rb +1 -0
data/lib/puppet/application/ssl.rb +4 -4
data/lib/puppet/configurer.rb +58 -57
data/lib/puppet/configurer/downloader.rb +31 -10
data/lib/puppet/configurer/plugin_handler.rb +10 -1
data/lib/puppet/confine.rb +2 -2
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/context/trusted_information.rb +14 -8
data/lib/puppet/daemon.rb +13 -27
data/lib/puppet/defaults.rb +92 -12
data/lib/puppet/environments.rb +4 -5
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/help.rb +29 -3
data/lib/puppet/face/module/search.rb +5 -0
data/lib/puppet/face/plugin.rb +2 -2
data/lib/puppet/feature/base.rb +1 -1
data/lib/puppet/file_serving/http_metadata.rb +14 -2
data/lib/puppet/file_serving/metadata.rb +4 -1
data/lib/puppet/file_serving/mount/locales.rb +1 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
data/lib/puppet/file_serving/mount/plugins.rb +1 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +17 -13
data/lib/puppet/file_system/uniquefile.rb +12 -16
data/lib/puppet/forge.rb +1 -1
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/repository.rb +4 -7
data/lib/puppet/functions/call.rb +1 -1
data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
data/lib/puppet/functions/filter.rb +1 -0
data/lib/puppet/functions/lstrip.rb +4 -4
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/functions/reverse_each.rb +1 -1
data/lib/puppet/functions/rstrip.rb +4 -4
data/lib/puppet/functions/step.rb +1 -1
data/lib/puppet/functions/strip.rb +4 -4
data/lib/puppet/gettext/config.rb +5 -5
data/lib/puppet/gettext/module_translations.rb +4 -4
data/lib/puppet/http.rb +3 -0
data/lib/puppet/http/client.rb +263 -73
data/lib/puppet/http/external_client.rb +90 -0
data/lib/puppet/http/redirector.rb +43 -7
data/lib/puppet/http/resolver.rb +46 -3
data/lib/puppet/http/resolver/server_list.rb +76 -16
data/lib/puppet/http/resolver/settings.rb +23 -3
data/lib/puppet/http/resolver/srv.rb +29 -3
data/lib/puppet/http/response.rb +87 -1
data/lib/puppet/http/retry_after_handler.rb +39 -0
data/lib/puppet/http/service.rb +97 -12
data/lib/puppet/http/service/ca.rb +76 -14
data/lib/puppet/http/service/compiler.rb +249 -16
data/lib/puppet/http/service/file_server.rb +141 -20
data/lib/puppet/http/service/report.rb +47 -17
data/lib/puppet/http/session.rb +96 -7
data/lib/puppet/indirector.rb +1 -1
data/lib/puppet/indirector/catalog/rest.rb +34 -0
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/facts/facter.rb +3 -3
data/lib/puppet/indirector/facts/rest.rb +42 -0
data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
data/lib/puppet/indirector/file_content/http.rb +5 -0
data/lib/puppet/indirector/file_content/rest.rb +30 -0
data/lib/puppet/indirector/file_metadata/http.rb +28 -8
data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
data/lib/puppet/indirector/hiera.rb +4 -0
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/indirector/node/rest.rb +24 -0
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/report/rest.rb +19 -0
data/lib/puppet/indirector/report/yaml.rb +23 -0
data/lib/puppet/indirector/request.rb +1 -1
data/lib/puppet/indirector/rest.rb +12 -0
data/lib/puppet/indirector/status/rest.rb +18 -0
data/lib/puppet/loaders.rb +6 -0
data/lib/puppet/metatype/manager.rb +80 -80
data/lib/puppet/module.rb +1 -2
data/lib/puppet/network/format_support.rb +2 -2
data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/base_pool.rb +7 -2
data/lib/puppet/network/http/compression.rb +7 -0
data/lib/puppet/network/http/connection.rb +2 -0
data/lib/puppet/network/http/connection_adapter.rb +184 -0
data/lib/puppet/network/http/nocache_pool.rb +1 -0
data/lib/puppet/network/http/pool.rb +8 -5
data/lib/puppet/network/http/route.rb +2 -2
data/lib/puppet/network/http_pool.rb +2 -1
data/lib/puppet/node/environment.rb +22 -5
data/lib/puppet/pal/catalog_compiler.rb +5 -0
data/lib/puppet/pal/pal_impl.rb +30 -31
data/lib/puppet/parameter.rb +1 -1
data/lib/puppet/parser/ast/leaf.rb +5 -5
data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
data/lib/puppet/parser/compiler.rb +43 -33
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +4 -1
data/lib/puppet/parser/functions.rb +18 -9
data/lib/puppet/parser/functions/create_resources.rb +11 -7
data/lib/puppet/parser/functions/filter.rb +1 -0
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/parser/type_loader.rb +2 -2
data/lib/puppet/pops/adaptable.rb +7 -13
data/lib/puppet/pops/adapters.rb +8 -4
data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
data/lib/puppet/pops/loaders.rb +24 -15
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/iterable.rb +34 -8
data/lib/puppet/pops/validation/checker4_0.rb +29 -15
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/provider/file/windows.rb +1 -1
data/lib/puppet/provider/group/groupadd.rb +9 -4
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +98 -1
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +61 -14
data/lib/puppet/provider/package/gem.rb +45 -9
data/lib/puppet/provider/package/pacman.rb +2 -5
data/lib/puppet/provider/package/pip.rb +143 -48
data/lib/puppet/provider/package/pip3.rb +0 -2
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +2 -2
data/lib/puppet/provider/package/puppet_gem.rb +11 -2
data/lib/puppet/provider/package/rpm.rb +6 -213
data/lib/puppet/provider/package/yum.rb +100 -20
data/lib/puppet/provider/package/zypper.rb +62 -1
data/lib/puppet/provider/service/systemd.rb +22 -4
data/lib/puppet/provider/service/windows.rb +23 -7
data/lib/puppet/provider/user/aix.rb +1 -1
data/lib/puppet/provider/user/user_role_add.rb +1 -1
data/lib/puppet/provider/user/useradd.rb +16 -5
data/lib/puppet/provider/user/windows_adsi.rb +18 -1
data/lib/puppet/reports/http.rb +15 -9
data/lib/puppet/resource.rb +2 -1
data/lib/puppet/resource/type.rb +8 -0
data/lib/puppet/resource/type_collection.rb +20 -16
data/lib/puppet/runtime.rb +31 -1
data/lib/puppet/settings.rb +3 -1
data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
data/lib/puppet/ssl.rb +1 -0
data/lib/puppet/ssl/host.rb +4 -4
data/lib/puppet/ssl/oids.rb +1 -0
data/lib/puppet/ssl/ssl_context.rb +2 -2
data/lib/puppet/ssl/ssl_provider.rb +20 -1
data/lib/puppet/ssl/state_machine.rb +81 -35
data/lib/puppet/ssl/validator/default_validator.rb +1 -1
data/lib/puppet/ssl/verifier_adapter.rb +9 -1
data/lib/puppet/test/test_helper.rb +21 -14
data/lib/puppet/transaction.rb +2 -2
data/lib/puppet/transaction/persistence.rb +1 -1
data/lib/puppet/transaction/report.rb +3 -3
data/lib/puppet/trusted_external.rb +29 -1
data/lib/puppet/type.rb +21 -8
data/lib/puppet/type/file.rb +51 -13
data/lib/puppet/type/file/checksum.rb +4 -4
data/lib/puppet/type/file/source.rb +75 -64
data/lib/puppet/type/notify.rb +2 -2
data/lib/puppet/type/package.rb +41 -3
data/lib/puppet/type/service.rb +59 -8
data/lib/puppet/type/user.rb +19 -29
data/lib/puppet/util.rb +41 -3
data/lib/puppet/util/at_fork.rb +1 -1
data/lib/puppet/util/autoload.rb +13 -25
data/lib/puppet/util/character_encoding.rb +9 -5
data/lib/puppet/util/checksums.rb +19 -4
data/lib/puppet/util/execution.rb +2 -2
data/lib/puppet/util/fileparsing.rb +2 -2
data/lib/puppet/util/instance_loader.rb +14 -10
data/lib/puppet/util/log/destinations.rb +1 -10
data/lib/puppet/util/package/version/debian.rb +175 -0
data/lib/puppet/util/package/version/gem.rb +15 -0
data/lib/puppet/util/package/version/pip.rb +167 -0
data/lib/puppet/util/package/version/range.rb +53 -0
data/lib/puppet/util/package/version/range/eq.rb +14 -0
data/lib/puppet/util/package/version/range/gt.rb +14 -0
data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/lt.rb +14 -0
data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/min_max.rb +21 -0
data/lib/puppet/util/package/version/range/simple.rb +11 -0
data/lib/puppet/util/package/version/rpm.rb +73 -0
data/lib/puppet/util/pidlock.rb +13 -7
data/lib/puppet/util/platform.rb +5 -0
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/rpm_compare.rb +193 -0
data/lib/puppet/util/windows.rb +1 -0
data/lib/puppet/util/windows/adsi.rb +2 -2
data/lib/puppet/util/windows/api_types.rb +60 -33
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +15 -14
data/lib/puppet/util/windows/registry.rb +11 -11
data/lib/puppet/util/windows/security.rb +5 -4
data/lib/puppet/util/windows/service.rb +43 -26
data/lib/puppet/util/windows/sid.rb +3 -3
data/lib/puppet/util/windows/user.rb +242 -8
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +641 -511
data/man/man5/puppet.conf.5 +75 -10
data/man/man8/puppet-agent.8 +7 -7
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +2 -2
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +17 -2
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +6 -3
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +2 -2
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +4 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +2 -2
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
data/spec/fixtures/ssl/unknown-ca.pem +59 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -69
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -69
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -65
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -67
data/spec/integration/application/agent_spec.rb +475 -0
data/spec/integration/application/apply_spec.rb +279 -150
data/spec/integration/application/config_spec.rb +74 -0
data/spec/integration/application/doc_spec.rb +16 -6
data/spec/integration/application/filebucket_spec.rb +239 -0
data/spec/integration/application/help_spec.rb +42 -0
data/spec/integration/application/lookup_spec.rb +13 -0
data/spec/integration/application/module_spec.rb +68 -0
data/spec/integration/application/plugin_spec.rb +123 -0
data/spec/integration/data_binding_spec.rb +82 -0
data/spec/integration/defaults_spec.rb +1 -2
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/http/client_spec.rb +47 -37
data/spec/integration/indirector/facts/facter_spec.rb +8 -6
data/spec/integration/indirector/report/yaml.rb +83 -0
data/spec/integration/network/http_pool_spec.rb +93 -20
data/spec/integration/node/environment_spec.rb +15 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/type/file_spec.rb +1 -1
data/spec/integration/util/execution_spec.rb +22 -0
data/spec/integration/util/windows/adsi_spec.rb +6 -1
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
data/spec/integration/util/windows/process_spec.rb +26 -32
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/integration/util/windows/user_spec.rb +47 -5
data/spec/integration/util_spec.rb +7 -33
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/https.rb +16 -7
data/spec/lib/puppet_spec/matchers.rb +0 -80
data/spec/lib/puppet_spec/puppetserver.rb +127 -0
data/spec/shared_contexts/https.rb +29 -0
data/spec/unit/agent_spec.rb +80 -26
data/spec/unit/application/agent_spec.rb +12 -9
data/spec/unit/application/describe_spec.rb +88 -50
data/spec/unit/application/device_spec.rb +2 -2
data/spec/unit/application/face_base_spec.rb +6 -4
data/spec/unit/application/facts_spec.rb +39 -10
data/spec/unit/application/filebucket_spec.rb +22 -2
data/spec/unit/application/man_spec.rb +52 -0
data/spec/unit/application/resource_spec.rb +3 -1
data/spec/unit/application/ssl_spec.rb +15 -2
data/spec/unit/configurer/downloader_spec.rb +10 -0
data/spec/unit/configurer/fact_handler_spec.rb +4 -4
data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
data/spec/unit/configurer_spec.rb +64 -46
data/spec/unit/confine_spec.rb +2 -1
data/spec/unit/context/trusted_information_spec.rb +25 -2
data/spec/unit/daemon_spec.rb +5 -64
data/spec/unit/defaults_spec.rb +24 -1
data/spec/unit/environments_spec.rb +8 -0
data/spec/unit/face/config_spec.rb +3 -1
data/spec/unit/face/module/search_spec.rb +17 -0
data/spec/unit/face/plugin_spec.rb +12 -10
data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
data/spec/unit/file_system/uniquefile_spec.rb +29 -0
data/spec/unit/file_system_spec.rb +10 -0
data/spec/unit/functions/lookup_spec.rb +13 -0
data/spec/unit/http/client_spec.rb +321 -36
data/spec/unit/http/external_client_spec.rb +201 -0
data/spec/unit/http/resolver_spec.rb +34 -3
data/spec/unit/http/response_spec.rb +75 -0
data/spec/unit/http/service/ca_spec.rb +53 -12
data/spec/unit/http/service/compiler_spec.rb +332 -28
data/spec/unit/http/service/file_server_spec.rb +100 -12
data/spec/unit/http/service/report_spec.rb +19 -9
data/spec/unit/http/service_spec.rb +94 -6
data/spec/unit/http/session_spec.rb +159 -8
data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
data/spec/unit/indirector/facts/rest_spec.rb +79 -24
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
data/spec/unit/indirector/node/rest_spec.rb +57 -2
data/spec/unit/indirector/report/rest_spec.rb +58 -51
data/spec/unit/indirector/request_spec.rb +1 -1
data/spec/unit/indirector/resource/ral_spec.rb +7 -8
data/spec/unit/indirector/rest_spec.rb +13 -0
data/spec/unit/indirector/status/rest_spec.rb +43 -2
data/spec/unit/interface_spec.rb +3 -3
data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
data/spec/unit/network/format_support_spec.rb +3 -2
data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
data/spec/unit/network/http/connection_spec.rb +552 -190
data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
data/spec/unit/network/http/pool_spec.rb +59 -13
data/spec/unit/network/http_pool_spec.rb +63 -57
data/spec/unit/network/http_spec.rb +1 -1
data/spec/unit/node/environment_spec.rb +33 -0
data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/parser/scope_spec.rb +1 -1
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
data/spec/unit/pops/loaders/loaders_spec.rb +71 -1
data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
data/spec/unit/provider/group/groupadd_spec.rb +22 -8
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +107 -0
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +54 -15
data/spec/unit/provider/package/gem_spec.rb +40 -0
data/spec/unit/provider/package/pacman_spec.rb +6 -21
data/spec/unit/provider/package/pip_spec.rb +68 -19
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +38 -0
data/spec/unit/provider/package/portage_spec.rb +5 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +12 -1
data/spec/unit/provider/package/rpm_spec.rb +0 -212
data/spec/unit/provider/package/yum_spec.rb +243 -1
data/spec/unit/provider/package/zypper_spec.rb +98 -0
data/spec/unit/provider/service/init_spec.rb +42 -0
data/spec/unit/provider/service/openbsd_spec.rb +9 -0
data/spec/unit/provider/service/openwrt_spec.rb +1 -0
data/spec/unit/provider/service/redhat_spec.rb +9 -0
data/spec/unit/provider/service/systemd_spec.rb +93 -18
data/spec/unit/provider/service/windows_spec.rb +50 -14
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/useradd_spec.rb +30 -16
data/spec/unit/provider/user/windows_adsi_spec.rb +85 -3
data/spec/unit/puppet_pal_2pec.rb +11 -0
data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
data/spec/unit/puppet_spec.rb +33 -0
data/spec/unit/reports/http_spec.rb +70 -52
data/spec/unit/reports/store_spec.rb +17 -13
data/spec/unit/resource_spec.rb +3 -3
data/spec/unit/settings/autosign_setting_spec.rb +1 -1
data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
data/spec/unit/ssl/host_spec.rb +4 -2
data/spec/unit/ssl/oids_spec.rb +1 -0
data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
data/spec/unit/ssl/state_machine_spec.rb +99 -13
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/persistence_spec.rb +15 -0
data/spec/unit/transaction/report_spec.rb +5 -1
data/spec/unit/transaction_spec.rb +0 -2
data/spec/unit/type/file/ensure_spec.rb +1 -2
data/spec/unit/type/file/source_spec.rb +89 -38
data/spec/unit/type/file_spec.rb +122 -96
data/spec/unit/type/service_spec.rb +218 -8
data/spec/unit/type/user_spec.rb +32 -3
data/spec/unit/type_spec.rb +50 -0
data/spec/unit/util/at_fork_spec.rb +3 -2
data/spec/unit/util/autoload_spec.rb +2 -1
data/spec/unit/util/character_encoding_spec.rb +4 -4
data/spec/unit/util/checksums_spec.rb +16 -0
data/spec/unit/util/command_line_spec.rb +11 -6
data/spec/unit/util/log/destinations_spec.rb +1 -29
data/spec/unit/util/package/version/debian_spec.rb +83 -0
data/spec/unit/util/package/version/pip_spec.rb +464 -0
data/spec/unit/util/package/version/range_spec.rb +175 -0
data/spec/unit/util/package/version/rpm_spec.rb +121 -0
data/spec/unit/util/pidlock_spec.rb +102 -54
data/spec/unit/util/rpm_compare_spec.rb +196 -0
data/spec/unit/util/windows/adsi_spec.rb +4 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +4 -4
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/spec/unit/util_spec.rb +3 -3
data/spec/unit/x509/cert_provider_spec.rb +1 -1
data/tasks/generate_cert_fixtures.rake +15 -1
data/tasks/manpages.rake +5 -35
metadata +84 -52
data/COMMITTERS.md +0 -244
data/spec/integration/faces/config_spec.rb +0 -91
data/spec/integration/faces/documentation_spec.rb +0 -57
data/spec/integration/faces/plugin_spec.rb +0 -61
data/spec/integration/file_bucket/file_spec.rb +0 -50
data/spec/integration/file_serving/content_spec.rb +0 -7
data/spec/integration/file_serving/fileset_spec.rb +0 -12
data/spec/integration/file_serving/metadata_spec.rb +0 -8
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
data/spec/integration/file_system/uniquefile_spec.rb +0 -26
data/spec/integration/module_tool/forge_spec.rb +0 -64
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/provider/service/init_spec.rb +0 -48
data/spec/integration/provider/service/systemd_spec.rb +0 -25
data/spec/integration/provider/service/windows_spec.rb +0 -50
data/spec/integration/reference/providers_spec.rb +0 -21
data/spec/integration/reports_spec.rb +0 -13
data/spec/integration/ssl/certificate_request_spec.rb +0 -44
data/spec/integration/ssl/host_spec.rb +0 -72
data/spec/integration/ssl/key_spec.rb +0 -99
data/spec/integration/test/test_helper_spec.rb +0 -31
data/spec/shared_behaviours/file_serving_model.rb +0 -51
data/spec/unit/face/man_spec.rb +0 -25
data/spec/unit/man_spec.rb +0 -31

data/spec/unit/reports/store_spec.rb CHANGED

@@ -6,53 +6,57 @@ require 'pathname'
 require 'tempfile'
 require 'fileutils'
-processor = Puppet::Reports.report(:store)
-describe processor do
+describe Puppet::Reports.report(:store) do
   describe "#process" do
     include PuppetSpec::Files
     before :each do
       Puppet[:reportdir] = File.join(tmpdir('reports'), 'reports')
-      @report = YAML.load_file(File.join(PuppetSpec::FIXTURE_DIR, 'yaml/report2.6.x.yaml')).extend processor
+    end
+    let(:report) do
+      report = YAML.load_file(File.join(PuppetSpec::FIXTURE_DIR, 'yaml/report2.6.x.yaml'))
+      report.extend(described_class)
+      report
     end
     it "should create a report directory for the client if one doesn't exist" do
-      @report.process
+      report.process
-      expect(File).to be_directory(File.join(Puppet[:reportdir], @report.host))
+      expect(File).to be_directory(File.join(Puppet[:reportdir], report.host))
     end
     it "should write the report to the file in YAML" do
       allow(Time).to receive(:now).and_return(Time.utc(2011,01,06,12,00,00))
-      @report.process
+      report.process
-      expect(File.read(File.join(Puppet[:reportdir], @report.host, "201101061200.yaml"))).to eq(@report.to_yaml)
+      expect(File.read(File.join(Puppet[:reportdir], report.host, "201101061200.yaml"))).to eq(report.to_yaml)
     end
     it "rejects invalid hostnames" do
-      @report.host = ".."
+      report.host = ".."
       expect(Puppet::FileSystem).not_to receive(:exist?)
-      expect { @report.process }.to raise_error(ArgumentError, /Invalid node/)
+      expect { report.process }.to raise_error(ArgumentError, /Invalid node/)
     end
   end
   describe "::destroy" do
     it "rejects invalid hostnames" do
       expect(Puppet::FileSystem).not_to receive(:unlink)
-      expect { processor.destroy("..") }.to raise_error(ArgumentError, /Invalid node/)
+      expect { described_class.destroy("..") }.to raise_error(ArgumentError, /Invalid node/)
     end
   end
   describe "::validate_host" do
     ['..', 'hello/', '/hello', 'he/llo', 'hello/..', '.'].each do |node|
       it "rejects #{node.inspect}" do
-        expect { processor.validate_host(node) }.to raise_error(ArgumentError, /Invalid node/)
+        expect { described_class.validate_host(node) }.to raise_error(ArgumentError, /Invalid node/)
       end
     end
     ['.hello', 'hello.', '..hi', 'hi..'].each do |node|
       it "accepts #{node.inspect}" do
-        processor.validate_host(node)
+        described_class.validate_host(node)
       end
     end
   end

data/spec/unit/resource_spec.rb CHANGED

@@ -283,7 +283,7 @@ describe Puppet::Resource do
     let(:scope)    { Puppet::Parser::Scope.new(compiler) }
     def ast_leaf(value)
-      Puppet::Parser::AST::Leaf.new({:value => value})
+      Puppet::Parser::AST::Leaf.new(value: value)
     end
     it "should fail when asked to set default values and it is not a parser resource" do
@@ -389,7 +389,7 @@ describe Puppet::Resource do
         context "when a value is provided" do
           let(:port_parameter) do
             Puppet::Parser::Resource::Param.new(
-              { :name => 'port', :value => '8080' }
+              name: 'port', value: '8080'
             )
           end
@@ -414,7 +414,7 @@ describe Puppet::Resource do
             expect_lookup('apache::port', returns: '443')
             rs = Puppet::Parser::Resource.new("class", "apache", :scope => scope,
-              :parameters => [Puppet::Parser::Resource::Param.new({ :name => 'port', :value => nil })])
+              :parameters => [Puppet::Parser::Resource::Param.new(name: 'port', value: nil)])
             rs.resource_type.set_resource_parameters(rs, scope)
             expect(rs[:port]).to eq('443')

data/spec/unit/settings/autosign_setting_spec.rb CHANGED

@@ -2,7 +2,6 @@ require 'spec_helper'
 require 'puppet/settings'
 require 'puppet/settings/autosign_setting'
-require 'puppet/type/file'
 describe Puppet::Settings::AutosignSetting do
   let(:settings) do
@@ -75,6 +74,7 @@ describe Puppet::Settings::AutosignSetting do
     it "converts the file path to a file resource", :if => !Puppet::Util::Platform.windows? do
       path = File.expand_path('/path/to/autosign.conf')
       allow(settings).to receive(:value).with('autosign', nil, false).and_return(path)
+      allow(Puppet::FileSystem).to receive(:exist?).and_call_original
       allow(Puppet::FileSystem).to receive(:exist?).with(path).and_return(true)
       expect(Puppet.features).to receive(:root?).and_return(true)

data/spec/unit/settings/http_extra_headers_spec.rb ADDED

@@ -0,0 +1,64 @@
+require 'spec_helper'
+require 'puppet/settings'
+require 'puppet/settings/http_extra_headers_setting'
+describe Puppet::Settings::HttpExtraHeadersSetting do
+  subject { described_class.new(:settings => double('settings'), :desc => "test") }
+  it "is of type :http_extra_headers" do
+    expect(subject.type).to eq :http_extra_headers
+  end
+  describe "munging the value" do
+    let(:final_value) { [['header1', 'foo'], ['header2', 'bar']] }
+    describe "when given a string" do
+      it "splits multiple values into an array" do
+        expect(subject.munge("header1:foo,header2:bar")).to match_array(final_value)
+      end
+      it "strips whitespace between elements" do
+        expect(subject.munge("header1:foo , header2:bar")).to match_array(final_value)
+      end
+      it "creates an array when one item is given" do
+        expect(subject.munge("header1:foo")).to match_array([['header1', 'foo']])
+      end
+    end
+    describe "when given an array of strings" do
+      it "returns an array of arrays" do
+        expect(subject.munge(['header1:foo', 'header2:bar'])).to match_array(final_value)
+      end
+    end
+    describe "when given an array of arrays" do
+      it "returns an array of arrays" do
+        expect(subject.munge([['header1', 'foo'], ['header2', 'bar']])).to match_array(final_value)
+      end
+    end
+    describe "when given a hash" do
+      it "returns the hash" do
+        expect(subject.munge({'header1' => 'foo', 'header2' => 'bar'})).to match_array(final_value)
+      end
+    end
+    describe 'raises an error when' do
+      # Ruby 2.3 reports the class of these objects as Fixnum, whereas later ruby versions report them as Integer
+      it 'is given an unexpected object type' do
+        expect {
+          subject.munge(65)
+          }.to raise_error(ArgumentError, /^Expected an Array, String, or Hash, got a (Integer|Fixnum)/)
+      end
+      it 'is given an array of unexpected object types' do
+        expect {
+          subject.munge([65, 82])
+          }.to raise_error(ArgumentError, /^Expected an Array or String, got a (Integer|Fixnum)/)
+      end
+    end
+  end
+end

data/spec/unit/ssl/host_spec.rb CHANGED

@@ -51,8 +51,10 @@ describe Puppet::SSL::Host, if: !Puppet::Util::Platform.jruby? do
       allow_any_instance_of(Puppet::SSL::Host).to receive(:generate)
     end
-    it "should have a method for producing an instance to manage the local host's keys" do
-      expect(Puppet::SSL::Host).to respond_to(:localhost)
+    it "is deprecated" do
+      Puppet::SSL::Host.localhost
+      expect(@logs).to include(an_object_having_attributes(message: /Puppet::SSL::Host is deprecated/))
     end
     it "should allow to reset localhost" do

data/spec/unit/ssl/oids_spec.rb CHANGED

@@ -33,6 +33,7 @@ describe Puppet::SSL::Oids do
       'pp_cloudplatform'    => '1.3.6.1.4.1.34380.1.1.23',
       'pp_apptier'          => '1.3.6.1.4.1.34380.1.1.24',
       'pp_hostname'         => '1.3.6.1.4.1.34380.1.1.25',
+      'pp_owner'            => '1.3.6.1.4.1.34380.1.1.26',
       'ppPrivCertExt'       => '1.3.6.1.4.1.34380.1.2',
       'ppAuthCertExt'       => '1.3.6.1.4.1.34380.1.3',
       'pp_authorization'    => '1.3.6.1.4.1.34380.1.3.1',

data/spec/unit/ssl/ssl_provider_spec.rb CHANGED

@@ -42,20 +42,20 @@ describe Puppet::SSL::SSLProvider do
     let(:config) { { cacerts: [], crls: [], revocation: false } }
     it 'accepts empty list of certs and crls' do
-      sslctx = subject.create_root_context(config)
+      sslctx = subject.create_root_context(**config)
       expect(sslctx.cacerts).to eq([])
       expect(sslctx.crls).to eq([])
     end
     it 'accepts valid root certs' do
       certs = [cert_fixture('ca.pem')]
-      sslctx = subject.create_root_context(config.merge(cacerts: certs))
+      sslctx = subject.create_root_context(**config.merge(cacerts: certs))
       expect(sslctx.cacerts).to eq(certs)
     end
     it 'accepts valid intermediate certs' do
       certs = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
-      sslctx = subject.create_root_context(config.merge(cacerts: certs))
+      sslctx = subject.create_root_context(**config.merge(cacerts: certs))
       expect(sslctx.cacerts).to eq(certs)
     end
@@ -63,19 +63,19 @@ describe Puppet::SSL::SSLProvider do
       expired = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
       expired.each { |x509| x509.not_after = Time.at(0) }
-      sslctx = subject.create_root_context(config.merge(cacerts: expired))
+      sslctx = subject.create_root_context(**config.merge(cacerts: expired))
       expect(sslctx.cacerts).to eq(expired)
     end
     it 'raises if the frozen context is modified' do
-      sslctx = subject.create_root_context(config)
+      sslctx = subject.create_root_context(**config)
       expect {
         sslctx.verify_peer = false
       }.to raise_error(/can't modify frozen/)
     end
     it 'verifies peer' do
-      sslctx = subject.create_root_context(config)
+      sslctx = subject.create_root_context(**config)
       expect(sslctx.verify_peer).to eq(true)
     end
   end
@@ -134,6 +134,32 @@ describe Puppet::SSL::SSLProvider do
       expect(sslctx.client_cert).to be_nil
       expect(sslctx.private_key).to be_nil
     end
+    it 'trusts additional system certs' do
+      path = tmpfile('system_cacerts')
+      File.write(path, cert_fixture('ca.pem').to_pem)
+      expect_any_instance_of(OpenSSL::X509::Store).to receive(:add_file).with(path)
+      subject.create_system_context(cacerts: [], path: path)
+    end
+    it 'ignores empty files' do
+      path = tmpfile('system_cacerts')
+      FileUtils.touch(path)
+      subject.create_system_context(cacerts: [], path: path)
+      expect(@logs).to eq([])
+    end
+    it 'prints an error if it is not a file' do
+      path = tmpdir('system_cacerts')
+      subject.create_system_context(cacerts: [], path: path)
+      expect(@logs).to include(an_object_having_attributes(level: :warning, message: /^The 'ssl_trust_store' setting does not refer to a file and will be ignored/))
+    end
   end
   context 'when creating an ssl context with crls' do
@@ -142,14 +168,14 @@ describe Puppet::SSL::SSLProvider do
     it 'accepts valid CRLs' do
       certs = [cert_fixture('ca.pem')]
       crls = [crl_fixture('crl.pem')]
-      sslctx = subject.create_root_context(config.merge(cacerts: certs, crls: crls))
+      sslctx = subject.create_root_context(**config.merge(cacerts: certs, crls: crls))
       expect(sslctx.crls).to eq(crls)
     end
     it 'accepts valid CRLs for intermediate certs' do
       certs = [cert_fixture('ca.pem'), cert_fixture('intermediate.pem')]
       crls = [crl_fixture('crl.pem'), crl_fixture('intermediate-crl.pem')]
-      sslctx = subject.create_root_context(config.merge(cacerts: certs, crls: crls))
+      sslctx = subject.create_root_context(**config.merge(cacerts: certs, crls: crls))
       expect(sslctx.crls).to eq(crls)
     end
@@ -157,12 +183,12 @@ describe Puppet::SSL::SSLProvider do
       expired = [crl_fixture('crl.pem'), crl_fixture('intermediate-crl.pem')]
       expired.each { |x509| x509.last_update = Time.at(0) }
-      sslctx = subject.create_root_context(config.merge(crls: expired))
+      sslctx = subject.create_root_context(**config.merge(crls: expired))
       expect(sslctx.crls).to eq(expired)
     end
     it 'verifies peer' do
-      sslctx = subject.create_root_context(config)
+      sslctx = subject.create_root_context(**config)
       expect(sslctx.verify_peer).to eq(true)
     end
   end
@@ -174,49 +200,49 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if CA certs are missing' do
       expect {
-        subject.create_context(config.merge(cacerts: nil))
+        subject.create_context(**config.merge(cacerts: nil))
       }.to raise_error(ArgumentError, /CA certs are missing/)
     end
     it 'raises if CRLs are are missing' do
       expect {
-        subject.create_context(config.merge(crls: nil))
+        subject.create_context(**config.merge(crls: nil))
       }.to raise_error(ArgumentError, /CRLs are missing/)
     end
     it 'raises if private key is missing' do
       expect {
-        subject.create_context(config.merge(private_key: nil))
+        subject.create_context(**config.merge(private_key: nil))
       }.to raise_error(ArgumentError, /Private key is missing/)
     end
     it 'raises if client cert is missing' do
       expect {
-        subject.create_context(config.merge(client_cert: nil))
+        subject.create_context(**config.merge(client_cert: nil))
       }.to raise_error(ArgumentError, /Client cert is missing/)
     end
     it 'accepts RSA keys' do
-      sslctx = subject.create_context(config)
+      sslctx = subject.create_context(**config)
       expect(sslctx.private_key).to eq(private_key)
     end
     it 'accepts EC keys' do
       ec_key = ec_key_fixture('ec-key.pem')
       ec_cert = cert_fixture('ec.pem')
-      sslctx = subject.create_context(config.merge(client_cert: ec_cert, private_key: ec_key))
+      sslctx = subject.create_context(**config.merge(client_cert: ec_cert, private_key: ec_key))
       expect(sslctx.private_key).to eq(ec_key)
     end
     it 'raises if private key is unsupported' do
       dsa_key = OpenSSL::PKey::DSA.new
       expect {
-        subject.create_context(config.merge(private_key: dsa_key))
+        subject.create_context(**config.merge(private_key: dsa_key))
       }.to raise_error(Puppet::SSL::SSLError, /Unsupported key 'OpenSSL::PKey::DSA'/)
     end
     it 'resolves the client chain from leaf to root' do
-      sslctx = subject.create_context(config)
+      sslctx = subject.create_context(**config)
       expect(
         sslctx.client_chain.map(&:subject).map(&:to_utf8)
       ).to eq(['CN=signed', 'CN=Test CA Subauthority', 'CN=Test CA'])
@@ -225,21 +251,21 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if client cert signature is invalid' do
       client_cert.sign(wrong_key, OpenSSL::Digest::SHA256.new)
       expect {
-        subject.create_context(config.merge(client_cert: client_cert))
+        subject.create_context(**config.merge(client_cert: client_cert))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for certificate 'CN=signed'")
     end
     it 'raises if client cert and private key are mismatched' do
       expect {
-        subject.create_context(config.merge(private_key: wrong_key))
+        subject.create_context(**config.merge(private_key: wrong_key))
       }.to raise_error(Puppet::SSL::SSLError,
                        "The certificate for 'CN=signed' does not match its private key")
     end
     it "raises if client cert's public key has been replaced" do
       expect {
-        subject.create_context(config.merge(client_cert: cert_fixture('tampered-cert.pem')))
+        subject.create_context(**config.merge(client_cert: cert_fixture('tampered-cert.pem')))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for certificate 'CN=signed'")
     end
@@ -250,7 +276,7 @@ describe Puppet::SSL::SSLProvider do
       ca.sign(wrong_key, OpenSSL::Digest::SHA256.new)
       expect {
-        subject.create_context(config.merge(cacerts: global_cacerts))
+        subject.create_context(**config.merge(cacerts: global_cacerts))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for certificate 'CN=Test CA'")
     end
@@ -260,7 +286,7 @@ describe Puppet::SSL::SSLProvider do
       int.sign(wrong_key, OpenSSL::Digest::SHA256.new)
       expect {
-        subject.create_context(config.merge(cacerts: global_cacerts))
+        subject.create_context(**config.merge(cacerts: global_cacerts))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for certificate 'CN=Test CA Subauthority'")
     end
@@ -270,7 +296,7 @@ describe Puppet::SSL::SSLProvider do
       crl.sign(wrong_key, OpenSSL::Digest::SHA256.new)
       expect {
-        subject.create_context(config.merge(crls: global_crls))
+        subject.create_context(**config.merge(crls: global_crls))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for CRL issued by 'CN=Test CA'")
     end
@@ -280,14 +306,14 @@ describe Puppet::SSL::SSLProvider do
       crl.sign(wrong_key, OpenSSL::Digest::SHA256.new)
       expect {
-        subject.create_context(config.merge(crls: global_crls))
+        subject.create_context(**config.merge(crls: global_crls))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Invalid signature for CRL issued by 'CN=Test CA Subauthority'")
     end
     it 'raises if client cert is revoked' do
       expect {
-        subject.create_context(config.merge(private_key: key_fixture('revoked-key.pem'), client_cert: cert_fixture('revoked.pem')))
+        subject.create_context(**config.merge(private_key: key_fixture('revoked-key.pem'), client_cert: cert_fixture('revoked.pem')))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Certificate 'CN=revoked' is revoked")
     end
@@ -295,12 +321,12 @@ describe Puppet::SSL::SSLProvider do
     it 'warns if intermediate issuer is missing' do
       expect(Puppet).to receive(:warning).with("The issuer 'CN=Test CA Subauthority' of certificate 'CN=signed' cannot be found locally")
-      subject.create_context(config.merge(cacerts: [cert_fixture('ca.pem')]))
+      subject.create_context(**config.merge(cacerts: [cert_fixture('ca.pem')]))
     end
     it 'raises if root issuer is missing' do
       expect {
-        subject.create_context(config.merge(cacerts: [cert_fixture('intermediate.pem')]))
+        subject.create_context(**config.merge(cacerts: [cert_fixture('intermediate.pem')]))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The issuer 'CN=Test CA' of certificate 'CN=Test CA Subauthority' is missing")
     end
@@ -308,7 +334,7 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if cert is not valid yet', unless: Puppet::Util::Platform.jruby? do
       client_cert.not_before = Time.now + (5 * 60 * 60)
       expect {
-        subject.create_context(config.merge(client_cert: client_cert))
+        subject.create_context(**config.merge(client_cert: client_cert))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The certificate 'CN=signed' is not yet valid, verify time is synchronized")
     end
@@ -316,7 +342,7 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if cert is expired', unless: Puppet::Util::Platform.jruby? do
       client_cert.not_after = Time.at(0)
       expect {
-        subject.create_context(config.merge(client_cert: client_cert))
+        subject.create_context(**config.merge(client_cert: client_cert))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The certificate 'CN=signed' has expired, verify time is synchronized")
     end
@@ -327,7 +353,7 @@ describe Puppet::SSL::SSLProvider do
       future_crls.first.last_update = Time.now + (5 * 60 * 60)
       expect {
-        subject.create_context(config.merge(crls: future_crls))
+        subject.create_context(**config.merge(crls: future_crls))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The CRL issued by 'CN=Test CA' is not yet valid, verify time is synchronized")
     end
@@ -338,7 +364,7 @@ describe Puppet::SSL::SSLProvider do
       past_crls.first.next_update = Time.at(0)
       expect {
-        subject.create_context(config.merge(crls: past_crls))
+        subject.create_context(**config.merge(crls: past_crls))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The CRL issued by 'CN=Test CA' has expired, verify time is synchronized")
     end
@@ -346,7 +372,7 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if the root CRL is missing' do
       crls = [crl_fixture('intermediate-crl.pem')]
       expect {
-        subject.create_context(config.merge(crls: crls, revocation: :chain))
+        subject.create_context(**config.merge(crls: crls, revocation: :chain))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The CRL issued by 'CN=Test CA' is missing")
     end
@@ -354,23 +380,23 @@ describe Puppet::SSL::SSLProvider do
     it 'raises if the intermediate CRL is missing' do
       crls = [crl_fixture('crl.pem')]
       expect {
-        subject.create_context(config.merge(crls: crls))
+        subject.create_context(**config.merge(crls: crls))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "The CRL issued by 'CN=Test CA Subauthority' is missing")
     end
     it "doesn't raise if the root CRL is missing and we're just checking the leaf" do
       crls = [crl_fixture('intermediate-crl.pem')]
-      subject.create_context(config.merge(crls: crls, revocation: :leaf))
+      subject.create_context(**config.merge(crls: crls, revocation: :leaf))
     end
     it "doesn't raise if the intermediate CRL is missing and revocation checking is disabled" do
       crls = [crl_fixture('crl.pem')]
-      subject.create_context(config.merge(crls: crls, revocation: false))
+      subject.create_context(**config.merge(crls: crls, revocation: false))
     end
     it "doesn't raise if both CRLs are missing and revocation checking is disabled" do
-      subject.create_context(config.merge(crls: [], revocation: false))
+      subject.create_context(**config.merge(crls: [], revocation: false))
     end
     # OpenSSL < 1.1 does not verify basicConstraints
@@ -378,7 +404,7 @@ describe Puppet::SSL::SSLProvider do
       certs = [cert_fixture('bad-basic-constraints.pem'), cert_fixture('intermediate.pem')]
       expect {
-        subject.create_context(config.merge(cacerts: certs, crls: [], revocation: false))
+        subject.create_context(**config.merge(cacerts: certs, crls: [], revocation: false))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Certificate 'CN=Test CA' failed verification (24): invalid CA certificate")
     end
@@ -388,32 +414,32 @@ describe Puppet::SSL::SSLProvider do
       certs = [cert_fixture('ca.pem'), cert_fixture('bad-int-basic-constraints.pem')]
       expect {
-        subject.create_context(config.merge(cacerts: certs, crls: [], revocation: false))
+        subject.create_context(**config.merge(cacerts: certs, crls: [], revocation: false))
       }.to raise_error(Puppet::SSL::CertVerifyError,
                        "Certificate 'CN=Test CA Subauthority' failed verification (24): invalid CA certificate")
     end
     it 'accepts CA certs in any order' do
-      sslctx = subject.create_context(config.merge(cacerts: global_cacerts.reverse))
+      sslctx = subject.create_context(**config.merge(cacerts: global_cacerts.reverse))
       # certs in ruby+openssl 1.0.x are not comparable, so compare subjects
       expect(sslctx.client_chain.map(&:subject).map(&:to_utf8)).to contain_exactly('CN=Test CA', 'CN=Test CA Subauthority', 'CN=signed')
     end
     it 'accepts CRLs in any order' do
-      sslctx = subject.create_context(config.merge(crls: global_crls.reverse))
+      sslctx = subject.create_context(**config.merge(crls: global_crls.reverse))
       # certs in ruby+openssl 1.0.x are not comparable, so compare subjects
       expect(sslctx.client_chain.map(&:subject).map(&:to_utf8)).to contain_exactly('CN=Test CA', 'CN=Test CA Subauthority', 'CN=signed')
     end
     it 'raises if the frozen context is modified' do
-      sslctx = subject.create_context(config)
+      sslctx = subject.create_context(**config)
       expect {
         sslctx.verify_peer = false
       }.to raise_error(/can't modify frozen/)
     end
     it 'verifies peer' do
-      sslctx = subject.create_context(config)
+      sslctx = subject.create_context(**config)
       expect(sslctx.verify_peer).to eq(true)
     end
   end