puppet 6.13.0 → 6.18.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +2 -7
- data/CONTRIBUTING.md +7 -13
- data/Gemfile +4 -2
- data/Gemfile.lock +36 -32
- data/README.md +17 -24
- data/ext/windows/service/daemon.rb +3 -3
- data/lib/puppet.rb +33 -9
- data/lib/puppet/agent.rb +20 -14
- data/lib/puppet/application/agent.rb +26 -17
- data/lib/puppet/application/apply.rb +18 -20
- data/lib/puppet/application/describe.rb +7 -5
- data/lib/puppet/application/device.rb +2 -2
- data/lib/puppet/application/filebucket.rb +19 -15
- data/lib/puppet/application/lookup.rb +16 -4
- data/lib/puppet/application/plugin.rb +1 -0
- data/lib/puppet/application/ssl.rb +4 -4
- data/lib/puppet/configurer.rb +58 -57
- data/lib/puppet/configurer/downloader.rb +31 -10
- data/lib/puppet/configurer/plugin_handler.rb +10 -1
- data/lib/puppet/confine.rb +2 -2
- data/lib/puppet/confine/any.rb +1 -1
- data/lib/puppet/context/trusted_information.rb +14 -8
- data/lib/puppet/daemon.rb +13 -27
- data/lib/puppet/defaults.rb +92 -12
- data/lib/puppet/environments.rb +4 -5
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/face/help.rb +29 -3
- data/lib/puppet/face/module/search.rb +5 -0
- data/lib/puppet/face/plugin.rb +2 -2
- data/lib/puppet/feature/base.rb +1 -1
- data/lib/puppet/file_serving/http_metadata.rb +14 -2
- data/lib/puppet/file_serving/metadata.rb +4 -1
- data/lib/puppet/file_serving/mount/locales.rb +1 -2
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
- data/lib/puppet/file_serving/mount/plugins.rb +1 -2
- data/lib/puppet/file_serving/terminus_selector.rb +7 -8
- data/lib/puppet/file_system/file_impl.rb +17 -13
- data/lib/puppet/file_system/uniquefile.rb +12 -16
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/repository.rb +4 -7
- data/lib/puppet/functions/call.rb +1 -1
- data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
- data/lib/puppet/functions/filter.rb +1 -0
- data/lib/puppet/functions/lstrip.rb +4 -4
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/functions/reverse_each.rb +1 -1
- data/lib/puppet/functions/rstrip.rb +4 -4
- data/lib/puppet/functions/step.rb +1 -1
- data/lib/puppet/functions/strip.rb +4 -4
- data/lib/puppet/gettext/config.rb +5 -5
- data/lib/puppet/gettext/module_translations.rb +4 -4
- data/lib/puppet/http.rb +3 -0
- data/lib/puppet/http/client.rb +263 -73
- data/lib/puppet/http/external_client.rb +90 -0
- data/lib/puppet/http/redirector.rb +43 -7
- data/lib/puppet/http/resolver.rb +46 -3
- data/lib/puppet/http/resolver/server_list.rb +76 -16
- data/lib/puppet/http/resolver/settings.rb +23 -3
- data/lib/puppet/http/resolver/srv.rb +29 -3
- data/lib/puppet/http/response.rb +87 -1
- data/lib/puppet/http/retry_after_handler.rb +39 -0
- data/lib/puppet/http/service.rb +97 -12
- data/lib/puppet/http/service/ca.rb +76 -14
- data/lib/puppet/http/service/compiler.rb +249 -16
- data/lib/puppet/http/service/file_server.rb +141 -20
- data/lib/puppet/http/service/report.rb +47 -17
- data/lib/puppet/http/session.rb +96 -7
- data/lib/puppet/indirector.rb +1 -1
- data/lib/puppet/indirector/catalog/rest.rb +34 -0
- data/lib/puppet/indirector/exec.rb +1 -1
- data/lib/puppet/indirector/facts/facter.rb +3 -3
- data/lib/puppet/indirector/facts/rest.rb +42 -0
- data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
- data/lib/puppet/indirector/file_content/http.rb +5 -0
- data/lib/puppet/indirector/file_content/rest.rb +30 -0
- data/lib/puppet/indirector/file_metadata/http.rb +28 -8
- data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
- data/lib/puppet/indirector/hiera.rb +4 -0
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/node/rest.rb +24 -0
- data/lib/puppet/indirector/report/processor.rb +2 -2
- data/lib/puppet/indirector/report/rest.rb +19 -0
- data/lib/puppet/indirector/report/yaml.rb +23 -0
- data/lib/puppet/indirector/request.rb +1 -1
- data/lib/puppet/indirector/rest.rb +12 -0
- data/lib/puppet/indirector/status/rest.rb +18 -0
- data/lib/puppet/loaders.rb +6 -0
- data/lib/puppet/metatype/manager.rb +80 -80
- data/lib/puppet/module.rb +1 -2
- data/lib/puppet/network/format_support.rb +2 -2
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/base_pool.rb +7 -2
- data/lib/puppet/network/http/compression.rb +7 -0
- data/lib/puppet/network/http/connection.rb +2 -0
- data/lib/puppet/network/http/connection_adapter.rb +184 -0
- data/lib/puppet/network/http/nocache_pool.rb +1 -0
- data/lib/puppet/network/http/pool.rb +8 -5
- data/lib/puppet/network/http/route.rb +2 -2
- data/lib/puppet/network/http_pool.rb +2 -1
- data/lib/puppet/node/environment.rb +22 -5
- data/lib/puppet/pal/catalog_compiler.rb +5 -0
- data/lib/puppet/pal/pal_impl.rb +30 -31
- data/lib/puppet/parameter.rb +1 -1
- data/lib/puppet/parser/ast/leaf.rb +5 -5
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
- data/lib/puppet/parser/compiler.rb +43 -33
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +4 -1
- data/lib/puppet/parser/functions.rb +18 -9
- data/lib/puppet/parser/functions/create_resources.rb +11 -7
- data/lib/puppet/parser/functions/filter.rb +1 -0
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/parser/type_loader.rb +2 -2
- data/lib/puppet/pops/adaptable.rb +7 -13
- data/lib/puppet/pops/adapters.rb +8 -4
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
- data/lib/puppet/pops/loaders.rb +24 -15
- data/lib/puppet/pops/lookup/context.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/types/iterable.rb +34 -8
- data/lib/puppet/pops/validation/checker4_0.rb +29 -15
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/provider/file/windows.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +9 -4
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +98 -1
- data/lib/puppet/provider/package/aptitude.rb +1 -1
- data/lib/puppet/provider/package/dnfmodule.rb +61 -14
- data/lib/puppet/provider/package/gem.rb +45 -9
- data/lib/puppet/provider/package/pacman.rb +2 -5
- data/lib/puppet/provider/package/pip.rb +143 -48
- data/lib/puppet/provider/package/pip3.rb +0 -2
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +2 -2
- data/lib/puppet/provider/package/puppet_gem.rb +11 -2
- data/lib/puppet/provider/package/rpm.rb +6 -213
- data/lib/puppet/provider/package/yum.rb +100 -20
- data/lib/puppet/provider/package/zypper.rb +62 -1
- data/lib/puppet/provider/service/systemd.rb +22 -4
- data/lib/puppet/provider/service/windows.rb +23 -7
- data/lib/puppet/provider/user/aix.rb +1 -1
- data/lib/puppet/provider/user/user_role_add.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +16 -5
- data/lib/puppet/provider/user/windows_adsi.rb +18 -1
- data/lib/puppet/reports/http.rb +15 -9
- data/lib/puppet/resource.rb +2 -1
- data/lib/puppet/resource/type.rb +8 -0
- data/lib/puppet/resource/type_collection.rb +20 -16
- data/lib/puppet/runtime.rb +31 -1
- data/lib/puppet/settings.rb +3 -1
- data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
- data/lib/puppet/ssl.rb +1 -0
- data/lib/puppet/ssl/host.rb +4 -4
- data/lib/puppet/ssl/oids.rb +1 -0
- data/lib/puppet/ssl/ssl_context.rb +2 -2
- data/lib/puppet/ssl/ssl_provider.rb +20 -1
- data/lib/puppet/ssl/state_machine.rb +81 -35
- data/lib/puppet/ssl/validator/default_validator.rb +1 -1
- data/lib/puppet/ssl/verifier_adapter.rb +9 -1
- data/lib/puppet/test/test_helper.rb +21 -14
- data/lib/puppet/transaction.rb +2 -2
- data/lib/puppet/transaction/persistence.rb +1 -1
- data/lib/puppet/transaction/report.rb +3 -3
- data/lib/puppet/trusted_external.rb +29 -1
- data/lib/puppet/type.rb +21 -8
- data/lib/puppet/type/file.rb +51 -13
- data/lib/puppet/type/file/checksum.rb +4 -4
- data/lib/puppet/type/file/source.rb +75 -64
- data/lib/puppet/type/notify.rb +2 -2
- data/lib/puppet/type/package.rb +41 -3
- data/lib/puppet/type/service.rb +59 -8
- data/lib/puppet/type/user.rb +19 -29
- data/lib/puppet/util.rb +41 -3
- data/lib/puppet/util/at_fork.rb +1 -1
- data/lib/puppet/util/autoload.rb +13 -25
- data/lib/puppet/util/character_encoding.rb +9 -5
- data/lib/puppet/util/checksums.rb +19 -4
- data/lib/puppet/util/execution.rb +2 -2
- data/lib/puppet/util/fileparsing.rb +2 -2
- data/lib/puppet/util/instance_loader.rb +14 -10
- data/lib/puppet/util/log/destinations.rb +1 -10
- data/lib/puppet/util/package/version/debian.rb +175 -0
- data/lib/puppet/util/package/version/gem.rb +15 -0
- data/lib/puppet/util/package/version/pip.rb +167 -0
- data/lib/puppet/util/package/version/range.rb +53 -0
- data/lib/puppet/util/package/version/range/eq.rb +14 -0
- data/lib/puppet/util/package/version/range/gt.rb +14 -0
- data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/lt.rb +14 -0
- data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
- data/lib/puppet/util/package/version/range/min_max.rb +21 -0
- data/lib/puppet/util/package/version/range/simple.rb +11 -0
- data/lib/puppet/util/package/version/rpm.rb +73 -0
- data/lib/puppet/util/pidlock.rb +13 -7
- data/lib/puppet/util/platform.rb +5 -0
- data/lib/puppet/util/provider_features.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/rpm_compare.rb +193 -0
- data/lib/puppet/util/windows.rb +1 -0
- data/lib/puppet/util/windows/adsi.rb +2 -2
- data/lib/puppet/util/windows/api_types.rb +60 -33
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +15 -14
- data/lib/puppet/util/windows/registry.rb +11 -11
- data/lib/puppet/util/windows/security.rb +5 -4
- data/lib/puppet/util/windows/service.rb +43 -26
- data/lib/puppet/util/windows/sid.rb +3 -3
- data/lib/puppet/util/windows/user.rb +242 -8
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +641 -511
- data/man/man5/puppet.conf.5 +75 -10
- data/man/man8/puppet-agent.8 +7 -7
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +17 -2
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +6 -3
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +2 -2
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +4 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +2 -2
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
- data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
- data/spec/fixtures/ssl/unknown-ca.pem +59 -0
- data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
- data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -67
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -69
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -69
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -67
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -65
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -67
- data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -67
- data/spec/integration/application/agent_spec.rb +475 -0
- data/spec/integration/application/apply_spec.rb +279 -150
- data/spec/integration/application/config_spec.rb +74 -0
- data/spec/integration/application/doc_spec.rb +16 -6
- data/spec/integration/application/filebucket_spec.rb +239 -0
- data/spec/integration/application/help_spec.rb +42 -0
- data/spec/integration/application/lookup_spec.rb +13 -0
- data/spec/integration/application/module_spec.rb +68 -0
- data/spec/integration/application/plugin_spec.rb +123 -0
- data/spec/integration/data_binding_spec.rb +82 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/directory_environments_spec.rb +17 -17
- data/spec/integration/http/client_spec.rb +47 -37
- data/spec/integration/indirector/facts/facter_spec.rb +8 -6
- data/spec/integration/indirector/report/yaml.rb +83 -0
- data/spec/integration/network/http_pool_spec.rb +93 -20
- data/spec/integration/node/environment_spec.rb +15 -0
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/type/file_spec.rb +1 -1
- data/spec/integration/util/execution_spec.rb +22 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
- data/spec/integration/util/windows/process_spec.rb +26 -32
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/integration/util/windows/user_spec.rb +47 -5
- data/spec/integration/util_spec.rb +7 -33
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/lib/puppet_spec/https.rb +16 -7
- data/spec/lib/puppet_spec/matchers.rb +0 -80
- data/spec/lib/puppet_spec/puppetserver.rb +127 -0
- data/spec/shared_contexts/https.rb +29 -0
- data/spec/unit/agent_spec.rb +80 -26
- data/spec/unit/application/agent_spec.rb +12 -9
- data/spec/unit/application/describe_spec.rb +88 -50
- data/spec/unit/application/device_spec.rb +2 -2
- data/spec/unit/application/face_base_spec.rb +6 -4
- data/spec/unit/application/facts_spec.rb +39 -10
- data/spec/unit/application/filebucket_spec.rb +22 -2
- data/spec/unit/application/man_spec.rb +52 -0
- data/spec/unit/application/resource_spec.rb +3 -1
- data/spec/unit/application/ssl_spec.rb +15 -2
- data/spec/unit/configurer/downloader_spec.rb +10 -0
- data/spec/unit/configurer/fact_handler_spec.rb +4 -4
- data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
- data/spec/unit/configurer_spec.rb +64 -46
- data/spec/unit/confine_spec.rb +2 -1
- data/spec/unit/context/trusted_information_spec.rb +25 -2
- data/spec/unit/daemon_spec.rb +5 -64
- data/spec/unit/defaults_spec.rb +24 -1
- data/spec/unit/environments_spec.rb +8 -0
- data/spec/unit/face/config_spec.rb +3 -1
- data/spec/unit/face/module/search_spec.rb +17 -0
- data/spec/unit/face/plugin_spec.rb +12 -10
- data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
- data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
- data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
- data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
- data/spec/unit/file_system/uniquefile_spec.rb +29 -0
- data/spec/unit/file_system_spec.rb +10 -0
- data/spec/unit/functions/lookup_spec.rb +13 -0
- data/spec/unit/http/client_spec.rb +321 -36
- data/spec/unit/http/external_client_spec.rb +201 -0
- data/spec/unit/http/resolver_spec.rb +34 -3
- data/spec/unit/http/response_spec.rb +75 -0
- data/spec/unit/http/service/ca_spec.rb +53 -12
- data/spec/unit/http/service/compiler_spec.rb +332 -28
- data/spec/unit/http/service/file_server_spec.rb +100 -12
- data/spec/unit/http/service/report_spec.rb +19 -9
- data/spec/unit/http/service_spec.rb +94 -6
- data/spec/unit/http/session_spec.rb +159 -8
- data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
- data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
- data/spec/unit/indirector/facts/rest_spec.rb +79 -24
- data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
- data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
- data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
- data/spec/unit/indirector/node/rest_spec.rb +57 -2
- data/spec/unit/indirector/report/rest_spec.rb +58 -51
- data/spec/unit/indirector/request_spec.rb +1 -1
- data/spec/unit/indirector/resource/ral_spec.rb +7 -8
- data/spec/unit/indirector/rest_spec.rb +13 -0
- data/spec/unit/indirector/status/rest_spec.rb +43 -2
- data/spec/unit/interface_spec.rb +3 -3
- data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
- data/spec/unit/network/format_support_spec.rb +3 -2
- data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
- data/spec/unit/network/http/connection_spec.rb +552 -190
- data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
- data/spec/unit/network/http/pool_spec.rb +59 -13
- data/spec/unit/network/http_pool_spec.rb +63 -57
- data/spec/unit/network/http_spec.rb +1 -1
- data/spec/unit/node/environment_spec.rb +33 -0
- data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/parser/scope_spec.rb +1 -1
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
- data/spec/unit/pops/loaders/loaders_spec.rb +71 -1
- data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
- data/spec/unit/provider/group/groupadd_spec.rb +22 -8
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +107 -0
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +54 -15
- data/spec/unit/provider/package/gem_spec.rb +40 -0
- data/spec/unit/provider/package/pacman_spec.rb +6 -21
- data/spec/unit/provider/package/pip_spec.rb +68 -19
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +38 -0
- data/spec/unit/provider/package/portage_spec.rb +5 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +12 -1
- data/spec/unit/provider/package/rpm_spec.rb +0 -212
- data/spec/unit/provider/package/yum_spec.rb +243 -1
- data/spec/unit/provider/package/zypper_spec.rb +98 -0
- data/spec/unit/provider/service/init_spec.rb +42 -0
- data/spec/unit/provider/service/openbsd_spec.rb +9 -0
- data/spec/unit/provider/service/openwrt_spec.rb +1 -0
- data/spec/unit/provider/service/redhat_spec.rb +9 -0
- data/spec/unit/provider/service/systemd_spec.rb +93 -18
- data/spec/unit/provider/service/windows_spec.rb +50 -14
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/useradd_spec.rb +30 -16
- data/spec/unit/provider/user/windows_adsi_spec.rb +85 -3
- data/spec/unit/puppet_pal_2pec.rb +11 -0
- data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
- data/spec/unit/puppet_spec.rb +33 -0
- data/spec/unit/reports/http_spec.rb +70 -52
- data/spec/unit/reports/store_spec.rb +17 -13
- data/spec/unit/resource_spec.rb +3 -3
- data/spec/unit/settings/autosign_setting_spec.rb +1 -1
- data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
- data/spec/unit/ssl/host_spec.rb +4 -2
- data/spec/unit/ssl/oids_spec.rb +1 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
- data/spec/unit/ssl/state_machine_spec.rb +99 -13
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction/persistence_spec.rb +15 -0
- data/spec/unit/transaction/report_spec.rb +5 -1
- data/spec/unit/transaction_spec.rb +0 -2
- data/spec/unit/type/file/ensure_spec.rb +1 -2
- data/spec/unit/type/file/source_spec.rb +89 -38
- data/spec/unit/type/file_spec.rb +122 -96
- data/spec/unit/type/service_spec.rb +218 -8
- data/spec/unit/type/user_spec.rb +32 -3
- data/spec/unit/type_spec.rb +50 -0
- data/spec/unit/util/at_fork_spec.rb +3 -2
- data/spec/unit/util/autoload_spec.rb +2 -1
- data/spec/unit/util/character_encoding_spec.rb +4 -4
- data/spec/unit/util/checksums_spec.rb +16 -0
- data/spec/unit/util/command_line_spec.rb +11 -6
- data/spec/unit/util/log/destinations_spec.rb +1 -29
- data/spec/unit/util/package/version/debian_spec.rb +83 -0
- data/spec/unit/util/package/version/pip_spec.rb +464 -0
- data/spec/unit/util/package/version/range_spec.rb +175 -0
- data/spec/unit/util/package/version/rpm_spec.rb +121 -0
- data/spec/unit/util/pidlock_spec.rb +102 -54
- data/spec/unit/util/rpm_compare_spec.rb +196 -0
- data/spec/unit/util/windows/adsi_spec.rb +4 -4
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +4 -4
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/spec/unit/util_spec.rb +3 -3
- data/spec/unit/x509/cert_provider_spec.rb +1 -1
- data/tasks/generate_cert_fixtures.rake +15 -1
- data/tasks/manpages.rake +5 -35
- metadata +84 -52
- data/COMMITTERS.md +0 -244
- data/spec/integration/faces/config_spec.rb +0 -91
- data/spec/integration/faces/documentation_spec.rb +0 -57
- data/spec/integration/faces/plugin_spec.rb +0 -61
- data/spec/integration/file_bucket/file_spec.rb +0 -50
- data/spec/integration/file_serving/content_spec.rb +0 -7
- data/spec/integration/file_serving/fileset_spec.rb +0 -12
- data/spec/integration/file_serving/metadata_spec.rb +0 -8
- data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
- data/spec/integration/file_system/uniquefile_spec.rb +0 -26
- data/spec/integration/module_tool/forge_spec.rb +0 -64
- data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
- data/spec/integration/provider/service/init_spec.rb +0 -48
- data/spec/integration/provider/service/systemd_spec.rb +0 -25
- data/spec/integration/provider/service/windows_spec.rb +0 -50
- data/spec/integration/reference/providers_spec.rb +0 -21
- data/spec/integration/reports_spec.rb +0 -13
- data/spec/integration/ssl/certificate_request_spec.rb +0 -44
- data/spec/integration/ssl/host_spec.rb +0 -72
- data/spec/integration/ssl/key_spec.rb +0 -99
- data/spec/integration/test/test_helper_spec.rb +0 -31
- data/spec/shared_behaviours/file_serving_model.rb +0 -51
- data/spec/unit/face/man_spec.rb +0 -25
- data/spec/unit/man_spec.rb +0 -31
@@ -0,0 +1,123 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet/face'
|
3
|
+
require 'puppet_spec/puppetserver'
|
4
|
+
|
5
|
+
describe "puppet plugin" do
|
6
|
+
include_context "https client"
|
7
|
+
|
8
|
+
let(:server) { PuppetSpec::Puppetserver.new }
|
9
|
+
let(:plugin) { Puppet::Application[:plugin] }
|
10
|
+
let(:response_body) { "[{\"path\":\"/etc/puppetlabs/code/environments/production/modules\",\"relative_path\":\".\",\"links\":\"follow\",\"owner\":0,\"group\":0,\"mode\":493,\"checksum\":{\"type\":\"ctime\",\"value\":\"{ctime}2020-03-06 20:14:25 UTC\"},\"type\":\"directory\",\"destination\":null}]" }
|
11
|
+
|
12
|
+
it "downloads from plugins, pluginsfacts and locales mounts" do
|
13
|
+
current_version_handler = -> (req, res) {
|
14
|
+
res['X-Puppet-Version'] = Puppet.version
|
15
|
+
res['Content-Type'] = 'application/json'
|
16
|
+
res.body = response_body
|
17
|
+
}
|
18
|
+
|
19
|
+
server.start_server(mounts: {file_metadatas: current_version_handler}) do |port|
|
20
|
+
Puppet[:masterport] = port
|
21
|
+
expect {
|
22
|
+
plugin.command_line.args << 'download'
|
23
|
+
plugin.run
|
24
|
+
}.to exit_with(0)
|
25
|
+
.and output(matching(
|
26
|
+
"Downloaded these plugins: #{Regexp.escape(Puppet[:pluginfactdest])}, #{Regexp.escape(Puppet[:plugindest])}, #{Regexp.escape(Puppet[:localedest])}"
|
27
|
+
)).to_stdout
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
it "downloads from plugins and pluginsfacts from older puppetservers" do
|
32
|
+
no_locales_handler = -> (req, res) {
|
33
|
+
res['X-Puppet-Version'] = '5.3.3' # locales mount was added in 5.3.4
|
34
|
+
res['Content-Type'] = 'application/json'
|
35
|
+
res.body = response_body
|
36
|
+
}
|
37
|
+
|
38
|
+
server.start_server(mounts: {file_metadatas: no_locales_handler}) do |port|
|
39
|
+
Puppet[:masterport] = port
|
40
|
+
expect {
|
41
|
+
plugin.command_line.args << 'download'
|
42
|
+
plugin.run
|
43
|
+
}.to exit_with(0)
|
44
|
+
.and output(matching(
|
45
|
+
"Downloaded these plugins: #{Regexp.escape(Puppet[:pluginfactdest])}, #{Regexp.escape(Puppet[:plugindest])}"
|
46
|
+
)).to_stdout
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
it "downloads from an environment that doesn't exist locally" do
|
51
|
+
requested_environment = nil
|
52
|
+
|
53
|
+
current_version_handler = -> (req, res) {
|
54
|
+
res['X-Puppet-Version'] = Puppet.version
|
55
|
+
res['Content-Type'] = 'application/json'
|
56
|
+
res.body = response_body
|
57
|
+
requested_environment = req.query['environment']
|
58
|
+
}
|
59
|
+
|
60
|
+
server.start_server(mounts: {file_metadatas: current_version_handler}) do |port|
|
61
|
+
Puppet[:environment] = 'doesnotexistontheagent'
|
62
|
+
Puppet[:masterport] = port
|
63
|
+
expect {
|
64
|
+
plugin.command_line.args << 'download'
|
65
|
+
plugin.run
|
66
|
+
}.to exit_with(0)
|
67
|
+
.and output(matching("Downloaded these plugins")).to_stdout
|
68
|
+
|
69
|
+
expect(requested_environment).to eq('doesnotexistontheagent')
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
context "pluginsync for external facts uses source permissions to preserve fact executable-ness" do
|
74
|
+
before :all do
|
75
|
+
WebMock.enable!
|
76
|
+
end
|
77
|
+
|
78
|
+
after :all do
|
79
|
+
WebMock.disable!
|
80
|
+
end
|
81
|
+
|
82
|
+
before :each do
|
83
|
+
metadata = "[{\"path\":\"/etc/puppetlabs/code\",\"relative_path\":\".\",\"links\":\"follow\",\"owner\":0,\"group\":0,\"mode\":420,\"checksum\":{\"type\":\"ctime\",\"value\":\"{ctime}2020-07-10 14:00:00 -0700\"},\"type\":\"directory\",\"destination\":null}]"
|
84
|
+
stub_request(:get, %r{/puppet/v3/file_metadatas/(plugins|locales)}).to_return(status: 200, body: metadata, headers: {'Content-Type' => 'application/json'})
|
85
|
+
|
86
|
+
# response retains owner/group/mode due to source_permissions => use
|
87
|
+
facts_metadata = "[{\"path\":\"/etc/puppetlabs/code\",\"relative_path\":\".\",\"links\":\"follow\",\"owner\":500,\"group\":500,\"mode\":493,\"checksum\":{\"type\":\"ctime\",\"value\":\"{ctime}2020-07-10 14:00:00 -0700\"},\"type\":\"directory\",\"destination\":null}]"
|
88
|
+
stub_request(:get, %r{/puppet/v3/file_metadatas/pluginfacts}).to_return(status: 200, body: facts_metadata, headers: {'Content-Type' => 'application/json'})
|
89
|
+
end
|
90
|
+
|
91
|
+
it "processes a download request resulting in no changes" do
|
92
|
+
# Create these so there are no changes
|
93
|
+
Puppet::FileSystem.mkpath(Puppet[:plugindest])
|
94
|
+
Puppet::FileSystem.mkpath(Puppet[:localedest])
|
95
|
+
|
96
|
+
# /opt/puppetlabs/puppet/cache/facts.d will be created based on our umask.
|
97
|
+
# If the mode on disk is not 0755, then the mode from the metadata response
|
98
|
+
# (493 => 0755) will be applied, resulting in "plugins were downloaded"
|
99
|
+
# message. Enforce a umask so the results are consistent.
|
100
|
+
Puppet::FileSystem.mkpath(Puppet[:pluginfactdest])
|
101
|
+
Puppet::FileSystem.chmod(0755, Puppet[:pluginfactdest])
|
102
|
+
|
103
|
+
app = Puppet::Application[:plugin]
|
104
|
+
app.command_line.args << 'download'
|
105
|
+
expect {
|
106
|
+
app.run
|
107
|
+
}.to exit_with(0)
|
108
|
+
.and output(/No plugins downloaded/).to_stdout
|
109
|
+
end
|
110
|
+
|
111
|
+
it "updates the facts.d mode", unless: Puppet::Util::Platform.windows? do
|
112
|
+
Puppet::FileSystem.mkpath(Puppet[:pluginfactdest])
|
113
|
+
Puppet::FileSystem.chmod(0775, Puppet[:pluginfactdest])
|
114
|
+
|
115
|
+
app = Puppet::Application[:plugin]
|
116
|
+
app.command_line.args << 'download'
|
117
|
+
expect {
|
118
|
+
app.run
|
119
|
+
}.to exit_with(0)
|
120
|
+
.and output(/Downloaded these plugins: .*facts\.d/).to_stdout
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
@@ -2,6 +2,7 @@ require 'spec_helper'
|
|
2
2
|
require 'puppet/indirector/hiera'
|
3
3
|
|
4
4
|
require 'puppet_spec/compiler'
|
5
|
+
require 'puppet/indirector/data_binding/hiera'
|
5
6
|
|
6
7
|
describe "Data binding" do
|
7
8
|
include PuppetSpec::Files
|
@@ -140,6 +141,71 @@ describe "Data binding" do
|
|
140
141
|
end
|
141
142
|
end
|
142
143
|
|
144
|
+
context "with plan_hierarchy key" do
|
145
|
+
context "using Hiera 5" do
|
146
|
+
let(:hiera_config) { <<~CONF }
|
147
|
+
---
|
148
|
+
version: 5
|
149
|
+
plan_hierarchy:
|
150
|
+
- path: global
|
151
|
+
name: Common
|
152
|
+
CONF
|
153
|
+
|
154
|
+
it "ignores plan_hierarchy outside of a Bolt plan" do
|
155
|
+
configure_hiera_for_plan_hierarchy(data, hiera_config)
|
156
|
+
|
157
|
+
create_manifest_in_module("testing", "binding.pp",
|
158
|
+
<<-MANIFEST)
|
159
|
+
class testing::binding($value) {}
|
160
|
+
MANIFEST
|
161
|
+
|
162
|
+
expect { compile_to_catalog("include testing::binding") }
|
163
|
+
.to raise_error(/Class\[Testing::Binding\]: expects a value for parameter 'value'/)
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
167
|
+
context "with invalid data" do
|
168
|
+
let(:hiera_config) { <<~CONF }
|
169
|
+
---
|
170
|
+
version: 5
|
171
|
+
plan_hierarchy:
|
172
|
+
- pop: the question
|
173
|
+
CONF
|
174
|
+
|
175
|
+
it "raises a validation error" do
|
176
|
+
configure_hiera_for_plan_hierarchy(data, hiera_config)
|
177
|
+
|
178
|
+
create_manifest_in_module("testing", "binding.pp",
|
179
|
+
<<-MANIFEST)
|
180
|
+
class testing::binding($value) {}
|
181
|
+
MANIFEST
|
182
|
+
|
183
|
+
expect { compile_to_catalog("include testing::binding") }
|
184
|
+
.to raise_error(/entry 'plan_hierarchy' index 0 unrecognized key 'pop'/)
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
context "with Hiera 3" do
|
189
|
+
let(:hiera_config) { <<~CONF }
|
190
|
+
---
|
191
|
+
plan_hierarchy: ['global']
|
192
|
+
CONF
|
193
|
+
|
194
|
+
it "errors with plan_hierarchy key" do
|
195
|
+
configure_hiera_for_plan_hierarchy(data, hiera_config)
|
196
|
+
|
197
|
+
create_manifest_in_module("testing", "binding.pp",
|
198
|
+
<<-MANIFEST)
|
199
|
+
class testing::binding($value) {}
|
200
|
+
MANIFEST
|
201
|
+
|
202
|
+
expect { compile_to_catalog("include testing::binding") }
|
203
|
+
.to raise_error(/unrecognized key 'plan_hierarchy'/)
|
204
|
+
|
205
|
+
end
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
143
209
|
|
144
210
|
def configure_hiera_for_one_tier(data)
|
145
211
|
hiera_config_file = tmpfile("hiera.yaml")
|
@@ -163,6 +229,22 @@ describe "Data binding" do
|
|
163
229
|
Puppet[:hiera_config] = hiera_config_file
|
164
230
|
end
|
165
231
|
|
232
|
+
def configure_hiera_for_plan_hierarchy(data, config)
|
233
|
+
hiera_config_file = tmpfile("hiera.yaml")
|
234
|
+
|
235
|
+
File.open(hiera_config_file, 'w:UTF-8') do |f|
|
236
|
+
f.write(config)
|
237
|
+
end
|
238
|
+
|
239
|
+
data.each do | file, contents |
|
240
|
+
File.open(File.join(dir, "#{file}.yaml"), 'w:UTF-8') do |f|
|
241
|
+
f.write(YAML.dump(contents))
|
242
|
+
end
|
243
|
+
end
|
244
|
+
|
245
|
+
Puppet[:hiera_config] = hiera_config_file
|
246
|
+
end
|
247
|
+
|
166
248
|
def configure_hiera_for_two_tier(data)
|
167
249
|
hiera_config_file = tmpfile("hiera.yaml")
|
168
250
|
|
@@ -130,8 +130,7 @@ describe "Puppet defaults" do
|
|
130
130
|
Puppet::Util.withenv( {"PATH" => path }, :windows) do
|
131
131
|
Puppet.settings[:path] = "none" # this causes it to ignore the setting
|
132
132
|
|
133
|
-
|
134
|
-
expect(envhash['Path']).to eq(path)
|
133
|
+
expect(Puppet::Util.get_env('Path')).to eq(path)
|
135
134
|
end
|
136
135
|
end
|
137
136
|
end
|
@@ -2,11 +2,7 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe "directory environments" do
|
4
4
|
let(:args) { ['--configprint', 'modulepath', '--environment', 'direnv'] }
|
5
|
-
let(:puppet)
|
6
|
-
app = Puppet::Application[:apply]
|
7
|
-
allow(app).to receive(:command_line).and_return(double('command_line', :args => []))
|
8
|
-
app
|
9
|
-
end
|
5
|
+
let(:puppet) { Puppet::Application[:apply] }
|
10
6
|
|
11
7
|
context "with a single directory environmentpath" do
|
12
8
|
before(:each) do
|
@@ -17,17 +13,19 @@ describe "directory environments" do
|
|
17
13
|
|
18
14
|
it "config prints the environments modulepath" do
|
19
15
|
Puppet.settings.initialize_global_settings(args)
|
20
|
-
expect
|
21
|
-
|
22
|
-
|
16
|
+
expect {
|
17
|
+
puppet.run
|
18
|
+
}.to exit_with(0)
|
19
|
+
.and output(%r{/direnv/modules}).to_stdout
|
23
20
|
end
|
24
21
|
|
25
22
|
it "config prints the cli --modulepath despite environment" do
|
26
23
|
args << '--modulepath' << '/completely/different'
|
27
24
|
Puppet.settings.initialize_global_settings(args)
|
28
|
-
expect
|
29
|
-
|
30
|
-
|
25
|
+
expect {
|
26
|
+
puppet.run
|
27
|
+
}.to exit_with(0)
|
28
|
+
.and output(%r{/completely/different}).to_stdout
|
31
29
|
end
|
32
30
|
|
33
31
|
it 'given an 8.3 style path on Windows, will config print an expanded path',
|
@@ -41,9 +39,10 @@ describe "directory environments" do
|
|
41
39
|
expect(Puppet[:environmentpath]).to match(/~/)
|
42
40
|
|
43
41
|
Puppet.settings.initialize_global_settings(args)
|
44
|
-
expect
|
45
|
-
|
46
|
-
|
42
|
+
expect {
|
43
|
+
puppet.run
|
44
|
+
}.to exit_with(0)
|
45
|
+
.and output(a_string_matching(expanded)).to_stdout
|
47
46
|
end
|
48
47
|
end
|
49
48
|
|
@@ -59,9 +58,10 @@ describe "directory environments" do
|
|
59
58
|
|
60
59
|
it "config prints a directory environment modulepath" do
|
61
60
|
Puppet.settings.initialize_global_settings(args)
|
62
|
-
expect
|
63
|
-
|
64
|
-
|
61
|
+
expect {
|
62
|
+
puppet.run
|
63
|
+
}.to exit_with(0)
|
64
|
+
.and output(%r{otherdirenv/modules}).to_stdout
|
65
65
|
end
|
66
66
|
end
|
67
67
|
end
|
@@ -4,31 +4,17 @@ require 'puppet_spec/files'
|
|
4
4
|
|
5
5
|
describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
6
6
|
include PuppetSpec::Files
|
7
|
+
include_context "https client"
|
7
8
|
|
8
|
-
before :all do
|
9
|
-
WebMock.disable!
|
10
|
-
end
|
11
|
-
|
12
|
-
after :all do
|
13
|
-
WebMock.enable!
|
14
|
-
end
|
15
|
-
|
16
|
-
before :each do
|
17
|
-
# make sure we don't take too long
|
18
|
-
Puppet[:http_connect_timeout] = '5s'
|
19
|
-
end
|
20
|
-
|
21
|
-
let(:hostname) { '127.0.0.1' }
|
22
9
|
let(:wrong_hostname) { 'localhost' }
|
23
|
-
let(:server) { PuppetSpec::HTTPSServer.new }
|
24
10
|
let(:client) { Puppet::HTTP::Client.new }
|
25
11
|
let(:ssl_provider) { Puppet::SSL::SSLProvider.new }
|
26
|
-
let(:root_context) { ssl_provider.create_root_context(cacerts: [
|
12
|
+
let(:root_context) { ssl_provider.create_root_context(cacerts: [https_server.ca_cert], crls: [https_server.ca_crl]) }
|
27
13
|
|
28
14
|
context "when verifying an HTTPS server" do
|
29
15
|
it "connects over SSL" do
|
30
|
-
|
31
|
-
res = client.get(URI("https://127.0.0.1:#{port}"), ssl_context: root_context)
|
16
|
+
https_server.start_server do |port|
|
17
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
32
18
|
expect(res).to be_success
|
33
19
|
end
|
34
20
|
end
|
@@ -41,14 +27,14 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
41
27
|
port = tcps.connect_address.ip_port
|
42
28
|
|
43
29
|
expect {
|
44
|
-
client.get(URI("https://127.0.0.1:#{port}"), ssl_context: root_context)
|
30
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
45
31
|
}.to raise_error(Puppet::HTTP::ConnectionError, %r{^Request to https://127.0.0.1:#{port} timed out connect operation after .* seconds})
|
46
32
|
end
|
47
33
|
|
48
34
|
it "raises if the server's cert doesn't match the hostname we connected to" do
|
49
|
-
|
35
|
+
https_server.start_server do |port|
|
50
36
|
expect {
|
51
|
-
client.get(URI("https://#{wrong_hostname}:#{port}"), ssl_context: root_context)
|
37
|
+
client.get(URI("https://#{wrong_hostname}:#{port}"), options: {ssl_context: root_context})
|
52
38
|
}.to raise_error { |err|
|
53
39
|
expect(err).to be_instance_of(Puppet::SSL::CertMismatchError)
|
54
40
|
expect(err.message).to match(/Server hostname '#{wrong_hostname}' did not match server certificate; expected one of (.+)/)
|
@@ -63,9 +49,9 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
63
49
|
wrong_ca = cert_fixture('netlock-arany-utf8.pem')
|
64
50
|
alt_context = ssl_provider.create_root_context(cacerts: [wrong_ca], revocation: false)
|
65
51
|
|
66
|
-
|
52
|
+
https_server.start_server do |port|
|
67
53
|
expect {
|
68
|
-
client.get(URI("https://127.0.0.1:#{port}"), ssl_context: alt_context)
|
54
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: alt_context})
|
69
55
|
}.to raise_error(Puppet::SSL::CertVerifyError,
|
70
56
|
%r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
|
71
57
|
end
|
@@ -73,8 +59,8 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
73
59
|
|
74
60
|
it "prints TLS protocol and ciphersuite in debug" do
|
75
61
|
Puppet[:log_level] = 'debug'
|
76
|
-
|
77
|
-
client.get(URI("https://127.0.0.1:#{port}"), ssl_context: root_context)
|
62
|
+
https_server.start_server do |port|
|
63
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
78
64
|
# TLS version string can be TLSv1 or TLSv1.[1-3], but not TLSv1.0
|
79
65
|
expect(@logs).to include(
|
80
66
|
an_object_having_attributes(level: :debug, message: /Using TLSv1(\.[1-3])? with cipher .*/),
|
@@ -93,12 +79,12 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
93
79
|
|
94
80
|
it "mutually authenticates the connection" do
|
95
81
|
client_context = ssl_provider.create_context(
|
96
|
-
cacerts: [
|
97
|
-
client_cert:
|
82
|
+
cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
|
83
|
+
client_cert: https_server.server_cert, private_key: https_server.server_key
|
98
84
|
)
|
99
85
|
|
100
|
-
|
101
|
-
res = client.get(URI("https://127.0.0.1:#{port}"), ssl_context: client_context)
|
86
|
+
https_server.start_server(ctx_proc: ctx_proc) do |port|
|
87
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
|
102
88
|
expect(res).to be_success
|
103
89
|
end
|
104
90
|
end
|
@@ -106,10 +92,10 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
106
92
|
|
107
93
|
context "with a system trust store" do
|
108
94
|
it "connects when the client trusts the server's CA" do
|
109
|
-
system_context = ssl_provider.create_system_context(cacerts: [
|
95
|
+
system_context = ssl_provider.create_system_context(cacerts: [https_server.ca_cert])
|
110
96
|
|
111
|
-
|
112
|
-
res = client.get(URI("https://127.0.0.1:#{port}"), ssl_context: system_context)
|
97
|
+
https_server.start_server do |port|
|
98
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
113
99
|
expect(res).to be_success
|
114
100
|
end
|
115
101
|
end
|
@@ -117,14 +103,14 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
117
103
|
it "connects when the server's CA is in the system store" do
|
118
104
|
# create a temp cacert bundle
|
119
105
|
ssl_file = tmpfile('systemstore')
|
120
|
-
File.write(ssl_file,
|
106
|
+
File.write(ssl_file, https_server.ca_cert)
|
121
107
|
|
122
108
|
# override path to system cacert bundle, this must be done before
|
123
109
|
# the SSLContext is created and the call to X509::Store.set_default_paths
|
124
110
|
Puppet::Util.withenv("SSL_CERT_FILE" => ssl_file) do
|
125
111
|
system_context = ssl_provider.create_system_context(cacerts: [])
|
126
|
-
|
127
|
-
res = client.get(URI("https://127.0.0.1:#{port}"), ssl_context: system_context)
|
112
|
+
https_server.start_server do |port|
|
113
|
+
res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
128
114
|
expect(res).to be_success
|
129
115
|
end
|
130
116
|
end
|
@@ -133,12 +119,36 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
133
119
|
it "raises if the server's CA is not in the context or system store" do
|
134
120
|
system_context = ssl_provider.create_system_context(cacerts: [cert_fixture('netlock-arany-utf8.pem')])
|
135
121
|
|
136
|
-
|
122
|
+
https_server.start_server do |port|
|
137
123
|
expect {
|
138
|
-
client.get(URI("https://127.0.0.1:#{port}"), ssl_context: system_context)
|
124
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: system_context})
|
139
125
|
}.to raise_error(Puppet::SSL::CertVerifyError,
|
140
126
|
%r{certificate verify failed.* .self signed certificate in certificate chain for CN=Test CA.})
|
141
127
|
end
|
142
128
|
end
|
143
129
|
end
|
130
|
+
|
131
|
+
context 'persistent connections' do
|
132
|
+
it "detects when the server has closed the connection and reconnects" do
|
133
|
+
Puppet[:http_debug] = true
|
134
|
+
|
135
|
+
# advertise that we support keep-alive, but we don't really
|
136
|
+
response_proc = -> (req, res) {
|
137
|
+
res['Connection'] = 'Keep-Alive'
|
138
|
+
}
|
139
|
+
|
140
|
+
https_server.start_server(response_proc: response_proc) do |port|
|
141
|
+
uri = URI("https://127.0.0.1:#{port}")
|
142
|
+
kwargs = {headers: {'Content-Type' => 'text/plain'}, options: {ssl_context: root_context}}
|
143
|
+
|
144
|
+
expect {
|
145
|
+
expect(client.post(uri, '', **kwargs)).to be_success
|
146
|
+
# the server closes its connection after each request, so posting
|
147
|
+
# again will force ruby to detect that the remote side closed the
|
148
|
+
# connection, and reconnect
|
149
|
+
expect(client.post(uri, '', **kwargs)).to be_success
|
150
|
+
}.to output(/Conn close because of EOF/).to_stderr
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
144
154
|
end
|