RubyGems - puppet - Versions diffs - 6.13.0 → 6.18.0 - Mend

puppet 6.13.0 → 6.18.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (461) hide show

checksums.yaml +4 -4
data/CODEOWNERS +2 -7
data/CONTRIBUTING.md +7 -13
data/Gemfile +4 -2
data/Gemfile.lock +36 -32
data/README.md +17 -24
data/ext/windows/service/daemon.rb +3 -3
data/lib/puppet.rb +33 -9
data/lib/puppet/agent.rb +20 -14
data/lib/puppet/application/agent.rb +26 -17
data/lib/puppet/application/apply.rb +18 -20
data/lib/puppet/application/describe.rb +7 -5
data/lib/puppet/application/device.rb +2 -2
data/lib/puppet/application/filebucket.rb +19 -15
data/lib/puppet/application/lookup.rb +16 -4
data/lib/puppet/application/plugin.rb +1 -0
data/lib/puppet/application/ssl.rb +4 -4
data/lib/puppet/configurer.rb +58 -57
data/lib/puppet/configurer/downloader.rb +31 -10
data/lib/puppet/configurer/plugin_handler.rb +10 -1
data/lib/puppet/confine.rb +2 -2
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/context/trusted_information.rb +14 -8
data/lib/puppet/daemon.rb +13 -27
data/lib/puppet/defaults.rb +92 -12
data/lib/puppet/environments.rb +4 -5
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/help.rb +29 -3
data/lib/puppet/face/module/search.rb +5 -0
data/lib/puppet/face/plugin.rb +2 -2
data/lib/puppet/feature/base.rb +1 -1
data/lib/puppet/file_serving/http_metadata.rb +14 -2
data/lib/puppet/file_serving/metadata.rb +4 -1
data/lib/puppet/file_serving/mount/locales.rb +1 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
data/lib/puppet/file_serving/mount/plugins.rb +1 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +17 -13
data/lib/puppet/file_system/uniquefile.rb +12 -16
data/lib/puppet/forge.rb +1 -1
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/repository.rb +4 -7
data/lib/puppet/functions/call.rb +1 -1
data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
data/lib/puppet/functions/filter.rb +1 -0
data/lib/puppet/functions/lstrip.rb +4 -4
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/functions/reverse_each.rb +1 -1
data/lib/puppet/functions/rstrip.rb +4 -4
data/lib/puppet/functions/step.rb +1 -1
data/lib/puppet/functions/strip.rb +4 -4
data/lib/puppet/gettext/config.rb +5 -5
data/lib/puppet/gettext/module_translations.rb +4 -4
data/lib/puppet/http.rb +3 -0
data/lib/puppet/http/client.rb +263 -73
data/lib/puppet/http/external_client.rb +90 -0
data/lib/puppet/http/redirector.rb +43 -7
data/lib/puppet/http/resolver.rb +46 -3
data/lib/puppet/http/resolver/server_list.rb +76 -16
data/lib/puppet/http/resolver/settings.rb +23 -3
data/lib/puppet/http/resolver/srv.rb +29 -3
data/lib/puppet/http/response.rb +87 -1
data/lib/puppet/http/retry_after_handler.rb +39 -0
data/lib/puppet/http/service.rb +97 -12
data/lib/puppet/http/service/ca.rb +76 -14
data/lib/puppet/http/service/compiler.rb +249 -16
data/lib/puppet/http/service/file_server.rb +141 -20
data/lib/puppet/http/service/report.rb +47 -17
data/lib/puppet/http/session.rb +96 -7
data/lib/puppet/indirector.rb +1 -1
data/lib/puppet/indirector/catalog/rest.rb +34 -0
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/facts/facter.rb +3 -3
data/lib/puppet/indirector/facts/rest.rb +42 -0
data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
data/lib/puppet/indirector/file_content/http.rb +5 -0
data/lib/puppet/indirector/file_content/rest.rb +30 -0
data/lib/puppet/indirector/file_metadata/http.rb +28 -8
data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
data/lib/puppet/indirector/hiera.rb +4 -0
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/indirector/node/rest.rb +24 -0
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/report/rest.rb +19 -0
data/lib/puppet/indirector/report/yaml.rb +23 -0
data/lib/puppet/indirector/request.rb +1 -1
data/lib/puppet/indirector/rest.rb +12 -0
data/lib/puppet/indirector/status/rest.rb +18 -0
data/lib/puppet/loaders.rb +6 -0
data/lib/puppet/metatype/manager.rb +80 -80
data/lib/puppet/module.rb +1 -2
data/lib/puppet/network/format_support.rb +2 -2
data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/base_pool.rb +7 -2
data/lib/puppet/network/http/compression.rb +7 -0
data/lib/puppet/network/http/connection.rb +2 -0
data/lib/puppet/network/http/connection_adapter.rb +184 -0
data/lib/puppet/network/http/nocache_pool.rb +1 -0
data/lib/puppet/network/http/pool.rb +8 -5
data/lib/puppet/network/http/route.rb +2 -2
data/lib/puppet/network/http_pool.rb +2 -1
data/lib/puppet/node/environment.rb +22 -5
data/lib/puppet/pal/catalog_compiler.rb +5 -0
data/lib/puppet/pal/pal_impl.rb +30 -31
data/lib/puppet/parameter.rb +1 -1
data/lib/puppet/parser/ast/leaf.rb +5 -5
data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
data/lib/puppet/parser/compiler.rb +43 -33
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +4 -1
data/lib/puppet/parser/functions.rb +18 -9
data/lib/puppet/parser/functions/create_resources.rb +11 -7
data/lib/puppet/parser/functions/filter.rb +1 -0
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/parser/type_loader.rb +2 -2
data/lib/puppet/pops/adaptable.rb +7 -13
data/lib/puppet/pops/adapters.rb +8 -4
data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
data/lib/puppet/pops/loaders.rb +24 -15
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/iterable.rb +34 -8
data/lib/puppet/pops/validation/checker4_0.rb +29 -15
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/provider/file/windows.rb +1 -1
data/lib/puppet/provider/group/groupadd.rb +9 -4
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +98 -1
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +61 -14
data/lib/puppet/provider/package/gem.rb +45 -9
data/lib/puppet/provider/package/pacman.rb +2 -5
data/lib/puppet/provider/package/pip.rb +143 -48
data/lib/puppet/provider/package/pip3.rb +0 -2
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +2 -2
data/lib/puppet/provider/package/puppet_gem.rb +11 -2
data/lib/puppet/provider/package/rpm.rb +6 -213
data/lib/puppet/provider/package/yum.rb +100 -20
data/lib/puppet/provider/package/zypper.rb +62 -1
data/lib/puppet/provider/service/systemd.rb +22 -4
data/lib/puppet/provider/service/windows.rb +23 -7
data/lib/puppet/provider/user/aix.rb +1 -1
data/lib/puppet/provider/user/user_role_add.rb +1 -1
data/lib/puppet/provider/user/useradd.rb +16 -5
data/lib/puppet/provider/user/windows_adsi.rb +18 -1
data/lib/puppet/reports/http.rb +15 -9
data/lib/puppet/resource.rb +2 -1
data/lib/puppet/resource/type.rb +8 -0
data/lib/puppet/resource/type_collection.rb +20 -16
data/lib/puppet/runtime.rb +31 -1
data/lib/puppet/settings.rb +3 -1
data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
data/lib/puppet/ssl.rb +1 -0
data/lib/puppet/ssl/host.rb +4 -4
data/lib/puppet/ssl/oids.rb +1 -0
data/lib/puppet/ssl/ssl_context.rb +2 -2
data/lib/puppet/ssl/ssl_provider.rb +20 -1
data/lib/puppet/ssl/state_machine.rb +81 -35
data/lib/puppet/ssl/validator/default_validator.rb +1 -1
data/lib/puppet/ssl/verifier_adapter.rb +9 -1
data/lib/puppet/test/test_helper.rb +21 -14
data/lib/puppet/transaction.rb +2 -2
data/lib/puppet/transaction/persistence.rb +1 -1
data/lib/puppet/transaction/report.rb +3 -3
data/lib/puppet/trusted_external.rb +29 -1
data/lib/puppet/type.rb +21 -8
data/lib/puppet/type/file.rb +51 -13
data/lib/puppet/type/file/checksum.rb +4 -4
data/lib/puppet/type/file/source.rb +75 -64
data/lib/puppet/type/notify.rb +2 -2
data/lib/puppet/type/package.rb +41 -3
data/lib/puppet/type/service.rb +59 -8
data/lib/puppet/type/user.rb +19 -29
data/lib/puppet/util.rb +41 -3
data/lib/puppet/util/at_fork.rb +1 -1
data/lib/puppet/util/autoload.rb +13 -25
data/lib/puppet/util/character_encoding.rb +9 -5
data/lib/puppet/util/checksums.rb +19 -4
data/lib/puppet/util/execution.rb +2 -2
data/lib/puppet/util/fileparsing.rb +2 -2
data/lib/puppet/util/instance_loader.rb +14 -10
data/lib/puppet/util/log/destinations.rb +1 -10
data/lib/puppet/util/package/version/debian.rb +175 -0
data/lib/puppet/util/package/version/gem.rb +15 -0
data/lib/puppet/util/package/version/pip.rb +167 -0
data/lib/puppet/util/package/version/range.rb +53 -0
data/lib/puppet/util/package/version/range/eq.rb +14 -0
data/lib/puppet/util/package/version/range/gt.rb +14 -0
data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/lt.rb +14 -0
data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/min_max.rb +21 -0
data/lib/puppet/util/package/version/range/simple.rb +11 -0
data/lib/puppet/util/package/version/rpm.rb +73 -0
data/lib/puppet/util/pidlock.rb +13 -7
data/lib/puppet/util/platform.rb +5 -0
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/rpm_compare.rb +193 -0
data/lib/puppet/util/windows.rb +1 -0
data/lib/puppet/util/windows/adsi.rb +2 -2
data/lib/puppet/util/windows/api_types.rb +60 -33
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +15 -14
data/lib/puppet/util/windows/registry.rb +11 -11
data/lib/puppet/util/windows/security.rb +5 -4
data/lib/puppet/util/windows/service.rb +43 -26
data/lib/puppet/util/windows/sid.rb +3 -3
data/lib/puppet/util/windows/user.rb +242 -8
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +641 -511
data/man/man5/puppet.conf.5 +75 -10
data/man/man8/puppet-agent.8 +7 -7
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +2 -2
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +17 -2
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +6 -3
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +2 -2
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +4 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +2 -2
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
data/spec/fixtures/ssl/unknown-ca.pem +59 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -69
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -69
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -65
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -67
data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -67
data/spec/integration/application/agent_spec.rb +475 -0
data/spec/integration/application/apply_spec.rb +279 -150
data/spec/integration/application/config_spec.rb +74 -0
data/spec/integration/application/doc_spec.rb +16 -6
data/spec/integration/application/filebucket_spec.rb +239 -0
data/spec/integration/application/help_spec.rb +42 -0
data/spec/integration/application/lookup_spec.rb +13 -0
data/spec/integration/application/module_spec.rb +68 -0
data/spec/integration/application/plugin_spec.rb +123 -0
data/spec/integration/data_binding_spec.rb +82 -0
data/spec/integration/defaults_spec.rb +1 -2
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/http/client_spec.rb +47 -37
data/spec/integration/indirector/facts/facter_spec.rb +8 -6
data/spec/integration/indirector/report/yaml.rb +83 -0
data/spec/integration/network/http_pool_spec.rb +93 -20
data/spec/integration/node/environment_spec.rb +15 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/type/file_spec.rb +1 -1
data/spec/integration/util/execution_spec.rb +22 -0
data/spec/integration/util/windows/adsi_spec.rb +6 -1
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
data/spec/integration/util/windows/process_spec.rb +26 -32
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/integration/util/windows/user_spec.rb +47 -5
data/spec/integration/util_spec.rb +7 -33
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/https.rb +16 -7
data/spec/lib/puppet_spec/matchers.rb +0 -80
data/spec/lib/puppet_spec/puppetserver.rb +127 -0
data/spec/shared_contexts/https.rb +29 -0
data/spec/unit/agent_spec.rb +80 -26
data/spec/unit/application/agent_spec.rb +12 -9
data/spec/unit/application/describe_spec.rb +88 -50
data/spec/unit/application/device_spec.rb +2 -2
data/spec/unit/application/face_base_spec.rb +6 -4
data/spec/unit/application/facts_spec.rb +39 -10
data/spec/unit/application/filebucket_spec.rb +22 -2
data/spec/unit/application/man_spec.rb +52 -0
data/spec/unit/application/resource_spec.rb +3 -1
data/spec/unit/application/ssl_spec.rb +15 -2
data/spec/unit/configurer/downloader_spec.rb +10 -0
data/spec/unit/configurer/fact_handler_spec.rb +4 -4
data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
data/spec/unit/configurer_spec.rb +64 -46
data/spec/unit/confine_spec.rb +2 -1
data/spec/unit/context/trusted_information_spec.rb +25 -2
data/spec/unit/daemon_spec.rb +5 -64
data/spec/unit/defaults_spec.rb +24 -1
data/spec/unit/environments_spec.rb +8 -0
data/spec/unit/face/config_spec.rb +3 -1
data/spec/unit/face/module/search_spec.rb +17 -0
data/spec/unit/face/plugin_spec.rb +12 -10
data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
data/spec/unit/file_system/uniquefile_spec.rb +29 -0
data/spec/unit/file_system_spec.rb +10 -0
data/spec/unit/functions/lookup_spec.rb +13 -0
data/spec/unit/http/client_spec.rb +321 -36
data/spec/unit/http/external_client_spec.rb +201 -0
data/spec/unit/http/resolver_spec.rb +34 -3
data/spec/unit/http/response_spec.rb +75 -0
data/spec/unit/http/service/ca_spec.rb +53 -12
data/spec/unit/http/service/compiler_spec.rb +332 -28
data/spec/unit/http/service/file_server_spec.rb +100 -12
data/spec/unit/http/service/report_spec.rb +19 -9
data/spec/unit/http/service_spec.rb +94 -6
data/spec/unit/http/session_spec.rb +159 -8
data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
data/spec/unit/indirector/facts/rest_spec.rb +79 -24
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
data/spec/unit/indirector/node/rest_spec.rb +57 -2
data/spec/unit/indirector/report/rest_spec.rb +58 -51
data/spec/unit/indirector/request_spec.rb +1 -1
data/spec/unit/indirector/resource/ral_spec.rb +7 -8
data/spec/unit/indirector/rest_spec.rb +13 -0
data/spec/unit/indirector/status/rest_spec.rb +43 -2
data/spec/unit/interface_spec.rb +3 -3
data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
data/spec/unit/network/format_support_spec.rb +3 -2
data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
data/spec/unit/network/http/connection_spec.rb +552 -190
data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
data/spec/unit/network/http/pool_spec.rb +59 -13
data/spec/unit/network/http_pool_spec.rb +63 -57
data/spec/unit/network/http_spec.rb +1 -1
data/spec/unit/node/environment_spec.rb +33 -0
data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/parser/scope_spec.rb +1 -1
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
data/spec/unit/pops/loaders/loaders_spec.rb +71 -1
data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
data/spec/unit/provider/group/groupadd_spec.rb +22 -8
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +107 -0
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +54 -15
data/spec/unit/provider/package/gem_spec.rb +40 -0
data/spec/unit/provider/package/pacman_spec.rb +6 -21
data/spec/unit/provider/package/pip_spec.rb +68 -19
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +38 -0
data/spec/unit/provider/package/portage_spec.rb +5 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +12 -1
data/spec/unit/provider/package/rpm_spec.rb +0 -212
data/spec/unit/provider/package/yum_spec.rb +243 -1
data/spec/unit/provider/package/zypper_spec.rb +98 -0
data/spec/unit/provider/service/init_spec.rb +42 -0
data/spec/unit/provider/service/openbsd_spec.rb +9 -0
data/spec/unit/provider/service/openwrt_spec.rb +1 -0
data/spec/unit/provider/service/redhat_spec.rb +9 -0
data/spec/unit/provider/service/systemd_spec.rb +93 -18
data/spec/unit/provider/service/windows_spec.rb +50 -14
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/useradd_spec.rb +30 -16
data/spec/unit/provider/user/windows_adsi_spec.rb +85 -3
data/spec/unit/puppet_pal_2pec.rb +11 -0
data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
data/spec/unit/puppet_spec.rb +33 -0
data/spec/unit/reports/http_spec.rb +70 -52
data/spec/unit/reports/store_spec.rb +17 -13
data/spec/unit/resource_spec.rb +3 -3
data/spec/unit/settings/autosign_setting_spec.rb +1 -1
data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
data/spec/unit/ssl/host_spec.rb +4 -2
data/spec/unit/ssl/oids_spec.rb +1 -0
data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
data/spec/unit/ssl/state_machine_spec.rb +99 -13
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/persistence_spec.rb +15 -0
data/spec/unit/transaction/report_spec.rb +5 -1
data/spec/unit/transaction_spec.rb +0 -2
data/spec/unit/type/file/ensure_spec.rb +1 -2
data/spec/unit/type/file/source_spec.rb +89 -38
data/spec/unit/type/file_spec.rb +122 -96
data/spec/unit/type/service_spec.rb +218 -8
data/spec/unit/type/user_spec.rb +32 -3
data/spec/unit/type_spec.rb +50 -0
data/spec/unit/util/at_fork_spec.rb +3 -2
data/spec/unit/util/autoload_spec.rb +2 -1
data/spec/unit/util/character_encoding_spec.rb +4 -4
data/spec/unit/util/checksums_spec.rb +16 -0
data/spec/unit/util/command_line_spec.rb +11 -6
data/spec/unit/util/log/destinations_spec.rb +1 -29
data/spec/unit/util/package/version/debian_spec.rb +83 -0
data/spec/unit/util/package/version/pip_spec.rb +464 -0
data/spec/unit/util/package/version/range_spec.rb +175 -0
data/spec/unit/util/package/version/rpm_spec.rb +121 -0
data/spec/unit/util/pidlock_spec.rb +102 -54
data/spec/unit/util/rpm_compare_spec.rb +196 -0
data/spec/unit/util/windows/adsi_spec.rb +4 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +4 -4
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/spec/unit/util_spec.rb +3 -3
data/spec/unit/x509/cert_provider_spec.rb +1 -1
data/tasks/generate_cert_fixtures.rake +15 -1
data/tasks/manpages.rake +5 -35
metadata +84 -52
data/COMMITTERS.md +0 -244
data/spec/integration/faces/config_spec.rb +0 -91
data/spec/integration/faces/documentation_spec.rb +0 -57
data/spec/integration/faces/plugin_spec.rb +0 -61
data/spec/integration/file_bucket/file_spec.rb +0 -50
data/spec/integration/file_serving/content_spec.rb +0 -7
data/spec/integration/file_serving/fileset_spec.rb +0 -12
data/spec/integration/file_serving/metadata_spec.rb +0 -8
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
data/spec/integration/file_system/uniquefile_spec.rb +0 -26
data/spec/integration/module_tool/forge_spec.rb +0 -64
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/provider/service/init_spec.rb +0 -48
data/spec/integration/provider/service/systemd_spec.rb +0 -25
data/spec/integration/provider/service/windows_spec.rb +0 -50
data/spec/integration/reference/providers_spec.rb +0 -21
data/spec/integration/reports_spec.rb +0 -13
data/spec/integration/ssl/certificate_request_spec.rb +0 -44
data/spec/integration/ssl/host_spec.rb +0 -72
data/spec/integration/ssl/key_spec.rb +0 -99
data/spec/integration/test/test_helper_spec.rb +0 -31
data/spec/shared_behaviours/file_serving_model.rb +0 -51
data/spec/unit/face/man_spec.rb +0 -25
data/spec/unit/man_spec.rb +0 -31

data/spec/unit/type/file_spec.rb CHANGED

@@ -3,6 +3,34 @@ require 'spec_helper'
 describe Puppet::Type.type(:file) do
   include PuppetSpec::Files
+  # precomputed checksum values for FILE_CONTENT
+  FILE_CONTENT = 'file content'.freeze
+  CHECKSUM_VALUES = {
+    md5: 'd10b4c3ff123b26dc068d43a8bef2d23',
+    md5lite: 'd10b4c3ff123b26dc068d43a8bef2d23',
+    sha256: 'e0ac3601005dfa1864f5392aabaf7d898b1b5bab854f1acb4491bcd806b76b0c',
+    sha256lite: 'e0ac3601005dfa1864f5392aabaf7d898b1b5bab854f1acb4491bcd806b76b0c',
+    sha1: '87758871f598e1a3b4679953589ae2f57a0bb43c',
+    sha1lite: '87758871f598e1a3b4679953589ae2f57a0bb43c',
+    sha224: '2aefaaa5f4d8f17f82f3e1bb407e190cede9aa1311fa4533ce505531',
+    sha384: '61c7783501ebd90233650357fefbe5a141b7618f907b8f043bbaa92c0f610c785a641ddd479fa81d650cd86e29aa6858',
+    sha512: '2fb1877301854ac92dd518018f97407a0a88bb696bfef0a51e9efbd39917353500009e15bd72c3f0e4bf690115870bfab926565d5ad97269d922dbbb41261221',
+    mtime: 'Jan 26 13:59:49 2016',
+    ctime: 'Jan 26 13:59:49 2016'
+  }.freeze
+  INVALID_CHECKSUM_VALUES = {
+    md5: '00000000000000000000000000000000',
+    md5lite: '00000000000000000000000000000000',
+    sha256: '0000000000000000000000000000000000000000000000000000000000000000',
+    sha256lite: '0000000000000000000000000000000000000000000000000000000000000000',
+    sha1: '0000000000000000000000000000000000000000',
+    sha1lite: '0000000000000000000000000000000000000000',
+    sha224: '00000000000000000000000000000000000000000000000000000000',
+    sha384: '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',
+    sha512: '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
+  }.freeze
   let(:path) { tmpfile('file_testing') }
   let(:file) { described_class.new(:path => path, :catalog => catalog) }
   let(:provider) { file.provider }
@@ -791,7 +819,7 @@ describe Puppet::Type.type(:file) do
       let(:sources) do
         h = {}
         %w{/a /b /c /d}.each do |key|
-          h[key] = URI.unescape(Puppet::Util.path_to_uri(File.expand_path(key)).to_s)
+          h[key] = Puppet::Util.uri_unescape(Puppet::Util.path_to_uri(File.expand_path(key)).to_s)
         end
         h
       end
@@ -1108,38 +1136,6 @@ describe Puppet::Type.type(:file) do
   end
   describe "#write" do
-    describe "when validating the checksum" do
-      before { allow(file).to receive(:validate_checksum?).and_return(true) }
-      it "should fail if the checksum parameter and content checksums do not match" do
-        checksum = double('checksum_parameter',  :sum => 'checksum_b', :sum_file => 'checksum_b')
-        allow(file).to receive(:parameter).with(:checksum).and_return(checksum)
-        allow(file).to receive(:parameter).with(:source).and_return(nil)
-        property = double('content_property', :actual_content => "something", :length => "something".length, :write => 'checksum_a')
-        allow(file).to receive(:property).with(:content).and_return(property)
-        expect { file.write property }.to raise_error(Puppet::Error) end
-    end
-    describe "when not validating the checksum" do
-      before do
-        allow(file).to receive(:validate_checksum?).and_return(false)
-      end
-      it "should not fail if the checksum property and content checksums do not match" do
-        checksum = double('checksum_parameter',  :sum => 'checksum_b')
-        allow(file).to receive(:parameter).with(:checksum).and_return(checksum)
-        allow(file).to receive(:parameter).with(:source).and_return(nil)
-        property = double('content_property', :actual_content => "something", :length => "something".length, :write => 'checksum_a')
-        allow(file).to receive(:property).with(:content).and_return(property)
-        expect { file.write property }.to_not raise_error
-      end
-    end
     describe "when resource mode is supplied" do
       before do
         allow(file).to receive(:property_fix)
@@ -1191,7 +1187,7 @@ describe Puppet::Type.type(:file) do
     describe "when resource mode is not supplied" do
       context "and content is supplied" do
         it "should default to 0644 mode" do
-          file = described_class.new(:path => path, :content => "file content")
+          file = described_class.new(:path => path, :content => FILE_CONTENT)
           file.write file.parameter(:content)
@@ -1214,35 +1210,6 @@ describe Puppet::Type.type(:file) do
     end
   end
-  describe "#fail_if_checksum_is_wrong" do
-    it "should fail if the checksum of the file doesn't match the expected one" do
-      expect do
-        allow(file.parameter(:checksum)).to receive(:sum_file).and_return('wrong!!')
-        file.instance_eval do
-          fail_if_checksum_is_wrong(self[:path], 'anything!')
-        end
-      end.to raise_error(Puppet::Error, /File written to disk did not match checksum/)
-    end
-    it "should not fail if the checksum is correct" do
-      expect do
-        allow(file.parameter(:checksum)).to receive(:sum_file).and_return('anything!')
-        file.instance_eval do
-          fail_if_checksum_is_wrong(self[:path], 'anything!')
-        end
-      end.not_to raise_error
-    end
-    it "should not fail if the checksum is absent" do
-      expect do
-        allow(file.parameter(:checksum)).to receive(:sum_file).and_return(nil)
-        file.instance_eval do
-          fail_if_checksum_is_wrong(self[:path], 'anything!')
-        end
-      end.not_to raise_error
-    end
-  end
   describe "#write_temporary_file?" do
     it "should be true if the file has specified content" do
       file[:content] = 'some content'
@@ -1462,7 +1429,7 @@ describe Puppet::Type.type(:file) do
       expect(Puppet::FileServing::Metadata.indirection).to receive(:find).with(source, anything).and_return(metadata)
       uri = file.parameters[:source].uri
-      expect(URI.unescape(uri.path)).to eq(filename)
+      expect(Puppet::Util.uri_unescape(uri.path)).to eq(filename)
       expect(uri.path.encoding).to eq(Encoding::UTF_8)
     end
@@ -1486,29 +1453,16 @@ describe Puppet::Type.type(:file) do
       expect_any_instance_of(Puppet::Indirector::FileMetadata::Rest).to receive(:find).with(request_key(filename[1..-1])).and_return(metadata)
       uri = file.parameters[:source].uri
-      expect(URI.unescape(uri.path)).to eq(filename)
+      expect(Puppet::Util.uri_unescape(uri.path)).to eq(filename)
       expect(uri.path.encoding).to eq(Encoding::UTF_8)
     end
   end
   describe "when using source" do
+    let(:source) { tmpfile('file_source') }
     before do
-      file[:source] = File.expand_path('/one')
-      # Contents of an empty file generate the below hash values
-      # in case you need to add support for additional algorithms in future
-      @checksum_values = {
-        :md5 => 'd41d8cd98f00b204e9800998ecf8427e',
-        :md5lite => 'd41d8cd98f00b204e9800998ecf8427e',
-        :sha256 => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
-        :sha256lite => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
-        :sha1 => 'da39a3ee5e6b4b0d3255bfef95601890afd80709',
-        :sha1lite => 'da39a3ee5e6b4b0d3255bfef95601890afd80709',
-        :sha224 => 'd14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f',
-        :sha384 => '38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b',
-        :sha512 => 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e',
-        :mtime => 'Jan 26 13:59:49 2016',
-        :ctime => 'Jan 26 13:59:49 2016'
-      }
+      file[:source] = source
     end
     Puppet::Type::File::ParameterChecksum.value_collection.values.reject {|v| v == :none}.each do |checksum_type|
@@ -1527,9 +1481,51 @@ describe Puppet::Type.type(:file) do
         end
         it 'should validate a valid checksum_value' do
-          file[:checksum_value] = @checksum_values[checksum_type]
+          file[:checksum_value] = CHECKSUM_VALUES[checksum_type]
           expect { file.validate }.to_not raise_error
         end
+        it 'fails if the checksum_value parameter and written file do not match' do
+          skip if checksum_type =~ /^(ctime|mtime)/
+          File.write(source, FILE_CONTENT)
+          file[:checksum_value] = INVALID_CHECKSUM_VALUES[checksum_type]
+          expect {
+            file.property(:checksum_value).sync
+          }.to raise_error(Puppet::Error, /File written to disk did not match desired checksum/)
+          expect(Puppet::FileSystem).to_not be_exist(file[:path])
+        end
+        it 'fails if the checksum_value parameter does not match, but the metadata does' do
+          skip if checksum_type =~ /^(ctime|mtime)/
+          File.write(source, FILE_CONTENT)
+          file[:checksum_value] = INVALID_CHECKSUM_VALUES[checksum_type]
+          allow(file.parameter(:source).metadata).to receive(:checksum).and_return(file[:checksum_value])
+          expect {
+            file.property(:checksum_value).sync
+          }.to raise_error(Puppet::Error, /File written to disk did not match desired checksum/)
+          expect(Puppet::FileSystem).to_not be_exist(file[:path])
+        end
+        it 'replaces a file from a source when the checksum matches' do
+          File.write(source, FILE_CONTENT)
+          file[:checksum_value] = CHECKSUM_VALUES[checksum_type]
+          file.property(:checksum_value).sync
+          checksum = file.parameter(:checksum).sum_file(file[:path])
+          if checksum_type =~ /^(ctime|mtime)/
+            # file on disk ctime/mtime will be later than expected time
+            expect(checksum).to match(/{#{checksum_type}}/)
+          else
+            expect(checksum).to eq("{#{checksum_type}}#{file[:checksum_value]}")
+          end
+        end
       end
     end
@@ -1591,19 +1587,8 @@ describe Puppet::Type.type(:file) do
   end
   describe "when using content" do
-    before do
-      file[:content] = 'file contents'
-      @checksum_values = {
-        :md5 => 'd41d8cd98f00b204e9800998ecf8427e',
-        :md5lite => 'd41d8cd98f00b204e9800998ecf8427e',
-        :sha256 => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
-        :sha256lite => 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
-        :sha1 => 'da39a3ee5e6b4b0d3255bfef95601890afd80709',
-        :sha1lite => 'da39a3ee5e6b4b0d3255bfef95601890afd80709',
-        :sha224 => 'd14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f',
-        :sha384 => '38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b',
-        :sha512 => 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e',
-      }
+    before :each do
+      file[:content] = FILE_CONTENT
     end
     (Puppet::Type::File::ParameterChecksum.value_collection.values - SOURCE_ONLY_CHECKSUMS).each do |checksum_type|
@@ -1622,9 +1607,43 @@ describe Puppet::Type.type(:file) do
         end
         it 'should validate a valid checksum_value' do
-          file[:checksum_value] = @checksum_values[checksum_type]
+          file[:checksum_value] = CHECKSUM_VALUES[checksum_type]
           expect { file.validate }.to_not raise_error
         end
+        it 'fails if the checksum_value parameter and written file do not match' do
+          file[:checksum_value] = INVALID_CHECKSUM_VALUES[checksum_type]
+          expect {
+            file.property(:content).sync
+          }.to raise_error(Puppet::Error, /File written to disk did not match desired checksum/)
+          expect(Puppet::FileSystem).to_not be_exist(file[:path])
+        end
+        it 'fails if the calculated checksum for the content and written file do not match' do
+          allow(file.parameter(:checksum)).to receive(:sum).and_return(INVALID_CHECKSUM_VALUES[checksum_type])
+          expect {
+            file.property(:content).sync
+          }.to raise_error(Puppet::Error, /File written to disk did not match desired checksum/)
+          expect(Puppet::FileSystem).to_not be_exist(file[:path])
+        end
+        it 'replaces a file from content when the checksum matches' do
+          file[:checksum_value] = CHECKSUM_VALUES[checksum_type]
+          file.property(:content).sync
+          checksum = file.parameter(:checksum).sum_file(file[:path])
+          if checksum_type =~ /^(ctime|mtime)/
+            # file on disk ctime/mtime will be later than expected time
+            expect(checksum).to match(/{#{checksum_type}}/)
+          else
+            expect(checksum).to eq("{#{checksum_type}}#{file[:checksum_value]}")
+          end
+        end
       end
     end
@@ -1657,6 +1676,13 @@ describe Puppet::Type.type(:file) do
       file[:checksum_value] = ''
       expect { file.validate }.to_not raise_error
     end
+    it 'writes a file' do
+      file[:ensure] = :file
+      file.property(:ensure).sync
+      expect(file.parameter(:checksum).sum_file(file[:path])).to eq('{none}')
+    end
   end
   describe "when auditing" do

data/spec/unit/type/service_spec.rb CHANGED

@@ -145,6 +145,199 @@ describe test_title, "when validating attribute values" do
     end
   end
+  describe "the service logon credentials" do
+    before do
+      provider_class_with_logon_credentials = Puppet::Type.type(:service).provide(:simple) do
+        has_features :manages_logon_credentials
+        def logonpassword=(value) end
+      end
+      allow(Puppet::Type.type(:service)).to receive(:defaultprovider).and_return(provider_class_with_logon_credentials)
+    end
+    describe "the 'logonaccount' property" do
+      it "should not be munged nor checked when not on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+        service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'NonWindowsUser')
+        expect { service }.not_to raise_error
+        expect(service[:logonaccount]).to eq('NonWindowsUser')
+      end
+      context "when on Windows", :if => Puppet::Util::Platform.windows? do
+        before do
+          allow(Puppet::Util::Windows::User).to receive(:password_is?).and_return(true)
+          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
+          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
+        end
+        it "should fail when the `Log On As A Service` right is missing from given user" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
+          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("")
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" is missing the 'Log On As A Service' right./)
+        end
+        it "should fail when the `Log On As A Service` right is set to denied for given user" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
+          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeDenyServiceLogonRight")
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" has the 'Log On As A Service' right set to denied./)
+        end
+        it "should not fail when given user has the `Log On As A Service` right" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
+          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeServiceLogonRight")
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
+        end
+        it "should not fail when given user is a default system account even if the `Log On As A Service` right is missing" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
+          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).and_return(true)
+          expect(Puppet::Util::Windows::User).not_to receive(:get_rights)
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
+        end
+        ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |user_input|
+          it "should succesfully munge #{user_input} to 'LocalSystem'" do
+            service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => user_input)
+            expect { service }.not_to raise_error
+            expect(service[:logonaccount]).to eq('LocalSystem')
+          end
+        end
+        it "should succesfully munge local account" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
+          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
+          expect { service }.not_to raise_error
+          expect(service[:logonaccount]).to eq('.\myUser')
+        end
+        it "should succesfully munge domain account" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("DomainUser", nil, nil, "myDomain", :SidTypeUser))
+          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'DomainUser')
+          expect { service }.not_to raise_error
+          expect(service[:logonaccount]).to eq('myDomain\DomainUser')
+        end
+        it "should succesfully munge well known user" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeWellKnownGroup))
+          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalService')
+          expect { service }.not_to raise_error
+          expect(service[:logonaccount]).to eq('NT AUTHORITY\LOCAL SERVICE')
+        end
+        it "should succesfully munge a SID" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("NETWORK SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
+          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'S-1-5-20')
+          expect { service }.not_to raise_error
+          expect(service[:logonaccount]).to eq('NT AUTHORITY\NETWORK SERVICE')
+        end
+        it "should fail when account is invalid" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(nil)
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'InvalidUser') }.to raise_error(Puppet::Error, /"InvalidUser" is not a valid account/)
+        end
+        it "should fail when sid type is not user or well known user" do
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("Administrators", nil, nil, "BUILTIN", :SidTypeAlias))
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'Administrators') }.to raise_error(Puppet::Error, /"Administrators" is not a valid account/)
+        end
+      end
+    end
+    describe "the logonpassword parameter" do
+      it "should fail when logonaccount is not being managed as well" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :logonpassword => 'myPass') }.to raise_error(Puppet::Error, /The 'logonaccount' parameter is mandatory when setting 'logonpassword'./)
+      end
+      it "should default to empty string when only logonaccount is being managed" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+        service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
+        expect { service }.not_to raise_error
+        expect(service[:logonpassword]).to eq("")
+      end
+      it "should default to nil when not even logonaccount is being managed" do
+        service = Puppet::Type.type(:service).new(:name => "yay")
+        expect(service[:logonpassword]).to eq(nil)
+      end
+      it "should fail when logonpassword includes the ':' character" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+        expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'my:Pass') }.to raise_error(Puppet::Error, /Passwords cannot include ':'/)
+      end
+      it "should not further check the password against given account when not on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+        expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
+      end
+      context "when on Windows", :if => Puppet::Util::Platform.windows? do
+        before do
+          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
+          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(name_to_principal_result)
+          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
+        end
+        it "should pass validation when given account is 'LocalSystem'" do
+          allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('LocalSystem').and_return(true)
+          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('LocalSystem').and_return(false)
+          expect(Puppet::Util::Windows::SID).not_to receive(:name_to_principal)
+          expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
+          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalSystem') }.not_to raise_error
+        end
+        ['LOCAL SERVICE', 'NETWORK SERVICE', 'SYSTEM'].each do |predefined_local_account|
+          describe "when given account is #{predefined_local_account}" do
+            let(:name_to_principal_result) do
+              Puppet::Util::Windows::SID::Principal.new(predefined_local_account, nil, nil, "NT AUTHORITY", :SidTypeUser)
+            end
+            it "should pass validation" do
+              allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(predefined_local_account).and_return(false)
+              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with(predefined_local_account).and_return(true)
+              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with("NT AUTHORITY\\#{predefined_local_account}").and_return(true)
+              expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
+              expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => predefined_local_account) }.not_to raise_error
+            end
+          end
+        end
+        let(:name_to_principal_result) do
+          Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser)
+        end
+        describe "when given logonaccount is not a predefined local account" do
+          before do
+            allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('myUser').and_return(false)
+            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('myUser').and_return(false)
+            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('.\\myUser').and_return(false)
+          end
+          it "should pass validation if password is proven correct" do
+            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myPass', '.').and_return(true)
+            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
+          end
+          it "should not pass validation if password check fails" do
+            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myWrongPass', '.').and_return(false)
+            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myWrongPass') }.to raise_error(Puppet::Error, /The given password is invalid for user '.\\myUser'/)
+          end
+        end
+      end
+    end
+  end
   it "should support :true as a value to :hasstatus" do
     srv = Puppet::Type.type(:service).new(:name => "yay", :hasstatus => :true)
     expect(srv[:hasstatus]).to eq(:true)
@@ -284,20 +477,21 @@ describe test_title, "when changing the host" do
     @service.property(:enable).sync
   end
-  it "should always consider the enable state of a static service to be in sync" do
+  it "should let superclass implementation resolve insyncness when provider does not respond to the 'enabled_insync?' method" do
     allow(@service.provider.class).to receive(:supports_parameter?).and_return(true)
-    expect(@service.provider).to receive(:cached_enabled?).and_return('static')
-    @service[:enable] = false
-    expect(Puppet).to receive(:debug).with("Unable to enable or disable static service yay")
+    @service[:enable] = true
+    allow(@service.provider).to receive(:respond_to?).with(:enabled_insync?).and_return(false)
     expect(@service.property(:enable).insync?(:true)).to eq(true)
   end
-  it "should determine insyncness normally when the service is not static" do
+  it "insyncness should be resolved by provider instead of superclass implementation when provider responds to the 'enabled_insync?' method" do
     allow(@service.provider.class).to receive(:supports_parameter?).and_return(true)
-    expect(@service.provider).to receive(:cached_enabled?).and_return('true')
     @service[:enable] = true
-    expect(Puppet).not_to receive(:debug)
-    expect(@service.property(:enable).insync?(:true)).to eq(true)
+    allow(@service.provider).to receive(:respond_to?).with(:enabled_insync?).and_return(true)
+    allow(@service.provider).to receive(:enabled_insync?).and_return(false)
+    expect(@service.property(:enable).insync?(:true)).to eq(false)
   end
   it "should sync the service's enable state when changing the state of :ensure if :enable is being managed" do
@@ -313,6 +507,22 @@ describe test_title, "when changing the host" do
     @service.property(:ensure).sync
   end
+  it "should sync the service's logonaccount state when changing the state of :ensure if :logonaccount is being managed" do
+    allow(@service.provider.class).to receive(:supports_parameter?).and_return(true)
+    allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+    @service[:ensure] = :stopped
+    @service[:logonaccount] = 'LocalSystem'
+    expect(@service.property(:logonaccount)).to receive(:retrieve).and_return("MyUser")
+    expect(@service.property(:logonaccount)).to receive(:insync?).and_return(false)
+    expect(@service.property(:logonaccount)).to receive(:sync)
+    allow(@service.provider).to receive(:stop)
+    @service.property(:ensure).sync
+  end
 end
 describe test_title, "when refreshing the service" do