puppet 6.14.0-universal-darwin → 6.15.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (195) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +15 -15
  3. data/ext/windows/service/daemon.rb +3 -3
  4. data/lib/puppet.rb +1 -1
  5. data/lib/puppet/agent.rb +2 -10
  6. data/lib/puppet/application/agent.rb +2 -1
  7. data/lib/puppet/application/filebucket.rb +5 -14
  8. data/lib/puppet/application/ssl.rb +2 -2
  9. data/lib/puppet/configurer.rb +7 -3
  10. data/lib/puppet/configurer/plugin_handler.rb +1 -1
  11. data/lib/puppet/defaults.rb +22 -2
  12. data/lib/puppet/environments.rb +4 -5
  13. data/lib/puppet/face/plugin.rb +1 -1
  14. data/lib/puppet/file_system/file_impl.rb +13 -9
  15. data/lib/puppet/forge/repository.rb +1 -1
  16. data/lib/puppet/functions/call.rb +1 -1
  17. data/lib/puppet/functions/reduce.rb +2 -4
  18. data/lib/puppet/http.rb +2 -0
  19. data/lib/puppet/http/client.rb +191 -52
  20. data/lib/puppet/http/external_client.rb +96 -0
  21. data/lib/puppet/http/redirector.rb +34 -0
  22. data/lib/puppet/http/resolver.rb +46 -3
  23. data/lib/puppet/http/resolver/server_list.rb +75 -15
  24. data/lib/puppet/http/resolver/settings.rb +22 -2
  25. data/lib/puppet/http/resolver/srv.rb +28 -2
  26. data/lib/puppet/http/response.rb +63 -1
  27. data/lib/puppet/http/retry_after_handler.rb +39 -0
  28. data/lib/puppet/http/service.rb +67 -1
  29. data/lib/puppet/http/service/ca.rb +71 -9
  30. data/lib/puppet/http/service/compiler.rb +213 -11
  31. data/lib/puppet/http/service/file_server.rb +105 -4
  32. data/lib/puppet/http/service/report.rb +36 -3
  33. data/lib/puppet/http/session.rb +59 -8
  34. data/lib/puppet/indirector/catalog/rest.rb +2 -1
  35. data/lib/puppet/indirector/facts/rest.rb +2 -1
  36. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  37. data/lib/puppet/indirector/file_metadata/rest.rb +4 -2
  38. data/lib/puppet/indirector/node/rest.rb +2 -1
  39. data/lib/puppet/indirector/report/yaml.rb +23 -0
  40. data/lib/puppet/indirector/status/rest.rb +2 -1
  41. data/lib/puppet/metatype/manager.rb +80 -80
  42. data/lib/puppet/network/http/base_pool.rb +6 -1
  43. data/lib/puppet/network/http/pool.rb +2 -4
  44. data/lib/puppet/network/http_pool.rb +1 -0
  45. data/lib/puppet/node/environment.rb +11 -1
  46. data/lib/puppet/pal/pal_impl.rb +1 -29
  47. data/lib/puppet/parser/compiler.rb +14 -7
  48. data/lib/puppet/parser/functions.rb +18 -13
  49. data/lib/puppet/pops/loaders.rb +7 -5
  50. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  51. data/lib/puppet/provider/package/apt.rb +61 -1
  52. data/lib/puppet/provider/package/dnfmodule.rb +39 -12
  53. data/lib/puppet/provider/package/gem.rb +41 -7
  54. data/lib/puppet/provider/package/pacman.rb +2 -5
  55. data/lib/puppet/provider/package/pip.rb +105 -33
  56. data/lib/puppet/provider/package/pip3.rb +0 -2
  57. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  58. data/lib/puppet/provider/package/pkgng.rb +16 -4
  59. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  60. data/lib/puppet/provider/package/rpm.rb +6 -213
  61. data/lib/puppet/provider/package/yum.rb +92 -19
  62. data/lib/puppet/provider/service/systemd.rb +2 -1
  63. data/lib/puppet/reports/http.rb +13 -11
  64. data/lib/puppet/resource/type_collection.rb +20 -16
  65. data/lib/puppet/ssl.rb +1 -0
  66. data/lib/puppet/ssl/host.rb +4 -4
  67. data/lib/puppet/ssl/oids.rb +1 -0
  68. data/lib/puppet/ssl/state_machine.rb +50 -33
  69. data/lib/puppet/transaction/report.rb +2 -2
  70. data/lib/puppet/type.rb +6 -1
  71. data/lib/puppet/type/file/source.rb +4 -2
  72. data/lib/puppet/type/package.rb +25 -2
  73. data/lib/puppet/type/user.rb +0 -19
  74. data/lib/puppet/util/at_fork.rb +1 -1
  75. data/lib/puppet/util/autoload.rb +3 -0
  76. data/lib/puppet/util/instance_loader.rb +14 -10
  77. data/lib/puppet/util/package/version/debian.rb +175 -0
  78. data/lib/puppet/util/package/version/gem.rb +15 -0
  79. data/lib/puppet/util/package/version/pip.rb +167 -0
  80. data/lib/puppet/util/package/version/range.rb +50 -0
  81. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  82. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  83. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  84. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  85. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  86. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  87. data/lib/puppet/util/package/version/rpm.rb +73 -0
  88. data/lib/puppet/util/pidlock.rb +13 -7
  89. data/lib/puppet/util/platform.rb +5 -0
  90. data/lib/puppet/util/rpm_compare.rb +193 -0
  91. data/lib/puppet/util/windows/adsi.rb +2 -2
  92. data/lib/puppet/util/windows/process.rb +15 -14
  93. data/lib/puppet/util/windows/security.rb +1 -0
  94. data/lib/puppet/util/windows/sid.rb +3 -3
  95. data/lib/puppet/version.rb +1 -1
  96. data/locales/puppet.pot +207 -201
  97. data/man/man5/puppet.conf.5 +11 -3
  98. data/man/man8/puppet-agent.8 +1 -1
  99. data/man/man8/puppet-apply.8 +1 -1
  100. data/man/man8/puppet-catalog.8 +1 -1
  101. data/man/man8/puppet-config.8 +1 -1
  102. data/man/man8/puppet-describe.8 +1 -1
  103. data/man/man8/puppet-device.8 +1 -1
  104. data/man/man8/puppet-doc.8 +1 -1
  105. data/man/man8/puppet-epp.8 +1 -1
  106. data/man/man8/puppet-facts.8 +1 -1
  107. data/man/man8/puppet-filebucket.8 +1 -1
  108. data/man/man8/puppet-generate.8 +1 -1
  109. data/man/man8/puppet-help.8 +1 -1
  110. data/man/man8/puppet-key.8 +1 -1
  111. data/man/man8/puppet-lookup.8 +1 -1
  112. data/man/man8/puppet-man.8 +1 -1
  113. data/man/man8/puppet-module.8 +1 -1
  114. data/man/man8/puppet-node.8 +1 -1
  115. data/man/man8/puppet-parser.8 +1 -1
  116. data/man/man8/puppet-plugin.8 +1 -1
  117. data/man/man8/puppet-report.8 +1 -1
  118. data/man/man8/puppet-resource.8 +1 -1
  119. data/man/man8/puppet-script.8 +1 -1
  120. data/man/man8/puppet-ssl.8 +1 -1
  121. data/man/man8/puppet-status.8 +1 -1
  122. data/man/man8/puppet.8 +2 -2
  123. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  124. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  125. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  126. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  127. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list-enabled.txt} +2 -0
  128. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  129. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  130. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  131. data/spec/integration/application/agent_spec.rb +329 -0
  132. data/spec/integration/application/apply_spec.rb +132 -3
  133. data/spec/integration/application/filebucket_spec.rb +190 -0
  134. data/spec/integration/application/plugin_spec.rb +50 -0
  135. data/spec/integration/http/client_spec.rb +34 -40
  136. data/spec/integration/indirector/report/yaml.rb +83 -0
  137. data/spec/integration/module_tool/forge_spec.rb +2 -15
  138. data/spec/integration/network/http_pool_spec.rb +11 -19
  139. data/spec/integration/node/environment_spec.rb +15 -0
  140. data/spec/integration/util/windows/adsi_spec.rb +1 -1
  141. data/spec/lib/puppet/test_ca.rb +2 -2
  142. data/spec/lib/puppet_spec/https.rb +10 -7
  143. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  144. data/spec/shared_contexts/https.rb +29 -0
  145. data/spec/unit/agent_spec.rb +33 -25
  146. data/spec/unit/application/agent_spec.rb +5 -1
  147. data/spec/unit/application/device_spec.rb +2 -2
  148. data/spec/unit/application/filebucket_spec.rb +22 -2
  149. data/spec/unit/configurer_spec.rb +1 -1
  150. data/spec/unit/defaults_spec.rb +24 -1
  151. data/spec/unit/environments_spec.rb +8 -0
  152. data/spec/unit/file_system_spec.rb +10 -0
  153. data/spec/unit/http/client_spec.rb +105 -46
  154. data/spec/unit/http/external_client_spec.rb +201 -0
  155. data/spec/unit/http/resolver_spec.rb +20 -0
  156. data/spec/unit/http/service/ca_spec.rb +25 -2
  157. data/spec/unit/http/service/compiler_spec.rb +184 -6
  158. data/spec/unit/http/service/file_server_spec.rb +35 -3
  159. data/spec/unit/http/service/report_spec.rb +3 -1
  160. data/spec/unit/http/service_spec.rb +3 -3
  161. data/spec/unit/http/session_spec.rb +56 -7
  162. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  163. data/spec/unit/network/http/pool_spec.rb +3 -3
  164. data/spec/unit/node/environment_spec.rb +16 -0
  165. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  166. data/spec/unit/provider/package/apt_spec.rb +30 -0
  167. data/spec/unit/provider/package/dnfmodule_spec.rb +33 -14
  168. data/spec/unit/provider/package/gem_spec.rb +40 -0
  169. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  170. data/spec/unit/provider/package/pip_spec.rb +26 -3
  171. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  172. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  173. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  174. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  175. data/spec/unit/provider/package/yum_spec.rb +235 -1
  176. data/spec/unit/provider/service/systemd_spec.rb +10 -1
  177. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  178. data/spec/unit/puppet_pal_2pec.rb +0 -29
  179. data/spec/unit/reports/http_spec.rb +70 -52
  180. data/spec/unit/ssl/host_spec.rb +4 -2
  181. data/spec/unit/ssl/oids_spec.rb +1 -0
  182. data/spec/unit/ssl/state_machine_spec.rb +38 -6
  183. data/spec/unit/transaction/report_spec.rb +4 -0
  184. data/spec/unit/util/at_fork_spec.rb +2 -2
  185. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  186. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  187. data/spec/unit/util/package/version/range_spec.rb +154 -0
  188. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  189. data/spec/unit/util/pidlock_spec.rb +83 -47
  190. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  191. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  192. data/spec/unit/util/windows/sid_spec.rb +2 -2
  193. data/tasks/generate_cert_fixtures.rake +15 -1
  194. metadata +51 -6
  195. data/spec/integration/faces/plugin_spec.rb +0 -63
@@ -30,7 +30,8 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
30
30
  def self.instances
31
31
  i = []
32
32
  output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
33
- output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect)\s*$/i).each do |m|
33
+ output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad)\s*$/i).each do |m|
34
+ Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
34
35
  i << new(:name => m[0])
35
36
  end
36
37
  return i
@@ -20,19 +20,21 @@ Puppet::Reports.register_report(:http) do
20
20
  # (Puppet::Network::HTTP) but is used by Puppet Server's http client
21
21
  # (Puppet::Server::HttpClient) to track metrics on the request made to the
22
22
  # `reporturl` to store a report.
23
- options = { :metric_id => [:puppet, :report, :http] }
23
+ options = {
24
+ :metric_id => [:puppet, :report, :http],
25
+ :include_system_store => Puppet[:report_include_system_store],
26
+ }
27
+
24
28
  if url.user && url.password
25
- options[:basic_auth] = {
26
- :user => url.user,
27
- :password => url.password
28
- }
29
+ options[:user] = url.user
30
+ options[:password] = url.password
29
31
  end
30
- use_ssl = url.scheme == 'https'
31
- ssl_context = use_ssl ? Puppet.lookup(:ssl_context) : nil
32
- conn = Puppet::Network::HttpPool.connection(url.host, url.port, use_ssl: use_ssl, ssl_context: ssl_context)
33
- response = conn.post(url.path, self.to_yaml, headers, options)
34
- unless response.kind_of?(Net::HTTPSuccess)
35
- Puppet.err _("Unable to submit report to %{url} [%{code}] %{message}") % { url: Puppet[:reporturl].to_s, code: response.code, message: response.msg }
32
+
33
+ client = Puppet.runtime['http']
34
+ client.post(url, self.to_yaml, headers: headers, options: options) do |response|
35
+ unless response.success?
36
+ Puppet.err _("Unable to submit report to %{url} [%{code}] %{message}") % { url: Puppet[:reporturl].to_s, code: response.code, message: response.reason }
37
+ end
36
38
  end
37
39
  end
38
40
  end
@@ -1,6 +1,7 @@
1
1
  require 'puppet/parser/type_loader'
2
2
  require 'puppet/util/file_watcher'
3
3
  require 'puppet/util/warnings'
4
+ require 'puppet/concurrent/lock'
4
5
 
5
6
  # @api private
6
7
  class Puppet::Resource::TypeCollection
@@ -28,6 +29,7 @@ class Puppet::Resource::TypeCollection
28
29
  @nodes = {}
29
30
  @notfound = {}
30
31
  @sites = []
32
+ @lock = Puppet::Concurrent::Lock.new
31
33
 
32
34
  # So we can keep a list and match the first-defined regex
33
35
  @node_list = []
@@ -225,25 +227,27 @@ class Puppet::Resource::TypeCollection
225
227
  # Resolve namespaces and find the given object. Autoload it if
226
228
  # necessary.
227
229
  def find_or_load(name, type)
228
- # Name is always absolute, but may start with :: which must be removed
229
- fqname = (name[0,2] == COLON_COLON ? name[2..-1] : name)
230
-
231
- result = send(type, fqname)
232
- unless result
233
- if @notfound[ fqname ] && Puppet[ :ignoremissingtypes ]
234
- # do not try to autoload if we already tried and it wasn't conclusive
235
- # as this is a time consuming operation. Warn the user.
236
- # Check first if debugging is on since the call to debug_once is expensive
237
- if Puppet[:debug]
238
- debug_once _("Not attempting to load %{type} %{fqname} as this object was missing during a prior compilation") % { type: type, fqname: fqname }
230
+ @lock.synchronize do
231
+ # Name is always absolute, but may start with :: which must be removed
232
+ fqname = (name[0,2] == COLON_COLON ? name[2..-1] : name)
233
+
234
+ result = send(type, fqname)
235
+ unless result
236
+ if @notfound[ fqname ] && Puppet[ :ignoremissingtypes ]
237
+ # do not try to autoload if we already tried and it wasn't conclusive
238
+ # as this is a time consuming operation. Warn the user.
239
+ # Check first if debugging is on since the call to debug_once is expensive
240
+ if Puppet[:debug]
241
+ debug_once _("Not attempting to load %{type} %{fqname} as this object was missing during a prior compilation") % { type: type, fqname: fqname }
242
+ end
243
+ else
244
+ fqname = munge_name(fqname)
245
+ result = loader.try_load_fqname(type, fqname)
246
+ @notfound[ fqname ] = result.nil?
239
247
  end
240
- else
241
- fqname = munge_name(fqname)
242
- result = loader.try_load_fqname(type, fqname)
243
- @notfound[ fqname ] = result.nil?
244
248
  end
249
+ result
245
250
  end
246
- result
247
251
  end
248
252
 
249
253
  def munge_name(name)
@@ -2,6 +2,7 @@
2
2
  require 'puppet'
3
3
  require 'puppet/ssl/openssl_loader'
4
4
 
5
+ # @api private
5
6
  module Puppet::SSL # :nodoc:
6
7
  CA_NAME = "ca".freeze
7
8
  require 'puppet/ssl/host'
@@ -22,9 +22,9 @@ class Puppet::SSL::Host
22
22
 
23
23
  attr_writer :key, :certificate, :certificate_request, :crl_usage
24
24
 
25
- def self.localhost
25
+ def self.localhost(suppress_warning = false)
26
26
  return @localhost if @localhost
27
- @localhost = new
27
+ @localhost = new(nil, false, suppress_warning)
28
28
  @localhost.generate unless @localhost.certificate
29
29
  @localhost.key
30
30
  @localhost
@@ -225,14 +225,14 @@ ERROR_STRING
225
225
  end
226
226
  private :validate_csr_with_key
227
227
 
228
- def initialize(name = nil, device = false)
228
+ def initialize(name = nil, device = false, suppress_warning = false)
229
229
  @name = (name || Puppet[:certname]).downcase
230
230
  @device = device
231
231
  Puppet::SSL::Base.validate_certname(@name)
232
232
  @key = @certificate = @certificate_request = nil
233
233
  @crl_usage = Puppet.settings[:certificate_revocation]
234
234
  @crl_path = Puppet.settings[:hostcrl]
235
- Puppet.deprecation_warning(_("Puppet::SSL::Host is deprecated and will be removed in a future release of Puppet."));
235
+ Puppet.deprecation_warning(_("Puppet::SSL::Host is deprecated and will be removed in a future release of Puppet.")) unless suppress_warning
236
236
  end
237
237
 
238
238
  # Extract the public key from the private key.
@@ -61,6 +61,7 @@ module Puppet::SSL::Oids
61
61
  ["1.3.6.1.4.1.34380.1.1.23", 'pp_cloudplatform', 'Puppet Node Cloud Platform Name'],
62
62
  ["1.3.6.1.4.1.34380.1.1.24", 'pp_apptier', 'Puppet Node Application Tier'],
63
63
  ["1.3.6.1.4.1.34380.1.1.25", 'pp_hostname', 'Puppet Node Hostname'],
64
+ ["1.3.6.1.4.1.34380.1.1.26", 'pp_owner', 'Puppet Node Owner'],
64
65
 
65
66
  ["1.3.6.1.4.1.34380.1.2", 'ppPrivCertExt', 'Puppet Private Certificate Extension'],
66
67
 
@@ -45,7 +45,7 @@ class Puppet::SSL::StateMachine
45
45
  next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
46
46
  else
47
47
  route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
48
- pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
48
+ _, pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
49
49
  if @machine.ca_fingerprint
50
50
  actual_digest = Puppet::SSL::Digest.new(@machine.digest, pem).to_hex
51
51
  expected_digest = @machine.ca_fingerprint.scan(/../).join(':').upcase
@@ -146,7 +146,7 @@ class Puppet::SSL::StateMachine
146
146
 
147
147
  def download_crl(ssl_ctx, last_update)
148
148
  route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
149
- pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
149
+ _, pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
150
150
  crls = @cert_provider.load_crls_from_pem(pem)
151
151
  # verify crls before saving
152
152
  next_ctx = @ssl_provider.create_root_context(cacerts: ssl_ctx[:cacerts], crls: crls)
@@ -234,7 +234,7 @@ class Puppet::SSL::StateMachine
234
234
 
235
235
  route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
236
236
  cert = OpenSSL::X509::Certificate.new(
237
- route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)
237
+ route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)[1]
238
238
  )
239
239
  Puppet.info _("Downloaded certificate for %{name} from %{url}") % { name: Puppet[:certname], url: route.url }
240
240
  # verify client cert before saving
@@ -280,18 +280,37 @@ class Puppet::SSL::StateMachine
280
280
 
281
281
  # close persistent connections and session state before sleeping
282
282
  Puppet.runtime['http'].close
283
- @machine.session = nil
283
+ @machine.session = Puppet.runtime['http'].create_session
284
284
 
285
+ @machine.unlock
285
286
  Kernel.sleep(time)
287
+ NeedLock.new(@machine)
288
+ end
289
+ end
290
+ end
286
291
 
292
+ # Acquire the ssl lock or return LockFailure causing us to exit.
293
+ #
294
+ class NeedLock < SSLState
295
+ def initialize(machine)
296
+ super(machine, nil)
297
+ end
298
+
299
+ def next_state
300
+ if @machine.lock
287
301
  # our ssl directory may have been cleaned while we were
288
302
  # sleeping, start over from the top
289
- @machine.session = Puppet.runtime['http'].create_session
290
303
  NeedCACerts.new(@machine)
304
+ else
305
+ LockFailure.new(@machine, nil)
291
306
  end
292
307
  end
293
308
  end
294
309
 
310
+ # We failed to acquire the lock, so exit
311
+ #
312
+ class LockFailure < SSLState; end
313
+
295
314
  # We cannot make progress due to an error.
296
315
  #
297
316
  class Error < SSLState
@@ -362,7 +381,7 @@ class Puppet::SSL::StateMachine
362
381
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
363
382
  # @raise [Puppet::Error] If we fail to generate an SSLContext
364
383
  def ensure_ca_certificates
365
- final_state = run_machine(NeedCACerts.new(self), NeedKey)
384
+ final_state = run_machine(NeedLock.new(self), NeedKey)
366
385
  final_state.ssl_context
367
386
  end
368
387
 
@@ -371,7 +390,7 @@ class Puppet::SSL::StateMachine
371
390
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
372
391
  # @raise [Puppet::Error] If we fail to generate an SSLContext
373
392
  def ensure_client_certificate
374
- final_state = run_machine(NeedCACerts.new(self), Done)
393
+ final_state = run_machine(NeedLock.new(self), Done)
375
394
  ssl_context = final_state.ssl_context
376
395
 
377
396
  if Puppet::Util::Log.sendlevel?(:debug)
@@ -390,40 +409,38 @@ class Puppet::SSL::StateMachine
390
409
  ssl_context
391
410
  end
392
411
 
412
+ def lock
413
+ @lockfile.lock
414
+ end
415
+
416
+ def unlock
417
+ @lockfile.unlock
418
+ end
419
+
393
420
  private
394
421
 
395
422
  def run_machine(state, stop)
396
- with_lock do
397
- loop do
398
- state = run_step(state)
399
-
400
- case state
401
- when stop
402
- break
403
- when Error
404
- if @onetime
405
- Puppet.log_exception(state.error)
406
- raise state.error
407
- end
408
- else
409
- # fall through
423
+ loop do
424
+ state = run_step(state)
425
+
426
+ case state
427
+ when stop
428
+ break
429
+ when LockFailure
430
+ raise Puppet::Error, _('Another puppet instance is already running; exiting')
431
+ when Error
432
+ if @onetime
433
+ Puppet.log_exception(state.error)
434
+ raise state.error
410
435
  end
436
+ else
437
+ # fall through
411
438
  end
412
439
  end
413
440
 
414
441
  state
415
- end
416
-
417
- def with_lock
418
- if @lockfile.lock
419
- begin
420
- yield
421
- ensure
422
- @lockfile.unlock
423
- end
424
- else
425
- raise Puppet::Error, _('Another puppet instance is already running; exiting')
426
- end
442
+ ensure
443
+ @lockfile.unlock if @lockfile.locked?
427
444
  end
428
445
 
429
446
  def run_step(state)
@@ -217,13 +217,13 @@ class Puppet::Transaction::Report
217
217
  end
218
218
 
219
219
  # @api private
220
- def initialize(configuration_version=nil, environment=nil, transaction_uuid=nil, job_id=nil)
220
+ def initialize(configuration_version=nil, environment=nil, transaction_uuid=nil, job_id=nil, start_time=Time.now)
221
221
  @metrics = {}
222
222
  @logs = []
223
223
  @resource_statuses = {}
224
224
  @external_times ||= {}
225
225
  @host = Puppet[:node_name_value]
226
- @time = Time.now
226
+ @time = start_time
227
227
  @report_format = 10
228
228
  @puppet_version = Puppet.version
229
229
  @configuration_version = configuration_version
@@ -10,6 +10,7 @@ require 'puppet/metatype/manager'
10
10
  require 'puppet/util/errors'
11
11
  require 'puppet/util/logging'
12
12
  require 'puppet/util/tagging'
13
+ require 'puppet/concurrent/lock'
13
14
 
14
15
  # see the bottom of the file for the rest of the inclusions
15
16
 
@@ -84,6 +85,11 @@ class Type
84
85
  # Comparing type instances.
85
86
  include Comparable
86
87
 
88
+ # These variables are used in Metatype::Manager for managing types
89
+ @types = {}
90
+ @manager_lock = Puppet::Concurrent::Lock.new
91
+ extend Puppet::MetaType::Manager
92
+
87
93
  # Compares this type against the given _other_ (type) and returns -1, 0, or +1 depending on the order.
88
94
  # @param other [Object] the object to compare against (produces nil, if not kind of Type}
89
95
  # @return [-1, 0, +1, nil] produces -1 if this type is before the given _other_ type, 0 if equals, and 1 if after.
@@ -2284,7 +2290,6 @@ end
2284
2290
  #
2285
2291
  attr_accessor :self_refresh
2286
2292
  include Enumerable, Puppet::Util::ClassGen
2287
- include Puppet::MetaType::Manager
2288
2293
 
2289
2294
  include Puppet::Util
2290
2295
  include Puppet::Util::Logging
@@ -47,6 +47,8 @@ module Puppet
47
47
  The `http` source uses the server `Content-MD5` header as a checksum to
48
48
  determine if the remote file has changed. If the server response does not
49
49
  include that header, Puppet defaults to using the `Last-Modified` header.
50
+ Puppet will update the local file if the header is newer than the modified
51
+ time (mtime) of the local file.
50
52
 
51
53
  Multiple `source` values can be specified as an array, and Puppet will
52
54
  use the first source that exists. This can be used to serve different
@@ -255,7 +257,7 @@ module Puppet
255
257
 
256
258
  def each_chunk_from(&block)
257
259
  if Puppet[:default_file_terminus] == :file_server && scheme == 'puppet' && (uri.host.nil? || uri.host.empty?)
258
- chunk_file_from_disk(metadata.path, &block)
260
+ chunk_file_from_disk(metadata.full_path, &block)
259
261
  elsif local?
260
262
  chunk_file_from_disk(full_path, &block)
261
263
  else
@@ -296,7 +298,7 @@ module Puppet
296
298
 
297
299
  def get_from_http_source(url, &block)
298
300
  client = Puppet.runtime['http']
299
- client.get(url) do |response|
301
+ client.get(url, options: {include_system_store: true}) do |response|
300
302
  raise Puppet::HTTP::ResponseError.new(response) unless response.success?
301
303
 
302
304
  response.read_body(&block)
@@ -51,6 +51,7 @@ module Puppet
51
51
  package database for installed version(s), and can select
52
52
  which out of a set of available versions of a package to
53
53
  install if asked."
54
+ feature :version_ranges, "The provider can ensure version ranges."
54
55
  feature :holdable, "The provider is capable of placing packages on hold
55
56
  such that they are not automatically upgraded as a result of
56
57
  other package dependencies unless explicit action is taken by
@@ -80,10 +81,12 @@ module Puppet
80
81
  specifying `purged` as the ensure value. This defaults to `installed`.
81
82
 
82
83
  Version numbers must match the full version to install, including
83
- release if the provider uses a release moniker. Ranges or semver
84
- patterns are not accepted except for the `gem` package provider. For
84
+ release if the provider uses a release moniker. For
85
85
  example, to install the bash package from the rpm
86
86
  `bash-4.1.2-29.el6.x86_64.rpm`, use the string `'4.1.2-29.el6'`.
87
+
88
+ On supported providers, version ranges can also be ensured. For example,
89
+ inequalities: `<2.0.0`, or intersections: `>1.0.0 <2.0.0`.
87
90
  EOT
88
91
 
89
92
  attr_accessor :latest
@@ -489,6 +492,26 @@ module Puppet
489
492
  newvalues(:true, :false)
490
493
  end
491
494
 
495
+ newparam(:enable_only, :boolean => false, :parent => Puppet::Parameter::Boolean) do
496
+ desc <<-EOT
497
+ Tells `dnf module` to only enable a specific module, instead
498
+ of installing its default profile.
499
+
500
+ Modules with no default profile will be enabled automatically
501
+ without the use of this parameter.
502
+
503
+ Conflicts with the `flavor` property, which selects a profile
504
+ to install.
505
+ EOT
506
+ defaultto false
507
+
508
+ validate do |value|
509
+ if [true, :true, "true"].include?(value) && @resource[:flavor]
510
+ raise ArgumentError, _('Cannot have both `enable_only => true` and `flavor`')
511
+ end
512
+ end
513
+ end
514
+
492
515
  newparam(:install_only, :boolean => false, :parent => Puppet::Parameter::Boolean, :required_features => :install_only) do
493
516
  desc <<-EOT
494
517
  It should be set for packages that should only ever be installed,
@@ -493,25 +493,6 @@ module Puppet
493
493
  provider.exists?
494
494
  end
495
495
 
496
- def retrieve
497
- absent = false
498
- properties.inject({}) { |prophash, property|
499
- current_value = :absent
500
-
501
- if absent
502
- prophash[property] = :absent
503
- else
504
- current_value = property.retrieve
505
- prophash[property] = current_value
506
- end
507
-
508
- if property.name == :ensure and current_value == :absent
509
- absent = true
510
- end
511
- prophash
512
- }
513
- end
514
-
515
496
  newproperty(:roles, :parent => Puppet::Property::List, :required_features => :manages_solaris_rbac) do
516
497
  desc "The roles the user has. Multiple roles should be
517
498
  specified as an array."
@@ -13,7 +13,7 @@ require 'puppet'
13
13
  # service.
14
14
  module Puppet::Util::AtFork
15
15
  @handler_class = loop do
16
- if Facter.value(:operatingsystem) == 'Solaris'
16
+ if Puppet::Util::Platform.solaris?
17
17
  begin
18
18
  require 'puppet/util/at_fork/solaris'
19
19
  # using break to return a value from the loop block