RubyGems - puppet - Versions diffs - 6.14.0-x64-mingw32 → 6.19.0-x64-mingw32 - Mend

puppet 6.14.0-x64-mingw32 → 6.19.0-x64-mingw32

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (496) hide show

checksums.yaml +4 -4
data/CODEOWNERS +2 -7
data/Gemfile +4 -2
data/Gemfile.lock +36 -34
data/README.md +3 -4
data/Rakefile +4 -12
data/ext/windows/service/daemon.rb +3 -3
data/lib/puppet.rb +33 -9
data/lib/puppet/agent.rb +20 -14
data/lib/puppet/agent/locker.rb +0 -7
data/lib/puppet/application/agent.rb +25 -9
data/lib/puppet/application/apply.rb +18 -20
data/lib/puppet/application/device.rb +1 -1
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/filebucket.rb +5 -14
data/lib/puppet/application/lookup.rb +16 -4
data/lib/puppet/application/plugin.rb +1 -0
data/lib/puppet/application/ssl.rb +3 -3
data/lib/puppet/configurer.rb +68 -24
data/lib/puppet/configurer/downloader.rb +31 -10
data/lib/puppet/configurer/plugin_handler.rb +1 -1
data/lib/puppet/confine.rb +2 -2
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/context/trusted_information.rb +14 -8
data/lib/puppet/daemon.rb +13 -27
data/lib/puppet/defaults.rb +141 -41
data/lib/puppet/environments.rb +55 -15
data/lib/puppet/face/catalog.rb +1 -1
data/lib/puppet/face/config.rb +46 -16
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/help.rb +29 -3
data/lib/puppet/face/module/search.rb +5 -0
data/lib/puppet/face/node.rb +3 -3
data/lib/puppet/face/node/clean.rb +2 -2
data/lib/puppet/face/plugin.rb +2 -2
data/lib/puppet/face/status.rb +1 -1
data/lib/puppet/feature/base.rb +1 -1
data/lib/puppet/file_bucket/dipper.rb +1 -1
data/lib/puppet/file_serving/http_metadata.rb +14 -2
data/lib/puppet/file_serving/metadata.rb +4 -1
data/lib/puppet/file_serving/mount/locales.rb +1 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
data/lib/puppet/file_serving/mount/plugins.rb +1 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +17 -13
data/lib/puppet/file_system/uniquefile.rb +12 -16
data/lib/puppet/forge.rb +1 -1
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/repository.rb +4 -7
data/lib/puppet/functions/call.rb +1 -1
data/lib/puppet/functions/filter.rb +1 -0
data/lib/puppet/functions/lstrip.rb +4 -4
data/lib/puppet/functions/new.rb +8 -3
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/functions/reverse_each.rb +1 -1
data/lib/puppet/functions/rstrip.rb +4 -4
data/lib/puppet/functions/step.rb +1 -1
data/lib/puppet/functions/strip.rb +4 -4
data/lib/puppet/gettext/config.rb +5 -5
data/lib/puppet/gettext/module_translations.rb +4 -4
data/lib/puppet/http.rb +3 -0
data/lib/puppet/http/client.rb +215 -60
data/lib/puppet/http/external_client.rb +90 -0
data/lib/puppet/http/redirector.rb +43 -7
data/lib/puppet/http/resolver.rb +43 -3
data/lib/puppet/http/resolver/server_list.rb +66 -24
data/lib/puppet/http/resolver/settings.rb +21 -1
data/lib/puppet/http/resolver/srv.rb +28 -2
data/lib/puppet/http/response.rb +82 -1
data/lib/puppet/http/retry_after_handler.rb +39 -0
data/lib/puppet/http/service.rb +70 -2
data/lib/puppet/http/service/ca.rb +71 -9
data/lib/puppet/http/service/compiler.rb +214 -12
data/lib/puppet/http/service/file_server.rb +106 -5
data/lib/puppet/http/service/puppetserver.rb +39 -0
data/lib/puppet/http/service/report.rb +36 -3
data/lib/puppet/http/session.rb +60 -8
data/lib/puppet/indirector.rb +1 -1
data/lib/puppet/indirector/catalog/compiler.rb +1 -1
data/lib/puppet/indirector/catalog/rest.rb +2 -1
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/facts/facter.rb +3 -3
data/lib/puppet/indirector/facts/rest.rb +2 -1
data/lib/puppet/indirector/facts/yaml.rb +1 -1
data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
data/lib/puppet/indirector/file_content/http.rb +5 -0
data/lib/puppet/indirector/file_content/rest.rb +1 -1
data/lib/puppet/indirector/file_metadata/http.rb +28 -8
data/lib/puppet/indirector/file_metadata/rest.rb +6 -4
data/lib/puppet/indirector/hiera.rb +4 -0
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/indirector/json.rb +1 -1
data/lib/puppet/indirector/msgpack.rb +1 -1
data/lib/puppet/indirector/node/rest.rb +2 -1
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/report/yaml.rb +23 -0
data/lib/puppet/indirector/request.rb +5 -5
data/lib/puppet/indirector/rest.rb +7 -1
data/lib/puppet/indirector/status/rest.rb +2 -1
data/lib/puppet/indirector/yaml.rb +1 -1
data/lib/puppet/metatype/manager.rb +80 -80
data/lib/puppet/module.rb +1 -2
data/lib/puppet/network/format_support.rb +2 -2
data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
data/lib/puppet/network/http/base_pool.rb +6 -1
data/lib/puppet/network/http/compression.rb +7 -0
data/lib/puppet/network/http/connection.rb +2 -0
data/lib/puppet/network/http/connection_adapter.rb +184 -0
data/lib/puppet/network/http/nocache_pool.rb +1 -0
data/lib/puppet/network/http/pool.rb +2 -4
data/lib/puppet/network/http/route.rb +2 -2
data/lib/puppet/network/http_pool.rb +2 -1
data/lib/puppet/node/environment.rb +22 -5
data/lib/puppet/node/facts.rb +17 -0
data/lib/puppet/pal/catalog_compiler.rb +5 -0
data/lib/puppet/pal/pal_impl.rb +30 -31
data/lib/puppet/parameter.rb +1 -1
data/lib/puppet/parser/ast/leaf.rb +5 -5
data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
data/lib/puppet/parser/compiler.rb +43 -33
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +4 -1
data/lib/puppet/parser/functions.rb +18 -9
data/lib/puppet/parser/functions/create_resources.rb +11 -7
data/lib/puppet/parser/functions/filter.rb +1 -0
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/parser/type_loader.rb +2 -2
data/lib/puppet/pops/adaptable.rb +7 -13
data/lib/puppet/pops/adapters.rb +8 -4
data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
data/lib/puppet/pops/loaders.rb +24 -15
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/iterable.rb +34 -8
data/lib/puppet/pops/types/p_meta_type.rb +1 -1
data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
data/lib/puppet/pops/validation/checker4_0.rb +29 -15
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/provider/file/windows.rb +1 -1
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +98 -1
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +61 -14
data/lib/puppet/provider/package/dpkg.rb +1 -1
data/lib/puppet/provider/package/gem.rb +45 -9
data/lib/puppet/provider/package/pacman.rb +2 -5
data/lib/puppet/provider/package/pip.rb +143 -48
data/lib/puppet/provider/package/pip2.rb +17 -0
data/lib/puppet/provider/package/pip3.rb +0 -2
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +2 -2
data/lib/puppet/provider/package/puppet_gem.rb +11 -2
data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
data/lib/puppet/provider/package/rpm.rb +6 -213
data/lib/puppet/provider/package/yum.rb +101 -20
data/lib/puppet/provider/package/zypper.rb +62 -1
data/lib/puppet/provider/service/systemd.rb +22 -4
data/lib/puppet/provider/service/windows.rb +23 -7
data/lib/puppet/provider/user/aix.rb +1 -1
data/lib/puppet/provider/user/user_role_add.rb +1 -1
data/lib/puppet/provider/user/useradd.rb +16 -5
data/lib/puppet/provider/user/windows_adsi.rb +18 -1
data/lib/puppet/reports/http.rb +15 -9
data/lib/puppet/resource.rb +2 -1
data/lib/puppet/resource/type.rb +10 -1
data/lib/puppet/resource/type_collection.rb +20 -16
data/lib/puppet/rest/route.rb +2 -2
data/lib/puppet/runtime.rb +25 -2
data/lib/puppet/settings.rb +20 -6
data/lib/puppet/ssl.rb +1 -0
data/lib/puppet/ssl/host.rb +4 -4
data/lib/puppet/ssl/oids.rb +1 -0
data/lib/puppet/ssl/ssl_context.rb +2 -2
data/lib/puppet/ssl/ssl_provider.rb +20 -1
data/lib/puppet/ssl/state_machine.rb +79 -37
data/lib/puppet/ssl/validator/default_validator.rb +1 -1
data/lib/puppet/ssl/verifier_adapter.rb +9 -1
data/lib/puppet/test/test_helper.rb +19 -14
data/lib/puppet/transaction.rb +2 -2
data/lib/puppet/transaction/persistence.rb +1 -1
data/lib/puppet/transaction/report.rb +14 -10
data/lib/puppet/trusted_external.rb +29 -1
data/lib/puppet/type.rb +21 -8
data/lib/puppet/type/file.rb +40 -15
data/lib/puppet/type/file/checksum.rb +4 -4
data/lib/puppet/type/file/source.rb +35 -13
data/lib/puppet/type/filebucket.rb +1 -1
data/lib/puppet/type/notify.rb +2 -2
data/lib/puppet/type/package.rb +41 -3
data/lib/puppet/type/service.rb +59 -8
data/lib/puppet/type/user.rb +19 -29
data/lib/puppet/util.rb +41 -3
data/lib/puppet/util/at_fork.rb +1 -1
data/lib/puppet/util/autoload.rb +13 -25
data/lib/puppet/util/character_encoding.rb +9 -5
data/lib/puppet/util/checksums.rb +19 -4
data/lib/puppet/util/connection.rb +8 -8
data/lib/puppet/util/execution.rb +2 -2
data/lib/puppet/util/fileparsing.rb +2 -2
data/lib/puppet/util/instance_loader.rb +14 -10
data/lib/puppet/util/log/destinations.rb +1 -10
data/lib/puppet/util/package/version/debian.rb +175 -0
data/lib/puppet/util/package/version/gem.rb +15 -0
data/lib/puppet/util/package/version/pip.rb +167 -0
data/lib/puppet/util/package/version/range.rb +53 -0
data/lib/puppet/util/package/version/range/eq.rb +14 -0
data/lib/puppet/util/package/version/range/gt.rb +14 -0
data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/lt.rb +14 -0
data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/min_max.rb +21 -0
data/lib/puppet/util/package/version/range/simple.rb +11 -0
data/lib/puppet/util/package/version/rpm.rb +73 -0
data/lib/puppet/util/pidlock.rb +13 -7
data/lib/puppet/util/platform.rb +5 -0
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/rpm_compare.rb +193 -0
data/lib/puppet/util/run_mode.rb +5 -1
data/lib/puppet/util/windows.rb +1 -0
data/lib/puppet/util/windows/adsi.rb +2 -2
data/lib/puppet/util/windows/api_types.rb +60 -33
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +15 -14
data/lib/puppet/util/windows/registry.rb +11 -11
data/lib/puppet/util/windows/security.rb +5 -4
data/lib/puppet/util/windows/service.rb +43 -26
data/lib/puppet/util/windows/sid.rb +3 -3
data/lib/puppet/util/windows/user.rb +242 -8
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +627 -507
data/man/man5/puppet.conf.5 +93 -20
data/man/man8/puppet-agent.8 +7 -4
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +6 -6
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +6 -3
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +2 -2
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +4 -1
data/man/man8/puppet-node.8 +4 -4
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet-status.8 +2 -2
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
data/spec/fixtures/ssl/unknown-ca.pem +59 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/integration/application/agent_spec.rb +479 -0
data/spec/integration/application/apply_spec.rb +279 -150
data/spec/integration/application/config_spec.rb +74 -0
data/spec/integration/application/doc_spec.rb +16 -6
data/spec/integration/application/filebucket_spec.rb +239 -0
data/spec/integration/application/help_spec.rb +42 -0
data/spec/integration/application/lookup_spec.rb +13 -0
data/spec/integration/application/module_spec.rb +68 -0
data/spec/integration/application/plugin_spec.rb +123 -0
data/spec/integration/configurer_spec.rb +14 -0
data/spec/integration/data_binding_spec.rb +82 -0
data/spec/integration/defaults_spec.rb +27 -3
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/http/client_spec.rb +39 -40
data/spec/integration/indirector/facts/facter_spec.rb +8 -6
data/spec/integration/indirector/report/yaml.rb +83 -0
data/spec/integration/network/http_pool_spec.rb +84 -19
data/spec/integration/node/environment_spec.rb +15 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/type/file_spec.rb +1 -1
data/spec/integration/util/execution_spec.rb +22 -0
data/spec/integration/util/windows/adsi_spec.rb +8 -3
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
data/spec/integration/util/windows/process_spec.rb +26 -32
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/integration/util/windows/user_spec.rb +47 -5
data/spec/integration/util_spec.rb +7 -33
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/https.rb +16 -7
data/spec/lib/puppet_spec/matchers.rb +0 -80
data/spec/lib/puppet_spec/puppetserver.rb +127 -0
data/spec/shared_contexts/https.rb +29 -0
data/spec/shared_contexts/types_setup.rb +2 -0
data/spec/unit/agent_spec.rb +80 -26
data/spec/unit/application/agent_spec.rb +12 -9
data/spec/unit/application/device_spec.rb +2 -2
data/spec/unit/application/doc_spec.rb +2 -2
data/spec/unit/application/face_base_spec.rb +6 -4
data/spec/unit/application/facts_spec.rb +41 -10
data/spec/unit/application/filebucket_spec.rb +22 -2
data/spec/unit/application/man_spec.rb +52 -0
data/spec/unit/application/resource_spec.rb +3 -1
data/spec/unit/application/ssl_spec.rb +15 -2
data/spec/unit/application_spec.rb +9 -4
data/spec/unit/configurer/downloader_spec.rb +10 -0
data/spec/unit/configurer/fact_handler_spec.rb +4 -4
data/spec/unit/configurer_spec.rb +87 -38
data/spec/unit/confine_spec.rb +2 -1
data/spec/unit/context/trusted_information_spec.rb +25 -2
data/spec/unit/daemon_spec.rb +5 -64
data/spec/unit/defaults_spec.rb +24 -1
data/spec/unit/environments_spec.rb +107 -32
data/spec/unit/face/config_spec.rb +59 -1
data/spec/unit/face/module/search_spec.rb +17 -0
data/spec/unit/face/node_spec.rb +2 -2
data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
data/spec/unit/file_system/uniquefile_spec.rb +29 -0
data/spec/unit/file_system_spec.rb +11 -2
data/spec/unit/http/client_spec.rb +173 -59
data/spec/unit/http/external_client_spec.rb +201 -0
data/spec/unit/http/resolver_spec.rb +44 -5
data/spec/unit/http/response_spec.rb +6 -0
data/spec/unit/http/service/ca_spec.rb +27 -5
data/spec/unit/http/service/compiler_spec.rb +186 -9
data/spec/unit/http/service/file_server_spec.rb +37 -6
data/spec/unit/http/service/puppetserver_spec.rb +82 -0
data/spec/unit/http/service/report_spec.rb +5 -4
data/spec/unit/http/service_spec.rb +3 -4
data/spec/unit/http/session_spec.rb +48 -12
data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
data/spec/unit/indirector/catalog/json_spec.rb +1 -1
data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
data/spec/unit/indirector/facts/rest_spec.rb +1 -1
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +15 -14
data/spec/unit/indirector/json_spec.rb +8 -8
data/spec/unit/indirector/msgpack_spec.rb +8 -8
data/spec/unit/indirector/node/rest_spec.rb +1 -1
data/spec/unit/indirector/request_spec.rb +5 -5
data/spec/unit/indirector/rest_spec.rb +14 -1
data/spec/unit/indirector/status/rest_spec.rb +1 -1
data/spec/unit/indirector/yaml_spec.rb +7 -7
data/spec/unit/interface_spec.rb +3 -3
data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
data/spec/unit/network/format_support_spec.rb +3 -2
data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
data/spec/unit/network/http/connection_spec.rb +552 -190
data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
data/spec/unit/network/http/pool_spec.rb +3 -3
data/spec/unit/network/http_pool_spec.rb +63 -57
data/spec/unit/network/http_spec.rb +1 -1
data/spec/unit/node/environment_spec.rb +33 -0
data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/parser/scope_spec.rb +1 -1
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
data/spec/unit/pops/loaders/loaders_spec.rb +71 -1
data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
data/spec/unit/provider/exec_spec.rb +4 -3
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +107 -0
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +54 -15
data/spec/unit/provider/package/dpkg_spec.rb +22 -7
data/spec/unit/provider/package/gem_spec.rb +40 -0
data/spec/unit/provider/package/openbsd_spec.rb +2 -0
data/spec/unit/provider/package/pacman_spec.rb +6 -21
data/spec/unit/provider/package/pip2_spec.rb +36 -0
data/spec/unit/provider/package/pip_spec.rb +68 -19
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +38 -0
data/spec/unit/provider/package/portage_spec.rb +5 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +12 -1
data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
data/spec/unit/provider/package/rpm_spec.rb +0 -212
data/spec/unit/provider/package/yum_spec.rb +274 -1
data/spec/unit/provider/package/zypper_spec.rb +98 -0
data/spec/unit/provider/service/base_spec.rb +2 -4
data/spec/unit/provider/service/bsd_spec.rb +5 -1
data/spec/unit/provider/service/daemontools_spec.rb +1 -1
data/spec/unit/provider/service/debian_spec.rb +3 -5
data/spec/unit/provider/service/freebsd_spec.rb +1 -1
data/spec/unit/provider/service/gentoo_spec.rb +4 -5
data/spec/unit/provider/service/init_spec.rb +46 -5
data/spec/unit/provider/service/launchd_spec.rb +5 -6
data/spec/unit/provider/service/openbsd_spec.rb +9 -0
data/spec/unit/provider/service/openrc_spec.rb +4 -5
data/spec/unit/provider/service/openwrt_spec.rb +2 -1
data/spec/unit/provider/service/redhat_spec.rb +10 -1
data/spec/unit/provider/service/runit_spec.rb +2 -1
data/spec/unit/provider/service/smf_spec.rb +1 -1
data/spec/unit/provider/service/src_spec.rb +3 -5
data/spec/unit/provider/service/systemd_spec.rb +95 -18
data/spec/unit/provider/service/upstart_spec.rb +4 -5
data/spec/unit/provider/service/windows_spec.rb +50 -14
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/useradd_spec.rb +30 -16
data/spec/unit/provider/user/windows_adsi_spec.rb +85 -3
data/spec/unit/puppet_pal_2pec.rb +11 -0
data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
data/spec/unit/puppet_spec.rb +33 -0
data/spec/unit/reports/http_spec.rb +70 -52
data/spec/unit/reports/store_spec.rb +17 -13
data/spec/unit/resource_spec.rb +3 -3
data/spec/unit/rest/route_spec.rb +4 -4
data/spec/unit/settings_spec.rb +44 -22
data/spec/unit/ssl/host_spec.rb +4 -2
data/spec/unit/ssl/oids_spec.rb +1 -0
data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
data/spec/unit/ssl/state_machine_spec.rb +90 -14
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/persistence_spec.rb +15 -0
data/spec/unit/transaction/report_spec.rb +7 -1
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/file_spec.rb +122 -96
data/spec/unit/type/filebucket_spec.rb +1 -1
data/spec/unit/type/service_spec.rb +218 -8
data/spec/unit/type/user_spec.rb +32 -3
data/spec/unit/type_spec.rb +50 -0
data/spec/unit/util/at_fork_spec.rb +2 -2
data/spec/unit/util/autoload_spec.rb +2 -1
data/spec/unit/util/character_encoding_spec.rb +4 -4
data/spec/unit/util/checksums_spec.rb +16 -0
data/spec/unit/util/command_line_spec.rb +11 -6
data/spec/unit/util/log/destinations_spec.rb +1 -29
data/spec/unit/util/package/version/debian_spec.rb +83 -0
data/spec/unit/util/package/version/pip_spec.rb +464 -0
data/spec/unit/util/package/version/range_spec.rb +175 -0
data/spec/unit/util/package/version/rpm_spec.rb +121 -0
data/spec/unit/util/pidlock_spec.rb +83 -47
data/spec/unit/util/rpm_compare_spec.rb +196 -0
data/spec/unit/util/run_mode_spec.rb +6 -6
data/spec/unit/util/windows/adsi_spec.rb +4 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +4 -4
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/spec/unit/util_spec.rb +3 -3
data/spec/unit/x509/cert_provider_spec.rb +1 -1
data/tasks/generate_cert_fixtures.rake +15 -1
data/tasks/manpages.rake +5 -35
metadata +90 -51
data/spec/integration/faces/config_spec.rb +0 -91
data/spec/integration/faces/documentation_spec.rb +0 -57
data/spec/integration/faces/plugin_spec.rb +0 -63
data/spec/integration/file_bucket/file_spec.rb +0 -50
data/spec/integration/file_serving/content_spec.rb +0 -7
data/spec/integration/file_serving/fileset_spec.rb +0 -12
data/spec/integration/file_serving/metadata_spec.rb +0 -8
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
data/spec/integration/file_system/uniquefile_spec.rb +0 -26
data/spec/integration/module_tool/forge_spec.rb +0 -64
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/provider/service/init_spec.rb +0 -48
data/spec/integration/provider/service/systemd_spec.rb +0 -25
data/spec/integration/provider/service/windows_spec.rb +0 -50
data/spec/integration/reference/providers_spec.rb +0 -21
data/spec/integration/reports_spec.rb +0 -13
data/spec/integration/ssl/certificate_request_spec.rb +0 -44
data/spec/integration/ssl/host_spec.rb +0 -72
data/spec/integration/ssl/key_spec.rb +0 -99
data/spec/integration/test/test_helper_spec.rb +0 -31
data/spec/shared_behaviours/file_serving_model.rb +0 -51
data/spec/unit/face/man_spec.rb +0 -25
data/spec/unit/man_spec.rb +0 -31

@@ -14,11 +14,11 @@ module Puppet::Rest
     #                 construction
     # @param [Symbol] server_setting the setting to check for special
     #                 server configuration
-    # @param [Symbol] port_setting the setting to check for speical
+    # @param [Symbol] port_setting the setting to check for special
     #                  port configuration
     # @param [Symbol] srv_service the name of the service when using SRV
     #                 records
-    def initialize(api:, server_setting: :server, port_setting: :masterport, srv_service: :puppet)
+    def initialize(api:, server_setting: :server, port_setting: :serverport, srv_service: :puppet)
       @api = api
       @default_server = Puppet::Util::Connection.determine_server(server_setting)
       @default_port = Puppet::Util::Connection.determine_port(port_setting, server_setting)

data/lib/puppet/runtime.rb CHANGED

@@ -1,16 +1,32 @@
 require 'puppet/http'
 require 'singleton'
+# Provides access to runtime implementations.
+#
+# @api private
 class Puppet::Runtime
   include Singleton
   def initialize
     @runtime_services = {
-      'http' => proc { Puppet::HTTP::Client.new }
+      http: proc do
+        klass = Puppet::Network::HttpPool.http_client_class
+        if klass == Puppet::Network::HTTP::Connection ||
+           klass == Puppet::Network::HTTP::ConnectionAdapter
+          Puppet::HTTP::Client.new
+        else
+          Puppet::HTTP::ExternalClient.new(klass)
+        end
+      end
     }
   end
   private :initialize
+  # Get a runtime implementation.
+  #
+  # @param name [Symbol] the name of the implementation
+  # @return [Object] the runtime implementation
+  # @api private
   def [](name)
     service = @runtime_services[name]
     raise ArgumentError, "Unknown service #{name}" unless service
@@ -22,11 +38,18 @@ class Puppet::Runtime
     end
   end
+  # Register a runtime implementation.
+  #
+  # @param name [Symbol] the name of the implementation
+  # @param impl [Object] the runtime implementation
+  # @api private
   def []=(name, impl)
     @runtime_services[name] = impl
   end
-  # for testing
+  # Clears all implementations. This is used for testing.
+  #
+  # @api private
   def clear
     initialize
   end

data/lib/puppet/settings.rb CHANGED

@@ -44,7 +44,7 @@ class Puppet::Settings
   REQUIRED_APP_SETTINGS = [:logdir, :confdir, :vardir, :codedir]
   # The acceptable sections of the puppet.conf configuration file.
-  ALLOWED_SECTION_NAMES = ['main', 'master', 'agent', 'user'].freeze
+  ALLOWED_SECTION_NAMES = ['main', 'server', 'master', 'agent', 'user'].freeze
   NONE = 'none'.freeze
@@ -330,7 +330,7 @@ class Puppet::Settings
     end
     option_parser.on('--run_mode',
-                     "The effective 'run mode' of the application: master, agent, or user.",
+                     "The effective 'run mode' of the application: server, agent, or user.",
                      :REQUIRED) do |arg|
       Puppet.settings.preferred_run_mode = arg
     end
@@ -564,7 +564,7 @@ class Puppet::Settings
   # @api private
   def preferred_run_mode=(mode)
     mode = mode.to_s.downcase.intern
-    raise ValidationError, "Invalid run mode '#{mode}'" unless [:master, :agent, :user].include?(mode)
+    raise ValidationError, "Invalid run mode '#{mode}'" unless [:server, :master, :agent, :user].include?(mode)
     @preferred_run_mode_name = mode
     # Changing the run mode has far-reaching consequences. Flush any cached
     # settings so they will be re-generated.
@@ -659,7 +659,7 @@ class Puppet::Settings
     if explicit_config_file?
       return self[:config]
     else
-      return File.join(Puppet::Util::RunMode[:master].conf_dir, config_file_name)
+      return File.join(Puppet::Util::RunMode[:server].conf_dir, config_file_name)
     end
   end
   private :main_config_file
@@ -829,7 +829,16 @@ class Puppet::Settings
       SearchPathElement.new(:cli, :values),
     ]
     searchpath << SearchPathElement.new(environment.intern, :environment) if environment
-    searchpath << SearchPathElement.new(run_mode, :section) if run_mode
+    if run_mode
+      if [:master, :server].include?(run_mode)
+        searchpath << SearchPathElement.new(:server, :section)
+        searchpath << SearchPathElement.new(:master, :section)
+      else
+        searchpath << SearchPathElement.new(run_mode, :section)
+      end
+    end
     searchpath << SearchPathElement.new(:main, :section)
   end
@@ -1053,12 +1062,17 @@ Generated on #{Time.now}.
   # Create the necessary objects to use a section.  This is idempotent;
   # you can 'use' a section as many times as you want.
   def use(*sections)
+    Puppet.warning(":master section deprecated in favor of :server section") if sections.include?(:master)
+    # add :server if sections include :master or :master if sections include :server
+    sections |= [:master, :server] if (sections & [:master, :server]).any?
     sections = sections.collect { |s| s.to_sym }
     sections = sections.reject { |s| @used.include?(s) }
     return if sections.empty?
-    Puppet.debug("Applying settings catalog for sections #{sections.join(', ')}")
+    Puppet.debug { "Applying settings catalog for sections #{sections.join(', ')}" }
     begin
       catalog = to_catalog(*sections).to_ral

data/lib/puppet/ssl.rb CHANGED

@@ -2,6 +2,7 @@
 require 'puppet'
 require 'puppet/ssl/openssl_loader'
+# @api private
 module Puppet::SSL # :nodoc:
   CA_NAME = "ca".freeze
   require 'puppet/ssl/host'

data/lib/puppet/ssl/host.rb CHANGED

@@ -22,9 +22,9 @@ class Puppet::SSL::Host
   attr_writer :key, :certificate, :certificate_request, :crl_usage
-  def self.localhost
+  def self.localhost(suppress_warning = false)
     return @localhost if @localhost
-    @localhost = new
+    @localhost = new(nil, false, suppress_warning)
     @localhost.generate unless @localhost.certificate
     @localhost.key
     @localhost
@@ -225,14 +225,14 @@ ERROR_STRING
   end
   private :validate_csr_with_key
-  def initialize(name = nil, device = false)
+  def initialize(name = nil, device = false, suppress_warning = false)
     @name = (name || Puppet[:certname]).downcase
     @device = device
     Puppet::SSL::Base.validate_certname(@name)
     @key = @certificate = @certificate_request = nil
     @crl_usage = Puppet.settings[:certificate_revocation]
     @crl_path = Puppet.settings[:hostcrl]
-    Puppet.deprecation_warning(_("Puppet::SSL::Host is deprecated and will be removed in a future release of Puppet."));
+    Puppet.deprecation_warning(_("Puppet::SSL::Host is deprecated and will be removed in a future release of Puppet.")) unless suppress_warning
   end
   # Extract the public key from the private key.

data/lib/puppet/ssl/oids.rb CHANGED

@@ -61,6 +61,7 @@ module Puppet::SSL::Oids
     ["1.3.6.1.4.1.34380.1.1.23", 'pp_cloudplatform', 'Puppet Node Cloud Platform Name'],
     ["1.3.6.1.4.1.34380.1.1.24", 'pp_apptier', 'Puppet Node Application Tier'],
     ["1.3.6.1.4.1.34380.1.1.25", 'pp_hostname', 'Puppet Node Hostname'],
+    ["1.3.6.1.4.1.34380.1.1.26", 'pp_owner', 'Puppet Node Owner'],
     ["1.3.6.1.4.1.34380.1.2", 'ppPrivCertExt', 'Puppet Private Certificate Extension'],

data/lib/puppet/ssl/ssl_context.rb CHANGED

@@ -22,9 +22,9 @@ module Puppet::SSL
     # This is an idiom to initialize a Struct from keyword
     # arguments. Ruby 2.5 introduced `keyword_init: true` for
     # that purpose, but we need to support older versions.
-    def initialize(**kwargs)
+    def initialize(kwargs = {})
       super({})
-      DEFAULTS.merge(kwargs).each { |k,v| self[k] = v }
+      DEFAULTS.merge(**kwargs).each { |k,v| self[k] = v }
     end
   end
 end

data/lib/puppet/ssl/ssl_provider.rb CHANGED

@@ -46,13 +46,32 @@ class Puppet::SSL::SSLProvider
   # perform revocation checking.
   #
   # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
+  # @param path [String, nil] A file containing additional trusted CA certs.
   # @return [Puppet::SSL::SSLContext] A context to use to create connections
   # @raise (see #create_context)
   # @api private
-  def create_system_context(cacerts:)
+  def create_system_context(cacerts:, path: Puppet[:ssl_trust_store])
     store = create_x509_store(cacerts, [], false)
     store.set_default_paths
+    if path
+      stat = Puppet::FileSystem.stat(path)
+      if stat
+        if stat.ftype == 'file'
+          # don't add empty files as ruby/openssl will raise
+          if stat.size > 0
+            begin
+              store.add_file(path)
+            rescue => e
+              Puppet.err(_("Failed to add '%{path}' as a trusted CA file: %{detail}" % { path: path, detail: e.message }, e))
+            end
+          end
+        else
+          Puppet.warning(_("The 'ssl_trust_store' setting does not refer to a file and will be ignored: '%{path}'" % { path: path }))
+        end
+      end
+    end
     Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: [], revocation: false).freeze
   end

data/lib/puppet/ssl/state_machine.rb CHANGED

@@ -45,7 +45,7 @@ class Puppet::SSL::StateMachine
         next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
       else
         route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
-        pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
+        _, pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
         if @machine.ca_fingerprint
           actual_digest = Puppet::SSL::Digest.new(@machine.digest, pem).to_hex
           expected_digest = @machine.ca_fingerprint.scan(/../).join(':').upcase
@@ -146,7 +146,7 @@ class Puppet::SSL::StateMachine
     def download_crl(ssl_ctx, last_update)
       route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
-      pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
+      _, pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
       crls = @cert_provider.load_crls_from_pem(pem)
       # verify crls before saving
       next_ctx = @ssl_provider.create_root_context(cacerts: ssl_ctx[:cacerts], crls: crls)
@@ -234,7 +234,7 @@ class Puppet::SSL::StateMachine
       route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
       cert = OpenSSL::X509::Certificate.new(
-        route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)
+        route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)[1]
       )
       Puppet.info _("Downloaded certificate for %{name} from %{url}") % { name: Puppet[:certname], url: route.url }
       # verify client cert before saving
@@ -279,19 +279,54 @@ class Puppet::SSL::StateMachine
         Puppet.info(_("Will try again in %{time} seconds.") % {time: time})
         # close persistent connections and session state before sleeping
-        Puppet.runtime['http'].close
-        @machine.session = nil
+        Puppet.runtime[:http].close
+        @machine.session = Puppet.runtime[:http].create_session
+        @machine.unlock
         Kernel.sleep(time)
+        NeedLock.new(@machine)
+      end
+    end
+  end
+  # Acquire the ssl lock or return LockFailure causing us to exit.
+  #
+  class NeedLock < SSLState
+    def initialize(machine)
+      super(machine, nil)
+    end
+    def next_state
+      if @machine.lock
         # our ssl directory may have been cleaned while we were
         # sleeping, start over from the top
-        @machine.session = Puppet.runtime['http'].create_session
         NeedCACerts.new(@machine)
+      elsif @machine.waitforlock < 1
+        LockFailure.new(@machine, _("Another puppet instance is already running and the waitforlock setting is set to 0; exiting"))
+      elsif Time.now.to_i >= @machine.waitlock_deadline
+        LockFailure.new(@machine, _("Another puppet instance is already running and the maxwaitforlock timeout has been exceeded; exiting"))
+      else
+        Puppet.info _("Another puppet instance is already running; waiting for it to finish")
+        Puppet.info _("Will try again in %{time} seconds.") % {time: @machine.waitforlock}
+        Kernel.sleep @machine.waitforlock
+        # try again
+        self
       end
     end
   end
+  # We failed to acquire the lock, so exit
+  #
+  class LockFailure < SSLState
+    attr_reader :message
+    def initialize(machine, message)
+      super(machine, nil)
+      @message = message
+    end
+  end
   # We cannot make progress due to an error.
   #
   class Error < SSLState
@@ -314,7 +349,7 @@ class Puppet::SSL::StateMachine
   #
   class Done < SSLState; end
-  attr_reader :waitforcert, :wait_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
+  attr_reader :waitforcert, :wait_deadline, :waitforlock, :waitlock_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
   attr_accessor :session
   # Construct a state machine to manage the SSL initialization process. By
@@ -327,7 +362,12 @@ class Puppet::SSL::StateMachine
   # then then state machine will exit instead of wait.
   #
   # @param waitforcert [Integer] how many seconds to wait between attempts
-  # @param maxwiatforcert [Integer] maximum amount of second
+  # @param maxwaitforcert [Integer] maximum amount of seconds to wait for the
+  #   server to sign the certificate request
+  # @param waitforlock [Integer] how many seconds to wait between attempts for
+  #   acquiring the ssl lock
+  # @param maxwaitforlock [Integer] maximum amount of seconds to wait for an
+  #   already running process to release the ssl lock
   # @param onetime [Boolean] whether to run onetime
   # @param lockfile [Puppet::Util::Pidlock] lockfile to protect against
   #   concurrent modification by multiple processes
@@ -340,6 +380,8 @@ class Puppet::SSL::StateMachine
   #   downloaded CA bundle
   def initialize(waitforcert: Puppet[:waitforcert],
                  maxwaitforcert: Puppet[:maxwaitforcert],
+                 waitforlock: Puppet[:waitforlock],
+                 maxwaitforlock: Puppet[:maxwaitforlock],
                  onetime: Puppet[:onetime],
                  cert_provider: Puppet::X509::CertProvider.new,
                  ssl_provider: Puppet::SSL::SSLProvider.new,
@@ -348,13 +390,15 @@ class Puppet::SSL::StateMachine
                  ca_fingerprint: Puppet[:ca_fingerprint])
     @waitforcert = waitforcert
     @wait_deadline = Time.now.to_i + maxwaitforcert
+    @waitforlock = waitforlock
+    @waitlock_deadline = Time.now.to_i + maxwaitforlock
     @onetime = onetime
     @cert_provider = cert_provider
     @ssl_provider = ssl_provider
     @lockfile = lockfile
     @digest = digest
     @ca_fingerprint = ca_fingerprint
-    @session = Puppet.runtime['http'].create_session
+    @session = Puppet.runtime[:http].create_session
   end
   # Run the state machine for CA certs and CRLs.
@@ -362,7 +406,7 @@ class Puppet::SSL::StateMachine
   # @return [Puppet::SSL::SSLContext] initialized SSLContext
   # @raise [Puppet::Error] If we fail to generate an SSLContext
   def ensure_ca_certificates
-    final_state = run_machine(NeedCACerts.new(self), NeedKey)
+    final_state = run_machine(NeedLock.new(self), NeedKey)
     final_state.ssl_context
   end
@@ -371,7 +415,7 @@ class Puppet::SSL::StateMachine
   # @return [Puppet::SSL::SSLContext] initialized SSLContext
   # @raise [Puppet::Error] If we fail to generate an SSLContext
   def ensure_client_certificate
-    final_state = run_machine(NeedCACerts.new(self), Done)
+    final_state = run_machine(NeedLock.new(self), Done)
     ssl_context = final_state.ssl_context
     if Puppet::Util::Log.sendlevel?(:debug)
@@ -390,40 +434,38 @@ class Puppet::SSL::StateMachine
     ssl_context
   end
+  def lock
+    @lockfile.lock
+  end
+  def unlock
+    @lockfile.unlock
+  end
   private
   def run_machine(state, stop)
-    with_lock do
-      loop do
-        state = run_step(state)
-        case state
-        when stop
-          break
-        when Error
-          if @onetime
-            Puppet.log_exception(state.error)
-            raise state.error
-          end
-        else
-          # fall through
+    loop do
+      state = run_step(state)
+      case state
+      when stop
+        break
+      when LockFailure
+        raise Puppet::Error, state.message
+      when Error
+        if @onetime
+          Puppet.log_exception(state.error)
+          raise state.error
         end
+      else
+        # fall through
       end
     end
     state
-  end
-  def with_lock
-    if @lockfile.lock
-      begin
-        yield
-      ensure
-        @lockfile.unlock
-      end
-    else
-      raise Puppet::Error, _('Another puppet instance is already running; exiting')
-    end
+  ensure
+    @lockfile.unlock if @lockfile.locked?
   end
   def run_step(state)

data/lib/puppet/ssl/validator/default_validator.rb CHANGED

@@ -104,7 +104,7 @@ class Puppet::SSL::Validator::DefaultValidator #< class Puppet::SSL::Validator
         crl = store_context.current_crl
         if crl
           if crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
-            Puppet.debug("Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}")
+            Puppet.debug { "Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}" }
             preverify_ok = true
           else
             @verify_errors << "#{error_string} for #{crl.issuer.to_utf8}"