puppet 6.15.0 → 6.16.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (132) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -7
  3. data/Gemfile.lock +17 -14
  4. data/lib/puppet.rb +32 -8
  5. data/lib/puppet/agent.rb +18 -4
  6. data/lib/puppet/application/agent.rb +1 -2
  7. data/lib/puppet/application/device.rb +1 -1
  8. data/lib/puppet/application/plugin.rb +1 -0
  9. data/lib/puppet/application/ssl.rb +1 -1
  10. data/lib/puppet/configurer.rb +2 -2
  11. data/lib/puppet/context/trusted_information.rb +14 -8
  12. data/lib/puppet/daemon.rb +13 -27
  13. data/lib/puppet/defaults.rb +19 -0
  14. data/lib/puppet/face/facts.rb +1 -1
  15. data/lib/puppet/face/help.rb +29 -3
  16. data/lib/puppet/face/module/search.rb +5 -0
  17. data/lib/puppet/face/plugin.rb +1 -1
  18. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  19. data/lib/puppet/file_system/uniquefile.rb +4 -0
  20. data/lib/puppet/forge/repository.rb +7 -6
  21. data/lib/puppet/functions/filter.rb +1 -0
  22. data/lib/puppet/http/client.rb +22 -11
  23. data/lib/puppet/http/external_client.rb +0 -6
  24. data/lib/puppet/indirector/file_content/http.rb +5 -0
  25. data/lib/puppet/indirector/file_metadata/http.rb +4 -4
  26. data/lib/puppet/indirector/rest.rb +7 -1
  27. data/lib/puppet/network/http/compression.rb +7 -0
  28. data/lib/puppet/network/http/connection.rb +2 -0
  29. data/lib/puppet/network/http/connection_adapter.rb +182 -0
  30. data/lib/puppet/network/http/nocache_pool.rb +1 -0
  31. data/lib/puppet/network/http_pool.rb +2 -2
  32. data/lib/puppet/pal/catalog_compiler.rb +5 -0
  33. data/lib/puppet/pal/pal_impl.rb +4 -1
  34. data/lib/puppet/parser/compiler.rb +28 -25
  35. data/lib/puppet/parser/functions/filter.rb +1 -0
  36. data/lib/puppet/provider/package/aix.rb +17 -2
  37. data/lib/puppet/provider/package/apt.rb +4 -1
  38. data/lib/puppet/provider/package/dnfmodule.rb +24 -4
  39. data/lib/puppet/provider/package/pip.rb +60 -37
  40. data/lib/puppet/provider/package/portage.rb +2 -2
  41. data/lib/puppet/provider/package/yum.rb +7 -0
  42. data/lib/puppet/provider/package/zypper.rb +59 -1
  43. data/lib/puppet/provider/service/systemd.rb +21 -4
  44. data/lib/puppet/provider/user/useradd.rb +5 -1
  45. data/lib/puppet/reports/http.rb +5 -3
  46. data/lib/puppet/runtime.rb +25 -2
  47. data/lib/puppet/ssl/state_machine.rb +33 -8
  48. data/lib/puppet/ssl/verifier_adapter.rb +9 -1
  49. data/lib/puppet/test/test_helper.rb +1 -1
  50. data/lib/puppet/type/file/source.rb +1 -1
  51. data/lib/puppet/type/package.rb +16 -1
  52. data/lib/puppet/type/service.rb +6 -8
  53. data/lib/puppet/type/user.rb +1 -7
  54. data/lib/puppet/util/autoload.rb +1 -18
  55. data/lib/puppet/util/log/destinations.rb +1 -10
  56. data/lib/puppet/util/package/version/range.rb +4 -1
  57. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  58. data/lib/puppet/version.rb +1 -1
  59. data/locales/puppet.pot +191 -111
  60. data/man/man5/puppet.conf.5 +21 -2
  61. data/man/man8/puppet-agent.8 +1 -1
  62. data/man/man8/puppet-apply.8 +1 -1
  63. data/man/man8/puppet-catalog.8 +1 -1
  64. data/man/man8/puppet-config.8 +1 -1
  65. data/man/man8/puppet-describe.8 +1 -1
  66. data/man/man8/puppet-device.8 +1 -1
  67. data/man/man8/puppet-doc.8 +1 -1
  68. data/man/man8/puppet-epp.8 +1 -1
  69. data/man/man8/puppet-facts.8 +1 -1
  70. data/man/man8/puppet-filebucket.8 +1 -1
  71. data/man/man8/puppet-generate.8 +1 -1
  72. data/man/man8/puppet-help.8 +6 -3
  73. data/man/man8/puppet-key.8 +1 -1
  74. data/man/man8/puppet-lookup.8 +1 -1
  75. data/man/man8/puppet-man.8 +1 -1
  76. data/man/man8/puppet-module.8 +4 -1
  77. data/man/man8/puppet-node.8 +1 -1
  78. data/man/man8/puppet-parser.8 +1 -1
  79. data/man/man8/puppet-plugin.8 +1 -1
  80. data/man/man8/puppet-report.8 +1 -1
  81. data/man/man8/puppet-resource.8 +1 -1
  82. data/man/man8/puppet-script.8 +1 -1
  83. data/man/man8/puppet-ssl.8 +1 -1
  84. data/man/man8/puppet-status.8 +1 -1
  85. data/man/man8/puppet.8 +2 -2
  86. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-enabled.txt → dnf-module-list.txt} +6 -0
  87. data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
  88. data/spec/integration/application/agent_spec.rb +66 -1
  89. data/spec/integration/application/plugin_spec.rb +23 -0
  90. data/spec/integration/http/client_spec.rb +6 -1
  91. data/spec/integration/network/http_pool_spec.rb +56 -0
  92. data/spec/integration/util/windows/adsi_spec.rb +5 -0
  93. data/spec/lib/puppet_spec/https.rb +6 -0
  94. data/spec/unit/agent_spec.rb +47 -1
  95. data/spec/unit/application/agent_spec.rb +4 -4
  96. data/spec/unit/context/trusted_information_spec.rb +17 -0
  97. data/spec/unit/daemon_spec.rb +5 -64
  98. data/spec/unit/face/module/search_spec.rb +17 -0
  99. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  100. data/spec/unit/http/client_spec.rb +10 -10
  101. data/spec/unit/http/external_client_spec.rb +9 -9
  102. data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
  103. data/spec/unit/indirector/file_metadata/http_spec.rb +167 -0
  104. data/spec/unit/indirector/file_metadata/rest_spec.rb +15 -14
  105. data/spec/unit/indirector/rest_spec.rb +13 -0
  106. data/spec/unit/network/http/connection_spec.rb +542 -190
  107. data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
  108. data/spec/unit/network/http_pool_spec.rb +63 -57
  109. data/spec/unit/network/http_spec.rb +1 -1
  110. data/spec/unit/provider/package/aix_spec.rb +29 -0
  111. data/spec/unit/provider/package/dnfmodule_spec.rb +25 -5
  112. data/spec/unit/provider/package/pip_spec.rb +42 -16
  113. data/spec/unit/provider/package/portage_spec.rb +5 -0
  114. data/spec/unit/provider/package/yum_spec.rb +16 -8
  115. data/spec/unit/provider/package/zypper_spec.rb +84 -0
  116. data/spec/unit/provider/service/init_spec.rb +1 -0
  117. data/spec/unit/provider/service/openbsd_spec.rb +9 -0
  118. data/spec/unit/provider/service/openwrt_spec.rb +1 -0
  119. data/spec/unit/provider/service/redhat_spec.rb +9 -0
  120. data/spec/unit/provider/service/systemd_spec.rb +84 -13
  121. data/spec/unit/provider/user/useradd_spec.rb +8 -0
  122. data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
  123. data/spec/unit/puppet_spec.rb +33 -0
  124. data/spec/unit/reports/http_spec.rb +1 -1
  125. data/spec/unit/ssl/state_machine_spec.rb +52 -8
  126. data/spec/unit/type/service_spec.rb +9 -8
  127. data/spec/unit/type/user_spec.rb +1 -1
  128. data/spec/unit/util/autoload_spec.rb +2 -1
  129. data/spec/unit/util/log/destinations_spec.rb +1 -29
  130. data/spec/unit/util/package/version/range_spec.rb +22 -1
  131. data/tasks/manpages.rake +5 -35
  132. metadata +10 -4
@@ -20,9 +20,9 @@ Puppet::Type.type(:package).provide :portage, :parent => Puppet::Provider::Packa
20
20
  end
21
21
  end
22
22
 
23
- confine :operatingsystem => :gentoo
23
+ confine :osfamily => :gentoo
24
24
 
25
- defaultfor :operatingsystem => :gentoo
25
+ defaultfor :osfamily => :gentoo
26
26
 
27
27
  def self.instances
28
28
  result_format = self.eix_result_format
@@ -43,6 +43,10 @@ defaultfor :osfamily => :redhat, :operatingsystemmajrelease => (4..7).to_a
43
43
  if should.is_a?(String)
44
44
  begin
45
45
  should_version = RPM_VERSION_RANGE.parse(should, RPM_VERSION)
46
+
47
+ if should_version.is_a?(RPM_VERSION_RANGE::Eq)
48
+ return super
49
+ end
46
50
  rescue RPM_VERSION_RANGE::ValidationFailure, RPM_VERSION::ValidationFailure
47
51
  Puppet.debug("Cannot parse #{should} as a RPM version range")
48
52
  return super
@@ -192,6 +196,9 @@ defaultfor :osfamily => :redhat, :operatingsystemmajrelease => (4..7).to_a
192
196
  if should.is_a?(String)
193
197
  begin
194
198
  should_range = RPM_VERSION_RANGE.parse(should, RPM_VERSION)
199
+ if should_range.is_a?(RPM_VERSION_RANGE::Eq)
200
+ return should
201
+ end
195
202
  rescue RPM_VERSION_RANGE::ValidationFailure, RPM_VERSION::ValidationFailure
196
203
  Puppet.debug("Cannot parse #{should} as a RPM version range")
197
204
  return should
@@ -2,7 +2,7 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
2
2
  desc "Support for SuSE `zypper` package manager. Found in SLES10sp2+ and SLES11.
3
3
 
4
4
  This provider supports the `install_options` attribute, which allows command-line flags to be passed to zypper.
5
- These options should be specified as an array where each element is either a
5
+ These options should be specified as an array where each element is either a
6
6
  string or a hash."
7
7
 
8
8
  has_feature :versionable, :install_options, :virtual_packages
@@ -50,6 +50,41 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
50
50
  execute(cmd, { :failonfail => false, :combine => true})
51
51
  end
52
52
 
53
+ def best_version(should)
54
+ if should.is_a?(String)
55
+ begin
56
+ should_range = Puppet::Util::Package::Version::Range.parse(should, Puppet::Util::Package::Version::Rpm)
57
+ rescue Puppet::Util::Package::Version::Range::ValidationFailure, Puppet::Util::Package::Version::Rpm::ValidationFailure
58
+ Puppet.debug("Cannot parse #{should} as a RPM version range")
59
+ return should
60
+ end
61
+
62
+ if should_range.is_a?(Puppet::Util::Package::Version::Range::Eq)
63
+ return should
64
+ end
65
+
66
+ sorted_versions = SortedSet.new
67
+
68
+ output = zypper('search', '--match-exact', '--type', 'package', '--uninstalled-only', '-s', @resource[:name])
69
+ output.lines.each do |line|
70
+ pkg_ver = line.split(/\s*\|\s*/)
71
+ next unless pkg_ver[1] == @resource[:name]
72
+ begin
73
+ rpm_version = Puppet::Util::Package::Version::Rpm.parse(pkg_ver[3])
74
+
75
+ sorted_versions << rpm_version if should_range.include?(rpm_version)
76
+ rescue Puppet::Util::Package::Version::Rpm::ValidationFailure
77
+ Puppet.debug("Cannot parse #{pkg_ver[3]} as a RPM version")
78
+ end
79
+ end
80
+
81
+ return sorted_versions.entries.last if sorted_versions.any?
82
+
83
+ Puppet.debug("No available version for package #{@resource[:name]} is included in range #{should_range}")
84
+ should
85
+ end
86
+ end
87
+
53
88
  # Install a package using 'zypper'.
54
89
  def install
55
90
  should = @resource.should(:ensure)
@@ -62,6 +97,7 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
62
97
  should = nil
63
98
  else
64
99
  # Add the package version
100
+ should = best_version(should)
65
101
  wanted = "#{wanted}-#{should}"
66
102
  end
67
103
 
@@ -89,6 +125,7 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
89
125
  options = []
90
126
  options << quiet
91
127
  options << '--no-gpg-check' unless inst_opts.delete('--no-gpg-check').nil?
128
+ options << '--no-gpg-checks' unless inst_opts.delete('--no-gpg-checks').nil?
92
129
  options << :install
93
130
 
94
131
  #zypper 0.6.13 (OpenSuSE 10.2) does not support auto agree with licenses
@@ -142,4 +179,25 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
142
179
  end
143
180
 
144
181
  end
182
+
183
+ def insync?(is)
184
+ return false if [:purged, :absent].include?(is)
185
+
186
+ should = @resource[:ensure]
187
+ if should.is_a?(String)
188
+ begin
189
+ should_version = Puppet::Util::Package::Version::Range.parse(should, Puppet::Util::Package::Version::Rpm)
190
+ rescue Puppet::Util::Package::Version::Range::ValidationFailure, Puppet::Util::Package::Version::Rpm::ValidationFailure
191
+ Puppet.debug("Cannot parse #{should} as a RPM version range")
192
+ return super
193
+ end
194
+
195
+ begin
196
+ is_version = Puppet::Util::Package::Version::Rpm.parse(is)
197
+ should_version.include?(is_version)
198
+ rescue Puppet::Util::Package::Version::Rpm::ValidationFailure
199
+ Puppet.debug("Cannot parse #{is} as a RPM version")
200
+ end
201
+ end
202
+ end
145
203
  end
@@ -30,7 +30,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
30
30
  def self.instances
31
31
  i = []
32
32
  output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
33
- output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad)\s*$/i).each do |m|
33
+ output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s*$/i).each do |m|
34
34
  Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
35
35
  i << new(:name => m[0])
36
36
  end
@@ -39,6 +39,22 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
39
39
  return []
40
40
  end
41
41
 
42
+ # Static services cannot be enabled or disabled manually. Indirect services
43
+ # should not be enabled or disabled due to limitations in systemd (see
44
+ # https://github.com/systemd/systemd/issues/6681).
45
+ def enabled_insync?(current)
46
+ case cached_enabled?[:output]
47
+ when 'static'
48
+ Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
49
+ return true
50
+ when 'indirect'
51
+ Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
52
+ return true
53
+ else
54
+ current == @resource[:enable]
55
+ end
56
+ end
57
+
42
58
  # This helper ensures that the enable state cache is always reset
43
59
  # after a systemctl enable operation. A particular service state is not guaranteed
44
60
  # after such an operation, so the cache must be emptied to prevent inconsistencies
@@ -70,12 +86,13 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
70
86
  def cached_enabled?
71
87
  return @cached_enabled if @cached_enabled
72
88
  cmd = [command(:systemctl), 'is-enabled', '--', @resource[:name]]
73
- @cached_enabled = execute(cmd, :failonfail => false).strip
89
+ result = execute(cmd, :failonfail => false)
90
+ @cached_enabled = { output: result.chomp, exitcode: result.exitstatus }
74
91
  end
75
92
 
76
93
  def enabled?
77
- output = cached_enabled?
78
- code = $CHILD_STATUS.exitstatus
94
+ output = cached_enabled?[:output]
95
+ code = cached_enabled?[:exitcode]
79
96
 
80
97
  # The masked state is equivalent to the disabled state in terms of
81
98
  # comparison so we only care to check if it is masked if we want to keep
@@ -21,7 +21,11 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
21
21
  options :expiry, :method => :sp_expire,
22
22
  :munge => proc { |value|
23
23
  if value == :absent
24
- ''
24
+ if Facter.value(:operatingsystem)=='SLES' && Facter.value(:operatingsystemmajrelease) == "11"
25
+ -1
26
+ else
27
+ ''
28
+ end
25
29
  else
26
30
  case Facter.value(:operatingsystem)
27
31
  when 'Solaris'
@@ -26,11 +26,13 @@ Puppet::Reports.register_report(:http) do
26
26
  }
27
27
 
28
28
  if url.user && url.password
29
- options[:user] = url.user
30
- options[:password] = url.password
29
+ options[:basic_auth] = {
30
+ user: url.user,
31
+ password: url.password
32
+ }
31
33
  end
32
34
 
33
- client = Puppet.runtime['http']
35
+ client = Puppet.runtime[:http]
34
36
  client.post(url, self.to_yaml, headers: headers, options: options) do |response|
35
37
  unless response.success?
36
38
  Puppet.err _("Unable to submit report to %{url} [%{code}] %{message}") % { url: Puppet[:reporturl].to_s, code: response.code, message: response.reason }
@@ -1,16 +1,32 @@
1
1
  require 'puppet/http'
2
2
  require 'singleton'
3
3
 
4
+ # Provides access to runtime implementations.
5
+ #
6
+ # @api private
4
7
  class Puppet::Runtime
5
8
  include Singleton
6
9
 
7
10
  def initialize
8
11
  @runtime_services = {
9
- 'http' => proc { Puppet::HTTP::Client.new }
12
+ http: proc do
13
+ klass = Puppet::Network::HttpPool.http_client_class
14
+ if klass == Puppet::Network::HTTP::Connection ||
15
+ klass == Puppet::Network::HTTP::ConnectionAdapter
16
+ Puppet::HTTP::Client.new
17
+ else
18
+ Puppet::HTTP::ExternalClient.new(klass)
19
+ end
20
+ end
10
21
  }
11
22
  end
12
23
  private :initialize
13
24
 
25
+ # Get a runtime implementation.
26
+ #
27
+ # @param name [Symbol] the name of the implementation
28
+ # @return [Object] the runtime implementation
29
+ # @api private
14
30
  def [](name)
15
31
  service = @runtime_services[name]
16
32
  raise ArgumentError, "Unknown service #{name}" unless service
@@ -22,11 +38,18 @@ class Puppet::Runtime
22
38
  end
23
39
  end
24
40
 
41
+ # Register a runtime implementation.
42
+ #
43
+ # @param name [Symbol] the name of the implementation
44
+ # @param impl [Object] the runtime implementation
45
+ # @api private
25
46
  def []=(name, impl)
26
47
  @runtime_services[name] = impl
27
48
  end
28
49
 
29
- # for testing
50
+ # Clears all implementations. This is used for testing.
51
+ #
52
+ # @api private
30
53
  def clear
31
54
  initialize
32
55
  end
@@ -279,8 +279,8 @@ class Puppet::SSL::StateMachine
279
279
  Puppet.info(_("Will try again in %{time} seconds.") % {time: time})
280
280
 
281
281
  # close persistent connections and session state before sleeping
282
- Puppet.runtime['http'].close
283
- @machine.session = Puppet.runtime['http'].create_session
282
+ Puppet.runtime[:http].close
283
+ @machine.session = Puppet.runtime[:http].create_session
284
284
 
285
285
  @machine.unlock
286
286
  Kernel.sleep(time)
@@ -301,15 +301,31 @@ class Puppet::SSL::StateMachine
301
301
  # our ssl directory may have been cleaned while we were
302
302
  # sleeping, start over from the top
303
303
  NeedCACerts.new(@machine)
304
+ elsif @machine.waitforlock < 1
305
+ LockFailure.new(@machine, _("Another puppet instance is already running and the waitforlock setting is set to 0; exiting"))
306
+ elsif Time.now.to_i >= @machine.waitlock_deadline
307
+ LockFailure.new(@machine, _("Another puppet instance is already running and the maxwaitforlock timeout has been exceeded; exiting"))
304
308
  else
305
- LockFailure.new(@machine, nil)
309
+ Puppet.info _("Another puppet instance is already running; waiting for it to finish")
310
+ Puppet.info _("Will try again in %{time} seconds.") % {time: @machine.waitforlock}
311
+ Kernel.sleep @machine.waitforlock
312
+
313
+ # try again
314
+ self
306
315
  end
307
316
  end
308
317
  end
309
318
 
310
319
  # We failed to acquire the lock, so exit
311
320
  #
312
- class LockFailure < SSLState; end
321
+ class LockFailure < SSLState
322
+ attr_reader :message
323
+
324
+ def initialize(machine, message)
325
+ super(machine, nil)
326
+ @message = message
327
+ end
328
+ end
313
329
 
314
330
  # We cannot make progress due to an error.
315
331
  #
@@ -333,7 +349,7 @@ class Puppet::SSL::StateMachine
333
349
  #
334
350
  class Done < SSLState; end
335
351
 
336
- attr_reader :waitforcert, :wait_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
352
+ attr_reader :waitforcert, :wait_deadline, :waitforlock, :waitlock_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
337
353
  attr_accessor :session
338
354
 
339
355
  # Construct a state machine to manage the SSL initialization process. By
@@ -346,7 +362,12 @@ class Puppet::SSL::StateMachine
346
362
  # then then state machine will exit instead of wait.
347
363
  #
348
364
  # @param waitforcert [Integer] how many seconds to wait between attempts
349
- # @param maxwiatforcert [Integer] maximum amount of second
365
+ # @param maxwaitforcert [Integer] maximum amount of seconds to wait for the
366
+ # server to sign the certificate request
367
+ # @param waitforlock [Integer] how many seconds to wait between attempts for
368
+ # acquiring the ssl lock
369
+ # @param maxwaitforlock [Integer] maximum amount of seconds to wait for an
370
+ # already running process to release the ssl lock
350
371
  # @param onetime [Boolean] whether to run onetime
351
372
  # @param lockfile [Puppet::Util::Pidlock] lockfile to protect against
352
373
  # concurrent modification by multiple processes
@@ -359,6 +380,8 @@ class Puppet::SSL::StateMachine
359
380
  # downloaded CA bundle
360
381
  def initialize(waitforcert: Puppet[:waitforcert],
361
382
  maxwaitforcert: Puppet[:maxwaitforcert],
383
+ waitforlock: Puppet[:waitforlock],
384
+ maxwaitforlock: Puppet[:maxwaitforlock],
362
385
  onetime: Puppet[:onetime],
363
386
  cert_provider: Puppet::X509::CertProvider.new,
364
387
  ssl_provider: Puppet::SSL::SSLProvider.new,
@@ -367,13 +390,15 @@ class Puppet::SSL::StateMachine
367
390
  ca_fingerprint: Puppet[:ca_fingerprint])
368
391
  @waitforcert = waitforcert
369
392
  @wait_deadline = Time.now.to_i + maxwaitforcert
393
+ @waitforlock = waitforlock
394
+ @waitlock_deadline = Time.now.to_i + maxwaitforlock
370
395
  @onetime = onetime
371
396
  @cert_provider = cert_provider
372
397
  @ssl_provider = ssl_provider
373
398
  @lockfile = lockfile
374
399
  @digest = digest
375
400
  @ca_fingerprint = ca_fingerprint
376
- @session = Puppet.runtime['http'].create_session
401
+ @session = Puppet.runtime[:http].create_session
377
402
  end
378
403
 
379
404
  # Run the state machine for CA certs and CRLs.
@@ -427,7 +452,7 @@ class Puppet::SSL::StateMachine
427
452
  when stop
428
453
  break
429
454
  when LockFailure
430
- raise Puppet::Error, _('Another puppet instance is already running; exiting')
455
+ raise Puppet::Error, state.message
431
456
  when Error
432
457
  if @onetime
433
458
  Puppet.log_exception(state.error)
@@ -6,10 +6,18 @@
6
6
  # loaded above.
7
7
  #
8
8
  class Puppet::SSL::VerifierAdapter
9
- attr_reader :validator
9
+ attr_reader :validator, :ssl_context
10
10
 
11
11
  def initialize(validator)
12
12
  @validator = validator
13
+
14
+ if validator.is_a?(Puppet::SSL::Validator::NoValidator)
15
+ ssl = Puppet::SSL::SSLProvider.new
16
+ @ssl_context = ssl.create_insecure_context
17
+ else
18
+ # nil means use the default SSLContext
19
+ @ssl_context = nil
20
+ end
13
21
  end
14
22
 
15
23
  # Return true if `self` is reusable with `verifier` meaning they
@@ -137,7 +137,7 @@ module Puppet::Test
137
137
  trusted_information:
138
138
  Puppet::Context::TrustedInformation.new('local', 'testing', {}, { "trusted_testhelper" => true }),
139
139
  ssl_context: Puppet::SSL::SSLContext.new(cacerts: []).freeze,
140
- http_session: proc { Puppet.runtime["http"].create_session }
140
+ http_session: proc { Puppet.runtime[:http].create_session }
141
141
  },
142
142
  "Context for specs")
143
143
 
@@ -297,7 +297,7 @@ module Puppet
297
297
  end
298
298
 
299
299
  def get_from_http_source(url, &block)
300
- client = Puppet.runtime['http']
300
+ client = Puppet.runtime[:http]
301
301
  client.get(url, options: {include_system_store: true}) do |response|
302
302
  raise Puppet::HTTP::ResponseError.new(response) unless response.success?
303
303
 
@@ -62,6 +62,9 @@ module Puppet
62
62
  passed to the installer command."
63
63
  feature :uninstall_options, "The provider accepts options to be
64
64
  passed to the uninstaller command."
65
+ feature :disableable, "The provider can disable packages. This feature is used by specifying `disabled` as the
66
+ desired value for the package.",
67
+ :methods => [:disable]
65
68
  feature :supports_flavors, "The provider accepts flavors, which are specific variants of packages."
66
69
  feature :package_settings, "The provider accepts package_settings to be
67
70
  ensured for the given package. The meaning and format of these settings is
@@ -107,6 +110,10 @@ module Puppet
107
110
  provider.deprecated_hold
108
111
  end
109
112
 
113
+ newvalue(:disabled, :required_features => :disableable) do
114
+ provider.disable
115
+ end
116
+
110
117
  # Alias the 'present' value.
111
118
  aliasvalue(:installed, :present)
112
119
 
@@ -154,7 +161,7 @@ module Puppet
154
161
  @should.each { |should|
155
162
  case should
156
163
  when :present
157
- return true unless [:absent, :purged, :held].include?(is)
164
+ return true unless [:absent, :purged, :held, :disabled].include?(is)
158
165
  when :latest
159
166
  # Short-circuit packages that are not present
160
167
  return false if is == :absent || is == :purged
@@ -411,6 +418,11 @@ module Puppet
411
418
  newproperty(:flavor, :required_features => :supports_flavors) do
412
419
  desc "OpenBSD and DNF modules support 'flavors', which are
413
420
  further specifications for which type of package you want."
421
+ validate do |value|
422
+ if [:disabled, "disabled"].include?(@resource[:ensure]) && value
423
+ raise ArgumentError, _('Cannot have both `ensure => disabled` and `flavor`')
424
+ end
425
+ end
414
426
  end
415
427
 
416
428
  newparam(:source) do
@@ -509,6 +521,9 @@ module Puppet
509
521
  if [true, :true, "true"].include?(value) && @resource[:flavor]
510
522
  raise ArgumentError, _('Cannot have both `enable_only => true` and `flavor`')
511
523
  end
524
+ if [:disabled, "disabled"].include?(@resource[:ensure])
525
+ raise ArgumentError, _('Cannot have both `ensure => disabled` and `enable_only => true`')
526
+ end
512
527
  end
513
528
  end
514
529