puppet 6.16.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (645) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -3
  3. data/Gemfile.lock +31 -33
  4. data/README.md +4 -5
  5. data/Rakefile +4 -12
  6. data/conf/fileserver.conf +5 -10
  7. data/ext/build_defaults.yaml +1 -1
  8. data/ext/osx/file_mapping.yaml +0 -5
  9. data/ext/project_data.yaml +1 -14
  10. data/ext/redhat/puppet.spec.erb +0 -1
  11. data/ext/windows/service/daemon.rb +6 -5
  12. data/install.rb +21 -17
  13. data/lib/puppet.rb +11 -20
  14. data/lib/puppet/agent.rb +2 -2
  15. data/lib/puppet/agent/locker.rb +0 -7
  16. data/lib/puppet/application.rb +172 -98
  17. data/lib/puppet/application/agent.rb +22 -6
  18. data/lib/puppet/application/apply.rb +18 -20
  19. data/lib/puppet/application/device.rb +100 -104
  20. data/lib/puppet/application/doc.rb +1 -1
  21. data/lib/puppet/application/filebucket.rb +15 -11
  22. data/lib/puppet/application/lookup.rb +16 -4
  23. data/lib/puppet/application/ssl.rb +1 -1
  24. data/lib/puppet/configurer.rb +66 -31
  25. data/lib/puppet/configurer/downloader.rb +31 -10
  26. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  27. data/lib/puppet/confine.rb +2 -2
  28. data/lib/puppet/confine/any.rb +1 -1
  29. data/lib/puppet/defaults.rb +166 -169
  30. data/lib/puppet/environments.rb +41 -15
  31. data/lib/puppet/face/catalog.rb +1 -1
  32. data/lib/puppet/face/config.rb +56 -16
  33. data/lib/puppet/face/epp.rb +12 -2
  34. data/lib/puppet/face/facts.rb +66 -6
  35. data/lib/puppet/face/help.rb +1 -1
  36. data/lib/puppet/face/node.rb +3 -3
  37. data/lib/puppet/face/node/clean.rb +2 -2
  38. data/lib/puppet/face/plugin.rb +5 -8
  39. data/lib/puppet/feature/base.rb +1 -1
  40. data/lib/puppet/ffi/windows.rb +12 -0
  41. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  42. data/lib/puppet/ffi/windows/constants.rb +404 -0
  43. data/lib/puppet/ffi/windows/functions.rb +628 -0
  44. data/lib/puppet/ffi/windows/structs.rb +338 -0
  45. data/lib/puppet/file_bucket/dipper.rb +1 -1
  46. data/lib/puppet/file_serving/configuration.rb +0 -5
  47. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  48. data/lib/puppet/file_serving/http_metadata.rb +13 -1
  49. data/lib/puppet/file_serving/metadata.rb +4 -1
  50. data/lib/puppet/file_serving/mount.rb +1 -2
  51. data/lib/puppet/file_serving/mount/locales.rb +1 -2
  52. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
  53. data/lib/puppet/file_serving/mount/plugins.rb +1 -2
  54. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  55. data/lib/puppet/file_system/file_impl.rb +4 -4
  56. data/lib/puppet/file_system/uniquefile.rb +8 -16
  57. data/lib/puppet/forge.rb +1 -1
  58. data/lib/puppet/forge/cache.rb +1 -1
  59. data/lib/puppet/forge/repository.rb +3 -8
  60. data/lib/puppet/functions/epp.rb +1 -0
  61. data/lib/puppet/functions/inline_epp.rb +1 -0
  62. data/lib/puppet/functions/lstrip.rb +4 -4
  63. data/lib/puppet/functions/new.rb +8 -3
  64. data/lib/puppet/functions/reverse_each.rb +1 -1
  65. data/lib/puppet/functions/rstrip.rb +4 -4
  66. data/lib/puppet/functions/step.rb +1 -1
  67. data/lib/puppet/functions/strip.rb +4 -4
  68. data/lib/puppet/generate/models/type/type.rb +4 -1
  69. data/lib/puppet/gettext/config.rb +5 -5
  70. data/lib/puppet/gettext/module_translations.rb +4 -4
  71. data/lib/puppet/http.rb +23 -13
  72. data/lib/puppet/http/client.rb +170 -115
  73. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  74. data/lib/puppet/http/errors.rb +16 -0
  75. data/lib/puppet/http/external_client.rb +5 -7
  76. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  77. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  78. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  79. data/lib/puppet/http/proxy.rb +137 -0
  80. data/lib/puppet/http/redirector.rb +13 -19
  81. data/lib/puppet/http/resolver.rb +10 -23
  82. data/lib/puppet/http/resolver/server_list.rb +23 -45
  83. data/lib/puppet/http/resolver/settings.rb +7 -10
  84. data/lib/puppet/http/resolver/srv.rb +11 -15
  85. data/lib/puppet/http/response.rb +49 -48
  86. data/lib/puppet/http/response_converter.rb +24 -0
  87. data/lib/puppet/http/response_net_http.rb +42 -0
  88. data/lib/puppet/http/retry_after_handler.rb +4 -13
  89. data/lib/puppet/http/service.rb +15 -27
  90. data/lib/puppet/http/service/ca.rb +11 -22
  91. data/lib/puppet/http/service/compiler.rb +23 -70
  92. data/lib/puppet/http/service/file_server.rb +19 -28
  93. data/lib/puppet/http/service/puppetserver.rb +53 -0
  94. data/lib/puppet/http/service/report.rb +8 -10
  95. data/lib/puppet/http/session.rb +16 -24
  96. data/lib/puppet/{network/http → http}/site.rb +1 -2
  97. data/lib/puppet/indirector.rb +1 -1
  98. data/lib/puppet/indirector/catalog/compiler.rb +1 -1
  99. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  100. data/lib/puppet/indirector/exec.rb +1 -1
  101. data/lib/puppet/indirector/fact_search.rb +60 -0
  102. data/lib/puppet/indirector/facts/facter.rb +27 -6
  103. data/lib/puppet/indirector/facts/json.rb +27 -0
  104. data/lib/puppet/indirector/facts/rest.rb +3 -22
  105. data/lib/puppet/indirector/facts/yaml.rb +4 -59
  106. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  107. data/lib/puppet/indirector/file_content/rest.rb +3 -7
  108. data/lib/puppet/indirector/file_metadata/http.rb +25 -5
  109. data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
  110. data/lib/puppet/indirector/file_server.rb +1 -8
  111. data/lib/puppet/indirector/generic_http.rb +0 -11
  112. data/lib/puppet/indirector/hiera.rb +4 -0
  113. data/lib/puppet/indirector/indirection.rb +1 -1
  114. data/lib/puppet/indirector/json.rb +5 -1
  115. data/lib/puppet/indirector/msgpack.rb +1 -1
  116. data/lib/puppet/indirector/node/json.rb +8 -0
  117. data/lib/puppet/indirector/node/rest.rb +2 -4
  118. data/lib/puppet/indirector/report/json.rb +34 -0
  119. data/lib/puppet/indirector/report/processor.rb +2 -2
  120. data/lib/puppet/indirector/report/rest.rb +3 -8
  121. data/lib/puppet/indirector/request.rb +2 -103
  122. data/lib/puppet/indirector/rest.rb +12 -263
  123. data/lib/puppet/indirector/yaml.rb +1 -1
  124. data/lib/puppet/module.rb +1 -2
  125. data/lib/puppet/module_tool/applications.rb +0 -1
  126. data/lib/puppet/network/authconfig.rb +2 -96
  127. data/lib/puppet/network/authorization.rb +13 -35
  128. data/lib/puppet/network/format_support.rb +2 -2
  129. data/lib/puppet/network/formats.rb +2 -1
  130. data/lib/puppet/network/http.rb +3 -3
  131. data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
  132. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  133. data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
  134. data/lib/puppet/network/http/connection.rb +247 -316
  135. data/lib/puppet/network/http/handler.rb +0 -1
  136. data/lib/puppet/network/http/route.rb +2 -2
  137. data/lib/puppet/network/http_pool.rb +16 -34
  138. data/lib/puppet/node.rb +1 -30
  139. data/lib/puppet/node/environment.rb +12 -5
  140. data/lib/puppet/node/facts.rb +17 -0
  141. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  142. data/lib/puppet/pal/pal_impl.rb +93 -14
  143. data/lib/puppet/parameter.rb +1 -1
  144. data/lib/puppet/parser/ast/leaf.rb +5 -5
  145. data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
  146. data/lib/puppet/parser/compiler.rb +1 -199
  147. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  148. data/lib/puppet/parser/functions.rb +21 -17
  149. data/lib/puppet/parser/functions/create_resources.rb +11 -7
  150. data/lib/puppet/parser/resource.rb +3 -71
  151. data/lib/puppet/parser/resource/param.rb +6 -0
  152. data/lib/puppet/parser/type_loader.rb +2 -2
  153. data/lib/puppet/pops/adaptable.rb +7 -13
  154. data/lib/puppet/pops/adapters.rb +8 -4
  155. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
  156. data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
  157. data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
  158. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  159. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  160. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  161. data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
  162. data/lib/puppet/pops/loaders.rb +18 -11
  163. data/lib/puppet/pops/lookup/context.rb +1 -1
  164. data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
  165. data/lib/puppet/pops/model/ast.pp +0 -42
  166. data/lib/puppet/pops/model/ast.rb +0 -290
  167. data/lib/puppet/pops/model/factory.rb +0 -45
  168. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  169. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  170. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  171. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  172. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  173. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  174. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  175. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
  176. data/lib/puppet/pops/types/iterable.rb +34 -8
  177. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  178. data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
  179. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  180. data/lib/puppet/pops/types/type_parser.rb +0 -4
  181. data/lib/puppet/pops/types/types.rb +0 -1
  182. data/lib/puppet/pops/validation/checker4_0.rb +28 -42
  183. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  184. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
  185. data/lib/puppet/provider.rb +0 -13
  186. data/lib/puppet/provider/file/windows.rb +1 -1
  187. data/lib/puppet/provider/nameservice.rb +0 -18
  188. data/lib/puppet/provider/package/apt.rb +34 -0
  189. data/lib/puppet/provider/package/aptitude.rb +1 -1
  190. data/lib/puppet/provider/package/dpkg.rb +1 -11
  191. data/lib/puppet/provider/package/gem.rb +27 -5
  192. data/lib/puppet/provider/package/pip.rb +0 -1
  193. data/lib/puppet/provider/package/pip2.rb +17 -0
  194. data/lib/puppet/provider/package/pkg.rb +0 -4
  195. data/lib/puppet/provider/package/portage.rb +1 -1
  196. data/lib/puppet/provider/package/puppet_gem.rb +6 -4
  197. data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
  198. data/lib/puppet/provider/package/yum.rb +2 -1
  199. data/lib/puppet/provider/package/zypper.rb +3 -0
  200. data/lib/puppet/provider/service/smf.rb +191 -73
  201. data/lib/puppet/provider/service/windows.rb +23 -7
  202. data/lib/puppet/provider/user/aix.rb +1 -1
  203. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  204. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  205. data/lib/puppet/provider/user/useradd.rb +11 -4
  206. data/lib/puppet/provider/user/windows_adsi.rb +18 -1
  207. data/lib/puppet/reference/configuration.rb +2 -0
  208. data/lib/puppet/reference/indirection.rb +1 -1
  209. data/lib/puppet/reports/http.rb +2 -0
  210. data/lib/puppet/resource.rb +3 -90
  211. data/lib/puppet/resource/catalog.rb +1 -14
  212. data/lib/puppet/resource/type.rb +5 -112
  213. data/lib/puppet/resource/type_collection.rb +3 -48
  214. data/lib/puppet/runtime.rb +1 -2
  215. data/lib/puppet/settings.rb +84 -35
  216. data/lib/puppet/settings/base_setting.rb +26 -2
  217. data/lib/puppet/settings/integer_setting.rb +17 -0
  218. data/lib/puppet/settings/port_setting.rb +15 -0
  219. data/lib/puppet/settings/priority_setting.rb +5 -4
  220. data/lib/puppet/ssl.rb +10 -6
  221. data/lib/puppet/ssl/base.rb +3 -5
  222. data/lib/puppet/ssl/certificate.rb +0 -6
  223. data/lib/puppet/ssl/certificate_request.rb +1 -12
  224. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  225. data/lib/puppet/ssl/oids.rb +3 -1
  226. data/lib/puppet/ssl/ssl_context.rb +2 -2
  227. data/lib/puppet/ssl/ssl_provider.rb +37 -1
  228. data/lib/puppet/ssl/state_machine.rb +3 -1
  229. data/lib/puppet/ssl/verifier.rb +2 -0
  230. data/lib/puppet/test/test_helper.rb +19 -16
  231. data/lib/puppet/transaction.rb +3 -9
  232. data/lib/puppet/transaction/persistence.rb +1 -1
  233. data/lib/puppet/transaction/report.rb +10 -8
  234. data/lib/puppet/trusted_external.rb +29 -1
  235. data/lib/puppet/type.rb +9 -77
  236. data/lib/puppet/type/file.rb +45 -22
  237. data/lib/puppet/type/file/checksum.rb +5 -5
  238. data/lib/puppet/type/file/source.rb +33 -13
  239. data/lib/puppet/type/filebucket.rb +4 -4
  240. data/lib/puppet/type/notify.rb +2 -2
  241. data/lib/puppet/type/package.rb +5 -13
  242. data/lib/puppet/type/service.rb +53 -0
  243. data/lib/puppet/type/user.rb +18 -3
  244. data/lib/puppet/util.rb +41 -3
  245. data/lib/puppet/util/autoload.rb +9 -7
  246. data/lib/puppet/util/character_encoding.rb +9 -5
  247. data/lib/puppet/util/checksums.rb +19 -4
  248. data/lib/puppet/util/execution.rb +2 -13
  249. data/lib/puppet/util/fileparsing.rb +2 -2
  250. data/lib/puppet/util/http_proxy.rb +2 -215
  251. data/lib/puppet/util/monkey_patches.rb +0 -46
  252. data/lib/puppet/util/provider_features.rb +1 -1
  253. data/lib/puppet/util/rdoc.rb +0 -7
  254. data/lib/puppet/util/reference.rb +1 -1
  255. data/lib/puppet/util/retry_action.rb +1 -1
  256. data/lib/puppet/util/rubygems.rb +5 -1
  257. data/lib/puppet/util/run_mode.rb +14 -2
  258. data/lib/puppet/util/windows.rb +3 -7
  259. data/lib/puppet/util/windows/daemon.rb +360 -0
  260. data/lib/puppet/util/windows/error.rb +1 -0
  261. data/lib/puppet/util/windows/eventlog.rb +5 -15
  262. data/lib/puppet/util/windows/file.rb +8 -242
  263. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  264. data/lib/puppet/util/windows/principal.rb +8 -6
  265. data/lib/puppet/util/windows/process.rb +4 -226
  266. data/lib/puppet/util/windows/registry.rb +11 -11
  267. data/lib/puppet/util/windows/security.rb +4 -4
  268. data/lib/puppet/util/windows/service.rb +52 -486
  269. data/lib/puppet/util/windows/string.rb +12 -13
  270. data/lib/puppet/util/windows/user.rb +242 -8
  271. data/lib/puppet/util/yaml.rb +0 -22
  272. data/lib/puppet/vendor/require_vendored.rb +0 -1
  273. data/lib/puppet/version.rb +1 -1
  274. data/lib/puppet/x509.rb +5 -1
  275. data/lib/puppet/x509/cert_provider.rb +29 -1
  276. data/locales/puppet.pot +713 -1380
  277. data/man/man5/puppet.conf.5 +84 -98
  278. data/man/man8/puppet-agent.8 +7 -4
  279. data/man/man8/puppet-apply.8 +1 -1
  280. data/man/man8/puppet-catalog.8 +1 -1
  281. data/man/man8/puppet-config.8 +6 -6
  282. data/man/man8/puppet-describe.8 +1 -1
  283. data/man/man8/puppet-device.8 +1 -1
  284. data/man/man8/puppet-doc.8 +1 -1
  285. data/man/man8/puppet-epp.8 +1 -1
  286. data/man/man8/puppet-facts.8 +55 -9
  287. data/man/man8/puppet-filebucket.8 +6 -6
  288. data/man/man8/puppet-generate.8 +1 -1
  289. data/man/man8/puppet-help.8 +1 -1
  290. data/man/man8/puppet-lookup.8 +2 -2
  291. data/man/man8/puppet-module.8 +1 -58
  292. data/man/man8/puppet-node.8 +7 -4
  293. data/man/man8/puppet-parser.8 +1 -1
  294. data/man/man8/puppet-plugin.8 +1 -1
  295. data/man/man8/puppet-report.8 +4 -1
  296. data/man/man8/puppet-resource.8 +1 -1
  297. data/man/man8/puppet-script.8 +1 -1
  298. data/man/man8/puppet-ssl.8 +1 -1
  299. data/man/man8/puppet.8 +2 -2
  300. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
  301. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
  302. data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
  303. data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
  304. data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
  305. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  306. data/spec/integration/application/agent_spec.rb +157 -59
  307. data/spec/integration/application/apply_spec.rb +150 -150
  308. data/spec/integration/application/doc_spec.rb +16 -6
  309. data/spec/integration/application/filebucket_spec.rb +78 -29
  310. data/spec/integration/application/help_spec.rb +44 -0
  311. data/spec/integration/application/lookup_spec.rb +13 -0
  312. data/spec/integration/application/module_spec.rb +68 -0
  313. data/spec/integration/application/plugin_spec.rb +76 -4
  314. data/spec/integration/configurer_spec.rb +14 -0
  315. data/spec/integration/data_binding_spec.rb +82 -0
  316. data/spec/integration/defaults_spec.rb +33 -5
  317. data/spec/integration/directory_environments_spec.rb +17 -17
  318. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  319. data/spec/integration/indirector/facts/facter_spec.rb +8 -6
  320. data/spec/integration/network/http_pool_spec.rb +29 -30
  321. data/spec/integration/node/environment_spec.rb +1 -1
  322. data/spec/integration/parser/catalog_spec.rb +0 -38
  323. data/spec/integration/parser/compiler_spec.rb +11 -0
  324. data/spec/integration/parser/node_spec.rb +0 -9
  325. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  326. data/spec/integration/type/file_spec.rb +6 -5
  327. data/spec/integration/util/execution_spec.rb +22 -0
  328. data/spec/integration/util/windows/adsi_spec.rb +2 -2
  329. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  330. data/spec/integration/util/windows/process_spec.rb +26 -32
  331. data/spec/integration/util/windows/registry_spec.rb +7 -7
  332. data/spec/integration/util/windows/security_spec.rb +1 -1
  333. data/spec/integration/util/windows/user_spec.rb +47 -5
  334. data/spec/integration/util_spec.rb +7 -33
  335. data/spec/lib/puppet_spec/matchers.rb +0 -80
  336. data/spec/lib/puppet_spec/puppetserver.rb +9 -1
  337. data/spec/lib/puppet_spec/settings.rb +7 -1
  338. data/spec/shared_contexts/types_setup.rb +2 -0
  339. data/spec/spec_helper.rb +2 -0
  340. data/spec/unit/agent_spec.rb +0 -2
  341. data/spec/unit/application/agent_spec.rb +3 -4
  342. data/spec/unit/application/config_spec.rb +224 -4
  343. data/spec/unit/application/doc_spec.rb +2 -2
  344. data/spec/unit/application/face_base_spec.rb +6 -4
  345. data/spec/unit/application/facts_spec.rb +74 -8
  346. data/spec/unit/application/filebucket_spec.rb +41 -39
  347. data/spec/unit/application/resource_spec.rb +3 -1
  348. data/spec/unit/application/ssl_spec.rb +17 -4
  349. data/spec/unit/application_spec.rb +9 -4
  350. data/spec/unit/certificate_factory_spec.rb +1 -1
  351. data/spec/unit/configurer/downloader_spec.rb +14 -0
  352. data/spec/unit/configurer/fact_handler_spec.rb +4 -4
  353. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  354. data/spec/unit/configurer_spec.rb +96 -44
  355. data/spec/unit/confine_spec.rb +2 -1
  356. data/spec/unit/context/trusted_information_spec.rb +12 -10
  357. data/spec/unit/defaults_spec.rb +77 -28
  358. data/spec/unit/environments_spec.rb +96 -32
  359. data/spec/unit/face/config_spec.rb +65 -12
  360. data/spec/unit/face/facts_spec.rb +4 -0
  361. data/spec/unit/face/node_spec.rb +2 -2
  362. data/spec/unit/face/plugin_spec.rb +73 -33
  363. data/spec/unit/file_bucket/file_spec.rb +1 -1
  364. data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
  365. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  366. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  367. data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
  368. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
  369. data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
  370. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  371. data/spec/unit/file_system/uniquefile_spec.rb +18 -0
  372. data/spec/unit/file_system_spec.rb +1 -2
  373. data/spec/unit/functions/camelcase_spec.rb +1 -1
  374. data/spec/unit/functions/capitalize_spec.rb +1 -1
  375. data/spec/unit/functions/downcase_spec.rb +1 -1
  376. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  377. data/spec/unit/functions/upcase_spec.rb +1 -1
  378. data/spec/unit/http/client_spec.rb +71 -17
  379. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  380. data/spec/unit/http/external_client_spec.rb +4 -4
  381. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  382. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  383. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  384. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  385. data/spec/unit/http/resolver_spec.rb +34 -15
  386. data/spec/unit/http/response_spec.rb +6 -0
  387. data/spec/unit/http/service/ca_spec.rb +2 -3
  388. data/spec/unit/http/service/compiler_spec.rb +51 -65
  389. data/spec/unit/http/service/file_server_spec.rb +5 -6
  390. data/spec/unit/http/service/puppetserver_spec.rb +112 -0
  391. data/spec/unit/http/service/report_spec.rb +2 -3
  392. data/spec/unit/http/service_spec.rb +1 -3
  393. data/spec/unit/http/session_spec.rb +24 -35
  394. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  395. data/spec/unit/indirector/catalog/json_spec.rb +1 -1
  396. data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
  397. data/spec/unit/indirector/facts/facter_spec.rb +97 -0
  398. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  399. data/spec/unit/indirector/facts/rest_spec.rb +1 -1
  400. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  401. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  402. data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
  403. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  404. data/spec/unit/indirector/file_server_spec.rb +1 -15
  405. data/spec/unit/indirector/json_spec.rb +8 -8
  406. data/spec/unit/indirector/msgpack_spec.rb +8 -8
  407. data/spec/unit/indirector/node/json_spec.rb +33 -0
  408. data/spec/unit/indirector/node/rest_spec.rb +1 -1
  409. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  410. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  411. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  412. data/spec/unit/indirector/request_spec.rb +3 -267
  413. data/spec/unit/indirector/rest_spec.rb +98 -752
  414. data/spec/unit/indirector/yaml_spec.rb +7 -7
  415. data/spec/unit/interface_spec.rb +3 -3
  416. data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
  417. data/spec/unit/network/authconfig_spec.rb +2 -132
  418. data/spec/unit/network/authorization_spec.rb +2 -55
  419. data/spec/unit/network/format_support_spec.rb +3 -2
  420. data/spec/unit/network/formats_spec.rb +4 -4
  421. data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
  422. data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
  423. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  424. data/spec/unit/network/http/api_spec.rb +10 -0
  425. data/spec/unit/network/http/connection_spec.rb +61 -73
  426. data/spec/unit/network/http/handler_spec.rb +0 -6
  427. data/spec/unit/network/http_pool_spec.rb +0 -4
  428. data/spec/unit/node/environment_spec.rb +51 -22
  429. data/spec/unit/node_spec.rb +2 -54
  430. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  431. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  432. data/spec/unit/parser/scope_spec.rb +1 -1
  433. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
  434. data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
  435. data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
  436. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  437. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  438. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  439. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  440. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  441. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  442. data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
  443. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  444. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  445. data/spec/unit/pops/visitor_spec.rb +1 -1
  446. data/spec/unit/provider/exec_spec.rb +4 -3
  447. data/spec/unit/provider/nameservice_spec.rb +0 -57
  448. data/spec/unit/provider/package/apt_spec.rb +77 -0
  449. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  450. data/spec/unit/provider/package/dpkg_spec.rb +22 -55
  451. data/spec/unit/provider/package/gem_spec.rb +32 -0
  452. data/spec/unit/provider/package/openbsd_spec.rb +2 -0
  453. data/spec/unit/provider/package/pip2_spec.rb +36 -0
  454. data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
  455. data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
  456. data/spec/unit/provider/package/yum_spec.rb +31 -0
  457. data/spec/unit/provider/package/zypper_spec.rb +14 -0
  458. data/spec/unit/provider/service/base_spec.rb +2 -4
  459. data/spec/unit/provider/service/bsd_spec.rb +5 -1
  460. data/spec/unit/provider/service/daemontools_spec.rb +1 -1
  461. data/spec/unit/provider/service/debian_spec.rb +3 -5
  462. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  463. data/spec/unit/provider/service/gentoo_spec.rb +4 -5
  464. data/spec/unit/provider/service/init_spec.rb +45 -5
  465. data/spec/unit/provider/service/launchd_spec.rb +5 -6
  466. data/spec/unit/provider/service/openrc_spec.rb +4 -5
  467. data/spec/unit/provider/service/openwrt_spec.rb +1 -1
  468. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  469. data/spec/unit/provider/service/runit_spec.rb +2 -1
  470. data/spec/unit/provider/service/smf_spec.rb +402 -166
  471. data/spec/unit/provider/service/src_spec.rb +3 -5
  472. data/spec/unit/provider/service/systemd_spec.rb +3 -6
  473. data/spec/unit/provider/service/upstart_spec.rb +4 -5
  474. data/spec/unit/provider/service/windows_spec.rb +50 -15
  475. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  476. data/spec/unit/provider/user/useradd_spec.rb +22 -16
  477. data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
  478. data/spec/unit/provider_spec.rb +0 -12
  479. data/spec/unit/puppet_pal_2pec.rb +40 -0
  480. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  481. data/spec/unit/reports/store_spec.rb +17 -13
  482. data/spec/unit/resource/type_collection_spec.rb +2 -22
  483. data/spec/unit/resource_spec.rb +3 -59
  484. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  485. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  486. data/spec/unit/settings/port_setting_spec.rb +31 -0
  487. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  488. data/spec/unit/settings_spec.rb +586 -239
  489. data/spec/unit/ssl/base_spec.rb +36 -3
  490. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  491. data/spec/unit/ssl/certificate_spec.rb +2 -11
  492. data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
  493. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  494. data/spec/unit/ssl/verifier_spec.rb +0 -21
  495. data/spec/unit/test/test_helper_spec.rb +17 -0
  496. data/spec/unit/transaction/persistence_spec.rb +15 -0
  497. data/spec/unit/transaction/report_spec.rb +3 -3
  498. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  499. data/spec/unit/transaction_spec.rb +45 -79
  500. data/spec/unit/type/file/checksum_spec.rb +6 -6
  501. data/spec/unit/type/file/content_spec.rb +1 -1
  502. data/spec/unit/type/file/ensure_spec.rb +1 -1
  503. data/spec/unit/type/file/mode_spec.rb +1 -1
  504. data/spec/unit/type/file/source_spec.rb +4 -5
  505. data/spec/unit/type/file_spec.rb +134 -102
  506. data/spec/unit/type/filebucket_spec.rb +1 -1
  507. data/spec/unit/type/package_spec.rb +1 -1
  508. data/spec/unit/type/service_spec.rb +209 -0
  509. data/spec/unit/type/user_spec.rb +31 -2
  510. data/spec/unit/type_spec.rb +70 -0
  511. data/spec/unit/util/backups_spec.rb +0 -2
  512. data/spec/unit/util/character_encoding_spec.rb +4 -4
  513. data/spec/unit/util/checksums_spec.rb +16 -0
  514. data/spec/unit/util/command_line_spec.rb +11 -6
  515. data/spec/unit/util/execution_spec.rb +0 -29
  516. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  517. data/spec/unit/util/rubygems_spec.rb +2 -2
  518. data/spec/unit/util/run_mode_spec.rb +27 -127
  519. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  520. data/spec/unit/util/windows/service_spec.rb +4 -4
  521. data/spec/unit/util/windows/string_spec.rb +1 -3
  522. data/spec/unit/util/yaml_spec.rb +0 -54
  523. data/spec/unit/util_spec.rb +3 -21
  524. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  525. metadata +76 -270
  526. data/conf/auth.conf +0 -150
  527. data/lib/puppet/application/cert.rb +0 -76
  528. data/lib/puppet/application/key.rb +0 -4
  529. data/lib/puppet/application/man.rb +0 -4
  530. data/lib/puppet/application/status.rb +0 -4
  531. data/lib/puppet/face/key.rb +0 -16
  532. data/lib/puppet/face/man.rb +0 -145
  533. data/lib/puppet/face/module/build.rb +0 -14
  534. data/lib/puppet/face/module/generate.rb +0 -14
  535. data/lib/puppet/face/module/search.rb +0 -103
  536. data/lib/puppet/face/status.rb +0 -51
  537. data/lib/puppet/indirector/certificate/file.rb +0 -9
  538. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  539. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  540. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  541. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  542. data/lib/puppet/indirector/file_content/http.rb +0 -22
  543. data/lib/puppet/indirector/key/file.rb +0 -46
  544. data/lib/puppet/indirector/key/memory.rb +0 -7
  545. data/lib/puppet/indirector/ssl_file.rb +0 -162
  546. data/lib/puppet/indirector/status.rb +0 -3
  547. data/lib/puppet/indirector/status/local.rb +0 -12
  548. data/lib/puppet/indirector/status/rest.rb +0 -27
  549. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  550. data/lib/puppet/network/auth_config_parser.rb +0 -90
  551. data/lib/puppet/network/authstore.rb +0 -283
  552. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  553. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
  554. data/lib/puppet/network/http/base_pool.rb +0 -36
  555. data/lib/puppet/network/http/compression.rb +0 -127
  556. data/lib/puppet/network/http/connection_adapter.rb +0 -182
  557. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  558. data/lib/puppet/network/rest_controller.rb +0 -2
  559. data/lib/puppet/network/rights.rb +0 -210
  560. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
  561. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
  562. data/lib/puppet/parser/environment_compiler.rb +0 -199
  563. data/lib/puppet/pops/types/enumeration.rb +0 -16
  564. data/lib/puppet/resource/capability_finder.rb +0 -154
  565. data/lib/puppet/rest/errors.rb +0 -15
  566. data/lib/puppet/rest/response.rb +0 -35
  567. data/lib/puppet/rest/route.rb +0 -85
  568. data/lib/puppet/rest/routes.rb +0 -135
  569. data/lib/puppet/ssl/host.rb +0 -505
  570. data/lib/puppet/ssl/key.rb +0 -61
  571. data/lib/puppet/ssl/validator.rb +0 -61
  572. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  573. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  574. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  575. data/lib/puppet/status.rb +0 -40
  576. data/lib/puppet/util/connection.rb +0 -88
  577. data/lib/puppet/util/ssl.rb +0 -83
  578. data/lib/puppet/util/windows/api_types.rb +0 -282
  579. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  580. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  581. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  582. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  583. data/lib/puppet/vendor/pathspec/README.md +0 -53
  584. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  585. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  586. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  587. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  588. data/man/man8/puppet-key.8 +0 -126
  589. data/man/man8/puppet-man.8 +0 -76
  590. data/man/man8/puppet-status.8 +0 -108
  591. data/spec/integration/faces/config_spec.rb +0 -91
  592. data/spec/integration/faces/documentation_spec.rb +0 -57
  593. data/spec/integration/file_bucket/file_spec.rb +0 -50
  594. data/spec/integration/file_serving/content_spec.rb +0 -7
  595. data/spec/integration/file_serving/fileset_spec.rb +0 -12
  596. data/spec/integration/file_serving/metadata_spec.rb +0 -8
  597. data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
  598. data/spec/integration/file_system/uniquefile_spec.rb +0 -26
  599. data/spec/integration/module_tool/forge_spec.rb +0 -51
  600. data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
  601. data/spec/integration/network/authconfig_spec.rb +0 -256
  602. data/spec/integration/provider/service/init_spec.rb +0 -48
  603. data/spec/integration/provider/service/systemd_spec.rb +0 -25
  604. data/spec/integration/provider/service/windows_spec.rb +0 -50
  605. data/spec/integration/reference/providers_spec.rb +0 -21
  606. data/spec/integration/reports_spec.rb +0 -13
  607. data/spec/integration/ssl/certificate_request_spec.rb +0 -44
  608. data/spec/integration/ssl/host_spec.rb +0 -72
  609. data/spec/integration/ssl/key_spec.rb +0 -99
  610. data/spec/integration/test/test_helper_spec.rb +0 -31
  611. data/spec/shared_behaviours/file_serving_model.rb +0 -51
  612. data/spec/unit/capability_spec.rb +0 -414
  613. data/spec/unit/face/catalog_spec.rb +0 -6
  614. data/spec/unit/face/key_spec.rb +0 -9
  615. data/spec/unit/face/man_spec.rb +0 -25
  616. data/spec/unit/face/module/search_spec.rb +0 -231
  617. data/spec/unit/face/module_spec.rb +0 -3
  618. data/spec/unit/face/status_spec.rb +0 -9
  619. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  620. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  621. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  622. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  623. data/spec/unit/indirector/key/file_spec.rb +0 -79
  624. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  625. data/spec/unit/indirector/status/local_spec.rb +0 -10
  626. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  627. data/spec/unit/man_spec.rb +0 -31
  628. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  629. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  630. data/spec/unit/network/authstore_spec.rb +0 -422
  631. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  632. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  633. data/spec/unit/network/http/compression_spec.rb +0 -240
  634. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  635. data/spec/unit/network/http_spec.rb +0 -9
  636. data/spec/unit/network/rights_spec.rb +0 -439
  637. data/spec/unit/parser/environment_compiler_spec.rb +0 -723
  638. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  639. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  640. data/spec/unit/rest/route_spec.rb +0 -132
  641. data/spec/unit/ssl/host_spec.rb +0 -650
  642. data/spec/unit/ssl/key_spec.rb +0 -173
  643. data/spec/unit/ssl/validator_spec.rb +0 -278
  644. data/spec/unit/status_spec.rb +0 -45
  645. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -248,7 +248,7 @@ END
248
248
  paths = {
249
249
  'private key' => Puppet[:hostprivkey],
250
250
  'public key' => Puppet[:hostpubkey],
251
- 'certificate request' => File.join(Puppet[:requestdir], "#{Puppet[:certname]}.pem"),
251
+ 'certificate request' => Puppet[:hostcsr],
252
252
  'certificate' => Puppet[:hostcert],
253
253
  'private key password file' => Puppet[:passfile]
254
254
  }
@@ -53,6 +53,7 @@ class Puppet::Configurer
53
53
  def initialize(transaction_uuid = nil, job_id = nil)
54
54
  @running = false
55
55
  @splayed = false
56
+ @running_failure = false
56
57
  @cached_catalog_status = 'not_used'
57
58
  @environment = Puppet[:environment]
58
59
  @transaction_uuid = transaction_uuid || SecureRandom.uuid
@@ -65,9 +66,16 @@ class Puppet::Configurer
65
66
  # Get the remote catalog, yo. Returns nil if no catalog can be found.
66
67
  def retrieve_catalog(facts, query_options)
67
68
  query_options ||= {}
68
- result = retrieve_catalog_from_cache(query_options) if Puppet[:use_cached_catalog]
69
+ if Puppet[:use_cached_catalog] || @running_failure
70
+ result = retrieve_catalog_from_cache(query_options)
71
+ end
72
+
69
73
  if result
70
- @cached_catalog_status = 'explicitly_requested'
74
+ if Puppet[:use_cached_catalog]
75
+ @cached_catalog_status = 'explicitly_requested'
76
+ elsif @running_failure
77
+ @cached_catalog_status = 'on_failure'
78
+ end
71
79
 
72
80
  Puppet.info _("Using cached catalog from environment '%{environment}'") % { environment: result.environment }
73
81
  else
@@ -194,7 +202,6 @@ class Puppet::Configurer
194
202
  # This just passes any options on to the catalog,
195
203
  # which accepts :tags and :ignoreschedules.
196
204
  def run(options = {})
197
- pool = Puppet.runtime[:http].pool
198
205
  # We create the report pre-populated with default settings for
199
206
  # environment and transaction_uuid very early, this is to ensure
200
207
  # they are sent regardless of any catalog compilation failures or
@@ -207,28 +214,40 @@ class Puppet::Configurer
207
214
 
208
215
  completed = nil
209
216
  begin
210
- Puppet.override(:http_pool => pool) do
211
- # Skip failover logic if the server_list setting is empty
212
- do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
213
-
214
- # When we are passed a catalog, that means we're in apply
215
- # mode. We shouldn't try to do any failover in that case.
216
- if options[:catalog].nil? && do_failover
217
- server, port = find_functional_server
218
- if server.nil?
219
- raise Puppet::Error, _("Could not select a functional puppet master from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
217
+ # Skip failover logic if the server_list setting is empty
218
+ do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
219
+
220
+ # When we are passed a catalog, that means we're in apply
221
+ # mode. We shouldn't try to do any failover in that case.
222
+ if options[:catalog].nil? && do_failover
223
+ server, port = find_functional_server
224
+ if server.nil?
225
+ detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
226
+ if Puppet[:usecacheonfailure]
227
+ options[:pluginsync] = false
228
+ @running_failure = true
229
+
230
+ server = Puppet[:server_list].first[0]
231
+ port = Puppet[:server_list].first[1] || Puppet[:serverport]
232
+
233
+ Puppet.err(detail)
220
234
  else
221
- report.master_used = "#{server}:#{port}"
222
- end
223
- Puppet.override(server: server, serverport: port) do
224
- completed = run_internal(options)
235
+ raise Puppet::Error, detail
225
236
  end
226
237
  else
238
+ #TRANSLATORS 'server_list' is the name of a setting and should not be translated
239
+ Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
240
+ report.server_used = "#{server}:#{port}"
241
+ end
242
+ Puppet.override(server: server, serverport: port) do
227
243
  completed = run_internal(options)
228
244
  end
245
+ else
246
+ completed = run_internal(options)
229
247
  end
230
248
  ensure
231
- pool.close
249
+ # we may sleep for awhile, close connections now
250
+ Puppet.runtime[:http].close
232
251
  end
233
252
 
234
253
  completed ? report.exit_status : nil
@@ -303,6 +322,15 @@ class Puppet::Configurer
303
322
  report.environment = @environment
304
323
  query_options = nil
305
324
  facts = nil
325
+
326
+ new_env = Puppet::Node::Environment.remote(@environment)
327
+ Puppet.push_context(
328
+ {
329
+ current_environment: new_env,
330
+ loaders: Puppet::Pops::Loaders.new(new_env, true)
331
+ },
332
+ "Local node environment #{@environment} for configurer transaction"
333
+ )
306
334
  else
307
335
  Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
308
336
  end
@@ -313,19 +341,18 @@ class Puppet::Configurer
313
341
  end
314
342
  end
315
343
 
316
- current_environment = Puppet.lookup(:current_environment)
317
- if current_environment.name == @environment.intern
318
- local_node_environment = current_environment
319
- else
320
- local_node_environment = Puppet::Node::Environment.create(@environment,
321
- current_environment.modulepath,
322
- current_environment.manifest,
323
- current_environment.config_version)
344
+ # This is to maintain compatibility with anyone using this class
345
+ # aside from agent, apply, device.
346
+ unless Puppet.lookup(:loaders) { nil }
347
+ new_env = Puppet::Node::Environment.remote(@environment)
348
+ Puppet.push_context(
349
+ {
350
+ current_environment: new_env,
351
+ loaders: Puppet::Pops::Loaders.new(new_env, true)
352
+ },
353
+ "Local node environment #{@environment} for configurer transaction"
354
+ )
324
355
  end
325
- Puppet.push_context({
326
- :current_environment => local_node_environment,
327
- :loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
328
- }, "Local node environment for configurer transaction")
329
356
 
330
357
  query_options, facts = get_facts(options) unless query_options
331
358
  query_options[:configured_environment] = configured_environment
@@ -530,6 +557,14 @@ class Puppet::Configurer
530
557
  end
531
558
 
532
559
  def download_plugins(remote_environment_for_plugins)
533
- @handler.download_plugins(remote_environment_for_plugins)
560
+ begin
561
+ @handler.download_plugins(remote_environment_for_plugins)
562
+ rescue Puppet::Error => detail
563
+ if !Puppet[:ignore_plugin_errors] && Puppet[:usecacheonfailure]
564
+ @running_failure = true
565
+ else
566
+ raise detail
567
+ end
568
+ end
534
569
  end
535
570
  end
@@ -11,32 +11,53 @@ class Puppet::Configurer::Downloader
11
11
  files = []
12
12
  begin
13
13
  catalog.apply do |trans|
14
+ unless Puppet[:ignore_plugin_errors]
15
+ # Propagate the first failure associated with the transaction. The any_failed?
16
+ # method returns the first resource status that failed or nil, not a boolean.
17
+ first_failure = trans.any_failed?
18
+ if first_failure
19
+ event = (first_failure.events || []).first
20
+ detail = event ? event.message : 'unknown'
21
+ raise Puppet::Error.new(_("Failed to retrieve %{name}: %{detail}") % { name: name, detail: detail })
22
+ end
23
+ end
24
+
14
25
  trans.changed?.each do |resource|
15
26
  yield resource if block_given?
16
27
  files << resource[:path]
17
28
  end
18
29
  end
19
30
  rescue Puppet::Error => detail
20
- Puppet.log_exception(detail, _("Could not retrieve %{name}: %{detail}") % { name: name, detail: detail })
31
+ if Puppet[:ignore_plugin_errors]
32
+ Puppet.log_exception(detail, _("Could not retrieve %{name}: %{detail}") % { name: name, detail: detail })
33
+ else
34
+ raise detail
35
+ end
21
36
  end
22
37
  files
23
38
  end
24
39
 
25
40
  def initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :ignore)
26
41
  @name, @path, @source, @ignore, @environment, @source_permissions = name, path, source, ignore, environment, source_permissions
27
- end
28
42
 
29
- def catalog
30
- catalog = Puppet::Resource::Catalog.new("PluginSync", @environment)
31
- catalog.host_config = false
32
- catalog.add_resource(file)
33
- catalog
34
43
  end
35
44
 
36
45
  def file
37
- args = default_arguments.merge(:path => path, :source => source)
38
- args[:ignore] = ignore.split if ignore
39
- Puppet::Type.type(:file).new(args)
46
+ unless @file
47
+ args = default_arguments.merge(:path => path, :source => source)
48
+ args[:ignore] = ignore.split if ignore
49
+ @file = Puppet::Type.type(:file).new(args)
50
+ end
51
+ @file
52
+ end
53
+
54
+ def catalog
55
+ unless @catalog
56
+ @catalog = Puppet::Resource::Catalog.new("PluginSync", @environment)
57
+ @catalog.host_config = false
58
+ @catalog.add_resource(file)
59
+ end
60
+ @catalog
40
61
  end
41
62
 
42
63
  private
@@ -29,25 +29,27 @@ class Puppet::Configurer::PluginHandler
29
29
  result += plugin_fact_downloader.evaluate
30
30
  result += plugin_downloader.evaluate
31
31
 
32
- # until file metadata/content are using the rest client, we need to check
33
- # both :server_agent_version and the session to see if the server supports
34
- # the "locales" mount
35
- server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
36
- locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
37
- unless locales
38
- session = Puppet.lookup(:http_session)
39
- locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
40
- end
41
-
42
- if locales
43
- locales_downloader = Puppet::Configurer::Downloader.new(
44
- "locales",
45
- Puppet[:localedest],
46
- Puppet[:localesource],
47
- Puppet[:pluginsignore] + " *.pot config.yaml",
48
- environment
49
- )
50
- result += locales_downloader.evaluate
32
+ unless Puppet[:disable_i18n]
33
+ # until file metadata/content are using the rest client, we need to check
34
+ # both :server_agent_version and the session to see if the server supports
35
+ # the "locales" mount
36
+ server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
37
+ locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
38
+ unless locales
39
+ session = Puppet.lookup(:http_session)
40
+ locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
41
+ end
42
+
43
+ if locales
44
+ locales_downloader = Puppet::Configurer::Downloader.new(
45
+ "locales",
46
+ Puppet[:localedest],
47
+ Puppet[:localesource],
48
+ Puppet[:pluginsignore] + " *.pot config.yaml",
49
+ environment
50
+ )
51
+ result += locales_downloader.evaluate
52
+ end
51
53
  end
52
54
 
53
55
  Puppet::Util::Autoload.reload_changed(Puppet.lookup(:current_environment))
@@ -26,7 +26,7 @@ class Puppet::Confine
26
26
  require "puppet/confine/#{name}"
27
27
  rescue LoadError => detail
28
28
  unless detail.to_s =~ /No such file|cannot load such file/i
29
- warn "Could not load confine test '#{name}': #{detail}"
29
+ Puppet.warning("Could not load confine test '#{name}': #{detail}")
30
30
  end
31
31
  # Could not find file
32
32
  if !Puppet[:always_retry_plugins]
@@ -67,7 +67,7 @@ class Puppet::Confine
67
67
  def valid?
68
68
  values.each do |value|
69
69
  unless pass?(value)
70
- Puppet.debug(label + ": " + message(value))
70
+ Puppet.debug { label + ": " + message(value) }
71
71
  return false
72
72
  end
73
73
  end
@@ -19,7 +19,7 @@ class Puppet::Confine::Any < Puppet::Confine
19
19
  if @values.any? { |value| pass?(value) }
20
20
  true
21
21
  else
22
- Puppet.debug("#{label}: #{message(@values)}")
22
+ Puppet.debug { "#{label}: #{message(@values)}" }
23
23
  false
24
24
  end
25
25
  end
@@ -11,25 +11,60 @@ module Puppet
11
11
  end
12
12
 
13
13
  def self.default_digest_algorithm
14
- Puppet::Util::Platform.fips_enabled? ? 'sha256' : 'md5'
14
+ 'sha256'
15
15
  end
16
16
 
17
17
  def self.valid_digest_algorithms
18
18
  Puppet::Util::Platform.fips_enabled? ?
19
19
  %w[sha256 sha384 sha512 sha224] :
20
- %w[md5 sha256 sha384 sha512 sha224]
20
+ %w[sha256 sha384 sha512 sha224 md5]
21
21
  end
22
22
 
23
23
  def self.default_file_checksum_types
24
24
  Puppet::Util::Platform.fips_enabled? ?
25
25
  %w[sha256 sha384 sha512 sha224] :
26
- %w[md5 sha256 sha384 sha512 sha224]
26
+ %w[sha256 sha384 sha512 sha224 md5]
27
27
  end
28
28
 
29
29
  def self.valid_file_checksum_types
30
30
  Puppet::Util::Platform.fips_enabled? ?
31
31
  %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime] :
32
- %w[md5 md5lite sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime]
32
+ %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite md5 md5lite mtime ctime]
33
+ end
34
+
35
+ def self.log_ca_migration_warning
36
+ urge_to_migrate = <<-UTM
37
+ The cadir is currently configured to be inside the #{Puppet[:ssldir]} directory. This config
38
+ setting and the directory location will not be used in a future version of puppet. Please run the
39
+ puppetserver ca tool to migrate out from the puppet confdir to the /etc/puppetlabs/puppetserver/ca
40
+ directory. Use `puppetserver ca migrate --help` for more info.
41
+ UTM
42
+ Puppet.warn_once('deprecations',
43
+ 'CA migration message',
44
+ urge_to_migrate,
45
+ :default,
46
+ :default)
47
+ end
48
+
49
+ def self.default_cadir
50
+ return "" if Puppet::Util::Platform.windows?
51
+ old_ca_dir = "#{Puppet[:ssldir]}/ca"
52
+ new_ca_dir = "/etc/puppetlabs/puppetserver/ca"
53
+
54
+ if File.exist?(old_ca_dir)
55
+ if File.symlink?(old_ca_dir)
56
+ target = File.readlink(old_ca_dir)
57
+ if target.start_with?(Puppet[:ssldir])
58
+ Puppet.log_ca_migration_warning
59
+ end
60
+ target
61
+ else
62
+ Puppet.log_ca_migration_warning
63
+ old_ca_dir
64
+ end
65
+ else
66
+ new_ca_dir
67
+ end
33
68
  end
34
69
 
35
70
  def self.default_basemodulepath
@@ -70,28 +105,6 @@ module Puppet
70
105
  # @return void
71
106
  def self.initialize_default_settings!(settings)
72
107
  settings.define_settings(:main,
73
- :facterng => {
74
- :default => false,
75
- :type => :boolean,
76
- :desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
77
- the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
78
- This setting is still experimental.',
79
- :hook => proc do |value|
80
- if value
81
- begin
82
- original_facter = Object.const_get(:Facter)
83
- Object.send(:remove_const, :Facter)
84
-
85
- require 'facter-ng'
86
- # It is required to re-setup logger for facter-ng
87
- Puppet::Util::Logging.setup_facter_logging!
88
- rescue LoadError
89
- Object.const_set(:Facter, original_facter)
90
- raise ArgumentError, 'facter-ng could not be loaded'
91
- end
92
- end
93
- end
94
- },
95
108
  :confdir => {
96
109
  :default => nil,
97
110
  :type => :directory,
@@ -218,7 +231,7 @@ module Puppet
218
231
  end
219
232
  },
220
233
  :disable_i18n => {
221
- :default => false,
234
+ :default => true,
222
235
  :type => :boolean,
223
236
  :desc => "If true, turns off all translations of Puppet and module
224
237
  log messages, which affects error, warning, and info log messages,
@@ -263,13 +276,6 @@ module Puppet
263
276
  :type => :boolean,
264
277
  :desc => "Whether to enable experimental performance profiling",
265
278
  },
266
- :future_features => {
267
- :default => false,
268
- :type => :boolean,
269
- :desc => "Whether or not to enable all features currently being developed for future
270
- major releases of Puppet. Should be used with caution, as in development
271
- features are experimental and can have unexpected effects."
272
- },
273
279
  :versioned_environment_dirs => {
274
280
  :default => false,
275
281
  :type => :boolean,
@@ -284,6 +290,11 @@ module Puppet
284
290
  which occurs only on a Puppet Server master when the `code-id-command` and
285
291
  `code-content-command` settings are configured in its `puppetserver.conf` file.",
286
292
  },
293
+ :settings_catalog => {
294
+ :default => true,
295
+ :type => :boolean,
296
+ :desc => "Whether to compile and apply the settings catalog",
297
+ },
287
298
  :strict_environment_mode => {
288
299
  :default => false,
289
300
  :type => :boolean,
@@ -347,8 +358,7 @@ module Puppet
347
358
  :default => "ansi",
348
359
  :type => :string,
349
360
  :desc => "Whether to use colors when logging to the console. Valid values are
350
- `ansi` (equivalent to `true`), `html`, and `false`, which produces no color.
351
- Defaults to false on Windows, as its console does not support ansi colors.",
361
+ `ansi` (equivalent to `true`), `html`, and `false`, which produces no color."
352
362
  },
353
363
  :mkusers => {
354
364
  :default => false,
@@ -375,7 +385,7 @@ module Puppet
375
385
  from the parent process.
376
386
 
377
387
  This setting can only be set in the `[main]` section of puppet.conf; it cannot
378
- be set in `[master]`, `[agent]`, or an environment config section.",
388
+ be set in `[server]`, `[agent]`, or an environment config section.",
379
389
  :call_hook => :on_define_and_write,
380
390
  :hook => proc do |value|
381
391
  Puppet::Util.set_env('PATH', '') if Puppet::Util.get_env('PATH').nil?
@@ -563,7 +573,7 @@ module Puppet
563
573
  config = File.expand_path(File.join(settings[:confdir], 'hiera.yaml')) if config.nil?
564
574
  config
565
575
  end,
566
- :desc => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet master every time you edit it.",
576
+ :desc => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it.",
567
577
  :type => :file,
568
578
  },
569
579
  :binder_config => {
@@ -590,13 +600,22 @@ module Puppet
590
600
  },
591
601
  :trusted_external_command => {
592
602
  :default => nil,
593
- :desc => "The external trusted facts script to use.
603
+ :type => :file_or_directory,
604
+ :desc => "The external trusted facts script or directory to use.
594
605
  This setting's value can be set to the path to an executable command that
595
- can produce external trusted facts. The command must:
606
+ can produce external trusted facts or to a directory containing those
607
+ executable commands. The command(s) must:
596
608
 
597
609
  * Take the name of a node as a command-line argument.
598
610
  * Return a JSON hash with the external trusted facts for this node.
599
- * For unknown or invalid nodes, exit with a non-zero exit code.",
611
+ * For unknown or invalid nodes, exit with a non-zero exit code.
612
+
613
+ If the setting points to an executable command, then the external trusted
614
+ facts will be stored in the 'external' key of the trusted facts hash. Otherwise
615
+ for each executable file in the directory, the external trusted facts will be
616
+ stored in the `<basename>` key of the `trusted['external']` hash. For example,
617
+ if the files foo.rb and bar.sh are in the directory, then `trusted['external']`
618
+ will be the hash `{ 'foo' => <foo.rb output>, 'bar' => <bar.sh output> }`.",
600
619
  },
601
620
  :default_file_terminus => {
602
621
  :type => :terminus,
@@ -624,7 +643,7 @@ module Puppet
624
643
  :http_proxy_password =>{
625
644
  :default => "none",
626
645
  :hook => proc do |value|
627
- if settings[:http_proxy_password] =~ /[@!# \/]/
646
+ if value =~ /[@!# \/]/
628
647
  raise "Passwords set in the http_proxy_password setting must be valid as part of a URL, and any reserved characters must be URL-encoded. We received: #{value}"
629
648
  end
630
649
  end,
@@ -692,39 +711,33 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
692
711
  :environment_timeout => {
693
712
  :default => "0",
694
713
  :type => :ttl,
695
- :desc => "How long the Puppet master should cache data it loads from an
714
+ :desc => "How long the Puppet server should cache data it loads from an
696
715
  environment.
697
716
 
698
717
  A value of `0` will disable caching. This setting can also be set to
699
- `unlimited`, which will cache environments until the master is restarted
700
- or told to refresh the cache.
718
+ `unlimited`, which will cache environments until the server is restarted
719
+ or told to refresh the cache. All other values will result in Puppet
720
+ server evicting environments that haven't been used within the last
721
+ `environment_timeout` seconds.
701
722
 
702
723
  You should change this setting once your Puppet deployment is doing
703
724
  non-trivial work. We chose the default value of `0` because it lets new
704
725
  users update their code without any extra steps, but it lowers the
705
- performance of your Puppet master.
726
+ performance of your Puppet server. We recommend either:
706
727
 
707
- We recommend setting this to `unlimited` and explicitly refreshing your
708
- Puppet master as part of your code deployment process.
728
+ * Setting this to `unlimited` and explicitly refreshing your Puppet server
729
+ as part of your code deployment process.
709
730
 
710
- * With Puppet Server, you should refresh environments by calling the
711
- `environment-cache` API endpoint. See the docs for the Puppet Server
712
- [administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
731
+ * Setting this to a number that will keep your most actively used
732
+ environments cached, but allow testing environments to fall out of the
733
+ cache and reduce memory usage. A value of 3 minutes (3m) is a reasonable
734
+ value.
713
735
 
714
- Any value other than `0` or `unlimited` is deprecated, since most Puppet
715
- servers use a pool of Ruby interpreters which all have their own cache
716
- timers. When these timers drift out of sync, agents can be served
717
- inconsistent catalogs.",
718
- :hook => proc do |val|
719
- unless [0, 'unlimited', Float::INFINITY].include?(val)
720
- Puppet.deprecation_warning(<<-WARNING)
721
- Fine grained control of environment timeouts is deprecated,
722
- please use `0` or `unlimited` to control default caching behavior
723
- and the environment-cache endpoint in Puppet Server's administrative
724
- API to expire the cache as needed
725
- WARNING
726
- end
727
- end
736
+ Once you set `environment_timeout` to a non-zero value, you need to tell
737
+ Puppet server to read new code from disk using the `environment-cache` API
738
+ endpoint after you deploy new code. See the docs for the Puppet Server
739
+ [administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
740
+ "
728
741
  },
729
742
  :environment_data_provider => {
730
743
  :desc => "The name of a registered environment data provider used when obtaining environment
@@ -799,7 +812,7 @@ API to expire the cache as needed
799
812
  `certname` setting as its requested Subject CN.
800
813
 
801
814
  This is the name used when managing a node's permissions in
802
- [auth.conf](https://puppet.com/docs/puppet/latest/config_file_auth.html).
815
+ Puppet Server's [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).
803
816
  In most cases, it is also used as the node's name when matching
804
817
  [node definitions](https://puppet.com/docs/puppet/latest/lang_node_definitions.html)
805
818
  and requesting data from an ENC. (This can be changed with the `node_name_value`
@@ -816,8 +829,13 @@ API to expire the cache as needed
816
829
  * The special value `ca` is reserved, and can't be used as the certname
817
830
  for a normal node.
818
831
 
832
+ **Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
833
+
819
834
  Defaults to the node's fully qualified domain name.",
820
- :hook => proc { |value| raise(ArgumentError, _("Certificate names must be lower case")) unless value == value.downcase }},
835
+ :call_hook => :on_initialize_and_write,
836
+ :hook => proc { |value|
837
+ raise(ArgumentError, _("Certificate names must be lower case")) unless value == value.downcase
838
+ }},
821
839
  :dns_alt_names => {
822
840
  :default => '',
823
841
  :desc => <<EOT,
@@ -944,13 +962,13 @@ EOT
944
962
  Generally unused."
945
963
  },
946
964
  :hostcsr => {
947
- :default => "$ssldir/csr_$certname.pem",
965
+ :default => "$requestdir/$certname.pem",
948
966
  :type => :file,
949
967
  :mode => "0644",
950
968
  :owner => "service",
951
969
  :group => "service",
952
- :deprecated => :completely,
953
- :desc => "This setting is deprecated."
970
+ :desc => "Where individual hosts store their certificate request (CSR)
971
+ while waiting for the CA to issue their certificate."
954
972
  },
955
973
  :hostcert => {
956
974
  :default => "$certdir/$certname.pem",
@@ -992,28 +1010,14 @@ EOT
992
1010
  and reject the CA certificate if the values do not match. This only applies
993
1011
  during the first download of the CA certificate."
994
1012
  },
995
- :ssl_client_ca_auth => {
996
- :type => :file,
997
- :mode => "0644",
998
- :owner => "service",
999
- :group => "service",
1000
- :desc => "Certificate authorities who issue server certificates. SSL servers will not be
1001
- considered authentic unless they possess a certificate issued by an authority
1002
- listed in this file. If this setting has no value then the Puppet master's CA
1003
- certificate (localcacert) will be used.",
1004
- :hook => proc do |val|
1005
- Puppet.deprecation_warning(_("Setting 'ssl_client_ca_auth' is deprecated."))
1006
- end
1007
- },
1008
- :ssl_server_ca_auth => {
1009
- :type => :file,
1010
- :mode => "0644",
1011
- :owner => "service",
1012
- :group => "service",
1013
- :deprecated => :completely,
1014
- :desc => "The setting is deprecated and has no effect. Ensure all root and
1015
- intermediate certificate authorities used to issue client certificates are
1016
- contained in the server's `cacert` file on the server."
1013
+ :ssl_trust_store => {
1014
+ :default => nil,
1015
+ :type => :file,
1016
+ :desc => "A file containing CA certificates in PEM format that puppet should trust
1017
+ when making HTTPS requests. This **only** applies to https requests to non-puppet
1018
+ infrastructure, such as retrieving file metadata and content from https file sources,
1019
+ puppet module tool and the 'http' report processor. This setting is ignored when
1020
+ making requests to puppet:// URLs such as catalog and report requests.",
1017
1021
  },
1018
1022
  :hostcrl => {
1019
1023
  :default => "$ssldir/crl.pem",
@@ -1105,9 +1109,16 @@ EOT
1105
1109
  :desc => "The name to use the Certificate Authority certificate.",
1106
1110
  },
1107
1111
  :cadir => {
1108
- :default => "$ssldir/ca",
1112
+ :default => lambda { default_cadir },
1109
1113
  :type => :directory,
1110
1114
  :desc => "The root directory for the certificate authority.",
1115
+ :call_hook => :on_initialize_and_write,
1116
+ :hook => proc do |value|
1117
+ if value.start_with?(Puppet[:ssldir])
1118
+ Puppet.log_ca_migration_warning
1119
+ end
1120
+ value
1121
+ end
1111
1122
  },
1112
1123
  :cacert => {
1113
1124
  :default => "$cadir/ca_crt.pem",
@@ -1284,7 +1295,7 @@ EOT
1284
1295
  }
1285
1296
  )
1286
1297
 
1287
- settings.define_settings(:master,
1298
+ settings.define_settings(:server,
1288
1299
  :user => {
1289
1300
  :default => "puppet",
1290
1301
  :desc => "The user Puppet Server will run as. Used to ensure
@@ -1334,30 +1345,25 @@ EOT
1334
1345
  by `puppet`, and should only be set if you're writing your own Puppet
1335
1346
  executable.",
1336
1347
  },
1337
- :masterport => {
1348
+ :serverport => {
1338
1349
  :default => 8140,
1350
+ :type => :port,
1339
1351
  :desc => "The default port puppet subcommands use to communicate
1340
1352
  with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1341
1353
  overridden by more specific settings (see `ca_port`, `report_port`).",
1354
+ :hook => proc do |value|
1355
+ Puppet[:masterport] = value unless Puppet.settings.set_by_config?(:masterport)
1356
+ end
1342
1357
  },
1343
- :node_name => {
1344
- :default => 'cert',
1345
- :type => :enum,
1346
- :values => ['cert', 'facter'],
1347
- :deprecated => :completely,
1348
- :hook => proc { |val|
1349
- if val != 'cert'
1350
- Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
1351
- end
1352
- },
1353
- :desc => "How the puppet master determines the client's identity
1354
- and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
1355
- in particular for determining which 'node' statement applies to the client.
1356
- Possible values are 'cert' (use the subject's CN in the client's
1357
- certificate) and 'facter' (use the hostname that the client
1358
- reported in its facts).
1359
-
1360
- This setting is deprecated, please use explicit fact matching for classification.",
1358
+ :masterport => {
1359
+ :default => "$serverport",
1360
+ :type => :port,
1361
+ :desc => "The default port puppet subcommands use to communicate
1362
+ with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1363
+ overridden by more specific settings (see `ca_port`, `report_port`).",
1364
+ :hook => proc do |value|
1365
+ Puppet[:serverport] = value unless Puppet.settings.set_by_config?(:serverport)
1366
+ end
1361
1367
  },
1362
1368
  :bucketdir => {
1363
1369
  :default => "$vardir/bucket",
@@ -1367,15 +1373,6 @@ EOT
1367
1373
  :group => "service",
1368
1374
  :desc => "Where FileBucket files are stored."
1369
1375
  },
1370
- :rest_authconfig => {
1371
- :default => "$confdir/auth.conf",
1372
- :type => :file,
1373
- :deprecated => :completely,
1374
- :desc => "The configuration file that defines the rights to the different
1375
- rest indirections. This can be used as a fine-grained authorization system for
1376
- `puppet master`. The `puppet master` command is deprecated and Puppet Server
1377
- uses its own auth.conf that must be placed within its configuration directory.",
1378
- },
1379
1376
  :trusted_oid_mapping_file => {
1380
1377
  :default => "$confdir/custom_trusted_oid_mapping.yaml",
1381
1378
  :type => :file,
@@ -1478,23 +1475,7 @@ EOT
1478
1475
  :default => "$confdir/fileserver.conf",
1479
1476
  :type => :file,
1480
1477
  :desc => "Where the fileserver configuration is stored.",
1481
- },
1482
- :strict_hostname_checking => {
1483
- :default => true,
1484
- :type => :boolean,
1485
- :desc => "Whether to only search for the complete
1486
- hostname as it is in the certificate when searching for node information
1487
- in the catalogs or to match dot delimited segments of the cert's certname
1488
- and the hostname, fqdn, and/or domain facts.
1489
-
1490
- This setting is deprecated and will be removed in a future release.",
1491
- :hook => proc { |val|
1492
- if val != true
1493
- Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
1494
- end
1495
- }
1496
- }
1497
- )
1478
+ })
1498
1479
 
1499
1480
  settings.define_settings(:device,
1500
1481
  :devicedir => {
@@ -1516,17 +1497,15 @@ EOT
1516
1497
  :default => "$certname",
1517
1498
  :desc => "The explicit value used for the node name for all requests the agent
1518
1499
  makes to the master. WARNING: This setting is mutually exclusive with
1519
- node_name_fact. Changing this setting also requires changes to the default
1520
- auth.conf configuration on the Puppet Master. Please see
1521
- http://links.puppet.com/node_name_value for more information."
1500
+ node_name_fact. Changing this setting also requires changes to
1501
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
1522
1502
  },
1523
1503
  :node_name_fact => {
1524
1504
  :default => "",
1525
1505
  :desc => "The fact name used to determine the node name used for all requests the agent
1526
1506
  makes to the master. WARNING: This setting is mutually exclusive with
1527
- node_name_value. Changing this setting also requires changes to the default
1528
- auth.conf configuration on the Puppet Master. Please see
1529
- http://links.puppet.com/node_name_fact for more information.",
1507
+ node_name_value. Changing this setting also requires changes to
1508
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
1530
1509
  :hook => proc do |value|
1531
1510
  if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
1532
1511
  raise "Cannot specify both the node_name_value and node_name_fact settings"
@@ -1536,7 +1515,7 @@ EOT
1536
1515
  :statefile => {
1537
1516
  :default => "$statedir/state.yaml",
1538
1517
  :type => :file,
1539
- :mode => "0660",
1518
+ :mode => "0640",
1540
1519
  :desc => "Where puppet agent and puppet master store state associated
1541
1520
  with the running configuration. In the case of puppet master,
1542
1521
  this file reflects the state discovered through interacting
@@ -1558,7 +1537,7 @@ EOT
1558
1537
  :transactionstorefile => {
1559
1538
  :default => "$statedir/transactionstore.yaml",
1560
1539
  :type => :file,
1561
- :mode => "0660",
1540
+ :mode => "0640",
1562
1541
  :desc => "Transactional storage file for persisting data between
1563
1542
  transactions for the purposes of infering information (such as
1564
1543
  corrective_change) on new data received."
@@ -1624,8 +1603,8 @@ EOT
1624
1603
  :server_list => {
1625
1604
  :default => [],
1626
1605
  :type => :server_list,
1627
- :desc => "The list of puppet master servers to which the puppet agent should connect,
1628
- in the order that they will be tried.",
1606
+ :desc => "The list of Puppet master servers to which the Puppet agent should connect,
1607
+ in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
1629
1608
  },
1630
1609
  :use_srv_records => {
1631
1610
  :default => false,
@@ -1684,8 +1663,7 @@ EOT
1684
1663
  :type => :duration,
1685
1664
  :desc => "How often puppet agent applies the catalog.
1686
1665
  Note that a runinterval of 0 means \"run continuously\" rather than
1687
- \"never run.\" If you want puppet agent to never run, you should start
1688
- it with the `--no-client` option. #{AS_DURATION}",
1666
+ \"never run.\" #{AS_DURATION}",
1689
1667
  },
1690
1668
  :runtimeout => {
1691
1669
  :default => "1h",
@@ -1701,7 +1679,8 @@ EOT
1701
1679
  and does not need to horizontally scale.",
1702
1680
  },
1703
1681
  :ca_port => {
1704
- :default => "$masterport",
1682
+ :default => "$serverport",
1683
+ :type => :port,
1705
1684
  :desc => "The port to use for the certificate authority.",
1706
1685
  },
1707
1686
  :preferred_serialization_format => {
@@ -1790,7 +1769,8 @@ EOT
1790
1769
  :desc => "The server to send transaction reports to.",
1791
1770
  },
1792
1771
  :report_port => {
1793
- :default => "$masterport",
1772
+ :default => "$serverport",
1773
+ :type => :port,
1794
1774
  :desc => "The port to communicate with the report_server.",
1795
1775
  },
1796
1776
  :report => {
@@ -1820,17 +1800,27 @@ EOT
1820
1800
  for the node stored in puppetdb are current. However, this will double the fact
1821
1801
  submission load on puppetdb, so it is disabled by default.",
1822
1802
  },
1803
+ :publicdir => {
1804
+ :default => nil,
1805
+ :type => :directory,
1806
+ :mode => "0755",
1807
+ :desc => "Where Puppet stores public files."
1808
+ },
1823
1809
  :lastrunfile => {
1824
- :default => "$statedir/last_run_summary.yaml",
1810
+ :default => "$publicdir/last_run_summary.yaml",
1825
1811
  :type => :file,
1826
- :mode => "0644",
1812
+ :mode => "0640",
1827
1813
  :desc => "Where puppet agent stores the last run report summary in yaml format."
1828
1814
  },
1829
1815
  :lastrunreport => {
1830
1816
  :default => "$statedir/last_run_report.yaml",
1831
1817
  :type => :file,
1832
1818
  :mode => "0640",
1833
- :desc => "Where puppet agent stores the last run report in yaml format."
1819
+ :desc => "Where Puppet Agent stores the last run report, by default, in yaml format.
1820
+ The format of the report can be changed by setting the `cache` key of the `report` terminus
1821
+ in the [routes.yaml](https://puppet.com/docs/puppet/latest/config_file_routes.html) file.
1822
+ To avoid mismatches between content and file extension, this setting needs to be
1823
+ manually updated to reflect the terminus changes."
1834
1824
  },
1835
1825
  :graph => {
1836
1826
  :default => false,
@@ -1890,7 +1880,7 @@ EOT
1890
1880
  already ongoing puppet agent instance.
1891
1881
 
1892
1882
  This argument is by default disabled (value set to 0). In this case puppet agent will
1893
- immediatly exit if it cannot run at that moment. When a value other than 0 is set, this
1883
+ immediately exit if it cannot run at that moment. When a value other than 0 is set, this
1894
1884
  can also be used in combination with the `maxwaitforlock` argument.
1895
1885
  #{AS_DURATION}",
1896
1886
  },
@@ -1899,7 +1889,7 @@ EOT
1899
1889
  :type => :ttl,
1900
1890
  :desc => "The maximum amount of time the puppet agent should wait for an
1901
1891
  already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
1902
- A value of `unlimited` will cause puppet agent to wait indefinitely.
1892
+ A value of `unlimited` will cause puppet agent to wait indefinitely.
1903
1893
  #{AS_DURATION}",
1904
1894
  }
1905
1895
  )
@@ -1941,9 +1931,26 @@ EOT
1941
1931
  is used for retrieval, so anything that is a valid file source can
1942
1932
  be used here.",
1943
1933
  },
1934
+ :pluginsync => {
1935
+ :default => true,
1936
+ :type => :boolean,
1937
+ :desc => "Whether plugins should be synced with the central server. This setting is
1938
+ deprecated.",
1939
+ :hook => proc { |value|
1940
+ #TRANSLATORS 'pluginsync' is a setting and should not be translated
1941
+ Puppet.deprecation_warning(_("Setting 'pluginsync' is deprecated."))
1942
+ }
1943
+ },
1944
1944
  :pluginsignore => {
1945
1945
  :default => ".svn CVS .git .hg",
1946
1946
  :desc => "What files to ignore when pulling down plugins.",
1947
+ },
1948
+ :ignore_plugin_errors => {
1949
+ :default => false,
1950
+ :type => :boolean,
1951
+ :desc => "Whether the puppet run should ignore errors during pluginsync. If the setting
1952
+ is false and there are errors during pluginsync, then the agent will abort the run and
1953
+ submit a report containing information about the failed run."
1947
1954
  }
1948
1955
  )
1949
1956
 
@@ -2088,7 +2095,7 @@ EOT
2088
2095
  }
2089
2096
  )
2090
2097
 
2091
- settings.define_settings(:master,
2098
+ settings.define_settings(:server,
2092
2099
  :storeconfigs => {
2093
2100
  :default => false,
2094
2101
  :type => :boolean,
@@ -2154,16 +2161,6 @@ EOT
2154
2161
  referencing variables that are explicitly set to undef).
2155
2162
  EOT
2156
2163
  },
2157
- :func3x_check => {
2158
- :default => true,
2159
- :type => :boolean,
2160
- :desc => <<-'EOT'
2161
- Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that
2162
- could cause harm or that simply does not work. This flag is on by default. This flag is made available
2163
- so that the validation can be turned off in case the method of validation is faulty - if encountered, please
2164
- file a bug report.
2165
- EOT
2166
- },
2167
2164
  :tasks => {
2168
2165
  :default => false,
2169
2166
  :type => :boolean,