puppet 6.16.0-x64-mingw32 → 7.0.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +5 -3
- data/Gemfile.lock +31 -33
- data/README.md +4 -5
- data/Rakefile +4 -12
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/project_data.yaml +1 -14
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +11 -20
- data/lib/puppet/agent.rb +2 -2
- data/lib/puppet/agent/locker.rb +0 -7
- data/lib/puppet/application.rb +172 -98
- data/lib/puppet/application/agent.rb +22 -6
- data/lib/puppet/application/apply.rb +18 -20
- data/lib/puppet/application/device.rb +100 -104
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +15 -11
- data/lib/puppet/application/lookup.rb +16 -4
- data/lib/puppet/application/ssl.rb +1 -1
- data/lib/puppet/configurer.rb +66 -31
- data/lib/puppet/configurer/downloader.rb +31 -10
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/confine.rb +2 -2
- data/lib/puppet/confine/any.rb +1 -1
- data/lib/puppet/defaults.rb +166 -169
- data/lib/puppet/environments.rb +41 -15
- data/lib/puppet/face/catalog.rb +1 -1
- data/lib/puppet/face/config.rb +56 -16
- data/lib/puppet/face/epp.rb +12 -2
- data/lib/puppet/face/facts.rb +66 -6
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/node.rb +3 -3
- data/lib/puppet/face/node/clean.rb +2 -2
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/feature/base.rb +1 -1
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_bucket/dipper.rb +1 -1
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/http_metadata.rb +13 -1
- data/lib/puppet/file_serving/metadata.rb +4 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_serving/mount/locales.rb +1 -2
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
- data/lib/puppet/file_serving/mount/plugins.rb +1 -2
- data/lib/puppet/file_serving/terminus_selector.rb +7 -8
- data/lib/puppet/file_system/file_impl.rb +4 -4
- data/lib/puppet/file_system/uniquefile.rb +8 -16
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/repository.rb +3 -8
- data/lib/puppet/functions/epp.rb +1 -0
- data/lib/puppet/functions/inline_epp.rb +1 -0
- data/lib/puppet/functions/lstrip.rb +4 -4
- data/lib/puppet/functions/new.rb +8 -3
- data/lib/puppet/functions/reverse_each.rb +1 -1
- data/lib/puppet/functions/rstrip.rb +4 -4
- data/lib/puppet/functions/step.rb +1 -1
- data/lib/puppet/functions/strip.rb +4 -4
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/gettext/config.rb +5 -5
- data/lib/puppet/gettext/module_translations.rb +4 -4
- data/lib/puppet/http.rb +23 -13
- data/lib/puppet/http/client.rb +170 -115
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -11
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +13 -19
- data/lib/puppet/http/resolver.rb +10 -23
- data/lib/puppet/http/resolver/server_list.rb +23 -45
- data/lib/puppet/http/resolver/settings.rb +7 -10
- data/lib/puppet/http/resolver/srv.rb +11 -15
- data/lib/puppet/http/response.rb +49 -48
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +15 -27
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +23 -70
- data/lib/puppet/http/service/file_server.rb +19 -28
- data/lib/puppet/http/service/puppetserver.rb +53 -0
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +16 -24
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector.rb +1 -1
- data/lib/puppet/indirector/catalog/compiler.rb +1 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/exec.rb +1 -1
- data/lib/puppet/indirector/fact_search.rb +60 -0
- data/lib/puppet/indirector/facts/facter.rb +27 -6
- data/lib/puppet/indirector/facts/json.rb +27 -0
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/facts/yaml.rb +4 -59
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +3 -7
- data/lib/puppet/indirector/file_metadata/http.rb +25 -5
- data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/hiera.rb +4 -0
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/json.rb +5 -1
- data/lib/puppet/indirector/msgpack.rb +1 -1
- data/lib/puppet/indirector/node/json.rb +8 -0
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/json.rb +34 -0
- data/lib/puppet/indirector/report/processor.rb +2 -2
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +2 -103
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/indirector/yaml.rb +1 -1
- data/lib/puppet/module.rb +1 -2
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/format_support.rb +2 -2
- data/lib/puppet/network/formats.rb +2 -1
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http/route.rb +2 -2
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/node/environment.rb +12 -5
- data/lib/puppet/node/facts.rb +17 -0
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +93 -14
- data/lib/puppet/parameter.rb +1 -1
- data/lib/puppet/parser/ast/leaf.rb +5 -5
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
- data/lib/puppet/parser/compiler.rb +1 -199
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions.rb +21 -17
- data/lib/puppet/parser/functions/create_resources.rb +11 -7
- data/lib/puppet/parser/resource.rb +3 -71
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/parser/type_loader.rb +2 -2
- data/lib/puppet/pops/adaptable.rb +7 -13
- data/lib/puppet/pops/adapters.rb +8 -4
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
- data/lib/puppet/pops/loaders.rb +18 -11
- data/lib/puppet/pops/lookup/context.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
- data/lib/puppet/pops/types/iterable.rb +34 -8
- data/lib/puppet/pops/types/p_meta_type.rb +1 -1
- data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +28 -42
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/file/windows.rb +1 -1
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +34 -0
- data/lib/puppet/provider/package/aptitude.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -11
- data/lib/puppet/provider/package/gem.rb +27 -5
- data/lib/puppet/provider/package/pip.rb +0 -1
- data/lib/puppet/provider/package/pip2.rb +17 -0
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +6 -4
- data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
- data/lib/puppet/provider/package/yum.rb +2 -1
- data/lib/puppet/provider/package/zypper.rb +3 -0
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/windows.rb +23 -7
- data/lib/puppet/provider/user/aix.rb +1 -1
- data/lib/puppet/provider/user/directoryservice.rb +0 -10
- data/lib/puppet/provider/user/user_role_add.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +11 -4
- data/lib/puppet/provider/user/windows_adsi.rb +18 -1
- data/lib/puppet/reference/configuration.rb +2 -0
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reports/http.rb +2 -0
- data/lib/puppet/resource.rb +3 -90
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +5 -112
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +84 -35
- data/lib/puppet/settings/base_setting.rb +26 -2
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_context.rb +2 -2
- data/lib/puppet/ssl/ssl_provider.rb +37 -1
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +19 -16
- data/lib/puppet/transaction.rb +3 -9
- data/lib/puppet/transaction/persistence.rb +1 -1
- data/lib/puppet/transaction/report.rb +10 -8
- data/lib/puppet/trusted_external.rb +29 -1
- data/lib/puppet/type.rb +9 -77
- data/lib/puppet/type/file.rb +45 -22
- data/lib/puppet/type/file/checksum.rb +5 -5
- data/lib/puppet/type/file/source.rb +33 -13
- data/lib/puppet/type/filebucket.rb +4 -4
- data/lib/puppet/type/notify.rb +2 -2
- data/lib/puppet/type/package.rb +5 -13
- data/lib/puppet/type/service.rb +53 -0
- data/lib/puppet/type/user.rb +18 -3
- data/lib/puppet/util.rb +41 -3
- data/lib/puppet/util/autoload.rb +9 -7
- data/lib/puppet/util/character_encoding.rb +9 -5
- data/lib/puppet/util/checksums.rb +19 -4
- data/lib/puppet/util/execution.rb +2 -13
- data/lib/puppet/util/fileparsing.rb +2 -2
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -46
- data/lib/puppet/util/provider_features.rb +1 -1
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/rubygems.rb +5 -1
- data/lib/puppet/util/run_mode.rb +14 -2
- data/lib/puppet/util/windows.rb +3 -7
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +5 -15
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/registry.rb +11 -11
- data/lib/puppet/util/windows/security.rb +4 -4
- data/lib/puppet/util/windows/service.rb +52 -486
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/windows/user.rb +242 -8
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +713 -1380
- data/man/man5/puppet.conf.5 +84 -98
- data/man/man8/puppet-agent.8 +7 -4
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +6 -6
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +55 -9
- data/man/man8/puppet-filebucket.8 +6 -6
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +2 -2
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +7 -4
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +4 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
- data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
- data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
- data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/integration/application/agent_spec.rb +157 -59
- data/spec/integration/application/apply_spec.rb +150 -150
- data/spec/integration/application/doc_spec.rb +16 -6
- data/spec/integration/application/filebucket_spec.rb +78 -29
- data/spec/integration/application/help_spec.rb +44 -0
- data/spec/integration/application/lookup_spec.rb +13 -0
- data/spec/integration/application/module_spec.rb +68 -0
- data/spec/integration/application/plugin_spec.rb +76 -4
- data/spec/integration/configurer_spec.rb +14 -0
- data/spec/integration/data_binding_spec.rb +82 -0
- data/spec/integration/defaults_spec.rb +33 -5
- data/spec/integration/directory_environments_spec.rb +17 -17
- data/spec/integration/environments/setting_hooks_spec.rb +1 -1
- data/spec/integration/indirector/facts/facter_spec.rb +8 -6
- data/spec/integration/network/http_pool_spec.rb +29 -30
- data/spec/integration/node/environment_spec.rb +1 -1
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/type/file_spec.rb +6 -5
- data/spec/integration/util/execution_spec.rb +22 -0
- data/spec/integration/util/windows/adsi_spec.rb +2 -2
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/process_spec.rb +26 -32
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/integration/util/windows/user_spec.rb +47 -5
- data/spec/integration/util_spec.rb +7 -33
- data/spec/lib/puppet_spec/matchers.rb +0 -80
- data/spec/lib/puppet_spec/puppetserver.rb +9 -1
- data/spec/lib/puppet_spec/settings.rb +7 -1
- data/spec/shared_contexts/types_setup.rb +2 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/unit/agent_spec.rb +0 -2
- data/spec/unit/application/agent_spec.rb +3 -4
- data/spec/unit/application/config_spec.rb +224 -4
- data/spec/unit/application/doc_spec.rb +2 -2
- data/spec/unit/application/face_base_spec.rb +6 -4
- data/spec/unit/application/facts_spec.rb +74 -8
- data/spec/unit/application/filebucket_spec.rb +41 -39
- data/spec/unit/application/resource_spec.rb +3 -1
- data/spec/unit/application/ssl_spec.rb +17 -4
- data/spec/unit/application_spec.rb +9 -4
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +14 -0
- data/spec/unit/configurer/fact_handler_spec.rb +4 -4
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +96 -44
- data/spec/unit/confine_spec.rb +2 -1
- data/spec/unit/context/trusted_information_spec.rb +12 -10
- data/spec/unit/defaults_spec.rb +77 -28
- data/spec/unit/environments_spec.rb +96 -32
- data/spec/unit/face/config_spec.rb +65 -12
- data/spec/unit/face/facts_spec.rb +4 -0
- data/spec/unit/face/node_spec.rb +2 -2
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
- data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
- data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
- data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
- data/spec/unit/file_system/uniquefile_spec.rb +18 -0
- data/spec/unit/file_system_spec.rb +1 -2
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/inline_epp_spec.rb +26 -1
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/http/client_spec.rb +71 -17
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +34 -15
- data/spec/unit/http/response_spec.rb +6 -0
- data/spec/unit/http/service/ca_spec.rb +2 -3
- data/spec/unit/http/service/compiler_spec.rb +51 -65
- data/spec/unit/http/service/file_server_spec.rb +5 -6
- data/spec/unit/http/service/puppetserver_spec.rb +112 -0
- data/spec/unit/http/service/report_spec.rb +2 -3
- data/spec/unit/http/service_spec.rb +1 -3
- data/spec/unit/http/session_spec.rb +24 -35
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/json_spec.rb +1 -1
- data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
- data/spec/unit/indirector/facts/facter_spec.rb +97 -0
- data/spec/unit/indirector/facts/json_spec.rb +255 -0
- data/spec/unit/indirector/facts/rest_spec.rb +1 -1
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/json_spec.rb +8 -8
- data/spec/unit/indirector/msgpack_spec.rb +8 -8
- data/spec/unit/indirector/node/json_spec.rb +33 -0
- data/spec/unit/indirector/node/rest_spec.rb +1 -1
- data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/report/yaml_spec.rb +72 -8
- data/spec/unit/indirector/request_spec.rb +3 -267
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector/yaml_spec.rb +7 -7
- data/spec/unit/interface_spec.rb +3 -3
- data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
- data/spec/unit/network/authconfig_spec.rb +2 -132
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/format_support_spec.rb +3 -2
- data/spec/unit/network/formats_spec.rb +4 -4
- data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
- data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +61 -73
- data/spec/unit/network/http/handler_spec.rb +0 -6
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +51 -22
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/scope_spec.rb +1 -1
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
- data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
- data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/provider/exec_spec.rb +4 -3
- data/spec/unit/provider/nameservice_spec.rb +0 -57
- data/spec/unit/provider/package/apt_spec.rb +77 -0
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/dpkg_spec.rb +22 -55
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/openbsd_spec.rb +2 -0
- data/spec/unit/provider/package/pip2_spec.rb +36 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
- data/spec/unit/provider/package/yum_spec.rb +31 -0
- data/spec/unit/provider/package/zypper_spec.rb +14 -0
- data/spec/unit/provider/service/base_spec.rb +2 -4
- data/spec/unit/provider/service/bsd_spec.rb +5 -1
- data/spec/unit/provider/service/daemontools_spec.rb +1 -1
- data/spec/unit/provider/service/debian_spec.rb +3 -5
- data/spec/unit/provider/service/freebsd_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_spec.rb +4 -5
- data/spec/unit/provider/service/init_spec.rb +45 -5
- data/spec/unit/provider/service/launchd_spec.rb +5 -6
- data/spec/unit/provider/service/openrc_spec.rb +4 -5
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/redhat_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +2 -1
- data/spec/unit/provider/service/smf_spec.rb +402 -166
- data/spec/unit/provider/service/src_spec.rb +3 -5
- data/spec/unit/provider/service/systemd_spec.rb +3 -6
- data/spec/unit/provider/service/upstart_spec.rb +4 -5
- data/spec/unit/provider/service/windows_spec.rb +50 -15
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/useradd_spec.rb +22 -16
- data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
- data/spec/unit/provider_spec.rb +0 -12
- data/spec/unit/puppet_pal_2pec.rb +40 -0
- data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
- data/spec/unit/reports/store_spec.rb +17 -13
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource_spec.rb +3 -59
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +586 -239
- data/spec/unit/ssl/base_spec.rb +36 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
- data/spec/unit/ssl/state_machine_spec.rb +0 -1
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction/persistence_spec.rb +15 -0
- data/spec/unit/transaction/report_spec.rb +3 -3
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +45 -79
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +1 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +134 -102
- data/spec/unit/type/filebucket_spec.rb +1 -1
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/service_spec.rb +209 -0
- data/spec/unit/type/user_spec.rb +31 -2
- data/spec/unit/type_spec.rb +70 -0
- data/spec/unit/util/backups_spec.rb +0 -2
- data/spec/unit/util/character_encoding_spec.rb +4 -4
- data/spec/unit/util/checksums_spec.rb +16 -0
- data/spec/unit/util/command_line_spec.rb +11 -6
- data/spec/unit/util/execution_spec.rb +0 -29
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/rubygems_spec.rb +2 -2
- data/spec/unit/util/run_mode_spec.rb +27 -127
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +4 -4
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +3 -21
- data/spec/unit/x509/cert_provider_spec.rb +1 -1
- metadata +76 -270
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -182
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
- data/lib/puppet/parser/environment_compiler.rb +0 -199
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -282
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/integration/faces/config_spec.rb +0 -91
- data/spec/integration/faces/documentation_spec.rb +0 -57
- data/spec/integration/file_bucket/file_spec.rb +0 -50
- data/spec/integration/file_serving/content_spec.rb +0 -7
- data/spec/integration/file_serving/fileset_spec.rb +0 -12
- data/spec/integration/file_serving/metadata_spec.rb +0 -8
- data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
- data/spec/integration/file_system/uniquefile_spec.rb +0 -26
- data/spec/integration/module_tool/forge_spec.rb +0 -51
- data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/provider/service/init_spec.rb +0 -48
- data/spec/integration/provider/service/systemd_spec.rb +0 -25
- data/spec/integration/provider/service/windows_spec.rb +0 -50
- data/spec/integration/reference/providers_spec.rb +0 -21
- data/spec/integration/reports_spec.rb +0 -13
- data/spec/integration/ssl/certificate_request_spec.rb +0 -44
- data/spec/integration/ssl/host_spec.rb +0 -72
- data/spec/integration/ssl/key_spec.rb +0 -99
- data/spec/integration/test/test_helper_spec.rb +0 -31
- data/spec/shared_behaviours/file_serving_model.rb +0 -51
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/catalog_spec.rb +0 -6
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/man_spec.rb +0 -25
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/module_spec.rb +0 -3
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -79
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/man_spec.rb +0 -31
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -723
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -143
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -650
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
@@ -248,7 +248,7 @@ END
|
|
248
248
|
paths = {
|
249
249
|
'private key' => Puppet[:hostprivkey],
|
250
250
|
'public key' => Puppet[:hostpubkey],
|
251
|
-
'certificate request' =>
|
251
|
+
'certificate request' => Puppet[:hostcsr],
|
252
252
|
'certificate' => Puppet[:hostcert],
|
253
253
|
'private key password file' => Puppet[:passfile]
|
254
254
|
}
|
data/lib/puppet/configurer.rb
CHANGED
@@ -53,6 +53,7 @@ class Puppet::Configurer
|
|
53
53
|
def initialize(transaction_uuid = nil, job_id = nil)
|
54
54
|
@running = false
|
55
55
|
@splayed = false
|
56
|
+
@running_failure = false
|
56
57
|
@cached_catalog_status = 'not_used'
|
57
58
|
@environment = Puppet[:environment]
|
58
59
|
@transaction_uuid = transaction_uuid || SecureRandom.uuid
|
@@ -65,9 +66,16 @@ class Puppet::Configurer
|
|
65
66
|
# Get the remote catalog, yo. Returns nil if no catalog can be found.
|
66
67
|
def retrieve_catalog(facts, query_options)
|
67
68
|
query_options ||= {}
|
68
|
-
|
69
|
+
if Puppet[:use_cached_catalog] || @running_failure
|
70
|
+
result = retrieve_catalog_from_cache(query_options)
|
71
|
+
end
|
72
|
+
|
69
73
|
if result
|
70
|
-
|
74
|
+
if Puppet[:use_cached_catalog]
|
75
|
+
@cached_catalog_status = 'explicitly_requested'
|
76
|
+
elsif @running_failure
|
77
|
+
@cached_catalog_status = 'on_failure'
|
78
|
+
end
|
71
79
|
|
72
80
|
Puppet.info _("Using cached catalog from environment '%{environment}'") % { environment: result.environment }
|
73
81
|
else
|
@@ -194,7 +202,6 @@ class Puppet::Configurer
|
|
194
202
|
# This just passes any options on to the catalog,
|
195
203
|
# which accepts :tags and :ignoreschedules.
|
196
204
|
def run(options = {})
|
197
|
-
pool = Puppet.runtime[:http].pool
|
198
205
|
# We create the report pre-populated with default settings for
|
199
206
|
# environment and transaction_uuid very early, this is to ensure
|
200
207
|
# they are sent regardless of any catalog compilation failures or
|
@@ -207,28 +214,40 @@ class Puppet::Configurer
|
|
207
214
|
|
208
215
|
completed = nil
|
209
216
|
begin
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
217
|
+
# Skip failover logic if the server_list setting is empty
|
218
|
+
do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
|
219
|
+
|
220
|
+
# When we are passed a catalog, that means we're in apply
|
221
|
+
# mode. We shouldn't try to do any failover in that case.
|
222
|
+
if options[:catalog].nil? && do_failover
|
223
|
+
server, port = find_functional_server
|
224
|
+
if server.nil?
|
225
|
+
detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
|
226
|
+
if Puppet[:usecacheonfailure]
|
227
|
+
options[:pluginsync] = false
|
228
|
+
@running_failure = true
|
229
|
+
|
230
|
+
server = Puppet[:server_list].first[0]
|
231
|
+
port = Puppet[:server_list].first[1] || Puppet[:serverport]
|
232
|
+
|
233
|
+
Puppet.err(detail)
|
220
234
|
else
|
221
|
-
|
222
|
-
end
|
223
|
-
Puppet.override(server: server, serverport: port) do
|
224
|
-
completed = run_internal(options)
|
235
|
+
raise Puppet::Error, detail
|
225
236
|
end
|
226
237
|
else
|
238
|
+
#TRANSLATORS 'server_list' is the name of a setting and should not be translated
|
239
|
+
Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
|
240
|
+
report.server_used = "#{server}:#{port}"
|
241
|
+
end
|
242
|
+
Puppet.override(server: server, serverport: port) do
|
227
243
|
completed = run_internal(options)
|
228
244
|
end
|
245
|
+
else
|
246
|
+
completed = run_internal(options)
|
229
247
|
end
|
230
248
|
ensure
|
231
|
-
|
249
|
+
# we may sleep for awhile, close connections now
|
250
|
+
Puppet.runtime[:http].close
|
232
251
|
end
|
233
252
|
|
234
253
|
completed ? report.exit_status : nil
|
@@ -303,6 +322,15 @@ class Puppet::Configurer
|
|
303
322
|
report.environment = @environment
|
304
323
|
query_options = nil
|
305
324
|
facts = nil
|
325
|
+
|
326
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
327
|
+
Puppet.push_context(
|
328
|
+
{
|
329
|
+
current_environment: new_env,
|
330
|
+
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
331
|
+
},
|
332
|
+
"Local node environment #{@environment} for configurer transaction"
|
333
|
+
)
|
306
334
|
else
|
307
335
|
Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
|
308
336
|
end
|
@@ -313,19 +341,18 @@ class Puppet::Configurer
|
|
313
341
|
end
|
314
342
|
end
|
315
343
|
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
344
|
+
# This is to maintain compatibility with anyone using this class
|
345
|
+
# aside from agent, apply, device.
|
346
|
+
unless Puppet.lookup(:loaders) { nil }
|
347
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
348
|
+
Puppet.push_context(
|
349
|
+
{
|
350
|
+
current_environment: new_env,
|
351
|
+
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
352
|
+
},
|
353
|
+
"Local node environment #{@environment} for configurer transaction"
|
354
|
+
)
|
324
355
|
end
|
325
|
-
Puppet.push_context({
|
326
|
-
:current_environment => local_node_environment,
|
327
|
-
:loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
|
328
|
-
}, "Local node environment for configurer transaction")
|
329
356
|
|
330
357
|
query_options, facts = get_facts(options) unless query_options
|
331
358
|
query_options[:configured_environment] = configured_environment
|
@@ -530,6 +557,14 @@ class Puppet::Configurer
|
|
530
557
|
end
|
531
558
|
|
532
559
|
def download_plugins(remote_environment_for_plugins)
|
533
|
-
|
560
|
+
begin
|
561
|
+
@handler.download_plugins(remote_environment_for_plugins)
|
562
|
+
rescue Puppet::Error => detail
|
563
|
+
if !Puppet[:ignore_plugin_errors] && Puppet[:usecacheonfailure]
|
564
|
+
@running_failure = true
|
565
|
+
else
|
566
|
+
raise detail
|
567
|
+
end
|
568
|
+
end
|
534
569
|
end
|
535
570
|
end
|
@@ -11,32 +11,53 @@ class Puppet::Configurer::Downloader
|
|
11
11
|
files = []
|
12
12
|
begin
|
13
13
|
catalog.apply do |trans|
|
14
|
+
unless Puppet[:ignore_plugin_errors]
|
15
|
+
# Propagate the first failure associated with the transaction. The any_failed?
|
16
|
+
# method returns the first resource status that failed or nil, not a boolean.
|
17
|
+
first_failure = trans.any_failed?
|
18
|
+
if first_failure
|
19
|
+
event = (first_failure.events || []).first
|
20
|
+
detail = event ? event.message : 'unknown'
|
21
|
+
raise Puppet::Error.new(_("Failed to retrieve %{name}: %{detail}") % { name: name, detail: detail })
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
14
25
|
trans.changed?.each do |resource|
|
15
26
|
yield resource if block_given?
|
16
27
|
files << resource[:path]
|
17
28
|
end
|
18
29
|
end
|
19
30
|
rescue Puppet::Error => detail
|
20
|
-
Puppet
|
31
|
+
if Puppet[:ignore_plugin_errors]
|
32
|
+
Puppet.log_exception(detail, _("Could not retrieve %{name}: %{detail}") % { name: name, detail: detail })
|
33
|
+
else
|
34
|
+
raise detail
|
35
|
+
end
|
21
36
|
end
|
22
37
|
files
|
23
38
|
end
|
24
39
|
|
25
40
|
def initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :ignore)
|
26
41
|
@name, @path, @source, @ignore, @environment, @source_permissions = name, path, source, ignore, environment, source_permissions
|
27
|
-
end
|
28
42
|
|
29
|
-
def catalog
|
30
|
-
catalog = Puppet::Resource::Catalog.new("PluginSync", @environment)
|
31
|
-
catalog.host_config = false
|
32
|
-
catalog.add_resource(file)
|
33
|
-
catalog
|
34
43
|
end
|
35
44
|
|
36
45
|
def file
|
37
|
-
|
38
|
-
|
39
|
-
|
46
|
+
unless @file
|
47
|
+
args = default_arguments.merge(:path => path, :source => source)
|
48
|
+
args[:ignore] = ignore.split if ignore
|
49
|
+
@file = Puppet::Type.type(:file).new(args)
|
50
|
+
end
|
51
|
+
@file
|
52
|
+
end
|
53
|
+
|
54
|
+
def catalog
|
55
|
+
unless @catalog
|
56
|
+
@catalog = Puppet::Resource::Catalog.new("PluginSync", @environment)
|
57
|
+
@catalog.host_config = false
|
58
|
+
@catalog.add_resource(file)
|
59
|
+
end
|
60
|
+
@catalog
|
40
61
|
end
|
41
62
|
|
42
63
|
private
|
@@ -29,25 +29,27 @@ class Puppet::Configurer::PluginHandler
|
|
29
29
|
result += plugin_fact_downloader.evaluate
|
30
30
|
result += plugin_downloader.evaluate
|
31
31
|
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
32
|
+
unless Puppet[:disable_i18n]
|
33
|
+
# until file metadata/content are using the rest client, we need to check
|
34
|
+
# both :server_agent_version and the session to see if the server supports
|
35
|
+
# the "locales" mount
|
36
|
+
server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
|
37
|
+
locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
|
38
|
+
unless locales
|
39
|
+
session = Puppet.lookup(:http_session)
|
40
|
+
locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
|
41
|
+
end
|
42
|
+
|
43
|
+
if locales
|
44
|
+
locales_downloader = Puppet::Configurer::Downloader.new(
|
45
|
+
"locales",
|
46
|
+
Puppet[:localedest],
|
47
|
+
Puppet[:localesource],
|
48
|
+
Puppet[:pluginsignore] + " *.pot config.yaml",
|
49
|
+
environment
|
50
|
+
)
|
51
|
+
result += locales_downloader.evaluate
|
52
|
+
end
|
51
53
|
end
|
52
54
|
|
53
55
|
Puppet::Util::Autoload.reload_changed(Puppet.lookup(:current_environment))
|
data/lib/puppet/confine.rb
CHANGED
@@ -26,7 +26,7 @@ class Puppet::Confine
|
|
26
26
|
require "puppet/confine/#{name}"
|
27
27
|
rescue LoadError => detail
|
28
28
|
unless detail.to_s =~ /No such file|cannot load such file/i
|
29
|
-
|
29
|
+
Puppet.warning("Could not load confine test '#{name}': #{detail}")
|
30
30
|
end
|
31
31
|
# Could not find file
|
32
32
|
if !Puppet[:always_retry_plugins]
|
@@ -67,7 +67,7 @@ class Puppet::Confine
|
|
67
67
|
def valid?
|
68
68
|
values.each do |value|
|
69
69
|
unless pass?(value)
|
70
|
-
Puppet.debug
|
70
|
+
Puppet.debug { label + ": " + message(value) }
|
71
71
|
return false
|
72
72
|
end
|
73
73
|
end
|
data/lib/puppet/confine/any.rb
CHANGED
data/lib/puppet/defaults.rb
CHANGED
@@ -11,25 +11,60 @@ module Puppet
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.default_digest_algorithm
|
14
|
-
|
14
|
+
'sha256'
|
15
15
|
end
|
16
16
|
|
17
17
|
def self.valid_digest_algorithms
|
18
18
|
Puppet::Util::Platform.fips_enabled? ?
|
19
19
|
%w[sha256 sha384 sha512 sha224] :
|
20
|
-
%w[
|
20
|
+
%w[sha256 sha384 sha512 sha224 md5]
|
21
21
|
end
|
22
22
|
|
23
23
|
def self.default_file_checksum_types
|
24
24
|
Puppet::Util::Platform.fips_enabled? ?
|
25
25
|
%w[sha256 sha384 sha512 sha224] :
|
26
|
-
%w[
|
26
|
+
%w[sha256 sha384 sha512 sha224 md5]
|
27
27
|
end
|
28
28
|
|
29
29
|
def self.valid_file_checksum_types
|
30
30
|
Puppet::Util::Platform.fips_enabled? ?
|
31
31
|
%w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime] :
|
32
|
-
%w[
|
32
|
+
%w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite md5 md5lite mtime ctime]
|
33
|
+
end
|
34
|
+
|
35
|
+
def self.log_ca_migration_warning
|
36
|
+
urge_to_migrate = <<-UTM
|
37
|
+
The cadir is currently configured to be inside the #{Puppet[:ssldir]} directory. This config
|
38
|
+
setting and the directory location will not be used in a future version of puppet. Please run the
|
39
|
+
puppetserver ca tool to migrate out from the puppet confdir to the /etc/puppetlabs/puppetserver/ca
|
40
|
+
directory. Use `puppetserver ca migrate --help` for more info.
|
41
|
+
UTM
|
42
|
+
Puppet.warn_once('deprecations',
|
43
|
+
'CA migration message',
|
44
|
+
urge_to_migrate,
|
45
|
+
:default,
|
46
|
+
:default)
|
47
|
+
end
|
48
|
+
|
49
|
+
def self.default_cadir
|
50
|
+
return "" if Puppet::Util::Platform.windows?
|
51
|
+
old_ca_dir = "#{Puppet[:ssldir]}/ca"
|
52
|
+
new_ca_dir = "/etc/puppetlabs/puppetserver/ca"
|
53
|
+
|
54
|
+
if File.exist?(old_ca_dir)
|
55
|
+
if File.symlink?(old_ca_dir)
|
56
|
+
target = File.readlink(old_ca_dir)
|
57
|
+
if target.start_with?(Puppet[:ssldir])
|
58
|
+
Puppet.log_ca_migration_warning
|
59
|
+
end
|
60
|
+
target
|
61
|
+
else
|
62
|
+
Puppet.log_ca_migration_warning
|
63
|
+
old_ca_dir
|
64
|
+
end
|
65
|
+
else
|
66
|
+
new_ca_dir
|
67
|
+
end
|
33
68
|
end
|
34
69
|
|
35
70
|
def self.default_basemodulepath
|
@@ -70,28 +105,6 @@ module Puppet
|
|
70
105
|
# @return void
|
71
106
|
def self.initialize_default_settings!(settings)
|
72
107
|
settings.define_settings(:main,
|
73
|
-
:facterng => {
|
74
|
-
:default => false,
|
75
|
-
:type => :boolean,
|
76
|
-
:desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
|
77
|
-
the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
|
78
|
-
This setting is still experimental.',
|
79
|
-
:hook => proc do |value|
|
80
|
-
if value
|
81
|
-
begin
|
82
|
-
original_facter = Object.const_get(:Facter)
|
83
|
-
Object.send(:remove_const, :Facter)
|
84
|
-
|
85
|
-
require 'facter-ng'
|
86
|
-
# It is required to re-setup logger for facter-ng
|
87
|
-
Puppet::Util::Logging.setup_facter_logging!
|
88
|
-
rescue LoadError
|
89
|
-
Object.const_set(:Facter, original_facter)
|
90
|
-
raise ArgumentError, 'facter-ng could not be loaded'
|
91
|
-
end
|
92
|
-
end
|
93
|
-
end
|
94
|
-
},
|
95
108
|
:confdir => {
|
96
109
|
:default => nil,
|
97
110
|
:type => :directory,
|
@@ -218,7 +231,7 @@ module Puppet
|
|
218
231
|
end
|
219
232
|
},
|
220
233
|
:disable_i18n => {
|
221
|
-
:default =>
|
234
|
+
:default => true,
|
222
235
|
:type => :boolean,
|
223
236
|
:desc => "If true, turns off all translations of Puppet and module
|
224
237
|
log messages, which affects error, warning, and info log messages,
|
@@ -263,13 +276,6 @@ module Puppet
|
|
263
276
|
:type => :boolean,
|
264
277
|
:desc => "Whether to enable experimental performance profiling",
|
265
278
|
},
|
266
|
-
:future_features => {
|
267
|
-
:default => false,
|
268
|
-
:type => :boolean,
|
269
|
-
:desc => "Whether or not to enable all features currently being developed for future
|
270
|
-
major releases of Puppet. Should be used with caution, as in development
|
271
|
-
features are experimental and can have unexpected effects."
|
272
|
-
},
|
273
279
|
:versioned_environment_dirs => {
|
274
280
|
:default => false,
|
275
281
|
:type => :boolean,
|
@@ -284,6 +290,11 @@ module Puppet
|
|
284
290
|
which occurs only on a Puppet Server master when the `code-id-command` and
|
285
291
|
`code-content-command` settings are configured in its `puppetserver.conf` file.",
|
286
292
|
},
|
293
|
+
:settings_catalog => {
|
294
|
+
:default => true,
|
295
|
+
:type => :boolean,
|
296
|
+
:desc => "Whether to compile and apply the settings catalog",
|
297
|
+
},
|
287
298
|
:strict_environment_mode => {
|
288
299
|
:default => false,
|
289
300
|
:type => :boolean,
|
@@ -347,8 +358,7 @@ module Puppet
|
|
347
358
|
:default => "ansi",
|
348
359
|
:type => :string,
|
349
360
|
:desc => "Whether to use colors when logging to the console. Valid values are
|
350
|
-
`ansi` (equivalent to `true`), `html`, and `false`, which produces no color.
|
351
|
-
Defaults to false on Windows, as its console does not support ansi colors.",
|
361
|
+
`ansi` (equivalent to `true`), `html`, and `false`, which produces no color."
|
352
362
|
},
|
353
363
|
:mkusers => {
|
354
364
|
:default => false,
|
@@ -375,7 +385,7 @@ module Puppet
|
|
375
385
|
from the parent process.
|
376
386
|
|
377
387
|
This setting can only be set in the `[main]` section of puppet.conf; it cannot
|
378
|
-
be set in `[
|
388
|
+
be set in `[server]`, `[agent]`, or an environment config section.",
|
379
389
|
:call_hook => :on_define_and_write,
|
380
390
|
:hook => proc do |value|
|
381
391
|
Puppet::Util.set_env('PATH', '') if Puppet::Util.get_env('PATH').nil?
|
@@ -563,7 +573,7 @@ module Puppet
|
|
563
573
|
config = File.expand_path(File.join(settings[:confdir], 'hiera.yaml')) if config.nil?
|
564
574
|
config
|
565
575
|
end,
|
566
|
-
:desc => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet
|
576
|
+
:desc => "The hiera configuration file. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it.",
|
567
577
|
:type => :file,
|
568
578
|
},
|
569
579
|
:binder_config => {
|
@@ -590,13 +600,22 @@ module Puppet
|
|
590
600
|
},
|
591
601
|
:trusted_external_command => {
|
592
602
|
:default => nil,
|
593
|
-
:
|
603
|
+
:type => :file_or_directory,
|
604
|
+
:desc => "The external trusted facts script or directory to use.
|
594
605
|
This setting's value can be set to the path to an executable command that
|
595
|
-
can produce external trusted facts
|
606
|
+
can produce external trusted facts or to a directory containing those
|
607
|
+
executable commands. The command(s) must:
|
596
608
|
|
597
609
|
* Take the name of a node as a command-line argument.
|
598
610
|
* Return a JSON hash with the external trusted facts for this node.
|
599
|
-
* For unknown or invalid nodes, exit with a non-zero exit code.
|
611
|
+
* For unknown or invalid nodes, exit with a non-zero exit code.
|
612
|
+
|
613
|
+
If the setting points to an executable command, then the external trusted
|
614
|
+
facts will be stored in the 'external' key of the trusted facts hash. Otherwise
|
615
|
+
for each executable file in the directory, the external trusted facts will be
|
616
|
+
stored in the `<basename>` key of the `trusted['external']` hash. For example,
|
617
|
+
if the files foo.rb and bar.sh are in the directory, then `trusted['external']`
|
618
|
+
will be the hash `{ 'foo' => <foo.rb output>, 'bar' => <bar.sh output> }`.",
|
600
619
|
},
|
601
620
|
:default_file_terminus => {
|
602
621
|
:type => :terminus,
|
@@ -624,7 +643,7 @@ module Puppet
|
|
624
643
|
:http_proxy_password =>{
|
625
644
|
:default => "none",
|
626
645
|
:hook => proc do |value|
|
627
|
-
if
|
646
|
+
if value =~ /[@!# \/]/
|
628
647
|
raise "Passwords set in the http_proxy_password setting must be valid as part of a URL, and any reserved characters must be URL-encoded. We received: #{value}"
|
629
648
|
end
|
630
649
|
end,
|
@@ -692,39 +711,33 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
692
711
|
:environment_timeout => {
|
693
712
|
:default => "0",
|
694
713
|
:type => :ttl,
|
695
|
-
:desc => "How long the Puppet
|
714
|
+
:desc => "How long the Puppet server should cache data it loads from an
|
696
715
|
environment.
|
697
716
|
|
698
717
|
A value of `0` will disable caching. This setting can also be set to
|
699
|
-
`unlimited`, which will cache environments until the
|
700
|
-
or told to refresh the cache.
|
718
|
+
`unlimited`, which will cache environments until the server is restarted
|
719
|
+
or told to refresh the cache. All other values will result in Puppet
|
720
|
+
server evicting environments that haven't been used within the last
|
721
|
+
`environment_timeout` seconds.
|
701
722
|
|
702
723
|
You should change this setting once your Puppet deployment is doing
|
703
724
|
non-trivial work. We chose the default value of `0` because it lets new
|
704
725
|
users update their code without any extra steps, but it lowers the
|
705
|
-
performance of your Puppet
|
726
|
+
performance of your Puppet server. We recommend either:
|
706
727
|
|
707
|
-
|
708
|
-
|
728
|
+
* Setting this to `unlimited` and explicitly refreshing your Puppet server
|
729
|
+
as part of your code deployment process.
|
709
730
|
|
710
|
-
*
|
711
|
-
|
712
|
-
|
731
|
+
* Setting this to a number that will keep your most actively used
|
732
|
+
environments cached, but allow testing environments to fall out of the
|
733
|
+
cache and reduce memory usage. A value of 3 minutes (3m) is a reasonable
|
734
|
+
value.
|
713
735
|
|
714
|
-
|
715
|
-
|
716
|
-
|
717
|
-
|
718
|
-
|
719
|
-
unless [0, 'unlimited', Float::INFINITY].include?(val)
|
720
|
-
Puppet.deprecation_warning(<<-WARNING)
|
721
|
-
Fine grained control of environment timeouts is deprecated,
|
722
|
-
please use `0` or `unlimited` to control default caching behavior
|
723
|
-
and the environment-cache endpoint in Puppet Server's administrative
|
724
|
-
API to expire the cache as needed
|
725
|
-
WARNING
|
726
|
-
end
|
727
|
-
end
|
736
|
+
Once you set `environment_timeout` to a non-zero value, you need to tell
|
737
|
+
Puppet server to read new code from disk using the `environment-cache` API
|
738
|
+
endpoint after you deploy new code. See the docs for the Puppet Server
|
739
|
+
[administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
|
740
|
+
"
|
728
741
|
},
|
729
742
|
:environment_data_provider => {
|
730
743
|
:desc => "The name of a registered environment data provider used when obtaining environment
|
@@ -799,7 +812,7 @@ API to expire the cache as needed
|
|
799
812
|
`certname` setting as its requested Subject CN.
|
800
813
|
|
801
814
|
This is the name used when managing a node's permissions in
|
802
|
-
[auth.conf](https://puppet.com/docs/
|
815
|
+
Puppet Server's [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).
|
803
816
|
In most cases, it is also used as the node's name when matching
|
804
817
|
[node definitions](https://puppet.com/docs/puppet/latest/lang_node_definitions.html)
|
805
818
|
and requesting data from an ENC. (This can be changed with the `node_name_value`
|
@@ -816,8 +829,13 @@ API to expire the cache as needed
|
|
816
829
|
* The special value `ca` is reserved, and can't be used as the certname
|
817
830
|
for a normal node.
|
818
831
|
|
832
|
+
**Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
|
833
|
+
|
819
834
|
Defaults to the node's fully qualified domain name.",
|
820
|
-
:
|
835
|
+
:call_hook => :on_initialize_and_write,
|
836
|
+
:hook => proc { |value|
|
837
|
+
raise(ArgumentError, _("Certificate names must be lower case")) unless value == value.downcase
|
838
|
+
}},
|
821
839
|
:dns_alt_names => {
|
822
840
|
:default => '',
|
823
841
|
:desc => <<EOT,
|
@@ -944,13 +962,13 @@ EOT
|
|
944
962
|
Generally unused."
|
945
963
|
},
|
946
964
|
:hostcsr => {
|
947
|
-
:default => "$
|
965
|
+
:default => "$requestdir/$certname.pem",
|
948
966
|
:type => :file,
|
949
967
|
:mode => "0644",
|
950
968
|
:owner => "service",
|
951
969
|
:group => "service",
|
952
|
-
:
|
953
|
-
|
970
|
+
:desc => "Where individual hosts store their certificate request (CSR)
|
971
|
+
while waiting for the CA to issue their certificate."
|
954
972
|
},
|
955
973
|
:hostcert => {
|
956
974
|
:default => "$certdir/$certname.pem",
|
@@ -992,28 +1010,14 @@ EOT
|
|
992
1010
|
and reject the CA certificate if the values do not match. This only applies
|
993
1011
|
during the first download of the CA certificate."
|
994
1012
|
},
|
995
|
-
:
|
996
|
-
:
|
997
|
-
:
|
998
|
-
:
|
999
|
-
|
1000
|
-
|
1001
|
-
|
1002
|
-
|
1003
|
-
certificate (localcacert) will be used.",
|
1004
|
-
:hook => proc do |val|
|
1005
|
-
Puppet.deprecation_warning(_("Setting 'ssl_client_ca_auth' is deprecated."))
|
1006
|
-
end
|
1007
|
-
},
|
1008
|
-
:ssl_server_ca_auth => {
|
1009
|
-
:type => :file,
|
1010
|
-
:mode => "0644",
|
1011
|
-
:owner => "service",
|
1012
|
-
:group => "service",
|
1013
|
-
:deprecated => :completely,
|
1014
|
-
:desc => "The setting is deprecated and has no effect. Ensure all root and
|
1015
|
-
intermediate certificate authorities used to issue client certificates are
|
1016
|
-
contained in the server's `cacert` file on the server."
|
1013
|
+
:ssl_trust_store => {
|
1014
|
+
:default => nil,
|
1015
|
+
:type => :file,
|
1016
|
+
:desc => "A file containing CA certificates in PEM format that puppet should trust
|
1017
|
+
when making HTTPS requests. This **only** applies to https requests to non-puppet
|
1018
|
+
infrastructure, such as retrieving file metadata and content from https file sources,
|
1019
|
+
puppet module tool and the 'http' report processor. This setting is ignored when
|
1020
|
+
making requests to puppet:// URLs such as catalog and report requests.",
|
1017
1021
|
},
|
1018
1022
|
:hostcrl => {
|
1019
1023
|
:default => "$ssldir/crl.pem",
|
@@ -1105,9 +1109,16 @@ EOT
|
|
1105
1109
|
:desc => "The name to use the Certificate Authority certificate.",
|
1106
1110
|
},
|
1107
1111
|
:cadir => {
|
1108
|
-
:default =>
|
1112
|
+
:default => lambda { default_cadir },
|
1109
1113
|
:type => :directory,
|
1110
1114
|
:desc => "The root directory for the certificate authority.",
|
1115
|
+
:call_hook => :on_initialize_and_write,
|
1116
|
+
:hook => proc do |value|
|
1117
|
+
if value.start_with?(Puppet[:ssldir])
|
1118
|
+
Puppet.log_ca_migration_warning
|
1119
|
+
end
|
1120
|
+
value
|
1121
|
+
end
|
1111
1122
|
},
|
1112
1123
|
:cacert => {
|
1113
1124
|
:default => "$cadir/ca_crt.pem",
|
@@ -1284,7 +1295,7 @@ EOT
|
|
1284
1295
|
}
|
1285
1296
|
)
|
1286
1297
|
|
1287
|
-
settings.define_settings(:
|
1298
|
+
settings.define_settings(:server,
|
1288
1299
|
:user => {
|
1289
1300
|
:default => "puppet",
|
1290
1301
|
:desc => "The user Puppet Server will run as. Used to ensure
|
@@ -1334,30 +1345,25 @@ EOT
|
|
1334
1345
|
by `puppet`, and should only be set if you're writing your own Puppet
|
1335
1346
|
executable.",
|
1336
1347
|
},
|
1337
|
-
:
|
1348
|
+
:serverport => {
|
1338
1349
|
:default => 8140,
|
1350
|
+
:type => :port,
|
1339
1351
|
:desc => "The default port puppet subcommands use to communicate
|
1340
1352
|
with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
|
1341
1353
|
overridden by more specific settings (see `ca_port`, `report_port`).",
|
1354
|
+
:hook => proc do |value|
|
1355
|
+
Puppet[:masterport] = value unless Puppet.settings.set_by_config?(:masterport)
|
1356
|
+
end
|
1342
1357
|
},
|
1343
|
-
:
|
1344
|
-
:default =>
|
1345
|
-
:type => :
|
1346
|
-
:
|
1347
|
-
|
1348
|
-
|
1349
|
-
|
1350
|
-
|
1351
|
-
|
1352
|
-
},
|
1353
|
-
:desc => "How the puppet master determines the client's identity
|
1354
|
-
and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
|
1355
|
-
in particular for determining which 'node' statement applies to the client.
|
1356
|
-
Possible values are 'cert' (use the subject's CN in the client's
|
1357
|
-
certificate) and 'facter' (use the hostname that the client
|
1358
|
-
reported in its facts).
|
1359
|
-
|
1360
|
-
This setting is deprecated, please use explicit fact matching for classification.",
|
1358
|
+
:masterport => {
|
1359
|
+
:default => "$serverport",
|
1360
|
+
:type => :port,
|
1361
|
+
:desc => "The default port puppet subcommands use to communicate
|
1362
|
+
with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
|
1363
|
+
overridden by more specific settings (see `ca_port`, `report_port`).",
|
1364
|
+
:hook => proc do |value|
|
1365
|
+
Puppet[:serverport] = value unless Puppet.settings.set_by_config?(:serverport)
|
1366
|
+
end
|
1361
1367
|
},
|
1362
1368
|
:bucketdir => {
|
1363
1369
|
:default => "$vardir/bucket",
|
@@ -1367,15 +1373,6 @@ EOT
|
|
1367
1373
|
:group => "service",
|
1368
1374
|
:desc => "Where FileBucket files are stored."
|
1369
1375
|
},
|
1370
|
-
:rest_authconfig => {
|
1371
|
-
:default => "$confdir/auth.conf",
|
1372
|
-
:type => :file,
|
1373
|
-
:deprecated => :completely,
|
1374
|
-
:desc => "The configuration file that defines the rights to the different
|
1375
|
-
rest indirections. This can be used as a fine-grained authorization system for
|
1376
|
-
`puppet master`. The `puppet master` command is deprecated and Puppet Server
|
1377
|
-
uses its own auth.conf that must be placed within its configuration directory.",
|
1378
|
-
},
|
1379
1376
|
:trusted_oid_mapping_file => {
|
1380
1377
|
:default => "$confdir/custom_trusted_oid_mapping.yaml",
|
1381
1378
|
:type => :file,
|
@@ -1478,23 +1475,7 @@ EOT
|
|
1478
1475
|
:default => "$confdir/fileserver.conf",
|
1479
1476
|
:type => :file,
|
1480
1477
|
:desc => "Where the fileserver configuration is stored.",
|
1481
|
-
}
|
1482
|
-
:strict_hostname_checking => {
|
1483
|
-
:default => true,
|
1484
|
-
:type => :boolean,
|
1485
|
-
:desc => "Whether to only search for the complete
|
1486
|
-
hostname as it is in the certificate when searching for node information
|
1487
|
-
in the catalogs or to match dot delimited segments of the cert's certname
|
1488
|
-
and the hostname, fqdn, and/or domain facts.
|
1489
|
-
|
1490
|
-
This setting is deprecated and will be removed in a future release.",
|
1491
|
-
:hook => proc { |val|
|
1492
|
-
if val != true
|
1493
|
-
Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
|
1494
|
-
end
|
1495
|
-
}
|
1496
|
-
}
|
1497
|
-
)
|
1478
|
+
})
|
1498
1479
|
|
1499
1480
|
settings.define_settings(:device,
|
1500
1481
|
:devicedir => {
|
@@ -1516,17 +1497,15 @@ EOT
|
|
1516
1497
|
:default => "$certname",
|
1517
1498
|
:desc => "The explicit value used for the node name for all requests the agent
|
1518
1499
|
makes to the master. WARNING: This setting is mutually exclusive with
|
1519
|
-
node_name_fact. Changing this setting also requires changes to
|
1520
|
-
|
1521
|
-
http://links.puppet.com/node_name_value for more information."
|
1500
|
+
node_name_fact. Changing this setting also requires changes to
|
1501
|
+
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
|
1522
1502
|
},
|
1523
1503
|
:node_name_fact => {
|
1524
1504
|
:default => "",
|
1525
1505
|
:desc => "The fact name used to determine the node name used for all requests the agent
|
1526
1506
|
makes to the master. WARNING: This setting is mutually exclusive with
|
1527
|
-
node_name_value. Changing this setting also requires changes to
|
1528
|
-
|
1529
|
-
http://links.puppet.com/node_name_fact for more information.",
|
1507
|
+
node_name_value. Changing this setting also requires changes to
|
1508
|
+
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
|
1530
1509
|
:hook => proc do |value|
|
1531
1510
|
if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
|
1532
1511
|
raise "Cannot specify both the node_name_value and node_name_fact settings"
|
@@ -1536,7 +1515,7 @@ EOT
|
|
1536
1515
|
:statefile => {
|
1537
1516
|
:default => "$statedir/state.yaml",
|
1538
1517
|
:type => :file,
|
1539
|
-
:mode => "
|
1518
|
+
:mode => "0640",
|
1540
1519
|
:desc => "Where puppet agent and puppet master store state associated
|
1541
1520
|
with the running configuration. In the case of puppet master,
|
1542
1521
|
this file reflects the state discovered through interacting
|
@@ -1558,7 +1537,7 @@ EOT
|
|
1558
1537
|
:transactionstorefile => {
|
1559
1538
|
:default => "$statedir/transactionstore.yaml",
|
1560
1539
|
:type => :file,
|
1561
|
-
:mode => "
|
1540
|
+
:mode => "0640",
|
1562
1541
|
:desc => "Transactional storage file for persisting data between
|
1563
1542
|
transactions for the purposes of infering information (such as
|
1564
1543
|
corrective_change) on new data received."
|
@@ -1624,8 +1603,8 @@ EOT
|
|
1624
1603
|
:server_list => {
|
1625
1604
|
:default => [],
|
1626
1605
|
:type => :server_list,
|
1627
|
-
:desc => "The list of
|
1628
|
-
in the order that they will be tried.",
|
1606
|
+
:desc => "The list of Puppet master servers to which the Puppet agent should connect,
|
1607
|
+
in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
|
1629
1608
|
},
|
1630
1609
|
:use_srv_records => {
|
1631
1610
|
:default => false,
|
@@ -1684,8 +1663,7 @@ EOT
|
|
1684
1663
|
:type => :duration,
|
1685
1664
|
:desc => "How often puppet agent applies the catalog.
|
1686
1665
|
Note that a runinterval of 0 means \"run continuously\" rather than
|
1687
|
-
\"never run.\"
|
1688
|
-
it with the `--no-client` option. #{AS_DURATION}",
|
1666
|
+
\"never run.\" #{AS_DURATION}",
|
1689
1667
|
},
|
1690
1668
|
:runtimeout => {
|
1691
1669
|
:default => "1h",
|
@@ -1701,7 +1679,8 @@ EOT
|
|
1701
1679
|
and does not need to horizontally scale.",
|
1702
1680
|
},
|
1703
1681
|
:ca_port => {
|
1704
|
-
:default => "$
|
1682
|
+
:default => "$serverport",
|
1683
|
+
:type => :port,
|
1705
1684
|
:desc => "The port to use for the certificate authority.",
|
1706
1685
|
},
|
1707
1686
|
:preferred_serialization_format => {
|
@@ -1790,7 +1769,8 @@ EOT
|
|
1790
1769
|
:desc => "The server to send transaction reports to.",
|
1791
1770
|
},
|
1792
1771
|
:report_port => {
|
1793
|
-
:default => "$
|
1772
|
+
:default => "$serverport",
|
1773
|
+
:type => :port,
|
1794
1774
|
:desc => "The port to communicate with the report_server.",
|
1795
1775
|
},
|
1796
1776
|
:report => {
|
@@ -1820,17 +1800,27 @@ EOT
|
|
1820
1800
|
for the node stored in puppetdb are current. However, this will double the fact
|
1821
1801
|
submission load on puppetdb, so it is disabled by default.",
|
1822
1802
|
},
|
1803
|
+
:publicdir => {
|
1804
|
+
:default => nil,
|
1805
|
+
:type => :directory,
|
1806
|
+
:mode => "0755",
|
1807
|
+
:desc => "Where Puppet stores public files."
|
1808
|
+
},
|
1823
1809
|
:lastrunfile => {
|
1824
|
-
:default => "$
|
1810
|
+
:default => "$publicdir/last_run_summary.yaml",
|
1825
1811
|
:type => :file,
|
1826
|
-
:mode => "
|
1812
|
+
:mode => "0640",
|
1827
1813
|
:desc => "Where puppet agent stores the last run report summary in yaml format."
|
1828
1814
|
},
|
1829
1815
|
:lastrunreport => {
|
1830
1816
|
:default => "$statedir/last_run_report.yaml",
|
1831
1817
|
:type => :file,
|
1832
1818
|
:mode => "0640",
|
1833
|
-
:desc => "Where
|
1819
|
+
:desc => "Where Puppet Agent stores the last run report, by default, in yaml format.
|
1820
|
+
The format of the report can be changed by setting the `cache` key of the `report` terminus
|
1821
|
+
in the [routes.yaml](https://puppet.com/docs/puppet/latest/config_file_routes.html) file.
|
1822
|
+
To avoid mismatches between content and file extension, this setting needs to be
|
1823
|
+
manually updated to reflect the terminus changes."
|
1834
1824
|
},
|
1835
1825
|
:graph => {
|
1836
1826
|
:default => false,
|
@@ -1890,7 +1880,7 @@ EOT
|
|
1890
1880
|
already ongoing puppet agent instance.
|
1891
1881
|
|
1892
1882
|
This argument is by default disabled (value set to 0). In this case puppet agent will
|
1893
|
-
|
1883
|
+
immediately exit if it cannot run at that moment. When a value other than 0 is set, this
|
1894
1884
|
can also be used in combination with the `maxwaitforlock` argument.
|
1895
1885
|
#{AS_DURATION}",
|
1896
1886
|
},
|
@@ -1899,7 +1889,7 @@ EOT
|
|
1899
1889
|
:type => :ttl,
|
1900
1890
|
:desc => "The maximum amount of time the puppet agent should wait for an
|
1901
1891
|
already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
|
1902
|
-
A value of `unlimited` will cause puppet agent to wait indefinitely.
|
1892
|
+
A value of `unlimited` will cause puppet agent to wait indefinitely.
|
1903
1893
|
#{AS_DURATION}",
|
1904
1894
|
}
|
1905
1895
|
)
|
@@ -1941,9 +1931,26 @@ EOT
|
|
1941
1931
|
is used for retrieval, so anything that is a valid file source can
|
1942
1932
|
be used here.",
|
1943
1933
|
},
|
1934
|
+
:pluginsync => {
|
1935
|
+
:default => true,
|
1936
|
+
:type => :boolean,
|
1937
|
+
:desc => "Whether plugins should be synced with the central server. This setting is
|
1938
|
+
deprecated.",
|
1939
|
+
:hook => proc { |value|
|
1940
|
+
#TRANSLATORS 'pluginsync' is a setting and should not be translated
|
1941
|
+
Puppet.deprecation_warning(_("Setting 'pluginsync' is deprecated."))
|
1942
|
+
}
|
1943
|
+
},
|
1944
1944
|
:pluginsignore => {
|
1945
1945
|
:default => ".svn CVS .git .hg",
|
1946
1946
|
:desc => "What files to ignore when pulling down plugins.",
|
1947
|
+
},
|
1948
|
+
:ignore_plugin_errors => {
|
1949
|
+
:default => false,
|
1950
|
+
:type => :boolean,
|
1951
|
+
:desc => "Whether the puppet run should ignore errors during pluginsync. If the setting
|
1952
|
+
is false and there are errors during pluginsync, then the agent will abort the run and
|
1953
|
+
submit a report containing information about the failed run."
|
1947
1954
|
}
|
1948
1955
|
)
|
1949
1956
|
|
@@ -2088,7 +2095,7 @@ EOT
|
|
2088
2095
|
}
|
2089
2096
|
)
|
2090
2097
|
|
2091
|
-
settings.define_settings(:
|
2098
|
+
settings.define_settings(:server,
|
2092
2099
|
:storeconfigs => {
|
2093
2100
|
:default => false,
|
2094
2101
|
:type => :boolean,
|
@@ -2154,16 +2161,6 @@ EOT
|
|
2154
2161
|
referencing variables that are explicitly set to undef).
|
2155
2162
|
EOT
|
2156
2163
|
},
|
2157
|
-
:func3x_check => {
|
2158
|
-
:default => true,
|
2159
|
-
:type => :boolean,
|
2160
|
-
:desc => <<-'EOT'
|
2161
|
-
Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that
|
2162
|
-
could cause harm or that simply does not work. This flag is on by default. This flag is made available
|
2163
|
-
so that the validation can be turned off in case the method of validation is faulty - if encountered, please
|
2164
|
-
file a bug report.
|
2165
|
-
EOT
|
2166
|
-
},
|
2167
2164
|
:tasks => {
|
2168
2165
|
:default => false,
|
2169
2166
|
:type => :boolean,
|