RubyGems - puppet - Versions diffs - 6.16.0-x86-mingw32 → 7.0.0-x86-mingw32 - Mend

puppet 6.16.0-x86-mingw32 → 7.0.0-x86-mingw32

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (645) hide show

checksums.yaml +4 -4
data/Gemfile +5 -3
data/Gemfile.lock +31 -33
data/README.md +4 -5
data/Rakefile +4 -12
data/conf/fileserver.conf +5 -10
data/ext/build_defaults.yaml +1 -1
data/ext/osx/file_mapping.yaml +0 -5
data/ext/project_data.yaml +1 -14
data/ext/redhat/puppet.spec.erb +0 -1
data/ext/windows/service/daemon.rb +6 -5
data/install.rb +21 -17
data/lib/puppet.rb +11 -20
data/lib/puppet/agent.rb +2 -2
data/lib/puppet/agent/locker.rb +0 -7
data/lib/puppet/application.rb +172 -98
data/lib/puppet/application/agent.rb +22 -6
data/lib/puppet/application/apply.rb +18 -20
data/lib/puppet/application/device.rb +100 -104
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/filebucket.rb +15 -11
data/lib/puppet/application/lookup.rb +16 -4
data/lib/puppet/application/ssl.rb +1 -1
data/lib/puppet/configurer.rb +66 -31
data/lib/puppet/configurer/downloader.rb +31 -10
data/lib/puppet/configurer/plugin_handler.rb +21 -19
data/lib/puppet/confine.rb +2 -2
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/defaults.rb +166 -169
data/lib/puppet/environments.rb +41 -15
data/lib/puppet/face/catalog.rb +1 -1
data/lib/puppet/face/config.rb +56 -16
data/lib/puppet/face/epp.rb +12 -2
data/lib/puppet/face/facts.rb +66 -6
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/node.rb +3 -3
data/lib/puppet/face/node/clean.rb +2 -2
data/lib/puppet/face/plugin.rb +5 -8
data/lib/puppet/feature/base.rb +1 -1
data/lib/puppet/ffi/windows.rb +12 -0
data/lib/puppet/ffi/windows/api_types.rb +311 -0
data/lib/puppet/ffi/windows/constants.rb +404 -0
data/lib/puppet/ffi/windows/functions.rb +628 -0
data/lib/puppet/ffi/windows/structs.rb +338 -0
data/lib/puppet/file_bucket/dipper.rb +1 -1
data/lib/puppet/file_serving/configuration.rb +0 -5
data/lib/puppet/file_serving/configuration/parser.rb +3 -32
data/lib/puppet/file_serving/http_metadata.rb +13 -1
data/lib/puppet/file_serving/metadata.rb +4 -1
data/lib/puppet/file_serving/mount.rb +1 -2
data/lib/puppet/file_serving/mount/locales.rb +1 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
data/lib/puppet/file_serving/mount/plugins.rb +1 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +4 -4
data/lib/puppet/file_system/uniquefile.rb +8 -16
data/lib/puppet/forge.rb +1 -1
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/repository.rb +3 -8
data/lib/puppet/functions/epp.rb +1 -0
data/lib/puppet/functions/inline_epp.rb +1 -0
data/lib/puppet/functions/lstrip.rb +4 -4
data/lib/puppet/functions/new.rb +8 -3
data/lib/puppet/functions/reverse_each.rb +1 -1
data/lib/puppet/functions/rstrip.rb +4 -4
data/lib/puppet/functions/step.rb +1 -1
data/lib/puppet/functions/strip.rb +4 -4
data/lib/puppet/generate/models/type/type.rb +4 -1
data/lib/puppet/gettext/config.rb +5 -5
data/lib/puppet/gettext/module_translations.rb +4 -4
data/lib/puppet/http.rb +23 -13
data/lib/puppet/http/client.rb +170 -115
data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
data/lib/puppet/http/errors.rb +16 -0
data/lib/puppet/http/external_client.rb +5 -7
data/lib/puppet/{network/http → http}/factory.rb +8 -11
data/lib/puppet/{network/http → http}/pool.rb +61 -26
data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
data/lib/puppet/http/proxy.rb +137 -0
data/lib/puppet/http/redirector.rb +13 -19
data/lib/puppet/http/resolver.rb +10 -23
data/lib/puppet/http/resolver/server_list.rb +23 -45
data/lib/puppet/http/resolver/settings.rb +7 -10
data/lib/puppet/http/resolver/srv.rb +11 -15
data/lib/puppet/http/response.rb +49 -48
data/lib/puppet/http/response_converter.rb +24 -0
data/lib/puppet/http/response_net_http.rb +42 -0
data/lib/puppet/http/retry_after_handler.rb +4 -13
data/lib/puppet/http/service.rb +15 -27
data/lib/puppet/http/service/ca.rb +11 -22
data/lib/puppet/http/service/compiler.rb +23 -70
data/lib/puppet/http/service/file_server.rb +19 -28
data/lib/puppet/http/service/puppetserver.rb +53 -0
data/lib/puppet/http/service/report.rb +8 -10
data/lib/puppet/http/session.rb +16 -24
data/lib/puppet/{network/http → http}/site.rb +1 -2
data/lib/puppet/indirector.rb +1 -1
data/lib/puppet/indirector/catalog/compiler.rb +1 -1
data/lib/puppet/indirector/catalog/rest.rb +2 -4
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/fact_search.rb +60 -0
data/lib/puppet/indirector/facts/facter.rb +27 -6
data/lib/puppet/indirector/facts/json.rb +27 -0
data/lib/puppet/indirector/facts/rest.rb +3 -22
data/lib/puppet/indirector/facts/yaml.rb +4 -59
data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
data/lib/puppet/indirector/file_content/rest.rb +3 -7
data/lib/puppet/indirector/file_metadata/http.rb +25 -5
data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
data/lib/puppet/indirector/file_server.rb +1 -8
data/lib/puppet/indirector/generic_http.rb +0 -11
data/lib/puppet/indirector/hiera.rb +4 -0
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/indirector/json.rb +5 -1
data/lib/puppet/indirector/msgpack.rb +1 -1
data/lib/puppet/indirector/node/json.rb +8 -0
data/lib/puppet/indirector/node/rest.rb +2 -4
data/lib/puppet/indirector/report/json.rb +34 -0
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/report/rest.rb +3 -8
data/lib/puppet/indirector/request.rb +2 -103
data/lib/puppet/indirector/rest.rb +12 -263
data/lib/puppet/indirector/yaml.rb +1 -1
data/lib/puppet/module.rb +1 -2
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/network/authconfig.rb +2 -96
data/lib/puppet/network/authorization.rb +13 -35
data/lib/puppet/network/format_support.rb +2 -2
data/lib/puppet/network/formats.rb +2 -1
data/lib/puppet/network/http.rb +3 -3
data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
data/lib/puppet/network/http/api/master/v3.rb +11 -13
data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
data/lib/puppet/network/http/connection.rb +247 -316
data/lib/puppet/network/http/handler.rb +0 -1
data/lib/puppet/network/http/route.rb +2 -2
data/lib/puppet/network/http_pool.rb +16 -34
data/lib/puppet/node.rb +1 -30
data/lib/puppet/node/environment.rb +12 -5
data/lib/puppet/node/facts.rb +17 -0
data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
data/lib/puppet/pal/pal_impl.rb +93 -14
data/lib/puppet/parameter.rb +1 -1
data/lib/puppet/parser/ast/leaf.rb +5 -5
data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
data/lib/puppet/parser/compiler.rb +1 -199
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
data/lib/puppet/parser/functions.rb +21 -17
data/lib/puppet/parser/functions/create_resources.rb +11 -7
data/lib/puppet/parser/resource.rb +3 -71
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/parser/type_loader.rb +2 -2
data/lib/puppet/pops/adaptable.rb +7 -13
data/lib/puppet/pops/adapters.rb +8 -4
data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
data/lib/puppet/pops/loaders.rb +18 -11
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
data/lib/puppet/pops/model/ast.pp +0 -42
data/lib/puppet/pops/model/ast.rb +0 -290
data/lib/puppet/pops/model/factory.rb +0 -45
data/lib/puppet/pops/model/model_label_provider.rb +0 -5
data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
data/lib/puppet/pops/model/pn_transformer.rb +0 -16
data/lib/puppet/pops/parser/egrammar.ra +0 -56
data/lib/puppet/pops/parser/eparser.rb +1520 -1712
data/lib/puppet/pops/parser/lexer2.rb +4 -4
data/lib/puppet/pops/parser/parser_support.rb +0 -5
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
data/lib/puppet/pops/types/iterable.rb +34 -8
data/lib/puppet/pops/types/p_meta_type.rb +1 -1
data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
data/lib/puppet/pops/types/type_calculator.rb +0 -7
data/lib/puppet/pops/types/type_parser.rb +0 -4
data/lib/puppet/pops/types/types.rb +0 -1
data/lib/puppet/pops/validation/checker4_0.rb +28 -42
data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
data/lib/puppet/provider.rb +0 -13
data/lib/puppet/provider/file/windows.rb +1 -1
data/lib/puppet/provider/nameservice.rb +0 -18
data/lib/puppet/provider/package/apt.rb +34 -0
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +1 -11
data/lib/puppet/provider/package/gem.rb +27 -5
data/lib/puppet/provider/package/pip.rb +0 -1
data/lib/puppet/provider/package/pip2.rb +17 -0
data/lib/puppet/provider/package/pkg.rb +0 -4
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/puppet_gem.rb +6 -4
data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
data/lib/puppet/provider/package/yum.rb +2 -1
data/lib/puppet/provider/package/zypper.rb +3 -0
data/lib/puppet/provider/service/smf.rb +191 -73
data/lib/puppet/provider/service/windows.rb +23 -7
data/lib/puppet/provider/user/aix.rb +1 -1
data/lib/puppet/provider/user/directoryservice.rb +0 -10
data/lib/puppet/provider/user/user_role_add.rb +1 -1
data/lib/puppet/provider/user/useradd.rb +11 -4
data/lib/puppet/provider/user/windows_adsi.rb +18 -1
data/lib/puppet/reference/configuration.rb +2 -0
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/reports/http.rb +2 -0
data/lib/puppet/resource.rb +3 -90
data/lib/puppet/resource/catalog.rb +1 -14
data/lib/puppet/resource/type.rb +5 -112
data/lib/puppet/resource/type_collection.rb +3 -48
data/lib/puppet/runtime.rb +1 -2
data/lib/puppet/settings.rb +84 -35
data/lib/puppet/settings/base_setting.rb +26 -2
data/lib/puppet/settings/integer_setting.rb +17 -0
data/lib/puppet/settings/port_setting.rb +15 -0
data/lib/puppet/settings/priority_setting.rb +5 -4
data/lib/puppet/ssl.rb +10 -6
data/lib/puppet/ssl/base.rb +3 -5
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_request.rb +1 -12
data/lib/puppet/ssl/certificate_signer.rb +6 -0
data/lib/puppet/ssl/oids.rb +3 -1
data/lib/puppet/ssl/ssl_context.rb +2 -2
data/lib/puppet/ssl/ssl_provider.rb +37 -1
data/lib/puppet/ssl/state_machine.rb +3 -1
data/lib/puppet/ssl/verifier.rb +2 -0
data/lib/puppet/test/test_helper.rb +19 -16
data/lib/puppet/transaction.rb +3 -9
data/lib/puppet/transaction/persistence.rb +1 -1
data/lib/puppet/transaction/report.rb +10 -8
data/lib/puppet/trusted_external.rb +29 -1
data/lib/puppet/type.rb +9 -77
data/lib/puppet/type/file.rb +45 -22
data/lib/puppet/type/file/checksum.rb +5 -5
data/lib/puppet/type/file/source.rb +33 -13
data/lib/puppet/type/filebucket.rb +4 -4
data/lib/puppet/type/notify.rb +2 -2
data/lib/puppet/type/package.rb +5 -13
data/lib/puppet/type/service.rb +53 -0
data/lib/puppet/type/user.rb +18 -3
data/lib/puppet/util.rb +41 -3
data/lib/puppet/util/autoload.rb +9 -7
data/lib/puppet/util/character_encoding.rb +9 -5
data/lib/puppet/util/checksums.rb +19 -4
data/lib/puppet/util/execution.rb +2 -13
data/lib/puppet/util/fileparsing.rb +2 -2
data/lib/puppet/util/http_proxy.rb +2 -215
data/lib/puppet/util/monkey_patches.rb +0 -46
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/rdoc.rb +0 -7
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/retry_action.rb +1 -1
data/lib/puppet/util/rubygems.rb +5 -1
data/lib/puppet/util/run_mode.rb +14 -2
data/lib/puppet/util/windows.rb +3 -7
data/lib/puppet/util/windows/daemon.rb +360 -0
data/lib/puppet/util/windows/error.rb +1 -0
data/lib/puppet/util/windows/eventlog.rb +5 -15
data/lib/puppet/util/windows/file.rb +8 -242
data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +4 -226
data/lib/puppet/util/windows/registry.rb +11 -11
data/lib/puppet/util/windows/security.rb +4 -4
data/lib/puppet/util/windows/service.rb +52 -486
data/lib/puppet/util/windows/string.rb +12 -13
data/lib/puppet/util/windows/user.rb +242 -8
data/lib/puppet/util/yaml.rb +0 -22
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509.rb +5 -1
data/lib/puppet/x509/cert_provider.rb +29 -1
data/locales/puppet.pot +713 -1380
data/man/man5/puppet.conf.5 +84 -98
data/man/man8/puppet-agent.8 +7 -4
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +6 -6
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +55 -9
data/man/man8/puppet-filebucket.8 +6 -6
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-lookup.8 +2 -2
data/man/man8/puppet-module.8 +1 -58
data/man/man8/puppet-node.8 +7 -4
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +4 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
data/spec/integration/application/agent_spec.rb +157 -59
data/spec/integration/application/apply_spec.rb +150 -150
data/spec/integration/application/doc_spec.rb +16 -6
data/spec/integration/application/filebucket_spec.rb +78 -29
data/spec/integration/application/help_spec.rb +44 -0
data/spec/integration/application/lookup_spec.rb +13 -0
data/spec/integration/application/module_spec.rb +68 -0
data/spec/integration/application/plugin_spec.rb +76 -4
data/spec/integration/configurer_spec.rb +14 -0
data/spec/integration/data_binding_spec.rb +82 -0
data/spec/integration/defaults_spec.rb +33 -5
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/environments/setting_hooks_spec.rb +1 -1
data/spec/integration/indirector/facts/facter_spec.rb +8 -6
data/spec/integration/network/http_pool_spec.rb +29 -30
data/spec/integration/node/environment_spec.rb +1 -1
data/spec/integration/parser/catalog_spec.rb +0 -38
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/parser/node_spec.rb +0 -9
data/spec/integration/parser/pcore_resource_spec.rb +0 -37
data/spec/integration/type/file_spec.rb +6 -5
data/spec/integration/util/execution_spec.rb +22 -0
data/spec/integration/util/windows/adsi_spec.rb +2 -2
data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
data/spec/integration/util/windows/process_spec.rb +26 -32
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/integration/util/windows/security_spec.rb +1 -1
data/spec/integration/util/windows/user_spec.rb +47 -5
data/spec/integration/util_spec.rb +7 -33
data/spec/lib/puppet_spec/matchers.rb +0 -80
data/spec/lib/puppet_spec/puppetserver.rb +9 -1
data/spec/lib/puppet_spec/settings.rb +7 -1
data/spec/shared_contexts/types_setup.rb +2 -0
data/spec/spec_helper.rb +2 -0
data/spec/unit/agent_spec.rb +0 -2
data/spec/unit/application/agent_spec.rb +3 -4
data/spec/unit/application/config_spec.rb +224 -4
data/spec/unit/application/doc_spec.rb +2 -2
data/spec/unit/application/face_base_spec.rb +6 -4
data/spec/unit/application/facts_spec.rb +74 -8
data/spec/unit/application/filebucket_spec.rb +41 -39
data/spec/unit/application/resource_spec.rb +3 -1
data/spec/unit/application/ssl_spec.rb +17 -4
data/spec/unit/application_spec.rb +9 -4
data/spec/unit/certificate_factory_spec.rb +1 -1
data/spec/unit/configurer/downloader_spec.rb +14 -0
data/spec/unit/configurer/fact_handler_spec.rb +4 -4
data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
data/spec/unit/configurer_spec.rb +96 -44
data/spec/unit/confine_spec.rb +2 -1
data/spec/unit/context/trusted_information_spec.rb +12 -10
data/spec/unit/defaults_spec.rb +77 -28
data/spec/unit/environments_spec.rb +96 -32
data/spec/unit/face/config_spec.rb +65 -12
data/spec/unit/face/facts_spec.rb +4 -0
data/spec/unit/face/node_spec.rb +2 -2
data/spec/unit/face/plugin_spec.rb +73 -33
data/spec/unit/file_bucket/file_spec.rb +1 -1
data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
data/spec/unit/file_serving/configuration_spec.rb +6 -12
data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
data/spec/unit/file_system/uniquefile_spec.rb +18 -0
data/spec/unit/file_system_spec.rb +1 -2
data/spec/unit/functions/camelcase_spec.rb +1 -1
data/spec/unit/functions/capitalize_spec.rb +1 -1
data/spec/unit/functions/downcase_spec.rb +1 -1
data/spec/unit/functions/inline_epp_spec.rb +26 -1
data/spec/unit/functions/upcase_spec.rb +1 -1
data/spec/unit/http/client_spec.rb +71 -17
data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
data/spec/unit/http/external_client_spec.rb +4 -4
data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
data/spec/unit/http/resolver_spec.rb +34 -15
data/spec/unit/http/response_spec.rb +6 -0
data/spec/unit/http/service/ca_spec.rb +2 -3
data/spec/unit/http/service/compiler_spec.rb +51 -65
data/spec/unit/http/service/file_server_spec.rb +5 -6
data/spec/unit/http/service/puppetserver_spec.rb +112 -0
data/spec/unit/http/service/report_spec.rb +2 -3
data/spec/unit/http/service_spec.rb +1 -3
data/spec/unit/http/session_spec.rb +24 -35
data/spec/unit/{network/http → http}/site_spec.rb +3 -3
data/spec/unit/indirector/catalog/json_spec.rb +1 -1
data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
data/spec/unit/indirector/facts/facter_spec.rb +97 -0
data/spec/unit/indirector/facts/json_spec.rb +255 -0
data/spec/unit/indirector/facts/rest_spec.rb +1 -1
data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
data/spec/unit/indirector/file_server_spec.rb +1 -15
data/spec/unit/indirector/json_spec.rb +8 -8
data/spec/unit/indirector/msgpack_spec.rb +8 -8
data/spec/unit/indirector/node/json_spec.rb +33 -0
data/spec/unit/indirector/node/rest_spec.rb +1 -1
data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
data/spec/unit/indirector/report/rest_spec.rb +2 -17
data/spec/unit/indirector/report/yaml_spec.rb +72 -8
data/spec/unit/indirector/request_spec.rb +3 -267
data/spec/unit/indirector/rest_spec.rb +98 -752
data/spec/unit/indirector/yaml_spec.rb +7 -7
data/spec/unit/interface_spec.rb +3 -3
data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
data/spec/unit/network/authconfig_spec.rb +2 -132
data/spec/unit/network/authorization_spec.rb +2 -55
data/spec/unit/network/format_support_spec.rb +3 -2
data/spec/unit/network/formats_spec.rb +4 -4
data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
data/spec/unit/network/http/api_spec.rb +10 -0
data/spec/unit/network/http/connection_spec.rb +61 -73
data/spec/unit/network/http/handler_spec.rb +0 -6
data/spec/unit/network/http_pool_spec.rb +0 -4
data/spec/unit/node/environment_spec.rb +51 -22
data/spec/unit/node_spec.rb +2 -54
data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
data/spec/unit/parser/scope_spec.rb +1 -1
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
data/spec/unit/pops/types/type_factory_spec.rb +1 -1
data/spec/unit/pops/validator/validator_spec.rb +61 -46
data/spec/unit/pops/visitor_spec.rb +1 -1
data/spec/unit/provider/exec_spec.rb +4 -3
data/spec/unit/provider/nameservice_spec.rb +0 -57
data/spec/unit/provider/package/apt_spec.rb +77 -0
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dpkg_spec.rb +22 -55
data/spec/unit/provider/package/gem_spec.rb +32 -0
data/spec/unit/provider/package/openbsd_spec.rb +2 -0
data/spec/unit/provider/package/pip2_spec.rb +36 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
data/spec/unit/provider/package/yum_spec.rb +31 -0
data/spec/unit/provider/package/zypper_spec.rb +14 -0
data/spec/unit/provider/service/base_spec.rb +2 -4
data/spec/unit/provider/service/bsd_spec.rb +5 -1
data/spec/unit/provider/service/daemontools_spec.rb +1 -1
data/spec/unit/provider/service/debian_spec.rb +3 -5
data/spec/unit/provider/service/freebsd_spec.rb +1 -1
data/spec/unit/provider/service/gentoo_spec.rb +4 -5
data/spec/unit/provider/service/init_spec.rb +45 -5
data/spec/unit/provider/service/launchd_spec.rb +5 -6
data/spec/unit/provider/service/openrc_spec.rb +4 -5
data/spec/unit/provider/service/openwrt_spec.rb +1 -1
data/spec/unit/provider/service/redhat_spec.rb +1 -1
data/spec/unit/provider/service/runit_spec.rb +2 -1
data/spec/unit/provider/service/smf_spec.rb +402 -166
data/spec/unit/provider/service/src_spec.rb +3 -5
data/spec/unit/provider/service/systemd_spec.rb +3 -6
data/spec/unit/provider/service/upstart_spec.rb +4 -5
data/spec/unit/provider/service/windows_spec.rb +50 -15
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/useradd_spec.rb +22 -16
data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
data/spec/unit/provider_spec.rb +0 -12
data/spec/unit/puppet_pal_2pec.rb +40 -0
data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
data/spec/unit/reports/store_spec.rb +17 -13
data/spec/unit/resource/type_collection_spec.rb +2 -22
data/spec/unit/resource_spec.rb +3 -59
data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
data/spec/unit/settings/integer_setting_spec.rb +42 -0
data/spec/unit/settings/port_setting_spec.rb +31 -0
data/spec/unit/settings/priority_setting_spec.rb +4 -4
data/spec/unit/settings_spec.rb +586 -239
data/spec/unit/ssl/base_spec.rb +36 -3
data/spec/unit/ssl/certificate_request_spec.rb +15 -45
data/spec/unit/ssl/certificate_spec.rb +2 -11
data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
data/spec/unit/ssl/state_machine_spec.rb +0 -1
data/spec/unit/ssl/verifier_spec.rb +0 -21
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/persistence_spec.rb +15 -0
data/spec/unit/transaction/report_spec.rb +3 -3
data/spec/unit/transaction/resource_harness_spec.rb +2 -2
data/spec/unit/transaction_spec.rb +45 -79
data/spec/unit/type/file/checksum_spec.rb +6 -6
data/spec/unit/type/file/content_spec.rb +1 -1
data/spec/unit/type/file/ensure_spec.rb +1 -1
data/spec/unit/type/file/mode_spec.rb +1 -1
data/spec/unit/type/file/source_spec.rb +4 -5
data/spec/unit/type/file_spec.rb +134 -102
data/spec/unit/type/filebucket_spec.rb +1 -1
data/spec/unit/type/package_spec.rb +1 -1
data/spec/unit/type/service_spec.rb +209 -0
data/spec/unit/type/user_spec.rb +31 -2
data/spec/unit/type_spec.rb +70 -0
data/spec/unit/util/backups_spec.rb +0 -2
data/spec/unit/util/character_encoding_spec.rb +4 -4
data/spec/unit/util/checksums_spec.rb +16 -0
data/spec/unit/util/command_line_spec.rb +11 -6
data/spec/unit/util/execution_spec.rb +0 -29
data/spec/unit/util/monkey_patches_spec.rb +0 -6
data/spec/unit/util/rubygems_spec.rb +2 -2
data/spec/unit/util/run_mode_spec.rb +27 -127
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +4 -4
data/spec/unit/util/windows/string_spec.rb +1 -3
data/spec/unit/util/yaml_spec.rb +0 -54
data/spec/unit/util_spec.rb +3 -21
data/spec/unit/x509/cert_provider_spec.rb +1 -1
metadata +76 -270
data/conf/auth.conf +0 -150
data/lib/puppet/application/cert.rb +0 -76
data/lib/puppet/application/key.rb +0 -4
data/lib/puppet/application/man.rb +0 -4
data/lib/puppet/application/status.rb +0 -4
data/lib/puppet/face/key.rb +0 -16
data/lib/puppet/face/man.rb +0 -145
data/lib/puppet/face/module/build.rb +0 -14
data/lib/puppet/face/module/generate.rb +0 -14
data/lib/puppet/face/module/search.rb +0 -103
data/lib/puppet/face/status.rb +0 -51
data/lib/puppet/indirector/certificate/file.rb +0 -9
data/lib/puppet/indirector/certificate/rest.rb +0 -18
data/lib/puppet/indirector/certificate_request/file.rb +0 -9
data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
data/lib/puppet/indirector/file_content/http.rb +0 -22
data/lib/puppet/indirector/key/file.rb +0 -46
data/lib/puppet/indirector/key/memory.rb +0 -7
data/lib/puppet/indirector/ssl_file.rb +0 -162
data/lib/puppet/indirector/status.rb +0 -3
data/lib/puppet/indirector/status/local.rb +0 -12
data/lib/puppet/indirector/status/rest.rb +0 -27
data/lib/puppet/module_tool/applications/searcher.rb +0 -29
data/lib/puppet/network/auth_config_parser.rb +0 -90
data/lib/puppet/network/authstore.rb +0 -283
data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
data/lib/puppet/network/http/base_pool.rb +0 -36
data/lib/puppet/network/http/compression.rb +0 -127
data/lib/puppet/network/http/connection_adapter.rb +0 -182
data/lib/puppet/network/http/nocache_pool.rb +0 -28
data/lib/puppet/network/rest_controller.rb +0 -2
data/lib/puppet/network/rights.rb +0 -210
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
data/lib/puppet/parser/environment_compiler.rb +0 -199
data/lib/puppet/pops/types/enumeration.rb +0 -16
data/lib/puppet/resource/capability_finder.rb +0 -154
data/lib/puppet/rest/errors.rb +0 -15
data/lib/puppet/rest/response.rb +0 -35
data/lib/puppet/rest/route.rb +0 -85
data/lib/puppet/rest/routes.rb +0 -135
data/lib/puppet/ssl/host.rb +0 -505
data/lib/puppet/ssl/key.rb +0 -61
data/lib/puppet/ssl/validator.rb +0 -61
data/lib/puppet/ssl/validator/default_validator.rb +0 -209
data/lib/puppet/ssl/validator/no_validator.rb +0 -22
data/lib/puppet/ssl/verifier_adapter.rb +0 -58
data/lib/puppet/status.rb +0 -40
data/lib/puppet/util/connection.rb +0 -88
data/lib/puppet/util/ssl.rb +0 -83
data/lib/puppet/util/windows/api_types.rb +0 -282
data/lib/puppet/vendor/load_pathspec.rb +0 -1
data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
data/lib/puppet/vendor/pathspec/LICENSE +0 -201
data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
data/lib/puppet/vendor/pathspec/README.md +0 -53
data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
data/man/man8/puppet-key.8 +0 -126
data/man/man8/puppet-man.8 +0 -76
data/man/man8/puppet-status.8 +0 -108
data/spec/integration/faces/config_spec.rb +0 -91
data/spec/integration/faces/documentation_spec.rb +0 -57
data/spec/integration/file_bucket/file_spec.rb +0 -50
data/spec/integration/file_serving/content_spec.rb +0 -7
data/spec/integration/file_serving/fileset_spec.rb +0 -12
data/spec/integration/file_serving/metadata_spec.rb +0 -8
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
data/spec/integration/file_system/uniquefile_spec.rb +0 -26
data/spec/integration/module_tool/forge_spec.rb +0 -51
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/network/authconfig_spec.rb +0 -256
data/spec/integration/provider/service/init_spec.rb +0 -48
data/spec/integration/provider/service/systemd_spec.rb +0 -25
data/spec/integration/provider/service/windows_spec.rb +0 -50
data/spec/integration/reference/providers_spec.rb +0 -21
data/spec/integration/reports_spec.rb +0 -13
data/spec/integration/ssl/certificate_request_spec.rb +0 -44
data/spec/integration/ssl/host_spec.rb +0 -72
data/spec/integration/ssl/key_spec.rb +0 -99
data/spec/integration/test/test_helper_spec.rb +0 -31
data/spec/shared_behaviours/file_serving_model.rb +0 -51
data/spec/unit/capability_spec.rb +0 -414
data/spec/unit/face/catalog_spec.rb +0 -6
data/spec/unit/face/key_spec.rb +0 -9
data/spec/unit/face/man_spec.rb +0 -25
data/spec/unit/face/module/search_spec.rb +0 -231
data/spec/unit/face/module_spec.rb +0 -3
data/spec/unit/face/status_spec.rb +0 -9
data/spec/unit/indirector/certificate/file_spec.rb +0 -14
data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
data/spec/unit/indirector/key/file_spec.rb +0 -79
data/spec/unit/indirector/ssl_file_spec.rb +0 -305
data/spec/unit/indirector/status/local_spec.rb +0 -10
data/spec/unit/indirector/status/rest_spec.rb +0 -50
data/spec/unit/man_spec.rb +0 -31
data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
data/spec/unit/network/auth_config_parser_spec.rb +0 -115
data/spec/unit/network/authstore_spec.rb +0 -422
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
data/spec/unit/network/http/compression_spec.rb +0 -240
data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
data/spec/unit/network/http_spec.rb +0 -9
data/spec/unit/network/rights_spec.rb +0 -439
data/spec/unit/parser/environment_compiler_spec.rb +0 -723
data/spec/unit/pops/types/enumeration_spec.rb +0 -51
data/spec/unit/resource/capability_finder_spec.rb +0 -143
data/spec/unit/rest/route_spec.rb +0 -132
data/spec/unit/ssl/host_spec.rb +0 -650
data/spec/unit/ssl/key_spec.rb +0 -173
data/spec/unit/ssl/validator_spec.rb +0 -278
data/spec/unit/status_spec.rb +0 -45
data/spec/unit/util/ssl_spec.rb +0 -91

@@ -1,7 +1,6 @@
 require 'puppet/ssl/openssl_loader'
 require 'puppet/ssl'
 require 'puppet/ssl/digest'
-require 'puppet/util/ssl'
 # The base class for wrapping SSL instances.
 class Puppet::SSL::Base
@@ -54,7 +53,9 @@ class Puppet::SSL::Base
   #
   # @return [String] the name (CN) extracted from the subject.
   def self.name_from_subject(subject)
-    Puppet::Util::SSL.cn_from_subject(subject)
+    if subject.respond_to? :to_a
+      (subject.to_a.assoc('CN') || [])[1]
+    end
   end
   # Create an instance of our Puppet::SSL::* class using a given instance of the wrapped class
@@ -82,15 +83,12 @@ class Puppet::SSL::Base
   # Read content from disk appropriately.
   def read(path)
     # applies to Puppet::SSL::Certificate, Puppet::SSL::CertificateRequest
-    # Puppet::SSL::Key uses this, but also provides its own override
     # nothing derives from Puppet::SSL::Certificate, but it is called by a number of other SSL Indirectors:
     # Puppet::Indirector::CertificateStatus::File (.indirection.find)
     # Puppet::Network::HTTP::WEBrick (.indirection.find)
     # Puppet::Network::HTTP::RackREST (.from_instance)
     # Puppet::Network::HTTP::WEBrickREST (.from_instance)
-    # Puppet::SSL::Host (.indirection.find)
     # Puppet::SSL::Inventory (.indirection.search, implements its own add / rebuild / serials with encoding UTF8)
-    # Puppet::SSL::Validator::DefaultValidator (.from_instance) / Puppet::SSL::Validator::NoValidator does nothing
     @content = wrapped_class.new(Puppet::FileSystem.read(path, :encoding => Encoding::ASCII))
   end

data/lib/puppet/ssl/certificate.rb CHANGED

@@ -11,12 +11,6 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
   # This is defined from the base class
   wraps OpenSSL::X509::Certificate
-  extend Puppet::Indirector
-  indirects :certificate, :terminus_class => :file, :doc => <<DOC
-    This indirection wraps an `OpenSSL::X509::Certificate` object, representing a certificate (signed public key).
-    The indirection key is the certificate CN (generally a hostname).
-DOC
   # Because of how the format handler class is included, this
   # can't be in the base class.
   def self.supported_formats

data/lib/puppet/ssl/certificate_request.rb CHANGED

@@ -28,13 +28,6 @@ require 'puppet/ssl/certificate_signer'
 class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
   wraps OpenSSL::X509::Request
-  extend Puppet::Indirector
-  indirects :certificate_request, :terminus_class => :file, :doc => <<DOC
-    This indirection wraps an `OpenSSL::X509::Request` object, representing a certificate signing request (CSR).
-    The indirection key is the certificate CN (generally a hostname).
-DOC
   # Because of how the format handler class is included, this
   # can't be in the base class.
   def self.supported_formats
@@ -47,8 +40,7 @@ DOC
   # Create a certificate request with our system settings.
   #
-  # @param key [OpenSSL::X509::Key, Puppet::SSL::Key] The key pair associated
-  #   with this CSR.
+  # @param key [OpenSSL::X509::Key] The private key associated with this CSR.
   # @param options [Hash]
   # @option options [String] :dns_alt_names A comma separated list of
   #   Subject Alternative Names to include in the CSR extension request.
@@ -64,9 +56,6 @@ DOC
   def generate(key, options = {})
     Puppet.info _("Creating a new SSL certificate request for %{name}") % { name: name }
-    # Support either an actual SSL key, or a Puppet key.
-    key = key.content if key.is_a?(Puppet::SSL::Key)
     # If we're a CSR for the CA, then use the real ca_name, rather than the
     # fake 'ca' name.  This is mostly for backward compatibility with 0.24.x,
     # but it's also just a good idea.

data/lib/puppet/ssl/certificate_signer.rb CHANGED

@@ -27,6 +27,12 @@ class Puppet::SSL::CertificateSigner
     @digest
   end
+  # Sign a certificate signing request (CSR) with a private key.
+  #
+  # @param [OpenSSL::X509::Request] content The CSR to sign
+  # @param [OpenSSL::X509::PKey] key The private key to sign with
+  #
+  # @api private
   def sign(content, key)
     content.sign(key, @digest.new)
   end

data/lib/puppet/ssl/oids.rb CHANGED

@@ -2,10 +2,11 @@ require 'puppet/ssl'
 # This module defines OIDs for use within Puppet.
 #
-# == ASN.1 Definition
+# # ASN.1 Definition
 #
 # The following is the formal definition of OIDs specified in this file.
 #
+# ```
 # puppetCertExtensions OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
 #    dod(6) internet(1) private(4) enterprise(1) 34380 1}
 #
@@ -22,6 +23,7 @@ require 'puppet/ssl'
 # pp_instance_id OBJECT IDENTIFIER ::= { registeredExtensions 2 }
 # pp_image_name OBJECT IDENTIFIER ::= { registeredExtensions 3 }
 # pp_preshared_key OBJECT IDENTIFIER ::= { registeredExtensions 4 }
+# ```
 #
 # @api private
 module Puppet::SSL::Oids

data/lib/puppet/ssl/ssl_context.rb CHANGED

@@ -22,9 +22,9 @@ module Puppet::SSL
     # This is an idiom to initialize a Struct from keyword
     # arguments. Ruby 2.5 introduced `keyword_init: true` for
     # that purpose, but we need to support older versions.
-    def initialize(**kwargs)
+    def initialize(kwargs = {})
       super({})
-      DEFAULTS.merge(kwargs).each { |k,v| self[k] = v }
+      DEFAULTS.merge(**kwargs).each { |k,v| self[k] = v }
     end
   end
 end

data/lib/puppet/ssl/ssl_provider.rb CHANGED

@@ -3,6 +3,23 @@ require 'puppet/ssl'
 # SSL Provider creates `SSLContext` objects that can be used to create
 # secure connections.
 #
+# @example To load an SSLContext from an existing private key and related certs/crls:
+#   ssl_context = provider.load_context
+#
+# @example To load an SSLContext from an existing password-protected private key and related certs/crls:
+#   ssl_context = provider.load_context(password: 'opensesame')
+#
+# @example To create an SSLContext from in-memory certs and keys:
+#   cacerts = [<OpenSSL::X509::Certificate>]
+#   crls = [<OpenSSL::X509::CRL>]
+#   key = <OpenSSL::X509::PKey>
+#   cert = <OpenSSL::X509::Certificate>
+#   ssl_context = provider.create_context(cacerts: cacerts, crls: crls, private_key: key, client_cert: cert)
+#
+# @example To create an SSLContext to connect to non-puppet HTTPS servers:
+#   cacerts = [<OpenSSL::X509::Certificate>]
+#   ssl_context = provider.create_root_context(cacerts: cacerts)
+#
 # @api private
 class Puppet::SSL::SSLProvider
   # Create an insecure `SSLContext`. Connections made from the returned context
@@ -46,13 +63,32 @@ class Puppet::SSL::SSLProvider
   # perform revocation checking.
   #
   # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
+  # @param path [String, nil] A file containing additional trusted CA certs.
   # @return [Puppet::SSL::SSLContext] A context to use to create connections
   # @raise (see #create_context)
   # @api private
-  def create_system_context(cacerts:)
+  def create_system_context(cacerts:, path: Puppet[:ssl_trust_store])
     store = create_x509_store(cacerts, [], false)
     store.set_default_paths
+    if path
+      stat = Puppet::FileSystem.stat(path)
+      if stat
+        if stat.ftype == 'file'
+          # don't add empty files as ruby/openssl will raise
+          if stat.size > 0
+            begin
+              store.add_file(path)
+            rescue => e
+              Puppet.err(_("Failed to add '%{path}' as a trusted CA file: %{detail}" % { path: path, detail: e.message }, e))
+            end
+          end
+        else
+          Puppet.warning(_("The 'ssl_trust_store' setting does not refer to a file and will be ignored: '%{path}'" % { path: path }))
+        end
+      end
+    end
     Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: [], revocation: false).freeze
   end

data/lib/puppet/ssl/state_machine.rb CHANGED

@@ -10,7 +10,7 @@ require 'puppet/util/pidlock'
 # certs. This way we're sure about which SSLContext is being used during any
 # phase of the bootstrapping process.
 #
-# @private
+# @api private
 class Puppet::SSL::StateMachine
   class SSLState
     attr_reader :ssl_context
@@ -405,6 +405,7 @@ class Puppet::SSL::StateMachine
   #
   # @return [Puppet::SSL::SSLContext] initialized SSLContext
   # @raise [Puppet::Error] If we fail to generate an SSLContext
+  # @api private
   def ensure_ca_certificates
     final_state = run_machine(NeedLock.new(self), NeedKey)
     final_state.ssl_context
@@ -414,6 +415,7 @@ class Puppet::SSL::StateMachine
   #
   # @return [Puppet::SSL::SSLContext] initialized SSLContext
   # @raise [Puppet::Error] If we fail to generate an SSLContext
+  # @api private
   def ensure_client_certificate
     final_state = run_machine(NeedLock.new(self), Done)
     ssl_context = final_state.ssl_context

data/lib/puppet/ssl/verifier.rb CHANGED

@@ -14,6 +14,7 @@ class Puppet::SSL::Verifier
   # @param hostname [String] FQDN of the server we're attempting to connect to
   # @param ssl_context [Puppet::SSL::SSLContext] ssl_context containing CA certs,
   #   CRLs, etc needed to verify the server's certificate chain
+  # @api private
   def initialize(hostname, ssl_context)
     @hostname = hostname
     @ssl_context = ssl_context
@@ -25,6 +26,7 @@ class Puppet::SSL::Verifier
   #
   # @param verifier [Puppet::SSL::Verifier] the verifier to compare against
   # @return [Boolean] return true if a cached connection can be used, false otherwise
+  # @api private
   def reusable?(verifier)
     verifier.instance_of?(self.class) &&
       verifier.ssl_context.object_id == @ssl_context.object_id

data/lib/puppet/test/test_helper.rb CHANGED

@@ -68,7 +68,14 @@ module Puppet::Test
     #  any individual tests.
     # @return nil
     def self.before_all_tests()
-      # Make sure that all of the setup is also done for any before(:all) blocks
+      # The process environment is a shared, persistent resource.
+      # Can't use Puppet.features.microsoft_windows? as it may be mocked out in a test.  This can cause test recurring test failures
+      if (!!File::ALT_SEPARATOR)
+        mode = :windows
+      else
+        mode = :posix
+      end
+      $old_env = Puppet::Util.get_environment(mode)
     end
     # Call this method once, at the end of a test run, when no more tests
@@ -113,20 +120,14 @@ module Puppet::Test
       indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
       indirections.each do |indirector|
         $saved_indirection_state[indirector.name] = {
-            :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
-            :@cache_class    => indirector.instance_variable_get(:@cache_class).value
+          :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
+          :@cache_class    => indirector.instance_variable_get(:@cache_class).value,
+          # dup the termini hash so termini created and registered during
+          # the test aren't stored in our saved_indirection_state
+          :@termini        => indirector.instance_variable_get(:@termini).dup
         }
       end
-      # The process environment is a shared, persistent resource.
-      # Can't use Puppet.features.microsoft_windows? as it may be mocked out in a test.  This can cause test recurring test failures
-      if (!!File::ALT_SEPARATOR)
-        mode = :windows
-      else
-        mode = :posix
-      end
-      $old_env = Puppet::Util.get_environment(mode)
       # So is the load_path
       $old_load_path = $LOAD_PATH.dup
@@ -146,9 +147,6 @@ module Puppet::Test
       Puppet::Application.clear!
       Puppet::Util::Profiler.clear
-      Puppet::SSL::Host.reset
-      Puppet::Rest::Routes.clear
       Puppet::Node::Facts.indirection.terminus_class = :memory
       facts = Puppet::Node::Facts.new(Puppet[:node_name_value])
       Puppet::Node::Facts.indirection.save(facts)
@@ -178,7 +176,11 @@ module Puppet::Test
       indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
       indirections.each do |indirector|
         $saved_indirection_state.fetch(indirector.name, {}).each do |variable, value|
-          indirector.instance_variable_get(variable).value = value
+          if variable == :@termini
+            indirector.instance_variable_set(variable, value)
+          else
+            indirector.instance_variable_get(variable).value = value
+          end
         end
       end
       $saved_indirection_state = nil
@@ -218,6 +220,7 @@ module Puppet::Test
       {
           :logdir     => "/dev/null",
           :confdir    => "/dev/null",
+          :publicdir  => "/dev/null",
           :codedir    => "/dev/null",
           :vardir     => "/dev/null",
           :rundir     => "/dev/null",

data/lib/puppet/transaction.rb CHANGED

@@ -202,7 +202,7 @@ class Puppet::Transaction
     # mark the end of transaction evaluate.
     report.transaction_completed = true
-    Puppet.debug "Finishing transaction #{object_id}"
+    Puppet.debug { "Finishing transaction #{object_id}" }
   end
   # Wraps application run state check to flag need to interrupt processing
@@ -373,19 +373,13 @@ class Puppet::Transaction
     type_name = provider_class.resource_type.name
     return if @prefetched_providers[type_name][provider_class.name] ||
       @prefetch_failed_providers[type_name][provider_class.name]
-    Puppet.debug "Prefetching #{provider_class.name} resources for #{type_name}"
+    Puppet.debug { "Prefetching #{provider_class.name} resources for #{type_name}" }
     begin
       provider_class.prefetch(resources)
-    rescue LoadError, Puppet::MissingCommand => detail
+    rescue LoadError, StandardError => detail
       #TRANSLATORS `prefetch` is a function name and should not be translated
       message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
       Puppet.log_exception(detail, message)
-    rescue StandardError => detail
-      message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
-      Puppet.log_exception(detail, message)
-      raise unless Puppet.settings[:future_features]
       @prefetch_failed_providers[type_name][provider_class.name] = true
     end
     @prefetched_providers[type_name][provider_class.name] = true

data/lib/puppet/transaction/persistence.rb CHANGED

@@ -62,7 +62,7 @@ class Puppet::Transaction::Persistence
     result = nil
     Puppet::Util.benchmark(:debug, _("Loaded transaction store file in %{seconds} seconds")) do
       begin
-        result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol])
+        result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol, Time])
       rescue Puppet::Util::Yaml::YamlLoadError => detail
         Puppet.log_exception(detail, _("Transaction store file %{filename} is corrupt (%{detail}); replacing") % { filename: filename, detail: detail })

data/lib/puppet/transaction/report.rb CHANGED

@@ -63,9 +63,9 @@ class Puppet::Transaction::Report
   # or 'on_failure'
   attr_accessor :cached_catalog_status
-  # Contains the name and port of the master that was successfully contacted
+  # Contains the name and port of the server that was successfully contacted
   # @return [String] a string of the format 'servername:port'
-  attr_accessor :master_used
+  attr_accessor :server_used
   # The host name for which the report is generated
   # @return [String] the host name
@@ -122,7 +122,7 @@ class Puppet::Transaction::Report
   # @!attribute [r] corrective_change
   #   @return [Boolean] true if the report contains any events and resources that had
-  #      corrective changes.
+  #      corrective changes, including noop corrective changes.
   attr_reader :corrective_change
   # @return [Boolean] true if one or more resources attempted to generate
@@ -224,7 +224,7 @@ class Puppet::Transaction::Report
     @external_times ||= {}
     @host = Puppet[:node_name_value]
     @time = start_time
-    @report_format = 10
+    @report_format = 12
     @puppet_version = Puppet.version
     @configuration_version = configuration_version
     @transaction_uuid = transaction_uuid
@@ -232,7 +232,7 @@ class Puppet::Transaction::Report
     @job_id = job_id
     @catalog_uuid = nil
     @cached_catalog_status = nil
-    @master_used = nil
+    @server_used = nil
     @environment = environment
     @status = 'failed' # assume failed until the report is finalized
     @noop = Puppet[:noop]
@@ -256,8 +256,10 @@ class Puppet::Transaction::Report
     @time = data['time']
     @corrective_change = data['corrective_change']
-    if data['master_used']
-      @master_used = data['master_used']
+    if data['server_used']
+      @server_used = data['server_used']
+    elsif data['master_used']
+      @server_used = data['master_used']
     end
     if data['catalog_uuid']
@@ -322,7 +324,7 @@ class Puppet::Transaction::Report
     }
     # The following is include only when set
-    hash['master_used'] = @master_used unless @master_used.nil?
+    hash['server_used'] = @server_used unless @server_used.nil?
     hash['catalog_uuid'] = @catalog_uuid unless @catalog_uuid.nil?
     hash['code_id'] = @code_id unless @code_id.nil?
     hash['job_id'] = @job_id unless @job_id.nil?

data/lib/puppet/trusted_external.rb CHANGED

@@ -3,11 +3,39 @@ module Puppet::TrustedExternal
   def retrieve(certname)
     command = Puppet[:trusted_external_command]
     return nil unless command
+    Puppet.debug { _("Retrieving trusted external data from %{command}") % {command: command} }
+    setting_type = Puppet.settings.setting(:trusted_external_command).type
+    if setting_type == :file
+      return fetch_data(command, certname)
+    end
+    # command is a directory. Thus, data is a hash of <basename> => <data> for
+    # each executable file in command. For example, if the files 'servicenow.rb',
+    # 'unicorn.sh' are in command, then data is the following hash:
+    #   { 'servicenow' => <servicenow.rb output>, 'unicorn' => <unicorn.sh output> }
+    data = {}
+    Puppet::FileSystem.children(command).each do |file|
+      abs_path = Puppet::FileSystem.expand_path(file)
+      executable_file = Puppet::FileSystem.file?(abs_path) && Puppet::FileSystem.executable?(abs_path)
+      unless executable_file
+        Puppet.debug { _("Skipping non-executable file %{file}")  % { file: abs_path } }
+        next
+      end
+      basename = file.basename(file.extname).to_s
+      unless data[basename].nil?
+        raise Puppet::Error, _("There is more than one '%{basename}' script in %{dir}") % { basename: basename, dir: command }
+      end
+      data[basename] = fetch_data(abs_path, certname)
+    end
+    data
+  end
+  module_function :retrieve
+  def fetch_data(command, certname)
     result = Puppet::Util::Execution.execute([command, certname], {
       :combine => false,
       :failonfail => true,
     })
     JSON.parse(result)
   end
-  module_function :retrieve
+  module_function :fetch_data
 end

data/lib/puppet/type.rb CHANGED

@@ -114,25 +114,6 @@ class Type
     attr_reader :properties
   end
-  # Allow declaring that a type is actually a capability
-  class << self
-    attr_accessor :is_capability
-    def is_capability?
-      c = is_capability
-      c.nil? ? false : c
-    end
-  end
-  # Returns whether this type represents an application instance; since
-  # only defined types, i.e., instances of Puppet::Resource::Type can
-  # represent application instances, this implementation always returns
-  # +false+. Having this method though makes code checking whether a
-  # resource is an application instance simpler
-  def self.application?
-      false
-  end
   # Returns all the attribute names of the type in the appropriate order.
   # The {key_attributes} come first, then the {provider}, then the {properties}, and finally
   # the {parameters} and {metaparams},
@@ -749,7 +730,7 @@ class Type
   # @param options [Hash] options merged with a fixed set of options defined by this method, passed on to {Puppet::Transaction::Event}.
   # @return [Puppet::Transaction::Event] the created event
   def event(options = {})
-    Puppet::Transaction::Event.new({:resource => self, :file => file, :line => line, :tags => tags}.merge(options))
+    Puppet::Transaction::Event.new(**{:resource => self, :file => file, :line => line, :tags => tags}.merge(options))
   end
   # @return [Object, nil] Returns the 'should' (wanted state) value for a specified property, or nil if the
@@ -1205,15 +1186,17 @@ class Type
       provider.instances.collect do |instance|
         # We always want to use the "first" provider instance we find, unless the resource
         # is already managed and has a different provider set
-        other = provider_instances[instance.name]
+        title = instance.respond_to?(:title) ? instance.title : instance.name
+        other = provider_instances[title]
         if other
-          Puppet.debug "%s %s found in both %s and %s; skipping the %s version" %
-            [self.name.to_s.capitalize, instance.name, other.class.name, instance.class.name, instance.class.name]
+          Puppet.debug {
+            "%s %s found in both %s and %s; skipping the %s version" % [self.name.to_s.capitalize, title, other.class.name, instance.class.name, instance.class.name]
+          }
           next
         end
-        provider_instances[instance.name] = instance
+        provider_instances[title] = instance
-        result = new(:name => instance.name, :provider => instance)
+        result = new(:name => instance.name, :provider => instance, :title => title)
         properties.each { |name| result.newattr(name) }
         result
       end
@@ -1714,57 +1697,6 @@ class Type
     }
   end
-  newmetaparam(:export, :parent => RelationshipMetaparam, :attributes => {:direction => :out, :events => :NONE}) do
-          desc <<EOS
-Export a capability resource.
-The value of this parameter must be a reference to a capability resource,
-or an array of such references. Each capability resource referenced here
-will be instantiated in the node catalog and exported to consumers of this
-resource. The title of the capability resource will be the title given in
-the reference, and all other attributes of the resource will be filled
-according to the corresponding produces statement.
-It is an error if this metaparameter references resources whose type is not
-a capability type, or of there is no produces clause for the type of the
-current resource and the capability resource mentioned in this parameter.
-For example:
-define web(..) { .. }
-Web produces Http { .. }
-web { server:
-  export => Http[main_server]
-}
-EOS
-  end
-  newmetaparam(:consume, :parent => RelationshipMetaparam, :attributes => {:direction => :in, :events => :NONE}) do
-          desc <<EOS
-Consume a capability resource.
-The value of this parameter must be a reference to a capability resource,
-or an array of such references. Each capability resource referenced here
-must have been exported by another resource in the same environment.
-The referenced capability resources will be looked up, added to the
-current node catalog, and processed following the underlying consumes
-clause.
-It is an error if this metaparameter references resources whose type is not
-a capability type, or of there is no consumes clause for the type of the
-current resource and the capability resource mentioned in this parameter.
-For example:
-define web(..) { .. }
-Web consumes Sql { .. }
-web { server:
-  consume => Sql[my_db]
-}
-EOS
-end
   ###############################
   # All of the provider plumbing for the resource types.
   require 'puppet/provider'
@@ -1888,7 +1820,7 @@ end
     name = name.intern
     if unprovide(name)
-      Puppet.debug "Reloading #{name} #{self.name} provider"
+      Puppet.debug { "Reloading #{name} #{self.name} provider" }
     end
     pname = options[:parent]