puppet 6.16.0-x86-mingw32 → 7.0.0-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +5 -3
- data/Gemfile.lock +31 -33
- data/README.md +4 -5
- data/Rakefile +4 -12
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/project_data.yaml +1 -14
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +11 -20
- data/lib/puppet/agent.rb +2 -2
- data/lib/puppet/agent/locker.rb +0 -7
- data/lib/puppet/application.rb +172 -98
- data/lib/puppet/application/agent.rb +22 -6
- data/lib/puppet/application/apply.rb +18 -20
- data/lib/puppet/application/device.rb +100 -104
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +15 -11
- data/lib/puppet/application/lookup.rb +16 -4
- data/lib/puppet/application/ssl.rb +1 -1
- data/lib/puppet/configurer.rb +66 -31
- data/lib/puppet/configurer/downloader.rb +31 -10
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/confine.rb +2 -2
- data/lib/puppet/confine/any.rb +1 -1
- data/lib/puppet/defaults.rb +166 -169
- data/lib/puppet/environments.rb +41 -15
- data/lib/puppet/face/catalog.rb +1 -1
- data/lib/puppet/face/config.rb +56 -16
- data/lib/puppet/face/epp.rb +12 -2
- data/lib/puppet/face/facts.rb +66 -6
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/node.rb +3 -3
- data/lib/puppet/face/node/clean.rb +2 -2
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/feature/base.rb +1 -1
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_bucket/dipper.rb +1 -1
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/http_metadata.rb +13 -1
- data/lib/puppet/file_serving/metadata.rb +4 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_serving/mount/locales.rb +1 -2
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
- data/lib/puppet/file_serving/mount/plugins.rb +1 -2
- data/lib/puppet/file_serving/terminus_selector.rb +7 -8
- data/lib/puppet/file_system/file_impl.rb +4 -4
- data/lib/puppet/file_system/uniquefile.rb +8 -16
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/repository.rb +3 -8
- data/lib/puppet/functions/epp.rb +1 -0
- data/lib/puppet/functions/inline_epp.rb +1 -0
- data/lib/puppet/functions/lstrip.rb +4 -4
- data/lib/puppet/functions/new.rb +8 -3
- data/lib/puppet/functions/reverse_each.rb +1 -1
- data/lib/puppet/functions/rstrip.rb +4 -4
- data/lib/puppet/functions/step.rb +1 -1
- data/lib/puppet/functions/strip.rb +4 -4
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/gettext/config.rb +5 -5
- data/lib/puppet/gettext/module_translations.rb +4 -4
- data/lib/puppet/http.rb +23 -13
- data/lib/puppet/http/client.rb +170 -115
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -11
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +13 -19
- data/lib/puppet/http/resolver.rb +10 -23
- data/lib/puppet/http/resolver/server_list.rb +23 -45
- data/lib/puppet/http/resolver/settings.rb +7 -10
- data/lib/puppet/http/resolver/srv.rb +11 -15
- data/lib/puppet/http/response.rb +49 -48
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +15 -27
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +23 -70
- data/lib/puppet/http/service/file_server.rb +19 -28
- data/lib/puppet/http/service/puppetserver.rb +53 -0
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +16 -24
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector.rb +1 -1
- data/lib/puppet/indirector/catalog/compiler.rb +1 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/exec.rb +1 -1
- data/lib/puppet/indirector/fact_search.rb +60 -0
- data/lib/puppet/indirector/facts/facter.rb +27 -6
- data/lib/puppet/indirector/facts/json.rb +27 -0
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/facts/yaml.rb +4 -59
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +3 -7
- data/lib/puppet/indirector/file_metadata/http.rb +25 -5
- data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/hiera.rb +4 -0
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/json.rb +5 -1
- data/lib/puppet/indirector/msgpack.rb +1 -1
- data/lib/puppet/indirector/node/json.rb +8 -0
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/json.rb +34 -0
- data/lib/puppet/indirector/report/processor.rb +2 -2
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +2 -103
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/indirector/yaml.rb +1 -1
- data/lib/puppet/module.rb +1 -2
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/format_support.rb +2 -2
- data/lib/puppet/network/formats.rb +2 -1
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http/route.rb +2 -2
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/node/environment.rb +12 -5
- data/lib/puppet/node/facts.rb +17 -0
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +93 -14
- data/lib/puppet/parameter.rb +1 -1
- data/lib/puppet/parser/ast/leaf.rb +5 -5
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
- data/lib/puppet/parser/compiler.rb +1 -199
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions.rb +21 -17
- data/lib/puppet/parser/functions/create_resources.rb +11 -7
- data/lib/puppet/parser/resource.rb +3 -71
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/parser/type_loader.rb +2 -2
- data/lib/puppet/pops/adaptable.rb +7 -13
- data/lib/puppet/pops/adapters.rb +8 -4
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
- data/lib/puppet/pops/loaders.rb +18 -11
- data/lib/puppet/pops/lookup/context.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
- data/lib/puppet/pops/types/iterable.rb +34 -8
- data/lib/puppet/pops/types/p_meta_type.rb +1 -1
- data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +28 -42
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/file/windows.rb +1 -1
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +34 -0
- data/lib/puppet/provider/package/aptitude.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -11
- data/lib/puppet/provider/package/gem.rb +27 -5
- data/lib/puppet/provider/package/pip.rb +0 -1
- data/lib/puppet/provider/package/pip2.rb +17 -0
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +6 -4
- data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
- data/lib/puppet/provider/package/yum.rb +2 -1
- data/lib/puppet/provider/package/zypper.rb +3 -0
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/windows.rb +23 -7
- data/lib/puppet/provider/user/aix.rb +1 -1
- data/lib/puppet/provider/user/directoryservice.rb +0 -10
- data/lib/puppet/provider/user/user_role_add.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +11 -4
- data/lib/puppet/provider/user/windows_adsi.rb +18 -1
- data/lib/puppet/reference/configuration.rb +2 -0
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reports/http.rb +2 -0
- data/lib/puppet/resource.rb +3 -90
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +5 -112
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +84 -35
- data/lib/puppet/settings/base_setting.rb +26 -2
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_context.rb +2 -2
- data/lib/puppet/ssl/ssl_provider.rb +37 -1
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +19 -16
- data/lib/puppet/transaction.rb +3 -9
- data/lib/puppet/transaction/persistence.rb +1 -1
- data/lib/puppet/transaction/report.rb +10 -8
- data/lib/puppet/trusted_external.rb +29 -1
- data/lib/puppet/type.rb +9 -77
- data/lib/puppet/type/file.rb +45 -22
- data/lib/puppet/type/file/checksum.rb +5 -5
- data/lib/puppet/type/file/source.rb +33 -13
- data/lib/puppet/type/filebucket.rb +4 -4
- data/lib/puppet/type/notify.rb +2 -2
- data/lib/puppet/type/package.rb +5 -13
- data/lib/puppet/type/service.rb +53 -0
- data/lib/puppet/type/user.rb +18 -3
- data/lib/puppet/util.rb +41 -3
- data/lib/puppet/util/autoload.rb +9 -7
- data/lib/puppet/util/character_encoding.rb +9 -5
- data/lib/puppet/util/checksums.rb +19 -4
- data/lib/puppet/util/execution.rb +2 -13
- data/lib/puppet/util/fileparsing.rb +2 -2
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -46
- data/lib/puppet/util/provider_features.rb +1 -1
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/rubygems.rb +5 -1
- data/lib/puppet/util/run_mode.rb +14 -2
- data/lib/puppet/util/windows.rb +3 -7
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +5 -15
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/registry.rb +11 -11
- data/lib/puppet/util/windows/security.rb +4 -4
- data/lib/puppet/util/windows/service.rb +52 -486
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/windows/user.rb +242 -8
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +713 -1380
- data/man/man5/puppet.conf.5 +84 -98
- data/man/man8/puppet-agent.8 +7 -4
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +6 -6
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +55 -9
- data/man/man8/puppet-filebucket.8 +6 -6
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +2 -2
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +7 -4
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +4 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
- data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
- data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
- data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
- data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/integration/application/agent_spec.rb +157 -59
- data/spec/integration/application/apply_spec.rb +150 -150
- data/spec/integration/application/doc_spec.rb +16 -6
- data/spec/integration/application/filebucket_spec.rb +78 -29
- data/spec/integration/application/help_spec.rb +44 -0
- data/spec/integration/application/lookup_spec.rb +13 -0
- data/spec/integration/application/module_spec.rb +68 -0
- data/spec/integration/application/plugin_spec.rb +76 -4
- data/spec/integration/configurer_spec.rb +14 -0
- data/spec/integration/data_binding_spec.rb +82 -0
- data/spec/integration/defaults_spec.rb +33 -5
- data/spec/integration/directory_environments_spec.rb +17 -17
- data/spec/integration/environments/setting_hooks_spec.rb +1 -1
- data/spec/integration/indirector/facts/facter_spec.rb +8 -6
- data/spec/integration/network/http_pool_spec.rb +29 -30
- data/spec/integration/node/environment_spec.rb +1 -1
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/type/file_spec.rb +6 -5
- data/spec/integration/util/execution_spec.rb +22 -0
- data/spec/integration/util/windows/adsi_spec.rb +2 -2
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/process_spec.rb +26 -32
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/integration/util/windows/user_spec.rb +47 -5
- data/spec/integration/util_spec.rb +7 -33
- data/spec/lib/puppet_spec/matchers.rb +0 -80
- data/spec/lib/puppet_spec/puppetserver.rb +9 -1
- data/spec/lib/puppet_spec/settings.rb +7 -1
- data/spec/shared_contexts/types_setup.rb +2 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/unit/agent_spec.rb +0 -2
- data/spec/unit/application/agent_spec.rb +3 -4
- data/spec/unit/application/config_spec.rb +224 -4
- data/spec/unit/application/doc_spec.rb +2 -2
- data/spec/unit/application/face_base_spec.rb +6 -4
- data/spec/unit/application/facts_spec.rb +74 -8
- data/spec/unit/application/filebucket_spec.rb +41 -39
- data/spec/unit/application/resource_spec.rb +3 -1
- data/spec/unit/application/ssl_spec.rb +17 -4
- data/spec/unit/application_spec.rb +9 -4
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +14 -0
- data/spec/unit/configurer/fact_handler_spec.rb +4 -4
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +96 -44
- data/spec/unit/confine_spec.rb +2 -1
- data/spec/unit/context/trusted_information_spec.rb +12 -10
- data/spec/unit/defaults_spec.rb +77 -28
- data/spec/unit/environments_spec.rb +96 -32
- data/spec/unit/face/config_spec.rb +65 -12
- data/spec/unit/face/facts_spec.rb +4 -0
- data/spec/unit/face/node_spec.rb +2 -2
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
- data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
- data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
- data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
- data/spec/unit/file_system/uniquefile_spec.rb +18 -0
- data/spec/unit/file_system_spec.rb +1 -2
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/inline_epp_spec.rb +26 -1
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/http/client_spec.rb +71 -17
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +34 -15
- data/spec/unit/http/response_spec.rb +6 -0
- data/spec/unit/http/service/ca_spec.rb +2 -3
- data/spec/unit/http/service/compiler_spec.rb +51 -65
- data/spec/unit/http/service/file_server_spec.rb +5 -6
- data/spec/unit/http/service/puppetserver_spec.rb +112 -0
- data/spec/unit/http/service/report_spec.rb +2 -3
- data/spec/unit/http/service_spec.rb +1 -3
- data/spec/unit/http/session_spec.rb +24 -35
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/json_spec.rb +1 -1
- data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
- data/spec/unit/indirector/facts/facter_spec.rb +97 -0
- data/spec/unit/indirector/facts/json_spec.rb +255 -0
- data/spec/unit/indirector/facts/rest_spec.rb +1 -1
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/json_spec.rb +8 -8
- data/spec/unit/indirector/msgpack_spec.rb +8 -8
- data/spec/unit/indirector/node/json_spec.rb +33 -0
- data/spec/unit/indirector/node/rest_spec.rb +1 -1
- data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/report/yaml_spec.rb +72 -8
- data/spec/unit/indirector/request_spec.rb +3 -267
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector/yaml_spec.rb +7 -7
- data/spec/unit/interface_spec.rb +3 -3
- data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
- data/spec/unit/network/authconfig_spec.rb +2 -132
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/format_support_spec.rb +3 -2
- data/spec/unit/network/formats_spec.rb +4 -4
- data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
- data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +61 -73
- data/spec/unit/network/http/handler_spec.rb +0 -6
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +51 -22
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/scope_spec.rb +1 -1
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
- data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
- data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/provider/exec_spec.rb +4 -3
- data/spec/unit/provider/nameservice_spec.rb +0 -57
- data/spec/unit/provider/package/apt_spec.rb +77 -0
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/dpkg_spec.rb +22 -55
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/openbsd_spec.rb +2 -0
- data/spec/unit/provider/package/pip2_spec.rb +36 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
- data/spec/unit/provider/package/yum_spec.rb +31 -0
- data/spec/unit/provider/package/zypper_spec.rb +14 -0
- data/spec/unit/provider/service/base_spec.rb +2 -4
- data/spec/unit/provider/service/bsd_spec.rb +5 -1
- data/spec/unit/provider/service/daemontools_spec.rb +1 -1
- data/spec/unit/provider/service/debian_spec.rb +3 -5
- data/spec/unit/provider/service/freebsd_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_spec.rb +4 -5
- data/spec/unit/provider/service/init_spec.rb +45 -5
- data/spec/unit/provider/service/launchd_spec.rb +5 -6
- data/spec/unit/provider/service/openrc_spec.rb +4 -5
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/redhat_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +2 -1
- data/spec/unit/provider/service/smf_spec.rb +402 -166
- data/spec/unit/provider/service/src_spec.rb +3 -5
- data/spec/unit/provider/service/systemd_spec.rb +3 -6
- data/spec/unit/provider/service/upstart_spec.rb +4 -5
- data/spec/unit/provider/service/windows_spec.rb +50 -15
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/useradd_spec.rb +22 -16
- data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
- data/spec/unit/provider_spec.rb +0 -12
- data/spec/unit/puppet_pal_2pec.rb +40 -0
- data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
- data/spec/unit/reports/store_spec.rb +17 -13
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource_spec.rb +3 -59
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +586 -239
- data/spec/unit/ssl/base_spec.rb +36 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
- data/spec/unit/ssl/state_machine_spec.rb +0 -1
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction/persistence_spec.rb +15 -0
- data/spec/unit/transaction/report_spec.rb +3 -3
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +45 -79
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +1 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +134 -102
- data/spec/unit/type/filebucket_spec.rb +1 -1
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/service_spec.rb +209 -0
- data/spec/unit/type/user_spec.rb +31 -2
- data/spec/unit/type_spec.rb +70 -0
- data/spec/unit/util/backups_spec.rb +0 -2
- data/spec/unit/util/character_encoding_spec.rb +4 -4
- data/spec/unit/util/checksums_spec.rb +16 -0
- data/spec/unit/util/command_line_spec.rb +11 -6
- data/spec/unit/util/execution_spec.rb +0 -29
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/rubygems_spec.rb +2 -2
- data/spec/unit/util/run_mode_spec.rb +27 -127
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +4 -4
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +3 -21
- data/spec/unit/x509/cert_provider_spec.rb +1 -1
- metadata +76 -270
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -182
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
- data/lib/puppet/parser/environment_compiler.rb +0 -199
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -282
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/integration/faces/config_spec.rb +0 -91
- data/spec/integration/faces/documentation_spec.rb +0 -57
- data/spec/integration/file_bucket/file_spec.rb +0 -50
- data/spec/integration/file_serving/content_spec.rb +0 -7
- data/spec/integration/file_serving/fileset_spec.rb +0 -12
- data/spec/integration/file_serving/metadata_spec.rb +0 -8
- data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
- data/spec/integration/file_system/uniquefile_spec.rb +0 -26
- data/spec/integration/module_tool/forge_spec.rb +0 -51
- data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/provider/service/init_spec.rb +0 -48
- data/spec/integration/provider/service/systemd_spec.rb +0 -25
- data/spec/integration/provider/service/windows_spec.rb +0 -50
- data/spec/integration/reference/providers_spec.rb +0 -21
- data/spec/integration/reports_spec.rb +0 -13
- data/spec/integration/ssl/certificate_request_spec.rb +0 -44
- data/spec/integration/ssl/host_spec.rb +0 -72
- data/spec/integration/ssl/key_spec.rb +0 -99
- data/spec/integration/test/test_helper_spec.rb +0 -31
- data/spec/shared_behaviours/file_serving_model.rb +0 -51
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/catalog_spec.rb +0 -6
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/man_spec.rb +0 -25
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/module_spec.rb +0 -3
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -79
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/man_spec.rb +0 -31
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -723
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -143
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -650
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
data/conf/auth.conf
DELETED
@@ -1,150 +0,0 @@
|
|
1
|
-
# This is the default auth.conf file, which implements the default rules
|
2
|
-
# used by the puppet master. (That is, the rules below will still apply
|
3
|
-
# even if this file is deleted.)
|
4
|
-
#
|
5
|
-
# The ACLs are evaluated in top-down order. More specific stanzas should
|
6
|
-
# be towards the top of the file and more general ones at the bottom;
|
7
|
-
# otherwise, the general rules may "steal" requests that should be
|
8
|
-
# governed by the specific rules.
|
9
|
-
#
|
10
|
-
# See https://puppet.com/docs/puppet/latest/config_file_auth.html
|
11
|
-
# for a more complete description of auth.conf's behavior.
|
12
|
-
#
|
13
|
-
# Supported syntax:
|
14
|
-
# Each stanza in auth.conf starts with a path to match, followed
|
15
|
-
# by optional modifiers, and finally, a series of allow or deny
|
16
|
-
# directives.
|
17
|
-
#
|
18
|
-
# Example Stanza
|
19
|
-
# ---------------------------------
|
20
|
-
# path /path/to/resource # simple prefix match
|
21
|
-
# # path ~ regex # alternately, regex match
|
22
|
-
# [environment envlist]
|
23
|
-
# [method methodlist]
|
24
|
-
# [auth[enthicated] {yes|no|on|off|any}]
|
25
|
-
# allow [host|backreference|*|regex]
|
26
|
-
# deny [host|backreference|*|regex]
|
27
|
-
# allow_ip [ip|cidr|ip_wildcard|*]
|
28
|
-
# deny_ip [ip|cidr|ip_wildcard|*]
|
29
|
-
#
|
30
|
-
# The path match can either be a simple prefix match or a regular
|
31
|
-
# expression. `path /file` would match both `/file_metadata` and
|
32
|
-
# `/file_content`. Regex matches allow the use of backreferences
|
33
|
-
# in the allow/deny directives.
|
34
|
-
#
|
35
|
-
# The regex syntax is the same as for Ruby regex, and captures backreferences
|
36
|
-
# for use in the `allow` and `deny` lines of that stanza
|
37
|
-
#
|
38
|
-
# Examples:
|
39
|
-
#
|
40
|
-
# path ~ ^/puppet/v3/path/to/resource # Equivalent to `path /puppet/v3/path/to/resource`.
|
41
|
-
# allow * # Allow all authenticated nodes (since auth
|
42
|
-
# # defaults to `yes`).
|
43
|
-
#
|
44
|
-
# path ~ ^/puppet/v3/catalog/([^/]+)$ # Permit nodes to access their own catalog (by
|
45
|
-
# allow $1 # certname), but not any other node's catalog.
|
46
|
-
#
|
47
|
-
# path ~ ^/puppet/v3/file_(metadata|content)/extra_files/ # Only allow certain nodes to
|
48
|
-
# auth yes # access the "extra_files"
|
49
|
-
# allow /^(.+)\.example\.com$/ # mount point; note this must
|
50
|
-
# allow_ip 192.168.100.0/24 # go ABOVE the "/file" rule,
|
51
|
-
# # since it is more specific.
|
52
|
-
#
|
53
|
-
# environment:: restrict an ACL to a comma-separated list of environments
|
54
|
-
# method:: restrict an ACL to a comma-separated list of HTTP methods
|
55
|
-
# auth:: restrict an ACL to an authenticated or unauthenticated request
|
56
|
-
# the default when unspecified is to restrict the ACL to authenticated requests
|
57
|
-
# (ie exactly as if auth yes was present).
|
58
|
-
#
|
59
|
-
|
60
|
-
# CONTROLLING FILE ACCESS (previously in fileserver.conf)
|
61
|
-
|
62
|
-
# In previous versions of Puppet, you controlled file access by adding
|
63
|
-
# rules to fileserver.conf. In Puppet 5 with Puppet Server, you can control
|
64
|
-
# file access in auth.conf by controlling the /file_metadata(s)/<mount point>,
|
65
|
-
# /file_content(s)/<mount point>, and /static_file_content/<file> paths. See the
|
66
|
-
# Puppet Server documentation at
|
67
|
-
# https://puppet.com/docs/puppetserver/latest/config_file_auth.html.
|
68
|
-
#
|
69
|
-
# If you are not using Puppet Server, or are using Puppet Server but with the
|
70
|
-
# "jruby-puppet.use-legacy-auth-conf" setting set to "true", you could set the
|
71
|
-
# desired file access in a new rule in this file. For example:
|
72
|
-
#
|
73
|
-
# path ~ ^/file_(metadata|content)s?/extra_files/
|
74
|
-
# auth yes
|
75
|
-
# allow /^(.+)\.example\.com$/
|
76
|
-
# allow_ip 192.168.100.0/24
|
77
|
-
#
|
78
|
-
# If added to auth.conf BEFORE the default "path /file" rule, this rule
|
79
|
-
# will add stricter restrictions to the extra_files mount point.
|
80
|
-
|
81
|
-
### Authenticated ACLs - these rules apply only when the client
|
82
|
-
### has a valid certificate and is thus authenticated
|
83
|
-
|
84
|
-
path /puppet/v3/environments
|
85
|
-
method find
|
86
|
-
allow *
|
87
|
-
|
88
|
-
# allow nodes to retrieve their own catalog
|
89
|
-
path ~ ^/puppet/v3/catalog/([^/]+)$
|
90
|
-
method find
|
91
|
-
allow $1
|
92
|
-
|
93
|
-
# allow nodes to retrieve their own node definition
|
94
|
-
path ~ ^/puppet/v3/node/([^/]+)$
|
95
|
-
method find
|
96
|
-
allow $1
|
97
|
-
|
98
|
-
# allow all nodes to store their own reports
|
99
|
-
path ~ ^/puppet/v3/report/([^/]+)$
|
100
|
-
method save
|
101
|
-
allow $1
|
102
|
-
|
103
|
-
# allow all nodes to update their own facts
|
104
|
-
path ~ ^/puppet/v3/facts/([^/]+)$
|
105
|
-
method save
|
106
|
-
allow $1
|
107
|
-
|
108
|
-
# Allow all nodes to access all file services; this is necessary for
|
109
|
-
# pluginsync, file serving from modules, and file serving from custom
|
110
|
-
# mount points (see fileserver.conf). Note that the `/file` prefix matches
|
111
|
-
# requests to both the file_metadata and file_content paths. See "Examples"
|
112
|
-
# above if you need more granular access control for custom mount points.
|
113
|
-
path /puppet/v3/file
|
114
|
-
allow *
|
115
|
-
|
116
|
-
path /puppet/v3/status
|
117
|
-
method find
|
118
|
-
allow *
|
119
|
-
|
120
|
-
# allow all nodes to access the certificates services
|
121
|
-
path /puppet-ca/v1/certificate_revocation_list/ca
|
122
|
-
method find
|
123
|
-
allow *
|
124
|
-
|
125
|
-
### Unauthenticated ACLs, for clients without valid certificates; authenticated
|
126
|
-
### clients can also access these paths, though they rarely need to.
|
127
|
-
|
128
|
-
# allow access to the CA certificate; unauthenticated nodes need this
|
129
|
-
# in order to validate the puppet master's certificate
|
130
|
-
path /puppet-ca/v1/certificate/ca
|
131
|
-
auth any
|
132
|
-
method find
|
133
|
-
allow *
|
134
|
-
|
135
|
-
# allow nodes to retrieve the certificate they requested earlier
|
136
|
-
path /puppet-ca/v1/certificate/
|
137
|
-
auth any
|
138
|
-
method find
|
139
|
-
allow *
|
140
|
-
|
141
|
-
# allow nodes to request a new certificate
|
142
|
-
path /puppet-ca/v1/certificate_request
|
143
|
-
auth any
|
144
|
-
method find, save
|
145
|
-
allow *
|
146
|
-
|
147
|
-
# deny everything else; this ACL is not strictly necessary, but
|
148
|
-
# illustrates the default policy.
|
149
|
-
path /
|
150
|
-
auth any
|
@@ -1,76 +0,0 @@
|
|
1
|
-
require 'puppet/application'
|
2
|
-
|
3
|
-
class Puppet::Application::Cert < Puppet::Application
|
4
|
-
|
5
|
-
def summary
|
6
|
-
_("Manage certificates and requests (Disabled)")
|
7
|
-
end
|
8
|
-
|
9
|
-
def help
|
10
|
-
<<-HELP
|
11
|
-
This command is no longer functional, please use `puppetserver ca` instead.
|
12
|
-
|
13
|
-
puppet-cert(8) -- #{summary}
|
14
|
-
========
|
15
|
-
|
16
|
-
ACTIONS
|
17
|
-
-------
|
18
|
-
Every action except 'list' and 'generate' requires a hostname to act on,
|
19
|
-
unless the '--all' option is set.
|
20
|
-
|
21
|
-
* clean:
|
22
|
-
Use `puppetserver ca clean --certname NAME[,NAME...]`
|
23
|
-
|
24
|
-
* fingerprint:
|
25
|
-
Use openssl directly:
|
26
|
-
`openssl x509 -noout -fingerprint -<digest> -inform pem -in certificate.crt`
|
27
|
-
|
28
|
-
* generate:
|
29
|
-
Use `puppetserver ca generate --certname NAME[,NAME...]`
|
30
|
-
|
31
|
-
* list:
|
32
|
-
Use `puppetserver ca list [--all]`
|
33
|
-
|
34
|
-
* print:
|
35
|
-
Use openssl directly:
|
36
|
-
`openssl x509 -noout -text -in certificate.pem`
|
37
|
-
|
38
|
-
* revoke:
|
39
|
-
Use `puppetserver ca revoke --certname NAME[,NAME...]`
|
40
|
-
|
41
|
-
* sign:
|
42
|
-
Use `puppetserver ca sign --certname NAME[,NAME...]`
|
43
|
-
|
44
|
-
* verify:
|
45
|
-
Use `puppet ssl verify [--certname NAME]`
|
46
|
-
|
47
|
-
* reinventory:
|
48
|
-
Removed.
|
49
|
-
|
50
|
-
OPTIONS
|
51
|
-
-------
|
52
|
-
There are a couple important notes about previously-supported options.
|
53
|
-
|
54
|
-
* --allow-dns-alt-names:
|
55
|
-
In order to sign certificates with subject alternative names using
|
56
|
-
`puppetserver ca sign`, the `allow-subject-alt-names` setting must be
|
57
|
-
set to true in the `certificate-authority` section of Puppet Server's
|
58
|
-
config.
|
59
|
-
|
60
|
-
* --allow-authorization-extensions:
|
61
|
-
In order to sign certificates with authorization extensions using
|
62
|
-
`puppetserver ca sign`, the `allow-authorization-extensions` setting must be
|
63
|
-
set to true in the `certificate-authority` section of Puppet Server's
|
64
|
-
config.
|
65
|
-
HELP
|
66
|
-
end
|
67
|
-
|
68
|
-
def setup
|
69
|
-
deprecate
|
70
|
-
end
|
71
|
-
|
72
|
-
def parse_options
|
73
|
-
puts help
|
74
|
-
exit 1
|
75
|
-
end
|
76
|
-
end
|
data/lib/puppet/face/key.rb
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
require 'puppet/indirector/face'
|
2
|
-
|
3
|
-
Puppet::Indirector::Face.define(:key, '0.0.1') do
|
4
|
-
copyright "Puppet Inc.", 2011
|
5
|
-
license _("Apache 2 license; see COPYING")
|
6
|
-
|
7
|
-
summary _("Create, save, and remove certificate keys.")
|
8
|
-
description <<-'EOT'
|
9
|
-
This subcommand manages certificate private keys. Keys are created
|
10
|
-
automatically by puppet agent and when certificate requests are generated
|
11
|
-
with 'puppet ssl submit_request'; it should not be necessary to use this
|
12
|
-
subcommand directly.
|
13
|
-
EOT
|
14
|
-
|
15
|
-
deprecate
|
16
|
-
end
|
data/lib/puppet/face/man.rb
DELETED
@@ -1,145 +0,0 @@
|
|
1
|
-
require 'puppet/face'
|
2
|
-
require 'puppet/util'
|
3
|
-
require 'pathname'
|
4
|
-
require 'erb'
|
5
|
-
|
6
|
-
Puppet::Face.define(:man, '0.0.1') do
|
7
|
-
copyright "Puppet Inc.", 2011
|
8
|
-
license _("Apache 2 license; see COPYING")
|
9
|
-
|
10
|
-
summary _("Display Puppet manual pages.")
|
11
|
-
|
12
|
-
description <<-EOT
|
13
|
-
Please use the command 'puppet help <subcommand>' or the system manpage system
|
14
|
-
'man puppet-<subcommand>' to display information about Puppet subcommands. The
|
15
|
-
deprecated man subcommand displays manual pages for all Puppet subcommands. If
|
16
|
-
the `ronn` gem (<https://github.com/rtomayko/ronn/>) is installed on your
|
17
|
-
system, puppet man will display fully-formatted man pages. If `ronn` is not
|
18
|
-
available, puppet man will display the raw (but human-readable) source text
|
19
|
-
in a pager.
|
20
|
-
EOT
|
21
|
-
|
22
|
-
notes <<-EOT
|
23
|
-
The pager used for display will be the first found of `$MANPAGER`, `$PAGER`,
|
24
|
-
`less`, `most`, or `more`.
|
25
|
-
EOT
|
26
|
-
|
27
|
-
action(:man) do
|
28
|
-
summary _("Display the manual page for a Puppet subcommand.")
|
29
|
-
arguments _("<subcommand>")
|
30
|
-
#TRANSLATORS '--render-as s' is a command line option and should not be translated
|
31
|
-
returns _(<<-'EOT')
|
32
|
-
The man data, in Markdown format, suitable for consumption by Ronn.
|
33
|
-
|
34
|
-
RENDERING ISSUES: To skip fancy formatting and output the raw Markdown
|
35
|
-
text (e.g. for use in a pipeline), call this action with '--render-as s'.
|
36
|
-
EOT
|
37
|
-
examples <<-'EOT'
|
38
|
-
View the installed manual page for the subcommand 'config':
|
39
|
-
|
40
|
-
$ man puppet-config
|
41
|
-
|
42
|
-
(Deprecated) View the manual page for the subcommand 'config':
|
43
|
-
|
44
|
-
$ puppet man config
|
45
|
-
EOT
|
46
|
-
|
47
|
-
default
|
48
|
-
when_invoked do |*args|
|
49
|
-
# 'args' is an array of the subcommand and arguments from the command line and an options hash
|
50
|
-
# [<arg1>, ..., {options}]
|
51
|
-
_options = args.pop
|
52
|
-
|
53
|
-
unless valid_command_line?(args)
|
54
|
-
print_man_help
|
55
|
-
#TRANSLATORS 'puppet man' is a specific command line and should not be translated
|
56
|
-
raise ArgumentError, _("The 'puppet man' command takes a single subcommand to review the subcommand's manpage")
|
57
|
-
end
|
58
|
-
|
59
|
-
manpage = args.first
|
60
|
-
if default_case?(manpage)
|
61
|
-
print_man_help
|
62
|
-
return nil
|
63
|
-
end
|
64
|
-
|
65
|
-
if legacy_applications.include?(manpage)
|
66
|
-
return Puppet::Application[manpage].help
|
67
|
-
end
|
68
|
-
|
69
|
-
# set 'face' as it's used in the erb processing.
|
70
|
-
face = Puppet::Face[manpage.to_sym, :current]
|
71
|
-
_face = face # suppress the unused variable warning
|
72
|
-
|
73
|
-
file = (Pathname(__FILE__).dirname + "help" + 'man.erb')
|
74
|
-
erb = ERB.new(file.read, nil, '-')
|
75
|
-
erb.filename = file.to_s
|
76
|
-
|
77
|
-
# Run the ERB template in our current binding, including all the local
|
78
|
-
# variables we established just above. --daniel 2011-04-11
|
79
|
-
return erb.result(binding)
|
80
|
-
end
|
81
|
-
|
82
|
-
when_rendering :console do |text|
|
83
|
-
# OK, if we have Ronn on the path we can delegate to it and override the
|
84
|
-
# normal output process. Otherwise delegate to a pager on the raw text,
|
85
|
-
# otherwise we finally just delegate to our parent. Oh, well.
|
86
|
-
|
87
|
-
# These are the same options for less that git normally uses.
|
88
|
-
# -R : Pass through color control codes (allows display of colors)
|
89
|
-
# -X : Don't init/deinit terminal (leave display on screen on exit)
|
90
|
-
# -F : automatically exit if display fits entirely on one screen
|
91
|
-
# -S : don't wrap long lines
|
92
|
-
ENV['LESS'] ||= 'FRSX'
|
93
|
-
|
94
|
-
ronn = Puppet::Util.which('ronn')
|
95
|
-
pager = [ENV['MANPAGER'], ENV['PAGER'], 'less', 'most', 'more'].
|
96
|
-
detect {|x| x and x.length > 0 and Puppet::Util.which(x) }
|
97
|
-
|
98
|
-
if ronn
|
99
|
-
# ronn is a stupid about pager selection, we can be smarter. :)
|
100
|
-
ENV['PAGER'] = pager if pager
|
101
|
-
|
102
|
-
args = "--man --manual='Puppet Manual' --organization='Puppet Inc., LLC'"
|
103
|
-
# manual pages could contain UTF-8 text
|
104
|
-
IO.popen("#{ronn} #{args}", 'w:UTF-8') do |fh| fh.write text end
|
105
|
-
|
106
|
-
'' # suppress local output, neh?
|
107
|
-
elsif pager
|
108
|
-
# manual pages could contain UTF-8 text
|
109
|
-
IO.popen(pager, 'w:UTF-8') do |fh| fh.write text end
|
110
|
-
''
|
111
|
-
else
|
112
|
-
text
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
116
|
-
|
117
|
-
def valid_command_line?(args)
|
118
|
-
# not too many arguments
|
119
|
-
# This allows the command line case of "puppet man man man" to not throw an error because face_based eats
|
120
|
-
# one of the "man"'s, which means this command line ends up looking like this in the code: 'manface.man("man")'
|
121
|
-
# However when we generate manpages, we do the same call. So we have to allow it and generate the real manpage.
|
122
|
-
args.length <= 1
|
123
|
-
end
|
124
|
-
|
125
|
-
# by default, if you ask for the man manpage "puppet man man" face_base removes the "man" from the args that we
|
126
|
-
# are passed, so we get nil instead
|
127
|
-
def default_case?(manpage)
|
128
|
-
manpage.nil?
|
129
|
-
end
|
130
|
-
|
131
|
-
def print_man_help
|
132
|
-
puts Puppet::Face[:help, :current].help(:man)
|
133
|
-
end
|
134
|
-
|
135
|
-
def legacy_applications
|
136
|
-
# The list of applications, less those that are duplicated as a face.
|
137
|
-
Puppet::Application.available_application_names.reject do |appname|
|
138
|
-
Puppet::Face.face? appname.to_sym, :current or
|
139
|
-
# ...this is a nasty way to exclude non-applications. :(
|
140
|
-
%w{face_base indirection_base}.include? appname
|
141
|
-
end
|
142
|
-
end
|
143
|
-
|
144
|
-
deprecate
|
145
|
-
end
|
@@ -1,14 +0,0 @@
|
|
1
|
-
Puppet::Face.define(:module, '1.0.0') do
|
2
|
-
action(:build) do
|
3
|
-
summary _("Build a module release package.")
|
4
|
-
#TRANSLATORS 'Puppet Development Kit' is the name of the software package replacing this action and should not be translated.
|
5
|
-
description _("This action has been replaced by Puppet Development Kit. For more information visit https://puppet.com/docs/pdk/latest/pdk.html.")
|
6
|
-
|
7
|
-
when_invoked do |*args|
|
8
|
-
#TRANSLATORS 'Puppet Development Kit' is the name of the software package replacing this action and should not be translated.
|
9
|
-
raise _("This action has been replaced by Puppet Development Kit. For more information visit https://puppet.com/docs/pdk/latest/pdk.html.")
|
10
|
-
end
|
11
|
-
|
12
|
-
deprecate
|
13
|
-
end
|
14
|
-
end
|
@@ -1,14 +0,0 @@
|
|
1
|
-
Puppet::Face.define(:module, '1.0.0') do
|
2
|
-
action(:generate) do
|
3
|
-
summary _("Generate boilerplate for a new module.")
|
4
|
-
#TRANSLATORS 'Puppet Development Kit' is the name of the software package replacing this action and should not be translated.
|
5
|
-
description _("This action has been replaced by Puppet Development Kit. For more information visit https://puppet.com/docs/pdk/latest/pdk.html.")
|
6
|
-
|
7
|
-
when_invoked do |*args|
|
8
|
-
#TRANSLATORS 'Puppet Development Kit' is the name of the software package replacing this action and should not be translated.
|
9
|
-
raise _("This action has been replaced by Puppet Development Kit. For more information visit https://puppet.com/docs/pdk/latest/pdk.html.")
|
10
|
-
end
|
11
|
-
|
12
|
-
deprecate
|
13
|
-
end
|
14
|
-
end
|
@@ -1,103 +0,0 @@
|
|
1
|
-
require 'puppet/util/terminal'
|
2
|
-
require 'puppet/forge'
|
3
|
-
|
4
|
-
Puppet::Face.define(:module, '1.0.0') do
|
5
|
-
action(:search) do
|
6
|
-
summary _("Search the Puppet Forge for a module.")
|
7
|
-
description <<-EOT
|
8
|
-
This action has been deprecated. Please use the Puppet Forge to search for modules.
|
9
|
-
|
10
|
-
Searches a repository for modules whose names, descriptions, or keywords
|
11
|
-
match the provided search term.
|
12
|
-
EOT
|
13
|
-
|
14
|
-
returns _("Array of module metadata hashes")
|
15
|
-
|
16
|
-
examples <<-EOT
|
17
|
-
Search the Puppet Forge for a module:
|
18
|
-
|
19
|
-
$ puppet module search puppetlabs
|
20
|
-
NAME DESCRIPTION AUTHOR KEYWORDS
|
21
|
-
bacula This is a generic Apache module @puppetlabs backups
|
22
|
-
EOT
|
23
|
-
|
24
|
-
arguments _("<search_term>")
|
25
|
-
|
26
|
-
when_invoked do |term, options|
|
27
|
-
Puppet.deprecation_warning(_("This action has been deprecated. Please use the Puppet Forge to search for modules."))
|
28
|
-
Puppet::ModuleTool.set_option_defaults options
|
29
|
-
Puppet::ModuleTool::Applications::Searcher.new(term, Puppet::Forge.new(options[:module_repository] || Puppet[:module_repository]), options).run
|
30
|
-
end
|
31
|
-
|
32
|
-
when_rendering :console do |results, term, options|
|
33
|
-
if results[:result] == :failure
|
34
|
-
raise results[:error][:multiline]
|
35
|
-
end
|
36
|
-
|
37
|
-
return _("No results found for '%{term}'.") % { term: term } if results[:answers].empty?
|
38
|
-
|
39
|
-
padding = ' '
|
40
|
-
headers = {
|
41
|
-
'full_name' => 'NAME',
|
42
|
-
'desc' => 'DESCRIPTION',
|
43
|
-
'author' => 'AUTHOR',
|
44
|
-
'tag_list' => 'KEYWORDS',
|
45
|
-
}
|
46
|
-
|
47
|
-
min_widths = Hash[ *headers.map { |k,v| [k, v.length] }.flatten ]
|
48
|
-
min_widths['full_name'] = min_widths['author'] = 12
|
49
|
-
|
50
|
-
min_width = min_widths.inject(0) { |sum,pair| sum + pair.last } + (padding.length * (headers.length - 1))
|
51
|
-
|
52
|
-
terminal_width = [Puppet::Util::Terminal.width, min_width].max
|
53
|
-
|
54
|
-
columns = results[:answers].inject(min_widths) do |hash, result|
|
55
|
-
deprecated_buffer = result['deprecated_at'].nil? ? 0 : 11 # ' DEPRECATED'.length
|
56
|
-
|
57
|
-
{
|
58
|
-
'full_name' => [ hash['full_name'], result['full_name'].length + deprecated_buffer ].max,
|
59
|
-
'desc' => [ hash['desc'], result['desc'].length ].max,
|
60
|
-
'author' => [ hash['author'], "@#{result['author']}".length ].max,
|
61
|
-
'tag_list' => [ hash['tag_list'], result['tag_list'].join(' ').length ].max,
|
62
|
-
}
|
63
|
-
end
|
64
|
-
|
65
|
-
flex_width = terminal_width - columns['full_name'] - columns['author'] - (padding.length * (headers.length - 1))
|
66
|
-
tag_lists = results[:answers].map { |r| r['tag_list'] }
|
67
|
-
|
68
|
-
while (columns['tag_list'] > flex_width / 3)
|
69
|
-
longest_tag_list = tag_lists.sort_by { |tl| tl.join(' ').length }.last
|
70
|
-
break if [ [], [term] ].include? longest_tag_list
|
71
|
-
longest_tag_list.delete(longest_tag_list.sort_by { |t| t == term ? -1 : t.length }.last)
|
72
|
-
columns['tag_list'] = tag_lists.map { |tl| tl.join(' ').length }.max
|
73
|
-
end
|
74
|
-
|
75
|
-
columns['tag_list'] = [
|
76
|
-
flex_width / 3,
|
77
|
-
tag_lists.map { |tl| tl.join(' ').length }.max,
|
78
|
-
].max
|
79
|
-
columns['desc'] = flex_width - columns['tag_list']
|
80
|
-
|
81
|
-
format = %w{full_name desc author tag_list}.map do |k|
|
82
|
-
"%-#{ [ columns[k], min_widths[k] ].max }s"
|
83
|
-
end.join(padding) + "\n"
|
84
|
-
|
85
|
-
highlight = proc do |s|
|
86
|
-
s = s.gsub(term, colorize(:green, term))
|
87
|
-
s = s.gsub(term.tr('/', '-'), colorize(:green, term.tr('/', '-'))) if term =~ /\//
|
88
|
-
s = s.gsub(' DEPRECATED', colorize(:red, ' DEPRECATED'))
|
89
|
-
s
|
90
|
-
end
|
91
|
-
|
92
|
-
format % [ headers['full_name'], headers['desc'], headers['author'], headers['tag_list'] ] +
|
93
|
-
results[:answers].map do |match|
|
94
|
-
name, desc, author, keywords = %w{full_name desc author tag_list}.map { |k| match[k] }
|
95
|
-
name += ' DEPRECATED' unless match['deprecated_at'].nil?
|
96
|
-
desc = desc[0...(columns['desc'] - 3)] + '...' if desc.length > columns['desc']
|
97
|
-
highlight[format % [ name.sub('/', '-'), desc, "@#{author}", [keywords].flatten.join(' ') ]]
|
98
|
-
end.join
|
99
|
-
end
|
100
|
-
|
101
|
-
deprecate
|
102
|
-
end
|
103
|
-
end
|