puppet 6.16.0 → 6.17.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +4 -2
- data/Gemfile.lock +10 -10
- data/README.md +2 -2
- data/lib/puppet/agent.rb +2 -2
- data/lib/puppet/application/agent.rb +14 -3
- data/lib/puppet/configurer.rb +20 -12
- data/lib/puppet/confine.rb +1 -1
- data/lib/puppet/defaults.rb +25 -8
- data/lib/puppet/file_serving/http_metadata.rb +13 -1
- data/lib/puppet/file_serving/metadata.rb +4 -1
- data/lib/puppet/file_serving/terminus_selector.rb +7 -8
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/uniquefile.rb +8 -16
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/repository.rb +3 -7
- data/lib/puppet/http/client.rb +5 -0
- data/lib/puppet/http/redirector.rb +9 -7
- data/lib/puppet/http/response.rb +19 -0
- data/lib/puppet/indirector.rb +1 -1
- data/lib/puppet/indirector/file_content/rest.rb +1 -1
- data/lib/puppet/indirector/file_metadata/http.rb +24 -5
- data/lib/puppet/indirector/file_metadata/rest.rb +2 -2
- data/lib/puppet/indirector/request.rb +1 -1
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/connection_adapter.rb +6 -4
- data/lib/puppet/parser/ast/leaf.rb +5 -5
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
- data/lib/puppet/parser/compiler.rb +1 -1
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +4 -1
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/validation/checker4_0.rb +10 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/provider/package/aptitude.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/service/windows.rb +23 -7
- data/lib/puppet/provider/user/useradd.rb +11 -4
- data/lib/puppet/reports/http.rb +2 -0
- data/lib/puppet/resource.rb +2 -1
- data/lib/puppet/resource/type.rb +8 -0
- data/lib/puppet/ssl/ssl_context.rb +2 -2
- data/lib/puppet/ssl/ssl_provider.rb +20 -1
- data/lib/puppet/test/test_helper.rb +8 -10
- data/lib/puppet/trusted_external.rb +29 -1
- data/lib/puppet/type.rb +12 -5
- data/lib/puppet/type/file.rb +38 -13
- data/lib/puppet/type/file/checksum.rb +4 -4
- data/lib/puppet/type/file/source.rb +4 -4
- data/lib/puppet/type/service.rb +49 -0
- data/lib/puppet/util.rb +39 -15
- data/lib/puppet/util/checksums.rb +19 -4
- data/lib/puppet/util/fileparsing.rb +2 -2
- data/lib/puppet/util/provider_features.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/windows/api_types.rb +45 -32
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/registry.rb +11 -11
- data/lib/puppet/util/windows/service.rb +43 -26
- data/lib/puppet/util/windows/user.rb +23 -8
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +249 -221
- data/man/man5/puppet.conf.5 +19 -8
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/application/agent_spec.rb +89 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/network/http_pool_spec.rb +26 -9
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/type/file_spec.rb +1 -1
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/integration/util/windows/user_spec.rb +40 -5
- data/spec/unit/configurer/fact_handler_spec.rb +4 -4
- data/spec/unit/context/trusted_information_spec.rb +10 -4
- data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
- data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
- data/spec/unit/http/client_spec.rb +64 -8
- data/spec/unit/http/response_spec.rb +6 -0
- data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
- data/spec/unit/indirector/request_spec.rb +1 -1
- data/spec/unit/interface_spec.rb +3 -3
- data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
- data/spec/unit/network/http/connection_spec.rb +42 -32
- data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/parser/scope_spec.rb +1 -1
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
- data/spec/unit/pops/loaders/loaders_spec.rb +1 -1
- data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
- data/spec/unit/provider/service/windows_spec.rb +22 -14
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/useradd_spec.rb +22 -16
- data/spec/unit/resource_spec.rb +3 -3
- data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction/report_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +3 -3
- data/spec/unit/type/file_spec.rb +122 -96
- data/spec/unit/type/service_spec.rb +176 -0
- data/spec/unit/type_spec.rb +50 -0
- data/spec/unit/util/checksums_spec.rb +16 -0
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +4 -4
- data/spec/unit/util_spec.rb +3 -3
- data/spec/unit/x509/cert_provider_spec.rb +1 -1
- metadata +5 -5
- data/spec/integration/test/test_helper_spec.rb +0 -31
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ce222e2720882560d874607f4b7202a5421e58f904caceac7cd481385abee714
|
4
|
+
data.tar.gz: b55fadb67cb0a7427df5bcbaf0a40f2e24fd28332af599f68203806249027db4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 300b054c35d6681fd46b0dc5873df43a93d2f3839750a92bcd49b178387c844b858cfa8b7785593632c4c487c59e50137ee07658b3122d949173659695674717
|
7
|
+
data.tar.gz: a17a857745b31fa04083bbf7476d399f9196b23288d83fff831f79aa06df630c282e9ebb85b9419d7930d816b94f3d8474a12628fceb039ca6f7f4e8dc599f10
|
data/Gemfile
CHANGED
@@ -3,9 +3,9 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org"
|
|
3
3
|
gemspec
|
4
4
|
|
5
5
|
def location_for(place, fake_version = nil)
|
6
|
-
if place =~ /^(git[:@][^#]*)#(.*)/
|
6
|
+
if place.is_a?(String) && place =~ /^(git[:@][^#]*)#(.*)/
|
7
7
|
[fake_version, { git: $1, branch: $2, require: false }].compact
|
8
|
-
elsif place =~ /^file:\/\/(.*)/
|
8
|
+
elsif place.is_a?(String) && place =~ /^file:\/\/(.*)/
|
9
9
|
['>= 0', { path: File.expand_path($1), require: false }]
|
10
10
|
else
|
11
11
|
[place, { require: false }]
|
@@ -19,6 +19,8 @@ gem "hiera", *location_for(ENV['HIERA_LOCATION']) if ENV.has_key?('HIERA_LOCATIO
|
|
19
19
|
gem "semantic_puppet", *location_for(ENV['SEMANTIC_PUPPET_LOCATION'] || ["~> 1.0"])
|
20
20
|
gem "puppet-resource_api", *location_for(ENV['RESOURCE_API_LOCATION'] || ["~> 1.5"])
|
21
21
|
|
22
|
+
gem "scanf" if RUBY_VERSION.to_f >= 2.7
|
23
|
+
|
22
24
|
group(:features) do
|
23
25
|
gem 'diff-lcs', '~> 1.3', require: false
|
24
26
|
gem 'hiera-eyaml', *location_for(ENV['HIERA_EYAML_LOCATION'])
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
puppet (6.
|
4
|
+
puppet (6.17.0)
|
5
5
|
CFPropertyList (~> 2.2)
|
6
6
|
concurrent-ruby (~> 1.0)
|
7
7
|
deep_merge (~> 1.0)
|
@@ -20,16 +20,16 @@ GEM
|
|
20
20
|
addressable (2.7.0)
|
21
21
|
public_suffix (>= 2.0.2, < 5.0)
|
22
22
|
artifactory (2.8.2)
|
23
|
-
ast (2.4.
|
24
|
-
coderay (1.1.
|
23
|
+
ast (2.4.1)
|
24
|
+
coderay (1.1.3)
|
25
25
|
concurrent-ruby (1.1.6)
|
26
26
|
crack (0.4.3)
|
27
27
|
safe_yaml (~> 1.0.0)
|
28
28
|
csv (3.1.5)
|
29
29
|
deep_merge (1.2.1)
|
30
|
-
diff-lcs (1.
|
30
|
+
diff-lcs (1.4.4)
|
31
31
|
docopt (0.6.1)
|
32
|
-
facter (4.0.
|
32
|
+
facter (4.0.29)
|
33
33
|
hocon (~> 1.3)
|
34
34
|
thor (>= 1.0.1, < 2.0)
|
35
35
|
fast_gettext (1.1.2)
|
@@ -56,16 +56,16 @@ GEM
|
|
56
56
|
method_source (1.0.0)
|
57
57
|
minitar (0.9)
|
58
58
|
msgpack (1.3.3)
|
59
|
-
multi_json (1.
|
59
|
+
multi_json (1.15.0)
|
60
60
|
mustache (1.1.1)
|
61
61
|
optimist (3.0.1)
|
62
|
-
packaging (0.99.
|
62
|
+
packaging (0.99.66)
|
63
63
|
artifactory (~> 2)
|
64
64
|
rake (>= 12.3)
|
65
65
|
release-metrics
|
66
|
-
parallel (1.19.
|
67
|
-
parser (2.7.1.
|
68
|
-
ast (~> 2.4.
|
66
|
+
parallel (1.19.2)
|
67
|
+
parser (2.7.1.4)
|
68
|
+
ast (~> 2.4.1)
|
69
69
|
powerpack (0.1.2)
|
70
70
|
pry (0.13.1)
|
71
71
|
coderay (~> 1.1)
|
data/README.md
CHANGED
@@ -25,10 +25,10 @@ which also includes orchestration features, a web console, and professional supp
|
|
25
25
|
The PE documentation is [available here.](https://puppet.com/docs/pe/latest)
|
26
26
|
|
27
27
|
To install an open source release of Puppet,
|
28
|
-
[see the installation guide on the docs site.](https://puppet.com/docs/puppet/
|
28
|
+
[see the installation guide on the docs site.](https://puppet.com/docs/puppet/latest/installing_and_upgrading.html)
|
29
29
|
|
30
30
|
If you need to run Puppet from source as a tester or developer,
|
31
|
-
see the [
|
31
|
+
see the [Quick Start to Developing on Puppet](docs/quickstart.md) guide.
|
32
32
|
|
33
33
|
## Developing and Contributing
|
34
34
|
|
data/lib/puppet/agent.rb
CHANGED
@@ -64,10 +64,10 @@ class Puppet::Agent
|
|
64
64
|
now = Time.now.to_i
|
65
65
|
wait_for_lock_deadline ||= now + Puppet[:maxwaitforlock]
|
66
66
|
|
67
|
-
if Puppet[:waitforlock]
|
67
|
+
if Puppet[:waitforlock] < 1
|
68
68
|
Puppet.notice _("Run of %{client_class} already in progress; skipping (%{lockfile_path} exists)") % { client_class: client_class, lockfile_path: lockfile_path }
|
69
69
|
nil
|
70
|
-
elsif now
|
70
|
+
elsif now >= wait_for_lock_deadline
|
71
71
|
Puppet.notice _("Exiting now because the maxwaitforlock timeout has been exceeded.")
|
72
72
|
nil
|
73
73
|
else
|
@@ -258,7 +258,9 @@ generated by running puppet agent with '--genconfig'.
|
|
258
258
|
|
259
259
|
* --job-id:
|
260
260
|
Attach the specified job id to the catalog request and the report used for
|
261
|
-
this agent run. This option only works when '--onetime' is used.
|
261
|
+
this agent run. This option only works when '--onetime' is used. When using
|
262
|
+
Puppet Enterprise this flag should not be used as the orchestrator sets the
|
263
|
+
job-id for you and it must be unique.
|
262
264
|
|
263
265
|
* --logdest:
|
264
266
|
Where to send log messages. Choose between 'syslog' (the POSIX syslog
|
@@ -363,8 +365,17 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
363
365
|
daemon.set_signal_traps
|
364
366
|
|
365
367
|
log_config if Puppet[:daemonize]
|
366
|
-
|
367
|
-
|
368
|
+
|
369
|
+
# run ssl state machine, waiting if needed
|
370
|
+
ssl_context = wait_for_certificates
|
371
|
+
|
372
|
+
# Each application is responsible for pushing loaders onto the context.
|
373
|
+
# Use the current environment that has already been established, though
|
374
|
+
# it may change later during the configurer run.
|
375
|
+
env = Puppet.lookup(:current_environment)
|
376
|
+
Puppet.override(ssl_context: ssl_context,
|
377
|
+
current_environment: env,
|
378
|
+
loaders: Puppet::Pops::Loaders.new(env, true)) do
|
368
379
|
if Puppet[:onetime]
|
369
380
|
onetime(daemon)
|
370
381
|
else
|
data/lib/puppet/configurer.rb
CHANGED
@@ -303,6 +303,15 @@ class Puppet::Configurer
|
|
303
303
|
report.environment = @environment
|
304
304
|
query_options = nil
|
305
305
|
facts = nil
|
306
|
+
|
307
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
308
|
+
Puppet.push_context(
|
309
|
+
{
|
310
|
+
current_environment: new_env,
|
311
|
+
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
312
|
+
},
|
313
|
+
"Local node environment #{@environment} for configurer transaction"
|
314
|
+
)
|
306
315
|
else
|
307
316
|
Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
|
308
317
|
end
|
@@ -313,19 +322,18 @@ class Puppet::Configurer
|
|
313
322
|
end
|
314
323
|
end
|
315
324
|
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
325
|
+
# This is to maintain compatibility with anyone using this class
|
326
|
+
# aside from agent, apply, device.
|
327
|
+
unless Puppet.lookup(:loaders) { nil }
|
328
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
329
|
+
Puppet.push_context(
|
330
|
+
{
|
331
|
+
current_environment: new_env,
|
332
|
+
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
333
|
+
},
|
334
|
+
"Local node environment #{@environment} for configurer transaction"
|
335
|
+
)
|
324
336
|
end
|
325
|
-
Puppet.push_context({
|
326
|
-
:current_environment => local_node_environment,
|
327
|
-
:loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
|
328
|
-
}, "Local node environment for configurer transaction")
|
329
337
|
|
330
338
|
query_options, facts = get_facts(options) unless query_options
|
331
339
|
query_options[:configured_environment] = configured_environment
|
data/lib/puppet/confine.rb
CHANGED
@@ -26,7 +26,7 @@ class Puppet::Confine
|
|
26
26
|
require "puppet/confine/#{name}"
|
27
27
|
rescue LoadError => detail
|
28
28
|
unless detail.to_s =~ /No such file|cannot load such file/i
|
29
|
-
|
29
|
+
Puppet.warning("Could not load confine test '#{name}': #{detail}")
|
30
30
|
end
|
31
31
|
# Could not find file
|
32
32
|
if !Puppet[:always_retry_plugins]
|
data/lib/puppet/defaults.rb
CHANGED
@@ -347,8 +347,7 @@ module Puppet
|
|
347
347
|
:default => "ansi",
|
348
348
|
:type => :string,
|
349
349
|
:desc => "Whether to use colors when logging to the console. Valid values are
|
350
|
-
`ansi` (equivalent to `true`), `html`, and `false`, which produces no color.
|
351
|
-
Defaults to false on Windows, as its console does not support ansi colors.",
|
350
|
+
`ansi` (equivalent to `true`), `html`, and `false`, which produces no color."
|
352
351
|
},
|
353
352
|
:mkusers => {
|
354
353
|
:default => false,
|
@@ -590,13 +589,22 @@ module Puppet
|
|
590
589
|
},
|
591
590
|
:trusted_external_command => {
|
592
591
|
:default => nil,
|
593
|
-
:
|
592
|
+
:type => :file_or_directory,
|
593
|
+
:desc => "The external trusted facts script or directory to use.
|
594
594
|
This setting's value can be set to the path to an executable command that
|
595
|
-
can produce external trusted facts
|
595
|
+
can produce external trusted facts or to a directory containing those
|
596
|
+
executable commands. The command(s) must:
|
596
597
|
|
597
598
|
* Take the name of a node as a command-line argument.
|
598
599
|
* Return a JSON hash with the external trusted facts for this node.
|
599
|
-
* For unknown or invalid nodes, exit with a non-zero exit code.
|
600
|
+
* For unknown or invalid nodes, exit with a non-zero exit code.
|
601
|
+
|
602
|
+
If the setting points to an executable command, then the external trusted
|
603
|
+
facts will be stored in the 'external' key of the trusted facts hash. Otherwise
|
604
|
+
for each executable file in the directory, the external trusted facts will be
|
605
|
+
stored in the `<basename>` key of the `trusted['external']` hash. For example,
|
606
|
+
if the files foo.rb and bar.sh are in the directory, then `trusted['external']`
|
607
|
+
will be the hash `{ 'foo' => <foo.rb output>, 'bar' => <bar.sh output> }`.",
|
600
608
|
},
|
601
609
|
:default_file_terminus => {
|
602
610
|
:type => :terminus,
|
@@ -992,6 +1000,15 @@ EOT
|
|
992
1000
|
and reject the CA certificate if the values do not match. This only applies
|
993
1001
|
during the first download of the CA certificate."
|
994
1002
|
},
|
1003
|
+
:ssl_trust_store => {
|
1004
|
+
:default => nil,
|
1005
|
+
:type => :file,
|
1006
|
+
:desc => "A file containing CA certificates in PEM format that puppet should trust
|
1007
|
+
when making HTTPS requests. This **only** applies to https requests to non-puppet
|
1008
|
+
infrastructure, such as retrieving file metadata and content from https file sources,
|
1009
|
+
puppet module tool and the 'http' report processor. This setting is ignored when
|
1010
|
+
making requests to puppet:// URLs such as catalog and report requests.",
|
1011
|
+
},
|
995
1012
|
:ssl_client_ca_auth => {
|
996
1013
|
:type => :file,
|
997
1014
|
:mode => "0644",
|
@@ -1536,7 +1553,7 @@ EOT
|
|
1536
1553
|
:statefile => {
|
1537
1554
|
:default => "$statedir/state.yaml",
|
1538
1555
|
:type => :file,
|
1539
|
-
:mode => "
|
1556
|
+
:mode => "0640",
|
1540
1557
|
:desc => "Where puppet agent and puppet master store state associated
|
1541
1558
|
with the running configuration. In the case of puppet master,
|
1542
1559
|
this file reflects the state discovered through interacting
|
@@ -1558,7 +1575,7 @@ EOT
|
|
1558
1575
|
:transactionstorefile => {
|
1559
1576
|
:default => "$statedir/transactionstore.yaml",
|
1560
1577
|
:type => :file,
|
1561
|
-
:mode => "
|
1578
|
+
:mode => "0640",
|
1562
1579
|
:desc => "Transactional storage file for persisting data between
|
1563
1580
|
transactions for the purposes of infering information (such as
|
1564
1581
|
corrective_change) on new data received."
|
@@ -1890,7 +1907,7 @@ EOT
|
|
1890
1907
|
already ongoing puppet agent instance.
|
1891
1908
|
|
1892
1909
|
This argument is by default disabled (value set to 0). In this case puppet agent will
|
1893
|
-
|
1910
|
+
immediately exit if it cannot run at that moment. When a value other than 0 is set, this
|
1894
1911
|
can also be used in combination with the `maxwaitforlock` argument.
|
1895
1912
|
#{AS_DURATION}",
|
1896
1913
|
},
|
@@ -15,6 +15,7 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
|
|
15
15
|
# use a default mtime in case there is no usable HTTP header
|
16
16
|
@checksums[:mtime] = "{mtime}#{Time.now}"
|
17
17
|
|
18
|
+
# RFC-1864, deprecated in HTTP/1.1 due to partial responses
|
18
19
|
checksum = http_response['content-md5']
|
19
20
|
if checksum
|
20
21
|
# convert base64 digest to hex
|
@@ -22,6 +23,17 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
|
|
22
23
|
@checksums[:md5] = "{md5}#{checksum}"
|
23
24
|
end
|
24
25
|
|
26
|
+
{
|
27
|
+
md5: 'X-Checksum-Md5',
|
28
|
+
sha1: 'X-Checksum-Sha1',
|
29
|
+
sha256: 'X-Checksum-Sha256'
|
30
|
+
}.each_pair do |checksum_type, header|
|
31
|
+
checksum = http_response[header]
|
32
|
+
if checksum
|
33
|
+
@checksums[checksum_type] = "{#{checksum_type}}#{checksum}"
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
25
37
|
last_modified = http_response['last-modified']
|
26
38
|
if last_modified
|
27
39
|
mtime = DateTime.httpdate(last_modified).to_time
|
@@ -39,7 +51,7 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
|
|
39
51
|
def collect
|
40
52
|
# Prefer the checksum_type from the indirector request options
|
41
53
|
# but fall back to the alternative otherwise
|
42
|
-
[ @checksum_type, :md5, :sha256, :
|
54
|
+
[ @checksum_type, :md5, :sha256, :sha1, :mtime ].each do |type|
|
43
55
|
@checksum_type = type
|
44
56
|
@checksum = @checksums[type]
|
45
57
|
break if @checksum
|
@@ -138,7 +138,10 @@ class Puppet::FileServing::Metadata < Puppet::FileServing::Base
|
|
138
138
|
@source = data.delete('source')
|
139
139
|
@content_uri = data.delete('content_uri')
|
140
140
|
|
141
|
-
|
141
|
+
links = data.fetch('links', nil) || data.fetch(:links, nil)
|
142
|
+
relative_path = data.fetch('relative_path', nil) || data.fetch(:relative_path, nil)
|
143
|
+
source = @source || data.fetch(:source, nil)
|
144
|
+
super(path, links: links, relative_path: relative_path, source: source)
|
142
145
|
end
|
143
146
|
|
144
147
|
def to_data_hash
|
@@ -7,11 +7,6 @@ module Puppet::FileServing::TerminusSelector
|
|
7
7
|
def select(request)
|
8
8
|
# We rely on the request's parsing of the URI.
|
9
9
|
|
10
|
-
# Short-circuit to :file if it's a fully-qualified path or specifies a 'file' protocol.
|
11
|
-
if Puppet::Util.absolute_path?(request.key)
|
12
|
-
return :file
|
13
|
-
end
|
14
|
-
|
15
10
|
case request.protocol
|
16
11
|
when "file"
|
17
12
|
:file
|
@@ -21,10 +16,14 @@ module Puppet::FileServing::TerminusSelector
|
|
21
16
|
else
|
22
17
|
Puppet[:default_file_terminus]
|
23
18
|
end
|
24
|
-
|
25
|
-
|
19
|
+
when "http","https"
|
20
|
+
:http
|
26
21
|
when nil
|
27
|
-
|
22
|
+
if Puppet::Util.absolute_path?(request.key)
|
23
|
+
:file
|
24
|
+
else
|
25
|
+
:file_server
|
26
|
+
end
|
28
27
|
else
|
29
28
|
raise ArgumentError, _("URI protocol '%{protocol}' is not currently supported for file serving") % { protocol: request.protocol }
|
30
29
|
end
|
@@ -124,11 +124,7 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
|
|
124
124
|
opts = []
|
125
125
|
end
|
126
126
|
tmpdir, = *rest
|
127
|
-
|
128
|
-
tmpdir = '/tmp'
|
129
|
-
else
|
130
|
-
tmpdir ||= tmpdir()
|
131
|
-
end
|
127
|
+
tmpdir ||= tmpdir()
|
132
128
|
n = nil
|
133
129
|
begin
|
134
130
|
path = File.expand_path(make_tmpname(basename, n), tmpdir)
|
@@ -154,18 +150,14 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
|
|
154
150
|
|
155
151
|
def tmpdir
|
156
152
|
tmp = '.'
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
tmp = dir
|
164
|
-
break
|
165
|
-
end rescue nil
|
166
|
-
end
|
167
|
-
File.expand_path(tmp)
|
153
|
+
for dir in [ Puppet::Util.get_env('TMPDIR'), Puppet::Util.get_env('TMP'), Puppet::Util.get_env('TEMP'), @@systmpdir, '/tmp']
|
154
|
+
stat = File.stat(dir) if dir
|
155
|
+
if stat && stat.directory? && stat.writable?
|
156
|
+
tmp = dir
|
157
|
+
break
|
158
|
+
end rescue nil
|
168
159
|
end
|
160
|
+
File.expand_path(tmp)
|
169
161
|
end
|
170
162
|
|
171
163
|
|
data/lib/puppet/forge.rb
CHANGED
data/lib/puppet/forge/cache.rb
CHANGED
@@ -25,7 +25,7 @@ class Puppet::Forge
|
|
25
25
|
unless cached_file.file?
|
26
26
|
if uri.scheme == 'file'
|
27
27
|
# CGI.unescape butchers Uris that are escaped properly
|
28
|
-
FileUtils.cp(
|
28
|
+
FileUtils.cp(Puppet::Util.uri_unescape(uri.path), cached_file)
|
29
29
|
else
|
30
30
|
# TODO: Handle HTTPS; probably should use repository.contact
|
31
31
|
data = read_retrieve(uri)
|
@@ -37,19 +37,15 @@ class Puppet::Forge
|
|
37
37
|
uri = URI(str)
|
38
38
|
|
39
39
|
headers = { "User-Agent" => user_agent }
|
40
|
-
basic_auth = nil
|
41
40
|
|
42
41
|
if forge_authorization
|
42
|
+
uri.user = nil
|
43
|
+
uri.password = nil
|
43
44
|
headers["Authorization"] = forge_authorization
|
44
|
-
elsif @uri.user && @uri.password
|
45
|
-
basic_auth = {
|
46
|
-
user: @uri.user,
|
47
|
-
password: @uri.password
|
48
|
-
}
|
49
45
|
end
|
50
46
|
|
51
47
|
http = Puppet.runtime[:http]
|
52
|
-
response = http.get(uri, headers: headers, options: {
|
48
|
+
response = http.get(uri, headers: headers, options: {ssl_context: @ssl_context})
|
53
49
|
io.write(response.body) if io.respond_to?(:write)
|
54
50
|
response
|
55
51
|
rescue Puppet::SSL::CertVerifyError => e
|
data/lib/puppet/http/client.rb
CHANGED
@@ -290,6 +290,11 @@ class Puppet::HTTP::Client
|
|
290
290
|
redirector = Puppet::HTTP::Redirector.new(options.fetch(:redirect_limit, @default_redirect_limit))
|
291
291
|
|
292
292
|
basic_auth = options.fetch(:basic_auth, nil)
|
293
|
+
unless basic_auth
|
294
|
+
if request.uri.user && request.uri.password
|
295
|
+
basic_auth = { user: request.uri.user, password: request.uri.password }
|
296
|
+
end
|
297
|
+
end
|
293
298
|
|
294
299
|
redirects = 0
|
295
300
|
retries = 0
|