puppet 6.19.0-x86-mingw32 → 7.3.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (513) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -16
  3. data/Gemfile +3 -4
  4. data/Gemfile.lock +33 -28
  5. data/README.md +1 -1
  6. data/conf/fileserver.conf +5 -10
  7. data/ext/build_defaults.yaml +1 -1
  8. data/ext/osx/file_mapping.yaml +0 -5
  9. data/ext/project_data.yaml +2 -14
  10. data/ext/redhat/puppet.spec.erb +0 -1
  11. data/ext/windows/service/daemon.rb +6 -5
  12. data/install.rb +21 -17
  13. data/lib/puppet.rb +11 -20
  14. data/lib/puppet/application.rb +182 -104
  15. data/lib/puppet/application/agent.rb +1 -0
  16. data/lib/puppet/application/apply.rb +3 -2
  17. data/lib/puppet/application/device.rb +101 -104
  18. data/lib/puppet/application/filebucket.rb +15 -11
  19. data/lib/puppet/application/script.rb +1 -0
  20. data/lib/puppet/application/ssl.rb +1 -1
  21. data/lib/puppet/application_support.rb +7 -0
  22. data/lib/puppet/configurer.rb +44 -36
  23. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  24. data/lib/puppet/defaults.rb +71 -170
  25. data/lib/puppet/environments.rb +44 -75
  26. data/lib/puppet/face/config.rb +10 -0
  27. data/lib/puppet/face/epp.rb +12 -2
  28. data/lib/puppet/face/facts.rb +80 -6
  29. data/lib/puppet/face/help.rb +1 -1
  30. data/lib/puppet/face/node/clean.rb +8 -0
  31. data/lib/puppet/face/plugin.rb +5 -8
  32. data/lib/puppet/ffi/posix.rb +10 -0
  33. data/lib/puppet/ffi/posix/constants.rb +14 -0
  34. data/lib/puppet/ffi/posix/functions.rb +24 -0
  35. data/lib/puppet/ffi/windows.rb +12 -0
  36. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  37. data/lib/puppet/ffi/windows/constants.rb +404 -0
  38. data/lib/puppet/ffi/windows/functions.rb +628 -0
  39. data/lib/puppet/ffi/windows/structs.rb +338 -0
  40. data/lib/puppet/file_serving/configuration.rb +0 -5
  41. data/lib/puppet/file_serving/configuration/parser.rb +6 -32
  42. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  43. data/lib/puppet/file_serving/mount.rb +1 -2
  44. data/lib/puppet/forge/repository.rb +0 -1
  45. data/lib/puppet/functions/epp.rb +1 -0
  46. data/lib/puppet/functions/inline_epp.rb +1 -0
  47. data/lib/puppet/generate/models/type/type.rb +4 -1
  48. data/lib/puppet/http.rb +22 -13
  49. data/lib/puppet/http/client.rb +164 -114
  50. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  51. data/lib/puppet/http/errors.rb +16 -0
  52. data/lib/puppet/http/external_client.rb +5 -7
  53. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  54. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  55. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  56. data/lib/puppet/http/proxy.rb +137 -0
  57. data/lib/puppet/http/redirector.rb +4 -12
  58. data/lib/puppet/http/resolver.rb +5 -15
  59. data/lib/puppet/http/resolver/server_list.rb +6 -10
  60. data/lib/puppet/http/resolver/settings.rb +4 -7
  61. data/lib/puppet/http/resolver/srv.rb +7 -11
  62. data/lib/puppet/http/response.rb +36 -54
  63. data/lib/puppet/http/response_converter.rb +24 -0
  64. data/lib/puppet/http/response_net_http.rb +42 -0
  65. data/lib/puppet/http/retry_after_handler.rb +4 -13
  66. data/lib/puppet/http/service.rb +12 -26
  67. data/lib/puppet/http/service/ca.rb +11 -22
  68. data/lib/puppet/http/service/compiler.rb +22 -69
  69. data/lib/puppet/http/service/file_server.rb +18 -27
  70. data/lib/puppet/http/service/puppetserver.rb +26 -12
  71. data/lib/puppet/http/service/report.rb +8 -10
  72. data/lib/puppet/http/session.rb +11 -20
  73. data/lib/puppet/{network/http → http}/site.rb +1 -2
  74. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  75. data/lib/puppet/indirector/fact_search.rb +60 -0
  76. data/lib/puppet/indirector/facts/facter.rb +24 -3
  77. data/lib/puppet/indirector/facts/json.rb +27 -0
  78. data/lib/puppet/indirector/facts/rest.rb +3 -22
  79. data/lib/puppet/indirector/facts/yaml.rb +3 -58
  80. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  81. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  82. data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
  83. data/lib/puppet/indirector/file_server.rb +1 -8
  84. data/lib/puppet/indirector/generic_http.rb +0 -11
  85. data/lib/puppet/indirector/json.rb +5 -1
  86. data/lib/puppet/indirector/node/json.rb +8 -0
  87. data/lib/puppet/indirector/node/rest.rb +2 -4
  88. data/lib/puppet/indirector/report/json.rb +34 -0
  89. data/lib/puppet/indirector/report/rest.rb +3 -8
  90. data/lib/puppet/indirector/request.rb +0 -101
  91. data/lib/puppet/indirector/rest.rb +12 -263
  92. data/lib/puppet/module_tool/applications.rb +0 -1
  93. data/lib/puppet/module_tool/applications/installer.rb +48 -2
  94. data/lib/puppet/module_tool/errors/shared.rb +17 -2
  95. data/lib/puppet/network/authconfig.rb +2 -96
  96. data/lib/puppet/network/authorization.rb +13 -35
  97. data/lib/puppet/network/formats.rb +69 -1
  98. data/lib/puppet/network/http.rb +3 -3
  99. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  100. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  101. data/lib/puppet/network/http/connection.rb +247 -316
  102. data/lib/puppet/network/http/handler.rb +0 -1
  103. data/lib/puppet/network/http_pool.rb +16 -34
  104. data/lib/puppet/node.rb +1 -30
  105. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  106. data/lib/puppet/pal/pal_impl.rb +73 -18
  107. data/lib/puppet/parser/ast/leaf.rb +3 -2
  108. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  109. data/lib/puppet/parser/compiler.rb +0 -198
  110. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  111. data/lib/puppet/parser/resource.rb +0 -69
  112. data/lib/puppet/parser/templatewrapper.rb +1 -1
  113. data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
  114. data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -8
  115. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  116. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  117. data/lib/puppet/pops/issues.rb +0 -5
  118. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  119. data/lib/puppet/pops/model/ast.pp +0 -42
  120. data/lib/puppet/pops/model/ast.rb +0 -290
  121. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  122. data/lib/puppet/pops/model/factory.rb +0 -45
  123. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  124. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  125. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  126. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  127. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  128. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  129. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  130. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  131. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  132. data/lib/puppet/pops/types/type_parser.rb +0 -4
  133. data/lib/puppet/pops/types/types.rb +0 -1
  134. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  135. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  136. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  137. data/lib/puppet/provider.rb +0 -13
  138. data/lib/puppet/provider/nameservice.rb +0 -18
  139. data/lib/puppet/provider/package/apt.rb +4 -0
  140. data/lib/puppet/provider/package/dpkg.rb +0 -10
  141. data/lib/puppet/provider/package/gem.rb +23 -3
  142. data/lib/puppet/provider/package/pip.rb +0 -1
  143. data/lib/puppet/provider/package/pkg.rb +0 -4
  144. data/lib/puppet/provider/package/portage.rb +1 -1
  145. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  146. data/lib/puppet/provider/service/smf.rb +191 -73
  147. data/lib/puppet/provider/user/aix.rb +2 -2
  148. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  149. data/lib/puppet/reference/configuration.rb +8 -5
  150. data/lib/puppet/reference/indirection.rb +1 -1
  151. data/lib/puppet/resource.rb +1 -89
  152. data/lib/puppet/resource/catalog.rb +1 -14
  153. data/lib/puppet/resource/type.rb +3 -119
  154. data/lib/puppet/resource/type_collection.rb +3 -48
  155. data/lib/puppet/runtime.rb +1 -2
  156. data/lib/puppet/settings.rb +88 -48
  157. data/lib/puppet/settings/alias_setting.rb +37 -0
  158. data/lib/puppet/settings/base_setting.rb +26 -2
  159. data/lib/puppet/settings/integer_setting.rb +17 -0
  160. data/lib/puppet/settings/port_setting.rb +15 -0
  161. data/lib/puppet/settings/priority_setting.rb +5 -4
  162. data/lib/puppet/ssl.rb +10 -6
  163. data/lib/puppet/ssl/base.rb +3 -5
  164. data/lib/puppet/ssl/certificate.rb +0 -6
  165. data/lib/puppet/ssl/certificate_request.rb +1 -12
  166. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  167. data/lib/puppet/ssl/oids.rb +3 -1
  168. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  169. data/lib/puppet/ssl/state_machine.rb +3 -1
  170. data/lib/puppet/ssl/verifier.rb +2 -0
  171. data/lib/puppet/test/test_helper.rb +1 -3
  172. data/lib/puppet/transaction.rb +1 -7
  173. data/lib/puppet/transaction/report.rb +2 -4
  174. data/lib/puppet/type.rb +0 -76
  175. data/lib/puppet/type/file.rb +5 -7
  176. data/lib/puppet/type/file/checksum.rb +1 -1
  177. data/lib/puppet/type/file/source.rb +1 -1
  178. data/lib/puppet/type/filebucket.rb +3 -3
  179. data/lib/puppet/type/package.rb +5 -13
  180. data/lib/puppet/type/user.rb +1 -1
  181. data/lib/puppet/util/autoload.rb +1 -8
  182. data/lib/puppet/util/execution.rb +0 -11
  183. data/lib/puppet/util/http_proxy.rb +2 -215
  184. data/lib/puppet/util/monkey_patches.rb +0 -46
  185. data/lib/puppet/util/posix.rb +54 -5
  186. data/lib/puppet/util/rdoc.rb +0 -7
  187. data/lib/puppet/util/retry_action.rb +1 -1
  188. data/lib/puppet/util/rubygems.rb +5 -1
  189. data/lib/puppet/util/run_mode.rb +9 -1
  190. data/lib/puppet/util/windows.rb +3 -8
  191. data/lib/puppet/util/windows/daemon.rb +360 -0
  192. data/lib/puppet/util/windows/error.rb +1 -0
  193. data/lib/puppet/util/windows/eventlog.rb +4 -9
  194. data/lib/puppet/util/windows/file.rb +8 -242
  195. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  196. data/lib/puppet/util/windows/process.rb +4 -226
  197. data/lib/puppet/util/windows/service.rb +9 -460
  198. data/lib/puppet/util/windows/string.rb +12 -13
  199. data/lib/puppet/util/yaml.rb +0 -22
  200. data/lib/puppet/vendor/require_vendored.rb +0 -1
  201. data/lib/puppet/version.rb +1 -1
  202. data/lib/puppet/x509.rb +5 -1
  203. data/lib/puppet/x509/cert_provider.rb +29 -1
  204. data/locales/puppet.pot +629 -1314
  205. data/man/man5/puppet.conf.5 +39 -99
  206. data/man/man8/puppet-agent.8 +2 -2
  207. data/man/man8/puppet-apply.8 +2 -2
  208. data/man/man8/puppet-catalog.8 +1 -1
  209. data/man/man8/puppet-config.8 +1 -1
  210. data/man/man8/puppet-describe.8 +1 -1
  211. data/man/man8/puppet-device.8 +2 -2
  212. data/man/man8/puppet-doc.8 +1 -1
  213. data/man/man8/puppet-epp.8 +1 -1
  214. data/man/man8/puppet-facts.8 +58 -9
  215. data/man/man8/puppet-filebucket.8 +6 -6
  216. data/man/man8/puppet-generate.8 +1 -1
  217. data/man/man8/puppet-help.8 +1 -1
  218. data/man/man8/puppet-lookup.8 +1 -1
  219. data/man/man8/puppet-module.8 +1 -58
  220. data/man/man8/puppet-node.8 +4 -1
  221. data/man/man8/puppet-parser.8 +1 -1
  222. data/man/man8/puppet-plugin.8 +1 -1
  223. data/man/man8/puppet-report.8 +4 -1
  224. data/man/man8/puppet-resource.8 +1 -1
  225. data/man/man8/puppet-script.8 +2 -2
  226. data/man/man8/puppet-ssl.8 +1 -1
  227. data/man/man8/puppet.8 +2 -2
  228. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
  229. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  230. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
  231. data/spec/integration/application/agent_spec.rb +151 -14
  232. data/spec/integration/application/apply_spec.rb +20 -1
  233. data/spec/integration/application/filebucket_spec.rb +16 -16
  234. data/spec/integration/application/help_spec.rb +2 -0
  235. data/spec/integration/application/plugin_spec.rb +23 -1
  236. data/spec/integration/defaults_spec.rb +7 -10
  237. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  238. data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
  239. data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
  240. data/spec/integration/network/http_pool_spec.rb +3 -21
  241. data/spec/integration/parser/catalog_spec.rb +0 -38
  242. data/spec/integration/parser/node_spec.rb +0 -9
  243. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  244. data/spec/integration/resource/type_collection_spec.rb +2 -6
  245. data/spec/integration/transaction_spec.rb +4 -9
  246. data/spec/integration/type/file_spec.rb +5 -4
  247. data/spec/integration/util/windows/adsi_spec.rb +3 -1
  248. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  249. data/spec/integration/util/windows/registry_spec.rb +0 -10
  250. data/spec/integration/util/windows/security_spec.rb +1 -1
  251. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  252. data/spec/lib/puppet_spec/settings.rb +7 -1
  253. data/spec/spec_helper.rb +3 -4
  254. data/spec/unit/agent_spec.rb +8 -8
  255. data/spec/unit/application/agent_spec.rb +0 -1
  256. data/spec/unit/application/config_spec.rb +224 -4
  257. data/spec/unit/application/facts_spec.rb +35 -0
  258. data/spec/unit/application/filebucket_spec.rb +41 -41
  259. data/spec/unit/application/ssl_spec.rb +2 -2
  260. data/spec/unit/application_spec.rb +51 -9
  261. data/spec/unit/certificate_factory_spec.rb +1 -1
  262. data/spec/unit/configurer/downloader_spec.rb +6 -2
  263. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  264. data/spec/unit/configurer_spec.rb +12 -9
  265. data/spec/unit/confine/feature_spec.rb +1 -1
  266. data/spec/unit/confine_spec.rb +8 -2
  267. data/spec/unit/context/trusted_information_spec.rb +2 -6
  268. data/spec/unit/defaults_spec.rb +26 -32
  269. data/spec/unit/environments_spec.rb +96 -22
  270. data/spec/unit/face/config_spec.rb +27 -32
  271. data/spec/unit/face/facts_spec.rb +4 -0
  272. data/spec/unit/face/node_spec.rb +14 -13
  273. data/spec/unit/face/plugin_spec.rb +73 -33
  274. data/spec/unit/file_bucket/file_spec.rb +1 -1
  275. data/spec/unit/file_serving/configuration/parser_spec.rb +22 -19
  276. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  277. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  278. data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
  279. data/spec/unit/forge/module_release_spec.rb +2 -7
  280. data/spec/unit/functions/camelcase_spec.rb +1 -1
  281. data/spec/unit/functions/capitalize_spec.rb +1 -1
  282. data/spec/unit/functions/downcase_spec.rb +1 -1
  283. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  284. data/spec/unit/functions/upcase_spec.rb +1 -1
  285. data/spec/unit/http/client_spec.rb +7 -8
  286. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  287. data/spec/unit/http/external_client_spec.rb +4 -4
  288. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  289. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  290. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  291. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  292. data/spec/unit/http/resolver_spec.rb +13 -13
  293. data/spec/unit/http/service/compiler_spec.rb +49 -62
  294. data/spec/unit/http/service/file_server_spec.rb +3 -3
  295. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  296. data/spec/unit/http/service_spec.rb +1 -2
  297. data/spec/unit/http/session_spec.rb +16 -14
  298. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  299. data/spec/unit/indirector/face_spec.rb +0 -1
  300. data/spec/unit/indirector/facts/facter_spec.rb +104 -1
  301. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  302. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  303. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
  304. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  305. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  306. data/spec/unit/indirector/file_server_spec.rb +1 -15
  307. data/spec/unit/indirector/indirection_spec.rb +8 -12
  308. data/spec/unit/indirector/node/json_spec.rb +33 -0
  309. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  310. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  311. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  312. data/spec/unit/indirector/request_spec.rb +0 -264
  313. data/spec/unit/indirector/rest_spec.rb +98 -752
  314. data/spec/unit/indirector_spec.rb +2 -2
  315. data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
  316. data/spec/unit/network/authconfig_spec.rb +2 -132
  317. data/spec/unit/network/authorization_spec.rb +2 -55
  318. data/spec/unit/network/formats_spec.rb +45 -4
  319. data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -101
  320. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  321. data/spec/unit/network/http/api_spec.rb +10 -0
  322. data/spec/unit/network/http/connection_spec.rb +19 -41
  323. data/spec/unit/network/http/handler_spec.rb +0 -6
  324. data/spec/unit/network/http_pool_spec.rb +0 -4
  325. data/spec/unit/node/environment_spec.rb +33 -21
  326. data/spec/unit/node_spec.rb +2 -54
  327. data/spec/unit/parser/compiler_spec.rb +3 -19
  328. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  329. data/spec/unit/parser/resource_spec.rb +14 -8
  330. data/spec/unit/parser/templatewrapper_spec.rb +4 -3
  331. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
  332. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  333. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  334. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  335. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  336. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  337. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  338. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  339. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  340. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  341. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  342. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  343. data/spec/unit/pops/visitor_spec.rb +1 -1
  344. data/spec/unit/property_spec.rb +1 -0
  345. data/spec/unit/provider/nameservice_spec.rb +66 -122
  346. data/spec/unit/provider/package/apt_spec.rb +4 -8
  347. data/spec/unit/provider/package/base_spec.rb +6 -5
  348. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  349. data/spec/unit/provider/package/gem_spec.rb +32 -0
  350. data/spec/unit/provider/package/pacman_spec.rb +18 -12
  351. data/spec/unit/provider/package/pip_spec.rb +6 -11
  352. data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
  353. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  354. data/spec/unit/provider/service/smf_spec.rb +401 -165
  355. data/spec/unit/provider/service/windows_spec.rb +0 -1
  356. data/spec/unit/provider/user/aix_spec.rb +5 -0
  357. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  358. data/spec/unit/provider/user/pw_spec.rb +2 -0
  359. data/spec/unit/provider/user/useradd_spec.rb +1 -0
  360. data/spec/unit/provider_spec.rb +6 -20
  361. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  362. data/spec/unit/resource/type_collection_spec.rb +2 -22
  363. data/spec/unit/resource/type_spec.rb +1 -1
  364. data/spec/unit/resource_spec.rb +11 -66
  365. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  366. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  367. data/spec/unit/settings/port_setting_spec.rb +31 -0
  368. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  369. data/spec/unit/settings_spec.rb +560 -228
  370. data/spec/unit/ssl/base_spec.rb +36 -4
  371. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  372. data/spec/unit/ssl/certificate_spec.rb +2 -11
  373. data/spec/unit/ssl/ssl_provider_spec.rb +14 -8
  374. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  375. data/spec/unit/ssl/verifier_spec.rb +0 -21
  376. data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
  377. data/spec/unit/transaction/event_manager_spec.rb +14 -11
  378. data/spec/unit/transaction/report_spec.rb +0 -2
  379. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  380. data/spec/unit/transaction_spec.rb +57 -82
  381. data/spec/unit/type/file/checksum_spec.rb +6 -6
  382. data/spec/unit/type/file/content_spec.rb +1 -2
  383. data/spec/unit/type/file/ensure_spec.rb +1 -1
  384. data/spec/unit/type/file/mode_spec.rb +1 -1
  385. data/spec/unit/type/file/selinux_spec.rb +0 -2
  386. data/spec/unit/type/file/source_spec.rb +0 -1
  387. data/spec/unit/type/file_spec.rb +12 -12
  388. data/spec/unit/type/group_spec.rb +13 -6
  389. data/spec/unit/type/package_spec.rb +1 -1
  390. data/spec/unit/type/resources_spec.rb +7 -7
  391. data/spec/unit/type/service_spec.rb +1 -1
  392. data/spec/unit/type/tidy_spec.rb +0 -1
  393. data/spec/unit/type_spec.rb +22 -2
  394. data/spec/unit/util/at_fork_spec.rb +2 -2
  395. data/spec/unit/util/autoload_spec.rb +5 -1
  396. data/spec/unit/util/backups_spec.rb +1 -4
  397. data/spec/unit/util/execution_spec.rb +15 -40
  398. data/spec/unit/util/inifile_spec.rb +6 -14
  399. data/spec/unit/util/log_spec.rb +8 -7
  400. data/spec/unit/util/logging_spec.rb +3 -3
  401. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  402. data/spec/unit/util/posix_spec.rb +363 -15
  403. data/spec/unit/util/rubygems_spec.rb +2 -2
  404. data/spec/unit/util/run_mode_spec.rb +21 -121
  405. data/spec/unit/util/selinux_spec.rb +76 -52
  406. data/spec/unit/util/storage_spec.rb +3 -1
  407. data/spec/unit/util/suidmanager_spec.rb +44 -41
  408. data/spec/unit/util/windows/string_spec.rb +1 -3
  409. data/spec/unit/util/yaml_spec.rb +0 -54
  410. data/spec/unit/util_spec.rb +13 -24
  411. metadata +66 -226
  412. data/conf/auth.conf +0 -150
  413. data/lib/puppet/application/cert.rb +0 -76
  414. data/lib/puppet/application/key.rb +0 -4
  415. data/lib/puppet/application/man.rb +0 -4
  416. data/lib/puppet/application/status.rb +0 -4
  417. data/lib/puppet/face/key.rb +0 -16
  418. data/lib/puppet/face/man.rb +0 -145
  419. data/lib/puppet/face/module/build.rb +0 -14
  420. data/lib/puppet/face/module/generate.rb +0 -14
  421. data/lib/puppet/face/module/search.rb +0 -103
  422. data/lib/puppet/face/status.rb +0 -51
  423. data/lib/puppet/indirector/certificate/file.rb +0 -9
  424. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  425. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  426. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  427. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  428. data/lib/puppet/indirector/file_content/http.rb +0 -22
  429. data/lib/puppet/indirector/key/file.rb +0 -46
  430. data/lib/puppet/indirector/key/memory.rb +0 -7
  431. data/lib/puppet/indirector/ssl_file.rb +0 -162
  432. data/lib/puppet/indirector/status.rb +0 -3
  433. data/lib/puppet/indirector/status/local.rb +0 -12
  434. data/lib/puppet/indirector/status/rest.rb +0 -27
  435. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  436. data/lib/puppet/network/auth_config_parser.rb +0 -90
  437. data/lib/puppet/network/authstore.rb +0 -283
  438. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  439. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  440. data/lib/puppet/network/http/base_pool.rb +0 -36
  441. data/lib/puppet/network/http/compression.rb +0 -127
  442. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  443. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  444. data/lib/puppet/network/rest_controller.rb +0 -2
  445. data/lib/puppet/network/rights.rb +0 -210
  446. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  447. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  448. data/lib/puppet/parser/environment_compiler.rb +0 -202
  449. data/lib/puppet/pops/types/enumeration.rb +0 -16
  450. data/lib/puppet/resource/capability_finder.rb +0 -154
  451. data/lib/puppet/rest/errors.rb +0 -15
  452. data/lib/puppet/rest/response.rb +0 -35
  453. data/lib/puppet/rest/route.rb +0 -85
  454. data/lib/puppet/rest/routes.rb +0 -135
  455. data/lib/puppet/ssl/host.rb +0 -505
  456. data/lib/puppet/ssl/key.rb +0 -61
  457. data/lib/puppet/ssl/validator.rb +0 -61
  458. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  459. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  460. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  461. data/lib/puppet/status.rb +0 -40
  462. data/lib/puppet/util/connection.rb +0 -88
  463. data/lib/puppet/util/ssl.rb +0 -83
  464. data/lib/puppet/util/windows/api_types.rb +0 -309
  465. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  466. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  467. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  468. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  469. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  470. data/lib/puppet/vendor/pathspec/README.md +0 -53
  471. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  472. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  473. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  474. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  475. data/man/man8/puppet-key.8 +0 -126
  476. data/man/man8/puppet-man.8 +0 -76
  477. data/man/man8/puppet-status.8 +0 -108
  478. data/spec/integration/application/config_spec.rb +0 -74
  479. data/spec/integration/network/authconfig_spec.rb +0 -256
  480. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  481. data/spec/unit/application/man_spec.rb +0 -52
  482. data/spec/unit/capability_spec.rb +0 -414
  483. data/spec/unit/face/catalog_spec.rb +0 -6
  484. data/spec/unit/face/key_spec.rb +0 -9
  485. data/spec/unit/face/module/search_spec.rb +0 -231
  486. data/spec/unit/face/module_spec.rb +0 -3
  487. data/spec/unit/face/status_spec.rb +0 -9
  488. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  489. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  490. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  491. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  492. data/spec/unit/indirector/key/file_spec.rb +0 -79
  493. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  494. data/spec/unit/indirector/status/local_spec.rb +0 -10
  495. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  496. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  497. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  498. data/spec/unit/network/authstore_spec.rb +0 -422
  499. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  500. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  501. data/spec/unit/network/http/compression_spec.rb +0 -240
  502. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  503. data/spec/unit/network/http_spec.rb +0 -9
  504. data/spec/unit/network/rights_spec.rb +0 -439
  505. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  506. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  507. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  508. data/spec/unit/rest/route_spec.rb +0 -132
  509. data/spec/unit/ssl/host_spec.rb +0 -650
  510. data/spec/unit/ssl/key_spec.rb +0 -173
  511. data/spec/unit/ssl/validator_spec.rb +0 -278
  512. data/spec/unit/status_spec.rb +0 -45
  513. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -29,25 +29,27 @@ class Puppet::Configurer::PluginHandler
29
29
  result += plugin_fact_downloader.evaluate
30
30
  result += plugin_downloader.evaluate
31
31
 
32
- # until file metadata/content are using the rest client, we need to check
33
- # both :server_agent_version and the session to see if the server supports
34
- # the "locales" mount
35
- server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
36
- locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
37
- unless locales
38
- session = Puppet.lookup(:http_session)
39
- locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
40
- end
41
-
42
- if locales
43
- locales_downloader = Puppet::Configurer::Downloader.new(
44
- "locales",
45
- Puppet[:localedest],
46
- Puppet[:localesource],
47
- Puppet[:pluginsignore] + " *.pot config.yaml",
48
- environment
49
- )
50
- result += locales_downloader.evaluate
32
+ unless Puppet[:disable_i18n]
33
+ # until file metadata/content are using the rest client, we need to check
34
+ # both :server_agent_version and the session to see if the server supports
35
+ # the "locales" mount
36
+ server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
37
+ locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
38
+ unless locales
39
+ session = Puppet.lookup(:http_session)
40
+ locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
41
+ end
42
+
43
+ if locales
44
+ locales_downloader = Puppet::Configurer::Downloader.new(
45
+ "locales",
46
+ Puppet[:localedest],
47
+ Puppet[:localesource],
48
+ Puppet[:pluginsignore] + " *.pot config.yaml",
49
+ environment
50
+ )
51
+ result += locales_downloader.evaluate
52
+ end
51
53
  end
52
54
 
53
55
  Puppet::Util::Autoload.reload_changed(Puppet.lookup(:current_environment))
@@ -11,25 +11,41 @@ module Puppet
11
11
  end
12
12
 
13
13
  def self.default_digest_algorithm
14
- Puppet::Util::Platform.fips_enabled? ? 'sha256' : 'md5'
14
+ 'sha256'
15
15
  end
16
16
 
17
17
  def self.valid_digest_algorithms
18
18
  Puppet::Util::Platform.fips_enabled? ?
19
19
  %w[sha256 sha384 sha512 sha224] :
20
- %w[md5 sha256 sha384 sha512 sha224]
20
+ %w[sha256 sha384 sha512 sha224 md5]
21
21
  end
22
22
 
23
23
  def self.default_file_checksum_types
24
24
  Puppet::Util::Platform.fips_enabled? ?
25
25
  %w[sha256 sha384 sha512 sha224] :
26
- %w[md5 sha256 sha384 sha512 sha224]
26
+ %w[sha256 sha384 sha512 sha224 md5]
27
27
  end
28
28
 
29
29
  def self.valid_file_checksum_types
30
30
  Puppet::Util::Platform.fips_enabled? ?
31
31
  %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime] :
32
- %w[md5 md5lite sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime]
32
+ %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite md5 md5lite mtime ctime]
33
+ end
34
+
35
+ def self.default_cadir
36
+ return "" if Puppet::Util::Platform.windows?
37
+ old_ca_dir = "#{Puppet[:ssldir]}/ca"
38
+ new_ca_dir = "/etc/puppetlabs/puppetserver/ca"
39
+
40
+ if File.exist?(old_ca_dir)
41
+ if File.symlink?(old_ca_dir)
42
+ File.readlink(old_ca_dir)
43
+ else
44
+ old_ca_dir
45
+ end
46
+ else
47
+ new_ca_dir
48
+ end
33
49
  end
34
50
 
35
51
  def self.default_basemodulepath
@@ -70,28 +86,6 @@ module Puppet
70
86
  # @return void
71
87
  def self.initialize_default_settings!(settings)
72
88
  settings.define_settings(:main,
73
- :facterng => {
74
- :default => false,
75
- :type => :boolean,
76
- :desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
77
- the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
78
- This setting is still experimental.',
79
- :hook => proc do |value|
80
- if value
81
- begin
82
- original_facter = Object.const_get(:Facter)
83
- Object.send(:remove_const, :Facter)
84
-
85
- require 'facter-ng'
86
- # It is required to re-setup logger for facter-ng
87
- Puppet::Util::Logging.setup_facter_logging!
88
- rescue LoadError
89
- Object.const_set(:Facter, original_facter)
90
- raise ArgumentError, 'facter-ng could not be loaded'
91
- end
92
- end
93
- end
94
- },
95
89
  :confdir => {
96
90
  :default => nil,
97
91
  :type => :directory,
@@ -218,7 +212,7 @@ module Puppet
218
212
  end
219
213
  },
220
214
  :disable_i18n => {
221
- :default => false,
215
+ :default => true,
222
216
  :type => :boolean,
223
217
  :desc => "If true, turns off all translations of Puppet and module
224
218
  log messages, which affects error, warning, and info log messages,
@@ -263,13 +257,6 @@ module Puppet
263
257
  :type => :boolean,
264
258
  :desc => "Whether to enable experimental performance profiling",
265
259
  },
266
- :future_features => {
267
- :default => false,
268
- :type => :boolean,
269
- :desc => "Whether or not to enable all features currently being developed for future
270
- major releases of Puppet. Should be used with caution, as in development
271
- features are experimental and can have unexpected effects."
272
- },
273
260
  :versioned_environment_dirs => {
274
261
  :default => false,
275
262
  :type => :boolean,
@@ -284,6 +271,11 @@ module Puppet
284
271
  which occurs only on a Puppet Server master when the `code-id-command` and
285
272
  `code-content-command` settings are configured in its `puppetserver.conf` file.",
286
273
  },
274
+ :settings_catalog => {
275
+ :default => true,
276
+ :type => :boolean,
277
+ :desc => "Whether to compile and apply the settings catalog",
278
+ },
287
279
  :strict_environment_mode => {
288
280
  :default => false,
289
281
  :type => :boolean,
@@ -632,7 +624,7 @@ module Puppet
632
624
  :http_proxy_password =>{
633
625
  :default => "none",
634
626
  :hook => proc do |value|
635
- if settings[:http_proxy_password] =~ /[@!# \/]/
627
+ if value =~ /[@!# \/]/
636
628
  raise "Passwords set in the http_proxy_password setting must be valid as part of a URL, and any reserved characters must be URL-encoded. We received: #{value}"
637
629
  end
638
630
  end,
@@ -706,9 +698,8 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
706
698
  A value of `0` will disable caching. This setting can also be set to
707
699
  `unlimited`, which will cache environments until the server is restarted
708
700
  or told to refresh the cache. All other values will result in Puppet
709
- server evicting expired environments. The expiration time is computed
710
- based on either when the environment was created or last accessed, see
711
- `environment_timeout_mode`.
701
+ server evicting environments that haven't been used within the last
702
+ `environment_timeout` seconds.
712
703
 
713
704
  You should change this setting once your Puppet deployment is doing
714
705
  non-trivial work. We chose the default value of `0` because it lets new
@@ -721,32 +712,13 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
721
712
  * Setting this to a number that will keep your most actively used
722
713
  environments cached, but allow testing environments to fall out of the
723
714
  cache and reduce memory usage. A value of 3 minutes (3m) is a reasonable
724
- value. This option requires setting `environment_timeout_mode` to
725
- `from_last_used`.
715
+ value.
726
716
 
727
717
  Once you set `environment_timeout` to a non-zero value, you need to tell
728
718
  Puppet server to read new code from disk using the `environment-cache` API
729
719
  endpoint after you deploy new code. See the docs for the Puppet Server
730
720
  [administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
731
- ",
732
- :hook => proc do |val|
733
- if Puppet[:environment_timeout_mode] == :from_created
734
- unless [0, 'unlimited', Float::INFINITY].include?(val)
735
- Puppet.deprecation_warning("Evicting environments based on their creation time is deprecated, please set `environment_timeout_mode` to `from_last_used` instead.")
736
- end
737
- end
738
- end
739
- },
740
- :environment_timeout_mode => {
741
- :default => :from_created,
742
- :type => :symbolic_enum,
743
- :values => [:from_created, :from_last_used],
744
- :desc => "How Puppet interprets the `environment_timeout` setting when
745
- `environment_timeout` is neither `0` nor `unlimited`. If set to
746
- `from_created`, then the environment will be evicted `environment_timeout`
747
- seconds from when it was created. If set to `from_last_used` then the
748
- environment will be evicted `environment_timeout` seconds from when it
749
- was last used."
721
+ "
750
722
  },
751
723
  :environment_data_provider => {
752
724
  :desc => "The name of a registered environment data provider used when obtaining environment
@@ -821,7 +793,7 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
821
793
  `certname` setting as its requested Subject CN.
822
794
 
823
795
  This is the name used when managing a node's permissions in
824
- [auth.conf](https://puppet.com/docs/puppet/latest/config_file_auth.html).
796
+ Puppet Server's [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).
825
797
  In most cases, it is also used as the node's name when matching
826
798
  [node definitions](https://puppet.com/docs/puppet/latest/lang_node_definitions.html)
827
799
  and requesting data from an ENC. (This can be changed with the `node_name_value`
@@ -836,12 +808,15 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
836
808
  only use lowercase letters, numbers, periods, underscores, and dashes. (That is,
837
809
  it should match `/\A[a-z0-9._-]+\Z/`.)
838
810
  * The special value `ca` is reserved, and can't be used as the certname
839
- for a normal node.
811
+ for a normal node.
840
812
 
841
- **Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
813
+ **Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
842
814
 
843
815
  Defaults to the node's fully qualified domain name.",
844
- :hook => proc { |value| raise(ArgumentError, _("Certificate names must be lower case")) unless value == value.downcase }},
816
+ :call_hook => :on_initialize_and_write,
817
+ :hook => proc { |value|
818
+ raise(ArgumentError, _("Certificate names must be lower case")) unless value == value.downcase
819
+ }},
845
820
  :dns_alt_names => {
846
821
  :default => '',
847
822
  :desc => <<EOT,
@@ -968,13 +943,13 @@ EOT
968
943
  Generally unused."
969
944
  },
970
945
  :hostcsr => {
971
- :default => "$ssldir/csr_$certname.pem",
946
+ :default => "$requestdir/$certname.pem",
972
947
  :type => :file,
973
948
  :mode => "0644",
974
949
  :owner => "service",
975
950
  :group => "service",
976
- :deprecated => :completely,
977
- :desc => "This setting is deprecated."
951
+ :desc => "Where individual hosts store their certificate request (CSR)
952
+ while waiting for the CA to issue their certificate."
978
953
  },
979
954
  :hostcert => {
980
955
  :default => "$certdir/$certname.pem",
@@ -1025,29 +1000,6 @@ EOT
1025
1000
  puppet module tool and the 'http' report processor. This setting is ignored when
1026
1001
  making requests to puppet:// URLs such as catalog and report requests.",
1027
1002
  },
1028
- :ssl_client_ca_auth => {
1029
- :type => :file,
1030
- :mode => "0644",
1031
- :owner => "service",
1032
- :group => "service",
1033
- :desc => "Certificate authorities who issue server certificates. SSL servers will not be
1034
- considered authentic unless they possess a certificate issued by an authority
1035
- listed in this file. If this setting has no value then the Puppet master's CA
1036
- certificate (localcacert) will be used.",
1037
- :hook => proc do |val|
1038
- Puppet.deprecation_warning(_("Setting 'ssl_client_ca_auth' is deprecated."))
1039
- end
1040
- },
1041
- :ssl_server_ca_auth => {
1042
- :type => :file,
1043
- :mode => "0644",
1044
- :owner => "service",
1045
- :group => "service",
1046
- :deprecated => :completely,
1047
- :desc => "The setting is deprecated and has no effect. Ensure all root and
1048
- intermediate certificate authorities used to issue client certificates are
1049
- contained in the server's `cacert` file on the server."
1050
- },
1051
1003
  :hostcrl => {
1052
1004
  :default => "$ssldir/crl.pem",
1053
1005
  :type => :file,
@@ -1124,7 +1076,7 @@ EOT
1124
1076
  :type => :string,
1125
1077
  :desc => "Where to send log messages. Choose between 'syslog' (the POSIX syslog
1126
1078
  service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
1127
- file."
1079
+ file. Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
1128
1080
  # Sure would be nice to set the Puppet::Util::Log destination here in an :on_initialize_and_write hook,
1129
1081
  # unfortunately we have a large number of tests that rely on the logging not resetting itself when the
1130
1082
  # settings are initialized as they test what gets logged during settings initialization.
@@ -1138,7 +1090,7 @@ EOT
1138
1090
  :desc => "The name to use the Certificate Authority certificate.",
1139
1091
  },
1140
1092
  :cadir => {
1141
- :default => "$ssldir/ca",
1093
+ :default => lambda { default_cadir },
1142
1094
  :type => :directory,
1143
1095
  :desc => "The root directory for the certificate authority.",
1144
1096
  },
@@ -1367,42 +1319,16 @@ EOT
1367
1319
  by `puppet`, and should only be set if you're writing your own Puppet
1368
1320
  executable.",
1369
1321
  },
1370
- :serverport => {
1371
- :default => 8140,
1372
- :desc => "The default port puppet subcommands use to communicate
1373
- with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1374
- overridden by more specific settings (see `ca_port`, `report_port`).",
1375
- :hook => proc do |value|
1376
- Puppet[:masterport] = value unless Puppet.settings.set_by_config?(:masterport)
1377
- end
1378
- },
1379
1322
  :masterport => {
1380
1323
  :default => 8140,
1324
+ :type => :port,
1381
1325
  :desc => "The default port puppet subcommands use to communicate
1382
1326
  with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1383
1327
  overridden by more specific settings (see `ca_port`, `report_port`).",
1384
- :hook => proc do |value|
1385
- Puppet[:serverport] = value unless Puppet.settings.set_by_config?(:serverport)
1386
- end
1387
1328
  },
1388
- :node_name => {
1389
- :default => 'cert',
1390
- :type => :enum,
1391
- :values => ['cert', 'facter'],
1392
- :deprecated => :completely,
1393
- :hook => proc { |val|
1394
- if val != 'cert'
1395
- Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
1396
- end
1397
- },
1398
- :desc => "How the puppet master determines the client's identity
1399
- and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
1400
- in particular for determining which 'node' statement applies to the client.
1401
- Possible values are 'cert' (use the subject's CN in the client's
1402
- certificate) and 'facter' (use the hostname that the client
1403
- reported in its facts).
1404
-
1405
- This setting is deprecated, please use explicit fact matching for classification.",
1329
+ :serverport => {
1330
+ :type => :alias,
1331
+ :alias_for => :masterport
1406
1332
  },
1407
1333
  :bucketdir => {
1408
1334
  :default => "$vardir/bucket",
@@ -1412,15 +1338,6 @@ EOT
1412
1338
  :group => "service",
1413
1339
  :desc => "Where FileBucket files are stored."
1414
1340
  },
1415
- :rest_authconfig => {
1416
- :default => "$confdir/auth.conf",
1417
- :type => :file,
1418
- :deprecated => :completely,
1419
- :desc => "The configuration file that defines the rights to the different
1420
- rest indirections. This can be used as a fine-grained authorization system for
1421
- `puppet master`. The `puppet master` command is deprecated and Puppet Server
1422
- uses its own auth.conf that must be placed within its configuration directory.",
1423
- },
1424
1341
  :trusted_oid_mapping_file => {
1425
1342
  :default => "$confdir/custom_trusted_oid_mapping.yaml",
1426
1343
  :type => :file,
@@ -1523,23 +1440,7 @@ EOT
1523
1440
  :default => "$confdir/fileserver.conf",
1524
1441
  :type => :file,
1525
1442
  :desc => "Where the fileserver configuration is stored.",
1526
- },
1527
- :strict_hostname_checking => {
1528
- :default => true,
1529
- :type => :boolean,
1530
- :desc => "Whether to only search for the complete
1531
- hostname as it is in the certificate when searching for node information
1532
- in the catalogs or to match dot delimited segments of the cert's certname
1533
- and the hostname, fqdn, and/or domain facts.
1534
-
1535
- This setting is deprecated and will be removed in a future release.",
1536
- :hook => proc { |val|
1537
- if val != true
1538
- Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
1539
- end
1540
- }
1541
- }
1542
- )
1443
+ })
1543
1444
 
1544
1445
  settings.define_settings(:device,
1545
1446
  :devicedir => {
@@ -1561,17 +1462,15 @@ EOT
1561
1462
  :default => "$certname",
1562
1463
  :desc => "The explicit value used for the node name for all requests the agent
1563
1464
  makes to the master. WARNING: This setting is mutually exclusive with
1564
- node_name_fact. Changing this setting also requires changes to the default
1565
- auth.conf configuration on the Puppet Master. Please see
1566
- http://links.puppet.com/node_name_value for more information."
1465
+ node_name_fact. Changing this setting also requires changes to
1466
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
1567
1467
  },
1568
1468
  :node_name_fact => {
1569
1469
  :default => "",
1570
1470
  :desc => "The fact name used to determine the node name used for all requests the agent
1571
1471
  makes to the master. WARNING: This setting is mutually exclusive with
1572
- node_name_value. Changing this setting also requires changes to the default
1573
- auth.conf configuration on the Puppet Master. Please see
1574
- http://links.puppet.com/node_name_fact for more information.",
1472
+ node_name_value. Changing this setting also requires changes to
1473
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
1575
1474
  :hook => proc do |value|
1576
1475
  if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
1577
1476
  raise "Cannot specify both the node_name_value and node_name_fact settings"
@@ -1669,8 +1568,8 @@ EOT
1669
1568
  :server_list => {
1670
1569
  :default => [],
1671
1570
  :type => :server_list,
1672
- :desc => "The list of puppet master servers to which the puppet agent should connect,
1673
- in the order that they will be tried.",
1571
+ :desc => "The list of Puppet master servers to which the Puppet agent should connect,
1572
+ in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
1674
1573
  },
1675
1574
  :use_srv_records => {
1676
1575
  :default => false,
@@ -1746,6 +1645,7 @@ EOT
1746
1645
  },
1747
1646
  :ca_port => {
1748
1647
  :default => "$serverport",
1648
+ :type => :port,
1749
1649
  :desc => "The port to use for the certificate authority.",
1750
1650
  },
1751
1651
  :preferred_serialization_format => {
@@ -1835,6 +1735,7 @@ EOT
1835
1735
  },
1836
1736
  :report_port => {
1837
1737
  :default => "$serverport",
1738
+ :type => :port,
1838
1739
  :desc => "The port to communicate with the report_server.",
1839
1740
  },
1840
1741
  :report => {
@@ -1864,17 +1765,27 @@ EOT
1864
1765
  for the node stored in puppetdb are current. However, this will double the fact
1865
1766
  submission load on puppetdb, so it is disabled by default.",
1866
1767
  },
1768
+ :publicdir => {
1769
+ :default => nil,
1770
+ :type => :directory,
1771
+ :mode => "0755",
1772
+ :desc => "Where Puppet stores public files."
1773
+ },
1867
1774
  :lastrunfile => {
1868
- :default => "$statedir/last_run_summary.yaml",
1775
+ :default => "$publicdir/last_run_summary.yaml",
1869
1776
  :type => :file,
1870
- :mode => "0644",
1777
+ :mode => "0640",
1871
1778
  :desc => "Where puppet agent stores the last run report summary in yaml format."
1872
1779
  },
1873
1780
  :lastrunreport => {
1874
1781
  :default => "$statedir/last_run_report.yaml",
1875
1782
  :type => :file,
1876
1783
  :mode => "0640",
1877
- :desc => "Where puppet agent stores the last run report in yaml format."
1784
+ :desc => "Where Puppet Agent stores the last run report, by default, in yaml format.
1785
+ The format of the report can be changed by setting the `cache` key of the `report` terminus
1786
+ in the [routes.yaml](https://puppet.com/docs/puppet/latest/config_file_routes.html) file.
1787
+ To avoid mismatches between content and file extension, this setting needs to be
1788
+ manually updated to reflect the terminus changes."
1878
1789
  },
1879
1790
  :graph => {
1880
1791
  :default => false,
@@ -1943,7 +1854,7 @@ EOT
1943
1854
  :type => :ttl,
1944
1855
  :desc => "The maximum amount of time the puppet agent should wait for an
1945
1856
  already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
1946
- A value of `unlimited` will cause puppet agent to wait indefinitely.
1857
+ A value of `unlimited` will cause puppet agent to wait indefinitely.
1947
1858
  #{AS_DURATION}",
1948
1859
  }
1949
1860
  )
@@ -2000,7 +1911,7 @@ EOT
2000
1911
  :desc => "What files to ignore when pulling down plugins.",
2001
1912
  },
2002
1913
  :ignore_plugin_errors => {
2003
- :default => true,
1914
+ :default => false,
2004
1915
  :type => :boolean,
2005
1916
  :desc => "Whether the puppet run should ignore errors during pluginsync. If the setting
2006
1917
  is false and there are errors during pluginsync, then the agent will abort the run and
@@ -2215,16 +2126,6 @@ EOT
2215
2126
  referencing variables that are explicitly set to undef).
2216
2127
  EOT
2217
2128
  },
2218
- :func3x_check => {
2219
- :default => true,
2220
- :type => :boolean,
2221
- :desc => <<-'EOT'
2222
- Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that
2223
- could cause harm or that simply does not work. This flag is on by default. This flag is made available
2224
- so that the validation can be turned off in case the method of validation is faulty - if encountered, please
2225
- file a bug report.
2226
- EOT
2227
- },
2228
2129
  :tasks => {
2229
2130
  :default => false,
2230
2131
  :type => :boolean,