RubyGems - puppet - Versions diffs - 6.19.0 → 7.3.0 - Mend

puppet 6.19.0 → 7.3.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (513) hide show

checksums.yaml +4 -4
data/CODEOWNERS +2 -16
data/Gemfile +3 -4
data/Gemfile.lock +33 -28
data/README.md +1 -1
data/conf/fileserver.conf +5 -10
data/ext/build_defaults.yaml +1 -1
data/ext/osx/file_mapping.yaml +0 -5
data/ext/project_data.yaml +2 -14
data/ext/redhat/puppet.spec.erb +0 -1
data/ext/windows/service/daemon.rb +6 -5
data/install.rb +21 -17
data/lib/puppet.rb +11 -20
data/lib/puppet/application.rb +182 -104
data/lib/puppet/application/agent.rb +1 -0
data/lib/puppet/application/apply.rb +3 -2
data/lib/puppet/application/device.rb +101 -104
data/lib/puppet/application/filebucket.rb +15 -11
data/lib/puppet/application/script.rb +1 -0
data/lib/puppet/application/ssl.rb +1 -1
data/lib/puppet/application_support.rb +7 -0
data/lib/puppet/configurer.rb +44 -36
data/lib/puppet/configurer/plugin_handler.rb +21 -19
data/lib/puppet/defaults.rb +71 -170
data/lib/puppet/environments.rb +44 -75
data/lib/puppet/face/config.rb +10 -0
data/lib/puppet/face/epp.rb +12 -2
data/lib/puppet/face/facts.rb +80 -6
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/node/clean.rb +8 -0
data/lib/puppet/face/plugin.rb +5 -8
data/lib/puppet/ffi/posix.rb +10 -0
data/lib/puppet/ffi/posix/constants.rb +14 -0
data/lib/puppet/ffi/posix/functions.rb +24 -0
data/lib/puppet/ffi/windows.rb +12 -0
data/lib/puppet/ffi/windows/api_types.rb +311 -0
data/lib/puppet/ffi/windows/constants.rb +404 -0
data/lib/puppet/ffi/windows/functions.rb +628 -0
data/lib/puppet/ffi/windows/structs.rb +338 -0
data/lib/puppet/file_serving/configuration.rb +0 -5
data/lib/puppet/file_serving/configuration/parser.rb +6 -32
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_serving/mount.rb +1 -2
data/lib/puppet/forge/repository.rb +0 -1
data/lib/puppet/functions/epp.rb +1 -0
data/lib/puppet/functions/inline_epp.rb +1 -0
data/lib/puppet/generate/models/type/type.rb +4 -1
data/lib/puppet/http.rb +22 -13
data/lib/puppet/http/client.rb +164 -114
data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
data/lib/puppet/http/errors.rb +16 -0
data/lib/puppet/http/external_client.rb +5 -7
data/lib/puppet/{network/http → http}/factory.rb +8 -11
data/lib/puppet/{network/http → http}/pool.rb +61 -26
data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
data/lib/puppet/http/proxy.rb +137 -0
data/lib/puppet/http/redirector.rb +4 -12
data/lib/puppet/http/resolver.rb +5 -15
data/lib/puppet/http/resolver/server_list.rb +6 -10
data/lib/puppet/http/resolver/settings.rb +4 -7
data/lib/puppet/http/resolver/srv.rb +7 -11
data/lib/puppet/http/response.rb +36 -54
data/lib/puppet/http/response_converter.rb +24 -0
data/lib/puppet/http/response_net_http.rb +42 -0
data/lib/puppet/http/retry_after_handler.rb +4 -13
data/lib/puppet/http/service.rb +12 -26
data/lib/puppet/http/service/ca.rb +11 -22
data/lib/puppet/http/service/compiler.rb +22 -69
data/lib/puppet/http/service/file_server.rb +18 -27
data/lib/puppet/http/service/puppetserver.rb +26 -12
data/lib/puppet/http/service/report.rb +8 -10
data/lib/puppet/http/session.rb +11 -20
data/lib/puppet/{network/http → http}/site.rb +1 -2
data/lib/puppet/indirector/catalog/rest.rb +2 -4
data/lib/puppet/indirector/fact_search.rb +60 -0
data/lib/puppet/indirector/facts/facter.rb +24 -3
data/lib/puppet/indirector/facts/json.rb +27 -0
data/lib/puppet/indirector/facts/rest.rb +3 -22
data/lib/puppet/indirector/facts/yaml.rb +3 -58
data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
data/lib/puppet/indirector/file_content/rest.rb +2 -6
data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
data/lib/puppet/indirector/file_server.rb +1 -8
data/lib/puppet/indirector/generic_http.rb +0 -11
data/lib/puppet/indirector/json.rb +5 -1
data/lib/puppet/indirector/node/json.rb +8 -0
data/lib/puppet/indirector/node/rest.rb +2 -4
data/lib/puppet/indirector/report/json.rb +34 -0
data/lib/puppet/indirector/report/rest.rb +3 -8
data/lib/puppet/indirector/request.rb +0 -101
data/lib/puppet/indirector/rest.rb +12 -263
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/module_tool/applications/installer.rb +48 -2
data/lib/puppet/module_tool/errors/shared.rb +17 -2
data/lib/puppet/network/authconfig.rb +2 -96
data/lib/puppet/network/authorization.rb +13 -35
data/lib/puppet/network/formats.rb +69 -1
data/lib/puppet/network/http.rb +3 -3
data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
data/lib/puppet/network/http/api/master/v3.rb +11 -13
data/lib/puppet/network/http/connection.rb +247 -316
data/lib/puppet/network/http/handler.rb +0 -1
data/lib/puppet/network/http_pool.rb +16 -34
data/lib/puppet/node.rb +1 -30
data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
data/lib/puppet/pal/pal_impl.rb +73 -18
data/lib/puppet/parser/ast/leaf.rb +3 -2
data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
data/lib/puppet/parser/compiler.rb +0 -198
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
data/lib/puppet/parser/resource.rb +0 -69
data/lib/puppet/parser/templatewrapper.rb +1 -1
data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -8
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
data/lib/puppet/pops/issues.rb +0 -5
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
data/lib/puppet/pops/model/ast.pp +0 -42
data/lib/puppet/pops/model/ast.rb +0 -290
data/lib/puppet/pops/model/ast_transformer.rb +1 -1
data/lib/puppet/pops/model/factory.rb +0 -45
data/lib/puppet/pops/model/model_label_provider.rb +0 -5
data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
data/lib/puppet/pops/model/pn_transformer.rb +0 -16
data/lib/puppet/pops/parser/egrammar.ra +0 -56
data/lib/puppet/pops/parser/eparser.rb +1520 -1712
data/lib/puppet/pops/parser/lexer2.rb +4 -4
data/lib/puppet/pops/parser/parser_support.rb +0 -5
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
data/lib/puppet/pops/types/type_calculator.rb +0 -7
data/lib/puppet/pops/types/type_parser.rb +0 -4
data/lib/puppet/pops/types/types.rb +0 -1
data/lib/puppet/pops/validation/checker4_0.rb +9 -37
data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
data/lib/puppet/provider.rb +0 -13
data/lib/puppet/provider/nameservice.rb +0 -18
data/lib/puppet/provider/package/apt.rb +4 -0
data/lib/puppet/provider/package/dpkg.rb +0 -10
data/lib/puppet/provider/package/gem.rb +23 -3
data/lib/puppet/provider/package/pip.rb +0 -1
data/lib/puppet/provider/package/pkg.rb +0 -4
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/puppet_gem.rb +1 -4
data/lib/puppet/provider/service/smf.rb +191 -73
data/lib/puppet/provider/user/aix.rb +2 -2
data/lib/puppet/provider/user/directoryservice.rb +0 -10
data/lib/puppet/reference/configuration.rb +8 -5
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/resource.rb +1 -89
data/lib/puppet/resource/catalog.rb +1 -14
data/lib/puppet/resource/type.rb +3 -119
data/lib/puppet/resource/type_collection.rb +3 -48
data/lib/puppet/runtime.rb +1 -2
data/lib/puppet/settings.rb +88 -48
data/lib/puppet/settings/alias_setting.rb +37 -0
data/lib/puppet/settings/base_setting.rb +26 -2
data/lib/puppet/settings/integer_setting.rb +17 -0
data/lib/puppet/settings/port_setting.rb +15 -0
data/lib/puppet/settings/priority_setting.rb +5 -4
data/lib/puppet/ssl.rb +10 -6
data/lib/puppet/ssl/base.rb +3 -5
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_request.rb +1 -12
data/lib/puppet/ssl/certificate_signer.rb +6 -0
data/lib/puppet/ssl/oids.rb +3 -1
data/lib/puppet/ssl/ssl_provider.rb +17 -0
data/lib/puppet/ssl/state_machine.rb +3 -1
data/lib/puppet/ssl/verifier.rb +2 -0
data/lib/puppet/test/test_helper.rb +1 -3
data/lib/puppet/transaction.rb +1 -7
data/lib/puppet/transaction/report.rb +2 -4
data/lib/puppet/type.rb +0 -76
data/lib/puppet/type/file.rb +5 -7
data/lib/puppet/type/file/checksum.rb +1 -1
data/lib/puppet/type/file/source.rb +1 -1
data/lib/puppet/type/filebucket.rb +3 -3
data/lib/puppet/type/package.rb +5 -13
data/lib/puppet/type/user.rb +1 -1
data/lib/puppet/util/autoload.rb +1 -8
data/lib/puppet/util/execution.rb +0 -11
data/lib/puppet/util/http_proxy.rb +2 -215
data/lib/puppet/util/monkey_patches.rb +0 -46
data/lib/puppet/util/posix.rb +54 -5
data/lib/puppet/util/rdoc.rb +0 -7
data/lib/puppet/util/retry_action.rb +1 -1
data/lib/puppet/util/rubygems.rb +5 -1
data/lib/puppet/util/run_mode.rb +9 -1
data/lib/puppet/util/windows.rb +3 -8
data/lib/puppet/util/windows/daemon.rb +360 -0
data/lib/puppet/util/windows/error.rb +1 -0
data/lib/puppet/util/windows/eventlog.rb +4 -9
data/lib/puppet/util/windows/file.rb +8 -242
data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
data/lib/puppet/util/windows/process.rb +4 -226
data/lib/puppet/util/windows/service.rb +9 -460
data/lib/puppet/util/windows/string.rb +12 -13
data/lib/puppet/util/yaml.rb +0 -22
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509.rb +5 -1
data/lib/puppet/x509/cert_provider.rb +29 -1
data/locales/puppet.pot +629 -1314
data/man/man5/puppet.conf.5 +39 -99
data/man/man8/puppet-agent.8 +2 -2
data/man/man8/puppet-apply.8 +2 -2
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +2 -2
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +58 -9
data/man/man8/puppet-filebucket.8 +6 -6
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-module.8 +1 -58
data/man/man8/puppet-node.8 +4 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +4 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +2 -2
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
data/spec/integration/application/agent_spec.rb +151 -14
data/spec/integration/application/apply_spec.rb +20 -1
data/spec/integration/application/filebucket_spec.rb +16 -16
data/spec/integration/application/help_spec.rb +2 -0
data/spec/integration/application/plugin_spec.rb +23 -1
data/spec/integration/defaults_spec.rb +7 -10
data/spec/integration/environments/setting_hooks_spec.rb +1 -1
data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
data/spec/integration/network/http_pool_spec.rb +3 -21
data/spec/integration/parser/catalog_spec.rb +0 -38
data/spec/integration/parser/node_spec.rb +0 -9
data/spec/integration/parser/pcore_resource_spec.rb +0 -37
data/spec/integration/resource/type_collection_spec.rb +2 -6
data/spec/integration/transaction_spec.rb +4 -9
data/spec/integration/type/file_spec.rb +5 -4
data/spec/integration/util/windows/adsi_spec.rb +3 -1
data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
data/spec/integration/util/windows/registry_spec.rb +0 -10
data/spec/integration/util/windows/security_spec.rb +1 -1
data/spec/lib/puppet_spec/puppetserver.rb +1 -1
data/spec/lib/puppet_spec/settings.rb +7 -1
data/spec/spec_helper.rb +3 -4
data/spec/unit/agent_spec.rb +8 -8
data/spec/unit/application/agent_spec.rb +0 -1
data/spec/unit/application/config_spec.rb +224 -4
data/spec/unit/application/facts_spec.rb +35 -0
data/spec/unit/application/filebucket_spec.rb +41 -41
data/spec/unit/application/ssl_spec.rb +2 -2
data/spec/unit/application_spec.rb +51 -9
data/spec/unit/certificate_factory_spec.rb +1 -1
data/spec/unit/configurer/downloader_spec.rb +6 -2
data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
data/spec/unit/configurer_spec.rb +12 -9
data/spec/unit/confine/feature_spec.rb +1 -1
data/spec/unit/confine_spec.rb +8 -2
data/spec/unit/context/trusted_information_spec.rb +2 -6
data/spec/unit/defaults_spec.rb +26 -32
data/spec/unit/environments_spec.rb +96 -22
data/spec/unit/face/config_spec.rb +27 -32
data/spec/unit/face/facts_spec.rb +4 -0
data/spec/unit/face/node_spec.rb +14 -13
data/spec/unit/face/plugin_spec.rb +73 -33
data/spec/unit/file_bucket/file_spec.rb +1 -1
data/spec/unit/file_serving/configuration/parser_spec.rb +22 -19
data/spec/unit/file_serving/configuration_spec.rb +6 -12
data/spec/unit/file_serving/metadata_spec.rb +3 -3
data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
data/spec/unit/forge/module_release_spec.rb +2 -7
data/spec/unit/functions/camelcase_spec.rb +1 -1
data/spec/unit/functions/capitalize_spec.rb +1 -1
data/spec/unit/functions/downcase_spec.rb +1 -1
data/spec/unit/functions/inline_epp_spec.rb +26 -1
data/spec/unit/functions/upcase_spec.rb +1 -1
data/spec/unit/http/client_spec.rb +7 -8
data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
data/spec/unit/http/external_client_spec.rb +4 -4
data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
data/spec/unit/http/resolver_spec.rb +13 -13
data/spec/unit/http/service/compiler_spec.rb +49 -62
data/spec/unit/http/service/file_server_spec.rb +3 -3
data/spec/unit/http/service/puppetserver_spec.rb +34 -4
data/spec/unit/http/service_spec.rb +1 -2
data/spec/unit/http/session_spec.rb +16 -14
data/spec/unit/{network/http → http}/site_spec.rb +3 -3
data/spec/unit/indirector/face_spec.rb +0 -1
data/spec/unit/indirector/facts/facter_spec.rb +104 -1
data/spec/unit/indirector/facts/json_spec.rb +255 -0
data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
data/spec/unit/indirector/file_server_spec.rb +1 -15
data/spec/unit/indirector/indirection_spec.rb +8 -12
data/spec/unit/indirector/node/json_spec.rb +33 -0
data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
data/spec/unit/indirector/report/rest_spec.rb +2 -17
data/spec/unit/indirector/report/yaml_spec.rb +72 -8
data/spec/unit/indirector/request_spec.rb +0 -264
data/spec/unit/indirector/rest_spec.rb +98 -752
data/spec/unit/indirector_spec.rb +2 -2
data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
data/spec/unit/network/authconfig_spec.rb +2 -132
data/spec/unit/network/authorization_spec.rb +2 -55
data/spec/unit/network/formats_spec.rb +45 -4
data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -101
data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
data/spec/unit/network/http/api_spec.rb +10 -0
data/spec/unit/network/http/connection_spec.rb +19 -41
data/spec/unit/network/http/handler_spec.rb +0 -6
data/spec/unit/network/http_pool_spec.rb +0 -4
data/spec/unit/node/environment_spec.rb +33 -21
data/spec/unit/node_spec.rb +2 -54
data/spec/unit/parser/compiler_spec.rb +3 -19
data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
data/spec/unit/parser/resource_spec.rb +14 -8
data/spec/unit/parser/templatewrapper_spec.rb +4 -3
data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
data/spec/unit/pops/types/type_factory_spec.rb +1 -1
data/spec/unit/pops/validator/validator_spec.rb +61 -46
data/spec/unit/pops/visitor_spec.rb +1 -1
data/spec/unit/property_spec.rb +1 -0
data/spec/unit/provider/nameservice_spec.rb +66 -122
data/spec/unit/provider/package/apt_spec.rb +4 -8
data/spec/unit/provider/package/base_spec.rb +6 -5
data/spec/unit/provider/package/dpkg_spec.rb +0 -48
data/spec/unit/provider/package/gem_spec.rb +32 -0
data/spec/unit/provider/package/pacman_spec.rb +18 -12
data/spec/unit/provider/package/pip_spec.rb +6 -11
data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
data/spec/unit/provider/service/smf_spec.rb +401 -165
data/spec/unit/provider/service/windows_spec.rb +0 -1
data/spec/unit/provider/user/aix_spec.rb +5 -0
data/spec/unit/provider/user/hpux_spec.rb +1 -1
data/spec/unit/provider/user/pw_spec.rb +2 -0
data/spec/unit/provider/user/useradd_spec.rb +1 -0
data/spec/unit/provider_spec.rb +6 -20
data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
data/spec/unit/resource/type_collection_spec.rb +2 -22
data/spec/unit/resource/type_spec.rb +1 -1
data/spec/unit/resource_spec.rb +11 -66
data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
data/spec/unit/settings/integer_setting_spec.rb +42 -0
data/spec/unit/settings/port_setting_spec.rb +31 -0
data/spec/unit/settings/priority_setting_spec.rb +4 -4
data/spec/unit/settings_spec.rb +560 -228
data/spec/unit/ssl/base_spec.rb +36 -4
data/spec/unit/ssl/certificate_request_spec.rb +15 -45
data/spec/unit/ssl/certificate_spec.rb +2 -11
data/spec/unit/ssl/ssl_provider_spec.rb +14 -8
data/spec/unit/ssl/state_machine_spec.rb +0 -1
data/spec/unit/ssl/verifier_spec.rb +0 -21
data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
data/spec/unit/transaction/event_manager_spec.rb +14 -11
data/spec/unit/transaction/report_spec.rb +0 -2
data/spec/unit/transaction/resource_harness_spec.rb +2 -2
data/spec/unit/transaction_spec.rb +57 -82
data/spec/unit/type/file/checksum_spec.rb +6 -6
data/spec/unit/type/file/content_spec.rb +1 -2
data/spec/unit/type/file/ensure_spec.rb +1 -1
data/spec/unit/type/file/mode_spec.rb +1 -1
data/spec/unit/type/file/selinux_spec.rb +0 -2
data/spec/unit/type/file/source_spec.rb +0 -1
data/spec/unit/type/file_spec.rb +12 -12
data/spec/unit/type/group_spec.rb +13 -6
data/spec/unit/type/package_spec.rb +1 -1
data/spec/unit/type/resources_spec.rb +7 -7
data/spec/unit/type/service_spec.rb +1 -1
data/spec/unit/type/tidy_spec.rb +0 -1
data/spec/unit/type_spec.rb +22 -2
data/spec/unit/util/at_fork_spec.rb +2 -2
data/spec/unit/util/autoload_spec.rb +5 -1
data/spec/unit/util/backups_spec.rb +1 -4
data/spec/unit/util/execution_spec.rb +15 -40
data/spec/unit/util/inifile_spec.rb +6 -14
data/spec/unit/util/log_spec.rb +8 -7
data/spec/unit/util/logging_spec.rb +3 -3
data/spec/unit/util/monkey_patches_spec.rb +0 -6
data/spec/unit/util/posix_spec.rb +363 -15
data/spec/unit/util/rubygems_spec.rb +2 -2
data/spec/unit/util/run_mode_spec.rb +21 -121
data/spec/unit/util/selinux_spec.rb +76 -52
data/spec/unit/util/storage_spec.rb +3 -1
data/spec/unit/util/suidmanager_spec.rb +44 -41
data/spec/unit/util/windows/string_spec.rb +1 -3
data/spec/unit/util/yaml_spec.rb +0 -54
data/spec/unit/util_spec.rb +13 -24
metadata +66 -170
data/conf/auth.conf +0 -150
data/lib/puppet/application/cert.rb +0 -76
data/lib/puppet/application/key.rb +0 -4
data/lib/puppet/application/man.rb +0 -4
data/lib/puppet/application/status.rb +0 -4
data/lib/puppet/face/key.rb +0 -16
data/lib/puppet/face/man.rb +0 -145
data/lib/puppet/face/module/build.rb +0 -14
data/lib/puppet/face/module/generate.rb +0 -14
data/lib/puppet/face/module/search.rb +0 -103
data/lib/puppet/face/status.rb +0 -51
data/lib/puppet/indirector/certificate/file.rb +0 -9
data/lib/puppet/indirector/certificate/rest.rb +0 -18
data/lib/puppet/indirector/certificate_request/file.rb +0 -9
data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
data/lib/puppet/indirector/file_content/http.rb +0 -22
data/lib/puppet/indirector/key/file.rb +0 -46
data/lib/puppet/indirector/key/memory.rb +0 -7
data/lib/puppet/indirector/ssl_file.rb +0 -162
data/lib/puppet/indirector/status.rb +0 -3
data/lib/puppet/indirector/status/local.rb +0 -12
data/lib/puppet/indirector/status/rest.rb +0 -27
data/lib/puppet/module_tool/applications/searcher.rb +0 -29
data/lib/puppet/network/auth_config_parser.rb +0 -90
data/lib/puppet/network/authstore.rb +0 -283
data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
data/lib/puppet/network/http/base_pool.rb +0 -36
data/lib/puppet/network/http/compression.rb +0 -127
data/lib/puppet/network/http/connection_adapter.rb +0 -184
data/lib/puppet/network/http/nocache_pool.rb +0 -28
data/lib/puppet/network/rest_controller.rb +0 -2
data/lib/puppet/network/rights.rb +0 -210
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
data/lib/puppet/parser/environment_compiler.rb +0 -202
data/lib/puppet/pops/types/enumeration.rb +0 -16
data/lib/puppet/resource/capability_finder.rb +0 -154
data/lib/puppet/rest/errors.rb +0 -15
data/lib/puppet/rest/response.rb +0 -35
data/lib/puppet/rest/route.rb +0 -85
data/lib/puppet/rest/routes.rb +0 -135
data/lib/puppet/ssl/host.rb +0 -505
data/lib/puppet/ssl/key.rb +0 -61
data/lib/puppet/ssl/validator.rb +0 -61
data/lib/puppet/ssl/validator/default_validator.rb +0 -209
data/lib/puppet/ssl/validator/no_validator.rb +0 -22
data/lib/puppet/ssl/verifier_adapter.rb +0 -58
data/lib/puppet/status.rb +0 -40
data/lib/puppet/util/connection.rb +0 -88
data/lib/puppet/util/ssl.rb +0 -83
data/lib/puppet/util/windows/api_types.rb +0 -309
data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
data/lib/puppet/vendor/load_pathspec.rb +0 -1
data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
data/lib/puppet/vendor/pathspec/LICENSE +0 -201
data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
data/lib/puppet/vendor/pathspec/README.md +0 -53
data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
data/man/man8/puppet-key.8 +0 -126
data/man/man8/puppet-man.8 +0 -76
data/man/man8/puppet-status.8 +0 -108
data/spec/integration/application/config_spec.rb +0 -74
data/spec/integration/network/authconfig_spec.rb +0 -256
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
data/spec/unit/application/man_spec.rb +0 -52
data/spec/unit/capability_spec.rb +0 -414
data/spec/unit/face/catalog_spec.rb +0 -6
data/spec/unit/face/key_spec.rb +0 -9
data/spec/unit/face/module/search_spec.rb +0 -231
data/spec/unit/face/module_spec.rb +0 -3
data/spec/unit/face/status_spec.rb +0 -9
data/spec/unit/indirector/certificate/file_spec.rb +0 -14
data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
data/spec/unit/indirector/key/file_spec.rb +0 -79
data/spec/unit/indirector/ssl_file_spec.rb +0 -305
data/spec/unit/indirector/status/local_spec.rb +0 -10
data/spec/unit/indirector/status/rest_spec.rb +0 -50
data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
data/spec/unit/network/auth_config_parser_spec.rb +0 -115
data/spec/unit/network/authstore_spec.rb +0 -422
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
data/spec/unit/network/http/compression_spec.rb +0 -240
data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
data/spec/unit/network/http_spec.rb +0 -9
data/spec/unit/network/rights_spec.rb +0 -439
data/spec/unit/parser/environment_compiler_spec.rb +0 -730
data/spec/unit/pops/types/enumeration_spec.rb +0 -51
data/spec/unit/resource/capability_finder_spec.rb +0 -143
data/spec/unit/rest/route_spec.rb +0 -132
data/spec/unit/ssl/host_spec.rb +0 -650
data/spec/unit/ssl/key_spec.rb +0 -173
data/spec/unit/ssl/validator_spec.rb +0 -278
data/spec/unit/status_spec.rb +0 -45
data/spec/unit/util/ssl_spec.rb +0 -91

data/lib/puppet/application/agent.rb CHANGED

@@ -267,6 +267,7 @@ generated by running puppet agent with '--genconfig'.
   service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
   file. If debugging or verbosity is enabled, this defaults to 'console'.
   Otherwise, it defaults to 'syslog' on POSIX systems and 'eventlog' on Windows.
+  Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
   A path ending with '.json' will receive structured output in JSON format. The
   log file will not have an ending ']' automatically written to it due to the

data/lib/puppet/application/apply.rb CHANGED

@@ -113,6 +113,7 @@ configuration options by running puppet with
   Where to send log messages. Choose between 'syslog' (the POSIX syslog
   service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
   file. Defaults to 'console'.
+  Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
   A path ending with '.json' will receive structured output in JSON format. The
   log file will not have an ending ']' automatically written to it due to the
@@ -236,7 +237,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
         end
         # Resolve all deferred values and replace them / mutate the catalog
-        Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
+        Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog, apply_environment)
         # Translate it to a RAL catalog
         catalog = catalog.to_ral
@@ -330,7 +331,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
         raise Puppet::Error, _("Could not deserialize catalog from %{format}: %{detail}") % { format: format, detail: detail }, detail.backtrace
       end
       # Resolve all deferred values and replace them / mutate the catalog
-      Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
+      Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog, configured_environment)
       catalog.to_ral
     end

data/lib/puppet/application/device.rb CHANGED

@@ -155,6 +155,7 @@ you can specify '--server <servername>' as an argument.
   Where to send log messages. Choose between 'syslog' (the POSIX syslog
   service), 'console', or the path to a log file. If debugging or verbosity is
   enabled, this defaults to 'console'. Otherwise, it defaults to 'syslog'.
+  Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
   A path ending with '.json' will receive structured output in JSON format. The
   log file will not have an ending ']' automatically written to it due to the
@@ -259,119 +260,115 @@ Licensed under the Apache 2.0 License
         end
       end
       devices.collect do |devicename,device|
-        pool = Puppet.runtime[:http].pool
-        Puppet.override(:http_pool => pool) do
-          # TODO when we drop support for ruby < 2.5 we can remove the extra block here
-          begin
-            device_url = URI.parse(device.url)
-            # Handle nil scheme & port
-            scheme = "#{device_url.scheme}://" if device_url.scheme
-            port = ":#{device_url.port}" if device_url.port
-            # override local $vardir and $certname
-            Puppet[:ssldir] = ::File.join(Puppet[:deviceconfdir], device.name, 'ssl')
-            Puppet[:confdir] = ::File.join(Puppet[:devicedir], device.name)
-            Puppet[:libdir] = options[:libdir] || ::File.join(Puppet[:devicedir], device.name, 'lib')
-            Puppet[:vardir] = ::File.join(Puppet[:devicedir], device.name)
-            Puppet[:certname] = device.name
-            ssl_context = nil
-            # create device directory under $deviceconfdir
-            Puppet::FileSystem.dir_mkpath(Puppet[:ssldir]) unless Puppet::FileSystem.dir_exist?(Puppet[:ssldir])
-            # this will reload and recompute default settings and create device-specific sub vardir
-            Puppet.settings.use :main, :agent, :ssl
-            # Workaround for PUP-8736: store ssl certs outside the cache directory to prevent accidental removal and keep the old path as symlink
-            optssldir = File.join(Puppet[:confdir], 'ssl')
-            Puppet::FileSystem.symlink(Puppet[:ssldir], optssldir) unless Puppet::FileSystem.exist?(optssldir)
-            unless options[:resource] || options[:facts] || options[:apply]
-              # Since it's too complicated to fix properly in the default settings, we workaround for PUP-9642 here.
-              # See https://github.com/puppetlabs/puppet/pull/7483#issuecomment-483455997 for details.
-              # This has to happen after `settings.use` above, so the directory is created and before `setup_host` below, where the SSL
-              # routines would fail with access errors
-              if Puppet.features.root? && !Puppet::Util::Platform.windows?
-                user = Puppet::Type.type(:user).new(name: Puppet[:user]).exists? ? Puppet[:user] : nil
-                group = Puppet::Type.type(:group).new(name: Puppet[:group]).exists? ? Puppet[:group] : nil
-                Puppet.debug("Fixing perms for #{user}:#{group} on #{Puppet[:confdir]}")
-                FileUtils.chown(user, group, Puppet[:confdir]) if user || group
-              end
+        # TODO when we drop support for ruby < 2.5 we can remove the extra block here
+        begin
+          device_url = URI.parse(device.url)
+          # Handle nil scheme & port
+          scheme = "#{device_url.scheme}://" if device_url.scheme
+          port = ":#{device_url.port}" if device_url.port
+          # override local $vardir and $certname
+          Puppet[:ssldir] = ::File.join(Puppet[:deviceconfdir], device.name, 'ssl')
+          Puppet[:confdir] = ::File.join(Puppet[:devicedir], device.name)
+          Puppet[:libdir] = options[:libdir] || ::File.join(Puppet[:devicedir], device.name, 'lib')
+          Puppet[:vardir] = ::File.join(Puppet[:devicedir], device.name)
+          Puppet[:certname] = device.name
+          ssl_context = nil
+          # create device directory under $deviceconfdir
+          Puppet::FileSystem.dir_mkpath(Puppet[:ssldir]) unless Puppet::FileSystem.dir_exist?(Puppet[:ssldir])
+          # this will reload and recompute default settings and create device-specific sub vardir
+          Puppet.settings.use :main, :agent, :ssl
+          # Workaround for PUP-8736: store ssl certs outside the cache directory to prevent accidental removal and keep the old path as symlink
+          optssldir = File.join(Puppet[:confdir], 'ssl')
+          Puppet::FileSystem.symlink(Puppet[:ssldir], optssldir) unless Puppet::FileSystem.exist?(optssldir)
+          unless options[:resource] || options[:facts] || options[:apply]
+            # Since it's too complicated to fix properly in the default settings, we workaround for PUP-9642 here.
+            # See https://github.com/puppetlabs/puppet/pull/7483#issuecomment-483455997 for details.
+            # This has to happen after `settings.use` above, so the directory is created and before `setup_host` below, where the SSL
+            # routines would fail with access errors
+            if Puppet.features.root? && !Puppet::Util::Platform.windows?
+              user = Puppet::Type.type(:user).new(name: Puppet[:user]).exists? ? Puppet[:user] : nil
+              group = Puppet::Type.type(:group).new(name: Puppet[:group]).exists? ? Puppet[:group] : nil
+              Puppet.debug("Fixing perms for #{user}:#{group} on #{Puppet[:confdir]}")
+              FileUtils.chown(user, group, Puppet[:confdir]) if user || group
+            end
-              ssl_context = setup_context
+            ssl_context = setup_context
-              unless options[:libdir]
-                Puppet.override(ssl_context: ssl_context) do
-                  Puppet::Configurer::PluginHandler.new.download_plugins(env) if Puppet::Configurer.should_pluginsync?
-                end
+            unless options[:libdir]
+              Puppet.override(ssl_context: ssl_context) do
+                Puppet::Configurer::PluginHandler.new.download_plugins(env) if Puppet::Configurer.should_pluginsync?
               end
             end
+          end
-            # this inits the device singleton, so that the facts terminus
-            # and the various network_device provider can use it
-            Puppet::Util::NetworkDevice.init(device)
-            if options[:resource]
-              type, name = parse_args(command_line.args)
-              Puppet.info _("retrieving resource: %{resource} from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
-              resources = find_resources(type, name)
-              if options[:to_yaml]
-                data = resources.map do |resource|
-                  resource.prune_parameters(:parameters_to_include => @extra_params).to_hiera_hash
-                end.inject(:merge!)
-                text = YAML.dump(type.downcase => data)
-              else
-                text = resources.map do |resource|
-                  resource.prune_parameters(:parameters_to_include => @extra_params).to_manifest.force_encoding(Encoding.default_external)
-                end.join("\n")
-              end
-              (puts text)
-              0
-            elsif options[:facts]
-              Puppet.info _("retrieving facts from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
-              remote_facts = Puppet::Node::Facts.indirection.find(name, :environment => env)
-              # Give a proper name to the facts
-              remote_facts.name = remote_facts.values['clientcert']
-              renderer = Puppet::Network::FormatHandler.format(:console)
-              puts renderer.render(remote_facts)
-              0
-            elsif options[:apply]
-              # avoid reporting to server
-              Puppet::Transaction::Report.indirection.terminus_class = :yaml
-              Puppet::Resource::Catalog.indirection.cache_class = nil
-              require 'puppet/application/apply'
-              begin
-                Puppet[:node_terminus] = :plain
-                Puppet[:catalog_terminus] = :compiler
-                Puppet[:catalog_cache_terminus] = nil
-                Puppet[:facts_terminus] = :network_device
-                Puppet.override(:network_device => true) do
-                  Puppet::Application::Apply.new(Puppet::Util::CommandLine.new('puppet', ["apply", options[:apply]])).run_command
-                end
-              end
+          # this inits the device singleton, so that the facts terminus
+          # and the various network_device provider can use it
+          Puppet::Util::NetworkDevice.init(device)
+          if options[:resource]
+            type, name = parse_args(command_line.args)
+            Puppet.info _("retrieving resource: %{resource} from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
+            resources = find_resources(type, name)
+            if options[:to_yaml]
+              data = resources.map do |resource|
+                resource.prune_parameters(:parameters_to_include => @extra_params).to_hiera_hash
+              end.inject(:merge!)
+              text = YAML.dump(type.downcase => data)
             else
-              Puppet.info _("starting applying configuration to %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
-              overrides = {}
-              overrides[:ssl_context] = ssl_context if ssl_context
-              Puppet.override(overrides) do
-                configurer = Puppet::Configurer.new
-                configurer.run(:network_device => true, :pluginsync => false)
+              text = resources.map do |resource|
+                resource.prune_parameters(:parameters_to_include => @extra_params).to_manifest.force_encoding(Encoding.default_external)
+              end.join("\n")
+            end
+            (puts text)
+            0
+          elsif options[:facts]
+            Puppet.info _("retrieving facts from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
+            remote_facts = Puppet::Node::Facts.indirection.find(name, :environment => env)
+            # Give a proper name to the facts
+            remote_facts.name = remote_facts.values['clientcert']
+            renderer = Puppet::Network::FormatHandler.format(:console)
+            puts renderer.render(remote_facts)
+            0
+          elsif options[:apply]
+            # avoid reporting to server
+            Puppet::Transaction::Report.indirection.terminus_class = :yaml
+            Puppet::Resource::Catalog.indirection.cache_class = nil
+            require 'puppet/application/apply'
+            begin
+              Puppet[:node_terminus] = :plain
+              Puppet[:catalog_terminus] = :compiler
+              Puppet[:catalog_cache_terminus] = nil
+              Puppet[:facts_terminus] = :network_device
+              Puppet.override(:network_device => true) do
+                Puppet::Application::Apply.new(Puppet::Util::CommandLine.new('puppet', ["apply", options[:apply]])).run_command
               end
             end
-          rescue => detail
-            Puppet.log_exception(detail)
-            # If we rescued an error, then we return 1 as the exit code
-            1
-          ensure
-            pool.close
-            Puppet[:libdir] = libdir
-            Puppet[:vardir] = vardir
-            Puppet[:confdir] = confdir
-            Puppet[:ssldir] = ssldir
-            Puppet[:certname] = certname
+          else
+            Puppet.info _("starting applying configuration to %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
+            overrides = {}
+            overrides[:ssl_context] = ssl_context if ssl_context
+            Puppet.override(overrides) do
+              configurer = Puppet::Configurer.new
+              configurer.run(:network_device => true, :pluginsync => false)
+            end
           end
+        rescue => detail
+          Puppet.log_exception(detail)
+          # If we rescued an error, then we return 1 as the exit code
+          1
+        ensure
+          Puppet[:libdir] = libdir
+          Puppet[:vardir] = vardir
+          Puppet[:confdir] = confdir
+          Puppet[:ssldir] = ssldir
+          Puppet[:certname] = certname
         end
       end
     end

data/lib/puppet/application/filebucket.rb CHANGED

@@ -16,6 +16,10 @@ class Puppet::Application::Filebucket < Puppet::Application
     _("Store and retrieve files in a filebucket")
   end
+  def digest_algorithm
+    Puppet.default_digest_algorithm
+  end
   def help
     <<-HELP
@@ -38,14 +42,14 @@ Puppet filebucket can operate in three modes, with only one mode per call:
 backup:
   Send one or more files to the specified file bucket. Each sent file is
-  printed with its resulting md5 sum.
+  printed with its resulting #{digest_algorithm} sum.
 get:
-  Return the text associated with an md5 sum. The text is printed to
+  Return the text associated with an #{digest_algorithm} sum. The text is printed to
   stdout, and only one file can be retrieved at a time.
 restore:
-  Given a file path and an md5 sum, store the content associated with
+  Given a file path and an #{digest_algorithm} sum, store the content associated with
   the sum into the specified file path. You can specify an entirely new
   path to this argument; you are not restricted to restoring the content
   to its original location.
@@ -186,8 +190,8 @@ EXAMPLES
     $ puppet filebucket -b /tmp/TestBucket list
     d41d8cd98f00b204e9800998ecf8427e 2015-05-11 09:33:22 /tmp/TestFile2
-    ## From a Puppet master, list files in the master bucketdir
-    $ puppet filebucket -b $(puppet config print bucketdir --section master) list
+    ## From a Puppet Server, list files in the server bucketdir
+    $ puppet filebucket -b $(puppet config print bucketdir --section server) list
     d43a6ecaa892a1962398ac9170ea9bf2 2015-05-11 09:27:56 /tmp/TestFile
     7ae322f5791217e031dc60188f4521ef 2015-05-11 09:52:15 /tmp/TestFile
@@ -212,8 +216,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   end
   def get
-    md5 = args.shift
-    out = @client.getfile(md5)
+    digest = args.shift
+    out = @client.getfile(digest)
     print out
   end
@@ -229,8 +233,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
         $stderr.puts _("%{file}: cannot read file") % { file: file }
         next
       end
-      md5 = @client.backup(file)
-      puts "#{file}: #{md5}"
+      digest = @client.backup(file)
+      puts "#{file}: #{digest}"
     end
   end
@@ -243,8 +247,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   def restore
     file = args.shift
-    md5 = args.shift
-    @client.restore(file, md5)
+    digest = args.shift
+    @client.restore(file, digest)
   end
   def diff

data/lib/puppet/application/script.rb CHANGED

@@ -71,6 +71,7 @@ configuration options can also be generated by running puppet with
   Where to send log messages. Choose between 'syslog' (the POSIX syslog
   service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
   file. Defaults to 'console'.
+  Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
   A path ending with '.json' will receive structured output in JSON format. The
   log file will not have an ending ']' automatically written to it due to the

data/lib/puppet/application/ssl.rb CHANGED

@@ -248,7 +248,7 @@ END
     paths = {
       'private key' => Puppet[:hostprivkey],
       'public key'  => Puppet[:hostpubkey],
-      'certificate request' => File.join(Puppet[:requestdir], "#{Puppet[:certname]}.pem"),
+      'certificate request' => Puppet[:hostcsr],
       'certificate' => Puppet[:hostcert],
       'private key password file' => Puppet[:passfile]
     }

data/lib/puppet/application_support.rb CHANGED

@@ -53,6 +53,13 @@ module Puppet
       route_file = Puppet[:route_file]
       if Puppet::FileSystem.exist?(route_file)
         routes = Puppet::Util::Yaml.safe_load_file(route_file, [Symbol])
+        if routes["server"] && routes["master"]
+          Puppet.warning("Route file #{route_file} contains both server and master route settings.")
+        elsif routes["server"] && !routes["master"]
+          routes["master"] = routes["server"]
+        elsif routes["master"] && !routes["server"]
+          routes["server"] = routes["master"]
+        end
         application_routes = routes[application_name]
         Puppet::Indirector.configure_routes(application_routes) if application_routes
       end

data/lib/puppet/configurer.rb CHANGED

@@ -112,7 +112,7 @@ class Puppet::Configurer
     catalog_conversion_time = thinmark do
       # Will mutate the result and replace all Deferred values with resolved values
       if facts
-        Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
+        Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result, Puppet.lookup(:current_environment))
       end
       catalog = result.to_ral
@@ -202,7 +202,6 @@ class Puppet::Configurer
   # This just passes any options on to the catalog,
   # which accepts :tags and :ignoreschedules.
   def run(options = {})
-    pool = Puppet.runtime[:http].pool
     # We create the report pre-populated with default settings for
     # environment and transaction_uuid very early, this is to ensure
     # they are sent regardless of any catalog compilation failures or
@@ -215,44 +214,40 @@ class Puppet::Configurer
     completed = nil
     begin
-      Puppet.override(:http_pool => pool) do
-        # Skip failover logic if the server_list setting is empty
-        do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
-        # When we are passed a catalog, that means we're in apply
-        # mode. We shouldn't try to do any failover in that case.
-        if options[:catalog].nil? && do_failover
-          server, port = find_functional_server
-          begin
-            if server.nil?
-              raise Puppet::Error, _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
-            else
-              #TRANSLATORS 'server_list' is the name of a setting and should not be translated
-              Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
-              report.server_used = "#{server}:#{port}"
-            end
-          rescue Puppet::Error => detail
-            if Puppet[:usecacheonfailure]
-              options[:pluginsync] = false
-              @running_failure = true
-              if server.nil?
-                server = Puppet[:server_list].first[0]
-                port = Puppet[:server_list].first[1] || Puppet[:serverport]
-              end
-              Puppet.log_exception(detail)
-            else
-              raise detail
-            end
-          end
-          Puppet.override(server: server, serverport: port) do
-            completed = run_internal(options)
+      # Skip failover logic if the server_list setting is empty
+      do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
+      # When we are passed a catalog, that means we're in apply
+      # mode. We shouldn't try to do any failover in that case.
+      if options[:catalog].nil? && do_failover
+        server, port = find_functional_server
+        if server.nil?
+          detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
+          if Puppet[:usecacheonfailure]
+            options[:pluginsync] = false
+            @running_failure = true
+            server = Puppet[:server_list].first[0]
+            port = Puppet[:server_list].first[1] || Puppet[:serverport]
+            Puppet.err(detail)
+          else
+            raise Puppet::Error, detail
           end
         else
+          #TRANSLATORS 'server_list' is the name of a setting and should not be translated
+          Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
+          report.server_used = "#{server}:#{port}"
+        end
+        Puppet.override(server: server, serverport: port) do
           completed = run_internal(options)
         end
+      else
+        completed = run_internal(options)
       end
     ensure
-      pool.close
+      # we may sleep for awhile, close connections now
+      Puppet.runtime[:http].close
     end
     completed ? report.exit_status : nil
@@ -400,16 +395,29 @@ class Puppet::Configurer
       if !cached_catalog && options[:catalog]
         ral_catalog = options[:catalog]
       else
+        # Ordering here matters. We have to resolve deferred resources in the
+        # resource catalog, convert the resource catalog to a RAL catalog (which
+        # triggers type/provider validation), and only if that is successful,
+        # should we cache the *original* resource catalog. However, deferred
+        # evaluation mutates the resource catalog, so we need to make a copy of
+        # it here. If PUP-9323 is ever implemented so that we resolve deferred
+        # resources in the RAL catalog as they are needed, then we could eliminate
+        # this step.
+        catalog_to_cache = Puppet.override(:rich_data => Puppet[:rich_data]) do
+          Puppet::Resource::Catalog.from_data_hash(catalog.to_data_hash)
+        end
         # REMIND @duration is the time spent loading the last catalog, and doesn't
         # account for things like we failed to download and fell back to the cache
         ral_catalog = convert_catalog(catalog, @duration, facts, options)
-        # If not noop, commit the cached resource catalog (not ral catalog). Ideally
+        # Validation succeeded, so commit the `catalog_to_cache` for non-noop runs. Don't
+        # commit `catalog` since it contains the result of deferred evaluation. Ideally
         # we'd just copy the downloaded response body, instead of serializing the
         # in-memory catalog, but that's hard due to the indirector.
         indirection = Puppet::Resource::Catalog.indirection
         if !Puppet[:noop] && indirection.cache?
-          request = indirection.request(:save, nil, catalog, environment: Puppet::Node::Environment.remote(catalog.environment))
+          request = indirection.request(:save, nil, catalog_to_cache, environment: Puppet::Node::Environment.remote(catalog_to_cache.environment))
           Puppet.info("Caching catalog for #{request.key}")
           indirection.cache.save(request)
         end