puppet 6.19.1-universal-darwin → 7.0.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (440) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Gemfile.lock +19 -20
  4. data/README.md +1 -1
  5. data/conf/fileserver.conf +5 -10
  6. data/ext/build_defaults.yaml +1 -1
  7. data/ext/osx/file_mapping.yaml +0 -5
  8. data/ext/project_data.yaml +1 -14
  9. data/ext/redhat/puppet.spec.erb +0 -1
  10. data/ext/windows/service/daemon.rb +6 -5
  11. data/install.rb +21 -17
  12. data/lib/puppet.rb +11 -20
  13. data/lib/puppet/application.rb +172 -98
  14. data/lib/puppet/application/device.rb +100 -104
  15. data/lib/puppet/application/filebucket.rb +15 -11
  16. data/lib/puppet/application/ssl.rb +1 -1
  17. data/lib/puppet/configurer.rb +28 -33
  18. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  19. data/lib/puppet/defaults.rb +95 -159
  20. data/lib/puppet/environments.rb +10 -25
  21. data/lib/puppet/face/config.rb +10 -0
  22. data/lib/puppet/face/epp.rb +12 -2
  23. data/lib/puppet/face/facts.rb +66 -6
  24. data/lib/puppet/face/help.rb +1 -1
  25. data/lib/puppet/face/plugin.rb +5 -8
  26. data/lib/puppet/ffi/windows.rb +12 -0
  27. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  28. data/lib/puppet/ffi/windows/constants.rb +404 -0
  29. data/lib/puppet/ffi/windows/functions.rb +628 -0
  30. data/lib/puppet/ffi/windows/structs.rb +338 -0
  31. data/lib/puppet/file_serving/configuration.rb +0 -5
  32. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  33. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  34. data/lib/puppet/file_serving/mount.rb +1 -2
  35. data/lib/puppet/forge/repository.rb +0 -1
  36. data/lib/puppet/functions/epp.rb +1 -0
  37. data/lib/puppet/functions/inline_epp.rb +1 -0
  38. data/lib/puppet/generate/models/type/type.rb +4 -1
  39. data/lib/puppet/http.rb +22 -13
  40. data/lib/puppet/http/client.rb +164 -114
  41. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  42. data/lib/puppet/http/errors.rb +16 -0
  43. data/lib/puppet/http/external_client.rb +5 -7
  44. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  45. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  46. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  47. data/lib/puppet/http/proxy.rb +137 -0
  48. data/lib/puppet/http/redirector.rb +4 -12
  49. data/lib/puppet/http/resolver.rb +5 -15
  50. data/lib/puppet/http/resolver/server_list.rb +6 -10
  51. data/lib/puppet/http/resolver/settings.rb +4 -7
  52. data/lib/puppet/http/resolver/srv.rb +7 -11
  53. data/lib/puppet/http/response.rb +36 -54
  54. data/lib/puppet/http/response_converter.rb +24 -0
  55. data/lib/puppet/http/response_net_http.rb +42 -0
  56. data/lib/puppet/http/retry_after_handler.rb +4 -13
  57. data/lib/puppet/http/service.rb +12 -26
  58. data/lib/puppet/http/service/ca.rb +11 -22
  59. data/lib/puppet/http/service/compiler.rb +22 -69
  60. data/lib/puppet/http/service/file_server.rb +18 -27
  61. data/lib/puppet/http/service/puppetserver.rb +26 -12
  62. data/lib/puppet/http/service/report.rb +8 -10
  63. data/lib/puppet/http/session.rb +11 -20
  64. data/lib/puppet/{network/http → http}/site.rb +1 -2
  65. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  66. data/lib/puppet/indirector/fact_search.rb +60 -0
  67. data/lib/puppet/indirector/facts/facter.rb +24 -3
  68. data/lib/puppet/indirector/facts/json.rb +27 -0
  69. data/lib/puppet/indirector/facts/rest.rb +3 -22
  70. data/lib/puppet/indirector/facts/yaml.rb +3 -58
  71. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  72. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  73. data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
  74. data/lib/puppet/indirector/file_server.rb +1 -8
  75. data/lib/puppet/indirector/generic_http.rb +0 -11
  76. data/lib/puppet/indirector/json.rb +5 -1
  77. data/lib/puppet/indirector/node/json.rb +8 -0
  78. data/lib/puppet/indirector/node/rest.rb +2 -4
  79. data/lib/puppet/indirector/report/json.rb +34 -0
  80. data/lib/puppet/indirector/report/rest.rb +3 -8
  81. data/lib/puppet/indirector/request.rb +0 -101
  82. data/lib/puppet/indirector/rest.rb +12 -263
  83. data/lib/puppet/module_tool/applications.rb +0 -1
  84. data/lib/puppet/network/authconfig.rb +2 -96
  85. data/lib/puppet/network/authorization.rb +13 -35
  86. data/lib/puppet/network/formats.rb +2 -1
  87. data/lib/puppet/network/http.rb +3 -3
  88. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  89. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  90. data/lib/puppet/network/http/connection.rb +247 -316
  91. data/lib/puppet/network/http/handler.rb +0 -1
  92. data/lib/puppet/network/http_pool.rb +16 -34
  93. data/lib/puppet/node.rb +1 -30
  94. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  95. data/lib/puppet/pal/pal_impl.rb +73 -18
  96. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  97. data/lib/puppet/parser/compiler.rb +0 -198
  98. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  99. data/lib/puppet/parser/resource.rb +0 -69
  100. data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -8
  101. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  102. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  103. data/lib/puppet/pops/issues.rb +0 -5
  104. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  105. data/lib/puppet/pops/model/ast.pp +0 -42
  106. data/lib/puppet/pops/model/ast.rb +0 -290
  107. data/lib/puppet/pops/model/factory.rb +0 -45
  108. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  109. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  110. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  111. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  112. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  113. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  114. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  115. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  116. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  117. data/lib/puppet/pops/types/type_parser.rb +0 -4
  118. data/lib/puppet/pops/types/types.rb +0 -1
  119. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  120. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  121. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  122. data/lib/puppet/provider.rb +0 -13
  123. data/lib/puppet/provider/nameservice.rb +0 -18
  124. data/lib/puppet/provider/package/dpkg.rb +0 -10
  125. data/lib/puppet/provider/package/gem.rb +23 -3
  126. data/lib/puppet/provider/package/pip.rb +0 -1
  127. data/lib/puppet/provider/package/pkg.rb +0 -4
  128. data/lib/puppet/provider/package/portage.rb +1 -1
  129. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  130. data/lib/puppet/provider/service/smf.rb +191 -73
  131. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  132. data/lib/puppet/reference/configuration.rb +2 -0
  133. data/lib/puppet/reference/indirection.rb +1 -1
  134. data/lib/puppet/resource.rb +1 -89
  135. data/lib/puppet/resource/catalog.rb +1 -14
  136. data/lib/puppet/resource/type.rb +3 -119
  137. data/lib/puppet/resource/type_collection.rb +3 -48
  138. data/lib/puppet/runtime.rb +1 -2
  139. data/lib/puppet/settings.rb +45 -33
  140. data/lib/puppet/settings/base_setting.rb +26 -2
  141. data/lib/puppet/settings/integer_setting.rb +17 -0
  142. data/lib/puppet/settings/port_setting.rb +15 -0
  143. data/lib/puppet/settings/priority_setting.rb +5 -4
  144. data/lib/puppet/ssl.rb +10 -6
  145. data/lib/puppet/ssl/base.rb +3 -5
  146. data/lib/puppet/ssl/certificate.rb +0 -6
  147. data/lib/puppet/ssl/certificate_request.rb +1 -12
  148. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  149. data/lib/puppet/ssl/oids.rb +3 -1
  150. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  151. data/lib/puppet/ssl/state_machine.rb +3 -1
  152. data/lib/puppet/ssl/verifier.rb +2 -0
  153. data/lib/puppet/test/test_helper.rb +1 -3
  154. data/lib/puppet/transaction.rb +1 -7
  155. data/lib/puppet/transaction/report.rb +2 -4
  156. data/lib/puppet/type.rb +0 -76
  157. data/lib/puppet/type/file.rb +5 -7
  158. data/lib/puppet/type/file/checksum.rb +1 -1
  159. data/lib/puppet/type/file/source.rb +1 -1
  160. data/lib/puppet/type/filebucket.rb +3 -3
  161. data/lib/puppet/type/package.rb +5 -13
  162. data/lib/puppet/util/execution.rb +0 -11
  163. data/lib/puppet/util/http_proxy.rb +2 -215
  164. data/lib/puppet/util/monkey_patches.rb +0 -46
  165. data/lib/puppet/util/rdoc.rb +0 -7
  166. data/lib/puppet/util/retry_action.rb +1 -1
  167. data/lib/puppet/util/rubygems.rb +5 -1
  168. data/lib/puppet/util/run_mode.rb +9 -1
  169. data/lib/puppet/util/windows.rb +3 -8
  170. data/lib/puppet/util/windows/daemon.rb +360 -0
  171. data/lib/puppet/util/windows/error.rb +1 -0
  172. data/lib/puppet/util/windows/eventlog.rb +4 -9
  173. data/lib/puppet/util/windows/file.rb +8 -242
  174. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  175. data/lib/puppet/util/windows/process.rb +4 -226
  176. data/lib/puppet/util/windows/service.rb +9 -460
  177. data/lib/puppet/util/windows/string.rb +12 -13
  178. data/lib/puppet/util/yaml.rb +0 -22
  179. data/lib/puppet/vendor/require_vendored.rb +0 -1
  180. data/lib/puppet/version.rb +1 -1
  181. data/lib/puppet/x509.rb +5 -1
  182. data/lib/puppet/x509/cert_provider.rb +29 -1
  183. data/locales/puppet.pot +531 -1232
  184. data/man/man5/puppet.conf.5 +37 -97
  185. data/man/man8/puppet-agent.8 +1 -1
  186. data/man/man8/puppet-apply.8 +1 -1
  187. data/man/man8/puppet-catalog.8 +1 -1
  188. data/man/man8/puppet-config.8 +1 -1
  189. data/man/man8/puppet-describe.8 +1 -1
  190. data/man/man8/puppet-device.8 +1 -1
  191. data/man/man8/puppet-doc.8 +1 -1
  192. data/man/man8/puppet-epp.8 +1 -1
  193. data/man/man8/puppet-facts.8 +55 -9
  194. data/man/man8/puppet-filebucket.8 +6 -6
  195. data/man/man8/puppet-generate.8 +1 -1
  196. data/man/man8/puppet-help.8 +1 -1
  197. data/man/man8/puppet-lookup.8 +1 -1
  198. data/man/man8/puppet-module.8 +1 -58
  199. data/man/man8/puppet-node.8 +4 -1
  200. data/man/man8/puppet-parser.8 +1 -1
  201. data/man/man8/puppet-plugin.8 +1 -1
  202. data/man/man8/puppet-report.8 +4 -1
  203. data/man/man8/puppet-resource.8 +1 -1
  204. data/man/man8/puppet-script.8 +1 -1
  205. data/man/man8/puppet-ssl.8 +1 -1
  206. data/man/man8/puppet.8 +2 -2
  207. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  208. data/spec/integration/application/agent_spec.rb +24 -11
  209. data/spec/integration/application/apply_spec.rb +1 -1
  210. data/spec/integration/application/filebucket_spec.rb +16 -16
  211. data/spec/integration/application/help_spec.rb +2 -0
  212. data/spec/integration/application/plugin_spec.rb +23 -1
  213. data/spec/integration/defaults_spec.rb +7 -3
  214. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  215. data/spec/integration/network/http_pool_spec.rb +3 -21
  216. data/spec/integration/parser/catalog_spec.rb +0 -38
  217. data/spec/integration/parser/node_spec.rb +0 -9
  218. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  219. data/spec/integration/type/file_spec.rb +5 -4
  220. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  221. data/spec/integration/util/windows/security_spec.rb +1 -1
  222. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  223. data/spec/lib/puppet_spec/settings.rb +7 -1
  224. data/spec/spec_helper.rb +2 -0
  225. data/spec/unit/agent_spec.rb +0 -2
  226. data/spec/unit/application/config_spec.rb +224 -4
  227. data/spec/unit/application/facts_spec.rb +35 -0
  228. data/spec/unit/application/filebucket_spec.rb +41 -39
  229. data/spec/unit/application/ssl_spec.rb +2 -2
  230. data/spec/unit/certificate_factory_spec.rb +1 -1
  231. data/spec/unit/configurer/downloader_spec.rb +6 -2
  232. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  233. data/spec/unit/configurer_spec.rb +12 -9
  234. data/spec/unit/context/trusted_information_spec.rb +2 -6
  235. data/spec/unit/defaults_spec.rb +77 -28
  236. data/spec/unit/environments_spec.rb +0 -3
  237. data/spec/unit/face/config_spec.rb +27 -32
  238. data/spec/unit/face/facts_spec.rb +4 -0
  239. data/spec/unit/face/plugin_spec.rb +73 -33
  240. data/spec/unit/file_bucket/file_spec.rb +1 -1
  241. data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
  242. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  243. data/spec/unit/functions/camelcase_spec.rb +1 -1
  244. data/spec/unit/functions/capitalize_spec.rb +1 -1
  245. data/spec/unit/functions/downcase_spec.rb +1 -1
  246. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  247. data/spec/unit/functions/upcase_spec.rb +1 -1
  248. data/spec/unit/http/client_spec.rb +7 -8
  249. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  250. data/spec/unit/http/external_client_spec.rb +4 -4
  251. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  252. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  253. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  254. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  255. data/spec/unit/http/resolver_spec.rb +13 -13
  256. data/spec/unit/http/service/compiler_spec.rb +49 -62
  257. data/spec/unit/http/service/file_server_spec.rb +3 -3
  258. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  259. data/spec/unit/http/service_spec.rb +1 -2
  260. data/spec/unit/http/session_spec.rb +16 -14
  261. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  262. data/spec/unit/indirector/facts/facter_spec.rb +97 -0
  263. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  264. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  265. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  266. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  267. data/spec/unit/indirector/file_server_spec.rb +1 -15
  268. data/spec/unit/indirector/node/json_spec.rb +33 -0
  269. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  270. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  271. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  272. data/spec/unit/indirector/request_spec.rb +0 -264
  273. data/spec/unit/indirector/rest_spec.rb +98 -752
  274. data/spec/unit/network/authconfig_spec.rb +2 -132
  275. data/spec/unit/network/authorization_spec.rb +2 -55
  276. data/spec/unit/network/formats_spec.rb +4 -4
  277. data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -97
  278. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  279. data/spec/unit/network/http/api_spec.rb +10 -0
  280. data/spec/unit/network/http/connection_spec.rb +19 -41
  281. data/spec/unit/network/http/handler_spec.rb +0 -6
  282. data/spec/unit/network/http_pool_spec.rb +0 -4
  283. data/spec/unit/node/environment_spec.rb +33 -21
  284. data/spec/unit/node_spec.rb +2 -54
  285. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  286. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  287. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  288. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  289. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  290. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  291. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  292. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  293. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  294. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  295. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  296. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  297. data/spec/unit/pops/visitor_spec.rb +1 -1
  298. data/spec/unit/provider/nameservice_spec.rb +0 -57
  299. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  300. data/spec/unit/provider/package/gem_spec.rb +32 -0
  301. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  302. data/spec/unit/provider/service/smf_spec.rb +401 -165
  303. data/spec/unit/provider/service/windows_spec.rb +0 -1
  304. data/spec/unit/provider_spec.rb +0 -12
  305. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  306. data/spec/unit/resource/type_collection_spec.rb +2 -22
  307. data/spec/unit/resource_spec.rb +0 -56
  308. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  309. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  310. data/spec/unit/settings/port_setting_spec.rb +31 -0
  311. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  312. data/spec/unit/settings_spec.rb +423 -236
  313. data/spec/unit/ssl/base_spec.rb +36 -3
  314. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  315. data/spec/unit/ssl/certificate_spec.rb +2 -11
  316. data/spec/unit/ssl/ssl_provider_spec.rb +11 -8
  317. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  318. data/spec/unit/ssl/verifier_spec.rb +0 -21
  319. data/spec/unit/transaction/report_spec.rb +0 -2
  320. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  321. data/spec/unit/transaction_spec.rb +45 -79
  322. data/spec/unit/type/file/checksum_spec.rb +6 -6
  323. data/spec/unit/type/file/content_spec.rb +1 -1
  324. data/spec/unit/type/file/ensure_spec.rb +1 -1
  325. data/spec/unit/type/file/mode_spec.rb +1 -1
  326. data/spec/unit/type/file/source_spec.rb +0 -1
  327. data/spec/unit/type/file_spec.rb +12 -6
  328. data/spec/unit/type/package_spec.rb +1 -1
  329. data/spec/unit/type_spec.rb +20 -0
  330. data/spec/unit/util/backups_spec.rb +0 -2
  331. data/spec/unit/util/execution_spec.rb +0 -29
  332. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  333. data/spec/unit/util/rubygems_spec.rb +2 -2
  334. data/spec/unit/util/run_mode_spec.rb +21 -121
  335. data/spec/unit/util/windows/string_spec.rb +1 -3
  336. data/spec/unit/util/yaml_spec.rb +0 -54
  337. data/spec/unit/util_spec.rb +0 -18
  338. metadata +50 -176
  339. data/conf/auth.conf +0 -150
  340. data/lib/puppet/application/cert.rb +0 -76
  341. data/lib/puppet/application/key.rb +0 -4
  342. data/lib/puppet/application/man.rb +0 -4
  343. data/lib/puppet/application/status.rb +0 -4
  344. data/lib/puppet/face/key.rb +0 -16
  345. data/lib/puppet/face/man.rb +0 -145
  346. data/lib/puppet/face/module/build.rb +0 -14
  347. data/lib/puppet/face/module/generate.rb +0 -14
  348. data/lib/puppet/face/module/search.rb +0 -103
  349. data/lib/puppet/face/status.rb +0 -51
  350. data/lib/puppet/indirector/certificate/file.rb +0 -9
  351. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  352. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  353. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  354. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  355. data/lib/puppet/indirector/file_content/http.rb +0 -22
  356. data/lib/puppet/indirector/key/file.rb +0 -46
  357. data/lib/puppet/indirector/key/memory.rb +0 -7
  358. data/lib/puppet/indirector/ssl_file.rb +0 -162
  359. data/lib/puppet/indirector/status.rb +0 -3
  360. data/lib/puppet/indirector/status/local.rb +0 -12
  361. data/lib/puppet/indirector/status/rest.rb +0 -27
  362. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  363. data/lib/puppet/network/auth_config_parser.rb +0 -90
  364. data/lib/puppet/network/authstore.rb +0 -283
  365. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  366. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  367. data/lib/puppet/network/http/base_pool.rb +0 -36
  368. data/lib/puppet/network/http/compression.rb +0 -127
  369. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  370. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  371. data/lib/puppet/network/rest_controller.rb +0 -2
  372. data/lib/puppet/network/rights.rb +0 -210
  373. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  374. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  375. data/lib/puppet/parser/environment_compiler.rb +0 -202
  376. data/lib/puppet/pops/types/enumeration.rb +0 -16
  377. data/lib/puppet/resource/capability_finder.rb +0 -154
  378. data/lib/puppet/rest/errors.rb +0 -15
  379. data/lib/puppet/rest/response.rb +0 -35
  380. data/lib/puppet/rest/route.rb +0 -85
  381. data/lib/puppet/rest/routes.rb +0 -135
  382. data/lib/puppet/ssl/host.rb +0 -505
  383. data/lib/puppet/ssl/key.rb +0 -61
  384. data/lib/puppet/ssl/validator.rb +0 -61
  385. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  386. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  387. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  388. data/lib/puppet/status.rb +0 -40
  389. data/lib/puppet/util/connection.rb +0 -88
  390. data/lib/puppet/util/ssl.rb +0 -83
  391. data/lib/puppet/util/windows/api_types.rb +0 -309
  392. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  393. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  394. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  395. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  396. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  397. data/lib/puppet/vendor/pathspec/README.md +0 -53
  398. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  399. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  400. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  401. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  402. data/man/man8/puppet-key.8 +0 -126
  403. data/man/man8/puppet-man.8 +0 -76
  404. data/man/man8/puppet-status.8 +0 -108
  405. data/spec/integration/application/config_spec.rb +0 -74
  406. data/spec/integration/network/authconfig_spec.rb +0 -256
  407. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  408. data/spec/unit/application/man_spec.rb +0 -52
  409. data/spec/unit/capability_spec.rb +0 -414
  410. data/spec/unit/face/catalog_spec.rb +0 -6
  411. data/spec/unit/face/key_spec.rb +0 -9
  412. data/spec/unit/face/module/search_spec.rb +0 -231
  413. data/spec/unit/face/module_spec.rb +0 -3
  414. data/spec/unit/face/status_spec.rb +0 -9
  415. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  416. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  417. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  418. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  419. data/spec/unit/indirector/key/file_spec.rb +0 -79
  420. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  421. data/spec/unit/indirector/status/local_spec.rb +0 -10
  422. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  423. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  424. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  425. data/spec/unit/network/authstore_spec.rb +0 -422
  426. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  427. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  428. data/spec/unit/network/http/compression_spec.rb +0 -240
  429. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  430. data/spec/unit/network/http_spec.rb +0 -9
  431. data/spec/unit/network/rights_spec.rb +0 -439
  432. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  433. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  434. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  435. data/spec/unit/rest/route_spec.rb +0 -132
  436. data/spec/unit/ssl/host_spec.rb +0 -650
  437. data/spec/unit/ssl/key_spec.rb +0 -173
  438. data/spec/unit/ssl/validator_spec.rb +0 -278
  439. data/spec/unit/status_spec.rb +0 -45
  440. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -1,9 +0,0 @@
1
- require 'spec_helper'
2
- require 'puppet/network/http'
3
-
4
- describe Puppet::Network::HTTP do
5
- it 'defines an http_pool context' do
6
- pool = Puppet.lookup(:http_pool)
7
- expect(pool).to be_a(Puppet::Network::HTTP::Pool)
8
- end
9
- end
@@ -1,439 +0,0 @@
1
- require 'spec_helper'
2
-
3
- require 'puppet/network/rights'
4
-
5
- describe Puppet::Network::Rights do
6
- before do
7
- @right = Puppet::Network::Rights.new
8
- end
9
-
10
- describe "when validating a :head request" do
11
- [:find, :save].each do |allowed_method|
12
- it "should allow the request if only #{allowed_method} is allowed" do
13
- rights = Puppet::Network::Rights.new
14
- right = rights.newright("/")
15
- right.allow("*")
16
- right.restrict_method(allowed_method)
17
- right.restrict_authenticated(:any)
18
- expect(rights.is_request_forbidden_and_why?(:head, "/indirection_name/key", {})).to eq(nil)
19
- end
20
- end
21
-
22
- it "should disallow the request if neither :find nor :save is allowed" do
23
- rights = Puppet::Network::Rights.new
24
- why_forbidden = rights.is_request_forbidden_and_why?(:head, "/indirection_name/key", {})
25
- expect(why_forbidden).to be_instance_of(Puppet::Network::AuthorizationError)
26
- expect(why_forbidden.to_s).to eq("Forbidden request: /indirection_name/key [find]")
27
- end
28
- end
29
-
30
- it "should throw an error if type can't be determined" do
31
- expect { @right.newright("name") }.to raise_error(ArgumentError, /Unknown right type/)
32
- end
33
-
34
- describe "when creating new path ACLs" do
35
- it "should not throw an error if the ACL already exists" do
36
- @right.newright("/name")
37
-
38
- expect { @right.newright("/name")}.not_to raise_error
39
- end
40
-
41
- it "should throw an error if the acl uri path is not absolute" do
42
- expect { @right.newright("name")}.to raise_error(ArgumentError, /Unknown right type/)
43
- end
44
-
45
- it "should create a new ACL with the correct path" do
46
- @right.newright("/name")
47
-
48
- expect(@right["/name"]).not_to be_nil
49
- end
50
-
51
- it "should create an ACL of type Puppet::Network::AuthStore" do
52
- @right.newright("/name")
53
-
54
- expect(@right["/name"]).to be_a_kind_of(Puppet::Network::AuthStore)
55
- end
56
- end
57
-
58
- describe "when creating new regex ACLs" do
59
- it "should not throw an error if the ACL already exists" do
60
- @right.newright("~ .rb$")
61
-
62
- expect { @right.newright("~ .rb$")}.not_to raise_error
63
- end
64
-
65
- it "should create a new ACL with the correct regex" do
66
- @right.newright("~ .rb$")
67
-
68
- expect(@right.include?(".rb$")).not_to be_nil
69
- end
70
-
71
- it "should be able to lookup the regex" do
72
- @right.newright("~ .rb$")
73
-
74
- expect(@right[".rb$"]).not_to be_nil
75
- end
76
-
77
- it "should be able to lookup the regex by its full name" do
78
- @right.newright("~ .rb$")
79
-
80
- expect(@right["~ .rb$"]).not_to be_nil
81
- end
82
-
83
- it "should create an ACL of type Puppet::Network::AuthStore" do
84
- expect(@right.newright("~ .rb$")).to be_a_kind_of(Puppet::Network::AuthStore)
85
- end
86
- end
87
-
88
- describe "when checking ACLs existence" do
89
- it "should return false if there are no matching rights" do
90
- expect(@right.include?("name")).to be_falsey
91
- end
92
-
93
- it "should return true if a path right exists" do
94
- @right.newright("/name")
95
-
96
- expect(@right.include?("/name")).to be_truthy
97
- end
98
-
99
- it "should return false if no matching path rights exist" do
100
- @right.newright("/name")
101
-
102
- expect(@right.include?("/differentname")).to be_falsey
103
- end
104
-
105
- it "should return true if a regex right exists" do
106
- @right.newright("~ .rb$")
107
-
108
- expect(@right.include?(".rb$")).to be_truthy
109
- end
110
-
111
- it "should return false if no matching path rights exist" do
112
- @right.newright("~ .rb$")
113
-
114
- expect(@right.include?(".pp$")).to be_falsey
115
- end
116
- end
117
-
118
- describe "when checking if right is allowed" do
119
- before :each do
120
- allow(@right).to receive(:right).and_return(nil)
121
-
122
- @pathacl = double('pathacl', :"<=>" => 1, :line => 0, :file => 'dummy')
123
- allow(Puppet::Network::Rights::Right).to receive(:new).and_return(@pathacl)
124
- end
125
-
126
- it "should delegate to is_forbidden_and_why?" do
127
- expect(@right).to receive(:is_forbidden_and_why?).with("namespace", :node => "host.domain.com", :ip => "127.0.0.1").and_return(nil)
128
-
129
- @right.allowed?("namespace", "host.domain.com", "127.0.0.1")
130
- end
131
-
132
- it "should return true if is_forbidden_and_why? returns nil" do
133
- allow(@right).to receive(:is_forbidden_and_why?).and_return(nil)
134
- expect(@right.allowed?("namespace", :args)).to be_truthy
135
- end
136
-
137
- it "should return false if is_forbidden_and_why? returns an AuthorizationError" do
138
- allow(@right).to receive(:is_forbidden_and_why?).and_return(Puppet::Network::AuthorizationError.new("forbidden"))
139
- expect(@right.allowed?("namespace", :args1, :args2)).to be_falsey
140
- end
141
-
142
- it "should pass the match? return to allowed?" do
143
- @right.newright("/path/to/there")
144
-
145
- expect(@pathacl).to receive(:match?).and_return(:match)
146
- expect(@pathacl).to receive(:allowed?).with(anything, anything, hash_including(match: :match)).and_return(true)
147
-
148
- expect(@right.is_forbidden_and_why?("/path/to/there", {})).to eq(nil)
149
- end
150
-
151
- describe "with path acls" do
152
- before :each do
153
- @long_acl = double('longpathacl', :name => "/path/to/there", :line => 0, :file => 'dummy')
154
- allow(Puppet::Network::Rights::Right).to receive(:new).with("/path/to/there", 0, nil).and_return(@long_acl)
155
-
156
- @short_acl = double('shortpathacl', :name => "/path/to", :line => 0, :file => 'dummy')
157
- allow(Puppet::Network::Rights::Right).to receive(:new).with("/path/to", 0, nil).and_return(@short_acl)
158
-
159
- allow(@long_acl).to receive(:"<=>").with(@short_acl).and_return(0)
160
- allow(@short_acl).to receive(:"<=>").with(@long_acl).and_return(0)
161
- end
162
-
163
- it "should select the first match" do
164
- @right.newright("/path/to", 0)
165
- @right.newright("/path/to/there", 0)
166
-
167
- allow(@long_acl).to receive(:match?).and_return(true)
168
- allow(@short_acl).to receive(:match?).and_return(true)
169
-
170
- expect(@short_acl).to receive(:allowed?).and_return(true)
171
- expect(@long_acl).not_to receive(:allowed?)
172
-
173
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
174
- end
175
-
176
- it "should select the first match that doesn't return :dunno" do
177
- @right.newright("/path/to/there", 0, nil)
178
- @right.newright("/path/to", 0, nil)
179
-
180
- allow(@long_acl).to receive(:match?).and_return(true)
181
- allow(@short_acl).to receive(:match?).and_return(true)
182
-
183
- expect(@long_acl).to receive(:allowed?).and_return(:dunno)
184
- expect(@short_acl).to receive(:allowed?).and_return(true)
185
-
186
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
187
- end
188
-
189
- it "should not select an ACL that doesn't match" do
190
- @right.newright("/path/to/there", 0)
191
- @right.newright("/path/to", 0)
192
-
193
- allow(@long_acl).to receive(:match?).and_return(false)
194
- allow(@short_acl).to receive(:match?).and_return(true)
195
-
196
- expect(@long_acl).not_to receive(:allowed?)
197
- expect(@short_acl).to receive(:allowed?).and_return(true)
198
-
199
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
200
- end
201
-
202
- it "should not raise an AuthorizationError if allowed" do
203
- @right.newright("/path/to/there", 0)
204
-
205
- allow(@long_acl).to receive(:match?).and_return(true)
206
- allow(@long_acl).to receive(:allowed?).and_return(true)
207
-
208
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
209
- end
210
-
211
- it "should raise an AuthorizationError if the match is denied" do
212
- @right.newright("/path/to/there", 0, nil)
213
-
214
- allow(@long_acl).to receive(:match?).and_return(true)
215
- allow(@long_acl).to receive(:allowed?).and_return(false)
216
-
217
- expect(@right.is_forbidden_and_why?("/path/to/there", {})).to be_instance_of(Puppet::Network::AuthorizationError)
218
- end
219
-
220
- it "should raise an AuthorizationError if no path match" do
221
- expect(@right.is_forbidden_and_why?("/nomatch", {})).to be_instance_of(Puppet::Network::AuthorizationError)
222
- end
223
- end
224
-
225
- describe "with regex acls" do
226
- before :each do
227
- @regex_acl1 = double('regex_acl1', :name => "/files/(.*)/myfile", :line => 0, :file => 'dummy')
228
- allow(Puppet::Network::Rights::Right).to receive(:new).with("~ /files/(.*)/myfile", 0, nil).and_return(@regex_acl1)
229
-
230
- @regex_acl2 = double('regex_acl2', :name => "/files/(.*)/myfile/", :line => 0, :file => 'dummy')
231
- allow(Puppet::Network::Rights::Right).to receive(:new).with("~ /files/(.*)/myfile/", 0, nil).and_return(@regex_acl2)
232
-
233
- allow(@regex_acl1).to receive(:"<=>").with(@regex_acl2).and_return(0)
234
- allow(@regex_acl2).to receive(:"<=>").with(@regex_acl1).and_return(0)
235
- end
236
-
237
- it "should select the first match" do
238
- @right.newright("~ /files/(.*)/myfile", 0)
239
- @right.newright("~ /files/(.*)/myfile/", 0)
240
-
241
- allow(@regex_acl1).to receive(:match?).and_return(true)
242
- allow(@regex_acl2).to receive(:match?).and_return(true)
243
-
244
- expect(@regex_acl1).to receive(:allowed?).and_return(true)
245
- expect(@regex_acl2).not_to receive(:allowed?)
246
-
247
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
248
- end
249
-
250
- it "should select the first match that doesn't return :dunno" do
251
- @right.newright("~ /files/(.*)/myfile", 0)
252
- @right.newright("~ /files/(.*)/myfile/", 0)
253
-
254
- allow(@regex_acl1).to receive(:match?).and_return(true)
255
- allow(@regex_acl2).to receive(:match?).and_return(true)
256
-
257
- expect(@regex_acl1).to receive(:allowed?).and_return(:dunno)
258
- expect(@regex_acl2).to receive(:allowed?).and_return(true)
259
-
260
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
261
- end
262
-
263
- it "should not select an ACL that doesn't match" do
264
- @right.newright("~ /files/(.*)/myfile", 0)
265
- @right.newright("~ /files/(.*)/myfile/", 0)
266
-
267
- allow(@regex_acl1).to receive(:match?).and_return(false)
268
- allow(@regex_acl2).to receive(:match?).and_return(true)
269
-
270
- expect(@regex_acl1).not_to receive(:allowed?)
271
- expect(@regex_acl2).to receive(:allowed?).and_return(true)
272
-
273
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
274
- end
275
-
276
- it "should not raise an AuthorizationError if allowed" do
277
- @right.newright("~ /files/(.*)/myfile", 0)
278
-
279
- allow(@regex_acl1).to receive(:match?).and_return(true)
280
- allow(@regex_acl1).to receive(:allowed?).and_return(true)
281
-
282
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
283
- end
284
-
285
- it "should raise an error if no regex acl match" do
286
- expect(@right.is_forbidden_and_why?("/path", {})).to be_instance_of(Puppet::Network::AuthorizationError)
287
- end
288
-
289
- it "should raise an AuthorizedError on deny" do
290
- expect(@right.is_forbidden_and_why?("/path", {})).to be_instance_of(Puppet::Network::AuthorizationError)
291
- end
292
-
293
- end
294
- end
295
-
296
- describe Puppet::Network::Rights::Right do
297
- before :each do
298
- @acl = Puppet::Network::Rights::Right.new("/path",0, nil)
299
- end
300
-
301
- describe "with path" do
302
- it "should match up to its path length" do
303
- expect(@acl.match?("/path/that/works")).not_to be_nil
304
- end
305
-
306
- it "should match up to its path length" do
307
- expect(@acl.match?("/paththatalsoworks")).not_to be_nil
308
- end
309
-
310
- it "should return nil if no match" do
311
- expect(@acl.match?("/notpath")).to be_nil
312
- end
313
- end
314
-
315
- describe "with regex" do
316
- before :each do
317
- @acl = Puppet::Network::Rights::Right.new("~ .rb$",0, nil)
318
- end
319
-
320
- it "should match as a regex" do
321
- expect(@acl.match?("this should work.rb")).not_to be_nil
322
- end
323
-
324
- it "should return nil if no match" do
325
- expect(@acl.match?("do not match")).to be_nil
326
- end
327
- end
328
-
329
- it "should allow all rest methods by default" do
330
- expect(@acl.methods).to eq(Puppet::Network::Rights::Right::ALL)
331
- end
332
-
333
- it "should allow only authenticated request by default" do
334
- expect(@acl.authentication).to be_truthy
335
- end
336
-
337
- it "should allow modification of the methods filters" do
338
- @acl.restrict_method(:save)
339
-
340
- expect(@acl.methods).to eq([:save])
341
- end
342
-
343
- it "should stack methods filters" do
344
- @acl.restrict_method(:save)
345
- @acl.restrict_method(:destroy)
346
-
347
- expect(@acl.methods).to eq([:save, :destroy])
348
- end
349
-
350
- it "should raise an error if the method is already filtered" do
351
- @acl.restrict_method(:save)
352
-
353
- expect { @acl.restrict_method(:save) }.to raise_error(ArgumentError, /'save' is already in the '\/path'/)
354
- end
355
-
356
- it "should allow setting an environment filters" do
357
- env = Puppet::Node::Environment.create(:acltest, [])
358
- Puppet.override(:environments => Puppet::Environments::Static.new(env)) do
359
- @acl.restrict_environment(:acltest)
360
-
361
- expect(@acl.environment).to eq([env])
362
- end
363
- end
364
-
365
- ["on", "yes", "true", true].each do |auth|
366
- it "should allow filtering on authenticated requests with '#{auth}'" do
367
- @acl.restrict_authenticated(auth)
368
-
369
- expect(@acl.authentication).to be_truthy
370
- end
371
- end
372
-
373
- ["off", "no", "false", false, "all", "any", :all, :any].each do |auth|
374
- it "should allow filtering on authenticated or unauthenticated requests with '#{auth}'" do
375
- @acl.restrict_authenticated(auth)
376
- expect(@acl.authentication).to be_falsey
377
- end
378
- end
379
-
380
- describe "when checking right authorization" do
381
- it "should return :dunno if this right is not restricted to the given method" do
382
- @acl.restrict_method(:destroy)
383
-
384
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save } )).to eq(:dunno)
385
- end
386
-
387
- it "should return true if this right is restricted to the given method" do
388
- @acl.restrict_method(:save)
389
- @acl.allow("me")
390
-
391
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :authenticated => true })).to eq true
392
- end
393
-
394
- it "should return :dunno if this right is not restricted to the given environment" do
395
- prod = Puppet::Node::Environment.create(:production, [])
396
- dev = Puppet::Node::Environment.create(:development, [])
397
- Puppet.override(:environments => Puppet::Environments::Static.new(prod, dev)) do
398
- @acl.restrict_environment(:production)
399
-
400
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :environment => dev })).to eq(:dunno)
401
- end
402
- end
403
-
404
- it "returns true if the request is permitted for this environment" do
405
- @acl.allow("me")
406
- prod = Puppet::Node::Environment.create(:production, [])
407
- Puppet.override(:environments => Puppet::Environments::Static.new(prod)) do
408
- @acl.restrict_environment(:production)
409
- expect(@acl.allowed?("me", "127.0.0.1", { :method => :save, :authenticated => true, :environment => prod })).to eq true
410
- end
411
- end
412
-
413
- it "should return :dunno if this right is not restricted to the given request authentication state" do
414
- @acl.restrict_authenticated(true)
415
-
416
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :authenticated => false })).to eq(:dunno)
417
- end
418
-
419
- it "returns true if this right is restricted to the given request authentication state" do
420
- @acl.restrict_authenticated(false)
421
- @acl.allow("me")
422
-
423
- expect(@acl.allowed?("me","127.0.0.1", {:method => :save, :authenticated => false })).to eq true
424
- end
425
-
426
- it "should interpolate allow/deny patterns with the given match" do
427
- expect(@acl).to receive(:interpolate).with(:match)
428
-
429
- @acl.allowed?("me","127.0.0.1", { :method => :save, :match => :match, :authenticated => true })
430
- end
431
-
432
- it "should reset interpolation after the match" do
433
- expect(@acl).to receive(:reset_interpolation)
434
-
435
- @acl.allowed?("me","127.0.0.1", { :method => :save, :match => :match, :authenticated => true })
436
- end
437
- end
438
- end
439
- end
@@ -1,730 +0,0 @@
1
- require 'spec_helper'
2
- require 'puppet_spec/compiler'
3
- require 'puppet/parser/environment_compiler'
4
-
5
- describe "Application instantiation" do
6
- include PuppetSpec::Compiler
7
-
8
- let(:env) { Puppet::Node::Environment.create(:testing, []) }
9
- let(:node) { Puppet::Node.new('test', :environment => env) }
10
- let(:loaders) { Puppet::Pops::Loaders.new(env) }
11
- let(:logs) { [] }
12
- let(:notices) { logs.select { |log| log.level == :notice }.map { |log| log.message } }
13
- let(:warnings) { logs.select { |log| log.level == :warning }.map { |log| log.message } }
14
-
15
- def compile_collect_log(string)
16
- Puppet::Util::Log.with_destination(Puppet::Test::LogCollector.new(logs)) do
17
- compile_to_catalog(string, Puppet::Node.new('other', :environment => env))
18
- end
19
- end
20
-
21
- def compile_to_env_catalog(string, code_id=nil)
22
- Puppet[:code] = string
23
- Puppet::Parser::EnvironmentCompiler.compile(env, code_id).filter { |r| r.virtual? }
24
- end
25
-
26
- before(:each) do
27
- allow_any_instance_of(Puppet::Parser::Compiler).to receive(:loaders).and_return(loaders)
28
- allow_any_instance_of(Puppet::Parser::EnvironmentCompiler).to receive(:loaders).and_return(loaders)
29
- Puppet.push_context({:loaders => loaders, :current_environment => env})
30
- Puppet::Type.newtype :cap, :is_capability => true do
31
- newparam :name
32
- newparam :host
33
- end
34
- end
35
-
36
- after(:each) do
37
- Puppet::Type.rmtype(:cap)
38
- Puppet.pop_context()
39
- end
40
-
41
- MANIFEST = <<-EOS
42
- define prod($host) {
43
- notify { "host ${host}":}
44
- }
45
-
46
- Prod produces Cap { }
47
-
48
- define cons($host) {
49
- notify { "host ${host}": }
50
- }
51
-
52
- Cons consumes Cap { }
53
-
54
- application app {
55
- prod { one: host => ahost, export => Cap[cap] }
56
- cons { two: host => ahost, consume => Cap[cap] }
57
- cons { three: consume => Cap[cap] }
58
- }
59
-
60
- site {
61
- app { anapp:
62
- nodes => {
63
- Node[first] => Prod[one],
64
- Node[second] => Cons[two]
65
- }
66
- }
67
- }
68
- EOS
69
-
70
- MANIFEST_WO_EXPORT = <<-EOS
71
- define prod($host) {
72
- notify { "host ${host}":}
73
- }
74
-
75
- Prod produces Cap { }
76
-
77
- define cons($host) {
78
- notify { "host ${host}": }
79
- }
80
-
81
- Cons consumes Cap { }
82
-
83
- application app {
84
- cons { two: host => ahost, consume => Cap[cap] }
85
- }
86
-
87
- site {
88
- app { anapp:
89
- nodes => {
90
- Node[first] => Prod[one],
91
- Node[second] => Cons[two]
92
- }
93
- }
94
- }
95
- EOS
96
-
97
- MANIFEST_WO_NODE = <<-EOS
98
- define prod($host) {
99
- notify { "host ${host}":}
100
- }
101
-
102
- Prod produces Cap { }
103
-
104
- define cons($host) {
105
- notify { "host ${host}": }
106
- }
107
-
108
- Cons consumes Cap { }
109
-
110
- application app {
111
- prod { one: host => ahost, export => Cap[cap] }
112
- cons { two: host => ahost, consume => Cap[cap] }
113
- }
114
-
115
- site {
116
- app { anapp:
117
- }
118
- }
119
- EOS
120
-
121
- MANIFEST_WITH_STRING_NODES = <<-EOS
122
- application app {
123
- }
124
-
125
- site {
126
- app { anapp:
127
- nodes => "foobar",
128
- }
129
- }
130
- EOS
131
-
132
- MANIFEST_WITH_FALSE_NODES = <<-EOS
133
- application app {
134
- }
135
-
136
- site {
137
- app { anapp:
138
- nodes => false,
139
- }
140
- }
141
- EOS
142
-
143
- MANIFEST_REQ_WO_EXPORT = <<-EOS
144
- define prod($host) {
145
- notify { "host ${host}":}
146
- }
147
-
148
- Prod produces Cap { }
149
-
150
- define cons($host) {
151
- notify { "host ${host}": }
152
- }
153
-
154
- Cons consumes Cap { }
155
-
156
- application app {
157
- cons { two: host => ahost, require => Cap[cap] }
158
- }
159
-
160
- site {
161
- app { anapp:
162
- nodes => {
163
- Node[first] => Prod[one],
164
- Node[second] => Cons[two]
165
- }
166
- }
167
- }
168
- EOS
169
-
170
- MANIFEST_WITH_DOUBLE_EXPORT = <<-EOS
171
- define prod($host) {
172
- notify { "host ${host}":}
173
- }
174
-
175
- Prod produces Cap { }
176
-
177
- define cons($host) {
178
- notify { "host ${host}": }
179
- }
180
-
181
- Cons consumes Cap { }
182
-
183
- application app {
184
- prod { one: host => ahost, export => Cap[cap] }
185
- prod { two: host => anotherhost, export => Cap[cap] }
186
- cons { two: host => ahost, consume => Cap[cap] }
187
- }
188
-
189
- site {
190
- app { anapp:
191
- nodes => {
192
- Node[first] => Prod[one],
193
- Node[second] => Cons[two]
194
- }
195
- }
196
- }
197
- EOS
198
-
199
- FAULTY_MANIFEST = <<-EOS
200
- define prod($host) {
201
- notify { "host ${host}":}
202
- }
203
-
204
- Prod produces Cap { }
205
-
206
- define cons($host) {
207
- notify { "host ${host}": }
208
- }
209
-
210
- Cons consumes Cap { }
211
-
212
- application app {
213
- prod { one: host => ahost, export => Cap[cap] }
214
- cons { two: host => ahost, consume => Cap[cap] }
215
- }
216
-
217
- # app is not in site => error
218
- app { anapp:
219
- nodes => {
220
- Node[first] => Prod[one],
221
- Node[second] => Cons[two]
222
- }
223
- }
224
- EOS
225
-
226
- MANIFEST_WITH_SITE = <<-EOS
227
- define prod($host) {
228
- notify { "host ${host}":}
229
- }
230
-
231
- Prod produces Cap { }
232
-
233
- define cons($host) {
234
- notify { "host ${host}": }
235
- }
236
-
237
- Cons consumes Cap { }
238
-
239
- application app {
240
- prod { one: host => ahost, export => Cap[cap] }
241
- cons { two: host => ahost, consume => Cap[cap] }
242
- }
243
-
244
- $one = not_the_value_one
245
- $two = two
246
-
247
- node default {
248
- notify { "on a node": }
249
- }
250
-
251
- notify { 'ignore me': }
252
-
253
- site {
254
- $one = one
255
- app { anapp:
256
- nodes => {
257
- Node[first] => Prod[$one],
258
- Node[second] => Cons[$two]
259
- }
260
- }
261
- }
262
- EOS
263
-
264
- MANIFEST_WITH_ILLEGAL_RESOURCE = <<-EOS
265
- define prod($host) {
266
- notify { "host ${host}":}
267
- }
268
-
269
- Prod produces Cap { }
270
-
271
- define cons($host) {
272
- notify { "host ${host}": }
273
- }
274
-
275
- Cons consumes Cap { }
276
-
277
- application app {
278
- prod { one: host => ahost, export => Cap[cap] }
279
- cons { two: consume => Cap[cap] }
280
- }
281
-
282
- site {
283
- # The rouge expression is here
284
- notify { 'fail me': }
285
- $one = one
286
- app { anapp:
287
- nodes => {
288
- Node[first] => Prod[one],
289
- Node[second] => Cons[two]
290
- }
291
- }
292
- }
293
- EOS
294
-
295
- MANIFEST_WITH_CLASS = <<-EOS
296
- define test($host) {
297
- notify { "c $host": }
298
- }
299
-
300
- class prod($host) {
301
- notify { "p $host": }
302
- }
303
-
304
- class cons($host) {
305
- test { c: host => $host }
306
- }
307
-
308
- Class[prod] produces Cap {}
309
-
310
- Class[cons] consumes Cap {}
311
-
312
- application app {
313
- class { prod: host => 'ahost', export => Cap[cap]}
314
- class { cons: consume => Cap[cap]}
315
- }
316
-
317
- site {
318
- app { anapp:
319
- nodes => {
320
- Node[first] => Class[prod],
321
- Node[second] => Class[cons]
322
- }
323
- }
324
- }
325
- EOS
326
-
327
-
328
- context 'a node catalog' do
329
- it "is unaffected for a non-participating node" do
330
- catalog = compile_to_catalog(MANIFEST, Puppet::Node.new('other', :environment => env))
331
- types = catalog.resource_keys.map { |type, _| type }.uniq.sort
332
- expect(types).to eq(["Class", "Stage"])
333
- end
334
-
335
- it "an application instance must be contained in a site" do
336
- expect { compile_to_catalog(FAULTY_MANIFEST, Puppet::Node.new('first', :environment => env))
337
- }.to raise_error(/Application instances .* can only be contained within a Site/)
338
- end
339
-
340
- it "does not raise an error when node mappings are not provided" do
341
- expect { compile_to_catalog(MANIFEST_WO_NODE, node) }.to_not raise_error
342
- end
343
-
344
- it "raises an error if node mapping is a string" do
345
- expect { compile_to_catalog(MANIFEST_WITH_STRING_NODES, node)
346
- }.to raise_error(/Invalid node mapping in .*: Mapping must be a hash/)
347
- end
348
-
349
- it "raises an error if node mapping is false" do
350
- expect { compile_to_catalog(MANIFEST_WITH_FALSE_NODES, node)
351
- }.to raise_error(/Invalid node mapping in .*: Mapping must be a hash/)
352
- end
353
-
354
- it "detects that consumed capability is never exported" do
355
- expect { compile_to_env_catalog(MANIFEST_WO_EXPORT)
356
- }.to raise_error(/Capability 'Cap\[cap\]' referenced by 'consume' is never exported/)
357
- end
358
-
359
- it "detects that required capability is never exported" do
360
- expect { compile_to_env_catalog(MANIFEST_REQ_WO_EXPORT)
361
- }.to raise_error(/Capability 'Cap\[cap\]' referenced by 'require' is never exported/)
362
- end
363
-
364
- it "detects that a capability is exported more than once" do
365
- expect { compile_to_env_catalog(MANIFEST_WITH_DOUBLE_EXPORT)
366
- }.to raise_error(/'Cap\[cap\]' is exported by both 'Prod\[one\]' and 'Prod\[two\]'/)
367
- end
368
-
369
- it "issues deprecation warnings" do
370
- expect {compile_collect_log(MANIFEST_WO_NODE)}.not_to raise_error
371
- expect(warnings).to include(/Capability Mapping is deprecated/) # there are two of these
372
- expect(warnings).to include(/Application is deprecated/)
373
- expect(warnings).to include(/Site Definition is deprecated/)
374
- end
375
-
376
- context "for producing node" do
377
- let(:compiled_node) { Puppet::Node.new('first', :environment => env) }
378
- let(:compiled_catalog) { compile_to_catalog(MANIFEST, compiled_node)}
379
-
380
- { "App[anapp]" => 'application instance',
381
- "Cap[cap]" => 'capability resource',
382
- "Prod[one]" => 'component',
383
- "Notify[host ahost]" => 'node resource'
384
- }.each do |k,v|
385
- it "contains the #{v} (#{k})" do
386
- expect(compiled_catalog.resource(k)).not_to be_nil
387
- end
388
- end
389
-
390
- it "does not contain the consumed resource (Cons[two])" do
391
- expect(compiled_catalog.resource("Cons[two]")).to be_nil
392
- end
393
- end
394
-
395
- context "for consuming node" do
396
- let(:compiled_node) { Puppet::Node.new('second', :environment => env) }
397
- let(:compiled_catalog) { compile_to_catalog(MANIFEST, compiled_node)}
398
- let(:cap) {
399
- the_cap = Puppet::Resource.new("Cap", "cap")
400
- the_cap["host"] = "ahost"
401
- the_cap
402
- }
403
-
404
- { "App[anapp]" => 'application instance',
405
- "Cap[cap]" => 'capability resource',
406
- "Cons[two]" => 'component',
407
- "Notify[host ahost]" => 'node resource'
408
- }.each do |k,v|
409
- it "contains the #{v} (#{k})" do
410
- # Mock the connection to Puppet DB
411
- expect(Puppet::Resource::CapabilityFinder).to receive(:find).and_return(cap)
412
- expect(compiled_catalog.resource(k)).not_to be_nil
413
- end
414
- end
415
-
416
- it "does not contain the produced resource (Prod[one])" do
417
- # Mock the connection to Puppet DB
418
- expect(Puppet::Resource::CapabilityFinder).to receive(:find).and_return(cap)
419
- expect(compiled_catalog.resource("Prod[one]")).to be_nil
420
- end
421
- end
422
-
423
- context "for node with class producer" do
424
- let(:compiled_node) { Puppet::Node.new('first', :environment => env) }
425
- let(:compiled_catalog) { compile_to_catalog(MANIFEST_WITH_CLASS, compiled_node)}
426
-
427
- { "App[anapp]" => 'application instance',
428
- "Cap[cap]" => 'capability resource',
429
- "Class[prod]" => 'class',
430
- "Notify[p ahost]" => 'node resource'
431
- }.each do |k,v|
432
- it "contains the #{v} (#{k})" do
433
- cat = compiled_catalog
434
- expect(cat.resource(k)).not_to be_nil
435
- end
436
- end
437
-
438
- it "does not contain the consumed resource (Class[cons])" do
439
- expect(compiled_catalog.resource("Class[cons]")).to be_nil
440
- end
441
- end
442
-
443
- context "for node with class consumer" do
444
- let(:compiled_node) { Puppet::Node.new('second', :environment => env) }
445
- let(:compiled_catalog) { compile_to_catalog(MANIFEST_WITH_CLASS, compiled_node)}
446
- let(:cap) {
447
- the_cap = Puppet::Resource.new("Cap", "cap")
448
- the_cap["host"] = "ahost"
449
- the_cap
450
- }
451
-
452
- { "App[anapp]" => 'application instance',
453
- "Cap[cap]" => 'capability resource',
454
- "Class[cons]" => 'class',
455
- "Notify[c ahost]" => 'node resource'
456
- }.each do |k,v|
457
- it "contains the #{v} (#{k})" do
458
- # Mock the connection to Puppet DB
459
- expect(Puppet::Resource::CapabilityFinder).to receive(:find).and_return(cap)
460
- expect(compiled_catalog.resource(k)).not_to be_nil
461
- end
462
- end
463
-
464
- it "does not contain the produced resource (Class[prod])" do
465
- # Mock the connection to Puppet DB
466
- expect(Puppet::Resource::CapabilityFinder).to receive(:find).and_return(cap)
467
- expect(compiled_catalog.resource("Class[prod]")).to be_nil
468
- end
469
- end
470
-
471
- context "when using a site expression" do
472
- # The site expression must be evaluated in a node catalog compilation because
473
- # the application instantiations inside it may contain other logic (local variables)
474
- # that are used to instantiate an application. The application instances are needed.
475
- #
476
- it "the node expressions is evaluated" do
477
- catalog = compile_to_catalog(MANIFEST_WITH_SITE, Puppet::Node.new('other', :environment => env))
478
- types = catalog.resource_keys.map { |type, _| type }.uniq.sort
479
- expect(types).to eq(["Class", "Node", "Notify", "Stage"])
480
- expect(catalog.resource("Notify[on a node]")).to_not be_nil
481
- expect(catalog.resource("Notify[on the site]")).to be_nil
482
- end
483
-
484
- end
485
-
486
- context "when using a site expression" do
487
- it "the site expression is not evaluated in a node compilation" do
488
- catalog = compile_to_catalog(MANIFEST_WITH_SITE, Puppet::Node.new('other', :environment => env))
489
- types = catalog.resource_keys.map { |type, _| type }.uniq.sort
490
- expect(types).to eq(["Class", "Node", "Notify", "Stage"])
491
- expect(catalog.resource("Notify[on a node]")).to_not be_nil
492
- expect(catalog.resource("Notify[on the site]")).to be_nil
493
- end
494
-
495
- end
496
- end
497
-
498
- describe "in the environment catalog" do
499
- it "does not fail if there is no site expression" do
500
- expect {
501
- compile_to_env_catalog(<<-EOC).to_resource
502
- notify { 'ignore me':}
503
- EOC
504
- }.to_not raise_error()
505
- end
506
-
507
- it "ignores usage of hiera_include() at topscope for classification" do
508
- expect(Puppet).to receive(:debug).with(/Ignoring hiera_include/)
509
-
510
- expect {
511
- compile_to_env_catalog(<<-EOC).to_resource
512
- hiera_include('classes')
513
- site { }
514
- EOC
515
- }.to_not raise_error()
516
-
517
- end
518
-
519
- it 'removes overriden functions after compile' do
520
- expect {
521
- compile_to_env_catalog(<<-EOC)
522
- hiera_include('classes')
523
- site { }
524
- EOC
525
- }.to_not raise_error()
526
- func = Puppet::Pops::Loaders.loaders.puppet_system_loader.load(:function, 'hiera_include')
527
- expect(func).to be_a(Puppet::Functions::Function)
528
- end
529
-
530
- it "includes components and capability resources" do
531
- catalog = compile_to_env_catalog(MANIFEST).to_resource
532
- apps = catalog.resources.select do |res|
533
- res.resource_type && res.resource_type.application?
534
- end
535
- expect(apps.size).to eq(1)
536
- app = apps.first
537
- expect(app["nodes"]).not_to be_nil
538
- comps = catalog.direct_dependents_of(app).map(&:ref).sort
539
- expect(comps).to eq(["Cons[three]", "Cons[two]", "Prod[one]"])
540
-
541
- prod = catalog.resource("Prod[one]")
542
- expect(prod).not_to be_nil
543
- expect(prod.export.map(&:ref)).to eq(["Cap[cap]"])
544
-
545
- cons = catalog.resource("Cons[two]")
546
- expect(cons).not_to be_nil
547
- expect(cons[:consume].ref).to eq("Cap[cap]")
548
- end
549
-
550
- it "includes class components" do
551
- catalog = compile_to_env_catalog(MANIFEST_WITH_CLASS).to_resource
552
- classes = catalog.resources.select do |res|
553
- res.type == 'Class' && (res.title == 'Prod' || res.title == 'Cons')
554
- end
555
- expect(classes.size).to eq(2)
556
- expect(classes.map(&:ref).sort).to eq(["Class[Cons]", "Class[Prod]"])
557
-
558
- prod = catalog.resource("Class[prod]")
559
- expect(prod).not_to be_nil
560
- expect(prod.export.map(&:ref)).to eq(["Cap[cap]"])
561
-
562
- cons = catalog.resource("Class[cons]")
563
- expect(cons).not_to be_nil
564
- expect(cons[:consume].ref).to eq("Cap[cap]")
565
- end
566
-
567
- it "an application instance must be contained in a site" do
568
- expect { compile_to_env_catalog(FAULTY_MANIFEST)
569
- }.to raise_error(/Application instances .* can only be contained within a Site/)
570
- end
571
-
572
- context "when using a site expression" do
573
- it "includes components and capability resources" do
574
- catalog = compile_to_env_catalog(MANIFEST_WITH_SITE).to_resource
575
- apps = catalog.resources.select do |res|
576
- res.resource_type && res.resource_type.application?
577
- end
578
- expect(apps.size).to eq(1)
579
- app = apps.first
580
- expect(app["nodes"]).not_to be_nil
581
- comps = catalog.direct_dependents_of(app).map(&:ref).sort
582
- expect(comps).to eq(["Cons[two]", "Prod[one]"])
583
-
584
- prod = catalog.resource("Prod[one]")
585
- expect(prod).not_to be_nil
586
- expect(prod.export.map(&:ref)).to eq(["Cap[cap]"])
587
-
588
- cons = catalog.resource("Cons[two]")
589
- expect(cons).not_to be_nil
590
- expect(cons[:consume].ref).to eq("Cap[cap]")
591
- end
592
-
593
- it "the site expression is evaluated in an environment compilation" do
594
- catalog = compile_to_env_catalog(MANIFEST_WITH_SITE).to_resource
595
- types = catalog.resource_keys.map { |type, _| type }.uniq.sort
596
- expect(types).to eq(["App", "Class", "Cons", "Prod", "Site", "Stage"])
597
- expect(catalog.resource("Notify[on a node]")).to be_nil
598
- apps = catalog.resources.select do |res|
599
- res.resource_type && res.resource_type.application?
600
- end
601
- expect(apps.size).to eq(1)
602
- app = apps.first
603
- comps = catalog.direct_dependents_of(app).map(&:ref).sort
604
- expect(comps).to eq(["Cons[two]", "Prod[one]"])
605
- end
606
-
607
- it "fails if there are non component resources in the site" do
608
- expect {
609
- compile_to_env_catalog(MANIFEST_WITH_ILLEGAL_RESOURCE).to_resource
610
- }.to raise_error(/Only application components can appear inside a site - Notify\[fail me\] is not allowed \(line: 20\)/)
611
- end
612
- end
613
-
614
- it "includes code_id if specified" do
615
- catalog = compile_to_env_catalog(MANIFEST_WITH_SITE, "12345")
616
- expect(catalog.code_id).to eq("12345")
617
- end
618
-
619
- it "omits code_id if unspecified" do
620
- catalog = compile_to_env_catalog(MANIFEST_WITH_SITE)
621
- expect(catalog.code_id).to be_nil
622
- end
623
- end
624
-
625
-
626
- describe "when validation of nodes" do
627
- it 'validates that the key of a node mapping is a Node' do
628
- expect { compile_to_catalog(<<-EOS, Puppet::Node.new('other', :environment => env))
629
- application app {
630
- }
631
-
632
- site {
633
- app { anapp:
634
- nodes => {
635
- 'hello' => Node[other],
636
- }
637
- }
638
- }
639
- EOS
640
- }.to raise_error(Puppet::Error, /hello is not a Node/)
641
- end
642
-
643
- it 'validates that the value of a node mapping is a resource' do
644
- expect { compile_to_catalog(<<-EOS, Puppet::Node.new('other', :environment => env))
645
- application app {
646
- }
647
-
648
- site {
649
- app { anapp:
650
- nodes => {
651
- Node[other] => 'hello'
652
- }
653
- }
654
- }
655
- EOS
656
- }.to raise_error(Puppet::Error, /hello is not a resource/)
657
- end
658
-
659
- it 'validates that the value can be an array or resources' do
660
- expect { compile_to_catalog(<<-EOS, Puppet::Node.new('other', :environment => env))
661
- define p {
662
- notify {$title:}
663
- }
664
-
665
- application app {
666
- p{one:}
667
- p{two:}
668
- }
669
-
670
- site {
671
- app { anapp:
672
- nodes => {
673
- Node[other] => [P[one],P[two]]
674
- }
675
- }
676
- }
677
- EOS
678
- }.not_to raise_error
679
- end
680
-
681
- it 'validates that the is bound to exactly one node' do
682
- expect { compile_to_catalog(<<-EOS, Puppet::Node.new('first', :environment => env))
683
- define p {
684
- notify {$title:}
685
- }
686
-
687
- application app {
688
- p{one:}
689
- }
690
-
691
- site {
692
- app { anapp:
693
- nodes => {
694
- Node[first] => P[one],
695
- Node[second] => P[one],
696
- }
697
- }
698
- }
699
- EOS
700
- }.to raise_error(Puppet::Error, /maps component P\[one\] to multiple nodes/)
701
- end
702
- end
703
-
704
- describe "site containing a resource named 'plan'" do
705
- it 'finds an application named plan' do
706
- expect {compile_collect_log(<<-PUPPET)}.not_to raise_error
707
- define plan::node_file() {
708
- file { "/tmp/plans/${name}.txt":
709
- content => "this is ${name}.txt",
710
- }
711
- }
712
- Plan::Node_file produces Node_file {}
713
- application plan() {
714
- plan::node_file { "node_file_${name}":
715
- export => Node_file["node_file_${name}"]
716
- }
717
- }
718
- site {
719
- plan { "test":
720
- nodes => {
721
- Node["test.example.com"] => Plan::Node_file["node_file_plan_test"],
722
- }
723
- }
724
- }
725
- PUPPET
726
-
727
- expect(warnings).to include(/Use of future reserved word: 'plan'/)
728
- end
729
- end
730
- end