puppet 6.19.1-x64-mingw32 → 6.23.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (293) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -16
  3. data/Gemfile +3 -1
  4. data/Gemfile.lock +51 -40
  5. data/ext/osx/puppet.plist +2 -0
  6. data/ext/project_data.yaml +2 -2
  7. data/lib/puppet/application.rb +10 -6
  8. data/lib/puppet/application/agent.rb +12 -4
  9. data/lib/puppet/application/apply.rb +4 -2
  10. data/lib/puppet/application/device.rb +2 -0
  11. data/lib/puppet/application/filebucket.rb +2 -2
  12. data/lib/puppet/application/resource.rb +2 -1
  13. data/lib/puppet/application/script.rb +2 -0
  14. data/lib/puppet/application/ssl.rb +11 -0
  15. data/lib/puppet/application_support.rb +7 -0
  16. data/lib/puppet/configurer.rb +28 -18
  17. data/lib/puppet/configurer/downloader.rb +2 -1
  18. data/lib/puppet/defaults.rb +51 -23
  19. data/lib/puppet/environments.rb +54 -55
  20. data/lib/puppet/face/config.rb +10 -0
  21. data/lib/puppet/face/epp.rb +12 -2
  22. data/lib/puppet/face/facts.rb +158 -0
  23. data/lib/puppet/ffi/posix.rb +10 -0
  24. data/lib/puppet/ffi/posix/constants.rb +14 -0
  25. data/lib/puppet/ffi/posix/functions.rb +24 -0
  26. data/lib/puppet/file_serving/fileset.rb +14 -2
  27. data/lib/puppet/file_system/memory_file.rb +8 -1
  28. data/lib/puppet/file_system/windows.rb +2 -0
  29. data/lib/puppet/functions/all.rb +1 -1
  30. data/lib/puppet/functions/camelcase.rb +1 -1
  31. data/lib/puppet/functions/capitalize.rb +2 -2
  32. data/lib/puppet/functions/downcase.rb +2 -2
  33. data/lib/puppet/functions/epp.rb +1 -0
  34. data/lib/puppet/functions/get.rb +5 -5
  35. data/lib/puppet/functions/group_by.rb +13 -5
  36. data/lib/puppet/functions/inline_epp.rb +1 -0
  37. data/lib/puppet/functions/lest.rb +1 -1
  38. data/lib/puppet/functions/new.rb +100 -100
  39. data/lib/puppet/functions/partition.rb +12 -4
  40. data/lib/puppet/functions/require.rb +5 -5
  41. data/lib/puppet/functions/sort.rb +3 -3
  42. data/lib/puppet/functions/tree_each.rb +7 -9
  43. data/lib/puppet/functions/type.rb +4 -4
  44. data/lib/puppet/functions/upcase.rb +2 -2
  45. data/lib/puppet/http/resolver/server_list.rb +15 -4
  46. data/lib/puppet/http/service/compiler.rb +69 -0
  47. data/lib/puppet/http/service/file_server.rb +2 -1
  48. data/lib/puppet/indirector/catalog/compiler.rb +1 -0
  49. data/lib/puppet/indirector/fact_search.rb +60 -0
  50. data/lib/puppet/indirector/facts/facter.rb +24 -3
  51. data/lib/puppet/indirector/facts/json.rb +27 -0
  52. data/lib/puppet/indirector/facts/yaml.rb +3 -58
  53. data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
  54. data/lib/puppet/indirector/json.rb +5 -1
  55. data/lib/puppet/indirector/node/json.rb +8 -0
  56. data/lib/puppet/indirector/report/json.rb +34 -0
  57. data/lib/puppet/module_tool/applications/installer.rb +48 -2
  58. data/lib/puppet/module_tool/errors/shared.rb +17 -2
  59. data/lib/puppet/network/formats.rb +69 -1
  60. data/lib/puppet/network/http/factory.rb +4 -0
  61. data/lib/puppet/pal/pal_impl.rb +70 -17
  62. data/lib/puppet/parser/ast/leaf.rb +3 -2
  63. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  64. data/lib/puppet/parser/templatewrapper.rb +1 -1
  65. data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
  66. data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -3
  67. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  68. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  69. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  70. data/lib/puppet/property/list.rb +1 -1
  71. data/lib/puppet/provider/group/groupadd.rb +13 -8
  72. data/lib/puppet/provider/package/apt.rb +34 -2
  73. data/lib/puppet/provider/package/aptitude.rb +6 -0
  74. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  75. data/lib/puppet/provider/package/nim.rb +11 -6
  76. data/lib/puppet/provider/service/debian.rb +2 -0
  77. data/lib/puppet/provider/service/systemd.rb +14 -4
  78. data/lib/puppet/provider/service/windows.rb +38 -0
  79. data/lib/puppet/provider/user/aix.rb +2 -2
  80. data/lib/puppet/provider/user/directoryservice.rb +25 -12
  81. data/lib/puppet/provider/user/useradd.rb +62 -8
  82. data/lib/puppet/reference/configuration.rb +7 -6
  83. data/lib/puppet/settings.rb +33 -28
  84. data/lib/puppet/settings/alias_setting.rb +37 -0
  85. data/lib/puppet/settings/base_setting.rb +26 -2
  86. data/lib/puppet/settings/environment_conf.rb +1 -0
  87. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  88. data/lib/puppet/type/file.rb +19 -1
  89. data/lib/puppet/type/file/selcontext.rb +1 -1
  90. data/lib/puppet/type/package.rb +3 -3
  91. data/lib/puppet/type/service.rb +18 -38
  92. data/lib/puppet/type/tidy.rb +21 -2
  93. data/lib/puppet/type/user.rb +38 -20
  94. data/lib/puppet/util/autoload.rb +1 -8
  95. data/lib/puppet/util/fact_dif.rb +81 -0
  96. data/lib/puppet/util/monkey_patches.rb +7 -0
  97. data/lib/puppet/util/posix.rb +54 -5
  98. data/lib/puppet/util/rubygems.rb +5 -1
  99. data/lib/puppet/util/selinux.rb +30 -4
  100. data/lib/puppet/util/windows/adsi.rb +46 -0
  101. data/lib/puppet/util/windows/api_types.rb +1 -1
  102. data/lib/puppet/util/windows/principal.rb +9 -2
  103. data/lib/puppet/util/windows/service.rb +1 -1
  104. data/lib/puppet/util/windows/sid.rb +4 -2
  105. data/lib/puppet/version.rb +1 -1
  106. data/locales/puppet.pot +372 -288
  107. data/man/man5/puppet.conf.5 +282 -254
  108. data/man/man8/puppet-agent.8 +2 -2
  109. data/man/man8/puppet-apply.8 +2 -2
  110. data/man/man8/puppet-catalog.8 +1 -1
  111. data/man/man8/puppet-config.8 +1 -1
  112. data/man/man8/puppet-describe.8 +1 -1
  113. data/man/man8/puppet-device.8 +2 -2
  114. data/man/man8/puppet-doc.8 +1 -1
  115. data/man/man8/puppet-epp.8 +1 -1
  116. data/man/man8/puppet-facts.8 +90 -1
  117. data/man/man8/puppet-filebucket.8 +3 -3
  118. data/man/man8/puppet-generate.8 +1 -1
  119. data/man/man8/puppet-help.8 +1 -1
  120. data/man/man8/puppet-key.8 +1 -1
  121. data/man/man8/puppet-lookup.8 +1 -1
  122. data/man/man8/puppet-man.8 +1 -1
  123. data/man/man8/puppet-module.8 +1 -1
  124. data/man/man8/puppet-node.8 +4 -1
  125. data/man/man8/puppet-parser.8 +1 -1
  126. data/man/man8/puppet-plugin.8 +1 -1
  127. data/man/man8/puppet-report.8 +4 -1
  128. data/man/man8/puppet-resource.8 +1 -1
  129. data/man/man8/puppet-script.8 +2 -2
  130. data/man/man8/puppet-ssl.8 +5 -1
  131. data/man/man8/puppet-status.8 +1 -1
  132. data/man/man8/puppet.8 +2 -2
  133. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
  134. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  135. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  136. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  137. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  138. data/spec/fixtures/ssl/ca.pem +57 -35
  139. data/spec/fixtures/ssl/crl.pem +28 -18
  140. data/spec/fixtures/ssl/ec-key.pem +11 -11
  141. data/spec/fixtures/ssl/ec.pem +33 -24
  142. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  143. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  144. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  145. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  146. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  147. data/spec/fixtures/ssl/intermediate.pem +57 -36
  148. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  149. data/spec/fixtures/ssl/pluto.pem +52 -30
  150. data/spec/fixtures/ssl/request-key.pem +107 -57
  151. data/spec/fixtures/ssl/request.pem +47 -26
  152. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  153. data/spec/fixtures/ssl/revoked.pem +52 -30
  154. data/spec/fixtures/ssl/signed-key.pem +107 -57
  155. data/spec/fixtures/ssl/signed.pem +52 -30
  156. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  157. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  158. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  159. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  160. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  161. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  162. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  163. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
  164. data/spec/integration/application/agent_spec.rb +160 -3
  165. data/spec/integration/application/apply_spec.rb +19 -0
  166. data/spec/integration/application/plugin_spec.rb +1 -1
  167. data/spec/integration/application/resource_spec.rb +30 -0
  168. data/spec/integration/defaults_spec.rb +0 -7
  169. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  170. data/spec/integration/http/client_spec.rb +12 -0
  171. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  172. data/spec/integration/resource/type_collection_spec.rb +2 -6
  173. data/spec/integration/transaction_spec.rb +4 -9
  174. data/spec/integration/util/windows/adsi_spec.rb +21 -1
  175. data/spec/integration/util/windows/principal_spec.rb +21 -0
  176. data/spec/integration/util/windows/registry_spec.rb +6 -10
  177. data/spec/lib/puppet/test_ca.rb +2 -2
  178. data/spec/lib/puppet_spec/settings.rb +6 -1
  179. data/spec/spec_helper.rb +12 -5
  180. data/spec/unit/agent_spec.rb +8 -6
  181. data/spec/unit/application/agent_spec.rb +7 -3
  182. data/spec/unit/application/config_spec.rb +224 -4
  183. data/spec/unit/application/facts_spec.rb +482 -3
  184. data/spec/unit/application/filebucket_spec.rb +0 -2
  185. data/spec/unit/application/ssl_spec.rb +23 -0
  186. data/spec/unit/application_spec.rb +51 -9
  187. data/spec/unit/configurer/downloader_spec.rb +6 -0
  188. data/spec/unit/configurer_spec.rb +23 -0
  189. data/spec/unit/confine/feature_spec.rb +1 -1
  190. data/spec/unit/confine_spec.rb +8 -2
  191. data/spec/unit/defaults_spec.rb +36 -1
  192. data/spec/unit/environments_spec.rb +221 -68
  193. data/spec/unit/face/config_spec.rb +27 -32
  194. data/spec/unit/face/facts_spec.rb +4 -0
  195. data/spec/unit/face/node_spec.rb +0 -11
  196. data/spec/unit/file_serving/configuration/parser_spec.rb +0 -1
  197. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  198. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  199. data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
  200. data/spec/unit/file_system_spec.rb +9 -0
  201. data/spec/unit/forge/module_release_spec.rb +2 -7
  202. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  203. data/spec/unit/gettext/config_spec.rb +12 -0
  204. data/spec/unit/http/service/compiler_spec.rb +172 -0
  205. data/spec/unit/http/service_spec.rb +1 -1
  206. data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
  207. data/spec/unit/indirector/face_spec.rb +0 -1
  208. data/spec/unit/indirector/facts/facter_spec.rb +95 -1
  209. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  210. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
  211. data/spec/unit/indirector/indirection_spec.rb +8 -12
  212. data/spec/unit/indirector/key/file_spec.rb +0 -1
  213. data/spec/unit/indirector/node/json_spec.rb +33 -0
  214. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  215. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  216. data/spec/unit/indirector_spec.rb +2 -2
  217. data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
  218. data/spec/unit/network/authconfig_spec.rb +0 -3
  219. data/spec/unit/network/formats_spec.rb +41 -0
  220. data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -9
  221. data/spec/unit/network/http/factory_spec.rb +19 -0
  222. data/spec/unit/network/http/handler_spec.rb +0 -5
  223. data/spec/unit/parser/compiler_spec.rb +3 -19
  224. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  225. data/spec/unit/parser/resource_spec.rb +14 -8
  226. data/spec/unit/parser/templatewrapper_spec.rb +4 -3
  227. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
  228. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  229. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  230. data/spec/unit/property_spec.rb +1 -0
  231. data/spec/unit/provider/group/groupadd_spec.rb +5 -2
  232. data/spec/unit/provider/nameservice_spec.rb +66 -65
  233. data/spec/unit/provider/package/apt_spec.rb +28 -23
  234. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  235. data/spec/unit/provider/package/base_spec.rb +6 -5
  236. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  237. data/spec/unit/provider/package/nim_spec.rb +42 -0
  238. data/spec/unit/provider/package/pacman_spec.rb +18 -12
  239. data/spec/unit/provider/package/pip_spec.rb +6 -11
  240. data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
  241. data/spec/unit/provider/service/init_spec.rb +1 -0
  242. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  243. data/spec/unit/provider/service/systemd_spec.rb +53 -8
  244. data/spec/unit/provider/service/windows_spec.rb +202 -0
  245. data/spec/unit/provider/user/aix_spec.rb +5 -0
  246. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  247. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  248. data/spec/unit/provider/user/pw_spec.rb +2 -0
  249. data/spec/unit/provider/user/useradd_spec.rb +71 -3
  250. data/spec/unit/provider_spec.rb +8 -10
  251. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  252. data/spec/unit/resource/capability_finder_spec.rb +6 -1
  253. data/spec/unit/resource/catalog_spec.rb +1 -1
  254. data/spec/unit/resource/type_spec.rb +1 -1
  255. data/spec/unit/resource_spec.rb +11 -10
  256. data/spec/unit/settings_spec.rb +419 -242
  257. data/spec/unit/ssl/base_spec.rb +0 -1
  258. data/spec/unit/ssl/host_spec.rb +0 -5
  259. data/spec/unit/ssl/ssl_provider_spec.rb +14 -8
  260. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  261. data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -9
  262. data/spec/unit/transaction/event_manager_spec.rb +14 -11
  263. data/spec/unit/transaction_spec.rb +18 -11
  264. data/spec/unit/type/file/content_spec.rb +0 -1
  265. data/spec/unit/type/file/selinux_spec.rb +3 -5
  266. data/spec/unit/type/file_spec.rb +0 -6
  267. data/spec/unit/type/group_spec.rb +13 -6
  268. data/spec/unit/type/resources_spec.rb +7 -7
  269. data/spec/unit/type/service_spec.rb +60 -189
  270. data/spec/unit/type/tidy_spec.rb +17 -8
  271. data/spec/unit/type/user_spec.rb +45 -0
  272. data/spec/unit/type_spec.rb +2 -2
  273. data/spec/unit/util/at_fork_spec.rb +2 -2
  274. data/spec/unit/util/autoload_spec.rb +5 -1
  275. data/spec/unit/util/backups_spec.rb +1 -2
  276. data/spec/unit/util/execution_spec.rb +15 -11
  277. data/spec/unit/util/inifile_spec.rb +6 -14
  278. data/spec/unit/util/log_spec.rb +8 -7
  279. data/spec/unit/util/logging_spec.rb +3 -3
  280. data/spec/unit/util/posix_spec.rb +363 -15
  281. data/spec/unit/util/rubygems_spec.rb +2 -2
  282. data/spec/unit/util/selinux_spec.rb +163 -68
  283. data/spec/unit/util/storage_spec.rb +3 -1
  284. data/spec/unit/util/suidmanager_spec.rb +44 -41
  285. data/spec/unit/util/windows/sid_spec.rb +6 -0
  286. data/spec/unit/util_spec.rb +13 -6
  287. data/tasks/generate_cert_fixtures.rake +2 -2
  288. metadata +33 -16
  289. data/spec/integration/application/config_spec.rb +0 -74
  290. data/spec/lib/matchers/include.rb +0 -27
  291. data/spec/lib/matchers/include_spec.rb +0 -32
  292. data/spec/unit/face/catalog_spec.rb +0 -6
  293. data/spec/unit/face/module_spec.rb +0 -3
@@ -159,6 +159,16 @@ https://puppet.com/docs/puppet/latest/configuration.html#environment
159
159
  report_section_and_environment(options[:section], Puppet.settings[:environment])
160
160
  end
161
161
 
162
+ # only validate settings we recognize
163
+ setting = Puppet.settings.setting(name.to_sym)
164
+ if setting
165
+ # set the value, which will call `on_*_and_write` hooks, if any
166
+ Puppet.settings[setting.name] = value
167
+
168
+ # read the value to trigger interpolation and munge validation logic
169
+ Puppet.settings[setting.name]
170
+ end
171
+
162
172
  path = Puppet::FileSystem.pathname(Puppet.settings.which_configuration_file)
163
173
  Puppet::FileSystem.touch(path)
164
174
  Puppet::FileSystem.open(path, nil, 'r+:UTF-8') do |file|
@@ -440,7 +440,12 @@ Puppet::Face.define(:epp, '0.0.1') do
440
440
 
441
441
  def render_inline(epp_source, compiler, options)
442
442
  template_args = get_values(compiler, options)
443
- Puppet::Pops::Evaluator::EppEvaluator.inline_epp(compiler.topscope, epp_source, template_args)
443
+ result = Puppet::Pops::Evaluator::EppEvaluator.inline_epp(compiler.topscope, epp_source, template_args)
444
+ if result.instance_of?(Puppet::Pops::Types::PSensitiveType::Sensitive)
445
+ result.unwrap
446
+ else
447
+ result
448
+ end
444
449
  end
445
450
 
446
451
  def render_file(epp_template_name, compiler, options, show_filename, file_nbr)
@@ -457,7 +462,12 @@ Puppet::Face.define(:epp, '0.0.1') do
457
462
  if template_file.nil? && Puppet::FileSystem.exist?(epp_template_name)
458
463
  epp_template_name = File.expand_path(epp_template_name)
459
464
  end
460
- output << Puppet::Pops::Evaluator::EppEvaluator.epp(compiler.topscope, epp_template_name, compiler.environment, template_args)
465
+ result = Puppet::Pops::Evaluator::EppEvaluator.epp(compiler.topscope, epp_template_name, compiler.environment, template_args)
466
+ if result.instance_of?(Puppet::Pops::Types::PSensitiveType::Sensitive)
467
+ output << result.unwrap
468
+ else
469
+ output << result
470
+ end
461
471
  rescue Puppet::ParseError => detail
462
472
  Puppet.err("--- #{epp_template_name}") if show_filename
463
473
  raise detail
@@ -1,5 +1,21 @@
1
1
  require 'puppet/indirector/face'
2
2
  require 'puppet/node/facts'
3
+ require 'puppet/util/fact_dif'
4
+
5
+ EXCLUDE_LIST = %w[ ^facterversion$
6
+ ^load_averages\..*$
7
+ ^processors\.speed$
8
+ ^swapfree$ ^swapfree_mb$
9
+ ^memoryfree$ ^memoryfree_mb$
10
+ ^memory\.swap\.available_bytes$ ^memory\.swap\.used_bytes$
11
+ ^memory\.swap\.available$ ^memory\.swap\.capacity$ ^memory\.swap\.used$
12
+ ^memory\.system\.available_bytes$ ^memory\.system\.used_bytes$
13
+ ^memory\.system\.available$ ^memory\.system\.capacity$ ^memory\.system\.used$
14
+ ^mountpoints\..*\.available.*$ ^mountpoints\..*\.capacity$ ^mountpoints\..*\.used.*$
15
+ ^sp_uptime$ ^system_profiler\.uptime$
16
+ ^uptime$ ^uptime_days$ ^uptime_hours$ ^uptime_seconds$
17
+ ^system_uptime\.uptime$ ^system_uptime\.days$ ^system_uptime\.hours$ ^system_uptime\.seconds$
18
+ ]
3
19
 
4
20
  Puppet::Indirector::Face.define(:facts, '0.0.1') do
5
21
  copyright "Puppet Inc.", 2011
@@ -87,4 +103,146 @@ Puppet::Indirector::Face.define(:facts, '0.0.1') do
87
103
  nil
88
104
  end
89
105
  end
106
+
107
+ action(:diff) do
108
+ summary _("Compare Facter 3 output with Facter 4 output")
109
+ description <<-'EOT'
110
+ Compares output from facter 3 with Facter 4 and prints the differences
111
+ EOT
112
+ returns "Differences between Facter 3 and Facter 4 output as an array."
113
+ notes <<-'EOT'
114
+ EOT
115
+ examples <<-'EOT'
116
+ get differences between facter versions:
117
+ $ puppet facts diff
118
+ EOT
119
+
120
+ option("--structured") do
121
+ default_to { false }
122
+ summary _("Render the different facts as structured.")
123
+ end
124
+
125
+ option("--exclude " + _("<regex>")) do
126
+ summary _("Regex used to exclude specific facts from diff.")
127
+ end
128
+
129
+ when_invoked do |*args|
130
+ options = args.pop
131
+
132
+ Puppet.settings.preferred_run_mode = :agent
133
+ Puppet::Node::Facts.indirection.terminus_class = :facter
134
+
135
+ if Puppet::Util::Package.versioncmp(Facter.value('facterversion'), '4.0.0') < 0
136
+ cmd_flags = '--render-as json --show-legacy'
137
+
138
+ # puppet/ruby are in PATH since it was updated in the wrapper script
139
+ puppet_show_cmd = "puppet facts show"
140
+ if Puppet::Util::Platform.windows?
141
+ puppet_show_cmd = "ruby -S -- #{puppet_show_cmd}"
142
+ end
143
+
144
+ facter_3_result = Puppet::Util::Execution.execute("#{puppet_show_cmd} --no-facterng #{cmd_flags}", combine: false)
145
+ facter_ng_result = Puppet::Util::Execution.execute("#{puppet_show_cmd} --facterng #{cmd_flags}", combine: false)
146
+
147
+ exclude_list = options[:exclude].nil? ? EXCLUDE_LIST : EXCLUDE_LIST + [ options[:exclude] ]
148
+ fact_diff = FactDif.new(facter_3_result, facter_ng_result, exclude_list, options[:structured])
149
+ fact_diff.difs
150
+ else
151
+ Puppet.warning _("Already using Facter 4. To use `puppet facts diff` remove facterng from the .conf file or run `puppet config set facterng false`.")
152
+ exit 0
153
+ end
154
+ end
155
+
156
+ when_rendering :console do |result|
157
+ case result
158
+ when Array, Hash
159
+ Puppet::Util::Json.dump(result, :pretty => true)
160
+ else
161
+ result
162
+ end
163
+ end
164
+ end
165
+
166
+ action(:show) do
167
+ summary _("Retrieve current node's facts.")
168
+ arguments _("[<facts>]")
169
+ description <<-'EOT'
170
+ Reads facts from the local system using `facter` terminus.
171
+ A query can be provided to retrieve just a specific fact or a set of facts.
172
+ EOT
173
+ returns "The output of facter with added puppet specific facts."
174
+ notes <<-'EOT'
175
+
176
+ EOT
177
+ examples <<-'EOT'
178
+ retrieve facts:
179
+
180
+ $ puppet facts show os
181
+ EOT
182
+
183
+ option("--config-file " + _("<path>")) do
184
+ default_to { nil }
185
+ summary _("The location of the config file for Facter.")
186
+ end
187
+
188
+ option("--custom-dir " + _("<path>")) do
189
+ default_to { nil }
190
+ summary _("The path to a directory that contains custom facts.")
191
+ end
192
+
193
+ option("--external-dir " + _("<path>")) do
194
+ default_to { nil }
195
+ summary _("The path to a directory that contains external facts.")
196
+ end
197
+
198
+ option("--no-block") do
199
+ summary _("Disable fact blocking mechanism.")
200
+ end
201
+
202
+ option("--no-cache") do
203
+ summary _("Disable fact caching mechanism.")
204
+ end
205
+
206
+ option("--show-legacy") do
207
+ summary _("Show legacy facts when querying all facts.")
208
+ end
209
+
210
+ option("--value-only") do
211
+ summary _("Show only the value when the action is called with a single query")
212
+ end
213
+
214
+ when_invoked do |*args|
215
+ options = args.pop
216
+
217
+ Puppet.settings.preferred_run_mode = :agent
218
+ Puppet::Node::Facts.indirection.terminus_class = :facter
219
+
220
+ if options[:value_only] && !args.count.eql?(1)
221
+ options[:value_only] = nil
222
+ Puppet.warning("Incorrect use of --value-only argument; it can only be used when querying for a single fact!")
223
+ end
224
+
225
+ options[:user_query] = args
226
+ options[:resolve_options] = true
227
+ result = Puppet::Node::Facts.indirection.find(Puppet.settings[:certname], options)
228
+
229
+ if options[:value_only]
230
+ result.values.values.first
231
+ else
232
+ result.values
233
+ end
234
+ end
235
+
236
+ when_rendering :console do |result|
237
+ # VALID_TYPES = [Integer, Float, TrueClass, FalseClass, NilClass, Symbol, String, Array, Hash].freeze
238
+ # from https://github.com/puppetlabs/facter/blob/4.0.49/lib/facter/custom_facts/util/normalization.rb#L8
239
+
240
+ case result
241
+ when Array, Hash
242
+ Puppet::Util::Json.dump(result, :pretty => true)
243
+ else # one of VALID_TYPES above
244
+ result
245
+ end
246
+ end
247
+ end
90
248
  end
@@ -0,0 +1,10 @@
1
+ require 'ffi'
2
+
3
+ module Puppet
4
+ module FFI
5
+ module POSIX
6
+ require 'puppet/ffi/posix/functions'
7
+ require 'puppet/ffi/posix/constants'
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,14 @@
1
+ require 'puppet/ffi/posix'
2
+
3
+ module Puppet::FFI::POSIX
4
+ module Constants
5
+ extend FFI::Library
6
+
7
+ # Maximum number of supplementary groups (groups
8
+ # that a user can be in plus its primary group)
9
+ # (64 + 1 primary group)
10
+ # Chosen a reasonable middle number from the list
11
+ # https://www.j3e.de/ngroups.html
12
+ MAXIMUM_NUMBER_OF_GROUPS = 65
13
+ end
14
+ end
@@ -0,0 +1,24 @@
1
+ require 'puppet/ffi/posix'
2
+
3
+ module Puppet::FFI::POSIX
4
+ module Functions
5
+
6
+ extend FFI::Library
7
+
8
+ ffi_convention :stdcall
9
+
10
+ # https://man7.org/linux/man-pages/man3/getgrouplist.3.html
11
+ # int getgrouplist (
12
+ # const char *user,
13
+ # gid_t group,
14
+ # gid_t *groups,
15
+ # int *ngroups
16
+ # );
17
+ begin
18
+ ffi_lib FFI::Library::LIBC
19
+ attach_function :getgrouplist, [:string, :uint, :pointer, :pointer], :int
20
+ rescue FFI::NotFoundError
21
+ # Do nothing
22
+ end
23
+ end
24
+ end
@@ -5,7 +5,7 @@ require 'puppet/file_serving/metadata'
5
5
  # Operate recursively on a path, returning a set of file paths.
6
6
  class Puppet::FileServing::Fileset
7
7
  attr_reader :path, :ignore, :links
8
- attr_accessor :recurse, :recurselimit, :checksum_type
8
+ attr_accessor :recurse, :recurselimit, :max_files, :checksum_type
9
9
 
10
10
  # Produce a hash of files, with merged so that earlier files
11
11
  # with the same postfix win. E.g., /dir1/subfile beats /dir2/subfile.
@@ -40,6 +40,7 @@ class Puppet::FileServing::Fileset
40
40
  self.links = :manage
41
41
  @recurse = false
42
42
  @recurselimit = :infinite
43
+ @max_files = 0
43
44
 
44
45
  if options.is_a?(Puppet::Indirector::Request)
45
46
  initialize_from_request(options)
@@ -58,6 +59,17 @@ class Puppet::FileServing::Fileset
58
59
  # level deep, which Find doesn't do.
59
60
  def files
60
61
  files = perform_recursion
62
+ soft_max_files = 1000
63
+
64
+ # munged_max_files is needed since puppet http handler is keeping negative numbers as strings
65
+ # https://github.com/puppetlabs/puppet/blob/main/lib/puppet/network/http/handler.rb#L196-L197
66
+ munged_max_files = max_files == '-1' ? -1 : max_files
67
+
68
+ if munged_max_files > 0 && files.size > munged_max_files
69
+ raise Puppet::Error.new _("The directory '%{path}' contains %{entries} entries, which exceeds the limit of %{munged_max_files} specified by the max_files parameter for this resource. The limit may be increased, but be aware that large number of file resources can result in excessive resource consumption and degraded performance. Consider using an alternate method to manage large directory trees") % { path: path, entries: files.size, munged_max_files: munged_max_files }
70
+ elsif munged_max_files == 0 && files.size > soft_max_files
71
+ Puppet.warning _("The directory '%{path}' contains %{entries} entries, which exceeds the default soft limit %{soft_max_files} and may cause excessive resource consumption and degraded performance. To remove this warning set a value for `max_files` parameter or consider using an alternate method to manage large directory trees") % { path: path, entries: files.size, soft_max_files: soft_max_files }
72
+ end
61
73
 
62
74
  # Now strip off the leading path, so each file becomes relative, and remove
63
75
  # any slashes that might end up at the beginning of the path.
@@ -96,7 +108,7 @@ class Puppet::FileServing::Fileset
96
108
  end
97
109
 
98
110
  def initialize_from_request(request)
99
- [:links, :ignore, :recurse, :recurselimit, :checksum_type].each do |param|
111
+ [:links, :ignore, :recurse, :recurselimit, :max_files, :checksum_type].each do |param|
100
112
  if request.options.include?(param) # use 'include?' so the values can be false
101
113
  value = request.options[param]
102
114
  elsif request.options.include?(param.to_s)
@@ -7,6 +7,13 @@ class Puppet::FileSystem::MemoryFile
7
7
  new(path, :exist? => false, :executable? => false)
8
8
  end
9
9
 
10
+ def self.a_missing_directory(path)
11
+ new(path,
12
+ :exist? => false,
13
+ :executable? => false,
14
+ :directory? => true)
15
+ end
16
+
10
17
  def self.a_regular_file_containing(path, content)
11
18
  new(path, :exist? => true, :executable? => false, :content => content)
12
19
  end
@@ -18,7 +25,7 @@ class Puppet::FileSystem::MemoryFile
18
25
  def self.a_directory(path, children = [])
19
26
  new(path,
20
27
  :exist? => true,
21
- :excutable? => true,
28
+ :executable? => true,
22
29
  :directory? => true,
23
30
  :children => children)
24
31
  end
@@ -128,6 +128,8 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
128
128
  end
129
129
 
130
130
  current_sid = Puppet::Util::Windows::SID.name_to_sid(Puppet::Util::Windows::ADSI::User.current_user_name)
131
+ current_sid = Puppet::Util::Windows::SID.name_to_sid(Puppet::Util::Windows::ADSI::User.current_sam_compatible_user_name) unless current_sid
132
+
131
133
  dacl = case mode
132
134
  when 0644
133
135
  dacl = secure_dacl(current_sid)
@@ -51,7 +51,7 @@
51
51
  # notice $data.all |$key, $value| { $value % 10 == 0 and $key =~ /^abc/ }
52
52
  # ```
53
53
  #
54
- # Would notice true.
54
+ # Would notice `true`.
55
55
  #
56
56
  # For an general examples that demonstrates iteration, see the Puppet
57
57
  # [iteration](https://puppet.com/docs/puppet/latest/lang_iteration.html)
@@ -3,7 +3,7 @@
3
3
  # This function is compatible with the stdlib function with the same name.
4
4
  #
5
5
  # The function does the following:
6
- # * For a `String` the conversion replaces all combinations of *_<char>* with an upcased version of the
6
+ # * For a `String` the conversion replaces all combinations of `*_<char>*` with an upcased version of the
7
7
  # character following the _. This is done using Ruby system locale which handles some, but not all
8
8
  # special international up-casing rules (for example German double-s ß is upcased to "Ss").
9
9
  # * For an `Iterable[Variant[String, Numeric]]` (for example an `Array`) each value is capitalized and the conversion is not recursive.
@@ -18,14 +18,14 @@
18
18
  # 'hello'.capitalize()
19
19
  # upcase('hello')
20
20
  # ```
21
- # Would both result in "Hello"
21
+ # Would both result in `"Hello"`
22
22
  #
23
23
  # @example Capitalizing strings in an Array
24
24
  # ```puppet
25
25
  # ['abc', 'bcd'].capitalize()
26
26
  # capitalize(['abc', 'bcd'])
27
27
  # ```
28
- # Would both result in ['Abc', 'Bcd']
28
+ # Would both result in `['Abc', 'Bcd']`
29
29
  #
30
30
  Puppet::Functions.create_function(:capitalize) do
31
31
 
@@ -22,14 +22,14 @@
22
22
  # 'HELLO'.downcase()
23
23
  # downcase('HEllO')
24
24
  # ```
25
- # Would both result in "hello"
25
+ # Would both result in `"hello"`
26
26
  #
27
27
  # @example Converting an Array to lower case
28
28
  # ```puppet
29
29
  # ['A', 'B'].downcase()
30
30
  # downcase(['A', 'B'])
31
31
  # ```
32
- # Would both result in ['a', 'b']
32
+ # Would both result in `['a', 'b']`
33
33
  #
34
34
  # @example Converting a Hash to lower case
35
35
  # ```puppet
@@ -40,6 +40,7 @@ Puppet::Functions.create_function(:epp, Puppet::Functions::InternalFunction) do
40
40
  scope_param
41
41
  param 'String', :path
42
42
  optional_param 'Hash[Pattern[/^\w+$/], Any]', :parameters
43
+ return_type 'Variant[String, Sensitive[String]]'
43
44
  end
44
45
 
45
46
  def epp(scope, path, parameters = nil)
@@ -23,20 +23,20 @@
23
23
  # #get($facts, 'os.family')
24
24
  # $facts.get('os.family')
25
25
  # ```
26
- # Would both result in the value of $facts['os']['family']
26
+ # Would both result in the value of `$facts['os']['family']`
27
27
  #
28
28
  # @example Getting the value from an expression
29
29
  # ```puppet
30
30
  # get([1,2,[{'name' =>'waldo'}]], '2.0.name')
31
31
  # ```
32
- # Would result in 'waldo'
32
+ # Would result in `'waldo'`
33
33
  #
34
34
  # @example Using a default value
35
35
  # ```puppet
36
36
  # get([1,2,[{'name' =>'waldo'}]], '2.1.name', 'not waldo')
37
37
  #
38
38
  # ```
39
- # Would result in 'not waldo'
39
+ # Would result in `'not waldo'`
40
40
  #
41
41
  # @example Quoting a key with period
42
42
  # ```puppet
@@ -128,8 +128,8 @@ Puppet::Functions.create_function(:get, Puppet::Functions::InternalFunction) do
128
128
 
129
129
  # Note: split_key always processes the initial segment as a string even if it could be an integer.
130
130
  # This since it is designed for lookup keys. For a numeric first segment
131
- # like '0.1' the wanted result is [0,1], not ["0", 1]. The workaround here is to
132
- # prefix the navigation with "x." thus giving split_key a first segment that is a string.
131
+ # like '0.1' the wanted result is `[0,1]`, not `["0", 1]`. The workaround here is to
132
+ # prefix the navigation with `"x."` thus giving split_key a first segment that is a string.
133
133
  # The fake segment is then dropped.
134
134
  segments = split_key("x." + navigation) {|err| _("Syntax error in dotted-navigation string")}
135
135
  segments.shift