puppet 6.19.1-x64-mingw32 → 6.23.0-x64-mingw32

data/lib/puppet/indirector/file_metadata/rest.rb

@@ -46,6 +46,7 @@ class Puppet::Indirector::FileMetadata::Rest < Puppet::Indirector::REST
       environment: request.environment.to_s,
       recurse: request.options[:recurse],
       recurselimit: request.options[:recurselimit],
+      max_files: request.options[:max_files],
       ignore: request.options[:ignore],
       links: request.options[:links],
       checksum_type: request.options[:checksum_type],

data/lib/puppet/indirector/json.rb

@@ -41,12 +41,16 @@ class Puppet::Indirector::JSON < Puppet::Indirector::Terminus
       raise ArgumentError, _("invalid key")
     end
 
-    base = Puppet.run_mode.server? ? Puppet[:server_datadir] : Puppet[:client_datadir]
+    base = data_dir
     File.join(base, self.class.indirection_name.to_s, name.to_s + ext)
   end
 
   private
 
+  def data_dir()
+    Puppet.run_mode.server? ? Puppet[:server_datadir] : Puppet[:client_datadir]
+  end
+
   def load_json_from_file(file, key)
     json = nil
 

data/lib/puppet/indirector/node/json.rb

@@ -0,0 +1,8 @@
+require 'puppet/node'
+require 'puppet/indirector/json'
+
+class Puppet::Node::Json < Puppet::Indirector::JSON
+  desc "Store node information as flat files, serialized using JSON,
+    or deserialize stored JSON nodes."
+
+end

data/lib/puppet/indirector/report/json.rb

@@ -0,0 +1,34 @@
+require 'puppet/transaction/report'
+require 'puppet/indirector/json'
+
+class Puppet::Transaction::Report::Json < Puppet::Indirector::JSON
+  include Puppet::Util::SymbolicFileMode
+
+  desc "Store last report as a flat file, serialized using JSON."
+
+  # Force report to be saved there
+  def path(name,ext='.json')
+    Puppet[:lastrunreport]
+  end
+
+  def save(request)
+    filename = path(request.key)
+    mode = Puppet.settings.setting(:lastrunreport).mode
+
+    unless valid_symbolic_mode?(mode)
+      raise Puppet::DevError, _("replace_file mode: %{mode} is invalid") % { mode: mode }
+    end
+
+    mode = symbolic_mode_to_int(normalize_symbolic_mode(mode))
+
+    FileUtils.mkdir_p(File.dirname(filename))
+
+    begin
+      Puppet::FileSystem.replace_file(filename, mode) do |fh|
+        fh.print JSON.dump(request.instance)
+      end
+    rescue TypeError => detail
+      Puppet.err _("Could not save %{indirection} %{request}: %{detail}") % { indirection: self.name, request: request.key, detail: detail }
+    end
+  end
+end

data/lib/puppet/module_tool/applications/installer.rb

@@ -131,8 +131,54 @@ module Puppet::ModuleTool
           begin
             Puppet.info _("Resolving dependencies ...")
             releases = SemanticPuppet::Dependency.resolve(graph)
-          rescue SemanticPuppet::Dependency::UnsatisfiableGraph
-            raise NoVersionsSatisfyError, results.merge(:requested_name => name)
+          rescue SemanticPuppet::Dependency::UnsatisfiableGraph => e
+            unsatisfied = nil
+
+            if e.respond_to?(:unsatisfied)
+              constraints = {}
+              # If the module we're installing satisfies all its
+              # dependencies, but would break an already installed
+              # module that depends on it, show what would break.
+              if name == e.unsatisfied
+                graph.constraints[name].each do |mod, range, _|
+                  next unless mod.split.include?('constraint')
+
+                  # If the user requested a specific version or range,
+                  # only show the modules with non-intersecting ranges
+                  if options[:version]
+                    requested_range = SemanticPuppet::VersionRange.parse(options[:version])
+                    constraint_range = SemanticPuppet::VersionRange.parse(range)
+
+                    if requested_range.intersection(constraint_range) == SemanticPuppet::VersionRange::EMPTY_RANGE
+                      constraints[mod.split.first] = range
+                    end
+                  else
+                    constraints[mod.split.first] = range
+                  end
+                end
+
+              # If the module fails to satisfy one of its
+              # dependencies, show the unsatisfiable module
+              else
+                unsatisfied_range = graph.dependencies[name].max.constraints[e.unsatisfied].first[1]
+                constraints[e.unsatisfied] = unsatisfied_range
+              end
+
+              installed_module = @environment.module_by_forge_name(e.unsatisfied.tr('-', '/'))
+              current_version = installed_module.version if installed_module
+
+              unsatisfied = {
+                :name => e.unsatisfied,
+                :constraints => constraints,
+                :current_version => current_version
+              }
+            end
+
+            raise NoVersionsSatisfyError, results.merge(
+                    :requested_name => name,
+                    :requested_version => options[:version] || graph.dependencies[name].max.version.to_s,
+                    :unsatisfied => unsatisfied
+            )
           end
 
           unless forced?

data/lib/puppet/module_tool/errors/shared.rb

@@ -7,6 +7,7 @@ module Puppet::ModuleTool::Errors
       @installed_version = options[:installed_version]
       @conditions        = options[:conditions]
       @action            = options[:action]
+      @unsatisfied       = options[:unsatisfied]
 
       super _("Could not %{action} '%{module_name}' (%{version}); no version satisfies all dependencies") % { action: @action, module_name: @requested_name, version: vstring }
     end
@@ -14,9 +15,23 @@ module Puppet::ModuleTool::Errors
     def multiline
       message = []
       message << _("Could not %{action} module '%{module_name}' (%{version})") % { action: @action, module_name: @requested_name, version: vstring }
-      message << _("  No version of '%{module_name}' can satisfy all dependencies") % { module_name: @requested_name }
+
+      if @unsatisfied
+        message << _("  The requested version cannot satisfy one or more of the following installed modules:")
+        if @unsatisfied[:current_version]
+          message << _("    %{name}, installed: %{current_version}, expected: %{constraints}") % { name: @unsatisfied[:name], current_version: @unsatisfied[:current_version], constraints: @unsatisfied[:constraints][@unsatisfied[:name]] }
+        else
+          @unsatisfied[:constraints].each do |mod, range|
+            message << _("    %{mod}, expects '%{name}': %{range}") % { mod: mod, name: @requested_name, range: range }
+          end
+        end
+        message << _("")
+      else
+        message << _("  The requested version cannot satisfy all dependencies")
+      end
+
       #TRANSLATORS `puppet module %{action} --ignore-dependencies` is a command line and should not be translated
-      message << _("    Use `puppet module %{action} --ignore-dependencies` to %{action} only this module") % { action: @action }
+      message << _("  Use `puppet module %{action} '%{module_name}' --ignore-dependencies` to %{action} only this module") % { action: @action, module_name: @requested_name }
       message.join("\n")
     end
   end

data/lib/puppet/network/formats.rb

@@ -183,6 +183,73 @@ Puppet::Network::FormatHandler.create(:console,
   end
 end
 
+Puppet::Network::FormatHandler.create(:flat,
+                                      :mime   => 'text/x-flat-text',
+                                      :weight => 0) do
+
+  def flatten_hash(hash)
+    hash.each_with_object({}) do |(k, v), h|
+      if v.is_a? Hash
+        flatten_hash(v).map do |h_k, h_v|
+          h["#{k}.#{h_k}"] = h_v
+        end
+      elsif v.is_a? Array
+        v.each_with_index do |el, i|
+          if el.is_a? Hash
+            flatten_hash(el).map do |el_k, el_v|
+              h["#{k}.#{i}.#{el_k}"] = el_v
+            end
+          else
+            h["#{k}.#{i}"] = el
+          end
+        end
+      else
+        h[k] = v
+      end
+    end
+  end
+
+  def flatten_array(array)
+    a={}
+    array.each_with_index do |el, i|
+      if el.is_a? Hash
+        flatten_hash(el).map do |el_k, el_v|
+          a["#{i}.#{el_k}"] = el_v
+        end
+      else
+        a["#{i}"] = el
+      end
+    end
+    a
+  end
+
+  def construct_output(data)
+    output = ''
+    data.each do |key, value|
+      output << "#{key}=#{value}"
+      output << "\n"
+    end
+    output
+  end
+
+  def render(datum)
+    return datum if datum.is_a?(String) || datum.is_a?(Numeric)
+    # Simple hash
+    if datum.is_a?(Hash)
+      data = flatten_hash(datum)
+      return construct_output(data)
+    elsif datum.is_a?(Array)
+      data = flatten_array(datum)
+      return construct_output(data)
+    end
+    Puppet::Util::Json.dump(datum, :pretty => true, :quirks_mode => true)
+  end
+  def render_multiple(data)
+    data.collect(&:render).join("\n")
+  end
+end
+
+
 Puppet::Network::FormatHandler.create(:rich_data_json, mime: 'application/vnd.puppet.rich+json', charset: Encoding::UTF_8, weight: 30) do
   def intern(klass, text)
     Puppet.override({:rich_data => true}) do
@@ -255,7 +322,8 @@ Puppet::Network::FormatHandler.create_serialized_formats(:rich_data_msgpack, mim
   end
 
   def supported?(klass)
-    klass == Puppet::Resource::Catalog &&
+    suitable? &&
+      klass == Puppet::Resource::Catalog &&
       Puppet.lookup(:current_environment).rich_data?
   end
 end

data/lib/puppet/network/http/factory.rb

@@ -27,6 +27,10 @@ class Puppet::Network::HTTP::Factory
 
     http = Puppet::Util::HttpProxy.proxy(URI(site.addr))
     http.use_ssl = site.use_ssl?
+    if site.use_ssl?
+      http.min_version = OpenSSL::SSL::TLS1_VERSION if http.respond_to?(:min_version)
+      http.ciphers = Puppet[:ciphers]
+    end
     http.read_timeout = Puppet[:http_read_timeout]
     http.open_timeout = Puppet[:http_connect_timeout]
     http.keep_alive_timeout = KEEP_ALIVE_TIMEOUT if http.respond_to?(:keep_alive_timeout=)

data/lib/puppet/pal/pal_impl.rb

@@ -58,8 +58,8 @@ module Pal
       configured_by_env: false,
       manifest_file:     nil,
       code_string:       nil,
-      facts:             nil,
-      variables:         nil,
+      facts:             {},
+      variables:         {},
       set_local_facts:   true,
       &block
     )
@@ -93,7 +93,14 @@ module Pal
 
     # If manifest_file is nil, the #main method will use the env configured manifest
     # to do things in the block while a Script Compiler is in effect
-    main(manifest_file, facts, variables, :script, set_local_facts, &block)
+    main(
+      manifest:                manifest_file,
+      facts:                   facts,
+      variables:               variables,
+      internal_compiler_class: :script,
+      set_local_facts:         set_local_facts,
+      &block
+    )
   ensure
     Puppet[:tasks] = previous_tasks_value
     Puppet[:code] = previous_code_value
@@ -157,8 +164,9 @@ module Pal
     configured_by_env: false,
       manifest_file:     nil,
       code_string:       nil,
-      facts:             nil,
-      variables:         nil,
+      facts:             {},
+      variables:         {},
+      target_variables:  {},
       &block
   )
     # TRANSLATORS: do not translate variable name strings in these assertions
@@ -193,7 +201,15 @@ module Pal
 
     # If manifest_file is nil, the #main method will use the env configured manifest
     # to do things in the block while a Script Compiler is in effect
-    main(manifest_file, facts, variables, :catalog, false, &block)
+    main(
+      manifest:                manifest_file,
+      facts:                   facts,
+      variables:               variables,
+      target_variables:        target_variables,
+      internal_compiler_class: :catalog,
+      set_local_facts:         false,
+      &block
+    )
   ensure
     # Clean up after ourselves
     Puppet[:tasks] = previous_tasks_value
@@ -382,11 +398,12 @@ module Pal
   # the provided block
   #
   def self.main(
-    manifest,
-    facts,
-    variables,
-    internal_compiler_class,
-    set_local_facts
+    manifest:                nil,
+    facts:                   {},
+    variables:               {},
+    target_variables:        {},
+    internal_compiler_class: nil,
+    set_local_facts:         true
   )
     # Configure the load path
     env = Puppet.lookup(:pal_env)
@@ -403,14 +420,11 @@ module Pal
     pal_variables = Puppet.lookup(:pal_variables)
 
     overrides = {}
+
     unless facts.nil? || facts.empty?
       pal_facts = pal_facts.merge(facts)
       overrides[:pal_facts] = pal_facts
     end
-    unless variables.nil? || variables.empty?
-      pal_variables = pal_variables.merge(variables)
-      overrides[:pal_variables] = pal_variables
-    end
 
     prepare_node_facts(node, pal_facts)
 
@@ -463,10 +477,17 @@ module Pal
         # TRANSLATORS: Do not translate, symbolic name
         Puppet.override(overrides, "PAL::with_#{internal_compiler_class}_compiler") do
           compiler.compile do | compiler_yield |
-            # In case the varaibles passed to the compiler are PCore types defined in modules, they
+            # In case the variables passed to the compiler are PCore types defined in modules, they
             # need to be deserialized and added from within the this scope, so that loaders are
             # available during deserizlization.
-            add_variables(compiler.topscope, Puppet::Pops::Serialization::FromDataConverter.convert(pal_variables))
+            pal_variables = Puppet::Pops::Serialization::FromDataConverter.convert(pal_variables)
+            variables     = Puppet::Pops::Serialization::FromDataConverter.convert(variables)
+
+            # Merge together target variables and plan variables. This will also shadow any
+            # collisions with facts and emit a warning.
+            topscope_vars = pal_variables.merge(merge_vars(target_variables, variables, node.facts.values))
+
+            add_variables(compiler.topscope, topscope_vars)
             # wrap the internal compiler to prevent it from leaking in the PAL API
             if block_given?
               yield(pal_compiler)
@@ -486,6 +507,38 @@ module Pal
   end
   private_class_method :main
 
+  # Warn and remove variables that will be shadowed by facts of the same
+  # name, which are set in scope earlier.
+  def self.merge_vars(target_vars, vars, facts)
+    # First, shadow plan and target variables by facts of the same name
+    vars        = shadow_vars(facts || {}, vars, 'fact', 'plan variable')
+    target_vars = shadow_vars(facts || {}, target_vars, 'fact', 'target variable')
+    # Then, shadow target variables by plan variables of the same name
+    target_vars = shadow_vars(vars, target_vars, 'plan variable', 'target variable')
+
+    target_vars.merge(vars)
+  end
+  private_class_method :merge_vars
+
+  def self.shadow_vars(vars, other_vars, vars_type, other_vars_type)
+    collisions, valid = other_vars.partition do |k, _|
+      vars.include?(k)
+    end
+
+    if collisions.any?
+      names = collisions.map { |k, _| "$#{k}" }.join(', ')
+      plural = collisions.length == 1 ? '' : 's'
+
+      Puppet.warning(
+        "#{other_vars_type.capitalize}#{plural} #{names} will be overridden by "\
+        "#{vars_type}#{plural} of the same name in the apply block"
+      )
+    end
+
+    valid.to_h
+  end
+  private_class_method :shadow_vars
+
   def self.create_internal_compiler(compiler_class_reference, node)
     case compiler_class_reference
     when :script

data/lib/puppet/parser/ast/leaf.rb

@@ -50,8 +50,9 @@ class Puppet::Parser::AST::HostName < Puppet::Parser::AST::Leaf
 end
 
 class Puppet::Parser::AST::Regex < Puppet::Parser::AST::Leaf
-  def initialize(hash)
-    super(**hash)
+  def initialize(value: nil, file: nil, line: nil, pos: nil)
+    super(value: value, file: file, line: line, pos: pos)
+
     # transform value from hash options unless it is already a regular expression
     @value = Regexp.new(@value) unless @value.is_a?(Regexp)
   end

data/lib/puppet/parser/functions/fqdn_rand.rb

@@ -2,13 +2,16 @@ require 'digest/md5'
 require 'digest/sha2'
 
 Puppet::Parser::Functions::newfunction(:fqdn_rand, :arity => -2, :type => :rvalue, :doc =>
-  "Usage: `fqdn_rand(MAX, [SEED])`. MAX is required and must be a positive
-  integer; SEED is optional and may be any number or string.
+  "Usage: `fqdn_rand(MAX, [SEED], [DOWNCASE])`. MAX is required and must be a positive
+  integer; SEED is optional and may be any number or string; DOWNCASE is optional
+  and should be a boolean true or false.
 
   Generates a random Integer number greater than or equal to 0 and less than MAX,
   combining the `$fqdn` fact and the value of SEED for repeatable randomness.
   (That is, each node will get a different random number from this function, but
-  a given node's result will be the same every time unless its hostname changes.)
+  a given node's result will be the same every time unless its hostname changes.) If
+  DOWNCASE is true, then the `fqdn` fact will be downcased when computing the value
+  so that the result is not sensitive to the case of the `fqdn` fact.
 
   This function is usually used for spacing out runs of resource-intensive cron
   tasks that run on many nodes, which could cause a thundering herd or degrade
@@ -17,7 +20,12 @@ Puppet::Parser::Functions::newfunction(:fqdn_rand, :arity => -2, :type => :rvalu
   node. (For example, `fqdn_rand(30)`, `fqdn_rand(30, 'expensive job 1')`, and
   `fqdn_rand(30, 'expensive job 2')` will produce totally different numbers.)") do |args|
     max = args.shift.to_i
- 
+    initial_seed = args.shift
+    downcase = !!args.shift
+
+    fqdn = self['::fqdn']
+    fqdn = fqdn.downcase if downcase
+
     # Puppet 5.4's fqdn_rand function produces a different value than earlier versions
     # for the same set of inputs.
     # This causes problems because the values are often written into service configuration files.
@@ -27,9 +35,9 @@ Puppet::Parser::Functions::newfunction(:fqdn_rand, :arity => -2, :type => :rvalu
     # when running on a non-FIPS enabled platform and only using SHA256 on FIPS enabled
     # platforms.
     if Puppet::Util::Platform.fips_enabled?
-      seed = Digest::SHA256.hexdigest([self['::fqdn'],max,args].join(':')).hex
+      seed = Digest::SHA256.hexdigest([fqdn,max,initial_seed].join(':')).hex
     else
-      seed = Digest::MD5.hexdigest([self['::fqdn'],max,args].join(':')).hex
+      seed = Digest::MD5.hexdigest([fqdn,max,initial_seed].join(':')).hex
     end
 
     Puppet::Util.deterministic_rand_int(seed,max)