puppet 6.19.1 → 6.20.0

data/lib/puppet/indirector/facts/yaml.rb

@@ -1,10 +1,13 @@
 require 'puppet/node/facts'
 require 'puppet/indirector/yaml'
+require 'puppet/indirector/fact_search'
 
 class Puppet::Node::Facts::Yaml < Puppet::Indirector::Yaml
   desc "Store client facts as flat files, serialized using YAML, or
     return deserialized facts from disk."
 
+  include Puppet::Indirector::FactSearch
+
   def search(request)
     node_names = []
     Dir.glob(yaml_dir_path).each do |file|
@@ -23,62 +26,4 @@ class Puppet::Node::Facts::Yaml < Puppet::Indirector::Yaml
     base = Puppet.run_mode.server? ? Puppet[:yamldir] : Puppet[:clientyamldir]
     File.join(base, 'facts', '*.yaml')
   end
-
-  def node_matches?(facts, options)
-    options.each do |key, value|
-      type, name, operator = key.to_s.split(".")
-      operator ||= 'eq'
-
-      return false unless node_matches_option?(type, name, operator, value, facts)
-    end
-    return true
-  end
-
-  def node_matches_option?(type, name, operator, value, facts)
-    case type
-    when "meta"
-      case name
-      when "timestamp"
-        compare_timestamp(operator, facts.timestamp, Time.parse(value))
-      end
-    when "facts"
-      compare_facts(operator, facts.values[name], value)
-    end
-  end
-
-  def compare_facts(operator, value1, value2)
-    return false unless value1
-
-    case operator
-    when "eq"
-      value1.to_s == value2.to_s
-    when "le"
-      value1.to_f <= value2.to_f
-    when "ge"
-      value1.to_f >= value2.to_f
-    when "lt"
-      value1.to_f < value2.to_f
-    when "gt"
-      value1.to_f > value2.to_f
-    when "ne"
-      value1.to_s != value2.to_s
-    end
-  end
-
-  def compare_timestamp(operator, value1, value2)
-    case operator
-    when "eq"
-      value1 == value2
-    when "le"
-      value1 <= value2
-    when "ge"
-      value1 >= value2
-    when "lt"
-      value1 < value2
-    when "gt"
-      value1 > value2
-    when "ne"
-      value1 != value2
-    end
-  end
 end

data/lib/puppet/indirector/json.rb

@@ -41,12 +41,16 @@ class Puppet::Indirector::JSON < Puppet::Indirector::Terminus
       raise ArgumentError, _("invalid key")
     end
 
-    base = Puppet.run_mode.server? ? Puppet[:server_datadir] : Puppet[:client_datadir]
+    base = data_dir
     File.join(base, self.class.indirection_name.to_s, name.to_s + ext)
   end
 
   private
 
+  def data_dir()
+    Puppet.run_mode.server? ? Puppet[:server_datadir] : Puppet[:client_datadir]
+  end
+
   def load_json_from_file(file, key)
     json = nil
 

data/lib/puppet/indirector/node/json.rb

@@ -0,0 +1,8 @@
+require 'puppet/node'
+require 'puppet/indirector/json'
+
+class Puppet::Node::Json < Puppet::Indirector::JSON
+  desc "Store node information as flat files, serialized using JSON,
+    or deserialize stored JSON nodes."
+
+end

data/lib/puppet/indirector/report/json.rb

@@ -0,0 +1,34 @@
+require 'puppet/transaction/report'
+require 'puppet/indirector/json'
+
+class Puppet::Transaction::Report::Json < Puppet::Indirector::JSON
+  include Puppet::Util::SymbolicFileMode
+
+  desc "Store last report as a flat file, serialized using JSON."
+
+  # Force report to be saved there
+  def path(name,ext='.json')
+    Puppet[:lastrunreport]
+  end
+
+  def save(request)
+    filename = path(request.key)
+    mode = Puppet.settings.setting(:lastrunreport).mode
+
+    unless valid_symbolic_mode?(mode)
+      raise Puppet::DevError, _("replace_file mode: %{mode} is invalid") % { mode: mode }
+    end
+
+    mode = symbolic_mode_to_int(normalize_symbolic_mode(mode))
+
+    FileUtils.mkdir_p(File.dirname(filename))
+
+    begin
+      Puppet::FileSystem.replace_file(filename, mode) do |fh|
+        fh.print JSON.dump(request.instance)
+      end
+    rescue TypeError => detail
+      Puppet.err _("Could not save %{indirection} %{request}: %{detail}") % { indirection: self.name, request: request.key, detail: detail }
+    end
+  end
+end

data/lib/puppet/module_tool/applications/installer.rb

@@ -131,8 +131,54 @@ module Puppet::ModuleTool
           begin
             Puppet.info _("Resolving dependencies ...")
             releases = SemanticPuppet::Dependency.resolve(graph)
-          rescue SemanticPuppet::Dependency::UnsatisfiableGraph
-            raise NoVersionsSatisfyError, results.merge(:requested_name => name)
+          rescue SemanticPuppet::Dependency::UnsatisfiableGraph => e
+            unsatisfied = nil
+
+            if e.respond_to?(:unsatisfied)
+              constraints = {}
+              # If the module we're installing satisfies all its
+              # dependencies, but would break an already installed
+              # module that depends on it, show what would break.
+              if name == e.unsatisfied
+                graph.constraints[name].each do |mod, range, _|
+                  next unless mod.split.include?('constraint')
+
+                  # If the user requested a specific version or range,
+                  # only show the modules with non-intersecting ranges
+                  if options[:version]
+                    requested_range = SemanticPuppet::VersionRange.parse(options[:version])
+                    constraint_range = SemanticPuppet::VersionRange.parse(range)
+
+                    if requested_range.intersection(constraint_range) == SemanticPuppet::VersionRange::EMPTY_RANGE
+                      constraints[mod.split.first] = range
+                    end
+                  else
+                    constraints[mod.split.first] = range
+                  end
+                end
+
+              # If the module fails to satisfy one of its
+              # dependencies, show the unsatisfiable module
+              else
+                unsatisfied_range = graph.dependencies[name].max.constraints[e.unsatisfied].first[1]
+                constraints[e.unsatisfied] = unsatisfied_range
+              end
+
+              installed_module = @environment.module_by_forge_name(e.unsatisfied.tr('-', '/'))
+              current_version = installed_module.version if installed_module
+
+              unsatisfied = {
+                :name => e.unsatisfied,
+                :constraints => constraints,
+                :current_version => current_version
+              }
+            end
+
+            raise NoVersionsSatisfyError, results.merge(
+                    :requested_name => name,
+                    :requested_version => options[:version] || graph.dependencies[name].max.version.to_s,
+                    :unsatisfied => unsatisfied
+            )
           end
 
           unless forced?

data/lib/puppet/module_tool/errors/shared.rb

@@ -7,6 +7,7 @@ module Puppet::ModuleTool::Errors
       @installed_version = options[:installed_version]
       @conditions        = options[:conditions]
       @action            = options[:action]
+      @unsatisfied       = options[:unsatisfied]
 
       super _("Could not %{action} '%{module_name}' (%{version}); no version satisfies all dependencies") % { action: @action, module_name: @requested_name, version: vstring }
     end
@@ -14,9 +15,23 @@ module Puppet::ModuleTool::Errors
     def multiline
       message = []
       message << _("Could not %{action} module '%{module_name}' (%{version})") % { action: @action, module_name: @requested_name, version: vstring }
-      message << _("  No version of '%{module_name}' can satisfy all dependencies") % { module_name: @requested_name }
+
+      if @unsatisfied
+        message << _("  The requested version cannot satisfy one or more of the following installed modules:")
+        if @unsatisfied[:current_version]
+          message << _("    %{name}, installed: %{current_version}, expected: %{constraints}") % { name: @unsatisfied[:name], current_version: @unsatisfied[:current_version], constraints: @unsatisfied[:constraints][@unsatisfied[:name]] }
+        else
+          @unsatisfied[:constraints].each do |mod, range|
+            message << _("    %{mod}, expects '%{name}': %{range}") % { mod: mod, name: @requested_name, range: range }
+          end
+        end
+        message << _("")
+      else
+        message << _("  The requested version cannot satisfy all dependencies")
+      end
+
       #TRANSLATORS `puppet module %{action} --ignore-dependencies` is a command line and should not be translated
-      message << _("    Use `puppet module %{action} --ignore-dependencies` to %{action} only this module") % { action: @action }
+      message << _("  Use `puppet module %{action} '%{module_name}' --ignore-dependencies` to %{action} only this module") % { action: @action, module_name: @requested_name }
       message.join("\n")
     end
   end

data/lib/puppet/network/formats.rb

@@ -255,7 +255,8 @@ Puppet::Network::FormatHandler.create_serialized_formats(:rich_data_msgpack, mim
   end
 
   def supported?(klass)
-    klass == Puppet::Resource::Catalog &&
+    suitable? &&
+      klass == Puppet::Resource::Catalog &&
       Puppet.lookup(:current_environment).rich_data?
   end
 end

data/lib/puppet/pal/pal_impl.rb

@@ -58,8 +58,8 @@ module Pal
       configured_by_env: false,
       manifest_file:     nil,
       code_string:       nil,
-      facts:             nil,
-      variables:         nil,
+      facts:             {},
+      variables:         {},
       set_local_facts:   true,
       &block
     )
@@ -93,7 +93,14 @@ module Pal
 
     # If manifest_file is nil, the #main method will use the env configured manifest
     # to do things in the block while a Script Compiler is in effect
-    main(manifest_file, facts, variables, :script, set_local_facts, &block)
+    main(
+      manifest:                manifest_file,
+      facts:                   facts,
+      variables:               variables,
+      internal_compiler_class: :script,
+      set_local_facts:         set_local_facts,
+      &block
+    )
   ensure
     Puppet[:tasks] = previous_tasks_value
     Puppet[:code] = previous_code_value
@@ -157,8 +164,9 @@ module Pal
     configured_by_env: false,
       manifest_file:     nil,
       code_string:       nil,
-      facts:             nil,
-      variables:         nil,
+      facts:             {},
+      variables:         {},
+      target_variables:  {},
       &block
   )
     # TRANSLATORS: do not translate variable name strings in these assertions
@@ -193,7 +201,15 @@ module Pal
 
     # If manifest_file is nil, the #main method will use the env configured manifest
     # to do things in the block while a Script Compiler is in effect
-    main(manifest_file, facts, variables, :catalog, false, &block)
+    main(
+      manifest:                manifest_file,
+      facts:                   facts,
+      variables:               variables,
+      target_variables:        target_variables,
+      internal_compiler_class: :catalog,
+      set_local_facts:         false,
+      &block
+    )
   ensure
     # Clean up after ourselves
     Puppet[:tasks] = previous_tasks_value
@@ -382,11 +398,12 @@ module Pal
   # the provided block
   #
   def self.main(
-    manifest,
-    facts,
-    variables,
-    internal_compiler_class,
-    set_local_facts
+    manifest:                nil,
+    facts:                   {},
+    variables:               {},
+    target_variables:        {},
+    internal_compiler_class: nil,
+    set_local_facts:         true
   )
     # Configure the load path
     env = Puppet.lookup(:pal_env)
@@ -403,14 +420,11 @@ module Pal
     pal_variables = Puppet.lookup(:pal_variables)
 
     overrides = {}
+
     unless facts.nil? || facts.empty?
       pal_facts = pal_facts.merge(facts)
       overrides[:pal_facts] = pal_facts
     end
-    unless variables.nil? || variables.empty?
-      pal_variables = pal_variables.merge(variables)
-      overrides[:pal_variables] = pal_variables
-    end
 
     prepare_node_facts(node, pal_facts)
 
@@ -463,10 +477,17 @@ module Pal
         # TRANSLATORS: Do not translate, symbolic name
         Puppet.override(overrides, "PAL::with_#{internal_compiler_class}_compiler") do
           compiler.compile do | compiler_yield |
-            # In case the varaibles passed to the compiler are PCore types defined in modules, they
+            # In case the variables passed to the compiler are PCore types defined in modules, they
             # need to be deserialized and added from within the this scope, so that loaders are
             # available during deserizlization.
-            add_variables(compiler.topscope, Puppet::Pops::Serialization::FromDataConverter.convert(pal_variables))
+            pal_variables = Puppet::Pops::Serialization::FromDataConverter.convert(pal_variables)
+            variables     = Puppet::Pops::Serialization::FromDataConverter.convert(variables)
+
+            # Merge together target variables and plan variables. This will also shadow any
+            # collisions with facts and emit a warning.
+            topscope_vars = pal_variables.merge(merge_vars(target_variables, variables, node.facts.values))
+
+            add_variables(compiler.topscope, topscope_vars)
             # wrap the internal compiler to prevent it from leaking in the PAL API
             if block_given?
               yield(pal_compiler)
@@ -486,6 +507,38 @@ module Pal
   end
   private_class_method :main
 
+  # Warn and remove variables that will be shadowed by facts of the same
+  # name, which are set in scope earlier.
+  def self.merge_vars(target_vars, vars, facts)
+    # First, shadow plan and target variables by facts of the same name
+    vars        = shadow_vars(facts || {}, vars, 'fact', 'plan variable')
+    target_vars = shadow_vars(facts || {}, target_vars, 'fact', 'target variable')
+    # Then, shadow target variables by plan variables of the same name
+    target_vars = shadow_vars(vars, target_vars, 'plan variable', 'target variable')
+
+    target_vars.merge(vars)
+  end
+  private_class_method :merge_vars
+
+  def self.shadow_vars(vars, other_vars, vars_type, other_vars_type)
+    collisions, valid = other_vars.partition do |k, _|
+      vars.include?(k)
+    end
+
+    if collisions.any?
+      names = collisions.map { |k, _| "$#{k}" }.join(', ')
+      plural = collisions.length == 1 ? '' : 's'
+
+      Puppet.warning(
+        "#{other_vars_type.capitalize}#{plural} #{names} will be overridden by "\
+        "#{vars_type}#{plural} of the same name in the apply block"
+      )
+    end
+
+    valid.to_h
+  end
+  private_class_method :shadow_vars
+
   def self.create_internal_compiler(compiler_class_reference, node)
     case compiler_class_reference
     when :script

data/lib/puppet/parser/ast/leaf.rb

@@ -50,8 +50,9 @@ class Puppet::Parser::AST::HostName < Puppet::Parser::AST::Leaf
 end
 
 class Puppet::Parser::AST::Regex < Puppet::Parser::AST::Leaf
-  def initialize(hash)
-    super(**hash)
+  def initialize(value: nil, file: nil, line: nil, pos: nil)
+    super(value: value, file: file, line: line, pos: pos)
+
     # transform value from hash options unless it is already a regular expression
     @value = Regexp.new(@value) unless @value.is_a?(Regexp)
   end

data/lib/puppet/parser/templatewrapper.rb

@@ -50,7 +50,7 @@ class Puppet::Parser::TemplateWrapper
   # @return [Array<String>] The tags defined in the current scope
   # @api public
   def tags
-    scope.tags
+    raise NotImplementedError, "Call 'all_tags' instead."
   end
 
   # @return [Array<String>] All the defined tags

data/lib/puppet/pops/evaluator/deferred_resolver.rb

@@ -16,10 +16,12 @@ class DeferredResolver
   #
   # @param facts [Puppet::Node::Facts] the facts object for the node
   # @param catalog [Puppet::Resource::Catalog] the catalog where all deferred values should be replaced
+  # @param environment [Puppet::Node::Environment] the environment whose anonymous module methods
+  #  are to be mixed into the scope
   # @return [nil] does not return anything - the catalog is modified as a side effect
   #
-  def self.resolve_and_replace(facts, catalog)
-    compiler = Puppet::Parser::ScriptCompiler.new(catalog.environment_instance, catalog.name, true)
+  def self.resolve_and_replace(facts, catalog, environment = catalog.environment_instance)
+    compiler = Puppet::Parser::ScriptCompiler.new(environment, catalog.name, true)
     resolver = new(compiler)
     resolver.set_facts_variable(facts)
     # TODO:
@@ -108,7 +110,7 @@ class DeferredResolver
     # If any of the arguments to a future is a future it needs to be resolved first
     func_name = f.name
     mapped_arguments = map_arguments(f.arguments)
-    # if name starts with $ then this is a call to dig 
+    # if name starts with $ then this is a call to dig
     if func_name[0] == DOLLAR
       var_name = func_name[1..-1]
       func_name = DIG

data/lib/puppet/pops/evaluator/evaluator_impl.rb

@@ -462,10 +462,24 @@ class EvaluatorImpl
   end
 
   def eval_EppExpression(o, scope)
+    contains_sensitive = false
+
     scope["@epp"] = []
     evaluate(o.body, scope)
-    result = scope["@epp"].join
-    result
+    result = scope["@epp"].map do |r|
+      if r.instance_of?(Puppet::Pops::Types::PSensitiveType::Sensitive)
+        contains_sensitive = true
+        string(r.unwrap, scope)
+      else
+        r
+      end
+    end.join
+
+    if contains_sensitive
+      Puppet::Pops::Types::PSensitiveType::Sensitive.new(result)
+    else
+      result
+    end
   end
 
   def eval_RenderStringExpression(o, scope)
@@ -474,7 +488,12 @@ class EvaluatorImpl
   end
 
   def eval_RenderExpression(o, scope)
-    scope["@epp"] << string(evaluate(o.expr, scope), scope)
+    result = evaluate(o.expr, scope)
+    if result.instance_of?(Puppet::Pops::Types::PSensitiveType::Sensitive)
+      scope["@epp"] << result
+    else
+      scope["@epp"] << string(result, scope)
+    end
     nil
   end