puppet 6.21.0-x86-mingw32 → 6.24.0-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +1 -1
- data/Gemfile.lock +29 -23
- data/README.md +4 -4
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +3 -2
- data/lib/puppet.rb +3 -3
- data/lib/puppet/application/agent.rb +12 -5
- data/lib/puppet/application/apply.rb +2 -1
- data/lib/puppet/application/device.rb +2 -1
- data/lib/puppet/application/filebucket.rb +1 -0
- data/lib/puppet/application/resource.rb +17 -3
- data/lib/puppet/application/script.rb +2 -1
- data/lib/puppet/application/ssl.rb +12 -0
- data/lib/puppet/configurer/downloader.rb +2 -1
- data/lib/puppet/defaults.rb +27 -5
- data/lib/puppet/environments.rb +26 -1
- data/lib/puppet/face/facts.rb +128 -30
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/node/clean.rb +11 -0
- data/lib/puppet/file_serving/fileset.rb +14 -2
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +4 -2
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +12 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +69 -0
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/indirector/catalog/compiler.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +24 -3
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/indirector/resource/ral.rb +6 -1
- data/lib/puppet/interface/documentation.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +4 -0
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/network/formats.rb +67 -0
- data/lib/puppet/network/http/factory.rb +4 -0
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/package/pip.rb +15 -3
- data/lib/puppet/provider/parsedfile.rb +3 -0
- data/lib/puppet/provider/service/systemd.rb +14 -4
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/directoryservice.rb +25 -12
- data/lib/puppet/provider/user/useradd.rb +9 -2
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/settings.rb +30 -7
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/type/exec.rb +16 -3
- data/lib/puppet/type/file.rb +19 -1
- data/lib/puppet/type/file/mode.rb +6 -0
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/service.rb +18 -38
- data/lib/puppet/type/tidy.rb +22 -3
- data/lib/puppet/type/user.rb +38 -20
- data/lib/puppet/util/fact_dif.rb +36 -17
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/api_types.rb +1 -1
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +6 -2
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +360 -280
- data/man/man5/puppet.conf.5 +279 -251
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +65 -7
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +7 -7
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet-status.8 +4 -4
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/integration/application/filebucket_spec.rb +11 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/application/resource_spec.rb +64 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/indirector/facts/facter_spec.rb +90 -36
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/lib/puppet/test_ca.rb +7 -2
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/spec_helper.rb +11 -1
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/application/facts_spec.rb +482 -3
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +23 -0
- data/spec/unit/defaults_spec.rb +16 -0
- data/spec/unit/environments_spec.rb +199 -88
- data/spec/unit/face/facts_spec.rb +4 -0
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/file_system_spec.rb +15 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/service/compiler_spec.rb +123 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
- data/spec/unit/indirector/facts/facter_spec.rb +95 -0
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
- data/spec/unit/network/formats_spec.rb +41 -0
- data/spec/unit/network/http/factory_spec.rb +19 -0
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/package/pip_spec.rb +37 -0
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/systemd_spec.rb +53 -8
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
- data/spec/unit/provider/user/useradd_spec.rb +21 -6
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/settings_spec.rb +97 -56
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/service_spec.rb +59 -188
- data/spec/unit/type/tidy_spec.rb +24 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/spec/unit/util/windows/sid_spec.rb +41 -0
- data/tasks/generate_cert_fixtures.rake +12 -3
- metadata +24 -9
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
@@ -360,14 +360,14 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
360
360
|
resource[:forcelocal] = true
|
361
361
|
allow(Puppet::FileSystem).to receive(:exist?).with('/etc/passwd').and_return(true)
|
362
362
|
allow(Puppet::FileSystem).to receive(:each_line).with('/etc/passwd').and_yield(content)
|
363
|
-
expect(provider.gid).to eq(
|
363
|
+
expect(provider.gid).to eq(999)
|
364
364
|
end
|
365
365
|
|
366
366
|
it "should fall back to nameservice GID when forcelocal is false" do
|
367
367
|
resource[:forcelocal] = false
|
368
|
-
allow(provider).to receive(:get).with(:gid).and_return(
|
368
|
+
allow(provider).to receive(:get).with(:gid).and_return(1234)
|
369
369
|
expect(provider).not_to receive(:localgid)
|
370
|
-
expect(provider.gid).to eq(
|
370
|
+
expect(provider.gid).to eq(1234)
|
371
371
|
end
|
372
372
|
end
|
373
373
|
|
@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
375
375
|
before { described_class.has_feature :manages_local_users_and_groups }
|
376
376
|
|
377
377
|
let(:content) do
|
378
|
-
<<~EOF
|
378
|
+
StringIO.new(<<~EOF)
|
379
379
|
group1:x:0:myuser
|
380
380
|
group2:x:999:
|
381
381
|
group3:x:998:myuser
|
382
382
|
EOF
|
383
383
|
end
|
384
384
|
|
385
|
+
let(:content_with_empty_line) do
|
386
|
+
StringIO.new(<<~EOF)
|
387
|
+
group1:x:0:myuser
|
388
|
+
group2:x:999:
|
389
|
+
group3:x:998:myuser
|
390
|
+
|
391
|
+
EOF
|
392
|
+
end
|
393
|
+
|
385
394
|
it "should return the local groups string when forcelocal is true" do
|
386
395
|
resource[:forcelocal] = true
|
387
|
-
group1, group2, group3 = content.split
|
388
396
|
allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
|
389
|
-
allow(
|
397
|
+
allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
|
390
398
|
expect(provider.groups).to eq(['group1', 'group3'])
|
391
399
|
end
|
392
400
|
|
401
|
+
it "does not raise when parsing empty lines in /etc/group" do
|
402
|
+
resource[:forcelocal] = true
|
403
|
+
allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
|
404
|
+
allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
|
405
|
+
expect { provider.groups }.not_to raise_error
|
406
|
+
end
|
407
|
+
|
393
408
|
it "should fall back to nameservice groups when forcelocal is false" do
|
394
409
|
resource[:forcelocal] = false
|
395
410
|
allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])
|
@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
|
|
205
205
|
end
|
206
206
|
|
207
207
|
it "should set itself as the catalog for each converted resource" do
|
208
|
-
@catalog.vertices.each { |v| expect(v.catalog.object_id).to
|
208
|
+
@catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
|
209
209
|
end
|
210
210
|
|
211
211
|
# This tests #931.
|
data/spec/unit/settings_spec.rb
CHANGED
@@ -29,6 +29,17 @@ describe Puppet::Settings do
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
+
def stub_config_with(content)
|
33
|
+
allow(Puppet.features).to receive(:root?).and_return(false)
|
34
|
+
expect(Puppet::FileSystem).to receive(:exist?).
|
35
|
+
with(user_config_file_default_location).
|
36
|
+
and_return(true).ordered
|
37
|
+
expect(@settings).to receive(:read_file).
|
38
|
+
with(user_config_file_default_location).
|
39
|
+
and_return(content).ordered
|
40
|
+
@settings.send(:parse_config_files)
|
41
|
+
end
|
42
|
+
|
32
43
|
describe "when specifying defaults" do
|
33
44
|
before do
|
34
45
|
@settings = Puppet::Settings.new
|
@@ -264,23 +275,31 @@ describe Puppet::Settings do
|
|
264
275
|
expect(@settings[:myval]).to eq("")
|
265
276
|
end
|
266
277
|
|
267
|
-
it "should
|
278
|
+
it "should retrieve numeric settings from the CLI" do
|
268
279
|
@settings.handlearg("--myval", "12")
|
269
|
-
expect(@settings.set_by_cli
|
280
|
+
expect(@settings.set_by_cli(:myval)).to eq(12)
|
281
|
+
expect(@settings.set_by_cli?(:myval)).to be true
|
270
282
|
end
|
271
283
|
|
272
|
-
it "should
|
284
|
+
it "should retrieve string settings from the CLI" do
|
285
|
+
@settings.handlearg("--myval", "something")
|
286
|
+
expect(@settings.set_by_cli(:myval)).to eq("something")
|
287
|
+
expect(@settings.set_by_cli?(:myval)).to be true
|
288
|
+
end
|
289
|
+
|
290
|
+
it "should retrieve bool settings from the CLI" do
|
273
291
|
@settings.handlearg("--bool")
|
274
|
-
expect(@settings.set_by_cli
|
292
|
+
expect(@settings.set_by_cli(:bool)).to be true
|
293
|
+
expect(@settings.set_by_cli?(:bool)).to be true
|
275
294
|
end
|
276
295
|
|
277
|
-
it "should not
|
296
|
+
it "should not retrieve settings set in memory as from CLI" do
|
278
297
|
@settings[:myval] = "12"
|
279
|
-
expect(@settings.set_by_cli?(:myval)).to
|
298
|
+
expect(@settings.set_by_cli?(:myval)).to be false
|
280
299
|
end
|
281
300
|
|
282
301
|
it "should find no configured settings by default" do
|
283
|
-
expect(@settings.set_by_config?(:myval)).to
|
302
|
+
expect(@settings.set_by_config?(:myval)).to be false
|
284
303
|
end
|
285
304
|
|
286
305
|
it "should identify configured settings in memory" do
|
@@ -304,64 +323,66 @@ describe Puppet::Settings do
|
|
304
323
|
expect(@settings.set_by_config?(:manifest, Puppet[:environment])).to be_truthy
|
305
324
|
end
|
306
325
|
|
307
|
-
|
308
|
-
|
326
|
+
context "when handling puppet.conf" do
|
327
|
+
describe "#set_by_config?" do
|
328
|
+
it "should identify configured settings from the preferred run mode" do
|
329
|
+
stub_config_with(<<~CONFIG)
|
330
|
+
[#{@settings.preferred_run_mode}]
|
331
|
+
myval = foo
|
332
|
+
CONFIG
|
309
333
|
|
310
|
-
|
311
|
-
|
312
|
-
with(user_config_file_default_location).
|
313
|
-
and_return(true).ordered
|
314
|
-
expect(@settings).to receive(:read_file).
|
315
|
-
with(user_config_file_default_location).
|
316
|
-
and_return(user_config_text).ordered
|
334
|
+
expect(@settings.set_by_config?(:myval)).to be_truthy
|
335
|
+
end
|
317
336
|
|
318
|
-
|
319
|
-
|
320
|
-
|
337
|
+
it "should identify configured settings from the specified run mode" do
|
338
|
+
stub_config_with(<<~CONFIG)
|
339
|
+
[server]
|
340
|
+
myval = foo
|
341
|
+
CONFIG
|
321
342
|
|
322
|
-
|
323
|
-
|
343
|
+
expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
|
344
|
+
end
|
324
345
|
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
with(user_config_file_default_location).
|
331
|
-
and_return(user_config_text).ordered
|
346
|
+
it "should not identify configured settings from an unspecified run mode" do
|
347
|
+
stub_config_with(<<~CONFIG)
|
348
|
+
[zaz]
|
349
|
+
myval = foo
|
350
|
+
CONFIG
|
332
351
|
|
333
|
-
|
334
|
-
|
335
|
-
end
|
352
|
+
expect(@settings.set_by_config?(:myval)).to be_falsey
|
353
|
+
end
|
336
354
|
|
337
|
-
|
338
|
-
|
355
|
+
it "should identify configured settings from the main section" do
|
356
|
+
stub_config_with(<<~CONFIG)
|
357
|
+
[main]
|
358
|
+
myval = foo
|
359
|
+
CONFIG
|
339
360
|
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
and_return(true).ordered
|
344
|
-
expect(@settings).to receive(:read_file).
|
345
|
-
with(user_config_file_default_location).
|
346
|
-
and_return(user_config_text).ordered
|
361
|
+
expect(@settings.set_by_config?(:myval)).to be_truthy
|
362
|
+
end
|
363
|
+
end
|
347
364
|
|
348
|
-
|
349
|
-
|
350
|
-
|
365
|
+
describe "#set_in_section" do
|
366
|
+
it "should retrieve configured settings from the specified section" do
|
367
|
+
stub_config_with(<<~CONFIG)
|
368
|
+
[agent]
|
369
|
+
myval = foo
|
370
|
+
CONFIG
|
351
371
|
|
352
|
-
|
353
|
-
|
372
|
+
expect(@settings.set_in_section(:myval, :agent)).to eq("foo")
|
373
|
+
expect(@settings.set_in_section?(:myval, :agent)).to be true
|
374
|
+
end
|
354
375
|
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
with(user_config_file_default_location).
|
361
|
-
and_return(user_config_text).ordered
|
376
|
+
it "should not retrieve configured settings from a different section" do
|
377
|
+
stub_config_with(<<~CONFIG)
|
378
|
+
[main]
|
379
|
+
myval = foo
|
380
|
+
CONFIG
|
362
381
|
|
363
|
-
|
364
|
-
|
382
|
+
expect(@settings.set_in_section(:myval, :agent)).to be nil
|
383
|
+
expect(@settings.set_in_section?(:myval, :agent)).to be false
|
384
|
+
end
|
385
|
+
end
|
365
386
|
end
|
366
387
|
|
367
388
|
it "should clear the cache when setting getopt-specific values" do
|
@@ -2120,7 +2141,7 @@ describe Puppet::Settings do
|
|
2120
2141
|
end
|
2121
2142
|
|
2122
2143
|
def a_user_type_for(username)
|
2123
|
-
user = double('user')
|
2144
|
+
user = double('user', 'suitable?': true, to_s: "User[#{username}]")
|
2124
2145
|
expect(Puppet::Type.type(:user)).to receive(:new).with(hash_including(name: username)).and_return(user)
|
2125
2146
|
user
|
2126
2147
|
end
|
@@ -2153,6 +2174,16 @@ describe Puppet::Settings do
|
|
2153
2174
|
|
2154
2175
|
expect(settings).to be_service_user_available
|
2155
2176
|
end
|
2177
|
+
|
2178
|
+
it "raises if the user is not suitable" do
|
2179
|
+
settings[:user] = "foo"
|
2180
|
+
|
2181
|
+
expect(a_user_type_for("foo")).to receive(:suitable?).and_return(false)
|
2182
|
+
|
2183
|
+
expect {
|
2184
|
+
settings.service_user_available?
|
2185
|
+
}.to raise_error(Puppet::Error, /Cannot manage owner permissions, because the provider for 'User\[foo\]' is not functional/)
|
2186
|
+
end
|
2156
2187
|
end
|
2157
2188
|
|
2158
2189
|
describe "when determining if the service group is available" do
|
@@ -2163,7 +2194,7 @@ describe Puppet::Settings do
|
|
2163
2194
|
end
|
2164
2195
|
|
2165
2196
|
def a_group_type_for(groupname)
|
2166
|
-
group = double('group')
|
2197
|
+
group = double('group', 'suitable?': true, to_s: "Group[#{groupname}]")
|
2167
2198
|
expect(Puppet::Type.type(:group)).to receive(:new).with(hash_including(name: groupname)).and_return(group)
|
2168
2199
|
group
|
2169
2200
|
end
|
@@ -2196,6 +2227,16 @@ describe Puppet::Settings do
|
|
2196
2227
|
|
2197
2228
|
expect(settings).to be_service_group_available
|
2198
2229
|
end
|
2230
|
+
|
2231
|
+
it "raises if the group is not suitable" do
|
2232
|
+
settings[:group] = "foo"
|
2233
|
+
|
2234
|
+
expect(a_group_type_for("foo")).to receive(:suitable?).and_return(false)
|
2235
|
+
|
2236
|
+
expect {
|
2237
|
+
settings.service_group_available?
|
2238
|
+
}.to raise_error(Puppet::Error, /Cannot manage group permissions, because the provider for 'Group\[foo\]' is not functional/)
|
2239
|
+
end
|
2199
2240
|
end
|
2200
2241
|
|
2201
2242
|
describe "when dealing with command-line options" do
|
@@ -31,6 +31,14 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
|
|
31
31
|
allow(Kernel).to receive(:sleep)
|
32
32
|
end
|
33
33
|
|
34
|
+
def expected_digest(name, content)
|
35
|
+
OpenSSL::Digest.new(name).hexdigest(content)
|
36
|
+
end
|
37
|
+
|
38
|
+
def to_fingerprint(digest)
|
39
|
+
digest.scan(/../).join(':').upcase
|
40
|
+
end
|
41
|
+
|
34
42
|
context 'when passing keyword arguments' do
|
35
43
|
it "accepts digest" do
|
36
44
|
expect(described_class.new(digest: 'SHA512').digest).to eq('SHA512')
|
@@ -395,29 +403,35 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
|
|
395
403
|
|
396
404
|
it 'verifies CA cert bundle if a ca_fingerprint is given case-insensitively' do
|
397
405
|
Puppet[:log_level] = :info
|
398
|
-
|
406
|
+
|
407
|
+
digest = expected_digest('SHA256', cacert_pem)
|
408
|
+
fingerprint = to_fingerprint(digest)
|
409
|
+
machine = described_class.new(digest: 'SHA256', ca_fingerprint: digest.downcase)
|
399
410
|
state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
|
400
411
|
state.next_state
|
401
412
|
|
402
|
-
expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256)
|
413
|
+
expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256) #{fingerprint}"))
|
403
414
|
end
|
404
415
|
|
405
416
|
it 'verifies CA cert bundle using non-default fingerprint' do
|
406
417
|
Puppet[:log_level] = :info
|
407
|
-
|
418
|
+
|
419
|
+
digest = expected_digest('SHA512', cacert_pem)
|
420
|
+
machine = described_class.new(digest: 'SHA512', ca_fingerprint: digest)
|
408
421
|
state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
|
409
422
|
state.next_state
|
410
423
|
|
411
|
-
expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512)
|
424
|
+
expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512) #{to_fingerprint(digest)}"))
|
412
425
|
end
|
413
426
|
|
414
427
|
it 'returns an error if verification fails' do
|
415
428
|
machine = described_class.new(digest: 'SHA256', ca_fingerprint: 'wrong!')
|
416
429
|
state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
|
417
430
|
|
431
|
+
fingerprint = to_fingerprint(expected_digest('SHA256', cacert_pem))
|
418
432
|
st = state.next_state
|
419
433
|
expect(st).to be_an_instance_of(Puppet::SSL::StateMachine::Error)
|
420
|
-
expect(st.message).to eq("CA bundle with digest (SHA256)
|
434
|
+
expect(st.message).to eq("CA bundle with digest (SHA256) #{fingerprint} did not match expected digest WR:ON:G!")
|
421
435
|
end
|
422
436
|
end
|
423
437
|
end
|
@@ -5,13 +5,6 @@ require 'puppet_spec/compiler'
|
|
5
5
|
require 'puppet/transaction'
|
6
6
|
require 'fileutils'
|
7
7
|
|
8
|
-
Puppet::Type.newtype(:generator) do
|
9
|
-
newparam(:name) { isnamevar }
|
10
|
-
|
11
|
-
def generate
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
8
|
describe Puppet::Transaction do
|
16
9
|
include PuppetSpec::Files
|
17
10
|
include PuppetSpec::Compiler
|
@@ -27,6 +20,19 @@ describe Puppet::Transaction do
|
|
27
20
|
transaction
|
28
21
|
end
|
29
22
|
|
23
|
+
before(:all) do
|
24
|
+
Puppet::Type.newtype(:transaction_generator) do
|
25
|
+
newparam(:name) { isnamevar }
|
26
|
+
|
27
|
+
def generate
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
after(:all) do
|
33
|
+
Puppet::Type.rmtype(:transaction_generator)
|
34
|
+
end
|
35
|
+
|
30
36
|
before do
|
31
37
|
@basepath = make_absolute("/what/ever")
|
32
38
|
@transaction = Puppet::Transaction.new(Puppet::Resource::Catalog.new, nil, Puppet::Graph::SequentialPrioritizer.new)
|
@@ -330,9 +336,9 @@ describe Puppet::Transaction do
|
|
330
336
|
describe "when generating resources before traversal" do
|
331
337
|
let(:catalog) { Puppet::Resource::Catalog.new }
|
332
338
|
let(:transaction) { Puppet::Transaction.new(catalog, nil, Puppet::Graph::SequentialPrioritizer.new) }
|
333
|
-
let(:generator) { Puppet::Type.type(:
|
339
|
+
let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
|
334
340
|
let(:generated) do
|
335
|
-
%w[a b c].map { |name| Puppet::Type.type(:
|
341
|
+
%w[a b c].map { |name| Puppet::Type.type(:transaction_generator).new(:name => name) }
|
336
342
|
end
|
337
343
|
|
338
344
|
before :each do
|
@@ -673,7 +679,7 @@ describe Puppet::Transaction do
|
|
673
679
|
end
|
674
680
|
|
675
681
|
describe "and new resources are generated" do
|
676
|
-
let(:generator) { Puppet::Type.type(:
|
682
|
+
let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
|
677
683
|
let(:generated) do
|
678
684
|
%w[a b c].map { |name| Puppet::Type.type(:package).new :title => "foo", :name => name, :provider => :apt }
|
679
685
|
end
|
@@ -787,16 +793,8 @@ describe Puppet::Transaction do
|
|
787
793
|
end
|
788
794
|
|
789
795
|
it "should call Selinux.matchpathcon_fini in case Selinux is enabled ", :if => Puppet.features.posix? do
|
790
|
-
|
791
|
-
|
792
|
-
def self.is_selinux_enabled
|
793
|
-
true
|
794
|
-
end
|
795
|
-
|
796
|
-
def self.matchpathcon_fini
|
797
|
-
end
|
798
|
-
end
|
799
|
-
end
|
796
|
+
selinux = double('selinux', is_selinux_enabled: true, matchpathcon_fini: nil)
|
797
|
+
stub_const('Selinux', selinux)
|
800
798
|
|
801
799
|
resource = Puppet::Type.type(:file).new(:path => make_absolute("/tmp/foo"))
|
802
800
|
transaction = transaction_with_resource(resource)
|
data/spec/unit/type/exec_spec.rb
CHANGED
@@ -239,6 +239,19 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
239
239
|
expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
|
240
240
|
end
|
241
241
|
|
242
|
+
it "should be able to autorequire files mentioned in the array command" do
|
243
|
+
foo = make_absolute('/bin/foo')
|
244
|
+
catalog = Puppet::Resource::Catalog.new
|
245
|
+
tmp = Puppet::Type.type(:file).new(:name => foo)
|
246
|
+
execer = Puppet::Type.type(:exec).new(:name => 'test array', :command => [foo, 'bar'])
|
247
|
+
|
248
|
+
catalog.add_resource tmp
|
249
|
+
catalog.add_resource execer
|
250
|
+
dependencies = execer.autorequire(catalog)
|
251
|
+
|
252
|
+
expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
|
253
|
+
end
|
254
|
+
|
242
255
|
describe "when handling the path parameter" do
|
243
256
|
expect = %w{one two three four}
|
244
257
|
{ "an array" => expect,
|
@@ -346,7 +359,13 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
346
359
|
end
|
347
360
|
|
348
361
|
shared_examples_for "all exec command parameters" do |param|
|
349
|
-
|
362
|
+
array_cmd = ["/bin/example", "*"]
|
363
|
+
array_cmd = [["/bin/example", "*"]] if [:onlyif, :unless].include?(param)
|
364
|
+
|
365
|
+
commands = { "relative" => "example", "absolute" => "/bin/example" }
|
366
|
+
commands["array"] = array_cmd
|
367
|
+
|
368
|
+
commands.sort.each do |name, command|
|
350
369
|
describe "if command is #{name}" do
|
351
370
|
before :each do
|
352
371
|
@param = param
|
@@ -379,45 +398,44 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
379
398
|
end
|
380
399
|
|
381
400
|
shared_examples_for "all exec command parameters that take arrays" do |param|
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
401
|
+
[
|
402
|
+
%w{one two three},
|
403
|
+
[%w{one -a}, %w{two, -b}, 'three']
|
404
|
+
].each do |input|
|
405
|
+
context "when given #{input.inspect} as input" do
|
406
|
+
let(:resource) { Puppet::Type.type(:exec).new(:name => @executable) }
|
386
407
|
|
387
|
-
|
388
|
-
|
389
|
-
|
390
|
-
|
391
|
-
|
392
|
-
|
408
|
+
it "accepts the array when all commands return valid" do
|
409
|
+
input = %w{one two three}
|
410
|
+
allow(resource.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
|
411
|
+
resource[param] = input
|
412
|
+
expect(resource[param]).to eq(input)
|
413
|
+
end
|
393
414
|
|
394
|
-
|
395
|
-
|
396
|
-
|
397
|
-
|
398
|
-
|
415
|
+
it "rejects the array when any commands return invalid" do
|
416
|
+
input = %w{one two three}
|
417
|
+
allow(resource.provider).to receive(:validatecmd).with(input[0]).and_return(true)
|
418
|
+
allow(resource.provider).to receive(:validatecmd).with(input[1]).and_raise(Puppet::Error)
|
419
|
+
|
420
|
+
expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
|
399
421
|
end
|
400
|
-
@test[param] = input
|
401
|
-
expect(@test[param]).to eq(input)
|
402
|
-
end
|
403
422
|
|
404
|
-
|
405
|
-
|
406
|
-
|
407
|
-
|
408
|
-
|
423
|
+
it "stops at the first invalid command" do
|
424
|
+
input = %w{one two three}
|
425
|
+
allow(resource.provider).to receive(:validatecmd).with(input[0]).and_raise(Puppet::Error)
|
426
|
+
|
427
|
+
expect(resource.provider).not_to receive(:validatecmd).with(input[1])
|
428
|
+
expect(resource.provider).not_to receive(:validatecmd).with(input[2])
|
429
|
+
expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
|
430
|
+
end
|
409
431
|
end
|
410
432
|
end
|
411
433
|
end
|
412
434
|
|
413
435
|
describe "when setting command" do
|
414
436
|
subject { described_class.new(:name => @command) }
|
415
|
-
it "fails when passed an Array" do
|
416
|
-
expect { subject[:command] = [] }.to raise_error Puppet::Error, /Command must be a String/
|
417
|
-
end
|
418
|
-
|
419
437
|
it "fails when passed a Hash" do
|
420
|
-
expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String
|
438
|
+
expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String or Array<String>/
|
421
439
|
end
|
422
440
|
end
|
423
441
|
|
@@ -759,6 +777,35 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
759
777
|
end
|
760
778
|
end
|
761
779
|
|
780
|
+
context 'with an array of arrays with multiple items' do
|
781
|
+
before do
|
782
|
+
[true, false].each do |check|
|
783
|
+
allow(@test.provider).to receive(:run).with([@pass, '--flag'], check).
|
784
|
+
and_return(['test output', @pass_status])
|
785
|
+
allow(@test.provider).to receive(:run).with([@fail, '--flag'], check).
|
786
|
+
and_return(['test output', @fail_status])
|
787
|
+
allow(@test.provider).to receive(:run).with([@pass], check).
|
788
|
+
and_return(['test output', @pass_status])
|
789
|
+
allow(@test.provider).to receive(:run).with([@fail], check).
|
790
|
+
and_return(['test output', @fail_status])
|
791
|
+
end
|
792
|
+
end
|
793
|
+
it "runs if all the commands exits non-zero" do
|
794
|
+
@test[param] = [[@fail, '--flag'], [@fail], [@fail, '--flag']]
|
795
|
+
expect(@test.check_all_attributes).to eq(true)
|
796
|
+
end
|
797
|
+
|
798
|
+
it "does not run if one command exits zero" do
|
799
|
+
@test[param] = [[@pass, '--flag'], [@pass], [@fail, '--flag']]
|
800
|
+
expect(@test.check_all_attributes).to eq(false)
|
801
|
+
end
|
802
|
+
|
803
|
+
it "does not run if all command exits zero" do
|
804
|
+
@test[param] = [[@pass, '--flag'], [@pass], [@pass, '--flag']]
|
805
|
+
expect(@test.check_all_attributes).to eq(false)
|
806
|
+
end
|
807
|
+
end
|
808
|
+
|
762
809
|
it "should emit output to debug" do
|
763
810
|
Puppet::Util::Log.level = :debug
|
764
811
|
@test[param] = @fail
|