puppet 6.21.0-x86-mingw32 → 6.24.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (217) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +5 -5
  3. data/Gemfile +1 -1
  4. data/Gemfile.lock +29 -23
  5. data/README.md +4 -4
  6. data/ext/osx/puppet.plist +2 -0
  7. data/ext/project_data.yaml +3 -2
  8. data/lib/puppet.rb +3 -3
  9. data/lib/puppet/application/agent.rb +12 -5
  10. data/lib/puppet/application/apply.rb +2 -1
  11. data/lib/puppet/application/device.rb +2 -1
  12. data/lib/puppet/application/filebucket.rb +1 -0
  13. data/lib/puppet/application/resource.rb +17 -3
  14. data/lib/puppet/application/script.rb +2 -1
  15. data/lib/puppet/application/ssl.rb +12 -0
  16. data/lib/puppet/configurer/downloader.rb +2 -1
  17. data/lib/puppet/defaults.rb +27 -5
  18. data/lib/puppet/environments.rb +26 -1
  19. data/lib/puppet/face/facts.rb +128 -30
  20. data/lib/puppet/face/help/action.erb +1 -0
  21. data/lib/puppet/face/help/face.erb +1 -0
  22. data/lib/puppet/face/node/clean.rb +11 -0
  23. data/lib/puppet/file_serving/fileset.rb +14 -2
  24. data/lib/puppet/file_system/file_impl.rb +1 -1
  25. data/lib/puppet/file_system/memory_file.rb +8 -1
  26. data/lib/puppet/file_system/windows.rb +4 -2
  27. data/lib/puppet/forge.rb +3 -3
  28. data/lib/puppet/functions/all.rb +1 -1
  29. data/lib/puppet/functions/camelcase.rb +1 -1
  30. data/lib/puppet/functions/capitalize.rb +2 -2
  31. data/lib/puppet/functions/downcase.rb +2 -2
  32. data/lib/puppet/functions/empty.rb +8 -0
  33. data/lib/puppet/functions/get.rb +5 -5
  34. data/lib/puppet/functions/group_by.rb +13 -5
  35. data/lib/puppet/functions/lest.rb +1 -1
  36. data/lib/puppet/functions/new.rb +100 -100
  37. data/lib/puppet/functions/partition.rb +12 -4
  38. data/lib/puppet/functions/require.rb +5 -5
  39. data/lib/puppet/functions/sort.rb +3 -3
  40. data/lib/puppet/functions/strftime.rb +1 -0
  41. data/lib/puppet/functions/tree_each.rb +7 -9
  42. data/lib/puppet/functions/type.rb +4 -4
  43. data/lib/puppet/functions/unwrap.rb +17 -2
  44. data/lib/puppet/functions/upcase.rb +2 -2
  45. data/lib/puppet/http/resolver/server_list.rb +15 -4
  46. data/lib/puppet/http/service/compiler.rb +69 -0
  47. data/lib/puppet/http/service/file_server.rb +2 -1
  48. data/lib/puppet/indirector/catalog/compiler.rb +1 -0
  49. data/lib/puppet/indirector/facts/facter.rb +24 -3
  50. data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
  51. data/lib/puppet/indirector/resource/ral.rb +6 -1
  52. data/lib/puppet/interface/documentation.rb +1 -0
  53. data/lib/puppet/module_tool/applications/installer.rb +4 -0
  54. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  55. data/lib/puppet/network/formats.rb +67 -0
  56. data/lib/puppet/network/http/factory.rb +4 -0
  57. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  58. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  59. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  60. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  61. data/lib/puppet/provider/exec/posix.rb +16 -4
  62. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  63. data/lib/puppet/provider/package/nim.rb +11 -6
  64. data/lib/puppet/provider/package/pip.rb +15 -3
  65. data/lib/puppet/provider/parsedfile.rb +3 -0
  66. data/lib/puppet/provider/service/systemd.rb +14 -4
  67. data/lib/puppet/provider/service/windows.rb +38 -0
  68. data/lib/puppet/provider/user/directoryservice.rb +25 -12
  69. data/lib/puppet/provider/user/useradd.rb +9 -2
  70. data/lib/puppet/reference/configuration.rb +1 -1
  71. data/lib/puppet/settings.rb +30 -7
  72. data/lib/puppet/settings/environment_conf.rb +1 -0
  73. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  74. data/lib/puppet/type/exec.rb +16 -3
  75. data/lib/puppet/type/file.rb +19 -1
  76. data/lib/puppet/type/file/mode.rb +6 -0
  77. data/lib/puppet/type/file/selcontext.rb +1 -1
  78. data/lib/puppet/type/service.rb +18 -38
  79. data/lib/puppet/type/tidy.rb +22 -3
  80. data/lib/puppet/type/user.rb +38 -20
  81. data/lib/puppet/util/fact_dif.rb +36 -17
  82. data/lib/puppet/util/monkey_patches.rb +7 -0
  83. data/lib/puppet/util/selinux.rb +30 -4
  84. data/lib/puppet/util/symbolic_file_mode.rb +29 -17
  85. data/lib/puppet/util/windows/adsi.rb +46 -0
  86. data/lib/puppet/util/windows/api_types.rb +1 -1
  87. data/lib/puppet/util/windows/principal.rb +9 -2
  88. data/lib/puppet/util/windows/sid.rb +6 -2
  89. data/lib/puppet/version.rb +1 -1
  90. data/locales/puppet.pot +360 -280
  91. data/man/man5/puppet.conf.5 +279 -251
  92. data/man/man8/puppet-agent.8 +1 -1
  93. data/man/man8/puppet-apply.8 +1 -1
  94. data/man/man8/puppet-catalog.8 +9 -9
  95. data/man/man8/puppet-config.8 +1 -1
  96. data/man/man8/puppet-describe.8 +1 -1
  97. data/man/man8/puppet-device.8 +1 -1
  98. data/man/man8/puppet-doc.8 +1 -1
  99. data/man/man8/puppet-epp.8 +1 -1
  100. data/man/man8/puppet-facts.8 +65 -7
  101. data/man/man8/puppet-filebucket.8 +1 -1
  102. data/man/man8/puppet-generate.8 +1 -1
  103. data/man/man8/puppet-help.8 +1 -1
  104. data/man/man8/puppet-key.8 +7 -7
  105. data/man/man8/puppet-lookup.8 +1 -1
  106. data/man/man8/puppet-man.8 +1 -1
  107. data/man/man8/puppet-module.8 +1 -1
  108. data/man/man8/puppet-node.8 +5 -5
  109. data/man/man8/puppet-parser.8 +1 -1
  110. data/man/man8/puppet-plugin.8 +1 -1
  111. data/man/man8/puppet-report.8 +5 -5
  112. data/man/man8/puppet-resource.8 +1 -1
  113. data/man/man8/puppet-script.8 +1 -1
  114. data/man/man8/puppet-ssl.8 +5 -1
  115. data/man/man8/puppet-status.8 +4 -4
  116. data/man/man8/puppet.8 +2 -2
  117. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  118. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  119. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  120. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  121. data/spec/fixtures/ssl/ca.pem +57 -35
  122. data/spec/fixtures/ssl/crl.pem +28 -18
  123. data/spec/fixtures/ssl/ec-key.pem +11 -11
  124. data/spec/fixtures/ssl/ec.pem +33 -24
  125. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  126. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  127. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  128. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  129. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  130. data/spec/fixtures/ssl/intermediate.pem +57 -36
  131. data/spec/fixtures/ssl/oid-key.pem +117 -0
  132. data/spec/fixtures/ssl/oid.pem +69 -0
  133. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  134. data/spec/fixtures/ssl/pluto.pem +52 -30
  135. data/spec/fixtures/ssl/request-key.pem +107 -57
  136. data/spec/fixtures/ssl/request.pem +47 -26
  137. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  138. data/spec/fixtures/ssl/revoked.pem +52 -30
  139. data/spec/fixtures/ssl/signed-key.pem +107 -57
  140. data/spec/fixtures/ssl/signed.pem +52 -30
  141. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  142. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  143. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  144. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  145. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  146. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  147. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  148. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  149. data/spec/integration/application/filebucket_spec.rb +11 -0
  150. data/spec/integration/application/module_spec.rb +21 -0
  151. data/spec/integration/application/plugin_spec.rb +1 -1
  152. data/spec/integration/application/resource_spec.rb +64 -0
  153. data/spec/integration/application/ssl_spec.rb +20 -0
  154. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  155. data/spec/integration/http/client_spec.rb +12 -0
  156. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  157. data/spec/integration/indirector/facts/facter_spec.rb +90 -36
  158. data/spec/integration/type/exec_spec.rb +70 -45
  159. data/spec/integration/util/windows/adsi_spec.rb +18 -0
  160. data/spec/integration/util/windows/principal_spec.rb +21 -0
  161. data/spec/integration/util/windows/registry_spec.rb +6 -0
  162. data/spec/lib/puppet/test_ca.rb +7 -2
  163. data/spec/lib/puppet_spec/settings.rb +1 -0
  164. data/spec/spec_helper.rb +11 -1
  165. data/spec/unit/application/agent_spec.rb +7 -2
  166. data/spec/unit/application/facts_spec.rb +482 -3
  167. data/spec/unit/application/ssl_spec.rb +23 -0
  168. data/spec/unit/configurer/downloader_spec.rb +6 -0
  169. data/spec/unit/configurer_spec.rb +23 -0
  170. data/spec/unit/defaults_spec.rb +16 -0
  171. data/spec/unit/environments_spec.rb +199 -88
  172. data/spec/unit/face/facts_spec.rb +4 -0
  173. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  174. data/spec/unit/file_system_spec.rb +15 -0
  175. data/spec/unit/functions/assert_type_spec.rb +1 -1
  176. data/spec/unit/functions/empty_spec.rb +10 -0
  177. data/spec/unit/functions/unwrap_spec.rb +8 -0
  178. data/spec/unit/functions4_spec.rb +2 -2
  179. data/spec/unit/gettext/config_spec.rb +12 -0
  180. data/spec/unit/http/service/compiler_spec.rb +123 -0
  181. data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
  182. data/spec/unit/indirector/facts/facter_spec.rb +95 -0
  183. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  184. data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
  185. data/spec/unit/network/formats_spec.rb +41 -0
  186. data/spec/unit/network/http/factory_spec.rb +19 -0
  187. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  188. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  189. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  190. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  191. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  192. data/spec/unit/provider/package/nim_spec.rb +42 -0
  193. data/spec/unit/provider/package/pip_spec.rb +37 -0
  194. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  195. data/spec/unit/provider/service/init_spec.rb +1 -0
  196. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  197. data/spec/unit/provider/service/systemd_spec.rb +53 -8
  198. data/spec/unit/provider/service/windows_spec.rb +202 -0
  199. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  200. data/spec/unit/provider/user/useradd_spec.rb +21 -6
  201. data/spec/unit/resource/catalog_spec.rb +1 -1
  202. data/spec/unit/settings_spec.rb +97 -56
  203. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  204. data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
  205. data/spec/unit/transaction_spec.rb +18 -20
  206. data/spec/unit/type/exec_spec.rb +76 -29
  207. data/spec/unit/type/file/selinux_spec.rb +3 -3
  208. data/spec/unit/type/file/source_spec.rb +4 -4
  209. data/spec/unit/type/service_spec.rb +59 -188
  210. data/spec/unit/type/tidy_spec.rb +24 -7
  211. data/spec/unit/type/user_spec.rb +45 -0
  212. data/spec/unit/util/selinux_spec.rb +87 -16
  213. data/spec/unit/util/windows/sid_spec.rb +41 -0
  214. data/tasks/generate_cert_fixtures.rake +12 -3
  215. metadata +24 -9
  216. data/spec/lib/matchers/include.rb +0 -27
  217. data/spec/lib/matchers/include_spec.rb +0 -32
@@ -360,14 +360,14 @@ describe Puppet::Type.type(:user).provider(:useradd) do
360
360
  resource[:forcelocal] = true
361
361
  allow(Puppet::FileSystem).to receive(:exist?).with('/etc/passwd').and_return(true)
362
362
  allow(Puppet::FileSystem).to receive(:each_line).with('/etc/passwd').and_yield(content)
363
- expect(provider.gid).to eq('999')
363
+ expect(provider.gid).to eq(999)
364
364
  end
365
365
 
366
366
  it "should fall back to nameservice GID when forcelocal is false" do
367
367
  resource[:forcelocal] = false
368
- allow(provider).to receive(:get).with(:gid).and_return('1234')
368
+ allow(provider).to receive(:get).with(:gid).and_return(1234)
369
369
  expect(provider).not_to receive(:localgid)
370
- expect(provider.gid).to eq('1234')
370
+ expect(provider.gid).to eq(1234)
371
371
  end
372
372
  end
373
373
 
@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
375
375
  before { described_class.has_feature :manages_local_users_and_groups }
376
376
 
377
377
  let(:content) do
378
- <<~EOF
378
+ StringIO.new(<<~EOF)
379
379
  group1:x:0:myuser
380
380
  group2:x:999:
381
381
  group3:x:998:myuser
382
382
  EOF
383
383
  end
384
384
 
385
+ let(:content_with_empty_line) do
386
+ StringIO.new(<<~EOF)
387
+ group1:x:0:myuser
388
+ group2:x:999:
389
+ group3:x:998:myuser
390
+
391
+ EOF
392
+ end
393
+
385
394
  it "should return the local groups string when forcelocal is true" do
386
395
  resource[:forcelocal] = true
387
- group1, group2, group3 = content.split
388
396
  allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
389
- allow(Puppet::FileSystem).to receive(:each_line).with('/etc/group').and_yield(group1).and_yield(group2).and_yield(group3)
397
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
390
398
  expect(provider.groups).to eq(['group1', 'group3'])
391
399
  end
392
400
 
401
+ it "does not raise when parsing empty lines in /etc/group" do
402
+ resource[:forcelocal] = true
403
+ allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
404
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
405
+ expect { provider.groups }.not_to raise_error
406
+ end
407
+
393
408
  it "should fall back to nameservice groups when forcelocal is false" do
394
409
  resource[:forcelocal] = false
395
410
  allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])
@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
205
205
  end
206
206
 
207
207
  it "should set itself as the catalog for each converted resource" do
208
- @catalog.vertices.each { |v| expect(v.catalog.object_id).to equal(@catalog.object_id) }
208
+ @catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
209
209
  end
210
210
 
211
211
  # This tests #931.
@@ -29,6 +29,17 @@ describe Puppet::Settings do
29
29
  end
30
30
  end
31
31
 
32
+ def stub_config_with(content)
33
+ allow(Puppet.features).to receive(:root?).and_return(false)
34
+ expect(Puppet::FileSystem).to receive(:exist?).
35
+ with(user_config_file_default_location).
36
+ and_return(true).ordered
37
+ expect(@settings).to receive(:read_file).
38
+ with(user_config_file_default_location).
39
+ and_return(content).ordered
40
+ @settings.send(:parse_config_files)
41
+ end
42
+
32
43
  describe "when specifying defaults" do
33
44
  before do
34
45
  @settings = Puppet::Settings.new
@@ -264,23 +275,31 @@ describe Puppet::Settings do
264
275
  expect(@settings[:myval]).to eq("")
265
276
  end
266
277
 
267
- it "should flag string settings from the CLI" do
278
+ it "should retrieve numeric settings from the CLI" do
268
279
  @settings.handlearg("--myval", "12")
269
- expect(@settings.set_by_cli?(:myval)).to be_truthy
280
+ expect(@settings.set_by_cli(:myval)).to eq(12)
281
+ expect(@settings.set_by_cli?(:myval)).to be true
270
282
  end
271
283
 
272
- it "should flag bool settings from the CLI" do
284
+ it "should retrieve string settings from the CLI" do
285
+ @settings.handlearg("--myval", "something")
286
+ expect(@settings.set_by_cli(:myval)).to eq("something")
287
+ expect(@settings.set_by_cli?(:myval)).to be true
288
+ end
289
+
290
+ it "should retrieve bool settings from the CLI" do
273
291
  @settings.handlearg("--bool")
274
- expect(@settings.set_by_cli?(:bool)).to be_truthy
292
+ expect(@settings.set_by_cli(:bool)).to be true
293
+ expect(@settings.set_by_cli?(:bool)).to be true
275
294
  end
276
295
 
277
- it "should not flag settings memory as from CLI" do
296
+ it "should not retrieve settings set in memory as from CLI" do
278
297
  @settings[:myval] = "12"
279
- expect(@settings.set_by_cli?(:myval)).to be_falsey
298
+ expect(@settings.set_by_cli?(:myval)).to be false
280
299
  end
281
300
 
282
301
  it "should find no configured settings by default" do
283
- expect(@settings.set_by_config?(:myval)).to be_falsey
302
+ expect(@settings.set_by_config?(:myval)).to be false
284
303
  end
285
304
 
286
305
  it "should identify configured settings in memory" do
@@ -304,64 +323,66 @@ describe Puppet::Settings do
304
323
  expect(@settings.set_by_config?(:manifest, Puppet[:environment])).to be_truthy
305
324
  end
306
325
 
307
- it "should identify configured settings from the preferred run mode" do
308
- user_config_text = "[#{@settings.preferred_run_mode}]\nmyval = foo"
326
+ context "when handling puppet.conf" do
327
+ describe "#set_by_config?" do
328
+ it "should identify configured settings from the preferred run mode" do
329
+ stub_config_with(<<~CONFIG)
330
+ [#{@settings.preferred_run_mode}]
331
+ myval = foo
332
+ CONFIG
309
333
 
310
- allow(Puppet.features).to receive(:root?).and_return(false)
311
- expect(Puppet::FileSystem).to receive(:exist?).
312
- with(user_config_file_default_location).
313
- and_return(true).ordered
314
- expect(@settings).to receive(:read_file).
315
- with(user_config_file_default_location).
316
- and_return(user_config_text).ordered
334
+ expect(@settings.set_by_config?(:myval)).to be_truthy
335
+ end
317
336
 
318
- @settings.send(:parse_config_files)
319
- expect(@settings.set_by_config?(:myval)).to be_truthy
320
- end
337
+ it "should identify configured settings from the specified run mode" do
338
+ stub_config_with(<<~CONFIG)
339
+ [server]
340
+ myval = foo
341
+ CONFIG
321
342
 
322
- it "should identify configured settings from the specified run mode" do
323
- user_config_text = "[server]\nmyval = foo"
343
+ expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
344
+ end
324
345
 
325
- allow(Puppet.features).to receive(:root?).and_return(false)
326
- expect(Puppet::FileSystem).to receive(:exist?).
327
- with(user_config_file_default_location).
328
- and_return(true).ordered
329
- expect(@settings).to receive(:read_file).
330
- with(user_config_file_default_location).
331
- and_return(user_config_text).ordered
346
+ it "should not identify configured settings from an unspecified run mode" do
347
+ stub_config_with(<<~CONFIG)
348
+ [zaz]
349
+ myval = foo
350
+ CONFIG
332
351
 
333
- @settings.send(:parse_config_files)
334
- expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
335
- end
352
+ expect(@settings.set_by_config?(:myval)).to be_falsey
353
+ end
336
354
 
337
- it "should not identify configured settings from an unspecified run mode" do
338
- user_config_text = "[zaz]\nmyval = foo"
355
+ it "should identify configured settings from the main section" do
356
+ stub_config_with(<<~CONFIG)
357
+ [main]
358
+ myval = foo
359
+ CONFIG
339
360
 
340
- allow(Puppet.features).to receive(:root?).and_return(false)
341
- expect(Puppet::FileSystem).to receive(:exist?).
342
- with(user_config_file_default_location).
343
- and_return(true).ordered
344
- expect(@settings).to receive(:read_file).
345
- with(user_config_file_default_location).
346
- and_return(user_config_text).ordered
361
+ expect(@settings.set_by_config?(:myval)).to be_truthy
362
+ end
363
+ end
347
364
 
348
- @settings.send(:parse_config_files)
349
- expect(@settings.set_by_config?(:myval)).to be_falsey
350
- end
365
+ describe "#set_in_section" do
366
+ it "should retrieve configured settings from the specified section" do
367
+ stub_config_with(<<~CONFIG)
368
+ [agent]
369
+ myval = foo
370
+ CONFIG
351
371
 
352
- it "should identify configured settings from the main section" do
353
- user_config_text = "[main]\nmyval = foo"
372
+ expect(@settings.set_in_section(:myval, :agent)).to eq("foo")
373
+ expect(@settings.set_in_section?(:myval, :agent)).to be true
374
+ end
354
375
 
355
- allow(Puppet.features).to receive(:root?).and_return(false)
356
- expect(Puppet::FileSystem).to receive(:exist?).
357
- with(user_config_file_default_location).
358
- and_return(true).ordered
359
- expect(@settings).to receive(:read_file).
360
- with(user_config_file_default_location).
361
- and_return(user_config_text).ordered
376
+ it "should not retrieve configured settings from a different section" do
377
+ stub_config_with(<<~CONFIG)
378
+ [main]
379
+ myval = foo
380
+ CONFIG
362
381
 
363
- @settings.send(:parse_config_files)
364
- expect(@settings.set_by_config?(:myval)).to be_truthy
382
+ expect(@settings.set_in_section(:myval, :agent)).to be nil
383
+ expect(@settings.set_in_section?(:myval, :agent)).to be false
384
+ end
385
+ end
365
386
  end
366
387
 
367
388
  it "should clear the cache when setting getopt-specific values" do
@@ -2120,7 +2141,7 @@ describe Puppet::Settings do
2120
2141
  end
2121
2142
 
2122
2143
  def a_user_type_for(username)
2123
- user = double('user')
2144
+ user = double('user', 'suitable?': true, to_s: "User[#{username}]")
2124
2145
  expect(Puppet::Type.type(:user)).to receive(:new).with(hash_including(name: username)).and_return(user)
2125
2146
  user
2126
2147
  end
@@ -2153,6 +2174,16 @@ describe Puppet::Settings do
2153
2174
 
2154
2175
  expect(settings).to be_service_user_available
2155
2176
  end
2177
+
2178
+ it "raises if the user is not suitable" do
2179
+ settings[:user] = "foo"
2180
+
2181
+ expect(a_user_type_for("foo")).to receive(:suitable?).and_return(false)
2182
+
2183
+ expect {
2184
+ settings.service_user_available?
2185
+ }.to raise_error(Puppet::Error, /Cannot manage owner permissions, because the provider for 'User\[foo\]' is not functional/)
2186
+ end
2156
2187
  end
2157
2188
 
2158
2189
  describe "when determining if the service group is available" do
@@ -2163,7 +2194,7 @@ describe Puppet::Settings do
2163
2194
  end
2164
2195
 
2165
2196
  def a_group_type_for(groupname)
2166
- group = double('group')
2197
+ group = double('group', 'suitable?': true, to_s: "Group[#{groupname}]")
2167
2198
  expect(Puppet::Type.type(:group)).to receive(:new).with(hash_including(name: groupname)).and_return(group)
2168
2199
  group
2169
2200
  end
@@ -2196,6 +2227,16 @@ describe Puppet::Settings do
2196
2227
 
2197
2228
  expect(settings).to be_service_group_available
2198
2229
  end
2230
+
2231
+ it "raises if the group is not suitable" do
2232
+ settings[:group] = "foo"
2233
+
2234
+ expect(a_group_type_for("foo")).to receive(:suitable?).and_return(false)
2235
+
2236
+ expect {
2237
+ settings.service_group_available?
2238
+ }.to raise_error(Puppet::Error, /Cannot manage group permissions, because the provider for 'Group\[foo\]' is not functional/)
2239
+ end
2199
2240
  end
2200
2241
 
2201
2242
  describe "when dealing with command-line options" do
@@ -31,6 +31,14 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
31
31
  allow(Kernel).to receive(:sleep)
32
32
  end
33
33
 
34
+ def expected_digest(name, content)
35
+ OpenSSL::Digest.new(name).hexdigest(content)
36
+ end
37
+
38
+ def to_fingerprint(digest)
39
+ digest.scan(/../).join(':').upcase
40
+ end
41
+
34
42
  context 'when passing keyword arguments' do
35
43
  it "accepts digest" do
36
44
  expect(described_class.new(digest: 'SHA512').digest).to eq('SHA512')
@@ -395,29 +403,35 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
395
403
 
396
404
  it 'verifies CA cert bundle if a ca_fingerprint is given case-insensitively' do
397
405
  Puppet[:log_level] = :info
398
- machine = described_class.new(digest: 'SHA256', ca_fingerprint: 'caacf69bbbcdad9dbcda92dd2da3608b639d1aea4c314d6cc6823cdb32d8e0f8')
406
+
407
+ digest = expected_digest('SHA256', cacert_pem)
408
+ fingerprint = to_fingerprint(digest)
409
+ machine = described_class.new(digest: 'SHA256', ca_fingerprint: digest.downcase)
399
410
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
400
411
  state.next_state
401
412
 
402
- expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256) CA:AC:F6:9B:BB:CD:AD:9D:BC:DA:92:DD:2D:A3:60:8B:63:9D:1A:EA:4C:31:4D:6C:C6:82:3C:DB:32:D8:E0:F8"))
413
+ expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256) #{fingerprint}"))
403
414
  end
404
415
 
405
416
  it 'verifies CA cert bundle using non-default fingerprint' do
406
417
  Puppet[:log_level] = :info
407
- machine = described_class.new(digest: 'SHA512', ca_fingerprint: '3c9d1482b878913ad95c9631feac5090cb05c6eab9496178d6fd5c14a023da3b1a8650a3cbaac516d9a48caf0b0742e1ed7eebf55105c024c74834a45056a9d9')
418
+
419
+ digest = expected_digest('SHA512', cacert_pem)
420
+ machine = described_class.new(digest: 'SHA512', ca_fingerprint: digest)
408
421
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
409
422
  state.next_state
410
423
 
411
- expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512) 3C:9D:14:82:B8:78:91:3A:D9:5C:96:31:FE:AC:50:90:CB:05:C6:EA:B9:49:61:78:D6:FD:5C:14:A0:23:DA:3B:1A:86:50:A3:CB:AA:C5:16:D9:A4:8C:AF:0B:07:42:E1:ED:7E:EB:F5:51:05:C0:24:C7:48:34:A4:50:56:A9:D9"))
424
+ expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512) #{to_fingerprint(digest)}"))
412
425
  end
413
426
 
414
427
  it 'returns an error if verification fails' do
415
428
  machine = described_class.new(digest: 'SHA256', ca_fingerprint: 'wrong!')
416
429
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
417
430
 
431
+ fingerprint = to_fingerprint(expected_digest('SHA256', cacert_pem))
418
432
  st = state.next_state
419
433
  expect(st).to be_an_instance_of(Puppet::SSL::StateMachine::Error)
420
- expect(st.message).to eq("CA bundle with digest (SHA256) CA:AC:F6:9B:BB:CD:AD:9D:BC:DA:92:DD:2D:A3:60:8B:63:9D:1A:EA:4C:31:4D:6C:C6:82:3C:DB:32:D8:E0:F8 did not match expected digest WR:ON:G!")
434
+ expect(st.message).to eq("CA bundle with digest (SHA256) #{fingerprint} did not match expected digest WR:ON:G!")
421
435
  end
422
436
  end
423
437
  end
@@ -93,8 +93,6 @@ describe Puppet::Transaction::AdditionalResourceGenerator do
93
93
  end
94
94
  end
95
95
 
96
-
97
-
98
96
  after(:each) do
99
97
  Puppet::Type.rmtype(:gen_empty)
100
98
  Puppet::Type.rmtype(:eval_after)
@@ -5,13 +5,6 @@ require 'puppet_spec/compiler'
5
5
  require 'puppet/transaction'
6
6
  require 'fileutils'
7
7
 
8
- Puppet::Type.newtype(:generator) do
9
- newparam(:name) { isnamevar }
10
-
11
- def generate
12
- end
13
- end
14
-
15
8
  describe Puppet::Transaction do
16
9
  include PuppetSpec::Files
17
10
  include PuppetSpec::Compiler
@@ -27,6 +20,19 @@ describe Puppet::Transaction do
27
20
  transaction
28
21
  end
29
22
 
23
+ before(:all) do
24
+ Puppet::Type.newtype(:transaction_generator) do
25
+ newparam(:name) { isnamevar }
26
+
27
+ def generate
28
+ end
29
+ end
30
+ end
31
+
32
+ after(:all) do
33
+ Puppet::Type.rmtype(:transaction_generator)
34
+ end
35
+
30
36
  before do
31
37
  @basepath = make_absolute("/what/ever")
32
38
  @transaction = Puppet::Transaction.new(Puppet::Resource::Catalog.new, nil, Puppet::Graph::SequentialPrioritizer.new)
@@ -330,9 +336,9 @@ describe Puppet::Transaction do
330
336
  describe "when generating resources before traversal" do
331
337
  let(:catalog) { Puppet::Resource::Catalog.new }
332
338
  let(:transaction) { Puppet::Transaction.new(catalog, nil, Puppet::Graph::SequentialPrioritizer.new) }
333
- let(:generator) { Puppet::Type.type(:generator).new :title => "generator" }
339
+ let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
334
340
  let(:generated) do
335
- %w[a b c].map { |name| Puppet::Type.type(:generator).new(:name => name) }
341
+ %w[a b c].map { |name| Puppet::Type.type(:transaction_generator).new(:name => name) }
336
342
  end
337
343
 
338
344
  before :each do
@@ -673,7 +679,7 @@ describe Puppet::Transaction do
673
679
  end
674
680
 
675
681
  describe "and new resources are generated" do
676
- let(:generator) { Puppet::Type.type(:generator).new :title => "generator" }
682
+ let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
677
683
  let(:generated) do
678
684
  %w[a b c].map { |name| Puppet::Type.type(:package).new :title => "foo", :name => name, :provider => :apt }
679
685
  end
@@ -787,16 +793,8 @@ describe Puppet::Transaction do
787
793
  end
788
794
 
789
795
  it "should call Selinux.matchpathcon_fini in case Selinux is enabled ", :if => Puppet.features.posix? do
790
- unless defined?(Selinux)
791
- module Selinux
792
- def self.is_selinux_enabled
793
- true
794
- end
795
-
796
- def self.matchpathcon_fini
797
- end
798
- end
799
- end
796
+ selinux = double('selinux', is_selinux_enabled: true, matchpathcon_fini: nil)
797
+ stub_const('Selinux', selinux)
800
798
 
801
799
  resource = Puppet::Type.type(:file).new(:path => make_absolute("/tmp/foo"))
802
800
  transaction = transaction_with_resource(resource)
@@ -239,6 +239,19 @@ RSpec.describe Puppet::Type.type(:exec) do
239
239
  expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
240
240
  end
241
241
 
242
+ it "should be able to autorequire files mentioned in the array command" do
243
+ foo = make_absolute('/bin/foo')
244
+ catalog = Puppet::Resource::Catalog.new
245
+ tmp = Puppet::Type.type(:file).new(:name => foo)
246
+ execer = Puppet::Type.type(:exec).new(:name => 'test array', :command => [foo, 'bar'])
247
+
248
+ catalog.add_resource tmp
249
+ catalog.add_resource execer
250
+ dependencies = execer.autorequire(catalog)
251
+
252
+ expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
253
+ end
254
+
242
255
  describe "when handling the path parameter" do
243
256
  expect = %w{one two three four}
244
257
  { "an array" => expect,
@@ -346,7 +359,13 @@ RSpec.describe Puppet::Type.type(:exec) do
346
359
  end
347
360
 
348
361
  shared_examples_for "all exec command parameters" do |param|
349
- { "relative" => "example", "absolute" => "/bin/example" }.sort.each do |name, command|
362
+ array_cmd = ["/bin/example", "*"]
363
+ array_cmd = [["/bin/example", "*"]] if [:onlyif, :unless].include?(param)
364
+
365
+ commands = { "relative" => "example", "absolute" => "/bin/example" }
366
+ commands["array"] = array_cmd
367
+
368
+ commands.sort.each do |name, command|
350
369
  describe "if command is #{name}" do
351
370
  before :each do
352
371
  @param = param
@@ -379,45 +398,44 @@ RSpec.describe Puppet::Type.type(:exec) do
379
398
  end
380
399
 
381
400
  shared_examples_for "all exec command parameters that take arrays" do |param|
382
- describe "when given an array of inputs" do
383
- before :each do
384
- @test = Puppet::Type.type(:exec).new(:name => @executable)
385
- end
401
+ [
402
+ %w{one two three},
403
+ [%w{one -a}, %w{two, -b}, 'three']
404
+ ].each do |input|
405
+ context "when given #{input.inspect} as input" do
406
+ let(:resource) { Puppet::Type.type(:exec).new(:name => @executable) }
386
407
 
387
- it "should accept the array when all commands return valid" do
388
- input = %w{one two three}
389
- expect(@test.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
390
- @test[param] = input
391
- expect(@test[param]).to eq(input)
392
- end
408
+ it "accepts the array when all commands return valid" do
409
+ input = %w{one two three}
410
+ allow(resource.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
411
+ resource[param] = input
412
+ expect(resource[param]).to eq(input)
413
+ end
393
414
 
394
- it "should reject the array when any commands return invalid" do
395
- input = %w{one two three}
396
- expect(@test.provider).to receive(:validatecmd).with(input.first).and_return(false)
397
- input[1..-1].each do |cmd|
398
- expect(@test.provider).to receive(:validatecmd).with(cmd).and_return(true)
415
+ it "rejects the array when any commands return invalid" do
416
+ input = %w{one two three}
417
+ allow(resource.provider).to receive(:validatecmd).with(input[0]).and_return(true)
418
+ allow(resource.provider).to receive(:validatecmd).with(input[1]).and_raise(Puppet::Error)
419
+
420
+ expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
399
421
  end
400
- @test[param] = input
401
- expect(@test[param]).to eq(input)
402
- end
403
422
 
404
- it "should reject the array when all commands return invalid" do
405
- input = %w{one two three}
406
- expect(@test.provider).to receive(:validatecmd).exactly(input.length).times.and_return(false)
407
- @test[param] = input
408
- expect(@test[param]).to eq(input)
423
+ it "stops at the first invalid command" do
424
+ input = %w{one two three}
425
+ allow(resource.provider).to receive(:validatecmd).with(input[0]).and_raise(Puppet::Error)
426
+
427
+ expect(resource.provider).not_to receive(:validatecmd).with(input[1])
428
+ expect(resource.provider).not_to receive(:validatecmd).with(input[2])
429
+ expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
430
+ end
409
431
  end
410
432
  end
411
433
  end
412
434
 
413
435
  describe "when setting command" do
414
436
  subject { described_class.new(:name => @command) }
415
- it "fails when passed an Array" do
416
- expect { subject[:command] = [] }.to raise_error Puppet::Error, /Command must be a String/
417
- end
418
-
419
437
  it "fails when passed a Hash" do
420
- expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String/
438
+ expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String or Array<String>/
421
439
  end
422
440
  end
423
441
 
@@ -759,6 +777,35 @@ RSpec.describe Puppet::Type.type(:exec) do
759
777
  end
760
778
  end
761
779
 
780
+ context 'with an array of arrays with multiple items' do
781
+ before do
782
+ [true, false].each do |check|
783
+ allow(@test.provider).to receive(:run).with([@pass, '--flag'], check).
784
+ and_return(['test output', @pass_status])
785
+ allow(@test.provider).to receive(:run).with([@fail, '--flag'], check).
786
+ and_return(['test output', @fail_status])
787
+ allow(@test.provider).to receive(:run).with([@pass], check).
788
+ and_return(['test output', @pass_status])
789
+ allow(@test.provider).to receive(:run).with([@fail], check).
790
+ and_return(['test output', @fail_status])
791
+ end
792
+ end
793
+ it "runs if all the commands exits non-zero" do
794
+ @test[param] = [[@fail, '--flag'], [@fail], [@fail, '--flag']]
795
+ expect(@test.check_all_attributes).to eq(true)
796
+ end
797
+
798
+ it "does not run if one command exits zero" do
799
+ @test[param] = [[@pass, '--flag'], [@pass], [@fail, '--flag']]
800
+ expect(@test.check_all_attributes).to eq(false)
801
+ end
802
+
803
+ it "does not run if all command exits zero" do
804
+ @test[param] = [[@pass, '--flag'], [@pass], [@pass, '--flag']]
805
+ expect(@test.check_all_attributes).to eq(false)
806
+ end
807
+ end
808
+
762
809
  it "should emit output to debug" do
763
810
  Puppet::Util::Log.level = :debug
764
811
  @test[param] = @fail