puppet 6.21.1-x64-mingw32 → 6.22.1-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (77) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Gemfile.lock +24 -18
  4. data/ext/project_data.yaml +2 -2
  5. data/lib/puppet/application/ssl.rb +11 -0
  6. data/lib/puppet/defaults.rb +22 -2
  7. data/lib/puppet/environments.rb +16 -1
  8. data/lib/puppet/face/facts.rb +128 -30
  9. data/lib/puppet/file_system/memory_file.rb +8 -1
  10. data/lib/puppet/file_system/windows.rb +2 -0
  11. data/lib/puppet/functions/partition.rb +8 -0
  12. data/lib/puppet/indirector/facts/facter.rb +24 -3
  13. data/lib/puppet/network/formats.rb +67 -0
  14. data/lib/puppet/network/http/factory.rb +4 -0
  15. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  16. data/lib/puppet/provider/service/systemd.rb +1 -1
  17. data/lib/puppet/provider/user/useradd.rb +1 -1
  18. data/lib/puppet/settings/environment_conf.rb +1 -0
  19. data/lib/puppet/util/fact_dif.rb +36 -17
  20. data/lib/puppet/util/monkey_patches.rb +7 -0
  21. data/lib/puppet/util/windows/adsi.rb +46 -0
  22. data/lib/puppet/util/windows/api_types.rb +1 -1
  23. data/lib/puppet/util/windows/principal.rb +9 -2
  24. data/lib/puppet/util/windows/sid.rb +4 -2
  25. data/lib/puppet/version.rb +1 -1
  26. data/locales/puppet.pot +139 -87
  27. data/man/man5/puppet.conf.5 +11 -3
  28. data/man/man8/puppet-agent.8 +1 -1
  29. data/man/man8/puppet-apply.8 +1 -1
  30. data/man/man8/puppet-catalog.8 +1 -1
  31. data/man/man8/puppet-config.8 +1 -1
  32. data/man/man8/puppet-describe.8 +1 -1
  33. data/man/man8/puppet-device.8 +1 -1
  34. data/man/man8/puppet-doc.8 +1 -1
  35. data/man/man8/puppet-epp.8 +1 -1
  36. data/man/man8/puppet-facts.8 +60 -2
  37. data/man/man8/puppet-filebucket.8 +1 -1
  38. data/man/man8/puppet-generate.8 +1 -1
  39. data/man/man8/puppet-help.8 +1 -1
  40. data/man/man8/puppet-key.8 +1 -1
  41. data/man/man8/puppet-lookup.8 +1 -1
  42. data/man/man8/puppet-man.8 +1 -1
  43. data/man/man8/puppet-module.8 +1 -1
  44. data/man/man8/puppet-node.8 +1 -1
  45. data/man/man8/puppet-parser.8 +1 -1
  46. data/man/man8/puppet-plugin.8 +1 -1
  47. data/man/man8/puppet-report.8 +1 -1
  48. data/man/man8/puppet-resource.8 +1 -1
  49. data/man/man8/puppet-script.8 +1 -1
  50. data/man/man8/puppet-ssl.8 +5 -1
  51. data/man/man8/puppet-status.8 +1 -1
  52. data/man/man8/puppet.8 +2 -2
  53. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  54. data/spec/integration/application/plugin_spec.rb +1 -1
  55. data/spec/integration/http/client_spec.rb +12 -0
  56. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  57. data/spec/integration/util/windows/adsi_spec.rb +18 -0
  58. data/spec/integration/util/windows/principal_spec.rb +21 -0
  59. data/spec/integration/util/windows/registry_spec.rb +6 -0
  60. data/spec/spec_helper.rb +11 -1
  61. data/spec/unit/application/facts_spec.rb +482 -3
  62. data/spec/unit/application/ssl_spec.rb +23 -0
  63. data/spec/unit/defaults_spec.rb +16 -0
  64. data/spec/unit/environments_spec.rb +164 -88
  65. data/spec/unit/face/facts_spec.rb +4 -0
  66. data/spec/unit/file_system_spec.rb +9 -0
  67. data/spec/unit/indirector/facts/facter_spec.rb +95 -0
  68. data/spec/unit/network/formats_spec.rb +41 -0
  69. data/spec/unit/network/http/factory_spec.rb +19 -0
  70. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  71. data/spec/unit/provider/service/systemd_spec.rb +11 -0
  72. data/spec/unit/provider/user/useradd_spec.rb +18 -3
  73. data/spec/unit/resource/catalog_spec.rb +1 -1
  74. data/spec/unit/util/windows/sid_spec.rb +6 -0
  75. metadata +12 -8
  76. data/spec/lib/matchers/include.rb +0 -27
  77. data/spec/lib/matchers/include_spec.rb +0 -32
@@ -534,4 +534,45 @@ EOT
534
534
  end
535
535
  end
536
536
  end
537
+
538
+ describe ":flat format" do
539
+ let(:flat) { Puppet::Network::FormatHandler.format(:flat) }
540
+
541
+ it "should include a flat format" do
542
+ expect(flat).to be_an_instance_of Puppet::Network::Format
543
+ end
544
+
545
+ [:intern, :intern_multiple].each do |method|
546
+ it "should not implement #{method}" do
547
+ expect { flat.send(method, String, 'blah') }.to raise_error NotImplementedError
548
+ end
549
+ end
550
+
551
+ context "when rendering arrays" do
552
+ {
553
+ [] => "",
554
+ [1, 2] => "0=1\n1=2\n",
555
+ ["one"] => "0=one\n",
556
+ [{"one" => 1}, {"two" => 2}] => "0.one=1\n1.two=2\n",
557
+ [['something', 'for'], ['the', 'test']] => "0=[\"something\", \"for\"]\n1=[\"the\", \"test\"]\n"
558
+ }.each_pair do |input, output|
559
+ it "should render #{input.inspect} as one item per line" do
560
+ expect(flat.render(input)).to eq(output)
561
+ end
562
+ end
563
+ end
564
+
565
+ context "when rendering hashes" do
566
+ {
567
+ {} => "",
568
+ {1 => 2} => "1=2\n",
569
+ {"one" => "two"} => "one=two\n",
570
+ {[1,2] => 3, [2,3] => 5, [3,4] => 7} => "[1, 2]=3\n[2, 3]=5\n[3, 4]=7\n",
571
+ }.each_pair do |input, output|
572
+ it "should render #{input.inspect}" do
573
+ expect(flat.render(input)).to eq(output)
574
+ end
575
+ end
576
+ end
577
+ end
537
578
  end
@@ -144,4 +144,23 @@ describe Puppet::Network::HTTP::Factory do
144
144
  expect(conn.local_host).to eq('127.0.0.1')
145
145
  end
146
146
  end
147
+
148
+ context 'tls' do
149
+ it "sets the minimum version to TLS 1.0", if: RUBY_VERSION.to_f >= 2.5 do
150
+ conn = create_connection(site)
151
+ expect(conn.min_version).to eq(OpenSSL::SSL::TLS1_VERSION)
152
+ end
153
+
154
+ it "defaults to ciphersuites providing 128 bits of security or greater" do
155
+ conn = create_connection(site)
156
+ expect(conn.ciphers).to eq("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256")
157
+ end
158
+
159
+ it "can be restricted to TLSv1.3 ciphers" do
160
+ tls13_ciphers = "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
161
+ Puppet[:ciphers] = tls13_ciphers
162
+ conn = create_connection(site)
163
+ expect(conn.ciphers).to eq(tls13_ciphers)
164
+ end
165
+ end
147
166
  end
@@ -123,7 +123,7 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
123
123
  provider.install
124
124
  end
125
125
 
126
- it "should just enable the module if it has no default profile" do
126
+ it "should just enable the module if it has no default profile(missing groups or modules)" do
127
127
  dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nmissing groups or modules: #{resource[:name]}")
128
128
  allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
129
129
  resource[:ensure] = :present
@@ -132,6 +132,15 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
132
132
  provider.install
133
133
  end
134
134
 
135
+ it "should just enable the module if it has no default profile(broken groups or modules)" do
136
+ dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nbroken groups or modules: #{resource[:name]}")
137
+ allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
138
+ resource[:ensure] = :present
139
+ expect(provider).to receive(:execute).with(array_including('install')).ordered
140
+ expect(provider).to receive(:execute).with(array_including('enable')).ordered
141
+ provider.install
142
+ end
143
+
135
144
  it "should just enable the module if enable_only = true" do
136
145
  resource[:ensure] = :present
137
146
  resource[:enable_only] = true
@@ -200,6 +200,17 @@ describe 'Puppet::Type::Service::Provider::Systemd',
200
200
  })
201
201
  end
202
202
 
203
+ it "correctly parses services when list-unit-files has an additional column" do
204
+ expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services_vendor_preset')))
205
+ expect(provider_class.instances.map(&:name)).to match_array(%w{
206
+ arp-ethers.service
207
+ auditd.service
208
+ dbus.service
209
+ umountnfs.service
210
+ urandom.service
211
+ })
212
+ end
213
+
203
214
  it "should print a debug message when a service with the state `bad` is found" do
204
215
  expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services')))
205
216
  expect(Puppet).to receive(:debug).with("apparmor.service marked as bad by `systemctl`. It is recommended to be further checked.")
@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
375
375
  before { described_class.has_feature :manages_local_users_and_groups }
376
376
 
377
377
  let(:content) do
378
- <<~EOF
378
+ StringIO.new(<<~EOF)
379
379
  group1:x:0:myuser
380
380
  group2:x:999:
381
381
  group3:x:998:myuser
382
382
  EOF
383
383
  end
384
384
 
385
+ let(:content_with_empty_line) do
386
+ StringIO.new(<<~EOF)
387
+ group1:x:0:myuser
388
+ group2:x:999:
389
+ group3:x:998:myuser
390
+
391
+ EOF
392
+ end
393
+
385
394
  it "should return the local groups string when forcelocal is true" do
386
395
  resource[:forcelocal] = true
387
- group1, group2, group3 = content.split
388
396
  allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
389
- allow(Puppet::FileSystem).to receive(:each_line).with('/etc/group').and_yield(group1).and_yield(group2).and_yield(group3)
397
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
390
398
  expect(provider.groups).to eq(['group1', 'group3'])
391
399
  end
392
400
 
401
+ it "does not raise when parsing empty lines in /etc/group" do
402
+ resource[:forcelocal] = true
403
+ allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
404
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
405
+ expect { provider.groups }.not_to raise_error
406
+ end
407
+
393
408
  it "should fall back to nameservice groups when forcelocal is false" do
394
409
  resource[:forcelocal] = false
395
410
  allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])
@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
205
205
  end
206
206
 
207
207
  it "should set itself as the catalog for each converted resource" do
208
- @catalog.vertices.each { |v| expect(v.catalog.object_id).to equal(@catalog.object_id) }
208
+ @catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
209
209
  end
210
210
 
211
211
  # This tests #931.
@@ -158,6 +158,12 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
158
158
  # this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
159
159
  expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
160
160
  end
161
+
162
+ it "should print a debug message on failures" do
163
+ expect(Puppet).to receive(:debug).with(/Could not retrieve raw SID bytes from 'NonExistingUser'/)
164
+ expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
165
+ subject.name_to_principal('NonExistingUser')
166
+ end
161
167
  end
162
168
 
163
169
  context "#ads_to_principal" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.21.1
4
+ version: 6.22.1
5
5
  platform: x64-mingw32
6
6
  authors:
7
7
  - Puppet Labs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-02-11 00:00:00.000000000 Z
11
+ date: 2021-04-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: facter
@@ -186,16 +186,22 @@ dependencies:
186
186
  name: win32-dir
187
187
  requirement: !ruby/object:Gem::Requirement
188
188
  requirements:
189
- - - '='
189
+ - - ">="
190
190
  - !ruby/object:Gem::Version
191
191
  version: 0.4.9
192
+ - - "<="
193
+ - !ruby/object:Gem::Version
194
+ version: 0.7.2
192
195
  type: :runtime
193
196
  prerelease: false
194
197
  version_requirements: !ruby/object:Gem::Requirement
195
198
  requirements:
196
- - - '='
199
+ - - ">="
197
200
  - !ruby/object:Gem::Version
198
201
  version: 0.4.9
202
+ - - "<="
203
+ - !ruby/object:Gem::Version
204
+ version: 0.7.2
199
205
  - !ruby/object:Gem::Dependency
200
206
  name: win32-process
201
207
  requirement: !ruby/object:Gem::Requirement
@@ -1877,6 +1883,7 @@ files:
1877
1883
  - spec/fixtures/unit/provider/service/smf/svcs_fmri.out
1878
1884
  - spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
1879
1885
  - spec/fixtures/unit/provider/service/systemd/list_unit_files_services
1886
+ - spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
1880
1887
  - spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
1881
1888
  - spec/fixtures/unit/reports/tagmail/tagmail_email.conf
1882
1889
  - spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
@@ -1965,10 +1972,8 @@ files:
1965
1972
  - spec/integration/util/windows/user_spec.rb
1966
1973
  - spec/integration/util_spec.rb
1967
1974
  - spec/lib/matchers/containment_matchers.rb
1968
- - spec/lib/matchers/include.rb
1969
1975
  - spec/lib/matchers/include_in_order.rb
1970
1976
  - spec/lib/matchers/include_in_order_spec.rb
1971
- - spec/lib/matchers/include_spec.rb
1972
1977
  - spec/lib/matchers/json.rb
1973
1978
  - spec/lib/matchers/match_tokens2.rb
1974
1979
  - spec/lib/matchers/relationship_graph_matchers.rb
@@ -3147,6 +3152,7 @@ test_files:
3147
3152
  - spec/fixtures/unit/provider/service/smf/svcs_fmri.out
3148
3153
  - spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
3149
3154
  - spec/fixtures/unit/provider/service/systemd/list_unit_files_services
3155
+ - spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
3150
3156
  - spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
3151
3157
  - spec/fixtures/unit/reports/tagmail/tagmail_email.conf
3152
3158
  - spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
@@ -3235,10 +3241,8 @@ test_files:
3235
3241
  - spec/integration/util/windows/user_spec.rb
3236
3242
  - spec/integration/util_spec.rb
3237
3243
  - spec/lib/matchers/containment_matchers.rb
3238
- - spec/lib/matchers/include.rb
3239
3244
  - spec/lib/matchers/include_in_order.rb
3240
3245
  - spec/lib/matchers/include_in_order_spec.rb
3241
- - spec/lib/matchers/include_spec.rb
3242
3246
  - spec/lib/matchers/json.rb
3243
3247
  - spec/lib/matchers/match_tokens2.rb
3244
3248
  - spec/lib/matchers/relationship_graph_matchers.rb
@@ -1,27 +0,0 @@
1
- module Matchers; module Include
2
- extend RSpec::Matchers::DSL
3
-
4
- matcher :include_in_any_order do |*matchers|
5
- match do |enumerable|
6
- @not_matched = []
7
- expected_as_array.each do |matcher|
8
- if enumerable.empty?
9
- break
10
- end
11
-
12
- if found = enumerable.find { |elem| matcher.matches?(elem) }
13
- enumerable = enumerable.reject { |elem| elem == found }
14
- else
15
- @not_matched << matcher
16
- end
17
- end
18
-
19
-
20
- @not_matched.empty? && enumerable.empty?
21
- end
22
-
23
- failure_message do |enumerable|
24
- "did not match #{@not_matched.collect(&:description).join(', ')} in #{enumerable.inspect}: <#{@not_matched.collect(&:failure_message).join('>, <')}>"
25
- end
26
- end
27
- end; end
@@ -1,32 +0,0 @@
1
- require 'spec_helper'
2
- require 'matchers/include'
3
-
4
- describe "include matchers" do
5
- include Matchers::Include
6
-
7
- context :include_in_any_order do
8
- it "matches an empty list" do
9
- expect([]).to include_in_any_order()
10
- end
11
-
12
- it "matches a list with a single element" do
13
- expect([1]).to include_in_any_order(eq(1))
14
- end
15
-
16
- it "does not match when an expected element is missing" do
17
- expect([1]).to_not include_in_any_order(eq(2))
18
- end
19
-
20
- it "matches a list with 2 elements in a different order from the expectation" do
21
- expect([1, 2]).to include_in_any_order(eq(2), eq(1))
22
- end
23
-
24
- it "does not match when there are more than just the expected elements" do
25
- expect([1, 2]).to_not include_in_any_order(eq(1))
26
- end
27
-
28
- it "matches multiple, equal elements when there are multiple, equal exepectations" do
29
- expect([1, 1]).to include_in_any_order(eq(1), eq(1))
30
- end
31
- end
32
- end