puppet 6.21.1-x64-mingw32 → 6.22.1-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/Gemfile.lock +24 -18
- data/ext/project_data.yaml +2 -2
- data/lib/puppet/application/ssl.rb +11 -0
- data/lib/puppet/defaults.rb +22 -2
- data/lib/puppet/environments.rb +16 -1
- data/lib/puppet/face/facts.rb +128 -30
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +2 -0
- data/lib/puppet/functions/partition.rb +8 -0
- data/lib/puppet/indirector/facts/facter.rb +24 -3
- data/lib/puppet/network/formats.rb +67 -0
- data/lib/puppet/network/http/factory.rb +4 -0
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/service/systemd.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +1 -1
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/util/fact_dif.rb +36 -17
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/api_types.rb +1 -1
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +139 -87
- data/man/man5/puppet.conf.5 +11 -3
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +60 -2
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/spec_helper.rb +11 -1
- data/spec/unit/application/facts_spec.rb +482 -3
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/defaults_spec.rb +16 -0
- data/spec/unit/environments_spec.rb +164 -88
- data/spec/unit/face/facts_spec.rb +4 -0
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/indirector/facts/facter_spec.rb +95 -0
- data/spec/unit/network/formats_spec.rb +41 -0
- data/spec/unit/network/http/factory_spec.rb +19 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
- data/spec/unit/provider/service/systemd_spec.rb +11 -0
- data/spec/unit/provider/user/useradd_spec.rb +18 -3
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- metadata +12 -8
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
@@ -534,4 +534,45 @@ EOT
|
|
534
534
|
end
|
535
535
|
end
|
536
536
|
end
|
537
|
+
|
538
|
+
describe ":flat format" do
|
539
|
+
let(:flat) { Puppet::Network::FormatHandler.format(:flat) }
|
540
|
+
|
541
|
+
it "should include a flat format" do
|
542
|
+
expect(flat).to be_an_instance_of Puppet::Network::Format
|
543
|
+
end
|
544
|
+
|
545
|
+
[:intern, :intern_multiple].each do |method|
|
546
|
+
it "should not implement #{method}" do
|
547
|
+
expect { flat.send(method, String, 'blah') }.to raise_error NotImplementedError
|
548
|
+
end
|
549
|
+
end
|
550
|
+
|
551
|
+
context "when rendering arrays" do
|
552
|
+
{
|
553
|
+
[] => "",
|
554
|
+
[1, 2] => "0=1\n1=2\n",
|
555
|
+
["one"] => "0=one\n",
|
556
|
+
[{"one" => 1}, {"two" => 2}] => "0.one=1\n1.two=2\n",
|
557
|
+
[['something', 'for'], ['the', 'test']] => "0=[\"something\", \"for\"]\n1=[\"the\", \"test\"]\n"
|
558
|
+
}.each_pair do |input, output|
|
559
|
+
it "should render #{input.inspect} as one item per line" do
|
560
|
+
expect(flat.render(input)).to eq(output)
|
561
|
+
end
|
562
|
+
end
|
563
|
+
end
|
564
|
+
|
565
|
+
context "when rendering hashes" do
|
566
|
+
{
|
567
|
+
{} => "",
|
568
|
+
{1 => 2} => "1=2\n",
|
569
|
+
{"one" => "two"} => "one=two\n",
|
570
|
+
{[1,2] => 3, [2,3] => 5, [3,4] => 7} => "[1, 2]=3\n[2, 3]=5\n[3, 4]=7\n",
|
571
|
+
}.each_pair do |input, output|
|
572
|
+
it "should render #{input.inspect}" do
|
573
|
+
expect(flat.render(input)).to eq(output)
|
574
|
+
end
|
575
|
+
end
|
576
|
+
end
|
577
|
+
end
|
537
578
|
end
|
@@ -144,4 +144,23 @@ describe Puppet::Network::HTTP::Factory do
|
|
144
144
|
expect(conn.local_host).to eq('127.0.0.1')
|
145
145
|
end
|
146
146
|
end
|
147
|
+
|
148
|
+
context 'tls' do
|
149
|
+
it "sets the minimum version to TLS 1.0", if: RUBY_VERSION.to_f >= 2.5 do
|
150
|
+
conn = create_connection(site)
|
151
|
+
expect(conn.min_version).to eq(OpenSSL::SSL::TLS1_VERSION)
|
152
|
+
end
|
153
|
+
|
154
|
+
it "defaults to ciphersuites providing 128 bits of security or greater" do
|
155
|
+
conn = create_connection(site)
|
156
|
+
expect(conn.ciphers).to eq("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256")
|
157
|
+
end
|
158
|
+
|
159
|
+
it "can be restricted to TLSv1.3 ciphers" do
|
160
|
+
tls13_ciphers = "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
|
161
|
+
Puppet[:ciphers] = tls13_ciphers
|
162
|
+
conn = create_connection(site)
|
163
|
+
expect(conn.ciphers).to eq(tls13_ciphers)
|
164
|
+
end
|
165
|
+
end
|
147
166
|
end
|
@@ -123,7 +123,7 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
|
|
123
123
|
provider.install
|
124
124
|
end
|
125
125
|
|
126
|
-
it "should just enable the module if it has no default profile" do
|
126
|
+
it "should just enable the module if it has no default profile(missing groups or modules)" do
|
127
127
|
dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nmissing groups or modules: #{resource[:name]}")
|
128
128
|
allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
|
129
129
|
resource[:ensure] = :present
|
@@ -132,6 +132,15 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
|
|
132
132
|
provider.install
|
133
133
|
end
|
134
134
|
|
135
|
+
it "should just enable the module if it has no default profile(broken groups or modules)" do
|
136
|
+
dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nbroken groups or modules: #{resource[:name]}")
|
137
|
+
allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
|
138
|
+
resource[:ensure] = :present
|
139
|
+
expect(provider).to receive(:execute).with(array_including('install')).ordered
|
140
|
+
expect(provider).to receive(:execute).with(array_including('enable')).ordered
|
141
|
+
provider.install
|
142
|
+
end
|
143
|
+
|
135
144
|
it "should just enable the module if enable_only = true" do
|
136
145
|
resource[:ensure] = :present
|
137
146
|
resource[:enable_only] = true
|
@@ -200,6 +200,17 @@ describe 'Puppet::Type::Service::Provider::Systemd',
|
|
200
200
|
})
|
201
201
|
end
|
202
202
|
|
203
|
+
it "correctly parses services when list-unit-files has an additional column" do
|
204
|
+
expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services_vendor_preset')))
|
205
|
+
expect(provider_class.instances.map(&:name)).to match_array(%w{
|
206
|
+
arp-ethers.service
|
207
|
+
auditd.service
|
208
|
+
dbus.service
|
209
|
+
umountnfs.service
|
210
|
+
urandom.service
|
211
|
+
})
|
212
|
+
end
|
213
|
+
|
203
214
|
it "should print a debug message when a service with the state `bad` is found" do
|
204
215
|
expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services')))
|
205
216
|
expect(Puppet).to receive(:debug).with("apparmor.service marked as bad by `systemctl`. It is recommended to be further checked.")
|
@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
|
|
375
375
|
before { described_class.has_feature :manages_local_users_and_groups }
|
376
376
|
|
377
377
|
let(:content) do
|
378
|
-
<<~EOF
|
378
|
+
StringIO.new(<<~EOF)
|
379
379
|
group1:x:0:myuser
|
380
380
|
group2:x:999:
|
381
381
|
group3:x:998:myuser
|
382
382
|
EOF
|
383
383
|
end
|
384
384
|
|
385
|
+
let(:content_with_empty_line) do
|
386
|
+
StringIO.new(<<~EOF)
|
387
|
+
group1:x:0:myuser
|
388
|
+
group2:x:999:
|
389
|
+
group3:x:998:myuser
|
390
|
+
|
391
|
+
EOF
|
392
|
+
end
|
393
|
+
|
385
394
|
it "should return the local groups string when forcelocal is true" do
|
386
395
|
resource[:forcelocal] = true
|
387
|
-
group1, group2, group3 = content.split
|
388
396
|
allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
|
389
|
-
allow(
|
397
|
+
allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
|
390
398
|
expect(provider.groups).to eq(['group1', 'group3'])
|
391
399
|
end
|
392
400
|
|
401
|
+
it "does not raise when parsing empty lines in /etc/group" do
|
402
|
+
resource[:forcelocal] = true
|
403
|
+
allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
|
404
|
+
allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
|
405
|
+
expect { provider.groups }.not_to raise_error
|
406
|
+
end
|
407
|
+
|
393
408
|
it "should fall back to nameservice groups when forcelocal is false" do
|
394
409
|
resource[:forcelocal] = false
|
395
410
|
allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])
|
@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
|
|
205
205
|
end
|
206
206
|
|
207
207
|
it "should set itself as the catalog for each converted resource" do
|
208
|
-
@catalog.vertices.each { |v| expect(v.catalog.object_id).to
|
208
|
+
@catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
|
209
209
|
end
|
210
210
|
|
211
211
|
# This tests #931.
|
@@ -158,6 +158,12 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
|
|
158
158
|
# this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
|
159
159
|
expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
|
160
160
|
end
|
161
|
+
|
162
|
+
it "should print a debug message on failures" do
|
163
|
+
expect(Puppet).to receive(:debug).with(/Could not retrieve raw SID bytes from 'NonExistingUser'/)
|
164
|
+
expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
165
|
+
subject.name_to_principal('NonExistingUser')
|
166
|
+
end
|
161
167
|
end
|
162
168
|
|
163
169
|
context "#ads_to_principal" do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.22.1
|
5
5
|
platform: x64-mingw32
|
6
6
|
authors:
|
7
7
|
- Puppet Labs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: facter
|
@@ -186,16 +186,22 @@ dependencies:
|
|
186
186
|
name: win32-dir
|
187
187
|
requirement: !ruby/object:Gem::Requirement
|
188
188
|
requirements:
|
189
|
-
- -
|
189
|
+
- - ">="
|
190
190
|
- !ruby/object:Gem::Version
|
191
191
|
version: 0.4.9
|
192
|
+
- - "<="
|
193
|
+
- !ruby/object:Gem::Version
|
194
|
+
version: 0.7.2
|
192
195
|
type: :runtime
|
193
196
|
prerelease: false
|
194
197
|
version_requirements: !ruby/object:Gem::Requirement
|
195
198
|
requirements:
|
196
|
-
- -
|
199
|
+
- - ">="
|
197
200
|
- !ruby/object:Gem::Version
|
198
201
|
version: 0.4.9
|
202
|
+
- - "<="
|
203
|
+
- !ruby/object:Gem::Version
|
204
|
+
version: 0.7.2
|
199
205
|
- !ruby/object:Gem::Dependency
|
200
206
|
name: win32-process
|
201
207
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1877,6 +1883,7 @@ files:
|
|
1877
1883
|
- spec/fixtures/unit/provider/service/smf/svcs_fmri.out
|
1878
1884
|
- spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
|
1879
1885
|
- spec/fixtures/unit/provider/service/systemd/list_unit_files_services
|
1886
|
+
- spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
|
1880
1887
|
- spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
|
1881
1888
|
- spec/fixtures/unit/reports/tagmail/tagmail_email.conf
|
1882
1889
|
- spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
|
@@ -1965,10 +1972,8 @@ files:
|
|
1965
1972
|
- spec/integration/util/windows/user_spec.rb
|
1966
1973
|
- spec/integration/util_spec.rb
|
1967
1974
|
- spec/lib/matchers/containment_matchers.rb
|
1968
|
-
- spec/lib/matchers/include.rb
|
1969
1975
|
- spec/lib/matchers/include_in_order.rb
|
1970
1976
|
- spec/lib/matchers/include_in_order_spec.rb
|
1971
|
-
- spec/lib/matchers/include_spec.rb
|
1972
1977
|
- spec/lib/matchers/json.rb
|
1973
1978
|
- spec/lib/matchers/match_tokens2.rb
|
1974
1979
|
- spec/lib/matchers/relationship_graph_matchers.rb
|
@@ -3147,6 +3152,7 @@ test_files:
|
|
3147
3152
|
- spec/fixtures/unit/provider/service/smf/svcs_fmri.out
|
3148
3153
|
- spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
|
3149
3154
|
- spec/fixtures/unit/provider/service/systemd/list_unit_files_services
|
3155
|
+
- spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
|
3150
3156
|
- spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
|
3151
3157
|
- spec/fixtures/unit/reports/tagmail/tagmail_email.conf
|
3152
3158
|
- spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
|
@@ -3235,10 +3241,8 @@ test_files:
|
|
3235
3241
|
- spec/integration/util/windows/user_spec.rb
|
3236
3242
|
- spec/integration/util_spec.rb
|
3237
3243
|
- spec/lib/matchers/containment_matchers.rb
|
3238
|
-
- spec/lib/matchers/include.rb
|
3239
3244
|
- spec/lib/matchers/include_in_order.rb
|
3240
3245
|
- spec/lib/matchers/include_in_order_spec.rb
|
3241
|
-
- spec/lib/matchers/include_spec.rb
|
3242
3246
|
- spec/lib/matchers/json.rb
|
3243
3247
|
- spec/lib/matchers/match_tokens2.rb
|
3244
3248
|
- spec/lib/matchers/relationship_graph_matchers.rb
|
@@ -1,27 +0,0 @@
|
|
1
|
-
module Matchers; module Include
|
2
|
-
extend RSpec::Matchers::DSL
|
3
|
-
|
4
|
-
matcher :include_in_any_order do |*matchers|
|
5
|
-
match do |enumerable|
|
6
|
-
@not_matched = []
|
7
|
-
expected_as_array.each do |matcher|
|
8
|
-
if enumerable.empty?
|
9
|
-
break
|
10
|
-
end
|
11
|
-
|
12
|
-
if found = enumerable.find { |elem| matcher.matches?(elem) }
|
13
|
-
enumerable = enumerable.reject { |elem| elem == found }
|
14
|
-
else
|
15
|
-
@not_matched << matcher
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
|
20
|
-
@not_matched.empty? && enumerable.empty?
|
21
|
-
end
|
22
|
-
|
23
|
-
failure_message do |enumerable|
|
24
|
-
"did not match #{@not_matched.collect(&:description).join(', ')} in #{enumerable.inspect}: <#{@not_matched.collect(&:failure_message).join('>, <')}>"
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end; end
|
@@ -1,32 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'matchers/include'
|
3
|
-
|
4
|
-
describe "include matchers" do
|
5
|
-
include Matchers::Include
|
6
|
-
|
7
|
-
context :include_in_any_order do
|
8
|
-
it "matches an empty list" do
|
9
|
-
expect([]).to include_in_any_order()
|
10
|
-
end
|
11
|
-
|
12
|
-
it "matches a list with a single element" do
|
13
|
-
expect([1]).to include_in_any_order(eq(1))
|
14
|
-
end
|
15
|
-
|
16
|
-
it "does not match when an expected element is missing" do
|
17
|
-
expect([1]).to_not include_in_any_order(eq(2))
|
18
|
-
end
|
19
|
-
|
20
|
-
it "matches a list with 2 elements in a different order from the expectation" do
|
21
|
-
expect([1, 2]).to include_in_any_order(eq(2), eq(1))
|
22
|
-
end
|
23
|
-
|
24
|
-
it "does not match when there are more than just the expected elements" do
|
25
|
-
expect([1, 2]).to_not include_in_any_order(eq(1))
|
26
|
-
end
|
27
|
-
|
28
|
-
it "matches multiple, equal elements when there are multiple, equal exepectations" do
|
29
|
-
expect([1, 1]).to include_in_any_order(eq(1), eq(1))
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|