puppet 6.21.1-x64-mingw32 → 7.4.1-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (402) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -4
  3. data/Gemfile.lock +5 -5
  4. data/README.md +1 -1
  5. data/conf/fileserver.conf +5 -10
  6. data/ext/build_defaults.yaml +1 -2
  7. data/ext/osx/file_mapping.yaml +0 -5
  8. data/ext/project_data.yaml +2 -14
  9. data/ext/redhat/puppet.spec.erb +0 -1
  10. data/ext/windows/service/daemon.rb +6 -5
  11. data/install.rb +21 -17
  12. data/lib/puppet.rb +11 -20
  13. data/lib/puppet/application.rb +172 -98
  14. data/lib/puppet/application/device.rb +100 -104
  15. data/lib/puppet/application/filebucket.rb +13 -9
  16. data/lib/puppet/application/ssl.rb +1 -1
  17. data/lib/puppet/configurer.rb +27 -29
  18. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  19. data/lib/puppet/defaults.rb +57 -162
  20. data/lib/puppet/environments.rb +8 -23
  21. data/lib/puppet/face/facts.rb +73 -49
  22. data/lib/puppet/face/help.rb +1 -1
  23. data/lib/puppet/face/node/clean.rb +8 -0
  24. data/lib/puppet/face/plugin.rb +5 -8
  25. data/lib/puppet/ffi/windows.rb +12 -0
  26. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  27. data/lib/puppet/ffi/windows/constants.rb +404 -0
  28. data/lib/puppet/ffi/windows/functions.rb +628 -0
  29. data/lib/puppet/ffi/windows/structs.rb +338 -0
  30. data/lib/puppet/file_serving/configuration.rb +0 -5
  31. data/lib/puppet/file_serving/configuration/parser.rb +6 -32
  32. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  33. data/lib/puppet/file_serving/mount.rb +1 -2
  34. data/lib/puppet/forge/repository.rb +0 -1
  35. data/lib/puppet/generate/models/type/type.rb +4 -1
  36. data/lib/puppet/http.rb +22 -13
  37. data/lib/puppet/http/client.rb +164 -114
  38. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  39. data/lib/puppet/http/errors.rb +16 -0
  40. data/lib/puppet/http/external_client.rb +5 -7
  41. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  42. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  43. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  44. data/lib/puppet/http/proxy.rb +137 -0
  45. data/lib/puppet/http/redirector.rb +4 -12
  46. data/lib/puppet/http/resolver.rb +5 -15
  47. data/lib/puppet/http/resolver/server_list.rb +6 -10
  48. data/lib/puppet/http/resolver/settings.rb +4 -7
  49. data/lib/puppet/http/resolver/srv.rb +7 -11
  50. data/lib/puppet/http/response.rb +36 -54
  51. data/lib/puppet/http/response_converter.rb +24 -0
  52. data/lib/puppet/http/response_net_http.rb +42 -0
  53. data/lib/puppet/http/retry_after_handler.rb +4 -13
  54. data/lib/puppet/http/service.rb +12 -26
  55. data/lib/puppet/http/service/ca.rb +11 -22
  56. data/lib/puppet/http/service/compiler.rb +22 -69
  57. data/lib/puppet/http/service/file_server.rb +18 -27
  58. data/lib/puppet/http/service/puppetserver.rb +26 -12
  59. data/lib/puppet/http/service/report.rb +8 -10
  60. data/lib/puppet/http/session.rb +11 -20
  61. data/lib/puppet/{network/http → http}/site.rb +1 -2
  62. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  63. data/lib/puppet/indirector/facts/facter.rb +25 -3
  64. data/lib/puppet/indirector/facts/rest.rb +3 -22
  65. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  66. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  67. data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
  68. data/lib/puppet/indirector/file_server.rb +1 -8
  69. data/lib/puppet/indirector/generic_http.rb +0 -11
  70. data/lib/puppet/indirector/node/rest.rb +2 -4
  71. data/lib/puppet/indirector/report/rest.rb +3 -8
  72. data/lib/puppet/indirector/request.rb +0 -101
  73. data/lib/puppet/indirector/rest.rb +12 -263
  74. data/lib/puppet/module_tool/applications.rb +0 -1
  75. data/lib/puppet/network/authconfig.rb +2 -96
  76. data/lib/puppet/network/authorization.rb +13 -35
  77. data/lib/puppet/network/formats.rb +67 -0
  78. data/lib/puppet/network/http.rb +3 -3
  79. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  80. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  81. data/lib/puppet/network/http/connection.rb +247 -316
  82. data/lib/puppet/network/http/handler.rb +0 -1
  83. data/lib/puppet/network/http_pool.rb +16 -34
  84. data/lib/puppet/node.rb +1 -30
  85. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  86. data/lib/puppet/pal/pal_impl.rb +3 -1
  87. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  88. data/lib/puppet/parser/compiler.rb +0 -198
  89. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  90. data/lib/puppet/parser/resource.rb +0 -69
  91. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  92. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  93. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  94. data/lib/puppet/pops/issues.rb +0 -5
  95. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  96. data/lib/puppet/pops/model/ast.pp +0 -42
  97. data/lib/puppet/pops/model/ast.rb +0 -290
  98. data/lib/puppet/pops/model/factory.rb +0 -45
  99. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  100. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  101. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  102. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  103. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  104. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  105. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  106. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  107. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  108. data/lib/puppet/pops/types/type_parser.rb +0 -4
  109. data/lib/puppet/pops/types/types.rb +0 -1
  110. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  111. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  112. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  113. data/lib/puppet/provider.rb +0 -13
  114. data/lib/puppet/provider/nameservice.rb +0 -18
  115. data/lib/puppet/provider/package/dpkg.rb +0 -10
  116. data/lib/puppet/provider/package/gem.rb +23 -3
  117. data/lib/puppet/provider/package/pip.rb +0 -1
  118. data/lib/puppet/provider/package/pkg.rb +0 -4
  119. data/lib/puppet/provider/package/portage.rb +1 -1
  120. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  121. data/lib/puppet/provider/service/smf.rb +191 -73
  122. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  123. data/lib/puppet/reference/configuration.rb +7 -5
  124. data/lib/puppet/reference/indirection.rb +1 -1
  125. data/lib/puppet/resource.rb +1 -89
  126. data/lib/puppet/resource/catalog.rb +1 -14
  127. data/lib/puppet/resource/type.rb +3 -119
  128. data/lib/puppet/resource/type_collection.rb +3 -48
  129. data/lib/puppet/runtime.rb +1 -2
  130. data/lib/puppet/settings.rb +45 -33
  131. data/lib/puppet/settings/integer_setting.rb +17 -0
  132. data/lib/puppet/settings/port_setting.rb +15 -0
  133. data/lib/puppet/settings/priority_setting.rb +5 -4
  134. data/lib/puppet/ssl.rb +10 -6
  135. data/lib/puppet/ssl/base.rb +3 -5
  136. data/lib/puppet/ssl/certificate.rb +0 -6
  137. data/lib/puppet/ssl/certificate_request.rb +1 -12
  138. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  139. data/lib/puppet/ssl/oids.rb +3 -1
  140. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  141. data/lib/puppet/ssl/state_machine.rb +3 -1
  142. data/lib/puppet/ssl/verifier.rb +2 -0
  143. data/lib/puppet/test/test_helper.rb +1 -3
  144. data/lib/puppet/transaction.rb +1 -7
  145. data/lib/puppet/transaction/report.rb +2 -4
  146. data/lib/puppet/type.rb +0 -76
  147. data/lib/puppet/type/file.rb +5 -7
  148. data/lib/puppet/type/file/checksum.rb +1 -1
  149. data/lib/puppet/type/file/source.rb +1 -1
  150. data/lib/puppet/type/filebucket.rb +3 -3
  151. data/lib/puppet/type/package.rb +5 -13
  152. data/lib/puppet/type/user.rb +1 -1
  153. data/lib/puppet/util/execution.rb +0 -11
  154. data/lib/puppet/util/http_proxy.rb +2 -215
  155. data/lib/puppet/util/monkey_patches.rb +0 -46
  156. data/lib/puppet/util/rdoc.rb +0 -7
  157. data/lib/puppet/util/retry_action.rb +1 -1
  158. data/lib/puppet/util/run_mode.rb +9 -1
  159. data/lib/puppet/util/windows.rb +3 -8
  160. data/lib/puppet/util/windows/daemon.rb +360 -0
  161. data/lib/puppet/util/windows/error.rb +1 -0
  162. data/lib/puppet/util/windows/eventlog.rb +4 -9
  163. data/lib/puppet/util/windows/file.rb +8 -242
  164. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  165. data/lib/puppet/util/windows/process.rb +4 -226
  166. data/lib/puppet/util/windows/service.rb +9 -460
  167. data/lib/puppet/util/windows/string.rb +12 -13
  168. data/lib/puppet/util/yaml.rb +0 -22
  169. data/lib/puppet/vendor/require_vendored.rb +0 -1
  170. data/lib/puppet/version.rb +1 -1
  171. data/lib/puppet/x509.rb +5 -1
  172. data/lib/puppet/x509/cert_provider.rb +29 -1
  173. data/locales/puppet.pot +521 -1226
  174. data/man/man5/puppet.conf.5 +34 -94
  175. data/man/man8/puppet-facts.8 +56 -35
  176. data/man/man8/puppet-filebucket.8 +3 -3
  177. data/man/man8/puppet-module.8 +0 -57
  178. data/man/man8/puppet.8 +1 -1
  179. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  180. data/spec/integration/application/agent_spec.rb +24 -11
  181. data/spec/integration/application/apply_spec.rb +1 -1
  182. data/spec/integration/application/filebucket_spec.rb +16 -16
  183. data/spec/integration/application/help_spec.rb +2 -0
  184. data/spec/integration/application/plugin_spec.rb +23 -1
  185. data/spec/integration/defaults_spec.rb +7 -3
  186. data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
  187. data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
  188. data/spec/integration/network/http_pool_spec.rb +3 -21
  189. data/spec/integration/parser/catalog_spec.rb +0 -38
  190. data/spec/integration/parser/node_spec.rb +0 -9
  191. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  192. data/spec/integration/type/file_spec.rb +5 -4
  193. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  194. data/spec/integration/util/windows/security_spec.rb +1 -1
  195. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  196. data/spec/lib/puppet_spec/settings.rb +1 -0
  197. data/spec/spec_helper.rb +2 -0
  198. data/spec/unit/agent_spec.rb +0 -2
  199. data/spec/unit/application/facts_spec.rb +86 -0
  200. data/spec/unit/application/filebucket_spec.rb +41 -39
  201. data/spec/unit/application/ssl_spec.rb +2 -2
  202. data/spec/unit/certificate_factory_spec.rb +1 -1
  203. data/spec/unit/configurer/downloader_spec.rb +6 -2
  204. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  205. data/spec/unit/configurer_spec.rb +12 -9
  206. data/spec/unit/context/trusted_information_spec.rb +2 -6
  207. data/spec/unit/defaults_spec.rb +22 -47
  208. data/spec/unit/environments_spec.rb +0 -3
  209. data/spec/unit/face/facts_spec.rb +4 -0
  210. data/spec/unit/face/node_spec.rb +14 -2
  211. data/spec/unit/face/plugin_spec.rb +73 -33
  212. data/spec/unit/file_bucket/file_spec.rb +1 -1
  213. data/spec/unit/file_serving/configuration/parser_spec.rb +22 -18
  214. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  215. data/spec/unit/functions/camelcase_spec.rb +1 -1
  216. data/spec/unit/functions/capitalize_spec.rb +1 -1
  217. data/spec/unit/functions/downcase_spec.rb +1 -1
  218. data/spec/unit/functions/upcase_spec.rb +1 -1
  219. data/spec/unit/http/client_spec.rb +7 -8
  220. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  221. data/spec/unit/http/external_client_spec.rb +4 -4
  222. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  223. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  224. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  225. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  226. data/spec/unit/http/resolver_spec.rb +13 -13
  227. data/spec/unit/http/service/compiler_spec.rb +0 -62
  228. data/spec/unit/http/service/file_server_spec.rb +3 -3
  229. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  230. data/spec/unit/http/service_spec.rb +0 -1
  231. data/spec/unit/http/session_spec.rb +16 -14
  232. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  233. data/spec/unit/indirector/facts/facter_spec.rb +113 -0
  234. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  235. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  236. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  237. data/spec/unit/indirector/file_server_spec.rb +1 -15
  238. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  239. data/spec/unit/indirector/request_spec.rb +0 -264
  240. data/spec/unit/indirector/rest_spec.rb +98 -752
  241. data/spec/unit/network/authconfig_spec.rb +2 -129
  242. data/spec/unit/network/authorization_spec.rb +2 -55
  243. data/spec/unit/network/formats_spec.rb +45 -4
  244. data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -92
  245. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  246. data/spec/unit/network/http/api_spec.rb +10 -0
  247. data/spec/unit/network/http/connection_spec.rb +19 -41
  248. data/spec/unit/network/http/handler_spec.rb +0 -1
  249. data/spec/unit/network/http_pool_spec.rb +0 -4
  250. data/spec/unit/node/environment_spec.rb +33 -21
  251. data/spec/unit/node_spec.rb +2 -54
  252. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  253. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  254. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  255. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  256. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  257. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  258. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  259. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  260. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  261. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  262. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  263. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  264. data/spec/unit/pops/visitor_spec.rb +1 -1
  265. data/spec/unit/provider/nameservice_spec.rb +0 -57
  266. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  267. data/spec/unit/provider/package/gem_spec.rb +32 -0
  268. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  269. data/spec/unit/provider/service/smf_spec.rb +401 -165
  270. data/spec/unit/provider/service/windows_spec.rb +0 -1
  271. data/spec/unit/provider_spec.rb +0 -12
  272. data/spec/unit/resource/type_collection_spec.rb +2 -22
  273. data/spec/unit/resource_spec.rb +0 -56
  274. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  275. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  276. data/spec/unit/settings/port_setting_spec.rb +31 -0
  277. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  278. data/spec/unit/settings_spec.rb +17 -0
  279. data/spec/unit/ssl/base_spec.rb +36 -3
  280. data/spec/unit/ssl/certificate_request_spec.rb +19 -55
  281. data/spec/unit/ssl/certificate_spec.rb +2 -11
  282. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  283. data/spec/unit/ssl/verifier_spec.rb +0 -21
  284. data/spec/unit/transaction/report_spec.rb +0 -2
  285. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  286. data/spec/unit/transaction_spec.rb +45 -79
  287. data/spec/unit/type/file/checksum_spec.rb +6 -6
  288. data/spec/unit/type/file/content_spec.rb +1 -1
  289. data/spec/unit/type/file/ensure_spec.rb +1 -1
  290. data/spec/unit/type/file/mode_spec.rb +1 -1
  291. data/spec/unit/type/file/source_spec.rb +0 -1
  292. data/spec/unit/type/file_spec.rb +12 -6
  293. data/spec/unit/type/package_spec.rb +1 -1
  294. data/spec/unit/type_spec.rb +20 -0
  295. data/spec/unit/util/backups_spec.rb +0 -2
  296. data/spec/unit/util/execution_spec.rb +0 -29
  297. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  298. data/spec/unit/util/run_mode_spec.rb +21 -121
  299. data/spec/unit/util/windows/string_spec.rb +1 -3
  300. data/spec/unit/util/yaml_spec.rb +0 -54
  301. data/spec/unit/util_spec.rb +0 -18
  302. metadata +47 -218
  303. data/conf/auth.conf +0 -150
  304. data/lib/puppet/application/cert.rb +0 -76
  305. data/lib/puppet/application/key.rb +0 -4
  306. data/lib/puppet/application/man.rb +0 -4
  307. data/lib/puppet/application/status.rb +0 -4
  308. data/lib/puppet/face/key.rb +0 -16
  309. data/lib/puppet/face/man.rb +0 -145
  310. data/lib/puppet/face/module/build.rb +0 -14
  311. data/lib/puppet/face/module/generate.rb +0 -14
  312. data/lib/puppet/face/module/search.rb +0 -103
  313. data/lib/puppet/face/status.rb +0 -51
  314. data/lib/puppet/indirector/certificate/file.rb +0 -9
  315. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  316. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  317. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  318. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  319. data/lib/puppet/indirector/file_content/http.rb +0 -22
  320. data/lib/puppet/indirector/key/file.rb +0 -46
  321. data/lib/puppet/indirector/key/memory.rb +0 -7
  322. data/lib/puppet/indirector/ssl_file.rb +0 -162
  323. data/lib/puppet/indirector/status.rb +0 -3
  324. data/lib/puppet/indirector/status/local.rb +0 -12
  325. data/lib/puppet/indirector/status/rest.rb +0 -27
  326. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  327. data/lib/puppet/network/auth_config_parser.rb +0 -90
  328. data/lib/puppet/network/authstore.rb +0 -283
  329. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  330. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  331. data/lib/puppet/network/http/base_pool.rb +0 -36
  332. data/lib/puppet/network/http/compression.rb +0 -127
  333. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  334. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  335. data/lib/puppet/network/rest_controller.rb +0 -2
  336. data/lib/puppet/network/rights.rb +0 -210
  337. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  338. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  339. data/lib/puppet/parser/environment_compiler.rb +0 -202
  340. data/lib/puppet/pops/types/enumeration.rb +0 -16
  341. data/lib/puppet/resource/capability_finder.rb +0 -154
  342. data/lib/puppet/rest/errors.rb +0 -15
  343. data/lib/puppet/rest/response.rb +0 -35
  344. data/lib/puppet/rest/route.rb +0 -85
  345. data/lib/puppet/rest/routes.rb +0 -135
  346. data/lib/puppet/ssl/host.rb +0 -505
  347. data/lib/puppet/ssl/key.rb +0 -61
  348. data/lib/puppet/ssl/validator.rb +0 -61
  349. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  350. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  351. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  352. data/lib/puppet/status.rb +0 -40
  353. data/lib/puppet/util/connection.rb +0 -88
  354. data/lib/puppet/util/fact_dif.rb +0 -62
  355. data/lib/puppet/util/ssl.rb +0 -83
  356. data/lib/puppet/util/windows/api_types.rb +0 -309
  357. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  358. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  359. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  360. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  361. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  362. data/lib/puppet/vendor/pathspec/README.md +0 -53
  363. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  364. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  365. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  366. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  367. data/man/man8/puppet-key.8 +0 -126
  368. data/man/man8/puppet-man.8 +0 -76
  369. data/man/man8/puppet-status.8 +0 -108
  370. data/spec/integration/network/authconfig_spec.rb +0 -256
  371. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  372. data/spec/unit/application/man_spec.rb +0 -52
  373. data/spec/unit/capability_spec.rb +0 -414
  374. data/spec/unit/face/key_spec.rb +0 -9
  375. data/spec/unit/face/module/search_spec.rb +0 -231
  376. data/spec/unit/face/status_spec.rb +0 -9
  377. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  378. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  379. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  380. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  381. data/spec/unit/indirector/key/file_spec.rb +0 -78
  382. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  383. data/spec/unit/indirector/status/local_spec.rb +0 -10
  384. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  385. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  386. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  387. data/spec/unit/network/authstore_spec.rb +0 -422
  388. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  389. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  390. data/spec/unit/network/http/compression_spec.rb +0 -240
  391. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  392. data/spec/unit/network/http_spec.rb +0 -9
  393. data/spec/unit/network/rights_spec.rb +0 -439
  394. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  395. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  396. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  397. data/spec/unit/rest/route_spec.rb +0 -132
  398. data/spec/unit/ssl/host_spec.rb +0 -645
  399. data/spec/unit/ssl/key_spec.rb +0 -173
  400. data/spec/unit/ssl/validator_spec.rb +0 -278
  401. data/spec/unit/status_spec.rb +0 -45
  402. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -1,17 +0,0 @@
1
- require 'pathspec/spec'
2
-
3
- class RegexSpec < Spec
4
- def initialize(regex)
5
- @regex = Regexp.compile regex
6
-
7
- super
8
- end
9
-
10
- def inclusive?
11
- true
12
- end
13
-
14
- def match(path)
15
- @regex.match(path) if @regex
16
- end
17
- end
@@ -1,14 +0,0 @@
1
- class Spec
2
- attr_reader :regex
3
-
4
- def initialize(*_)
5
- end
6
-
7
- def match(files)
8
- raise "Unimplemented"
9
- end
10
-
11
- def inclusive?
12
- true
13
- end
14
- end
@@ -1,126 +0,0 @@
1
- .\" generated with Ronn/v0.7.3
2
- .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
- .
4
- .TH "PUPPET\-KEY" "8" "February 2021" "Puppet, Inc." "Puppet manual"
5
- .
6
- .SH "NAME"
7
- \fBpuppet\-key\fR \- Create, save, and remove certificate keys\.
8
- .
9
- .SH "SYNOPSIS"
10
- puppet key \fIaction\fR [\-\-terminus _TERMINUS] [\-\-extra HASH]
11
- .
12
- .SH "DESCRIPTION"
13
- This subcommand manages certificate private keys\. Keys are created automatically by puppet agent and when certificate requests are generated with \'puppet ssl submit_request\'; it should not be necessary to use this subcommand directly\.
14
- .
15
- .SH "OPTIONS"
16
- Note that any setting that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR and \fBrun_mode\fR are valid settings, so you can specify \fB\-\-server <servername>\fR, or \fB\-\-run_mode <runmode>\fR as an argument\.
17
- .
18
- .P
19
- See the configuration file documentation at \fIhttps://puppet\.com/docs/puppet/latest/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\.
20
- .
21
- .TP
22
- \-\-render\-as FORMAT
23
- The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\.
24
- .
25
- .TP
26
- \-\-verbose
27
- Whether to log verbosely\.
28
- .
29
- .TP
30
- \-\-debug
31
- Whether to log debug information\.
32
- .
33
- .TP
34
- \-\-extra HASH
35
- A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back\-end\. Anything passed as the extra value is just send direct to the back\-end\.
36
- .
37
- .TP
38
- \-\-terminus _TERMINUS
39
- Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\.
40
- .
41
- .IP
42
- Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\.
43
- .
44
- .IP
45
- The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\.
46
- .
47
- .SH "ACTIONS"
48
- .
49
- .TP
50
- \fBdestroy\fR \- Delete an object\.
51
- \fBSYNOPSIS\fR
52
- .
53
- .IP
54
- puppet key destroy [\-\-terminus _TERMINUS] [\-\-extra HASH] \fIkey\fR
55
- .
56
- .IP
57
- \fBDESCRIPTION\fR
58
- .
59
- .IP
60
- Delete an object\.
61
- .
62
- .TP
63
- \fBfind\fR \- Retrieve an object by name\.
64
- \fBSYNOPSIS\fR
65
- .
66
- .IP
67
- puppet key find [\-\-terminus _TERMINUS] [\-\-extra HASH] [\fIkey\fR]
68
- .
69
- .IP
70
- \fBDESCRIPTION\fR
71
- .
72
- .IP
73
- Retrieve an object by name\.
74
- .
75
- .TP
76
- \fBinfo\fR \- Print the default terminus class for this face\.
77
- \fBSYNOPSIS\fR
78
- .
79
- .IP
80
- puppet key info [\-\-terminus _TERMINUS] [\-\-extra HASH]
81
- .
82
- .IP
83
- \fBDESCRIPTION\fR
84
- .
85
- .IP
86
- Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-run_mode\' option\.
87
- .
88
- .TP
89
- \fBsave\fR \- API only: create or overwrite an object\.
90
- \fBSYNOPSIS\fR
91
- .
92
- .IP
93
- puppet key save [\-\-terminus _TERMINUS] [\-\-extra HASH] \fIkey\fR
94
- .
95
- .IP
96
- \fBDESCRIPTION\fR
97
- .
98
- .IP
99
- API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\.
100
- .
101
- .TP
102
- \fBsearch\fR \- Search for an object or retrieve multiple objects\.
103
- \fBSYNOPSIS\fR
104
- .
105
- .IP
106
- puppet key search [\-\-terminus _TERMINUS] [\-\-extra HASH] \fIquery\fR
107
- .
108
- .IP
109
- \fBDESCRIPTION\fR
110
- .
111
- .IP
112
- Search for an object or retrieve multiple objects\.
113
- .
114
- .SH "NOTES"
115
- This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include:
116
- .
117
- .IP "\(bu" 4
118
- \fBfile\fR
119
- .
120
- .IP "\(bu" 4
121
- \fBmemory\fR
122
- .
123
- .IP "" 0
124
- .
125
- .SH "COPYRIGHT AND LICENSE"
126
- Copyright 2011 by Puppet Inc\. Apache 2 license; see COPYING
@@ -1,76 +0,0 @@
1
- .\" generated with Ronn/v0.7.3
2
- .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
- .
4
- .TH "PUPPET\-MAN" "8" "February 2021" "Puppet, Inc." "Puppet manual"
5
- .
6
- .SH "NAME"
7
- \fBpuppet\-man\fR \- Display Puppet manual pages\.
8
- .
9
- .SH "SYNOPSIS"
10
- puppet man \fIaction\fR
11
- .
12
- .SH "DESCRIPTION"
13
- Please use the command \'puppet help \fIsubcommand\fR\' or the system manpage system \'man puppet\-\fIsubcommand\fR\' to display information about Puppet subcommands\. The deprecated man subcommand displays manual pages for all Puppet subcommands\. If the \fBronn\fR gem (\fIhttps://github\.com/rtomayko/ronn/\fR) is installed on your system, puppet man will display fully\-formatted man pages\. If \fBronn\fR is not available, puppet man will display the raw (but human\-readable) source text in a pager\.
14
- .
15
- .SH "OPTIONS"
16
- Note that any setting that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR and \fBrun_mode\fR are valid settings, so you can specify \fB\-\-server <servername>\fR, or \fB\-\-run_mode <runmode>\fR as an argument\.
17
- .
18
- .P
19
- See the configuration file documentation at \fIhttps://puppet\.com/docs/puppet/latest/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\.
20
- .
21
- .TP
22
- \-\-render\-as FORMAT
23
- The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\.
24
- .
25
- .TP
26
- \-\-verbose
27
- Whether to log verbosely\.
28
- .
29
- .TP
30
- \-\-debug
31
- Whether to log debug information\.
32
- .
33
- .SH "ACTIONS"
34
- .
35
- .TP
36
- \fBman\fR \- Display the manual page for a Puppet subcommand\.
37
- \fBSYNOPSIS\fR
38
- .
39
- .IP
40
- puppet man \fIsubcommand\fR
41
- .
42
- .IP
43
- \fBDESCRIPTION\fR
44
- .
45
- .IP
46
- Display the manual page for a Puppet subcommand\.
47
- .
48
- .IP
49
- \fBRETURNS\fR
50
- .
51
- .IP
52
- The man data, in Markdown format, suitable for consumption by Ronn\.
53
- .
54
- .IP
55
- RENDERING ISSUES: To skip fancy formatting and output the raw Markdown text (e\.g\. for use in a pipeline), call this action with \'\-\-render\-as s\'\.
56
- .
57
- .SH "EXAMPLES"
58
- \fBman\fR
59
- .
60
- .P
61
- View the installed manual page for the subcommand \'config\':
62
- .
63
- .P
64
- $ man puppet\-config
65
- .
66
- .P
67
- (Deprecated) View the manual page for the subcommand \'config\':
68
- .
69
- .P
70
- $ puppet man config
71
- .
72
- .SH "NOTES"
73
- The pager used for display will be the first found of \fB$MANPAGER\fR, \fB$PAGER\fR, \fBless\fR, \fBmost\fR, or \fBmore\fR\.
74
- .
75
- .SH "COPYRIGHT AND LICENSE"
76
- Copyright 2011 by Puppet Inc\. Apache 2 license; see COPYING
@@ -1,108 +0,0 @@
1
- .\" generated with Ronn/v0.7.3
2
- .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
- .
4
- .TH "PUPPET\-STATUS" "8" "February 2021" "Puppet, Inc." "Puppet manual"
5
- .
6
- .SH "NAME"
7
- \fBpuppet\-status\fR \- View puppet server status\.
8
- .
9
- .SH "SYNOPSIS"
10
- puppet status \fIaction\fR [\-\-terminus _TERMINUS] [\-\-extra HASH]
11
- .
12
- .SH "OPTIONS"
13
- Note that any setting that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR and \fBrun_mode\fR are valid settings, so you can specify \fB\-\-server <servername>\fR, or \fB\-\-run_mode <runmode>\fR as an argument\.
14
- .
15
- .P
16
- See the configuration file documentation at \fIhttps://puppet\.com/docs/puppet/latest/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\.
17
- .
18
- .TP
19
- \-\-render\-as FORMAT
20
- The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\.
21
- .
22
- .TP
23
- \-\-verbose
24
- Whether to log verbosely\.
25
- .
26
- .TP
27
- \-\-debug
28
- Whether to log debug information\.
29
- .
30
- .TP
31
- \-\-extra HASH
32
- A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back\-end\. Anything passed as the extra value is just send direct to the back\-end\.
33
- .
34
- .TP
35
- \-\-terminus _TERMINUS
36
- Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\.
37
- .
38
- .IP
39
- Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\.
40
- .
41
- .IP
42
- The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\.
43
- .
44
- .SH "ACTIONS"
45
- .
46
- .TP
47
- \fBfind\fR \- Check status of puppet master server\.
48
- \fBSYNOPSIS\fR
49
- .
50
- .IP
51
- puppet status [\-\-terminus _TERMINUS] [\-\-extra HASH] [\fIkey\fR]
52
- .
53
- .IP
54
- \fBDESCRIPTION\fR
55
- .
56
- .IP
57
- Checks whether a Puppet server is properly receiving and processing HTTP requests\. This action is only useful when used with \'\-\-terminus rest\'; when invoked with the \fBlocal\fR terminus, \fBfind\fR will always return true\.
58
- .
59
- .IP
60
- Over REST, this action will query the configured puppet master by default\. To query other servers, including puppet agent nodes started with the \fI\-\-listen\fR option, you can set the global \fI\-\-server\fR and \fI\-\-serverport\fR options on the command line; note that agent nodes listen on port 8139\.
61
- .
62
- .IP
63
- \fBRETURNS\fR
64
- .
65
- .IP
66
- A "true" response or a low\-level connection error\. When used from the Ruby API: returns a Puppet::Status object\.
67
- .
68
- .IP
69
- \fBNOTES\fR
70
- .
71
- .IP
72
- This action requires that the server\'s \fBauth\.conf\fR file allow find access to the \fBstatus\fR REST terminus\. Puppet agent does not use this facility, and it is turned off by default\. See \fIhttps://puppet\.com/docs/puppet/latest/config_file_auth\.html\fR for more details\.
73
- .
74
- .TP
75
- \fBinfo\fR \- Print the default terminus class for this face\.
76
- \fBSYNOPSIS\fR
77
- .
78
- .IP
79
- puppet status info [\-\-terminus _TERMINUS] [\-\-extra HASH]
80
- .
81
- .IP
82
- \fBDESCRIPTION\fR
83
- .
84
- .IP
85
- Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-run_mode\' option\.
86
- .
87
- .SH "EXAMPLES"
88
- \fBfind\fR
89
- .
90
- .P
91
- Check the status of the configured puppet master:
92
- .
93
- .P
94
- $ puppet status find \-\-terminus rest
95
- .
96
- .SH "NOTES"
97
- This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include:
98
- .
99
- .IP "\(bu" 4
100
- \fBlocal\fR
101
- .
102
- .IP "\(bu" 4
103
- \fBrest\fR
104
- .
105
- .IP "" 0
106
- .
107
- .SH "COPYRIGHT AND LICENSE"
108
- Copyright 2011 by Puppet Inc\. Apache 2 license; see COPYING
@@ -1,256 +0,0 @@
1
- require 'spec_helper'
2
-
3
- require 'puppet/network/authconfig'
4
- require 'puppet/network/auth_config_parser'
5
-
6
- RSpec::Matchers.define :auth_allow do |params|
7
- match do |auth|
8
- begin
9
- auth.check_authorization(*params)
10
- true
11
- rescue Puppet::Network::AuthorizationError
12
- false
13
- end
14
- end
15
-
16
- failure_message do |instance|
17
- "expected #{params[2][:node]}/#{params[2][:ip]} to be allowed"
18
- end
19
-
20
- failure_message_when_negated do |instance|
21
- "expected #{params[2][:node]}/#{params[2][:ip]} to be forbidden"
22
- end
23
- end
24
-
25
- describe Puppet::Network::AuthConfig do
26
- include PuppetSpec::Files
27
-
28
- def add_rule(rule)
29
- parser = Puppet::Network::AuthConfigParser.new(
30
- "path /test\n#{rule}\n"
31
- )
32
- @auth = parser.parse
33
- end
34
-
35
- def add_regex_rule(regex, rule)
36
- parser = Puppet::Network::AuthConfigParser.new(
37
- "path ~ #{regex}\n#{rule}\n"
38
- )
39
- @auth = parser.parse
40
- end
41
-
42
- def add_raw_stanza(stanza)
43
- parser = Puppet::Network::AuthConfigParser.new(
44
- stanza
45
- )
46
- @auth = parser.parse
47
- end
48
-
49
- def request(args = {})
50
- args = {
51
- :key => 'key',
52
- :node => 'host.domain.com',
53
- :ip => '10.1.1.1',
54
- :authenticated => true
55
- }.merge(args)
56
- [:find, "/test/#{args[:key]}", args]
57
- end
58
-
59
- describe "allow" do
60
- it "should not match IP addresses" do
61
- add_rule("allow 10.1.1.1")
62
-
63
- expect(@auth).not_to auth_allow(request)
64
- end
65
-
66
- it "should not accept CIDR IPv4 address" do
67
- expect {
68
- add_rule("allow 10.0.0.0/8")
69
- }.to raise_error Puppet::ConfigurationError, /Invalid pattern 10\.0\.0\.0\/8/
70
- end
71
-
72
- it "should not match wildcard IPv4 address" do
73
- expect {
74
- add_rule("allow 10.1.1.*")
75
- }.to raise_error Puppet::ConfigurationError, /Invalid pattern 10\.1\.1\.*/
76
- end
77
-
78
- it "should not match IPv6 address" do
79
- expect {
80
- add_rule("allow 2001:DB8::8:800:200C:417A")
81
- }.to raise_error Puppet::ConfigurationError, /Invalid pattern 2001/
82
- end
83
-
84
- it "should support hostname" do
85
- add_rule("allow host.domain.com")
86
-
87
- expect(@auth).to auth_allow(request)
88
- end
89
-
90
- it "should support wildcard host" do
91
- add_rule("allow *.domain.com")
92
-
93
- expect(@auth).to auth_allow(request)
94
- end
95
-
96
- it 'should warn about missing path before allow_ip in stanza' do
97
- expect {
98
- add_raw_stanza("allow_ip 10.0.0.1\n")
99
- }.to raise_error Puppet::ConfigurationError, /Missing or invalid 'path' before right directive at \(line: .*\)/
100
- end
101
-
102
- it 'should warn about missing path before allow in stanza' do
103
- expect {
104
- add_raw_stanza("allow host.domain.com\n")
105
- }.to raise_error Puppet::ConfigurationError, /Missing or invalid 'path' before right directive at \(line: .*\)/
106
- end
107
-
108
- it "should support hostname backreferences" do
109
- add_regex_rule('^/test/([^/]+)$', "allow $1.domain.com")
110
-
111
- expect(@auth).to auth_allow(request(:key => 'host'))
112
- end
113
-
114
- it "should support opaque strings" do
115
- add_rule("allow this-is-opaque@or-not")
116
-
117
- expect(@auth).to auth_allow(request(:node => 'this-is-opaque@or-not'))
118
- end
119
-
120
- it "should support opaque strings and backreferences" do
121
- add_regex_rule('^/test/([^/]+)$', "allow $1")
122
-
123
- expect(@auth).to auth_allow(request(:key => 'this-is-opaque@or-not', :node => 'this-is-opaque@or-not'))
124
- end
125
-
126
- it "should support hostname ending with '.'" do
127
- pending('bug #7589')
128
- add_rule("allow host.domain.com.")
129
-
130
- expect(@auth).to auth_allow(request(:node => 'host.domain.com.'))
131
- end
132
-
133
- it "should support hostname ending with '.' and backreferences" do
134
- pending('bug #7589')
135
- add_regex_rule('^/test/([^/]+)$',"allow $1")
136
-
137
- expect(@auth).to auth_allow(request(:node => 'host.domain.com.'))
138
- end
139
-
140
- it "should support trailing whitespace" do
141
- add_rule('allow host.domain.com ')
142
-
143
- expect(@auth).to auth_allow(request)
144
- end
145
-
146
- it "should support inlined comments" do
147
- add_rule('allow host.domain.com # will it work?')
148
-
149
- expect(@auth).to auth_allow(request)
150
- end
151
-
152
- it "should deny non-matching host" do
153
- add_rule("allow inexistent")
154
-
155
- expect(@auth).not_to auth_allow(request)
156
- end
157
- end
158
-
159
- describe "allow_ip" do
160
- it "should not warn when matches against IP addresses fail" do
161
- add_rule("allow_ip 10.1.1.2")
162
-
163
- expect(@auth).not_to auth_allow(request)
164
-
165
- expect(@logs).not_to be_any {|log| log.level == :warning and log.message =~ /Authentication based on IP address is deprecated/}
166
- end
167
-
168
- it "should support IPv4 address" do
169
- add_rule("allow_ip 10.1.1.1")
170
-
171
- expect(@auth).to auth_allow(request)
172
- end
173
-
174
- it "should support CIDR IPv4 address" do
175
- add_rule("allow_ip 10.0.0.0/8")
176
-
177
- expect(@auth).to auth_allow(request)
178
- end
179
-
180
- it "should support wildcard IPv4 address" do
181
- add_rule("allow_ip 10.1.1.*")
182
-
183
- expect(@auth).to auth_allow(request)
184
- end
185
-
186
- it "should support IPv6 address" do
187
- add_rule("allow_ip 2001:DB8::8:800:200C:417A")
188
-
189
- expect(@auth).to auth_allow(request(:ip => '2001:DB8::8:800:200C:417A'))
190
- end
191
-
192
- it "should support hostname" do
193
- expect {
194
- add_rule("allow_ip host.domain.com")
195
- }.to raise_error Puppet::ConfigurationError, /Invalid IP pattern host.domain.com/
196
- end
197
- end
198
-
199
- describe "deny" do
200
- it "should deny denied hosts" do
201
- add_rule <<-EOALLOWRULE
202
- deny host.domain.com
203
- allow *.domain.com
204
- EOALLOWRULE
205
-
206
- expect(@auth).not_to auth_allow(request)
207
- end
208
-
209
- it "denies denied hosts after allowing them" do
210
- add_rule <<-EOALLOWRULE
211
- allow *.domain.com
212
- deny host.domain.com
213
- EOALLOWRULE
214
-
215
- expect(@auth).not_to auth_allow(request)
216
- end
217
-
218
- it "should not deny based on IP" do
219
- add_rule <<-EOALLOWRULE
220
- deny 10.1.1.1
221
- allow host.domain.com
222
- EOALLOWRULE
223
-
224
- expect(@auth).to auth_allow(request)
225
- end
226
-
227
- it "should not deny based on IP (ordering #2)" do
228
- add_rule <<-EOALLOWRULE
229
- allow host.domain.com
230
- deny 10.1.1.1
231
- EOALLOWRULE
232
-
233
- expect(@auth).to auth_allow(request)
234
- end
235
- end
236
-
237
- describe "deny_ip" do
238
- it "should deny based on IP" do
239
- add_rule <<-EOALLOWRULE
240
- deny_ip 10.1.1.1
241
- allow host.domain.com
242
- EOALLOWRULE
243
-
244
- expect(@auth).not_to auth_allow(request)
245
- end
246
-
247
- it "should deny based on IP (ordering #2)" do
248
- add_rule <<-EOALLOWRULE
249
- allow host.domain.com
250
- deny_ip 10.1.1.1
251
- EOALLOWRULE
252
-
253
- expect(@auth).not_to auth_allow(request)
254
- end
255
- end
256
- end