puppet 6.21.1-x86-mingw32 → 6.25.0-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +3 -3
- data/Gemfile.lock +34 -28
- data/README.md +4 -4
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +3 -2
- data/lib/puppet/application/agent.rb +16 -5
- data/lib/puppet/application/apply.rb +22 -3
- data/lib/puppet/application/device.rb +2 -1
- data/lib/puppet/application/filebucket.rb +1 -0
- data/lib/puppet/application/resource.rb +32 -16
- data/lib/puppet/application/script.rb +2 -1
- data/lib/puppet/application/ssl.rb +12 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
- data/lib/puppet/configurer/downloader.rb +2 -1
- data/lib/puppet/configurer.rb +85 -57
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +63 -35
- data/lib/puppet/environments.rb +91 -26
- data/lib/puppet/face/facts.rb +129 -31
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/node/clean.rb +11 -0
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/file_serving/configuration/parser.rb +2 -0
- data/lib/puppet/file_serving/configuration.rb +3 -0
- data/lib/puppet/file_serving/fileset.rb +14 -2
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_system/file_impl.rb +3 -1
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +4 -2
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +12 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +75 -1
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/indirector/catalog/compiler.rb +25 -6
- data/lib/puppet/indirector/catalog/rest.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +28 -7
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/resource/ral.rb +6 -1
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/interface/documentation.rb +1 -0
- data/lib/puppet/module/plan.rb +0 -1
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +12 -4
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/network/formats.rb +67 -0
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/network/http/factory.rb +4 -0
- data/lib/puppet/node/environment.rb +10 -11
- data/lib/puppet/pal/pal_impl.rb +1 -1
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/parser/scope.rb +1 -0
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
- data/lib/puppet/pops/model/ast.rb +1 -0
- data/lib/puppet/pops/model/factory.rb +2 -1
- data/lib/puppet/pops/parser/eparser.rb +201 -201
- data/lib/puppet/pops/parser/lexer2.rb +92 -91
- data/lib/puppet/pops/parser/slurp_support.rb +1 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/pops/types/type_formatter.rb +4 -3
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/group/groupadd.rb +5 -2
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/package/pip.rb +15 -3
- data/lib/puppet/provider/package/pkg.rb +19 -2
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +3 -0
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/init.rb +5 -5
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +3 -3
- data/lib/puppet/provider/service/systemd.rb +16 -6
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/aix.rb +44 -1
- data/lib/puppet/provider/user/directoryservice.rb +26 -13
- data/lib/puppet/provider/user/useradd.rb +73 -17
- data/lib/puppet/provider.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/type_collection.rb +1 -0
- data/lib/puppet/runtime.rb +11 -1
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/settings.rb +32 -9
- data/lib/puppet/test/test_helper.rb +4 -1
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +11 -1
- data/lib/puppet/transaction/report.rb +15 -1
- data/lib/puppet/type/exec.rb +35 -5
- data/lib/puppet/type/file/mode.rb +6 -0
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file.rb +25 -7
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/group.rb +0 -1
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +26 -41
- data/lib/puppet/type/tidy.rb +22 -3
- data/lib/puppet/type/user.rb +38 -21
- data/lib/puppet/type.rb +1 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/fact_dif.rb +36 -17
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/json.rb +3 -0
- data/lib/puppet/util/log.rb +1 -2
- data/lib/puppet/util/logging.rb +1 -25
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/util/suidmanager.rb +1 -2
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/tagging.rb +1 -0
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/api_types.rb +1 -1
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +6 -2
- data/lib/puppet/util/windows/user.rb +0 -2
- data/lib/puppet/util.rb +4 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +5 -9
- data/locales/puppet.pot +506 -410
- data/man/man5/puppet.conf.5 +310 -274
- data/man/man8/puppet-agent.8 +4 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +65 -7
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +7 -7
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +3 -3
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet-status.8 +4 -4
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/integration/application/agent_spec.rb +113 -37
- data/spec/integration/application/filebucket_spec.rb +16 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/application/resource_spec.rb +64 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/configurer_spec.rb +18 -2
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/indirector/facts/facter_spec.rb +93 -39
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/integration/type/file_spec.rb +2 -2
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/process_spec.rb +1 -9
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/lib/puppet/test_ca.rb +7 -2
- data/spec/lib/puppet_spec/modules.rb +13 -2
- data/spec/lib/puppet_spec/puppetserver.rb +15 -0
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_contexts/l10n.rb +27 -0
- data/spec/spec_helper.rb +12 -11
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/application/apply_spec.rb +76 -56
- data/spec/unit/application/facts_spec.rb +482 -3
- data/spec/unit/application/resource_spec.rb +29 -0
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +194 -56
- data/spec/unit/defaults_spec.rb +17 -0
- data/spec/unit/environments_spec.rb +348 -88
- data/spec/unit/face/facts_spec.rb +4 -0
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
- data/spec/unit/file_serving/configuration_spec.rb +14 -4
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_system_spec.rb +22 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/logging_spec.rb +1 -0
- data/spec/unit/functions/lookup_spec.rb +64 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/service/compiler_spec.rb +131 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +101 -10
- data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
- data/spec/unit/indirector/facts/facter_spec.rb +95 -0
- data/spec/unit/indirector/indirection_spec.rb +10 -3
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/interface/action_spec.rb +0 -9
- data/spec/unit/module_spec.rb +15 -1
- data/spec/unit/module_tool/applications/installer_spec.rb +51 -12
- data/spec/unit/network/authstore_spec.rb +0 -15
- data/spec/unit/network/formats_spec.rb +47 -0
- data/spec/unit/network/http/factory_spec.rb +19 -0
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
- data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
- data/spec/unit/provider/package/gem_spec.rb +1 -1
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +38 -1
- data/spec/unit/provider/package/pkg_spec.rb +29 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/launchd_spec.rb +11 -0
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/systemd_spec.rb +54 -9
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/aix_spec.rb +100 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +68 -36
- data/spec/unit/provider/user/useradd_spec.rb +61 -5
- data/spec/unit/provider_spec.rb +4 -4
- data/spec/unit/puppet_spec.rb +12 -4
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/settings_spec.rb +97 -56
- data/spec/unit/ssl/certificate_request_spec.rb +8 -14
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/service_spec.rb +86 -188
- data/spec/unit/type/tidy_spec.rb +24 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/logging_spec.rb +2 -0
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/spec/unit/util/windows/sid_spec.rb +41 -0
- data/tasks/generate_cert_fixtures.rake +12 -3
- data/tasks/parallel.rake +3 -3
- metadata +59 -101
- data/ext/README.environment +0 -8
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -339
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -33
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -842
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -71
- data/ext/solaris/smf/svc-puppetmasterd +0 -67
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/yaml_nodes.rb +0 -105
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/indirector/store_configs_spec.rb +0 -7
data/lib/puppet/configurer.rb
CHANGED
@@ -91,7 +91,7 @@ class Puppet::Configurer
|
|
91
91
|
|
92
92
|
if result
|
93
93
|
# don't use use cached catalog if it doesn't match server specified environment
|
94
|
-
if
|
94
|
+
if result.environment != @environment
|
95
95
|
Puppet.err _("Not using cached catalog because its environment '%{catalog_env}' does not match '%{local_env}'") % { catalog_env: result.environment, local_env: @environment }
|
96
96
|
return nil
|
97
97
|
end
|
@@ -118,8 +118,11 @@ class Puppet::Configurer
|
|
118
118
|
catalog = result.to_ral
|
119
119
|
catalog.finalize
|
120
120
|
catalog.retrieval_duration = duration
|
121
|
-
|
122
|
-
|
121
|
+
|
122
|
+
if Puppet[:write_catalog_summary]
|
123
|
+
catalog.write_class_file
|
124
|
+
catalog.write_resource_file
|
125
|
+
end
|
123
126
|
end
|
124
127
|
options[:report].add_times(:convert_catalog, catalog_conversion_time) if options[:report]
|
125
128
|
|
@@ -257,6 +260,7 @@ class Puppet::Configurer
|
|
257
260
|
|
258
261
|
def run_internal(options)
|
259
262
|
report = options[:report]
|
263
|
+
report.initial_environment = Puppet[:environment]
|
260
264
|
|
261
265
|
if options[:start_time]
|
262
266
|
startup_time = Time.now - options[:start_time]
|
@@ -296,69 +300,35 @@ class Puppet::Configurer
|
|
296
300
|
configured_environment = Puppet[:environment] if Puppet.settings.set_by_config?(:environment)
|
297
301
|
|
298
302
|
# We only need to find out the environment to run in if we don't already have a catalog
|
299
|
-
unless (cached_catalog || options[:catalog] || Puppet[:strict_environment_mode])
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
:environment => Puppet::Node::Environment.remote(@environment),
|
305
|
-
:configured_environment => configured_environment,
|
306
|
-
:ignore_cache => true,
|
307
|
-
:transaction_uuid => @transaction_uuid,
|
308
|
-
:fail_on_404 => true)
|
309
|
-
end
|
310
|
-
options[:report].add_times(:node_retrieval, node_retr_time)
|
311
|
-
|
312
|
-
if node
|
313
|
-
# If we have deserialized a node from a rest call, we want to set
|
314
|
-
# an environment instance as a simple 'remote' environment reference.
|
315
|
-
if !node.has_environment_instance? && node.environment_name
|
316
|
-
node.environment = Puppet::Node::Environment.remote(node.environment_name)
|
317
|
-
end
|
303
|
+
unless (cached_catalog || options[:catalog] || Puppet.settings.set_by_cli?(:environment) || Puppet[:strict_environment_mode])
|
304
|
+
Puppet.debug(_("Environment not passed via CLI and no catalog was given, attempting to find out the last server-specified environment"))
|
305
|
+
if last_server_specified_environment
|
306
|
+
@environment = last_server_specified_environment
|
307
|
+
report.environment = last_server_specified_environment
|
318
308
|
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
Puppet.notice _("Local environment: '%{local_env}' doesn't match server specified node environment '%{node_env}', switching agent to '%{node_env}'.") % { local_env: @environment, node_env: node.environment }
|
323
|
-
@environment = node.environment.to_s
|
324
|
-
report.environment = @environment
|
325
|
-
query_options = nil
|
326
|
-
facts = nil
|
327
|
-
|
328
|
-
new_env = Puppet::Node::Environment.remote(@environment)
|
329
|
-
Puppet.push_context(
|
330
|
-
{
|
331
|
-
current_environment: new_env,
|
332
|
-
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
333
|
-
},
|
334
|
-
"Local node environment #{@environment} for configurer transaction"
|
335
|
-
)
|
336
|
-
else
|
337
|
-
Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
|
338
|
-
end
|
339
|
-
end
|
340
|
-
rescue StandardError => detail
|
341
|
-
Puppet.warning(_("Unable to fetch my node definition, but the agent run will continue:"))
|
342
|
-
Puppet.warning(detail)
|
309
|
+
push_current_environment_and_loaders
|
310
|
+
else
|
311
|
+
Puppet.debug(_("Could not find a usable environment in the lastrunfile. Either the file does not exist, does not have the required keys, or the values of 'initial_environment' and 'converged_environment' are identical."))
|
343
312
|
end
|
344
313
|
end
|
345
314
|
|
315
|
+
Puppet.info _("Using environment '%{env}'") % { env: @environment }
|
316
|
+
|
346
317
|
# This is to maintain compatibility with anyone using this class
|
347
318
|
# aside from agent, apply, device.
|
348
319
|
unless Puppet.lookup(:loaders) { nil }
|
349
|
-
|
350
|
-
Puppet.push_context(
|
351
|
-
{
|
352
|
-
current_environment: new_env,
|
353
|
-
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
354
|
-
},
|
355
|
-
"Local node environment #{@environment} for configurer transaction"
|
356
|
-
)
|
320
|
+
push_current_environment_and_loaders
|
357
321
|
end
|
358
322
|
|
323
|
+
temp_value = options[:pluginsync]
|
324
|
+
|
325
|
+
# only validate server environment if pluginsync is requested
|
326
|
+
options[:pluginsync] = valid_server_environment? if options[:pluginsync] == true
|
327
|
+
|
359
328
|
query_options, facts = get_facts(options) unless query_options
|
329
|
+
options[:pluginsync] = temp_value
|
330
|
+
|
360
331
|
query_options[:configured_environment] = configured_environment
|
361
|
-
options[:convert_for_node] = node
|
362
332
|
|
363
333
|
catalog = prepare_and_retrieve_catalog(cached_catalog, facts, options, query_options)
|
364
334
|
unless catalog
|
@@ -383,6 +353,8 @@ class Puppet::Configurer
|
|
383
353
|
@environment = catalog.environment
|
384
354
|
report.environment = @environment
|
385
355
|
|
356
|
+
push_current_environment_and_loaders
|
357
|
+
|
386
358
|
query_options, facts = get_facts(options)
|
387
359
|
query_options[:configured_environment] = configured_environment
|
388
360
|
|
@@ -456,6 +428,25 @@ class Puppet::Configurer
|
|
456
428
|
end
|
457
429
|
private :run_internal
|
458
430
|
|
431
|
+
def valid_server_environment?
|
432
|
+
session = Puppet.lookup(:http_session)
|
433
|
+
begin
|
434
|
+
fs = session.route_to(:fileserver)
|
435
|
+
fs.get_file_metadatas(path: URI(Puppet[:pluginsource]).path, recurse: :false, environment: @environment)
|
436
|
+
true
|
437
|
+
rescue Puppet::HTTP::ResponseError => detail
|
438
|
+
if detail.response.code == 404
|
439
|
+
Puppet.notice(_("Environment '%{environment}' not found on server, skipping initial pluginsync.") % { environment: @environment })
|
440
|
+
else
|
441
|
+
Puppet.log_exception(detail, detail.message)
|
442
|
+
end
|
443
|
+
false
|
444
|
+
rescue => detail
|
445
|
+
Puppet.log_exception(detail, detail.message)
|
446
|
+
false
|
447
|
+
end
|
448
|
+
end
|
449
|
+
|
459
450
|
def find_functional_server
|
460
451
|
begin
|
461
452
|
session = Puppet.lookup(:http_session)
|
@@ -472,10 +463,35 @@ class Puppet::Configurer
|
|
472
463
|
end
|
473
464
|
private :find_functional_server
|
474
465
|
|
466
|
+
def last_server_specified_environment
|
467
|
+
return @last_server_specified_environment if @last_server_specified_environment
|
468
|
+
if Puppet::FileSystem.exist?(Puppet[:lastrunfile])
|
469
|
+
summary = Puppet::Util::Yaml.safe_load_file(Puppet[:lastrunfile])
|
470
|
+
return unless summary.dig('application', 'run_mode') == 'agent'
|
471
|
+
initial_environment = summary.dig('application', 'initial_environment')
|
472
|
+
converged_environment = summary.dig('application', 'converged_environment')
|
473
|
+
@last_server_specified_environment = converged_environment if initial_environment != converged_environment
|
474
|
+
end
|
475
|
+
|
476
|
+
Puppet.debug(_("Found last server-specified environment: %{environment}") % { environment: @last_server_specified_environment }) if @last_server_specified_environment
|
477
|
+
@last_server_specified_environment
|
478
|
+
rescue => detail
|
479
|
+
Puppet.debug(_("Could not find last server-specified environment: %{detail}") % { detail: detail })
|
480
|
+
nil
|
481
|
+
end
|
482
|
+
private :last_server_specified_environment
|
483
|
+
|
475
484
|
def send_report(report)
|
476
485
|
puts report.summary if Puppet[:summarize]
|
477
486
|
save_last_run_summary(report)
|
478
|
-
|
487
|
+
if Puppet[:report]
|
488
|
+
remote = Puppet::Node::Environment.remote(@environment)
|
489
|
+
begin
|
490
|
+
Puppet::Transaction::Report.indirection.save(report, nil, ignore_cache: true, environment: remote)
|
491
|
+
ensure
|
492
|
+
Puppet::Transaction::Report.indirection.save(report, nil, ignore_terminus: true, environment: remote)
|
493
|
+
end
|
494
|
+
end
|
479
495
|
rescue => detail
|
480
496
|
Puppet.log_exception(detail, _("Could not send report: %{detail}") % { detail: detail })
|
481
497
|
end
|
@@ -498,7 +514,7 @@ class Puppet::Configurer
|
|
498
514
|
# @return [false] If an exception is raised during fact generation or
|
499
515
|
# submission.
|
500
516
|
def resubmit_facts
|
501
|
-
|
517
|
+
Puppet.runtime[:facter].clear
|
502
518
|
facts = find_facts
|
503
519
|
|
504
520
|
client = Puppet.runtime[:http]
|
@@ -533,6 +549,17 @@ class Puppet::Configurer
|
|
533
549
|
end
|
534
550
|
end
|
535
551
|
|
552
|
+
def push_current_environment_and_loaders
|
553
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
554
|
+
Puppet.push_context(
|
555
|
+
{
|
556
|
+
:current_environment => new_env,
|
557
|
+
:loaders => Puppet::Pops::Loaders.new(new_env, true)
|
558
|
+
},
|
559
|
+
"Local node environment #{@environment} for configurer transaction"
|
560
|
+
)
|
561
|
+
end
|
562
|
+
|
536
563
|
def retrieve_catalog_from_cache(query_options)
|
537
564
|
result = nil
|
538
565
|
@duration = thinmark do
|
@@ -560,6 +587,7 @@ class Puppet::Configurer
|
|
560
587
|
# don't update cache until after environment converges
|
561
588
|
:ignore_cache_save => true,
|
562
589
|
:environment => Puppet::Node::Environment.remote(@environment),
|
590
|
+
:check_environment => true,
|
563
591
|
:fail_on_404 => true,
|
564
592
|
:facts_for_catalog => facts
|
565
593
|
)
|
@@ -18,7 +18,7 @@ class Puppet::Confine::Variable < Puppet::Confine
|
|
18
18
|
|
19
19
|
# Retrieve the value from facter
|
20
20
|
def facter_value
|
21
|
-
@facter_value ||=
|
21
|
+
@facter_value ||= Puppet.runtime[:facter].value(name).to_s.downcase
|
22
22
|
end
|
23
23
|
|
24
24
|
def initialize(values)
|
data/lib/puppet/defaults.rb
CHANGED
@@ -3,7 +3,7 @@ require 'puppet/util/platform'
|
|
3
3
|
module Puppet
|
4
4
|
|
5
5
|
def self.default_diffargs
|
6
|
-
if (
|
6
|
+
if (Puppet.runtime[:facter].value(:kernel) == "AIX" && Puppet.runtime[:facter].value(:kernelmajversion) == "5300")
|
7
7
|
""
|
8
8
|
else
|
9
9
|
"-u"
|
@@ -58,6 +58,18 @@ module Puppet
|
|
58
58
|
end
|
59
59
|
end
|
60
60
|
|
61
|
+
def self.default_cadir
|
62
|
+
return "" if Puppet::Util::Platform.windows?
|
63
|
+
old_ca_dir = "#{Puppet[:ssldir]}/ca"
|
64
|
+
new_ca_dir = '/etc/puppetlabs/puppetserver/ca'
|
65
|
+
|
66
|
+
if File.exist?("#{new_ca_dir}/ca_crt.pem")
|
67
|
+
new_ca_dir
|
68
|
+
else
|
69
|
+
old_ca_dir
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
61
73
|
############################################################################################
|
62
74
|
# NOTE: For information about the available values for the ":type" property of settings,
|
63
75
|
# see the docs for Settings.define_settings
|
@@ -78,7 +90,7 @@ module Puppet
|
|
78
90
|
This setting is still experimental.',
|
79
91
|
:hook => proc do |value|
|
80
92
|
value = munge(value)
|
81
|
-
if value && Puppet::Util::Package.versioncmp(
|
93
|
+
if value && Puppet::Util::Package.versioncmp(Puppet.runtime[:facter].value('facterversion'), '4.0.0') < 0
|
82
94
|
begin
|
83
95
|
original_facter = Object.const_get(:Facter)
|
84
96
|
Object.send(:remove_const, :Facter)
|
@@ -206,7 +218,7 @@ module Puppet
|
|
206
218
|
|
207
219
|
The strictness level is for both language semantics and runtime
|
208
220
|
evaluation validation. In addition to controlling the behavior with
|
209
|
-
this
|
221
|
+
this primary server switch some individual warnings may also be controlled
|
210
222
|
by the disable_warnings setting.
|
211
223
|
|
212
224
|
No new validations will be added to a micro (x.y.z) release,
|
@@ -250,7 +262,7 @@ module Puppet
|
|
250
262
|
internal Ruby stack trace interleaved with Puppet function frames.",
|
251
263
|
:hook => proc do |value|
|
252
264
|
# Enable or disable Facter's trace option too
|
253
|
-
|
265
|
+
Puppet.runtime[:facter].trace(value)
|
254
266
|
end
|
255
267
|
},
|
256
268
|
:puppet_trace => {
|
@@ -282,7 +294,7 @@ module Puppet
|
|
282
294
|
:default => true,
|
283
295
|
:type => :boolean,
|
284
296
|
:desc => "Whether to compile a [static catalog](https://puppet.com/docs/puppet/latest/static_catalogs.html#enabling-or-disabling-static-catalogs),
|
285
|
-
which occurs only on
|
297
|
+
which occurs only on Puppet Server when the `code-id-command` and
|
286
298
|
`code-content-command` settings are configured in its `puppetserver.conf` file.",
|
287
299
|
},
|
288
300
|
:strict_environment_mode => {
|
@@ -400,13 +412,13 @@ module Puppet
|
|
400
412
|
:default => "production",
|
401
413
|
:desc => "The environment in which Puppet is running. For clients,
|
402
414
|
such as `puppet agent`, this determines the environment itself, which
|
403
|
-
Puppet uses to find modules and much more. For servers, such as `puppet
|
415
|
+
Puppet uses to find modules and much more. For servers, such as `puppet server`,
|
404
416
|
this provides the default environment for nodes that Puppet knows nothing about.
|
405
417
|
|
406
418
|
When defining an environment in the `[agent]` section, this refers to the
|
407
|
-
environment that the agent requests from the
|
419
|
+
environment that the agent requests from the primary server. The environment doesn't
|
408
420
|
have to exist on the local filesystem because the agent fetches it from the
|
409
|
-
|
421
|
+
primary server. This definition is used when running `puppet agent`.
|
410
422
|
|
411
423
|
When defined in the `[user]` section, the environment refers to the path that
|
412
424
|
Puppet uses to search for code and modules related to its execution. This
|
@@ -818,7 +830,7 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
818
830
|
:certname => {
|
819
831
|
:default => lambda { Puppet::Settings.default_certname.downcase },
|
820
832
|
:desc => "The name to use when handling certificates. When a node
|
821
|
-
requests a certificate from the CA
|
833
|
+
requests a certificate from the CA Puppet Server, it uses the value of the
|
822
834
|
`certname` setting as its requested Subject CN.
|
823
835
|
|
824
836
|
This is the name used when managing a node's permissions in
|
@@ -866,8 +878,8 @@ names.
|
|
866
878
|
**Note:** The list of alternate names is locked in when the server's
|
867
879
|
certificate is signed. If you need to change the list later, you can't just
|
868
880
|
change this setting; you also need to regenerate the certificate. For more
|
869
|
-
information on that process, see the
|
870
|
-
(https://puppet.com/docs/puppet/latest/ssl_regenerate_certificates.html).
|
881
|
+
information on that process, see the
|
882
|
+
[cert regen docs](https://puppet.com/docs/puppet/latest/ssl_regenerate_certificates.html).
|
871
883
|
|
872
884
|
To see all the alternate names your servers are using, log into your CA server
|
873
885
|
and run `puppetserver ca list --all`, then check the output for `(alt names: ...)`.
|
@@ -881,7 +893,7 @@ EOT
|
|
881
893
|
:desc => <<EOT
|
882
894
|
An optional file containing custom attributes to add to certificate signing
|
883
895
|
requests (CSRs). You should ensure that this file does not exist on your CA
|
884
|
-
|
896
|
+
Puppet Server; if it does, unwanted certificate extensions may leak into
|
885
897
|
certificates created with the `puppetserver ca generate` command.
|
886
898
|
|
887
899
|
If present, this file must be a YAML hash containing a `custom_attributes` key
|
@@ -1085,6 +1097,14 @@ EOT
|
|
1085
1097
|
certificate revocation checking and does not attempt to download the CRL.
|
1086
1098
|
EOT
|
1087
1099
|
},
|
1100
|
+
:ciphers => {
|
1101
|
+
:default => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256',
|
1102
|
+
:type => :string,
|
1103
|
+
:desc => "The list of ciphersuites for TLS connections initiated by puppet. The
|
1104
|
+
default value is chosen to support TLS 1.0 and up, but can be made
|
1105
|
+
more restrictive if needed. The ciphersuites must be specified in OpenSSL
|
1106
|
+
format, not IANA."
|
1107
|
+
},
|
1088
1108
|
:key_type => {
|
1089
1109
|
:default => 'rsa',
|
1090
1110
|
:type => :enum,
|
@@ -1142,7 +1162,7 @@ EOT
|
|
1142
1162
|
:desc => "The name to use the Certificate Authority certificate.",
|
1143
1163
|
},
|
1144
1164
|
:cadir => {
|
1145
|
-
:default =>
|
1165
|
+
:default => lambda { default_cadir },
|
1146
1166
|
:type => :directory,
|
1147
1167
|
:desc => "The root directory for the certificate authority.",
|
1148
1168
|
},
|
@@ -1185,7 +1205,7 @@ EOT
|
|
1185
1205
|
:default => "$confdir/autosign.conf",
|
1186
1206
|
:type => :autosign,
|
1187
1207
|
:desc => "Whether (and how) to autosign certificate requests. This setting
|
1188
|
-
is only relevant on a
|
1208
|
+
is only relevant on a Puppet Server acting as a certificate authority (CA).
|
1189
1209
|
|
1190
1210
|
Valid values are true (autosigns all certificate requests; not recommended),
|
1191
1211
|
false (disables autosigning certificates), or the absolute path to a file.
|
@@ -1196,7 +1216,7 @@ EOT
|
|
1196
1216
|
file, it will be treated as a policy executable; otherwise, it will be
|
1197
1217
|
treated as a config file.
|
1198
1218
|
|
1199
|
-
If a custom policy executable is configured, the CA
|
1219
|
+
If a custom policy executable is configured, the CA Puppet Server will run it
|
1200
1220
|
every time it receives a CSR. The executable will be passed the subject CN of the
|
1201
1221
|
request _as a command line argument,_ and the contents of the CSR in PEM format
|
1202
1222
|
_on stdin._ It should exit with a status of 0 if the cert should be autosigned
|
@@ -1282,7 +1302,7 @@ EOT
|
|
1282
1302
|
:manifest => {
|
1283
1303
|
:default => nil,
|
1284
1304
|
:type => :file_or_directory,
|
1285
|
-
:desc => "The entry-point manifest for
|
1305
|
+
:desc => "The entry-point manifest for the primary server. This can be one file
|
1286
1306
|
or a directory of manifests to be evaluated in alphabetical order. Puppet manages
|
1287
1307
|
this path as a directory if one exists or if the path ends with a / or \\.
|
1288
1308
|
|
@@ -1489,15 +1509,17 @@ EOT
|
|
1489
1509
|
their names should be comma-separated, with whitespace allowed. (For example,
|
1490
1510
|
`reports = http, store`.)
|
1491
1511
|
|
1492
|
-
This setting is relevant to puppet
|
1493
|
-
|
1512
|
+
This setting is relevant to puppet server and puppet apply. The primary Puppet
|
1513
|
+
server will call these report handlers with the reports it receives from
|
1494
1514
|
agent nodes, and puppet apply will call them with its own report. (In
|
1495
1515
|
all cases, the node applying the catalog must have `report = true`.)
|
1496
1516
|
|
1497
1517
|
See the report reference for information on the built-in report
|
1498
1518
|
handlers; custom report handlers can also be loaded from modules.
|
1499
1519
|
(Report handlers are loaded from the lib directory, at
|
1500
|
-
`puppet/reports/NAME.rb`.)
|
1520
|
+
`puppet/reports/NAME.rb`.)
|
1521
|
+
|
1522
|
+
To turn off reports entirely, set this to `none`",
|
1501
1523
|
},
|
1502
1524
|
:reportdir => {
|
1503
1525
|
:default => "$vardir/reports",
|
@@ -1556,7 +1578,7 @@ EOT
|
|
1556
1578
|
:node_name_value => {
|
1557
1579
|
:default => "$certname",
|
1558
1580
|
:desc => "The explicit value used for the node name for all requests the agent
|
1559
|
-
makes to the
|
1581
|
+
makes to the primary server. WARNING: This setting is mutually exclusive with
|
1560
1582
|
node_name_fact. Changing this setting also requires changes to the default
|
1561
1583
|
auth.conf configuration on the Puppet Master. Please see
|
1562
1584
|
http://links.puppet.com/node_name_value for more information."
|
@@ -1564,7 +1586,7 @@ EOT
|
|
1564
1586
|
:node_name_fact => {
|
1565
1587
|
:default => "",
|
1566
1588
|
:desc => "The fact name used to determine the node name used for all requests the agent
|
1567
|
-
makes to the
|
1589
|
+
makes to the primary server. WARNING: This setting is mutually exclusive with
|
1568
1590
|
node_name_value. Changing this setting also requires changes to the default
|
1569
1591
|
auth.conf configuration on the Puppet Master. Please see
|
1570
1592
|
http://links.puppet.com/node_name_fact for more information.",
|
@@ -1578,8 +1600,8 @@ EOT
|
|
1578
1600
|
:default => "$statedir/state.yaml",
|
1579
1601
|
:type => :file,
|
1580
1602
|
:mode => "0640",
|
1581
|
-
:desc => "Where
|
1582
|
-
with the running configuration. In the case of
|
1603
|
+
:desc => "Where Puppet agent and Puppet Server store state associated
|
1604
|
+
with the running configuration. In the case of Puppet Server,
|
1583
1605
|
this file reflects the state discovered through interacting
|
1584
1606
|
with clients."
|
1585
1607
|
},
|
@@ -1616,6 +1638,12 @@ EOT
|
|
1616
1638
|
:mode => "0750",
|
1617
1639
|
:desc => "The directory in which serialized data is stored on the client."
|
1618
1640
|
},
|
1641
|
+
:write_catalog_summary => {
|
1642
|
+
:default => true,
|
1643
|
+
:type => :boolean,
|
1644
|
+
:desc => "Whether to write the `classfile` and `resourcefile` after applying
|
1645
|
+
the catalog. It is enabled by default, except when running `puppet apply`.",
|
1646
|
+
},
|
1619
1647
|
:classfile => {
|
1620
1648
|
:default => "$statedir/classes.txt",
|
1621
1649
|
:type => :file,
|
@@ -1642,11 +1670,11 @@ EOT
|
|
1642
1670
|
the POSIX syslog service and the Windows Event Log are unavailable. (Currently,
|
1643
1671
|
no supported operating systems match that description.)
|
1644
1672
|
|
1645
|
-
Despite the name, both puppet agent and puppet
|
1673
|
+
Despite the name, both puppet agent and puppet server will use this file
|
1646
1674
|
as the fallback logging destination.
|
1647
1675
|
|
1648
1676
|
For control over logging destinations, see the `--logdest` command line
|
1649
|
-
option in the manual pages for puppet
|
1677
|
+
option in the manual pages for puppet server, puppet agent, and puppet
|
1650
1678
|
apply. You can see man pages by running `puppet <SUBCOMMAND> --help`,
|
1651
1679
|
or read them online at https://puppet.com/docs/puppet/latest/man/."
|
1652
1680
|
},
|
@@ -1660,12 +1688,12 @@ EOT
|
|
1660
1688
|
},
|
1661
1689
|
:server => {
|
1662
1690
|
:default => "puppet",
|
1663
|
-
:desc => "The
|
1691
|
+
:desc => "The primary Puppet server to which the Puppet agent should connect.",
|
1664
1692
|
},
|
1665
1693
|
:server_list => {
|
1666
1694
|
:default => [],
|
1667
1695
|
:type => :server_list,
|
1668
|
-
:desc => "The list of
|
1696
|
+
:desc => "The list of primary Puppet servers to which the Puppet agent should connect,
|
1669
1697
|
in the order that they will be tried.",
|
1670
1698
|
},
|
1671
1699
|
:use_srv_records => {
|
@@ -1680,7 +1708,7 @@ EOT
|
|
1680
1708
|
:http_extra_headers => {
|
1681
1709
|
:default => [],
|
1682
1710
|
:type => :http_extra_headers,
|
1683
|
-
:desc => "The list of extra headers that will be sent with http requests to the
|
1711
|
+
:desc => "The list of extra headers that will be sent with http requests to the primary server.
|
1684
1712
|
The header definition consists of a name and a value separated by a colon."
|
1685
1713
|
},
|
1686
1714
|
:ignoreschedules => {
|
@@ -1706,7 +1734,7 @@ EOT
|
|
1706
1734
|
like it does when running normally. However, if a resource attribute is not in
|
1707
1735
|
the desired state (as declared in the catalog), Puppet will take no
|
1708
1736
|
action, and will instead report the changes it _would_ have made. These
|
1709
|
-
simulated changes will appear in the report sent to the
|
1737
|
+
simulated changes will appear in the report sent to the primary Puppet server, or
|
1710
1738
|
be shown on the console if running puppet agent or puppet apply in the
|
1711
1739
|
foreground. The simulated changes will not send refresh events to any
|
1712
1740
|
subscribing or notified resources, although Puppet will log that a refresh
|
@@ -1760,7 +1788,7 @@ EOT
|
|
1760
1788
|
},
|
1761
1789
|
:agent_disabled_lockfile => {
|
1762
1790
|
:default => "$statedir/agent_disabled.lock",
|
1763
|
-
:type => :
|
1791
|
+
:type => :string,
|
1764
1792
|
:desc => "A lock file to indicate that puppet agent runs have been administratively
|
1765
1793
|
disabled. File contains a JSON object with state information.",
|
1766
1794
|
},
|
@@ -1778,7 +1806,7 @@ EOT
|
|
1778
1806
|
:desc => "Whether to only use the cached catalog rather than compiling a new catalog
|
1779
1807
|
on every run. Puppet can be run with this enabled by default and then selectively
|
1780
1808
|
disabled when a recompile is desired. Because a Puppet agent using cached catalogs
|
1781
|
-
does not contact the
|
1809
|
+
does not contact the primary server for a new catalog, it also does not upload facts at
|
1782
1810
|
the beginning of the Puppet run.",
|
1783
1811
|
},
|
1784
1812
|
:ignoremissingtypes => {
|
@@ -1786,7 +1814,7 @@ EOT
|
|
1786
1814
|
:type => :boolean,
|
1787
1815
|
:desc => "Skip searching for classes and definitions that were missing during a
|
1788
1816
|
prior compilation. The list of missing objects is maintained per-environment and
|
1789
|
-
persists until the environment is cleared or the
|
1817
|
+
persists until the environment is cleared or the primary server is restarted.",
|
1790
1818
|
},
|
1791
1819
|
:splaylimit => {
|
1792
1820
|
:default => "$runinterval",
|
@@ -1816,7 +1844,7 @@ EOT
|
|
1816
1844
|
If you restart an agent's puppet service with `splay` enabled, it
|
1817
1845
|
recalculates its splay period and delays its first agent run after
|
1818
1846
|
restarting for this new period. If you simultaneously restart a group of
|
1819
|
-
puppet agents with `splay` enabled, their checkins to your
|
1847
|
+
puppet agents with `splay` enabled, their checkins to your primary servers
|
1820
1848
|
can be distributed more evenly.",
|
1821
1849
|
},
|
1822
1850
|
:clientbucketdir => {
|
@@ -1908,7 +1936,7 @@ EOT
|
|
1908
1936
|
|
1909
1937
|
When starting for the first time, puppet agent will submit a certificate
|
1910
1938
|
signing request (CSR) to the server named in the `ca_server` setting
|
1911
|
-
(usually the
|
1939
|
+
(usually the primary Puppet server); this may be autosigned, or may need to be
|
1912
1940
|
approved by a human, depending on the CA server's configuration.
|
1913
1941
|
|
1914
1942
|
Puppet agent cannot apply configurations until its approved certificate is
|
@@ -2022,7 +2050,7 @@ EOT
|
|
2022
2050
|
:call_hook => :on_initialize_and_write, # Call our hook with the default value, so we always get the value added to facter.
|
2023
2051
|
:hook => proc do |value|
|
2024
2052
|
paths = value.split(File::PATH_SEPARATOR)
|
2025
|
-
|
2053
|
+
Puppet.runtime[:facter].search(*paths)
|
2026
2054
|
end
|
2027
2055
|
}
|
2028
2056
|
)
|