puppet 6.21.1 → 6.22.1

data/spec/unit/network/formats_spec.rb

@@ -534,4 +534,45 @@ EOT
       end
     end
   end
+
+  describe ":flat format" do
+    let(:flat) { Puppet::Network::FormatHandler.format(:flat) }
+
+    it "should include a flat format" do
+      expect(flat).to be_an_instance_of Puppet::Network::Format
+    end
+
+    [:intern, :intern_multiple].each do |method|
+      it "should not implement #{method}" do
+        expect { flat.send(method, String, 'blah') }.to raise_error NotImplementedError
+      end
+    end
+
+    context "when rendering arrays" do
+      {
+          []                           => "",
+          [1, 2]                       => "0=1\n1=2\n",
+          ["one"]                      => "0=one\n",
+          [{"one" => 1}, {"two" => 2}] => "0.one=1\n1.two=2\n",
+          [['something', 'for'], ['the', 'test']]  => "0=[\"something\", \"for\"]\n1=[\"the\", \"test\"]\n"
+      }.each_pair do |input, output|
+        it "should render #{input.inspect} as one item per line" do
+          expect(flat.render(input)).to eq(output)
+        end
+      end
+    end
+
+    context "when rendering hashes" do
+      {
+          {}                                   => "",
+          {1 => 2}                             => "1=2\n",
+          {"one" => "two"}                     => "one=two\n",
+          {[1,2] => 3, [2,3] => 5, [3,4] => 7} => "[1, 2]=3\n[2, 3]=5\n[3, 4]=7\n",
+      }.each_pair do |input, output|
+        it "should render #{input.inspect}" do
+          expect(flat.render(input)).to eq(output)
+        end
+      end
+    end
+  end
 end

data/spec/unit/network/http/factory_spec.rb

@@ -144,4 +144,23 @@ describe Puppet::Network::HTTP::Factory do
       expect(conn.local_host).to eq('127.0.0.1')
     end
   end
+
+  context 'tls' do
+    it "sets the minimum version to TLS 1.0", if: RUBY_VERSION.to_f >= 2.5 do
+      conn = create_connection(site)
+      expect(conn.min_version).to eq(OpenSSL::SSL::TLS1_VERSION)
+    end
+
+    it "defaults to ciphersuites providing 128 bits of security or greater" do
+      conn = create_connection(site)
+      expect(conn.ciphers).to eq("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256")
+    end
+
+    it "can be restricted to TLSv1.3 ciphers" do
+      tls13_ciphers = "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
+      Puppet[:ciphers] = tls13_ciphers
+      conn = create_connection(site)
+      expect(conn.ciphers).to eq(tls13_ciphers)
+    end
+  end
 end

data/spec/unit/provider/package/dnfmodule_spec.rb

@@ -123,7 +123,7 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
         provider.install
       end
 
-      it "should just enable the module if it has no default profile" do
+      it "should just enable the module if it has no default profile(missing groups or modules)" do
         dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nmissing groups or modules: #{resource[:name]}")
         allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
         resource[:ensure] = :present
@@ -132,6 +132,15 @@ describe Puppet::Type.type(:package).provider(:dnfmodule) do
         provider.install
       end
 
+      it "should just enable the module if it has no default profile(broken groups or modules)" do
+        dnf_exception = Puppet::ExecutionFailure.new("Error: Problems in request:\nbroken groups or modules: #{resource[:name]}")
+        allow(provider).to receive(:execute).with(array_including('install')).and_raise(dnf_exception)
+        resource[:ensure] = :present
+        expect(provider).to receive(:execute).with(array_including('install')).ordered
+        expect(provider).to receive(:execute).with(array_including('enable')).ordered
+        provider.install
+      end
+
       it "should just enable the module if enable_only = true" do
         resource[:ensure] = :present
         resource[:enable_only] = true

data/spec/unit/provider/service/systemd_spec.rb

@@ -200,6 +200,17 @@ describe 'Puppet::Type::Service::Provider::Systemd',
       })
     end
 
+    it "correctly parses services when list-unit-files has an additional column" do
+      expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services_vendor_preset')))
+      expect(provider_class.instances.map(&:name)).to match_array(%w{
+        arp-ethers.service
+        auditd.service
+        dbus.service
+        umountnfs.service
+        urandom.service
+      })
+    end
+
     it "should print a debug message when a service with the state `bad` is found" do
       expect(provider_class).to receive(:systemctl).with('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager').and_return(File.read(my_fixture('list_unit_files_services')))
       expect(Puppet).to receive(:debug).with("apparmor.service marked as bad by `systemctl`. It is recommended to be further checked.")

data/spec/unit/provider/user/useradd_spec.rb

@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
     before { described_class.has_feature :manages_local_users_and_groups }
 
     let(:content) do
-      <<~EOF
+      StringIO.new(<<~EOF)
       group1:x:0:myuser
       group2:x:999:
       group3:x:998:myuser
       EOF
     end
 
+    let(:content_with_empty_line) do
+      StringIO.new(<<~EOF)
+      group1:x:0:myuser
+      group2:x:999:
+      group3:x:998:myuser
+
+      EOF
+    end
+
     it "should return the local groups string when forcelocal is true" do
       resource[:forcelocal] = true
-      group1, group2, group3 = content.split
       allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
-      allow(Puppet::FileSystem).to receive(:each_line).with('/etc/group').and_yield(group1).and_yield(group2).and_yield(group3)
+      allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
       expect(provider.groups).to eq(['group1', 'group3'])
     end
 
+    it "does not raise when parsing empty lines in /etc/group" do
+      resource[:forcelocal] = true
+      allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
+      allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
+      expect { provider.groups }.not_to raise_error
+    end
+
     it "should fall back to nameservice groups when forcelocal is false" do
       resource[:forcelocal] = false
       allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])

data/spec/unit/resource/catalog_spec.rb

@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
     end
 
     it "should set itself as the catalog for each converted resource" do
-      @catalog.vertices.each { |v| expect(v.catalog.object_id).to equal(@catalog.object_id) }
+      @catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
     end
 
     # This tests #931.

data/spec/unit/util/windows/sid_spec.rb

@@ -158,6 +158,12 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
       # this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
       expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
     end
+
+    it "should print a debug message on failures" do
+      expect(Puppet).to receive(:debug).with(/Could not retrieve raw SID bytes from 'NonExistingUser'/)
+      expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal('NonExistingUser')
+    end
   end
 
   context "#ads_to_principal" do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet
 version: !ruby/object:Gem::Version
-  version: 6.21.1
+  version: 6.22.1
 platform: ruby
 authors:
 - Puppet Labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-11 00:00:00.000000000 Z
+date: 2021-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: facter
@@ -1787,6 +1787,7 @@ files:
 - spec/fixtures/unit/provider/service/smf/svcs_fmri.out
 - spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
 - spec/fixtures/unit/provider/service/systemd/list_unit_files_services
+- spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
 - spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
 - spec/fixtures/unit/reports/tagmail/tagmail_email.conf
 - spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
@@ -1875,10 +1876,8 @@ files:
 - spec/integration/util/windows/user_spec.rb
 - spec/integration/util_spec.rb
 - spec/lib/matchers/containment_matchers.rb
-- spec/lib/matchers/include.rb
 - spec/lib/matchers/include_in_order.rb
 - spec/lib/matchers/include_in_order_spec.rb
-- spec/lib/matchers/include_spec.rb
 - spec/lib/matchers/json.rb
 - spec/lib/matchers/match_tokens2.rb
 - spec/lib/matchers/relationship_graph_matchers.rb
@@ -3057,6 +3056,7 @@ test_files:
 - spec/fixtures/unit/provider/service/smf/svcs_fmri.out
 - spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out
 - spec/fixtures/unit/provider/service/systemd/list_unit_files_services
+- spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset
 - spec/fixtures/unit/provider/user/aix/aix_passwd_file.out
 - spec/fixtures/unit/reports/tagmail/tagmail_email.conf
 - spec/fixtures/unit/reports/tagmail/tagmail_failers.conf
@@ -3145,10 +3145,8 @@ test_files:
 - spec/integration/util/windows/user_spec.rb
 - spec/integration/util_spec.rb
 - spec/lib/matchers/containment_matchers.rb
-- spec/lib/matchers/include.rb
 - spec/lib/matchers/include_in_order.rb
 - spec/lib/matchers/include_in_order_spec.rb
-- spec/lib/matchers/include_spec.rb
 - spec/lib/matchers/json.rb
 - spec/lib/matchers/match_tokens2.rb
 - spec/lib/matchers/relationship_graph_matchers.rb

data/spec/lib/matchers/include.rb

@@ -1,27 +0,0 @@
-module Matchers; module Include
-  extend RSpec::Matchers::DSL
-
-  matcher :include_in_any_order do |*matchers|
-    match do |enumerable|
-      @not_matched = []
-      expected_as_array.each do |matcher|
-        if enumerable.empty?
-          break
-        end
-
-        if found = enumerable.find { |elem| matcher.matches?(elem) }
-          enumerable = enumerable.reject { |elem| elem == found }
-        else
-          @not_matched << matcher
-        end
-      end
-
-
-      @not_matched.empty? && enumerable.empty?
-    end
-
-    failure_message do |enumerable|
-      "did not match #{@not_matched.collect(&:description).join(', ')} in #{enumerable.inspect}: <#{@not_matched.collect(&:failure_message).join('>, <')}>"
-    end
-  end
-end; end

data/spec/lib/matchers/include_spec.rb

@@ -1,32 +0,0 @@
-require 'spec_helper'
-require 'matchers/include'
-
-describe "include matchers" do
-  include Matchers::Include
-
-  context :include_in_any_order do
-    it "matches an empty list" do
-      expect([]).to include_in_any_order()
-    end
-
-    it "matches a list with a single element" do
-      expect([1]).to include_in_any_order(eq(1))
-    end
-
-    it "does not match when an expected element is missing" do
-      expect([1]).to_not include_in_any_order(eq(2))
-    end
-
-    it "matches a list with 2 elements in a different order from the expectation" do
-      expect([1, 2]).to include_in_any_order(eq(2), eq(1))
-    end
-
-    it "does not match when there are more than just the expected elements" do
-      expect([1, 2]).to_not include_in_any_order(eq(1))
-    end
-
-    it "matches multiple, equal elements when there are multiple, equal exepectations" do
-      expect([1, 1]).to include_in_any_order(eq(1), eq(1))
-    end
-  end
-end