puppet 6.22.1-x86-mingw32 → 6.25.1-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +2 -2
- data/Gemfile.lock +20 -20
- data/README.md +4 -4
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +1 -0
- data/lib/puppet/application/agent.rb +16 -5
- data/lib/puppet/application/apply.rb +22 -3
- data/lib/puppet/application/device.rb +2 -1
- data/lib/puppet/application/filebucket.rb +1 -0
- data/lib/puppet/application/resource.rb +32 -16
- data/lib/puppet/application/script.rb +2 -1
- data/lib/puppet/application/ssl.rb +1 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
- data/lib/puppet/configurer/downloader.rb +2 -1
- data/lib/puppet/configurer.rb +144 -56
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +47 -33
- data/lib/puppet/environments.rb +75 -25
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/node/clean.rb +11 -0
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/file_serving/configuration/parser.rb +2 -0
- data/lib/puppet/file_serving/configuration.rb +3 -0
- data/lib/puppet/file_serving/fileset.rb +14 -2
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_system/file_impl.rb +3 -1
- data/lib/puppet/file_system/windows.rb +2 -2
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/http/client.rb +1 -1
- data/lib/puppet/http/redirector.rb +5 -0
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +75 -1
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/indirector/catalog/compiler.rb +25 -6
- data/lib/puppet/indirector/catalog/rest.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/resource/ral.rb +6 -1
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/interface/documentation.rb +1 -0
- data/lib/puppet/module/plan.rb +0 -1
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +12 -4
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/node/environment.rb +10 -11
- data/lib/puppet/pal/pal_impl.rb +1 -1
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/parser/resource.rb +1 -1
- data/lib/puppet/parser/scope.rb +1 -0
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/pops/evaluator/closure.rb +7 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
- data/lib/puppet/pops/model/ast.rb +1 -0
- data/lib/puppet/pops/model/factory.rb +2 -1
- data/lib/puppet/pops/parser/eparser.rb +201 -201
- data/lib/puppet/pops/parser/lexer2.rb +92 -91
- data/lib/puppet/pops/parser/slurp_support.rb +1 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/pops/types/type_formatter.rb +4 -3
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/group/groupadd.rb +5 -2
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/package/pip.rb +15 -3
- data/lib/puppet/provider/package/pkg.rb +19 -2
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +3 -0
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/init.rb +5 -5
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +3 -3
- data/lib/puppet/provider/service/systemd.rb +15 -5
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/aix.rb +44 -1
- data/lib/puppet/provider/user/directoryservice.rb +26 -13
- data/lib/puppet/provider/user/useradd.rb +72 -16
- data/lib/puppet/provider.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type_collection.rb +1 -0
- data/lib/puppet/resource.rb +38 -5
- data/lib/puppet/runtime.rb +11 -1
- data/lib/puppet/settings.rb +32 -9
- data/lib/puppet/test/test_helper.rb +4 -1
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +11 -1
- data/lib/puppet/transaction/report.rb +15 -1
- data/lib/puppet/type/exec.rb +35 -5
- data/lib/puppet/type/file/mode.rb +6 -0
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file.rb +25 -7
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/group.rb +0 -1
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +26 -41
- data/lib/puppet/type/tidy.rb +22 -3
- data/lib/puppet/type/user.rb +38 -21
- data/lib/puppet/type.rb +1 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/json.rb +3 -0
- data/lib/puppet/util/log.rb +1 -2
- data/lib/puppet/util/logging.rb +1 -25
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/util/suidmanager.rb +1 -2
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/tagging.rb +1 -0
- data/lib/puppet/util/windows/service.rb +0 -5
- data/lib/puppet/util/windows/sid.rb +3 -1
- data/lib/puppet/util/windows/user.rb +0 -2
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util.rb +4 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +5 -9
- data/locales/puppet.pot +408 -364
- data/man/man5/puppet.conf.5 +303 -275
- data/man/man8/puppet-agent.8 +4 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -8
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +7 -7
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +3 -3
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +4 -4
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +2 -1
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/integration/application/agent_spec.rb +141 -37
- data/spec/integration/application/filebucket_spec.rb +16 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/resource_spec.rb +64 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/configurer_spec.rb +18 -2
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/indirector/facts/facter_spec.rb +93 -39
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/parser/pcore_resource_spec.rb +10 -0
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/integration/type/file_spec.rb +2 -2
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +1 -9
- data/spec/lib/puppet/test_ca.rb +7 -2
- data/spec/lib/puppet_spec/modules.rb +13 -2
- data/spec/lib/puppet_spec/puppetserver.rb +15 -0
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_contexts/l10n.rb +27 -0
- data/spec/spec_helper.rb +1 -10
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/application/apply_spec.rb +76 -56
- data/spec/unit/application/resource_spec.rb +29 -0
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +256 -57
- data/spec/unit/defaults_spec.rb +1 -0
- data/spec/unit/environments_spec.rb +184 -0
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
- data/spec/unit/file_serving/configuration_spec.rb +14 -4
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_system_spec.rb +13 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/logging_spec.rb +1 -0
- data/spec/unit/functions/lookup_spec.rb +64 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/client_spec.rb +58 -1
- data/spec/unit/http/service/compiler_spec.rb +131 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +101 -10
- data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
- data/spec/unit/indirector/indirection_spec.rb +10 -3
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/interface/action_spec.rb +0 -9
- data/spec/unit/module_spec.rb +15 -1
- data/spec/unit/module_tool/applications/installer_spec.rb +51 -12
- data/spec/unit/network/authstore_spec.rb +0 -15
- data/spec/unit/network/formats_spec.rb +6 -0
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
- data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
- data/spec/unit/provider/package/gem_spec.rb +1 -1
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +38 -1
- data/spec/unit/provider/package/pkg_spec.rb +29 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/launchd_spec.rb +11 -0
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/systemd_spec.rb +43 -9
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/aix_spec.rb +100 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +68 -36
- data/spec/unit/provider/user/useradd_spec.rb +43 -2
- data/spec/unit/provider_spec.rb +4 -4
- data/spec/unit/puppet_spec.rb +12 -4
- data/spec/unit/resource/catalog_spec.rb +14 -1
- data/spec/unit/resource_spec.rb +58 -2
- data/spec/unit/settings_spec.rb +97 -56
- data/spec/unit/ssl/certificate_request_spec.rb +8 -14
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/service_spec.rb +86 -188
- data/spec/unit/type/tidy_spec.rb +24 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/logging_spec.rb +2 -0
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/spec/unit/util/windows/sid_spec.rb +39 -4
- data/tasks/generate_cert_fixtures.rake +12 -3
- data/tasks/parallel.rake +3 -3
- metadata +49 -95
- data/ext/README.environment +0 -8
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -339
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -33
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -842
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -71
- data/ext/solaris/smf/svc-puppetmasterd +0 -67
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/yaml_nodes.rb +0 -105
- data/spec/unit/indirector/store_configs_spec.rb +0 -7
data/spec/unit/type/user_spec.rb
CHANGED
@@ -174,6 +174,51 @@ describe Puppet::Type.type(:user) do
|
|
174
174
|
end
|
175
175
|
end
|
176
176
|
|
177
|
+
describe "when managing the purge_ssh_keys property" do
|
178
|
+
context "with valid input" do
|
179
|
+
it "should support a :true value" do
|
180
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :true) }.to_not raise_error
|
181
|
+
end
|
182
|
+
|
183
|
+
it "should support a :false value" do
|
184
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :false) }.to_not raise_error
|
185
|
+
end
|
186
|
+
|
187
|
+
it "should support a String value" do
|
188
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => File.expand_path('home/foo/.ssh/authorized_keys')) }.to_not raise_error
|
189
|
+
end
|
190
|
+
|
191
|
+
it "should support an Array value" do
|
192
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => [File.expand_path('home/foo/.ssh/authorized_keys'),
|
193
|
+
File.expand_path('custom/authorized_keys')]) }.to_not raise_error
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
context "with faulty input" do
|
198
|
+
it "should raise error for relative path" do
|
199
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => 'home/foo/.ssh/authorized_keys') }.to raise_error(Puppet::ResourceError,
|
200
|
+
/Paths to keyfiles must be absolute/ )
|
201
|
+
end
|
202
|
+
|
203
|
+
it "should raise error for invalid type" do
|
204
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :invalid) }.to raise_error(Puppet::ResourceError,
|
205
|
+
/purge_ssh_keys must be true, false, or an array of file names/ )
|
206
|
+
end
|
207
|
+
|
208
|
+
it "should raise error for array with relative path" do
|
209
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => ['home/foo/.ssh/authorized_keys',
|
210
|
+
File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
|
211
|
+
/Paths to keyfiles must be absolute/ )
|
212
|
+
end
|
213
|
+
|
214
|
+
it "should raise error for array with invalid type" do
|
215
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => [:invalid,
|
216
|
+
File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
|
217
|
+
/Each entry for purge_ssh_keys must be a string/ )
|
218
|
+
end
|
219
|
+
end
|
220
|
+
end
|
221
|
+
|
177
222
|
describe "when managing the uid property" do
|
178
223
|
it "should convert number-looking strings into actual numbers" do
|
179
224
|
expect(described_class.new(:name => 'foo', :uid => '50')[:uid]).to eq(50)
|
data/spec/unit/type_spec.rb
CHANGED
@@ -1122,7 +1122,7 @@ describe Puppet::Type, :unless => Puppet::Util::Platform.windows? do
|
|
1122
1122
|
|
1123
1123
|
before :each do
|
1124
1124
|
type.provide(:default) do
|
1125
|
-
defaultfor :operatingsystem =>
|
1125
|
+
defaultfor :operatingsystem => Puppet.runtime[:facter].value(:operatingsystem)
|
1126
1126
|
mk_resource_methods
|
1127
1127
|
class << self
|
1128
1128
|
attr_accessor :params
|
@@ -1152,7 +1152,7 @@ describe Puppet::Type, :unless => Puppet::Util::Platform.windows? do
|
|
1152
1152
|
context "with a default provider" do
|
1153
1153
|
before :each do
|
1154
1154
|
type.provide(:default) do
|
1155
|
-
defaultfor :operatingsystem =>
|
1155
|
+
defaultfor :operatingsystem => Puppet.runtime[:facter].value(:operatingsystem)
|
1156
1156
|
mk_resource_methods
|
1157
1157
|
class << self
|
1158
1158
|
attr_accessor :names
|
@@ -552,6 +552,7 @@ original
|
|
552
552
|
|
553
553
|
describe 'does support debugging' do
|
554
554
|
before :each do
|
555
|
+
allow(Facter).to receive(:respond_to?).with(:on_message).and_return(true)
|
555
556
|
allow(Facter).to receive(:respond_to?).with(:debugging, any_args).and_return(true)
|
556
557
|
end
|
557
558
|
|
@@ -568,6 +569,7 @@ original
|
|
568
569
|
|
569
570
|
describe 'does support trace' do
|
570
571
|
before :each do
|
572
|
+
allow(Facter).to receive(:respond_to?).with(:on_message)
|
571
573
|
allow(Facter).to receive(:respond_to?).with(:trace, any_args).and_return(true)
|
572
574
|
end
|
573
575
|
|
@@ -3,26 +3,29 @@ require 'spec_helper'
|
|
3
3
|
require 'pathname'
|
4
4
|
require 'puppet/util/selinux'
|
5
5
|
|
6
|
-
unless defined?(Selinux)
|
7
|
-
module Selinux
|
8
|
-
def self.is_selinux_enabled
|
9
|
-
false
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
6
|
describe Puppet::Util::SELinux do
|
15
7
|
include Puppet::Util::SELinux
|
16
8
|
|
9
|
+
let(:selinux) { double('selinux', is_selinux_enabled: false) }
|
10
|
+
|
11
|
+
before :each do
|
12
|
+
stub_const('Selinux', selinux)
|
13
|
+
end
|
14
|
+
|
17
15
|
describe "selinux_support?" do
|
18
|
-
it "should return
|
16
|
+
it "should return true if this system has SELinux enabled" do
|
19
17
|
expect(Selinux).to receive(:is_selinux_enabled).and_return(1)
|
20
|
-
expect(selinux_support?).to
|
18
|
+
expect(selinux_support?).to eq(true)
|
21
19
|
end
|
22
20
|
|
23
|
-
it "should return
|
21
|
+
it "should return false if this system has SELinux disabled" do
|
24
22
|
expect(Selinux).to receive(:is_selinux_enabled).and_return(0)
|
25
|
-
expect(selinux_support?).to
|
23
|
+
expect(selinux_support?).to eq(false)
|
24
|
+
end
|
25
|
+
|
26
|
+
it "should return false if this system lacks SELinux" do
|
27
|
+
hide_const('Selinux')
|
28
|
+
expect(selinux_support?).to eq(false)
|
26
29
|
end
|
27
30
|
|
28
31
|
it "should return nil if /proc/mounts does not exist" do
|
@@ -156,7 +159,7 @@ describe Puppet::Util::SELinux do
|
|
156
159
|
end
|
157
160
|
end
|
158
161
|
|
159
|
-
it "handles no such file or directory errors by issuing a warning" do
|
162
|
+
it "backward compatibly handles no such file or directory errors by issuing a warning when resource_ensure not set" do
|
160
163
|
without_partial_double_verification do
|
161
164
|
allow(self).to receive(:selinux_support?).and_return(true)
|
162
165
|
allow(self).to receive(:selinux_label_support?).and_return(true)
|
@@ -167,6 +170,51 @@ describe Puppet::Util::SELinux do
|
|
167
170
|
end
|
168
171
|
end
|
169
172
|
|
173
|
+
it "should determine mode based on resource ensure when set to file" do
|
174
|
+
without_partial_double_verification do
|
175
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
176
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
177
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 32768).and_return(-1)
|
178
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
179
|
+
|
180
|
+
expect(get_selinux_default_context("/root/chuj", :present)).to be_nil
|
181
|
+
expect(get_selinux_default_context("/root/chuj", :file)).to be_nil
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
it "should determine mode based on resource ensure when set to dir" do
|
186
|
+
without_partial_double_verification do
|
187
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
188
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
189
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 16384).and_return(-1)
|
190
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
191
|
+
|
192
|
+
expect(get_selinux_default_context("/root/chuj", :directory)).to be_nil
|
193
|
+
end
|
194
|
+
end
|
195
|
+
|
196
|
+
it "should determine mode based on resource ensure when set to link" do
|
197
|
+
without_partial_double_verification do
|
198
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
199
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
200
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 40960).and_return(-1)
|
201
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
202
|
+
|
203
|
+
expect(get_selinux_default_context("/root/chuj", :link)).to be_nil
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
it "should determine mode based on resource ensure when set to unknown" do
|
208
|
+
without_partial_double_verification do
|
209
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
210
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
211
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
|
212
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
213
|
+
|
214
|
+
expect(get_selinux_default_context("/root/chuj", "unknown")).to be_nil
|
215
|
+
end
|
216
|
+
end
|
217
|
+
|
170
218
|
it "should return nil if matchpathcon returns failure" do
|
171
219
|
without_partial_double_verification do
|
172
220
|
expect(self).to receive(:selinux_support?).and_return(true)
|
@@ -326,21 +374,44 @@ describe Puppet::Util::SELinux do
|
|
326
374
|
end
|
327
375
|
|
328
376
|
it "should return nil if no default context exists" do
|
329
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return(nil)
|
377
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return(nil)
|
330
378
|
expect(set_selinux_default_context("/foo")).to be_nil
|
331
379
|
end
|
332
380
|
|
333
381
|
it "should do nothing and return nil if the current context matches the default context" do
|
334
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return("user_u:role_r:type_t")
|
382
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return("user_u:role_r:type_t")
|
335
383
|
expect(self).to receive(:get_selinux_current_context).with("/foo").and_return("user_u:role_r:type_t")
|
336
384
|
expect(set_selinux_default_context("/foo")).to be_nil
|
337
385
|
end
|
338
386
|
|
339
387
|
it "should set and return the default context if current and default do not match" do
|
340
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return("user_u:role_r:type_t")
|
388
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return("user_u:role_r:type_t")
|
341
389
|
expect(self).to receive(:get_selinux_current_context).with("/foo").and_return("olduser_u:role_r:type_t")
|
342
390
|
expect(self).to receive(:set_selinux_context).with("/foo", "user_u:role_r:type_t").and_return(true)
|
343
391
|
expect(set_selinux_default_context("/foo")).to eq("user_u:role_r:type_t")
|
344
392
|
end
|
345
393
|
end
|
394
|
+
|
395
|
+
describe "get_create_mode" do
|
396
|
+
it "should return 0 if the resource is absent" do
|
397
|
+
expect(get_create_mode(:absent)).to eq(0)
|
398
|
+
end
|
399
|
+
|
400
|
+
it "should return mode with file type set to S_IFREG when resource is file" do
|
401
|
+
expect(get_create_mode(:present)).to eq(32768)
|
402
|
+
expect(get_create_mode(:file)).to eq(32768)
|
403
|
+
end
|
404
|
+
|
405
|
+
it "should return mode with file type set to S_IFDIR when resource is dir" do
|
406
|
+
expect(get_create_mode(:directory)).to eq(16384)
|
407
|
+
end
|
408
|
+
|
409
|
+
it "should return mode with file type set to S_IFLNK when resource is link" do
|
410
|
+
expect(get_create_mode(:link)).to eq(40960)
|
411
|
+
end
|
412
|
+
|
413
|
+
it "should return 0 for everything else" do
|
414
|
+
expect(get_create_mode("unknown")).to eq(0)
|
415
|
+
end
|
416
|
+
end
|
346
417
|
end
|
@@ -131,38 +131,73 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
|
|
131
131
|
expect(subject.name_to_principal(unknown_name)).to be_nil
|
132
132
|
end
|
133
133
|
|
134
|
+
it "should print a debug message if the account does not exist" do
|
135
|
+
expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
136
|
+
subject.name_to_principal(unknown_name)
|
137
|
+
end
|
138
|
+
|
134
139
|
it "should return a Puppet::Util::Windows::SID::Principal instance for any valid sid" do
|
135
140
|
expect(subject.name_to_principal(sid)).to be_an_instance_of(Puppet::Util::Windows::SID::Principal)
|
136
141
|
end
|
137
142
|
|
143
|
+
it "should not print debug messages for valid sid" do
|
144
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
145
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
146
|
+
subject.name_to_principal(sid)
|
147
|
+
end
|
148
|
+
|
149
|
+
it "should print a debug message for invalid sid" do
|
150
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
151
|
+
expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
152
|
+
subject.name_to_principal('S-1-5-21-INVALID-SID')
|
153
|
+
end
|
154
|
+
|
138
155
|
it "should accept unqualified account name" do
|
139
156
|
# NOTE: lookup by name works in localized environments only for a few instances
|
140
157
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
141
158
|
expect(subject.name_to_principal('SYSTEM').sid).to eq(sid)
|
142
159
|
end
|
143
160
|
|
161
|
+
it "should not print debug messages for unqualified account name" do
|
162
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
163
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
164
|
+
subject.name_to_principal('SYSTEM')
|
165
|
+
end
|
166
|
+
|
144
167
|
it "should be case-insensitive" do
|
145
168
|
# NOTE: lookup by name works in localized environments only for a few instances
|
146
169
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
147
170
|
expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal('system'))
|
148
171
|
end
|
149
172
|
|
173
|
+
it "should not print debug messages for wrongly cased account name" do
|
174
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
175
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
176
|
+
subject.name_to_principal('system')
|
177
|
+
end
|
178
|
+
|
150
179
|
it "should be leading and trailing whitespace-insensitive" do
|
151
180
|
# NOTE: lookup by name works in localized environments only for a few instances
|
152
181
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
153
182
|
expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal(' SYSTEM '))
|
154
183
|
end
|
155
184
|
|
185
|
+
it "should not print debug messages for account name with leading and trailing whitespace" do
|
186
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
187
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
188
|
+
subject.name_to_principal(' SYSTEM ')
|
189
|
+
end
|
190
|
+
|
156
191
|
it "should accept domain qualified account names" do
|
157
192
|
# NOTE: lookup by name works in localized environments only for a few instances
|
158
193
|
# this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
|
159
194
|
expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
|
160
195
|
end
|
161
196
|
|
162
|
-
it "should print
|
163
|
-
expect(Puppet).
|
164
|
-
expect(Puppet).
|
165
|
-
subject.name_to_principal('
|
197
|
+
it "should not print debug messages for domain qualified account names" do
|
198
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
199
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
200
|
+
subject.name_to_principal('NT AUTHORITY\SYSTEM')
|
166
201
|
end
|
167
202
|
end
|
168
203
|
|
@@ -40,6 +40,7 @@ task(:gen_cert_fixtures) do
|
|
40
40
|
# 127.0.0.1.pem | +- /CN=127.0.0.1 (with dns alt names)
|
41
41
|
# tampered-cert.pem | +- /CN=signed (with different public key)
|
42
42
|
# ec.pem | +- /CN=ec (with EC private key)
|
43
|
+
# oid.pem | +- /CN=oid (with custom oid)
|
43
44
|
# |
|
44
45
|
# + /CN=Test CA Agent Subauthority
|
45
46
|
# | |
|
@@ -49,7 +50,7 @@ task(:gen_cert_fixtures) do
|
|
49
50
|
#
|
50
51
|
# bad-basic-constraints.pem /CN=Test CA (bad isCA constraint)
|
51
52
|
#
|
52
|
-
# unknown-ca.
|
53
|
+
# unknown-ca.pem /CN=Unknown CA
|
53
54
|
# |
|
54
55
|
# unknown-127.0.0.1.pem +- /CN=127.0.0.1
|
55
56
|
#
|
@@ -103,6 +104,14 @@ task(:gen_cert_fixtures) do
|
|
103
104
|
save(dir, '127.0.0.1.pem', signed[:cert])
|
104
105
|
save(dir, '127.0.0.1-key.pem', signed[:private_key])
|
105
106
|
|
107
|
+
# Create an SSL cert with extensions containing custom oids
|
108
|
+
extensions = [
|
109
|
+
['1.3.6.1.4.1.34380.1.2.1.1', OpenSSL::ASN1::UTF8String.new('somevalue'), false],
|
110
|
+
]
|
111
|
+
oid = ca.create_cert('oid', inter[:cert], inter[:private_key], extensions: extensions)
|
112
|
+
save(dir, 'oid.pem', oid[:cert])
|
113
|
+
save(dir, 'oid-key.pem', oid[:private_key])
|
114
|
+
|
106
115
|
# Create a leaf/entity key and cert for host "revoked", issued by "Test CA Subauthority"
|
107
116
|
# and revoke the cert
|
108
117
|
revoked = ca.create_cert('revoked', inter[:cert], inter[:private_key])
|
@@ -173,12 +182,12 @@ task(:gen_cert_fixtures) do
|
|
173
182
|
|
174
183
|
# Create a request, but replace its public key after it's signed
|
175
184
|
tampered_csr = ca.create_request('signed')[:csr]
|
176
|
-
tampered_csr.public_key = OpenSSL::PKey::RSA.new(
|
185
|
+
tampered_csr.public_key = OpenSSL::PKey::RSA.new(2048).public_key
|
177
186
|
save(dir, 'tampered-csr.pem', tampered_csr)
|
178
187
|
|
179
188
|
# Create a cert issued from the real intermediate CA, but replace its
|
180
189
|
# public key
|
181
190
|
tampered_cert = ca.create_cert('signed', inter[:cert], inter[:private_key])[:cert]
|
182
|
-
tampered_cert.public_key = OpenSSL::PKey::RSA.new(
|
191
|
+
tampered_cert.public_key = OpenSSL::PKey::RSA.new(2048).public_key
|
183
192
|
save(dir, 'tampered-cert.pem', tampered_cert)
|
184
193
|
end
|
data/tasks/parallel.rake
CHANGED
@@ -5,9 +5,9 @@ require 'thread'
|
|
5
5
|
begin
|
6
6
|
require 'rspec'
|
7
7
|
require 'rspec/core/formatters/helpers'
|
8
|
-
require '
|
8
|
+
require 'etc'
|
9
9
|
rescue LoadError
|
10
|
-
# Don't define the task if we don't have rspec
|
10
|
+
# Don't define the task if we don't have rspec present
|
11
11
|
else
|
12
12
|
module Parallel
|
13
13
|
module RSpec
|
@@ -401,7 +401,7 @@ else
|
|
401
401
|
# Default group size in rspec examples
|
402
402
|
DEFAULT_GROUP_SIZE = 1000
|
403
403
|
|
404
|
-
process_count = [(args[:process_count] ||
|
404
|
+
process_count = [(args[:process_count] || Etc.nprocessors).to_i, 1].max
|
405
405
|
group_size = [(args[:group_size] || DEFAULT_GROUP_SIZE).to_i, 1].max
|
406
406
|
|
407
407
|
abort unless Parallel::RSpec::Parallelizer.new(process_count, group_size, color_output?, args.extras).run
|