puppet 6.23.0-universal-darwin → 6.24.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (119) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +5 -5
  3. data/Gemfile.lock +8 -8
  4. data/README.md +4 -4
  5. data/ext/project_data.yaml +1 -0
  6. data/lib/puppet/application/filebucket.rb +1 -0
  7. data/lib/puppet/application/resource.rb +15 -2
  8. data/lib/puppet/application/ssl.rb +1 -0
  9. data/lib/puppet/environments.rb +10 -0
  10. data/lib/puppet/face/help/action.erb +1 -0
  11. data/lib/puppet/face/help/face.erb +1 -0
  12. data/lib/puppet/face/node/clean.rb +11 -0
  13. data/lib/puppet/file_system/file_impl.rb +1 -1
  14. data/lib/puppet/file_system/windows.rb +2 -2
  15. data/lib/puppet/forge.rb +3 -3
  16. data/lib/puppet/functions/empty.rb +8 -0
  17. data/lib/puppet/functions/strftime.rb +1 -0
  18. data/lib/puppet/functions/unwrap.rb +17 -2
  19. data/lib/puppet/indirector/resource/ral.rb +6 -1
  20. data/lib/puppet/interface/documentation.rb +1 -0
  21. data/lib/puppet/module_tool/applications/installer.rb +4 -0
  22. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  23. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  24. data/lib/puppet/provider/exec/posix.rb +16 -4
  25. data/lib/puppet/provider/package/pip.rb +15 -3
  26. data/lib/puppet/provider/parsedfile.rb +3 -0
  27. data/lib/puppet/settings.rb +30 -7
  28. data/lib/puppet/type/exec.rb +16 -3
  29. data/lib/puppet/type/file/mode.rb +6 -0
  30. data/lib/puppet/type/tidy.rb +1 -1
  31. data/lib/puppet/util/symbolic_file_mode.rb +29 -17
  32. data/lib/puppet/util/windows/sid.rb +3 -1
  33. data/lib/puppet/version.rb +1 -1
  34. data/lib/puppet.rb +3 -3
  35. data/locales/puppet.pot +154 -134
  36. data/man/man5/puppet.conf.5 +2 -2
  37. data/man/man8/puppet-agent.8 +1 -1
  38. data/man/man8/puppet-apply.8 +1 -1
  39. data/man/man8/puppet-catalog.8 +9 -9
  40. data/man/man8/puppet-config.8 +1 -1
  41. data/man/man8/puppet-describe.8 +1 -1
  42. data/man/man8/puppet-device.8 +1 -1
  43. data/man/man8/puppet-doc.8 +1 -1
  44. data/man/man8/puppet-epp.8 +1 -1
  45. data/man/man8/puppet-facts.8 +8 -8
  46. data/man/man8/puppet-filebucket.8 +1 -1
  47. data/man/man8/puppet-generate.8 +1 -1
  48. data/man/man8/puppet-help.8 +1 -1
  49. data/man/man8/puppet-key.8 +7 -7
  50. data/man/man8/puppet-lookup.8 +1 -1
  51. data/man/man8/puppet-man.8 +1 -1
  52. data/man/man8/puppet-module.8 +1 -1
  53. data/man/man8/puppet-node.8 +5 -5
  54. data/man/man8/puppet-parser.8 +1 -1
  55. data/man/man8/puppet-plugin.8 +1 -1
  56. data/man/man8/puppet-report.8 +5 -5
  57. data/man/man8/puppet-resource.8 +1 -1
  58. data/man/man8/puppet-script.8 +1 -1
  59. data/man/man8/puppet-ssl.8 +1 -1
  60. data/man/man8/puppet-status.8 +4 -4
  61. data/man/man8/puppet.8 +2 -2
  62. data/spec/fixtures/ssl/127.0.0.1-key.pem +106 -106
  63. data/spec/fixtures/ssl/127.0.0.1.pem +48 -48
  64. data/spec/fixtures/ssl/bad-basic-constraints.pem +54 -54
  65. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +51 -51
  66. data/spec/fixtures/ssl/ca.pem +52 -52
  67. data/spec/fixtures/ssl/crl.pem +25 -25
  68. data/spec/fixtures/ssl/ec-key.pem +11 -11
  69. data/spec/fixtures/ssl/ec.pem +32 -32
  70. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  71. data/spec/fixtures/ssl/encrypted-key.pem +107 -107
  72. data/spec/fixtures/ssl/intermediate-agent-crl.pem +25 -25
  73. data/spec/fixtures/ssl/intermediate-agent.pem +54 -54
  74. data/spec/fixtures/ssl/intermediate-crl.pem +28 -28
  75. data/spec/fixtures/ssl/intermediate.pem +51 -51
  76. data/spec/fixtures/ssl/oid-key.pem +117 -0
  77. data/spec/fixtures/ssl/oid.pem +69 -0
  78. data/spec/fixtures/ssl/pluto-key.pem +106 -106
  79. data/spec/fixtures/ssl/pluto.pem +50 -50
  80. data/spec/fixtures/ssl/request-key.pem +106 -106
  81. data/spec/fixtures/ssl/request.pem +45 -45
  82. data/spec/fixtures/ssl/revoked-key.pem +106 -106
  83. data/spec/fixtures/ssl/revoked.pem +49 -49
  84. data/spec/fixtures/ssl/signed-key.pem +106 -106
  85. data/spec/fixtures/ssl/signed.pem +47 -47
  86. data/spec/fixtures/ssl/tampered-cert.pem +49 -49
  87. data/spec/fixtures/ssl/tampered-csr.pem +45 -45
  88. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  89. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +106 -106
  90. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -48
  91. data/spec/fixtures/ssl/unknown-ca-key.pem +106 -106
  92. data/spec/fixtures/ssl/unknown-ca.pem +52 -52
  93. data/spec/integration/application/filebucket_spec.rb +11 -0
  94. data/spec/integration/application/module_spec.rb +21 -0
  95. data/spec/integration/application/resource_spec.rb +35 -1
  96. data/spec/integration/application/ssl_spec.rb +20 -0
  97. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  98. data/spec/integration/indirector/facts/facter_spec.rb +90 -36
  99. data/spec/integration/type/exec_spec.rb +70 -45
  100. data/spec/lib/puppet/test_ca.rb +5 -0
  101. data/spec/lib/puppet_spec/settings.rb +1 -0
  102. data/spec/unit/environments_spec.rb +35 -0
  103. data/spec/unit/file_system_spec.rb +6 -0
  104. data/spec/unit/functions/assert_type_spec.rb +1 -1
  105. data/spec/unit/functions/empty_spec.rb +10 -0
  106. data/spec/unit/functions/unwrap_spec.rb +8 -0
  107. data/spec/unit/functions4_spec.rb +2 -2
  108. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  109. data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
  110. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  111. data/spec/unit/provider/package/pip_spec.rb +37 -0
  112. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  113. data/spec/unit/settings_spec.rb +97 -56
  114. data/spec/unit/type/exec_spec.rb +76 -29
  115. data/spec/unit/type/file/source_spec.rb +4 -4
  116. data/spec/unit/type/tidy_spec.rb +7 -0
  117. data/spec/unit/util/windows/sid_spec.rb +39 -4
  118. data/tasks/generate_cert_fixtures.rake +10 -1
  119. metadata +12 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 24dd689f664e60e622d2fbbda9d4b461428e6478c917e325eef0c83967f25a4c
4
- data.tar.gz: 858fc1cc963b92ed1bb79f75285565020bd114d5c6eed9fdabecd697fcae23b2
3
+ metadata.gz: eb648b41d0fbdd10edaa4efcceec83b7fb164bbf5ced5a0c9d1ad4c86d899e53
4
+ data.tar.gz: 67ae631f70383a88f3c279d227413120ce7aa6aee98fedbb678c195631349094
5
5
  SHA512:
6
- metadata.gz: daebd0e8b02ad1345b567dbc145d7c968f69af1131dec93a18344fec41ef34314eaac36f55d1013f48e77f64e954fe7077b72df999a226a399a40d8fbce09d10
7
- data.tar.gz: 74a993b2c402b3cb31706af8d3c6931cc3f208b61121f28901cde795b977082dfc2ff9fc30718ea5c0db5161ea128978a3465202b3c1b24f56744e447d0dc0cf
6
+ metadata.gz: 263bd6b402cbc719f48b5e6a378e3cdccfb7b80fdc99614b8939c67c588c84561ab532ca61585bf9f036cc72e1bd2e18286cdc0891c228c4ae17249335d7f904
7
+ data.tar.gz: 1d9ae6cc1005a034aa8eb6d4dbe18de985586037b5d4444c5fb8c3aa0ecfc107c2c07aff4029d0f6650c37b6fad21c1b4f68012344292ee906e4f9cf40980924
data/CONTRIBUTING.md CHANGED
@@ -38,12 +38,12 @@ the [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev
38
38
  ## Making Changes
39
39
 
40
40
  * Create a topic branch from where you want to base your work.
41
- * This is usually the master branch.
41
+ * This is usually the main branch.
42
42
  * Only target release branches if you are certain your fix must be on that
43
43
  branch.
44
- * To quickly create a topic branch based on master, run `git checkout -b
45
- fix/master/my_contribution master`. Please avoid working directly on the
46
- `master` branch.
44
+ * To quickly create a topic branch based on main, run `git checkout -b
45
+ fix/main/my_contribution main`. Please avoid working directly on the
46
+ `main` branch.
47
47
  * Make commits of logical and atomic units.
48
48
  * Check for unnecessary whitespace with `git diff --check` before committing.
49
49
  * Make sure your commit messages are in the proper format. If the commit
@@ -65,7 +65,7 @@ the [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev
65
65
  why this is a problem, and how the patch fixes the problem when applied.
66
66
  ```
67
67
  * Make sure you have added the necessary tests for your changes.
68
- * For details on how to run tests, please see [the quickstart guide](https://github.com/puppetlabs/puppet/blob/master/docs/quickstart.md)
68
+ * For details on how to run tests, please see [the quickstart guide](https://github.com/puppetlabs/puppet/blob/main/docs/quickstart.md)
69
69
 
70
70
  ## Writing Translatable Code
71
71
 
data/Gemfile.lock CHANGED
@@ -1,9 +1,9 @@
1
1
  GIT
2
2
  remote: git://github.com/puppetlabs/packaging
3
- revision: 9ddc3c730023911b5ef015dc55a4d2e9a55e4a6c
3
+ revision: 4d6d51947f44bfa2fc282658836c15f69672e757
4
4
  branch: 1.0.x
5
5
  specs:
6
- packaging (0.99.77)
6
+ packaging (0.99.78.4.g4d6d519)
7
7
  artifactory (~> 2)
8
8
  csv (= 3.1.5)
9
9
  rake (>= 12.3)
@@ -12,7 +12,7 @@ GIT
12
12
  PATH
13
13
  remote: .
14
14
  specs:
15
- puppet (6.23.0)
15
+ puppet (6.24.0)
16
16
  CFPropertyList (~> 2.2)
17
17
  concurrent-ruby (~> 1.0)
18
18
  deep_merge (~> 1.0)
@@ -28,7 +28,7 @@ GEM
28
28
  remote: https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/
29
29
  specs:
30
30
  CFPropertyList (2.3.6)
31
- addressable (2.7.0)
31
+ addressable (2.8.0)
32
32
  public_suffix (>= 2.0.2, < 5.0)
33
33
  artifactory (2.8.2)
34
34
  ast (2.4.2)
@@ -40,11 +40,11 @@ GEM
40
40
  deep_merge (1.2.1)
41
41
  diff-lcs (1.4.4)
42
42
  docopt (0.6.1)
43
- facter (4.2.1)
43
+ facter (4.2.2)
44
44
  hocon (~> 1.3)
45
45
  thor (>= 1.0.1, < 2.0)
46
46
  fast_gettext (1.1.2)
47
- ffi (1.15.1)
47
+ ffi (1.15.3)
48
48
  gettext (3.2.9)
49
49
  locale (>= 2.0.5)
50
50
  text (>= 1.3.0)
@@ -81,14 +81,14 @@ GEM
81
81
  public_suffix (4.0.6)
82
82
  puppet-resource_api (1.8.14)
83
83
  hocon (>= 1.0)
84
- puppetserver-ca (1.9.5)
84
+ puppetserver-ca (1.10.0)
85
85
  facter (>= 2.0.1, < 5)
86
86
  racc (1.4.9)
87
87
  rainbow (2.2.2)
88
88
  rake
89
89
  rake (12.3.3)
90
90
  rdiscount (2.2.0.2)
91
- rdoc (6.3.1)
91
+ rdoc (6.3.2)
92
92
  release-metrics (1.1.0)
93
93
  csv
94
94
  docopt
data/README.md CHANGED
@@ -33,16 +33,16 @@ see the [Quick Start to Developing on Puppet](docs/quickstart.md) guide.
33
33
 
34
34
  We'd love to get contributions from you! For a quick guide to getting your
35
35
  system setup for developing, take a look at our [Quickstart
36
- Guide](https://github.com/puppetlabs/puppet/blob/master/docs/quickstart.md). Once you are up and running, take a look at the
37
- [Contribution Documents](https://github.com/puppetlabs/puppet/blob/master/CONTRIBUTING.md) to see how to get your changes merged
36
+ Guide](https://github.com/puppetlabs/puppet/blob/main/docs/quickstart.md). Once you are up and running, take a look at the
37
+ [Contribution Documents](https://github.com/puppetlabs/puppet/blob/main/CONTRIBUTING.md) to see how to get your changes merged
38
38
  in.
39
39
 
40
40
  For more complete docs on developing with Puppet, take a look at the
41
- rest of the [developer documents](https://github.com/puppetlabs/puppet/blob/master/docs/index.md).
41
+ rest of the [developer documents](https://github.com/puppetlabs/puppet/blob/main/docs/index.md).
42
42
 
43
43
  ## Licensing
44
44
 
45
- See [LICENSE](https://github.com/puppetlabs/puppet/blob/master/LICENSE) file. Puppet is licensed by Puppet, Inc. under the Apache license. Puppet, Inc. can be contacted at: info@puppet.com
45
+ See [LICENSE](https://github.com/puppetlabs/puppet/blob/main/LICENSE) file. Puppet is licensed by Puppet, Inc. under the Apache license. Puppet, Inc. can be contacted at: info@puppet.com
46
46
 
47
47
  ## Support
48
48
 
@@ -13,6 +13,7 @@ gem_files: '[A-Z]* install.rb bin lib conf man examples ext tasks spec locales'
13
13
  gem_test_files: 'spec/**/*'
14
14
  gem_executables: 'puppet'
15
15
  gem_default_executables: 'puppet'
16
+ gem_license: 'Apache-2.0'
16
17
  gem_forge_project: 'puppet'
17
18
  gem_required_ruby_version: '>= 2.3.0'
18
19
  gem_required_rubygems_version: '> 1.3.1'
@@ -1,6 +1,7 @@
1
1
  require 'puppet/application'
2
2
 
3
3
  class Puppet::Application::Filebucket < Puppet::Application
4
+ environment_mode :not_required
4
5
 
5
6
  option("--bucket BUCKET","-b")
6
7
  option("--debug","-d")
@@ -1,6 +1,7 @@
1
1
  require 'puppet/application'
2
2
 
3
3
  class Puppet::Application::Resource < Puppet::Application
4
+ environment_mode :not_required
4
5
 
5
6
  attr_accessor :host, :extra_params
6
7
 
@@ -14,8 +15,9 @@ class Puppet::Application::Resource < Puppet::Application
14
15
  option("--to_yaml","-y")
15
16
 
16
17
  option("--types", "-t") do |arg|
18
+ env = Puppet.lookup(:environments).get(Puppet[:environment]) || create_default_environment
17
19
  types = []
18
- Puppet::Type.loadall
20
+ Puppet::Type.typeloader.loadall(env)
19
21
  Puppet::Type.eachtype do |t|
20
22
  next if t.name == :component
21
23
  types << t.name.to_s
@@ -134,7 +136,9 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
134
136
  end
135
137
 
136
138
  def main
137
- env = Puppet.lookup(:environments).get(Puppet[:environment])
139
+ # If the specified environment does not exist locally, fall back to the default (production) environment
140
+ env = Puppet.lookup(:environments).get(Puppet[:environment]) || create_default_environment
141
+
138
142
  Puppet.override(:current_environment => env, :loaders => Puppet::Pops::Loaders.new(env)) do
139
143
  type, name, params = parse_args(command_line.args)
140
144
 
@@ -209,6 +213,15 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
209
213
  [type, name, params]
210
214
  end
211
215
 
216
+ def create_default_environment
217
+ Puppet.debug("Specified environment '#{Puppet[:environment]}' does not exist on the filesystem, defaulting to 'production'")
218
+ Puppet[:environment] = :production
219
+ basemodulepath = Puppet::Node::Environment.split_path(Puppet[:basemodulepath])
220
+ modulepath = Puppet[:modulepath]
221
+ modulepath = (modulepath.nil? || modulepath.empty?) ? basemodulepath : Puppet::Node::Environment.split_path(modulepath)
222
+ Puppet::Node::Environment.create(Puppet[:environment], modulepath, Puppet::Node::Environment::NO_MANIFEST)
223
+ end
224
+
212
225
  def find_or_save_resources(type, name, params)
213
226
  key = local_key(type, name)
214
227
 
@@ -117,6 +117,7 @@ HELP
117
117
  end
118
118
 
119
119
  Puppet::SSL::Oids.register_puppet_oids
120
+ Puppet::SSL::Oids.load_custom_oid_file(Puppet[:trusted_oid_mapping_file])
120
121
 
121
122
  certname = Puppet[:certname]
122
123
  action = command_line.args.first
@@ -356,6 +356,16 @@ module Puppet::Environments
356
356
  # Evict all that have expired, in the same way as `get`
357
357
  clear_all_expired
358
358
 
359
+ # Evict all that was removed from diks
360
+ cached_envs = @cache.keys.map!(&:to_sym)
361
+ loader_envs = @loader.list.map!(&:name)
362
+ removed_envs = cached_envs - loader_envs
363
+
364
+ removed_envs.each do |env_name|
365
+ Puppet.debug { "Environment no longer exists '#{env_name}'"}
366
+ clear(env_name)
367
+ end
368
+
359
369
  @loader.list.map do |env|
360
370
  name = env.name
361
371
  old_entry = @cache[name]
@@ -54,6 +54,7 @@ undocumented option
54
54
  end
55
55
  unless action.options.empty?
56
56
  action.options.sort.each do |name|
57
+ next if name == :extra
57
58
  option = action.get_option name -%>
58
59
  <%= " " + option.optparse.join(" | ")[0,(optionroom - 1)].ljust(optionroom) + ' - ' -%>
59
60
  <% if !(option.summary) -%>
@@ -49,6 +49,7 @@ undocumented option
49
49
  end
50
50
  unless face.options.empty?
51
51
  face.options.sort.each do |name|
52
+ next if name == :extra
52
53
  option = face.get_option name -%>
53
54
  <%= " " + option.optparse.join(" | ")[0,(optionroom - 1)].ljust(optionroom) + ' - ' -%>
54
55
  <% if !(option.summary) -%>
@@ -47,6 +47,17 @@ Puppet::Face.define(:node, '0.0.1') do
47
47
  end
48
48
 
49
49
  class LoggerIO
50
+ def debug(message)
51
+ Puppet.debug(message)
52
+ end
53
+
54
+ # Notice: For Puppet 6.x, the function below does not matter as it
55
+ # does not have any functionality. But we decided to keep it here
56
+ # for the ease of merge up to 7.x and having the same code base.
57
+ def warn(message)
58
+ Puppet.warning(message) unless message =~ /cadir is currently configured to be inside/
59
+ end
60
+
50
61
  def err(message)
51
62
  Puppet.err(message) unless message =~ /^\s*Error:\s*/
52
63
  end
@@ -84,7 +84,7 @@ class Puppet::FileSystem::FileImpl
84
84
  end
85
85
 
86
86
  def read_preserve_line_endings(path)
87
- read(path)
87
+ read(path, encoding: "bom|#{Encoding.default_external.name}")
88
88
  end
89
89
 
90
90
  def binread(path)
@@ -109,8 +109,8 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
109
109
  end
110
110
 
111
111
  def read_preserve_line_endings(path)
112
- contents = path.read( :mode => 'rb', :encoding => Encoding::UTF_8)
113
- contents = path.read( :mode => 'rb', :encoding => Encoding::default_external) unless contents.valid_encoding?
112
+ contents = path.read( :mode => 'rb', :encoding => 'bom|utf-8')
113
+ contents = path.read( :mode => 'rb', :encoding => "bom|#{Encoding::default_external.name}") unless contents.valid_encoding?
114
114
  contents = path.read unless contents.valid_encoding?
115
115
 
116
116
  contents
data/lib/puppet/forge.rb CHANGED
@@ -70,7 +70,7 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
70
70
  uri = decode_uri(result['pagination']['next'])
71
71
  matches.concat result['results']
72
72
  else
73
- raise ResponseError.new(:uri => URI.parse(@host).merge(uri), :response => response)
73
+ raise ResponseError.new(:uri => response.url, :response => response)
74
74
  end
75
75
  end
76
76
 
@@ -105,7 +105,7 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
105
105
  if response.code == 200
106
106
  response = Puppet::Util::Json.load(response.body)
107
107
  else
108
- raise ResponseError.new(:uri => URI.parse(@host).merge(uri), :response => response)
108
+ raise ResponseError.new(:uri => response.url, :response => response)
109
109
  end
110
110
 
111
111
  releases.concat(process(response['results']))
@@ -208,7 +208,7 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
208
208
  response = @source.make_http_request(uri, destination)
209
209
  destination.flush and destination.close
210
210
  unless response.code == 200
211
- raise Puppet::Forge::Errors::ResponseError.new(:uri => uri, :response => response)
211
+ raise Puppet::Forge::Errors::ResponseError.new(:uri => response.url, :response => response)
212
212
  end
213
213
  end
214
214
 
@@ -26,6 +26,10 @@ Puppet::Functions.create_function(:empty) do
26
26
  param 'Collection', :coll
27
27
  end
28
28
 
29
+ dispatch :sensitive_string_empty do
30
+ param 'Sensitive[String]', :str
31
+ end
32
+
29
33
  dispatch :string_empty do
30
34
  param 'String', :str
31
35
  end
@@ -46,6 +50,10 @@ Puppet::Functions.create_function(:empty) do
46
50
  coll.empty?
47
51
  end
48
52
 
53
+ def sensitive_string_empty(str)
54
+ str.unwrap.empty?
55
+ end
56
+
49
57
  def string_empty(str)
50
58
  str.empty?
51
59
  end
@@ -105,6 +105,7 @@
105
105
  # **Seconds since the Epoch:**
106
106
  #
107
107
  # | Format | Meaning |
108
+ # | ------ | ------- |
108
109
  # | s | Number of seconds since 1970-01-01 00:00:00 UTC. |
109
110
  #
110
111
  # **Literal string:**
@@ -1,4 +1,5 @@
1
1
  # Unwraps a Sensitive value and returns the wrapped object.
2
+ # Returns the Value itself, if it is not Sensitive.
2
3
  #
3
4
  # @example Usage of unwrap
4
5
  #
@@ -28,12 +29,17 @@
28
29
  # @since 4.0.0
29
30
  #
30
31
  Puppet::Functions.create_function(:unwrap) do
31
- dispatch :unwrap do
32
+ dispatch :from_sensitive do
32
33
  param 'Sensitive', :arg
33
34
  optional_block_param
34
35
  end
35
36
 
36
- def unwrap(arg)
37
+ dispatch :from_any do
38
+ param 'Any', :arg
39
+ optional_block_param
40
+ end
41
+
42
+ def from_sensitive(arg)
37
43
  unwrapped = arg.unwrap
38
44
  if block_given?
39
45
  yield(unwrapped)
@@ -41,4 +47,13 @@ Puppet::Functions.create_function(:unwrap) do
41
47
  unwrapped
42
48
  end
43
49
  end
50
+
51
+ def from_any(arg)
52
+ unwrapped = arg
53
+ if block_given?
54
+ yield(unwrapped)
55
+ else
56
+ unwrapped
57
+ end
58
+ end
44
59
  end
@@ -24,7 +24,12 @@ class Puppet::Resource::Ral < Puppet::Indirector::Code
24
24
  type(request).instances.map do |res|
25
25
  res.to_resource
26
26
  end.find_all do |res|
27
- conditions.all? {|property, value| res.to_resource[property].to_s == value.to_s}
27
+ conditions.all? do |property, value|
28
+ # even though `res` is an instance of Puppet::Resource, calling
29
+ # `res[:name]` on it returns nil, and for some reason it is necessary
30
+ # to invoke the Puppet::Resource#copy_as_resource copy constructor...
31
+ res.copy_as_resource[property].to_s == value.to_s
32
+ end
28
33
  end.sort_by(&:title)
29
34
  end
30
35
 
@@ -76,6 +76,7 @@ class Puppet::Interface
76
76
  s.text(" ")
77
77
 
78
78
  options.each do |option|
79
+ next if option == :extra
79
80
  option = get_option(option)
80
81
  wrap = option.required? ? %w{ < > } : %w{ [ ] }
81
82
 
@@ -59,6 +59,10 @@ module Puppet::ModuleTool
59
59
  results = { :action => :install, :module_name => name, :module_version => version }
60
60
 
61
61
  begin
62
+ if !@local_tarball && name !~ /-/
63
+ raise InvalidModuleNameError.new(module_name: @name, suggestion: "puppetlabs-#{@name}", action: :install)
64
+ end
65
+
62
66
  installed_module = installed_modules[name]
63
67
  if installed_module
64
68
  unless forced?
@@ -127,6 +127,23 @@ module Puppet::ModuleTool::Errors
127
127
  end
128
128
  end
129
129
 
130
+ class InvalidModuleNameError < ModuleToolError
131
+ def initialize(options)
132
+ @module_name = options[:module_name]
133
+ @suggestion = options[:suggestion]
134
+ @action = options[:action]
135
+ super _("Could not %{action} '%{module_name}', did you mean '%{suggestion}'?") % { action: @action, module_name: @module_name, suggestion: @suggestion }
136
+ end
137
+
138
+ def multiline
139
+ message = []
140
+ message << _("Could not %{action} module '%{module_name}'") % { action: @action, module_name: @module_name }
141
+ message << _(" The name '%{module_name}' is invalid") % { module_name: @module_name }
142
+ message << _(" Did you mean `puppet module %{action} %{suggestion}`?") % { action: @action, suggestion: @suggestion }
143
+ message.join("\n")
144
+ end
145
+ end
146
+
130
147
  class NotInstalledError < ModuleToolError
131
148
  def initialize(options)
132
149
  @module_name = options[:module_name]
@@ -640,7 +640,7 @@ module Types
640
640
  result = ["#{label} expects (#{signature_string(sig)})"]
641
641
  result.concat(error_arrays[0].map { |e| " rejected:#{e.chop_path(0).format}" })
642
642
  else
643
- result = ["#{label} expects one of:"]
643
+ result = ["The function #{label} was called with arguments it does not accept. It expects one of:"]
644
644
  signatures.each_with_index do |sg, index|
645
645
  result << " (#{signature_string(sg)})"
646
646
  result.concat(error_arrays[index].map { |e| " rejected:#{e.chop_path(0).format}" })
@@ -6,10 +6,22 @@ Puppet::Type.type(:exec).provide :posix, :parent => Puppet::Provider::Exec do
6
6
  defaultfor :feature => :posix
7
7
 
8
8
  desc <<-EOT
9
- Executes external binaries directly, without passing through a shell or
10
- performing any interpolation. This is a safer and more predictable way
11
- to execute most commands, but prevents the use of globbing and shell
12
- built-ins (including control logic like "for" and "if" statements).
9
+ Executes external binaries by invoking Ruby's `Kernel.exec`.
10
+ When the command is a string, it will be executed directly,
11
+ without a shell, if it follows these rules:
12
+ - no meta characters
13
+ - no shell reserved word and no special built-in
14
+
15
+ When the command is an Array of Strings, passed as `[cmdname, arg1, ...]`
16
+ it will be executed directly(the first element is taken as a command name
17
+ and the rest are passed as parameters to command with no shell expansion)
18
+ This is a safer and more predictable way to execute most commands,
19
+ but prevents the use of globbing and shell built-ins (including control
20
+ logic like "for" and "if" statements).
21
+
22
+ If the use of globbing and shell built-ins is desired, please check
23
+ the `shell` provider
24
+
13
25
  EOT
14
26
 
15
27
  # Verify that we have the executable
@@ -127,7 +127,7 @@ Puppet::Type.type(:package).provide :pip, :parent => ::Puppet::Provider::Package
127
127
  if self.class.compare_pip_versions(command_version, '1.5.4') == -1
128
128
  available_versions_with_old_pip.last
129
129
  else
130
- available_versions_with_new_pip.last
130
+ available_versions_with_new_pip(command_version).last
131
131
  end
132
132
  end
133
133
 
@@ -150,15 +150,17 @@ Puppet::Type.type(:package).provide :pip, :parent => ::Puppet::Provider::Package
150
150
  if self.class.compare_pip_versions(command_version, '1.5.4') == -1
151
151
  available_versions_with_old_pip
152
152
  else
153
- available_versions_with_new_pip
153
+ available_versions_with_new_pip(command_version)
154
154
  end
155
155
  end
156
156
 
157
- def available_versions_with_new_pip
157
+ def available_versions_with_new_pip(command_version)
158
158
  command = resource_or_provider_command
159
159
  self.class.validate_command(command)
160
160
 
161
161
  command_and_options = [self.class.quote(command), 'install', "#{@resource[:name]}==versionplease"]
162
+ extra_arg = list_extra_flags(command_version)
163
+ command_and_options << extra_arg if extra_arg
162
164
  command_and_options << install_options if @resource[:install_options]
163
165
  execpipe command_and_options do |process|
164
166
  process.collect do |line|
@@ -329,4 +331,14 @@ Puppet::Type.type(:package).provide :pip, :parent => ::Puppet::Provider::Package
329
331
  path
330
332
  end
331
333
  end
334
+
335
+ private
336
+
337
+ def list_extra_flags(command_version)
338
+ klass = self.class
339
+ if klass.compare_pip_versions(command_version, '20.2.4') == 1 &&
340
+ klass.compare_pip_versions(command_version, '21.1') == -1
341
+ '--use-deprecated=legacy-resolver'
342
+ end
343
+ end
332
344
  end
@@ -280,6 +280,9 @@ class Puppet::Provider::ParsedFile < Puppet::Provider
280
280
  def self.prefetch_target(target)
281
281
  begin
282
282
  target_records = retrieve(target)
283
+ unless target_records
284
+ raise Puppet::DevError, _("Prefetching %{target} for provider %{name} returned nil") % { target: target, name: self.name }
285
+ end
283
286
  rescue Puppet::Util::FileType::FileReadError => detail
284
287
  if @raise_prefetch_errors
285
288
  # We will raise an error later in flush_target. This way,
@@ -862,7 +862,11 @@ class Puppet::Settings
862
862
  if self[:user]
863
863
  user = Puppet::Type.type(:user).new :name => self[:user], :audit => :ensure
864
864
 
865
- @service_user_available = user.exists?
865
+ if user.suitable?
866
+ @service_user_available = user.exists?
867
+ else
868
+ raise Puppet::Error, (_("Cannot manage owner permissions, because the provider for '%{name}' is not functional") % { name: user })
869
+ end
866
870
  else
867
871
  @service_user_available = false
868
872
  end
@@ -874,7 +878,11 @@ class Puppet::Settings
874
878
  if self[:group]
875
879
  group = Puppet::Type.type(:group).new :name => self[:group], :audit => :ensure
876
880
 
877
- @service_group_available = group.exists?
881
+ if group.suitable?
882
+ @service_group_available = group.exists?
883
+ else
884
+ raise Puppet::Error, (_("Cannot manage group permissions, because the provider for '%{name}' is not functional") % { name: group })
885
+ end
878
886
  else
879
887
  @service_group_available = false
880
888
  end
@@ -883,9 +891,16 @@ class Puppet::Settings
883
891
  # Allow later inspection to determine if the setting was set on the
884
892
  # command line, or through some other code path. Used for the
885
893
  # `dns_alt_names` option during cert generate. --daniel 2011-10-18
886
- def set_by_cli?(param)
894
+ #
895
+ # @param param [String, Symbol] the setting to look up
896
+ # @return [Object, nil] the value of the setting or nil if unset
897
+ def set_by_cli(param)
887
898
  param = param.to_sym
888
- !@value_sets[:cli].lookup(param).nil?
899
+ @value_sets[:cli].lookup(param)
900
+ end
901
+
902
+ def set_by_cli?(param)
903
+ !!set_by_cli(param)
889
904
  end
890
905
 
891
906
  # Get values from a search path entry.
@@ -918,9 +933,13 @@ class Puppet::Settings
918
933
  end
919
934
  end
920
935
 
921
- # Allow later inspection to determine if the setting was set by user
922
- # config, rather than a default setting.
923
- def set_in_section?(param, section)
936
+ # Allow later inspection to determine if the setting was set in a specific
937
+ # section
938
+ #
939
+ # @param param [String, Symbol] the setting to look up
940
+ # @param section [Symbol] the section in which to look up the setting
941
+ # @return [Object, nil] the value of the setting or nil if unset
942
+ def set_in_section(param, section)
924
943
  param = param.to_sym
925
944
  vals = searchpath_values(SearchPathElement.new(section, :section))
926
945
  if vals
@@ -928,6 +947,10 @@ class Puppet::Settings
928
947
  end
929
948
  end
930
949
 
950
+ def set_in_section?(param, section)
951
+ !!set_in_section(param, section)
952
+ end
953
+
931
954
  # Patches the value for a param in a section.
932
955
  # This method is required to support the use case of unifying --dns-alt-names and
933
956
  # --dns_alt_names in the certificate face. Ideally this should be cleaned up.
@@ -201,7 +201,9 @@ module Puppet
201
201
  only uses the resource title to ensure `exec`s are unique."
202
202
 
203
203
  validate do |command|
204
- raise ArgumentError, _("Command must be a String, got value of class %{klass}") % { klass: command.class } unless command.is_a? String
204
+ unless command.is_a?(String) || command.is_a?(Array)
205
+ raise ArgumentError, _("Command must be a String or Array<String>, got value of class %{klass}") % { klass: command.class }
206
+ end
205
207
  end
206
208
  end
207
209
 
@@ -458,6 +460,10 @@ module Puppet
458
460
 
459
461
  unless => ['test -f /tmp/file1', 'test -f /tmp/file2'],
460
462
 
463
+ or an array of arrays. For example:
464
+
465
+ unless => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
466
+
461
467
  This `exec` would only run if every command in the array has a
462
468
  non-zero exit code.
463
469
  EOT
@@ -514,6 +520,10 @@ module Puppet
514
520
 
515
521
  onlyif => ['test -f /tmp/file1', 'test -f /tmp/file2'],
516
522
 
523
+ or an array of arrays. For example:
524
+
525
+ onlyif => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
526
+
517
527
  This `exec` would only run if every command in the array has an
518
528
  exit code of 0 (success).
519
529
  EOT
@@ -562,12 +572,14 @@ module Puppet
562
572
  reqs << self[:cwd] if self[:cwd]
563
573
 
564
574
  file_regex = Puppet::Util::Platform.windows? ? %r{^([a-zA-Z]:[\\/]\S+)} : %r{^(/\S+)}
575
+ cmd = self[:command]
576
+ cmd = cmd[0] if cmd.is_a? Array
565
577
 
566
- self[:command].scan(file_regex) { |str|
578
+ cmd.scan(file_regex) { |str|
567
579
  reqs << str
568
580
  }
569
581
 
570
- self[:command].scan(/^"([^"]+)"/) { |str|
582
+ cmd.scan(/^"([^"]+)"/) { |str|
571
583
  reqs << str
572
584
  }
573
585
 
@@ -583,6 +595,7 @@ module Puppet
583
595
  # fully qualified. It might not be a bad idea to add
584
596
  # unqualified files, but, well, that's a bit more annoying
585
597
  # to do.
598
+ line = line[0] if line.is_a? Array
586
599
  reqs += line.scan(file_regex)
587
600
  end
588
601
  }