puppet 6.23.0-universal-darwin → 6.24.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +5 -5
- data/Gemfile.lock +8 -8
- data/README.md +4 -4
- data/ext/project_data.yaml +1 -0
- data/lib/puppet/application/filebucket.rb +1 -0
- data/lib/puppet/application/resource.rb +15 -2
- data/lib/puppet/application/ssl.rb +1 -0
- data/lib/puppet/environments.rb +10 -0
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/node/clean.rb +11 -0
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/windows.rb +2 -2
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/indirector/resource/ral.rb +6 -1
- data/lib/puppet/interface/documentation.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +4 -0
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/package/pip.rb +15 -3
- data/lib/puppet/provider/parsedfile.rb +3 -0
- data/lib/puppet/settings.rb +30 -7
- data/lib/puppet/type/exec.rb +16 -3
- data/lib/puppet/type/file/mode.rb +6 -0
- data/lib/puppet/type/tidy.rb +1 -1
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/windows/sid.rb +3 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +3 -3
- data/locales/puppet.pot +154 -134
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -8
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +7 -7
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +4 -4
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +106 -106
- data/spec/fixtures/ssl/127.0.0.1.pem +48 -48
- data/spec/fixtures/ssl/bad-basic-constraints.pem +54 -54
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +51 -51
- data/spec/fixtures/ssl/ca.pem +52 -52
- data/spec/fixtures/ssl/crl.pem +25 -25
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +32 -32
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +107 -107
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +25 -25
- data/spec/fixtures/ssl/intermediate-agent.pem +54 -54
- data/spec/fixtures/ssl/intermediate-crl.pem +28 -28
- data/spec/fixtures/ssl/intermediate.pem +51 -51
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +106 -106
- data/spec/fixtures/ssl/pluto.pem +50 -50
- data/spec/fixtures/ssl/request-key.pem +106 -106
- data/spec/fixtures/ssl/request.pem +45 -45
- data/spec/fixtures/ssl/revoked-key.pem +106 -106
- data/spec/fixtures/ssl/revoked.pem +49 -49
- data/spec/fixtures/ssl/signed-key.pem +106 -106
- data/spec/fixtures/ssl/signed.pem +47 -47
- data/spec/fixtures/ssl/tampered-cert.pem +49 -49
- data/spec/fixtures/ssl/tampered-csr.pem +45 -45
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +106 -106
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -48
- data/spec/fixtures/ssl/unknown-ca-key.pem +106 -106
- data/spec/fixtures/ssl/unknown-ca.pem +52 -52
- data/spec/integration/application/filebucket_spec.rb +11 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/resource_spec.rb +35 -1
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/indirector/facts/facter_spec.rb +90 -36
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/lib/puppet/test_ca.rb +5 -0
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/unit/environments_spec.rb +35 -0
- data/spec/unit/file_system_spec.rb +6 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/provider/package/pip_spec.rb +37 -0
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/settings_spec.rb +97 -56
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/tidy_spec.rb +7 -0
- data/spec/unit/util/windows/sid_spec.rb +39 -4
- data/tasks/generate_cert_fixtures.rake +10 -1
- metadata +12 -3
@@ -266,6 +266,43 @@ describe Puppet::Type.type(:package).provider(:pip) do
|
|
266
266
|
let(:pip_version) { '1.5.4' }
|
267
267
|
let(:pip_path) { '/fake/bin/pip' }
|
268
268
|
|
269
|
+
context "with pip version >= 20.3 and < 21.1" do
|
270
|
+
let(:pip_version) { '20.3.1' }
|
271
|
+
let(:pip_path) { '/fake/bin/pip' }
|
272
|
+
|
273
|
+
it "should use legacy-resolver argument" do
|
274
|
+
p = StringIO.new(
|
275
|
+
<<-EOS
|
276
|
+
Collecting real-package==versionplease
|
277
|
+
Could not find a version that satisfies the requirement real-package==versionplease (from versions: 1.1.3, 1.0, 1.9b1)
|
278
|
+
No matching distribution found for real-package==versionplease
|
279
|
+
EOS
|
280
|
+
)
|
281
|
+
expect(Puppet::Util::Execution).to receive(:execpipe).with(["/fake/bin/pip", "install", "real_package==versionplease",
|
282
|
+
"--use-deprecated=legacy-resolver"]).and_yield(p).once
|
283
|
+
@resource[:name] = "real_package"
|
284
|
+
@provider.latest
|
285
|
+
end
|
286
|
+
end
|
287
|
+
|
288
|
+
context "with pip version >= 21.1" do
|
289
|
+
let(:pip_version) { '21.1' }
|
290
|
+
let(:pip_path) { '/fake/bin/pip' }
|
291
|
+
|
292
|
+
it "should not use legacy-resolver argument" do
|
293
|
+
p = StringIO.new(
|
294
|
+
<<-EOS
|
295
|
+
Collecting real-package==versionplease
|
296
|
+
Could not find a version that satisfies the requirement real-package==versionplease (from versions: 1.1.3, 1.0, 1.9b1)
|
297
|
+
No matching distribution found for real-package==versionplease
|
298
|
+
EOS
|
299
|
+
)
|
300
|
+
expect(Puppet::Util::Execution).to receive(:execpipe).with(["/fake/bin/pip", "install", "real_package==versionplease"]).and_yield(p).once
|
301
|
+
@resource[:name] = "real_package"
|
302
|
+
@provider.latest
|
303
|
+
end
|
304
|
+
end
|
305
|
+
|
269
306
|
it "should find a version number for real_package" do
|
270
307
|
p = StringIO.new(
|
271
308
|
<<-EOS
|
@@ -79,6 +79,16 @@ describe Puppet::Provider::ParsedFile do
|
|
79
79
|
|
80
80
|
provider.instances
|
81
81
|
end
|
82
|
+
|
83
|
+
it "should raise if parsing returns nil" do
|
84
|
+
expect(provider).to receive(:targets).and_return(%w{/one})
|
85
|
+
expect_any_instance_of(Puppet::Util::FileType::FileTypeFlat).to receive(:read).and_return('a=b')
|
86
|
+
expect(provider).to receive(:parse).and_return(nil)
|
87
|
+
|
88
|
+
expect {
|
89
|
+
provider.instances
|
90
|
+
}.to raise_error(Puppet::DevError, %r{Prefetching /one for provider parsedfile_provider returned nil})
|
91
|
+
end
|
82
92
|
end
|
83
93
|
|
84
94
|
describe "when matching resources to existing records" do
|
data/spec/unit/settings_spec.rb
CHANGED
@@ -29,6 +29,17 @@ describe Puppet::Settings do
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
+
def stub_config_with(content)
|
33
|
+
allow(Puppet.features).to receive(:root?).and_return(false)
|
34
|
+
expect(Puppet::FileSystem).to receive(:exist?).
|
35
|
+
with(user_config_file_default_location).
|
36
|
+
and_return(true).ordered
|
37
|
+
expect(@settings).to receive(:read_file).
|
38
|
+
with(user_config_file_default_location).
|
39
|
+
and_return(content).ordered
|
40
|
+
@settings.send(:parse_config_files)
|
41
|
+
end
|
42
|
+
|
32
43
|
describe "when specifying defaults" do
|
33
44
|
before do
|
34
45
|
@settings = Puppet::Settings.new
|
@@ -264,23 +275,31 @@ describe Puppet::Settings do
|
|
264
275
|
expect(@settings[:myval]).to eq("")
|
265
276
|
end
|
266
277
|
|
267
|
-
it "should
|
278
|
+
it "should retrieve numeric settings from the CLI" do
|
268
279
|
@settings.handlearg("--myval", "12")
|
269
|
-
expect(@settings.set_by_cli
|
280
|
+
expect(@settings.set_by_cli(:myval)).to eq(12)
|
281
|
+
expect(@settings.set_by_cli?(:myval)).to be true
|
270
282
|
end
|
271
283
|
|
272
|
-
it "should
|
284
|
+
it "should retrieve string settings from the CLI" do
|
285
|
+
@settings.handlearg("--myval", "something")
|
286
|
+
expect(@settings.set_by_cli(:myval)).to eq("something")
|
287
|
+
expect(@settings.set_by_cli?(:myval)).to be true
|
288
|
+
end
|
289
|
+
|
290
|
+
it "should retrieve bool settings from the CLI" do
|
273
291
|
@settings.handlearg("--bool")
|
274
|
-
expect(@settings.set_by_cli
|
292
|
+
expect(@settings.set_by_cli(:bool)).to be true
|
293
|
+
expect(@settings.set_by_cli?(:bool)).to be true
|
275
294
|
end
|
276
295
|
|
277
|
-
it "should not
|
296
|
+
it "should not retrieve settings set in memory as from CLI" do
|
278
297
|
@settings[:myval] = "12"
|
279
|
-
expect(@settings.set_by_cli?(:myval)).to
|
298
|
+
expect(@settings.set_by_cli?(:myval)).to be false
|
280
299
|
end
|
281
300
|
|
282
301
|
it "should find no configured settings by default" do
|
283
|
-
expect(@settings.set_by_config?(:myval)).to
|
302
|
+
expect(@settings.set_by_config?(:myval)).to be false
|
284
303
|
end
|
285
304
|
|
286
305
|
it "should identify configured settings in memory" do
|
@@ -304,64 +323,66 @@ describe Puppet::Settings do
|
|
304
323
|
expect(@settings.set_by_config?(:manifest, Puppet[:environment])).to be_truthy
|
305
324
|
end
|
306
325
|
|
307
|
-
|
308
|
-
|
326
|
+
context "when handling puppet.conf" do
|
327
|
+
describe "#set_by_config?" do
|
328
|
+
it "should identify configured settings from the preferred run mode" do
|
329
|
+
stub_config_with(<<~CONFIG)
|
330
|
+
[#{@settings.preferred_run_mode}]
|
331
|
+
myval = foo
|
332
|
+
CONFIG
|
309
333
|
|
310
|
-
|
311
|
-
|
312
|
-
with(user_config_file_default_location).
|
313
|
-
and_return(true).ordered
|
314
|
-
expect(@settings).to receive(:read_file).
|
315
|
-
with(user_config_file_default_location).
|
316
|
-
and_return(user_config_text).ordered
|
334
|
+
expect(@settings.set_by_config?(:myval)).to be_truthy
|
335
|
+
end
|
317
336
|
|
318
|
-
|
319
|
-
|
320
|
-
|
337
|
+
it "should identify configured settings from the specified run mode" do
|
338
|
+
stub_config_with(<<~CONFIG)
|
339
|
+
[server]
|
340
|
+
myval = foo
|
341
|
+
CONFIG
|
321
342
|
|
322
|
-
|
323
|
-
|
343
|
+
expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
|
344
|
+
end
|
324
345
|
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
with(user_config_file_default_location).
|
331
|
-
and_return(user_config_text).ordered
|
346
|
+
it "should not identify configured settings from an unspecified run mode" do
|
347
|
+
stub_config_with(<<~CONFIG)
|
348
|
+
[zaz]
|
349
|
+
myval = foo
|
350
|
+
CONFIG
|
332
351
|
|
333
|
-
|
334
|
-
|
335
|
-
end
|
352
|
+
expect(@settings.set_by_config?(:myval)).to be_falsey
|
353
|
+
end
|
336
354
|
|
337
|
-
|
338
|
-
|
355
|
+
it "should identify configured settings from the main section" do
|
356
|
+
stub_config_with(<<~CONFIG)
|
357
|
+
[main]
|
358
|
+
myval = foo
|
359
|
+
CONFIG
|
339
360
|
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
and_return(true).ordered
|
344
|
-
expect(@settings).to receive(:read_file).
|
345
|
-
with(user_config_file_default_location).
|
346
|
-
and_return(user_config_text).ordered
|
361
|
+
expect(@settings.set_by_config?(:myval)).to be_truthy
|
362
|
+
end
|
363
|
+
end
|
347
364
|
|
348
|
-
|
349
|
-
|
350
|
-
|
365
|
+
describe "#set_in_section" do
|
366
|
+
it "should retrieve configured settings from the specified section" do
|
367
|
+
stub_config_with(<<~CONFIG)
|
368
|
+
[agent]
|
369
|
+
myval = foo
|
370
|
+
CONFIG
|
351
371
|
|
352
|
-
|
353
|
-
|
372
|
+
expect(@settings.set_in_section(:myval, :agent)).to eq("foo")
|
373
|
+
expect(@settings.set_in_section?(:myval, :agent)).to be true
|
374
|
+
end
|
354
375
|
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
with(user_config_file_default_location).
|
361
|
-
and_return(user_config_text).ordered
|
376
|
+
it "should not retrieve configured settings from a different section" do
|
377
|
+
stub_config_with(<<~CONFIG)
|
378
|
+
[main]
|
379
|
+
myval = foo
|
380
|
+
CONFIG
|
362
381
|
|
363
|
-
|
364
|
-
|
382
|
+
expect(@settings.set_in_section(:myval, :agent)).to be nil
|
383
|
+
expect(@settings.set_in_section?(:myval, :agent)).to be false
|
384
|
+
end
|
385
|
+
end
|
365
386
|
end
|
366
387
|
|
367
388
|
it "should clear the cache when setting getopt-specific values" do
|
@@ -2120,7 +2141,7 @@ describe Puppet::Settings do
|
|
2120
2141
|
end
|
2121
2142
|
|
2122
2143
|
def a_user_type_for(username)
|
2123
|
-
user = double('user')
|
2144
|
+
user = double('user', 'suitable?': true, to_s: "User[#{username}]")
|
2124
2145
|
expect(Puppet::Type.type(:user)).to receive(:new).with(hash_including(name: username)).and_return(user)
|
2125
2146
|
user
|
2126
2147
|
end
|
@@ -2153,6 +2174,16 @@ describe Puppet::Settings do
|
|
2153
2174
|
|
2154
2175
|
expect(settings).to be_service_user_available
|
2155
2176
|
end
|
2177
|
+
|
2178
|
+
it "raises if the user is not suitable" do
|
2179
|
+
settings[:user] = "foo"
|
2180
|
+
|
2181
|
+
expect(a_user_type_for("foo")).to receive(:suitable?).and_return(false)
|
2182
|
+
|
2183
|
+
expect {
|
2184
|
+
settings.service_user_available?
|
2185
|
+
}.to raise_error(Puppet::Error, /Cannot manage owner permissions, because the provider for 'User\[foo\]' is not functional/)
|
2186
|
+
end
|
2156
2187
|
end
|
2157
2188
|
|
2158
2189
|
describe "when determining if the service group is available" do
|
@@ -2163,7 +2194,7 @@ describe Puppet::Settings do
|
|
2163
2194
|
end
|
2164
2195
|
|
2165
2196
|
def a_group_type_for(groupname)
|
2166
|
-
group = double('group')
|
2197
|
+
group = double('group', 'suitable?': true, to_s: "Group[#{groupname}]")
|
2167
2198
|
expect(Puppet::Type.type(:group)).to receive(:new).with(hash_including(name: groupname)).and_return(group)
|
2168
2199
|
group
|
2169
2200
|
end
|
@@ -2196,6 +2227,16 @@ describe Puppet::Settings do
|
|
2196
2227
|
|
2197
2228
|
expect(settings).to be_service_group_available
|
2198
2229
|
end
|
2230
|
+
|
2231
|
+
it "raises if the group is not suitable" do
|
2232
|
+
settings[:group] = "foo"
|
2233
|
+
|
2234
|
+
expect(a_group_type_for("foo")).to receive(:suitable?).and_return(false)
|
2235
|
+
|
2236
|
+
expect {
|
2237
|
+
settings.service_group_available?
|
2238
|
+
}.to raise_error(Puppet::Error, /Cannot manage group permissions, because the provider for 'Group\[foo\]' is not functional/)
|
2239
|
+
end
|
2199
2240
|
end
|
2200
2241
|
|
2201
2242
|
describe "when dealing with command-line options" do
|
data/spec/unit/type/exec_spec.rb
CHANGED
@@ -239,6 +239,19 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
239
239
|
expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
|
240
240
|
end
|
241
241
|
|
242
|
+
it "should be able to autorequire files mentioned in the array command" do
|
243
|
+
foo = make_absolute('/bin/foo')
|
244
|
+
catalog = Puppet::Resource::Catalog.new
|
245
|
+
tmp = Puppet::Type.type(:file).new(:name => foo)
|
246
|
+
execer = Puppet::Type.type(:exec).new(:name => 'test array', :command => [foo, 'bar'])
|
247
|
+
|
248
|
+
catalog.add_resource tmp
|
249
|
+
catalog.add_resource execer
|
250
|
+
dependencies = execer.autorequire(catalog)
|
251
|
+
|
252
|
+
expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
|
253
|
+
end
|
254
|
+
|
242
255
|
describe "when handling the path parameter" do
|
243
256
|
expect = %w{one two three four}
|
244
257
|
{ "an array" => expect,
|
@@ -346,7 +359,13 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
346
359
|
end
|
347
360
|
|
348
361
|
shared_examples_for "all exec command parameters" do |param|
|
349
|
-
|
362
|
+
array_cmd = ["/bin/example", "*"]
|
363
|
+
array_cmd = [["/bin/example", "*"]] if [:onlyif, :unless].include?(param)
|
364
|
+
|
365
|
+
commands = { "relative" => "example", "absolute" => "/bin/example" }
|
366
|
+
commands["array"] = array_cmd
|
367
|
+
|
368
|
+
commands.sort.each do |name, command|
|
350
369
|
describe "if command is #{name}" do
|
351
370
|
before :each do
|
352
371
|
@param = param
|
@@ -379,45 +398,44 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
379
398
|
end
|
380
399
|
|
381
400
|
shared_examples_for "all exec command parameters that take arrays" do |param|
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
401
|
+
[
|
402
|
+
%w{one two three},
|
403
|
+
[%w{one -a}, %w{two, -b}, 'three']
|
404
|
+
].each do |input|
|
405
|
+
context "when given #{input.inspect} as input" do
|
406
|
+
let(:resource) { Puppet::Type.type(:exec).new(:name => @executable) }
|
386
407
|
|
387
|
-
|
388
|
-
|
389
|
-
|
390
|
-
|
391
|
-
|
392
|
-
|
408
|
+
it "accepts the array when all commands return valid" do
|
409
|
+
input = %w{one two three}
|
410
|
+
allow(resource.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
|
411
|
+
resource[param] = input
|
412
|
+
expect(resource[param]).to eq(input)
|
413
|
+
end
|
393
414
|
|
394
|
-
|
395
|
-
|
396
|
-
|
397
|
-
|
398
|
-
|
415
|
+
it "rejects the array when any commands return invalid" do
|
416
|
+
input = %w{one two three}
|
417
|
+
allow(resource.provider).to receive(:validatecmd).with(input[0]).and_return(true)
|
418
|
+
allow(resource.provider).to receive(:validatecmd).with(input[1]).and_raise(Puppet::Error)
|
419
|
+
|
420
|
+
expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
|
399
421
|
end
|
400
|
-
@test[param] = input
|
401
|
-
expect(@test[param]).to eq(input)
|
402
|
-
end
|
403
422
|
|
404
|
-
|
405
|
-
|
406
|
-
|
407
|
-
|
408
|
-
|
423
|
+
it "stops at the first invalid command" do
|
424
|
+
input = %w{one two three}
|
425
|
+
allow(resource.provider).to receive(:validatecmd).with(input[0]).and_raise(Puppet::Error)
|
426
|
+
|
427
|
+
expect(resource.provider).not_to receive(:validatecmd).with(input[1])
|
428
|
+
expect(resource.provider).not_to receive(:validatecmd).with(input[2])
|
429
|
+
expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
|
430
|
+
end
|
409
431
|
end
|
410
432
|
end
|
411
433
|
end
|
412
434
|
|
413
435
|
describe "when setting command" do
|
414
436
|
subject { described_class.new(:name => @command) }
|
415
|
-
it "fails when passed an Array" do
|
416
|
-
expect { subject[:command] = [] }.to raise_error Puppet::Error, /Command must be a String/
|
417
|
-
end
|
418
|
-
|
419
437
|
it "fails when passed a Hash" do
|
420
|
-
expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String
|
438
|
+
expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String or Array<String>/
|
421
439
|
end
|
422
440
|
end
|
423
441
|
|
@@ -759,6 +777,35 @@ RSpec.describe Puppet::Type.type(:exec) do
|
|
759
777
|
end
|
760
778
|
end
|
761
779
|
|
780
|
+
context 'with an array of arrays with multiple items' do
|
781
|
+
before do
|
782
|
+
[true, false].each do |check|
|
783
|
+
allow(@test.provider).to receive(:run).with([@pass, '--flag'], check).
|
784
|
+
and_return(['test output', @pass_status])
|
785
|
+
allow(@test.provider).to receive(:run).with([@fail, '--flag'], check).
|
786
|
+
and_return(['test output', @fail_status])
|
787
|
+
allow(@test.provider).to receive(:run).with([@pass], check).
|
788
|
+
and_return(['test output', @pass_status])
|
789
|
+
allow(@test.provider).to receive(:run).with([@fail], check).
|
790
|
+
and_return(['test output', @fail_status])
|
791
|
+
end
|
792
|
+
end
|
793
|
+
it "runs if all the commands exits non-zero" do
|
794
|
+
@test[param] = [[@fail, '--flag'], [@fail], [@fail, '--flag']]
|
795
|
+
expect(@test.check_all_attributes).to eq(true)
|
796
|
+
end
|
797
|
+
|
798
|
+
it "does not run if one command exits zero" do
|
799
|
+
@test[param] = [[@pass, '--flag'], [@pass], [@fail, '--flag']]
|
800
|
+
expect(@test.check_all_attributes).to eq(false)
|
801
|
+
end
|
802
|
+
|
803
|
+
it "does not run if all command exits zero" do
|
804
|
+
@test[param] = [[@pass, '--flag'], [@pass], [@pass, '--flag']]
|
805
|
+
expect(@test.check_all_attributes).to eq(false)
|
806
|
+
end
|
807
|
+
end
|
808
|
+
|
762
809
|
it "should emit output to debug" do
|
763
810
|
Puppet::Util::Log.level = :debug
|
764
811
|
@test[param] = @fail
|
@@ -264,7 +264,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
|
|
264
264
|
|
265
265
|
expect(@resource[:owner]).to eq(100)
|
266
266
|
expect(@resource[:group]).to eq(200)
|
267
|
-
expect(@resource[:mode]).to eq("
|
267
|
+
expect(@resource[:mode]).to eq("0173")
|
268
268
|
|
269
269
|
# Metadata calls it checksum and checksum_type, we call it content and checksum.
|
270
270
|
expect(@resource[:content]).to eq(@metadata.checksum)
|
@@ -281,7 +281,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
|
|
281
281
|
|
282
282
|
expect(@resource[:owner]).to eq(1)
|
283
283
|
expect(@resource[:group]).to eq(2)
|
284
|
-
expect(@resource[:mode]).to eq('
|
284
|
+
expect(@resource[:mode]).to eq('0173')
|
285
285
|
expect(@resource[:content]).not_to eq(@metadata.checksum)
|
286
286
|
expect(@resource[:checksum]).not_to eq(@metadata.checksum_type.to_sym)
|
287
287
|
end
|
@@ -318,7 +318,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
|
|
318
318
|
|
319
319
|
expect(@resource[:owner]).to eq(100)
|
320
320
|
expect(@resource[:group]).to eq(200)
|
321
|
-
expect(@resource[:mode]).to eq("
|
321
|
+
expect(@resource[:mode]).to eq("0173")
|
322
322
|
end
|
323
323
|
|
324
324
|
it "copies the remote owner" do
|
@@ -336,7 +336,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
|
|
336
336
|
it "copies the remote mode" do
|
337
337
|
@source.copy_source_values
|
338
338
|
|
339
|
-
expect(@resource[:mode]).to eq("
|
339
|
+
expect(@resource[:mode]).to eq("0173")
|
340
340
|
end
|
341
341
|
end
|
342
342
|
|
data/spec/unit/type/tidy_spec.rb
CHANGED
@@ -280,6 +280,13 @@ describe tidy do
|
|
280
280
|
@ager.tidy?(@basepath, @stat)
|
281
281
|
end
|
282
282
|
|
283
|
+
it "should return true if the specified age is 0" do
|
284
|
+
@tidy[:age] = "0"
|
285
|
+
expect(@stat).to receive(:mtime).and_return(Time.now)
|
286
|
+
|
287
|
+
expect(@ager).to be_tidy(@basepath, @stat)
|
288
|
+
end
|
289
|
+
|
283
290
|
it "should return false if the file is more recent than the specified age" do
|
284
291
|
expect(@stat).to receive(:mtime).and_return(Time.now)
|
285
292
|
|
@@ -131,38 +131,73 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
|
|
131
131
|
expect(subject.name_to_principal(unknown_name)).to be_nil
|
132
132
|
end
|
133
133
|
|
134
|
+
it "should print a debug message if the account does not exist" do
|
135
|
+
expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
136
|
+
subject.name_to_principal(unknown_name)
|
137
|
+
end
|
138
|
+
|
134
139
|
it "should return a Puppet::Util::Windows::SID::Principal instance for any valid sid" do
|
135
140
|
expect(subject.name_to_principal(sid)).to be_an_instance_of(Puppet::Util::Windows::SID::Principal)
|
136
141
|
end
|
137
142
|
|
143
|
+
it "should not print debug messages for valid sid" do
|
144
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
145
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
146
|
+
subject.name_to_principal(sid)
|
147
|
+
end
|
148
|
+
|
149
|
+
it "should print a debug message for invalid sid" do
|
150
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
151
|
+
expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
152
|
+
subject.name_to_principal('S-1-5-21-INVALID-SID')
|
153
|
+
end
|
154
|
+
|
138
155
|
it "should accept unqualified account name" do
|
139
156
|
# NOTE: lookup by name works in localized environments only for a few instances
|
140
157
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
141
158
|
expect(subject.name_to_principal('SYSTEM').sid).to eq(sid)
|
142
159
|
end
|
143
160
|
|
161
|
+
it "should not print debug messages for unqualified account name" do
|
162
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
163
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
164
|
+
subject.name_to_principal('SYSTEM')
|
165
|
+
end
|
166
|
+
|
144
167
|
it "should be case-insensitive" do
|
145
168
|
# NOTE: lookup by name works in localized environments only for a few instances
|
146
169
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
147
170
|
expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal('system'))
|
148
171
|
end
|
149
172
|
|
173
|
+
it "should not print debug messages for wrongly cased account name" do
|
174
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
175
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
176
|
+
subject.name_to_principal('system')
|
177
|
+
end
|
178
|
+
|
150
179
|
it "should be leading and trailing whitespace-insensitive" do
|
151
180
|
# NOTE: lookup by name works in localized environments only for a few instances
|
152
181
|
# this works in French Windows, even though the account is really Syst\u00E8me
|
153
182
|
expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal(' SYSTEM '))
|
154
183
|
end
|
155
184
|
|
185
|
+
it "should not print debug messages for account name with leading and trailing whitespace" do
|
186
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
187
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
188
|
+
subject.name_to_principal(' SYSTEM ')
|
189
|
+
end
|
190
|
+
|
156
191
|
it "should accept domain qualified account names" do
|
157
192
|
# NOTE: lookup by name works in localized environments only for a few instances
|
158
193
|
# this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
|
159
194
|
expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
|
160
195
|
end
|
161
196
|
|
162
|
-
it "should print
|
163
|
-
expect(Puppet).
|
164
|
-
expect(Puppet).
|
165
|
-
subject.name_to_principal('
|
197
|
+
it "should not print debug messages for domain qualified account names" do
|
198
|
+
expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
|
199
|
+
expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
|
200
|
+
subject.name_to_principal('NT AUTHORITY\SYSTEM')
|
166
201
|
end
|
167
202
|
end
|
168
203
|
|
@@ -40,6 +40,7 @@ task(:gen_cert_fixtures) do
|
|
40
40
|
# 127.0.0.1.pem | +- /CN=127.0.0.1 (with dns alt names)
|
41
41
|
# tampered-cert.pem | +- /CN=signed (with different public key)
|
42
42
|
# ec.pem | +- /CN=ec (with EC private key)
|
43
|
+
# oid.pem | +- /CN=oid (with custom oid)
|
43
44
|
# |
|
44
45
|
# + /CN=Test CA Agent Subauthority
|
45
46
|
# | |
|
@@ -49,7 +50,7 @@ task(:gen_cert_fixtures) do
|
|
49
50
|
#
|
50
51
|
# bad-basic-constraints.pem /CN=Test CA (bad isCA constraint)
|
51
52
|
#
|
52
|
-
# unknown-ca.
|
53
|
+
# unknown-ca.pem /CN=Unknown CA
|
53
54
|
# |
|
54
55
|
# unknown-127.0.0.1.pem +- /CN=127.0.0.1
|
55
56
|
#
|
@@ -103,6 +104,14 @@ task(:gen_cert_fixtures) do
|
|
103
104
|
save(dir, '127.0.0.1.pem', signed[:cert])
|
104
105
|
save(dir, '127.0.0.1-key.pem', signed[:private_key])
|
105
106
|
|
107
|
+
# Create an SSL cert with extensions containing custom oids
|
108
|
+
extensions = [
|
109
|
+
['1.3.6.1.4.1.34380.1.2.1.1', OpenSSL::ASN1::UTF8String.new('somevalue'), false],
|
110
|
+
]
|
111
|
+
oid = ca.create_cert('oid', inter[:cert], inter[:private_key], extensions: extensions)
|
112
|
+
save(dir, 'oid.pem', oid[:cert])
|
113
|
+
save(dir, 'oid-key.pem', oid[:private_key])
|
114
|
+
|
106
115
|
# Create a leaf/entity key and cert for host "revoked", issued by "Test CA Subauthority"
|
107
116
|
# and revoke the cert
|
108
117
|
revoked = ca.create_cert('revoked', inter[:cert], inter[:private_key])
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.24.0
|
5
5
|
platform: universal-darwin
|
6
6
|
authors:
|
7
7
|
- Puppet Labs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-07-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: facter
|
@@ -1472,6 +1472,8 @@ files:
|
|
1472
1472
|
- spec/fixtures/ssl/intermediate-crl.pem
|
1473
1473
|
- spec/fixtures/ssl/intermediate.pem
|
1474
1474
|
- spec/fixtures/ssl/netlock-arany-utf8.pem
|
1475
|
+
- spec/fixtures/ssl/oid-key.pem
|
1476
|
+
- spec/fixtures/ssl/oid.pem
|
1475
1477
|
- spec/fixtures/ssl/pluto-key.pem
|
1476
1478
|
- spec/fixtures/ssl/pluto.pem
|
1477
1479
|
- spec/fixtures/ssl/request-key.pem
|
@@ -1482,6 +1484,7 @@ files:
|
|
1482
1484
|
- spec/fixtures/ssl/signed.pem
|
1483
1485
|
- spec/fixtures/ssl/tampered-cert.pem
|
1484
1486
|
- spec/fixtures/ssl/tampered-csr.pem
|
1487
|
+
- spec/fixtures/ssl/trusted_oid_mapping.yaml
|
1485
1488
|
- spec/fixtures/ssl/unknown-127.0.0.1-key.pem
|
1486
1489
|
- spec/fixtures/ssl/unknown-127.0.0.1.pem
|
1487
1490
|
- spec/fixtures/ssl/unknown-ca-key.pem
|
@@ -1832,6 +1835,7 @@ files:
|
|
1832
1835
|
- spec/integration/application/module_spec.rb
|
1833
1836
|
- spec/integration/application/plugin_spec.rb
|
1834
1837
|
- spec/integration/application/resource_spec.rb
|
1838
|
+
- spec/integration/application/ssl_spec.rb
|
1835
1839
|
- spec/integration/configurer_spec.rb
|
1836
1840
|
- spec/integration/data_binding_spec.rb
|
1837
1841
|
- spec/integration/defaults_spec.rb
|
@@ -2665,7 +2669,8 @@ files:
|
|
2665
2669
|
- tasks/parser.rake
|
2666
2670
|
- tasks/yard.rake
|
2667
2671
|
homepage: https://github.com/puppetlabs/puppet
|
2668
|
-
licenses:
|
2672
|
+
licenses:
|
2673
|
+
- Apache-2.0
|
2669
2674
|
metadata: {}
|
2670
2675
|
post_install_message:
|
2671
2676
|
rdoc_options:
|
@@ -2742,6 +2747,8 @@ test_files:
|
|
2742
2747
|
- spec/fixtures/ssl/intermediate-crl.pem
|
2743
2748
|
- spec/fixtures/ssl/intermediate.pem
|
2744
2749
|
- spec/fixtures/ssl/netlock-arany-utf8.pem
|
2750
|
+
- spec/fixtures/ssl/oid-key.pem
|
2751
|
+
- spec/fixtures/ssl/oid.pem
|
2745
2752
|
- spec/fixtures/ssl/pluto-key.pem
|
2746
2753
|
- spec/fixtures/ssl/pluto.pem
|
2747
2754
|
- spec/fixtures/ssl/request-key.pem
|
@@ -2752,6 +2759,7 @@ test_files:
|
|
2752
2759
|
- spec/fixtures/ssl/signed.pem
|
2753
2760
|
- spec/fixtures/ssl/tampered-cert.pem
|
2754
2761
|
- spec/fixtures/ssl/tampered-csr.pem
|
2762
|
+
- spec/fixtures/ssl/trusted_oid_mapping.yaml
|
2755
2763
|
- spec/fixtures/ssl/unknown-127.0.0.1-key.pem
|
2756
2764
|
- spec/fixtures/ssl/unknown-127.0.0.1.pem
|
2757
2765
|
- spec/fixtures/ssl/unknown-ca-key.pem
|
@@ -3102,6 +3110,7 @@ test_files:
|
|
3102
3110
|
- spec/integration/application/module_spec.rb
|
3103
3111
|
- spec/integration/application/plugin_spec.rb
|
3104
3112
|
- spec/integration/application/resource_spec.rb
|
3113
|
+
- spec/integration/application/ssl_spec.rb
|
3105
3114
|
- spec/integration/configurer_spec.rb
|
3106
3115
|
- spec/integration/data_binding_spec.rb
|
3107
3116
|
- spec/integration/defaults_spec.rb
|