puppet 6.23.0 → 7.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/Gemfile +1 -3
- data/Gemfile.lock +34 -46
- data/README.md +1 -1
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -14
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +11 -20
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application/agent.rb +4 -12
- data/lib/puppet/application/apply.rb +2 -4
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -9
- data/lib/puppet/application/resource.rb +1 -2
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -12
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/configurer.rb +30 -45
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/defaults.rb +100 -192
- data/lib/puppet/environments.rb +60 -74
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +0 -2
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/tree_each.rb +9 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/http/client.rb +164 -114
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -12
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +22 -138
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector/catalog/compiler.rb +0 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -48
- data/lib/puppet/module_tool/errors/shared.rb +2 -17
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +3 -1
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +0 -69
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/group/groupadd.rb +8 -13
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +0 -1
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/systemd.rb +4 -14
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +10 -33
- data/lib/puppet/provider/user/useradd.rb +8 -62
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/resource.rb +1 -89
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +73 -66
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +17 -0
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +1 -3
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/report.rb +2 -4
- data/lib/puppet/type.rb +0 -76
- data/lib/puppet/type/file.rb +6 -26
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/service.rb +38 -18
- data/lib/puppet/type/tidy.rb +2 -21
- data/lib/puppet/type/user.rb +20 -38
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -53
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/windows.rb +3 -8
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +9 -460
- data/lib/puppet/util/windows/sid.rb +2 -4
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +651 -1436
- data/man/man5/puppet.conf.5 +266 -354
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +4 -47
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +27 -171
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -16
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/http/client_spec.rb +0 -12
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/file_spec.rb +5 -4
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/lib/puppet_spec/puppetserver.rb +1 -1
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/spec_helper.rb +7 -12
- data/spec/unit/agent_spec.rb +6 -10
- data/spec/unit/application/agent_spec.rb +3 -7
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +12 -32
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/defaults_spec.rb +68 -54
- data/spec/unit/environments_spec.rb +68 -224
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +0 -9
- data/spec/unit/forge/module_release_spec.rb +7 -2
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +7 -8
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -185
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +12 -8
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -66
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -45
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +3 -4
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip_spec.rb +11 -6
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
- data/spec/unit/provider/service/init_spec.rb +0 -1
- data/spec/unit/provider/service/openwrt_spec.rb +1 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +8 -53
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +3 -71
- data/spec/unit/provider_spec.rb +8 -18
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +10 -67
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +23 -13
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
- data/spec/unit/ssl/state_machine_spec.rb +5 -20
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +0 -1
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -60
- data/spec/unit/type/tidy_spec.rb +8 -17
- data/spec/unit/type/user_spec.rb +0 -45
- data/spec/unit/type_spec.rb +22 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -6
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +2 -2
- metadata +44 -181
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -30
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
@@ -7,7 +7,7 @@ Puppet::Type.type(:file).newparam(:checksum) do
|
|
7
7
|
|
8
8
|
desc "The checksum type to use when determining whether to replace a file's contents.
|
9
9
|
|
10
|
-
The default checksum type is
|
10
|
+
The default checksum type is #{Puppet.default_digest_algorithm}."
|
11
11
|
|
12
12
|
newvalues(*Puppet::Util::Checksums.known_checksum_types)
|
13
13
|
|
@@ -340,7 +340,7 @@ module Puppet
|
|
340
340
|
|
341
341
|
def handle_response_error(response)
|
342
342
|
message = "Error #{response.code} on SERVER: #{response.body.empty? ? response.reason : response.body}"
|
343
|
-
raise Net::HTTPError.new(message, response
|
343
|
+
raise Net::HTTPError.new(message, Puppet::HTTP::ResponseConverter.to_ruby_response(response))
|
344
344
|
end
|
345
345
|
end
|
346
346
|
|
@@ -5,7 +5,7 @@ module Puppet
|
|
5
5
|
@doc = <<-EOT
|
6
6
|
A repository for storing and retrieving file content by MD5 checksum. Can
|
7
7
|
be local to each agent node, or centralized on a puppet master server. All
|
8
|
-
puppet
|
8
|
+
puppet servers provide a filebucket service that agent nodes can access
|
9
9
|
via HTTP, but you must declare a filebucket resource before any agents
|
10
10
|
will do so.
|
11
11
|
|
@@ -30,9 +30,9 @@ module Puppet
|
|
30
30
|
|
31
31
|
File { backup => main, }
|
32
32
|
|
33
|
-
Puppet
|
33
|
+
Puppet Servers automatically provide the filebucket service, so
|
34
34
|
this will work in a default configuration. If you have a heavily
|
35
|
-
restricted `auth.conf` file, you may need to allow access to the
|
35
|
+
restricted Puppet Server `auth.conf` file, you may need to allow access to the
|
36
36
|
`file_bucket_file` endpoint.
|
37
37
|
EOT
|
38
38
|
|
data/lib/puppet/type/package.rb
CHANGED
@@ -106,10 +106,6 @@ module Puppet
|
|
106
106
|
provider.purge
|
107
107
|
end
|
108
108
|
|
109
|
-
newvalue(:held, :event => :package_held, :required_features => :holdable) do
|
110
|
-
provider.deprecated_hold
|
111
|
-
end
|
112
|
-
|
113
109
|
newvalue(:disabled, :required_features => :disableable) do
|
114
110
|
provider.disable
|
115
111
|
end
|
@@ -161,7 +157,7 @@ module Puppet
|
|
161
157
|
@should.each { |should|
|
162
158
|
case should
|
163
159
|
when :present
|
164
|
-
return true unless [:absent, :purged, :
|
160
|
+
return true unless [:absent, :purged, :disabled].include?(is)
|
165
161
|
when :latest
|
166
162
|
# Short-circuit packages that are not present
|
167
163
|
return false if is == :absent || is == :purged
|
@@ -426,10 +422,10 @@ module Puppet
|
|
426
422
|
end
|
427
423
|
|
428
424
|
newparam(:source) do
|
429
|
-
desc "Where to find the package file. This is
|
425
|
+
desc "Where to find the package file. This is only used by providers that don't
|
430
426
|
automatically download packages from a central repository. (For example:
|
431
|
-
the `yum`
|
432
|
-
|
427
|
+
the `yum` and `apt` providers ignore this attribute, but the `rpm` and
|
428
|
+
`dpkg` providers require it.)
|
433
429
|
|
434
430
|
Different providers accept different values for `source`. Most providers
|
435
431
|
accept paths to local files stored on the target system. Some providers
|
@@ -657,8 +653,7 @@ module Puppet
|
|
657
653
|
if provider.reinstallable? &&
|
658
654
|
@parameters[:reinstall_on_refresh].value == :true &&
|
659
655
|
@parameters[:ensure].value != :purged &&
|
660
|
-
@parameters[:ensure].value != :absent
|
661
|
-
@parameters[:ensure].value != :held
|
656
|
+
@parameters[:ensure].value != :absent
|
662
657
|
|
663
658
|
provider.reinstall
|
664
659
|
end
|
@@ -673,7 +668,7 @@ module Puppet
|
|
673
668
|
Default is "none". Mark can be specified with or without `ensure`,
|
674
669
|
if `ensure` is missing will default to "present".
|
675
670
|
|
676
|
-
Mark cannot be specified together with "purged",
|
671
|
+
Mark cannot be specified together with "purged", or "absent"
|
677
672
|
values for `ensure`.
|
678
673
|
EOT
|
679
674
|
newvalues(:hold, :none)
|
@@ -710,11 +705,8 @@ module Puppet
|
|
710
705
|
end
|
711
706
|
|
712
707
|
validate do
|
713
|
-
if :
|
714
|
-
|
715
|
-
end
|
716
|
-
if @parameters[:mark] && [:absent, :purged, :held].include?(@parameters[:ensure].should)
|
717
|
-
raise ArgumentError, _('You cannot use "mark" property while "ensure" is one of ["absent", "purged", "held"]')
|
708
|
+
if @parameters[:mark] && [:absent, :purged].include?(@parameters[:ensure].should)
|
709
|
+
raise ArgumentError, _('You cannot use "mark" property while "ensure" is one of ["absent", "purged"]')
|
718
710
|
end
|
719
711
|
end
|
720
712
|
end
|
data/lib/puppet/type/service.rb
CHANGED
@@ -38,12 +38,6 @@ module Puppet
|
|
38
38
|
feature :enableable, "The provider can enable and disable the service.",
|
39
39
|
:methods => [:disable, :enable, :enabled?]
|
40
40
|
|
41
|
-
feature :delayed_startable, "The provider can set service to delayed start",
|
42
|
-
:methods => [:delayed_start]
|
43
|
-
|
44
|
-
feature :manual_startable, "The provider can set service to manual start",
|
45
|
-
:methods => [:manual_start]
|
46
|
-
|
47
41
|
feature :controllable, "The provider uses a control variable."
|
48
42
|
|
49
43
|
feature :flaggable, "The provider can pass flags to the service."
|
@@ -73,7 +67,7 @@ module Puppet
|
|
73
67
|
provider.disable
|
74
68
|
end
|
75
69
|
|
76
|
-
newvalue(:manual, :event => :service_manual_start
|
70
|
+
newvalue(:manual, :event => :service_manual_start) do
|
77
71
|
provider.manual_start
|
78
72
|
end
|
79
73
|
|
@@ -87,7 +81,8 @@ module Puppet
|
|
87
81
|
provider.enabled?
|
88
82
|
end
|
89
83
|
|
90
|
-
|
84
|
+
# This only works on Windows systems.
|
85
|
+
newvalue(:delayed, :event => :service_delayed_start) do
|
91
86
|
provider.delayed_start
|
92
87
|
end
|
93
88
|
|
@@ -95,6 +90,12 @@ module Puppet
|
|
95
90
|
return provider.enabled_insync?(current) if provider.respond_to?(:enabled_insync?)
|
96
91
|
super(current)
|
97
92
|
end
|
93
|
+
|
94
|
+
validate do |value|
|
95
|
+
if (value == :manual || value == :delayed) && !Puppet::Util::Platform.windows?
|
96
|
+
raise Puppet::Error.new(_("Setting enable to %{value} is only supported on Microsoft Windows.") % { value: value.to_s} )
|
97
|
+
end
|
98
|
+
end
|
98
99
|
end
|
99
100
|
|
100
101
|
# Handle whether the service should actually be running right now.
|
@@ -138,9 +139,23 @@ module Puppet
|
|
138
139
|
newproperty(:logonaccount, :required_features => :manages_logon_credentials) do
|
139
140
|
desc "Specify an account for service logon"
|
140
141
|
|
141
|
-
|
142
|
-
return
|
143
|
-
|
142
|
+
munge do |value|
|
143
|
+
return value unless Puppet::Util::Platform.windows?
|
144
|
+
return 'LocalSystem' if Puppet::Util::Windows::User::localsystem?(value)
|
145
|
+
|
146
|
+
value.sub!(/^\.\\/, "#{Puppet::Util::Windows::ADSI.computer_name}\\")
|
147
|
+
user_information = Puppet::Util::Windows::SID.name_to_principal(value)
|
148
|
+
raise Puppet::Error.new("\"#{value}\" is not a valid account") unless user_information && [:SidTypeUser, :SidTypeWellKnownGroup].include?(user_information.account_type)
|
149
|
+
|
150
|
+
user_rights = Puppet::Util::Windows::User::get_rights(user_information.domain_account) unless Puppet::Util::Windows::User::default_system_account?(value)
|
151
|
+
raise Puppet::Error.new("\"#{user_information.domain_account}\" has the 'Log On As A Service' right set to denied.") if user_rights =~ /SeDenyServiceLogonRight/
|
152
|
+
raise Puppet::Error.new("\"#{user_information.domain_account}\" is missing the 'Log On As A Service' right.") unless user_rights.nil? || user_rights =~ /SeServiceLogonRight/
|
153
|
+
|
154
|
+
if user_information.domain == Puppet::Util::Windows::ADSI.computer_name
|
155
|
+
".\\#{user_information.account}"
|
156
|
+
else
|
157
|
+
user_information.domain_account
|
158
|
+
end
|
144
159
|
end
|
145
160
|
end
|
146
161
|
|
@@ -148,7 +163,18 @@ module Puppet
|
|
148
163
|
desc "Specify a password for service logon. Default value is an empty string (when logonaccount is specified)."
|
149
164
|
|
150
165
|
validate do |value|
|
151
|
-
raise
|
166
|
+
raise Puppet::Error.new(_"The 'logonaccount' parameter is mandatory when setting 'logonpassword'.") unless @resource[:logonaccount]
|
167
|
+
raise ArgumentError, _("Passwords cannot include ':'") if value.is_a?(String) and value.include?(":")
|
168
|
+
return unless Puppet::Util::Platform.windows?
|
169
|
+
|
170
|
+
is_a_predefined_local_account = Puppet::Util::Windows::User::default_system_account?(@resource[:logonaccount]) || @resource[:logonaccount] == 'LocalSystem'
|
171
|
+
|
172
|
+
account_info = @resource[:logonaccount].split("\\")
|
173
|
+
able_to_logon = Puppet::Util::Windows::User.password_is?(account_info[1], value, account_info[0]) unless is_a_predefined_local_account
|
174
|
+
|
175
|
+
raise Puppet::Error.new("The given password is invalid for user '#{@resource[:logonaccount]}'.") unless is_a_predefined_local_account || able_to_logon
|
176
|
+
|
177
|
+
provider.logonpassword=(value)
|
152
178
|
end
|
153
179
|
|
154
180
|
sensitive true
|
@@ -294,11 +320,5 @@ module Puppet
|
|
294
320
|
def self.needs_ensure_retrieved
|
295
321
|
false
|
296
322
|
end
|
297
|
-
|
298
|
-
validate do
|
299
|
-
if @parameters[:logonpassword] && @parameters[:logonaccount].nil?
|
300
|
-
raise Puppet::Error.new(_"The 'logonaccount' parameter is mandatory when setting 'logonpassword'.")
|
301
|
-
end
|
302
|
-
end
|
303
323
|
end
|
304
324
|
end
|
data/lib/puppet/type/tidy.rb
CHANGED
@@ -50,22 +50,6 @@ Puppet::Type.newtype(:tidy) do
|
|
50
50
|
end
|
51
51
|
end
|
52
52
|
|
53
|
-
newparam(:max_files) do
|
54
|
-
desc "In case the resource is a directory and the recursion is enabled, puppet will
|
55
|
-
generate a new resource for each file file found, possible leading to
|
56
|
-
an excessive number of resources generated without any control.
|
57
|
-
|
58
|
-
Setting `max_files` will check the number of file resources that
|
59
|
-
will eventually be created and will raise a resource argument error if the
|
60
|
-
limit will be exceeded.
|
61
|
-
|
62
|
-
Use value `0` to disable the check. In this case, a warning is logged if
|
63
|
-
the number of files exceeds 1000."
|
64
|
-
|
65
|
-
defaultto 0
|
66
|
-
newvalues(/^[0-9]+$/)
|
67
|
-
end
|
68
|
-
|
69
53
|
newparam(:matches) do
|
70
54
|
desc <<-'EOT'
|
71
55
|
One or more (shell type) file glob patterns, which restrict
|
@@ -272,12 +256,9 @@ Puppet::Type.newtype(:tidy) do
|
|
272
256
|
|
273
257
|
case self[:recurse]
|
274
258
|
when Integer, /^\d+$/
|
275
|
-
parameter = { :
|
276
|
-
:recurse => true,
|
277
|
-
:recurselimit => self[:recurse] }
|
259
|
+
parameter = { :recurse => true, :recurselimit => self[:recurse] }
|
278
260
|
when true, :true, :inf
|
279
|
-
parameter = { :
|
280
|
-
:recurse => true }
|
261
|
+
parameter = { :recurse => true }
|
281
262
|
end
|
282
263
|
|
283
264
|
if parameter
|
data/lib/puppet/type/user.rb
CHANGED
@@ -67,7 +67,6 @@ module Puppet
|
|
67
67
|
newproperty(:ensure, :parent => Puppet::Property::Ensure) do
|
68
68
|
newvalue(:present, :event => :user_created) do
|
69
69
|
provider.create
|
70
|
-
@resource.generate
|
71
70
|
end
|
72
71
|
|
73
72
|
newvalue(:absent, :event => :user_removed) do
|
@@ -696,7 +695,6 @@ module Puppet
|
|
696
695
|
|
697
696
|
def generate
|
698
697
|
if !self[:purge_ssh_keys].empty?
|
699
|
-
return [] if self[:ensure] == :present && !provider.exists?
|
700
698
|
if Puppet::Type.type(:ssh_authorized_key).nil?
|
701
699
|
warning _("Ssh_authorized_key type is not available. Cannot purge SSH keys.")
|
702
700
|
else
|
@@ -745,6 +743,25 @@ module Puppet
|
|
745
743
|
end
|
746
744
|
raise ArgumentError, _("purge_ssh_keys must be true, false, or an array of file names, not %{value}") % { value: value.inspect }
|
747
745
|
end
|
746
|
+
|
747
|
+
munge do |value|
|
748
|
+
# Resolve string, boolean and symbol forms of true and false to a
|
749
|
+
# single representation.
|
750
|
+
test_sym = value.to_s.intern
|
751
|
+
value = test_sym if [:true, :false].include? test_sym
|
752
|
+
|
753
|
+
return [] if value == :false
|
754
|
+
home = resource[:home] || Dir.home(resource[:name])
|
755
|
+
|
756
|
+
return [ "#{home}/.ssh/authorized_keys" ] if value == :true
|
757
|
+
# value is an array - munge each value
|
758
|
+
[ value ].flatten.map do |entry|
|
759
|
+
# make sure frozen value is duplicated by using a gsub, second mutating gsub! is then ok
|
760
|
+
entry = entry.gsub(/^~\//, "#{home}/")
|
761
|
+
entry.gsub!(/^%h\//, "#{home}/")
|
762
|
+
entry
|
763
|
+
end
|
764
|
+
end
|
748
765
|
end
|
749
766
|
|
750
767
|
newproperty(:loginclass, :required_features => :manages_loginclass) do
|
@@ -766,7 +783,7 @@ module Puppet
|
|
766
783
|
# @see generate
|
767
784
|
# @api private
|
768
785
|
def find_unmanaged_keys
|
769
|
-
|
786
|
+
self[:purge_ssh_keys].
|
770
787
|
select { |f| File.readable?(f) }.
|
771
788
|
map { |f| unknown_keys_in_file(f) }.
|
772
789
|
flatten.each do |res|
|
@@ -778,41 +795,6 @@ module Puppet
|
|
778
795
|
end
|
779
796
|
end
|
780
797
|
|
781
|
-
def munged_unmanaged_keys
|
782
|
-
value = self[:purge_ssh_keys]
|
783
|
-
|
784
|
-
# Resolve string, boolean and symbol forms of true and false to a
|
785
|
-
# single representation.
|
786
|
-
test_sym = value.to_s.intern
|
787
|
-
value = test_sym if [:true, :false].include? test_sym
|
788
|
-
|
789
|
-
return [] if value == :false
|
790
|
-
|
791
|
-
home = self[:home]
|
792
|
-
begin
|
793
|
-
home ||= provider.home
|
794
|
-
rescue
|
795
|
-
Puppet.debug("User '#{self[:name]}' does not exist")
|
796
|
-
end
|
797
|
-
|
798
|
-
if home.to_s.empty? || !Dir.exist?(home.to_s)
|
799
|
-
if value == :true || [ value ].flatten.any? { |v| v.start_with?('~/', '%h/') }
|
800
|
-
Puppet.debug("User '#{self[:name]}' has no home directory set to purge ssh keys from.")
|
801
|
-
return []
|
802
|
-
end
|
803
|
-
end
|
804
|
-
|
805
|
-
return [ "#{home}/.ssh/authorized_keys" ] if value == :true
|
806
|
-
|
807
|
-
# value is an array - munge each value
|
808
|
-
[ value ].flatten.map do |entry|
|
809
|
-
# make sure frozen value is duplicated by using a gsub, second mutating gsub! is then ok
|
810
|
-
entry = entry.gsub(/^~\//, "#{home}/")
|
811
|
-
entry.gsub!(/^%h\//, "#{home}/")
|
812
|
-
entry
|
813
|
-
end
|
814
|
-
end
|
815
|
-
|
816
798
|
# Parse an ssh authorized keys file superficially, extract the comments
|
817
799
|
# on the keys. These are considered names of possible ssh_authorized_keys
|
818
800
|
# resources. Keys that are managed by the present catalog are ignored.
|
data/lib/puppet/util/autoload.rb
CHANGED
@@ -166,7 +166,14 @@ class Puppet::Util::Autoload
|
|
166
166
|
# Normalize a path. This converts ALT_SEPARATOR to SEPARATOR on Windows
|
167
167
|
# and eliminates unnecessary parts of a path.
|
168
168
|
def cleanpath(path)
|
169
|
-
|
169
|
+
# There are two cases here because cleanpath does not handle absolute
|
170
|
+
# paths correctly on windows (c:\ and c:/ are treated as distinct) but
|
171
|
+
# we don't want to convert relative paths to absolute
|
172
|
+
if Puppet::Util.absolute_path?(path)
|
173
|
+
File.expand_path(path)
|
174
|
+
else
|
175
|
+
Pathname.new(path).cleanpath.to_s
|
176
|
+
end
|
170
177
|
end
|
171
178
|
end
|
172
179
|
|
@@ -94,17 +94,6 @@ module Puppet::Util::Execution
|
|
94
94
|
end
|
95
95
|
private_class_method :exitstatus
|
96
96
|
|
97
|
-
# Wraps execution of {execute} with mapping of exception to given exception (and output as argument).
|
98
|
-
# @raise [exception] under same conditions as {execute}, but raises the given `exception` with the output as argument
|
99
|
-
# @return (see execute)
|
100
|
-
# @api public
|
101
|
-
# @deprecated
|
102
|
-
def self.execfail(command, exception)
|
103
|
-
execute(command)
|
104
|
-
rescue Puppet::ExecutionFailure => detail
|
105
|
-
raise exception, detail.message, detail.backtrace
|
106
|
-
end
|
107
|
-
|
108
97
|
# Default empty options for {execute}
|
109
98
|
NoOptionsSpecified = {}
|
110
99
|
|
@@ -1,217 +1,4 @@
|
|
1
|
-
require 'uri'
|
2
|
-
require 'puppet/ssl/openssl_loader'
|
3
1
|
require 'puppet/http'
|
4
2
|
|
5
|
-
|
6
|
-
|
7
|
-
if http_proxy_host && !no_proxy?(uri)
|
8
|
-
Net::HTTP.new(uri.host, uri.port, self.http_proxy_host, self.http_proxy_port, self.http_proxy_user, self.http_proxy_password)
|
9
|
-
else
|
10
|
-
http = Net::HTTP.new(uri.host, uri.port, nil, nil, nil, nil)
|
11
|
-
# Net::HTTP defaults the proxy port even though we said not to
|
12
|
-
# use one. Set it to nil so caller is not surprised
|
13
|
-
http.proxy_port = nil
|
14
|
-
http
|
15
|
-
end
|
16
|
-
end
|
17
|
-
|
18
|
-
def self.http_proxy_env
|
19
|
-
# Returns a URI object if proxy is set, or nil
|
20
|
-
proxy_env = ENV["http_proxy"] || ENV["HTTP_PROXY"]
|
21
|
-
begin
|
22
|
-
return URI.parse(proxy_env) if proxy_env
|
23
|
-
rescue URI::InvalidURIError
|
24
|
-
return nil
|
25
|
-
end
|
26
|
-
return nil
|
27
|
-
end
|
28
|
-
|
29
|
-
# The documentation around the format of the no_proxy variable seems
|
30
|
-
# inconsistent. Some suggests the use of the * as a way of matching any
|
31
|
-
# hosts under a domain, e.g.:
|
32
|
-
# *.example.com
|
33
|
-
# Other documentation suggests that just a leading '.' indicates a domain
|
34
|
-
# level exclusion, e.g.:
|
35
|
-
# .example.com
|
36
|
-
# We'll accommodate both here.
|
37
|
-
def self.no_proxy?(dest)
|
38
|
-
no_proxy = self.no_proxy
|
39
|
-
unless no_proxy
|
40
|
-
return false
|
41
|
-
end
|
42
|
-
|
43
|
-
unless dest.is_a? URI
|
44
|
-
begin
|
45
|
-
dest = URI.parse(dest)
|
46
|
-
rescue URI::InvalidURIError
|
47
|
-
return false
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
no_proxy.split(/\s*,\s*/).each do |d|
|
52
|
-
host, port = d.split(':')
|
53
|
-
host = Regexp.escape(host).gsub('\*', '.*')
|
54
|
-
|
55
|
-
#If this no_proxy entry specifies a port, we want to match it against
|
56
|
-
#the destination port. Otherwise just match hosts.
|
57
|
-
if port
|
58
|
-
no_proxy_regex = %r(#{host}:#{port}$)
|
59
|
-
dest_string = "#{dest.host}:#{dest.port}"
|
60
|
-
else
|
61
|
-
no_proxy_regex = %r(#{host}$)
|
62
|
-
dest_string = "#{dest.host}"
|
63
|
-
end
|
64
|
-
|
65
|
-
if no_proxy_regex.match(dest_string)
|
66
|
-
return true
|
67
|
-
end
|
68
|
-
end
|
69
|
-
|
70
|
-
return false
|
71
|
-
end
|
72
|
-
|
73
|
-
def self.http_proxy_host
|
74
|
-
env = self.http_proxy_env
|
75
|
-
|
76
|
-
if env and env.host
|
77
|
-
return env.host
|
78
|
-
end
|
79
|
-
|
80
|
-
if Puppet.settings[:http_proxy_host] == 'none'
|
81
|
-
return nil
|
82
|
-
end
|
83
|
-
|
84
|
-
return Puppet.settings[:http_proxy_host]
|
85
|
-
end
|
86
|
-
|
87
|
-
def self.http_proxy_port
|
88
|
-
env = self.http_proxy_env
|
89
|
-
|
90
|
-
if env and env.port
|
91
|
-
return env.port
|
92
|
-
end
|
93
|
-
|
94
|
-
return Puppet.settings[:http_proxy_port]
|
95
|
-
end
|
96
|
-
|
97
|
-
def self.http_proxy_user
|
98
|
-
env = self.http_proxy_env
|
99
|
-
|
100
|
-
if env and env.user
|
101
|
-
return env.user
|
102
|
-
end
|
103
|
-
|
104
|
-
if Puppet.settings[:http_proxy_user] == 'none'
|
105
|
-
return nil
|
106
|
-
end
|
107
|
-
|
108
|
-
return Puppet.settings[:http_proxy_user]
|
109
|
-
end
|
110
|
-
|
111
|
-
def self.http_proxy_password
|
112
|
-
env = self.http_proxy_env
|
113
|
-
|
114
|
-
if env and env.password
|
115
|
-
return env.password
|
116
|
-
end
|
117
|
-
|
118
|
-
if Puppet.settings[:http_proxy_user] == 'none' or Puppet.settings[:http_proxy_password] == 'none'
|
119
|
-
return nil
|
120
|
-
end
|
121
|
-
|
122
|
-
return Puppet.settings[:http_proxy_password]
|
123
|
-
end
|
124
|
-
|
125
|
-
def self.no_proxy
|
126
|
-
no_proxy_env = ENV["no_proxy"] || ENV["NO_PROXY"]
|
127
|
-
|
128
|
-
if no_proxy_env
|
129
|
-
return no_proxy_env
|
130
|
-
end
|
131
|
-
|
132
|
-
if Puppet.settings[:no_proxy] == 'none'
|
133
|
-
return nil
|
134
|
-
end
|
135
|
-
|
136
|
-
return Puppet.settings[:no_proxy]
|
137
|
-
end
|
138
|
-
|
139
|
-
# Return a Net::HTTP::Proxy object.
|
140
|
-
#
|
141
|
-
# This method optionally configures SSL correctly if the URI scheme is
|
142
|
-
# 'https', including setting up the root certificate store so remote server
|
143
|
-
# SSL certificates can be validated.
|
144
|
-
#
|
145
|
-
# @param [URI] uri The URI that is to be accessed.
|
146
|
-
# @return [Net::HTTP::Proxy] object constructed tailored for the passed URI
|
147
|
-
def self.get_http_object(uri)
|
148
|
-
proxy = proxy(uri)
|
149
|
-
|
150
|
-
if uri.scheme == 'https'
|
151
|
-
cert_store = OpenSSL::X509::Store.new
|
152
|
-
cert_store.set_default_paths
|
153
|
-
|
154
|
-
proxy.use_ssl = true
|
155
|
-
proxy.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
156
|
-
proxy.cert_store = cert_store
|
157
|
-
end
|
158
|
-
|
159
|
-
if Puppet[:http_debug]
|
160
|
-
proxy.set_debug_output($stderr)
|
161
|
-
end
|
162
|
-
|
163
|
-
proxy.open_timeout = Puppet[:http_connect_timeout]
|
164
|
-
proxy.read_timeout = Puppet[:http_read_timeout]
|
165
|
-
|
166
|
-
proxy
|
167
|
-
end
|
168
|
-
|
169
|
-
# Retrieve a document through HTTP(s), following redirects if necessary. The
|
170
|
-
# returned response body may be compressed, and it is the caller's
|
171
|
-
# responsibility to decompress it based on the 'content-encoding' header.
|
172
|
-
#
|
173
|
-
# Based on the the client implementation in the HTTP pool.
|
174
|
-
#
|
175
|
-
# @see Puppet::Network::HTTP::Connection#request_with_redirects
|
176
|
-
#
|
177
|
-
# @param [URI] uri The address of the resource to retrieve.
|
178
|
-
# @param [symbol] method The name of the Net::HTTP method to use, typically :get, :head, :post etc.
|
179
|
-
# @param [FixNum] redirect_limit The number of redirections that can be followed.
|
180
|
-
# @return [Net::HTTPResponse] a response object
|
181
|
-
def self.request_with_redirects(uri, method, redirect_limit = 10, &block)
|
182
|
-
current_uri = uri
|
183
|
-
response = nil
|
184
|
-
|
185
|
-
0.upto(redirect_limit) do |redirection|
|
186
|
-
proxy = get_http_object(current_uri)
|
187
|
-
|
188
|
-
headers = { 'Accept' => '*/*', 'User-Agent' => Puppet[:http_user_agent] }
|
189
|
-
if Puppet.features.zlib?
|
190
|
-
headers["Accept-Encoding"] = Puppet::HTTP::ACCEPT_ENCODING
|
191
|
-
end
|
192
|
-
|
193
|
-
response = proxy.send(:head, current_uri, headers)
|
194
|
-
Puppet.debug("HTTP HEAD request to #{current_uri} returned #{response.code} #{response.message}")
|
195
|
-
|
196
|
-
if [301, 302, 307].include?(response.code.to_i)
|
197
|
-
# handle the redirection
|
198
|
-
current_uri = URI.parse(response['location'])
|
199
|
-
next
|
200
|
-
end
|
201
|
-
|
202
|
-
if method != :head
|
203
|
-
if block_given?
|
204
|
-
response = proxy.send("request_#{method}".to_sym, current_uri, headers, &block)
|
205
|
-
else
|
206
|
-
response = proxy.send(method, current_uri, headers)
|
207
|
-
end
|
208
|
-
|
209
|
-
Puppet.debug("HTTP #{method.to_s.upcase} request to #{current_uri} returned #{response.code} #{response.message}")
|
210
|
-
end
|
211
|
-
|
212
|
-
return response
|
213
|
-
end
|
214
|
-
|
215
|
-
raise RedirectionLimitExceededException, _("Too many HTTP redirections for %{uri}") % { uri: uri }
|
216
|
-
end
|
217
|
-
end
|
3
|
+
# for backwards compatibility
|
4
|
+
Puppet::Util::HttpProxy = Puppet::HTTP::Proxy
|