puppet 6.23.0 → 7.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/Gemfile +1 -3
- data/Gemfile.lock +34 -46
- data/README.md +1 -1
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -14
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +11 -20
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application/agent.rb +4 -12
- data/lib/puppet/application/apply.rb +2 -4
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -9
- data/lib/puppet/application/resource.rb +1 -2
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -12
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/configurer.rb +30 -45
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/defaults.rb +100 -192
- data/lib/puppet/environments.rb +60 -74
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +0 -2
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/tree_each.rb +9 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/http/client.rb +164 -114
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -12
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +22 -138
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector/catalog/compiler.rb +0 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -48
- data/lib/puppet/module_tool/errors/shared.rb +2 -17
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +3 -1
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +0 -69
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/group/groupadd.rb +8 -13
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +0 -1
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/systemd.rb +4 -14
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +10 -33
- data/lib/puppet/provider/user/useradd.rb +8 -62
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/resource.rb +1 -89
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +73 -66
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +17 -0
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +1 -3
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/report.rb +2 -4
- data/lib/puppet/type.rb +0 -76
- data/lib/puppet/type/file.rb +6 -26
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/service.rb +38 -18
- data/lib/puppet/type/tidy.rb +2 -21
- data/lib/puppet/type/user.rb +20 -38
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -53
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/windows.rb +3 -8
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +9 -460
- data/lib/puppet/util/windows/sid.rb +2 -4
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +651 -1436
- data/man/man5/puppet.conf.5 +266 -354
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +4 -47
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +27 -171
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -16
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/http/client_spec.rb +0 -12
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/file_spec.rb +5 -4
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/lib/puppet_spec/puppetserver.rb +1 -1
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/spec_helper.rb +7 -12
- data/spec/unit/agent_spec.rb +6 -10
- data/spec/unit/application/agent_spec.rb +3 -7
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +12 -32
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/defaults_spec.rb +68 -54
- data/spec/unit/environments_spec.rb +68 -224
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +0 -9
- data/spec/unit/forge/module_release_spec.rb +7 -2
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +7 -8
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -185
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +12 -8
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -66
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -45
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +3 -4
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip_spec.rb +11 -6
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
- data/spec/unit/provider/service/init_spec.rb +0 -1
- data/spec/unit/provider/service/openwrt_spec.rb +1 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +8 -53
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +3 -71
- data/spec/unit/provider_spec.rb +8 -18
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +10 -67
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +23 -13
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
- data/spec/unit/ssl/state_machine_spec.rb +5 -20
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +0 -1
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -60
- data/spec/unit/type/tidy_spec.rb +8 -17
- data/spec/unit/type/user_spec.rb +0 -45
- data/spec/unit/type_spec.rb +22 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -6
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +2 -2
- metadata +44 -181
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -30
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
@@ -133,12 +133,9 @@ Some flags are meant specifically for interactive use --- in particular,
|
|
133
133
|
'test', 'tags' and 'fingerprint' are useful.
|
134
134
|
|
135
135
|
'--test' runs once in the foreground with verbose logging, then exits.
|
136
|
-
It also exits if it can't get a valid catalog. `--test` includes the
|
137
|
-
'--detailed-exitcodes' option by default and exits with one of the following
|
138
|
-
exit codes:
|
136
|
+
It also exits if it can't get a valid catalog. `--test` includes the '--detailed-exitcodes' option by default and exits with one of the following exit codes:
|
139
137
|
|
140
|
-
* 0: The run succeeded with no changes or failures; the system was already in
|
141
|
-
the desired state.
|
138
|
+
* 0: The run succeeded with no changes or failures; the system was already in the desired state.
|
142
139
|
* 1: The run failed, or wasn't attempted due to another run already in progress.
|
143
140
|
* 2: The run succeeded, and some resources were changed.
|
144
141
|
* 4: The run succeeded, and some resources failed.
|
@@ -249,9 +246,7 @@ generated by running puppet agent with '--genconfig'.
|
|
249
246
|
'puppet agent' exits after executing this.
|
250
247
|
|
251
248
|
* --evaltrace:
|
252
|
-
Logs each resource as it is being evaluated. This allows you to interactively
|
253
|
-
see exactly what is being done. (This is a Puppet setting, and can go in
|
254
|
-
puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
|
249
|
+
Logs each resource as it is being evaluated. This allows you to interactively see exactly what is being done. (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
|
255
250
|
|
256
251
|
* --fingerprint:
|
257
252
|
Display the current certificate or certificate signing request
|
@@ -272,8 +267,6 @@ generated by running puppet agent with '--genconfig'.
|
|
272
267
|
service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
|
273
268
|
file. If debugging or verbosity is enabled, this defaults to 'console'.
|
274
269
|
Otherwise, it defaults to 'syslog' on POSIX systems and 'eventlog' on Windows.
|
275
|
-
Multiple destinations can be set using a comma separated list
|
276
|
-
(eg: `/path/file1,console,/path/file2`)"
|
277
270
|
|
278
271
|
A path ending with '.json' will receive structured output in JSON format. The
|
279
272
|
log file will not have an ending ']' automatically written to it due to the
|
@@ -316,8 +309,7 @@ generated by running puppet agent with '--genconfig'.
|
|
316
309
|
'no-splay', and 'show_diff'.
|
317
310
|
|
318
311
|
* --trace
|
319
|
-
Prints stack traces on some errors. (This is a Puppet setting, and can go in
|
320
|
-
puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
|
312
|
+
Prints stack traces on some errors. (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
|
321
313
|
|
322
314
|
* --verbose:
|
323
315
|
Turn on verbose reporting.
|
@@ -113,8 +113,6 @@ configuration options by running puppet with
|
|
113
113
|
Where to send log messages. Choose between 'syslog' (the POSIX syslog
|
114
114
|
service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
|
115
115
|
file. Defaults to 'console'.
|
116
|
-
Multiple destinations can be set using a comma separated list
|
117
|
-
(eg: `/path/file1,console,/path/file2`)"
|
118
116
|
|
119
117
|
A path ending with '.json' will receive structured output in JSON format. The
|
120
118
|
log file will not have an ending ']' automatically written to it due to the
|
@@ -238,7 +236,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
238
236
|
end
|
239
237
|
|
240
238
|
# Resolve all deferred values and replace them / mutate the catalog
|
241
|
-
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog
|
239
|
+
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
|
242
240
|
|
243
241
|
# Translate it to a RAL catalog
|
244
242
|
catalog = catalog.to_ral
|
@@ -332,7 +330,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
332
330
|
raise Puppet::Error, _("Could not deserialize catalog from %{format}: %{detail}") % { format: format, detail: detail }, detail.backtrace
|
333
331
|
end
|
334
332
|
# Resolve all deferred values and replace them / mutate the catalog
|
335
|
-
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog
|
333
|
+
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
|
336
334
|
|
337
335
|
catalog.to_ral
|
338
336
|
end
|
@@ -155,8 +155,6 @@ you can specify '--server <servername>' as an argument.
|
|
155
155
|
Where to send log messages. Choose between 'syslog' (the POSIX syslog
|
156
156
|
service), 'console', or the path to a log file. If debugging or verbosity is
|
157
157
|
enabled, this defaults to 'console'. Otherwise, it defaults to 'syslog'.
|
158
|
-
Multiple destinations can be set using a comma separated list
|
159
|
-
(eg: `/path/file1,console,/path/file2`)"
|
160
158
|
|
161
159
|
A path ending with '.json' will receive structured output in JSON format. The
|
162
160
|
log file will not have an ending ']' automatically written to it due to the
|
@@ -261,119 +259,115 @@ Licensed under the Apache 2.0 License
|
|
261
259
|
end
|
262
260
|
end
|
263
261
|
devices.collect do |devicename,device|
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
FileUtils.chown(user, group, Puppet[:confdir]) if user || group
|
301
|
-
end
|
262
|
+
# TODO when we drop support for ruby < 2.5 we can remove the extra block here
|
263
|
+
begin
|
264
|
+
device_url = URI.parse(device.url)
|
265
|
+
# Handle nil scheme & port
|
266
|
+
scheme = "#{device_url.scheme}://" if device_url.scheme
|
267
|
+
port = ":#{device_url.port}" if device_url.port
|
268
|
+
|
269
|
+
# override local $vardir and $certname
|
270
|
+
Puppet[:ssldir] = ::File.join(Puppet[:deviceconfdir], device.name, 'ssl')
|
271
|
+
Puppet[:confdir] = ::File.join(Puppet[:devicedir], device.name)
|
272
|
+
Puppet[:libdir] = options[:libdir] || ::File.join(Puppet[:devicedir], device.name, 'lib')
|
273
|
+
Puppet[:vardir] = ::File.join(Puppet[:devicedir], device.name)
|
274
|
+
Puppet[:certname] = device.name
|
275
|
+
ssl_context = nil
|
276
|
+
|
277
|
+
# create device directory under $deviceconfdir
|
278
|
+
Puppet::FileSystem.dir_mkpath(Puppet[:ssldir]) unless Puppet::FileSystem.dir_exist?(Puppet[:ssldir])
|
279
|
+
|
280
|
+
# this will reload and recompute default settings and create device-specific sub vardir
|
281
|
+
Puppet.settings.use :main, :agent, :ssl
|
282
|
+
|
283
|
+
# Workaround for PUP-8736: store ssl certs outside the cache directory to prevent accidental removal and keep the old path as symlink
|
284
|
+
optssldir = File.join(Puppet[:confdir], 'ssl')
|
285
|
+
Puppet::FileSystem.symlink(Puppet[:ssldir], optssldir) unless Puppet::FileSystem.exist?(optssldir)
|
286
|
+
|
287
|
+
unless options[:resource] || options[:facts] || options[:apply]
|
288
|
+
# Since it's too complicated to fix properly in the default settings, we workaround for PUP-9642 here.
|
289
|
+
# See https://github.com/puppetlabs/puppet/pull/7483#issuecomment-483455997 for details.
|
290
|
+
# This has to happen after `settings.use` above, so the directory is created and before `setup_host` below, where the SSL
|
291
|
+
# routines would fail with access errors
|
292
|
+
if Puppet.features.root? && !Puppet::Util::Platform.windows?
|
293
|
+
user = Puppet::Type.type(:user).new(name: Puppet[:user]).exists? ? Puppet[:user] : nil
|
294
|
+
group = Puppet::Type.type(:group).new(name: Puppet[:group]).exists? ? Puppet[:group] : nil
|
295
|
+
Puppet.debug("Fixing perms for #{user}:#{group} on #{Puppet[:confdir]}")
|
296
|
+
FileUtils.chown(user, group, Puppet[:confdir]) if user || group
|
297
|
+
end
|
302
298
|
|
303
|
-
|
299
|
+
ssl_context = setup_context
|
304
300
|
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
end
|
301
|
+
unless options[:libdir]
|
302
|
+
Puppet.override(ssl_context: ssl_context) do
|
303
|
+
Puppet::Configurer::PluginHandler.new.download_plugins(env) if Puppet::Configurer.should_pluginsync?
|
309
304
|
end
|
310
305
|
end
|
306
|
+
end
|
311
307
|
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
else
|
326
|
-
text = resources.map do |resource|
|
327
|
-
resource.prune_parameters(:parameters_to_include => @extra_params).to_manifest.force_encoding(Encoding.default_external)
|
328
|
-
end.join("\n")
|
329
|
-
end
|
330
|
-
(puts text)
|
331
|
-
0
|
332
|
-
elsif options[:facts]
|
333
|
-
Puppet.info _("retrieving facts from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
|
334
|
-
remote_facts = Puppet::Node::Facts.indirection.find(name, :environment => env)
|
335
|
-
# Give a proper name to the facts
|
336
|
-
remote_facts.name = remote_facts.values['clientcert']
|
337
|
-
renderer = Puppet::Network::FormatHandler.format(:console)
|
338
|
-
puts renderer.render(remote_facts)
|
339
|
-
0
|
340
|
-
elsif options[:apply]
|
341
|
-
# avoid reporting to server
|
342
|
-
Puppet::Transaction::Report.indirection.terminus_class = :yaml
|
343
|
-
Puppet::Resource::Catalog.indirection.cache_class = nil
|
344
|
-
|
345
|
-
require 'puppet/application/apply'
|
346
|
-
begin
|
347
|
-
Puppet[:node_terminus] = :plain
|
348
|
-
Puppet[:catalog_terminus] = :compiler
|
349
|
-
Puppet[:catalog_cache_terminus] = nil
|
350
|
-
Puppet[:facts_terminus] = :network_device
|
351
|
-
Puppet.override(:network_device => true) do
|
352
|
-
Puppet::Application::Apply.new(Puppet::Util::CommandLine.new('puppet', ["apply", options[:apply]])).run_command
|
353
|
-
end
|
354
|
-
end
|
308
|
+
# this inits the device singleton, so that the facts terminus
|
309
|
+
# and the various network_device provider can use it
|
310
|
+
Puppet::Util::NetworkDevice.init(device)
|
311
|
+
|
312
|
+
if options[:resource]
|
313
|
+
type, name = parse_args(command_line.args)
|
314
|
+
Puppet.info _("retrieving resource: %{resource} from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
|
315
|
+
resources = find_resources(type, name)
|
316
|
+
if options[:to_yaml]
|
317
|
+
data = resources.map do |resource|
|
318
|
+
resource.prune_parameters(:parameters_to_include => @extra_params).to_hiera_hash
|
319
|
+
end.inject(:merge!)
|
320
|
+
text = YAML.dump(type.downcase => data)
|
355
321
|
else
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
322
|
+
text = resources.map do |resource|
|
323
|
+
resource.prune_parameters(:parameters_to_include => @extra_params).to_manifest.force_encoding(Encoding.default_external)
|
324
|
+
end.join("\n")
|
325
|
+
end
|
326
|
+
(puts text)
|
327
|
+
0
|
328
|
+
elsif options[:facts]
|
329
|
+
Puppet.info _("retrieving facts from %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { resource: type, target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
|
330
|
+
remote_facts = Puppet::Node::Facts.indirection.find(name, :environment => env)
|
331
|
+
# Give a proper name to the facts
|
332
|
+
remote_facts.name = remote_facts.values['clientcert']
|
333
|
+
renderer = Puppet::Network::FormatHandler.format(:console)
|
334
|
+
puts renderer.render(remote_facts)
|
335
|
+
0
|
336
|
+
elsif options[:apply]
|
337
|
+
# avoid reporting to server
|
338
|
+
Puppet::Transaction::Report.indirection.terminus_class = :yaml
|
339
|
+
Puppet::Resource::Catalog.indirection.cache_class = nil
|
340
|
+
|
341
|
+
require 'puppet/application/apply'
|
342
|
+
begin
|
343
|
+
Puppet[:node_terminus] = :plain
|
344
|
+
Puppet[:catalog_terminus] = :compiler
|
345
|
+
Puppet[:catalog_cache_terminus] = nil
|
346
|
+
Puppet[:facts_terminus] = :network_device
|
347
|
+
Puppet.override(:network_device => true) do
|
348
|
+
Puppet::Application::Apply.new(Puppet::Util::CommandLine.new('puppet', ["apply", options[:apply]])).run_command
|
363
349
|
end
|
364
350
|
end
|
365
|
-
|
366
|
-
Puppet.
|
367
|
-
|
368
|
-
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
Puppet[:ssldir] = ssldir
|
375
|
-
Puppet[:certname] = certname
|
351
|
+
else
|
352
|
+
Puppet.info _("starting applying configuration to %{target} at %{scheme}%{url_host}%{port}%{url_path}") % { target: device.name, scheme: scheme, url_host: device_url.host, port: port, url_path: device_url.path }
|
353
|
+
|
354
|
+
overrides = {}
|
355
|
+
overrides[:ssl_context] = ssl_context if ssl_context
|
356
|
+
Puppet.override(overrides) do
|
357
|
+
configurer = Puppet::Configurer.new
|
358
|
+
configurer.run(:network_device => true, :pluginsync => false)
|
359
|
+
end
|
376
360
|
end
|
361
|
+
rescue => detail
|
362
|
+
Puppet.log_exception(detail)
|
363
|
+
# If we rescued an error, then we return 1 as the exit code
|
364
|
+
1
|
365
|
+
ensure
|
366
|
+
Puppet[:libdir] = libdir
|
367
|
+
Puppet[:vardir] = vardir
|
368
|
+
Puppet[:confdir] = confdir
|
369
|
+
Puppet[:ssldir] = ssldir
|
370
|
+
Puppet[:certname] = certname
|
377
371
|
end
|
378
372
|
end
|
379
373
|
end
|
@@ -16,6 +16,10 @@ class Puppet::Application::Filebucket < Puppet::Application
|
|
16
16
|
_("Store and retrieve files in a filebucket")
|
17
17
|
end
|
18
18
|
|
19
|
+
def digest_algorithm
|
20
|
+
Puppet.default_digest_algorithm
|
21
|
+
end
|
22
|
+
|
19
23
|
def help
|
20
24
|
<<-HELP
|
21
25
|
|
@@ -38,14 +42,14 @@ Puppet filebucket can operate in three modes, with only one mode per call:
|
|
38
42
|
|
39
43
|
backup:
|
40
44
|
Send one or more files to the specified file bucket. Each sent file is
|
41
|
-
printed with its resulting
|
45
|
+
printed with its resulting #{digest_algorithm} sum.
|
42
46
|
|
43
47
|
get:
|
44
|
-
Return the text associated with an
|
48
|
+
Return the text associated with an #{digest_algorithm} sum. The text is printed to
|
45
49
|
stdout, and only one file can be retrieved at a time.
|
46
50
|
|
47
51
|
restore:
|
48
|
-
Given a file path and an
|
52
|
+
Given a file path and an #{digest_algorithm} sum, store the content associated with
|
49
53
|
the sum into the specified file path. You can specify an entirely new
|
50
54
|
path to this argument; you are not restricted to restoring the content
|
51
55
|
to its original location.
|
@@ -212,8 +216,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
212
216
|
end
|
213
217
|
|
214
218
|
def get
|
215
|
-
|
216
|
-
out = @client.getfile(
|
219
|
+
digest = args.shift
|
220
|
+
out = @client.getfile(digest)
|
217
221
|
print out
|
218
222
|
end
|
219
223
|
|
@@ -229,8 +233,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
229
233
|
$stderr.puts _("%{file}: cannot read file") % { file: file }
|
230
234
|
next
|
231
235
|
end
|
232
|
-
|
233
|
-
puts "#{file}: #{
|
236
|
+
digest = @client.backup(file)
|
237
|
+
puts "#{file}: #{digest}"
|
234
238
|
end
|
235
239
|
end
|
236
240
|
|
@@ -243,8 +247,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
|
|
243
247
|
|
244
248
|
def restore
|
245
249
|
file = args.shift
|
246
|
-
|
247
|
-
@client.restore(file,
|
250
|
+
digest = args.shift
|
251
|
+
@client.restore(file, digest)
|
248
252
|
end
|
249
253
|
|
250
254
|
def diff
|
@@ -101,8 +101,7 @@ configuration options can also be generated by running puppet with
|
|
101
101
|
Print extra information.
|
102
102
|
|
103
103
|
* --to_yaml:
|
104
|
-
Output found resources in yaml format, suitable to use with Hiera and
|
105
|
-
create_resources.
|
104
|
+
Output found resources in yaml format, suitable to use with Hiera and create_resources.
|
106
105
|
|
107
106
|
EXAMPLE
|
108
107
|
-------
|
@@ -71,8 +71,6 @@ configuration options can also be generated by running puppet with
|
|
71
71
|
Where to send log messages. Choose between 'syslog' (the POSIX syslog
|
72
72
|
service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
|
73
73
|
file. Defaults to 'console'.
|
74
|
-
Multiple destinations can be set using a comma separated list
|
75
|
-
(eg: `/path/file1,console,/path/file2`)"
|
76
74
|
|
77
75
|
A path ending with '.json' will receive structured output in JSON format. The
|
78
76
|
log file will not have an ending ']' automatically written to it due to the
|
@@ -74,9 +74,6 @@ ACTIONS
|
|
74
74
|
`--localca` is specified, then also remove this host's local copy of the
|
75
75
|
CA certificate(s) and CRL bundle. if `--target CERTNAME` is specified, then
|
76
76
|
remove the files for the specified device on this host instead of this host.
|
77
|
-
|
78
|
-
* show:
|
79
|
-
Print the full-text version of this host's certificate.
|
80
77
|
HELP
|
81
78
|
end
|
82
79
|
|
@@ -145,19 +142,11 @@ HELP
|
|
145
142
|
end
|
146
143
|
@machine.ensure_client_certificate
|
147
144
|
Puppet.notice(_("Completed SSL initialization"))
|
148
|
-
when 'show'
|
149
|
-
show(certname)
|
150
145
|
else
|
151
146
|
raise Puppet::Error, _("Unknown action '%{action}'") % { action: action }
|
152
147
|
end
|
153
148
|
end
|
154
149
|
|
155
|
-
def show(certname)
|
156
|
-
password = @cert_provider.load_private_key_password
|
157
|
-
ssl_context = @ssl_provider.load_context(certname: certname, password: password)
|
158
|
-
puts ssl_context.client_cert.to_text
|
159
|
-
end
|
160
|
-
|
161
150
|
def submit_request(ssl_context)
|
162
151
|
key = @cert_provider.load_private_key(Puppet[:certname])
|
163
152
|
unless key
|
@@ -259,7 +248,7 @@ END
|
|
259
248
|
paths = {
|
260
249
|
'private key' => Puppet[:hostprivkey],
|
261
250
|
'public key' => Puppet[:hostpubkey],
|
262
|
-
'certificate request' =>
|
251
|
+
'certificate request' => Puppet[:hostcsr],
|
263
252
|
'certificate' => Puppet[:hostcert],
|
264
253
|
'private key password file' => Puppet[:passfile]
|
265
254
|
}
|
@@ -53,13 +53,6 @@ module Puppet
|
|
53
53
|
route_file = Puppet[:route_file]
|
54
54
|
if Puppet::FileSystem.exist?(route_file)
|
55
55
|
routes = Puppet::Util::Yaml.safe_load_file(route_file, [Symbol])
|
56
|
-
if routes["server"] && routes["master"]
|
57
|
-
Puppet.warning("Route file #{route_file} contains both server and master route settings.")
|
58
|
-
elsif routes["server"] && !routes["master"]
|
59
|
-
routes["master"] = routes["server"]
|
60
|
-
elsif routes["master"] && !routes["server"]
|
61
|
-
routes["server"] = routes["master"]
|
62
|
-
end
|
63
56
|
application_routes = routes[application_name]
|
64
57
|
Puppet::Indirector.configure_routes(application_routes) if application_routes
|
65
58
|
end
|
data/lib/puppet/configurer.rb
CHANGED
@@ -112,7 +112,7 @@ class Puppet::Configurer
|
|
112
112
|
catalog_conversion_time = thinmark do
|
113
113
|
# Will mutate the result and replace all Deferred values with resolved values
|
114
114
|
if facts
|
115
|
-
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result
|
115
|
+
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
|
116
116
|
end
|
117
117
|
|
118
118
|
catalog = result.to_ral
|
@@ -202,7 +202,6 @@ class Puppet::Configurer
|
|
202
202
|
# This just passes any options on to the catalog,
|
203
203
|
# which accepts :tags and :ignoreschedules.
|
204
204
|
def run(options = {})
|
205
|
-
pool = Puppet.runtime[:http].pool
|
206
205
|
# We create the report pre-populated with default settings for
|
207
206
|
# environment and transaction_uuid very early, this is to ensure
|
208
207
|
# they are sent regardless of any catalog compilation failures or
|
@@ -215,41 +214,40 @@ class Puppet::Configurer
|
|
215
214
|
|
216
215
|
completed = nil
|
217
216
|
begin
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
Puppet.err(detail)
|
236
|
-
else
|
237
|
-
raise Puppet::Error, detail
|
238
|
-
end
|
217
|
+
# Skip failover logic if the server_list setting is empty
|
218
|
+
do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
|
219
|
+
|
220
|
+
# When we are passed a catalog, that means we're in apply
|
221
|
+
# mode. We shouldn't try to do any failover in that case.
|
222
|
+
if options[:catalog].nil? && do_failover
|
223
|
+
server, port = find_functional_server
|
224
|
+
if server.nil?
|
225
|
+
detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
|
226
|
+
if Puppet[:usecacheonfailure]
|
227
|
+
options[:pluginsync] = false
|
228
|
+
@running_failure = true
|
229
|
+
|
230
|
+
server = Puppet[:server_list].first[0]
|
231
|
+
port = Puppet[:server_list].first[1] || Puppet[:serverport]
|
232
|
+
|
233
|
+
Puppet.err(detail)
|
239
234
|
else
|
240
|
-
|
241
|
-
Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
|
242
|
-
report.server_used = "#{server}:#{port}"
|
243
|
-
end
|
244
|
-
Puppet.override(server: server, serverport: port) do
|
245
|
-
completed = run_internal(options)
|
235
|
+
raise Puppet::Error, detail
|
246
236
|
end
|
247
237
|
else
|
238
|
+
#TRANSLATORS 'server_list' is the name of a setting and should not be translated
|
239
|
+
Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
|
240
|
+
report.server_used = "#{server}:#{port}"
|
241
|
+
end
|
242
|
+
Puppet.override(server: server, serverport: port) do
|
248
243
|
completed = run_internal(options)
|
249
244
|
end
|
245
|
+
else
|
246
|
+
completed = run_internal(options)
|
250
247
|
end
|
251
248
|
ensure
|
252
|
-
|
249
|
+
# we may sleep for awhile, close connections now
|
250
|
+
Puppet.runtime[:http].close
|
253
251
|
end
|
254
252
|
|
255
253
|
completed ? report.exit_status : nil
|
@@ -397,29 +395,16 @@ class Puppet::Configurer
|
|
397
395
|
if !cached_catalog && options[:catalog]
|
398
396
|
ral_catalog = options[:catalog]
|
399
397
|
else
|
400
|
-
# Ordering here matters. We have to resolve deferred resources in the
|
401
|
-
# resource catalog, convert the resource catalog to a RAL catalog (which
|
402
|
-
# triggers type/provider validation), and only if that is successful,
|
403
|
-
# should we cache the *original* resource catalog. However, deferred
|
404
|
-
# evaluation mutates the resource catalog, so we need to make a copy of
|
405
|
-
# it here. If PUP-9323 is ever implemented so that we resolve deferred
|
406
|
-
# resources in the RAL catalog as they are needed, then we could eliminate
|
407
|
-
# this step.
|
408
|
-
catalog_to_cache = Puppet.override(:rich_data => Puppet[:rich_data]) do
|
409
|
-
Puppet::Resource::Catalog.from_data_hash(catalog.to_data_hash)
|
410
|
-
end
|
411
|
-
|
412
398
|
# REMIND @duration is the time spent loading the last catalog, and doesn't
|
413
399
|
# account for things like we failed to download and fell back to the cache
|
414
400
|
ral_catalog = convert_catalog(catalog, @duration, facts, options)
|
415
401
|
|
416
|
-
#
|
417
|
-
# commit `catalog` since it contains the result of deferred evaluation. Ideally
|
402
|
+
# If not noop, commit the cached resource catalog (not ral catalog). Ideally
|
418
403
|
# we'd just copy the downloaded response body, instead of serializing the
|
419
404
|
# in-memory catalog, but that's hard due to the indirector.
|
420
405
|
indirection = Puppet::Resource::Catalog.indirection
|
421
406
|
if !Puppet[:noop] && indirection.cache?
|
422
|
-
request = indirection.request(:save, nil,
|
407
|
+
request = indirection.request(:save, nil, catalog, environment: Puppet::Node::Environment.remote(catalog.environment))
|
423
408
|
Puppet.info("Caching catalog for #{request.key}")
|
424
409
|
indirection.cache.save(request)
|
425
410
|
end
|