puppet 6.24.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (613) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +16 -2
  3. data/CONTRIBUTING.md +5 -5
  4. data/Gemfile +1 -3
  5. data/Gemfile.lock +35 -47
  6. data/README.md +5 -5
  7. data/conf/fileserver.conf +5 -10
  8. data/ext/build_defaults.yaml +1 -1
  9. data/ext/osx/file_mapping.yaml +0 -5
  10. data/ext/osx/puppet.plist +0 -2
  11. data/ext/project_data.yaml +1 -15
  12. data/ext/redhat/puppet.spec.erb +0 -1
  13. data/ext/windows/service/daemon.rb +6 -5
  14. data/install.rb +21 -17
  15. data/lib/puppet.rb +14 -23
  16. data/lib/puppet/application.rb +178 -108
  17. data/lib/puppet/application/agent.rb +4 -12
  18. data/lib/puppet/application/apply.rb +2 -4
  19. data/lib/puppet/application/device.rb +100 -106
  20. data/lib/puppet/application/filebucket.rb +13 -10
  21. data/lib/puppet/application/resource.rb +3 -17
  22. data/lib/puppet/application/script.rb +0 -2
  23. data/lib/puppet/application/ssl.rb +1 -13
  24. data/lib/puppet/application_support.rb +0 -7
  25. data/lib/puppet/configurer.rb +30 -45
  26. data/lib/puppet/configurer/downloader.rb +1 -2
  27. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  28. data/lib/puppet/defaults.rb +100 -192
  29. data/lib/puppet/environments.rb +60 -84
  30. data/lib/puppet/face/facts.rb +5 -103
  31. data/lib/puppet/face/help.rb +1 -1
  32. data/lib/puppet/face/help/action.erb +0 -1
  33. data/lib/puppet/face/help/face.erb +0 -1
  34. data/lib/puppet/face/node/clean.rb +0 -11
  35. data/lib/puppet/face/plugin.rb +5 -8
  36. data/lib/puppet/ffi/windows.rb +12 -0
  37. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  38. data/lib/puppet/ffi/windows/constants.rb +404 -0
  39. data/lib/puppet/ffi/windows/functions.rb +628 -0
  40. data/lib/puppet/ffi/windows/structs.rb +338 -0
  41. data/lib/puppet/file_serving/configuration.rb +0 -5
  42. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  43. data/lib/puppet/file_serving/fileset.rb +2 -14
  44. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  45. data/lib/puppet/file_serving/mount.rb +1 -2
  46. data/lib/puppet/file_system/file_impl.rb +1 -1
  47. data/lib/puppet/file_system/memory_file.rb +1 -8
  48. data/lib/puppet/file_system/windows.rb +2 -4
  49. data/lib/puppet/forge.rb +3 -3
  50. data/lib/puppet/forge/repository.rb +0 -1
  51. data/lib/puppet/functions/all.rb +1 -1
  52. data/lib/puppet/functions/camelcase.rb +1 -1
  53. data/lib/puppet/functions/capitalize.rb +2 -2
  54. data/lib/puppet/functions/downcase.rb +2 -2
  55. data/lib/puppet/functions/empty.rb +0 -8
  56. data/lib/puppet/functions/get.rb +5 -5
  57. data/lib/puppet/functions/group_by.rb +5 -13
  58. data/lib/puppet/functions/lest.rb +1 -1
  59. data/lib/puppet/functions/new.rb +100 -100
  60. data/lib/puppet/functions/partition.rb +4 -12
  61. data/lib/puppet/functions/require.rb +5 -5
  62. data/lib/puppet/functions/sort.rb +3 -3
  63. data/lib/puppet/functions/strftime.rb +0 -1
  64. data/lib/puppet/functions/tree_each.rb +9 -7
  65. data/lib/puppet/functions/type.rb +4 -4
  66. data/lib/puppet/functions/unwrap.rb +2 -17
  67. data/lib/puppet/functions/upcase.rb +2 -2
  68. data/lib/puppet/generate/models/type/type.rb +4 -1
  69. data/lib/puppet/http.rb +22 -13
  70. data/lib/puppet/http/client.rb +164 -114
  71. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  72. data/lib/puppet/http/errors.rb +16 -0
  73. data/lib/puppet/http/external_client.rb +5 -7
  74. data/lib/puppet/{network/http → http}/factory.rb +8 -15
  75. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  76. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  77. data/lib/puppet/http/proxy.rb +137 -0
  78. data/lib/puppet/http/redirector.rb +4 -12
  79. data/lib/puppet/http/resolver.rb +5 -15
  80. data/lib/puppet/http/resolver/server_list.rb +10 -25
  81. data/lib/puppet/http/resolver/settings.rb +4 -7
  82. data/lib/puppet/http/resolver/srv.rb +7 -11
  83. data/lib/puppet/http/response.rb +36 -54
  84. data/lib/puppet/http/response_converter.rb +24 -0
  85. data/lib/puppet/http/response_net_http.rb +42 -0
  86. data/lib/puppet/http/retry_after_handler.rb +4 -13
  87. data/lib/puppet/http/service.rb +12 -26
  88. data/lib/puppet/http/service/ca.rb +11 -22
  89. data/lib/puppet/http/service/compiler.rb +22 -138
  90. data/lib/puppet/http/service/file_server.rb +19 -29
  91. data/lib/puppet/http/service/puppetserver.rb +26 -12
  92. data/lib/puppet/http/service/report.rb +8 -10
  93. data/lib/puppet/http/session.rb +11 -20
  94. data/lib/puppet/{network/http → http}/site.rb +1 -2
  95. data/lib/puppet/indirector/catalog/compiler.rb +0 -1
  96. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  97. data/lib/puppet/indirector/facts/rest.rb +3 -22
  98. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  99. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  100. data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
  101. data/lib/puppet/indirector/file_server.rb +1 -8
  102. data/lib/puppet/indirector/generic_http.rb +0 -11
  103. data/lib/puppet/indirector/node/rest.rb +2 -4
  104. data/lib/puppet/indirector/report/rest.rb +3 -8
  105. data/lib/puppet/indirector/request.rb +0 -101
  106. data/lib/puppet/indirector/resource/ral.rb +1 -6
  107. data/lib/puppet/indirector/rest.rb +12 -263
  108. data/lib/puppet/interface/documentation.rb +0 -1
  109. data/lib/puppet/module_tool/applications.rb +0 -1
  110. data/lib/puppet/module_tool/applications/installer.rb +2 -52
  111. data/lib/puppet/module_tool/errors/shared.rb +2 -34
  112. data/lib/puppet/network/authconfig.rb +2 -96
  113. data/lib/puppet/network/authorization.rb +13 -35
  114. data/lib/puppet/network/formats.rb +0 -67
  115. data/lib/puppet/network/http.rb +3 -3
  116. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  117. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  118. data/lib/puppet/network/http/connection.rb +247 -316
  119. data/lib/puppet/network/http/handler.rb +0 -1
  120. data/lib/puppet/network/http_pool.rb +16 -34
  121. data/lib/puppet/node.rb +1 -30
  122. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  123. data/lib/puppet/pal/pal_impl.rb +3 -1
  124. data/lib/puppet/parser/ast/leaf.rb +2 -3
  125. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  126. data/lib/puppet/parser/compiler.rb +0 -198
  127. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  128. data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
  129. data/lib/puppet/parser/resource.rb +0 -69
  130. data/lib/puppet/parser/templatewrapper.rb +1 -1
  131. data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
  132. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  133. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  134. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  135. data/lib/puppet/pops/issues.rb +0 -5
  136. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  137. data/lib/puppet/pops/model/ast.pp +0 -42
  138. data/lib/puppet/pops/model/ast.rb +0 -290
  139. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  140. data/lib/puppet/pops/model/factory.rb +0 -45
  141. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  142. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  143. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  144. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  145. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  146. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  147. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  148. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  149. data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
  150. data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
  151. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  152. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  153. data/lib/puppet/pops/types/type_parser.rb +0 -4
  154. data/lib/puppet/pops/types/types.rb +0 -1
  155. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  156. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  157. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  158. data/lib/puppet/property/list.rb +1 -1
  159. data/lib/puppet/provider.rb +0 -13
  160. data/lib/puppet/provider/exec/posix.rb +4 -16
  161. data/lib/puppet/provider/group/groupadd.rb +8 -13
  162. data/lib/puppet/provider/nameservice.rb +0 -18
  163. data/lib/puppet/provider/package/apt.rb +2 -34
  164. data/lib/puppet/provider/package/aptitude.rb +0 -6
  165. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  166. data/lib/puppet/provider/package/dpkg.rb +0 -10
  167. data/lib/puppet/provider/package/gem.rb +23 -3
  168. data/lib/puppet/provider/package/nim.rb +6 -11
  169. data/lib/puppet/provider/package/pip.rb +3 -16
  170. data/lib/puppet/provider/package/pkg.rb +0 -4
  171. data/lib/puppet/provider/package/portage.rb +1 -1
  172. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  173. data/lib/puppet/provider/parsedfile.rb +0 -3
  174. data/lib/puppet/provider/service/debian.rb +0 -2
  175. data/lib/puppet/provider/service/smf.rb +191 -73
  176. data/lib/puppet/provider/service/systemd.rb +4 -14
  177. data/lib/puppet/provider/service/windows.rb +0 -38
  178. data/lib/puppet/provider/user/aix.rb +2 -2
  179. data/lib/puppet/provider/user/directoryservice.rb +10 -33
  180. data/lib/puppet/provider/user/useradd.rb +8 -62
  181. data/lib/puppet/reference/configuration.rb +8 -7
  182. data/lib/puppet/reference/indirection.rb +1 -1
  183. data/lib/puppet/resource.rb +1 -89
  184. data/lib/puppet/resource/catalog.rb +1 -14
  185. data/lib/puppet/resource/type.rb +3 -119
  186. data/lib/puppet/resource/type_collection.rb +3 -48
  187. data/lib/puppet/runtime.rb +1 -2
  188. data/lib/puppet/settings.rb +80 -96
  189. data/lib/puppet/settings/environment_conf.rb +0 -1
  190. data/lib/puppet/settings/integer_setting.rb +17 -0
  191. data/lib/puppet/settings/port_setting.rb +15 -0
  192. data/lib/puppet/settings/priority_setting.rb +5 -4
  193. data/lib/puppet/ssl.rb +10 -6
  194. data/lib/puppet/ssl/base.rb +3 -5
  195. data/lib/puppet/ssl/certificate.rb +0 -6
  196. data/lib/puppet/ssl/certificate_request.rb +1 -12
  197. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  198. data/lib/puppet/ssl/oids.rb +3 -1
  199. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  200. data/lib/puppet/ssl/state_machine.rb +3 -1
  201. data/lib/puppet/ssl/verifier.rb +2 -0
  202. data/lib/puppet/test/test_helper.rb +1 -3
  203. data/lib/puppet/transaction.rb +1 -7
  204. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  205. data/lib/puppet/transaction/report.rb +2 -4
  206. data/lib/puppet/type.rb +0 -76
  207. data/lib/puppet/type/exec.rb +3 -16
  208. data/lib/puppet/type/file.rb +6 -26
  209. data/lib/puppet/type/file/checksum.rb +1 -1
  210. data/lib/puppet/type/file/mode.rb +0 -6
  211. data/lib/puppet/type/file/selcontext.rb +1 -1
  212. data/lib/puppet/type/file/source.rb +1 -1
  213. data/lib/puppet/type/filebucket.rb +3 -3
  214. data/lib/puppet/type/package.rb +8 -16
  215. data/lib/puppet/type/service.rb +38 -18
  216. data/lib/puppet/type/tidy.rb +3 -22
  217. data/lib/puppet/type/user.rb +20 -38
  218. data/lib/puppet/util/autoload.rb +8 -1
  219. data/lib/puppet/util/execution.rb +0 -11
  220. data/lib/puppet/util/http_proxy.rb +2 -215
  221. data/lib/puppet/util/monkey_patches.rb +0 -53
  222. data/lib/puppet/util/posix.rb +5 -54
  223. data/lib/puppet/util/rdoc.rb +0 -7
  224. data/lib/puppet/util/retry_action.rb +1 -1
  225. data/lib/puppet/util/run_mode.rb +9 -1
  226. data/lib/puppet/util/selinux.rb +4 -30
  227. data/lib/puppet/util/symbolic_file_mode.rb +17 -29
  228. data/lib/puppet/util/windows.rb +3 -8
  229. data/lib/puppet/util/windows/adsi.rb +0 -46
  230. data/lib/puppet/util/windows/daemon.rb +360 -0
  231. data/lib/puppet/util/windows/error.rb +1 -0
  232. data/lib/puppet/util/windows/eventlog.rb +4 -9
  233. data/lib/puppet/util/windows/file.rb +8 -242
  234. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  235. data/lib/puppet/util/windows/principal.rb +2 -9
  236. data/lib/puppet/util/windows/process.rb +4 -226
  237. data/lib/puppet/util/windows/service.rb +9 -460
  238. data/lib/puppet/util/windows/sid.rb +2 -6
  239. data/lib/puppet/util/windows/string.rb +12 -13
  240. data/lib/puppet/util/yaml.rb +0 -22
  241. data/lib/puppet/vendor/require_vendored.rb +0 -1
  242. data/lib/puppet/version.rb +1 -1
  243. data/lib/puppet/x509.rb +5 -1
  244. data/lib/puppet/x509/cert_provider.rb +29 -1
  245. data/locales/puppet.pot +722 -1527
  246. data/man/man5/puppet.conf.5 +266 -354
  247. data/man/man8/puppet-agent.8 +2 -2
  248. data/man/man8/puppet-apply.8 +2 -2
  249. data/man/man8/puppet-catalog.8 +9 -9
  250. data/man/man8/puppet-config.8 +1 -1
  251. data/man/man8/puppet-describe.8 +1 -1
  252. data/man/man8/puppet-device.8 +2 -2
  253. data/man/man8/puppet-doc.8 +1 -1
  254. data/man/man8/puppet-epp.8 +1 -1
  255. data/man/man8/puppet-facts.8 +8 -51
  256. data/man/man8/puppet-filebucket.8 +4 -4
  257. data/man/man8/puppet-generate.8 +1 -1
  258. data/man/man8/puppet-help.8 +1 -1
  259. data/man/man8/puppet-lookup.8 +1 -1
  260. data/man/man8/puppet-module.8 +1 -58
  261. data/man/man8/puppet-node.8 +5 -5
  262. data/man/man8/puppet-parser.8 +1 -1
  263. data/man/man8/puppet-plugin.8 +1 -1
  264. data/man/man8/puppet-report.8 +5 -5
  265. data/man/man8/puppet-resource.8 +1 -1
  266. data/man/man8/puppet-script.8 +2 -2
  267. data/man/man8/puppet-ssl.8 +1 -5
  268. data/man/man8/puppet.8 +2 -2
  269. data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
  270. data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
  271. data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
  272. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
  273. data/spec/fixtures/ssl/ca.pem +35 -57
  274. data/spec/fixtures/ssl/crl.pem +18 -28
  275. data/spec/fixtures/ssl/ec-key.pem +11 -11
  276. data/spec/fixtures/ssl/ec.pem +24 -33
  277. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  278. data/spec/fixtures/ssl/encrypted-key.pem +58 -108
  279. data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
  280. data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
  281. data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
  282. data/spec/fixtures/ssl/intermediate.pem +36 -57
  283. data/spec/fixtures/ssl/pluto-key.pem +57 -107
  284. data/spec/fixtures/ssl/pluto.pem +30 -52
  285. data/spec/fixtures/ssl/request-key.pem +57 -107
  286. data/spec/fixtures/ssl/request.pem +26 -47
  287. data/spec/fixtures/ssl/revoked-key.pem +57 -107
  288. data/spec/fixtures/ssl/revoked.pem +30 -52
  289. data/spec/fixtures/ssl/signed-key.pem +57 -107
  290. data/spec/fixtures/ssl/signed.pem +30 -52
  291. data/spec/fixtures/ssl/tampered-cert.pem +30 -52
  292. data/spec/fixtures/ssl/tampered-csr.pem +26 -47
  293. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
  294. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
  295. data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
  296. data/spec/fixtures/ssl/unknown-ca.pem +33 -55
  297. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  298. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
  299. data/spec/integration/application/agent_spec.rb +27 -171
  300. data/spec/integration/application/apply_spec.rb +1 -20
  301. data/spec/integration/application/filebucket_spec.rb +16 -27
  302. data/spec/integration/application/help_spec.rb +2 -0
  303. data/spec/integration/application/module_spec.rb +0 -21
  304. data/spec/integration/application/plugin_spec.rb +24 -2
  305. data/spec/integration/defaults_spec.rb +14 -3
  306. data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
  307. data/spec/integration/http/client_spec.rb +0 -12
  308. data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
  309. data/spec/integration/indirector/facts/facter_spec.rb +36 -90
  310. data/spec/integration/network/http_pool_spec.rb +3 -21
  311. data/spec/integration/parser/catalog_spec.rb +0 -38
  312. data/spec/integration/parser/node_spec.rb +0 -9
  313. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  314. data/spec/integration/resource/type_collection_spec.rb +6 -2
  315. data/spec/integration/transaction_spec.rb +9 -4
  316. data/spec/integration/type/exec_spec.rb +45 -70
  317. data/spec/integration/type/file_spec.rb +5 -4
  318. data/spec/integration/util/windows/adsi_spec.rb +1 -21
  319. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  320. data/spec/integration/util/windows/principal_spec.rb +0 -21
  321. data/spec/integration/util/windows/registry_spec.rb +10 -6
  322. data/spec/integration/util/windows/security_spec.rb +1 -1
  323. data/spec/lib/matchers/include.rb +27 -0
  324. data/spec/lib/matchers/include_spec.rb +32 -0
  325. data/spec/lib/puppet/test_ca.rb +2 -7
  326. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  327. data/spec/lib/puppet_spec/settings.rb +1 -1
  328. data/spec/spec_helper.rb +7 -12
  329. data/spec/unit/agent_spec.rb +6 -10
  330. data/spec/unit/application/agent_spec.rb +3 -7
  331. data/spec/unit/application/facts_spec.rb +12 -456
  332. data/spec/unit/application/filebucket_spec.rb +43 -39
  333. data/spec/unit/application/ssl_spec.rb +2 -25
  334. data/spec/unit/application_spec.rb +9 -51
  335. data/spec/unit/certificate_factory_spec.rb +1 -1
  336. data/spec/unit/configurer/downloader_spec.rb +6 -8
  337. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  338. data/spec/unit/configurer_spec.rb +12 -32
  339. data/spec/unit/confine/feature_spec.rb +1 -1
  340. data/spec/unit/confine_spec.rb +2 -8
  341. data/spec/unit/context/trusted_information_spec.rb +2 -6
  342. data/spec/unit/defaults_spec.rb +68 -54
  343. data/spec/unit/environments_spec.rb +68 -259
  344. data/spec/unit/face/node_spec.rb +11 -0
  345. data/spec/unit/face/plugin_spec.rb +73 -33
  346. data/spec/unit/file_bucket/file_spec.rb +1 -1
  347. data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
  348. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  349. data/spec/unit/file_serving/fileset_spec.rb +0 -60
  350. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  351. data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
  352. data/spec/unit/file_system_spec.rb +0 -15
  353. data/spec/unit/forge/module_release_spec.rb +7 -2
  354. data/spec/unit/functions/assert_type_spec.rb +1 -1
  355. data/spec/unit/functions/camelcase_spec.rb +1 -1
  356. data/spec/unit/functions/capitalize_spec.rb +1 -1
  357. data/spec/unit/functions/downcase_spec.rb +1 -1
  358. data/spec/unit/functions/empty_spec.rb +0 -10
  359. data/spec/unit/functions/unwrap_spec.rb +0 -8
  360. data/spec/unit/functions/upcase_spec.rb +1 -1
  361. data/spec/unit/functions4_spec.rb +2 -2
  362. data/spec/unit/gettext/config_spec.rb +0 -12
  363. data/spec/unit/http/client_spec.rb +7 -8
  364. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  365. data/spec/unit/http/external_client_spec.rb +4 -4
  366. data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
  367. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  368. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  369. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  370. data/spec/unit/http/resolver_spec.rb +13 -13
  371. data/spec/unit/http/service/compiler_spec.rb +0 -185
  372. data/spec/unit/http/service/file_server_spec.rb +3 -3
  373. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  374. data/spec/unit/http/service_spec.rb +0 -1
  375. data/spec/unit/http/session_spec.rb +16 -14
  376. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  377. data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
  378. data/spec/unit/indirector/face_spec.rb +1 -0
  379. data/spec/unit/indirector/facts/facter_spec.rb +3 -0
  380. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  381. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
  382. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  383. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  384. data/spec/unit/indirector/file_server_spec.rb +1 -15
  385. data/spec/unit/indirector/indirection_spec.rb +12 -8
  386. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  387. data/spec/unit/indirector/request_spec.rb +0 -264
  388. data/spec/unit/indirector/resource/ral_spec.rb +75 -40
  389. data/spec/unit/indirector/rest_spec.rb +98 -752
  390. data/spec/unit/indirector_spec.rb +2 -2
  391. data/spec/unit/module_tool/applications/installer_spec.rb +0 -78
  392. data/spec/unit/network/authconfig_spec.rb +2 -129
  393. data/spec/unit/network/authorization_spec.rb +2 -55
  394. data/spec/unit/network/formats_spec.rb +4 -45
  395. data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
  396. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  397. data/spec/unit/network/http/api_spec.rb +10 -0
  398. data/spec/unit/network/http/connection_spec.rb +19 -41
  399. data/spec/unit/network/http/handler_spec.rb +0 -1
  400. data/spec/unit/network/http_pool_spec.rb +0 -4
  401. data/spec/unit/node/environment_spec.rb +33 -21
  402. data/spec/unit/node_spec.rb +2 -54
  403. data/spec/unit/parser/compiler_spec.rb +19 -3
  404. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  405. data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
  406. data/spec/unit/parser/resource_spec.rb +8 -14
  407. data/spec/unit/parser/templatewrapper_spec.rb +5 -16
  408. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  409. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  410. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  411. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  412. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  413. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  414. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  415. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  416. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
  417. data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
  418. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  419. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  420. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  421. data/spec/unit/pops/visitor_spec.rb +1 -1
  422. data/spec/unit/property_spec.rb +0 -1
  423. data/spec/unit/provider/group/groupadd_spec.rb +2 -5
  424. data/spec/unit/provider/nameservice_spec.rb +64 -122
  425. data/spec/unit/provider/package/apt_spec.rb +23 -28
  426. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  427. data/spec/unit/provider/package/base_spec.rb +5 -6
  428. data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
  429. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  430. data/spec/unit/provider/package/gem_spec.rb +32 -0
  431. data/spec/unit/provider/package/nim_spec.rb +0 -42
  432. data/spec/unit/provider/package/pacman_spec.rb +12 -18
  433. data/spec/unit/provider/package/pip_spec.rb +11 -43
  434. data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
  435. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  436. data/spec/unit/provider/parsedfile_spec.rb +0 -10
  437. data/spec/unit/provider/service/init_spec.rb +0 -1
  438. data/spec/unit/provider/service/openwrt_spec.rb +1 -3
  439. data/spec/unit/provider/service/smf_spec.rb +401 -165
  440. data/spec/unit/provider/service/systemd_spec.rb +8 -53
  441. data/spec/unit/provider/service/windows_spec.rb +0 -203
  442. data/spec/unit/provider/user/aix_spec.rb +0 -5
  443. data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
  444. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  445. data/spec/unit/provider/user/pw_spec.rb +0 -2
  446. data/spec/unit/provider/user/useradd_spec.rb +3 -71
  447. data/spec/unit/provider_spec.rb +8 -18
  448. data/spec/unit/resource/catalog_spec.rb +1 -1
  449. data/spec/unit/resource/type_collection_spec.rb +2 -22
  450. data/spec/unit/resource/type_spec.rb +1 -1
  451. data/spec/unit/resource_spec.rb +10 -67
  452. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  453. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  454. data/spec/unit/settings/port_setting_spec.rb +31 -0
  455. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  456. data/spec/unit/settings_spec.rb +79 -110
  457. data/spec/unit/ssl/base_spec.rb +37 -3
  458. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  459. data/spec/unit/ssl/certificate_spec.rb +2 -11
  460. data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
  461. data/spec/unit/ssl/state_machine_spec.rb +5 -20
  462. data/spec/unit/ssl/verifier_spec.rb +0 -21
  463. data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
  464. data/spec/unit/transaction/event_manager_spec.rb +11 -14
  465. data/spec/unit/transaction/report_spec.rb +0 -2
  466. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  467. data/spec/unit/transaction_spec.rb +55 -96
  468. data/spec/unit/type/exec_spec.rb +29 -76
  469. data/spec/unit/type/file/checksum_spec.rb +6 -6
  470. data/spec/unit/type/file/content_spec.rb +2 -1
  471. data/spec/unit/type/file/ensure_spec.rb +1 -1
  472. data/spec/unit/type/file/mode_spec.rb +1 -1
  473. data/spec/unit/type/file/selinux_spec.rb +5 -3
  474. data/spec/unit/type/file/source_spec.rb +4 -5
  475. data/spec/unit/type/file_spec.rb +18 -6
  476. data/spec/unit/type/group_spec.rb +6 -13
  477. data/spec/unit/type/package_spec.rb +1 -1
  478. data/spec/unit/type/resources_spec.rb +7 -7
  479. data/spec/unit/type/service_spec.rb +189 -60
  480. data/spec/unit/type/tidy_spec.rb +8 -24
  481. data/spec/unit/type/user_spec.rb +0 -45
  482. data/spec/unit/type_spec.rb +22 -2
  483. data/spec/unit/util/at_fork_spec.rb +2 -2
  484. data/spec/unit/util/autoload_spec.rb +1 -5
  485. data/spec/unit/util/backups_spec.rb +2 -3
  486. data/spec/unit/util/execution_spec.rb +11 -44
  487. data/spec/unit/util/inifile_spec.rb +14 -6
  488. data/spec/unit/util/log_spec.rb +7 -8
  489. data/spec/unit/util/logging_spec.rb +3 -3
  490. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  491. data/spec/unit/util/posix_spec.rb +15 -363
  492. data/spec/unit/util/run_mode_spec.rb +21 -121
  493. data/spec/unit/util/selinux_spec.rb +68 -163
  494. data/spec/unit/util/storage_spec.rb +1 -3
  495. data/spec/unit/util/suidmanager_spec.rb +41 -44
  496. data/spec/unit/util/windows/sid_spec.rb +0 -41
  497. data/spec/unit/util/windows/string_spec.rb +1 -3
  498. data/spec/unit/util/yaml_spec.rb +0 -54
  499. data/spec/unit/util_spec.rb +6 -31
  500. data/tasks/generate_cert_fixtures.rake +3 -12
  501. metadata +45 -253
  502. data/conf/auth.conf +0 -150
  503. data/lib/puppet/application/cert.rb +0 -76
  504. data/lib/puppet/application/key.rb +0 -4
  505. data/lib/puppet/application/man.rb +0 -4
  506. data/lib/puppet/application/status.rb +0 -4
  507. data/lib/puppet/face/key.rb +0 -16
  508. data/lib/puppet/face/man.rb +0 -145
  509. data/lib/puppet/face/module/build.rb +0 -14
  510. data/lib/puppet/face/module/generate.rb +0 -14
  511. data/lib/puppet/face/module/search.rb +0 -103
  512. data/lib/puppet/face/status.rb +0 -51
  513. data/lib/puppet/ffi/posix.rb +0 -10
  514. data/lib/puppet/ffi/posix/constants.rb +0 -14
  515. data/lib/puppet/ffi/posix/functions.rb +0 -24
  516. data/lib/puppet/indirector/certificate/file.rb +0 -9
  517. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  518. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  519. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  520. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  521. data/lib/puppet/indirector/file_content/http.rb +0 -22
  522. data/lib/puppet/indirector/key/file.rb +0 -46
  523. data/lib/puppet/indirector/key/memory.rb +0 -7
  524. data/lib/puppet/indirector/ssl_file.rb +0 -162
  525. data/lib/puppet/indirector/status.rb +0 -3
  526. data/lib/puppet/indirector/status/local.rb +0 -12
  527. data/lib/puppet/indirector/status/rest.rb +0 -27
  528. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  529. data/lib/puppet/network/auth_config_parser.rb +0 -90
  530. data/lib/puppet/network/authstore.rb +0 -283
  531. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  532. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  533. data/lib/puppet/network/http/base_pool.rb +0 -36
  534. data/lib/puppet/network/http/compression.rb +0 -127
  535. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  536. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  537. data/lib/puppet/network/rest_controller.rb +0 -2
  538. data/lib/puppet/network/rights.rb +0 -210
  539. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  540. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  541. data/lib/puppet/parser/environment_compiler.rb +0 -202
  542. data/lib/puppet/pops/types/enumeration.rb +0 -16
  543. data/lib/puppet/resource/capability_finder.rb +0 -154
  544. data/lib/puppet/rest/errors.rb +0 -15
  545. data/lib/puppet/rest/response.rb +0 -35
  546. data/lib/puppet/rest/route.rb +0 -85
  547. data/lib/puppet/rest/routes.rb +0 -135
  548. data/lib/puppet/settings/alias_setting.rb +0 -37
  549. data/lib/puppet/ssl/host.rb +0 -505
  550. data/lib/puppet/ssl/key.rb +0 -61
  551. data/lib/puppet/ssl/validator.rb +0 -61
  552. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  553. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  554. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  555. data/lib/puppet/status.rb +0 -40
  556. data/lib/puppet/util/connection.rb +0 -88
  557. data/lib/puppet/util/fact_dif.rb +0 -81
  558. data/lib/puppet/util/ssl.rb +0 -83
  559. data/lib/puppet/util/windows/api_types.rb +0 -309
  560. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  561. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  562. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  563. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  564. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  565. data/lib/puppet/vendor/pathspec/README.md +0 -53
  566. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  567. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  568. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  569. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  570. data/man/man8/puppet-key.8 +0 -126
  571. data/man/man8/puppet-man.8 +0 -76
  572. data/man/man8/puppet-status.8 +0 -108
  573. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
  574. data/spec/fixtures/ssl/oid-key.pem +0 -117
  575. data/spec/fixtures/ssl/oid.pem +0 -69
  576. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
  577. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
  578. data/spec/integration/application/resource_spec.rb +0 -64
  579. data/spec/integration/application/ssl_spec.rb +0 -20
  580. data/spec/integration/network/authconfig_spec.rb +0 -256
  581. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  582. data/spec/unit/application/man_spec.rb +0 -52
  583. data/spec/unit/capability_spec.rb +0 -414
  584. data/spec/unit/face/key_spec.rb +0 -9
  585. data/spec/unit/face/module/search_spec.rb +0 -231
  586. data/spec/unit/face/status_spec.rb +0 -9
  587. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  588. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  589. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  590. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  591. data/spec/unit/indirector/key/file_spec.rb +0 -78
  592. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  593. data/spec/unit/indirector/status/local_spec.rb +0 -10
  594. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  595. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  596. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  597. data/spec/unit/network/authstore_spec.rb +0 -422
  598. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  599. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  600. data/spec/unit/network/http/compression_spec.rb +0 -240
  601. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  602. data/spec/unit/network/http_spec.rb +0 -9
  603. data/spec/unit/network/rights_spec.rb +0 -439
  604. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  605. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
  606. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  607. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  608. data/spec/unit/rest/route_spec.rb +0 -132
  609. data/spec/unit/ssl/host_spec.rb +0 -645
  610. data/spec/unit/ssl/key_spec.rb +0 -173
  611. data/spec/unit/ssl/validator_spec.rb +0 -278
  612. data/spec/unit/status_spec.rb +0 -45
  613. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -29,7 +29,6 @@ class Puppet::Settings::EnvironmentConf
29
29
  section = config.sections[:main]
30
30
  rescue Errno::ENOENT
31
31
  # environment.conf is an optional file
32
- Puppet.debug { "Path to #{path_to_env} does not exist, using default environment.conf" }
33
32
  end
34
33
 
35
34
  new(path_to_env, section, global_module_path)
@@ -0,0 +1,17 @@
1
+ class Puppet::Settings::IntegerSetting < Puppet::Settings::BaseSetting
2
+ def munge(value)
3
+ return value if Integer === value
4
+
5
+ begin
6
+ value = Integer(value)
7
+ rescue ArgumentError, TypeError
8
+ raise Puppet::Settings::ValidationError, _("Cannot convert '%{value}' to an integer for parameter: %{name}") % { value: value.inspect, name: @name }
9
+ end
10
+
11
+ value
12
+ end
13
+
14
+ def type
15
+ :integer
16
+ end
17
+ end
@@ -0,0 +1,15 @@
1
+ class Puppet::Settings::PortSetting < Puppet::Settings::IntegerSetting
2
+ def munge(value)
3
+ value = super
4
+
5
+ if value < 0 || value > 65535
6
+ raise Puppet::Settings::ValidationError, _("Value '%{value}' is not a valid port number for parameter: %{name}") % { value: value.inspect, name: @name }
7
+ end
8
+
9
+ value
10
+ end
11
+
12
+ def type
13
+ :port
14
+ end
15
+ end
@@ -6,11 +6,12 @@ class Puppet::Settings::PrioritySetting < Puppet::Settings::BaseSetting
6
6
  PRIORITY_MAP =
7
7
  if Puppet::Util::Platform.windows?
8
8
  require 'puppet/util/windows/process'
9
+ require 'puppet/ffi/windows/constants'
9
10
  {
10
- :high => Puppet::Util::Windows::Process::HIGH_PRIORITY_CLASS,
11
- :normal => Puppet::Util::Windows::Process::NORMAL_PRIORITY_CLASS,
12
- :low => Puppet::Util::Windows::Process::BELOW_NORMAL_PRIORITY_CLASS,
13
- :idle => Puppet::Util::Windows::Process::IDLE_PRIORITY_CLASS
11
+ :high => Puppet::FFI::Windows::Constants::HIGH_PRIORITY_CLASS,
12
+ :normal => Puppet::FFI::Windows::Constants::NORMAL_PRIORITY_CLASS,
13
+ :low => Puppet::FFI::Windows::Constants::BELOW_NORMAL_PRIORITY_CLASS,
14
+ :idle => Puppet::FFI::Windows::Constants::IDLE_PRIORITY_CLASS
14
15
  }
15
16
  else
16
17
  {
data/lib/puppet/ssl.rb CHANGED
@@ -2,18 +2,22 @@
2
2
  require 'puppet'
3
3
  require 'puppet/ssl/openssl_loader'
4
4
 
5
+ # Responsible for bootstrapping an agent's certificate and private key, generating
6
+ # SSLContexts for use in making HTTPS connections, and handling CSR attributes and
7
+ # certificate extensions.
8
+ #
9
+ # @see Puppet::SSL::SSLProvider
5
10
  # @api private
6
- module Puppet::SSL # :nodoc:
11
+ module Puppet::SSL
7
12
  CA_NAME = "ca".freeze
8
- require 'puppet/ssl/host'
13
+
9
14
  require 'puppet/ssl/oids'
10
- require 'puppet/ssl/validator'
11
- require 'puppet/ssl/validator/no_validator'
12
- require 'puppet/ssl/validator/default_validator'
13
15
  require 'puppet/ssl/error'
14
16
  require 'puppet/ssl/ssl_context'
15
17
  require 'puppet/ssl/verifier'
16
- require 'puppet/ssl/verifier_adapter'
17
18
  require 'puppet/ssl/ssl_provider'
18
19
  require 'puppet/ssl/state_machine'
20
+ require 'puppet/ssl/certificate'
21
+ require 'puppet/ssl/certificate_request'
22
+ require 'puppet/ssl/certificate_request_attributes'
19
23
  end
@@ -1,7 +1,6 @@
1
1
  require 'puppet/ssl/openssl_loader'
2
2
  require 'puppet/ssl'
3
3
  require 'puppet/ssl/digest'
4
- require 'puppet/util/ssl'
5
4
 
6
5
  # The base class for wrapping SSL instances.
7
6
  class Puppet::SSL::Base
@@ -54,7 +53,9 @@ class Puppet::SSL::Base
54
53
  #
55
54
  # @return [String] the name (CN) extracted from the subject.
56
55
  def self.name_from_subject(subject)
57
- Puppet::Util::SSL.cn_from_subject(subject)
56
+ if subject.respond_to? :to_a
57
+ (subject.to_a.assoc('CN') || [])[1]
58
+ end
58
59
  end
59
60
 
60
61
  # Create an instance of our Puppet::SSL::* class using a given instance of the wrapped class
@@ -82,15 +83,12 @@ class Puppet::SSL::Base
82
83
  # Read content from disk appropriately.
83
84
  def read(path)
84
85
  # applies to Puppet::SSL::Certificate, Puppet::SSL::CertificateRequest
85
- # Puppet::SSL::Key uses this, but also provides its own override
86
86
  # nothing derives from Puppet::SSL::Certificate, but it is called by a number of other SSL Indirectors:
87
87
  # Puppet::Indirector::CertificateStatus::File (.indirection.find)
88
88
  # Puppet::Network::HTTP::WEBrick (.indirection.find)
89
89
  # Puppet::Network::HTTP::RackREST (.from_instance)
90
90
  # Puppet::Network::HTTP::WEBrickREST (.from_instance)
91
- # Puppet::SSL::Host (.indirection.find)
92
91
  # Puppet::SSL::Inventory (.indirection.search, implements its own add / rebuild / serials with encoding UTF8)
93
- # Puppet::SSL::Validator::DefaultValidator (.from_instance) / Puppet::SSL::Validator::NoValidator does nothing
94
92
  @content = wrapped_class.new(Puppet::FileSystem.read(path, :encoding => Encoding::ASCII))
95
93
  end
96
94
 
@@ -11,12 +11,6 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
11
11
  # This is defined from the base class
12
12
  wraps OpenSSL::X509::Certificate
13
13
 
14
- extend Puppet::Indirector
15
- indirects :certificate, :terminus_class => :file, :doc => <<DOC
16
- This indirection wraps an `OpenSSL::X509::Certificate` object, representing a certificate (signed public key).
17
- The indirection key is the certificate CN (generally a hostname).
18
- DOC
19
-
20
14
  # Because of how the format handler class is included, this
21
15
  # can't be in the base class.
22
16
  def self.supported_formats
@@ -28,13 +28,6 @@ require 'puppet/ssl/certificate_signer'
28
28
  class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
29
29
  wraps OpenSSL::X509::Request
30
30
 
31
- extend Puppet::Indirector
32
-
33
- indirects :certificate_request, :terminus_class => :file, :doc => <<DOC
34
- This indirection wraps an `OpenSSL::X509::Request` object, representing a certificate signing request (CSR).
35
- The indirection key is the certificate CN (generally a hostname).
36
- DOC
37
-
38
31
  # Because of how the format handler class is included, this
39
32
  # can't be in the base class.
40
33
  def self.supported_formats
@@ -47,8 +40,7 @@ DOC
47
40
 
48
41
  # Create a certificate request with our system settings.
49
42
  #
50
- # @param key [OpenSSL::X509::Key, Puppet::SSL::Key] The key pair associated
51
- # with this CSR.
43
+ # @param key [OpenSSL::X509::Key] The private key associated with this CSR.
52
44
  # @param options [Hash]
53
45
  # @option options [String] :dns_alt_names A comma separated list of
54
46
  # Subject Alternative Names to include in the CSR extension request.
@@ -64,9 +56,6 @@ DOC
64
56
  def generate(key, options = {})
65
57
  Puppet.info _("Creating a new SSL certificate request for %{name}") % { name: name }
66
58
 
67
- # Support either an actual SSL key, or a Puppet key.
68
- key = key.content if key.is_a?(Puppet::SSL::Key)
69
-
70
59
  # If we're a CSR for the CA, then use the real ca_name, rather than the
71
60
  # fake 'ca' name. This is mostly for backward compatibility with 0.24.x,
72
61
  # but it's also just a good idea.
@@ -27,6 +27,12 @@ class Puppet::SSL::CertificateSigner
27
27
  @digest
28
28
  end
29
29
 
30
+ # Sign a certificate signing request (CSR) with a private key.
31
+ #
32
+ # @param [OpenSSL::X509::Request] content The CSR to sign
33
+ # @param [OpenSSL::X509::PKey] key The private key to sign with
34
+ #
35
+ # @api private
30
36
  def sign(content, key)
31
37
  content.sign(key, @digest.new)
32
38
  end
@@ -2,10 +2,11 @@ require 'puppet/ssl'
2
2
 
3
3
  # This module defines OIDs for use within Puppet.
4
4
  #
5
- # == ASN.1 Definition
5
+ # # ASN.1 Definition
6
6
  #
7
7
  # The following is the formal definition of OIDs specified in this file.
8
8
  #
9
+ # ```
9
10
  # puppetCertExtensions OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
10
11
  # dod(6) internet(1) private(4) enterprise(1) 34380 1}
11
12
  #
@@ -22,6 +23,7 @@ require 'puppet/ssl'
22
23
  # pp_instance_id OBJECT IDENTIFIER ::= { registeredExtensions 2 }
23
24
  # pp_image_name OBJECT IDENTIFIER ::= { registeredExtensions 3 }
24
25
  # pp_preshared_key OBJECT IDENTIFIER ::= { registeredExtensions 4 }
26
+ # ```
25
27
  #
26
28
  # @api private
27
29
  module Puppet::SSL::Oids
@@ -3,6 +3,23 @@ require 'puppet/ssl'
3
3
  # SSL Provider creates `SSLContext` objects that can be used to create
4
4
  # secure connections.
5
5
  #
6
+ # @example To load an SSLContext from an existing private key and related certs/crls:
7
+ # ssl_context = provider.load_context
8
+ #
9
+ # @example To load an SSLContext from an existing password-protected private key and related certs/crls:
10
+ # ssl_context = provider.load_context(password: 'opensesame')
11
+ #
12
+ # @example To create an SSLContext from in-memory certs and keys:
13
+ # cacerts = [<OpenSSL::X509::Certificate>]
14
+ # crls = [<OpenSSL::X509::CRL>]
15
+ # key = <OpenSSL::X509::PKey>
16
+ # cert = <OpenSSL::X509::Certificate>
17
+ # ssl_context = provider.create_context(cacerts: cacerts, crls: crls, private_key: key, client_cert: cert)
18
+ #
19
+ # @example To create an SSLContext to connect to non-puppet HTTPS servers:
20
+ # cacerts = [<OpenSSL::X509::Certificate>]
21
+ # ssl_context = provider.create_root_context(cacerts: cacerts)
22
+ #
6
23
  # @api private
7
24
  class Puppet::SSL::SSLProvider
8
25
  # Create an insecure `SSLContext`. Connections made from the returned context
@@ -10,7 +10,7 @@ require 'puppet/util/pidlock'
10
10
  # certs. This way we're sure about which SSLContext is being used during any
11
11
  # phase of the bootstrapping process.
12
12
  #
13
- # @private
13
+ # @api private
14
14
  class Puppet::SSL::StateMachine
15
15
  class SSLState
16
16
  attr_reader :ssl_context
@@ -405,6 +405,7 @@ class Puppet::SSL::StateMachine
405
405
  #
406
406
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
407
407
  # @raise [Puppet::Error] If we fail to generate an SSLContext
408
+ # @api private
408
409
  def ensure_ca_certificates
409
410
  final_state = run_machine(NeedLock.new(self), NeedKey)
410
411
  final_state.ssl_context
@@ -414,6 +415,7 @@ class Puppet::SSL::StateMachine
414
415
  #
415
416
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
416
417
  # @raise [Puppet::Error] If we fail to generate an SSLContext
418
+ # @api private
417
419
  def ensure_client_certificate
418
420
  final_state = run_machine(NeedLock.new(self), Done)
419
421
  ssl_context = final_state.ssl_context
@@ -14,6 +14,7 @@ class Puppet::SSL::Verifier
14
14
  # @param hostname [String] FQDN of the server we're attempting to connect to
15
15
  # @param ssl_context [Puppet::SSL::SSLContext] ssl_context containing CA certs,
16
16
  # CRLs, etc needed to verify the server's certificate chain
17
+ # @api private
17
18
  def initialize(hostname, ssl_context)
18
19
  @hostname = hostname
19
20
  @ssl_context = ssl_context
@@ -25,6 +26,7 @@ class Puppet::SSL::Verifier
25
26
  #
26
27
  # @param verifier [Puppet::SSL::Verifier] the verifier to compare against
27
28
  # @return [Boolean] return true if a cached connection can be used, false otherwise
29
+ # @api private
28
30
  def reusable?(verifier)
29
31
  verifier.instance_of?(self.class) &&
30
32
  verifier.ssl_context.object_id == @ssl_context.object_id
@@ -147,9 +147,6 @@ module Puppet::Test
147
147
  Puppet::Application.clear!
148
148
  Puppet::Util::Profiler.clear
149
149
 
150
- Puppet::SSL::Host.reset
151
- Puppet::Rest::Routes.clear
152
-
153
150
  Puppet::Node::Facts.indirection.terminus_class = :memory
154
151
  facts = Puppet::Node::Facts.new(Puppet[:node_name_value])
155
152
  Puppet::Node::Facts.indirection.save(facts)
@@ -223,6 +220,7 @@ module Puppet::Test
223
220
  {
224
221
  :logdir => "/dev/null",
225
222
  :confdir => "/dev/null",
223
+ :publicdir => "/dev/null",
226
224
  :codedir => "/dev/null",
227
225
  :vardir => "/dev/null",
228
226
  :rundir => "/dev/null",
@@ -376,16 +376,10 @@ class Puppet::Transaction
376
376
  Puppet.debug { "Prefetching #{provider_class.name} resources for #{type_name}" }
377
377
  begin
378
378
  provider_class.prefetch(resources)
379
- rescue LoadError, Puppet::MissingCommand => detail
379
+ rescue LoadError, StandardError => detail
380
380
  #TRANSLATORS `prefetch` is a function name and should not be translated
381
381
  message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
382
382
  Puppet.log_exception(detail, message)
383
- rescue StandardError => detail
384
- message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
385
- Puppet.log_exception(detail, message)
386
-
387
- raise unless Puppet.settings[:future_features]
388
-
389
383
  @prefetch_failed_providers[type_name][provider_class.name] = true
390
384
  end
391
385
  @prefetched_providers[type_name][provider_class.name] = true
@@ -137,7 +137,7 @@ class Puppet::Transaction::AdditionalResourceGenerator
137
137
  else
138
138
  @catalog.add_resource_after(parent_resource, res)
139
139
  end
140
- @catalog.add_edge(@catalog.container_of(parent_resource), res) if @catalog.container_of(parent_resource)
140
+ @catalog.add_edge(@catalog.container_of(parent_resource), res)
141
141
  if @relationship_graph && priority
142
142
  # If we have a relationship_graph we should add the resource
143
143
  # to it (this is an eval_generate). If we don't, then the
@@ -66,8 +66,6 @@ class Puppet::Transaction::Report
66
66
  # Contains the name and port of the server that was successfully contacted
67
67
  # @return [String] a string of the format 'servername:port'
68
68
  attr_accessor :server_used
69
- alias :master_used :server_used
70
- alias :master_used= :server_used=
71
69
 
72
70
  # The host name for which the report is generated
73
71
  # @return [String] the host name
@@ -226,7 +224,7 @@ class Puppet::Transaction::Report
226
224
  @external_times ||= {}
227
225
  @host = Puppet[:node_name_value]
228
226
  @time = start_time
229
- @report_format = 11
227
+ @report_format = 12
230
228
  @puppet_version = Puppet.version
231
229
  @configuration_version = configuration_version
232
230
  @transaction_uuid = transaction_uuid
@@ -326,7 +324,7 @@ class Puppet::Transaction::Report
326
324
  }
327
325
 
328
326
  # The following is include only when set
329
- hash['master_used'] = hash['server_used'] = @server_used unless @server_used.nil?
327
+ hash['server_used'] = @server_used unless @server_used.nil?
330
328
  hash['catalog_uuid'] = @catalog_uuid unless @catalog_uuid.nil?
331
329
  hash['code_id'] = @code_id unless @code_id.nil?
332
330
  hash['job_id'] = @job_id unless @job_id.nil?
data/lib/puppet/type.rb CHANGED
@@ -114,29 +114,6 @@ class Type
114
114
  attr_reader :properties
115
115
  end
116
116
 
117
- # Allow declaring that a type is actually a capability
118
- class << self
119
- # @deprecated application orchestration will be removed in puppet 7
120
- attr_accessor :is_capability
121
-
122
- # @deprecated application orchestration will be removed in puppet 7
123
- def is_capability?
124
- c = is_capability
125
- c.nil? ? false : c
126
- end
127
- end
128
-
129
- # Returns whether this type represents an application instance; since
130
- # only defined types, i.e., instances of Puppet::Resource::Type can
131
- # represent application instances, this implementation always returns
132
- # +false+. Having this method though makes code checking whether a
133
- # resource is an application instance simpler
134
- #
135
- # @deprecated application orchestration will be removed in puppet 7
136
- def self.application?
137
- false
138
- end
139
-
140
117
  # Returns all the attribute names of the type in the appropriate order.
141
118
  # The {key_attributes} come first, then the {provider}, then the {properties}, and finally
142
119
  # the {parameters} and {metaparams},
@@ -1720,59 +1697,6 @@ class Type
1720
1697
  }
1721
1698
  end
1722
1699
 
1723
- # @deprecated application orchestration will be removed in puppet 7
1724
- newmetaparam(:export, :parent => RelationshipMetaparam, :attributes => {:direction => :out, :events => :NONE}) do
1725
- desc <<EOS
1726
- Export a capability resource.
1727
-
1728
- The value of this parameter must be a reference to a capability resource,
1729
- or an array of such references. Each capability resource referenced here
1730
- will be instantiated in the node catalog and exported to consumers of this
1731
- resource. The title of the capability resource will be the title given in
1732
- the reference, and all other attributes of the resource will be filled
1733
- according to the corresponding produces statement.
1734
-
1735
- It is an error if this metaparameter references resources whose type is not
1736
- a capability type, or of there is no produces clause for the type of the
1737
- current resource and the capability resource mentioned in this parameter.
1738
-
1739
- For example:
1740
-
1741
- define web(..) { .. }
1742
- Web produces Http { .. }
1743
- web { server:
1744
- export => Http[main_server]
1745
- }
1746
- EOS
1747
- end
1748
-
1749
- # @deprecated application orchestration will be removed in puppet 7
1750
- newmetaparam(:consume, :parent => RelationshipMetaparam, :attributes => {:direction => :in, :events => :NONE}) do
1751
- desc <<EOS
1752
- Consume a capability resource.
1753
-
1754
- The value of this parameter must be a reference to a capability resource,
1755
- or an array of such references. Each capability resource referenced here
1756
- must have been exported by another resource in the same environment.
1757
-
1758
- The referenced capability resources will be looked up, added to the
1759
- current node catalog, and processed following the underlying consumes
1760
- clause.
1761
-
1762
- It is an error if this metaparameter references resources whose type is not
1763
- a capability type, or of there is no consumes clause for the type of the
1764
- current resource and the capability resource mentioned in this parameter.
1765
-
1766
- For example:
1767
-
1768
- define web(..) { .. }
1769
- Web consumes Sql { .. }
1770
- web { server:
1771
- consume => Sql[my_db]
1772
- }
1773
- EOS
1774
- end
1775
-
1776
1700
  ###############################
1777
1701
  # All of the provider plumbing for the resource types.
1778
1702
  require 'puppet/provider'
@@ -201,9 +201,7 @@ module Puppet
201
201
  only uses the resource title to ensure `exec`s are unique."
202
202
 
203
203
  validate do |command|
204
- unless command.is_a?(String) || command.is_a?(Array)
205
- raise ArgumentError, _("Command must be a String or Array<String>, got value of class %{klass}") % { klass: command.class }
206
- end
204
+ raise ArgumentError, _("Command must be a String, got value of class %{klass}") % { klass: command.class } unless command.is_a? String
207
205
  end
208
206
  end
209
207
 
@@ -460,10 +458,6 @@ module Puppet
460
458
 
461
459
  unless => ['test -f /tmp/file1', 'test -f /tmp/file2'],
462
460
 
463
- or an array of arrays. For example:
464
-
465
- unless => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
466
-
467
461
  This `exec` would only run if every command in the array has a
468
462
  non-zero exit code.
469
463
  EOT
@@ -520,10 +514,6 @@ module Puppet
520
514
 
521
515
  onlyif => ['test -f /tmp/file1', 'test -f /tmp/file2'],
522
516
 
523
- or an array of arrays. For example:
524
-
525
- onlyif => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
526
-
527
517
  This `exec` would only run if every command in the array has an
528
518
  exit code of 0 (success).
529
519
  EOT
@@ -572,14 +562,12 @@ module Puppet
572
562
  reqs << self[:cwd] if self[:cwd]
573
563
 
574
564
  file_regex = Puppet::Util::Platform.windows? ? %r{^([a-zA-Z]:[\\/]\S+)} : %r{^(/\S+)}
575
- cmd = self[:command]
576
- cmd = cmd[0] if cmd.is_a? Array
577
565
 
578
- cmd.scan(file_regex) { |str|
566
+ self[:command].scan(file_regex) { |str|
579
567
  reqs << str
580
568
  }
581
569
 
582
- cmd.scan(/^"([^"]+)"/) { |str|
570
+ self[:command].scan(/^"([^"]+)"/) { |str|
583
571
  reqs << str
584
572
  }
585
573
 
@@ -595,7 +583,6 @@ module Puppet
595
583
  # fully qualified. It might not be a bad idea to add
596
584
  # unqualified files, but, well, that's a bit more annoying
597
585
  # to do.
598
- line = line[0] if line.is_a? Array
599
586
  reqs += line.scan(file_regex)
600
587
  end
601
588
  }