puppet 6.24.0-x64-mingw32 → 7.0.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +1 -3
- data/Gemfile.lock +35 -47
- data/README.md +5 -5
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -15
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +14 -23
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application/agent.rb +4 -12
- data/lib/puppet/application/apply.rb +2 -4
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -10
- data/lib/puppet/application/resource.rb +3 -17
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -13
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/configurer.rb +30 -45
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/defaults.rb +100 -192
- data/lib/puppet/environments.rb +60 -84
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/help/action.erb +0 -1
- data/lib/puppet/face/help/face.erb +0 -1
- data/lib/puppet/face/node/clean.rb +0 -11
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +2 -4
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +0 -8
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +0 -1
- data/lib/puppet/functions/tree_each.rb +9 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +2 -17
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/http/client.rb +164 -114
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -12
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +22 -138
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector/catalog/compiler.rb +0 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/resource/ral.rb +1 -6
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/interface/documentation.rb +0 -1
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -52
- data/lib/puppet/module_tool/errors/shared.rb +2 -34
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +3 -1
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +0 -69
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/exec/posix.rb +4 -16
- data/lib/puppet/provider/group/groupadd.rb +8 -13
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +3 -16
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/parsedfile.rb +0 -3
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/systemd.rb +4 -14
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +10 -33
- data/lib/puppet/provider/user/useradd.rb +8 -62
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/resource.rb +1 -89
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +80 -96
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +17 -0
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +1 -3
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/report.rb +2 -4
- data/lib/puppet/type.rb +0 -76
- data/lib/puppet/type/exec.rb +3 -16
- data/lib/puppet/type/file.rb +6 -26
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/mode.rb +0 -6
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/service.rb +38 -18
- data/lib/puppet/type/tidy.rb +3 -22
- data/lib/puppet/type/user.rb +20 -38
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -53
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/symbolic_file_mode.rb +17 -29
- data/lib/puppet/util/windows.rb +3 -8
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +9 -460
- data/lib/puppet/util/windows/sid.rb +2 -6
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +722 -1527
- data/man/man5/puppet.conf.5 +266 -354
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -51
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +27 -171
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -27
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/module_spec.rb +0 -21
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
- data/spec/integration/http/client_spec.rb +0 -12
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/indirector/facts/facter_spec.rb +36 -90
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/exec_spec.rb +45 -70
- data/spec/integration/type/file_spec.rb +5 -4
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -7
- data/spec/lib/puppet_spec/puppetserver.rb +1 -1
- data/spec/lib/puppet_spec/settings.rb +1 -1
- data/spec/spec_helper.rb +7 -12
- data/spec/unit/agent_spec.rb +6 -10
- data/spec/unit/application/agent_spec.rb +3 -7
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +12 -32
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/defaults_spec.rb +68 -54
- data/spec/unit/environments_spec.rb +68 -259
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +0 -15
- data/spec/unit/forge/module_release_spec.rb +7 -2
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +0 -10
- data/spec/unit/functions/unwrap_spec.rb +0 -8
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +7 -8
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -185
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +12 -8
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/resource/ral_spec.rb +75 -40
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -78
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -45
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +5 -16
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip_spec.rb +11 -43
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
- data/spec/unit/provider/parsedfile_spec.rb +0 -10
- data/spec/unit/provider/service/init_spec.rb +0 -1
- data/spec/unit/provider/service/openwrt_spec.rb +1 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +8 -53
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +3 -71
- data/spec/unit/provider_spec.rb +8 -18
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +10 -67
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +79 -110
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
- data/spec/unit/ssl/state_machine_spec.rb +5 -20
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/exec_spec.rb +29 -76
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -60
- data/spec/unit/type/tidy_spec.rb +8 -24
- data/spec/unit/type/user_spec.rb +0 -45
- data/spec/unit/type_spec.rb +22 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -41
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +3 -12
- metadata +45 -253
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
- data/spec/fixtures/ssl/oid-key.pem +0 -117
- data/spec/fixtures/ssl/oid.pem +0 -69
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -64
- data/spec/integration/application/ssl_spec.rb +0 -20
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
@@ -53,13 +53,6 @@ module Puppet
|
|
53
53
|
route_file = Puppet[:route_file]
|
54
54
|
if Puppet::FileSystem.exist?(route_file)
|
55
55
|
routes = Puppet::Util::Yaml.safe_load_file(route_file, [Symbol])
|
56
|
-
if routes["server"] && routes["master"]
|
57
|
-
Puppet.warning("Route file #{route_file} contains both server and master route settings.")
|
58
|
-
elsif routes["server"] && !routes["master"]
|
59
|
-
routes["master"] = routes["server"]
|
60
|
-
elsif routes["master"] && !routes["server"]
|
61
|
-
routes["server"] = routes["master"]
|
62
|
-
end
|
63
56
|
application_routes = routes[application_name]
|
64
57
|
Puppet::Indirector.configure_routes(application_routes) if application_routes
|
65
58
|
end
|
data/lib/puppet/configurer.rb
CHANGED
@@ -112,7 +112,7 @@ class Puppet::Configurer
|
|
112
112
|
catalog_conversion_time = thinmark do
|
113
113
|
# Will mutate the result and replace all Deferred values with resolved values
|
114
114
|
if facts
|
115
|
-
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result
|
115
|
+
Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
|
116
116
|
end
|
117
117
|
|
118
118
|
catalog = result.to_ral
|
@@ -202,7 +202,6 @@ class Puppet::Configurer
|
|
202
202
|
# This just passes any options on to the catalog,
|
203
203
|
# which accepts :tags and :ignoreschedules.
|
204
204
|
def run(options = {})
|
205
|
-
pool = Puppet.runtime[:http].pool
|
206
205
|
# We create the report pre-populated with default settings for
|
207
206
|
# environment and transaction_uuid very early, this is to ensure
|
208
207
|
# they are sent regardless of any catalog compilation failures or
|
@@ -215,41 +214,40 @@ class Puppet::Configurer
|
|
215
214
|
|
216
215
|
completed = nil
|
217
216
|
begin
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
Puppet.err(detail)
|
236
|
-
else
|
237
|
-
raise Puppet::Error, detail
|
238
|
-
end
|
217
|
+
# Skip failover logic if the server_list setting is empty
|
218
|
+
do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
|
219
|
+
|
220
|
+
# When we are passed a catalog, that means we're in apply
|
221
|
+
# mode. We shouldn't try to do any failover in that case.
|
222
|
+
if options[:catalog].nil? && do_failover
|
223
|
+
server, port = find_functional_server
|
224
|
+
if server.nil?
|
225
|
+
detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
|
226
|
+
if Puppet[:usecacheonfailure]
|
227
|
+
options[:pluginsync] = false
|
228
|
+
@running_failure = true
|
229
|
+
|
230
|
+
server = Puppet[:server_list].first[0]
|
231
|
+
port = Puppet[:server_list].first[1] || Puppet[:serverport]
|
232
|
+
|
233
|
+
Puppet.err(detail)
|
239
234
|
else
|
240
|
-
|
241
|
-
Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
|
242
|
-
report.server_used = "#{server}:#{port}"
|
243
|
-
end
|
244
|
-
Puppet.override(server: server, serverport: port) do
|
245
|
-
completed = run_internal(options)
|
235
|
+
raise Puppet::Error, detail
|
246
236
|
end
|
247
237
|
else
|
238
|
+
#TRANSLATORS 'server_list' is the name of a setting and should not be translated
|
239
|
+
Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
|
240
|
+
report.server_used = "#{server}:#{port}"
|
241
|
+
end
|
242
|
+
Puppet.override(server: server, serverport: port) do
|
248
243
|
completed = run_internal(options)
|
249
244
|
end
|
245
|
+
else
|
246
|
+
completed = run_internal(options)
|
250
247
|
end
|
251
248
|
ensure
|
252
|
-
|
249
|
+
# we may sleep for awhile, close connections now
|
250
|
+
Puppet.runtime[:http].close
|
253
251
|
end
|
254
252
|
|
255
253
|
completed ? report.exit_status : nil
|
@@ -397,29 +395,16 @@ class Puppet::Configurer
|
|
397
395
|
if !cached_catalog && options[:catalog]
|
398
396
|
ral_catalog = options[:catalog]
|
399
397
|
else
|
400
|
-
# Ordering here matters. We have to resolve deferred resources in the
|
401
|
-
# resource catalog, convert the resource catalog to a RAL catalog (which
|
402
|
-
# triggers type/provider validation), and only if that is successful,
|
403
|
-
# should we cache the *original* resource catalog. However, deferred
|
404
|
-
# evaluation mutates the resource catalog, so we need to make a copy of
|
405
|
-
# it here. If PUP-9323 is ever implemented so that we resolve deferred
|
406
|
-
# resources in the RAL catalog as they are needed, then we could eliminate
|
407
|
-
# this step.
|
408
|
-
catalog_to_cache = Puppet.override(:rich_data => Puppet[:rich_data]) do
|
409
|
-
Puppet::Resource::Catalog.from_data_hash(catalog.to_data_hash)
|
410
|
-
end
|
411
|
-
|
412
398
|
# REMIND @duration is the time spent loading the last catalog, and doesn't
|
413
399
|
# account for things like we failed to download and fell back to the cache
|
414
400
|
ral_catalog = convert_catalog(catalog, @duration, facts, options)
|
415
401
|
|
416
|
-
#
|
417
|
-
# commit `catalog` since it contains the result of deferred evaluation. Ideally
|
402
|
+
# If not noop, commit the cached resource catalog (not ral catalog). Ideally
|
418
403
|
# we'd just copy the downloaded response body, instead of serializing the
|
419
404
|
# in-memory catalog, but that's hard due to the indirector.
|
420
405
|
indirection = Puppet::Resource::Catalog.indirection
|
421
406
|
if !Puppet[:noop] && indirection.cache?
|
422
|
-
request = indirection.request(:save, nil,
|
407
|
+
request = indirection.request(:save, nil, catalog, environment: Puppet::Node::Environment.remote(catalog.environment))
|
423
408
|
Puppet.info("Caching catalog for #{request.key}")
|
424
409
|
indirection.cache.save(request)
|
425
410
|
end
|
@@ -29,25 +29,27 @@ class Puppet::Configurer::PluginHandler
|
|
29
29
|
result += plugin_fact_downloader.evaluate
|
30
30
|
result += plugin_downloader.evaluate
|
31
31
|
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
32
|
+
unless Puppet[:disable_i18n]
|
33
|
+
# until file metadata/content are using the rest client, we need to check
|
34
|
+
# both :server_agent_version and the session to see if the server supports
|
35
|
+
# the "locales" mount
|
36
|
+
server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
|
37
|
+
locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
|
38
|
+
unless locales
|
39
|
+
session = Puppet.lookup(:http_session)
|
40
|
+
locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
|
41
|
+
end
|
42
|
+
|
43
|
+
if locales
|
44
|
+
locales_downloader = Puppet::Configurer::Downloader.new(
|
45
|
+
"locales",
|
46
|
+
Puppet[:localedest],
|
47
|
+
Puppet[:localesource],
|
48
|
+
Puppet[:pluginsignore] + " *.pot config.yaml",
|
49
|
+
environment
|
50
|
+
)
|
51
|
+
result += locales_downloader.evaluate
|
52
|
+
end
|
51
53
|
end
|
52
54
|
|
53
55
|
Puppet::Util::Autoload.reload_changed(Puppet.lookup(:current_environment))
|
data/lib/puppet/defaults.rb
CHANGED
@@ -11,25 +11,60 @@ module Puppet
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.default_digest_algorithm
|
14
|
-
|
14
|
+
'sha256'
|
15
15
|
end
|
16
16
|
|
17
17
|
def self.valid_digest_algorithms
|
18
18
|
Puppet::Util::Platform.fips_enabled? ?
|
19
19
|
%w[sha256 sha384 sha512 sha224] :
|
20
|
-
%w[
|
20
|
+
%w[sha256 sha384 sha512 sha224 md5]
|
21
21
|
end
|
22
22
|
|
23
23
|
def self.default_file_checksum_types
|
24
24
|
Puppet::Util::Platform.fips_enabled? ?
|
25
25
|
%w[sha256 sha384 sha512 sha224] :
|
26
|
-
%w[
|
26
|
+
%w[sha256 sha384 sha512 sha224 md5]
|
27
27
|
end
|
28
28
|
|
29
29
|
def self.valid_file_checksum_types
|
30
30
|
Puppet::Util::Platform.fips_enabled? ?
|
31
31
|
%w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime] :
|
32
|
-
%w[
|
32
|
+
%w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite md5 md5lite mtime ctime]
|
33
|
+
end
|
34
|
+
|
35
|
+
def self.log_ca_migration_warning
|
36
|
+
urge_to_migrate = <<-UTM
|
37
|
+
The cadir is currently configured to be inside the #{Puppet[:ssldir]} directory. This config
|
38
|
+
setting and the directory location will not be used in a future version of puppet. Please run the
|
39
|
+
puppetserver ca tool to migrate out from the puppet confdir to the /etc/puppetlabs/puppetserver/ca
|
40
|
+
directory. Use `puppetserver ca migrate --help` for more info.
|
41
|
+
UTM
|
42
|
+
Puppet.warn_once('deprecations',
|
43
|
+
'CA migration message',
|
44
|
+
urge_to_migrate,
|
45
|
+
:default,
|
46
|
+
:default)
|
47
|
+
end
|
48
|
+
|
49
|
+
def self.default_cadir
|
50
|
+
return "" if Puppet::Util::Platform.windows?
|
51
|
+
old_ca_dir = "#{Puppet[:ssldir]}/ca"
|
52
|
+
new_ca_dir = "/etc/puppetlabs/puppetserver/ca"
|
53
|
+
|
54
|
+
if File.exist?(old_ca_dir)
|
55
|
+
if File.symlink?(old_ca_dir)
|
56
|
+
target = File.readlink(old_ca_dir)
|
57
|
+
if target.start_with?(Puppet[:ssldir])
|
58
|
+
Puppet.log_ca_migration_warning
|
59
|
+
end
|
60
|
+
target
|
61
|
+
else
|
62
|
+
Puppet.log_ca_migration_warning
|
63
|
+
old_ca_dir
|
64
|
+
end
|
65
|
+
else
|
66
|
+
new_ca_dir
|
67
|
+
end
|
33
68
|
end
|
34
69
|
|
35
70
|
def self.default_basemodulepath
|
@@ -58,18 +93,6 @@ module Puppet
|
|
58
93
|
end
|
59
94
|
end
|
60
95
|
|
61
|
-
def self.default_cadir
|
62
|
-
return "" if Puppet::Util::Platform.windows?
|
63
|
-
old_ca_dir = "#{Puppet[:ssldir]}/ca"
|
64
|
-
new_ca_dir = '/etc/puppetlabs/puppetserver/ca'
|
65
|
-
|
66
|
-
if File.exist?("#{new_ca_dir}/ca_crt.pem")
|
67
|
-
new_ca_dir
|
68
|
-
else
|
69
|
-
old_ca_dir
|
70
|
-
end
|
71
|
-
end
|
72
|
-
|
73
96
|
############################################################################################
|
74
97
|
# NOTE: For information about the available values for the ":type" property of settings,
|
75
98
|
# see the docs for Settings.define_settings
|
@@ -82,29 +105,6 @@ module Puppet
|
|
82
105
|
# @return void
|
83
106
|
def self.initialize_default_settings!(settings)
|
84
107
|
settings.define_settings(:main,
|
85
|
-
:facterng => {
|
86
|
-
:default => false,
|
87
|
-
:type => :boolean,
|
88
|
-
:desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
|
89
|
-
the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
|
90
|
-
This setting is still experimental.',
|
91
|
-
:hook => proc do |value|
|
92
|
-
value = munge(value)
|
93
|
-
if value && Puppet::Util::Package.versioncmp(Facter.value('facterversion'), '4.0.0') < 0
|
94
|
-
begin
|
95
|
-
original_facter = Object.const_get(:Facter)
|
96
|
-
Object.send(:remove_const, :Facter)
|
97
|
-
|
98
|
-
require 'facter-ng'
|
99
|
-
# It is required to re-setup logger for facter-ng
|
100
|
-
Puppet::Util::Logging.setup_facter_logging!
|
101
|
-
rescue LoadError
|
102
|
-
Object.const_set(:Facter, original_facter)
|
103
|
-
raise ArgumentError, 'facter-ng could not be loaded'
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
107
|
-
},
|
108
108
|
:confdir => {
|
109
109
|
:default => nil,
|
110
110
|
:type => :directory,
|
@@ -231,7 +231,7 @@ module Puppet
|
|
231
231
|
end
|
232
232
|
},
|
233
233
|
:disable_i18n => {
|
234
|
-
:default =>
|
234
|
+
:default => true,
|
235
235
|
:type => :boolean,
|
236
236
|
:desc => "If true, turns off all translations of Puppet and module
|
237
237
|
log messages, which affects error, warning, and info log messages,
|
@@ -276,13 +276,6 @@ module Puppet
|
|
276
276
|
:type => :boolean,
|
277
277
|
:desc => "Whether to enable experimental performance profiling",
|
278
278
|
},
|
279
|
-
:future_features => {
|
280
|
-
:default => false,
|
281
|
-
:type => :boolean,
|
282
|
-
:desc => "Whether or not to enable all features currently being developed for future
|
283
|
-
major releases of Puppet. Should be used with caution, as in development
|
284
|
-
features are experimental and can have unexpected effects."
|
285
|
-
},
|
286
279
|
:versioned_environment_dirs => {
|
287
280
|
:default => false,
|
288
281
|
:type => :boolean,
|
@@ -297,6 +290,11 @@ module Puppet
|
|
297
290
|
which occurs only on a Puppet Server master when the `code-id-command` and
|
298
291
|
`code-content-command` settings are configured in its `puppetserver.conf` file.",
|
299
292
|
},
|
293
|
+
:settings_catalog => {
|
294
|
+
:default => true,
|
295
|
+
:type => :boolean,
|
296
|
+
:desc => "Whether to compile and apply the settings catalog",
|
297
|
+
},
|
300
298
|
:strict_environment_mode => {
|
301
299
|
:default => false,
|
302
300
|
:type => :boolean,
|
@@ -719,9 +717,8 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
719
717
|
A value of `0` will disable caching. This setting can also be set to
|
720
718
|
`unlimited`, which will cache environments until the server is restarted
|
721
719
|
or told to refresh the cache. All other values will result in Puppet
|
722
|
-
server evicting
|
723
|
-
|
724
|
-
`environment_timeout_mode`.
|
720
|
+
server evicting environments that haven't been used within the last
|
721
|
+
`environment_timeout` seconds.
|
725
722
|
|
726
723
|
You should change this setting once your Puppet deployment is doing
|
727
724
|
non-trivial work. We chose the default value of `0` because it lets new
|
@@ -734,32 +731,13 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
734
731
|
* Setting this to a number that will keep your most actively used
|
735
732
|
environments cached, but allow testing environments to fall out of the
|
736
733
|
cache and reduce memory usage. A value of 3 minutes (3m) is a reasonable
|
737
|
-
value.
|
738
|
-
`from_last_used`.
|
734
|
+
value.
|
739
735
|
|
740
736
|
Once you set `environment_timeout` to a non-zero value, you need to tell
|
741
737
|
Puppet server to read new code from disk using the `environment-cache` API
|
742
738
|
endpoint after you deploy new code. See the docs for the Puppet Server
|
743
739
|
[administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
|
744
|
-
"
|
745
|
-
:hook => proc do |val|
|
746
|
-
if Puppet[:environment_timeout_mode] == :from_created
|
747
|
-
unless [0, 'unlimited', Float::INFINITY].include?(val)
|
748
|
-
Puppet.deprecation_warning("Evicting environments based on their creation time is deprecated, please set `environment_timeout_mode` to `from_last_used` instead.")
|
749
|
-
end
|
750
|
-
end
|
751
|
-
end
|
752
|
-
},
|
753
|
-
:environment_timeout_mode => {
|
754
|
-
:default => :from_created,
|
755
|
-
:type => :symbolic_enum,
|
756
|
-
:values => [:from_created, :from_last_used],
|
757
|
-
:desc => "How Puppet interprets the `environment_timeout` setting when
|
758
|
-
`environment_timeout` is neither `0` nor `unlimited`. If set to
|
759
|
-
`from_created`, then the environment will be evicted `environment_timeout`
|
760
|
-
seconds from when it was created. If set to `from_last_used` then the
|
761
|
-
environment will be evicted `environment_timeout` seconds from when it
|
762
|
-
was last used."
|
740
|
+
"
|
763
741
|
},
|
764
742
|
:environment_data_provider => {
|
765
743
|
:desc => "The name of a registered environment data provider used when obtaining environment
|
@@ -834,7 +812,7 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
834
812
|
`certname` setting as its requested Subject CN.
|
835
813
|
|
836
814
|
This is the name used when managing a node's permissions in
|
837
|
-
[auth.conf](https://puppet.com/docs/
|
815
|
+
Puppet Server's [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).
|
838
816
|
In most cases, it is also used as the node's name when matching
|
839
817
|
[node definitions](https://puppet.com/docs/puppet/latest/lang_node_definitions.html)
|
840
818
|
and requesting data from an ENC. (This can be changed with the `node_name_value`
|
@@ -849,9 +827,9 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
849
827
|
only use lowercase letters, numbers, periods, underscores, and dashes. (That is,
|
850
828
|
it should match `/\A[a-z0-9._-]+\Z/`.)
|
851
829
|
* The special value `ca` is reserved, and can't be used as the certname
|
852
|
-
for a normal node.
|
830
|
+
for a normal node.
|
853
831
|
|
854
|
-
**Note:** You must set the certname
|
832
|
+
**Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
|
855
833
|
|
856
834
|
Defaults to the node's fully qualified domain name.",
|
857
835
|
:call_hook => :on_initialize_and_write,
|
@@ -878,8 +856,8 @@ names.
|
|
878
856
|
**Note:** The list of alternate names is locked in when the server's
|
879
857
|
certificate is signed. If you need to change the list later, you can't just
|
880
858
|
change this setting; you also need to regenerate the certificate. For more
|
881
|
-
information on that process, see the
|
882
|
-
|
859
|
+
information on that process, see the [cert regen docs]
|
860
|
+
(https://puppet.com/docs/puppet/latest/ssl_regenerate_certificates.html).
|
883
861
|
|
884
862
|
To see all the alternate names your servers are using, log into your CA server
|
885
863
|
and run `puppetserver ca list --all`, then check the output for `(alt names: ...)`.
|
@@ -984,13 +962,13 @@ EOT
|
|
984
962
|
Generally unused."
|
985
963
|
},
|
986
964
|
:hostcsr => {
|
987
|
-
:default => "$
|
965
|
+
:default => "$requestdir/$certname.pem",
|
988
966
|
:type => :file,
|
989
967
|
:mode => "0644",
|
990
968
|
:owner => "service",
|
991
969
|
:group => "service",
|
992
|
-
:
|
993
|
-
|
970
|
+
:desc => "Where individual hosts store their certificate request (CSR)
|
971
|
+
while waiting for the CA to issue their certificate."
|
994
972
|
},
|
995
973
|
:hostcert => {
|
996
974
|
:default => "$certdir/$certname.pem",
|
@@ -1041,29 +1019,6 @@ EOT
|
|
1041
1019
|
puppet module tool and the 'http' report processor. This setting is ignored when
|
1042
1020
|
making requests to puppet:// URLs such as catalog and report requests.",
|
1043
1021
|
},
|
1044
|
-
:ssl_client_ca_auth => {
|
1045
|
-
:type => :file,
|
1046
|
-
:mode => "0644",
|
1047
|
-
:owner => "service",
|
1048
|
-
:group => "service",
|
1049
|
-
:desc => "Certificate authorities who issue server certificates. SSL servers will not be
|
1050
|
-
considered authentic unless they possess a certificate issued by an authority
|
1051
|
-
listed in this file. If this setting has no value then the Puppet master's CA
|
1052
|
-
certificate (localcacert) will be used.",
|
1053
|
-
:hook => proc do |val|
|
1054
|
-
Puppet.deprecation_warning(_("Setting 'ssl_client_ca_auth' is deprecated."))
|
1055
|
-
end
|
1056
|
-
},
|
1057
|
-
:ssl_server_ca_auth => {
|
1058
|
-
:type => :file,
|
1059
|
-
:mode => "0644",
|
1060
|
-
:owner => "service",
|
1061
|
-
:group => "service",
|
1062
|
-
:deprecated => :completely,
|
1063
|
-
:desc => "The setting is deprecated and has no effect. Ensure all root and
|
1064
|
-
intermediate certificate authorities used to issue client certificates are
|
1065
|
-
contained in the server's `cacert` file on the server."
|
1066
|
-
},
|
1067
1022
|
:hostcrl => {
|
1068
1023
|
:default => "$ssldir/crl.pem",
|
1069
1024
|
:type => :file,
|
@@ -1097,14 +1052,6 @@ EOT
|
|
1097
1052
|
certificate revocation checking and does not attempt to download the CRL.
|
1098
1053
|
EOT
|
1099
1054
|
},
|
1100
|
-
:ciphers => {
|
1101
|
-
:default => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256',
|
1102
|
-
:type => :string,
|
1103
|
-
:desc => "The list of ciphersuites for TLS connections initiated by puppet. The
|
1104
|
-
default value is chosen to support TLS 1.0 and up, but can be made
|
1105
|
-
more restrictive if needed. The ciphersuites must be specified in OpenSSL
|
1106
|
-
format, not IANA."
|
1107
|
-
},
|
1108
1055
|
:key_type => {
|
1109
1056
|
:default => 'rsa',
|
1110
1057
|
:type => :enum,
|
@@ -1148,7 +1095,7 @@ EOT
|
|
1148
1095
|
:type => :string,
|
1149
1096
|
:desc => "Where to send log messages. Choose between 'syslog' (the POSIX syslog
|
1150
1097
|
service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
|
1151
|
-
file.
|
1098
|
+
file."
|
1152
1099
|
# Sure would be nice to set the Puppet::Util::Log destination here in an :on_initialize_and_write hook,
|
1153
1100
|
# unfortunately we have a large number of tests that rely on the logging not resetting itself when the
|
1154
1101
|
# settings are initialized as they test what gets logged during settings initialization.
|
@@ -1165,6 +1112,13 @@ EOT
|
|
1165
1112
|
:default => lambda { default_cadir },
|
1166
1113
|
:type => :directory,
|
1167
1114
|
:desc => "The root directory for the certificate authority.",
|
1115
|
+
:call_hook => :on_initialize_and_write,
|
1116
|
+
:hook => proc do |value|
|
1117
|
+
if value.start_with?(Puppet[:ssldir])
|
1118
|
+
Puppet.log_ca_migration_warning
|
1119
|
+
end
|
1120
|
+
value
|
1121
|
+
end
|
1168
1122
|
},
|
1169
1123
|
:cacert => {
|
1170
1124
|
:default => "$cadir/ca_crt.pem",
|
@@ -1391,34 +1345,25 @@ EOT
|
|
1391
1345
|
by `puppet`, and should only be set if you're writing your own Puppet
|
1392
1346
|
executable.",
|
1393
1347
|
},
|
1394
|
-
:
|
1348
|
+
:serverport => {
|
1395
1349
|
:default => 8140,
|
1350
|
+
:type => :port,
|
1396
1351
|
:desc => "The default port puppet subcommands use to communicate
|
1397
1352
|
with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
|
1398
1353
|
overridden by more specific settings (see `ca_port`, `report_port`).",
|
1354
|
+
:hook => proc do |value|
|
1355
|
+
Puppet[:masterport] = value unless Puppet.settings.set_by_config?(:masterport)
|
1356
|
+
end
|
1399
1357
|
},
|
1400
|
-
:
|
1401
|
-
:
|
1402
|
-
:
|
1403
|
-
|
1404
|
-
|
1405
|
-
|
1406
|
-
:
|
1407
|
-
|
1408
|
-
|
1409
|
-
:hook => proc { |val|
|
1410
|
-
if val != 'cert'
|
1411
|
-
Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
|
1412
|
-
end
|
1413
|
-
},
|
1414
|
-
:desc => "How the puppet master determines the client's identity
|
1415
|
-
and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
|
1416
|
-
in particular for determining which 'node' statement applies to the client.
|
1417
|
-
Possible values are 'cert' (use the subject's CN in the client's
|
1418
|
-
certificate) and 'facter' (use the hostname that the client
|
1419
|
-
reported in its facts).
|
1420
|
-
|
1421
|
-
This setting is deprecated, please use explicit fact matching for classification.",
|
1358
|
+
:masterport => {
|
1359
|
+
:default => "$serverport",
|
1360
|
+
:type => :port,
|
1361
|
+
:desc => "The default port puppet subcommands use to communicate
|
1362
|
+
with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
|
1363
|
+
overridden by more specific settings (see `ca_port`, `report_port`).",
|
1364
|
+
:hook => proc do |value|
|
1365
|
+
Puppet[:serverport] = value unless Puppet.settings.set_by_config?(:serverport)
|
1366
|
+
end
|
1422
1367
|
},
|
1423
1368
|
:bucketdir => {
|
1424
1369
|
:default => "$vardir/bucket",
|
@@ -1428,15 +1373,6 @@ EOT
|
|
1428
1373
|
:group => "service",
|
1429
1374
|
:desc => "Where FileBucket files are stored."
|
1430
1375
|
},
|
1431
|
-
:rest_authconfig => {
|
1432
|
-
:default => "$confdir/auth.conf",
|
1433
|
-
:type => :file,
|
1434
|
-
:deprecated => :completely,
|
1435
|
-
:desc => "The configuration file that defines the rights to the different
|
1436
|
-
rest indirections. This can be used as a fine-grained authorization system for
|
1437
|
-
`puppet master`. The `puppet master` command is deprecated and Puppet Server
|
1438
|
-
uses its own auth.conf that must be placed within its configuration directory.",
|
1439
|
-
},
|
1440
1376
|
:trusted_oid_mapping_file => {
|
1441
1377
|
:default => "$confdir/custom_trusted_oid_mapping.yaml",
|
1442
1378
|
:type => :file,
|
@@ -1517,9 +1453,7 @@ EOT
|
|
1517
1453
|
See the report reference for information on the built-in report
|
1518
1454
|
handlers; custom report handlers can also be loaded from modules.
|
1519
1455
|
(Report handlers are loaded from the lib directory, at
|
1520
|
-
`puppet/reports/NAME.rb`.)
|
1521
|
-
|
1522
|
-
To turn off reports entirely, set this to `none`",
|
1456
|
+
`puppet/reports/NAME.rb`.)",
|
1523
1457
|
},
|
1524
1458
|
:reportdir => {
|
1525
1459
|
:default => "$vardir/reports",
|
@@ -1541,23 +1475,7 @@ EOT
|
|
1541
1475
|
:default => "$confdir/fileserver.conf",
|
1542
1476
|
:type => :file,
|
1543
1477
|
:desc => "Where the fileserver configuration is stored.",
|
1544
|
-
}
|
1545
|
-
:strict_hostname_checking => {
|
1546
|
-
:default => true,
|
1547
|
-
:type => :boolean,
|
1548
|
-
:desc => "Whether to only search for the complete
|
1549
|
-
hostname as it is in the certificate when searching for node information
|
1550
|
-
in the catalogs or to match dot delimited segments of the cert's certname
|
1551
|
-
and the hostname, fqdn, and/or domain facts.
|
1552
|
-
|
1553
|
-
This setting is deprecated and will be removed in a future release.",
|
1554
|
-
:hook => proc { |val|
|
1555
|
-
if val != true
|
1556
|
-
Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
|
1557
|
-
end
|
1558
|
-
}
|
1559
|
-
}
|
1560
|
-
)
|
1478
|
+
})
|
1561
1479
|
|
1562
1480
|
settings.define_settings(:device,
|
1563
1481
|
:devicedir => {
|
@@ -1579,17 +1497,15 @@ EOT
|
|
1579
1497
|
:default => "$certname",
|
1580
1498
|
:desc => "The explicit value used for the node name for all requests the agent
|
1581
1499
|
makes to the master. WARNING: This setting is mutually exclusive with
|
1582
|
-
node_name_fact. Changing this setting also requires changes to
|
1583
|
-
|
1584
|
-
http://links.puppet.com/node_name_value for more information."
|
1500
|
+
node_name_fact. Changing this setting also requires changes to
|
1501
|
+
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
|
1585
1502
|
},
|
1586
1503
|
:node_name_fact => {
|
1587
1504
|
:default => "",
|
1588
1505
|
:desc => "The fact name used to determine the node name used for all requests the agent
|
1589
1506
|
makes to the master. WARNING: This setting is mutually exclusive with
|
1590
|
-
node_name_value. Changing this setting also requires changes to
|
1591
|
-
|
1592
|
-
http://links.puppet.com/node_name_fact for more information.",
|
1507
|
+
node_name_value. Changing this setting also requires changes to
|
1508
|
+
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
|
1593
1509
|
:hook => proc do |value|
|
1594
1510
|
if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
|
1595
1511
|
raise "Cannot specify both the node_name_value and node_name_fact settings"
|
@@ -1687,8 +1603,8 @@ EOT
|
|
1687
1603
|
:server_list => {
|
1688
1604
|
:default => [],
|
1689
1605
|
:type => :server_list,
|
1690
|
-
:desc => "The list of
|
1691
|
-
in the order that they will be tried.",
|
1606
|
+
:desc => "The list of Puppet master servers to which the Puppet agent should connect,
|
1607
|
+
in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
|
1692
1608
|
},
|
1693
1609
|
:use_srv_records => {
|
1694
1610
|
:default => false,
|
@@ -1764,6 +1680,7 @@ EOT
|
|
1764
1680
|
},
|
1765
1681
|
:ca_port => {
|
1766
1682
|
:default => "$serverport",
|
1683
|
+
:type => :port,
|
1767
1684
|
:desc => "The port to use for the certificate authority.",
|
1768
1685
|
},
|
1769
1686
|
:preferred_serialization_format => {
|
@@ -1782,7 +1699,7 @@ EOT
|
|
1782
1699
|
},
|
1783
1700
|
:agent_disabled_lockfile => {
|
1784
1701
|
:default => "$statedir/agent_disabled.lock",
|
1785
|
-
:type => :
|
1702
|
+
:type => :file,
|
1786
1703
|
:desc => "A lock file to indicate that puppet agent runs have been administratively
|
1787
1704
|
disabled. File contains a JSON object with state information.",
|
1788
1705
|
},
|
@@ -1853,6 +1770,7 @@ EOT
|
|
1853
1770
|
},
|
1854
1771
|
:report_port => {
|
1855
1772
|
:default => "$serverport",
|
1773
|
+
:type => :port,
|
1856
1774
|
:desc => "The port to communicate with the report_server.",
|
1857
1775
|
},
|
1858
1776
|
:report => {
|
@@ -1882,10 +1800,16 @@ EOT
|
|
1882
1800
|
for the node stored in puppetdb are current. However, this will double the fact
|
1883
1801
|
submission load on puppetdb, so it is disabled by default.",
|
1884
1802
|
},
|
1803
|
+
:publicdir => {
|
1804
|
+
:default => nil,
|
1805
|
+
:type => :directory,
|
1806
|
+
:mode => "0755",
|
1807
|
+
:desc => "Where Puppet stores public files."
|
1808
|
+
},
|
1885
1809
|
:lastrunfile => {
|
1886
|
-
:default => "$
|
1810
|
+
:default => "$publicdir/last_run_summary.yaml",
|
1887
1811
|
:type => :file,
|
1888
|
-
:mode => "
|
1812
|
+
:mode => "0640",
|
1889
1813
|
:desc => "Where puppet agent stores the last run report summary in yaml format."
|
1890
1814
|
},
|
1891
1815
|
:lastrunreport => {
|
@@ -1965,7 +1889,7 @@ EOT
|
|
1965
1889
|
:type => :ttl,
|
1966
1890
|
:desc => "The maximum amount of time the puppet agent should wait for an
|
1967
1891
|
already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
|
1968
|
-
A value of `unlimited` will cause puppet agent to wait indefinitely.
|
1892
|
+
A value of `unlimited` will cause puppet agent to wait indefinitely.
|
1969
1893
|
#{AS_DURATION}",
|
1970
1894
|
}
|
1971
1895
|
)
|
@@ -2022,7 +1946,7 @@ EOT
|
|
2022
1946
|
:desc => "What files to ignore when pulling down plugins.",
|
2023
1947
|
},
|
2024
1948
|
:ignore_plugin_errors => {
|
2025
|
-
:default =>
|
1949
|
+
:default => false,
|
2026
1950
|
:type => :boolean,
|
2027
1951
|
:desc => "Whether the puppet run should ignore errors during pluginsync. If the setting
|
2028
1952
|
is false and there are errors during pluginsync, then the agent will abort the run and
|
@@ -2237,22 +2161,6 @@ EOT
|
|
2237
2161
|
referencing variables that are explicitly set to undef).
|
2238
2162
|
EOT
|
2239
2163
|
},
|
2240
|
-
:func3x_check => {
|
2241
|
-
:default => true,
|
2242
|
-
:type => :boolean,
|
2243
|
-
:desc => <<-'EOT',
|
2244
|
-
Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that
|
2245
|
-
could cause harm or that simply does not work. This flag is on by default. This flag is made available
|
2246
|
-
so that the validation can be turned off in case the method of validation is faulty - if encountered, please
|
2247
|
-
file a bug report.
|
2248
|
-
EOT
|
2249
|
-
:call_hook => :on_initialize_and_write,
|
2250
|
-
:hook => proc do |value|
|
2251
|
-
unless value
|
2252
|
-
Puppet.deprecation_warning(_("The 'func3x_check' setting is deprecated and will be removed in a future release."))
|
2253
|
-
end
|
2254
|
-
end
|
2255
|
-
},
|
2256
2164
|
:tasks => {
|
2257
2165
|
:default => false,
|
2258
2166
|
:type => :boolean,
|