puppet 6.24.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (613) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +16 -2
  3. data/CONTRIBUTING.md +5 -5
  4. data/Gemfile +1 -3
  5. data/Gemfile.lock +35 -47
  6. data/README.md +5 -5
  7. data/conf/fileserver.conf +5 -10
  8. data/ext/build_defaults.yaml +1 -1
  9. data/ext/osx/file_mapping.yaml +0 -5
  10. data/ext/osx/puppet.plist +0 -2
  11. data/ext/project_data.yaml +1 -15
  12. data/ext/redhat/puppet.spec.erb +0 -1
  13. data/ext/windows/service/daemon.rb +6 -5
  14. data/install.rb +21 -17
  15. data/lib/puppet.rb +14 -23
  16. data/lib/puppet/application.rb +178 -108
  17. data/lib/puppet/application/agent.rb +4 -12
  18. data/lib/puppet/application/apply.rb +2 -4
  19. data/lib/puppet/application/device.rb +100 -106
  20. data/lib/puppet/application/filebucket.rb +13 -10
  21. data/lib/puppet/application/resource.rb +3 -17
  22. data/lib/puppet/application/script.rb +0 -2
  23. data/lib/puppet/application/ssl.rb +1 -13
  24. data/lib/puppet/application_support.rb +0 -7
  25. data/lib/puppet/configurer.rb +30 -45
  26. data/lib/puppet/configurer/downloader.rb +1 -2
  27. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  28. data/lib/puppet/defaults.rb +100 -192
  29. data/lib/puppet/environments.rb +60 -84
  30. data/lib/puppet/face/facts.rb +5 -103
  31. data/lib/puppet/face/help.rb +1 -1
  32. data/lib/puppet/face/help/action.erb +0 -1
  33. data/lib/puppet/face/help/face.erb +0 -1
  34. data/lib/puppet/face/node/clean.rb +0 -11
  35. data/lib/puppet/face/plugin.rb +5 -8
  36. data/lib/puppet/ffi/windows.rb +12 -0
  37. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  38. data/lib/puppet/ffi/windows/constants.rb +404 -0
  39. data/lib/puppet/ffi/windows/functions.rb +628 -0
  40. data/lib/puppet/ffi/windows/structs.rb +338 -0
  41. data/lib/puppet/file_serving/configuration.rb +0 -5
  42. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  43. data/lib/puppet/file_serving/fileset.rb +2 -14
  44. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  45. data/lib/puppet/file_serving/mount.rb +1 -2
  46. data/lib/puppet/file_system/file_impl.rb +1 -1
  47. data/lib/puppet/file_system/memory_file.rb +1 -8
  48. data/lib/puppet/file_system/windows.rb +2 -4
  49. data/lib/puppet/forge.rb +3 -3
  50. data/lib/puppet/forge/repository.rb +0 -1
  51. data/lib/puppet/functions/all.rb +1 -1
  52. data/lib/puppet/functions/camelcase.rb +1 -1
  53. data/lib/puppet/functions/capitalize.rb +2 -2
  54. data/lib/puppet/functions/downcase.rb +2 -2
  55. data/lib/puppet/functions/empty.rb +0 -8
  56. data/lib/puppet/functions/get.rb +5 -5
  57. data/lib/puppet/functions/group_by.rb +5 -13
  58. data/lib/puppet/functions/lest.rb +1 -1
  59. data/lib/puppet/functions/new.rb +100 -100
  60. data/lib/puppet/functions/partition.rb +4 -12
  61. data/lib/puppet/functions/require.rb +5 -5
  62. data/lib/puppet/functions/sort.rb +3 -3
  63. data/lib/puppet/functions/strftime.rb +0 -1
  64. data/lib/puppet/functions/tree_each.rb +9 -7
  65. data/lib/puppet/functions/type.rb +4 -4
  66. data/lib/puppet/functions/unwrap.rb +2 -17
  67. data/lib/puppet/functions/upcase.rb +2 -2
  68. data/lib/puppet/generate/models/type/type.rb +4 -1
  69. data/lib/puppet/http.rb +22 -13
  70. data/lib/puppet/http/client.rb +164 -114
  71. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  72. data/lib/puppet/http/errors.rb +16 -0
  73. data/lib/puppet/http/external_client.rb +5 -7
  74. data/lib/puppet/{network/http → http}/factory.rb +8 -15
  75. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  76. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  77. data/lib/puppet/http/proxy.rb +137 -0
  78. data/lib/puppet/http/redirector.rb +4 -12
  79. data/lib/puppet/http/resolver.rb +5 -15
  80. data/lib/puppet/http/resolver/server_list.rb +10 -25
  81. data/lib/puppet/http/resolver/settings.rb +4 -7
  82. data/lib/puppet/http/resolver/srv.rb +7 -11
  83. data/lib/puppet/http/response.rb +36 -54
  84. data/lib/puppet/http/response_converter.rb +24 -0
  85. data/lib/puppet/http/response_net_http.rb +42 -0
  86. data/lib/puppet/http/retry_after_handler.rb +4 -13
  87. data/lib/puppet/http/service.rb +12 -26
  88. data/lib/puppet/http/service/ca.rb +11 -22
  89. data/lib/puppet/http/service/compiler.rb +22 -138
  90. data/lib/puppet/http/service/file_server.rb +19 -29
  91. data/lib/puppet/http/service/puppetserver.rb +26 -12
  92. data/lib/puppet/http/service/report.rb +8 -10
  93. data/lib/puppet/http/session.rb +11 -20
  94. data/lib/puppet/{network/http → http}/site.rb +1 -2
  95. data/lib/puppet/indirector/catalog/compiler.rb +0 -1
  96. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  97. data/lib/puppet/indirector/facts/rest.rb +3 -22
  98. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  99. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  100. data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
  101. data/lib/puppet/indirector/file_server.rb +1 -8
  102. data/lib/puppet/indirector/generic_http.rb +0 -11
  103. data/lib/puppet/indirector/node/rest.rb +2 -4
  104. data/lib/puppet/indirector/report/rest.rb +3 -8
  105. data/lib/puppet/indirector/request.rb +0 -101
  106. data/lib/puppet/indirector/resource/ral.rb +1 -6
  107. data/lib/puppet/indirector/rest.rb +12 -263
  108. data/lib/puppet/interface/documentation.rb +0 -1
  109. data/lib/puppet/module_tool/applications.rb +0 -1
  110. data/lib/puppet/module_tool/applications/installer.rb +2 -52
  111. data/lib/puppet/module_tool/errors/shared.rb +2 -34
  112. data/lib/puppet/network/authconfig.rb +2 -96
  113. data/lib/puppet/network/authorization.rb +13 -35
  114. data/lib/puppet/network/formats.rb +0 -67
  115. data/lib/puppet/network/http.rb +3 -3
  116. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  117. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  118. data/lib/puppet/network/http/connection.rb +247 -316
  119. data/lib/puppet/network/http/handler.rb +0 -1
  120. data/lib/puppet/network/http_pool.rb +16 -34
  121. data/lib/puppet/node.rb +1 -30
  122. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  123. data/lib/puppet/pal/pal_impl.rb +3 -1
  124. data/lib/puppet/parser/ast/leaf.rb +2 -3
  125. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  126. data/lib/puppet/parser/compiler.rb +0 -198
  127. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  128. data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
  129. data/lib/puppet/parser/resource.rb +0 -69
  130. data/lib/puppet/parser/templatewrapper.rb +1 -1
  131. data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
  132. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  133. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  134. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  135. data/lib/puppet/pops/issues.rb +0 -5
  136. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  137. data/lib/puppet/pops/model/ast.pp +0 -42
  138. data/lib/puppet/pops/model/ast.rb +0 -290
  139. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  140. data/lib/puppet/pops/model/factory.rb +0 -45
  141. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  142. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  143. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  144. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  145. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  146. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  147. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  148. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  149. data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
  150. data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
  151. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  152. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  153. data/lib/puppet/pops/types/type_parser.rb +0 -4
  154. data/lib/puppet/pops/types/types.rb +0 -1
  155. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  156. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  157. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  158. data/lib/puppet/property/list.rb +1 -1
  159. data/lib/puppet/provider.rb +0 -13
  160. data/lib/puppet/provider/exec/posix.rb +4 -16
  161. data/lib/puppet/provider/group/groupadd.rb +8 -13
  162. data/lib/puppet/provider/nameservice.rb +0 -18
  163. data/lib/puppet/provider/package/apt.rb +2 -34
  164. data/lib/puppet/provider/package/aptitude.rb +0 -6
  165. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  166. data/lib/puppet/provider/package/dpkg.rb +0 -10
  167. data/lib/puppet/provider/package/gem.rb +23 -3
  168. data/lib/puppet/provider/package/nim.rb +6 -11
  169. data/lib/puppet/provider/package/pip.rb +3 -16
  170. data/lib/puppet/provider/package/pkg.rb +0 -4
  171. data/lib/puppet/provider/package/portage.rb +1 -1
  172. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  173. data/lib/puppet/provider/parsedfile.rb +0 -3
  174. data/lib/puppet/provider/service/debian.rb +0 -2
  175. data/lib/puppet/provider/service/smf.rb +191 -73
  176. data/lib/puppet/provider/service/systemd.rb +4 -14
  177. data/lib/puppet/provider/service/windows.rb +0 -38
  178. data/lib/puppet/provider/user/aix.rb +2 -2
  179. data/lib/puppet/provider/user/directoryservice.rb +10 -33
  180. data/lib/puppet/provider/user/useradd.rb +8 -62
  181. data/lib/puppet/reference/configuration.rb +8 -7
  182. data/lib/puppet/reference/indirection.rb +1 -1
  183. data/lib/puppet/resource.rb +1 -89
  184. data/lib/puppet/resource/catalog.rb +1 -14
  185. data/lib/puppet/resource/type.rb +3 -119
  186. data/lib/puppet/resource/type_collection.rb +3 -48
  187. data/lib/puppet/runtime.rb +1 -2
  188. data/lib/puppet/settings.rb +80 -96
  189. data/lib/puppet/settings/environment_conf.rb +0 -1
  190. data/lib/puppet/settings/integer_setting.rb +17 -0
  191. data/lib/puppet/settings/port_setting.rb +15 -0
  192. data/lib/puppet/settings/priority_setting.rb +5 -4
  193. data/lib/puppet/ssl.rb +10 -6
  194. data/lib/puppet/ssl/base.rb +3 -5
  195. data/lib/puppet/ssl/certificate.rb +0 -6
  196. data/lib/puppet/ssl/certificate_request.rb +1 -12
  197. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  198. data/lib/puppet/ssl/oids.rb +3 -1
  199. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  200. data/lib/puppet/ssl/state_machine.rb +3 -1
  201. data/lib/puppet/ssl/verifier.rb +2 -0
  202. data/lib/puppet/test/test_helper.rb +1 -3
  203. data/lib/puppet/transaction.rb +1 -7
  204. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  205. data/lib/puppet/transaction/report.rb +2 -4
  206. data/lib/puppet/type.rb +0 -76
  207. data/lib/puppet/type/exec.rb +3 -16
  208. data/lib/puppet/type/file.rb +6 -26
  209. data/lib/puppet/type/file/checksum.rb +1 -1
  210. data/lib/puppet/type/file/mode.rb +0 -6
  211. data/lib/puppet/type/file/selcontext.rb +1 -1
  212. data/lib/puppet/type/file/source.rb +1 -1
  213. data/lib/puppet/type/filebucket.rb +3 -3
  214. data/lib/puppet/type/package.rb +8 -16
  215. data/lib/puppet/type/service.rb +38 -18
  216. data/lib/puppet/type/tidy.rb +3 -22
  217. data/lib/puppet/type/user.rb +20 -38
  218. data/lib/puppet/util/autoload.rb +8 -1
  219. data/lib/puppet/util/execution.rb +0 -11
  220. data/lib/puppet/util/http_proxy.rb +2 -215
  221. data/lib/puppet/util/monkey_patches.rb +0 -53
  222. data/lib/puppet/util/posix.rb +5 -54
  223. data/lib/puppet/util/rdoc.rb +0 -7
  224. data/lib/puppet/util/retry_action.rb +1 -1
  225. data/lib/puppet/util/run_mode.rb +9 -1
  226. data/lib/puppet/util/selinux.rb +4 -30
  227. data/lib/puppet/util/symbolic_file_mode.rb +17 -29
  228. data/lib/puppet/util/windows.rb +3 -8
  229. data/lib/puppet/util/windows/adsi.rb +0 -46
  230. data/lib/puppet/util/windows/daemon.rb +360 -0
  231. data/lib/puppet/util/windows/error.rb +1 -0
  232. data/lib/puppet/util/windows/eventlog.rb +4 -9
  233. data/lib/puppet/util/windows/file.rb +8 -242
  234. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  235. data/lib/puppet/util/windows/principal.rb +2 -9
  236. data/lib/puppet/util/windows/process.rb +4 -226
  237. data/lib/puppet/util/windows/service.rb +9 -460
  238. data/lib/puppet/util/windows/sid.rb +2 -6
  239. data/lib/puppet/util/windows/string.rb +12 -13
  240. data/lib/puppet/util/yaml.rb +0 -22
  241. data/lib/puppet/vendor/require_vendored.rb +0 -1
  242. data/lib/puppet/version.rb +1 -1
  243. data/lib/puppet/x509.rb +5 -1
  244. data/lib/puppet/x509/cert_provider.rb +29 -1
  245. data/locales/puppet.pot +722 -1527
  246. data/man/man5/puppet.conf.5 +266 -354
  247. data/man/man8/puppet-agent.8 +2 -2
  248. data/man/man8/puppet-apply.8 +2 -2
  249. data/man/man8/puppet-catalog.8 +9 -9
  250. data/man/man8/puppet-config.8 +1 -1
  251. data/man/man8/puppet-describe.8 +1 -1
  252. data/man/man8/puppet-device.8 +2 -2
  253. data/man/man8/puppet-doc.8 +1 -1
  254. data/man/man8/puppet-epp.8 +1 -1
  255. data/man/man8/puppet-facts.8 +8 -51
  256. data/man/man8/puppet-filebucket.8 +4 -4
  257. data/man/man8/puppet-generate.8 +1 -1
  258. data/man/man8/puppet-help.8 +1 -1
  259. data/man/man8/puppet-lookup.8 +1 -1
  260. data/man/man8/puppet-module.8 +1 -58
  261. data/man/man8/puppet-node.8 +5 -5
  262. data/man/man8/puppet-parser.8 +1 -1
  263. data/man/man8/puppet-plugin.8 +1 -1
  264. data/man/man8/puppet-report.8 +5 -5
  265. data/man/man8/puppet-resource.8 +1 -1
  266. data/man/man8/puppet-script.8 +2 -2
  267. data/man/man8/puppet-ssl.8 +1 -5
  268. data/man/man8/puppet.8 +2 -2
  269. data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
  270. data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
  271. data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
  272. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
  273. data/spec/fixtures/ssl/ca.pem +35 -57
  274. data/spec/fixtures/ssl/crl.pem +18 -28
  275. data/spec/fixtures/ssl/ec-key.pem +11 -11
  276. data/spec/fixtures/ssl/ec.pem +24 -33
  277. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  278. data/spec/fixtures/ssl/encrypted-key.pem +58 -108
  279. data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
  280. data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
  281. data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
  282. data/spec/fixtures/ssl/intermediate.pem +36 -57
  283. data/spec/fixtures/ssl/pluto-key.pem +57 -107
  284. data/spec/fixtures/ssl/pluto.pem +30 -52
  285. data/spec/fixtures/ssl/request-key.pem +57 -107
  286. data/spec/fixtures/ssl/request.pem +26 -47
  287. data/spec/fixtures/ssl/revoked-key.pem +57 -107
  288. data/spec/fixtures/ssl/revoked.pem +30 -52
  289. data/spec/fixtures/ssl/signed-key.pem +57 -107
  290. data/spec/fixtures/ssl/signed.pem +30 -52
  291. data/spec/fixtures/ssl/tampered-cert.pem +30 -52
  292. data/spec/fixtures/ssl/tampered-csr.pem +26 -47
  293. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
  294. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
  295. data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
  296. data/spec/fixtures/ssl/unknown-ca.pem +33 -55
  297. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  298. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
  299. data/spec/integration/application/agent_spec.rb +27 -171
  300. data/spec/integration/application/apply_spec.rb +1 -20
  301. data/spec/integration/application/filebucket_spec.rb +16 -27
  302. data/spec/integration/application/help_spec.rb +2 -0
  303. data/spec/integration/application/module_spec.rb +0 -21
  304. data/spec/integration/application/plugin_spec.rb +24 -2
  305. data/spec/integration/defaults_spec.rb +14 -3
  306. data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
  307. data/spec/integration/http/client_spec.rb +0 -12
  308. data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
  309. data/spec/integration/indirector/facts/facter_spec.rb +36 -90
  310. data/spec/integration/network/http_pool_spec.rb +3 -21
  311. data/spec/integration/parser/catalog_spec.rb +0 -38
  312. data/spec/integration/parser/node_spec.rb +0 -9
  313. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  314. data/spec/integration/resource/type_collection_spec.rb +6 -2
  315. data/spec/integration/transaction_spec.rb +9 -4
  316. data/spec/integration/type/exec_spec.rb +45 -70
  317. data/spec/integration/type/file_spec.rb +5 -4
  318. data/spec/integration/util/windows/adsi_spec.rb +1 -21
  319. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  320. data/spec/integration/util/windows/principal_spec.rb +0 -21
  321. data/spec/integration/util/windows/registry_spec.rb +10 -6
  322. data/spec/integration/util/windows/security_spec.rb +1 -1
  323. data/spec/lib/matchers/include.rb +27 -0
  324. data/spec/lib/matchers/include_spec.rb +32 -0
  325. data/spec/lib/puppet/test_ca.rb +2 -7
  326. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  327. data/spec/lib/puppet_spec/settings.rb +1 -1
  328. data/spec/spec_helper.rb +7 -12
  329. data/spec/unit/agent_spec.rb +6 -10
  330. data/spec/unit/application/agent_spec.rb +3 -7
  331. data/spec/unit/application/facts_spec.rb +12 -456
  332. data/spec/unit/application/filebucket_spec.rb +43 -39
  333. data/spec/unit/application/ssl_spec.rb +2 -25
  334. data/spec/unit/application_spec.rb +9 -51
  335. data/spec/unit/certificate_factory_spec.rb +1 -1
  336. data/spec/unit/configurer/downloader_spec.rb +6 -8
  337. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  338. data/spec/unit/configurer_spec.rb +12 -32
  339. data/spec/unit/confine/feature_spec.rb +1 -1
  340. data/spec/unit/confine_spec.rb +2 -8
  341. data/spec/unit/context/trusted_information_spec.rb +2 -6
  342. data/spec/unit/defaults_spec.rb +68 -54
  343. data/spec/unit/environments_spec.rb +68 -259
  344. data/spec/unit/face/node_spec.rb +11 -0
  345. data/spec/unit/face/plugin_spec.rb +73 -33
  346. data/spec/unit/file_bucket/file_spec.rb +1 -1
  347. data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
  348. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  349. data/spec/unit/file_serving/fileset_spec.rb +0 -60
  350. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  351. data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
  352. data/spec/unit/file_system_spec.rb +0 -15
  353. data/spec/unit/forge/module_release_spec.rb +7 -2
  354. data/spec/unit/functions/assert_type_spec.rb +1 -1
  355. data/spec/unit/functions/camelcase_spec.rb +1 -1
  356. data/spec/unit/functions/capitalize_spec.rb +1 -1
  357. data/spec/unit/functions/downcase_spec.rb +1 -1
  358. data/spec/unit/functions/empty_spec.rb +0 -10
  359. data/spec/unit/functions/unwrap_spec.rb +0 -8
  360. data/spec/unit/functions/upcase_spec.rb +1 -1
  361. data/spec/unit/functions4_spec.rb +2 -2
  362. data/spec/unit/gettext/config_spec.rb +0 -12
  363. data/spec/unit/http/client_spec.rb +7 -8
  364. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  365. data/spec/unit/http/external_client_spec.rb +4 -4
  366. data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
  367. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  368. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  369. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  370. data/spec/unit/http/resolver_spec.rb +13 -13
  371. data/spec/unit/http/service/compiler_spec.rb +0 -185
  372. data/spec/unit/http/service/file_server_spec.rb +3 -3
  373. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  374. data/spec/unit/http/service_spec.rb +0 -1
  375. data/spec/unit/http/session_spec.rb +16 -14
  376. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  377. data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
  378. data/spec/unit/indirector/face_spec.rb +1 -0
  379. data/spec/unit/indirector/facts/facter_spec.rb +3 -0
  380. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  381. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
  382. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  383. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  384. data/spec/unit/indirector/file_server_spec.rb +1 -15
  385. data/spec/unit/indirector/indirection_spec.rb +12 -8
  386. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  387. data/spec/unit/indirector/request_spec.rb +0 -264
  388. data/spec/unit/indirector/resource/ral_spec.rb +75 -40
  389. data/spec/unit/indirector/rest_spec.rb +98 -752
  390. data/spec/unit/indirector_spec.rb +2 -2
  391. data/spec/unit/module_tool/applications/installer_spec.rb +0 -78
  392. data/spec/unit/network/authconfig_spec.rb +2 -129
  393. data/spec/unit/network/authorization_spec.rb +2 -55
  394. data/spec/unit/network/formats_spec.rb +4 -45
  395. data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
  396. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  397. data/spec/unit/network/http/api_spec.rb +10 -0
  398. data/spec/unit/network/http/connection_spec.rb +19 -41
  399. data/spec/unit/network/http/handler_spec.rb +0 -1
  400. data/spec/unit/network/http_pool_spec.rb +0 -4
  401. data/spec/unit/node/environment_spec.rb +33 -21
  402. data/spec/unit/node_spec.rb +2 -54
  403. data/spec/unit/parser/compiler_spec.rb +19 -3
  404. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  405. data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
  406. data/spec/unit/parser/resource_spec.rb +8 -14
  407. data/spec/unit/parser/templatewrapper_spec.rb +5 -16
  408. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  409. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  410. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  411. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  412. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  413. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  414. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  415. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  416. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
  417. data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
  418. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  419. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  420. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  421. data/spec/unit/pops/visitor_spec.rb +1 -1
  422. data/spec/unit/property_spec.rb +0 -1
  423. data/spec/unit/provider/group/groupadd_spec.rb +2 -5
  424. data/spec/unit/provider/nameservice_spec.rb +64 -122
  425. data/spec/unit/provider/package/apt_spec.rb +23 -28
  426. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  427. data/spec/unit/provider/package/base_spec.rb +5 -6
  428. data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
  429. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  430. data/spec/unit/provider/package/gem_spec.rb +32 -0
  431. data/spec/unit/provider/package/nim_spec.rb +0 -42
  432. data/spec/unit/provider/package/pacman_spec.rb +12 -18
  433. data/spec/unit/provider/package/pip_spec.rb +11 -43
  434. data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
  435. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  436. data/spec/unit/provider/parsedfile_spec.rb +0 -10
  437. data/spec/unit/provider/service/init_spec.rb +0 -1
  438. data/spec/unit/provider/service/openwrt_spec.rb +1 -3
  439. data/spec/unit/provider/service/smf_spec.rb +401 -165
  440. data/spec/unit/provider/service/systemd_spec.rb +8 -53
  441. data/spec/unit/provider/service/windows_spec.rb +0 -203
  442. data/spec/unit/provider/user/aix_spec.rb +0 -5
  443. data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
  444. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  445. data/spec/unit/provider/user/pw_spec.rb +0 -2
  446. data/spec/unit/provider/user/useradd_spec.rb +3 -71
  447. data/spec/unit/provider_spec.rb +8 -18
  448. data/spec/unit/resource/catalog_spec.rb +1 -1
  449. data/spec/unit/resource/type_collection_spec.rb +2 -22
  450. data/spec/unit/resource/type_spec.rb +1 -1
  451. data/spec/unit/resource_spec.rb +10 -67
  452. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  453. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  454. data/spec/unit/settings/port_setting_spec.rb +31 -0
  455. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  456. data/spec/unit/settings_spec.rb +79 -110
  457. data/spec/unit/ssl/base_spec.rb +37 -3
  458. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  459. data/spec/unit/ssl/certificate_spec.rb +2 -11
  460. data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
  461. data/spec/unit/ssl/state_machine_spec.rb +5 -20
  462. data/spec/unit/ssl/verifier_spec.rb +0 -21
  463. data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
  464. data/spec/unit/transaction/event_manager_spec.rb +11 -14
  465. data/spec/unit/transaction/report_spec.rb +0 -2
  466. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  467. data/spec/unit/transaction_spec.rb +55 -96
  468. data/spec/unit/type/exec_spec.rb +29 -76
  469. data/spec/unit/type/file/checksum_spec.rb +6 -6
  470. data/spec/unit/type/file/content_spec.rb +2 -1
  471. data/spec/unit/type/file/ensure_spec.rb +1 -1
  472. data/spec/unit/type/file/mode_spec.rb +1 -1
  473. data/spec/unit/type/file/selinux_spec.rb +5 -3
  474. data/spec/unit/type/file/source_spec.rb +4 -5
  475. data/spec/unit/type/file_spec.rb +18 -6
  476. data/spec/unit/type/group_spec.rb +6 -13
  477. data/spec/unit/type/package_spec.rb +1 -1
  478. data/spec/unit/type/resources_spec.rb +7 -7
  479. data/spec/unit/type/service_spec.rb +189 -60
  480. data/spec/unit/type/tidy_spec.rb +8 -24
  481. data/spec/unit/type/user_spec.rb +0 -45
  482. data/spec/unit/type_spec.rb +22 -2
  483. data/spec/unit/util/at_fork_spec.rb +2 -2
  484. data/spec/unit/util/autoload_spec.rb +1 -5
  485. data/spec/unit/util/backups_spec.rb +2 -3
  486. data/spec/unit/util/execution_spec.rb +11 -44
  487. data/spec/unit/util/inifile_spec.rb +14 -6
  488. data/spec/unit/util/log_spec.rb +7 -8
  489. data/spec/unit/util/logging_spec.rb +3 -3
  490. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  491. data/spec/unit/util/posix_spec.rb +15 -363
  492. data/spec/unit/util/run_mode_spec.rb +21 -121
  493. data/spec/unit/util/selinux_spec.rb +68 -163
  494. data/spec/unit/util/storage_spec.rb +1 -3
  495. data/spec/unit/util/suidmanager_spec.rb +41 -44
  496. data/spec/unit/util/windows/sid_spec.rb +0 -41
  497. data/spec/unit/util/windows/string_spec.rb +1 -3
  498. data/spec/unit/util/yaml_spec.rb +0 -54
  499. data/spec/unit/util_spec.rb +6 -31
  500. data/tasks/generate_cert_fixtures.rake +3 -12
  501. metadata +45 -253
  502. data/conf/auth.conf +0 -150
  503. data/lib/puppet/application/cert.rb +0 -76
  504. data/lib/puppet/application/key.rb +0 -4
  505. data/lib/puppet/application/man.rb +0 -4
  506. data/lib/puppet/application/status.rb +0 -4
  507. data/lib/puppet/face/key.rb +0 -16
  508. data/lib/puppet/face/man.rb +0 -145
  509. data/lib/puppet/face/module/build.rb +0 -14
  510. data/lib/puppet/face/module/generate.rb +0 -14
  511. data/lib/puppet/face/module/search.rb +0 -103
  512. data/lib/puppet/face/status.rb +0 -51
  513. data/lib/puppet/ffi/posix.rb +0 -10
  514. data/lib/puppet/ffi/posix/constants.rb +0 -14
  515. data/lib/puppet/ffi/posix/functions.rb +0 -24
  516. data/lib/puppet/indirector/certificate/file.rb +0 -9
  517. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  518. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  519. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  520. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  521. data/lib/puppet/indirector/file_content/http.rb +0 -22
  522. data/lib/puppet/indirector/key/file.rb +0 -46
  523. data/lib/puppet/indirector/key/memory.rb +0 -7
  524. data/lib/puppet/indirector/ssl_file.rb +0 -162
  525. data/lib/puppet/indirector/status.rb +0 -3
  526. data/lib/puppet/indirector/status/local.rb +0 -12
  527. data/lib/puppet/indirector/status/rest.rb +0 -27
  528. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  529. data/lib/puppet/network/auth_config_parser.rb +0 -90
  530. data/lib/puppet/network/authstore.rb +0 -283
  531. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  532. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  533. data/lib/puppet/network/http/base_pool.rb +0 -36
  534. data/lib/puppet/network/http/compression.rb +0 -127
  535. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  536. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  537. data/lib/puppet/network/rest_controller.rb +0 -2
  538. data/lib/puppet/network/rights.rb +0 -210
  539. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  540. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  541. data/lib/puppet/parser/environment_compiler.rb +0 -202
  542. data/lib/puppet/pops/types/enumeration.rb +0 -16
  543. data/lib/puppet/resource/capability_finder.rb +0 -154
  544. data/lib/puppet/rest/errors.rb +0 -15
  545. data/lib/puppet/rest/response.rb +0 -35
  546. data/lib/puppet/rest/route.rb +0 -85
  547. data/lib/puppet/rest/routes.rb +0 -135
  548. data/lib/puppet/settings/alias_setting.rb +0 -37
  549. data/lib/puppet/ssl/host.rb +0 -505
  550. data/lib/puppet/ssl/key.rb +0 -61
  551. data/lib/puppet/ssl/validator.rb +0 -61
  552. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  553. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  554. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  555. data/lib/puppet/status.rb +0 -40
  556. data/lib/puppet/util/connection.rb +0 -88
  557. data/lib/puppet/util/fact_dif.rb +0 -81
  558. data/lib/puppet/util/ssl.rb +0 -83
  559. data/lib/puppet/util/windows/api_types.rb +0 -309
  560. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  561. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  562. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  563. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  564. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  565. data/lib/puppet/vendor/pathspec/README.md +0 -53
  566. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  567. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  568. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  569. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  570. data/man/man8/puppet-key.8 +0 -126
  571. data/man/man8/puppet-man.8 +0 -76
  572. data/man/man8/puppet-status.8 +0 -108
  573. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
  574. data/spec/fixtures/ssl/oid-key.pem +0 -117
  575. data/spec/fixtures/ssl/oid.pem +0 -69
  576. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
  577. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
  578. data/spec/integration/application/resource_spec.rb +0 -64
  579. data/spec/integration/application/ssl_spec.rb +0 -20
  580. data/spec/integration/network/authconfig_spec.rb +0 -256
  581. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  582. data/spec/unit/application/man_spec.rb +0 -52
  583. data/spec/unit/capability_spec.rb +0 -414
  584. data/spec/unit/face/key_spec.rb +0 -9
  585. data/spec/unit/face/module/search_spec.rb +0 -231
  586. data/spec/unit/face/status_spec.rb +0 -9
  587. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  588. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  589. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  590. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  591. data/spec/unit/indirector/key/file_spec.rb +0 -78
  592. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  593. data/spec/unit/indirector/status/local_spec.rb +0 -10
  594. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  595. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  596. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  597. data/spec/unit/network/authstore_spec.rb +0 -422
  598. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  599. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  600. data/spec/unit/network/http/compression_spec.rb +0 -240
  601. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  602. data/spec/unit/network/http_spec.rb +0 -9
  603. data/spec/unit/network/rights_spec.rb +0 -439
  604. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  605. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
  606. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  607. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  608. data/spec/unit/rest/route_spec.rb +0 -132
  609. data/spec/unit/ssl/host_spec.rb +0 -645
  610. data/spec/unit/ssl/key_spec.rb +0 -173
  611. data/spec/unit/ssl/validator_spec.rb +0 -278
  612. data/spec/unit/status_spec.rb +0 -45
  613. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -53,13 +53,6 @@ module Puppet
53
53
  route_file = Puppet[:route_file]
54
54
  if Puppet::FileSystem.exist?(route_file)
55
55
  routes = Puppet::Util::Yaml.safe_load_file(route_file, [Symbol])
56
- if routes["server"] && routes["master"]
57
- Puppet.warning("Route file #{route_file} contains both server and master route settings.")
58
- elsif routes["server"] && !routes["master"]
59
- routes["master"] = routes["server"]
60
- elsif routes["master"] && !routes["server"]
61
- routes["server"] = routes["master"]
62
- end
63
56
  application_routes = routes[application_name]
64
57
  Puppet::Indirector.configure_routes(application_routes) if application_routes
65
58
  end
@@ -112,7 +112,7 @@ class Puppet::Configurer
112
112
  catalog_conversion_time = thinmark do
113
113
  # Will mutate the result and replace all Deferred values with resolved values
114
114
  if facts
115
- Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result, Puppet.lookup(:current_environment))
115
+ Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
116
116
  end
117
117
 
118
118
  catalog = result.to_ral
@@ -202,7 +202,6 @@ class Puppet::Configurer
202
202
  # This just passes any options on to the catalog,
203
203
  # which accepts :tags and :ignoreschedules.
204
204
  def run(options = {})
205
- pool = Puppet.runtime[:http].pool
206
205
  # We create the report pre-populated with default settings for
207
206
  # environment and transaction_uuid very early, this is to ensure
208
207
  # they are sent regardless of any catalog compilation failures or
@@ -215,41 +214,40 @@ class Puppet::Configurer
215
214
 
216
215
  completed = nil
217
216
  begin
218
- Puppet.override(:http_pool => pool) do
219
- # Skip failover logic if the server_list setting is empty
220
- do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
221
-
222
- # When we are passed a catalog, that means we're in apply
223
- # mode. We shouldn't try to do any failover in that case.
224
- if options[:catalog].nil? && do_failover
225
- server, port = find_functional_server
226
- if server.nil?
227
- detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
228
- if Puppet[:usecacheonfailure]
229
- options[:pluginsync] = false
230
- @running_failure = true
231
-
232
- server = Puppet[:server_list].first[0]
233
- port = Puppet[:server_list].first[1] || Puppet[:serverport]
234
-
235
- Puppet.err(detail)
236
- else
237
- raise Puppet::Error, detail
238
- end
217
+ # Skip failover logic if the server_list setting is empty
218
+ do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
219
+
220
+ # When we are passed a catalog, that means we're in apply
221
+ # mode. We shouldn't try to do any failover in that case.
222
+ if options[:catalog].nil? && do_failover
223
+ server, port = find_functional_server
224
+ if server.nil?
225
+ detail = _("Could not select a functional puppet server from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
226
+ if Puppet[:usecacheonfailure]
227
+ options[:pluginsync] = false
228
+ @running_failure = true
229
+
230
+ server = Puppet[:server_list].first[0]
231
+ port = Puppet[:server_list].first[1] || Puppet[:serverport]
232
+
233
+ Puppet.err(detail)
239
234
  else
240
- #TRANSLATORS 'server_list' is the name of a setting and should not be translated
241
- Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
242
- report.server_used = "#{server}:#{port}"
243
- end
244
- Puppet.override(server: server, serverport: port) do
245
- completed = run_internal(options)
235
+ raise Puppet::Error, detail
246
236
  end
247
237
  else
238
+ #TRANSLATORS 'server_list' is the name of a setting and should not be translated
239
+ Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
240
+ report.server_used = "#{server}:#{port}"
241
+ end
242
+ Puppet.override(server: server, serverport: port) do
248
243
  completed = run_internal(options)
249
244
  end
245
+ else
246
+ completed = run_internal(options)
250
247
  end
251
248
  ensure
252
- pool.close
249
+ # we may sleep for awhile, close connections now
250
+ Puppet.runtime[:http].close
253
251
  end
254
252
 
255
253
  completed ? report.exit_status : nil
@@ -397,29 +395,16 @@ class Puppet::Configurer
397
395
  if !cached_catalog && options[:catalog]
398
396
  ral_catalog = options[:catalog]
399
397
  else
400
- # Ordering here matters. We have to resolve deferred resources in the
401
- # resource catalog, convert the resource catalog to a RAL catalog (which
402
- # triggers type/provider validation), and only if that is successful,
403
- # should we cache the *original* resource catalog. However, deferred
404
- # evaluation mutates the resource catalog, so we need to make a copy of
405
- # it here. If PUP-9323 is ever implemented so that we resolve deferred
406
- # resources in the RAL catalog as they are needed, then we could eliminate
407
- # this step.
408
- catalog_to_cache = Puppet.override(:rich_data => Puppet[:rich_data]) do
409
- Puppet::Resource::Catalog.from_data_hash(catalog.to_data_hash)
410
- end
411
-
412
398
  # REMIND @duration is the time spent loading the last catalog, and doesn't
413
399
  # account for things like we failed to download and fell back to the cache
414
400
  ral_catalog = convert_catalog(catalog, @duration, facts, options)
415
401
 
416
- # Validation succeeded, so commit the `catalog_to_cache` for non-noop runs. Don't
417
- # commit `catalog` since it contains the result of deferred evaluation. Ideally
402
+ # If not noop, commit the cached resource catalog (not ral catalog). Ideally
418
403
  # we'd just copy the downloaded response body, instead of serializing the
419
404
  # in-memory catalog, but that's hard due to the indirector.
420
405
  indirection = Puppet::Resource::Catalog.indirection
421
406
  if !Puppet[:noop] && indirection.cache?
422
- request = indirection.request(:save, nil, catalog_to_cache, environment: Puppet::Node::Environment.remote(catalog_to_cache.environment))
407
+ request = indirection.request(:save, nil, catalog, environment: Puppet::Node::Environment.remote(catalog.environment))
423
408
  Puppet.info("Caching catalog for #{request.key}")
424
409
  indirection.cache.save(request)
425
410
  end
@@ -73,8 +73,7 @@ class Puppet::Configurer::Downloader
73
73
  :purge => true,
74
74
  :force => true,
75
75
  :backup => false,
76
- :noop => false,
77
- :max_files => -1
76
+ :noop => false
78
77
  }
79
78
  if !Puppet::Util::Platform.windows?
80
79
  defargs[:owner] = Process.uid
@@ -29,25 +29,27 @@ class Puppet::Configurer::PluginHandler
29
29
  result += plugin_fact_downloader.evaluate
30
30
  result += plugin_downloader.evaluate
31
31
 
32
- # until file metadata/content are using the rest client, we need to check
33
- # both :server_agent_version and the session to see if the server supports
34
- # the "locales" mount
35
- server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
36
- locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
37
- unless locales
38
- session = Puppet.lookup(:http_session)
39
- locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
40
- end
41
-
42
- if locales
43
- locales_downloader = Puppet::Configurer::Downloader.new(
44
- "locales",
45
- Puppet[:localedest],
46
- Puppet[:localesource],
47
- Puppet[:pluginsignore] + " *.pot config.yaml",
48
- environment
49
- )
50
- result += locales_downloader.evaluate
32
+ unless Puppet[:disable_i18n]
33
+ # until file metadata/content are using the rest client, we need to check
34
+ # both :server_agent_version and the session to see if the server supports
35
+ # the "locales" mount
36
+ server_agent_version = Puppet.lookup(:server_agent_version) { "0.0" }
37
+ locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
38
+ unless locales
39
+ session = Puppet.lookup(:http_session)
40
+ locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
41
+ end
42
+
43
+ if locales
44
+ locales_downloader = Puppet::Configurer::Downloader.new(
45
+ "locales",
46
+ Puppet[:localedest],
47
+ Puppet[:localesource],
48
+ Puppet[:pluginsignore] + " *.pot config.yaml",
49
+ environment
50
+ )
51
+ result += locales_downloader.evaluate
52
+ end
51
53
  end
52
54
 
53
55
  Puppet::Util::Autoload.reload_changed(Puppet.lookup(:current_environment))
@@ -11,25 +11,60 @@ module Puppet
11
11
  end
12
12
 
13
13
  def self.default_digest_algorithm
14
- Puppet::Util::Platform.fips_enabled? ? 'sha256' : 'md5'
14
+ 'sha256'
15
15
  end
16
16
 
17
17
  def self.valid_digest_algorithms
18
18
  Puppet::Util::Platform.fips_enabled? ?
19
19
  %w[sha256 sha384 sha512 sha224] :
20
- %w[md5 sha256 sha384 sha512 sha224]
20
+ %w[sha256 sha384 sha512 sha224 md5]
21
21
  end
22
22
 
23
23
  def self.default_file_checksum_types
24
24
  Puppet::Util::Platform.fips_enabled? ?
25
25
  %w[sha256 sha384 sha512 sha224] :
26
- %w[md5 sha256 sha384 sha512 sha224]
26
+ %w[sha256 sha384 sha512 sha224 md5]
27
27
  end
28
28
 
29
29
  def self.valid_file_checksum_types
30
30
  Puppet::Util::Platform.fips_enabled? ?
31
31
  %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime] :
32
- %w[md5 md5lite sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite mtime ctime]
32
+ %w[sha256 sha256lite sha384 sha512 sha224 sha1 sha1lite md5 md5lite mtime ctime]
33
+ end
34
+
35
+ def self.log_ca_migration_warning
36
+ urge_to_migrate = <<-UTM
37
+ The cadir is currently configured to be inside the #{Puppet[:ssldir]} directory. This config
38
+ setting and the directory location will not be used in a future version of puppet. Please run the
39
+ puppetserver ca tool to migrate out from the puppet confdir to the /etc/puppetlabs/puppetserver/ca
40
+ directory. Use `puppetserver ca migrate --help` for more info.
41
+ UTM
42
+ Puppet.warn_once('deprecations',
43
+ 'CA migration message',
44
+ urge_to_migrate,
45
+ :default,
46
+ :default)
47
+ end
48
+
49
+ def self.default_cadir
50
+ return "" if Puppet::Util::Platform.windows?
51
+ old_ca_dir = "#{Puppet[:ssldir]}/ca"
52
+ new_ca_dir = "/etc/puppetlabs/puppetserver/ca"
53
+
54
+ if File.exist?(old_ca_dir)
55
+ if File.symlink?(old_ca_dir)
56
+ target = File.readlink(old_ca_dir)
57
+ if target.start_with?(Puppet[:ssldir])
58
+ Puppet.log_ca_migration_warning
59
+ end
60
+ target
61
+ else
62
+ Puppet.log_ca_migration_warning
63
+ old_ca_dir
64
+ end
65
+ else
66
+ new_ca_dir
67
+ end
33
68
  end
34
69
 
35
70
  def self.default_basemodulepath
@@ -58,18 +93,6 @@ module Puppet
58
93
  end
59
94
  end
60
95
 
61
- def self.default_cadir
62
- return "" if Puppet::Util::Platform.windows?
63
- old_ca_dir = "#{Puppet[:ssldir]}/ca"
64
- new_ca_dir = '/etc/puppetlabs/puppetserver/ca'
65
-
66
- if File.exist?("#{new_ca_dir}/ca_crt.pem")
67
- new_ca_dir
68
- else
69
- old_ca_dir
70
- end
71
- end
72
-
73
96
  ############################################################################################
74
97
  # NOTE: For information about the available values for the ":type" property of settings,
75
98
  # see the docs for Settings.define_settings
@@ -82,29 +105,6 @@ module Puppet
82
105
  # @return void
83
106
  def self.initialize_default_settings!(settings)
84
107
  settings.define_settings(:main,
85
- :facterng => {
86
- :default => false,
87
- :type => :boolean,
88
- :desc => 'Whether to enable a pre-Facter 4.0 release of Facter (distributed as
89
- the "facter-ng" gem). This is not necessary if Facter 3.x or later is installed.
90
- This setting is still experimental.',
91
- :hook => proc do |value|
92
- value = munge(value)
93
- if value && Puppet::Util::Package.versioncmp(Facter.value('facterversion'), '4.0.0') < 0
94
- begin
95
- original_facter = Object.const_get(:Facter)
96
- Object.send(:remove_const, :Facter)
97
-
98
- require 'facter-ng'
99
- # It is required to re-setup logger for facter-ng
100
- Puppet::Util::Logging.setup_facter_logging!
101
- rescue LoadError
102
- Object.const_set(:Facter, original_facter)
103
- raise ArgumentError, 'facter-ng could not be loaded'
104
- end
105
- end
106
- end
107
- },
108
108
  :confdir => {
109
109
  :default => nil,
110
110
  :type => :directory,
@@ -231,7 +231,7 @@ module Puppet
231
231
  end
232
232
  },
233
233
  :disable_i18n => {
234
- :default => false,
234
+ :default => true,
235
235
  :type => :boolean,
236
236
  :desc => "If true, turns off all translations of Puppet and module
237
237
  log messages, which affects error, warning, and info log messages,
@@ -276,13 +276,6 @@ module Puppet
276
276
  :type => :boolean,
277
277
  :desc => "Whether to enable experimental performance profiling",
278
278
  },
279
- :future_features => {
280
- :default => false,
281
- :type => :boolean,
282
- :desc => "Whether or not to enable all features currently being developed for future
283
- major releases of Puppet. Should be used with caution, as in development
284
- features are experimental and can have unexpected effects."
285
- },
286
279
  :versioned_environment_dirs => {
287
280
  :default => false,
288
281
  :type => :boolean,
@@ -297,6 +290,11 @@ module Puppet
297
290
  which occurs only on a Puppet Server master when the `code-id-command` and
298
291
  `code-content-command` settings are configured in its `puppetserver.conf` file.",
299
292
  },
293
+ :settings_catalog => {
294
+ :default => true,
295
+ :type => :boolean,
296
+ :desc => "Whether to compile and apply the settings catalog",
297
+ },
300
298
  :strict_environment_mode => {
301
299
  :default => false,
302
300
  :type => :boolean,
@@ -719,9 +717,8 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
719
717
  A value of `0` will disable caching. This setting can also be set to
720
718
  `unlimited`, which will cache environments until the server is restarted
721
719
  or told to refresh the cache. All other values will result in Puppet
722
- server evicting expired environments. The expiration time is computed
723
- based on either when the environment was created or last accessed, see
724
- `environment_timeout_mode`.
720
+ server evicting environments that haven't been used within the last
721
+ `environment_timeout` seconds.
725
722
 
726
723
  You should change this setting once your Puppet deployment is doing
727
724
  non-trivial work. We chose the default value of `0` because it lets new
@@ -734,32 +731,13 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
734
731
  * Setting this to a number that will keep your most actively used
735
732
  environments cached, but allow testing environments to fall out of the
736
733
  cache and reduce memory usage. A value of 3 minutes (3m) is a reasonable
737
- value. This option requires setting `environment_timeout_mode` to
738
- `from_last_used`.
734
+ value.
739
735
 
740
736
  Once you set `environment_timeout` to a non-zero value, you need to tell
741
737
  Puppet server to read new code from disk using the `environment-cache` API
742
738
  endpoint after you deploy new code. See the docs for the Puppet Server
743
739
  [administrative API](https://puppet.com/docs/puppetserver/latest/admin-api/v1/environment-cache.html).
744
- ",
745
- :hook => proc do |val|
746
- if Puppet[:environment_timeout_mode] == :from_created
747
- unless [0, 'unlimited', Float::INFINITY].include?(val)
748
- Puppet.deprecation_warning("Evicting environments based on their creation time is deprecated, please set `environment_timeout_mode` to `from_last_used` instead.")
749
- end
750
- end
751
- end
752
- },
753
- :environment_timeout_mode => {
754
- :default => :from_created,
755
- :type => :symbolic_enum,
756
- :values => [:from_created, :from_last_used],
757
- :desc => "How Puppet interprets the `environment_timeout` setting when
758
- `environment_timeout` is neither `0` nor `unlimited`. If set to
759
- `from_created`, then the environment will be evicted `environment_timeout`
760
- seconds from when it was created. If set to `from_last_used` then the
761
- environment will be evicted `environment_timeout` seconds from when it
762
- was last used."
740
+ "
763
741
  },
764
742
  :environment_data_provider => {
765
743
  :desc => "The name of a registered environment data provider used when obtaining environment
@@ -834,7 +812,7 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
834
812
  `certname` setting as its requested Subject CN.
835
813
 
836
814
  This is the name used when managing a node's permissions in
837
- [auth.conf](https://puppet.com/docs/puppet/latest/config_file_auth.html).
815
+ Puppet Server's [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).
838
816
  In most cases, it is also used as the node's name when matching
839
817
  [node definitions](https://puppet.com/docs/puppet/latest/lang_node_definitions.html)
840
818
  and requesting data from an ENC. (This can be changed with the `node_name_value`
@@ -849,9 +827,9 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
849
827
  only use lowercase letters, numbers, periods, underscores, and dashes. (That is,
850
828
  it should match `/\A[a-z0-9._-]+\Z/`.)
851
829
  * The special value `ca` is reserved, and can't be used as the certname
852
- for a normal node.
830
+ for a normal node.
853
831
 
854
- **Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
832
+ **Note:** You must set the certname in the main section of the puppet.conf file. Setting it in a different section causes errors.
855
833
 
856
834
  Defaults to the node's fully qualified domain name.",
857
835
  :call_hook => :on_initialize_and_write,
@@ -878,8 +856,8 @@ names.
878
856
  **Note:** The list of alternate names is locked in when the server's
879
857
  certificate is signed. If you need to change the list later, you can't just
880
858
  change this setting; you also need to regenerate the certificate. For more
881
- information on that process, see the
882
- [cert regen docs](https://puppet.com/docs/puppet/latest/ssl_regenerate_certificates.html).
859
+ information on that process, see the [cert regen docs]
860
+ (https://puppet.com/docs/puppet/latest/ssl_regenerate_certificates.html).
883
861
 
884
862
  To see all the alternate names your servers are using, log into your CA server
885
863
  and run `puppetserver ca list --all`, then check the output for `(alt names: ...)`.
@@ -984,13 +962,13 @@ EOT
984
962
  Generally unused."
985
963
  },
986
964
  :hostcsr => {
987
- :default => "$ssldir/csr_$certname.pem",
965
+ :default => "$requestdir/$certname.pem",
988
966
  :type => :file,
989
967
  :mode => "0644",
990
968
  :owner => "service",
991
969
  :group => "service",
992
- :deprecated => :completely,
993
- :desc => "This setting is deprecated."
970
+ :desc => "Where individual hosts store their certificate request (CSR)
971
+ while waiting for the CA to issue their certificate."
994
972
  },
995
973
  :hostcert => {
996
974
  :default => "$certdir/$certname.pem",
@@ -1041,29 +1019,6 @@ EOT
1041
1019
  puppet module tool and the 'http' report processor. This setting is ignored when
1042
1020
  making requests to puppet:// URLs such as catalog and report requests.",
1043
1021
  },
1044
- :ssl_client_ca_auth => {
1045
- :type => :file,
1046
- :mode => "0644",
1047
- :owner => "service",
1048
- :group => "service",
1049
- :desc => "Certificate authorities who issue server certificates. SSL servers will not be
1050
- considered authentic unless they possess a certificate issued by an authority
1051
- listed in this file. If this setting has no value then the Puppet master's CA
1052
- certificate (localcacert) will be used.",
1053
- :hook => proc do |val|
1054
- Puppet.deprecation_warning(_("Setting 'ssl_client_ca_auth' is deprecated."))
1055
- end
1056
- },
1057
- :ssl_server_ca_auth => {
1058
- :type => :file,
1059
- :mode => "0644",
1060
- :owner => "service",
1061
- :group => "service",
1062
- :deprecated => :completely,
1063
- :desc => "The setting is deprecated and has no effect. Ensure all root and
1064
- intermediate certificate authorities used to issue client certificates are
1065
- contained in the server's `cacert` file on the server."
1066
- },
1067
1022
  :hostcrl => {
1068
1023
  :default => "$ssldir/crl.pem",
1069
1024
  :type => :file,
@@ -1097,14 +1052,6 @@ EOT
1097
1052
  certificate revocation checking and does not attempt to download the CRL.
1098
1053
  EOT
1099
1054
  },
1100
- :ciphers => {
1101
- :default => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256',
1102
- :type => :string,
1103
- :desc => "The list of ciphersuites for TLS connections initiated by puppet. The
1104
- default value is chosen to support TLS 1.0 and up, but can be made
1105
- more restrictive if needed. The ciphersuites must be specified in OpenSSL
1106
- format, not IANA."
1107
- },
1108
1055
  :key_type => {
1109
1056
  :default => 'rsa',
1110
1057
  :type => :enum,
@@ -1148,7 +1095,7 @@ EOT
1148
1095
  :type => :string,
1149
1096
  :desc => "Where to send log messages. Choose between 'syslog' (the POSIX syslog
1150
1097
  service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
1151
- file. Multiple destinations can be set using a comma separated list (eg: `/path/file1,console,/path/file2`)"
1098
+ file."
1152
1099
  # Sure would be nice to set the Puppet::Util::Log destination here in an :on_initialize_and_write hook,
1153
1100
  # unfortunately we have a large number of tests that rely on the logging not resetting itself when the
1154
1101
  # settings are initialized as they test what gets logged during settings initialization.
@@ -1165,6 +1112,13 @@ EOT
1165
1112
  :default => lambda { default_cadir },
1166
1113
  :type => :directory,
1167
1114
  :desc => "The root directory for the certificate authority.",
1115
+ :call_hook => :on_initialize_and_write,
1116
+ :hook => proc do |value|
1117
+ if value.start_with?(Puppet[:ssldir])
1118
+ Puppet.log_ca_migration_warning
1119
+ end
1120
+ value
1121
+ end
1168
1122
  },
1169
1123
  :cacert => {
1170
1124
  :default => "$cadir/ca_crt.pem",
@@ -1391,34 +1345,25 @@ EOT
1391
1345
  by `puppet`, and should only be set if you're writing your own Puppet
1392
1346
  executable.",
1393
1347
  },
1394
- :masterport => {
1348
+ :serverport => {
1395
1349
  :default => 8140,
1350
+ :type => :port,
1396
1351
  :desc => "The default port puppet subcommands use to communicate
1397
1352
  with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1398
1353
  overridden by more specific settings (see `ca_port`, `report_port`).",
1354
+ :hook => proc do |value|
1355
+ Puppet[:masterport] = value unless Puppet.settings.set_by_config?(:masterport)
1356
+ end
1399
1357
  },
1400
- :serverport => {
1401
- :type => :alias,
1402
- :alias_for => :masterport
1403
- },
1404
- :node_name => {
1405
- :default => 'cert',
1406
- :type => :enum,
1407
- :values => ['cert', 'facter'],
1408
- :deprecated => :completely,
1409
- :hook => proc { |val|
1410
- if val != 'cert'
1411
- Puppet.deprecation_warning("The node_name setting is deprecated and will be removed in a future release.")
1412
- end
1413
- },
1414
- :desc => "How the puppet master determines the client's identity
1415
- and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest,
1416
- in particular for determining which 'node' statement applies to the client.
1417
- Possible values are 'cert' (use the subject's CN in the client's
1418
- certificate) and 'facter' (use the hostname that the client
1419
- reported in its facts).
1420
-
1421
- This setting is deprecated, please use explicit fact matching for classification.",
1358
+ :masterport => {
1359
+ :default => "$serverport",
1360
+ :type => :port,
1361
+ :desc => "The default port puppet subcommands use to communicate
1362
+ with Puppet Server. (eg `puppet facts upload`, `puppet agent`). May be
1363
+ overridden by more specific settings (see `ca_port`, `report_port`).",
1364
+ :hook => proc do |value|
1365
+ Puppet[:serverport] = value unless Puppet.settings.set_by_config?(:serverport)
1366
+ end
1422
1367
  },
1423
1368
  :bucketdir => {
1424
1369
  :default => "$vardir/bucket",
@@ -1428,15 +1373,6 @@ EOT
1428
1373
  :group => "service",
1429
1374
  :desc => "Where FileBucket files are stored."
1430
1375
  },
1431
- :rest_authconfig => {
1432
- :default => "$confdir/auth.conf",
1433
- :type => :file,
1434
- :deprecated => :completely,
1435
- :desc => "The configuration file that defines the rights to the different
1436
- rest indirections. This can be used as a fine-grained authorization system for
1437
- `puppet master`. The `puppet master` command is deprecated and Puppet Server
1438
- uses its own auth.conf that must be placed within its configuration directory.",
1439
- },
1440
1376
  :trusted_oid_mapping_file => {
1441
1377
  :default => "$confdir/custom_trusted_oid_mapping.yaml",
1442
1378
  :type => :file,
@@ -1517,9 +1453,7 @@ EOT
1517
1453
  See the report reference for information on the built-in report
1518
1454
  handlers; custom report handlers can also be loaded from modules.
1519
1455
  (Report handlers are loaded from the lib directory, at
1520
- `puppet/reports/NAME.rb`.)
1521
-
1522
- To turn off reports entirely, set this to `none`",
1456
+ `puppet/reports/NAME.rb`.)",
1523
1457
  },
1524
1458
  :reportdir => {
1525
1459
  :default => "$vardir/reports",
@@ -1541,23 +1475,7 @@ EOT
1541
1475
  :default => "$confdir/fileserver.conf",
1542
1476
  :type => :file,
1543
1477
  :desc => "Where the fileserver configuration is stored.",
1544
- },
1545
- :strict_hostname_checking => {
1546
- :default => true,
1547
- :type => :boolean,
1548
- :desc => "Whether to only search for the complete
1549
- hostname as it is in the certificate when searching for node information
1550
- in the catalogs or to match dot delimited segments of the cert's certname
1551
- and the hostname, fqdn, and/or domain facts.
1552
-
1553
- This setting is deprecated and will be removed in a future release.",
1554
- :hook => proc { |val|
1555
- if val != true
1556
- Puppet.deprecation_warning("Setting strict_hostname_checking to false is deprecated and will be removed in a future release. Please use regular expressions in your node declarations or explicit fact matching for classification (though be warned that fact based classification may be considered insecure).")
1557
- end
1558
- }
1559
- }
1560
- )
1478
+ })
1561
1479
 
1562
1480
  settings.define_settings(:device,
1563
1481
  :devicedir => {
@@ -1579,17 +1497,15 @@ EOT
1579
1497
  :default => "$certname",
1580
1498
  :desc => "The explicit value used for the node name for all requests the agent
1581
1499
  makes to the master. WARNING: This setting is mutually exclusive with
1582
- node_name_fact. Changing this setting also requires changes to the default
1583
- auth.conf configuration on the Puppet Master. Please see
1584
- http://links.puppet.com/node_name_value for more information."
1500
+ node_name_fact. Changing this setting also requires changes to
1501
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
1585
1502
  },
1586
1503
  :node_name_fact => {
1587
1504
  :default => "",
1588
1505
  :desc => "The fact name used to determine the node name used for all requests the agent
1589
1506
  makes to the master. WARNING: This setting is mutually exclusive with
1590
- node_name_value. Changing this setting also requires changes to the default
1591
- auth.conf configuration on the Puppet Master. Please see
1592
- http://links.puppet.com/node_name_fact for more information.",
1507
+ node_name_value. Changing this setting also requires changes to
1508
+ Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
1593
1509
  :hook => proc do |value|
1594
1510
  if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
1595
1511
  raise "Cannot specify both the node_name_value and node_name_fact settings"
@@ -1687,8 +1603,8 @@ EOT
1687
1603
  :server_list => {
1688
1604
  :default => [],
1689
1605
  :type => :server_list,
1690
- :desc => "The list of puppet master servers to which the puppet agent should connect,
1691
- in the order that they will be tried.",
1606
+ :desc => "The list of Puppet master servers to which the Puppet agent should connect,
1607
+ in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
1692
1608
  },
1693
1609
  :use_srv_records => {
1694
1610
  :default => false,
@@ -1764,6 +1680,7 @@ EOT
1764
1680
  },
1765
1681
  :ca_port => {
1766
1682
  :default => "$serverport",
1683
+ :type => :port,
1767
1684
  :desc => "The port to use for the certificate authority.",
1768
1685
  },
1769
1686
  :preferred_serialization_format => {
@@ -1782,7 +1699,7 @@ EOT
1782
1699
  },
1783
1700
  :agent_disabled_lockfile => {
1784
1701
  :default => "$statedir/agent_disabled.lock",
1785
- :type => :string,
1702
+ :type => :file,
1786
1703
  :desc => "A lock file to indicate that puppet agent runs have been administratively
1787
1704
  disabled. File contains a JSON object with state information.",
1788
1705
  },
@@ -1853,6 +1770,7 @@ EOT
1853
1770
  },
1854
1771
  :report_port => {
1855
1772
  :default => "$serverport",
1773
+ :type => :port,
1856
1774
  :desc => "The port to communicate with the report_server.",
1857
1775
  },
1858
1776
  :report => {
@@ -1882,10 +1800,16 @@ EOT
1882
1800
  for the node stored in puppetdb are current. However, this will double the fact
1883
1801
  submission load on puppetdb, so it is disabled by default.",
1884
1802
  },
1803
+ :publicdir => {
1804
+ :default => nil,
1805
+ :type => :directory,
1806
+ :mode => "0755",
1807
+ :desc => "Where Puppet stores public files."
1808
+ },
1885
1809
  :lastrunfile => {
1886
- :default => "$statedir/last_run_summary.yaml",
1810
+ :default => "$publicdir/last_run_summary.yaml",
1887
1811
  :type => :file,
1888
- :mode => "0644",
1812
+ :mode => "0640",
1889
1813
  :desc => "Where puppet agent stores the last run report summary in yaml format."
1890
1814
  },
1891
1815
  :lastrunreport => {
@@ -1965,7 +1889,7 @@ EOT
1965
1889
  :type => :ttl,
1966
1890
  :desc => "The maximum amount of time the puppet agent should wait for an
1967
1891
  already running puppet agent to finish before starting a new one. This is set by default to 1 minute.
1968
- A value of `unlimited` will cause puppet agent to wait indefinitely.
1892
+ A value of `unlimited` will cause puppet agent to wait indefinitely.
1969
1893
  #{AS_DURATION}",
1970
1894
  }
1971
1895
  )
@@ -2022,7 +1946,7 @@ EOT
2022
1946
  :desc => "What files to ignore when pulling down plugins.",
2023
1947
  },
2024
1948
  :ignore_plugin_errors => {
2025
- :default => true,
1949
+ :default => false,
2026
1950
  :type => :boolean,
2027
1951
  :desc => "Whether the puppet run should ignore errors during pluginsync. If the setting
2028
1952
  is false and there are errors during pluginsync, then the agent will abort the run and
@@ -2237,22 +2161,6 @@ EOT
2237
2161
  referencing variables that are explicitly set to undef).
2238
2162
  EOT
2239
2163
  },
2240
- :func3x_check => {
2241
- :default => true,
2242
- :type => :boolean,
2243
- :desc => <<-'EOT',
2244
- Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that
2245
- could cause harm or that simply does not work. This flag is on by default. This flag is made available
2246
- so that the validation can be turned off in case the method of validation is faulty - if encountered, please
2247
- file a bug report.
2248
- EOT
2249
- :call_hook => :on_initialize_and_write,
2250
- :hook => proc do |value|
2251
- unless value
2252
- Puppet.deprecation_warning(_("The 'func3x_check' setting is deprecated and will be removed in a future release."))
2253
- end
2254
- end
2255
- },
2256
2164
  :tasks => {
2257
2165
  :default => false,
2258
2166
  :type => :boolean,