puppet 6.25.1 → 6.28.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (112) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +1 -1
  3. data/Gemfile +2 -2
  4. data/Gemfile.lock +101 -34
  5. data/lib/puppet/agent.rb +47 -11
  6. data/lib/puppet/application/agent.rb +2 -12
  7. data/lib/puppet/application/lookup.rb +74 -24
  8. data/lib/puppet/concurrent/thread_local_singleton.rb +5 -3
  9. data/lib/puppet/configurer.rb +8 -14
  10. data/lib/puppet/defaults.rb +13 -3
  11. data/lib/puppet/face/generate.rb +2 -0
  12. data/lib/puppet/file_serving/metadata.rb +3 -0
  13. data/lib/puppet/file_system/file_impl.rb +7 -7
  14. data/lib/puppet/file_system/jruby.rb +1 -1
  15. data/lib/puppet/file_system/windows.rb +4 -4
  16. data/lib/puppet/file_system.rb +1 -1
  17. data/lib/puppet/functions/next.rb +18 -1
  18. data/lib/puppet/functions/tree_each.rb +0 -1
  19. data/lib/puppet/functions/versioncmp.rb +6 -2
  20. data/lib/puppet/generate/type.rb +9 -0
  21. data/lib/puppet/http/client.rb +22 -2
  22. data/lib/puppet/node.rb +1 -1
  23. data/lib/puppet/pops/parser/code_merger.rb +4 -4
  24. data/lib/puppet/pops/parser/egrammar.ra +2 -0
  25. data/lib/puppet/pops/parser/eparser.rb +813 -794
  26. data/lib/puppet/pops/serialization/to_data_converter.rb +6 -18
  27. data/lib/puppet/provider/package/puppetserver_gem.rb +7 -16
  28. data/lib/puppet/provider/package/windows/exe_package.rb +30 -1
  29. data/lib/puppet/provider/package/windows/package.rb +2 -1
  30. data/lib/puppet/provider/package/windows.rb +14 -1
  31. data/lib/puppet/provider/service/init.rb +5 -4
  32. data/lib/puppet/provider/user/directoryservice.rb +5 -0
  33. data/lib/puppet/ssl/ssl_provider.rb +75 -19
  34. data/lib/puppet/ssl/state_machine.rb +13 -17
  35. data/lib/puppet/ssl/verifier.rb +6 -0
  36. data/lib/puppet/transaction/persistence.rb +22 -12
  37. data/lib/puppet/type/exec.rb +1 -1
  38. data/lib/puppet/type/file/data_sync.rb +1 -1
  39. data/lib/puppet/type/user.rb +43 -38
  40. data/lib/puppet/util/json.rb +17 -0
  41. data/lib/puppet/util/log.rb +7 -2
  42. data/lib/puppet/util/monkey_patches.rb +6 -2
  43. data/lib/puppet/util/package.rb +25 -16
  44. data/lib/puppet/util/yaml.rb +21 -2
  45. data/lib/puppet/util.rb +1 -2
  46. data/lib/puppet/version.rb +1 -1
  47. data/lib/puppet.rb +2 -14
  48. data/locales/puppet.pot +5 -10454
  49. data/man/man5/puppet.conf.5 +21 -2
  50. data/man/man8/puppet-agent.8 +1 -1
  51. data/man/man8/puppet-apply.8 +1 -1
  52. data/man/man8/puppet-catalog.8 +1 -1
  53. data/man/man8/puppet-config.8 +1 -1
  54. data/man/man8/puppet-describe.8 +1 -1
  55. data/man/man8/puppet-device.8 +1 -1
  56. data/man/man8/puppet-doc.8 +1 -1
  57. data/man/man8/puppet-epp.8 +1 -1
  58. data/man/man8/puppet-facts.8 +1 -1
  59. data/man/man8/puppet-filebucket.8 +1 -1
  60. data/man/man8/puppet-generate.8 +1 -1
  61. data/man/man8/puppet-help.8 +1 -1
  62. data/man/man8/puppet-key.8 +1 -1
  63. data/man/man8/puppet-lookup.8 +9 -6
  64. data/man/man8/puppet-man.8 +1 -1
  65. data/man/man8/puppet-module.8 +1 -1
  66. data/man/man8/puppet-node.8 +1 -1
  67. data/man/man8/puppet-parser.8 +1 -1
  68. data/man/man8/puppet-plugin.8 +1 -1
  69. data/man/man8/puppet-report.8 +1 -1
  70. data/man/man8/puppet-resource.8 +1 -1
  71. data/man/man8/puppet-script.8 +1 -1
  72. data/man/man8/puppet-ssl.8 +1 -1
  73. data/man/man8/puppet-status.8 +1 -1
  74. data/man/man8/puppet.8 +2 -2
  75. data/spec/fixtures/unit/forge/bacula.json +1 -1
  76. data/spec/integration/application/agent_spec.rb +108 -0
  77. data/spec/integration/application/lookup_spec.rb +81 -50
  78. data/spec/integration/application/resource_spec.rb +6 -2
  79. data/spec/integration/http/client_spec.rb +51 -4
  80. data/spec/lib/puppet_spec/https.rb +1 -1
  81. data/spec/lib/puppet_spec/puppetserver.rb +39 -2
  82. data/spec/shared_contexts/l10n.rb +5 -0
  83. data/spec/unit/agent_spec.rb +28 -2
  84. data/spec/unit/application/agent_spec.rb +26 -16
  85. data/spec/unit/application/lookup_spec.rb +131 -10
  86. data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
  87. data/spec/unit/configurer_spec.rb +124 -61
  88. data/spec/unit/daemon_spec.rb +2 -11
  89. data/spec/unit/face/generate_spec.rb +64 -0
  90. data/spec/unit/file_system_spec.rb +34 -4
  91. data/spec/unit/forge/module_release_spec.rb +3 -3
  92. data/spec/unit/functions/versioncmp_spec.rb +40 -4
  93. data/spec/unit/http/client_spec.rb +18 -0
  94. data/spec/unit/node_spec.rb +6 -0
  95. data/spec/unit/pops/parser/parse_containers_spec.rb +2 -2
  96. data/spec/unit/pops/serialization/to_from_hr_spec.rb +0 -58
  97. data/spec/unit/pops/validator/validator_spec.rb +5 -0
  98. data/spec/unit/provider/package/puppetserver_gem_spec.rb +2 -2
  99. data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
  100. data/spec/unit/provider/service/gentoo_spec.rb +6 -5
  101. data/spec/unit/provider/service/init_spec.rb +15 -9
  102. data/spec/unit/provider/service/openwrt_spec.rb +21 -29
  103. data/spec/unit/provider/service/redhat_spec.rb +3 -2
  104. data/spec/unit/ssl/ssl_provider_spec.rb +75 -1
  105. data/spec/unit/ssl/state_machine_spec.rb +1 -0
  106. data/spec/unit/transaction/persistence_spec.rb +51 -0
  107. data/spec/unit/type/user_spec.rb +0 -45
  108. data/spec/unit/util/json_spec.rb +126 -0
  109. data/spec/unit/util/windows_spec.rb +23 -0
  110. data/spec/unit/util/yaml_spec.rb +54 -29
  111. data/tasks/generate_cert_fixtures.rake +5 -4
  112. metadata +9 -3
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPETCONF" "5" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPETCONF" "5" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  \fBThis page is autogenerated; any changes will get overwritten\fR
6
6
  .
7
7
  .SH "Configuration settings"
@@ -945,7 +945,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
945
945
  The HTTP User\-Agent string to send when making network requests\.
946
946
  .
947
947
  .IP "\(bu" 4
948
- \fIDefault\fR: \fBPuppet/6\.25\.1 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
948
+ \fIDefault\fR: \fBPuppet/6\.28\.0 Ruby/2\.7\.5\-p203 (x86_64\-linux)\fR
949
949
  .
950
950
  .IP "" 0
951
951
  .
@@ -1118,6 +1118,14 @@ From where to retrieve translation files\. The standard Puppet \fBfile\fR type i
1118
1118
  .
1119
1119
  .IP "" 0
1120
1120
  .
1121
+ .SS "location_trusted"
1122
+ This will allow sending the name + password and the cookie header to all hosts that puppet may redirect to\. This may or may not introduce a security breach if puppet redirects you to a site to which you\'ll send your authentication info and cookies\.
1123
+ .
1124
+ .IP "\(bu" 4
1125
+ \fIDefault\fR: \fBfalse\fR
1126
+ .
1127
+ .IP "" 0
1128
+ .
1121
1129
  .SS "log_level"
1122
1130
  Default logging level for messages from Puppet\. Allowed values are:
1123
1131
  .
@@ -2059,6 +2067,17 @@ Whether to only use the cached catalog rather than compiling a new catalog on ev
2059
2067
  .
2060
2068
  .IP "" 0
2061
2069
  .
2070
+ .SS "use_last_environment"
2071
+ Puppet saves both the initial and converged environment in the last_run_summary file\. If they differ, and this setting is set to true, we will use the last converged environment and skip the node request\.
2072
+ .
2073
+ .P
2074
+ When set to false, we will do the node request and ignore the environment data from the last_run_summary file\.
2075
+ .
2076
+ .IP "\(bu" 4
2077
+ \fIDefault\fR: \fBtrue\fR
2078
+ .
2079
+ .IP "" 0
2080
+ .
2062
2081
  .SS "use_srv_records"
2063
2082
  Whether the server will search for SRV records in DNS for the current domain\.
2064
2083
  .
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-AGENT" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-AGENT" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-agent\fR \- The puppet agent daemon
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-APPLY" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-APPLY" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-apply\fR \- Apply Puppet manifests locally
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CATALOG" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CATALOG" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CONFIG" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CONFIG" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-config\fR \- Interact with Puppet\'s settings\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DESCRIBE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DESCRIBE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-describe\fR \- Display help about resource types
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DEVICE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DEVICE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-device\fR \- Manage remote network devices
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DOC" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DOC" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-doc\fR \- Generate Puppet references
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-EPP" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-EPP" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FACTS" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FACTS" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-facts\fR \- Retrieve and store facts\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FILEBUCKET" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FILEBUCKET" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-GENERATE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-GENERATE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-HELP" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-HELP" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-help\fR \- Display Puppet help\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-KEY" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-KEY" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-key\fR \- Create, save, and remove certificate keys\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-LOOKUP" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-LOOKUP" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-lookup\fR \- Interactive Hiera lookup
@@ -22,10 +22,7 @@ The most common version of this command is:
22
22
  puppet lookup [\-\-help] [\-\-type \fITYPESTRING\fR] [\-\-merge first|unique|hash|deep] [\-\-knock\-out\-prefix \fIPREFIX\-STRING\fR] [\-\-sort\-merged\-arrays] [\-\-merge\-hash\-arrays] [\-\-explain] [\-\-environment \fIENV\fR] [\-\-default \fIVALUE\fR] [\-\-node \fINODE\-NAME\fR] [\-\-facts \fIFILE\fR] [\-\-compile] [\-\-render\-as s|json|yaml|binary|msgpack] \fIkeys\fR
23
23
  .
24
24
  .SH "DESCRIPTION"
25
- The lookup command is a CLI for Puppet\'s \'lookup()\' function\. It searches your Hiera data and returns a value for the requested lookup key, so you can test and explore your data\. It is a modern replacement for the \'hiera\' command\.
26
- .
27
- .P
28
- Hiera usually relies on a node\'s facts to locate the relevant data sources\. By default, \'puppet lookup\' uses facts from the node you run the command on, but you can get data for any other node with the \'\-\-node \fINAME\fR\' option\. If possible, the lookup command will use the requested node\'s real stored facts from PuppetDB; if PuppetDB isn\'t configured or you want to provide arbitrary fact values, you can pass alternate facts as a JSON or YAML file with \'\-\-facts \fIFILE\fR\'\.
25
+ The lookup command is a CLI for Puppet\'s \'lookup()\' function\. It searches your Hiera data and returns a value for the requested lookup key, so you can test and explore your data\. It is a modern replacement for the \'hiera\' command\. Lookup uses the setting for global hiera\.yaml from puppet\'s config, and the environment to find the environment level hiera\.yaml as well as the resulting modulepath for the environment (for hiera\.yaml files in modules)\. Hiera usually relies on a node\'s facts to locate the relevant data sources\. By default, \'puppet lookup\' uses facts from the node you run the command on, but you can get data for any other node with the \'\-\-node \fINAME\fR\' option\. If possible, the lookup command will use the requested node\'s real stored facts from PuppetDB; if PuppetDB isn\'t configured or you want to provide arbitrary fact values, you can pass alternate facts as a JSON or YAML file with \'\-\-facts \fIFILE\fR\'\.
29
26
  .
30
27
  .P
31
28
  If you\'re debugging your Hiera data and want to see where values are coming from, use the \'\-\-explain\' option\.
@@ -54,7 +51,7 @@ For more details about how Hiera works, see the Hiera documentation: https://pup
54
51
  \-\-facts \fIFILE\fR Specify a \.json or \.yaml file of key => value mappings to override the facts for this lookup\. Any facts not specified in this file maintain their original value\.
55
52
  .
56
53
  .IP "\(bu" 4
57
- \-\-environment \fIENV\fR Like with most Puppet commands, you can specify an environment on the command line\. This is important for lookup because different environments can have different Hiera data\.
54
+ \-\-environment \fIENV\fR Like with most Puppet commands, you can specify an environment on the command line\. This is important for lookup because different environments can have different Hiera data\. This environment will be always be the one used regardless of any other factors\.
58
55
  .
59
56
  .IP "\(bu" 4
60
57
  \-\-merge first|unique|hash|deep: Specify the merge behavior, overriding any merge behavior from the data\'s lookup_options\. \'first\' returns the first value found\. \'unique\' appends everything to a merged, deduplicated array\. \'hash\' performs a simple hash merge by overwriting keys of lower lookup priority\. \'deep\' performs a deep merge on values of Array and Hash type\. There are additional options that can be used with \'deep\'\.
@@ -89,6 +86,12 @@ For more details about how Hiera works, see the Hiera documentation: https://pup
89
86
  To look up \'key_name\' using the Puppet Server node\'s facts: $ puppet lookup key_name
90
87
  .
91
88
  .P
89
+ To look up \'key_name\' using the Puppet Server node\'s arbitrary variables from a manifest, and classify the node if applicable: $ puppet lookup key_name \-\-compile
90
+ .
91
+ .P
92
+ To look up \'key_name\' using the Puppet Server node\'s facts, overridden by facts given in a file: $ puppet lookup key_name \-\-facts fact_file\.yaml
93
+ .
94
+ .P
92
95
  To look up \'key_name\' with agent\.local\'s facts: $ puppet lookup \-\-node agent\.local key_name
93
96
  .
94
97
  .P
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-MAN" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-MAN" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-man\fR \- Display Puppet manual pages\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-MODULE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-MODULE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-NODE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-NODE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-node\fR \- View and manage node definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PARSER" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PARSER" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-parser\fR \- Interact directly with the parser\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PLUGIN" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PLUGIN" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-REPORT" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-REPORT" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-report\fR \- Create, display, and submit reports\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-RESOURCE" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-RESOURCE" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-resource\fR \- The resource abstraction layer shell
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SCRIPT" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SCRIPT" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SSL" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SSL" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-STATUS" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-STATUS" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-status\fR \- View puppet server status\.
data/man/man8/puppet.8 CHANGED
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET" "8" "October 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET" "8" "July 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\fR
@@ -25,4 +25,4 @@ Specialized:
25
25
  catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
26
26
  .
27
27
  .P
28
- See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.25\.1
28
+ See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.28\.0
@@ -37,7 +37,7 @@
37
37
  "license": "Apache 2.0",
38
38
  "checksums": { },
39
39
  "version": "0.0.2",
40
- "source": "git://github.com/puppetlabs/puppetlabs-bacula.git",
40
+ "source": "https://github.com/puppetlabs/puppetlabs-bacula",
41
41
  "project_page": "https://github.com/puppetlabs/puppetlabs-bacula",
42
42
  "summary": "bacula",
43
43
  "dependencies": [ ],
@@ -3,6 +3,7 @@ require 'puppet_spec/files'
3
3
  require 'puppet_spec/puppetserver'
4
4
  require 'puppet_spec/compiler'
5
5
  require 'puppet_spec/https'
6
+ require 'puppet/application/agent'
6
7
 
7
8
  describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
8
9
  include PuppetSpec::Files
@@ -737,4 +738,111 @@ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
737
738
  end
738
739
  end
739
740
  end
741
+
742
+ context "ssl" do
743
+ context "bootstrapping" do
744
+ before :each do
745
+ # reconfigure ssl to non-existent dir and files to force bootstrapping
746
+ dir = tmpdir('ssl')
747
+ Puppet[:ssldir] = dir
748
+ Puppet[:localcacert] = File.join(dir, 'ca.pem')
749
+ Puppet[:hostcrl] = File.join(dir, 'crl.pem')
750
+ Puppet[:hostprivkey] = File.join(dir, 'cert.pem')
751
+ Puppet[:hostcert] = File.join(dir, 'key.pem')
752
+
753
+ Puppet[:daemonize] = false
754
+ Puppet[:logdest] = 'console'
755
+ Puppet[:log_level] = 'info'
756
+ end
757
+
758
+ it "exits if the agent is not allowed to wait" do
759
+ Puppet[:waitforcert] = 0
760
+
761
+ server.start_server do |port|
762
+ Puppet[:serverport] = port
763
+ expect {
764
+ agent.run
765
+ }.to exit_with(1)
766
+ .and output(%r{Exiting now because the waitforcert setting is set to 0}).to_stdout
767
+ .and output(%r{Failed to submit the CSR, HTTP response was 404}).to_stderr
768
+ end
769
+ end
770
+
771
+ it "exits if the maxwaitforcert time is exceeded" do
772
+ Puppet[:waitforcert] = 1
773
+ Puppet[:maxwaitforcert] = 1
774
+
775
+ server.start_server do |port|
776
+ Puppet[:serverport] = port
777
+ expect {
778
+ agent.run
779
+ }.to exit_with(1)
780
+ .and output(%r{Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate \(127.0.0.1\). Exiting now because the maxwaitforcert timeout has been exceeded.}).to_stdout
781
+ .and output(%r{Failed to submit the CSR, HTTP response was 404}).to_stderr
782
+ end
783
+ end
784
+ end
785
+
786
+ def copy_fixtures(sources, dest)
787
+ ssldir = File.join(PuppetSpec::FIXTURE_DIR, 'ssl')
788
+ File.open(dest, 'w') do |f|
789
+ sources.each do |s|
790
+ f.write(File.read(File.join(ssldir, s)))
791
+ end
792
+ end
793
+ end
794
+
795
+ it "reloads the CRL between runs" do
796
+ Puppet[:localcacert] = ca = tmpfile('ca')
797
+ Puppet[:hostcrl] = crl = tmpfile('crl')
798
+ Puppet[:hostcert] = cert = tmpfile('cert')
799
+ Puppet[:hostprivkey] = key = tmpfile('key')
800
+
801
+ copy_fixtures(%w[ca.pem intermediate.pem], ca)
802
+ copy_fixtures(%w[crl.pem intermediate-crl.pem], crl)
803
+ copy_fixtures(%w[127.0.0.1.pem], cert)
804
+ copy_fixtures(%w[127.0.0.1-key.pem], key)
805
+
806
+ revoked = cert_fixture('revoked.pem')
807
+ revoked_key = key_fixture('revoked-key.pem')
808
+
809
+ mounts = {}
810
+ mounts[:catalog] = -> (req, res) {
811
+ catalog = compile_to_catalog(<<~MANIFEST, node)
812
+ file { '#{cert}':
813
+ ensure => file,
814
+ content => '#{revoked}'
815
+ }
816
+ file { '#{key}':
817
+ ensure => file,
818
+ content => '#{revoked_key}'
819
+ }
820
+ MANIFEST
821
+
822
+ res.body = formatter.render(catalog)
823
+ res['Content-Type'] = formatter.mime
824
+ }
825
+
826
+ server.start_server(mounts: mounts) do |port|
827
+ Puppet[:serverport] = port
828
+ Puppet[:daemonize] = false
829
+ Puppet[:runinterval] = 1
830
+ Puppet[:waitforcert] = 1
831
+ Puppet[:maxwaitforcert] = 1
832
+
833
+ # simulate two runs of the agent, then return so we don't infinite loop
834
+ allow_any_instance_of(Puppet::Daemon).to receive(:run_event_loop) do |instance|
835
+ instance.agent.run(splay: false)
836
+ instance.agent.run(splay: false)
837
+ end
838
+
839
+ agent.command_line.args << '--verbose'
840
+ expect {
841
+ agent.run
842
+ }.to exit_with(1)
843
+ .and output(%r{Exiting now because the maxwaitforcert timeout has been exceeded}).to_stdout
844
+ .and output(%r{Certificate 'CN=revoked' is revoked}).to_stderr
845
+ end
846
+ end
847
+ end
740
848
  end