puppet 6.28.0-universal-darwin → 7.0.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +5 -7
- data/Gemfile.lock +52 -131
- data/README.md +5 -5
- data/conf/fileserver.conf +5 -10
- data/ext/README.environment +8 -0
- data/ext/build_defaults.yaml +1 -1
- data/ext/dbfix.sql +132 -0
- data/ext/debian/README.Debian +8 -0
- data/ext/debian/README.source +2 -0
- data/ext/debian/TODO.Debian +1 -0
- data/ext/debian/changelog.erb +1122 -0
- data/ext/debian/compat +1 -0
- data/ext/debian/control +144 -0
- data/ext/debian/copyright +339 -0
- data/ext/debian/docs +1 -0
- data/ext/debian/fileserver.conf +41 -0
- data/ext/debian/puppet-common.dirs +13 -0
- data/ext/debian/puppet-common.install +3 -0
- data/ext/debian/puppet-common.lintian-overrides +5 -0
- data/ext/debian/puppet-common.manpages +28 -0
- data/ext/debian/puppet-common.postinst +35 -0
- data/ext/debian/puppet-common.postrm +33 -0
- data/ext/debian/puppet-el.dirs +1 -0
- data/ext/debian/puppet-el.emacsen-install +25 -0
- data/ext/debian/puppet-el.emacsen-remove +11 -0
- data/ext/debian/puppet-el.emacsen-startup +9 -0
- data/ext/debian/puppet-el.install +1 -0
- data/ext/debian/puppet-testsuite.install +2 -0
- data/ext/debian/puppet-testsuite.lintian-overrides +4 -0
- data/ext/debian/puppet.lintian-overrides +3 -0
- data/ext/debian/puppet.logrotate +20 -0
- data/ext/debian/puppet.postinst +20 -0
- data/ext/debian/puppet.postrm +20 -0
- data/ext/debian/puppet.preinst +20 -0
- data/ext/debian/puppetmaster-common.install +2 -0
- data/ext/debian/puppetmaster-common.manpages +2 -0
- data/ext/debian/puppetmaster-common.postinst +6 -0
- data/ext/debian/puppetmaster-passenger.dirs +4 -0
- data/ext/debian/puppetmaster-passenger.postinst +162 -0
- data/ext/debian/puppetmaster-passenger.postrm +61 -0
- data/ext/debian/puppetmaster.README.debian +17 -0
- data/ext/debian/puppetmaster.default +14 -0
- data/ext/debian/puppetmaster.init +137 -0
- data/ext/debian/puppetmaster.lintian-overrides +3 -0
- data/ext/debian/puppetmaster.postinst +20 -0
- data/ext/debian/puppetmaster.postrm +5 -0
- data/ext/debian/puppetmaster.preinst +22 -0
- data/ext/debian/rules +132 -0
- data/ext/debian/source/format +1 -0
- data/ext/debian/source/options +1 -0
- data/ext/debian/vim-puppet.README.Debian +13 -0
- data/ext/debian/vim-puppet.dirs +5 -0
- data/ext/debian/vim-puppet.yaml +7 -0
- data/ext/debian/watch +2 -0
- data/ext/freebsd/puppetd +26 -0
- data/ext/freebsd/puppetmasterd +26 -0
- data/ext/gentoo/conf.d/puppet +5 -0
- data/ext/gentoo/conf.d/puppetmaster +12 -0
- data/ext/gentoo/init.d/puppet +38 -0
- data/ext/gentoo/init.d/puppetmaster +51 -0
- data/ext/gentoo/puppet/fileserver.conf +41 -0
- data/ext/ips/puppet-agent +44 -0
- data/ext/ips/puppet-master +44 -0
- data/ext/ips/puppet.p5m.erb +12 -0
- data/ext/ips/puppetagent.xml +42 -0
- data/ext/ips/puppetmaster.xml +42 -0
- data/ext/ips/rules +19 -0
- data/ext/ips/transforms +34 -0
- data/ext/ldap/puppet.schema +24 -0
- data/ext/logcheck/puppet +23 -0
- data/{examples → ext}/nagios/check_puppet.rb +2 -2
- data/ext/osx/file_mapping.yaml +28 -0
- data/ext/osx/postflight.erb +109 -0
- data/ext/osx/preflight.erb +52 -0
- data/ext/osx/prototype.plist.erb +38 -0
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -15
- data/ext/redhat/fileserver.conf +41 -0
- data/ext/redhat/logrotate +21 -0
- data/ext/redhat/puppet.spec.erb +841 -0
- data/ext/redhat/server.init +128 -0
- data/ext/redhat/server.sysconfig +13 -0
- data/{examples/enc → ext}/regexp_nodes/classes/databases +0 -0
- data/{examples/enc → ext}/regexp_nodes/classes/webservers +0 -0
- data/{examples/enc → ext}/regexp_nodes/environment/development +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/prod +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/qa +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{examples/enc → ext}/regexp_nodes/regexp_nodes.rb +0 -0
- data/ext/solaris/pkginfo +6 -0
- data/ext/solaris/smf/puppetd.xml +77 -0
- data/ext/solaris/smf/puppetmasterd.xml +77 -0
- data/ext/solaris/smf/svc-puppetd +71 -0
- data/ext/solaris/smf/svc-puppetmasterd +67 -0
- data/ext/suse/puppet.spec +310 -0
- data/ext/suse/server.init +173 -0
- data/ext/windows/service/daemon.rb +6 -5
- data/ext/yaml_nodes.rb +105 -0
- data/install.rb +21 -17
- data/lib/puppet/agent.rb +11 -47
- data/lib/puppet/application/agent.rb +16 -18
- data/lib/puppet/application/apply.rb +4 -24
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -10
- data/lib/puppet/application/lookup.rb +24 -74
- data/lib/puppet/application/resource.rb +16 -32
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -13
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/concurrent/thread_local_singleton.rb +3 -6
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/configurer.rb +86 -183
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +130 -244
- data/lib/puppet/environments.rb +82 -146
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/generate.rb +0 -2
- data/lib/puppet/face/help/action.erb +0 -1
- data/lib/puppet/face/help/face.erb +0 -1
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/node/clean.rb +0 -11
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/file_serving/configuration/parser.rb +3 -34
- data/lib/puppet/file_serving/configuration.rb +0 -8
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/metadata.rb +0 -3
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/file_impl.rb +8 -10
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +6 -8
- data/lib/puppet/file_system.rb +1 -1
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +0 -8
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/next.rb +1 -18
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +0 -1
- data/lib/puppet/functions/tree_each.rb +10 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +2 -17
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/functions/versioncmp.rb +2 -6
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/generate/type.rb +0 -9
- data/lib/puppet/http/client.rb +167 -137
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -17
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +23 -144
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/indirector/catalog/compiler.rb +6 -25
- data/lib/puppet/indirector/catalog/rest.rb +2 -5
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/resource/ral.rb +1 -6
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/indirector/terminus.rb +0 -4
- data/lib/puppet/interface/documentation.rb +0 -1
- data/lib/puppet/module/plan.rb +1 -0
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -56
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/errors/shared.rb +2 -34
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node/environment.rb +11 -10
- data/lib/puppet/node.rb +2 -31
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +4 -2
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +1 -70
- data/lib/puppet/parser/scope.rb +0 -1
- data/lib/puppet/parser/templatewrapper.rb +1 -2
- data/lib/puppet/pops/evaluator/closure.rb +5 -7
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -4
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/lookup/lookup_adapter.rb +2 -3
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -291
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +1 -47
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +0 -58
- data/lib/puppet/pops/parser/eparser.rb +1685 -1896
- data/lib/puppet/pops/parser/lexer2.rb +91 -92
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/parser/slurp_support.rb +0 -1
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_formatter.rb +3 -4
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +1 -2
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +4 -16
- data/lib/puppet/provider/group/groupadd.rb +10 -18
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +3 -16
- data/lib/puppet/provider/package/pkg.rb +2 -23
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/package/puppetserver_gem.rb +17 -8
- data/lib/puppet/provider/package/windows/exe_package.rb +1 -30
- data/lib/puppet/provider/package/windows/package.rb +1 -2
- data/lib/puppet/provider/package/windows.rb +1 -14
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +0 -3
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/init.rb +9 -10
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +194 -76
- data/lib/puppet/provider/service/systemd.rb +6 -16
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +3 -46
- data/lib/puppet/provider/user/directoryservice.rb +11 -39
- data/lib/puppet/provider/user/useradd.rb +24 -134
- data/lib/puppet/provider.rb +1 -14
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/catalog.rb +2 -15
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -49
- data/lib/puppet/resource.rb +6 -127
- data/lib/puppet/runtime.rb +2 -13
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/settings.rb +82 -98
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +36 -75
- data/lib/puppet/ssl/state_machine.rb +20 -14
- data/lib/puppet/ssl/verifier.rb +2 -6
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/test/test_helper.rb +2 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +1 -21
- data/lib/puppet/transaction/report.rb +3 -19
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/type/exec.rb +6 -36
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/mode.rb +0 -6
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/file.rb +12 -32
- data/lib/puppet/type/filebucket.rb +4 -4
- data/lib/puppet/type/group.rb +1 -0
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +41 -26
- data/lib/puppet/type/tidy.rb +3 -22
- data/lib/puppet/type/user.rb +13 -35
- data/lib/puppet/type.rb +1 -77
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/json.rb +0 -20
- data/lib/puppet/util/log.rb +4 -8
- data/lib/puppet/util/logging.rb +25 -1
- data/lib/puppet/util/monkey_patches.rb +2 -59
- data/lib/puppet/util/package.rb +16 -25
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/suidmanager.rb +2 -1
- data/lib/puppet/util/symbolic_file_mode.rb +17 -29
- data/lib/puppet/util/tagging.rb +0 -1
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +11 -457
- data/lib/puppet/util/windows/sid.rb +2 -6
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/windows/user.rb +2 -0
- data/lib/puppet/util/windows.rb +3 -11
- data/lib/puppet/util/yaml.rb +1 -42
- data/lib/puppet/util.rb +5 -5
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet.rb +34 -27
- data/locales/puppet.pot +9633 -5
- data/man/man5/puppet.conf.5 +286 -401
- data/man/man8/puppet-agent.8 +2 -5
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -51
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +6 -9
- data/man/man8/puppet-module.8 +3 -60
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +50 -406
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -32
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/lookup_spec.rb +50 -81
- data/spec/integration/application/module_spec.rb +0 -21
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/configurer_spec.rb +2 -18
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
- data/spec/integration/http/client_spec.rb +4 -63
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/indirector/facts/facter_spec.rb +39 -93
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -47
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/exec_spec.rb +45 -70
- data/spec/integration/type/file_spec.rb +7 -6
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/process_spec.rb +9 -1
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -7
- data/spec/lib/puppet_spec/https.rb +1 -1
- data/spec/lib/puppet_spec/modules.rb +2 -13
- data/spec/lib/puppet_spec/puppetserver.rb +3 -55
- data/spec/lib/puppet_spec/settings.rb +1 -1
- data/spec/shared_behaviours/documentation_on_faces.rb +2 -0
- data/spec/spec_helper.rb +17 -13
- data/spec/unit/agent_spec.rb +8 -38
- data/spec/unit/application/agent_spec.rb +19 -33
- data/spec/unit/application/apply_spec.rb +56 -76
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/lookup_spec.rb +10 -131
- data/spec/unit/application/resource_spec.rb +0 -29
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +68 -327
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/daemon_spec.rb +11 -2
- data/spec/unit/defaults_spec.rb +68 -55
- data/spec/unit/environments_spec.rb +68 -408
- data/spec/unit/face/generate_spec.rb +0 -64
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -41
- data/spec/unit/file_serving/configuration_spec.rb +10 -26
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +4 -56
- data/spec/unit/forge/module_release_spec.rb +10 -5
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +0 -10
- data/spec/unit/functions/logging_spec.rb +0 -1
- data/spec/unit/functions/lookup_spec.rb +0 -64
- data/spec/unit/functions/unwrap_spec.rb +0 -8
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/functions/versioncmp_spec.rb +4 -40
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +8 -84
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -193
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -101
- data/spec/unit/indirector/catalog/rest_spec.rb +0 -8
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +15 -18
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/resource/ral_spec.rb +75 -40
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector/store_configs_spec.rb +7 -0
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/interface/action_spec.rb +9 -0
- data/spec/unit/module_spec.rb +1 -15
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -105
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -51
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -60
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +5 -16
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_containers_spec.rb +13 -2
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/serialization/to_stringified_spec.rb +0 -5
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -12
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -51
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +33 -1
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +12 -44
- data/spec/unit/provider/package/pkg_spec.rb +4 -29
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +4 -3
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +3 -3
- data/spec/unit/provider/package/windows/exe_package_spec.rb +0 -17
- data/spec/unit/provider/parsedfile_spec.rb +0 -10
- data/spec/unit/provider/service/gentoo_spec.rb +5 -6
- data/spec/unit/provider/service/init_spec.rb +9 -16
- data/spec/unit/provider/service/launchd_spec.rb +0 -11
- data/spec/unit/provider/service/openwrt_spec.rb +29 -23
- data/spec/unit/provider/service/redhat_spec.rb +2 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +9 -54
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -105
- data/spec/unit/provider/user/directoryservice_spec.rb +36 -68
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +5 -114
- data/spec/unit/provider_spec.rb +12 -22
- data/spec/unit/puppet_spec.rb +4 -12
- data/spec/unit/resource/catalog_spec.rb +2 -15
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +12 -125
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +79 -110
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +21 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +3 -80
- data/spec/unit/ssl/state_machine_spec.rb +5 -21
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/persistence_spec.rb +0 -51
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/exec_spec.rb +29 -76
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -87
- data/spec/unit/type/tidy_spec.rb +8 -24
- data/spec/unit/type_spec.rb +24 -4
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -5
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -41
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +13 -92
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +7 -17
- data/tasks/parallel.rake +3 -3
- metadata +138 -233
- data/conf/auth.conf +0 -150
- data/ext/README.md +0 -13
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/facter_impl.rb +0 -96
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/file_serving/mount/scripts.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -92
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +0 -4
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +0 -8
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +0 -25
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +0 -19
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +0 -20
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +0 -8
- data/spec/fixtures/ssl/oid-key.pem +0 -117
- data/spec/fixtures/ssl/oid.pem +0 -69
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -68
- data/spec/integration/application/ssl_spec.rb +0 -20
- data/spec/integration/l10n/compiler_spec.rb +0 -37
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/shared_contexts/l10n.rb +0 -32
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +0 -39
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/facter_impl_spec.rb +0 -31
- data/spec/unit/file_serving/mount/scripts_spec.rb +0 -69
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -407
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/json_spec.rb +0 -126
- data/spec/unit/util/ssl_spec.rb +0 -91
- data/spec/unit/util/windows_spec.rb +0 -23
@@ -10,7 +10,7 @@ require 'puppet/util/pidlock'
|
|
10
10
|
# certs. This way we're sure about which SSLContext is being used during any
|
11
11
|
# phase of the bootstrapping process.
|
12
12
|
#
|
13
|
-
# @private
|
13
|
+
# @api private
|
14
14
|
class Puppet::SSL::StateMachine
|
15
15
|
class SSLState
|
16
16
|
attr_reader :ssl_context
|
@@ -27,15 +27,6 @@ class Puppet::SSL::StateMachine
|
|
27
27
|
detail.set_backtrace(cause.backtrace)
|
28
28
|
Error.new(@machine, message, detail)
|
29
29
|
end
|
30
|
-
|
31
|
-
def log_error(message)
|
32
|
-
# When running daemonized we set stdout to /dev/null, so write to the log instead
|
33
|
-
if Puppet[:daemonize]
|
34
|
-
Puppet.err(message)
|
35
|
-
else
|
36
|
-
$stdout.puts(message)
|
37
|
-
end
|
38
|
-
end
|
39
30
|
end
|
40
31
|
|
41
32
|
# Load existing CA certs or download them. Transition to NeedCRLs.
|
@@ -279,15 +270,15 @@ class Puppet::SSL::StateMachine
|
|
279
270
|
def next_state
|
280
271
|
time = @machine.waitforcert
|
281
272
|
if time < 1
|
282
|
-
|
273
|
+
puts _("Exiting now because the waitforcert setting is set to 0.")
|
283
274
|
exit(1)
|
284
275
|
elsif Time.now.to_i > @machine.wait_deadline
|
285
|
-
|
276
|
+
puts _("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}). Exiting now because the maxwaitforcert timeout has been exceeded.") % {name: Puppet[:certname] }
|
286
277
|
exit(1)
|
287
278
|
else
|
288
279
|
Puppet.info(_("Will try again in %{time} seconds.") % {time: time})
|
289
280
|
|
290
|
-
# close
|
281
|
+
# close persistent connections and session state before sleeping
|
291
282
|
Puppet.runtime[:http].close
|
292
283
|
@machine.session = Puppet.runtime[:http].create_session
|
293
284
|
|
@@ -414,6 +405,7 @@ class Puppet::SSL::StateMachine
|
|
414
405
|
#
|
415
406
|
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
416
407
|
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
408
|
+
# @api private
|
417
409
|
def ensure_ca_certificates
|
418
410
|
final_state = run_machine(NeedLock.new(self), NeedKey)
|
419
411
|
final_state.ssl_context
|
@@ -423,10 +415,24 @@ class Puppet::SSL::StateMachine
|
|
423
415
|
#
|
424
416
|
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
425
417
|
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
418
|
+
# @api private
|
426
419
|
def ensure_client_certificate
|
427
420
|
final_state = run_machine(NeedLock.new(self), Done)
|
428
421
|
ssl_context = final_state.ssl_context
|
429
|
-
|
422
|
+
|
423
|
+
if Puppet::Util::Log.sendlevel?(:debug)
|
424
|
+
chain = ssl_context.client_chain
|
425
|
+
# print from root to client
|
426
|
+
chain.reverse.each_with_index do |cert, i|
|
427
|
+
digest = Puppet::SSL::Digest.new(@digest, cert.to_der)
|
428
|
+
if i == chain.length - 1
|
429
|
+
Puppet.debug(_("Verified client certificate '%{subject}' fingerprint %{digest}") % {subject: cert.subject.to_utf8, digest: digest})
|
430
|
+
else
|
431
|
+
Puppet.debug(_("Verified CA certificate '%{subject}' fingerprint %{digest}") % {subject: cert.subject.to_utf8, digest: digest})
|
432
|
+
end
|
433
|
+
end
|
434
|
+
end
|
435
|
+
|
430
436
|
ssl_context
|
431
437
|
end
|
432
438
|
|
data/lib/puppet/ssl/verifier.rb
CHANGED
@@ -14,6 +14,7 @@ class Puppet::SSL::Verifier
|
|
14
14
|
# @param hostname [String] FQDN of the server we're attempting to connect to
|
15
15
|
# @param ssl_context [Puppet::SSL::SSLContext] ssl_context containing CA certs,
|
16
16
|
# CRLs, etc needed to verify the server's certificate chain
|
17
|
+
# @api private
|
17
18
|
def initialize(hostname, ssl_context)
|
18
19
|
@hostname = hostname
|
19
20
|
@ssl_context = ssl_context
|
@@ -25,6 +26,7 @@ class Puppet::SSL::Verifier
|
|
25
26
|
#
|
26
27
|
# @param verifier [Puppet::SSL::Verifier] the verifier to compare against
|
27
28
|
# @return [Boolean] return true if a cached connection can be used, false otherwise
|
29
|
+
# @api private
|
28
30
|
def reusable?(verifier)
|
29
31
|
verifier.instance_of?(self.class) &&
|
30
32
|
verifier.ssl_context.object_id == @ssl_context.object_id
|
@@ -115,12 +117,6 @@ class Puppet::SSL::Verifier
|
|
115
117
|
return false
|
116
118
|
end
|
117
119
|
|
118
|
-
# ruby-openssl#74ef8c0cc56b840b772240f2ee2b0fc0aafa2743 now sets the
|
119
|
-
# store_context error when the cert is mismatched
|
120
|
-
when OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH
|
121
|
-
@last_error = Puppet::SSL::CertMismatchError.new(peer_cert, @hostname)
|
122
|
-
return false
|
123
|
-
|
124
120
|
when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
|
125
121
|
crl = store_context.current_crl
|
126
122
|
if crl && crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
|
data/lib/puppet/ssl.rb
CHANGED
@@ -2,18 +2,22 @@
|
|
2
2
|
require 'puppet'
|
3
3
|
require 'puppet/ssl/openssl_loader'
|
4
4
|
|
5
|
+
# Responsible for bootstrapping an agent's certificate and private key, generating
|
6
|
+
# SSLContexts for use in making HTTPS connections, and handling CSR attributes and
|
7
|
+
# certificate extensions.
|
8
|
+
#
|
9
|
+
# @see Puppet::SSL::SSLProvider
|
5
10
|
# @api private
|
6
|
-
module Puppet::SSL
|
11
|
+
module Puppet::SSL
|
7
12
|
CA_NAME = "ca".freeze
|
8
|
-
|
13
|
+
|
9
14
|
require 'puppet/ssl/oids'
|
10
|
-
require 'puppet/ssl/validator'
|
11
|
-
require 'puppet/ssl/validator/no_validator'
|
12
|
-
require 'puppet/ssl/validator/default_validator'
|
13
15
|
require 'puppet/ssl/error'
|
14
16
|
require 'puppet/ssl/ssl_context'
|
15
17
|
require 'puppet/ssl/verifier'
|
16
|
-
require 'puppet/ssl/verifier_adapter'
|
17
18
|
require 'puppet/ssl/ssl_provider'
|
18
19
|
require 'puppet/ssl/state_machine'
|
20
|
+
require 'puppet/ssl/certificate'
|
21
|
+
require 'puppet/ssl/certificate_request'
|
22
|
+
require 'puppet/ssl/certificate_request_attributes'
|
19
23
|
end
|
@@ -142,16 +142,11 @@ module Puppet::Test
|
|
142
142
|
},
|
143
143
|
"Context for specs")
|
144
144
|
|
145
|
-
|
146
|
-
Puppet.runtime[:facter]
|
147
|
-
|
145
|
+
Puppet.runtime.clear
|
148
146
|
Puppet::Parser::Functions.reset
|
149
147
|
Puppet::Application.clear!
|
150
148
|
Puppet::Util::Profiler.clear
|
151
149
|
|
152
|
-
Puppet::SSL::Host.reset
|
153
|
-
Puppet::Rest::Routes.clear
|
154
|
-
|
155
150
|
Puppet::Node::Facts.indirection.terminus_class = :memory
|
156
151
|
facts = Puppet::Node::Facts.new(Puppet[:node_name_value])
|
157
152
|
Puppet::Node::Facts.indirection.save(facts)
|
@@ -171,7 +166,6 @@ module Puppet::Test
|
|
171
166
|
|
172
167
|
Puppet::Util::Storage.clear
|
173
168
|
Puppet::Util::ExecutionStub.reset
|
174
|
-
Puppet.runtime.clear
|
175
169
|
|
176
170
|
Puppet.clear_deprecation_warnings
|
177
171
|
|
@@ -226,6 +220,7 @@ module Puppet::Test
|
|
226
220
|
{
|
227
221
|
:logdir => "/dev/null",
|
228
222
|
:confdir => "/dev/null",
|
223
|
+
:publicdir => "/dev/null",
|
229
224
|
:codedir => "/dev/null",
|
230
225
|
:vardir => "/dev/null",
|
231
226
|
:rundir => "/dev/null",
|
@@ -137,7 +137,7 @@ class Puppet::Transaction::AdditionalResourceGenerator
|
|
137
137
|
else
|
138
138
|
@catalog.add_resource_after(parent_resource, res)
|
139
139
|
end
|
140
|
-
@catalog.add_edge(@catalog.container_of(parent_resource), res)
|
140
|
+
@catalog.add_edge(@catalog.container_of(parent_resource), res)
|
141
141
|
if @relationship_graph && priority
|
142
142
|
# If we have a relationship_graph we should add the resource
|
143
143
|
# to it (this is an eval_generate). If we don't, then the
|
@@ -6,26 +6,6 @@ require 'puppet/util/yaml'
|
|
6
6
|
# as calculating corrective_change).
|
7
7
|
# @api private
|
8
8
|
class Puppet::Transaction::Persistence
|
9
|
-
|
10
|
-
def self.allowed_classes
|
11
|
-
@allowed_classes ||= [
|
12
|
-
Symbol,
|
13
|
-
Time,
|
14
|
-
Regexp,
|
15
|
-
# URI is excluded, because it serializes all instance variables including the
|
16
|
-
# URI parser. Better to serialize the URL encoded representation.
|
17
|
-
SemanticPuppet::Version,
|
18
|
-
# SemanticPuppet::VersionRange has many nested classes and is unlikely to be
|
19
|
-
# used directly, so ignore it
|
20
|
-
Puppet::Pops::Time::Timestamp,
|
21
|
-
Puppet::Pops::Time::TimeData,
|
22
|
-
Puppet::Pops::Time::Timespan,
|
23
|
-
Puppet::Pops::Types::PBinaryType::Binary,
|
24
|
-
# Puppet::Pops::Types::PSensitiveType::Sensitive values are excluded from
|
25
|
-
# the persistence store, ignore it.
|
26
|
-
].freeze
|
27
|
-
end
|
28
|
-
|
29
9
|
def initialize
|
30
10
|
@old_data = {}
|
31
11
|
@new_data = {"resources" => {}}
|
@@ -82,7 +62,7 @@ class Puppet::Transaction::Persistence
|
|
82
62
|
result = nil
|
83
63
|
Puppet::Util.benchmark(:debug, _("Loaded transaction store file in %{seconds} seconds")) do
|
84
64
|
begin
|
85
|
-
result = Puppet::Util::Yaml.safe_load_file(filename,
|
65
|
+
result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol, Time])
|
86
66
|
rescue Puppet::Util::Yaml::YamlLoadError => detail
|
87
67
|
Puppet.log_exception(detail, _("Transaction store file %{filename} is corrupt (%{detail}); replacing") % { filename: filename, detail: detail })
|
88
68
|
|
@@ -66,8 +66,6 @@ class Puppet::Transaction::Report
|
|
66
66
|
# Contains the name and port of the server that was successfully contacted
|
67
67
|
# @return [String] a string of the format 'servername:port'
|
68
68
|
attr_accessor :server_used
|
69
|
-
alias :master_used :server_used
|
70
|
-
alias :master_used= :server_used=
|
71
69
|
|
72
70
|
# The host name for which the report is generated
|
73
71
|
# @return [String] the host name
|
@@ -77,10 +75,6 @@ class Puppet::Transaction::Report
|
|
77
75
|
# @return [String] the environment name
|
78
76
|
attr_accessor :environment
|
79
77
|
|
80
|
-
# The name of the environment the agent initially started in
|
81
|
-
# @return [String] the environment name
|
82
|
-
attr_accessor :initial_environment
|
83
|
-
|
84
78
|
# Whether there are changes that we decided not to apply because of noop
|
85
79
|
# @return [Boolean]
|
86
80
|
#
|
@@ -230,7 +224,7 @@ class Puppet::Transaction::Report
|
|
230
224
|
@external_times ||= {}
|
231
225
|
@host = Puppet[:node_name_value]
|
232
226
|
@time = start_time
|
233
|
-
@report_format =
|
227
|
+
@report_format = 12
|
234
228
|
@puppet_version = Puppet.version
|
235
229
|
@configuration_version = configuration_version
|
236
230
|
@transaction_uuid = transaction_uuid
|
@@ -330,7 +324,7 @@ class Puppet::Transaction::Report
|
|
330
324
|
}
|
331
325
|
|
332
326
|
# The following is include only when set
|
333
|
-
hash['
|
327
|
+
hash['server_used'] = @server_used unless @server_used.nil?
|
334
328
|
hash['catalog_uuid'] = @catalog_uuid unless @catalog_uuid.nil?
|
335
329
|
hash['code_id'] = @code_id unless @code_id.nil?
|
336
330
|
hash['job_id'] = @job_id unless @job_id.nil?
|
@@ -381,17 +375,7 @@ class Puppet::Transaction::Report
|
|
381
375
|
# @api public
|
382
376
|
#
|
383
377
|
def raw_summary
|
384
|
-
report = {
|
385
|
-
"version" => {
|
386
|
-
"config" => configuration_version,
|
387
|
-
"puppet" => Puppet.version
|
388
|
-
},
|
389
|
-
"application" => {
|
390
|
-
"run_mode" => Puppet.run_mode.name.to_s,
|
391
|
-
"initial_environment" => initial_environment,
|
392
|
-
"converged_environment" => environment
|
393
|
-
}
|
394
|
-
}
|
378
|
+
report = { "version" => { "config" => configuration_version, "puppet" => Puppet.version } }
|
395
379
|
|
396
380
|
@metrics.each do |name, metric|
|
397
381
|
key = metric.name.to_s
|
data/lib/puppet/transaction.rb
CHANGED
@@ -376,16 +376,10 @@ class Puppet::Transaction
|
|
376
376
|
Puppet.debug { "Prefetching #{provider_class.name} resources for #{type_name}" }
|
377
377
|
begin
|
378
378
|
provider_class.prefetch(resources)
|
379
|
-
rescue LoadError,
|
379
|
+
rescue LoadError, StandardError => detail
|
380
380
|
#TRANSLATORS `prefetch` is a function name and should not be translated
|
381
381
|
message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
|
382
382
|
Puppet.log_exception(detail, message)
|
383
|
-
rescue StandardError => detail
|
384
|
-
message = _("Could not prefetch %{type_name} provider '%{name}': %{detail}") % { type_name: type_name, name: provider_class.name, detail: detail }
|
385
|
-
Puppet.log_exception(detail, message)
|
386
|
-
|
387
|
-
raise unless Puppet.settings[:future_features]
|
388
|
-
|
389
383
|
@prefetch_failed_providers[type_name][provider_class.name] = true
|
390
384
|
end
|
391
385
|
@prefetched_providers[type_name][provider_class.name] = true
|
data/lib/puppet/type/exec.rb
CHANGED
@@ -11,10 +11,7 @@ module Puppet
|
|
11
11
|
|
12
12
|
* The command itself is already idempotent. (For example, `apt-get update`.)
|
13
13
|
* The exec has an `onlyif`, `unless`, or `creates` attribute, which prevents
|
14
|
-
Puppet from running the command unless some condition is met.
|
15
|
-
`onlyif` and `unless` commands of an `exec` are used in the process of
|
16
|
-
determining whether the `exec` is already in sync, therefore they must be run
|
17
|
-
during a noop Puppet run.
|
14
|
+
Puppet from running the command unless some condition is met.
|
18
15
|
* The exec has `refreshonly => true`, which allows Puppet to run the
|
19
16
|
command only when some other resource is changed. (See the notes on refreshing
|
20
17
|
below.)
|
@@ -201,20 +198,10 @@ module Puppet
|
|
201
198
|
any output is logged at the `err` log level.
|
202
199
|
|
203
200
|
Multiple `exec` resources can use the same `command` value; Puppet
|
204
|
-
only uses the resource title to ensure `exec`s are unique.
|
205
|
-
|
206
|
-
On *nix platforms, the command can be specified as an array of
|
207
|
-
strings and Puppet will invoke it using the more secure method of
|
208
|
-
parameterized system calls. For example, rather than executing the
|
209
|
-
malicious injected code, this command will echo it out:
|
210
|
-
|
211
|
-
command => ['/bin/echo', 'hello world; rm -rf /']
|
212
|
-
"
|
201
|
+
only uses the resource title to ensure `exec`s are unique."
|
213
202
|
|
214
203
|
validate do |command|
|
215
|
-
|
216
|
-
raise ArgumentError, _("Command must be a String or Array<String>, got value of class %{klass}") % { klass: command.class }
|
217
|
-
end
|
204
|
+
raise ArgumentError, _("Command must be a String, got value of class %{klass}") % { klass: command.class } unless command.is_a? String
|
218
205
|
end
|
219
206
|
end
|
220
207
|
|
@@ -457,7 +444,7 @@ module Puppet
|
|
457
444
|
|
458
445
|
exec { '/bin/echo root >> /usr/lib/cron/cron.allow':
|
459
446
|
path => '/usr/bin:/usr/sbin:/bin',
|
460
|
-
unless => 'grep
|
447
|
+
unless => 'grep root /usr/lib/cron/cron.allow 2>/dev/null',
|
461
448
|
}
|
462
449
|
|
463
450
|
This would add `root` to the cron.allow file (on Solaris) unless
|
@@ -467,17 +454,10 @@ module Puppet
|
|
467
454
|
`user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
|
468
455
|
must fully qualify the command's name.
|
469
456
|
|
470
|
-
Since this command is used in the process of determining whether the
|
471
|
-
`exec` is already in sync, it must be run during a noop Puppet run.
|
472
|
-
|
473
457
|
This parameter can also take an array of commands. For example:
|
474
458
|
|
475
459
|
unless => ['test -f /tmp/file1', 'test -f /tmp/file2'],
|
476
460
|
|
477
|
-
or an array of arrays. For example:
|
478
|
-
|
479
|
-
unless => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
|
480
|
-
|
481
461
|
This `exec` would only run if every command in the array has a
|
482
462
|
non-zero exit code.
|
483
463
|
EOT
|
@@ -530,17 +510,10 @@ module Puppet
|
|
530
510
|
`user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
|
531
511
|
must fully qualify the command's name.
|
532
512
|
|
533
|
-
Since this command is used in the process of determining whether the
|
534
|
-
`exec` is already in sync, it must be run during a noop Puppet run.
|
535
|
-
|
536
513
|
This parameter can also take an array of commands. For example:
|
537
514
|
|
538
515
|
onlyif => ['test -f /tmp/file1', 'test -f /tmp/file2'],
|
539
516
|
|
540
|
-
or an array of arrays. For example:
|
541
|
-
|
542
|
-
onlyif => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
|
543
|
-
|
544
517
|
This `exec` would only run if every command in the array has an
|
545
518
|
exit code of 0 (success).
|
546
519
|
EOT
|
@@ -589,14 +562,12 @@ module Puppet
|
|
589
562
|
reqs << self[:cwd] if self[:cwd]
|
590
563
|
|
591
564
|
file_regex = Puppet::Util::Platform.windows? ? %r{^([a-zA-Z]:[\\/]\S+)} : %r{^(/\S+)}
|
592
|
-
cmd = self[:command]
|
593
|
-
cmd = cmd[0] if cmd.is_a? Array
|
594
565
|
|
595
|
-
|
566
|
+
self[:command].scan(file_regex) { |str|
|
596
567
|
reqs << str
|
597
568
|
}
|
598
569
|
|
599
|
-
|
570
|
+
self[:command].scan(/^"([^"]+)"/) { |str|
|
600
571
|
reqs << str
|
601
572
|
}
|
602
573
|
|
@@ -612,7 +583,6 @@ module Puppet
|
|
612
583
|
# fully qualified. It might not be a bad idea to add
|
613
584
|
# unqualified files, but, well, that's a bit more annoying
|
614
585
|
# to do.
|
615
|
-
line = line[0] if line.is_a? Array
|
616
586
|
reqs += line.scan(file_regex)
|
617
587
|
end
|
618
588
|
}
|
@@ -7,7 +7,7 @@ Puppet::Type.type(:file).newparam(:checksum) do
|
|
7
7
|
|
8
8
|
desc "The checksum type to use when determining whether to replace a file's contents.
|
9
9
|
|
10
|
-
The default checksum type is
|
10
|
+
The default checksum type is #{Puppet.default_digest_algorithm}."
|
11
11
|
|
12
12
|
newvalues(*Puppet::Util::Checksums.known_checksum_types)
|
13
13
|
|
@@ -79,7 +79,7 @@ module Puppet
|
|
79
79
|
return :absent unless stat
|
80
80
|
ftype = stat.ftype
|
81
81
|
# Don't even try to manage the content on directories or links
|
82
|
-
return nil if [
|
82
|
+
return nil if ["directory","link"].include?(ftype)
|
83
83
|
|
84
84
|
begin
|
85
85
|
resource.parameter(:checksum).sum_file(resource[:path])
|
@@ -90,15 +90,9 @@ module Puppet
|
|
90
90
|
raise Puppet::Error, "The file mode specification is invalid: #{value.inspect}"
|
91
91
|
end
|
92
92
|
|
93
|
-
# normalizes to symbolic form, e.g. u+a, an octal string without leading 0
|
94
93
|
normalize_symbolic_mode(value)
|
95
94
|
end
|
96
95
|
|
97
|
-
unmunge do |value|
|
98
|
-
# return symbolic form or octal string *with* leading 0's
|
99
|
-
display_mode(value) if value
|
100
|
-
end
|
101
|
-
|
102
96
|
def desired_mode_from_current(desired, current)
|
103
97
|
current = current.to_i(8) if current.is_a? String
|
104
98
|
is_a_directory = @resource.stat && @resource.stat.directory?
|
@@ -340,7 +340,7 @@ module Puppet
|
|
340
340
|
|
341
341
|
def handle_response_error(response)
|
342
342
|
message = "Error #{response.code} on SERVER: #{response.body.empty? ? response.reason : response.body}"
|
343
|
-
raise Net::HTTPError.new(message, response
|
343
|
+
raise Net::HTTPError.new(message, Puppet::HTTP::ResponseConverter.to_ruby_response(response))
|
344
344
|
end
|
345
345
|
end
|
346
346
|
|
data/lib/puppet/type/file.rb
CHANGED
@@ -83,33 +83,31 @@ Puppet::Type.newtype(:file) do
|
|
83
83
|
use copy the file in the same directory with that value as the extension
|
84
84
|
of the backup. (A value of `true` is a synonym for `.puppet-bak`.)
|
85
85
|
* If set to any other string, Puppet will try to back up to a filebucket
|
86
|
-
with that title.
|
87
|
-
|
88
|
-
|
86
|
+
with that title. Puppet automatically creates a **local** filebucket
|
87
|
+
named `puppet` if one doesn't already exist. See the `filebucket` resource
|
88
|
+
type for more details.
|
89
89
|
|
90
|
-
Default value: `
|
91
|
-
(Puppet automatically creates a **local** filebucket named `puppet` if one
|
92
|
-
doesn't already exist.)
|
90
|
+
Default value: `false`
|
93
91
|
|
94
92
|
Backing up to a local filebucket isn't particularly useful. If you want
|
95
93
|
to make organized use of backups, you will generally want to use the
|
96
|
-
|
94
|
+
puppet master server's filebucket service. This requires declaring a
|
97
95
|
filebucket resource and a resource default for the `backup` attribute
|
98
96
|
in site.pp:
|
99
97
|
|
100
98
|
# /etc/puppetlabs/puppet/manifests/site.pp
|
101
99
|
filebucket { 'main':
|
102
100
|
path => false, # This is required for remote filebuckets.
|
103
|
-
server => 'puppet.example.com', # Optional; defaults to the configured
|
101
|
+
server => 'puppet.example.com', # Optional; defaults to the configured puppet master.
|
104
102
|
}
|
105
103
|
|
106
104
|
File { backup => main, }
|
107
105
|
|
108
|
-
If you are using multiple
|
106
|
+
If you are using multiple puppet master servers, you will want to
|
109
107
|
centralize the contents of the filebucket. Either configure your load
|
110
|
-
balancer to direct all filebucket traffic to a single
|
108
|
+
balancer to direct all filebucket traffic to a single master, or use
|
111
109
|
something like an out-of-band rsync task to synchronize the content on all
|
112
|
-
|
110
|
+
masters.
|
113
111
|
|
114
112
|
> **Note**: Enabling and using the backup option, and by extension the
|
115
113
|
filebucket resource, requires appropriate planning and management to ensure
|
@@ -125,7 +123,7 @@ Puppet::Type.newtype(:file) do
|
|
125
123
|
- Restrict the directory to a maximum size after which the oldest items are removed.
|
126
124
|
EOT
|
127
125
|
|
128
|
-
defaultto
|
126
|
+
defaultto false
|
129
127
|
|
130
128
|
munge do |value|
|
131
129
|
# I don't really know how this is happening.
|
@@ -220,23 +218,6 @@ Puppet::Type.newtype(:file) do
|
|
220
218
|
end
|
221
219
|
end
|
222
220
|
|
223
|
-
newparam(:max_files) do
|
224
|
-
desc "In case the resource is a directory and the recursion is enabled, puppet will
|
225
|
-
generate a new resource for each file file found, possible leading to
|
226
|
-
an excessive number of resources generated without any control.
|
227
|
-
|
228
|
-
Setting `max_files` will check the number of file resources that
|
229
|
-
will eventually be created and will raise a resource argument error if the
|
230
|
-
limit will be exceeded.
|
231
|
-
|
232
|
-
Use value `0` to log a warning instead of raising an error.
|
233
|
-
|
234
|
-
Use value `-1` to disable errors and warnings due to max files."
|
235
|
-
|
236
|
-
defaultto 0
|
237
|
-
newvalues(/^[0-9]+$/, /^-1$/)
|
238
|
-
end
|
239
|
-
|
240
221
|
newparam(:replace, :boolean => true, :parent => Puppet::Parameter::Boolean) do
|
241
222
|
desc "Whether to replace a file or symlink that already exists on the local system but
|
242
223
|
whose content doesn't match what the `source` or `content` attribute
|
@@ -361,7 +342,7 @@ Puppet::Type.newtype(:file) do
|
|
361
342
|
This command must have a fully qualified path, and should contain a
|
362
343
|
percent (`%`) token where it would expect an input file. It must exit `0`
|
363
344
|
if the syntax is correct, and non-zero otherwise. The command will be
|
364
|
-
run on the target system while applying the catalog, not on the
|
345
|
+
run on the target system while applying the catalog, not on the puppet master.
|
365
346
|
|
366
347
|
Example:
|
367
348
|
|
@@ -593,7 +574,7 @@ Puppet::Type.newtype(:file) do
|
|
593
574
|
options = @original_parameters.merge(:path => full_path).reject { |param, value| value.nil? }
|
594
575
|
|
595
576
|
# These should never be passed to our children.
|
596
|
-
[:parent, :ensure, :recurse, :recurselimit, :
|
577
|
+
[:parent, :ensure, :recurse, :recurselimit, :target, :alias, :source].each do |param|
|
597
578
|
options.delete(param) if options.include?(param)
|
598
579
|
end
|
599
580
|
|
@@ -770,7 +751,6 @@ Puppet::Type.newtype(:file) do
|
|
770
751
|
:links => self[:links],
|
771
752
|
:recurse => (self[:recurse] == :remote ? true : self[:recurse]),
|
772
753
|
:recurselimit => self[:recurselimit],
|
773
|
-
:max_files => self[:max_files],
|
774
754
|
:source_permissions => self[:source_permissions],
|
775
755
|
:ignore => self[:ignore],
|
776
756
|
:checksum_type => (self[:source] || self[:content]) ? self[:checksum] : :none,
|
@@ -4,7 +4,7 @@ module Puppet
|
|
4
4
|
Type.newtype(:filebucket) do
|
5
5
|
@doc = <<-EOT
|
6
6
|
A repository for storing and retrieving file content by MD5 checksum. Can
|
7
|
-
be local to each agent node, or centralized on a
|
7
|
+
be local to each agent node, or centralized on a puppet master server. All
|
8
8
|
puppet servers provide a filebucket service that agent nodes can access
|
9
9
|
via HTTP, but you must declare a filebucket resource before any agents
|
10
10
|
will do so.
|
@@ -25,14 +25,14 @@ module Puppet
|
|
25
25
|
# /etc/puppetlabs/puppet/manifests/site.pp
|
26
26
|
filebucket { 'main':
|
27
27
|
path => false, # This is required for remote filebuckets.
|
28
|
-
server => 'puppet.example.com', # Optional; defaults to the configured
|
28
|
+
server => 'puppet.example.com', # Optional; defaults to the configured puppet master.
|
29
29
|
}
|
30
30
|
|
31
31
|
File { backup => main, }
|
32
32
|
|
33
|
-
Puppet
|
33
|
+
Puppet Servers automatically provide the filebucket service, so
|
34
34
|
this will work in a default configuration. If you have a heavily
|
35
|
-
restricted `auth.conf` file, you may need to allow access to the
|
35
|
+
restricted Puppet Server `auth.conf` file, you may need to allow access to the
|
36
36
|
`file_bucket_file` endpoint.
|
37
37
|
EOT
|
38
38
|
|
data/lib/puppet/type/group.rb
CHANGED
data/lib/puppet/type/package.rb
CHANGED
@@ -106,10 +106,6 @@ module Puppet
|
|
106
106
|
provider.purge
|
107
107
|
end
|
108
108
|
|
109
|
-
newvalue(:held, :event => :package_held, :required_features => :holdable) do
|
110
|
-
provider.deprecated_hold
|
111
|
-
end
|
112
|
-
|
113
109
|
newvalue(:disabled, :required_features => :disableable) do
|
114
110
|
provider.disable
|
115
111
|
end
|
@@ -161,7 +157,7 @@ module Puppet
|
|
161
157
|
@should.each { |should|
|
162
158
|
case should
|
163
159
|
when :present
|
164
|
-
return true unless [:absent, :purged, :
|
160
|
+
return true unless [:absent, :purged, :disabled].include?(is)
|
165
161
|
when :latest
|
166
162
|
# Short-circuit packages that are not present
|
167
163
|
return false if is == :absent || is == :purged
|
@@ -426,10 +422,10 @@ module Puppet
|
|
426
422
|
end
|
427
423
|
|
428
424
|
newparam(:source) do
|
429
|
-
desc "Where to find the package file. This is
|
425
|
+
desc "Where to find the package file. This is only used by providers that don't
|
430
426
|
automatically download packages from a central repository. (For example:
|
431
|
-
the `yum`
|
432
|
-
|
427
|
+
the `yum` and `apt` providers ignore this attribute, but the `rpm` and
|
428
|
+
`dpkg` providers require it.)
|
433
429
|
|
434
430
|
Different providers accept different values for `source`. Most providers
|
435
431
|
accept paths to local files stored on the target system. Some providers
|
@@ -657,8 +653,7 @@ module Puppet
|
|
657
653
|
if provider.reinstallable? &&
|
658
654
|
@parameters[:reinstall_on_refresh].value == :true &&
|
659
655
|
@parameters[:ensure].value != :purged &&
|
660
|
-
@parameters[:ensure].value != :absent
|
661
|
-
@parameters[:ensure].value != :held
|
656
|
+
@parameters[:ensure].value != :absent
|
662
657
|
|
663
658
|
provider.reinstall
|
664
659
|
end
|
@@ -673,7 +668,7 @@ module Puppet
|
|
673
668
|
Default is "none". Mark can be specified with or without `ensure`,
|
674
669
|
if `ensure` is missing will default to "present".
|
675
670
|
|
676
|
-
Mark cannot be specified together with "purged",
|
671
|
+
Mark cannot be specified together with "purged", or "absent"
|
677
672
|
values for `ensure`.
|
678
673
|
EOT
|
679
674
|
newvalues(:hold, :none)
|
@@ -710,11 +705,8 @@ module Puppet
|
|
710
705
|
end
|
711
706
|
|
712
707
|
validate do
|
713
|
-
if :
|
714
|
-
|
715
|
-
end
|
716
|
-
if @parameters[:mark] && [:absent, :purged, :held].include?(@parameters[:ensure].should)
|
717
|
-
raise ArgumentError, _('You cannot use "mark" property while "ensure" is one of ["absent", "purged", "held"]')
|
708
|
+
if @parameters[:mark] && [:absent, :purged].include?(@parameters[:ensure].should)
|
709
|
+
raise ArgumentError, _('You cannot use "mark" property while "ensure" is one of ["absent", "purged"]')
|
718
710
|
end
|
719
711
|
end
|
720
712
|
end
|