puppet 6.29.0-x64-mingw32 → 7.0.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +5 -7
- data/Gemfile.lock +52 -143
- data/README.md +5 -5
- data/conf/fileserver.conf +5 -10
- data/ext/README.environment +8 -0
- data/ext/build_defaults.yaml +1 -1
- data/ext/dbfix.sql +132 -0
- data/ext/debian/README.Debian +8 -0
- data/ext/debian/README.source +2 -0
- data/ext/debian/TODO.Debian +1 -0
- data/ext/debian/changelog.erb +1122 -0
- data/ext/debian/compat +1 -0
- data/ext/debian/control +144 -0
- data/ext/debian/copyright +339 -0
- data/ext/debian/docs +1 -0
- data/ext/debian/fileserver.conf +41 -0
- data/ext/debian/puppet-common.dirs +13 -0
- data/ext/debian/puppet-common.install +3 -0
- data/ext/debian/puppet-common.lintian-overrides +5 -0
- data/ext/debian/puppet-common.manpages +28 -0
- data/ext/debian/puppet-common.postinst +35 -0
- data/ext/debian/puppet-common.postrm +33 -0
- data/ext/debian/puppet-el.dirs +1 -0
- data/ext/debian/puppet-el.emacsen-install +25 -0
- data/ext/debian/puppet-el.emacsen-remove +11 -0
- data/ext/debian/puppet-el.emacsen-startup +9 -0
- data/ext/debian/puppet-el.install +1 -0
- data/ext/debian/puppet-testsuite.install +2 -0
- data/ext/debian/puppet-testsuite.lintian-overrides +4 -0
- data/ext/debian/puppet.lintian-overrides +3 -0
- data/ext/debian/puppet.logrotate +20 -0
- data/ext/debian/puppet.postinst +20 -0
- data/ext/debian/puppet.postrm +20 -0
- data/ext/debian/puppet.preinst +20 -0
- data/ext/debian/puppetmaster-common.install +2 -0
- data/ext/debian/puppetmaster-common.manpages +2 -0
- data/ext/debian/puppetmaster-common.postinst +6 -0
- data/ext/debian/puppetmaster-passenger.dirs +4 -0
- data/ext/debian/puppetmaster-passenger.postinst +162 -0
- data/ext/debian/puppetmaster-passenger.postrm +61 -0
- data/ext/debian/puppetmaster.README.debian +17 -0
- data/ext/debian/puppetmaster.default +14 -0
- data/ext/debian/puppetmaster.init +137 -0
- data/ext/debian/puppetmaster.lintian-overrides +3 -0
- data/ext/debian/puppetmaster.postinst +20 -0
- data/ext/debian/puppetmaster.postrm +5 -0
- data/ext/debian/puppetmaster.preinst +22 -0
- data/ext/debian/rules +132 -0
- data/ext/debian/source/format +1 -0
- data/ext/debian/source/options +1 -0
- data/ext/debian/vim-puppet.README.Debian +13 -0
- data/ext/debian/vim-puppet.dirs +5 -0
- data/ext/debian/vim-puppet.yaml +7 -0
- data/ext/debian/watch +2 -0
- data/ext/freebsd/puppetd +26 -0
- data/ext/freebsd/puppetmasterd +26 -0
- data/ext/gentoo/conf.d/puppet +5 -0
- data/ext/gentoo/conf.d/puppetmaster +12 -0
- data/ext/gentoo/init.d/puppet +38 -0
- data/ext/gentoo/init.d/puppetmaster +51 -0
- data/ext/gentoo/puppet/fileserver.conf +41 -0
- data/ext/ips/puppet-agent +44 -0
- data/ext/ips/puppet-master +44 -0
- data/ext/ips/puppet.p5m.erb +12 -0
- data/ext/ips/puppetagent.xml +42 -0
- data/ext/ips/puppetmaster.xml +42 -0
- data/ext/ips/rules +19 -0
- data/ext/ips/transforms +34 -0
- data/ext/ldap/puppet.schema +24 -0
- data/ext/logcheck/puppet +23 -0
- data/{examples → ext}/nagios/check_puppet.rb +2 -2
- data/ext/osx/file_mapping.yaml +28 -0
- data/ext/osx/postflight.erb +109 -0
- data/ext/osx/preflight.erb +52 -0
- data/ext/osx/prototype.plist.erb +38 -0
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +2 -16
- data/ext/redhat/fileserver.conf +41 -0
- data/ext/redhat/logrotate +21 -0
- data/ext/redhat/puppet.spec.erb +841 -0
- data/ext/redhat/server.init +128 -0
- data/ext/redhat/server.sysconfig +13 -0
- data/ext/solaris/pkginfo +6 -0
- data/ext/solaris/smf/puppetd.xml +77 -0
- data/ext/solaris/smf/puppetmasterd.xml +77 -0
- data/ext/solaris/smf/svc-puppetd +71 -0
- data/ext/solaris/smf/svc-puppetmasterd +67 -0
- data/ext/suse/puppet.spec +310 -0
- data/ext/suse/server.init +173 -0
- data/ext/windows/service/daemon.rb +6 -5
- data/ext/yaml_nodes.rb +105 -0
- data/install.rb +21 -17
- data/lib/puppet/agent.rb +11 -47
- data/lib/puppet/application/agent.rb +16 -18
- data/lib/puppet/application/apply.rb +4 -24
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -10
- data/lib/puppet/application/lookup.rb +24 -74
- data/lib/puppet/application/resource.rb +16 -32
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -13
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/concurrent/thread_local_singleton.rb +3 -6
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/configurer.rb +86 -183
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +130 -244
- data/lib/puppet/environments.rb +82 -146
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/generate.rb +0 -2
- data/lib/puppet/face/help/action.erb +0 -1
- data/lib/puppet/face/help/face.erb +0 -1
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/node/clean.rb +0 -11
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/file_serving/configuration/parser.rb +3 -34
- data/lib/puppet/file_serving/configuration.rb +0 -8
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/metadata.rb +0 -3
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/file_impl.rb +8 -10
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +6 -8
- data/lib/puppet/file_system.rb +1 -1
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +0 -8
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/next.rb +1 -18
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +0 -1
- data/lib/puppet/functions/tree_each.rb +10 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +2 -17
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/functions/versioncmp.rb +2 -6
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/generate/type.rb +0 -9
- data/lib/puppet/http/client.rb +167 -137
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -17
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +23 -144
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/indirector/catalog/compiler.rb +6 -25
- data/lib/puppet/indirector/catalog/rest.rb +2 -5
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/resource/ral.rb +1 -6
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/indirector/terminus.rb +0 -4
- data/lib/puppet/interface/documentation.rb +0 -1
- data/lib/puppet/module/plan.rb +1 -0
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -56
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/errors/shared.rb +2 -34
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node/environment.rb +11 -10
- data/lib/puppet/node.rb +2 -31
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +4 -2
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +1 -70
- data/lib/puppet/parser/scope.rb +0 -1
- data/lib/puppet/parser/templatewrapper.rb +1 -2
- data/lib/puppet/pops/evaluator/closure.rb +5 -7
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -4
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/lookup/lookup_adapter.rb +2 -3
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -291
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +1 -47
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +0 -58
- data/lib/puppet/pops/parser/eparser.rb +1685 -1896
- data/lib/puppet/pops/parser/lexer2.rb +91 -92
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/parser/slurp_support.rb +0 -1
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_formatter.rb +3 -4
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +1 -2
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +4 -16
- data/lib/puppet/provider/group/groupadd.rb +10 -18
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +3 -16
- data/lib/puppet/provider/package/pkg.rb +2 -23
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/package/puppetserver_gem.rb +17 -8
- data/lib/puppet/provider/package/windows/exe_package.rb +1 -30
- data/lib/puppet/provider/package/windows/package.rb +1 -2
- data/lib/puppet/provider/package/windows.rb +1 -14
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +0 -3
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/init.rb +9 -10
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +194 -76
- data/lib/puppet/provider/service/systemd.rb +6 -16
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +3 -46
- data/lib/puppet/provider/user/directoryservice.rb +11 -39
- data/lib/puppet/provider/user/useradd.rb +24 -134
- data/lib/puppet/provider.rb +1 -14
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/catalog.rb +2 -15
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -49
- data/lib/puppet/resource.rb +6 -127
- data/lib/puppet/runtime.rb +2 -13
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/settings.rb +82 -98
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +36 -75
- data/lib/puppet/ssl/state_machine.rb +20 -14
- data/lib/puppet/ssl/verifier.rb +2 -6
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/test/test_helper.rb +2 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +1 -21
- data/lib/puppet/transaction/report.rb +3 -19
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/type/exec.rb +6 -36
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/mode.rb +0 -6
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/file.rb +12 -32
- data/lib/puppet/type/filebucket.rb +4 -4
- data/lib/puppet/type/group.rb +1 -0
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +41 -26
- data/lib/puppet/type/tidy.rb +3 -22
- data/lib/puppet/type/user.rb +13 -35
- data/lib/puppet/type.rb +1 -77
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/json.rb +0 -20
- data/lib/puppet/util/log.rb +4 -8
- data/lib/puppet/util/logging.rb +25 -1
- data/lib/puppet/util/monkey_patches.rb +2 -59
- data/lib/puppet/util/package.rb +16 -25
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/suidmanager.rb +2 -1
- data/lib/puppet/util/symbolic_file_mode.rb +17 -29
- data/lib/puppet/util/tagging.rb +0 -1
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +11 -457
- data/lib/puppet/util/windows/sid.rb +2 -6
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/windows/user.rb +2 -0
- data/lib/puppet/util/windows.rb +3 -11
- data/lib/puppet/util/yaml.rb +1 -42
- data/lib/puppet/util.rb +5 -5
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet.rb +34 -27
- data/locales/puppet.pot +9633 -5
- data/man/man5/puppet.conf.5 +286 -401
- data/man/man8/puppet-agent.8 +2 -5
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -51
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +6 -9
- data/man/man8/puppet-module.8 +3 -60
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +50 -406
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -32
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/lookup_spec.rb +50 -81
- data/spec/integration/application/module_spec.rb +0 -21
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/configurer_spec.rb +2 -18
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
- data/spec/integration/http/client_spec.rb +4 -63
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/indirector/facts/facter_spec.rb +39 -93
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -47
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/exec_spec.rb +45 -70
- data/spec/integration/type/file_spec.rb +7 -6
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/process_spec.rb +9 -1
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -7
- data/spec/lib/puppet_spec/https.rb +1 -1
- data/spec/lib/puppet_spec/modules.rb +2 -13
- data/spec/lib/puppet_spec/puppetserver.rb +3 -55
- data/spec/lib/puppet_spec/settings.rb +1 -1
- data/spec/shared_behaviours/documentation_on_faces.rb +2 -0
- data/spec/spec_helper.rb +17 -13
- data/spec/unit/agent_spec.rb +8 -38
- data/spec/unit/application/agent_spec.rb +19 -33
- data/spec/unit/application/apply_spec.rb +56 -76
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/lookup_spec.rb +10 -131
- data/spec/unit/application/resource_spec.rb +0 -29
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +68 -327
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/daemon_spec.rb +11 -2
- data/spec/unit/defaults_spec.rb +68 -55
- data/spec/unit/environments_spec.rb +68 -408
- data/spec/unit/face/generate_spec.rb +0 -64
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -41
- data/spec/unit/file_serving/configuration_spec.rb +10 -26
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +4 -56
- data/spec/unit/forge/module_release_spec.rb +10 -5
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +0 -10
- data/spec/unit/functions/logging_spec.rb +0 -1
- data/spec/unit/functions/lookup_spec.rb +0 -64
- data/spec/unit/functions/unwrap_spec.rb +0 -8
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/functions/versioncmp_spec.rb +4 -40
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +8 -84
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -193
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -101
- data/spec/unit/indirector/catalog/rest_spec.rb +0 -8
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +15 -18
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/resource/ral_spec.rb +75 -40
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector/store_configs_spec.rb +7 -0
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/interface/action_spec.rb +9 -0
- data/spec/unit/module_spec.rb +1 -15
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -105
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -51
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -60
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +5 -16
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_containers_spec.rb +13 -2
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/serialization/to_stringified_spec.rb +0 -5
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -12
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -51
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +33 -1
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +12 -44
- data/spec/unit/provider/package/pkg_spec.rb +4 -29
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +4 -3
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +3 -3
- data/spec/unit/provider/package/windows/exe_package_spec.rb +0 -17
- data/spec/unit/provider/parsedfile_spec.rb +0 -10
- data/spec/unit/provider/service/gentoo_spec.rb +5 -6
- data/spec/unit/provider/service/init_spec.rb +9 -16
- data/spec/unit/provider/service/launchd_spec.rb +0 -11
- data/spec/unit/provider/service/openwrt_spec.rb +29 -23
- data/spec/unit/provider/service/redhat_spec.rb +2 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +9 -54
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -105
- data/spec/unit/provider/user/directoryservice_spec.rb +36 -68
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +5 -114
- data/spec/unit/provider_spec.rb +12 -22
- data/spec/unit/puppet_spec.rb +4 -12
- data/spec/unit/resource/catalog_spec.rb +2 -15
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +12 -125
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +79 -110
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +21 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +3 -80
- data/spec/unit/ssl/state_machine_spec.rb +5 -21
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/persistence_spec.rb +0 -51
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/exec_spec.rb +29 -76
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -87
- data/spec/unit/type/tidy_spec.rb +8 -24
- data/spec/unit/type_spec.rb +24 -4
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -5
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -41
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +13 -92
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +7 -17
- data/tasks/parallel.rake +3 -3
- metadata +138 -301
- data/conf/auth.conf +0 -150
- data/ext/README.md +0 -13
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/facter_impl.rb +0 -96
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/file_serving/mount/scripts.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -92
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +0 -4
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +0 -8
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +0 -25
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +0 -19
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +0 -20
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +0 -8
- data/spec/fixtures/ssl/oid-key.pem +0 -117
- data/spec/fixtures/ssl/oid.pem +0 -69
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -68
- data/spec/integration/application/ssl_spec.rb +0 -20
- data/spec/integration/l10n/compiler_spec.rb +0 -37
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/shared_contexts/l10n.rb +0 -32
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +0 -39
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/facter_impl_spec.rb +0 -31
- data/spec/unit/file_serving/mount/scripts_spec.rb +0 -69
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -407
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/json_spec.rb +0 -126
- data/spec/unit/util/ssl_spec.rb +0 -91
- data/spec/unit/util/windows_spec.rb +0 -23
- /data/{examples/enc → ext}/regexp_nodes/classes/databases +0 -0
- /data/{examples/enc → ext}/regexp_nodes/classes/webservers +0 -0
- /data/{examples/enc → ext}/regexp_nodes/environment/development +0 -0
- /data/{examples/enc → ext}/regexp_nodes/parameters/service/prod +0 -0
- /data/{examples/enc → ext}/regexp_nodes/parameters/service/qa +0 -0
- /data/{examples/enc → ext}/regexp_nodes/parameters/service/sandbox +0 -0
- /data/{examples/enc → ext}/regexp_nodes/regexp_nodes.rb +0 -0
- /data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
@@ -1,38 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'puppet/module_tool/applications'
|
3
|
-
require 'puppet_spec/modules'
|
4
|
-
|
5
|
-
describe Puppet::ModuleTool::Applications::Searcher do
|
6
|
-
include PuppetSpec::Files
|
7
|
-
|
8
|
-
describe "when searching" do
|
9
|
-
let(:forge) { double('forge', :host => 'http://nowhe.re') }
|
10
|
-
let(:searcher) do
|
11
|
-
described_class.new('search_term', forge)
|
12
|
-
end
|
13
|
-
|
14
|
-
it "should return results from a forge query when successful" do
|
15
|
-
results = 'mock results'
|
16
|
-
expect(forge).to receive(:search).with('search_term').and_return(results)
|
17
|
-
|
18
|
-
search_result = searcher.run
|
19
|
-
expect(search_result).to eq({
|
20
|
-
:result => :success,
|
21
|
-
:answers => results,
|
22
|
-
})
|
23
|
-
end
|
24
|
-
|
25
|
-
it "should return an error when the forge query throws an exception" do
|
26
|
-
expect(forge).to receive(:search).with('search_term').and_raise(Puppet::Forge::Errors::ForgeError.new("something went wrong"))
|
27
|
-
|
28
|
-
search_result = searcher.run
|
29
|
-
expect(search_result).to eq({
|
30
|
-
:result => :failure,
|
31
|
-
:error => {
|
32
|
-
:oneline => 'something went wrong',
|
33
|
-
:multiline => 'something went wrong',
|
34
|
-
},
|
35
|
-
})
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
@@ -1,115 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'puppet/network/auth_config_parser'
|
3
|
-
require 'puppet/network/authconfig'
|
4
|
-
|
5
|
-
describe Puppet::Network::AuthConfigParser do
|
6
|
-
include PuppetSpec::Files
|
7
|
-
|
8
|
-
let(:fake_authconfig) do
|
9
|
-
"path ~ ^/catalog/([^/])\nmethod find\nallow *\n"
|
10
|
-
end
|
11
|
-
|
12
|
-
describe "Basic Parser" do
|
13
|
-
it "should accept a string by default" do
|
14
|
-
expect(described_class.new(fake_authconfig).parse).to be_a_kind_of Puppet::Network::AuthConfig
|
15
|
-
end
|
16
|
-
end
|
17
|
-
|
18
|
-
describe "when parsing rights" do
|
19
|
-
it "skips comments" do
|
20
|
-
expect(described_class.new(' # comment\n').parse_rights).to be_empty
|
21
|
-
end
|
22
|
-
|
23
|
-
it "increments line number even on commented lines" do
|
24
|
-
expect(described_class.new(" # comment\npath /").parse_rights['/'].line).to eq(2)
|
25
|
-
end
|
26
|
-
|
27
|
-
it "skips blank lines" do
|
28
|
-
expect(described_class.new(' ').parse_rights).to be_empty
|
29
|
-
end
|
30
|
-
|
31
|
-
it "increments line number even on blank lines" do
|
32
|
-
expect(described_class.new(" \npath /").parse_rights['/'].line).to eq(2)
|
33
|
-
end
|
34
|
-
|
35
|
-
it "does not throw an error if the same path appears twice" do
|
36
|
-
expect {
|
37
|
-
described_class.new("path /hello\npath /hello").parse_rights
|
38
|
-
}.to_not raise_error
|
39
|
-
end
|
40
|
-
|
41
|
-
it "should create a new right for each found path line" do
|
42
|
-
expect(described_class.new('path /certificates').parse_rights['/certificates']).to be
|
43
|
-
end
|
44
|
-
|
45
|
-
it "should create a new right for each found regex line" do
|
46
|
-
expect(described_class.new('path ~ .rb$').parse_rights['.rb$']).to be
|
47
|
-
end
|
48
|
-
|
49
|
-
it "should strip whitespace around ACE" do
|
50
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:allow).with('127.0.0.1')
|
51
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:allow).with('172.16.10.0')
|
52
|
-
|
53
|
-
described_class.new("path /\n allow 127.0.0.1 , 172.16.10.0 ").parse_rights
|
54
|
-
end
|
55
|
-
|
56
|
-
it "should allow ACE inline comments" do
|
57
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:allow).with('127.0.0.1')
|
58
|
-
|
59
|
-
described_class.new("path /\n allow 127.0.0.1 # will it work?").parse_rights
|
60
|
-
end
|
61
|
-
|
62
|
-
it "should create an allow ACE on each subsequent allow" do
|
63
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:allow).with('127.0.0.1')
|
64
|
-
|
65
|
-
described_class.new("path /\nallow 127.0.0.1").parse_rights
|
66
|
-
end
|
67
|
-
|
68
|
-
it "should create a deny ACE on each subsequent deny" do
|
69
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:deny).with('127.0.0.1')
|
70
|
-
|
71
|
-
described_class.new("path /\ndeny 127.0.0.1").parse_rights
|
72
|
-
end
|
73
|
-
|
74
|
-
it "should inform the current ACL if we get the 'method' directive" do
|
75
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_method).with('search')
|
76
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_method).with('find')
|
77
|
-
|
78
|
-
described_class.new("path /certificates\nmethod search,find").parse_rights
|
79
|
-
end
|
80
|
-
|
81
|
-
it "should inform the current ACL if we get the 'environment' directive" do
|
82
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_environment).with('production')
|
83
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_environment).with('development')
|
84
|
-
|
85
|
-
described_class.new("path /certificates\nenvironment production,development").parse_rights
|
86
|
-
end
|
87
|
-
|
88
|
-
it "should inform the current ACL if we get the 'auth' directive" do
|
89
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_authenticated).with('yes')
|
90
|
-
|
91
|
-
described_class.new("path /certificates\nauth yes").parse_rights
|
92
|
-
end
|
93
|
-
|
94
|
-
it "should also allow the long form 'authenticated' directive" do
|
95
|
-
expect_any_instance_of(Puppet::Network::Rights::Right).to receive(:restrict_authenticated).with('yes')
|
96
|
-
|
97
|
-
described_class.new("path /certificates\nauthenticated yes").parse_rights
|
98
|
-
end
|
99
|
-
end
|
100
|
-
|
101
|
-
describe "when parsing rights from files" do
|
102
|
-
it "can read UTF-8" do
|
103
|
-
rune_path = "/\u16A0\u16C7\u16BB" # ᚠᛇᚻ
|
104
|
-
config = tmpfile('config')
|
105
|
-
|
106
|
-
File.open(config, 'w', :encoding => 'utf-8') do |file|
|
107
|
-
file.puts <<-EOF
|
108
|
-
path #{rune_path}
|
109
|
-
EOF
|
110
|
-
end
|
111
|
-
|
112
|
-
expect(described_class.new_from_file(config).parse_rights[rune_path]).to be
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
@@ -1,407 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'rbconfig'
|
3
|
-
|
4
|
-
require 'puppet/network/authconfig'
|
5
|
-
|
6
|
-
describe Puppet::Network::AuthStore do
|
7
|
-
before :each do
|
8
|
-
@authstore = Puppet::Network::AuthStore.new
|
9
|
-
@authstore.reset_interpolation
|
10
|
-
end
|
11
|
-
|
12
|
-
describe "when checking if the acl has some entries" do
|
13
|
-
it "should be empty if no ACE have been entered" do
|
14
|
-
expect(@authstore).to be_empty
|
15
|
-
end
|
16
|
-
|
17
|
-
it "should not be empty if it is a global allow" do
|
18
|
-
@authstore.allow('*')
|
19
|
-
|
20
|
-
expect(@authstore).not_to be_empty
|
21
|
-
end
|
22
|
-
|
23
|
-
it "should not be empty if at least one allow has been entered" do
|
24
|
-
@authstore.allow_ip('1.1.1.*')
|
25
|
-
|
26
|
-
expect(@authstore).not_to be_empty
|
27
|
-
end
|
28
|
-
|
29
|
-
it "should not be empty if at least one deny has been entered" do
|
30
|
-
@authstore.deny_ip('1.1.1.*')
|
31
|
-
|
32
|
-
expect(@authstore).not_to be_empty
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
describe "when checking global allow" do
|
37
|
-
it "should not be enabled by default" do
|
38
|
-
expect(@authstore).not_to be_globalallow
|
39
|
-
expect(@authstore).not_to be_allowed('foo.bar.com', '192.168.1.1')
|
40
|
-
end
|
41
|
-
|
42
|
-
it "should always allow when enabled" do
|
43
|
-
@authstore.allow('*')
|
44
|
-
|
45
|
-
expect(@authstore).to be_globalallow
|
46
|
-
expect(@authstore).to be_allowed('foo.bar.com', '192.168.1.1')
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
describe "when checking a regex type of allow" do
|
51
|
-
before :each do
|
52
|
-
@authstore.allow('/^(test-)?host[0-9]+\.other-domain\.(com|org|net)$|some-domain\.com/')
|
53
|
-
@ip = '192.168.1.1'
|
54
|
-
end
|
55
|
-
['host5.other-domain.com', 'test-host12.other-domain.net', 'foo.some-domain.com'].each { |name|
|
56
|
-
it "should allow the host #{name}" do
|
57
|
-
expect(@authstore).to be_allowed(name, @ip)
|
58
|
-
end
|
59
|
-
}
|
60
|
-
['host0.some-other-domain.com',''].each { |name|
|
61
|
-
it "should not allow the host #{name}" do
|
62
|
-
expect(@authstore).not_to be_allowed(name, @ip)
|
63
|
-
end
|
64
|
-
}
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
describe Puppet::Network::AuthStore::Declaration do
|
69
|
-
|
70
|
-
['100.101.99.98','100.100.100.100','1.2.3.4','11.22.33.44'].each { |ip|
|
71
|
-
describe "when the pattern is a simple numeric IP such as #{ip}" do
|
72
|
-
before :each do
|
73
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow_ip,ip)
|
74
|
-
end
|
75
|
-
it "should match the specified IP" do
|
76
|
-
expect(@declaration).to be_match('www.testsite.org',ip)
|
77
|
-
end
|
78
|
-
it "should not match other IPs" do
|
79
|
-
expect(@declaration).not_to be_match('www.testsite.org','200.101.99.98')
|
80
|
-
end
|
81
|
-
end
|
82
|
-
|
83
|
-
(1..3).each { |n|
|
84
|
-
describe "when the pattern is an IP mask with #{n} numeric segments and a *" do
|
85
|
-
before :each do
|
86
|
-
@ip_pattern = ip.split('.')[0,n].join('.')+'.*'
|
87
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow_ip,@ip_pattern)
|
88
|
-
end
|
89
|
-
it "should match an IP in the range" do
|
90
|
-
expect(@declaration).to be_match('www.testsite.org',ip)
|
91
|
-
end
|
92
|
-
it "should not match other IPs" do
|
93
|
-
expect(@declaration).not_to be_match('www.testsite.org','200.101.99.98')
|
94
|
-
end
|
95
|
-
it "should not match IPs that differ in the last non-wildcard segment" do
|
96
|
-
other = ip.split('.')
|
97
|
-
other[n-1].succ!
|
98
|
-
expect(@declaration).not_to be_match('www.testsite.org',other.join('.'))
|
99
|
-
end
|
100
|
-
end
|
101
|
-
}
|
102
|
-
}
|
103
|
-
|
104
|
-
[
|
105
|
-
"02001:0000:1234:0000:0000:C1C0:ABCD:0876",
|
106
|
-
"2001:0000:1234:0000:00001:C1C0:ABCD:0876",
|
107
|
-
" 2001:0000:1234:0000:0000:C1C0:ABCD:0876 0",
|
108
|
-
"2001:0000:1234: 0000:0000:C1C0:ABCD:0876",
|
109
|
-
"3ffe:0b00:0000:0001:0000:0000:000a",
|
110
|
-
"FF02:0000:0000:0000:0000:0000:0000:0000:0001",
|
111
|
-
"3ffe:b00::1::a",
|
112
|
-
"1:2:3::4:5::7:8",
|
113
|
-
"12345::6:7:8",
|
114
|
-
"1::5:400.2.3.4",
|
115
|
-
"1::5:260.2.3.4",
|
116
|
-
"1::5:256.2.3.4",
|
117
|
-
"1::5:1.256.3.4",
|
118
|
-
"1::5:1.2.256.4",
|
119
|
-
"1::5:1.2.3.256",
|
120
|
-
"1::5:300.2.3.4",
|
121
|
-
"1::5:1.300.3.4",
|
122
|
-
"1::5:1.2.300.4",
|
123
|
-
"1::5:1.2.3.300",
|
124
|
-
"1::5:900.2.3.4",
|
125
|
-
"1::5:1.900.3.4",
|
126
|
-
"1::5:1.2.900.4",
|
127
|
-
"1::5:1.2.3.900",
|
128
|
-
"1::5:300.300.300.300",
|
129
|
-
"1::5:3000.30.30.30",
|
130
|
-
"1::400.2.3.4",
|
131
|
-
"1::260.2.3.4",
|
132
|
-
"1::256.2.3.4",
|
133
|
-
"1::1.256.3.4",
|
134
|
-
"1::1.2.256.4",
|
135
|
-
"1::1.2.3.256",
|
136
|
-
"1::300.2.3.4",
|
137
|
-
"1::1.300.3.4",
|
138
|
-
"1::1.2.300.4",
|
139
|
-
"1::1.2.3.300",
|
140
|
-
"1::900.2.3.4",
|
141
|
-
"1::1.900.3.4",
|
142
|
-
"1::1.2.900.4",
|
143
|
-
"1::1.2.3.900",
|
144
|
-
"1::300.300.300.300",
|
145
|
-
"1::3000.30.30.30",
|
146
|
-
"::400.2.3.4",
|
147
|
-
"::260.2.3.4",
|
148
|
-
"::256.2.3.4",
|
149
|
-
"::1.256.3.4",
|
150
|
-
"::1.2.256.4",
|
151
|
-
"::1.2.3.256",
|
152
|
-
"::300.2.3.4",
|
153
|
-
"::1.300.3.4",
|
154
|
-
"::1.2.300.4",
|
155
|
-
"::1.2.3.300",
|
156
|
-
"::900.2.3.4",
|
157
|
-
"::1.900.3.4",
|
158
|
-
"::1.2.900.4",
|
159
|
-
"::1.2.3.900",
|
160
|
-
"::300.300.300.300",
|
161
|
-
"::3000.30.30.30",
|
162
|
-
"2001:DB8:0:0:8:800:200C:417A:221", # unicast, full
|
163
|
-
"FF01::101::2" # multicast, compressed
|
164
|
-
].each { |invalid_ip|
|
165
|
-
describe "when the pattern is an invalid IPv6 address such as #{invalid_ip}" do
|
166
|
-
it "should raise an exception" do
|
167
|
-
expect { Puppet::Network::AuthStore::Declaration.new(:allow,invalid_ip) }.to raise_error(Puppet::AuthStoreError, /Invalid pattern/)
|
168
|
-
end
|
169
|
-
end
|
170
|
-
}
|
171
|
-
|
172
|
-
[
|
173
|
-
"1.2.3.4",
|
174
|
-
"2001:0000:1234:0000:0000:C1C0:ABCD:0876",
|
175
|
-
"3ffe:0b00:0000:0000:0001:0000:0000:000a",
|
176
|
-
"FF02:0000:0000:0000:0000:0000:0000:0001",
|
177
|
-
"0000:0000:0000:0000:0000:0000:0000:0001",
|
178
|
-
"0000:0000:0000:0000:0000:0000:0000:0000",
|
179
|
-
"::ffff:192.168.1.26",
|
180
|
-
"2::10",
|
181
|
-
"ff02::1",
|
182
|
-
"fe80::",
|
183
|
-
"2002::",
|
184
|
-
"2001:db8::",
|
185
|
-
"2001:0db8:1234::",
|
186
|
-
"::ffff:0:0",
|
187
|
-
"::1",
|
188
|
-
"::ffff:192.168.1.1",
|
189
|
-
"1:2:3:4:5:6:7:8",
|
190
|
-
"1:2:3:4:5:6::8",
|
191
|
-
"1:2:3:4:5::8",
|
192
|
-
"1:2:3:4::8",
|
193
|
-
"1:2:3::8",
|
194
|
-
"1:2::8",
|
195
|
-
"1::8",
|
196
|
-
"1::2:3:4:5:6:7",
|
197
|
-
"1::2:3:4:5:6",
|
198
|
-
"1::2:3:4:5",
|
199
|
-
"1::2:3:4",
|
200
|
-
"1::2:3",
|
201
|
-
"1::8",
|
202
|
-
"::2:3:4:5:6:7",
|
203
|
-
"::2:3:4:5:6",
|
204
|
-
"::2:3:4:5",
|
205
|
-
"::2:3:4",
|
206
|
-
"::2:3",
|
207
|
-
"::8",
|
208
|
-
"1:2:3:4:5:6::",
|
209
|
-
"1:2:3:4:5::",
|
210
|
-
"1:2:3:4::",
|
211
|
-
"1:2:3::",
|
212
|
-
"1:2::",
|
213
|
-
"1::",
|
214
|
-
"1:2:3:4:5::7:8",
|
215
|
-
"1:2:3:4::7:8",
|
216
|
-
"1:2:3::7:8",
|
217
|
-
"1:2::7:8",
|
218
|
-
"1::7:8",
|
219
|
-
"1:2:3:4:5:6:1.2.3.4",
|
220
|
-
"1:2:3:4:5::1.2.3.4",
|
221
|
-
"1:2:3:4::1.2.3.4",
|
222
|
-
"1:2:3::1.2.3.4",
|
223
|
-
"1:2::1.2.3.4",
|
224
|
-
"1::1.2.3.4",
|
225
|
-
"1:2:3:4::5:1.2.3.4",
|
226
|
-
"1:2:3::5:1.2.3.4",
|
227
|
-
"1:2::5:1.2.3.4",
|
228
|
-
"1::5:1.2.3.4",
|
229
|
-
"1::5:11.22.33.44",
|
230
|
-
"fe80::217:f2ff:254.7.237.98",
|
231
|
-
"fe80::217:f2ff:fe07:ed62",
|
232
|
-
"2001:DB8:0:0:8:800:200C:417A", # unicast, full
|
233
|
-
"FF01:0:0:0:0:0:0:101", # multicast, full
|
234
|
-
"0:0:0:0:0:0:0:1", # loopback, full
|
235
|
-
"0:0:0:0:0:0:0:0", # unspecified, full
|
236
|
-
"2001:DB8::8:800:200C:417A", # unicast, compressed
|
237
|
-
"FF01::101", # multicast, compressed
|
238
|
-
"::1", # loopback, compressed, non-routable
|
239
|
-
"::", # unspecified, compressed, non-routable
|
240
|
-
"0:0:0:0:0:0:13.1.68.3", # IPv4-compatible IPv6 address, full, deprecated
|
241
|
-
"0:0:0:0:0:FFFF:129.144.52.38", # IPv4-mapped IPv6 address, full
|
242
|
-
"::13.1.68.3", # IPv4-compatible IPv6 address, compressed, deprecated
|
243
|
-
"::FFFF:129.144.52.38", # IPv4-mapped IPv6 address, compressed
|
244
|
-
"2001:0DB8:0000:CD30:0000:0000:0000:0000/60", # full, with prefix
|
245
|
-
"2001:0DB8::CD30:0:0:0:0/60", # compressed, with prefix
|
246
|
-
"2001:0DB8:0:CD30::/60", # compressed, with prefix #2
|
247
|
-
"::/128", # compressed, unspecified address type, non-routable
|
248
|
-
"::1/128", # compressed, loopback address type, non-routable
|
249
|
-
"FF00::/8", # compressed, multicast address type
|
250
|
-
"FE80::/10", # compressed, link-local unicast, non-routable
|
251
|
-
"FEC0::/10", # compressed, site-local unicast, deprecated
|
252
|
-
"127.0.0.1", # standard IPv4, loopback, non-routable
|
253
|
-
"0.0.0.0", # standard IPv4, unspecified, non-routable
|
254
|
-
"255.255.255.255", # standard IPv4
|
255
|
-
"fe80:0000:0000:0000:0204:61ff:fe9d:f156",
|
256
|
-
"fe80:0:0:0:204:61ff:fe9d:f156",
|
257
|
-
"fe80::204:61ff:fe9d:f156",
|
258
|
-
"fe80:0000:0000:0000:0204:61ff:254.157.241.086",
|
259
|
-
"fe80:0:0:0:204:61ff:254.157.241.86",
|
260
|
-
"fe80::204:61ff:254.157.241.86",
|
261
|
-
"::1",
|
262
|
-
"fe80::",
|
263
|
-
"fe80::1"
|
264
|
-
].each { |ip|
|
265
|
-
describe "when the pattern is a valid IP such as #{ip}" do
|
266
|
-
before :each do
|
267
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow_ip,ip)
|
268
|
-
end
|
269
|
-
it "should match the specified IP" do
|
270
|
-
expect(@declaration).to be_match('www.testsite.org',ip)
|
271
|
-
end
|
272
|
-
it "should not match other IPs" do
|
273
|
-
expect(@declaration).not_to be_match('www.testsite.org','200.101.99.98')
|
274
|
-
end
|
275
|
-
end unless ip =~ /:.*\./ # Hybrid IPs aren't supported by ruby's ipaddr
|
276
|
-
}
|
277
|
-
|
278
|
-
[
|
279
|
-
"::2:3:4:5:6:7:8",
|
280
|
-
].each { |ip|
|
281
|
-
describe "when the pattern is a valid IP such as #{ip}" do
|
282
|
-
let(:declaration) do
|
283
|
-
Puppet::Network::AuthStore::Declaration.new(:allow_ip,ip)
|
284
|
-
end
|
285
|
-
|
286
|
-
issue_7477 = !(IPAddr.new(ip) rescue false)
|
287
|
-
|
288
|
-
describe "on rubies with a fix for issue [7477](https://goo.gl/Bb1LU)", :if => issue_7477
|
289
|
-
it "should match the specified IP" do
|
290
|
-
expect(declaration).to be_match('www.testsite.org',ip)
|
291
|
-
end
|
292
|
-
it "should not match other IPs" do
|
293
|
-
expect(declaration).not_to be_match('www.testsite.org','200.101.99.98')
|
294
|
-
end
|
295
|
-
end
|
296
|
-
}
|
297
|
-
|
298
|
-
{
|
299
|
-
'spirit.mars.nasa.gov' => 'a PQDN',
|
300
|
-
'ratchet.2ndsiteinc.com' => 'a PQDN with digits',
|
301
|
-
'a.c.ru' => 'a PQDN with short segments',
|
302
|
-
}.each {|pqdn,desc|
|
303
|
-
describe "when the pattern is #{desc}" do
|
304
|
-
before :each do
|
305
|
-
@host = pqdn
|
306
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
|
307
|
-
end
|
308
|
-
it "should match the specified PQDN" do
|
309
|
-
expect(@declaration).to be_match(@host,'200.101.99.98')
|
310
|
-
end
|
311
|
-
it "should not match a similar FQDN" do
|
312
|
-
pending "FQDN consensus"
|
313
|
-
expect(@declaration).not_to be_match(@host+'.','200.101.99.98')
|
314
|
-
end
|
315
|
-
end
|
316
|
-
}
|
317
|
-
|
318
|
-
['abc.12seps.edu.phisher.biz','www.google.com','slashdot.org'].each { |host|
|
319
|
-
(1...(host.split('.').length)).each { |n|
|
320
|
-
describe "when the pattern is #{"*."+host.split('.')[-n,n].join('.')}" do
|
321
|
-
before :each do
|
322
|
-
@pattern = "*."+host.split('.')[-n,n].join('.')
|
323
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@pattern)
|
324
|
-
end
|
325
|
-
it "should match #{host}" do
|
326
|
-
expect(@declaration).to be_match(host,'1.2.3.4')
|
327
|
-
end
|
328
|
-
it "should not match www.testsite.gov" do
|
329
|
-
expect(@declaration).not_to be_match('www.testsite.gov','200.101.99.98')
|
330
|
-
end
|
331
|
-
it "should not match hosts that differ in the first non-wildcard segment" do
|
332
|
-
other = host.split('.')
|
333
|
-
other[-n].succ!
|
334
|
-
expect(@declaration).not_to be_match(other.join('.'),'1.2.3.4')
|
335
|
-
end
|
336
|
-
end
|
337
|
-
}
|
338
|
-
}
|
339
|
-
|
340
|
-
describe "when the pattern is a FQDN" do
|
341
|
-
before :each do
|
342
|
-
@host = 'spirit.mars.nasa.gov.'
|
343
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
|
344
|
-
end
|
345
|
-
it "should match the specified FQDN" do
|
346
|
-
pending "FQDN consensus"
|
347
|
-
expect(@declaration).to be_match(@host,'200.101.99.98')
|
348
|
-
end
|
349
|
-
it "should not match a similar PQDN" do
|
350
|
-
expect(@declaration).not_to be_match(@host[0..-2],'200.101.99.98')
|
351
|
-
end
|
352
|
-
end
|
353
|
-
|
354
|
-
|
355
|
-
describe "when the pattern is an opaque string with a back reference" do
|
356
|
-
before :each do
|
357
|
-
@host = 'c216f41a-f902-4bfb-a222-850dd957bebb'
|
358
|
-
@item = "/catalog/#{@host}"
|
359
|
-
@pattern = %{^/catalog/([^/]+)$}
|
360
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
|
361
|
-
end
|
362
|
-
it "should match an IP with the appropriate interpolation" do
|
363
|
-
expect(@declaration.interpolate(@item.match(@pattern))).to be_match(@host,'10.0.0.5')
|
364
|
-
end
|
365
|
-
end
|
366
|
-
|
367
|
-
describe "when the pattern is an opaque string with a back reference and the matched data contains dots" do
|
368
|
-
before :each do
|
369
|
-
@host = 'admin.mgmt.nym1'
|
370
|
-
@item = "/catalog/#{@host}"
|
371
|
-
@pattern = %{^/catalog/([^/]+)$}
|
372
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
|
373
|
-
end
|
374
|
-
it "should match a name with the appropriate interpolation" do
|
375
|
-
expect(@declaration.interpolate(@item.match(@pattern))).to be_match(@host,'10.0.0.5')
|
376
|
-
end
|
377
|
-
end
|
378
|
-
|
379
|
-
describe "when the pattern is an opaque string with a back reference and the matched data contains dots with an initial prefix that looks like an IP address" do
|
380
|
-
before :each do
|
381
|
-
@host = '01.admin.mgmt.nym1'
|
382
|
-
@item = "/catalog/#{@host}"
|
383
|
-
@pattern = %{^/catalog/([^/]+)$}
|
384
|
-
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
|
385
|
-
end
|
386
|
-
it "should match a name with the appropriate interpolation" do
|
387
|
-
expect(@declaration.interpolate(@item.match(@pattern))).to be_match(@host,'10.0.0.5')
|
388
|
-
end
|
389
|
-
end
|
390
|
-
|
391
|
-
describe "when comparing patterns" do
|
392
|
-
before :each do
|
393
|
-
@ip = Puppet::Network::AuthStore::Declaration.new(:allow,'127.0.0.1')
|
394
|
-
@host_name = Puppet::Network::AuthStore::Declaration.new(:allow,'www.hard_knocks.edu')
|
395
|
-
@opaque = Puppet::Network::AuthStore::Declaration.new(:allow,'hey_dude')
|
396
|
-
end
|
397
|
-
it "should consider ip addresses before host names" do
|
398
|
-
expect(@ip < @host_name).to be_truthy
|
399
|
-
end
|
400
|
-
it "should consider ip addresses before opaque strings" do
|
401
|
-
expect(@ip < @opaque).to be_truthy
|
402
|
-
end
|
403
|
-
it "should consider host_names before opaque strings" do
|
404
|
-
expect(@host_name < @opaque).to be_truthy
|
405
|
-
end
|
406
|
-
end
|
407
|
-
end
|
@@ -1,57 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
require 'puppet/network/http'
|
4
|
-
|
5
|
-
describe Puppet::Network::HTTP::API::Master::V3::Authorization do
|
6
|
-
let(:response) { Puppet::Network::HTTP::MemoryResponse.new }
|
7
|
-
let(:authz) { Puppet::Network::HTTP::API::Master::V3::Authorization.new }
|
8
|
-
let(:noop_handler) {
|
9
|
-
lambda do |request, response|
|
10
|
-
end
|
11
|
-
}
|
12
|
-
|
13
|
-
it "accepts v3 api requests that match allowed authconfig entries" do
|
14
|
-
request = Puppet::Network::HTTP::Request.from_hash({
|
15
|
-
:path => "/v3/environments",
|
16
|
-
:method => "GET",
|
17
|
-
:params => { :authenticated => true, :node => "testing", :ip => "127.0.0.1" }
|
18
|
-
})
|
19
|
-
|
20
|
-
allow(authz).to receive(:authconfig).and_return(Puppet::Network::AuthConfigParser.new(<<-AUTH).parse)
|
21
|
-
path /v3/environments
|
22
|
-
method find
|
23
|
-
allow *
|
24
|
-
AUTH
|
25
|
-
|
26
|
-
handler = authz.wrap do
|
27
|
-
noop_handler
|
28
|
-
end
|
29
|
-
|
30
|
-
expect do
|
31
|
-
handler.call(request, response)
|
32
|
-
end.to_not raise_error
|
33
|
-
end
|
34
|
-
|
35
|
-
it "rejects v3 api requests that are disallowed by authconfig entries" do
|
36
|
-
request = Puppet::Network::HTTP::Request.from_hash({
|
37
|
-
:path => "/v3/environments",
|
38
|
-
:method => "GET",
|
39
|
-
:params => { :authenticated => true, :node => "testing", :ip => "127.0.0.1" }
|
40
|
-
})
|
41
|
-
|
42
|
-
allow(authz).to receive(:authconfig).and_return(Puppet::Network::AuthConfigParser.new(<<-AUTH).parse)
|
43
|
-
path /v3/environments
|
44
|
-
method find
|
45
|
-
auth any
|
46
|
-
deny testing
|
47
|
-
AUTH
|
48
|
-
|
49
|
-
handler = authz.wrap do
|
50
|
-
noop_handler
|
51
|
-
end
|
52
|
-
|
53
|
-
expect do
|
54
|
-
handler.call(request, response)
|
55
|
-
end.to raise_error(Puppet::Network::HTTP::Error::HTTPNotAuthorizedError, /Forbidden request/)
|
56
|
-
end
|
57
|
-
end
|