puppet 6.4.5-x64-mingw32 → 6.5.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (329) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +10 -10
  3. data/Gemfile +6 -6
  4. data/Gemfile.lock +46 -52
  5. data/ext/build_defaults.yaml +0 -1
  6. data/ext/project_data.yaml +3 -3
  7. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  8. data/ext/solaris/smf/puppet.xml +0 -2
  9. data/ext/windows/eventlog/Rakefile +32 -0
  10. data/ext/windows/eventlog/puppetres.dll +0 -0
  11. data/ext/windows/eventlog/puppetres.mc +18 -0
  12. data/ext/windows/service/daemon.rb +8 -38
  13. data/install.rb +24 -6
  14. data/lib/puppet.rb +3 -1
  15. data/lib/puppet/application.rb +1 -1
  16. data/lib/puppet/application/agent.rb +11 -34
  17. data/lib/puppet/application/apply.rb +6 -6
  18. data/lib/puppet/application/describe.rb +9 -3
  19. data/lib/puppet/application/device.rb +4 -14
  20. data/lib/puppet/application/doc.rb +1 -1
  21. data/lib/puppet/application/lookup.rb +2 -2
  22. data/lib/puppet/application/resource.rb +4 -4
  23. data/lib/puppet/application/script.rb +2 -2
  24. data/lib/puppet/application/ssl.rb +10 -9
  25. data/lib/puppet/configurer.rb +30 -86
  26. data/lib/puppet/configurer/downloader.rb +6 -2
  27. data/lib/puppet/defaults.rb +50 -44
  28. data/lib/puppet/error.rb +14 -9
  29. data/lib/puppet/face/catalog.rb +20 -1
  30. data/lib/puppet/face/config.rb +48 -10
  31. data/lib/puppet/face/facts.rb +1 -1
  32. data/lib/puppet/face/help.rb +1 -1
  33. data/lib/puppet/face/module/list.rb +5 -5
  34. data/lib/puppet/face/module/search.rb +1 -1
  35. data/lib/puppet/face/module/uninstall.rb +1 -1
  36. data/lib/puppet/face/module/upgrade.rb +1 -1
  37. data/lib/puppet/face/parser.rb +48 -9
  38. data/lib/puppet/face/plugin.rb +2 -9
  39. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  40. data/lib/puppet/file_system.rb +12 -2
  41. data/lib/puppet/file_system/file_impl.rb +6 -3
  42. data/lib/puppet/file_system/memory_file.rb +1 -1
  43. data/lib/puppet/file_system/posix.rb +2 -3
  44. data/lib/puppet/forge.rb +3 -3
  45. data/lib/puppet/functions.rb +2 -1
  46. data/lib/puppet/functions/camelcase.rb +2 -2
  47. data/lib/puppet/functions/epp.rb +4 -4
  48. data/lib/puppet/functions/find_file.rb +9 -9
  49. data/lib/puppet/functions/inline_epp.rb +5 -5
  50. data/lib/puppet/functions/regsubst.rb +6 -8
  51. data/lib/puppet/gettext/module_translations.rb +1 -1
  52. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  53. data/lib/puppet/graph/simple_graph.rb +3 -4
  54. data/lib/puppet/indirector/catalog/compiler.rb +5 -11
  55. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  56. data/lib/puppet/indirector/hiera.rb +0 -2
  57. data/lib/puppet/indirector/resource/ral.rb +3 -1
  58. data/lib/puppet/indirector/resource/validator.rb +1 -1
  59. data/lib/puppet/interface.rb +1 -2
  60. data/lib/puppet/loaders.rb +1 -0
  61. data/lib/puppet/metatype/manager.rb +1 -1
  62. data/lib/puppet/module.rb +1 -1
  63. data/lib/puppet/module/task.rb +4 -20
  64. data/lib/puppet/module_tool/applications/installer.rb +1 -1
  65. data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
  66. data/lib/puppet/module_tool/metadata.rb +1 -1
  67. data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
  68. data/lib/puppet/module_tool/tar/mini.rb +2 -12
  69. data/lib/puppet/network/http/api/indirected_routes.rb +11 -12
  70. data/lib/puppet/network/http/connection.rb +12 -10
  71. data/lib/puppet/network/http/factory.rb +11 -1
  72. data/lib/puppet/network/http/pool.rb +0 -2
  73. data/lib/puppet/network/http/site.rb +1 -1
  74. data/lib/puppet/network/resolver.rb +2 -2
  75. data/lib/puppet/node/environment.rb +2 -4
  76. data/lib/puppet/pal/pal_impl.rb +2 -2
  77. data/lib/puppet/parser/ast.rb +1 -1
  78. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  79. data/lib/puppet/parser/functions.rb +1 -1
  80. data/lib/puppet/parser/functions/epp.rb +3 -3
  81. data/lib/puppet/parser/functions/fail.rb +8 -1
  82. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  83. data/lib/puppet/parser/scope.rb +7 -8
  84. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  85. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  86. data/lib/puppet/pops/evaluator/external_syntax_support.rb +2 -3
  87. data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
  88. data/lib/puppet/pops/loader/null_loader.rb +60 -0
  89. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -4
  90. data/lib/puppet/pops/loader/task_instantiator.rb +0 -4
  91. data/lib/puppet/pops/loaders.rb +1 -1
  92. data/lib/puppet/pops/lookup/hiera_config.rb +0 -1
  93. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  94. data/lib/puppet/pops/merge_strategy.rb +18 -22
  95. data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
  96. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  97. data/lib/puppet/pops/parser/locator.rb +1 -1
  98. data/lib/puppet/pops/parser/pn_parser.rb +16 -17
  99. data/lib/puppet/pops/puppet_stack.rb +49 -51
  100. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  101. data/lib/puppet/pops/types/string_converter.rb +10 -10
  102. data/lib/puppet/pops/types/types.rb +6 -5
  103. data/lib/puppet/property.rb +1 -1
  104. data/lib/puppet/property/ensure.rb +1 -1
  105. data/lib/puppet/provider/exec.rb +2 -6
  106. data/lib/puppet/provider/file/posix.rb +0 -5
  107. data/lib/puppet/provider/nameservice.rb +3 -10
  108. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  109. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  110. data/lib/puppet/provider/package.rb +0 -2
  111. data/lib/puppet/provider/package/apt.rb +1 -5
  112. data/lib/puppet/provider/package/dnf.rb +1 -1
  113. data/lib/puppet/provider/package/dpkg.rb +18 -34
  114. data/lib/puppet/provider/package/openbsd.rb +1 -1
  115. data/lib/puppet/provider/package/pip.rb +13 -37
  116. data/lib/puppet/provider/package/portage.rb +4 -4
  117. data/lib/puppet/provider/package/puppet_gem.rb +1 -1
  118. data/lib/puppet/provider/package/rpm.rb +18 -56
  119. data/lib/puppet/provider/package/windows/package.rb +1 -1
  120. data/lib/puppet/provider/package/yum.rb +5 -9
  121. data/lib/puppet/provider/package_targetable.rb +4 -7
  122. data/lib/puppet/provider/parsedfile.rb +1 -1
  123. data/lib/puppet/provider/service/daemontools.rb +9 -9
  124. data/lib/puppet/provider/service/launchd.rb +5 -20
  125. data/lib/puppet/provider/service/openbsd.rb +1 -1
  126. data/lib/puppet/provider/service/rcng.rb +2 -2
  127. data/lib/puppet/provider/service/runit.rb +8 -2
  128. data/lib/puppet/provider/service/systemd.rb +19 -14
  129. data/lib/puppet/provider/service/windows.rb +0 -8
  130. data/lib/puppet/provider/user/directoryservice.rb +1 -1
  131. data/lib/puppet/provider/user/hpux.rb +1 -1
  132. data/lib/puppet/provider/user/pw.rb +3 -12
  133. data/lib/puppet/provider/user/user_role_add.rb +1 -5
  134. data/lib/puppet/provider/user/useradd.rb +20 -45
  135. data/lib/puppet/provider/user/windows_adsi.rb +5 -4
  136. data/lib/puppet/reference/configuration.rb +3 -3
  137. data/lib/puppet/reference/indirection.rb +2 -2
  138. data/lib/puppet/reference/metaparameter.rb +3 -1
  139. data/lib/puppet/reference/providers.rb +3 -1
  140. data/lib/puppet/reference/type.rb +9 -3
  141. data/lib/puppet/reports.rb +1 -1
  142. data/lib/puppet/resource.rb +1 -18
  143. data/lib/puppet/resource/catalog.rb +1 -1
  144. data/lib/puppet/rest/routes.rb +30 -17
  145. data/lib/puppet/settings.rb +3 -43
  146. data/lib/puppet/settings/environment_conf.rb +0 -1
  147. data/lib/puppet/ssl/certificate_request.rb +12 -2
  148. data/lib/puppet/ssl/host.rb +2 -2
  149. data/lib/puppet/ssl/oids.rb +1 -1
  150. data/lib/puppet/ssl/ssl_provider.rb +11 -5
  151. data/lib/puppet/ssl/state_machine.rb +102 -98
  152. data/lib/puppet/test/test_helper.rb +1 -0
  153. data/lib/puppet/transaction.rb +11 -33
  154. data/lib/puppet/transaction/report.rb +1 -1
  155. data/lib/puppet/type.rb +4 -2
  156. data/lib/puppet/type/exec.rb +17 -23
  157. data/lib/puppet/type/file.rb +39 -11
  158. data/lib/puppet/type/file/data_sync.rb +1 -5
  159. data/lib/puppet/type/group.rb +2 -4
  160. data/lib/puppet/type/notify.rb +3 -4
  161. data/lib/puppet/type/package.rb +3 -20
  162. data/lib/puppet/type/schedule.rb +1 -1
  163. data/lib/puppet/type/service.rb +3 -8
  164. data/lib/puppet/type/user.rb +2 -4
  165. data/lib/puppet/util.rb +29 -39
  166. data/lib/puppet/util/command_line/trollop.rb +1 -1
  167. data/lib/puppet/util/execution.rb +3 -4
  168. data/lib/puppet/util/http_proxy.rb +19 -27
  169. data/lib/puppet/util/log.rb +2 -2
  170. data/lib/puppet/util/log/destinations.rb +2 -2
  171. data/lib/puppet/util/logging.rb +20 -32
  172. data/lib/puppet/util/metric.rb +2 -2
  173. data/lib/puppet/util/monkey_patches.rb +33 -0
  174. data/lib/puppet/util/pidlock.rb +2 -3
  175. data/lib/puppet/util/provider_features.rb +4 -2
  176. data/lib/puppet/util/rdoc.rb +1 -1
  177. data/lib/puppet/util/reference.rb +1 -1
  178. data/lib/puppet/util/resource_template.rb +1 -1
  179. data/lib/puppet/util/selinux.rb +2 -8
  180. data/lib/puppet/util/skip_tags.rb +4 -0
  181. data/lib/puppet/util/windows/adsi.rb +18 -48
  182. data/lib/puppet/util/windows/process.rb +8 -8
  183. data/lib/puppet/util/windows/registry.rb +5 -7
  184. data/lib/puppet/util/windows/security.rb +0 -2
  185. data/lib/puppet/util/windows/service.rb +4 -149
  186. data/lib/puppet/util/windows/sid.rb +0 -1
  187. data/lib/puppet/vendor.rb +1 -1
  188. data/lib/puppet/version.rb +1 -1
  189. data/lib/puppet/x509/cert_provider.rb +81 -24
  190. data/locales/puppet.pot +462 -482
  191. data/man/man5/puppet.conf.5 +43 -44
  192. data/man/man8/puppet-agent.8 +1 -1
  193. data/man/man8/puppet-apply.8 +3 -3
  194. data/man/man8/puppet-catalog.8 +31 -3
  195. data/man/man8/puppet-config.8 +1 -1
  196. data/man/man8/puppet-describe.8 +1 -1
  197. data/man/man8/puppet-device.8 +1 -1
  198. data/man/man8/puppet-doc.8 +1 -1
  199. data/man/man8/puppet-epp.8 +1 -1
  200. data/man/man8/puppet-facts.8 +1 -1
  201. data/man/man8/puppet-filebucket.8 +1 -1
  202. data/man/man8/puppet-generate.8 +1 -1
  203. data/man/man8/puppet-help.8 +1 -1
  204. data/man/man8/puppet-key.8 +1 -1
  205. data/man/man8/puppet-lookup.8 +1 -1
  206. data/man/man8/puppet-man.8 +1 -1
  207. data/man/man8/puppet-module.8 +1 -1
  208. data/man/man8/puppet-node.8 +1 -1
  209. data/man/man8/puppet-parser.8 +1 -1
  210. data/man/man8/puppet-plugin.8 +1 -1
  211. data/man/man8/puppet-report.8 +1 -1
  212. data/man/man8/puppet-resource.8 +1 -1
  213. data/man/man8/puppet-script.8 +1 -1
  214. data/man/man8/puppet-ssl.8 +1 -1
  215. data/man/man8/puppet-status.8 +1 -1
  216. data/man/man8/puppet.8 +3 -3
  217. data/spec/fixtures/ssl/127.0.0.1-key.pem +56 -56
  218. data/spec/fixtures/ssl/127.0.0.1.pem +27 -27
  219. data/spec/fixtures/ssl/bad-basic-constraints.pem +32 -32
  220. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +30 -30
  221. data/spec/fixtures/ssl/ca.pem +30 -30
  222. data/spec/fixtures/ssl/crl.pem +15 -15
  223. data/spec/fixtures/ssl/ec-key.pem +18 -0
  224. data/spec/fixtures/ssl/ec.pem +40 -0
  225. data/spec/fixtures/ssl/encrypted-ec-key.pem +21 -0
  226. data/spec/fixtures/ssl/encrypted-key.pem +57 -57
  227. data/spec/fixtures/ssl/intermediate-agent-crl.pem +16 -16
  228. data/spec/fixtures/ssl/intermediate-agent.pem +33 -33
  229. data/spec/fixtures/ssl/intermediate-crl.pem +17 -17
  230. data/spec/fixtures/ssl/intermediate.pem +31 -31
  231. data/spec/fixtures/ssl/pluto-key.pem +56 -56
  232. data/spec/fixtures/ssl/pluto.pem +28 -28
  233. data/spec/fixtures/ssl/request-key.pem +56 -56
  234. data/spec/fixtures/ssl/request.pem +24 -24
  235. data/spec/fixtures/ssl/revoked-key.pem +56 -56
  236. data/spec/fixtures/ssl/revoked.pem +25 -25
  237. data/spec/fixtures/ssl/signed-key.pem +56 -56
  238. data/spec/fixtures/ssl/signed.pem +25 -25
  239. data/spec/fixtures/ssl/tampered-cert.pem +27 -27
  240. data/spec/fixtures/ssl/tampered-csr.pem +24 -24
  241. data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/func_with_syntax_error.rb +9 -0
  242. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +24 -0
  243. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +24 -0
  244. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +24 -0
  245. data/spec/integration/configurer_spec.rb +0 -52
  246. data/spec/integration/provider/service/init_spec.rb +1 -0
  247. data/spec/integration/provider/service/systemd_spec.rb +5 -8
  248. data/spec/integration/type/file_spec.rb +38 -28
  249. data/spec/integration/util/execution_spec.rb +0 -27
  250. data/spec/lib/puppet/certificate_factory.rb +2 -2
  251. data/spec/lib/puppet/test_ca.rb +17 -4
  252. data/spec/lib/puppet_spec/fixtures.rb +4 -0
  253. data/spec/spec_helper.rb +0 -28
  254. data/spec/unit/application/agent_spec.rb +34 -67
  255. data/spec/unit/application/device_spec.rb +1 -27
  256. data/spec/unit/application/ssl_spec.rb +60 -35
  257. data/spec/unit/configurer_spec.rb +399 -395
  258. data/spec/unit/defaults_spec.rb +4 -4
  259. data/spec/unit/face/facts_spec.rb +0 -9
  260. data/spec/unit/face/parser_spec.rb +69 -22
  261. data/spec/unit/face/plugin_spec.rb +0 -8
  262. data/spec/unit/file_system_spec.rb +30 -1
  263. data/spec/unit/forge/forge_spec.rb +3 -1
  264. data/spec/unit/forge/repository_spec.rb +3 -1
  265. data/spec/unit/indirector/catalog/compiler_spec.rb +5 -62
  266. data/spec/unit/indirector/resource/ral_spec.rb +4 -4
  267. data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
  268. data/spec/unit/network/http/api/indirected_routes_spec.rb +10 -25
  269. data/spec/unit/network/http/connection_spec.rb +145 -119
  270. data/spec/unit/network/http/factory_spec.rb +5 -27
  271. data/spec/unit/parser/scope_spec.rb +0 -10
  272. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +3 -8
  273. data/spec/unit/pops/loaders/loaders_spec.rb +4 -0
  274. data/spec/unit/pops/loaders/module_loaders_spec.rb +0 -37
  275. data/spec/unit/pops/types/types_spec.rb +27 -0
  276. data/spec/unit/provider/exec_spec.rb +0 -209
  277. data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
  278. data/spec/unit/provider/package/dnf_spec.rb +0 -7
  279. data/spec/unit/provider/package/dpkg_spec.rb +80 -240
  280. data/spec/unit/provider/package/pip_spec.rb +8 -61
  281. data/spec/unit/provider/package/portage_spec.rb +4 -4
  282. data/spec/unit/provider/package/rpm_spec.rb +16 -150
  283. data/spec/unit/provider/package/yum_spec.rb +0 -7
  284. data/spec/unit/provider/service/daemontools_spec.rb +0 -24
  285. data/spec/unit/provider/service/launchd_spec.rb +0 -28
  286. data/spec/unit/provider/service/runit_spec.rb +0 -24
  287. data/spec/unit/provider/service/systemd_spec.rb +25 -39
  288. data/spec/unit/provider/service/windows_spec.rb +0 -20
  289. data/spec/unit/provider/user/hpux_spec.rb +2 -2
  290. data/spec/unit/provider/user/pw_spec.rb +0 -37
  291. data/spec/unit/provider/user/useradd_spec.rb +0 -88
  292. data/spec/unit/resource_spec.rb +1 -26
  293. data/spec/unit/ssl/host_spec.rb +5 -0
  294. data/spec/unit/ssl/ssl_provider_spec.rb +36 -11
  295. data/spec/unit/ssl/state_machine_spec.rb +233 -158
  296. data/spec/unit/transaction_spec.rb +0 -64
  297. data/spec/unit/type/exec_spec.rb +12 -15
  298. data/spec/unit/type/file/content_spec.rb +3 -9
  299. data/spec/unit/type/file/source_spec.rb +4 -4
  300. data/spec/unit/type/file_spec.rb +15 -11
  301. data/spec/unit/type/package_spec.rb +0 -5
  302. data/spec/unit/type/schedule_spec.rb +1 -3
  303. data/spec/unit/type/service_spec.rb +0 -16
  304. data/spec/unit/util/execution_spec.rb +0 -16
  305. data/spec/unit/util/http_proxy_spec.rb +21 -151
  306. data/spec/unit/util/ldap/manager_spec.rb +0 -15
  307. data/spec/unit/util/log/destinations_spec.rb +3 -7
  308. data/spec/unit/util/log_spec.rb +138 -0
  309. data/spec/unit/util/logging_spec.rb +0 -200
  310. data/spec/unit/util/pidlock_spec.rb +0 -26
  311. data/spec/unit/util/skip_tags_spec.rb +14 -0
  312. data/spec/unit/util/windows/adsi_spec.rb +0 -51
  313. data/spec/unit/util/windows/service_spec.rb +0 -9
  314. data/spec/unit/util_spec.rb +10 -0
  315. data/spec/unit/x509/cert_provider_spec.rb +82 -43
  316. data/tasks/generate_cert_fixtures.rake +13 -1
  317. data/tasks/manpages.rake +0 -1
  318. metadata +28 -22
  319. data/ext/cert_inspector +0 -140
  320. data/ext/envpuppet +0 -139
  321. data/ext/envpuppet.bat +0 -14
  322. data/ext/puppet-test +0 -476
  323. data/ext/pure_ruby_dsl/dsl_test.rb +0 -7
  324. data/ext/upload_facts.rb +0 -119
  325. data/lib/puppet/provider/package/dnfmodule.rb +0 -87
  326. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list-installed.txt +0 -11
  327. data/spec/integration/type/notify_spec.rb +0 -46
  328. data/spec/unit/provider/package/dnfmodule_spec.rb +0 -186
  329. data/spec/unit/provider/package_targetable_spec.rb +0 -60
@@ -59,57 +59,5 @@ describe Puppet::Configurer do
59
59
  expect(summary["time"]).to be_key("notify")
60
60
  expect(summary["time"]["last_run"]).to be_between(t1, t2)
61
61
  end
62
-
63
- describe 'resubmitting facts' do
64
- context 'when resubmit_facts is set to false' do
65
- it 'should not send data' do
66
- expect(@configurer).to receive(:resubmit_facts).never
67
-
68
- @configurer.run(catalog: @catalog)
69
- end
70
- end
71
-
72
- context 'when resubmit_facts is set to true' do
73
- let(:test_facts) { Puppet::Node::Facts.new('configurer.test') }
74
- let(:fact_rest_terminus) { Puppet::Node::Facts.indirection.terminus(:rest) }
75
-
76
- before(:each) do
77
- Puppet[:resubmit_facts] = true
78
-
79
- allow(@configurer).to receive(:find_facts).and_return(test_facts)
80
- allow(fact_rest_terminus).to receive(:save)
81
- end
82
-
83
- it 'sends fact data using the rest terminus' do
84
- expect(fact_rest_terminus).to receive(:save)
85
-
86
- @configurer.run(catalog: @catalog)
87
- end
88
-
89
- it 'logs errors that occur during fact generation' do
90
- allow(@configurer).to receive(:find_facts).and_raise('error generating facts')
91
- expect(Puppet).to receive(:log_exception).with(instance_of(RuntimeError),
92
- /^Failed to submit facts/)
93
-
94
- @configurer.run(catalog: @catalog)
95
- end
96
-
97
- it 'logs errors that occur during fact submission' do
98
- allow(fact_rest_terminus).to receive(:save).and_raise('error sending facts')
99
- expect(Puppet).to receive(:log_exception).with(instance_of(RuntimeError),
100
- /^Failed to submit facts/)
101
-
102
- @configurer.run(catalog: @catalog)
103
- end
104
-
105
- it 'records time spent resubmitting facts' do
106
- report = Puppet::Transaction::Report.new
107
-
108
- @configurer.run(catalog: @catalog, report: report)
109
-
110
- expect(report.metrics['time'].values).to include(["resubmit_facts", anything, Numeric])
111
- end
112
- end
113
- end
114
62
  end
115
63
  end
@@ -8,6 +8,7 @@ describe test_title, unless: Puppet::Util::Platform.jruby? do
8
8
  describe "when running on FreeBSD" do
9
9
  before :each do
10
10
  allow(Facter).to receive(:value).with(:operatingsystem).and_return('FreeBSD')
11
+ allow(Facter).to receive(:value).with(:osfamily).and_return('FreeBSD')
11
12
  end
12
13
 
13
14
  it "should set its default path to include /etc/rc.d and /usr/local/etc/rc.d" do
@@ -7,19 +7,16 @@ describe test_title, unless: Puppet::Util::Platform.jruby? do
7
7
 
8
8
  # TODO: Unfortunately there does not seem a way to stub the executable
9
9
  # checks in the systemd provider because they happen at load time.
10
-
11
- it "should be considered suitable if /proc/1/comm is present and contains 'systemd'",
12
- :if => File.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd') do
10
+ it "should be considered suitable if /bin/systemctl is present", :if => File.executable?('/bin/systemctl') do
13
11
  expect(provider_class).to be_suitable
14
12
  end
15
13
 
16
- it "should not be considered suitable if /proc/1/comm is present it does not contain 'systemd'",
17
- :if => File.exist?('/proc/1/comm') && !Puppet::FileSystem.read('/proc/1/comm').include?('systemd') do
18
- expect(provider_class).not_to be_suitable
14
+ it "should be considered suitable if /usr/bin/systemctl is present", :if => File.executable?('/usr/bin/systemctl') do
15
+ expect(provider_class).to be_suitable
19
16
  end
20
17
 
21
- it "should not be considered suitable if /proc/1/comm is absent",
22
- :if => !File.exist?('/proc/1/comm') do
18
+ it "should not be cosidered suitable if systemctl is absent",
19
+ :unless => (File.executable?('/bin/systemctl') or File.executable?('/usr/bin/systemctl')) do
23
20
  expect(provider_class).not_to be_suitable
24
21
  end
25
22
  end
@@ -21,13 +21,6 @@ describe Puppet::Type.type(:file), :uses_checksums => true do
21
21
  File.join(parent, 'file_testing')
22
22
  end
23
23
 
24
- let(:path_protected) do
25
- # we create a file inside windows protected folders (C:\Windows, C:\Windows\system32, etc)
26
- # the file will also be removed after the tests
27
- parent = 'C:\Windows'
28
- File.join(parent, 'file_testing')
29
- end
30
-
31
24
  let(:dir) do
32
25
  # we create a directory first so backups of :path that are stored in
33
26
  # the same directory will also be removed after the tests
@@ -275,27 +268,6 @@ describe Puppet::Type.type(:file), :uses_checksums => true do
275
268
  expect(get_mode(path) & 07777).to eq(0666)
276
269
  end
277
270
 
278
- context "file is in protected windows directory", :if => Puppet.features.microsoft_windows? do
279
- after { FileUtils.rm(path_protected) }
280
-
281
- it "should set and get the correct mode for files inside protected windows folders" do
282
- catalog.add_resource described_class.new(:path => path_protected, :ensure => :file, :mode => '0640')
283
- catalog.apply
284
-
285
- expect(get_mode(path_protected) & 07777).to eq(0640)
286
- end
287
-
288
- it "should not change resource's status inside protected windows folders if mode is the same" do
289
- FileUtils.touch(path_protected)
290
- set_mode(0644, path_protected)
291
- catalog.add_resource described_class.new(:path => path_protected, :ensure => :file, :mode => '0644')
292
- result = catalog.apply
293
- status = result.report.resource_statuses["File[#{path_protected}]"]
294
- expect(status).not_to be_failed
295
- expect(status).not_to be_changed
296
- end
297
- end
298
-
299
271
  it "should not set executable bits when replacing an executable directory (#10365)" do
300
272
  pending("bug #10365")
301
273
 
@@ -1708,6 +1680,44 @@ describe Puppet::Type.type(:file), :uses_checksums => true do
1708
1680
  end
1709
1681
 
1710
1682
  describe "when using validate_cmd" do
1683
+ test_cmd = '/bin/test'
1684
+ if Facter.value(:osfamily) == 'Debian'
1685
+ test_cmd = '/usr/bin/test'
1686
+ end
1687
+
1688
+ if Facter.value(:operatingsystem) == 'Darwin'
1689
+ stat_cmd = "stat -f '%Lp'"
1690
+ else
1691
+ stat_cmd = "stat --format=%a"
1692
+ end
1693
+
1694
+ it "sets the default mode of the temporary file to '0644'", :unless => Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby? do
1695
+ catalog.add_resource(described_class.new(:path => path, :content => "foo",
1696
+ :validate_replacement => '^',
1697
+ :validate_cmd => %Q{
1698
+ echo "The permissions of the file ($(#{stat_cmd} ^)) should equal 644";
1699
+ #{test_cmd} "644" == "$(#{stat_cmd} ^)"
1700
+ }))
1701
+ report = catalog.apply.report
1702
+ expect(report.resource_statuses["File[#{path}]"].events.first.message).to match(/defined content as '{md5}/)
1703
+ expect(report.resource_statuses["File[#{path}]"]).not_to be_failed
1704
+ expect(Puppet::FileSystem.exist?(path)).to be_truthy
1705
+ end
1706
+
1707
+ it "should change the permissions of the temp file to match the final file permissions", :unless => Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby?do
1708
+ catalog.add_resource(described_class.new(:path => path, :content => "foo",
1709
+ :mode => '0555',
1710
+ :validate_replacement => '^',
1711
+ :validate_cmd => %Q{
1712
+ echo "The permissions of the file ($(#{stat_cmd} ^)) should equal 555";
1713
+ #{test_cmd} "555" == "$(#{stat_cmd} ^)"
1714
+ }))
1715
+ report = catalog.apply.report
1716
+ expect(report.resource_statuses["File[#{path}]"].events.first.message).to match(/defined content as '{md5}/)
1717
+ expect(report.resource_statuses["File[#{path}]"]).not_to be_failed
1718
+ expect(Puppet::FileSystem.exist?(path)).to be_truthy
1719
+ end
1720
+
1711
1721
  it "should fail the file resource if command fails" do
1712
1722
  catalog.add_resource(described_class.new(:path => path, :content => "foo", :validate_cmd => "/usr/bin/env false"))
1713
1723
  expect(Puppet::Util::Execution).to receive(:execute).with("/usr/bin/env false", {:combine => true, :failonfail => true}).and_raise(Puppet::ExecutionFailure, "Failed")
@@ -25,33 +25,6 @@ describe Puppet::Util::Execution, unless: Puppet::Util::Platform.jruby? do
25
25
  end
26
26
  end
27
27
 
28
- describe "#execute" do
29
- if Puppet::Util::Platform.windows?
30
- let(:argv) { ["cmd", "/c", "echo", 123] }
31
- else
32
- let(:argv) { ["echo", 123] }
33
- end
34
-
35
- it 'stringifies sensitive arguments when given an array containing integers' do
36
- result = Puppet::Util::Execution.execute(argv, sensitive: true)
37
- expect(result.to_s.strip).to eq("123")
38
- expect(result.exitstatus).to eq(0)
39
- end
40
-
41
- it 'redacts sensitive arguments when given an array' do
42
- Puppet[:log_level] = :debug
43
- Puppet::Util::Execution.execute(argv, sensitive: true)
44
- expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'"))
45
- end
46
-
47
- it 'redacts sensitive arguments when given a string' do
48
- Puppet[:log_level] = :debug
49
- str = argv.map(&:to_s).join(' ')
50
- Puppet::Util::Execution.execute(str, sensitive: true)
51
- expect(@logs).to include(an_object_having_attributes(level: :debug, message: "Executing: '[redacted]'"))
52
- end
53
- end
54
-
55
28
  describe "#execute (non-Windows)", :if => !Puppet::Util::Platform.windows? do
56
29
  it "should execute basic shell command" do
57
30
  result = Puppet::Util::Execution.execute("ls /tmp", :failonfail => true)
@@ -25,9 +25,9 @@ module Puppet::CertificateFactory
25
25
  # @return [OpenSSL::X509::Certificate]
26
26
  def self.build(cert_type, csr, issuer, serial, ttl = 3600)
27
27
  # Work out if we can even build the requested type of certificate.
28
- build_extensions = "build_#{cert_type}_extensions"
28
+ build_extensions = "build_#{cert_type.to_s}_extensions"
29
29
  respond_to?(build_extensions) or
30
- raise ArgumentError, _("%{cert_type} is an invalid certificate type!") % { cert_type: cert_type }
30
+ raise ArgumentError, _("%{cert_type} is an invalid certificate type!") % { cert_type: cert_type.to_s }
31
31
 
32
32
  raise ArgumentError, _("Certificate TTL must be an integer") unless ttl.nil? || ttl.is_a?(Integer)
33
33
 
@@ -40,7 +40,7 @@ module Puppet
40
40
  end
41
41
 
42
42
  def create_cert(name, issuer_cert, issuer_key, opts = {})
43
- key, cert = build_cert(name, issuer_cert.subject)
43
+ key, cert = build_cert(name, issuer_cert.subject, opts)
44
44
  ef = extension_factory_for(issuer_cert, cert)
45
45
  if opts[:subject_alt_names]
46
46
  ext = ef.create_extension(["subjectAltName", opts[:subject_alt_names], false])
@@ -123,10 +123,23 @@ module Puppet
123
123
 
124
124
  private
125
125
 
126
- def build_cert(name, issuer)
127
- key = OpenSSL::PKey::RSA.new(1024)
126
+ def build_cert(name, issuer, opts = {})
127
+ key = if opts[:key_type] == :ec
128
+ key = OpenSSL::PKey::EC.generate('prime256v1')
129
+ else
130
+ key = OpenSSL::PKey::RSA.new(1024)
131
+ end
128
132
  cert = OpenSSL::X509::Certificate.new
129
- cert.public_key = key.public_key
133
+ cert.public_key = if key.is_a?(OpenSSL::PKey::EC)
134
+ # EC#public_key doesn't following the PKey API,
135
+ # see https://github.com/ruby/openssl/issues/29
136
+ point = key.public_key
137
+ pubkey = OpenSSL::PKey::EC.new(point.group)
138
+ pubkey.public_key = point
139
+ pubkey
140
+ else
141
+ key.public_key
142
+ end
130
143
  cert.subject = OpenSSL::X509::Name.new([["CN", name]])
131
144
  cert.issuer = issuer
132
145
  cert.version = 2
@@ -42,6 +42,10 @@ module PuppetSpec::Fixtures
42
42
  OpenSSL::PKey::RSA.new(pem_content(name))
43
43
  end
44
44
 
45
+ def ec_key_fixture(name)
46
+ OpenSSL::PKey::EC.new(pem_content(name))
47
+ end
48
+
45
49
  def request_fixture(name)
46
50
  OpenSSL::X509::Request.new(pem_content(name))
47
51
  end
@@ -54,19 +54,13 @@ Pathname.glob("#{dir}/shared_examples/**/*.rb") do |behaviour|
54
54
  require behaviour.relative_path_from(Pathname.new(dir))
55
55
  end
56
56
 
57
- require 'webmock/rspec'
58
57
  require 'vcr'
59
58
  VCR.configure do |vcr|
60
59
  vcr.cassette_library_dir = File.expand_path('vcr/cassettes', PuppetSpec::FIXTURE_DIR)
61
60
  vcr.hook_into :webmock
62
61
  vcr.configure_rspec_metadata!
63
- # Uncomment next line to debug vcr
64
- # vcr.debug_logger = $stderr
65
62
  end
66
63
 
67
- # Disable VCR by default
68
- VCR.turn_off!
69
-
70
64
  RSpec.configure do |config|
71
65
  include PuppetSpec::Fixtures
72
66
 
@@ -161,28 +155,6 @@ RSpec.configure do |config|
161
155
  Puppet::Test::TestHelper.before_each_test()
162
156
  end
163
157
 
164
- # Facter 2 uses two versions of the GCE API, so match using regex
165
- PUPPET_FACTER_2_GCE_URL = %r{^http://metadata/computeMetadata/v1(beta1)?}.freeze
166
- PUPPET_FACTER_3_GCE_URL = "http://metadata.google.internal/computeMetadata/v1/?recursive=true&alt=json".freeze
167
-
168
- config.around :each do |example|
169
- # Ignore requests from Facter GCE fact in Travis
170
- stub_request(:get, PUPPET_FACTER_2_GCE_URL)
171
- stub_request(:get, PUPPET_FACTER_3_GCE_URL)
172
-
173
- # Enable VCR if the example is tagged with `:vcr` metadata.
174
- if example.metadata[:vcr]
175
- VCR.turn_on!
176
- begin
177
- example.run
178
- ensure
179
- VCR.turn_off!
180
- end
181
- else
182
- example.run
183
- end
184
- end
185
-
186
158
  config.after :each do
187
159
  Puppet::Test::TestHelper.after_each_test()
188
160
 
@@ -7,8 +7,6 @@ require 'puppet/daemon'
7
7
  describe Puppet::Application::Agent do
8
8
  include PuppetSpec::Files
9
9
 
10
- let(:machine) { double(ensure_client_certificate: nil) }
11
-
12
10
  before :each do
13
11
  @puppetd = Puppet::Application[:agent]
14
12
 
@@ -29,8 +27,9 @@ describe Puppet::Application::Agent do
29
27
  allow(Puppet::Node.indirection).to receive(:cache_class=)
30
28
  allow(Puppet::Node::Facts.indirection).to receive(:terminus_class=)
31
29
 
30
+ expect($stderr).not_to receive(:puts)
31
+
32
32
  allow(Puppet.settings).to receive(:use)
33
- allow(Puppet::SSL::StateMachine).to receive(:new).and_return(machine)
34
33
  end
35
34
 
36
35
  it "should operate in agent run_mode" do
@@ -126,7 +125,7 @@ describe Puppet::Application::Agent do
126
125
  allow(@agent).to receive(:run).and_return(2)
127
126
  Puppet[:onetime] = true
128
127
 
129
- expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 0).and_return(machine)
128
+ expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 0).and_return(double(ensure_client_certificate: nil))
130
129
 
131
130
  expect { execute_agent }.to exit_with 0
132
131
  end
@@ -136,20 +135,13 @@ describe Puppet::Application::Agent do
136
135
  Puppet[:onetime] = true
137
136
  @puppetd.handle_waitforcert(60)
138
137
 
139
- expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 60).and_return(machine)
138
+ expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 60).and_return(double(ensure_client_certificate: nil))
140
139
 
141
140
  expect { execute_agent }.to exit_with 0
142
141
  end
143
142
 
144
143
  it "should use a default value for waitforcert when --onetime and --waitforcert are not specified" do
145
- expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 120).and_return(machine)
146
-
147
- execute_agent
148
- end
149
-
150
- it "should register ssl OIDs" do
151
144
  expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 120).and_return(double(ensure_client_certificate: nil))
152
- expect(Puppet::SSL::Oids).to receive(:register_puppet_oids)
153
145
 
154
146
  execute_agent
155
147
  end
@@ -157,7 +149,7 @@ describe Puppet::Application::Agent do
157
149
  it "should use the waitforcert setting when checking for a signed certificate" do
158
150
  Puppet[:waitforcert] = 10
159
151
 
160
- expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 10).and_return(machine)
152
+ expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 10).and_return(double(ensure_client_certificate: nil))
161
153
 
162
154
  execute_agent
163
155
  end
@@ -394,6 +386,8 @@ describe Puppet::Application::Agent do
394
386
  it "should inform the daemon about our agent if :client is set to 'true'" do
395
387
  @puppetd.options[:client] = true
396
388
 
389
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
390
+
397
391
  execute_agent
398
392
 
399
393
  expect(@daemon.agent).to eq(@agent)
@@ -404,6 +398,8 @@ describe Puppet::Application::Agent do
404
398
  Puppet[:daemonize] = true
405
399
  allow(Signal).to receive(:trap)
406
400
 
401
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
402
+
407
403
  expect(@daemon).to receive(:daemonize)
408
404
 
409
405
  execute_agent
@@ -412,7 +408,22 @@ describe Puppet::Application::Agent do
412
408
  it "should wait for a certificate" do
413
409
  @puppetd.options[:waitforcert] = 123
414
410
 
415
- expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 123).and_return(machine)
411
+ expect(Puppet::SSL::StateMachine).to receive(:new).with(waitforcert: 123).and_return(double(ensure_client_certificate: nil))
412
+
413
+ execute_agent
414
+ end
415
+
416
+ it "should not wait for a certificate in fingerprint mode" do
417
+ @puppetd.options[:fingerprint] = true
418
+ @puppetd.options[:waitforcert] = 123
419
+ @puppetd.options[:digest] = 'MD5'
420
+
421
+ certificate = double('certificate')
422
+ allow(certificate).to receive(:to_der).and_return('ABCDE')
423
+ ssl_context = double('ssl_context', client_cert: certificate)
424
+ allow(Puppet::SSL::StateMachine).to receive(:new).with(onetime: true).and_return(double(ensure_client_certificate: ssl_context))
425
+
426
+ expect(@puppetd).to receive(:puts).with('(MD5) 2E:CD:DE:39:59:05:1D:91:3F:61:B1:45:79:EA:13:6D')
416
427
 
417
428
  execute_agent
418
429
  end
@@ -467,6 +478,7 @@ describe Puppet::Application::Agent do
467
478
 
468
479
  it "should dispatch to onetime if --onetime is used" do
469
480
  Puppet[:onetime] = true
481
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
470
482
 
471
483
  expect(@puppetd).to receive(:onetime)
472
484
 
@@ -475,6 +487,7 @@ describe Puppet::Application::Agent do
475
487
 
476
488
  it "should dispatch to main if --onetime and --fingerprint are not used" do
477
489
  Puppet[:onetime] = false
490
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
478
491
 
479
492
  expect(@puppetd).to receive(:main)
480
493
 
@@ -488,7 +501,7 @@ describe Puppet::Application::Agent do
488
501
  @puppetd.options[:client] = :client
489
502
  @puppetd.options[:detailed_exitcodes] = false
490
503
 
491
-
504
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
492
505
  end
493
506
 
494
507
  it "should setup traps" do
@@ -539,54 +552,26 @@ describe Puppet::Application::Agent do
539
552
 
540
553
  describe "with --fingerprint" do
541
554
  before :each do
555
+ @cert = double('cert')
542
556
  @puppetd.options[:fingerprint] = true
543
557
  @puppetd.options[:digest] = :MD5
544
558
  end
545
559
 
546
560
  it "should fingerprint the certificate if it exists" do
547
- cert = cert_fixture('signed.pem')
548
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(cert)
549
-
550
- expect(@puppetd).to receive(:puts).with('(MD5) A6:00:3E:C1:DF:CF:E8:44:A6:4F:8D:92:E8:B2:D9:47')
551
-
552
- @puppetd.fingerprint
553
- end
554
-
555
- it "should fingerprint the request if it exists" do
556
- request = request_fixture('request.pem')
557
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(nil)
558
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_request).and_return(request)
561
+ allow(@cert).to receive(:to_der).and_return('ABCDE')
562
+ ssl_context = double('ssl_context', client_cert: @cert)
563
+ allow(Puppet::SSL::StateMachine).to receive(:new).with(onetime: true).and_return(double(ensure_client_certificate: ssl_context))
559
564
 
560
- expect(@puppetd).to receive(:puts).with('(MD5) 04:D0:69:23:32:2F:48:77:FE:2F:F2:0C:4E:90:BE:AC')
565
+ expect(@puppetd).to receive(:puts).with('(MD5) 2E:CD:DE:39:59:05:1D:91:3F:61:B1:45:79:EA:13:6D')
561
566
 
562
567
  @puppetd.fingerprint
563
568
  end
564
-
565
- it "should print an error to stderr if neither exist" do
566
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(nil)
567
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_request).and_return(nil)
568
-
569
- expect {
570
- expect {
571
- @puppetd.fingerprint
572
- }.to exit_with(1)
573
- }.to output(/Fingerprint asked but neither the certificate, nor the certificate request have been issued/).to_stderr
574
- end
575
-
576
- it "should log an error if an exception occurs" do
577
- allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_raise(Puppet::Error, "Invalid PEM")
578
-
579
- expect {
580
- @puppetd.fingerprint
581
- }.to exit_with(1)
582
-
583
- expect(@logs).to include(an_object_having_attributes(message: /Failed to generate fingerprint: Invalid PEM/))
584
- end
585
569
  end
586
570
 
587
571
  describe "without --onetime and --fingerprint" do
588
572
  before :each do
589
573
  allow(Puppet).to receive(:notice)
574
+ allow(Puppet::SSL::StateMachine).to receive(:new).and_return(double(ensure_client_certificate: nil))
590
575
  end
591
576
 
592
577
  it "should start our daemon" do
@@ -597,24 +582,6 @@ describe Puppet::Application::Agent do
597
582
  end
598
583
  end
599
584
 
600
- describe "when starting in daemon mode on non-windows", :unless => Puppet.features.microsoft_windows? do
601
- before :each do
602
- allow(Puppet).to receive(:notice)
603
- Puppet[:daemonize] = true
604
- end
605
-
606
- it "should not print config in default mode" do
607
- execute_agent
608
- expect(@logs).to be_empty
609
- end
610
-
611
- it "should print config in debug mode" do
612
- @puppetd.options[:debug] = true
613
- execute_agent
614
- expect(@logs).to include(an_object_having_attributes(level: :debug, message: /agent_catalog_run_lockfile=/))
615
- end
616
- end
617
-
618
585
  def execute_agent
619
586
  @puppetd.setup
620
587
  @puppetd.run_command