puppet 7.1.0-universal-darwin → 7.6.1-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +38 -30
- data/ext/build_defaults.yaml +0 -1
- data/lib/puppet/application.rb +10 -6
- data/lib/puppet/application/agent.rb +1 -0
- data/lib/puppet/application/apply.rb +3 -2
- data/lib/puppet/application/device.rb +1 -0
- data/lib/puppet/application/script.rb +1 -0
- data/lib/puppet/application/ssl.rb +11 -0
- data/lib/puppet/configurer.rb +16 -3
- data/lib/puppet/defaults.rb +14 -19
- data/lib/puppet/environments.rb +16 -1
- data/lib/puppet/face/facts.rb +26 -2
- data/lib/puppet/ffi/windows/api_types.rb +1 -1
- data/lib/puppet/ffi/windows/constants.rb +1 -1
- data/lib/puppet/file_serving/configuration/parser.rb +5 -2
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +2 -0
- data/lib/puppet/functions.rb +1 -1
- data/lib/puppet/functions/partition.rb +8 -0
- data/lib/puppet/http/factory.rb +4 -0
- data/lib/puppet/indirector/facts/facter.rb +1 -0
- data/lib/puppet/loaders.rb +0 -4
- data/lib/puppet/module.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +48 -2
- data/lib/puppet/module_tool/errors/shared.rb +17 -2
- data/lib/puppet/network/formats.rb +67 -0
- data/lib/puppet/network/http.rb +5 -2
- data/lib/puppet/network/http/api.rb +10 -6
- data/lib/puppet/network/http/api/master.rb +3 -2
- data/lib/puppet/network/http/api/master/v3.rb +2 -25
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
- data/lib/puppet/network/http/api/server.rb +10 -0
- data/lib/puppet/network/http/api/server/v3.rb +39 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
- data/lib/puppet/node/environment.rb +12 -5
- data/lib/puppet/parser/ast/leaf.rb +3 -2
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
- data/lib/puppet/pops/loader/base_loader.rb +42 -32
- data/lib/puppet/pops/loader/dependency_loader.rb +2 -2
- data/lib/puppet/pops/loader/loader.rb +15 -5
- data/lib/puppet/pops/loader/module_loaders.rb +8 -8
- data/lib/puppet/pops/loader/predefined_loader.rb +4 -0
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +1 -1
- data/lib/puppet/pops/loader/static_loader.rb +4 -0
- data/lib/puppet/pops/loaders.rb +4 -4
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/parser/lexer2.rb +0 -4
- data/lib/puppet/pops/types/p_type_set_type.rb +1 -1
- data/lib/puppet/pops/validation/checker4_0.rb +0 -1
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +13 -8
- data/lib/puppet/provider/package/apt.rb +34 -2
- data/lib/puppet/provider/package/aptitude.rb +6 -0
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +12 -1
- data/lib/puppet/provider/service/debian.rb +2 -0
- data/lib/puppet/provider/service/systemd.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +62 -8
- data/lib/puppet/reference/configuration.rb +6 -5
- data/lib/puppet/settings.rb +36 -30
- data/lib/puppet/settings/alias_setting.rb +37 -0
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/type/package.rb +3 -3
- data/lib/puppet/util/autoload.rb +1 -8
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/posix.rb +1 -1
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +166 -146
- data/man/man5/puppet.conf.5 +14 -6
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -2
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/integration/application/agent_spec.rb +160 -3
- data/spec/integration/application/apply_spec.rb +19 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/defaults_spec.rb +0 -7
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
- data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
- data/spec/integration/parser/collection_spec.rb +10 -0
- data/spec/integration/resource/type_collection_spec.rb +2 -6
- data/spec/integration/transaction_spec.rb +4 -9
- data/spec/integration/util/windows/adsi_spec.rb +21 -1
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -10
- data/spec/spec_helper.rb +12 -5
- data/spec/unit/agent_spec.rb +8 -6
- data/spec/unit/application/agent_spec.rb +0 -1
- data/spec/unit/application/facts_spec.rb +58 -7
- data/spec/unit/application/filebucket_spec.rb +0 -2
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/application_spec.rb +17 -9
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +8 -2
- data/spec/unit/environments_spec.rb +164 -88
- data/spec/unit/face/node_spec.rb +0 -11
- data/spec/unit/file_serving/configuration/parser_spec.rb +8 -1
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/forge/module_release_spec.rb +2 -7
- data/spec/unit/http/factory_spec.rb +19 -0
- data/spec/unit/indirector/face_spec.rb +0 -1
- data/spec/unit/indirector/facts/facter_spec.rb +20 -5
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
- data/spec/unit/indirector/indirection_spec.rb +8 -12
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_spec.rb +1 -1
- data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
- data/spec/unit/network/formats_spec.rb +41 -0
- data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -4
- data/spec/unit/network/http/api/master_spec.rb +38 -0
- data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
- data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
- data/spec/unit/network/http/api_spec.rb +11 -11
- data/spec/unit/parser/compiler_spec.rb +3 -19
- data/spec/unit/parser/resource_spec.rb +14 -8
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
- data/spec/unit/pops/loaders/dependency_loader_spec.rb +1 -1
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/types/type_parser_spec.rb +2 -1
- data/spec/unit/pops/validator/validator_spec.rb +20 -43
- data/spec/unit/property_spec.rb +1 -0
- data/spec/unit/provider/group/groupadd_spec.rb +5 -2
- data/spec/unit/provider/nameservice_spec.rb +66 -65
- data/spec/unit/provider/package/apt_spec.rb +28 -23
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +6 -5
- data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
- data/spec/unit/provider/package/pacman_spec.rb +18 -12
- data/spec/unit/provider/package/pip_spec.rb +6 -11
- data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +28 -0
- data/spec/unit/provider/service/systemd_spec.rb +11 -0
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/useradd_spec.rb +70 -3
- data/spec/unit/provider_spec.rb +6 -8
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +11 -10
- data/spec/unit/settings_spec.rb +13 -6
- data/spec/unit/ssl/base_spec.rb +0 -1
- data/spec/unit/ssl/certificate_request_spec.rb +4 -10
- data/spec/unit/ssl/ssl_provider_spec.rb +5 -2
- data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
- data/spec/unit/transaction/event_manager_spec.rb +14 -11
- data/spec/unit/transaction_spec.rb +13 -4
- data/spec/unit/type/file/content_spec.rb +0 -1
- data/spec/unit/type/file/selinux_spec.rb +0 -2
- data/spec/unit/type/file_spec.rb +0 -6
- data/spec/unit/type/group_spec.rb +13 -6
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +1 -1
- data/spec/unit/type/tidy_spec.rb +0 -1
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +5 -1
- data/spec/unit/util/backups_spec.rb +1 -2
- data/spec/unit/util/execution_spec.rb +15 -11
- data/spec/unit/util/inifile_spec.rb +6 -14
- data/spec/unit/util/log_spec.rb +8 -7
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/posix_spec.rb +16 -10
- data/spec/unit/util/selinux_spec.rb +76 -52
- data/spec/unit/util/suidmanager_spec.rb +44 -41
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- data/spec/unit/util_spec.rb +13 -6
- metadata +18 -16
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -0,0 +1,9 @@
|
|
1
|
+
UNIT FILE STATE VENDOR PRESET
|
2
|
+
arp-ethers.service disabled disabled
|
3
|
+
auditd.service enabled enabled
|
4
|
+
dbus.service enabled disabled
|
5
|
+
udev.service enabled-runtime disabled
|
6
|
+
umountfs.service linked-runtime disabled
|
7
|
+
umountnfs.service masked disabled
|
8
|
+
umountroot.service masked-runtime disabled
|
9
|
+
urandom.service indirect enabled
|
@@ -97,10 +97,10 @@ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
|
|
97
97
|
end
|
98
98
|
|
99
99
|
context 'rich data' do
|
100
|
-
it "
|
100
|
+
it "calls a deferred 4x function" do
|
101
101
|
catalog_handler = -> (req, res) {
|
102
102
|
catalog = compile_to_catalog(<<-MANIFEST, node)
|
103
|
-
notify { '
|
103
|
+
notify { 'deferred4x':
|
104
104
|
message => Deferred('join', [[1,2,3], ':'])
|
105
105
|
}
|
106
106
|
MANIFEST
|
@@ -115,7 +115,66 @@ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
|
|
115
115
|
agent.command_line.args << '--test'
|
116
116
|
agent.run
|
117
117
|
}.to exit_with(2)
|
118
|
-
.and output(%r{Notice: /Stage\[main\]/Main/Notify\[
|
118
|
+
.and output(%r{Notice: /Stage\[main\]/Main/Notify\[deferred4x\]/message: defined 'message' as '1:2:3'}).to_stdout
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
it "calls a deferred 3x function" do
|
123
|
+
catalog_handler = -> (req, res) {
|
124
|
+
catalog = compile_to_catalog(<<-MANIFEST, node)
|
125
|
+
notify { 'deferred3x':
|
126
|
+
message => Deferred('sprintf', ['%s', 'I am deferred'])
|
127
|
+
}
|
128
|
+
MANIFEST
|
129
|
+
|
130
|
+
res.body = formatter.render(catalog)
|
131
|
+
res['Content-Type'] = formatter.mime
|
132
|
+
}
|
133
|
+
|
134
|
+
server.start_server(mounts: {catalog: catalog_handler}) do |port|
|
135
|
+
Puppet[:serverport] = port
|
136
|
+
expect {
|
137
|
+
agent.command_line.args << '--test'
|
138
|
+
agent.run
|
139
|
+
}.to exit_with(2)
|
140
|
+
.and output(%r{Notice: /Stage\[main\]/Main/Notify\[deferred3x\]/message: defined 'message' as 'I am deferred'}).to_stdout
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
it "re-evaluates a deferred function in a cached catalog" do
|
145
|
+
Puppet[:report] = false
|
146
|
+
Puppet[:use_cached_catalog] = true
|
147
|
+
Puppet[:usecacheonfailure] = false
|
148
|
+
|
149
|
+
catalog_dir = File.join(Puppet[:client_datadir], 'catalog')
|
150
|
+
Puppet::FileSystem.mkpath(catalog_dir)
|
151
|
+
cached_catalog_path = "#{File.join(catalog_dir, Puppet[:certname])}.json"
|
152
|
+
|
153
|
+
# our catalog contains a deferred function that calls `binary_file`
|
154
|
+
# to read `source`. The function returns a Binary object, whose
|
155
|
+
# base64 value is printed to stdout
|
156
|
+
source = tmpfile('deferred_source')
|
157
|
+
catalog = File.read(my_fixture('cached_deferred_catalog.json'))
|
158
|
+
catalog.gsub!('__SOURCE_PATH__', source)
|
159
|
+
File.write(cached_catalog_path, catalog)
|
160
|
+
|
161
|
+
# verify we get a different result each time the deferred function
|
162
|
+
# is evaluated, and reads `source`.
|
163
|
+
{
|
164
|
+
'1234' => 'MTIzNA==',
|
165
|
+
'5678' => 'NTY3OA=='
|
166
|
+
}.each_pair do |content, base64|
|
167
|
+
File.write(source, content)
|
168
|
+
|
169
|
+
expect {
|
170
|
+
agent.command_line.args << '-t'
|
171
|
+
agent.run
|
172
|
+
|
173
|
+
}.to exit_with(2)
|
174
|
+
.and output(/Notice: #{base64}/).to_stdout
|
175
|
+
|
176
|
+
# reset state so we can run again
|
177
|
+
Puppet::Application.clear!
|
119
178
|
end
|
120
179
|
end
|
121
180
|
|
@@ -489,4 +548,102 @@ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
|
|
489
548
|
th.kill # kill thread so we don't wait too much
|
490
549
|
end
|
491
550
|
end
|
551
|
+
|
552
|
+
context 'cached catalogs' do
|
553
|
+
it 'falls back to a cached catalog' do
|
554
|
+
catalog_handler = -> (req, res) {
|
555
|
+
catalog = compile_to_catalog(<<-MANIFEST, node)
|
556
|
+
notify { 'a message': }
|
557
|
+
MANIFEST
|
558
|
+
|
559
|
+
res.body = formatter.render(catalog)
|
560
|
+
res['Content-Type'] = formatter.mime
|
561
|
+
}
|
562
|
+
|
563
|
+
server.start_server(mounts: {catalog: catalog_handler}) do |port|
|
564
|
+
Puppet[:serverport] = port
|
565
|
+
expect {
|
566
|
+
agent.command_line.args << '--test'
|
567
|
+
agent.run
|
568
|
+
}.to exit_with(2)
|
569
|
+
.and output(%r{Caching catalog for #{Puppet[:certname]}}).to_stdout
|
570
|
+
end
|
571
|
+
|
572
|
+
# reset state so we can run again
|
573
|
+
Puppet::Application.clear!
|
574
|
+
|
575
|
+
# --test above turns off `usecacheonfailure` so re-enable here
|
576
|
+
Puppet[:usecacheonfailure] = true
|
577
|
+
|
578
|
+
# run agent without server
|
579
|
+
expect {
|
580
|
+
agent.command_line.args << '--no-daemonize' << '--onetime' << '--server' << '127.0.0.1'
|
581
|
+
agent.run
|
582
|
+
}.to exit_with(2)
|
583
|
+
.and output(a_string_matching(
|
584
|
+
/Using cached catalog from environment 'production'/
|
585
|
+
).and matching(
|
586
|
+
/Notify\[a message\]\/message:/
|
587
|
+
)).to_stdout
|
588
|
+
.and output(/the agent run will continue/).to_stderr
|
589
|
+
end
|
590
|
+
|
591
|
+
it 'preserves the old cached catalog if validation fails with the old one' do
|
592
|
+
catalog_handler = -> (req, res) {
|
593
|
+
catalog = compile_to_catalog(<<-MANIFEST, node)
|
594
|
+
exec { 'unqualified_command': }
|
595
|
+
MANIFEST
|
596
|
+
|
597
|
+
res.body = formatter.render(catalog)
|
598
|
+
res['Content-Type'] = formatter.mime
|
599
|
+
}
|
600
|
+
|
601
|
+
server.start_server(mounts: {catalog: catalog_handler}) do |port|
|
602
|
+
Puppet[:serverport] = port
|
603
|
+
expect {
|
604
|
+
agent.command_line.args << '--test'
|
605
|
+
agent.run
|
606
|
+
}.to exit_with(1)
|
607
|
+
.and output(/Using configured environment/).to_stdout
|
608
|
+
.and output(%r{Validation of Exec\[unqualified_command\] failed: 'unqualified_command' is not qualified and no path was specified}).to_stderr
|
609
|
+
end
|
610
|
+
|
611
|
+
# cached catalog should not be updated
|
612
|
+
cached_catalog = "#{File.join(Puppet[:client_datadir], 'catalog', Puppet[:certname])}.json"
|
613
|
+
expect(File).to_not be_exist(cached_catalog)
|
614
|
+
end
|
615
|
+
end
|
616
|
+
|
617
|
+
context "reporting" do
|
618
|
+
it "stores a finalized report" do
|
619
|
+
catalog_handler = -> (req, res) {
|
620
|
+
catalog = compile_to_catalog(<<-MANIFEST, node)
|
621
|
+
notify { 'foo':
|
622
|
+
require => Notify['bar']
|
623
|
+
}
|
624
|
+
|
625
|
+
notify { 'bar':
|
626
|
+
require => Notify['foo']
|
627
|
+
}
|
628
|
+
MANIFEST
|
629
|
+
|
630
|
+
res.body = formatter.render(catalog)
|
631
|
+
res['Content-Type'] = formatter.mime
|
632
|
+
}
|
633
|
+
|
634
|
+
server.start_server(mounts: {catalog: catalog_handler}) do |port|
|
635
|
+
Puppet[:serverport] = port
|
636
|
+
expect {
|
637
|
+
agent.command_line.args << '--test'
|
638
|
+
agent.run
|
639
|
+
}.to exit_with(1)
|
640
|
+
.and output(%r{Applying configuration}).to_stdout
|
641
|
+
.and output(%r{Found 1 dependency cycle}).to_stderr
|
642
|
+
|
643
|
+
report = Puppet::Transaction::Report.convert_from(:yaml, File.read(Puppet[:lastrunreport]))
|
644
|
+
expect(report.status).to eq("failed")
|
645
|
+
expect(report.metrics).to_not be_empty
|
646
|
+
end
|
647
|
+
end
|
648
|
+
end
|
492
649
|
end
|
@@ -663,4 +663,23 @@ class amod::bad_type {
|
|
663
663
|
end
|
664
664
|
end
|
665
665
|
end
|
666
|
+
|
667
|
+
context 'rich data' do
|
668
|
+
it "calls a deferred 4x function" do
|
669
|
+
apply.command_line.args = ['-e', 'notify { "deferred3x": message => Deferred("join", [[1,2,3], ":"]) }']
|
670
|
+
|
671
|
+
expect {
|
672
|
+
apply.run
|
673
|
+
}.to exit_with(0) # for some reason apply returns 0 instead of 2
|
674
|
+
.and output(%r{Notice: /Stage\[main\]/Main/Notify\[deferred3x\]/message: defined 'message' as '1:2:3'}).to_stdout
|
675
|
+
end
|
676
|
+
|
677
|
+
it "calls a deferred 3x function" do
|
678
|
+
apply.command_line.args = ['-e', 'notify { "deferred4x": message => Deferred("sprintf", ["%s", "I am deferred"]) }']
|
679
|
+
expect {
|
680
|
+
apply.run
|
681
|
+
}.to exit_with(0) # for some reason apply returns 0 instead of 2
|
682
|
+
.and output(%r{Notice: /Stage\[main\]/Main/Notify\[deferred4x\]/message: defined 'message' as 'I am deferred'}).to_stdout
|
683
|
+
end
|
684
|
+
end
|
666
685
|
end
|
@@ -36,13 +36,6 @@ describe "Puppet defaults" do
|
|
36
36
|
end
|
37
37
|
end
|
38
38
|
|
39
|
-
describe "when setting the :serverport" do
|
40
|
-
it "should also set the :masterport to the same value" do
|
41
|
-
Puppet.settings[:serverport] = 9000
|
42
|
-
expect(Puppet.settings[:masterport]).to eq(9000)
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
39
|
describe "when setting the :factpath" do
|
47
40
|
it "should add the :factpath to Facter's search paths" do
|
48
41
|
expect(Facter).to receive(:search).with("/my/fact/path")
|
@@ -151,4 +151,16 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
151
151
|
end
|
152
152
|
end
|
153
153
|
end
|
154
|
+
|
155
|
+
context 'ciphersuites' do
|
156
|
+
it "does not connect when using an SSLv3 ciphersuite", :if => Puppet::Util::Package.versioncmp(OpenSSL::OPENSSL_LIBRARY_VERSION.split[1], '1.1.1e') > 0 do
|
157
|
+
Puppet[:ciphers] = "DES-CBC3-SHA"
|
158
|
+
|
159
|
+
https_server.start_server do |port|
|
160
|
+
expect {
|
161
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
162
|
+
}.to raise_error(Puppet::HTTP::ConnectionError, /no cipher match|sslv3 alert handshake failure/)
|
163
|
+
end
|
164
|
+
end
|
165
|
+
end
|
154
166
|
end
|
@@ -1,5 +1,4 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
-
require 'matchers/include'
|
3
2
|
|
4
3
|
require 'puppet/indirector/file_content/file'
|
5
4
|
require 'puppet/indirector/file_metadata/file'
|
@@ -30,7 +29,6 @@ end
|
|
30
29
|
|
31
30
|
describe Puppet::Indirector::DirectFileServer, " when interacting with FileServing::Fileset and the model" do
|
32
31
|
include PuppetSpec::Files
|
33
|
-
include Matchers::Include
|
34
32
|
|
35
33
|
matcher :file_with_content do |name, content|
|
36
34
|
match do |actual|
|
@@ -52,7 +50,7 @@ describe Puppet::Indirector::DirectFileServer, " when interacting with FileServi
|
|
52
50
|
terminus = Puppet::Indirector::FileContent::File.new
|
53
51
|
request = terminus.indirection.request(:search, Puppet::Util.path_to_uri(path).to_s, nil, :recurse => true)
|
54
52
|
|
55
|
-
expect(terminus.search(request)).to
|
53
|
+
expect(terminus.search(request)).to contain_exactly(
|
56
54
|
file_with_content(File.join(path, "one"), "one content"),
|
57
55
|
file_with_content(File.join(path, "two"), "two content"),
|
58
56
|
directory_named(path))
|
@@ -86,8 +86,6 @@ describe Puppet::Indirector::FileContent::FileServer, " when finding files" do
|
|
86
86
|
|
87
87
|
# Use a real mount, so the integration is a bit deeper.
|
88
88
|
mount1 = Puppet::FileServing::Configuration::Mount::File.new("one")
|
89
|
-
allow(mount1).to receive(:globalallow?).and_return(true)
|
90
|
-
allow(mount1).to receive(:allowed?).and_return(true)
|
91
89
|
mount1.path = File.join(path, "%h")
|
92
90
|
|
93
91
|
parser = double('parser', :changed? => false)
|
@@ -59,8 +59,6 @@ describe Puppet::Indirector::FileMetadata::FileServer, " when finding files" do
|
|
59
59
|
|
60
60
|
# Use a real mount, so the integration is a bit deeper.
|
61
61
|
mount1 = Puppet::FileServing::Configuration::Mount::File.new("one")
|
62
|
-
allow(mount1).to receive(:globalallow?).and_return(true)
|
63
|
-
allow(mount1).to receive(:allowed?).and_return(true)
|
64
62
|
mount1.path = File.join(env_path, "%h")
|
65
63
|
|
66
64
|
parser = double('parser', :changed? => false)
|
@@ -235,6 +235,16 @@ describe 'collectors' do
|
|
235
235
|
MANIFEST
|
236
236
|
end
|
237
237
|
|
238
|
+
it "splats attributes from a hash" do
|
239
|
+
expect_the_message_to_be(["overridden message"], <<-MANIFEST)
|
240
|
+
@notify { "testing": message => "original message" }
|
241
|
+
|
242
|
+
Notify <| |> {
|
243
|
+
* => { message => "overridden message" }
|
244
|
+
}
|
245
|
+
MANIFEST
|
246
|
+
end
|
247
|
+
|
238
248
|
it "collects with override when inside a class (#10963)" do
|
239
249
|
expect_the_message_to_be(["overridden message"], <<-MANIFEST)
|
240
250
|
@notify { "testing": message => "original message" }
|
@@ -11,12 +11,8 @@ describe Puppet::Resource::TypeCollection do
|
|
11
11
|
@dir = tmpfile("autoload_testing")
|
12
12
|
FileUtils.mkdir_p @dir
|
13
13
|
|
14
|
-
loader =
|
15
|
-
|
16
|
-
allow(loader).to receive(:set_entry)
|
17
|
-
|
18
|
-
loaders = Object.new
|
19
|
-
expect(loaders).to receive(:runtime3_type_loader).at_most(:once).and_return(loader)
|
14
|
+
loader = double('loader', load: nil, set_entry: nil)
|
15
|
+
loaders = double('loaders', runtime3_type_loader: loader)
|
20
16
|
expect(Puppet::Pops::Loaders).to receive(:loaders).at_most(:once).and_return(loaders)
|
21
17
|
|
22
18
|
environment = Puppet::Node::Environment.create(:env, [@dir])
|
@@ -61,7 +61,7 @@ describe Puppet::Transaction do
|
|
61
61
|
|
62
62
|
transaction = Puppet::Transaction.new(catalog, nil, Puppet::Graph::SequentialPrioritizer.new)
|
63
63
|
|
64
|
-
expect(resource).not_to receive(:
|
64
|
+
expect(resource).not_to receive(:retrieve)
|
65
65
|
|
66
66
|
transaction.evaluate
|
67
67
|
end
|
@@ -86,7 +86,7 @@ describe Puppet::Transaction do
|
|
86
86
|
|
87
87
|
transaction = Puppet::Transaction.new(catalog, nil, Puppet::Graph::SequentialPrioritizer.new)
|
88
88
|
|
89
|
-
expect(resource).not_to receive(:
|
89
|
+
expect(resource).not_to receive(:retrieve)
|
90
90
|
|
91
91
|
transaction.evaluate
|
92
92
|
end
|
@@ -315,16 +315,14 @@ describe Puppet::Transaction do
|
|
315
315
|
file1 = tmpfile("file1")
|
316
316
|
file2 = tmpfile("file2")
|
317
317
|
|
318
|
+
expect(Puppet::FileSystem).to_not be_exist(file2)
|
319
|
+
|
318
320
|
exec1 = Puppet::Type.type(:exec).new(
|
319
321
|
:name => "exec1",
|
320
322
|
:path => ENV["PATH"],
|
321
323
|
:command => touch(file1),
|
322
324
|
)
|
323
325
|
|
324
|
-
allow(exec1).to receive(:eval_generate).and_return(
|
325
|
-
[ Puppet::Type.type(:notify).new(:name => "eval1_notify") ]
|
326
|
-
)
|
327
|
-
|
328
326
|
exec2 = Puppet::Type.type(:exec).new(
|
329
327
|
:name => "exec2",
|
330
328
|
:path => ENV["PATH"],
|
@@ -332,9 +330,6 @@ describe Puppet::Transaction do
|
|
332
330
|
:refreshonly => true,
|
333
331
|
:subscribe => exec1,
|
334
332
|
)
|
335
|
-
allow(exec2).to receive(:eval_generate).and_return(
|
336
|
-
[ Puppet::Type.type(:notify).new(:name => "eval2_notify") ]
|
337
|
-
)
|
338
333
|
|
339
334
|
Puppet[:tags] = "exec"
|
340
335
|
catalog = mk_catalog(exec1, exec2)
|
@@ -55,6 +55,24 @@ describe Puppet::Util::Windows::ADSI::User,
|
|
55
55
|
end
|
56
56
|
end
|
57
57
|
end
|
58
|
+
|
59
|
+
describe '.current_user_name_with_format' do
|
60
|
+
context 'when desired format is NameSamCompatible' do
|
61
|
+
it 'should get the same user name as the current_user_name method but fully qualified' do
|
62
|
+
user_name = Puppet::Util::Windows::ADSI::User.current_user_name
|
63
|
+
fully_qualified_user_name = Puppet::Util::Windows::ADSI::User.current_sam_compatible_user_name
|
64
|
+
|
65
|
+
expect(fully_qualified_user_name).to match(/^.+\\#{user_name}$/)
|
66
|
+
end
|
67
|
+
|
68
|
+
it 'should have the same SID as with the current_user_name method' do
|
69
|
+
user_name = Puppet::Util::Windows::ADSI::User.current_user_name
|
70
|
+
fully_qualified_user_name = Puppet::Util::Windows::ADSI::User.current_sam_compatible_user_name
|
71
|
+
|
72
|
+
expect(Puppet::Util::Windows::SID.name_to_sid(user_name)).to eq(Puppet::Util::Windows::SID.name_to_sid(fully_qualified_user_name))
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
58
76
|
end
|
59
77
|
|
60
78
|
describe Puppet::Util::Windows::ADSI::Group,
|
@@ -157,7 +175,9 @@ describe Puppet::Util::Windows::ADSI::Group,
|
|
157
175
|
|
158
176
|
# touch the native_object member to have it lazily loaded, so COM objects can be stubbed
|
159
177
|
admins.native_object
|
160
|
-
|
178
|
+
without_partial_double_verification do
|
179
|
+
allow(admins.native_object).to receive(:Members).and_return(members)
|
180
|
+
end
|
161
181
|
|
162
182
|
# well-known NULL SID
|
163
183
|
expect(admins.members[0].sid).to eq('S-1-0-0')
|
@@ -7,6 +7,7 @@ describe Puppet::Util::Windows::SID::Principal, :if => Puppet::Util::Platform.wi
|
|
7
7
|
let (:system_bytes) { [1, 1, 0, 0, 0, 0, 0, 5, 18, 0, 0, 0] }
|
8
8
|
let (:null_sid_bytes) { [1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] }
|
9
9
|
let (:administrator_bytes) { [1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0] }
|
10
|
+
let (:all_application_packages_bytes) { [1, 2, 0, 0, 0, 0, 0, 15, 2, 0, 0, 0, 1, 0, 0, 0] }
|
10
11
|
let (:computer_sid) { Puppet::Util::Windows::SID.name_to_principal(Puppet::Util::Windows::ADSI.computer_name) }
|
11
12
|
# BUILTIN is localized on German Windows, but not French
|
12
13
|
# looking this up like this dilutes the values of the tests as we're comparing two mechanisms
|
@@ -121,6 +122,26 @@ describe Puppet::Util::Windows::SID::Principal, :if => Puppet::Util::Platform.wi
|
|
121
122
|
expect(principal.to_s).to eq(builtin_localized)
|
122
123
|
end
|
123
124
|
|
125
|
+
it "should always sanitize the account name first" do
|
126
|
+
expect(Puppet::Util::Windows::SID::Principal).to receive(:sanitize_account_name).with('NT AUTHORITY\\SYSTEM').and_call_original
|
127
|
+
Puppet::Util::Windows::SID::Principal.lookup_account_name('NT AUTHORITY\\SYSTEM')
|
128
|
+
end
|
129
|
+
|
130
|
+
it "should be able to create an instance from an account name prefixed by APPLICATION PACKAGE AUTHORITY" do
|
131
|
+
principal = Puppet::Util::Windows::SID::Principal.lookup_account_name('APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES')
|
132
|
+
expect(principal.account).to eq('ALL APPLICATION PACKAGES')
|
133
|
+
expect(principal.sid_bytes).to eq(all_application_packages_bytes)
|
134
|
+
expect(principal.sid).to eq('S-1-15-2-1')
|
135
|
+
expect(principal.domain).to eq('APPLICATION PACKAGE AUTHORITY')
|
136
|
+
expect(principal.domain_account).to eq('APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES')
|
137
|
+
expect(principal.account_type).to eq(:SidTypeWellKnownGroup)
|
138
|
+
expect(principal.to_s).to eq('APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES')
|
139
|
+
end
|
140
|
+
|
141
|
+
it "should fail without proper account name sanitization when it is prefixed by APPLICATION PACKAGE AUTHORITY" do
|
142
|
+
given_account_name = 'APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES'
|
143
|
+
expect { Puppet::Util::Windows::SID::Principal.lookup_account_name(nil, false, given_account_name) }.to raise_error(Puppet::Util::Windows::Error, /No mapping between account names and security IDs was done./)
|
144
|
+
end
|
124
145
|
end
|
125
146
|
|
126
147
|
describe ".lookup_account_sid" do
|