puppet 7.10.0-universal-darwin → 7.13.1-universal-darwin
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +3 -3
- data/Gemfile.lock +20 -15
- data/ext/project_data.yaml +1 -1
- data/lib/puppet/application/agent.rb +4 -0
- data/lib/puppet/application/apply.rb +20 -2
- data/lib/puppet/application/lookup.rb +72 -24
- data/lib/puppet/application/resource.rb +15 -13
- data/lib/puppet/concurrent/thread_local_singleton.rb +6 -3
- data/lib/puppet/configurer.rb +98 -29
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +17 -3
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/file_serving/metadata.rb +3 -0
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_system/file_impl.rb +10 -8
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/path_pattern.rb +10 -15
- data/lib/puppet/file_system/uniquefile.rb +1 -1
- data/lib/puppet/file_system/windows.rb +4 -4
- data/lib/puppet/file_system.rb +3 -2
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/functions/versioncmp.rb +6 -2
- data/lib/puppet/graph/simple_graph.rb +2 -1
- data/lib/puppet/http/client.rb +1 -1
- data/lib/puppet/http/redirector.rb +5 -0
- data/lib/puppet/indirector/catalog/compiler.rb +3 -3
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/pal/pal_impl.rb +1 -1
- data/lib/puppet/parser/resource.rb +1 -1
- data/lib/puppet/parser/scope.rb +8 -7
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/pops/evaluator/closure.rb +7 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
- data/lib/puppet/pops/model/ast.rb +1 -0
- data/lib/puppet/pops/model/factory.rb +14 -13
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +4 -2
- data/lib/puppet/pops/parser/eparser.rb +909 -894
- data/lib/puppet/pops/parser/lexer2.rb +69 -68
- data/lib/puppet/pops/parser/slurp_support.rb +1 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +6 -18
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/type_formatter.rb +7 -6
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/pops/validation/checker4_0.rb +7 -2
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +5 -2
- data/lib/puppet/provider/package/pkg.rb +11 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -1
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/init.rb +10 -9
- data/lib/puppet/provider/service/launchd.rb +1 -1
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +3 -3
- data/lib/puppet/provider/service/systemd.rb +1 -1
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/user/aix.rb +44 -1
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +30 -7
- data/lib/puppet/provider.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type_collection.rb +2 -1
- data/lib/puppet/resource.rb +38 -5
- data/lib/puppet/runtime.rb +11 -1
- data/lib/puppet/settings/file_setting.rb +3 -8
- data/lib/puppet/settings.rb +2 -2
- data/lib/puppet/ssl/verifier.rb +3 -1
- data/lib/puppet/test/test_helper.rb +4 -1
- data/lib/puppet/transaction/persistence.rb +22 -12
- data/lib/puppet/type/exec.rb +9 -1
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/group.rb +8 -1
- data/lib/puppet/type/file/owner.rb +8 -1
- data/lib/puppet/type/group.rb +0 -1
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +8 -3
- data/lib/puppet/type/user.rb +40 -39
- data/lib/puppet/util/autoload.rb +1 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/json.rb +20 -0
- data/lib/puppet/util/log.rb +8 -4
- data/lib/puppet/util/logging.rb +1 -25
- data/lib/puppet/util/monkey_patches.rb +26 -2
- data/lib/puppet/util/package.rb +25 -16
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +1 -2
- data/lib/puppet/util/tagging.rb +1 -0
- data/lib/puppet/util/windows/service.rb +0 -5
- data/lib/puppet/util/windows/user.rb +0 -1
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/yaml.rb +11 -0
- data/lib/puppet/util.rb +4 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +3 -6
- data/locales/puppet.pot +265 -239
- data/man/man5/puppet.conf.5 +18 -2
- data/man/man8/puppet-agent.8 +4 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +9 -6
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +2 -1
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/integration/application/agent_spec.rb +44 -0
- data/spec/integration/application/lookup_spec.rb +29 -6
- data/spec/integration/configurer_spec.rb +1 -1
- data/spec/integration/indirector/facts/facter_spec.rb +3 -3
- data/spec/integration/parser/pcore_resource_spec.rb +20 -0
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/type/file_spec.rb +2 -2
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +1 -9
- data/spec/shared_contexts/l10n.rb +5 -0
- data/spec/unit/application/apply_spec.rb +76 -56
- data/spec/unit/application/lookup_spec.rb +131 -10
- data/spec/unit/application/resource_spec.rb +29 -0
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
- data/spec/unit/configurer_spec.rb +113 -28
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_system/uniquefile_spec.rb +7 -1
- data/spec/unit/file_system_spec.rb +41 -4
- data/spec/unit/forge/module_release_spec.rb +3 -3
- data/spec/unit/functions/lookup_spec.rb +64 -0
- data/spec/unit/functions/versioncmp_spec.rb +40 -4
- data/spec/unit/http/client_spec.rb +58 -1
- data/spec/unit/indirector/indirection_spec.rb +10 -3
- data/spec/unit/network/formats_spec.rb +6 -0
- data/spec/unit/pops/parser/parse_containers_spec.rb +2 -2
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +0 -58
- data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
- data/spec/unit/pops/validator/validator_spec.rb +5 -0
- data/spec/unit/provider/package/gem_spec.rb +1 -1
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +1 -1
- data/spec/unit/provider/package/pkg_spec.rb +15 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_spec.rb +6 -5
- data/spec/unit/provider/service/init_spec.rb +15 -9
- data/spec/unit/provider/service/openwrt_spec.rb +21 -29
- data/spec/unit/provider/service/redhat_spec.rb +3 -2
- data/spec/unit/provider/user/aix_spec.rb +100 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +1 -1
- data/spec/unit/provider/user/useradd_spec.rb +40 -0
- data/spec/unit/provider_spec.rb +4 -4
- data/spec/unit/puppet_spec.rb +12 -4
- data/spec/unit/resource/catalog_spec.rb +14 -1
- data/spec/unit/resource_spec.rb +58 -2
- data/spec/unit/settings/file_setting_spec.rb +10 -7
- data/spec/unit/transaction/persistence_spec.rb +51 -0
- data/spec/unit/type/file/group_spec.rb +7 -0
- data/spec/unit/type/file/owner_spec.rb +7 -0
- data/spec/unit/type/service_spec.rb +27 -0
- data/spec/unit/type/user_spec.rb +0 -45
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +25 -8
- data/spec/unit/util/json_spec.rb +126 -0
- data/spec/unit/util/logging_spec.rb +2 -0
- data/spec/unit/util/yaml_spec.rb +37 -13
- data/tasks/parallel.rake +3 -3
- metadata +17 -4
data/lib/puppet/defaults.rb
CHANGED
@@ -3,7 +3,7 @@ require_relative '../puppet/util/platform'
|
|
3
3
|
module Puppet
|
4
4
|
|
5
5
|
def self.default_diffargs
|
6
|
-
if (
|
6
|
+
if (Puppet.runtime[:facter].value(:kernel) == "AIX" && Puppet.runtime[:facter].value(:kernelmajversion) == "5300")
|
7
7
|
""
|
8
8
|
else
|
9
9
|
"-u"
|
@@ -243,7 +243,7 @@ module Puppet
|
|
243
243
|
internal Ruby stack trace interleaved with Puppet function frames.",
|
244
244
|
:hook => proc do |value|
|
245
245
|
# Enable or disable Facter's trace option too
|
246
|
-
|
246
|
+
Puppet.runtime[:facter].trace(value)
|
247
247
|
end
|
248
248
|
},
|
249
249
|
:puppet_trace => {
|
@@ -761,6 +761,12 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
761
761
|
:owner => "service",
|
762
762
|
:group => "service",
|
763
763
|
:desc => "The directory where catalog previews per node are generated."
|
764
|
+
},
|
765
|
+
:location_trusted => {
|
766
|
+
:default => false,
|
767
|
+
:type => :boolean,
|
768
|
+
:desc => "This will allow sending the name + password and the cookie header to all hosts that puppet may redirect to.
|
769
|
+
This may or may not introduce a security breach if puppet redirects you to a site to which you'll send your authentication info and cookies."
|
764
770
|
}
|
765
771
|
)
|
766
772
|
|
@@ -1532,6 +1538,12 @@ EOT
|
|
1532
1538
|
:mode => "0750",
|
1533
1539
|
:desc => "The directory in which serialized data is stored on the client."
|
1534
1540
|
},
|
1541
|
+
:write_catalog_summary => {
|
1542
|
+
:default => true,
|
1543
|
+
:type => :boolean,
|
1544
|
+
:desc => "Whether to write the `classfile` and `resourcefile` after applying
|
1545
|
+
the catalog. It is enabled by default, except when running `puppet apply`.",
|
1546
|
+
},
|
1535
1547
|
:classfile => {
|
1536
1548
|
:default => "$statedir/classes.txt",
|
1537
1549
|
:type => :file,
|
@@ -1971,7 +1983,9 @@ EOT
|
|
1971
1983
|
:call_hook => :on_initialize_and_write, # Call our hook with the default value, so we always get the value added to facter.
|
1972
1984
|
:hook => proc do |value|
|
1973
1985
|
paths = value.split(File::PATH_SEPARATOR)
|
1974
|
-
|
1986
|
+
facter = Puppet.runtime[:facter]
|
1987
|
+
facter.reset
|
1988
|
+
facter.search(*paths)
|
1975
1989
|
end
|
1976
1990
|
}
|
1977
1991
|
)
|
@@ -0,0 +1,96 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
#
|
4
|
+
# @api private
|
5
|
+
# Default Facter implementation that delegates to Facter API
|
6
|
+
#
|
7
|
+
|
8
|
+
module Puppet
|
9
|
+
class FacterImpl
|
10
|
+
def initialize
|
11
|
+
require 'facter'
|
12
|
+
|
13
|
+
setup_logging
|
14
|
+
end
|
15
|
+
|
16
|
+
def value(fact_name)
|
17
|
+
::Facter.value(fact_name)
|
18
|
+
end
|
19
|
+
|
20
|
+
def add(name, &block)
|
21
|
+
::Facter.add(name, &block)
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_hash
|
25
|
+
::Facter.to_hash
|
26
|
+
end
|
27
|
+
|
28
|
+
def clear
|
29
|
+
::Facter.clear
|
30
|
+
end
|
31
|
+
|
32
|
+
def reset
|
33
|
+
::Facter.reset
|
34
|
+
end
|
35
|
+
|
36
|
+
def resolve(options)
|
37
|
+
::Facter.resolve(options)
|
38
|
+
end
|
39
|
+
|
40
|
+
def search_external(dirs)
|
41
|
+
::Facter.search_external(dirs)
|
42
|
+
end
|
43
|
+
|
44
|
+
def search(*dirs)
|
45
|
+
::Facter.search(*dirs)
|
46
|
+
end
|
47
|
+
|
48
|
+
def trace(value)
|
49
|
+
::Facter.trace(value) if ::Facter.respond_to? :trace
|
50
|
+
end
|
51
|
+
|
52
|
+
def debugging(value)
|
53
|
+
::Facter.debugging(value) if ::Facter.respond_to?(:debugging)
|
54
|
+
end
|
55
|
+
|
56
|
+
def load_external?
|
57
|
+
::Facter.respond_to?(:load_external)
|
58
|
+
end
|
59
|
+
|
60
|
+
def load_external(value)
|
61
|
+
::Facter.load_external(value) if self.load_external?
|
62
|
+
end
|
63
|
+
|
64
|
+
private
|
65
|
+
|
66
|
+
def setup_logging
|
67
|
+
return unless ::Facter.respond_to? :on_message
|
68
|
+
|
69
|
+
::Facter.on_message do |level, message|
|
70
|
+
case level
|
71
|
+
when :trace, :debug
|
72
|
+
level = :debug
|
73
|
+
when :info
|
74
|
+
# Same as Puppet
|
75
|
+
when :warn
|
76
|
+
level = :warning
|
77
|
+
when :error
|
78
|
+
level = :err
|
79
|
+
when :fatal
|
80
|
+
level = :crit
|
81
|
+
else
|
82
|
+
next
|
83
|
+
end
|
84
|
+
|
85
|
+
Puppet::Util::Log.create(
|
86
|
+
{
|
87
|
+
:level => level,
|
88
|
+
:source => 'Facter',
|
89
|
+
:message => message
|
90
|
+
}
|
91
|
+
)
|
92
|
+
nil
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
@@ -118,6 +118,9 @@ class Puppet::FileServing::Metadata < Puppet::FileServing::Base
|
|
118
118
|
when "link"
|
119
119
|
@destination = Puppet::FileSystem.readlink(real_path)
|
120
120
|
@checksum = ("{#{@checksum_type}}") + send("#{@checksum_type}_file", real_path).to_s rescue nil
|
121
|
+
when "fifo", "socket"
|
122
|
+
@checksum_type = "none"
|
123
|
+
@checksum = ("{#{@checksum_type}}") + send("#{@checksum_type}_file", real_path).to_s
|
121
124
|
else
|
122
125
|
raise ArgumentError, _("Cannot manage files of type %{file_type}") % { file_type: stat.ftype }
|
123
126
|
end
|
@@ -3,12 +3,12 @@ require_relative '../../../puppet/file_serving/mount'
|
|
3
3
|
class Puppet::FileServing::Mount::File < Puppet::FileServing::Mount
|
4
4
|
def self.localmap
|
5
5
|
@localmap ||= {
|
6
|
-
"h" =>
|
6
|
+
"h" => Puppet.runtime[:facter].value("hostname"),
|
7
7
|
"H" => [
|
8
|
-
|
9
|
-
|
8
|
+
Puppet.runtime[:facter].value("hostname"),
|
9
|
+
Puppet.runtime[:facter].value("domain")
|
10
10
|
].join("."),
|
11
|
-
"d" =>
|
11
|
+
"d" => Puppet.runtime[:facter].value("domain")
|
12
12
|
}
|
13
13
|
end
|
14
14
|
|
@@ -84,7 +84,9 @@ class Puppet::FileSystem::FileImpl
|
|
84
84
|
end
|
85
85
|
|
86
86
|
def read_preserve_line_endings(path)
|
87
|
-
|
87
|
+
default_encoding = Encoding.default_external.name
|
88
|
+
encoding = default_encoding.downcase.start_with?('utf-') ? "bom|#{default_encoding}" : default_encoding
|
89
|
+
read(path, encoding: encoding)
|
88
90
|
end
|
89
91
|
|
90
92
|
def binread(path)
|
@@ -128,23 +130,23 @@ class Puppet::FileSystem::FileImpl
|
|
128
130
|
end
|
129
131
|
|
130
132
|
def symlink?(path)
|
131
|
-
File.symlink?(path)
|
133
|
+
::File.symlink?(path)
|
132
134
|
end
|
133
135
|
|
134
136
|
def readlink(path)
|
135
|
-
File.readlink(path)
|
137
|
+
::File.readlink(path)
|
136
138
|
end
|
137
139
|
|
138
140
|
def unlink(*paths)
|
139
|
-
File.unlink(*paths)
|
141
|
+
::File.unlink(*paths)
|
140
142
|
end
|
141
143
|
|
142
144
|
def stat(path)
|
143
|
-
File.stat(path)
|
145
|
+
::File.stat(path)
|
144
146
|
end
|
145
147
|
|
146
148
|
def lstat(path)
|
147
|
-
File.lstat(path)
|
149
|
+
::File.lstat(path)
|
148
150
|
end
|
149
151
|
|
150
152
|
def compare_stream(path, stream)
|
@@ -157,7 +159,7 @@ class Puppet::FileSystem::FileImpl
|
|
157
159
|
|
158
160
|
def replace_file(path, mode = nil)
|
159
161
|
begin
|
160
|
-
stat =
|
162
|
+
stat = lstat(path)
|
161
163
|
gid = stat.gid
|
162
164
|
uid = stat.uid
|
163
165
|
mode ||= stat.mode & 07777
|
@@ -178,7 +180,7 @@ class Puppet::FileSystem::FileImpl
|
|
178
180
|
tempfile_path = tempfile.path
|
179
181
|
FileUtils.chown(uid, gid, tempfile_path) if uid && gid
|
180
182
|
chmod(mode, tempfile_path)
|
181
|
-
File.rename(tempfile_path,
|
183
|
+
::File.rename(tempfile_path, path_string(path))
|
182
184
|
ensure
|
183
185
|
tempfile.close!
|
184
186
|
end
|
@@ -14,7 +14,7 @@ class Puppet::FileSystem::JRuby < Puppet::FileSystem::Posix
|
|
14
14
|
def replace_file(path, mode = nil, &block)
|
15
15
|
# MRI Ruby rename checks if destination is a directory and raises, while
|
16
16
|
# JRuby removes the directory and replaces the file.
|
17
|
-
if
|
17
|
+
if directory?(path)
|
18
18
|
raise Errno::EISDIR, _("Is a directory: %{directory}") % { directory: path }
|
19
19
|
end
|
20
20
|
|
@@ -5,10 +5,9 @@ module Puppet::FileSystem
|
|
5
5
|
class PathPattern
|
6
6
|
class InvalidPattern < Puppet::Error; end
|
7
7
|
|
8
|
-
|
8
|
+
DOTDOT = '..'.freeze
|
9
9
|
ABSOLUTE_UNIX = /^\//
|
10
10
|
ABSOLUTE_WINDOWS = /^[a-z]:/i
|
11
|
-
#ABSOLUT_VODKA #notappearinginthisclass
|
12
11
|
CURRENT_DRIVE_RELATIVE_WINDOWS = /^\\/
|
13
12
|
|
14
13
|
def self.relative(pattern)
|
@@ -32,11 +31,11 @@ module Puppet::FileSystem
|
|
32
31
|
end
|
33
32
|
|
34
33
|
def glob
|
35
|
-
Dir.glob(
|
34
|
+
Dir.glob(@pathstr)
|
36
35
|
end
|
37
36
|
|
38
37
|
def to_s
|
39
|
-
|
38
|
+
@pathstr
|
40
39
|
end
|
41
40
|
|
42
41
|
protected
|
@@ -46,13 +45,9 @@ module Puppet::FileSystem
|
|
46
45
|
private
|
47
46
|
|
48
47
|
def validate
|
49
|
-
@
|
50
|
-
|
51
|
-
|
52
|
-
end
|
53
|
-
end
|
54
|
-
case @pathname.to_s
|
55
|
-
when CURRENT_DRIVE_RELATIVE_WINDOWS
|
48
|
+
if @pathstr.split(Pathname::SEPARATOR_PAT).any? { |f| f == DOTDOT }
|
49
|
+
raise(InvalidPattern, _("PathPatterns cannot be created with directory traversals."))
|
50
|
+
elsif @pathstr.match?(CURRENT_DRIVE_RELATIVE_WINDOWS)
|
56
51
|
raise(InvalidPattern, _("A PathPattern cannot be a Windows current drive relative path."))
|
57
52
|
end
|
58
53
|
end
|
@@ -60,6 +55,7 @@ module Puppet::FileSystem
|
|
60
55
|
def initialize(pattern)
|
61
56
|
begin
|
62
57
|
@pathname = Pathname.new(pattern.strip)
|
58
|
+
@pathstr = @pathname.to_s
|
63
59
|
rescue ArgumentError => error
|
64
60
|
raise InvalidPattern.new(_("PathPatterns cannot be created with a zero byte."), error)
|
65
61
|
end
|
@@ -74,10 +70,9 @@ module Puppet::FileSystem
|
|
74
70
|
|
75
71
|
def validate
|
76
72
|
super
|
77
|
-
|
78
|
-
when ABSOLUTE_WINDOWS
|
73
|
+
if @pathstr.match?(ABSOLUTE_WINDOWS)
|
79
74
|
raise(InvalidPattern, _("A relative PathPattern cannot be prefixed with a drive."))
|
80
|
-
|
75
|
+
elsif @pathstr.match?(ABSOLUTE_UNIX)
|
81
76
|
raise(InvalidPattern, _("A relative PathPattern cannot be an absolute path."))
|
82
77
|
end
|
83
78
|
end
|
@@ -90,7 +85,7 @@ module Puppet::FileSystem
|
|
90
85
|
|
91
86
|
def validate
|
92
87
|
super
|
93
|
-
if
|
88
|
+
if !@pathstr.match?(ABSOLUTE_UNIX) && !@pathstr.match?(ABSOLUTE_WINDOWS)
|
94
89
|
raise(InvalidPattern, _("An absolute PathPattern cannot be a relative path."))
|
95
90
|
end
|
96
91
|
end
|
@@ -127,7 +127,7 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
|
|
127
127
|
tmpdir ||= tmpdir()
|
128
128
|
n = nil
|
129
129
|
begin
|
130
|
-
path = File.
|
130
|
+
path = File.join(tmpdir, make_tmpname(basename, n))
|
131
131
|
yield(path, n, *opts)
|
132
132
|
rescue Errno::EEXIST
|
133
133
|
n ||= 0
|
@@ -123,7 +123,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
123
123
|
LOCK_VIOLATION = 33
|
124
124
|
|
125
125
|
def replace_file(path, mode = nil)
|
126
|
-
if
|
126
|
+
if directory?(path)
|
127
127
|
raise Errno::EISDIR, _("Is a directory: %{directory}") % { directory: path }
|
128
128
|
end
|
129
129
|
|
@@ -159,14 +159,14 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
159
159
|
end
|
160
160
|
|
161
161
|
set_dacl(tempfile.path, dacl) if dacl
|
162
|
-
File.rename(tempfile.path,
|
162
|
+
::File.rename(tempfile.path, path_string(path))
|
163
163
|
ensure
|
164
164
|
tempfile.close!
|
165
165
|
end
|
166
166
|
rescue Puppet::Util::Windows::Error => e
|
167
167
|
case e.code
|
168
168
|
when ACCESS_DENIED, SHARING_VIOLATION, LOCK_VIOLATION
|
169
|
-
raise Errno::EACCES.new(
|
169
|
+
raise Errno::EACCES.new(path_string(path), e)
|
170
170
|
else
|
171
171
|
raise SystemCallError.new(e.message)
|
172
172
|
end
|
@@ -193,7 +193,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
193
193
|
end
|
194
194
|
|
195
195
|
def get_dacl_from_file(path)
|
196
|
-
sd = Puppet::Util::Windows::Security.get_security_descriptor(
|
196
|
+
sd = Puppet::Util::Windows::Security.get_security_descriptor(path_string(path))
|
197
197
|
sd.dacl
|
198
198
|
rescue Puppet::Util::Windows::Error => e
|
199
199
|
raise e unless e.code == FILE_NOT_FOUND
|
data/lib/puppet/file_system.rb
CHANGED
@@ -345,7 +345,8 @@ module Puppet::FileSystem
|
|
345
345
|
# value ~ will be expanded to something like /Users/Foo
|
346
346
|
#
|
347
347
|
# This method exists primarlily to resolve a Ruby deficiency where
|
348
|
-
# File.expand_path doesn't
|
348
|
+
# File.expand_path doesn't convert short paths to long paths, which is
|
349
|
+
# important when resolving the path to load.
|
349
350
|
#
|
350
351
|
# @param path [Object] a path handle produced by {#pathname}
|
351
352
|
# @return [String] a string representation of the path
|
@@ -396,7 +397,7 @@ module Puppet::FileSystem
|
|
396
397
|
# @api public
|
397
398
|
#
|
398
399
|
def self.chmod(mode, path)
|
399
|
-
@impl.chmod(mode, path)
|
400
|
+
@impl.chmod(mode, assert_path(path))
|
400
401
|
end
|
401
402
|
|
402
403
|
# Replace the contents of a file atomically, creating the file if necessary.
|
data/lib/puppet/forge.rb
CHANGED
@@ -213,7 +213,7 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
|
|
213
213
|
end
|
214
214
|
|
215
215
|
def validate_checksum(file, checksum, digest_class)
|
216
|
-
if
|
216
|
+
if Puppet.runtime[:facter].value(:fips_enabled) && digest_class == Digest::MD5
|
217
217
|
raise _("Module install using MD5 is prohibited in FIPS mode.")
|
218
218
|
end
|
219
219
|
|
@@ -8,6 +8,9 @@ require_relative '../../puppet/util/package'
|
|
8
8
|
#
|
9
9
|
# Where a and b are arbitrary version strings.
|
10
10
|
#
|
11
|
+
# Optional parameter ignore_trailing_zeroes is used to ignore unnecessary
|
12
|
+
# trailing version numbers like .0 or .0.00
|
13
|
+
#
|
11
14
|
# This function returns:
|
12
15
|
#
|
13
16
|
# * `1` if version a is greater than version b
|
@@ -28,9 +31,10 @@ Puppet::Functions.create_function(:versioncmp) do
|
|
28
31
|
dispatch :versioncmp do
|
29
32
|
param 'String', :a
|
30
33
|
param 'String', :b
|
34
|
+
optional_param 'Boolean', :ignore_trailing_zeroes
|
31
35
|
end
|
32
36
|
|
33
|
-
def versioncmp(a, b)
|
34
|
-
Puppet::Util::Package.versioncmp(a, b)
|
37
|
+
def versioncmp(a, b, ignore_trailing_zeroes = false)
|
38
|
+
Puppet::Util::Package.versioncmp(a, b, ignore_trailing_zeroes)
|
35
39
|
end
|
36
40
|
end
|
@@ -38,11 +38,12 @@ class Puppet::Graph::SimpleGraph
|
|
38
38
|
@downstream_from.clear
|
39
39
|
end
|
40
40
|
|
41
|
-
# Which resources
|
41
|
+
# Which resources the given resource depends on.
|
42
42
|
def dependencies(resource)
|
43
43
|
vertex?(resource) ? upstream_from_vertex(resource).keys : []
|
44
44
|
end
|
45
45
|
|
46
|
+
# Which resources depend upon the given resource.
|
46
47
|
def dependents(resource)
|
47
48
|
vertex?(resource) ? downstream_from_vertex(resource).keys : []
|
48
49
|
end
|
data/lib/puppet/http/client.rb
CHANGED
@@ -346,7 +346,7 @@ class Puppet::HTTP::Client
|
|
346
346
|
|
347
347
|
while !done do
|
348
348
|
connect(request.uri, options: options) do |http|
|
349
|
-
apply_auth(request, basic_auth)
|
349
|
+
apply_auth(request, basic_auth) if redirects.zero?
|
350
350
|
|
351
351
|
# don't call return within the `request` block
|
352
352
|
http.request(request) do |nethttp|
|
@@ -49,6 +49,11 @@ class Puppet::HTTP::Redirector
|
|
49
49
|
new_request = request.class.new(url)
|
50
50
|
new_request.body = request.body
|
51
51
|
request.each do |header, value|
|
52
|
+
unless Puppet[:location_trusted]
|
53
|
+
# skip adding potentially sensitive header to other hosts
|
54
|
+
next if header.casecmp('Authorization').zero? && request.uri.host.casecmp(location.host) != 0
|
55
|
+
next if header.casecmp('Cookie').zero? && request.uri.host.casecmp(location.host) != 0
|
56
|
+
end
|
52
57
|
new_request[header] = value
|
53
58
|
end
|
54
59
|
|
@@ -433,17 +433,17 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
|
|
433
433
|
"serverip" => "ipaddress",
|
434
434
|
"serverip6" => "ipaddress6"
|
435
435
|
}.each do |var, fact|
|
436
|
-
value =
|
436
|
+
value = Puppet.runtime[:facter].value(fact)
|
437
437
|
if !value.nil?
|
438
438
|
@server_facts[var] = value
|
439
439
|
end
|
440
440
|
end
|
441
441
|
|
442
442
|
if @server_facts["servername"].nil?
|
443
|
-
host =
|
443
|
+
host = Puppet.runtime[:facter].value(:hostname)
|
444
444
|
if host.nil?
|
445
445
|
Puppet.warning _("Could not retrieve fact servername")
|
446
|
-
elsif domain =
|
446
|
+
elsif domain = Puppet.runtime[:facter].value(:domain) #rubocop:disable Lint/AssignmentInCondition
|
447
447
|
@server_facts["servername"] = [host, domain].join(".")
|
448
448
|
else
|
449
449
|
@server_facts["servername"] = host
|
@@ -20,10 +20,10 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code
|
|
20
20
|
|
21
21
|
# Lookup a host's facts up in Facter.
|
22
22
|
def find(request)
|
23
|
-
|
23
|
+
Puppet.runtime[:facter].reset
|
24
24
|
|
25
25
|
# Note: we need to setup puppet's external search paths before adding the puppetversion
|
26
|
-
# fact. This is because in Facter 2.x, the first `
|
26
|
+
# fact. This is because in Facter 2.x, the first `Puppet.runtime[:facter].add` causes Facter to create
|
27
27
|
# its directory loaders which cannot be changed, meaning other external facts won't
|
28
28
|
# be resolved. (PUP-4607)
|
29
29
|
self.class.setup_external_search_paths(request)
|
@@ -36,7 +36,7 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code
|
|
36
36
|
raise(Puppet::Error, _("puppet facts show requires version 4.0.40 or greater of Facter.")) unless Facter.respond_to?(:resolve)
|
37
37
|
find_with_options(request)
|
38
38
|
else
|
39
|
-
Puppet::Node::Facts.new(request.key,
|
39
|
+
Puppet::Node::Facts.new(request.key, Puppet.runtime[:facter].to_hash)
|
40
40
|
end
|
41
41
|
|
42
42
|
result.add_local_facts unless request.options[:resolve_options]
|
@@ -68,7 +68,7 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code
|
|
68
68
|
true
|
69
69
|
end
|
70
70
|
dirs << request.options[:custom_dir] if request.options[:custom_dir]
|
71
|
-
|
71
|
+
Puppet.runtime[:facter].search(*dirs)
|
72
72
|
end
|
73
73
|
|
74
74
|
def self.setup_external_search_paths(request)
|
@@ -90,7 +90,7 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code
|
|
90
90
|
end
|
91
91
|
|
92
92
|
dirs << request.options[:external_dir] if request.options[:external_dir]
|
93
|
-
|
93
|
+
Puppet.runtime[:facter].search_external dirs
|
94
94
|
end
|
95
95
|
|
96
96
|
private
|
@@ -105,6 +105,6 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code
|
|
105
105
|
options_for_facter += " --no-cache" if options[:no_cache] == false
|
106
106
|
options_for_facter += " --timing" if options[:timing]
|
107
107
|
|
108
|
-
Puppet::Node::Facts.new(request.key,
|
108
|
+
Puppet::Node::Facts.new(request.key, Puppet.runtime[:facter].resolve(options_for_facter))
|
109
109
|
end
|
110
110
|
end
|
@@ -313,7 +313,7 @@ class Puppet::Indirector::Indirection
|
|
313
313
|
request = request(:save, key, instance, options)
|
314
314
|
terminus = prepare(request)
|
315
315
|
|
316
|
-
result = terminus.save(request)
|
316
|
+
result = terminus.save(request) if !request.ignore_terminus?
|
317
317
|
|
318
318
|
# If caching is enabled, save our document there
|
319
319
|
cache.save(request) if cache? && !request.ignore_cache_save?
|
@@ -89,7 +89,7 @@ module Puppet::ModuleTool
|
|
89
89
|
mod = @installed.first
|
90
90
|
|
91
91
|
unless @ignore_changes
|
92
|
-
raise _("Either the `--ignore_changes` or `--force` argument must be specified to uninstall modules when running in FIPS mode.") if
|
92
|
+
raise _("Either the `--ignore_changes` or `--force` argument must be specified to uninstall modules when running in FIPS mode.") if Puppet.runtime[:facter].value(:fips_enabled)
|
93
93
|
|
94
94
|
changes = begin
|
95
95
|
Puppet::ModuleTool::Applications::Checksummer.run(mod.path)
|
@@ -27,7 +27,7 @@ module Puppet::ModuleTool
|
|
27
27
|
|
28
28
|
def run
|
29
29
|
# Disallow anything that invokes md5 to avoid un-friendly termination due to FIPS
|
30
|
-
raise _("Module upgrade is prohibited in FIPS mode.") if
|
30
|
+
raise _("Module upgrade is prohibited in FIPS mode.") if Puppet.runtime[:facter].value(:fips_enabled)
|
31
31
|
|
32
32
|
name = @name.tr('/', '-')
|
33
33
|
version = options[:version] || '>= 0.0.0'
|
data/lib/puppet/pal/pal_impl.rb
CHANGED
@@ -415,7 +415,7 @@ module Pal
|
|
415
415
|
|
416
416
|
# Puppet requires Facter, which initializes its lookup paths. Reset Facter to
|
417
417
|
# pickup the new $LOAD_PATH.
|
418
|
-
|
418
|
+
Puppet.runtime[:facter].reset
|
419
419
|
|
420
420
|
node = Puppet.lookup(:pal_current_node)
|
421
421
|
pal_facts = Puppet.lookup(:pal_facts)
|
@@ -13,7 +13,7 @@ class Puppet::Parser::Resource < Puppet::Resource
|
|
13
13
|
|
14
14
|
attr_accessor :source, :scope, :collector_id
|
15
15
|
attr_accessor :virtual, :override, :translated, :catalog, :evaluated
|
16
|
-
attr_accessor :file, :line
|
16
|
+
attr_accessor :file, :line, :kind
|
17
17
|
|
18
18
|
attr_reader :exported, :parameters
|
19
19
|
|
data/lib/puppet/parser/scope.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# The scope class, which handles storing and retrieving variables and types and
|
2
3
|
# such.
|
3
4
|
require 'forwardable'
|
@@ -15,7 +16,7 @@ class Puppet::Parser::Scope
|
|
15
16
|
extend Forwardable
|
16
17
|
|
17
18
|
# Variables that always exist with nil value even if not set
|
18
|
-
BUILT_IN_VARS = ['module_name'
|
19
|
+
BUILT_IN_VARS = ['module_name', 'caller_module_name'].freeze
|
19
20
|
EMPTY_HASH = {}.freeze
|
20
21
|
|
21
22
|
Puppet::Util.logmethods(self)
|
@@ -512,7 +513,7 @@ class Puppet::Parser::Scope
|
|
512
513
|
end
|
513
514
|
end
|
514
515
|
|
515
|
-
UNDEFINED_VARIABLES_KIND = 'undefined_variables'
|
516
|
+
UNDEFINED_VARIABLES_KIND = 'undefined_variables'
|
516
517
|
|
517
518
|
# The exception raised when a throw is uncaught is different in different versions
|
518
519
|
# of ruby. In >=2.2.0 it is UncaughtThrowError (which did not exist prior to this)
|
@@ -746,12 +747,12 @@ class Puppet::Parser::Scope
|
|
746
747
|
end
|
747
748
|
private :transform_setting
|
748
749
|
|
749
|
-
VARNAME_TRUSTED = 'trusted'
|
750
|
-
VARNAME_FACTS = 'facts'
|
751
|
-
VARNAME_SERVER_FACTS = 'server_facts'
|
750
|
+
VARNAME_TRUSTED = 'trusted'
|
751
|
+
VARNAME_FACTS = 'facts'
|
752
|
+
VARNAME_SERVER_FACTS = 'server_facts'
|
752
753
|
RESERVED_VARIABLE_NAMES = [VARNAME_TRUSTED, VARNAME_FACTS].freeze
|
753
|
-
TYPENAME_CLASS = 'Class'
|
754
|
-
TYPENAME_NODE = 'Node'
|
754
|
+
TYPENAME_CLASS = 'Class'
|
755
|
+
TYPENAME_NODE = 'Node'
|
755
756
|
|
756
757
|
# Set a variable in the current scope. This will override settings
|
757
758
|
# in scopes above, but will not allow variables in the current scope
|
@@ -219,16 +219,15 @@ class Closure < CallableSignature
|
|
219
219
|
def call_with_scope(scope, args)
|
220
220
|
variable_bindings = combine_values_with_parameters(scope, args)
|
221
221
|
|
222
|
-
|
223
|
-
final_args = tc.infer_set(parameters.reduce([]) do |tmp_args, param|
|
222
|
+
final_args = parameters.reduce([]) do |tmp_args, param|
|
224
223
|
if param.captures_rest
|
225
224
|
tmp_args.concat(variable_bindings[param.name])
|
226
225
|
else
|
227
226
|
tmp_args << variable_bindings[param.name]
|
228
227
|
end
|
229
|
-
end
|
228
|
+
end
|
230
229
|
|
231
|
-
if type.
|
230
|
+
if type.callable_with?(final_args, block_type)
|
232
231
|
result = catch(:next) do
|
233
232
|
@evaluator.evaluate_block_with_bindings(scope, variable_bindings, @model.body)
|
234
233
|
end
|
@@ -236,7 +235,9 @@ class Closure < CallableSignature
|
|
236
235
|
"value returned from #{closure_name}"
|
237
236
|
end
|
238
237
|
else
|
239
|
-
|
238
|
+
tc = Types::TypeCalculator.singleton
|
239
|
+
args_type = tc.infer_set(final_args)
|
240
|
+
raise ArgumentError, Types::TypeMismatchDescriber.describe_signatures(closure_name, [self], args_type)
|
240
241
|
end
|
241
242
|
end
|
242
243
|
|
@@ -309,6 +310,7 @@ class Closure < CallableSignature
|
|
309
310
|
to += param_range[1]
|
310
311
|
end
|
311
312
|
param_types = Types::PTupleType.new(types, Types::PIntegerType.new(from, to))
|
313
|
+
# The block_type for a Closure is always nil for now, see comment in block_name above
|
312
314
|
Types::PCallableType.new(param_types, nil, return_type)
|
313
315
|
end
|
314
316
|
|