puppet 7.11.0-x64-mingw32 → 7.14.0-x64-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CODEOWNERS +1 -1
- data/Gemfile +2 -2
- data/Gemfile.lock +24 -19
- data/ext/project_data.yaml +1 -1
- data/lib/puppet/application/lookup.rb +78 -24
- data/lib/puppet/concurrent/thread_local_singleton.rb +5 -3
- data/lib/puppet/configurer.rb +74 -25
- data/lib/puppet/defaults.rb +20 -1
- data/lib/puppet/face/generate.rb +2 -0
- data/lib/puppet/file_serving/metadata.rb +3 -0
- data/lib/puppet/file_system/file_impl.rb +7 -7
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/path_pattern.rb +10 -15
- data/lib/puppet/file_system/uniquefile.rb +1 -1
- data/lib/puppet/file_system/windows.rb +4 -4
- data/lib/puppet/file_system.rb +3 -2
- data/lib/puppet/functions/versioncmp.rb +6 -2
- data/lib/puppet/generate/type.rb +9 -0
- data/lib/puppet/graph/simple_graph.rb +2 -1
- data/lib/puppet/http/client.rb +1 -1
- data/lib/puppet/http/redirector.rb +5 -0
- data/lib/puppet/node.rb +1 -1
- data/lib/puppet/parser/resource.rb +1 -1
- data/lib/puppet/pops/evaluator/closure.rb +7 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +1 -0
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +2 -0
- data/lib/puppet/pops/parser/eparser.rb +574 -558
- data/lib/puppet/pops/serialization/to_data_converter.rb +6 -18
- data/lib/puppet/pops/validation/checker4_0.rb +7 -2
- data/lib/puppet/provider/package/pkg.rb +10 -0
- data/lib/puppet/provider/service/init.rb +5 -4
- data/lib/puppet/provider/user/useradd.rb +20 -0
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type_collection.rb +21 -17
- data/lib/puppet/resource.rb +38 -5
- data/lib/puppet/ssl/verifier.rb +3 -1
- data/lib/puppet/transaction/persistence.rb +22 -12
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/group.rb +8 -1
- data/lib/puppet/type/file/owner.rb +8 -1
- data/lib/puppet/type/service.rb +8 -3
- data/lib/puppet/type/user.rb +41 -39
- data/lib/puppet/util/autoload.rb +1 -1
- data/lib/puppet/util/json.rb +20 -0
- data/lib/puppet/util/log.rb +7 -2
- data/lib/puppet/util/monkey_patches.rb +26 -2
- data/lib/puppet/util/package.rb +25 -16
- data/lib/puppet/util/windows/service.rb +0 -5
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/yaml.rb +16 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +1 -0
- data/locales/puppet.pot +5 -9737
- data/man/man5/puppet.conf.5 +21 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +9 -6
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +2 -1
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/integration/application/agent_spec.rb +28 -0
- data/spec/integration/application/lookup_spec.rb +32 -6
- data/spec/integration/parser/pcore_resource_spec.rb +20 -0
- data/spec/shared_contexts/l10n.rb +5 -0
- data/spec/unit/application/lookup_spec.rb +131 -10
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
- data/spec/unit/configurer_spec.rb +167 -60
- data/spec/unit/face/generate_spec.rb +64 -0
- data/spec/unit/file_system/uniquefile_spec.rb +7 -1
- data/spec/unit/file_system_spec.rb +34 -4
- data/spec/unit/forge/module_release_spec.rb +3 -3
- data/spec/unit/functions/versioncmp_spec.rb +40 -4
- data/spec/unit/http/client_spec.rb +58 -1
- data/spec/unit/network/formats_spec.rb +6 -0
- data/spec/unit/node_spec.rb +6 -0
- data/spec/unit/pops/parser/parse_containers_spec.rb +2 -2
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +0 -58
- data/spec/unit/pops/validator/validator_spec.rb +5 -0
- data/spec/unit/provider/package/pkg_spec.rb +15 -0
- data/spec/unit/provider/service/gentoo_spec.rb +6 -5
- data/spec/unit/provider/service/init_spec.rb +15 -9
- data/spec/unit/provider/service/openwrt_spec.rb +21 -29
- data/spec/unit/provider/service/redhat_spec.rb +3 -2
- data/spec/unit/provider/user/useradd_spec.rb +40 -0
- data/spec/unit/resource/catalog_spec.rb +14 -1
- data/spec/unit/resource_spec.rb +58 -2
- data/spec/unit/transaction/persistence_spec.rb +51 -0
- data/spec/unit/type/file/group_spec.rb +7 -0
- data/spec/unit/type/file/owner_spec.rb +7 -0
- data/spec/unit/type/service_spec.rb +27 -0
- data/spec/unit/type/user_spec.rb +67 -45
- data/spec/unit/util/autoload_spec.rb +25 -8
- data/spec/unit/util/json_spec.rb +126 -0
- data/spec/unit/util/yaml_spec.rb +37 -13
- metadata +15 -5
@@ -5,10 +5,9 @@ module Puppet::FileSystem
|
|
5
5
|
class PathPattern
|
6
6
|
class InvalidPattern < Puppet::Error; end
|
7
7
|
|
8
|
-
|
8
|
+
DOTDOT = '..'.freeze
|
9
9
|
ABSOLUTE_UNIX = /^\//
|
10
10
|
ABSOLUTE_WINDOWS = /^[a-z]:/i
|
11
|
-
#ABSOLUT_VODKA #notappearinginthisclass
|
12
11
|
CURRENT_DRIVE_RELATIVE_WINDOWS = /^\\/
|
13
12
|
|
14
13
|
def self.relative(pattern)
|
@@ -32,11 +31,11 @@ module Puppet::FileSystem
|
|
32
31
|
end
|
33
32
|
|
34
33
|
def glob
|
35
|
-
Dir.glob(
|
34
|
+
Dir.glob(@pathstr)
|
36
35
|
end
|
37
36
|
|
38
37
|
def to_s
|
39
|
-
|
38
|
+
@pathstr
|
40
39
|
end
|
41
40
|
|
42
41
|
protected
|
@@ -46,13 +45,9 @@ module Puppet::FileSystem
|
|
46
45
|
private
|
47
46
|
|
48
47
|
def validate
|
49
|
-
@
|
50
|
-
|
51
|
-
|
52
|
-
end
|
53
|
-
end
|
54
|
-
case @pathname.to_s
|
55
|
-
when CURRENT_DRIVE_RELATIVE_WINDOWS
|
48
|
+
if @pathstr.split(Pathname::SEPARATOR_PAT).any? { |f| f == DOTDOT }
|
49
|
+
raise(InvalidPattern, _("PathPatterns cannot be created with directory traversals."))
|
50
|
+
elsif @pathstr.match?(CURRENT_DRIVE_RELATIVE_WINDOWS)
|
56
51
|
raise(InvalidPattern, _("A PathPattern cannot be a Windows current drive relative path."))
|
57
52
|
end
|
58
53
|
end
|
@@ -60,6 +55,7 @@ module Puppet::FileSystem
|
|
60
55
|
def initialize(pattern)
|
61
56
|
begin
|
62
57
|
@pathname = Pathname.new(pattern.strip)
|
58
|
+
@pathstr = @pathname.to_s
|
63
59
|
rescue ArgumentError => error
|
64
60
|
raise InvalidPattern.new(_("PathPatterns cannot be created with a zero byte."), error)
|
65
61
|
end
|
@@ -74,10 +70,9 @@ module Puppet::FileSystem
|
|
74
70
|
|
75
71
|
def validate
|
76
72
|
super
|
77
|
-
|
78
|
-
when ABSOLUTE_WINDOWS
|
73
|
+
if @pathstr.match?(ABSOLUTE_WINDOWS)
|
79
74
|
raise(InvalidPattern, _("A relative PathPattern cannot be prefixed with a drive."))
|
80
|
-
|
75
|
+
elsif @pathstr.match?(ABSOLUTE_UNIX)
|
81
76
|
raise(InvalidPattern, _("A relative PathPattern cannot be an absolute path."))
|
82
77
|
end
|
83
78
|
end
|
@@ -90,7 +85,7 @@ module Puppet::FileSystem
|
|
90
85
|
|
91
86
|
def validate
|
92
87
|
super
|
93
|
-
if
|
88
|
+
if !@pathstr.match?(ABSOLUTE_UNIX) && !@pathstr.match?(ABSOLUTE_WINDOWS)
|
94
89
|
raise(InvalidPattern, _("An absolute PathPattern cannot be a relative path."))
|
95
90
|
end
|
96
91
|
end
|
@@ -127,7 +127,7 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
|
|
127
127
|
tmpdir ||= tmpdir()
|
128
128
|
n = nil
|
129
129
|
begin
|
130
|
-
path = File.
|
130
|
+
path = File.join(tmpdir, make_tmpname(basename, n))
|
131
131
|
yield(path, n, *opts)
|
132
132
|
rescue Errno::EEXIST
|
133
133
|
n ||= 0
|
@@ -123,7 +123,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
123
123
|
LOCK_VIOLATION = 33
|
124
124
|
|
125
125
|
def replace_file(path, mode = nil)
|
126
|
-
if
|
126
|
+
if directory?(path)
|
127
127
|
raise Errno::EISDIR, _("Is a directory: %{directory}") % { directory: path }
|
128
128
|
end
|
129
129
|
|
@@ -159,14 +159,14 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
159
159
|
end
|
160
160
|
|
161
161
|
set_dacl(tempfile.path, dacl) if dacl
|
162
|
-
File.rename(tempfile.path,
|
162
|
+
::File.rename(tempfile.path, path_string(path))
|
163
163
|
ensure
|
164
164
|
tempfile.close!
|
165
165
|
end
|
166
166
|
rescue Puppet::Util::Windows::Error => e
|
167
167
|
case e.code
|
168
168
|
when ACCESS_DENIED, SHARING_VIOLATION, LOCK_VIOLATION
|
169
|
-
raise Errno::EACCES.new(
|
169
|
+
raise Errno::EACCES.new(path_string(path), e)
|
170
170
|
else
|
171
171
|
raise SystemCallError.new(e.message)
|
172
172
|
end
|
@@ -193,7 +193,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
193
193
|
end
|
194
194
|
|
195
195
|
def get_dacl_from_file(path)
|
196
|
-
sd = Puppet::Util::Windows::Security.get_security_descriptor(
|
196
|
+
sd = Puppet::Util::Windows::Security.get_security_descriptor(path_string(path))
|
197
197
|
sd.dacl
|
198
198
|
rescue Puppet::Util::Windows::Error => e
|
199
199
|
raise e unless e.code == FILE_NOT_FOUND
|
data/lib/puppet/file_system.rb
CHANGED
@@ -345,7 +345,8 @@ module Puppet::FileSystem
|
|
345
345
|
# value ~ will be expanded to something like /Users/Foo
|
346
346
|
#
|
347
347
|
# This method exists primarlily to resolve a Ruby deficiency where
|
348
|
-
# File.expand_path doesn't
|
348
|
+
# File.expand_path doesn't convert short paths to long paths, which is
|
349
|
+
# important when resolving the path to load.
|
349
350
|
#
|
350
351
|
# @param path [Object] a path handle produced by {#pathname}
|
351
352
|
# @return [String] a string representation of the path
|
@@ -396,7 +397,7 @@ module Puppet::FileSystem
|
|
396
397
|
# @api public
|
397
398
|
#
|
398
399
|
def self.chmod(mode, path)
|
399
|
-
@impl.chmod(mode, path)
|
400
|
+
@impl.chmod(mode, assert_path(path))
|
400
401
|
end
|
401
402
|
|
402
403
|
# Replace the contents of a file atomically, creating the file if necessary.
|
@@ -8,6 +8,9 @@ require_relative '../../puppet/util/package'
|
|
8
8
|
#
|
9
9
|
# Where a and b are arbitrary version strings.
|
10
10
|
#
|
11
|
+
# Optional parameter ignore_trailing_zeroes is used to ignore unnecessary
|
12
|
+
# trailing version numbers like .0 or .0.00
|
13
|
+
#
|
11
14
|
# This function returns:
|
12
15
|
#
|
13
16
|
# * `1` if version a is greater than version b
|
@@ -28,9 +31,10 @@ Puppet::Functions.create_function(:versioncmp) do
|
|
28
31
|
dispatch :versioncmp do
|
29
32
|
param 'String', :a
|
30
33
|
param 'String', :b
|
34
|
+
optional_param 'Boolean', :ignore_trailing_zeroes
|
31
35
|
end
|
32
36
|
|
33
|
-
def versioncmp(a, b)
|
34
|
-
Puppet::Util::Package.versioncmp(a, b)
|
37
|
+
def versioncmp(a, b, ignore_trailing_zeroes = false)
|
38
|
+
Puppet::Util::Package.versioncmp(a, b, ignore_trailing_zeroes)
|
35
39
|
end
|
36
40
|
end
|
data/lib/puppet/generate/type.rb
CHANGED
@@ -134,6 +134,9 @@ module Puppet
|
|
134
134
|
inputs.sort_by! { |input| input.path }
|
135
135
|
end
|
136
136
|
|
137
|
+
def self.bad_input?
|
138
|
+
@bad_input
|
139
|
+
end
|
137
140
|
# Generates files for the given inputs.
|
138
141
|
# If a file is up to date (newer than input) it is kept.
|
139
142
|
# If a file is out of date it is regenerated.
|
@@ -170,6 +173,8 @@ module Puppet
|
|
170
173
|
}
|
171
174
|
|
172
175
|
up_to_date = true
|
176
|
+
@bad_input = false
|
177
|
+
|
173
178
|
Puppet.notice _('Generating Puppet resource types.')
|
174
179
|
inputs.each do |input|
|
175
180
|
if !force && input.up_to_date?(outputdir)
|
@@ -187,6 +192,7 @@ module Puppet
|
|
187
192
|
raise
|
188
193
|
rescue Exception => e
|
189
194
|
# Log the exception and move on to the next input
|
195
|
+
@bad_input = true
|
190
196
|
Puppet.log_exception(e, _("Failed to load custom type '%{type_name}' from '%{input}': %{message}") % { type_name: type_name, input: input, message: e.message })
|
191
197
|
next
|
192
198
|
end
|
@@ -205,6 +211,7 @@ module Puppet
|
|
205
211
|
begin
|
206
212
|
model = Models::Type::Type.new(type)
|
207
213
|
rescue Exception => e
|
214
|
+
@bad_input = true
|
208
215
|
# Move on to the next input
|
209
216
|
Puppet.log_exception(e, "#{input}: #{e.message}")
|
210
217
|
next
|
@@ -214,6 +221,7 @@ module Puppet
|
|
214
221
|
begin
|
215
222
|
result = model.render(templates[input.template_path])
|
216
223
|
rescue Exception => e
|
224
|
+
@bad_input = true
|
217
225
|
Puppet.log_exception(e)
|
218
226
|
raise
|
219
227
|
end
|
@@ -227,6 +235,7 @@ module Puppet
|
|
227
235
|
file.write(result)
|
228
236
|
end
|
229
237
|
rescue Exception => e
|
238
|
+
@bad_input = true
|
230
239
|
Puppet.log_exception(e, _("Failed to generate '%{effective_output_path}': %{message}") % { effective_output_path: effective_output_path, message: e.message })
|
231
240
|
# Move on to the next input
|
232
241
|
next
|
@@ -38,11 +38,12 @@ class Puppet::Graph::SimpleGraph
|
|
38
38
|
@downstream_from.clear
|
39
39
|
end
|
40
40
|
|
41
|
-
# Which resources
|
41
|
+
# Which resources the given resource depends on.
|
42
42
|
def dependencies(resource)
|
43
43
|
vertex?(resource) ? upstream_from_vertex(resource).keys : []
|
44
44
|
end
|
45
45
|
|
46
|
+
# Which resources depend upon the given resource.
|
46
47
|
def dependents(resource)
|
47
48
|
vertex?(resource) ? downstream_from_vertex(resource).keys : []
|
48
49
|
end
|
data/lib/puppet/http/client.rb
CHANGED
@@ -346,7 +346,7 @@ class Puppet::HTTP::Client
|
|
346
346
|
|
347
347
|
while !done do
|
348
348
|
connect(request.uri, options: options) do |http|
|
349
|
-
apply_auth(request, basic_auth)
|
349
|
+
apply_auth(request, basic_auth) if redirects.zero?
|
350
350
|
|
351
351
|
# don't call return within the `request` block
|
352
352
|
http.request(request) do |nethttp|
|
@@ -49,6 +49,11 @@ class Puppet::HTTP::Redirector
|
|
49
49
|
new_request = request.class.new(url)
|
50
50
|
new_request.body = request.body
|
51
51
|
request.each do |header, value|
|
52
|
+
unless Puppet[:location_trusted]
|
53
|
+
# skip adding potentially sensitive header to other hosts
|
54
|
+
next if header.casecmp('Authorization').zero? && request.uri.host.casecmp(location.host) != 0
|
55
|
+
next if header.casecmp('Cookie').zero? && request.uri.host.casecmp(location.host) != 0
|
56
|
+
end
|
52
57
|
new_request[header] = value
|
53
58
|
end
|
54
59
|
|
data/lib/puppet/node.rb
CHANGED
@@ -89,7 +89,7 @@ class Puppet::Node
|
|
89
89
|
unless @environment.nil?
|
90
90
|
# always set the environment parameter. It becomes top scope $environment for a manifest during catalog compilation.
|
91
91
|
@parameters[ENVIRONMENT] = @environment.name.to_s
|
92
|
-
self.environment_name = @environment.name
|
92
|
+
self.environment_name = @environment.name
|
93
93
|
end
|
94
94
|
@environment
|
95
95
|
end
|
@@ -13,7 +13,7 @@ class Puppet::Parser::Resource < Puppet::Resource
|
|
13
13
|
|
14
14
|
attr_accessor :source, :scope, :collector_id
|
15
15
|
attr_accessor :virtual, :override, :translated, :catalog, :evaluated
|
16
|
-
attr_accessor :file, :line
|
16
|
+
attr_accessor :file, :line, :kind
|
17
17
|
|
18
18
|
attr_reader :exported, :parameters
|
19
19
|
|
@@ -219,16 +219,15 @@ class Closure < CallableSignature
|
|
219
219
|
def call_with_scope(scope, args)
|
220
220
|
variable_bindings = combine_values_with_parameters(scope, args)
|
221
221
|
|
222
|
-
|
223
|
-
final_args = tc.infer_set(parameters.reduce([]) do |tmp_args, param|
|
222
|
+
final_args = parameters.reduce([]) do |tmp_args, param|
|
224
223
|
if param.captures_rest
|
225
224
|
tmp_args.concat(variable_bindings[param.name])
|
226
225
|
else
|
227
226
|
tmp_args << variable_bindings[param.name]
|
228
227
|
end
|
229
|
-
end
|
228
|
+
end
|
230
229
|
|
231
|
-
if type.
|
230
|
+
if type.callable_with?(final_args, block_type)
|
232
231
|
result = catch(:next) do
|
233
232
|
@evaluator.evaluate_block_with_bindings(scope, variable_bindings, @model.body)
|
234
233
|
end
|
@@ -236,7 +235,9 @@ class Closure < CallableSignature
|
|
236
235
|
"value returned from #{closure_name}"
|
237
236
|
end
|
238
237
|
else
|
239
|
-
|
238
|
+
tc = Types::TypeCalculator.singleton
|
239
|
+
args_type = tc.infer_set(final_args)
|
240
|
+
raise ArgumentError, Types::TypeMismatchDescriber.describe_signatures(closure_name, [self], args_type)
|
240
241
|
end
|
241
242
|
end
|
242
243
|
|
@@ -309,6 +310,7 @@ class Closure < CallableSignature
|
|
309
310
|
to += param_range[1]
|
310
311
|
end
|
311
312
|
param_types = Types::PTupleType.new(types, Types::PIntegerType.new(from, to))
|
313
|
+
# The block_type for a Closure is always nil for now, see comment in block_name above
|
312
314
|
Types::PCallableType.new(param_types, nil, return_type)
|
313
315
|
end
|
314
316
|
|
@@ -40,6 +40,7 @@ module Runtime3ResourceSupport
|
|
40
40
|
:parameters => evaluated_parameters,
|
41
41
|
:file => file,
|
42
42
|
:line => line,
|
43
|
+
:kind => Puppet::Resource.to_kind(resolved_type),
|
43
44
|
:exported => exported,
|
44
45
|
:virtual => virtual,
|
45
46
|
# WTF is this? Which source is this? The file? The name of the context ?
|
@@ -11,17 +11,17 @@ class Puppet::Pops::Parser::CodeMerger
|
|
11
11
|
# PUP-5299, some sites have thousands of entries, and run out of stack when evaluating - the logic
|
12
12
|
# below maps the logic as flatly as possible.
|
13
13
|
#
|
14
|
-
children = parse_results.select {|x| !x.nil? && x.code}.
|
14
|
+
children = parse_results.select {|x| !x.nil? && x.code}.flat_map do |parsed_class|
|
15
15
|
case parsed_class.code
|
16
16
|
when Puppet::Parser::AST::BlockExpression
|
17
17
|
# the BlockExpression wraps a single 4x instruction that is most likely wrapped in a Factory
|
18
|
-
|
18
|
+
parsed_class.code.children.map {|c| c.is_a?(Puppet::Pops::Model::Factory) ? c.model : c }
|
19
19
|
when Puppet::Pops::Model::Factory
|
20
20
|
# If it is a 4x instruction wrapped in a Factory
|
21
|
-
|
21
|
+
parsed_class.code.model
|
22
22
|
else
|
23
23
|
# It is the instruction directly
|
24
|
-
|
24
|
+
parsed_class.code
|
25
25
|
end
|
26
26
|
end
|
27
27
|
Puppet::Parser::AST::BlockExpression.new(:children => children)
|