puppet 7.11.0-x86-mingw32 → 7.14.0-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CODEOWNERS +1 -1
- data/Gemfile +2 -2
- data/Gemfile.lock +24 -19
- data/ext/project_data.yaml +1 -1
- data/lib/puppet/application/lookup.rb +78 -24
- data/lib/puppet/concurrent/thread_local_singleton.rb +5 -3
- data/lib/puppet/configurer.rb +74 -25
- data/lib/puppet/defaults.rb +20 -1
- data/lib/puppet/face/generate.rb +2 -0
- data/lib/puppet/file_serving/metadata.rb +3 -0
- data/lib/puppet/file_system/file_impl.rb +7 -7
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/path_pattern.rb +10 -15
- data/lib/puppet/file_system/uniquefile.rb +1 -1
- data/lib/puppet/file_system/windows.rb +4 -4
- data/lib/puppet/file_system.rb +3 -2
- data/lib/puppet/functions/versioncmp.rb +6 -2
- data/lib/puppet/generate/type.rb +9 -0
- data/lib/puppet/graph/simple_graph.rb +2 -1
- data/lib/puppet/http/client.rb +1 -1
- data/lib/puppet/http/redirector.rb +5 -0
- data/lib/puppet/node.rb +1 -1
- data/lib/puppet/parser/resource.rb +1 -1
- data/lib/puppet/pops/evaluator/closure.rb +7 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +1 -0
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +2 -0
- data/lib/puppet/pops/parser/eparser.rb +574 -558
- data/lib/puppet/pops/serialization/to_data_converter.rb +6 -18
- data/lib/puppet/pops/validation/checker4_0.rb +7 -2
- data/lib/puppet/provider/package/pkg.rb +10 -0
- data/lib/puppet/provider/service/init.rb +5 -4
- data/lib/puppet/provider/user/useradd.rb +20 -0
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type_collection.rb +21 -17
- data/lib/puppet/resource.rb +38 -5
- data/lib/puppet/ssl/verifier.rb +3 -1
- data/lib/puppet/transaction/persistence.rb +22 -12
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/group.rb +8 -1
- data/lib/puppet/type/file/owner.rb +8 -1
- data/lib/puppet/type/service.rb +8 -3
- data/lib/puppet/type/user.rb +41 -39
- data/lib/puppet/util/autoload.rb +1 -1
- data/lib/puppet/util/json.rb +20 -0
- data/lib/puppet/util/log.rb +7 -2
- data/lib/puppet/util/monkey_patches.rb +26 -2
- data/lib/puppet/util/package.rb +25 -16
- data/lib/puppet/util/windows/service.rb +0 -5
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/yaml.rb +16 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +1 -0
- data/locales/puppet.pot +5 -9737
- data/man/man5/puppet.conf.5 +21 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +9 -6
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +2 -1
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/integration/application/agent_spec.rb +28 -0
- data/spec/integration/application/lookup_spec.rb +32 -6
- data/spec/integration/parser/pcore_resource_spec.rb +20 -0
- data/spec/shared_contexts/l10n.rb +5 -0
- data/spec/unit/application/lookup_spec.rb +131 -10
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +39 -0
- data/spec/unit/configurer_spec.rb +167 -60
- data/spec/unit/face/generate_spec.rb +64 -0
- data/spec/unit/file_system/uniquefile_spec.rb +7 -1
- data/spec/unit/file_system_spec.rb +34 -4
- data/spec/unit/forge/module_release_spec.rb +3 -3
- data/spec/unit/functions/versioncmp_spec.rb +40 -4
- data/spec/unit/http/client_spec.rb +58 -1
- data/spec/unit/network/formats_spec.rb +6 -0
- data/spec/unit/node_spec.rb +6 -0
- data/spec/unit/pops/parser/parse_containers_spec.rb +2 -2
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +0 -58
- data/spec/unit/pops/validator/validator_spec.rb +5 -0
- data/spec/unit/provider/package/pkg_spec.rb +15 -0
- data/spec/unit/provider/service/gentoo_spec.rb +6 -5
- data/spec/unit/provider/service/init_spec.rb +15 -9
- data/spec/unit/provider/service/openwrt_spec.rb +21 -29
- data/spec/unit/provider/service/redhat_spec.rb +3 -2
- data/spec/unit/provider/user/useradd_spec.rb +40 -0
- data/spec/unit/resource/catalog_spec.rb +14 -1
- data/spec/unit/resource_spec.rb +58 -2
- data/spec/unit/transaction/persistence_spec.rb +51 -0
- data/spec/unit/type/file/group_spec.rb +7 -0
- data/spec/unit/type/file/owner_spec.rb +7 -0
- data/spec/unit/type/service_spec.rb +27 -0
- data/spec/unit/type/user_spec.rb +67 -45
- data/spec/unit/util/autoload_spec.rb +25 -8
- data/spec/unit/util/json_spec.rb +126 -0
- data/spec/unit/util/yaml_spec.rb +37 -13
- metadata +15 -5
@@ -5,10 +5,9 @@ module Puppet::FileSystem
|
|
5
5
|
class PathPattern
|
6
6
|
class InvalidPattern < Puppet::Error; end
|
7
7
|
|
8
|
-
|
8
|
+
DOTDOT = '..'.freeze
|
9
9
|
ABSOLUTE_UNIX = /^\//
|
10
10
|
ABSOLUTE_WINDOWS = /^[a-z]:/i
|
11
|
-
#ABSOLUT_VODKA #notappearinginthisclass
|
12
11
|
CURRENT_DRIVE_RELATIVE_WINDOWS = /^\\/
|
13
12
|
|
14
13
|
def self.relative(pattern)
|
@@ -32,11 +31,11 @@ module Puppet::FileSystem
|
|
32
31
|
end
|
33
32
|
|
34
33
|
def glob
|
35
|
-
Dir.glob(
|
34
|
+
Dir.glob(@pathstr)
|
36
35
|
end
|
37
36
|
|
38
37
|
def to_s
|
39
|
-
|
38
|
+
@pathstr
|
40
39
|
end
|
41
40
|
|
42
41
|
protected
|
@@ -46,13 +45,9 @@ module Puppet::FileSystem
|
|
46
45
|
private
|
47
46
|
|
48
47
|
def validate
|
49
|
-
@
|
50
|
-
|
51
|
-
|
52
|
-
end
|
53
|
-
end
|
54
|
-
case @pathname.to_s
|
55
|
-
when CURRENT_DRIVE_RELATIVE_WINDOWS
|
48
|
+
if @pathstr.split(Pathname::SEPARATOR_PAT).any? { |f| f == DOTDOT }
|
49
|
+
raise(InvalidPattern, _("PathPatterns cannot be created with directory traversals."))
|
50
|
+
elsif @pathstr.match?(CURRENT_DRIVE_RELATIVE_WINDOWS)
|
56
51
|
raise(InvalidPattern, _("A PathPattern cannot be a Windows current drive relative path."))
|
57
52
|
end
|
58
53
|
end
|
@@ -60,6 +55,7 @@ module Puppet::FileSystem
|
|
60
55
|
def initialize(pattern)
|
61
56
|
begin
|
62
57
|
@pathname = Pathname.new(pattern.strip)
|
58
|
+
@pathstr = @pathname.to_s
|
63
59
|
rescue ArgumentError => error
|
64
60
|
raise InvalidPattern.new(_("PathPatterns cannot be created with a zero byte."), error)
|
65
61
|
end
|
@@ -74,10 +70,9 @@ module Puppet::FileSystem
|
|
74
70
|
|
75
71
|
def validate
|
76
72
|
super
|
77
|
-
|
78
|
-
when ABSOLUTE_WINDOWS
|
73
|
+
if @pathstr.match?(ABSOLUTE_WINDOWS)
|
79
74
|
raise(InvalidPattern, _("A relative PathPattern cannot be prefixed with a drive."))
|
80
|
-
|
75
|
+
elsif @pathstr.match?(ABSOLUTE_UNIX)
|
81
76
|
raise(InvalidPattern, _("A relative PathPattern cannot be an absolute path."))
|
82
77
|
end
|
83
78
|
end
|
@@ -90,7 +85,7 @@ module Puppet::FileSystem
|
|
90
85
|
|
91
86
|
def validate
|
92
87
|
super
|
93
|
-
if
|
88
|
+
if !@pathstr.match?(ABSOLUTE_UNIX) && !@pathstr.match?(ABSOLUTE_WINDOWS)
|
94
89
|
raise(InvalidPattern, _("An absolute PathPattern cannot be a relative path."))
|
95
90
|
end
|
96
91
|
end
|
@@ -127,7 +127,7 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
|
|
127
127
|
tmpdir ||= tmpdir()
|
128
128
|
n = nil
|
129
129
|
begin
|
130
|
-
path = File.
|
130
|
+
path = File.join(tmpdir, make_tmpname(basename, n))
|
131
131
|
yield(path, n, *opts)
|
132
132
|
rescue Errno::EEXIST
|
133
133
|
n ||= 0
|
@@ -123,7 +123,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
123
123
|
LOCK_VIOLATION = 33
|
124
124
|
|
125
125
|
def replace_file(path, mode = nil)
|
126
|
-
if
|
126
|
+
if directory?(path)
|
127
127
|
raise Errno::EISDIR, _("Is a directory: %{directory}") % { directory: path }
|
128
128
|
end
|
129
129
|
|
@@ -159,14 +159,14 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
159
159
|
end
|
160
160
|
|
161
161
|
set_dacl(tempfile.path, dacl) if dacl
|
162
|
-
File.rename(tempfile.path,
|
162
|
+
::File.rename(tempfile.path, path_string(path))
|
163
163
|
ensure
|
164
164
|
tempfile.close!
|
165
165
|
end
|
166
166
|
rescue Puppet::Util::Windows::Error => e
|
167
167
|
case e.code
|
168
168
|
when ACCESS_DENIED, SHARING_VIOLATION, LOCK_VIOLATION
|
169
|
-
raise Errno::EACCES.new(
|
169
|
+
raise Errno::EACCES.new(path_string(path), e)
|
170
170
|
else
|
171
171
|
raise SystemCallError.new(e.message)
|
172
172
|
end
|
@@ -193,7 +193,7 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
193
193
|
end
|
194
194
|
|
195
195
|
def get_dacl_from_file(path)
|
196
|
-
sd = Puppet::Util::Windows::Security.get_security_descriptor(
|
196
|
+
sd = Puppet::Util::Windows::Security.get_security_descriptor(path_string(path))
|
197
197
|
sd.dacl
|
198
198
|
rescue Puppet::Util::Windows::Error => e
|
199
199
|
raise e unless e.code == FILE_NOT_FOUND
|
data/lib/puppet/file_system.rb
CHANGED
@@ -345,7 +345,8 @@ module Puppet::FileSystem
|
|
345
345
|
# value ~ will be expanded to something like /Users/Foo
|
346
346
|
#
|
347
347
|
# This method exists primarlily to resolve a Ruby deficiency where
|
348
|
-
# File.expand_path doesn't
|
348
|
+
# File.expand_path doesn't convert short paths to long paths, which is
|
349
|
+
# important when resolving the path to load.
|
349
350
|
#
|
350
351
|
# @param path [Object] a path handle produced by {#pathname}
|
351
352
|
# @return [String] a string representation of the path
|
@@ -396,7 +397,7 @@ module Puppet::FileSystem
|
|
396
397
|
# @api public
|
397
398
|
#
|
398
399
|
def self.chmod(mode, path)
|
399
|
-
@impl.chmod(mode, path)
|
400
|
+
@impl.chmod(mode, assert_path(path))
|
400
401
|
end
|
401
402
|
|
402
403
|
# Replace the contents of a file atomically, creating the file if necessary.
|
@@ -8,6 +8,9 @@ require_relative '../../puppet/util/package'
|
|
8
8
|
#
|
9
9
|
# Where a and b are arbitrary version strings.
|
10
10
|
#
|
11
|
+
# Optional parameter ignore_trailing_zeroes is used to ignore unnecessary
|
12
|
+
# trailing version numbers like .0 or .0.00
|
13
|
+
#
|
11
14
|
# This function returns:
|
12
15
|
#
|
13
16
|
# * `1` if version a is greater than version b
|
@@ -28,9 +31,10 @@ Puppet::Functions.create_function(:versioncmp) do
|
|
28
31
|
dispatch :versioncmp do
|
29
32
|
param 'String', :a
|
30
33
|
param 'String', :b
|
34
|
+
optional_param 'Boolean', :ignore_trailing_zeroes
|
31
35
|
end
|
32
36
|
|
33
|
-
def versioncmp(a, b)
|
34
|
-
Puppet::Util::Package.versioncmp(a, b)
|
37
|
+
def versioncmp(a, b, ignore_trailing_zeroes = false)
|
38
|
+
Puppet::Util::Package.versioncmp(a, b, ignore_trailing_zeroes)
|
35
39
|
end
|
36
40
|
end
|
data/lib/puppet/generate/type.rb
CHANGED
@@ -134,6 +134,9 @@ module Puppet
|
|
134
134
|
inputs.sort_by! { |input| input.path }
|
135
135
|
end
|
136
136
|
|
137
|
+
def self.bad_input?
|
138
|
+
@bad_input
|
139
|
+
end
|
137
140
|
# Generates files for the given inputs.
|
138
141
|
# If a file is up to date (newer than input) it is kept.
|
139
142
|
# If a file is out of date it is regenerated.
|
@@ -170,6 +173,8 @@ module Puppet
|
|
170
173
|
}
|
171
174
|
|
172
175
|
up_to_date = true
|
176
|
+
@bad_input = false
|
177
|
+
|
173
178
|
Puppet.notice _('Generating Puppet resource types.')
|
174
179
|
inputs.each do |input|
|
175
180
|
if !force && input.up_to_date?(outputdir)
|
@@ -187,6 +192,7 @@ module Puppet
|
|
187
192
|
raise
|
188
193
|
rescue Exception => e
|
189
194
|
# Log the exception and move on to the next input
|
195
|
+
@bad_input = true
|
190
196
|
Puppet.log_exception(e, _("Failed to load custom type '%{type_name}' from '%{input}': %{message}") % { type_name: type_name, input: input, message: e.message })
|
191
197
|
next
|
192
198
|
end
|
@@ -205,6 +211,7 @@ module Puppet
|
|
205
211
|
begin
|
206
212
|
model = Models::Type::Type.new(type)
|
207
213
|
rescue Exception => e
|
214
|
+
@bad_input = true
|
208
215
|
# Move on to the next input
|
209
216
|
Puppet.log_exception(e, "#{input}: #{e.message}")
|
210
217
|
next
|
@@ -214,6 +221,7 @@ module Puppet
|
|
214
221
|
begin
|
215
222
|
result = model.render(templates[input.template_path])
|
216
223
|
rescue Exception => e
|
224
|
+
@bad_input = true
|
217
225
|
Puppet.log_exception(e)
|
218
226
|
raise
|
219
227
|
end
|
@@ -227,6 +235,7 @@ module Puppet
|
|
227
235
|
file.write(result)
|
228
236
|
end
|
229
237
|
rescue Exception => e
|
238
|
+
@bad_input = true
|
230
239
|
Puppet.log_exception(e, _("Failed to generate '%{effective_output_path}': %{message}") % { effective_output_path: effective_output_path, message: e.message })
|
231
240
|
# Move on to the next input
|
232
241
|
next
|
@@ -38,11 +38,12 @@ class Puppet::Graph::SimpleGraph
|
|
38
38
|
@downstream_from.clear
|
39
39
|
end
|
40
40
|
|
41
|
-
# Which resources
|
41
|
+
# Which resources the given resource depends on.
|
42
42
|
def dependencies(resource)
|
43
43
|
vertex?(resource) ? upstream_from_vertex(resource).keys : []
|
44
44
|
end
|
45
45
|
|
46
|
+
# Which resources depend upon the given resource.
|
46
47
|
def dependents(resource)
|
47
48
|
vertex?(resource) ? downstream_from_vertex(resource).keys : []
|
48
49
|
end
|
data/lib/puppet/http/client.rb
CHANGED
@@ -346,7 +346,7 @@ class Puppet::HTTP::Client
|
|
346
346
|
|
347
347
|
while !done do
|
348
348
|
connect(request.uri, options: options) do |http|
|
349
|
-
apply_auth(request, basic_auth)
|
349
|
+
apply_auth(request, basic_auth) if redirects.zero?
|
350
350
|
|
351
351
|
# don't call return within the `request` block
|
352
352
|
http.request(request) do |nethttp|
|
@@ -49,6 +49,11 @@ class Puppet::HTTP::Redirector
|
|
49
49
|
new_request = request.class.new(url)
|
50
50
|
new_request.body = request.body
|
51
51
|
request.each do |header, value|
|
52
|
+
unless Puppet[:location_trusted]
|
53
|
+
# skip adding potentially sensitive header to other hosts
|
54
|
+
next if header.casecmp('Authorization').zero? && request.uri.host.casecmp(location.host) != 0
|
55
|
+
next if header.casecmp('Cookie').zero? && request.uri.host.casecmp(location.host) != 0
|
56
|
+
end
|
52
57
|
new_request[header] = value
|
53
58
|
end
|
54
59
|
|
data/lib/puppet/node.rb
CHANGED
@@ -89,7 +89,7 @@ class Puppet::Node
|
|
89
89
|
unless @environment.nil?
|
90
90
|
# always set the environment parameter. It becomes top scope $environment for a manifest during catalog compilation.
|
91
91
|
@parameters[ENVIRONMENT] = @environment.name.to_s
|
92
|
-
self.environment_name = @environment.name
|
92
|
+
self.environment_name = @environment.name
|
93
93
|
end
|
94
94
|
@environment
|
95
95
|
end
|
@@ -13,7 +13,7 @@ class Puppet::Parser::Resource < Puppet::Resource
|
|
13
13
|
|
14
14
|
attr_accessor :source, :scope, :collector_id
|
15
15
|
attr_accessor :virtual, :override, :translated, :catalog, :evaluated
|
16
|
-
attr_accessor :file, :line
|
16
|
+
attr_accessor :file, :line, :kind
|
17
17
|
|
18
18
|
attr_reader :exported, :parameters
|
19
19
|
|
@@ -219,16 +219,15 @@ class Closure < CallableSignature
|
|
219
219
|
def call_with_scope(scope, args)
|
220
220
|
variable_bindings = combine_values_with_parameters(scope, args)
|
221
221
|
|
222
|
-
|
223
|
-
final_args = tc.infer_set(parameters.reduce([]) do |tmp_args, param|
|
222
|
+
final_args = parameters.reduce([]) do |tmp_args, param|
|
224
223
|
if param.captures_rest
|
225
224
|
tmp_args.concat(variable_bindings[param.name])
|
226
225
|
else
|
227
226
|
tmp_args << variable_bindings[param.name]
|
228
227
|
end
|
229
|
-
end
|
228
|
+
end
|
230
229
|
|
231
|
-
if type.
|
230
|
+
if type.callable_with?(final_args, block_type)
|
232
231
|
result = catch(:next) do
|
233
232
|
@evaluator.evaluate_block_with_bindings(scope, variable_bindings, @model.body)
|
234
233
|
end
|
@@ -236,7 +235,9 @@ class Closure < CallableSignature
|
|
236
235
|
"value returned from #{closure_name}"
|
237
236
|
end
|
238
237
|
else
|
239
|
-
|
238
|
+
tc = Types::TypeCalculator.singleton
|
239
|
+
args_type = tc.infer_set(final_args)
|
240
|
+
raise ArgumentError, Types::TypeMismatchDescriber.describe_signatures(closure_name, [self], args_type)
|
240
241
|
end
|
241
242
|
end
|
242
243
|
|
@@ -309,6 +310,7 @@ class Closure < CallableSignature
|
|
309
310
|
to += param_range[1]
|
310
311
|
end
|
311
312
|
param_types = Types::PTupleType.new(types, Types::PIntegerType.new(from, to))
|
313
|
+
# The block_type for a Closure is always nil for now, see comment in block_name above
|
312
314
|
Types::PCallableType.new(param_types, nil, return_type)
|
313
315
|
end
|
314
316
|
|
@@ -40,6 +40,7 @@ module Runtime3ResourceSupport
|
|
40
40
|
:parameters => evaluated_parameters,
|
41
41
|
:file => file,
|
42
42
|
:line => line,
|
43
|
+
:kind => Puppet::Resource.to_kind(resolved_type),
|
43
44
|
:exported => exported,
|
44
45
|
:virtual => virtual,
|
45
46
|
# WTF is this? Which source is this? The file? The name of the context ?
|
@@ -11,17 +11,17 @@ class Puppet::Pops::Parser::CodeMerger
|
|
11
11
|
# PUP-5299, some sites have thousands of entries, and run out of stack when evaluating - the logic
|
12
12
|
# below maps the logic as flatly as possible.
|
13
13
|
#
|
14
|
-
children = parse_results.select {|x| !x.nil? && x.code}.
|
14
|
+
children = parse_results.select {|x| !x.nil? && x.code}.flat_map do |parsed_class|
|
15
15
|
case parsed_class.code
|
16
16
|
when Puppet::Parser::AST::BlockExpression
|
17
17
|
# the BlockExpression wraps a single 4x instruction that is most likely wrapped in a Factory
|
18
|
-
|
18
|
+
parsed_class.code.children.map {|c| c.is_a?(Puppet::Pops::Model::Factory) ? c.model : c }
|
19
19
|
when Puppet::Pops::Model::Factory
|
20
20
|
# If it is a 4x instruction wrapped in a Factory
|
21
|
-
|
21
|
+
parsed_class.code.model
|
22
22
|
else
|
23
23
|
# It is the instruction directly
|
24
|
-
|
24
|
+
parsed_class.code
|
25
25
|
end
|
26
26
|
end
|
27
27
|
Puppet::Parser::AST::BlockExpression.new(:children => children)
|