puppet 7.12.0 → 7.12.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: feb741bb77ed2e7f043a4879e1ff6c5b6ae03a4467b497d0895ed8071ef607d7
-  data.tar.gz: 4359d0d4a714a2e6cec8a85b0d469462784f738167fe88209e9644fb5ecd2362
+  metadata.gz: 9c9a5ad10d1fe29d4c28a410c34cc28236cc3a678444e72cdbcbd824ead10f99
+  data.tar.gz: 104352f3f069d1f9043dc386f035f0c18da3bbc09f1715092b682a6508b97842
 SHA512:
-  metadata.gz: 410a0b4bf4b835b884e60235a6b7d902147655142dd4d11eaea7983b3a7bc42960e89a9132cd4db4e79ad485f61b88b5e6508db09f4ed806f78908f451f952e0
-  data.tar.gz: 474c5e4a49a949e28438576047cbf17fc1dc5e30e2d4c04bf96fd6faefe8acbc77aea9e243381d33cf1202b65436b7f7f288e915442c555cad43731ffd23f568
+  metadata.gz: 45dcb3ec19cc2b62b3a642a3adbe3697a08eee3f6f79158b30e4b32dfecc4eb908f4d0c7a22958606b2cf3ba4cfefc93f17108b1ec159e49bdb4ed18540538aa
+  data.tar.gz: d5efd563f4a3bd518883d6ed8b8721cff49b81b9f0ccc0a382bb3e96ac4262ebbfe6535a12451f6d6a4ff61399cc5e79aeb64e13832443998dba2fa0fb2702ba

data/Gemfile.lock

@@ -1,9 +1,9 @@
 GIT
   remote: git://github.com/puppetlabs/packaging
-  revision: 03722ea5c9106c1b31a58b22cc41bacade8c8fa8
+  revision: 4c5359786cad0d12877e10e98948065bfeb3e304
   branch: 1.0.x
   specs:
-    packaging (0.101.0)
+    packaging (0.103.0)
       artifactory (~> 2)
       csv (= 3.1.5)
       rake (>= 12.3)
@@ -12,7 +12,7 @@ GIT
 PATH
   remote: .
   specs:
-    puppet (7.12.0)
+    puppet (7.12.1)
       CFPropertyList (~> 2.2)
       concurrent-ruby (~> 1.0)
       deep_merge (~> 1.0)

data/lib/puppet/configurer.rb

@@ -390,9 +390,16 @@ class Puppet::Configurer
       # We only need to find out the environment to run in if we don't already have a catalog
       unless (cached_catalog || options[:catalog] || Puppet.settings.set_by_cli?(:environment) || Puppet[:strict_environment_mode])
         Puppet.debug(_("Environment not passed via CLI and no catalog was given, attempting to find out the last server-specified environment"))
-        if last_server_specified_environment
-          @environment = last_server_specified_environment
-          report.environment = last_server_specified_environment
+        initial_environment, loaded_last_environment = last_server_specified_environment
+
+        unless loaded_last_environment
+          Puppet.debug(_("Requesting environment from the server"))
+          initial_environment = current_server_specified_environment(@environment, configured_environment, options)
+        end
+
+        if initial_environment
+          @environment = initial_environment
+          report.environment = initial_environment
 
           push_current_environment_and_loaders
         else
@@ -551,24 +558,77 @@ class Puppet::Configurer
   end
   private :find_functional_server
 
+  #
+  # @api private
+  #
+  # Read the last server-specified environment from the lastrunfile. The
+  # environment is considered to be server-specified if the values of
+  # `initial_environment` and `converged_environment` are different.
+  #
+  # @return [String, Boolean] An array containing a string with the environment
+  #   read from the lastrunfile in case the server is authoritative, and a
+  #   boolean marking whether the last environment was correctly loaded.
   def last_server_specified_environment
-    return @last_server_specified_environment if @last_server_specified_environment
+    return @last_server_specified_environment, @loaded_last_environment if @last_server_specified_environment
+
     if Puppet::FileSystem.exist?(Puppet[:lastrunfile])
       summary = Puppet::Util::Yaml.safe_load_file(Puppet[:lastrunfile])
-      return unless summary.dig('application', 'run_mode') == 'agent'
-      initial_environment = summary.dig('application', 'initial_environment')
-      converged_environment = summary.dig('application', 'converged_environment')
+      return [nil, nil] unless summary['application']['run_mode'] == 'agent'
+      initial_environment = summary['application']['initial_environment']
+      converged_environment = summary['application']['converged_environment']
       @last_server_specified_environment = converged_environment if initial_environment != converged_environment
+      Puppet.debug(_("Successfully loaded last environment from the lastrunfile"))
+      @loaded_last_environment = true
     end
 
     Puppet.debug(_("Found last server-specified environment: %{environment}") % { environment: @last_server_specified_environment }) if @last_server_specified_environment
-    @last_server_specified_environment
+    [@last_server_specified_environment, @loaded_last_environment]
   rescue => detail
     Puppet.debug(_("Could not find last server-specified environment: %{detail}") % { detail: detail })
-    nil
+    [nil, nil]
   end
   private :last_server_specified_environment
 
+  def current_server_specified_environment(current_environment, configured_environment, options)
+    return @server_specified_environment if @server_specified_environment
+
+    begin
+      node_retr_time = thinmark do
+        node = Puppet::Node.indirection.find(Puppet[:node_name_value],
+                                             :environment => Puppet::Node::Environment.remote(current_environment),
+                                             :configured_environment => configured_environment,
+                                             :ignore_cache => true,
+                                             :transaction_uuid => @transaction_uuid,
+                                             :fail_on_404 => true)
+
+        # The :rest node terminus returns a node with an environment_name, but not an
+        # environment instance. Attempting to get the environment instance will load
+        # it from disk, which will likely fail. So create a remote environment.
+        #
+        # The :plain node terminus returns a node with an environment, but not an
+        # environment_name.
+        if !node.has_environment_instance? && node.environment_name
+          node.environment = Puppet::Node::Environment.remote(node.environment_name)
+        end
+
+        @server_specified_environment = node.environment.to_s
+
+        if @server_specified_environment != @environment
+          Puppet.notice _("Local environment: '%{local_env}' doesn't match server specified node environment '%{node_env}', switching agent to '%{node_env}'.") % { local_env: @environment, node_env: @server_specified_environment }
+        end
+      end
+
+      options[:report].add_times(:node_retrieval, node_retr_time)
+
+      @server_specified_environment
+    rescue => detail
+      Puppet.warning(_("Unable to fetch my node definition, but the agent run will continue:"))
+      Puppet.warning(detail)
+      nil
+    end
+  end
+  private :current_server_specified_environment
+
   def send_report(report)
     puts report.summary if Puppet[:summarize]
     save_last_run_summary(report)

data/lib/puppet/defaults.rb

@@ -761,6 +761,12 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
       :owner    => "service",
       :group    => "service",
       :desc    => "The directory where catalog previews per node are generated."
+    },
+    :location_trusted => {
+      :default => false,
+      :type     => :boolean,
+      :desc    => "This will allow sending the name + password and the cookie header to all hosts that puppet may redirect to.
+        This may or may not introduce a security breach if puppet redirects you to a site to which you'll send your authentication info and cookies."
     }
   )
 

data/lib/puppet/http/client.rb

@@ -346,7 +346,7 @@ class Puppet::HTTP::Client
 
     while !done do
       connect(request.uri, options: options) do |http|
-        apply_auth(request, basic_auth)
+        apply_auth(request, basic_auth) if redirects.zero?
 
         # don't call return within the `request` block
         http.request(request) do |nethttp|

data/lib/puppet/http/redirector.rb

@@ -49,6 +49,11 @@ class Puppet::HTTP::Redirector
     new_request = request.class.new(url)
     new_request.body = request.body
     request.each do |header, value|
+      unless Puppet[:location_trusted]
+        # skip adding potentially sensitive header to other hosts
+        next if header.casecmp('Authorization').zero? && request.uri.host.casecmp(location.host) != 0
+        next if header.casecmp('Cookie').zero? && request.uri.host.casecmp(location.host) != 0
+      end
       new_request[header] = value
     end
 

data/lib/puppet/parser/resource.rb

@@ -13,7 +13,7 @@ class Puppet::Parser::Resource < Puppet::Resource
 
   attr_accessor :source, :scope, :collector_id
   attr_accessor :virtual, :override, :translated, :catalog, :evaluated
-  attr_accessor :file, :line
+  attr_accessor :file, :line, :kind
 
   attr_reader :exported, :parameters
 

data/lib/puppet/pops/evaluator/runtime3_resource_support.rb

@@ -40,6 +40,7 @@ module Runtime3ResourceSupport
           :parameters => evaluated_parameters,
           :file => file,
           :line => line,
+          :kind => Puppet::Resource.to_kind(resolved_type),
           :exported => exported,
           :virtual => virtual,
           # WTF is this? Which source is this? The file? The name of the context ?

data/lib/puppet/resource/catalog.rb

@@ -313,7 +313,7 @@ class Puppet::Resource::Catalog < Puppet::Graph::SimpleGraph
     super()
     @name = name
     @catalog_uuid = SecureRandom.uuid
-    @catalog_format = 1
+    @catalog_format = 2
     @metadata = {}
     @recursive_metadata = {}
     @classes = []

data/lib/puppet/resource.rb

@@ -11,7 +11,7 @@ class Puppet::Resource
   include Puppet::Util::PsychSupport
 
   include Enumerable
-  attr_accessor :file, :line, :catalog, :exported, :virtual, :strict
+  attr_accessor :file, :line, :catalog, :exported, :virtual, :strict, :kind
   attr_reader :type, :title, :parameters
 
   # @!attribute [rw] sensitive_parameters
@@ -29,10 +29,15 @@ class Puppet::Resource
   EMPTY_ARRAY = [].freeze
   EMPTY_HASH = {}.freeze
 
-  ATTRIBUTES = [:file, :line, :exported].freeze
+  ATTRIBUTES = [:file, :line, :exported, :kind].freeze
   TYPE_CLASS = 'Class'.freeze
   TYPE_NODE  = 'Node'.freeze
 
+  CLASS_STRING = 'class'.freeze
+  DEFINED_TYPE_STRING = 'defined_type'.freeze
+  COMPILABLE_TYPE_STRING = 'compilable_type'.freeze
+  UNKNOWN_TYPE_STRING  = 'unknown'.freeze
+
   PCORE_TYPE_KEY = '__ptype'.freeze
   VALUE_KEY = 'value'.freeze
 
@@ -193,6 +198,18 @@ class Puppet::Resource
     resource_type.is_a?(Puppet::CompilableResourceType)
   end
 
+  def self.to_kind(resource_type)
+    if resource_type == CLASS_STRING
+      CLASS_STRING
+    elsif resource_type.is_a?(Puppet::Resource::Type) && resource_type.type == :definition
+      DEFINED_TYPE_STRING
+    elsif resource_type.is_a?(Puppet::CompilableResourceType)
+      COMPILABLE_TYPE_STRING
+    else
+      UNKNOWN_TYPE_STRING
+    end
+  end
+
   # Iterate over each param/value pair, as required for Enumerable.
   def each
     parameters.each { |p,v| yield p, v }
@@ -247,6 +264,7 @@ class Puppet::Resource
       src = type
       self.file = src.file
       self.line = src.line
+      self.kind = src.kind
       self.exported = src.exported
       self.virtual = src.virtual
       self.set_tags(src)
@@ -309,6 +327,7 @@ class Puppet::Resource
 
       rt = resource_type
 
+      self.kind = self.class.to_kind(rt) unless kind
       if strict? && rt.nil?
         if self.class?
           raise ArgumentError, _("Could not find declared class %{title}") % { title: title }
@@ -468,10 +487,24 @@ class Puppet::Resource
     ref
   end
 
-  # Convert our resource to a RAL resource instance.  Creates component
-  # instances for resource types that don't exist.
+  # Convert our resource to a RAL resource instance. Creates component
+  # instances for resource types that are not of a compilable_type kind. In case
+  # the resource doesn’t exist and it’s compilable_type kind, raise an error.
+  # There are certain cases where a resource won't be in a catalog, such as 
+  # when we create a resource directly by using Puppet::Resource.new(...), so we 
+  # must check its kind before deciding whether the catalog format is of an older
+  # version or not.
   def to_ral
-    typeklass = Puppet::Type.type(self.type) || Puppet::Type.type(:component)
+    if self.kind == COMPILABLE_TYPE_STRING
+      typeklass = Puppet::Type.type(self.type)
+    elsif self.catalog && self.catalog.catalog_format >= 2
+      typeklass = Puppet::Type.type(:component)
+    else
+      typeklass =  Puppet::Type.type(self.type) || Puppet::Type.type(:component)
+    end
+
+    raise(Puppet::Error, "Resource type '#{self.type}' was not found") unless typeklass
+
     typeklass.new(self)
   end
 

data/lib/puppet/util/windows/service.rb

@@ -18,11 +18,6 @@ module Puppet::Util::Windows
     include Puppet::FFI::Windows::Functions
     extend Puppet::FFI::Windows::Functions
 
-    # integer value of the floor for timeouts when waiting for service pending states.
-    # puppet will wait the length of dwWaitHint if it is longer than this value, but
-    # no shorter
-    DEFAULT_TIMEOUT = 30
-
     # Returns true if the service exists, false otherwise.
     #
     # @param [String] service_name name of the service

data/lib/puppet/util/windows.rb

@@ -10,6 +10,9 @@ module Puppet::Util::Windows
   module File; end
   module Registry
   end
+  module Service
+    DEFAULT_TIMEOUT = 30
+  end
   module SID
     class Principal; end
   end

data/lib/puppet/version.rb

@@ -6,7 +6,7 @@
 # Raketasks and such to set the version based on the output of `git describe`
 
 module Puppet
-  PUPPETVERSION = '7.12.0'
+  PUPPETVERSION = '7.12.1'
 
   ##
   # version is a public API method intended to always provide a fast and

data/man/man5/puppet.conf.5

@@ -929,7 +929,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
 The HTTP User\-Agent string to send when making network requests\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: \fBPuppet/7\.12\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
+\fIDefault\fR: \fBPuppet/7\.12\.1 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
 .
 .IP "" 0
 .

data/man/man8/puppet.8

@@ -25,4 +25,4 @@ Specialized:
 catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
 .
 .P
-See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.12\.0
+See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.12\.1

data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json

@@ -6,7 +6,7 @@
   "version": 1607629733,
   "code_id": null,
   "catalog_uuid": "afc8472a-306b-4b24-b060-e956dffb79b8",
-  "catalog_format": 1,
+  "catalog_format": 2,
   "environment": "production",
   "resources": [
     {
@@ -50,6 +50,7 @@
       ],
       "file": "",
       "line": 1,
+      "kind": "compilable_type",
       "exported": false,
       "parameters": {
         "message": {

data/spec/integration/application/agent_spec.rb

@@ -645,6 +645,34 @@ describe "puppet agent", unless: Puppet::Util::Platform.jruby? do
   end
 
   context "environment convergence" do
+    it "falls back to making a node request if the last server-specified environment cannot be loaded" do
+      mounts = {}
+      mounts[:node] = -> (req, res) {
+        node = Puppet::Node.new('test', environment: Puppet::Node::Environment.remote('doesnotexistonagent'))
+        res.body = formatter.render(node)
+        res['Content-Type'] = formatter.mime
+      }
+
+      server.start_server(mounts: mounts) do |port|
+        Puppet[:serverport] = port
+        Puppet[:log_level] = 'debug'
+
+        expect {
+          agent.command_line.args << '--test'
+          agent.run
+        }.to exit_with(0)
+         .and output(a_string_matching(%r{Debug: Requesting environment from the server})).to_stdout
+
+        Puppet::Application.clear!
+
+        expect {
+          agent.command_line.args << '--test'
+          agent.run
+        }.to exit_with(0)
+         .and output(a_string_matching(%r{Debug: Successfully loaded last environment from the lastrunfile})).to_stdout
+      end
+    end
+
     it "switches to 'newenv' environment and retries the run" do
       first_run = true
       libdir = File.join(my_fixture_dir, 'lib')

data/spec/integration/parser/pcore_resource_spec.rb

@@ -122,6 +122,16 @@ describe 'when pcore described resources types are in use' do
       expect(catalog.resource(:test3, "x/y")['message']).to eq('x/y works')
     end
 
+    it 'considers Pcore types to be builtin ' do
+      genface.types
+      catalog = compile_to_catalog(<<-MANIFEST)
+        test1 { 'a':
+          message => 'a works'
+        }
+      MANIFEST
+      expect(catalog.resource(:test1, "a").kind).to eq('compilable_type')
+    end
+
     it 'the validity of attribute names are checked' do
       genface.types
       expect do

data/spec/unit/configurer_spec.rb

@@ -2,6 +2,8 @@ require 'spec_helper'
 require 'puppet/configurer'
 
 describe Puppet::Configurer do
+  include PuppetSpec::Files
+
   before do
     Puppet[:server] = "puppetmaster"
     Puppet[:report] = true
@@ -10,6 +12,17 @@ describe Puppet::Configurer do
     allow_any_instance_of(described_class).to(
       receive(:valid_server_environment?).and_return(true)
     )
+
+    Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
+    ---
+    version:
+      config: 1624882680
+      puppet: #{Puppet.version}
+    application:
+      initial_environment: #{Puppet[:environment]}
+      converged_environment: #{Puppet[:environment]}
+      run_mode: agent
+    SUMMARY
   end
 
   let(:node_name) { Puppet[:node_name_value] }
@@ -866,7 +879,7 @@ describe Puppet::Configurer do
           expect(configurer.run).to be_nil
         end
 
-        it "should proceed with the cached catalog if its environment matchs the local environment" do
+        it "should proceed with the cached catalog if its environment matches the local environment" do
           expects_cached_catalog_only(catalog)
 
           expect(configurer.run).to eq(0)
@@ -1222,7 +1235,6 @@ describe Puppet::Configurer do
   end
 
   describe "when selecting an environment" do
-    include PuppetSpec::Files
     include PuppetSpec::Settings
 
     describe "when the last used environment is available" do
@@ -1239,6 +1251,9 @@ describe Puppet::Configurer do
           converged_environment: #{last_server_specified_environment}
           run_mode: agent
         SUMMARY
+
+        expect(Puppet::Node.indirection).not_to receive(:find)
+          .with(anything, hash_including(:ignore_cache => true, :fail_on_404 => true))
       end
 
       it "prefers the environment set via cli" do
@@ -1248,26 +1263,27 @@ describe Puppet::Configurer do
         expect(configurer.environment).to eq('usethis')
       end
 
-      it "prefers the environment set via config" do
+      it "prefers the environment set via lastrunfile over config" do
         FileUtils.mkdir_p(Puppet[:confdir])
         set_puppet_conf(Puppet[:confdir], <<~CONF)
         [main]
         environment = usethis
+        lastrunfile = #{Puppet[:lastrunfile]}
         CONF
 
         Puppet.initialize_settings
         configurer.run
 
-        expect(configurer.environment).to eq('usethis')
+        expect(configurer.environment).to eq(last_server_specified_environment)
       end
 
-      it "uses environment from Puppet[:environment] if given a catalog" do
+      it "uses the environment from Puppet[:environment] if given a catalog" do
         configurer.run(catalog: catalog)
 
         expect(configurer.environment).to eq(Puppet[:environment])
       end
 
-      it "uses environment from Puppet[:environment] if use_cached_catalog = true" do
+      it "uses the environment from Puppet[:environment] if use_cached_catalog = true" do
         Puppet[:use_cached_catalog] = true
         expects_cached_catalog_only(catalog)
         configurer.run
@@ -1296,14 +1312,14 @@ describe Puppet::Configurer do
           configurer.run
         end
 
-        it "uses environment from Puppet[:environment] if strict_environment_mode is set" do
+        it "uses the environment from Puppet[:environment] if strict_environment_mode is set" do
           Puppet[:strict_environment_mode] = true
           configurer.run
 
           expect(configurer.environment).to eq(Puppet[:environment])
         end
 
-        it "uses environment from Puppet[:environment] if initial_environment is the same as converged_environment" do
+        it "uses the environment from Puppet[:environment] if initial_environment is the same as converged_environment" do
           Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
           ---
           version:
@@ -1318,41 +1334,86 @@ describe Puppet::Configurer do
 
           expect(configurer.environment).to eq(Puppet[:environment])
         end
+      end
+    end
+
+    describe "when the last used environment is not available" do
+      describe "when the node request succeeds" do
+        let(:node_environment) { Puppet::Node::Environment.remote(:salam) }
+        let(:node) { Puppet::Node.new(Puppet[:node_name_value]) }
+        let(:last_server_specified_environment) { 'development' }
+
+        before do
+          node.environment = node_environment
+
+          allow(Puppet::Node.indirection).to receive(:find)
+          allow(Puppet::Node.indirection).to receive(:find)
+            .with(anything, hash_including(:ignore_cache => true, :fail_on_404 => true))
+            .and_return(node)
+        end
 
-        it "uses environment from Puppet[:environment] if the run mode doesn't match" do
+        it "uses the environment from the node request if the run mode doesn't match" do
           Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
-          ---
-          version:
-            config: 1624882680
-            puppet: 6.24.0
-          application:
-            initial_environment: #{Puppet[:environment]}
-            converged_environment: #{last_server_specified_environment}
-            run_mode: user
+            ---
+            version:
+              config: 1624882680
+              puppet: 6.24.0
+            application:
+              initial_environment: #{Puppet[:environment]}
+              converged_environment: #{last_server_specified_environment}
+              run_mode: user
           SUMMARY
           configurer.run
 
-          expect(configurer.environment).to eq(Puppet[:environment])
+          expect(configurer.environment).to eq(node_environment.name.to_s)
         end
 
-        it "uses environment from Puppet[:environment] if lastrunfile is invalid YAML" do
+        it "uses the environment from the node request if lastrunfile does not contain the expected keys" do
           Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
-          Key: 'this is my very very very ' +
-               'long string'
+            ---
+            version:
+              config: 1624882680
+              puppet: 6.24.0
           SUMMARY
           configurer.run
 
-          expect(configurer.environment).to eq(Puppet[:environment])
+          expect(configurer.environment).to eq(node_environment.name.to_s)
         end
 
-        it "uses environment from Puppet[:environment] if lastrunfile exists but is empty" do
+        it "uses the environment from the node request if lastrunfile is invalid YAML" do
+          Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
+            Key: 'this is my very very very ' +
+                 'long string'
+          SUMMARY
+          configurer.run
+
+          expect(configurer.environment).to eq(node_environment.name.to_s)
+        end
+
+        it "uses the environment from the node request if lastrunfile exists but is empty" do
           Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', '')
           configurer.run
 
-          expect(configurer.environment).to eq(Puppet[:environment])
+          expect(configurer.environment).to eq(node_environment.name.to_s)
+        end
+
+        it "uses the environment from the node request if the last used one cannot be found" do
+          Puppet[:lastrunfile] = tmpfile('last_run_summary.yaml')
+          configurer.run
+
+          expect(configurer.environment).to eq(node_environment.name.to_s)
+        end
+      end
+
+      describe "when the node request fails" do
+        before do
+          allow(Puppet::Node.indirection).to receive(:find).and_call_original
+          allow(Puppet::Node.indirection).to receive(:find)
+            .with(anything, hash_including(:ignore_cache => true, :fail_on_404 => true))
+            .and_raise(Puppet::Error)
         end
 
-        it "uses environment from Puppet[:environment] if the last used one cannot be found" do
+        it "uses the environment from Puppet[:environment] if the last used one cannot be found" do
           Puppet[:lastrunfile] = tmpfile('last_run_summary.yaml')
           configurer.run
 

data/spec/unit/http/client_spec.rb

@@ -597,11 +597,68 @@ describe Puppet::HTTP::Client do
       expect(response).to be_success
     end
 
-    it "preserves basic authorization" do
+    it "does not preserve basic authorization when redirecting to different hosts" do
+      stub_request(:get, start_url).with(basic_auth: credentials).to_return(redirect_to(url: other_host))
+      stub_request(:get, other_host).to_return(status: 200)
+
+      client.get(start_url, options: {basic_auth: {user: 'user', password: 'pass'}})
+      expect(a_request(:get, other_host).
+      with{ |req| !req.headers.key?('Authorization')}).to have_been_made
+    end
+
+    it "does preserve basic authorization when redirecting to the same hosts" do
+      stub_request(:get, start_url).with(basic_auth: credentials).to_return(redirect_to(url: bar_url))
+      stub_request(:get, bar_url).with(basic_auth: credentials).to_return(status: 200)
+
+      client.get(start_url, options: {basic_auth: {user: 'user', password: 'pass'}})
+      expect(a_request(:get, bar_url).
+      with{ |req| req.headers.key?('Authorization')}).to have_been_made
+    end
+
+    it "does not preserve cookie header when redirecting to different hosts" do
+      headers = { 'Cookie' => 'TEST_COOKIE'}
+
+      stub_request(:get, start_url).with(headers: headers).to_return(redirect_to(url: other_host))
+      stub_request(:get, other_host).to_return(status: 200)
+
+      client.get(start_url, headers: headers)
+      expect(a_request(:get, other_host).
+      with{ |req| !req.headers.key?('Cookie')}).to have_been_made
+    end
+
+    it "does preserve cookie header when redirecting to the same hosts" do
+      headers = { 'Cookie' => 'TEST_COOKIE'}
+
+      stub_request(:get, start_url).with(headers: headers).to_return(redirect_to(url: bar_url))
+      stub_request(:get, bar_url).with(headers: headers).to_return(status: 200)
+
+      client.get(start_url, headers: headers)
+      expect(a_request(:get, bar_url).
+      with{ |req| req.headers.key?('Cookie')}).to have_been_made
+    end
+
+    it "does preserves cookie header and basic authentication when Puppet[:location_trusted] is true redirecting to different hosts" do
+      headers = { 'cookie' => 'TEST_COOKIE'}
+      Puppet[:location_trusted] = true
+
+      stub_request(:get, start_url).with(headers: headers, basic_auth: credentials).to_return(redirect_to(url: other_host))
+      stub_request(:get, other_host).with(headers: headers, basic_auth: credentials).to_return(status: 200)
+
+      client.get(start_url, headers: headers, options: {basic_auth: {user: 'user', password: 'pass'}})
+      expect(a_request(:get, other_host).
+      with{ |req| req.headers.key?('Authorization') && req.headers.key?('Cookie')}).to have_been_made
+    end
+
+    it "treats hosts as case-insensitive" do
+      start_url = URI("https://www.EXAmple.com:8140/Start")
+      bar_url = "https://www.example.com:8140/bar"
+
       stub_request(:get, start_url).with(basic_auth: credentials).to_return(redirect_to(url: bar_url))
       stub_request(:get, bar_url).with(basic_auth: credentials).to_return(status: 200)
 
       client.get(start_url, options: {basic_auth: {user: 'user', password: 'pass'}})
+      expect(a_request(:get, bar_url).
+      with{ |req| req.headers.key?('Authorization')}).to have_been_made
     end
 
     it "redirects given a relative location" do

data/spec/unit/resource/catalog_spec.rb

@@ -104,7 +104,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
 
   it "should include the current catalog_format" do
     catalog = Puppet::Resource::Catalog.new("host")
-    expect(catalog.catalog_format).to eq(1)
+    expect(catalog.catalog_format).to eq(2)
   end
 
   describe "when compiling" do
@@ -178,6 +178,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
       @original.add_edge(@middle, @bottom)
       @original.add_edge(@bottom, @bottomobject)
 
+      @original.catalog_format = 1
       @catalog = @original.to_ral
     end
 
@@ -190,6 +191,18 @@ describe Puppet::Resource::Catalog, "when compiling" do
       end
     end
 
+    it "should raise if an unknown resource is being converted" do
+      @new_res = Puppet::Resource.new "Unknown", "type", :kind => 'compilable_type'
+      @resource_array = [@new_res]
+
+      @original.add_resource(*@resource_array)
+      @original.add_edge(@bottomobject, @new_res)
+
+      @original.catalog_format = 2
+
+      expect { @original.to_ral }.to raise_error(Puppet::Error, "Resource type 'Unknown' was not found")
+    end
+
     it "should copy the tag list to the new catalog" do
       expect(@catalog.tags.sort).to eq(@original.tags.sort)
     end

data/spec/unit/resource_spec.rb

@@ -638,19 +638,68 @@ describe Puppet::Resource do
     it "should use the resource type's :new method to create the resource if the resource is of a builtin type" do
       resource = Puppet::Resource.new("file", basepath+"/my/file")
       result = resource.to_ral
+
       expect(result).to be_instance_of(Puppet::Type.type(:file))
       expect(result[:path]).to eq(basepath+"/my/file")
     end
 
-    it "should convert to a component instance if the resource type is not of a builtin type" do
+    it "should convert to a component instance if the resource is not a compilable_type" do
       resource = Puppet::Resource.new("foobar", "somename")
       result = resource.to_ral
 
       expect(result).to be_instance_of(Puppet::Type.type(:component))
       expect(result.title).to eq("Foobar[somename]")
     end
-  end
 
+    it "should convert to a component instance if the resource is a class" do
+      resource = Puppet::Resource.new("Class", "somename")
+      result = resource.to_ral
+
+      expect(result).to be_instance_of(Puppet::Type.type(:component))
+      expect(result.title).to eq("Class[Somename]")
+    end
+
+    it "should convert to component when the resource is a defined_type" do
+      resource = Puppet::Resource.new("Unknown", "type", :kind => 'defined_type')
+
+      result = resource.to_ral
+      expect(result).to be_instance_of(Puppet::Type.type(:component))
+    end
+
+    it "should raise if a resource type is a compilable_type and it wasn't found" do
+      resource = Puppet::Resource.new("Unknown", "type", :kind => 'compilable_type')
+
+      expect { resource.to_ral }.to raise_error(Puppet::Error, "Resource type 'Unknown' was not found")
+    end
+
+    it "should use the old behaviour when the catalog_format is equal to 1" do
+      resource = Puppet::Resource.new("Unknown", "type")
+      catalog = Puppet::Resource::Catalog.new("mynode")
+
+      resource.catalog = catalog
+      resource.catalog.catalog_format = 1
+
+      result = resource.to_ral
+      expect(result).to be_instance_of(Puppet::Type.type(:component))
+    end
+
+    it "should use the new behaviour and fail when the catalog_format is greater than 1" do
+      resource = Puppet::Resource.new("Unknown", "type", :kind => 'compilable_type')
+      catalog = Puppet::Resource::Catalog.new("mynode")
+
+      resource.catalog = catalog
+      resource.catalog.catalog_format = 2
+
+      expect { resource.to_ral }.to raise_error(Puppet::Error, "Resource type 'Unknown' was not found")
+    end
+
+    it "should use the resource type when the resource doesn't respond to kind and the resource type can be found" do
+      resource = Puppet::Resource.new("file", basepath+"/my/file")
+
+      result = resource.to_ral
+      expect(result).to be_instance_of(Puppet::Type.type(:file))
+    end
+  end
   describe "when converting to puppet code" do
     before do
       @resource = Puppet::Resource.new("one::two", "/my/file",
@@ -766,6 +815,13 @@ describe Puppet::Resource do
       expect(Puppet::Resource.from_data_hash(JSON.parse(resource.to_json)).line).to eq(50)
     end
 
+    it "should include the kind if one is set" do
+      resource = Puppet::Resource.new("File", "/foo")
+      resource.kind = 'im_a_file'
+
+      expect(Puppet::Resource.from_data_hash(JSON.parse(resource.to_json)).kind).to eq('im_a_file')
+    end
+
     it "should include the 'exported' value if one is set" do
       resource = Puppet::Resource.new("File", "/foo")
       resource.exported = true

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet
 version: !ruby/object:Gem::Version
-  version: 7.12.0
+  version: 7.12.1
 platform: ruby
 authors:
 - Puppet Labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-11 00:00:00.000000000 Z
+date: 2021-10-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: facter