puppet 7.13.1-universal-darwin → 7.16.0-universal-darwin

data/man/man5/puppet.conf.5

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPETCONF" "5" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPETCONF" "5" "March 2022" "Puppet, Inc." "Puppet manual"
 \fBThis page is autogenerated; any changes will get overwritten\fR
 .
 .SH "Configuration settings"
@@ -929,7 +929,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
 The HTTP User\-Agent string to send when making network requests\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: \fBPuppet/7\.13\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
+\fIDefault\fR: \fBPuppet/7\.16\.0 Ruby/2\.7\.5\-p203 (x86_64\-linux)\fR
 .
 .IP "" 0
 .
@@ -2045,6 +2045,17 @@ Whether to only use the cached catalog rather than compiling a new catalog on ev
 .
 .IP "" 0
 .
+.SS "use_last_environment"
+Puppet saves both the initial and converged environment in the last_run_summary file\. If they differ, and this setting is set to true, we will use the last converged environment and skip the node request\.
+.
+.P
+When set to false, we will do the node request and ignore the environment data from the last_run_summary file\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: \fBtrue\fR
+.
+.IP "" 0
+.
 .SS "use_srv_records"
 Whether the server will search for SRV records in DNS for the current domain\.
 .

data/man/man8/puppet-agent.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-AGENT" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-AGENT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-agent\fR \- The puppet agent daemon

data/man/man8/puppet-apply.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-APPLY" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-APPLY" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-apply\fR \- Apply Puppet manifests locally

data/man/man8/puppet-catalog.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-CATALOG" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-CATALOG" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.

data/man/man8/puppet-config.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-CONFIG" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-CONFIG" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-config\fR \- Interact with Puppet\'s settings\.

data/man/man8/puppet-describe.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DESCRIBE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DESCRIBE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-describe\fR \- Display help about resource types

data/man/man8/puppet-device.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DEVICE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DEVICE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-device\fR \- Manage remote network devices

data/man/man8/puppet-doc.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DOC" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DOC" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-doc\fR \- Generate Puppet references

data/man/man8/puppet-epp.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-EPP" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-EPP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.

data/man/man8/puppet-facts.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-FACTS" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-FACTS" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-facts\fR \- Retrieve and store facts\.

data/man/man8/puppet-filebucket.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-FILEBUCKET" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-FILEBUCKET" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket

data/man/man8/puppet-generate.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-GENERATE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-GENERATE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.

data/man/man8/puppet-help.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-HELP" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-HELP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-help\fR \- Display Puppet help\.

data/man/man8/puppet-lookup.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-LOOKUP" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-LOOKUP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-lookup\fR \- Interactive Hiera lookup

data/man/man8/puppet-module.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-MODULE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-MODULE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.

data/man/man8/puppet-node.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-NODE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-NODE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-node\fR \- View and manage node definitions\.

data/man/man8/puppet-parser.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-PARSER" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-PARSER" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-parser\fR \- Interact directly with the parser\.

data/man/man8/puppet-plugin.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-PLUGIN" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-PLUGIN" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.

data/man/man8/puppet-report.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-REPORT" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-REPORT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-report\fR \- Create, display, and submit reports\.

data/man/man8/puppet-resource.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-RESOURCE" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-RESOURCE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-resource\fR \- The resource abstraction layer shell

data/man/man8/puppet-script.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-SCRIPT" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-SCRIPT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog

data/man/man8/puppet-ssl.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-SSL" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-SSL" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients

data/man/man8/puppet.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET" "8" "December 2021" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET" "8" "March 2022" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\fR
@@ -25,4 +25,4 @@ Specialized:
 catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
 .
 .P
-See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.13\.0
+See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.16\.0

data/spec/integration/application/lookup_spec.rb

@@ -7,7 +7,7 @@ describe 'lookup' do
   include PuppetSpec::Files
 
   context 'with an environment' do
-    let(:fqdn) { Puppet.runtime[:facter].value(:fqdn) }
+    let(:fqdn) { Puppet[:certname] }
     let(:env_name) { 'spec' }
     let(:env_dir) { tmpdir('environments') }
     let(:environment_files) do
@@ -43,11 +43,10 @@ describe 'lookup' do
     end
 
     let(:app) { Puppet::Application[:lookup] }
-    let(:env) { Puppet::Node::Environment.create(env_name.to_sym, [File.join(populated_env_dir, env_name, 'modules')]) }
-    let(:environments) { Puppet::Environments::Directories.new(populated_env_dir, []) }
     let(:facts) { Puppet::Node::Facts.new("facts", {'my_fact' => 'my_fact_value'}) }
     let(:cert) { pem_content('oid.pem') }
 
+    let(:node) { Puppet::Node.new('testnode', :facts => facts) }
     let(:populated_env_dir) do
       dir_contained_in(env_dir, environment_files)
       env_dir
@@ -56,73 +55,72 @@ describe 'lookup' do
     before do
       stub_request(:get, "https://puppet:8140/puppet-ca/v1/certificate/#{fqdn}").to_return(body: cert)
       allow(Puppet::Node::Facts.indirection).to receive(:find).and_return(facts)
-    end
 
-    def lookup(key, options = {}, explain = false)
-      key = [key] unless key.is_a?(Array)
-      allow(app.command_line).to receive(:args).and_return(key)
-      if explain
-        app.options[:explain] = true
-        app.options[:render_as] = :s
-      else
-        app.options[:render_as] = :json
-      end
-      options.each_pair { |k, v| app.options[k] = v }
-      capture = StringIO.new
-      saved_stdout = $stdout
-      begin
-        $stdout = capture
-        expect { app.run_command }.to exit_with(0)
-      ensure
-        $stdout = saved_stdout
-      end
-      out = capture.string.strip
-      if explain
-        out
-      else
-        out.empty? ? nil : JSON.parse("[#{out}]")[0]
-      end
-    end
+      Puppet[:environment] = env_name
+      Puppet[:environmentpath] = populated_env_dir
 
-    def explain(key, options = {})
-      lookup(key, options, true)
+      http = Puppet::HTTP::Client.new(ssl_context: Puppet::SSL::SSLProvider.new.create_insecure_context)
+      Puppet.runtime[:http] = http
     end
 
-    around(:each) do |example|
-      Puppet.override(:environments => environments, :current_environment => env) do
-        example.run
-      end
+    def expect_lookup_with_output(exitcode, out)
+      expect { app.run }.to exit_with(exitcode).and output(out).to_stdout
     end
 
     it 'finds data in the environment' do
-      expect(lookup('a')).to eql('value a')
+      app.command_line.args << 'a'
+      expect_lookup_with_output(0, /value a/)
     end
 
-    it 'loads trusted information from the node certificate' do
-      allow(Puppet).to receive(:override).and_call_original
-      expect(Puppet).to receive(:override).with(trusted_information: an_object_having_attributes(
-        certname: fqdn,
-        extensions: { "1.3.6.1.4.1.34380.1.2.1.1" => "somevalue" }))
+    it "resolves hiera data using a top-level node parameter" do
+      File.write(File.join(env_dir, env_name, 'hiera.yaml'), <<~YAML)
+        ---
+        version: 5
+        hierarchy:
+          - name: "Per Node"
+            data_hash: yaml_data
+            path: "%{my_fact}.yaml"
+      YAML
+
+      File.write(File.join(env_dir, env_name, 'data', "my_fact_value.yaml"), <<~YAML)
+        ---
+        a: value from per node data
+      YAML
+
+      app.command_line.args << 'a'
+      expect_lookup_with_output(0, /--- value from per node data/)
+    end
 
-      lookup('a')
+    it 'loads trusted information from the node certificate' do
+      Puppet.settings[:node_terminus] = 'exec'
+      expect_any_instance_of(Puppet::Node::Exec).to receive(:find) do |args|
+        info = Puppet.lookup(:trusted_information)
+        expect(info.certname).to eq(fqdn)
+        expect(info.extensions).to eq({ "1.3.6.1.4.1.34380.1.2.1.1" => "somevalue" })
+      end.and_return(node)
+
+      app.command_line.args << 'a' << '--compile'
+      expect_lookup_with_output(0, /--- value a/)
     end
 
     it 'loads external facts when running without --node' do
       expect(Puppet::Util).not_to receive(:skip_external_facts)
       expect(Facter).not_to receive(:load_external)
-      lookup('a')
+
+      app.command_line.args << 'a'
+      expect_lookup_with_output(0, /--- value a/)
     end
 
     describe 'when using --node' do
       let(:fqdn) { 'random_node' }
 
       it 'skips loading of external facts' do
-        app.options[:node] = fqdn
+        app.command_line.args << 'a' << '--node' << fqdn
 
         expect(Puppet::Node::Facts.indirection).to receive(:find).and_return(facts)
-        expect(Facter).to receive(:load_external).once.with(false)
-        expect(Facter).to receive(:load_external).once.with(true)
-        lookup('a')
+        expect(Facter).to receive(:load_external).twice.with(false)
+        expect(Facter).to receive(:load_external).twice.with(true)
+        expect_lookup_with_output(0, /--- value a/)
       end
     end
 
@@ -130,29 +128,32 @@ describe 'lookup' do
       require 'puppet/indirector/node/exec'
       require 'puppet/indirector/node/plain'
 
-      let(:node) { Puppet::Node.new('testnode', :facts => facts, :environment => env) }
+      let(:node) { Puppet::Node.new('testnode', :facts => facts) }
 
       it ':plain without --compile' do
         Puppet.settings[:node_terminus] = 'exec'
         expect_any_instance_of(Puppet::Node::Plain).to receive(:find).and_return(node)
         expect_any_instance_of(Puppet::Node::Exec).not_to receive(:find)
-        expect(lookup('a')).to eql('value a')
+
+        app.command_line.args << 'a'
+        expect_lookup_with_output(0, /--- value a/)
       end
 
       it 'configured in Puppet settings with --compile' do
         Puppet.settings[:node_terminus] = 'exec'
         expect_any_instance_of(Puppet::Node::Plain).not_to receive(:find)
         expect_any_instance_of(Puppet::Node::Exec).to receive(:find).and_return(node)
-        expect(lookup('a', :compile => true)).to eql('value a')
+
+        app.command_line.args << 'a' << '--compile'
+        expect_lookup_with_output(0, /--- value a/)
       end
     end
 
     context 'configured with the wrong environment' do
-      let(:env) { Puppet::Node::Environment.create(env_name.to_sym, [File.join(populated_env_dir, env_name, 'modules')]) }
       it 'does not find data in non-existing environment' do
-        Puppet.override(:environments => environments, :current_environment => 'someother') do
-          expect(lookup('a', {}, true)).to match(/did not find a value for the name 'a'/)
-        end
+        Puppet[:environment] = 'doesntexist'
+        app.command_line.args << 'a'
+        expect { app.run }.to raise_error(Puppet::Environments::EnvironmentNotFound, /Could not find a directory environment named 'doesntexist'/)
       end
     end
 
@@ -197,15 +198,22 @@ describe 'lookup' do
       end
 
       it 'finds data in the module' do
-        expect(lookup('mod_a::b')).to eql('value mod_a::b (from mod_a)')
+        app.command_line.args << 'mod_a::b'
+        expect_lookup_with_output(0, /value mod_a::b \(from mod_a\)/)
       end
 
       it 'finds quoted keys in the module' do
-        expect(lookup('"mod_a::a.quoted.key"')).to eql('value mod_a::a.quoted.key (from mod_a)')
+        app.command_line.args << "'mod_a::a.quoted.key'"
+        expect_lookup_with_output(0, /value mod_a::a.quoted.key \(from mod_a\)/)
       end
 
       it 'merges hashes from environment and module when merge strategy hash is used' do
-        expect(lookup('mod_a::hash_a', :merge => 'hash')).to eql({'a' => 'value mod_a::hash_a.a (from environment)', 'b' => 'value mod_a::hash_a.b (from mod_a)'})
+        app.command_line.args << 'mod_a::hash_a' << '--merge' << 'hash'
+        expect_lookup_with_output(0, <<~END)
+          ---
+          a: value mod_a::hash_a.a (from environment)
+          b: value mod_a::hash_a.b (from mod_a)
+        END
       end
     end
   end

data/spec/integration/application/resource_spec.rb

@@ -28,14 +28,18 @@ describe "puppet resource", unless: Puppet::Util::Platform.jruby? do
     end
 
     it 'lists types from the default environment' do
+      begin
       modulepath = File.join(Puppet[:codedir], 'modules', 'test', 'lib', 'puppet', 'type')
       FileUtils.mkdir_p(modulepath)
-      File.write(File.join(modulepath, 'test.rb'), 'Puppet::Type.newtype(:test)')
+      File.write(File.join(modulepath, 'test_resource_spec.rb'), 'Puppet::Type.newtype(:test_resource_spec)')
       resource.command_line.args = ['--types']
 
       expect {
         resource.run
-      }.to exit_with(0).and output(/test/).to_stdout
+      }.to exit_with(0).and output(/test_resource_spec/).to_stdout
+      ensure
+        Puppet::Type.rmtype(:test_resource_spec)
+      end
     end
   end
 

data/spec/integration/http/client_spec.rb

@@ -77,6 +77,12 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
       }
     }
 
+    let(:systemstore) do
+      res = tmpfile('systemstore')
+      File.write(res, https_server.ca_cert)
+      res
+    end
+
     it "mutually authenticates the connection" do
       client_context = ssl_provider.create_context(
         cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
@@ -88,6 +94,30 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
         expect(res).to be_success
       end
     end
+
+    it "connects when the server's CA is in the system store and the connection is mutually authenticated using create_context" do
+      Puppet::Util.withenv("SSL_CERT_FILE" => systemstore) do
+        client_context = ssl_provider.create_context(
+          cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
+          client_cert: https_server.server_cert, private_key: https_server.server_key,
+          revocation: false, include_system_store: true
+        )
+        https_server.start_server(ctx_proc: ctx_proc) do |port|
+          res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
+          expect(res).to be_success
+        end
+      end
+    end
+
+    it "connects when the server's CA is in the system store and the connection is mutually authenticated uning load_context" do
+      Puppet::Util.withenv("SSL_CERT_FILE" => systemstore) do
+        client_context = ssl_provider.load_context(revocation: false, include_system_store: true)
+        https_server.start_server(ctx_proc: ctx_proc) do |port|
+          res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
+          expect(res).to be_success
+        end
+      end
+    end
   end
 
   context "with a system trust store" do