puppet 7.26.0-x86-mingw32 → 7.28.0-x86-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/Gemfile.lock +34 -33
- data/Rakefile +0 -27
- data/examples/enc/regexp_nodes/regexp_nodes.rb +1 -1
- data/ext/project_data.yaml +2 -2
- data/lib/puppet/application/ssl.rb +42 -7
- data/lib/puppet/application.rb +5 -1
- data/lib/puppet/configurer.rb +1 -1
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/posix.rb +1 -1
- data/lib/puppet/functions/split.rb +28 -1
- data/lib/puppet/functions/versioncmp.rb +1 -1
- data/lib/puppet/http/service/compiler.rb +4 -0
- data/lib/puppet/indirector/catalog/compiler.rb +12 -4
- data/lib/puppet/indirector/catalog/rest.rb +8 -0
- data/lib/puppet/interface/action.rb +4 -2
- data/lib/puppet/interface/action_builder.rb +4 -9
- data/lib/puppet/node/environment.rb +6 -4
- data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +1 -1
- data/lib/puppet/pops/loader/ruby_function_instantiator.rb +1 -1
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +1 -1
- data/lib/puppet/pops/time/timespan.rb +1 -1
- data/lib/puppet/provider/package/appdmg.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +1 -1
- data/lib/puppet/provider/package/dnf.rb +2 -1
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/windows/package.rb +2 -2
- data/lib/puppet/provider/package/yum.rb +2 -2
- data/lib/puppet/provider/service/init.rb +2 -5
- data/lib/puppet/provider/service/systemd.rb +4 -3
- data/lib/puppet/settings.rb +16 -2
- data/lib/puppet/ssl/ssl_context.rb +10 -15
- data/lib/puppet/type/component.rb +1 -1
- data/lib/puppet/type/exec.rb +15 -7
- data/lib/puppet/type/resources.rb +1 -0
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/execution.rb +9 -3
- data/lib/puppet/util/package/version/pip.rb +2 -2
- data/lib/puppet/util/windows/adsi.rb +7 -0
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +6 -2
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/application/agent_spec.rb +13 -0
- data/spec/integration/type/exec_spec.rb +13 -0
- data/spec/lib/puppet_spec/puppetserver.rb +1 -0
- data/spec/unit/application/ssl_spec.rb +49 -0
- data/spec/unit/file_system/path_pattern_spec.rb +15 -0
- data/spec/unit/functions/split_spec.rb +6 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +17 -0
- data/spec/unit/indirector/catalog/rest_spec.rb +17 -0
- data/spec/unit/provider/package/appdmg_spec.rb +1 -1
- data/spec/unit/provider/package/dnf_spec.rb +7 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +22 -2
- data/spec/unit/provider/service/systemd_spec.rb +8 -6
- data/spec/unit/ssl/certificate_signer_spec.rb +17 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +2 -2
- data/spec/unit/type/exec_spec.rb +13 -0
- data/spec/unit/util/execution_spec.rb +1 -0
- data/spec/unit/util/windows/adsi_spec.rb +25 -0
- metadata +9 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b726ee197dafb94e7440ac8058f6cd9062d1523bb067ec728cf84eaae2f624c4
|
4
|
+
data.tar.gz: ed17551e5d149da2665c928587681b6f6477993c3c7b6c99f430620471009d50
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9e90f0149ce92ec9be37b624a3596855e1cdc022661f59ea6998b0157270a837ec8e2cbc4c6122ec6f85029fbb4a34ff7b8c9efe475a389fd6a43e2a7c314020
|
7
|
+
data.tar.gz: 8c1c009cb4d877d6b74104e89bd4aa040bab6afa063dba78babd6372d472d0b33726a1d8c4dff907b15aa26afe4c511bd6291e3c5e54a6b11098c27d4195103d
|
data/Gemfile
CHANGED
@@ -35,7 +35,7 @@ group(:features) do
|
|
35
35
|
end
|
36
36
|
|
37
37
|
group(:test) do
|
38
|
-
gem "ffi", require: false
|
38
|
+
gem "ffi", '1.15.5', require: false
|
39
39
|
gem "json-schema", "~> 2.0", require: false
|
40
40
|
gem "rake", *location_for(ENV['RAKE_LOCATION'] || '~> 13.0')
|
41
41
|
gem "rspec", "~> 3.1", require: false
|
data/Gemfile.lock
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
GIT
|
2
2
|
remote: https://github.com/puppetlabs/packaging
|
3
|
-
revision:
|
3
|
+
revision: 6c91ebc40b07f2041aa39b21becde6a06684e1b9
|
4
4
|
branch: 1.0.x
|
5
5
|
specs:
|
6
6
|
packaging (0)
|
@@ -15,7 +15,7 @@ GIT
|
|
15
15
|
PATH
|
16
16
|
remote: .
|
17
17
|
specs:
|
18
|
-
puppet (7.
|
18
|
+
puppet (7.28.0)
|
19
19
|
CFPropertyList (~> 2.2)
|
20
20
|
concurrent-ruby (~> 1.0)
|
21
21
|
deep_merge (~> 1.0)
|
@@ -31,27 +31,29 @@ GEM
|
|
31
31
|
remote: https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/
|
32
32
|
specs:
|
33
33
|
CFPropertyList (2.3.6)
|
34
|
-
addressable (2.8.
|
34
|
+
addressable (2.8.6)
|
35
35
|
public_suffix (>= 2.0.2, < 6.0)
|
36
36
|
apt_stage_artifacts (0.11.0)
|
37
37
|
docopt
|
38
38
|
artifactory (3.0.15)
|
39
39
|
ast (2.4.2)
|
40
|
+
base64 (0.2.0)
|
40
41
|
coderay (1.1.3)
|
41
42
|
concurrent-ruby (1.2.2)
|
42
43
|
crack (0.4.5)
|
43
44
|
rexml
|
44
|
-
csv (3.2.
|
45
|
+
csv (3.2.8)
|
45
46
|
declarative (0.0.20)
|
46
47
|
deep_merge (1.2.2)
|
47
48
|
diff-lcs (1.5.0)
|
48
49
|
digest-crc (0.6.5)
|
49
50
|
rake (>= 12.0.0, < 14.0.0)
|
50
51
|
docopt (0.6.1)
|
51
|
-
facter (4.
|
52
|
+
facter (4.5.1)
|
52
53
|
hocon (~> 1.3)
|
53
54
|
thor (>= 1.0.1, < 2.0)
|
54
|
-
faraday (2.
|
55
|
+
faraday (2.8.1)
|
56
|
+
base64
|
55
57
|
faraday-net_http (>= 2.0, < 3.1)
|
56
58
|
ruby2_keywords (>= 0.0.4)
|
57
59
|
faraday-net_http (3.0.2)
|
@@ -64,7 +66,7 @@ GEM
|
|
64
66
|
fast_gettext (~> 1.1.0)
|
65
67
|
gettext (>= 3.0.2, < 3.3.0)
|
66
68
|
locale
|
67
|
-
google-apis-core (0.11.
|
69
|
+
google-apis-core (0.11.2)
|
68
70
|
addressable (~> 2.5, >= 2.5.1)
|
69
71
|
googleauth (>= 0.16.2, < 2.a)
|
70
72
|
httpclient (>= 2.8.1, < 3.a)
|
@@ -75,30 +77,30 @@ GEM
|
|
75
77
|
webrick
|
76
78
|
google-apis-iamcredentials_v1 (0.17.0)
|
77
79
|
google-apis-core (>= 0.11.0, < 2.a)
|
78
|
-
google-apis-storage_v1 (0.
|
79
|
-
google-apis-core (>= 0.
|
80
|
-
google-cloud-core (1.6.
|
81
|
-
google-cloud-env (
|
80
|
+
google-apis-storage_v1 (0.31.0)
|
81
|
+
google-apis-core (>= 0.11.0, < 2.a)
|
82
|
+
google-cloud-core (1.6.1)
|
83
|
+
google-cloud-env (>= 1.0, < 3.a)
|
82
84
|
google-cloud-errors (~> 1.0)
|
83
|
-
google-cloud-env (1.
|
84
|
-
faraday (>= 0
|
85
|
+
google-cloud-env (2.1.0)
|
86
|
+
faraday (>= 1.0, < 3.a)
|
85
87
|
google-cloud-errors (1.3.1)
|
86
|
-
google-cloud-storage (1.
|
88
|
+
google-cloud-storage (1.47.0)
|
87
89
|
addressable (~> 2.8)
|
88
90
|
digest-crc (~> 0.4)
|
89
91
|
google-apis-iamcredentials_v1 (~> 0.1)
|
90
|
-
google-apis-storage_v1 (~> 0.
|
92
|
+
google-apis-storage_v1 (~> 0.31.0)
|
91
93
|
google-cloud-core (~> 1.6)
|
92
94
|
googleauth (>= 0.16.2, < 2.a)
|
93
95
|
mini_mime (~> 1.0)
|
94
|
-
googleauth (1.
|
95
|
-
faraday (>= 0
|
96
|
+
googleauth (1.9.1)
|
97
|
+
faraday (>= 1.0, < 3.a)
|
98
|
+
google-cloud-env (~> 2.1)
|
96
99
|
jwt (>= 1.4, < 3.0)
|
97
|
-
memoist (~> 0.16)
|
98
100
|
multi_json (~> 1.11)
|
99
101
|
os (>= 0.9, < 2.0)
|
100
102
|
signet (>= 0.16, < 2.a)
|
101
|
-
hashdiff (1.0
|
103
|
+
hashdiff (1.1.0)
|
102
104
|
hiera (3.12.0)
|
103
105
|
hiera-eyaml (3.4.0)
|
104
106
|
highline
|
@@ -111,7 +113,6 @@ GEM
|
|
111
113
|
addressable (>= 2.4)
|
112
114
|
jwt (2.7.1)
|
113
115
|
locale (2.1.3)
|
114
|
-
memoist (0.16.2)
|
115
116
|
memory_profiler (1.0.1)
|
116
117
|
method_source (1.0.0)
|
117
118
|
mini_mime (1.1.5)
|
@@ -121,24 +122,24 @@ GEM
|
|
121
122
|
mustache (1.1.1)
|
122
123
|
optimist (3.1.0)
|
123
124
|
os (1.1.4)
|
124
|
-
parallel (1.
|
125
|
-
parser (3.
|
125
|
+
parallel (1.24.0)
|
126
|
+
parser (3.3.0.4)
|
126
127
|
ast (~> 2.4.1)
|
127
128
|
racc
|
128
129
|
pry (0.14.2)
|
129
130
|
coderay (~> 1.1)
|
130
131
|
method_source (~> 1.0)
|
131
|
-
public_suffix (5.0.
|
132
|
+
public_suffix (5.0.4)
|
132
133
|
puppet-resource_api (1.9.0)
|
133
134
|
hocon (>= 1.0)
|
134
135
|
puppetserver-ca (2.6.0)
|
135
136
|
facter (>= 2.0.1, < 5)
|
136
137
|
racc (1.5.2)
|
137
138
|
rainbow (3.1.1)
|
138
|
-
rake (13.0
|
139
|
-
rdiscount (2.2.7.
|
139
|
+
rake (13.1.0)
|
140
|
+
rdiscount (2.2.7.3)
|
140
141
|
rdoc (6.3.3)
|
141
|
-
regexp_parser (2.
|
142
|
+
regexp_parser (2.9.0)
|
142
143
|
release-metrics (1.1.0)
|
143
144
|
csv
|
144
145
|
docopt
|
@@ -177,7 +178,7 @@ GEM
|
|
177
178
|
rubocop-ast (>= 1.17.0, < 2.0)
|
178
179
|
ruby-progressbar (~> 1.7)
|
179
180
|
unicode-display_width (>= 1.4.0, < 3.0)
|
180
|
-
rubocop-ast (1.
|
181
|
+
rubocop-ast (1.30.0)
|
181
182
|
parser (>= 3.2.1.0)
|
182
183
|
rubocop-i18n (3.0.0)
|
183
184
|
rubocop (~> 1.0)
|
@@ -186,18 +187,18 @@ GEM
|
|
186
187
|
ruby2_keywords (0.0.5)
|
187
188
|
scanf (1.0.0)
|
188
189
|
semantic_puppet (1.1.0)
|
189
|
-
signet (0.
|
190
|
+
signet (0.18.0)
|
190
191
|
addressable (~> 2.8)
|
191
192
|
faraday (>= 0.17.5, < 3.a)
|
192
193
|
jwt (>= 1.5, < 3.0)
|
193
194
|
multi_json (~> 1.10)
|
194
195
|
text (1.3.1)
|
195
|
-
thor (1.
|
196
|
+
thor (1.3.0)
|
196
197
|
trailblazer-option (0.1.2)
|
197
198
|
uber (0.1.0)
|
198
|
-
unicode-display_width (2.
|
199
|
+
unicode-display_width (2.5.0)
|
199
200
|
vcr (5.1.0)
|
200
|
-
webmock (3.
|
201
|
+
webmock (3.19.1)
|
201
202
|
addressable (>= 2.8.0)
|
202
203
|
crack (>= 0.3.2)
|
203
204
|
hashdiff (>= 0.4.0, < 2.0.0)
|
@@ -209,7 +210,7 @@ PLATFORMS
|
|
209
210
|
|
210
211
|
DEPENDENCIES
|
211
212
|
diff-lcs (~> 1.3)
|
212
|
-
ffi
|
213
|
+
ffi (= 1.15.5)
|
213
214
|
gettext-setup (~> 0.28)
|
214
215
|
hiera-eyaml
|
215
216
|
hocon (~> 1.0)
|
@@ -238,4 +239,4 @@ DEPENDENCIES
|
|
238
239
|
yard
|
239
240
|
|
240
241
|
BUNDLED WITH
|
241
|
-
2.4.
|
242
|
+
2.4.20
|
data/Rakefile
CHANGED
@@ -58,33 +58,6 @@ task(:rubocop) do
|
|
58
58
|
raise "RuboCop detected offenses" if exit_code != 0
|
59
59
|
end
|
60
60
|
|
61
|
-
desc "verify that commit messages match CONTRIBUTING.md requirements"
|
62
|
-
task(:commits) do
|
63
|
-
# This rake task looks at the summary from every commit from this branch not
|
64
|
-
# in the branch targeted for a PR.
|
65
|
-
commit_range = 'HEAD^..HEAD'
|
66
|
-
puts "Checking commits #{commit_range}"
|
67
|
-
%x{git log --no-merges --pretty=%s #{commit_range}}.each_line do |commit_summary|
|
68
|
-
# This regex tests for the currently supported commit summary tokens: maint, doc, packaging, or pup-<number>.
|
69
|
-
# The exception tries to explain it in more full.
|
70
|
-
if /^\((maint|doc|docs|packaging|l10n|pup-\d+)\)|revert/i.match(commit_summary).nil?
|
71
|
-
raise "\n\n\n\tThis commit summary didn't match CONTRIBUTING.md guidelines:\n" \
|
72
|
-
"\n\t\t#{commit_summary}\n" \
|
73
|
-
"\tThe commit summary (i.e. the first line of the commit message) should start with one of:\n" \
|
74
|
-
"\t\t(PUP-<digits>) # this is most common and should be a ticket at tickets.puppet.com\n" \
|
75
|
-
"\t\t(docs)\n" \
|
76
|
-
"\t\t(docs)(DOCUMENT-<digits>)\n" \
|
77
|
-
"\t\t(maint)\n" \
|
78
|
-
"\t\t(packaging)\n" \
|
79
|
-
"\t\t(L10n)\n" \
|
80
|
-
"\n\tThis test for the commit summary is case-insensitive.\n\n\n"
|
81
|
-
else
|
82
|
-
puts "#{commit_summary}"
|
83
|
-
end
|
84
|
-
puts "...passed"
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
61
|
desc "verify that changed files are clean of Ruby warnings"
|
89
62
|
task(:warnings) do
|
90
63
|
# This rake task looks at all files modified in this branch.
|
data/ext/project_data.yaml
CHANGED
@@ -40,11 +40,11 @@ gem_platform_dependencies:
|
|
40
40
|
CFPropertyList: '~> 2.2'
|
41
41
|
x86-mingw32:
|
42
42
|
gem_runtime_dependencies:
|
43
|
-
ffi:
|
43
|
+
ffi: '1.15.5'
|
44
44
|
minitar: '~> 0.9'
|
45
45
|
x64-mingw32:
|
46
46
|
gem_runtime_dependencies:
|
47
|
-
ffi:
|
47
|
+
ffi: '1.15.5'
|
48
48
|
minitar: '~> 0.9'
|
49
49
|
bundle_platforms:
|
50
50
|
universal-darwin: all
|
@@ -59,6 +59,11 @@ ACTIONS
|
|
59
59
|
the CSR. Otherwise a new key pair will be generated. If a CSR has already
|
60
60
|
been submitted with the given `certname`, then the operation will fail.
|
61
61
|
|
62
|
+
* generate_request:
|
63
|
+
Generate a certificate signing request (CSR). If
|
64
|
+
a private and public key pair already exist, they will be used to generate
|
65
|
+
the CSR. Otherwise a new key pair will be generated.
|
66
|
+
|
62
67
|
* download_cert:
|
63
68
|
Download a certificate for this host. If the current private key matches
|
64
69
|
the downloaded certificate, then the certificate will be saved and used
|
@@ -136,9 +141,21 @@ HELP
|
|
136
141
|
unless cert
|
137
142
|
raise Puppet::Error, _("The certificate for '%{name}' has not yet been signed") % { name: certname }
|
138
143
|
end
|
144
|
+
when 'generate_request'
|
145
|
+
generate_request(certname)
|
139
146
|
when 'verify'
|
140
147
|
verify(certname)
|
141
148
|
when 'clean'
|
149
|
+
possible_extra_args = command_line.args.drop(1)
|
150
|
+
unless possible_extra_args.empty?
|
151
|
+
raise Puppet::Error, _(<<END) % { args: possible_extra_args.join(' ')}
|
152
|
+
Extra arguments detected: %{args}
|
153
|
+
Did you mean to run:
|
154
|
+
puppetserver ca clean --certname <name>
|
155
|
+
Or:
|
156
|
+
puppet ssl clean --target <name>
|
157
|
+
END
|
158
|
+
end
|
142
159
|
clean(certname)
|
143
160
|
when 'bootstrap'
|
144
161
|
if !Puppet::Util::Log.sendlevel?(:info)
|
@@ -162,13 +179,7 @@ HELP
|
|
162
179
|
def submit_request(ssl_context)
|
163
180
|
key = @cert_provider.load_private_key(Puppet[:certname])
|
164
181
|
unless key
|
165
|
-
|
166
|
-
Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: Puppet[:certname], curve: Puppet[:named_curve] }
|
167
|
-
key = OpenSSL::PKey::EC.generate(Puppet[:named_curve])
|
168
|
-
else
|
169
|
-
Puppet.info _("Creating a new SSL key for %{name}") % { name: Puppet[:certname] }
|
170
|
-
key = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
|
171
|
-
end
|
182
|
+
key = create_key(Puppet[:certname])
|
172
183
|
@cert_provider.save_private_key(Puppet[:certname], key)
|
173
184
|
end
|
174
185
|
|
@@ -187,6 +198,20 @@ HELP
|
|
187
198
|
raise Puppet::Error.new(_("Failed to submit certificate request: %{message}") % { message: e.message }, e)
|
188
199
|
end
|
189
200
|
|
201
|
+
def generate_request(certname)
|
202
|
+
key = @cert_provider.load_private_key(certname)
|
203
|
+
unless key
|
204
|
+
key = create_key(certname)
|
205
|
+
@cert_provider.save_private_key(certname, key)
|
206
|
+
end
|
207
|
+
|
208
|
+
csr = @cert_provider.create_request(certname, key)
|
209
|
+
@cert_provider.save_request(certname, csr)
|
210
|
+
Puppet.notice _("Generated certificate request in '%{path}'") % { path: @cert_provider.to_path(Puppet[:requestdir], certname) }
|
211
|
+
rescue => e
|
212
|
+
raise Puppet::Error.new(_("Failed to generate certificate request: %{message}") % { message: e.message }, e)
|
213
|
+
end
|
214
|
+
|
190
215
|
def download_cert(ssl_context)
|
191
216
|
key = @cert_provider.load_private_key(Puppet[:certname])
|
192
217
|
|
@@ -285,4 +310,14 @@ END
|
|
285
310
|
def create_route(ssl_context)
|
286
311
|
@session.route_to(:ca, ssl_context: ssl_context)
|
287
312
|
end
|
313
|
+
|
314
|
+
def create_key(certname)
|
315
|
+
if Puppet[:key_type] == 'ec'
|
316
|
+
Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: certname, curve: Puppet[:named_curve] }
|
317
|
+
OpenSSL::PKey::EC.generate(Puppet[:named_curve])
|
318
|
+
else
|
319
|
+
Puppet.info _("Creating a new SSL key for %{name}") % { name: certname }
|
320
|
+
OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
|
321
|
+
end
|
322
|
+
end
|
288
323
|
end
|
data/lib/puppet/application.rb
CHANGED
@@ -503,8 +503,12 @@ class Application
|
|
503
503
|
runtime_info = {
|
504
504
|
'puppet_version' => Puppet.version,
|
505
505
|
'ruby_version' => RUBY_VERSION,
|
506
|
-
'run_mode' => self.class.run_mode.name
|
506
|
+
'run_mode' => self.class.run_mode.name
|
507
507
|
}
|
508
|
+
unless Puppet::Util::Platform.jruby_fips?
|
509
|
+
runtime_info['openssl_version'] = "'#{OpenSSL::OPENSSL_VERSION}'"
|
510
|
+
runtime_info['openssl_fips'] = OpenSSL::OPENSSL_FIPS
|
511
|
+
end
|
508
512
|
runtime_info['default_encoding'] = Encoding.default_external
|
509
513
|
runtime_info.merge!(extra_info) unless extra_info.nil?
|
510
514
|
|
data/lib/puppet/configurer.rb
CHANGED
@@ -194,7 +194,6 @@ class Puppet::Configurer
|
|
194
194
|
path.push(key)
|
195
195
|
parse_fact_name_and_value_limits(value, path)
|
196
196
|
path.pop
|
197
|
-
@number_of_facts += 1
|
198
197
|
end
|
199
198
|
when Array
|
200
199
|
object.each_with_index do |e, idx|
|
@@ -205,6 +204,7 @@ class Puppet::Configurer
|
|
205
204
|
else
|
206
205
|
check_fact_name_length(path.join(), path.size)
|
207
206
|
check_fact_values_length(object)
|
207
|
+
@number_of_facts += 1
|
208
208
|
end
|
209
209
|
end
|
210
210
|
|
@@ -150,7 +150,7 @@ class Puppet::FileSystem::FileImpl
|
|
150
150
|
end
|
151
151
|
|
152
152
|
def compare_stream(path, stream)
|
153
|
-
open(path, 0, 'rb') { |this| FileUtils.compare_stream(this, stream) }
|
153
|
+
::File.open(path, 0, 'rb') { |this| FileUtils.compare_stream(this, stream) }
|
154
154
|
end
|
155
155
|
|
156
156
|
def chmod(mode, path)
|
@@ -10,7 +10,7 @@ class Puppet::FileSystem::Posix < Puppet::FileSystem::FileImpl
|
|
10
10
|
# issue this method reimplements the faster 2.0 version that will correctly
|
11
11
|
# compare binary File and StringIO streams.
|
12
12
|
def compare_stream(path, stream)
|
13
|
-
open(path,
|
13
|
+
::File.open(path, 'rb') do |this|
|
14
14
|
bsize = stream_blksize(this, stream)
|
15
15
|
sa = "".force_encoding('ASCII-8BIT')
|
16
16
|
sb = "".force_encoding('ASCII-8BIT')
|
@@ -35,6 +35,21 @@ Puppet::Functions.create_function(:split) do
|
|
35
35
|
param 'Type[Regexp]', :pattern
|
36
36
|
end
|
37
37
|
|
38
|
+
dispatch :split_String_sensitive do
|
39
|
+
param 'Sensitive[String]', :sensitive
|
40
|
+
param 'String', :pattern
|
41
|
+
end
|
42
|
+
|
43
|
+
dispatch :split_Regexp_sensitive do
|
44
|
+
param 'Sensitive[String]', :sensitive
|
45
|
+
param 'Regexp', :pattern
|
46
|
+
end
|
47
|
+
|
48
|
+
dispatch :split_RegexpType_sensitive do
|
49
|
+
param 'Sensitive[String]', :sensitive
|
50
|
+
param 'Type[Regexp]', :pattern
|
51
|
+
end
|
52
|
+
|
38
53
|
def split_String(str, pattern)
|
39
54
|
str.split(Regexp.compile(pattern))
|
40
55
|
end
|
@@ -46,4 +61,16 @@ Puppet::Functions.create_function(:split) do
|
|
46
61
|
def split_RegexpType(str, pattern)
|
47
62
|
str.split(pattern.regexp)
|
48
63
|
end
|
49
|
-
|
64
|
+
|
65
|
+
def split_String_sensitive(sensitive, pattern)
|
66
|
+
Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_String(sensitive.unwrap, pattern))
|
67
|
+
end
|
68
|
+
|
69
|
+
def split_Regexp_sensitive(sensitive, pattern)
|
70
|
+
Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_Regexp(sensitive.unwrap, pattern))
|
71
|
+
end
|
72
|
+
|
73
|
+
def split_RegexpType_sensitive(sensitive, pattern)
|
74
|
+
Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_RegexpType(sensitive.unwrap, pattern))
|
75
|
+
end
|
76
|
+
end
|
@@ -119,6 +119,10 @@ class Puppet::HTTP::Service::Compiler < Puppet::HTTP::Service
|
|
119
119
|
params: { environment: environment },
|
120
120
|
)
|
121
121
|
|
122
|
+
if (compiler = response['X-Puppet-Compiler-Name'])
|
123
|
+
Puppet.notice("Catalog compiled by #{compiler}")
|
124
|
+
end
|
125
|
+
|
122
126
|
process_response(response)
|
123
127
|
|
124
128
|
[response, deserialize(response, Puppet::Resource::Catalog)]
|
@@ -53,12 +53,20 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
|
|
53
53
|
node.trusted_data = Puppet.lookup(:trusted_information) { Puppet::Context::TrustedInformation.local(node) }.to_h
|
54
54
|
|
55
55
|
if node.environment
|
56
|
-
# If the requested environment doesn't match the server specified environment
|
57
|
-
# as determined by the node terminus, and the request wants us to check for an
|
56
|
+
# If the requested environment name doesn't match the server specified environment
|
57
|
+
# name, as determined by the node terminus, and the request wants us to check for an
|
58
58
|
# environment mismatch, then return an empty catalog with the server-specified
|
59
59
|
# enviroment.
|
60
|
-
if request.remote? && request.options[:check_environment]
|
61
|
-
|
60
|
+
if request.remote? && request.options[:check_environment]
|
61
|
+
# The "environment" may be same while environment objects differ. This
|
62
|
+
# is most likely because the environment cache was flushed between the request
|
63
|
+
# processing and node lookup. Environment overrides `==` but requires the
|
64
|
+
# name and modulepath to be the same. When using versioned environment dirs the
|
65
|
+
# same "environment" can have different modulepaths so simply compare names here.
|
66
|
+
if node.environment.name != request.environment.name
|
67
|
+
Puppet.warning _("Requested environment '%{request_env}' did not match server specified environment '%{server_env}'") % {request_env: request.environment.name, server_env: node.environment.name}
|
68
|
+
return Puppet::Resource::Catalog.new(node.name, node.environment)
|
69
|
+
end
|
62
70
|
end
|
63
71
|
|
64
72
|
node.environment.with_text_domain do
|
@@ -13,6 +13,14 @@ class Puppet::Resource::Catalog::Rest < Puppet::Indirector::REST
|
|
13
13
|
|
14
14
|
session = Puppet.lookup(:http_session)
|
15
15
|
api = session.route_to(:puppet)
|
16
|
+
|
17
|
+
ip_address = begin
|
18
|
+
" (#{Resolv.getaddress(api.url.host)})"
|
19
|
+
rescue Resolv::ResolvError
|
20
|
+
nil
|
21
|
+
end
|
22
|
+
Puppet.notice("Requesting catalog from #{api.url.host}:#{api.url.port}#{ip_address}")
|
23
|
+
|
16
24
|
_, catalog = api.post_catalog(
|
17
25
|
request.key,
|
18
26
|
facts: request.options[:facts_for_catalog],
|
@@ -264,12 +264,14 @@ def #{@name}(#{decl.join(", ")})
|
|
264
264
|
end
|
265
265
|
WRAPPER
|
266
266
|
|
267
|
+
# It should be possible to rewrite this code to use `define_method`
|
268
|
+
# instead of `class/instance_eval` since Ruby 1.8 is long dead.
|
267
269
|
if @face.is_a?(Class)
|
268
|
-
@face.class_eval do eval wrapper, nil, file, line end
|
270
|
+
@face.class_eval do eval wrapper, nil, file, line end # rubocop:disable Security/Eval
|
269
271
|
@face.send(:define_method, internal_name, &block)
|
270
272
|
@when_invoked = @face.instance_method(name)
|
271
273
|
else
|
272
|
-
@face.instance_eval do eval wrapper, nil, file, line end
|
274
|
+
@face.instance_eval do eval wrapper, nil, file, line end # rubocop:disable Security/Eval
|
273
275
|
@face.meta_def(internal_name, &block)
|
274
276
|
@when_invoked = @face.method(name).unbind
|
275
277
|
end
|
@@ -4,6 +4,8 @@
|
|
4
4
|
# within the context of a new instance of this class.
|
5
5
|
# @api public
|
6
6
|
class Puppet::Interface::ActionBuilder
|
7
|
+
extend Forwardable
|
8
|
+
|
7
9
|
# The action under construction
|
8
10
|
# @return [Puppet::Interface::Action]
|
9
11
|
# @api private
|
@@ -141,15 +143,8 @@ class Puppet::Interface::ActionBuilder
|
|
141
143
|
property = setter.to_s.chomp('=')
|
142
144
|
|
143
145
|
unless method_defined? property
|
144
|
-
#
|
145
|
-
|
146
|
-
# Ruby versions if you pass the wrong number of arguments, but carries
|
147
|
-
# on, which is totally not what we want. --daniel 2011-04-18
|
148
|
-
eval <<-METHOD
|
149
|
-
def #{property}(value)
|
150
|
-
@action.#{property} = value
|
151
|
-
end
|
152
|
-
METHOD
|
146
|
+
# ActionBuilder#<property> delegates to Action#<setter>
|
147
|
+
def_delegator :@action, setter, property
|
153
148
|
end
|
154
149
|
end
|
155
150
|
|
@@ -591,10 +591,12 @@ class Puppet::Node::Environment
|
|
591
591
|
if file == NO_MANIFEST
|
592
592
|
empty_parse_result
|
593
593
|
elsif File.directory?(file)
|
594
|
-
|
595
|
-
|
596
|
-
|
597
|
-
|
594
|
+
# JRuby does not properly perform Dir.glob operations with wildcards, (see PUP-11788 and https://github.com/jruby/jruby/issues/7836).
|
595
|
+
# We sort the results because Dir.glob order is inconsistent in Ruby < 3 (see PUP-10115).
|
596
|
+
parse_results = Puppet::FileSystem::PathPattern.absolute(File.join(file, '**/*')).glob.select {|globbed_file| globbed_file.end_with?('.pp')}.sort.map do | file_to_parse |
|
597
|
+
parser.file = file_to_parse
|
598
|
+
parser.parse
|
599
|
+
end
|
598
600
|
# Use a parser type specific merger to concatenate the results
|
599
601
|
Puppet::Parser::AST::Hostclass.new('', :code => Puppet::Parser::ParserFactory.code_merger.concatenate(parse_results))
|
600
602
|
else
|
@@ -19,7 +19,7 @@ class Puppet::Pops::Loader::RubyDataTypeInstantiator
|
|
19
19
|
# make the private loader available in a binding to allow it to be passed on
|
20
20
|
loader_for_type = loader.private_loader
|
21
21
|
here = get_binding(loader_for_type)
|
22
|
-
created = eval(ruby_code_string, here, source_ref, 1)
|
22
|
+
created = eval(ruby_code_string, here, source_ref, 1) # rubocop:disable Security/Eval
|
23
23
|
unless created.is_a?(Puppet::Pops::Types::PAnyType)
|
24
24
|
raise ArgumentError, _("The code loaded from %{source_ref} did not produce a data type when evaluated. Got '%{klass}'") % { source_ref: source_ref, klass: created.class }
|
25
25
|
end
|
@@ -19,7 +19,7 @@ class Puppet::Pops::Loader::RubyFunctionInstantiator
|
|
19
19
|
# make the private loader available in a binding to allow it to be passed on
|
20
20
|
loader_for_function = loader.private_loader
|
21
21
|
here = get_binding(loader_for_function)
|
22
|
-
created = eval(ruby_code_string, here, source_ref, 1)
|
22
|
+
created = eval(ruby_code_string, here, source_ref, 1) # rubocop:disable Security/Eval
|
23
23
|
unless created.is_a?(Class)
|
24
24
|
raise ArgumentError, _("The code loaded from %{source_ref} did not produce a Function class when evaluated. Got '%{klass}'") % { source_ref: source_ref, klass: created.class }
|
25
25
|
end
|
@@ -37,7 +37,7 @@ class Puppet::Pops::Loader::RubyLegacyFunctionInstantiator
|
|
37
37
|
# This will do the 3x loading and define the "function_<name>" and "real_function_<name>" methods
|
38
38
|
# in the anonymous module used to hold function definitions.
|
39
39
|
#
|
40
|
-
func_info = eval(ruby_code_string, here, source_ref, 1)
|
40
|
+
func_info = eval(ruby_code_string, here, source_ref, 1) # rubocop:disable Security/Eval
|
41
41
|
|
42
42
|
# Validate what was loaded
|
43
43
|
unless func_info.is_a?(Hash)
|
@@ -66,7 +66,7 @@ Puppet::Type.type(:package).provide(:appdmg, :parent => Puppet::Provider::Packag
|
|
66
66
|
end
|
67
67
|
end
|
68
68
|
|
69
|
-
open(cached_source) do |dmg|
|
69
|
+
File.open(cached_source) do |dmg|
|
70
70
|
xml_str = hdiutil "mount", "-plist", "-nobrowse", "-readonly", "-mountrandom", "/tmp", dmg.path
|
71
71
|
ptable = Puppet::Util::Plist::parse_plist(xml_str)
|
72
72
|
# JJM Filter out all mount-paths into a single array, discard the rest.
|
@@ -12,7 +12,7 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
12
12
|
These options should be specified as an array where each element is either a
|
13
13
|
string or a hash."
|
14
14
|
|
15
|
-
has_feature :versionable, :install_options, :virtual_packages
|
15
|
+
has_feature :versionable, :install_options, :virtual_packages, :version_ranges
|
16
16
|
|
17
17
|
commands :aptget => "/usr/bin/apt-get"
|
18
18
|
commands :aptcache => "/usr/bin/apt-cache"
|
@@ -9,7 +9,7 @@ Puppet::Type.type(:package).provide :dnf, :parent => :yum do
|
|
9
9
|
These options should be specified as an array where each element is either
|
10
10
|
a string or a hash."
|
11
11
|
|
12
|
-
has_feature :install_options, :versionable, :virtual_packages, :install_only
|
12
|
+
has_feature :install_options, :versionable, :virtual_packages, :install_only, :version_ranges
|
13
13
|
|
14
14
|
commands :cmd => "dnf", :rpm => "rpm"
|
15
15
|
|
@@ -32,6 +32,7 @@ Puppet::Type.type(:package).provide :dnf, :parent => :yum do
|
|
32
32
|
notdefaultfor :operatingsystem => :fedora, :operatingsystemmajrelease => (19..21).to_a
|
33
33
|
defaultfor :osfamily => :redhat
|
34
34
|
notdefaultfor :osfamily => :redhat, :operatingsystemmajrelease => (4..7).to_a
|
35
|
+
defaultfor :operatingsystem => :amazon, :operatingsystemmajrelease => ["2023"]
|
35
36
|
|
36
37
|
def self.update_command
|
37
38
|
# In DNF, update is deprecated for upgrade
|
@@ -93,7 +93,7 @@ Puppet::Type.type(:package).provide :dnfmodule, :parent => :dnf do
|
|
93
93
|
# module has no default profile and no profile was requested, so just enable the stream
|
94
94
|
# DNF versions prior to 4.2.8 do not need this workaround
|
95
95
|
# see https://bugzilla.redhat.com/show_bug.cgi?id=1669527
|
96
|
-
if @resource[:flavor] == nil && e.message =~ /^(?:missing|broken) groups or modules: #{Regexp.quote(
|
96
|
+
if @resource[:flavor] == nil && e.message =~ /^(?:missing|broken) groups or modules: #{Regexp.quote(args)}$/
|
97
97
|
enable(args)
|
98
98
|
else
|
99
99
|
raise
|