puppet 7.4.1 → 7.5.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +19 -13
- data/lib/puppet/application/ssl.rb +11 -0
- data/lib/puppet/defaults.rb +8 -0
- data/lib/puppet/environments.rb +16 -1
- data/lib/puppet/ffi/windows/api_types.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +2 -0
- data/lib/puppet/http/factory.rb +4 -0
- data/lib/puppet/network/http.rb +5 -2
- data/lib/puppet/network/http/api.rb +10 -6
- data/lib/puppet/network/http/api/master.rb +3 -2
- data/lib/puppet/network/http/api/master/v3.rb +2 -25
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
- data/lib/puppet/network/http/api/server.rb +10 -0
- data/lib/puppet/network/http/api/server/v3.rb +39 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
- data/lib/puppet/pops/parser/lexer2.rb +0 -4
- data/lib/puppet/pops/validation/checker4_0.rb +0 -1
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/man/man5/puppet.conf.5 +10 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/parser/collection_spec.rb +10 -0
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/unit/application/facts_spec.rb +5 -5
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/environments_spec.rb +164 -88
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/http/factory_spec.rb +19 -0
- data/spec/unit/network/http/api/master_spec.rb +38 -0
- data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
- data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
- data/spec/unit/network/http/api_spec.rb +11 -11
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/validator/validator_spec.rb +20 -43
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- metadata +11 -16
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d0c46be8ea84f210c98907f78f8fa7e67ddfe3500e77a8a1ab503f28f1887285
|
|
4
|
+
data.tar.gz: e237a260fc5fb15474bd6713dad901fc7af6199d3da584aadb3c15cbff45886b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8cea314360893199a90e60d9da0a393f7caae00ec554bfa643d4b66a254d1a71a520eb5f0fd4b28adec1869c1ac693362613aea38c747c3c7b9f75f8af720bea
|
|
7
|
+
data.tar.gz: 9df0489d6c2160814c17c28af8b151aa81175fb8919e4d80552733ad7657e22147da2743ac6780f786481d923f7f2e6044b88fc80ec9c570105b63f5ac1c1d85
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,18 @@
|
|
|
1
|
+
GIT
|
|
2
|
+
remote: git://github.com/ciprianbadescu/packaging
|
|
3
|
+
revision: 5f8d2bda941abfeeb8fb1731c9b1dd4d108f5d33
|
|
4
|
+
branch: maint/windows-signing
|
|
5
|
+
specs:
|
|
6
|
+
packaging (0.99.49.171.g5f8d2bd)
|
|
7
|
+
artifactory (~> 2)
|
|
8
|
+
csv (= 3.1.5)
|
|
9
|
+
rake (>= 12.3)
|
|
10
|
+
release-metrics
|
|
11
|
+
|
|
1
12
|
PATH
|
|
2
13
|
remote: .
|
|
3
14
|
specs:
|
|
4
|
-
puppet (7.
|
|
15
|
+
puppet (7.5.0)
|
|
5
16
|
CFPropertyList (~> 2.2)
|
|
6
17
|
concurrent-ruby (~> 1.0)
|
|
7
18
|
deep_merge (~> 1.0)
|
|
@@ -33,7 +44,7 @@ GEM
|
|
|
33
44
|
hocon (~> 1.3)
|
|
34
45
|
thor (>= 1.0.1, < 2.0)
|
|
35
46
|
fast_gettext (1.1.2)
|
|
36
|
-
ffi (1.
|
|
47
|
+
ffi (1.15.0)
|
|
37
48
|
gettext (3.2.9)
|
|
38
49
|
locale (>= 2.0.5)
|
|
39
50
|
text (>= 1.3.0)
|
|
@@ -43,10 +54,10 @@ GEM
|
|
|
43
54
|
locale
|
|
44
55
|
hashdiff (1.0.1)
|
|
45
56
|
hiera (3.6.0)
|
|
46
|
-
hiera-eyaml (3.2.
|
|
47
|
-
highline
|
|
57
|
+
hiera-eyaml (3.2.1)
|
|
58
|
+
highline
|
|
48
59
|
optimist
|
|
49
|
-
highline (
|
|
60
|
+
highline (2.0.3)
|
|
50
61
|
hocon (1.3.1)
|
|
51
62
|
hpricot (0.8.6)
|
|
52
63
|
json-schema (2.8.1)
|
|
@@ -59,11 +70,6 @@ GEM
|
|
|
59
70
|
multi_json (1.15.0)
|
|
60
71
|
mustache (1.1.1)
|
|
61
72
|
optimist (3.0.1)
|
|
62
|
-
packaging (0.99.75)
|
|
63
|
-
artifactory (~> 2)
|
|
64
|
-
csv (= 3.1.5)
|
|
65
|
-
rake (>= 12.3)
|
|
66
|
-
release-metrics
|
|
67
73
|
parallel (1.20.1)
|
|
68
74
|
parser (2.7.2.0)
|
|
69
75
|
ast (~> 2.4.1)
|
|
@@ -115,7 +121,7 @@ GEM
|
|
|
115
121
|
unicode-display_width (~> 1.0, >= 1.0.1)
|
|
116
122
|
rubocop-i18n (1.2.0)
|
|
117
123
|
rubocop (~> 0.49.0)
|
|
118
|
-
ruby-prof (1.4.
|
|
124
|
+
ruby-prof (1.4.3)
|
|
119
125
|
ruby-progressbar (1.11.0)
|
|
120
126
|
scanf (1.0.0)
|
|
121
127
|
semantic_puppet (1.0.3)
|
|
@@ -123,7 +129,7 @@ GEM
|
|
|
123
129
|
thor (1.1.0)
|
|
124
130
|
unicode-display_width (1.7.0)
|
|
125
131
|
vcr (5.1.0)
|
|
126
|
-
webmock (3.
|
|
132
|
+
webmock (3.12.1)
|
|
127
133
|
addressable (>= 2.3.6)
|
|
128
134
|
crack (>= 0.3.2)
|
|
129
135
|
hashdiff (>= 0.4.0, < 2.0.0)
|
|
@@ -142,7 +148,7 @@ DEPENDENCIES
|
|
|
142
148
|
memory_profiler
|
|
143
149
|
minitar (~> 0.9)
|
|
144
150
|
msgpack (~> 1.2)
|
|
145
|
-
packaging
|
|
151
|
+
packaging!
|
|
146
152
|
pry
|
|
147
153
|
puppet!
|
|
148
154
|
puppet-resource_api (~> 1.5)
|
|
@@ -74,6 +74,9 @@ ACTIONS
|
|
|
74
74
|
`--localca` is specified, then also remove this host's local copy of the
|
|
75
75
|
CA certificate(s) and CRL bundle. if `--target CERTNAME` is specified, then
|
|
76
76
|
remove the files for the specified device on this host instead of this host.
|
|
77
|
+
|
|
78
|
+
* show:
|
|
79
|
+
Print the full-text version of this host's certificate.
|
|
77
80
|
HELP
|
|
78
81
|
end
|
|
79
82
|
|
|
@@ -142,11 +145,19 @@ HELP
|
|
|
142
145
|
end
|
|
143
146
|
@machine.ensure_client_certificate
|
|
144
147
|
Puppet.notice(_("Completed SSL initialization"))
|
|
148
|
+
when 'show'
|
|
149
|
+
show(certname)
|
|
145
150
|
else
|
|
146
151
|
raise Puppet::Error, _("Unknown action '%{action}'") % { action: action }
|
|
147
152
|
end
|
|
148
153
|
end
|
|
149
154
|
|
|
155
|
+
def show(certname)
|
|
156
|
+
password = @cert_provider.load_private_key_password
|
|
157
|
+
ssl_context = @ssl_provider.load_context(certname: certname, password: password)
|
|
158
|
+
puts ssl_context.client_cert.to_text
|
|
159
|
+
end
|
|
160
|
+
|
|
150
161
|
def submit_request(ssl_context)
|
|
151
162
|
key = @cert_provider.load_private_key(Puppet[:certname])
|
|
152
163
|
unless key
|
data/lib/puppet/defaults.rb
CHANGED
|
@@ -1033,6 +1033,14 @@ EOT
|
|
|
1033
1033
|
certificate revocation checking and does not attempt to download the CRL.
|
|
1034
1034
|
EOT
|
|
1035
1035
|
},
|
|
1036
|
+
:ciphers => {
|
|
1037
|
+
:default => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256',
|
|
1038
|
+
:type => :string,
|
|
1039
|
+
:desc => "The list of ciphersuites for TLS connections initiated by puppet. The
|
|
1040
|
+
default value is chosen to support TLS 1.0 and up, but can be made
|
|
1041
|
+
more restrictive if needed. The ciphersuites must be specified in OpenSSL
|
|
1042
|
+
format, not IANA."
|
|
1043
|
+
},
|
|
1036
1044
|
:key_type => {
|
|
1037
1045
|
:default => 'rsa',
|
|
1038
1046
|
:type => :enum,
|
data/lib/puppet/environments.rb
CHANGED
|
@@ -225,6 +225,9 @@ module Puppet::Environments
|
|
|
225
225
|
private
|
|
226
226
|
|
|
227
227
|
def create_environment(name)
|
|
228
|
+
# interpolated modulepaths may be cached from prior environment instances
|
|
229
|
+
Puppet.settings.clear_environment_settings(name)
|
|
230
|
+
|
|
228
231
|
env_symbol = name.intern
|
|
229
232
|
setting_values = Puppet.settings.values(env_symbol, Puppet.settings.preferred_run_mode)
|
|
230
233
|
env = Puppet::Node::Environment.create(
|
|
@@ -350,7 +353,19 @@ module Puppet::Environments
|
|
|
350
353
|
|
|
351
354
|
# @!macro loader_list
|
|
352
355
|
def list
|
|
353
|
-
|
|
356
|
+
# Evict all that have expired, in the same way as `get`
|
|
357
|
+
clear_all_expired
|
|
358
|
+
|
|
359
|
+
@loader.list.map do |env|
|
|
360
|
+
name = env.name
|
|
361
|
+
old_entry = @cache[name]
|
|
362
|
+
if old_entry
|
|
363
|
+
old_entry.value
|
|
364
|
+
else
|
|
365
|
+
add_entry(name, entry(env))
|
|
366
|
+
env
|
|
367
|
+
end
|
|
368
|
+
end
|
|
354
369
|
end
|
|
355
370
|
|
|
356
371
|
# @!macro loader_search_paths
|
|
@@ -20,7 +20,7 @@ module Puppet::FFI::Windows
|
|
|
20
20
|
|
|
21
21
|
class ::FFI::Pointer
|
|
22
22
|
NULL_HANDLE = 0
|
|
23
|
-
WCHAR_NULL = "\0\0".
|
|
23
|
+
WCHAR_NULL = "\0\0".force_encoding('UTF-16LE').freeze
|
|
24
24
|
|
|
25
25
|
def self.from_string_to_wide_string(str, &block)
|
|
26
26
|
str = Puppet::Util::Windows::String.wide_string(str)
|
|
@@ -7,6 +7,13 @@ class Puppet::FileSystem::MemoryFile
|
|
|
7
7
|
new(path, :exist? => false, :executable? => false)
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
+
def self.a_missing_directory(path)
|
|
11
|
+
new(path,
|
|
12
|
+
:exist? => false,
|
|
13
|
+
:executable? => false,
|
|
14
|
+
:directory? => true)
|
|
15
|
+
end
|
|
16
|
+
|
|
10
17
|
def self.a_regular_file_containing(path, content)
|
|
11
18
|
new(path, :exist? => true, :executable? => false, :content => content)
|
|
12
19
|
end
|
|
@@ -18,7 +25,7 @@ class Puppet::FileSystem::MemoryFile
|
|
|
18
25
|
def self.a_directory(path, children = [])
|
|
19
26
|
new(path,
|
|
20
27
|
:exist? => true,
|
|
21
|
-
:
|
|
28
|
+
:executable? => true,
|
|
22
29
|
:directory? => true,
|
|
23
30
|
:children => children)
|
|
24
31
|
end
|
|
@@ -128,6 +128,8 @@ class Puppet::FileSystem::Windows < Puppet::FileSystem::Posix
|
|
|
128
128
|
end
|
|
129
129
|
|
|
130
130
|
current_sid = Puppet::Util::Windows::SID.name_to_sid(Puppet::Util::Windows::ADSI::User.current_user_name)
|
|
131
|
+
current_sid = Puppet::Util::Windows::SID.name_to_sid(Puppet::Util::Windows::ADSI::User.current_sam_compatible_user_name) unless current_sid
|
|
132
|
+
|
|
131
133
|
dacl = case mode
|
|
132
134
|
when 0644
|
|
133
135
|
dacl = secure_dacl(current_sid)
|
data/lib/puppet/http/factory.rb
CHANGED
|
@@ -26,6 +26,10 @@ class Puppet::HTTP::Factory
|
|
|
26
26
|
|
|
27
27
|
http = Puppet::HTTP::Proxy.proxy(URI(site.addr))
|
|
28
28
|
http.use_ssl = site.use_ssl?
|
|
29
|
+
if site.use_ssl?
|
|
30
|
+
http.min_version = OpenSSL::SSL::TLS1_VERSION if http.respond_to?(:min_version)
|
|
31
|
+
http.ciphers = Puppet[:ciphers]
|
|
32
|
+
end
|
|
29
33
|
http.read_timeout = Puppet[:http_read_timeout]
|
|
30
34
|
http.open_timeout = Puppet[:http_connect_timeout]
|
|
31
35
|
http.keep_alive_timeout = KEEP_ALIVE_TIMEOUT if http.respond_to?(:keep_alive_timeout=)
|
data/lib/puppet/network/http.rb
CHANGED
|
@@ -3,8 +3,11 @@ module Puppet::Network::HTTP
|
|
|
3
3
|
HEADER_ENABLE_PROFILING = "X-Puppet-Profiling"
|
|
4
4
|
HEADER_PUPPET_VERSION = "X-Puppet-Version"
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
SERVER_URL_PREFIX = "/puppet"
|
|
7
|
+
SERVER_URL_VERSIONS = "v3"
|
|
8
|
+
|
|
9
|
+
MASTER_URL_PREFIX = SERVER_URL_PREFIX
|
|
10
|
+
MASTER_URL_VERSIONS = SERVER_URL_VERSIONS
|
|
8
11
|
|
|
9
12
|
CA_URL_PREFIX = "/puppet-ca"
|
|
10
13
|
CA_URL_VERSIONS = "v1"
|
|
@@ -18,18 +18,22 @@ class Puppet::Network::HTTP::API
|
|
|
18
18
|
"Note that Puppet 3 agents aren't compatible with this version; if you're " +
|
|
19
19
|
"running Puppet 3, you must either upgrade your agents to match the server " +
|
|
20
20
|
"or point them to a server running Puppet 3.\n\n" +
|
|
21
|
-
"
|
|
21
|
+
"Server Info:\n" +
|
|
22
22
|
" Puppet version: #{Puppet.version}\n" +
|
|
23
|
-
" Supported /puppet API versions: #{Puppet::Network::HTTP::
|
|
23
|
+
" Supported /puppet API versions: #{Puppet::Network::HTTP::SERVER_URL_VERSIONS}\n",
|
|
24
24
|
Puppet::Network::HTTP::Issues::HANDLER_NOT_FOUND)
|
|
25
25
|
end)
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def self.
|
|
29
|
-
|
|
30
|
-
Puppet::Network::HTTP::Route.path(
|
|
28
|
+
def self.server_routes
|
|
29
|
+
server_prefix = Regexp.new("^#{Puppet::Network::HTTP::SERVER_URL_PREFIX}/")
|
|
30
|
+
Puppet::Network::HTTP::Route.path(server_prefix).
|
|
31
31
|
any.
|
|
32
|
-
chain(Puppet::Network::HTTP::API::
|
|
32
|
+
chain(Puppet::Network::HTTP::API::Server::V3.routes,
|
|
33
33
|
Puppet::Network::HTTP::API.not_found)
|
|
34
34
|
end
|
|
35
|
+
|
|
36
|
+
def self.master_routes
|
|
37
|
+
server_routes
|
|
38
|
+
end
|
|
35
39
|
end
|
|
@@ -1,2 +1,3 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
1
|
+
require 'puppet/network/http/api/server'
|
|
2
|
+
|
|
3
|
+
Puppet::Network::HTTP::API::Master = Puppet::Network::HTTP::API::Server
|
|
@@ -1,26 +1,3 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
require 'puppet/network/http/api/indirected_routes'
|
|
1
|
+
require 'puppet/network/http/api/master'
|
|
2
|
+
require 'puppet/network/http/api/server/v3'
|
|
4
3
|
|
|
5
|
-
def self.wrap(&block)
|
|
6
|
-
lambda do |request, response|
|
|
7
|
-
Puppet::Network::Authorization.check_external_authorization(request.method, request.path)
|
|
8
|
-
|
|
9
|
-
block.call.call(request, response)
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
INDIRECTED = Puppet::Network::HTTP::Route.
|
|
14
|
-
path(/.*/).
|
|
15
|
-
any(wrap { Puppet::Network::HTTP::API::IndirectedRoutes.new } )
|
|
16
|
-
|
|
17
|
-
ENVIRONMENTS = Puppet::Network::HTTP::Route.
|
|
18
|
-
path(%r{^/environments$}).
|
|
19
|
-
get(wrap { Environments.new(Puppet.lookup(:environments)) } )
|
|
20
|
-
|
|
21
|
-
def self.routes
|
|
22
|
-
Puppet::Network::HTTP::Route.path(%r{v3}).
|
|
23
|
-
any.
|
|
24
|
-
chain(ENVIRONMENTS, INDIRECTED)
|
|
25
|
-
end
|
|
26
|
-
end
|
|
@@ -1,34 +1,3 @@
|
|
|
1
|
-
require 'puppet/
|
|
1
|
+
require 'puppet/network/http/api/master'
|
|
2
|
+
require 'puppet/network/http/api/server/v3/environments'
|
|
2
3
|
|
|
3
|
-
class Puppet::Network::HTTP::API::Master::V3::Environments
|
|
4
|
-
def initialize(env_loader)
|
|
5
|
-
@env_loader = env_loader
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
def call(request, response)
|
|
9
|
-
response.respond_with(200, "application/json", Puppet::Util::Json.dump({
|
|
10
|
-
"search_paths" => @env_loader.search_paths,
|
|
11
|
-
"environments" => Hash[@env_loader.list.collect do |env|
|
|
12
|
-
[env.name, {
|
|
13
|
-
"settings" => {
|
|
14
|
-
"modulepath" => env.full_modulepath,
|
|
15
|
-
"manifest" => env.manifest,
|
|
16
|
-
"environment_timeout" => timeout(env),
|
|
17
|
-
"config_version" => env.config_version || '',
|
|
18
|
-
}
|
|
19
|
-
}]
|
|
20
|
-
end]
|
|
21
|
-
}))
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
private
|
|
25
|
-
|
|
26
|
-
def timeout(env)
|
|
27
|
-
ttl = @env_loader.get_conf(env.name).environment_timeout
|
|
28
|
-
if ttl == Float::INFINITY
|
|
29
|
-
"unlimited"
|
|
30
|
-
else
|
|
31
|
-
ttl
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
require 'puppet/network/http/api/server/v3/environments'
|
|
2
|
+
require 'puppet/network/http/api/indirected_routes'
|
|
3
|
+
|
|
4
|
+
module Puppet
|
|
5
|
+
module Network
|
|
6
|
+
module HTTP
|
|
7
|
+
class API
|
|
8
|
+
module Server
|
|
9
|
+
class V3
|
|
10
|
+
|
|
11
|
+
def self.wrap(&block)
|
|
12
|
+
lambda do |request, response|
|
|
13
|
+
Puppet::Network::Authorization.
|
|
14
|
+
check_external_authorization(request.method,
|
|
15
|
+
request.path)
|
|
16
|
+
|
|
17
|
+
block.call.call(request, response)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
INDIRECTED = Puppet::Network::HTTP::Route.
|
|
22
|
+
path(/.*/).
|
|
23
|
+
any(wrap { Puppet::Network::HTTP::API::IndirectedRoutes.new } )
|
|
24
|
+
|
|
25
|
+
ENVIRONMENTS = Puppet::Network::HTTP::Route.
|
|
26
|
+
path(%r{^/environments$}).
|
|
27
|
+
get(wrap { Environments.new(Puppet.lookup(:environments)) } )
|
|
28
|
+
|
|
29
|
+
def self.routes
|
|
30
|
+
Puppet::Network::HTTP::Route.path(%r{v3}).
|
|
31
|
+
any.
|
|
32
|
+
chain(ENVIRONMENTS, INDIRECTED)
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
require 'puppet/util/json'
|
|
2
|
+
|
|
3
|
+
module Puppet
|
|
4
|
+
module Network
|
|
5
|
+
module HTTP
|
|
6
|
+
class API
|
|
7
|
+
module Server
|
|
8
|
+
class V3
|
|
9
|
+
class Environments
|
|
10
|
+
|
|
11
|
+
def initialize(env_loader)
|
|
12
|
+
@env_loader = env_loader
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def call(request, response)
|
|
16
|
+
response.respond_with(200, "application/json", Puppet::Util::Json.dump({
|
|
17
|
+
"search_paths" => @env_loader.search_paths,
|
|
18
|
+
"environments" => Hash[@env_loader.list.collect do |env|
|
|
19
|
+
[env.name, {
|
|
20
|
+
"settings" => {
|
|
21
|
+
"modulepath" => env.full_modulepath,
|
|
22
|
+
"manifest" => env.manifest,
|
|
23
|
+
"environment_timeout" => timeout(env),
|
|
24
|
+
"config_version" => env.config_version || '',
|
|
25
|
+
}
|
|
26
|
+
}]
|
|
27
|
+
end]
|
|
28
|
+
}))
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
private
|
|
32
|
+
|
|
33
|
+
def timeout(env)
|
|
34
|
+
ttl = @env_loader.get_conf(env.name).environment_timeout
|
|
35
|
+
if ttl == Float::INFINITY
|
|
36
|
+
"unlimited"
|
|
37
|
+
else
|
|
38
|
+
ttl
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|