puppet 7.7.0-universal-darwin → 7.11.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +7 -7
- data/Gemfile +4 -3
- data/Gemfile.lock +18 -18
- data/README.md +4 -4
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +1 -0
- data/install.rb +0 -4
- data/lib/puppet/application/agent.rb +4 -0
- data/lib/puppet/application/apply.rb +20 -2
- data/lib/puppet/application/filebucket.rb +1 -0
- data/lib/puppet/application/resource.rb +30 -15
- data/lib/puppet/application/ssl.rb +1 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
- data/lib/puppet/configurer.rb +169 -50
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +70 -30
- data/lib/puppet/environments.rb +75 -25
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/node/clean.rb +1 -1
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/file_serving/configuration/parser.rb +2 -0
- data/lib/puppet/file_serving/configuration.rb +2 -0
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_system/file_impl.rb +3 -1
- data/lib/puppet/file_system/windows.rb +2 -2
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/http/service/compiler.rb +6 -1
- data/lib/puppet/indirector/catalog/compiler.rb +24 -6
- data/lib/puppet/indirector/catalog/rest.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/resource/ral.rb +6 -1
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/interface/documentation.rb +1 -0
- data/lib/puppet/module/plan.rb +0 -1
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +12 -4
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/module_tool/tar/mini.rb +1 -1
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/node/environment.rb +10 -11
- data/lib/puppet/pal/pal_impl.rb +1 -1
- data/lib/puppet/parser/scope.rb +8 -7
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
- data/lib/puppet/pops/model/ast.rb +1 -0
- data/lib/puppet/pops/model/factory.rb +14 -13
- data/lib/puppet/pops/parser/egrammar.ra +2 -2
- data/lib/puppet/pops/parser/eparser.rb +752 -753
- data/lib/puppet/pops/parser/lexer2.rb +69 -68
- data/lib/puppet/pops/parser/slurp_support.rb +1 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/pops/types/type_formatter.rb +7 -6
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +16 -4
- data/lib/puppet/provider/group/groupadd.rb +5 -2
- data/lib/puppet/provider/package/apt.rb +3 -3
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/package/pip.rb +15 -3
- data/lib/puppet/provider/package/pkg.rb +9 -2
- data/lib/puppet/provider/package/puppet_gem.rb +1 -1
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
- data/lib/puppet/provider/package/windows/exe_package.rb +30 -1
- data/lib/puppet/provider/package/windows/package.rb +2 -1
- data/lib/puppet/provider/package/windows.rb +14 -1
- data/lib/puppet/provider/package/yum.rb +4 -4
- data/lib/puppet/provider/package/zypper.rb +3 -3
- data/lib/puppet/provider/parsedfile.rb +3 -0
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/freebsd.rb +1 -1
- data/lib/puppet/provider/service/init.rb +5 -5
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +3 -3
- data/lib/puppet/provider/service/systemd.rb +8 -3
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/user/aix.rb +44 -1
- data/lib/puppet/provider/user/directoryservice.rb +25 -12
- data/lib/puppet/provider/user/useradd.rb +52 -16
- data/lib/puppet/provider.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/type_collection.rb +4 -1
- data/lib/puppet/runtime.rb +11 -1
- data/lib/puppet/settings/config_file.rb +1 -8
- data/lib/puppet/settings/file_setting.rb +3 -8
- data/lib/puppet/settings/value_translator.rb +0 -1
- data/lib/puppet/settings.rb +32 -9
- data/lib/puppet/test/test_helper.rb +4 -1
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +11 -1
- data/lib/puppet/transaction/report.rb +15 -1
- data/lib/puppet/type/exec.rb +35 -5
- data/lib/puppet/type/file/mode.rb +6 -0
- data/lib/puppet/type/file.rb +6 -6
- data/lib/puppet/type/filebucket.rb +2 -2
- data/lib/puppet/type/group.rb +0 -1
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +8 -9
- data/lib/puppet/type/tidy.rb +1 -1
- data/lib/puppet/type/user.rb +39 -22
- data/lib/puppet/type.rb +1 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/log.rb +1 -2
- data/lib/puppet/util/logging.rb +1 -25
- data/lib/puppet/util/monkey_patches.rb +2 -17
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +1 -2
- data/lib/puppet/util/symbolic_file_mode.rb +29 -17
- data/lib/puppet/util/tagging.rb +1 -0
- data/lib/puppet/util/windows/sid.rb +3 -1
- data/lib/puppet/util/windows/user.rb +0 -1
- data/lib/puppet/util.rb +4 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +3 -21
- data/lib/puppet.rb +5 -9
- data/locales/puppet.pot +346 -274
- data/man/man5/puppet.conf.5 +76 -25
- data/man/man8/puppet-agent.8 +4 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +7 -7
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +3 -3
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/fixtures/ssl/127.0.0.1-key.pem +106 -106
- data/spec/fixtures/ssl/127.0.0.1.pem +48 -48
- data/spec/fixtures/ssl/bad-basic-constraints.pem +54 -54
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +51 -51
- data/spec/fixtures/ssl/ca.pem +52 -52
- data/spec/fixtures/ssl/crl.pem +25 -25
- data/spec/fixtures/ssl/ec-key-openssl.pem +8 -0
- data/spec/fixtures/ssl/ec-key-pk8.pem +5 -0
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +32 -32
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +107 -107
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +25 -25
- data/spec/fixtures/ssl/intermediate-agent.pem +54 -54
- data/spec/fixtures/ssl/intermediate-crl.pem +28 -28
- data/spec/fixtures/ssl/intermediate.pem +51 -51
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +106 -106
- data/spec/fixtures/ssl/pluto.pem +50 -50
- data/spec/fixtures/ssl/request-key.pem +106 -106
- data/spec/fixtures/ssl/request.pem +45 -45
- data/spec/fixtures/ssl/revoked-key.pem +106 -106
- data/spec/fixtures/ssl/revoked.pem +49 -49
- data/spec/fixtures/ssl/signed-key.pem +106 -106
- data/spec/fixtures/ssl/signed.pem +47 -47
- data/spec/fixtures/ssl/tampered-cert.pem +49 -49
- data/spec/fixtures/ssl/tampered-csr.pem +45 -45
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +106 -106
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -48
- data/spec/fixtures/ssl/unknown-ca-key.pem +106 -106
- data/spec/fixtures/ssl/unknown-ca.pem +52 -52
- data/spec/integration/application/agent_spec.rb +118 -52
- data/spec/integration/application/filebucket_spec.rb +16 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/resource_spec.rb +64 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/configurer_spec.rb +18 -2
- data/spec/integration/defaults_spec.rb +5 -0
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/indirector/facts/facter_spec.rb +93 -39
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/integration/type/file_spec.rb +2 -2
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +1 -9
- data/spec/lib/puppet/test_ca.rb +5 -0
- data/spec/lib/puppet_spec/modules.rb +13 -2
- data/spec/lib/puppet_spec/puppetserver.rb +15 -0
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_contexts/l10n.rb +27 -0
- data/spec/spec_helper.rb +1 -10
- data/spec/unit/application/apply_spec.rb +76 -56
- data/spec/unit/application/resource_spec.rb +29 -0
- data/spec/unit/configurer_spec.rb +277 -56
- data/spec/unit/environments_spec.rb +184 -0
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
- data/spec/unit/file_serving/configuration_spec.rb +12 -4
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_system_spec.rb +13 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/logging_spec.rb +1 -0
- data/spec/unit/functions/lookup_spec.rb +87 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +19 -10
- data/spec/unit/http/service/compiler_spec.rb +8 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +87 -0
- data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
- data/spec/unit/indirector/indirection_spec.rb +10 -3
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/interface/action_spec.rb +0 -9
- data/spec/unit/module_spec.rb +14 -0
- data/spec/unit/module_tool/applications/installer_spec.rb +52 -14
- data/spec/unit/parser/compiler_spec.rb +29 -0
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/pops/loaders/dependency_loader_spec.rb +0 -9
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
- data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
- data/spec/unit/provider/package/gem_spec.rb +1 -1
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +38 -1
- data/spec/unit/provider/package/pkg_spec.rb +19 -5
- data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
- data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/provider/service/freebsd_spec.rb +1 -1
- data/spec/unit/provider/service/launchd_spec.rb +11 -0
- data/spec/unit/provider/service/systemd_spec.rb +13 -1
- data/spec/unit/provider/user/aix_spec.rb +100 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +68 -36
- data/spec/unit/provider/user/useradd_spec.rb +3 -2
- data/spec/unit/provider_spec.rb +4 -4
- data/spec/unit/puppet_spec.rb +12 -4
- data/spec/unit/resource/type_collection_spec.rb +16 -0
- data/spec/unit/resource/type_spec.rb +2 -2
- data/spec/unit/settings/config_file_spec.rb +1 -11
- data/spec/unit/settings/file_setting_spec.rb +10 -7
- data/spec/unit/settings/value_translator_spec.rb +4 -5
- data/spec/unit/settings_spec.rb +120 -79
- data/spec/unit/ssl/ssl_provider_spec.rb +18 -16
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/service_spec.rb +49 -34
- data/spec/unit/type/tidy_spec.rb +7 -0
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/ldap/connection_spec.rb +10 -10
- data/spec/unit/util/ldap/manager_spec.rb +2 -2
- data/spec/unit/util/logging_spec.rb +2 -0
- data/spec/unit/util/windows/sid_spec.rb +39 -4
- data/spec/unit/util_spec.rb +1 -3
- data/spec/unit/x509/cert_provider_spec.rb +9 -1
- data/tasks/generate_cert_fixtures.rake +10 -1
- data/tasks/parallel.rake +3 -3
- metadata +53 -95
- data/ext/README.environment +0 -8
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -339
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -28
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -841
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -71
- data/ext/solaris/smf/svc-puppetmasterd +0 -67
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/yaml_nodes.rb +0 -105
- data/spec/unit/indirector/store_configs_spec.rb +0 -7
data/lib/puppet/configurer.rb
CHANGED
@@ -91,7 +91,7 @@ class Puppet::Configurer
|
|
91
91
|
|
92
92
|
if result
|
93
93
|
# don't use use cached catalog if it doesn't match server specified environment
|
94
|
-
if
|
94
|
+
if result.environment != @environment
|
95
95
|
Puppet.err _("Not using cached catalog because its environment '%{catalog_env}' does not match '%{local_env}'") % { catalog_env: result.environment, local_env: @environment }
|
96
96
|
return nil
|
97
97
|
end
|
@@ -118,14 +118,105 @@ class Puppet::Configurer
|
|
118
118
|
catalog = result.to_ral
|
119
119
|
catalog.finalize
|
120
120
|
catalog.retrieval_duration = duration
|
121
|
-
|
122
|
-
|
121
|
+
|
122
|
+
if Puppet[:write_catalog_summary]
|
123
|
+
catalog.write_class_file
|
124
|
+
catalog.write_resource_file
|
125
|
+
end
|
123
126
|
end
|
124
127
|
options[:report].add_times(:convert_catalog, catalog_conversion_time) if options[:report]
|
125
128
|
|
126
129
|
catalog
|
127
130
|
end
|
128
131
|
|
132
|
+
def warn_number_of_facts(size, max_number)
|
133
|
+
Puppet.warning _("The current total number of facts: %{size} exceeds the number of facts limit: %{max_size}") % { size: size, max_size: max_number }
|
134
|
+
end
|
135
|
+
|
136
|
+
def warn_fact_name_length(name, max_length)
|
137
|
+
Puppet.warning _("Fact %{name} with length: '%{length}' exceeds the length limit: %{limit}") % { name: name, length: name.to_s.bytesize, limit: max_length }
|
138
|
+
end
|
139
|
+
|
140
|
+
def warn_number_of_top_level_facts(size, max_number)
|
141
|
+
Puppet.warning _("The current number of top level facts: %{size} exceeds the top facts limit: %{max_size}") % { size: size, max_size: max_number }
|
142
|
+
end
|
143
|
+
|
144
|
+
def warn_fact_value_length(value, max_length)
|
145
|
+
Puppet.warning _("Fact value '%{value}' with the value length: '%{length}' exceeds the value length limit: %{max_length}") % { value: value, length:value.to_s.bytesize, max_length: max_length }
|
146
|
+
end
|
147
|
+
|
148
|
+
def warn_fact_payload_size(payload, max_size)
|
149
|
+
Puppet.warning _("Payload with the current size of: '%{payload}' exceeds the payload size limit: %{max_size}") % { payload: payload, max_size: max_size }
|
150
|
+
end
|
151
|
+
|
152
|
+
def check_fact_name_length(name, number_of_dots)
|
153
|
+
max_length = Puppet[:fact_name_length_soft_limit]
|
154
|
+
return if max_length.zero?
|
155
|
+
|
156
|
+
# rough byte size estimations of fact path as a postgresql btree index
|
157
|
+
size_as_btree_index = 8 + (number_of_dots * 2) + name.to_s.bytesize
|
158
|
+
warn_fact_name_length(name, max_length) if size_as_btree_index > max_length
|
159
|
+
end
|
160
|
+
|
161
|
+
def check_fact_values_length(values)
|
162
|
+
max_length = Puppet[:fact_value_length_soft_limit]
|
163
|
+
return if max_length.zero?
|
164
|
+
|
165
|
+
warn_fact_value_length(values, max_length) if values.to_s.bytesize > max_length
|
166
|
+
end
|
167
|
+
|
168
|
+
def check_top_level_number_limit(size)
|
169
|
+
max_size = Puppet[:top_level_facts_soft_limit]
|
170
|
+
return if max_size.zero?
|
171
|
+
|
172
|
+
warn_number_of_top_level_facts(size, max_size) if size > max_size
|
173
|
+
end
|
174
|
+
|
175
|
+
def check_total_number_limit(size)
|
176
|
+
max_size = Puppet[:number_of_facts_soft_limit]
|
177
|
+
return if max_size.zero?
|
178
|
+
|
179
|
+
warn_number_of_facts(size, max_size) if size > max_size
|
180
|
+
end
|
181
|
+
|
182
|
+
def check_payload_size(payload)
|
183
|
+
max_size = Puppet[:payload_soft_limit]
|
184
|
+
return if max_size.zero?
|
185
|
+
|
186
|
+
warn_fact_payload_size(payload, max_size) if payload > max_size
|
187
|
+
Puppet.debug _("The size of the payload is %{payload}") % {payload: payload}
|
188
|
+
end
|
189
|
+
|
190
|
+
def parse_fact_name_and_value_limits(object, path = [])
|
191
|
+
case object
|
192
|
+
when Hash
|
193
|
+
object.each do |key, value|
|
194
|
+
path.push(key)
|
195
|
+
parse_fact_name_and_value_limits(value, path)
|
196
|
+
path.pop
|
197
|
+
@number_of_facts += 1
|
198
|
+
end
|
199
|
+
when Array
|
200
|
+
object.each_with_index do |e, idx|
|
201
|
+
path.push(idx)
|
202
|
+
parse_fact_name_and_value_limits(e, path)
|
203
|
+
path.pop
|
204
|
+
end
|
205
|
+
else
|
206
|
+
check_fact_name_length(path.join(), path.size)
|
207
|
+
check_fact_values_length(object)
|
208
|
+
end
|
209
|
+
end
|
210
|
+
|
211
|
+
def check_facts_limits(facts)
|
212
|
+
@number_of_facts = 0
|
213
|
+
check_top_level_number_limit(facts.size)
|
214
|
+
|
215
|
+
parse_fact_name_and_value_limits(facts)
|
216
|
+
check_total_number_limit(@number_of_facts)
|
217
|
+
Puppet.debug _("The total number of facts registered is %{number_of_facts}") % {number_of_facts: @number_of_facts}
|
218
|
+
end
|
219
|
+
|
129
220
|
def get_facts(options)
|
130
221
|
if options[:pluginsync]
|
131
222
|
plugin_sync_time = thinmark do
|
@@ -148,7 +239,9 @@ class Puppet::Configurer
|
|
148
239
|
# facts_for_uploading may set Puppet[:node_name_value] as a side effect
|
149
240
|
facter_time = thinmark do
|
150
241
|
facts = find_facts
|
242
|
+
check_facts_limits(facts.to_data_hash['values'])
|
151
243
|
facts_hash = encode_facts(facts) # encode for uploading # was: facts_for_uploading
|
244
|
+
check_payload_size(facts_hash[:facts].bytesize)
|
152
245
|
end
|
153
246
|
options[:report].add_times(:fact_generation, facter_time) if options[:report]
|
154
247
|
end
|
@@ -255,6 +348,7 @@ class Puppet::Configurer
|
|
255
348
|
|
256
349
|
def run_internal(options)
|
257
350
|
report = options[:report]
|
351
|
+
report.initial_environment = Puppet[:environment]
|
258
352
|
|
259
353
|
if options[:start_time]
|
260
354
|
startup_time = Time.now - options[:start_time]
|
@@ -294,53 +388,18 @@ class Puppet::Configurer
|
|
294
388
|
configured_environment = Puppet[:environment] if Puppet.settings.set_by_config?(:environment)
|
295
389
|
|
296
390
|
# We only need to find out the environment to run in if we don't already have a catalog
|
297
|
-
unless (cached_catalog || options[:catalog] || Puppet[:strict_environment_mode])
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
:ignore_cache => true,
|
305
|
-
:transaction_uuid => @transaction_uuid,
|
306
|
-
:fail_on_404 => true)
|
307
|
-
end
|
308
|
-
options[:report].add_times(:node_retrieval, node_retr_time)
|
309
|
-
|
310
|
-
if node
|
311
|
-
# If we have deserialized a node from a rest call, we want to set
|
312
|
-
# an environment instance as a simple 'remote' environment reference.
|
313
|
-
if !node.has_environment_instance? && node.environment_name
|
314
|
-
node.environment = Puppet::Node::Environment.remote(node.environment_name)
|
315
|
-
end
|
316
|
-
|
317
|
-
@node_environment = node.environment.to_s
|
318
|
-
|
319
|
-
if node.environment.to_s != @environment
|
320
|
-
Puppet.notice _("Local environment: '%{local_env}' doesn't match server specified node environment '%{node_env}', switching agent to '%{node_env}'.") % { local_env: @environment, node_env: node.environment }
|
321
|
-
@environment = node.environment.to_s
|
322
|
-
report.environment = @environment
|
323
|
-
query_options = nil
|
324
|
-
facts = nil
|
325
|
-
|
326
|
-
new_env = Puppet::Node::Environment.remote(@environment)
|
327
|
-
Puppet.push_context(
|
328
|
-
{
|
329
|
-
current_environment: new_env,
|
330
|
-
loaders: Puppet::Pops::Loaders.new(new_env, true)
|
331
|
-
},
|
332
|
-
"Local node environment #{@environment} for configurer transaction"
|
333
|
-
)
|
334
|
-
else
|
335
|
-
Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
|
336
|
-
end
|
337
|
-
end
|
338
|
-
rescue StandardError => detail
|
339
|
-
Puppet.warning(_("Unable to fetch my node definition, but the agent run will continue:"))
|
340
|
-
Puppet.warning(detail)
|
391
|
+
unless (cached_catalog || options[:catalog] || Puppet.settings.set_by_cli?(:environment) || Puppet[:strict_environment_mode])
|
392
|
+
Puppet.debug(_("Environment not passed via CLI and no catalog was given, attempting to find out the last server-specified environment"))
|
393
|
+
if last_server_specified_environment
|
394
|
+
@environment = last_server_specified_environment
|
395
|
+
report.environment = last_server_specified_environment
|
396
|
+
else
|
397
|
+
Puppet.debug(_("Could not find a usable environment in the lastrunfile. Either the file does not exist, does not have the required keys, or the values of 'initial_environment' and 'converged_environment' are identical."))
|
341
398
|
end
|
342
399
|
end
|
343
400
|
|
401
|
+
Puppet.info _("Using environment '%{env}'") % { env: @environment }
|
402
|
+
|
344
403
|
# This is to maintain compatibility with anyone using this class
|
345
404
|
# aside from agent, apply, device.
|
346
405
|
unless Puppet.lookup(:loaders) { nil }
|
@@ -354,9 +413,15 @@ class Puppet::Configurer
|
|
354
413
|
)
|
355
414
|
end
|
356
415
|
|
416
|
+
temp_value = options[:pluginsync]
|
417
|
+
|
418
|
+
# only validate server environment if pluginsync is requested
|
419
|
+
options[:pluginsync] = valid_server_environment? if options[:pluginsync] == true
|
420
|
+
|
357
421
|
query_options, facts = get_facts(options) unless query_options
|
422
|
+
options[:pluginsync] = temp_value
|
423
|
+
|
358
424
|
query_options[:configured_environment] = configured_environment
|
359
|
-
options[:convert_for_node] = node
|
360
425
|
|
361
426
|
catalog = prepare_and_retrieve_catalog(cached_catalog, facts, options, query_options)
|
362
427
|
unless catalog
|
@@ -381,6 +446,15 @@ class Puppet::Configurer
|
|
381
446
|
@environment = catalog.environment
|
382
447
|
report.environment = @environment
|
383
448
|
|
449
|
+
new_env = Puppet::Node::Environment.remote(@environment)
|
450
|
+
Puppet.push_context(
|
451
|
+
{
|
452
|
+
:current_environment => new_env,
|
453
|
+
:loaders => Puppet::Pops::Loaders.new(new_env, true)
|
454
|
+
},
|
455
|
+
"Local node environment #{@environment} for configurer transaction"
|
456
|
+
)
|
457
|
+
|
384
458
|
query_options, facts = get_facts(options)
|
385
459
|
query_options[:configured_environment] = configured_environment
|
386
460
|
|
@@ -454,6 +528,25 @@ class Puppet::Configurer
|
|
454
528
|
end
|
455
529
|
private :run_internal
|
456
530
|
|
531
|
+
def valid_server_environment?
|
532
|
+
session = Puppet.lookup(:http_session)
|
533
|
+
begin
|
534
|
+
fs = session.route_to(:fileserver)
|
535
|
+
fs.get_file_metadatas(path: URI(Puppet[:pluginsource]).path, recurse: :false, environment: @environment)
|
536
|
+
true
|
537
|
+
rescue Puppet::HTTP::ResponseError => detail
|
538
|
+
if detail.response.code == 404
|
539
|
+
Puppet.notice(_("Environment '%{environment}' not found on server, skipping initial pluginsync.") % { environment: @environment })
|
540
|
+
else
|
541
|
+
Puppet.log_exception(detail, detail.message)
|
542
|
+
end
|
543
|
+
false
|
544
|
+
rescue => detail
|
545
|
+
Puppet.log_exception(detail, detail.message)
|
546
|
+
false
|
547
|
+
end
|
548
|
+
end
|
549
|
+
|
457
550
|
def find_functional_server
|
458
551
|
begin
|
459
552
|
session = Puppet.lookup(:http_session)
|
@@ -470,10 +563,35 @@ class Puppet::Configurer
|
|
470
563
|
end
|
471
564
|
private :find_functional_server
|
472
565
|
|
566
|
+
def last_server_specified_environment
|
567
|
+
return @last_server_specified_environment if @last_server_specified_environment
|
568
|
+
if Puppet::FileSystem.exist?(Puppet[:lastrunfile])
|
569
|
+
summary = Puppet::Util::Yaml.safe_load_file(Puppet[:lastrunfile])
|
570
|
+
return unless summary.dig('application', 'run_mode') == 'agent'
|
571
|
+
initial_environment = summary.dig('application', 'initial_environment')
|
572
|
+
converged_environment = summary.dig('application', 'converged_environment')
|
573
|
+
@last_server_specified_environment = converged_environment if initial_environment != converged_environment
|
574
|
+
end
|
575
|
+
|
576
|
+
Puppet.debug(_("Found last server-specified environment: %{environment}") % { environment: @last_server_specified_environment }) if @last_server_specified_environment
|
577
|
+
@last_server_specified_environment
|
578
|
+
rescue => detail
|
579
|
+
Puppet.debug(_("Could not find last server-specified environment: %{detail}") % { detail: detail })
|
580
|
+
nil
|
581
|
+
end
|
582
|
+
private :last_server_specified_environment
|
583
|
+
|
473
584
|
def send_report(report)
|
474
585
|
puts report.summary if Puppet[:summarize]
|
475
586
|
save_last_run_summary(report)
|
476
|
-
|
587
|
+
if Puppet[:report]
|
588
|
+
remote = Puppet::Node::Environment.remote(@environment)
|
589
|
+
begin
|
590
|
+
Puppet::Transaction::Report.indirection.save(report, nil, ignore_cache: true, environment: remote)
|
591
|
+
ensure
|
592
|
+
Puppet::Transaction::Report.indirection.save(report, nil, ignore_terminus: true, environment: remote)
|
593
|
+
end
|
594
|
+
end
|
477
595
|
rescue => detail
|
478
596
|
Puppet.log_exception(detail, _("Could not send report: %{detail}") % { detail: detail })
|
479
597
|
end
|
@@ -496,7 +614,7 @@ class Puppet::Configurer
|
|
496
614
|
# @return [false] If an exception is raised during fact generation or
|
497
615
|
# submission.
|
498
616
|
def resubmit_facts
|
499
|
-
|
617
|
+
Puppet.runtime[:facter].clear
|
500
618
|
facts = find_facts
|
501
619
|
|
502
620
|
client = Puppet.runtime[:http]
|
@@ -558,6 +676,7 @@ class Puppet::Configurer
|
|
558
676
|
# don't update cache until after environment converges
|
559
677
|
:ignore_cache_save => true,
|
560
678
|
:environment => Puppet::Node::Environment.remote(@environment),
|
679
|
+
:check_environment => true,
|
561
680
|
:fail_on_404 => true,
|
562
681
|
:facts_for_catalog => facts
|
563
682
|
)
|
@@ -18,7 +18,7 @@ class Puppet::Confine::Variable < Puppet::Confine
|
|
18
18
|
|
19
19
|
# Retrieve the value from facter
|
20
20
|
def facter_value
|
21
|
-
@facter_value ||=
|
21
|
+
@facter_value ||= Puppet.runtime[:facter].value(name).to_s.downcase
|
22
22
|
end
|
23
23
|
|
24
24
|
def initialize(values)
|
data/lib/puppet/defaults.rb
CHANGED
@@ -3,7 +3,7 @@ require_relative '../puppet/util/platform'
|
|
3
3
|
module Puppet
|
4
4
|
|
5
5
|
def self.default_diffargs
|
6
|
-
if (
|
6
|
+
if (Puppet.runtime[:facter].value(:kernel) == "AIX" && Puppet.runtime[:facter].value(:kernelmajversion) == "5300")
|
7
7
|
""
|
8
8
|
else
|
9
9
|
"-u"
|
@@ -199,7 +199,7 @@ module Puppet
|
|
199
199
|
|
200
200
|
The strictness level is for both language semantics and runtime
|
201
201
|
evaluation validation. In addition to controlling the behavior with
|
202
|
-
this
|
202
|
+
this primary server switch some individual warnings may also be controlled
|
203
203
|
by the disable_warnings setting.
|
204
204
|
|
205
205
|
No new validations will be added to a micro (x.y.z) release,
|
@@ -243,7 +243,7 @@ module Puppet
|
|
243
243
|
internal Ruby stack trace interleaved with Puppet function frames.",
|
244
244
|
:hook => proc do |value|
|
245
245
|
# Enable or disable Facter's trace option too
|
246
|
-
|
246
|
+
Puppet.runtime[:facter].trace(value)
|
247
247
|
end
|
248
248
|
},
|
249
249
|
:puppet_trace => {
|
@@ -268,7 +268,7 @@ module Puppet
|
|
268
268
|
:default => true,
|
269
269
|
:type => :boolean,
|
270
270
|
:desc => "Whether to compile a [static catalog](https://puppet.com/docs/puppet/latest/static_catalogs.html#enabling-or-disabling-static-catalogs),
|
271
|
-
which occurs only on
|
271
|
+
which occurs only on Puppet Server when the `code-id-command` and
|
272
272
|
`code-content-command` settings are configured in its `puppetserver.conf` file.",
|
273
273
|
},
|
274
274
|
:settings_catalog => {
|
@@ -391,13 +391,13 @@ module Puppet
|
|
391
391
|
:default => "production",
|
392
392
|
:desc => "The environment in which Puppet is running. For clients,
|
393
393
|
such as `puppet agent`, this determines the environment itself, which
|
394
|
-
Puppet uses to find modules and much more. For servers, such as `puppet
|
394
|
+
Puppet uses to find modules and much more. For servers, such as `puppet server`,
|
395
395
|
this provides the default environment for nodes that Puppet knows nothing about.
|
396
396
|
|
397
397
|
When defining an environment in the `[agent]` section, this refers to the
|
398
|
-
environment that the agent requests from the
|
398
|
+
environment that the agent requests from the primary server. The environment doesn't
|
399
399
|
have to exist on the local filesystem because the agent fetches it from the
|
400
|
-
|
400
|
+
primary server. This definition is used when running `puppet agent`.
|
401
401
|
|
402
402
|
When defined in the `[user]` section, the environment refers to the path that
|
403
403
|
Puppet uses to search for code and modules related to its execution. This
|
@@ -478,6 +478,7 @@ module Puppet
|
|
478
478
|
},
|
479
479
|
:maximum_uid => {
|
480
480
|
:default => 4294967290,
|
481
|
+
:type => :integer,
|
481
482
|
:desc => "The maximum allowed UID. Some platforms use negative UIDs
|
482
483
|
but then ship with tools that do not know how to handle signed ints,
|
483
484
|
so the UIDs show up as huge numbers that can then not be fed back into
|
@@ -615,6 +616,7 @@ module Puppet
|
|
615
616
|
},
|
616
617
|
:http_proxy_port => {
|
617
618
|
:default => 3128,
|
619
|
+
:type => :port,
|
618
620
|
:desc => "The HTTP proxy port to use for outgoing connections",
|
619
621
|
},
|
620
622
|
:http_proxy_user => {
|
@@ -789,7 +791,7 @@ Valid values are 0 (never cache) and 15 (15 second minimum wait time).
|
|
789
791
|
:certname => {
|
790
792
|
:default => lambda { Puppet::Settings.default_certname.downcase },
|
791
793
|
:desc => "The name to use when handling certificates. When a node
|
792
|
-
requests a certificate from the CA
|
794
|
+
requests a certificate from the CA Puppet Server, it uses the value of the
|
793
795
|
`certname` setting as its requested Subject CN.
|
794
796
|
|
795
797
|
This is the name used when managing a node's permissions in
|
@@ -852,7 +854,7 @@ EOT
|
|
852
854
|
:desc => <<EOT
|
853
855
|
An optional file containing custom attributes to add to certificate signing
|
854
856
|
requests (CSRs). You should ensure that this file does not exist on your CA
|
855
|
-
|
857
|
+
Puppet Server; if it does, unwanted certificate extensions may leak into
|
856
858
|
certificates created with the `puppetserver ca generate` command.
|
857
859
|
|
858
860
|
If present, this file must be a YAML hash containing a `custom_attributes` key
|
@@ -1141,7 +1143,7 @@ EOT
|
|
1141
1143
|
:default => "$confdir/autosign.conf",
|
1142
1144
|
:type => :autosign,
|
1143
1145
|
:desc => "Whether (and how) to autosign certificate requests. This setting
|
1144
|
-
is only relevant on a
|
1146
|
+
is only relevant on a Puppet Server acting as a certificate authority (CA).
|
1145
1147
|
|
1146
1148
|
Valid values are true (autosigns all certificate requests; not recommended),
|
1147
1149
|
false (disables autosigning certificates), or the absolute path to a file.
|
@@ -1152,7 +1154,7 @@ EOT
|
|
1152
1154
|
file, it will be treated as a policy executable; otherwise, it will be
|
1153
1155
|
treated as a config file.
|
1154
1156
|
|
1155
|
-
If a custom policy executable is configured, the CA
|
1157
|
+
If a custom policy executable is configured, the CA Puppet Server will run it
|
1156
1158
|
every time it receives a CSR. The executable will be passed the subject CN of the
|
1157
1159
|
request _as a command line argument,_ and the contents of the CSR in PEM format
|
1158
1160
|
_on stdin._ It should exit with a status of 0 if the cert should be autosigned
|
@@ -1197,6 +1199,7 @@ EOT
|
|
1197
1199
|
},
|
1198
1200
|
:keylength => {
|
1199
1201
|
:default => 4096,
|
1202
|
+
:type => :integer,
|
1200
1203
|
:desc => "The bit length of keys.",
|
1201
1204
|
},
|
1202
1205
|
:cert_inventory => {
|
@@ -1238,7 +1241,7 @@ EOT
|
|
1238
1241
|
:manifest => {
|
1239
1242
|
:default => nil,
|
1240
1243
|
:type => :file_or_directory,
|
1241
|
-
:desc => "The entry-point manifest for
|
1244
|
+
:desc => "The entry-point manifest for the primary server. This can be one file
|
1242
1245
|
or a directory of manifests to be evaluated in alphabetical order. Puppet manages
|
1243
1246
|
this path as a directory if one exists or if the path ends with a / or \\.
|
1244
1247
|
|
@@ -1418,15 +1421,17 @@ EOT
|
|
1418
1421
|
their names should be comma-separated, with whitespace allowed. (For example,
|
1419
1422
|
`reports = http, store`.)
|
1420
1423
|
|
1421
|
-
This setting is relevant to puppet
|
1422
|
-
|
1424
|
+
This setting is relevant to puppet server and puppet apply. The primary Puppet
|
1425
|
+
server will call these report handlers with the reports it receives from
|
1423
1426
|
agent nodes, and puppet apply will call them with its own report. (In
|
1424
1427
|
all cases, the node applying the catalog must have `report = true`.)
|
1425
1428
|
|
1426
1429
|
See the report reference for information on the built-in report
|
1427
1430
|
handlers; custom report handlers can also be loaded from modules.
|
1428
1431
|
(Report handlers are loaded from the lib directory, at
|
1429
|
-
`puppet/reports/NAME.rb`.)
|
1432
|
+
`puppet/reports/NAME.rb`.)
|
1433
|
+
|
1434
|
+
To turn off reports entirely, set this to `none`",
|
1430
1435
|
},
|
1431
1436
|
:reportdir => {
|
1432
1437
|
:default => "$vardir/reports",
|
@@ -1469,14 +1474,14 @@ EOT
|
|
1469
1474
|
:node_name_value => {
|
1470
1475
|
:default => "$certname",
|
1471
1476
|
:desc => "The explicit value used for the node name for all requests the agent
|
1472
|
-
makes to the
|
1477
|
+
makes to the primary server. WARNING: This setting is mutually exclusive with
|
1473
1478
|
node_name_fact. Changing this setting also requires changes to
|
1474
1479
|
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html)."
|
1475
1480
|
},
|
1476
1481
|
:node_name_fact => {
|
1477
1482
|
:default => "",
|
1478
1483
|
:desc => "The fact name used to determine the node name used for all requests the agent
|
1479
|
-
makes to the
|
1484
|
+
makes to the primary server. WARNING: This setting is mutually exclusive with
|
1480
1485
|
node_name_value. Changing this setting also requires changes to
|
1481
1486
|
Puppet Server's default [auth.conf](https://puppet.com/docs/puppetserver/latest/config_file_auth.html).",
|
1482
1487
|
:hook => proc do |value|
|
@@ -1489,8 +1494,8 @@ EOT
|
|
1489
1494
|
:default => "$statedir/state.yaml",
|
1490
1495
|
:type => :file,
|
1491
1496
|
:mode => "0640",
|
1492
|
-
:desc => "Where
|
1493
|
-
with the running configuration. In the case of
|
1497
|
+
:desc => "Where Puppet agent and Puppet Server store state associated
|
1498
|
+
with the running configuration. In the case of Puppet Server,
|
1494
1499
|
this file reflects the state discovered through interacting
|
1495
1500
|
with clients."
|
1496
1501
|
},
|
@@ -1527,6 +1532,12 @@ EOT
|
|
1527
1532
|
:mode => "0750",
|
1528
1533
|
:desc => "The directory in which serialized data is stored on the client."
|
1529
1534
|
},
|
1535
|
+
:write_catalog_summary => {
|
1536
|
+
:default => true,
|
1537
|
+
:type => :boolean,
|
1538
|
+
:desc => "Whether to write the `classfile` and `resourcefile` after applying
|
1539
|
+
the catalog. It is enabled by default, except when running `puppet apply`.",
|
1540
|
+
},
|
1530
1541
|
:classfile => {
|
1531
1542
|
:default => "$statedir/classes.txt",
|
1532
1543
|
:type => :file,
|
@@ -1553,11 +1564,11 @@ EOT
|
|
1553
1564
|
the POSIX syslog service and the Windows Event Log are unavailable. (Currently,
|
1554
1565
|
no supported operating systems match that description.)
|
1555
1566
|
|
1556
|
-
Despite the name, both puppet agent and puppet
|
1567
|
+
Despite the name, both puppet agent and puppet server will use this file
|
1557
1568
|
as the fallback logging destination.
|
1558
1569
|
|
1559
1570
|
For control over logging destinations, see the `--logdest` command line
|
1560
|
-
option in the manual pages for puppet
|
1571
|
+
option in the manual pages for puppet server, puppet agent, and puppet
|
1561
1572
|
apply. You can see man pages by running `puppet <SUBCOMMAND> --help`,
|
1562
1573
|
or read them online at https://puppet.com/docs/puppet/latest/man/."
|
1563
1574
|
},
|
@@ -1571,12 +1582,12 @@ EOT
|
|
1571
1582
|
},
|
1572
1583
|
:server => {
|
1573
1584
|
:default => "puppet",
|
1574
|
-
:desc => "The
|
1585
|
+
:desc => "The primary Puppet server to which the Puppet agent should connect.",
|
1575
1586
|
},
|
1576
1587
|
:server_list => {
|
1577
1588
|
:default => [],
|
1578
1589
|
:type => :server_list,
|
1579
|
-
:desc => "The list of Puppet
|
1590
|
+
:desc => "The list of primary Puppet servers to which the Puppet agent should connect,
|
1580
1591
|
in the order that they will be tried. Each value should be a fully qualified domain name, followed by an optional ':' and port number. If a port is omitted, Puppet uses masterport for that host.",
|
1581
1592
|
},
|
1582
1593
|
:use_srv_records => {
|
@@ -1591,7 +1602,7 @@ EOT
|
|
1591
1602
|
:http_extra_headers => {
|
1592
1603
|
:default => [],
|
1593
1604
|
:type => :http_extra_headers,
|
1594
|
-
:desc => "The list of extra headers that will be sent with http requests to the
|
1605
|
+
:desc => "The list of extra headers that will be sent with http requests to the primary server.
|
1595
1606
|
The header definition consists of a name and a value separated by a colon."
|
1596
1607
|
},
|
1597
1608
|
:ignoreschedules => {
|
@@ -1617,7 +1628,7 @@ EOT
|
|
1617
1628
|
like it does when running normally. However, if a resource attribute is not in
|
1618
1629
|
the desired state (as declared in the catalog), Puppet will take no
|
1619
1630
|
action, and will instead report the changes it _would_ have made. These
|
1620
|
-
simulated changes will appear in the report sent to the
|
1631
|
+
simulated changes will appear in the report sent to the primary Puppet server, or
|
1621
1632
|
be shown on the console if running puppet agent or puppet apply in the
|
1622
1633
|
foreground. The simulated changes will not send refresh events to any
|
1623
1634
|
subscribing or notified resources, although Puppet will log that a refresh
|
@@ -1684,13 +1695,38 @@ EOT
|
|
1684
1695
|
new configurations, where you want to fix the broken configuration
|
1685
1696
|
rather than reverting to a known-good one.",
|
1686
1697
|
},
|
1698
|
+
:fact_name_length_soft_limit => {
|
1699
|
+
:default => 2560,
|
1700
|
+
:type => :integer,
|
1701
|
+
:desc => "The soft limit for the length of a fact name.",
|
1702
|
+
},
|
1703
|
+
:fact_value_length_soft_limit => {
|
1704
|
+
:default => 4096,
|
1705
|
+
:type => :integer,
|
1706
|
+
:desc => "The soft limit for the length of a fact value.",
|
1707
|
+
},
|
1708
|
+
:top_level_facts_soft_limit => {
|
1709
|
+
:default => 512,
|
1710
|
+
:type => :integer,
|
1711
|
+
:desc => "The soft limit for the number of top level facts.",
|
1712
|
+
},
|
1713
|
+
:number_of_facts_soft_limit => {
|
1714
|
+
:default => 2048,
|
1715
|
+
:type => :integer,
|
1716
|
+
:desc => "The soft limit for the total number of facts.",
|
1717
|
+
},
|
1718
|
+
:payload_soft_limit => {
|
1719
|
+
:default => 16 * 1024 * 1024,
|
1720
|
+
:type => :integer,
|
1721
|
+
:desc => "The soft limit for the size of the payload.",
|
1722
|
+
},
|
1687
1723
|
:use_cached_catalog => {
|
1688
1724
|
:default => false,
|
1689
1725
|
:type => :boolean,
|
1690
1726
|
:desc => "Whether to only use the cached catalog rather than compiling a new catalog
|
1691
1727
|
on every run. Puppet can be run with this enabled by default and then selectively
|
1692
1728
|
disabled when a recompile is desired. Because a Puppet agent using cached catalogs
|
1693
|
-
does not contact the
|
1729
|
+
does not contact the primary server for a new catalog, it also does not upload facts at
|
1694
1730
|
the beginning of the Puppet run.",
|
1695
1731
|
},
|
1696
1732
|
:ignoremissingtypes => {
|
@@ -1698,7 +1734,7 @@ EOT
|
|
1698
1734
|
:type => :boolean,
|
1699
1735
|
:desc => "Skip searching for classes and definitions that were missing during a
|
1700
1736
|
prior compilation. The list of missing objects is maintained per-environment and
|
1701
|
-
persists until the environment is cleared or the
|
1737
|
+
persists until the environment is cleared or the primary server is restarted.",
|
1702
1738
|
},
|
1703
1739
|
:splaylimit => {
|
1704
1740
|
:default => "$runinterval",
|
@@ -1728,7 +1764,7 @@ EOT
|
|
1728
1764
|
If you restart an agent's puppet service with `splay` enabled, it
|
1729
1765
|
recalculates its splay period and delays its first agent run after
|
1730
1766
|
restarting for this new period. If you simultaneously restart a group of
|
1731
|
-
puppet agents with `splay` enabled, their checkins to your
|
1767
|
+
puppet agents with `splay` enabled, their checkins to your primary servers
|
1732
1768
|
can be distributed more evenly.",
|
1733
1769
|
},
|
1734
1770
|
:clientbucketdir => {
|
@@ -1827,7 +1863,7 @@ EOT
|
|
1827
1863
|
|
1828
1864
|
When starting for the first time, puppet agent will submit a certificate
|
1829
1865
|
signing request (CSR) to the server named in the `ca_server` setting
|
1830
|
-
(usually the
|
1866
|
+
(usually the primary Puppet server); this may be autosigned, or may need to be
|
1831
1867
|
approved by a human, depending on the CA server's configuration.
|
1832
1868
|
|
1833
1869
|
Puppet agent cannot apply configurations until its approved certificate is
|
@@ -1941,7 +1977,7 @@ EOT
|
|
1941
1977
|
:call_hook => :on_initialize_and_write, # Call our hook with the default value, so we always get the value added to facter.
|
1942
1978
|
:hook => proc do |value|
|
1943
1979
|
paths = value.split(File::PATH_SEPARATOR)
|
1944
|
-
|
1980
|
+
Puppet.runtime[:facter].search(*paths)
|
1945
1981
|
end
|
1946
1982
|
}
|
1947
1983
|
)
|
@@ -2021,6 +2057,7 @@ EOT
|
|
2021
2057
|
},
|
2022
2058
|
:ldapport => {
|
2023
2059
|
:default => 389,
|
2060
|
+
:type => :port,
|
2024
2061
|
:desc => "The LDAP port.",
|
2025
2062
|
},
|
2026
2063
|
|
@@ -2104,6 +2141,7 @@ EOT
|
|
2104
2141
|
settings.define_settings(:parser,
|
2105
2142
|
:max_errors => {
|
2106
2143
|
:default => 10,
|
2144
|
+
:type => :integer,
|
2107
2145
|
:desc => <<-'EOT'
|
2108
2146
|
Sets the max number of logged/displayed parser validation errors in case
|
2109
2147
|
multiple errors have been detected. A value of 0 is the same as a value of 1; a
|
@@ -2112,6 +2150,7 @@ EOT
|
|
2112
2150
|
},
|
2113
2151
|
:max_warnings => {
|
2114
2152
|
:default => 10,
|
2153
|
+
:type => :integer,
|
2115
2154
|
:desc => <<-'EOT'
|
2116
2155
|
Sets the max number of logged/displayed parser validation warnings in
|
2117
2156
|
case multiple warnings have been detected. A value of 0 blocks logging of
|
@@ -2120,6 +2159,7 @@ EOT
|
|
2120
2159
|
},
|
2121
2160
|
:max_deprecations => {
|
2122
2161
|
:default => 10,
|
2162
|
+
:type => :integer,
|
2123
2163
|
:desc => <<-'EOT'
|
2124
2164
|
Sets the max number of logged/displayed parser validation deprecation
|
2125
2165
|
warnings in case multiple deprecation warnings have been detected. A value of 0
|