puppet 8.1.0-x64-mingw32 → 8.3.0-x64-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/Gemfile.lock +30 -30
- data/ext/project_data.yaml +2 -2
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/ssl.rb +42 -7
- data/lib/puppet/application.rb +5 -1
- data/lib/puppet/defaults.rb +17 -5
- data/lib/puppet/face/config.rb +1 -1
- data/lib/puppet/face/epp.rb +2 -2
- data/lib/puppet/face/module/list.rb +2 -2
- data/lib/puppet/face/parser.rb +1 -1
- data/lib/puppet/functions/split.rb +28 -1
- data/lib/puppet/http/client.rb +12 -5
- data/lib/puppet/http/service/ca.rb +25 -0
- data/lib/puppet/indirector/facts/facter.rb +1 -1
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/info_service/task_information_service.rb +1 -1
- data/lib/puppet/module_tool.rb +1 -1
- data/lib/puppet/network/formats.rb +3 -3
- data/lib/puppet/network/http/memory_response.rb +1 -1
- data/lib/puppet/node/environment.rb +6 -4
- data/lib/puppet/parameter/value_collection.rb +1 -1
- data/lib/puppet/parser/files.rb +4 -3
- data/lib/puppet/parser/functions.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +20 -3
- data/lib/puppet/pops/loader/loader_paths.rb +4 -4
- data/lib/puppet/pops/lookup/explainer.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +1 -1
- data/lib/puppet/pops/model/tree_dumper.rb +1 -1
- data/lib/puppet/pops/parser/epp_support.rb +1 -1
- data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
- data/lib/puppet/pops/parser/pn_parser.rb +1 -1
- data/lib/puppet/pops/pn.rb +1 -1
- data/lib/puppet/pops/serialization/json_path.rb +1 -1
- data/lib/puppet/pops/time/timespan.rb +4 -4
- data/lib/puppet/pops/types/ruby_generator.rb +2 -2
- data/lib/puppet/pops/types/string_converter.rb +6 -6
- data/lib/puppet/pops/types/type_formatter.rb +2 -2
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/provider/nameservice/directoryservice.rb +2 -2
- data/lib/puppet/provider/package/apt.rb +1 -1
- data/lib/puppet/provider/package/dnf.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/ssl/oids.rb +2 -0
- data/lib/puppet/ssl/ssl_provider.rb +1 -1
- data/lib/puppet/ssl/state_machine.rb +60 -9
- data/lib/puppet/transaction/report.rb +1 -1
- data/lib/puppet/type/filebucket.rb +1 -1
- data/lib/puppet/util/diff.rb +1 -1
- data/lib/puppet/util/execution.rb +9 -4
- data/lib/puppet/util/inifile.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +18 -0
- data/lib/puppet/util/package/version/rpm.rb +1 -1
- data/lib/puppet/util/provider_features.rb +1 -1
- data/lib/puppet/util/selinux.rb +1 -1
- data/lib/puppet/util/windows/access_control_entry.rb +1 -1
- data/lib/puppet/util/windows/access_control_list.rb +1 -1
- data/lib/puppet/util/windows/adsi.rb +9 -2
- data/lib/puppet/util/windows/error.rb +1 -1
- data/lib/puppet/util/windows/file.rb +2 -2
- data/lib/puppet/util/windows/process.rb +1 -1
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/util.rb +2 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +13 -2
- data/locales/puppet.pot +106 -74
- data/man/man5/puppet.conf.5 +16 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -51
- data/spec/fixtures/ssl/bad-basic-constraints.pem +56 -56
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +53 -53
- data/spec/fixtures/ssl/ca.pem +54 -54
- data/spec/fixtures/ssl/crl.pem +26 -26
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -32
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +26 -26
- data/spec/fixtures/ssl/intermediate-agent.pem +56 -56
- data/spec/fixtures/ssl/intermediate-crl.pem +29 -29
- data/spec/fixtures/ssl/intermediate.pem +53 -53
- data/spec/fixtures/ssl/oid-key.pem +107 -107
- data/spec/fixtures/ssl/oid.pem +51 -50
- data/spec/fixtures/ssl/pluto-key.pem +107 -107
- data/spec/fixtures/ssl/pluto.pem +52 -51
- data/spec/fixtures/ssl/renewed.pem +67 -0
- data/spec/fixtures/ssl/request-key.pem +107 -107
- data/spec/fixtures/ssl/request.pem +50 -48
- data/spec/fixtures/ssl/revoked-key.pem +107 -107
- data/spec/fixtures/ssl/revoked.pem +51 -50
- data/spec/fixtures/ssl/signed-key.pem +107 -107
- data/spec/fixtures/ssl/signed.pem +49 -48
- data/spec/fixtures/ssl/tampered-cert.pem +51 -50
- data/spec/fixtures/ssl/tampered-csr.pem +50 -48
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -49
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -107
- data/spec/fixtures/ssl/unknown-ca.pem +54 -54
- data/spec/integration/application/agent_spec.rb +27 -27
- data/spec/integration/application/apply_spec.rb +14 -0
- data/spec/integration/http/client_spec.rb +16 -0
- data/spec/integration/type/exec_spec.rb +13 -0
- data/spec/lib/puppet/test_ca.rb +3 -10
- data/spec/lib/puppet_spec/verbose.rb +10 -1
- data/spec/unit/agent_spec.rb +2 -9
- data/spec/unit/application/ssl_spec.rb +49 -0
- data/spec/unit/defaults_spec.rb +2 -40
- data/spec/unit/file_system/path_pattern_spec.rb +15 -0
- data/spec/unit/functions/split_spec.rb +6 -0
- data/spec/unit/http/service/ca_spec.rb +71 -0
- data/spec/unit/info_service_spec.rb +1 -1
- data/spec/unit/ssl/certificate_signer_spec.rb +17 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +21 -1
- data/spec/unit/ssl/state_machine_spec.rb +75 -3
- data/spec/unit/util/execution_spec.rb +1 -0
- data/spec/unit/util/monkey_patches_spec.rb +42 -0
- data/spec/unit/util/windows/adsi_spec.rb +25 -0
- data/spec/unit/x509/cert_provider_spec.rb +23 -0
- data/tasks/generate_cert_fixtures.rake +4 -0
- metadata +11 -13
    
        checksums.yaml
    CHANGED
    
    | @@ -1,7 +1,7 @@ | |
| 1 1 | 
             
            ---
         | 
| 2 2 | 
             
            SHA256:
         | 
| 3 | 
            -
              metadata.gz:  | 
| 4 | 
            -
              data.tar.gz:  | 
| 3 | 
            +
              metadata.gz: afc62779e736a2f0f556e5f1de16b04dee763e93533bd5eaf71c836f50a373cb
         | 
| 4 | 
            +
              data.tar.gz: b24126f5caad879cd67b9218be6920a3f00cf8c7037d6897909ea6fcbf67a809
         | 
| 5 5 | 
             
            SHA512:
         | 
| 6 | 
            -
              metadata.gz:  | 
| 7 | 
            -
              data.tar.gz:  | 
| 6 | 
            +
              metadata.gz: a40646b8256a9bfa48027688273233d8775825d8c1bc037ab61d7811842f7a6a2891a5935db8b76a9e908564176c42510f7b8b920d6640ef0b284fe14bf4d8b4
         | 
| 7 | 
            +
              data.tar.gz: ff847955208a64f5860e557a41d43e73cf7ca5fa87769e396235a3f314baa456d9481dd78524b440ea8f36cada20a306547eabae0c6c67ca852e4373f651612a
         | 
    
        data/Gemfile
    CHANGED
    
    | @@ -36,7 +36,7 @@ group(:features) do | |
| 36 36 | 
             
            end
         | 
| 37 37 |  | 
| 38 38 | 
             
            group(:test) do
         | 
| 39 | 
            -
              gem "ffi", require: false
         | 
| 39 | 
            +
              gem "ffi", '1.15.5', require: false
         | 
| 40 40 | 
             
              gem "json-schema", "~> 2.0", require: false
         | 
| 41 41 | 
             
              gem "rake", *location_for(ENV['RAKE_LOCATION'] || '~> 13.0')
         | 
| 42 42 | 
             
              gem "rspec", "~> 3.1", require: false
         | 
    
        data/Gemfile.lock
    CHANGED
    
    | @@ -1,6 +1,6 @@ | |
| 1 1 | 
             
            GIT
         | 
| 2 2 | 
             
              remote: https://github.com/puppetlabs/packaging
         | 
| 3 | 
            -
              revision:  | 
| 3 | 
            +
              revision: 8adf33f59cc443c311c5d5d70c6ba2084625ceea
         | 
| 4 4 | 
             
              branch: 1.0.x
         | 
| 5 5 | 
             
              specs:
         | 
| 6 6 | 
             
                packaging (0)
         | 
| @@ -15,7 +15,7 @@ GIT | |
| 15 15 | 
             
            PATH
         | 
| 16 16 | 
             
              remote: .
         | 
| 17 17 | 
             
              specs:
         | 
| 18 | 
            -
                puppet (8. | 
| 18 | 
            +
                puppet (8.3.0)
         | 
| 19 19 | 
             
                  CFPropertyList (~> 2.2)
         | 
| 20 20 | 
             
                  concurrent-ruby (~> 1.0)
         | 
| 21 21 | 
             
                  deep_merge (~> 1.0)
         | 
| @@ -31,35 +31,37 @@ GEM | |
| 31 31 | 
             
              remote: https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/
         | 
| 32 32 | 
             
              specs:
         | 
| 33 33 | 
             
                CFPropertyList (2.3.6)
         | 
| 34 | 
            -
                addressable (2.8. | 
| 34 | 
            +
                addressable (2.8.5)
         | 
| 35 35 | 
             
                  public_suffix (>= 2.0.2, < 6.0)
         | 
| 36 36 | 
             
                apt_stage_artifacts (0.11.0)
         | 
| 37 37 | 
             
                  docopt
         | 
| 38 38 | 
             
                artifactory (3.0.15)
         | 
| 39 39 | 
             
                ast (2.4.2)
         | 
| 40 | 
            +
                base64 (0.1.1)
         | 
| 40 41 | 
             
                coderay (1.1.3)
         | 
| 41 42 | 
             
                concurrent-ruby (1.2.2)
         | 
| 42 43 | 
             
                crack (0.4.5)
         | 
| 43 44 | 
             
                  rexml
         | 
| 44 | 
            -
                csv (3.2. | 
| 45 | 
            +
                csv (3.2.7)
         | 
| 45 46 | 
             
                declarative (0.0.20)
         | 
| 46 47 | 
             
                deep_merge (1.2.2)
         | 
| 47 48 | 
             
                diff-lcs (1.5.0)
         | 
| 48 | 
            -
                digest-crc (0.6. | 
| 49 | 
            +
                digest-crc (0.6.5)
         | 
| 49 50 | 
             
                  rake (>= 12.0.0, < 14.0.0)
         | 
| 50 51 | 
             
                docopt (0.6.1)
         | 
| 51 52 | 
             
                erubi (1.12.0)
         | 
| 52 | 
            -
                facter (4. | 
| 53 | 
            +
                facter (4.5.0)
         | 
| 53 54 | 
             
                  hocon (~> 1.3)
         | 
| 54 55 | 
             
                  thor (>= 1.0.1, < 2.0)
         | 
| 55 | 
            -
                faraday (2.7. | 
| 56 | 
            +
                faraday (2.7.11)
         | 
| 57 | 
            +
                  base64
         | 
| 56 58 | 
             
                  faraday-net_http (>= 2.0, < 3.1)
         | 
| 57 59 | 
             
                  ruby2_keywords (>= 0.0.4)
         | 
| 58 60 | 
             
                faraday-net_http (3.0.2)
         | 
| 59 61 | 
             
                fast_gettext (2.3.0)
         | 
| 60 62 | 
             
                ffi (1.15.5)
         | 
| 61 63 | 
             
                forwardable (1.3.3)
         | 
| 62 | 
            -
                gettext (3.4. | 
| 64 | 
            +
                gettext (3.4.9)
         | 
| 63 65 | 
             
                  erubi
         | 
| 64 66 | 
             
                  locale (>= 2.0.5)
         | 
| 65 67 | 
             
                  prime
         | 
| @@ -69,7 +71,7 @@ GEM | |
| 69 71 | 
             
                  fast_gettext (~> 2.1)
         | 
| 70 72 | 
             
                  gettext (~> 3.4)
         | 
| 71 73 | 
             
                  locale
         | 
| 72 | 
            -
                google-apis-core (0.11. | 
| 74 | 
            +
                google-apis-core (0.11.1)
         | 
| 73 75 | 
             
                  addressable (~> 2.5, >= 2.5.1)
         | 
| 74 76 | 
             
                  googleauth (>= 0.16.2, < 2.a)
         | 
| 75 77 | 
             
                  httpclient (>= 2.8.1, < 3.a)
         | 
| @@ -96,10 +98,9 @@ GEM | |
| 96 98 | 
             
                  google-cloud-core (~> 1.6)
         | 
| 97 99 | 
             
                  googleauth (>= 0.16.2, < 2.a)
         | 
| 98 100 | 
             
                  mini_mime (~> 1.0)
         | 
| 99 | 
            -
                googleauth (1. | 
| 101 | 
            +
                googleauth (1.8.1)
         | 
| 100 102 | 
             
                  faraday (>= 0.17.3, < 3.a)
         | 
| 101 103 | 
             
                  jwt (>= 1.4, < 3.0)
         | 
| 102 | 
            -
                  memoist (~> 0.16)
         | 
| 103 104 | 
             
                  multi_json (~> 1.11)
         | 
| 104 105 | 
             
                  os (>= 0.9, < 2.0)
         | 
| 105 106 | 
             
                  signet (>= 0.16, < 2.a)
         | 
| @@ -115,18 +116,17 @@ GEM | |
| 115 116 | 
             
                  addressable (>= 2.4)
         | 
| 116 117 | 
             
                jwt (2.7.1)
         | 
| 117 118 | 
             
                locale (2.1.3)
         | 
| 118 | 
            -
                memoist (0.16.2)
         | 
| 119 119 | 
             
                memory_profiler (1.0.1)
         | 
| 120 120 | 
             
                method_source (1.0.0)
         | 
| 121 | 
            -
                mini_mime (1.1. | 
| 121 | 
            +
                mini_mime (1.1.5)
         | 
| 122 122 | 
             
                minitar (0.9)
         | 
| 123 | 
            -
                msgpack (1.7. | 
| 123 | 
            +
                msgpack (1.7.2)
         | 
| 124 124 | 
             
                multi_json (1.15.0)
         | 
| 125 125 | 
             
                mustache (1.1.1)
         | 
| 126 | 
            -
                optimist (3.0 | 
| 126 | 
            +
                optimist (3.1.0)
         | 
| 127 127 | 
             
                os (1.1.4)
         | 
| 128 128 | 
             
                parallel (1.23.0)
         | 
| 129 | 
            -
                parser (3.2.2. | 
| 129 | 
            +
                parser (3.2.2.4)
         | 
| 130 130 | 
             
                  ast (~> 2.4.1)
         | 
| 131 131 | 
             
                  racc
         | 
| 132 132 | 
             
                prime (0.1.2)
         | 
| @@ -135,17 +135,17 @@ GEM | |
| 135 135 | 
             
                pry (0.14.2)
         | 
| 136 136 | 
             
                  coderay (~> 1.1)
         | 
| 137 137 | 
             
                  method_source (~> 1.0)
         | 
| 138 | 
            -
                public_suffix (5.0. | 
| 139 | 
            -
                puppet-resource_api (1. | 
| 138 | 
            +
                public_suffix (5.0.3)
         | 
| 139 | 
            +
                puppet-resource_api (1.9.0)
         | 
| 140 140 | 
             
                  hocon (>= 1.0)
         | 
| 141 141 | 
             
                puppetserver-ca (2.6.0)
         | 
| 142 142 | 
             
                  facter (>= 2.0.1, < 5)
         | 
| 143 143 | 
             
                racc (1.5.2)
         | 
| 144 144 | 
             
                rainbow (3.1.1)
         | 
| 145 145 | 
             
                rake (13.0.6)
         | 
| 146 | 
            -
                rdiscount (2.2.7)
         | 
| 146 | 
            +
                rdiscount (2.2.7.1)
         | 
| 147 147 | 
             
                rdoc (6.3.3)
         | 
| 148 | 
            -
                regexp_parser (2.8. | 
| 148 | 
            +
                regexp_parser (2.8.2)
         | 
| 149 149 | 
             
                release-metrics (1.1.0)
         | 
| 150 150 | 
             
                  csv
         | 
| 151 151 | 
             
                  docopt
         | 
| @@ -154,7 +154,7 @@ GEM | |
| 154 154 | 
             
                  trailblazer-option (>= 0.1.1, < 0.2.0)
         | 
| 155 155 | 
             
                  uber (< 0.2.0)
         | 
| 156 156 | 
             
                retriable (3.1.2)
         | 
| 157 | 
            -
                rexml (3.2. | 
| 157 | 
            +
                rexml (3.2.6)
         | 
| 158 158 | 
             
                ronn (0.7.3)
         | 
| 159 159 | 
             
                  hpricot (>= 0.8.2)
         | 
| 160 160 | 
             
                  mustache (>= 0.7.0)
         | 
| @@ -171,10 +171,10 @@ GEM | |
| 171 171 | 
             
                rspec-its (1.3.0)
         | 
| 172 172 | 
             
                  rspec-core (>= 3.0.0)
         | 
| 173 173 | 
             
                  rspec-expectations (>= 3.0.0)
         | 
| 174 | 
            -
                rspec-mocks (3.12. | 
| 174 | 
            +
                rspec-mocks (3.12.6)
         | 
| 175 175 | 
             
                  diff-lcs (>= 1.2.0, < 2.0)
         | 
| 176 176 | 
             
                  rspec-support (~> 3.12.0)
         | 
| 177 | 
            -
                rspec-support (3.12. | 
| 177 | 
            +
                rspec-support (3.12.1)
         | 
| 178 178 | 
             
                rubocop (1.28.0)
         | 
| 179 179 | 
             
                  parallel (~> 1.10)
         | 
| 180 180 | 
             
                  parser (>= 3.1.0.0)
         | 
| @@ -193,19 +193,19 @@ GEM | |
| 193 193 | 
             
                ruby2_keywords (0.0.5)
         | 
| 194 194 | 
             
                scanf (1.0.0)
         | 
| 195 195 | 
             
                semantic_puppet (1.1.0)
         | 
| 196 | 
            -
                signet (0. | 
| 196 | 
            +
                signet (0.18.0)
         | 
| 197 197 | 
             
                  addressable (~> 2.8)
         | 
| 198 198 | 
             
                  faraday (>= 0.17.5, < 3.a)
         | 
| 199 199 | 
             
                  jwt (>= 1.5, < 3.0)
         | 
| 200 200 | 
             
                  multi_json (~> 1.10)
         | 
| 201 201 | 
             
                singleton (0.1.1)
         | 
| 202 202 | 
             
                text (1.3.1)
         | 
| 203 | 
            -
                thor (1. | 
| 203 | 
            +
                thor (1.3.0)
         | 
| 204 204 | 
             
                trailblazer-option (0.1.2)
         | 
| 205 205 | 
             
                uber (0.1.0)
         | 
| 206 | 
            -
                unicode-display_width (2. | 
| 207 | 
            -
                vcr (6. | 
| 208 | 
            -
                webmock (3. | 
| 206 | 
            +
                unicode-display_width (2.5.0)
         | 
| 207 | 
            +
                vcr (6.2.0)
         | 
| 208 | 
            +
                webmock (3.19.1)
         | 
| 209 209 | 
             
                  addressable (>= 2.8.0)
         | 
| 210 210 | 
             
                  crack (>= 0.3.2)
         | 
| 211 211 | 
             
                  hashdiff (>= 0.4.0, < 2.0.0)
         | 
| @@ -218,7 +218,7 @@ PLATFORMS | |
| 218 218 | 
             
            DEPENDENCIES
         | 
| 219 219 | 
             
              diff-lcs (~> 1.3)
         | 
| 220 220 | 
             
              facter (~> 4.3)
         | 
| 221 | 
            -
              ffi
         | 
| 221 | 
            +
              ffi (= 1.15.5)
         | 
| 222 222 | 
             
              gettext-setup (~> 1.0)
         | 
| 223 223 | 
             
              hiera-eyaml
         | 
| 224 224 | 
             
              hocon (~> 1.0)
         | 
| @@ -248,4 +248,4 @@ DEPENDENCIES | |
| 248 248 | 
             
              yard
         | 
| 249 249 |  | 
| 250 250 | 
             
            BUNDLED WITH
         | 
| 251 | 
            -
               2.4. | 
| 251 | 
            +
               2.4.20
         | 
    
        data/ext/project_data.yaml
    CHANGED
    
    | @@ -39,11 +39,11 @@ gem_platform_dependencies: | |
| 39 39 | 
             
                  CFPropertyList: '~> 2.2'
         | 
| 40 40 | 
             
              x86-mingw32:
         | 
| 41 41 | 
             
                gem_runtime_dependencies:
         | 
| 42 | 
            -
                  ffi:  | 
| 42 | 
            +
                  ffi: '1.15.5'
         | 
| 43 43 | 
             
                  minitar: '~> 0.9'
         | 
| 44 44 | 
             
              x64-mingw32:
         | 
| 45 45 | 
             
                gem_runtime_dependencies:
         | 
| 46 | 
            -
                  ffi:  | 
| 46 | 
            +
                  ffi: '1.15.5'
         | 
| 47 47 | 
             
                  minitar: '~> 0.9'
         | 
| 48 48 | 
             
            bundle_platforms:
         | 
| 49 49 | 
             
              universal-darwin: all
         | 
| @@ -60,6 +60,11 @@ ACTIONS | |
| 60 60 | 
             
              the CSR. Otherwise a new key pair will be generated. If a CSR has already
         | 
| 61 61 | 
             
              been submitted with the given `certname`, then the operation will fail.
         | 
| 62 62 |  | 
| 63 | 
            +
            * generate_request:
         | 
| 64 | 
            +
              Generate a certificate signing request (CSR). If
         | 
| 65 | 
            +
              a private and public key pair already exist, they will be used to generate
         | 
| 66 | 
            +
              the CSR. Otherwise a new key pair will be generated.
         | 
| 67 | 
            +
             | 
| 63 68 | 
             
            * download_cert:
         | 
| 64 69 | 
             
              Download a certificate for this host. If the current private key matches
         | 
| 65 70 | 
             
              the downloaded certificate, then the certificate will be saved and used
         | 
| @@ -137,9 +142,21 @@ HELP | |
| 137 142 | 
             
                  unless cert
         | 
| 138 143 | 
             
                    raise Puppet::Error, _("The certificate for '%{name}' has not yet been signed") % { name: certname }
         | 
| 139 144 | 
             
                  end
         | 
| 145 | 
            +
                when 'generate_request'
         | 
| 146 | 
            +
                  generate_request(certname)
         | 
| 140 147 | 
             
                when 'verify'
         | 
| 141 148 | 
             
                  verify(certname)
         | 
| 142 149 | 
             
                when 'clean'
         | 
| 150 | 
            +
                  possible_extra_args = command_line.args.drop(1)
         | 
| 151 | 
            +
                  unless possible_extra_args.empty?
         | 
| 152 | 
            +
                    raise Puppet::Error, _(<<END) % { args: possible_extra_args.join(' ')}
         | 
| 153 | 
            +
            Extra arguments detected: %{args}
         | 
| 154 | 
            +
            Did you mean to run:
         | 
| 155 | 
            +
              puppetserver ca clean --certname <name>
         | 
| 156 | 
            +
            Or:
         | 
| 157 | 
            +
              puppet ssl clean --target <name>
         | 
| 158 | 
            +
            END
         | 
| 159 | 
            +
                  end
         | 
| 143 160 | 
             
                  clean(certname)
         | 
| 144 161 | 
             
                when 'bootstrap'
         | 
| 145 162 | 
             
                  if !Puppet::Util::Log.sendlevel?(:info)
         | 
| @@ -163,13 +180,7 @@ HELP | |
| 163 180 | 
             
              def submit_request(ssl_context)
         | 
| 164 181 | 
             
                key = @cert_provider.load_private_key(Puppet[:certname])
         | 
| 165 182 | 
             
                unless key
         | 
| 166 | 
            -
                   | 
| 167 | 
            -
                    Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: Puppet[:certname], curve: Puppet[:named_curve] }
         | 
| 168 | 
            -
                    key = OpenSSL::PKey::EC.generate(Puppet[:named_curve])
         | 
| 169 | 
            -
                  else
         | 
| 170 | 
            -
                    Puppet.info _("Creating a new SSL key for %{name}") % { name: Puppet[:certname] }
         | 
| 171 | 
            -
                    key = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
         | 
| 172 | 
            -
                  end
         | 
| 183 | 
            +
                  key = create_key(Puppet[:certname])
         | 
| 173 184 | 
             
                  @cert_provider.save_private_key(Puppet[:certname], key)
         | 
| 174 185 | 
             
                end
         | 
| 175 186 |  | 
| @@ -188,6 +199,20 @@ HELP | |
| 188 199 | 
             
                raise Puppet::Error.new(_("Failed to submit certificate request: %{message}") % { message: e.message }, e)
         | 
| 189 200 | 
             
              end
         | 
| 190 201 |  | 
| 202 | 
            +
              def generate_request(certname)
         | 
| 203 | 
            +
                key = @cert_provider.load_private_key(certname)
         | 
| 204 | 
            +
                unless key
         | 
| 205 | 
            +
                  key = create_key(certname)
         | 
| 206 | 
            +
                  @cert_provider.save_private_key(certname, key)
         | 
| 207 | 
            +
                end
         | 
| 208 | 
            +
             | 
| 209 | 
            +
                csr = @cert_provider.create_request(certname, key)
         | 
| 210 | 
            +
                @cert_provider.save_request(certname, csr)
         | 
| 211 | 
            +
                Puppet.notice _("Generated certificate request in '%{path}'") % { path: @cert_provider.to_path(Puppet[:requestdir], certname) }
         | 
| 212 | 
            +
              rescue => e
         | 
| 213 | 
            +
                raise Puppet::Error.new(_("Failed to generate certificate request: %{message}") % { message: e.message }, e)
         | 
| 214 | 
            +
              end
         | 
| 215 | 
            +
             | 
| 191 216 | 
             
              def download_cert(ssl_context)
         | 
| 192 217 | 
             
                key = @cert_provider.load_private_key(Puppet[:certname])
         | 
| 193 218 |  | 
| @@ -286,4 +311,14 @@ END | |
| 286 311 | 
             
              def create_route(ssl_context)
         | 
| 287 312 | 
             
                @session.route_to(:ca, ssl_context: ssl_context)
         | 
| 288 313 | 
             
              end
         | 
| 314 | 
            +
             | 
| 315 | 
            +
              def create_key(certname)
         | 
| 316 | 
            +
                if Puppet[:key_type] == 'ec'
         | 
| 317 | 
            +
                  Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: certname, curve: Puppet[:named_curve] }
         | 
| 318 | 
            +
                  OpenSSL::PKey::EC.generate(Puppet[:named_curve])
         | 
| 319 | 
            +
                else
         | 
| 320 | 
            +
                  Puppet.info _("Creating a new SSL key for %{name}") % { name: certname }
         | 
| 321 | 
            +
                  OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
         | 
| 322 | 
            +
                end
         | 
| 323 | 
            +
              end
         | 
| 289 324 | 
             
            end
         | 
    
        data/lib/puppet/application.rb
    CHANGED
    
    | @@ -504,8 +504,12 @@ class Application | |
| 504 504 | 
             
                runtime_info = {
         | 
| 505 505 | 
             
                  'puppet_version' => Puppet.version,
         | 
| 506 506 | 
             
                  'ruby_version'   => RUBY_VERSION,
         | 
| 507 | 
            -
                  'run_mode'       => self.class.run_mode.name | 
| 507 | 
            +
                  'run_mode'       => self.class.run_mode.name
         | 
| 508 508 | 
             
                }
         | 
| 509 | 
            +
                unless Puppet::Util::Platform.jruby_fips?
         | 
| 510 | 
            +
                  runtime_info['openssl_version'] = "'#{OpenSSL::OPENSSL_VERSION}'"
         | 
| 511 | 
            +
                  runtime_info['openssl_fips'] = OpenSSL::OPENSSL_FIPS
         | 
| 512 | 
            +
                end
         | 
| 509 513 | 
             
                runtime_info['default_encoding'] = Encoding.default_external
         | 
| 510 514 | 
             
                runtime_info.merge!(extra_info) unless extra_info.nil?
         | 
| 511 515 |  | 
    
        data/lib/puppet/defaults.rb
    CHANGED
    
    | @@ -4,11 +4,7 @@ require_relative '../puppet/util/platform' | |
| 4 4 | 
             
            module Puppet
         | 
| 5 5 |  | 
| 6 6 | 
             
              def self.default_diffargs
         | 
| 7 | 
            -
                 | 
| 8 | 
            -
                  ""
         | 
| 9 | 
            -
                else
         | 
| 10 | 
            -
                  "-u"
         | 
| 11 | 
            -
                end
         | 
| 7 | 
            +
                '-u'
         | 
| 12 8 | 
             
              end
         | 
| 13 9 |  | 
| 14 10 | 
             
              def self.default_digest_algorithm
         | 
| @@ -1248,6 +1244,22 @@ EOT | |
| 1248 1244 | 
             
                     unchanged on the server, then the agent run will continue using the
         | 
| 1249 1245 | 
             
                     local CRL it already has.#{AS_DURATION}",
         | 
| 1250 1246 | 
             
                },
         | 
| 1247 | 
            +
                :hostcert_renewal_interval => {
         | 
| 1248 | 
            +
                  :default => "30d",
         | 
| 1249 | 
            +
                  :type    => :duration,
         | 
| 1250 | 
            +
                  :desc    => "When the Puppet agent refreshes its client certificate.
         | 
| 1251 | 
            +
                     By default the client certificate will refresh 30 days before the certificate
         | 
| 1252 | 
            +
                     expires. If a different duration is specified, then the agent will refresh its
         | 
| 1253 | 
            +
                     client certificate whenever it next runs and if the client certificate expires
         | 
| 1254 | 
            +
                     within the duration specified.
         | 
| 1255 | 
            +
             | 
| 1256 | 
            +
                     In general, the duration should be greater than the `runinterval`.
         | 
| 1257 | 
            +
                     Setting it to 0 will disable automatic renewal.
         | 
| 1258 | 
            +
             | 
| 1259 | 
            +
                     If the agent downloads a new certificate, the agent will use it for subsequent
         | 
| 1260 | 
            +
                     network requests. If the refresh request fails, then the agent run will continue using the
         | 
| 1261 | 
            +
                     certificate it already has. #{AS_DURATION}",
         | 
| 1262 | 
            +
                },
         | 
| 1251 1263 | 
             
                :keylength => {
         | 
| 1252 1264 | 
             
                  :default    => 4096,
         | 
| 1253 1265 | 
             
                  :type       => :integer,
         | 
    
        data/lib/puppet/face/config.rb
    CHANGED
    
    | @@ -82,7 +82,7 @@ Puppet::Face.define(:config, '0.0.1') do | |
| 82 82 | 
             
                end
         | 
| 83 83 |  | 
| 84 84 | 
             
                when_rendering :console do |to_be_rendered|
         | 
| 85 | 
            -
                  output =  | 
| 85 | 
            +
                  output = ''.dup
         | 
| 86 86 | 
             
                  if to_be_rendered.keys.length > 1
         | 
| 87 87 | 
             
                    to_be_rendered.keys.sort.each do |setting|
         | 
| 88 88 | 
             
                      output << "#{setting} = #{to_be_rendered[setting]}\n"
         | 
    
        data/lib/puppet/face/epp.rb
    CHANGED
    
    | @@ -367,7 +367,7 @@ Puppet::Face.define(:epp, '0.0.1') do | |
| 367 367 | 
             
              end
         | 
| 368 368 |  | 
| 369 369 | 
             
              def dump_parse(source, filename, options, show_filename = true)
         | 
| 370 | 
            -
                output =  | 
| 370 | 
            +
                output = ''.dup
         | 
| 371 371 | 
             
                evaluating_parser = Puppet::Pops::Parser::EvaluatingParser::EvaluatingEppParser.new
         | 
| 372 372 | 
             
                begin
         | 
| 373 373 | 
             
                  if options[:validate]
         | 
| @@ -451,7 +451,7 @@ Puppet::Face.define(:epp, '0.0.1') do | |
| 451 451 |  | 
| 452 452 | 
             
              def render_file(epp_template_name, compiler, options, show_filename, file_nbr)
         | 
| 453 453 | 
             
                template_args = get_values(compiler, options)
         | 
| 454 | 
            -
                output =  | 
| 454 | 
            +
                output = ''.dup
         | 
| 455 455 | 
             
                begin
         | 
| 456 456 | 
             
                  if show_filename && options[:header]
         | 
| 457 457 | 
             
                    output << "\n" unless file_nbr == 1
         | 
| @@ -74,7 +74,7 @@ Puppet::Face.define(:module, '1.0.0') do | |
| 74 74 | 
             
                  environment     = result[:environment]
         | 
| 75 75 | 
             
                  modules_by_path = result[:modules_by_path]
         | 
| 76 76 |  | 
| 77 | 
            -
                  output =  | 
| 77 | 
            +
                  output = ''.dup
         | 
| 78 78 |  | 
| 79 79 | 
             
                  warn_unmet_dependencies(environment)
         | 
| 80 80 |  | 
| @@ -248,7 +248,7 @@ Puppet::Face.define(:module, '1.0.0') do | |
| 248 248 | 
             
              # Returns a Hash
         | 
| 249 249 | 
             
              #
         | 
| 250 250 | 
             
              def list_build_node(mod, parent, params)
         | 
| 251 | 
            -
                str =  | 
| 251 | 
            +
                str = ''.dup
         | 
| 252 252 | 
             
                str << (mod.forge_name ? mod.forge_name.tr('/', '-') : mod.name)
         | 
| 253 253 | 
             
                str << ' (' + colorize(:cyan, mod.version ? "v#{mod.version}" : '???') + ')'
         | 
| 254 254 |  | 
    
        data/lib/puppet/face/parser.rb
    CHANGED
    
    | @@ -174,7 +174,7 @@ Puppet::Face.define(:parser, '0.0.1') do | |
| 174 174 | 
             
              end
         | 
| 175 175 |  | 
| 176 176 | 
             
              def dump_parse(source, filename, options, show_filename = true)
         | 
| 177 | 
            -
                output =  | 
| 177 | 
            +
                output = ''.dup
         | 
| 178 178 | 
             
                evaluating_parser = Puppet::Pops::Parser::EvaluatingParser.new
         | 
| 179 179 | 
             
                begin
         | 
| 180 180 | 
             
                  if options[:validate]
         | 
| @@ -36,6 +36,21 @@ Puppet::Functions.create_function(:split) do | |
| 36 36 | 
             
                param 'Type[Regexp]', :pattern
         | 
| 37 37 | 
             
              end
         | 
| 38 38 |  | 
| 39 | 
            +
              dispatch :split_String_sensitive do
         | 
| 40 | 
            +
                param 'Sensitive[String]', :sensitive
         | 
| 41 | 
            +
                param 'String', :pattern
         | 
| 42 | 
            +
              end
         | 
| 43 | 
            +
             | 
| 44 | 
            +
              dispatch :split_Regexp_sensitive do
         | 
| 45 | 
            +
                param 'Sensitive[String]', :sensitive
         | 
| 46 | 
            +
                param 'Regexp', :pattern
         | 
| 47 | 
            +
              end
         | 
| 48 | 
            +
             | 
| 49 | 
            +
              dispatch :split_RegexpType_sensitive do
         | 
| 50 | 
            +
                param 'Sensitive[String]', :sensitive
         | 
| 51 | 
            +
                param 'Type[Regexp]', :pattern
         | 
| 52 | 
            +
              end
         | 
| 53 | 
            +
             | 
| 39 54 | 
             
              def split_String(str, pattern)
         | 
| 40 55 | 
             
                str.split(Regexp.compile(pattern))
         | 
| 41 56 | 
             
              end
         | 
| @@ -47,4 +62,16 @@ Puppet::Functions.create_function(:split) do | |
| 47 62 | 
             
              def split_RegexpType(str, pattern)
         | 
| 48 63 | 
             
                str.split(pattern.regexp)
         | 
| 49 64 | 
             
              end
         | 
| 50 | 
            -
             | 
| 65 | 
            +
             | 
| 66 | 
            +
              def split_String_sensitive(sensitive, pattern)
         | 
| 67 | 
            +
                Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_String(sensitive.unwrap, pattern))
         | 
| 68 | 
            +
              end
         | 
| 69 | 
            +
             | 
| 70 | 
            +
              def split_Regexp_sensitive(sensitive, pattern)
         | 
| 71 | 
            +
                Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_Regexp(sensitive.unwrap, pattern))
         | 
| 72 | 
            +
              end
         | 
| 73 | 
            +
             | 
| 74 | 
            +
              def split_RegexpType_sensitive(sensitive, pattern)
         | 
| 75 | 
            +
                Puppet::Pops::Types::PSensitiveType::Sensitive.new(split_RegexpType(sensitive.unwrap, pattern))
         | 
| 76 | 
            +
              end
         | 
| 77 | 
            +
            end
         | 
    
        data/lib/puppet/http/client.rb
    CHANGED
    
    | @@ -368,6 +368,7 @@ class Puppet::HTTP::Client | |
| 368 368 | 
             
                    apply_auth(request, basic_auth) if redirects.zero?
         | 
| 369 369 |  | 
| 370 370 | 
             
                    # don't call return within the `request` block
         | 
| 371 | 
            +
                    close_and_sleep = nil
         | 
| 371 372 | 
             
                    http.request(request) do |nethttp|
         | 
| 372 373 | 
             
                      response = Puppet::HTTP::ResponseNetHTTP.new(request.uri, nethttp)
         | 
| 373 374 | 
             
                      begin
         | 
| @@ -381,12 +382,14 @@ class Puppet::HTTP::Client | |
| 381 382 | 
             
                          interval = @retry_after_handler.retry_after_interval(request, response, retries)
         | 
| 382 383 | 
             
                          retries += 1
         | 
| 383 384 | 
             
                          if interval
         | 
| 384 | 
            -
                             | 
| 385 | 
            -
                               | 
| 386 | 
            -
             | 
| 385 | 
            +
                            close_and_sleep = proc do
         | 
| 386 | 
            +
                              if http.started?
         | 
| 387 | 
            +
                                Puppet.debug("Closing connection for #{Puppet::HTTP::Site.from_uri(request.uri)}")
         | 
| 388 | 
            +
                                http.finish
         | 
| 389 | 
            +
                              end
         | 
| 390 | 
            +
                              Puppet.warning(_("Sleeping for %{interval} seconds before retrying the request") % { interval: interval })
         | 
| 391 | 
            +
                              ::Kernel.sleep(interval)
         | 
| 387 392 | 
             
                            end
         | 
| 388 | 
            -
                            Puppet.warning(_("Sleeping for %{interval} seconds before retrying the request") % { interval: interval })
         | 
| 389 | 
            -
                            ::Kernel.sleep(interval)
         | 
| 390 393 | 
             
                            next
         | 
| 391 394 | 
             
                          end
         | 
| 392 395 | 
             
                        end
         | 
| @@ -405,6 +408,10 @@ class Puppet::HTTP::Client | |
| 405 408 |  | 
| 406 409 | 
             
                      done = true
         | 
| 407 410 | 
             
                    end
         | 
| 411 | 
            +
                  ensure
         | 
| 412 | 
            +
                    # If a server responded with a retry, make sure the connection is closed and then
         | 
| 413 | 
            +
                    # sleep the specified time.
         | 
| 414 | 
            +
                    close_and_sleep.call if close_and_sleep
         | 
| 408 415 | 
             
                  end
         | 
| 409 416 | 
             
                end
         | 
| 410 417 |  | 
| @@ -104,4 +104,29 @@ class Puppet::HTTP::Service::Ca < Puppet::HTTP::Service | |
| 104 104 |  | 
| 105 105 | 
             
                response
         | 
| 106 106 | 
             
              end
         | 
| 107 | 
            +
             | 
| 108 | 
            +
              # Submit a POST request to send a certificate renewal request to the server
         | 
| 109 | 
            +
              #
         | 
| 110 | 
            +
              # @param [Puppet::SSL::SSLContext] ssl_context
         | 
| 111 | 
            +
              #
         | 
| 112 | 
            +
              # @return [Array<Puppet::HTTP::Response, String>] The request response
         | 
| 113 | 
            +
              #
         | 
| 114 | 
            +
              # @api public
         | 
| 115 | 
            +
              def post_certificate_renewal(ssl_context)
         | 
| 116 | 
            +
                headers = add_puppet_headers(HEADERS)
         | 
| 117 | 
            +
                headers['Content-Type'] = 'text/plain'
         | 
| 118 | 
            +
             | 
| 119 | 
            +
                response = @client.post(
         | 
| 120 | 
            +
                  with_base_url('/certificate_renewal'),
         | 
| 121 | 
            +
                  '', # Puppet::HTTP::Client.post requires a body, the API endpoint does not
         | 
| 122 | 
            +
                  headers: headers,
         | 
| 123 | 
            +
                  options: {ssl_context: ssl_context}
         | 
| 124 | 
            +
                )
         | 
| 125 | 
            +
             | 
| 126 | 
            +
                raise ArgumentError.new(_('SSL context must contain a client certificate.')) unless ssl_context.client_cert
         | 
| 127 | 
            +
             | 
| 128 | 
            +
                process_response(response)
         | 
| 129 | 
            +
             | 
| 130 | 
            +
                [response, response.body.to_s]
         | 
| 131 | 
            +
              end
         | 
| 107 132 | 
             
            end
         | 
| @@ -105,7 +105,7 @@ class Puppet::Node::Facts::Facter < Puppet::Indirector::Code | |
| 105 105 |  | 
| 106 106 | 
             
              def find_with_options(request)
         | 
| 107 107 | 
             
                options = request.options
         | 
| 108 | 
            -
                options_for_facter =  | 
| 108 | 
            +
                options_for_facter = ''.dup
         | 
| 109 109 | 
             
                options_for_facter += options[:user_query].join(' ')
         | 
| 110 110 | 
             
                options_for_facter += " --config #{options[:config_file]}" if options[:config_file]
         | 
| 111 111 | 
             
                options_for_facter += " --show-legacy" if options[:show_legacy]
         | 
| @@ -58,7 +58,7 @@ module Puppet::FileBucketFile | |
| 58 58 | 
             
                  end
         | 
| 59 59 | 
             
                  # Setting hash's default value to [], needed by the following loop
         | 
| 60 60 | 
             
                  bucket = Hash.new {[]}
         | 
| 61 | 
            -
                  msg =  | 
| 61 | 
            +
                  msg = ''.dup
         | 
| 62 62 | 
             
                  # Get all files with mtime between 'from' and 'to'
         | 
| 63 63 | 
             
                  Pathname.new(request.options[:bucket_path]).find { |item|
         | 
| 64 64 | 
             
                    if item.file? and item.basename.to_s == "paths"
         | 
| @@ -13,7 +13,7 @@ class Puppet::InfoService::TaskInformationService | |
| 13 13 | 
             
                      task.validate
         | 
| 14 14 | 
             
                      {:module => {:name => task.module.name}, :name => task.name, :metadata => task.metadata}
         | 
| 15 15 | 
             
                    rescue Puppet::Module::Task::Error => err
         | 
| 16 | 
            -
                      Puppet.log_exception(err | 
| 16 | 
            +
                      Puppet.log_exception(err)
         | 
| 17 17 | 
             
                      nil
         | 
| 18 18 | 
             
                    end
         | 
| 19 19 | 
             
                  end
         | 
    
        data/lib/puppet/module_tool.rb
    CHANGED
    
    | @@ -70,7 +70,7 @@ module Puppet | |
| 70 70 | 
             
                # Builds a formatted tree from a list of node hashes containing +:text+
         | 
| 71 71 | 
             
                # and +:dependencies+ keys.
         | 
| 72 72 | 
             
                def self.format_tree(nodes, level = 0)
         | 
| 73 | 
            -
                  str =  | 
| 73 | 
            +
                  str = ''.dup
         | 
| 74 74 | 
             
                  nodes.each_with_index do |node, i|
         | 
| 75 75 | 
             
                    last_node = nodes.length - 1 == i
         | 
| 76 76 | 
             
                    deps = node[:dependencies] || []
         | 
| @@ -156,7 +156,7 @@ Puppet::Network::FormatHandler.create(:console, | |
| 156 156 |  | 
| 157 157 | 
             
                # Simple hash to table
         | 
| 158 158 | 
             
                if datum.is_a?(Hash) && datum.keys.all? { |x| x.is_a?(String) || x.is_a?(Numeric) }
         | 
| 159 | 
            -
                  output =  | 
| 159 | 
            +
                  output = ''.dup
         | 
| 160 160 | 
             
                  column_a = datum.empty? ? 2 : datum.map{ |k,v| k.to_s.length }.max + 2
         | 
| 161 161 | 
             
                  datum.sort_by { |k,v| k.to_s } .each do |key, value|
         | 
| 162 162 | 
             
                    output << key.to_s.ljust(column_a)
         | 
| @@ -169,7 +169,7 @@ Puppet::Network::FormatHandler.create(:console, | |
| 169 169 |  | 
| 170 170 | 
             
                # Print one item per line for arrays
         | 
| 171 171 | 
             
                if datum.is_a? Array
         | 
| 172 | 
            -
                  output =  | 
| 172 | 
            +
                  output = ''.dup
         | 
| 173 173 | 
             
                  datum.each do |item|
         | 
| 174 174 | 
             
                    output << item.to_s
         | 
| 175 175 | 
             
                    output << "\n"
         | 
| @@ -227,7 +227,7 @@ Puppet::Network::FormatHandler.create(:flat, | |
| 227 227 | 
             
              end
         | 
| 228 228 |  | 
| 229 229 | 
             
              def construct_output(data)
         | 
| 230 | 
            -
                output =  | 
| 230 | 
            +
                output = ''.dup
         | 
| 231 231 | 
             
                data.each do |key, value|
         | 
| 232 232 | 
             
                  output << "#{key}=#{value}"
         | 
| 233 233 | 
             
                  output << "\n"
         | 
| @@ -592,10 +592,12 @@ class Puppet::Node::Environment | |
| 592 592 | 
             
                  if file == NO_MANIFEST
         | 
| 593 593 | 
             
                    empty_parse_result
         | 
| 594 594 | 
             
                  elsif File.directory?(file)
         | 
| 595 | 
            -
                     | 
| 596 | 
            -
             | 
| 597 | 
            -
             | 
| 598 | 
            -
             | 
| 595 | 
            +
                    # JRuby does not properly perform Dir.glob operations with wildcards, (see PUP-11788 and https://github.com/jruby/jruby/issues/7836).
         | 
| 596 | 
            +
                    # We sort the results because Dir.glob order is inconsistent in Ruby < 3 (see PUP-10115).
         | 
| 597 | 
            +
                    parse_results = Puppet::FileSystem::PathPattern.absolute(File.join(file, '**/*')).glob.select {|globbed_file| globbed_file.end_with?('.pp')}.sort.map do | file_to_parse |
         | 
| 598 | 
            +
                                      parser.file = file_to_parse
         | 
| 599 | 
            +
                                      parser.parse
         | 
| 600 | 
            +
                                    end
         | 
| 599 601 | 
             
                    # Use a parser type specific merger to concatenate the results
         | 
| 600 602 | 
             
                    Puppet::Parser::AST::Hostclass.new('', :code => Puppet::Parser::ParserFactory.code_merger.concatenate(parse_results))
         | 
| 601 603 | 
             
                  else
         | 
    
        data/lib/puppet/parser/files.rb
    CHANGED
    
    | @@ -29,9 +29,10 @@ module Puppet::Parser::Files | |
| 29 29 | 
             
              #   * modulename/filename selector: a file is found in the file directory
         | 
| 30 30 | 
             
              #     of the named module.
         | 
| 31 31 | 
             
              #
         | 
| 32 | 
            -
              #  | 
| 33 | 
            -
              #  | 
| 34 | 
            -
              #  | 
| 32 | 
            +
              # The check for file existence is performed on the node compiling the
         | 
| 33 | 
            +
              # manifest. A node running "puppet apply" compiles its own manifest, but
         | 
| 34 | 
            +
              # a node running "puppet agent" depends on the configured puppetserver
         | 
| 35 | 
            +
              # for compiling. In either case, a nil is returned if no file is found.
         | 
| 35 36 | 
             
              #
         | 
| 36 37 | 
             
              # @param template [String] the file selector
         | 
| 37 38 | 
             
              # @param environment [Puppet::Node::Environment] the environment in which to search
         |