puppet 8.2.0 → 8.3.1

data/locales/puppet.pot

@@ -6,11 +6,11 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: Puppet automation framework 8.1.0-43-g2052c18a7f\n"
+"Project-Id-Version: Puppet automation framework 8.2.0-29-g809d465a09\n"
 "\n"
 "Report-Msgid-Bugs-To: https://tickets.puppetlabs.com\n"
-"POT-Creation-Date: 2023-07-06 21:09+0000\n"
-"PO-Revision-Date: 2023-07-06 21:09+0000\n"
+"POT-Creation-Date: 2023-09-21 23:07+0000\n"
+"PO-Revision-Date: 2023-09-21 23:07+0000\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -442,62 +442,70 @@ msgstr ""
 msgid "Manage SSL keys and certificates for puppet SSL clients"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:107
+#: ../lib/puppet/application/ssl.rb:112
 msgid "An action must be specified."
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:131 ../lib/puppet/application/ssl.rb:138
+#: ../lib/puppet/application/ssl.rb:136 ../lib/puppet/application/ssl.rb:143
 msgid "The certificate for '%{name}' has not yet been signed"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:149
+#: ../lib/puppet/application/ssl.rb:156
 msgid "Completed SSL initialization"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:153
+#: ../lib/puppet/application/ssl.rb:160
 msgid "Unknown action '%{action}'"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:167 ../lib/puppet/ssl/state_machine.rb:273
-msgid "Creating a new EC SSL key for %{name} using curve %{curve}"
+#: ../lib/puppet/application/ssl.rb:181
+msgid "Submitted certificate request for '%{name}' to %{url}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:170
-msgid "Creating a new SSL key for %{name}"
+#: ../lib/puppet/application/ssl.rb:184
+msgid "Could not submit certificate request for '%{name}' to %{url} due to a conflict on the server"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:180
-msgid "Submitted certificate request for '%{name}' to %{url}"
+#: ../lib/puppet/application/ssl.rb:186 ../lib/puppet/application/ssl.rb:189
+msgid "Failed to submit certificate request: %{message}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:183
-msgid "Could not submit certificate request for '%{name}' to %{url} due to a conflict on the server"
+#: ../lib/puppet/application/ssl.rb:201
+msgid "Generated certificate request in '%{path}'"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:185 ../lib/puppet/application/ssl.rb:188
-msgid "Failed to submit certificate request: %{message}"
+#: ../lib/puppet/application/ssl.rb:203
+msgid "Failed to generate certificate request: %{message}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:196
+#: ../lib/puppet/application/ssl.rb:211
 msgid "Downloading certificate '%{name}' from %{url}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:200
+#: ../lib/puppet/application/ssl.rb:215
 msgid "Downloaded certificate '%{name}' with fingerprint %{fingerprint}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:213 ../lib/puppet/application/ssl.rb:216
+#: ../lib/puppet/application/ssl.rb:228 ../lib/puppet/application/ssl.rb:231
 msgid "Failed to download certificate: %{message}"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:245 ../lib/puppet/application/ssl.rb:248
+#: ../lib/puppet/application/ssl.rb:260 ../lib/puppet/application/ssl.rb:263
 msgid "Failed to connect to the CA to determine if certificate %{certname} has been cleaned"
 msgstr ""
 
-#: ../lib/puppet/application/ssl.rb:275
+#: ../lib/puppet/application/ssl.rb:290
 msgid "Removed %{label} %{path}"
 msgstr ""
 
+#: ../lib/puppet/application/ssl.rb:307 ../lib/puppet/ssl/state_machine.rb:273
+msgid "Creating a new EC SSL key for %{name} using curve %{curve}"
+msgstr ""
+
+#: ../lib/puppet/application/ssl.rb:310
+msgid "Creating a new SSL key for %{name}"
+msgstr ""
+
 #: ../lib/puppet/configurer.rb:22
 msgid "Puppet configuration client"
 msgstr ""
@@ -1752,7 +1760,7 @@ msgstr ""
 msgid "Timeout waiting for exclusive lock on %{path}"
 msgstr ""
 
-#: ../lib/puppet/file_system/jruby.rb:19 ../lib/puppet/file_system/windows.rb:128 ../lib/puppet/util.rb:672
+#: ../lib/puppet/file_system/jruby.rb:19 ../lib/puppet/file_system/windows.rb:128 ../lib/puppet/util.rb:671
 msgid "Is a directory: %{directory}"
 msgstr ""
 
@@ -2226,11 +2234,11 @@ msgstr ""
 msgid "Run `puppet agent -t`"
 msgstr ""
 
-#: ../lib/puppet/http/client.rb:388
+#: ../lib/puppet/http/client.rb:390
 msgid "Sleeping for %{interval} seconds before retrying the request"
 msgstr ""
 
-#: ../lib/puppet/http/client.rb:438
+#: ../lib/puppet/http/client.rb:445
 msgid "HTTP REST queries cannot handle values of type '%{klass}'"
 msgstr ""
 
@@ -7335,7 +7343,7 @@ msgstr ""
 msgid "%{name} has not declared what class it wraps"
 msgstr ""
 
-#: ../lib/puppet/ssl/base.rb:32 ../lib/puppet/x509/cert_provider.rb:382
+#: ../lib/puppet/ssl/base.rb:32 ../lib/puppet/x509/cert_provider.rb:384
 msgid "Certname %{name} must not contain unprintable or non-ASCII characters"
 msgstr ""
 
@@ -8468,11 +8476,11 @@ msgstr ""
 msgid "path may not be nil"
 msgstr ""
 
-#: ../lib/puppet/util.rb:587
+#: ../lib/puppet/util.rb:586
 msgid "replace_file requires a block"
 msgstr ""
 
-#: ../lib/puppet/util.rb:591
+#: ../lib/puppet/util.rb:590
 msgid "replace_file default_mode: %{default_mode} is invalid"
 msgstr ""
 
@@ -8757,19 +8765,19 @@ msgstr ""
 msgid "Working directory %{cwd} does not exist!"
 msgstr ""
 
-#: ../lib/puppet/util/execution.rb:278
+#: ../lib/puppet/util/execution.rb:283
 msgid "Could not get output"
 msgstr ""
 
-#: ../lib/puppet/util/execution.rb:287
+#: ../lib/puppet/util/execution.rb:292
 msgid "Execution of '%{str}' returned %{exit_status}: %{output}"
 msgstr ""
 
-#: ../lib/puppet/util/execution.rb:364
+#: ../lib/puppet/util/execution.rb:369
 msgid "Could not execute posix command: %{detail}"
 msgstr ""
 
-#: ../lib/puppet/util/execution.rb:412
+#: ../lib/puppet/util/execution.rb:417
 msgid "Waiting for output; will sleep %{time_to_sleep} seconds"
 msgstr ""
 

data/man/man5/puppet.conf.5

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPETCONF" "5" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPETCONF" "5" "October 2023" "Puppet, Inc." "Puppet manual"
 \fBThis page is autogenerated; any changes will get overwritten\fR
 .
 .SH "Configuration settings"
@@ -849,7 +849,7 @@ Where individual hosts store and look for their certificates\.
 .IP "" 0
 .
 .SS "hostcert_renewal_interval"
-How often the Puppet agent refreshes its client certificate\. By default the client certificate is refreshed once every 30 days\. If a different duration is specified, then the agent will refresh its client certificate whenever it next runs and the elapsed time since the client certificate was last refreshed exceeds the duration\.
+When the Puppet agent refreshes its client certificate\. By default the client certificate will refresh 30 days before the certificate expires\. If a different duration is specified, then the agent will refresh its client certificate whenever it next runs and if the client certificate expires within the duration specified\.
 .
 .P
 In general, the duration should be greater than the \fBruninterval\fR\. Setting it to 0 will disable automatic renewal\.
@@ -973,7 +973,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
 The HTTP User\-Agent string to send when making network requests\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: \fBPuppet/8\.2\.0 Ruby/3\.1\.1\-p18 (x86_64\-linux)\fR
+\fIDefault\fR: \fBPuppet/8\.3\.0 Ruby/3\.1\.1\-p18 (x86_64\-linux)\fR
 .
 .IP "" 0
 .

data/man/man8/puppet-agent.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-AGENT" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-AGENT" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-agent\fR \- The puppet agent daemon

data/man/man8/puppet-apply.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-APPLY" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-APPLY" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-apply\fR \- Apply Puppet manifests locally

data/man/man8/puppet-catalog.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-CATALOG" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-CATALOG" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.

data/man/man8/puppet-config.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-CONFIG" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-CONFIG" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-config\fR \- Interact with Puppet\'s settings\.

data/man/man8/puppet-describe.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DESCRIBE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DESCRIBE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-describe\fR \- Display help about resource types

data/man/man8/puppet-device.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DEVICE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DEVICE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-device\fR \- Manage remote network devices

data/man/man8/puppet-doc.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-DOC" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-DOC" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-doc\fR \- Generate Puppet references

data/man/man8/puppet-epp.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-EPP" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-EPP" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.

data/man/man8/puppet-facts.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-FACTS" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-FACTS" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-facts\fR \- Retrieve and store facts\.

data/man/man8/puppet-filebucket.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-FILEBUCKET" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-FILEBUCKET" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket

data/man/man8/puppet-generate.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-GENERATE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-GENERATE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.

data/man/man8/puppet-help.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-HELP" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-HELP" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-help\fR \- Display Puppet help\.

data/man/man8/puppet-lookup.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-LOOKUP" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-LOOKUP" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-lookup\fR \- Interactive Hiera lookup

data/man/man8/puppet-module.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-MODULE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-MODULE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.

data/man/man8/puppet-node.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-NODE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-NODE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-node\fR \- View and manage node definitions\.

data/man/man8/puppet-parser.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-PARSER" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-PARSER" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-parser\fR \- Interact directly with the parser\.

data/man/man8/puppet-plugin.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-PLUGIN" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-PLUGIN" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.

data/man/man8/puppet-report.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-REPORT" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-REPORT" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-report\fR \- Create, display, and submit reports\.

data/man/man8/puppet-resource.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-RESOURCE" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-RESOURCE" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-resource\fR \- The resource abstraction layer shell

data/man/man8/puppet-script.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-SCRIPT" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-SCRIPT" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog

data/man/man8/puppet-ssl.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET\-SSL" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET\-SSL" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
@@ -42,6 +42,10 @@ submit_request
 Generate a certificate signing request (CSR) and submit it to the CA\. If a private and public key pair already exist, they will be used to generate the CSR\. Otherwise a new key pair will be generated\. If a CSR has already been submitted with the given \fBcertname\fR, then the operation will fail\.
 .
 .TP
+generate_request
+Generate a certificate signing request (CSR)\. If a private and public key pair already exist, they will be used to generate the CSR\. Otherwise a new key pair will be generated\.
+.
+.TP
 download_cert
 Download a certificate for this host\. If the current private key matches the downloaded certificate, then the certificate will be saved and used for subsequent requests\. If there is already an existing certificate, it will be overwritten\.
 .

data/man/man8/puppet.8

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPET" "8" "August 2023" "Puppet, Inc." "Puppet manual"
+.TH "PUPPET" "8" "October 2023" "Puppet, Inc." "Puppet manual"
 .
 .SH "NAME"
 \fBpuppet\fR
@@ -25,4 +25,4 @@ Specialized:
 catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
 .
 .P
-See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v8\.2\.0
+See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v8\.3\.0

data/spec/integration/type/exec_spec.rb

@@ -75,6 +75,19 @@ describe Puppet::Type.type(:exec), unless: Puppet::Util::Platform.jruby? do
     end
   end
 
+  context 'when an exec sends an EOF' do
+    let(:command) { ["/bin/bash", "-c", "exec /bin/sleep 1 >/dev/null 2>&1"] }
+
+    it 'should not take significant user time' do
+      exec = described_class.new :command => command, :path => ENV['PATH']
+      catalog.add_resource exec
+      timed_apply = Benchmark.measure { catalog.apply }
+      # In testing I found the user time before the patch in 4f35fd262e to be above
+      # 0.3, after the patch it was consistently below 0.1 seconds.
+      expect(timed_apply.utime).to be < 0.3
+    end
+  end
+
   context 'when command is a string' do
     let(:command) { "ruby -e 'File.open(\"#{path}\", \"w\") { |f| f.print \"foo\" }'" }
 

data/spec/lib/puppet_spec/verbose.rb

@@ -1,4 +1,4 @@
-# Support code for running stuff with warnings disabled.
+# Support code for running stuff with warnings disabled or enabled
 module Kernel
   def with_verbose_disabled
     verbose, $VERBOSE = $VERBOSE, nil
@@ -6,4 +6,13 @@ module Kernel
     $VERBOSE = verbose
     return result
   end
+
+  def with_verbose_enabled
+    verbose, $VERBOSE = $VERBOSE, true
+    begin
+      yield
+    ensure
+      $VERBOSE = verbose
+    end
+  end
 end

data/spec/unit/agent_spec.rb

@@ -15,19 +15,12 @@ class AgentTestClient
   end
 end
 
-def without_warnings
-  flag = $VERBOSE
-  $VERBOSE = nil
-  yield
-  $VERBOSE = flag
-end
-
 describe Puppet::Agent do
   before do
     @agent = Puppet::Agent.new(AgentTestClient, false)
 
     # make Puppet::Application safe for stubbing; restore in an :after block; silence warnings for this.
-    without_warnings { Puppet::Application = Class.new(Puppet::Application) }
+    with_verbose_disabled { Puppet::Application = Class.new(Puppet::Application) }
     allow(Puppet::Application).to receive(:clear?).and_return(true)
     Puppet::Application.class_eval do
       class << self
@@ -44,7 +37,7 @@ describe Puppet::Agent do
 
   after do
     # restore Puppet::Application from stub-safe subclass, and silence warnings
-    without_warnings { Puppet::Application = Puppet::Application.superclass }
+    with_verbose_disabled { Puppet::Application = Puppet::Application.superclass }
   end
 
   it "should set its client class at initialization" do

data/spec/unit/application/ssl_spec.rb

@@ -171,6 +171,50 @@ describe Puppet::Application::Ssl, unless: Puppet::Util::Platform.jruby? do
     end
   end
 
+  context 'when generating a CSR' do
+    let(:csr_path) { Puppet[:hostcsr] }
+    let(:requestdir) { Puppet[:requestdir] }
+
+    before do
+      ssl.command_line.args << 'generate_request'
+    end
+
+    it 'generates an RSA private key' do
+      File.unlink(Puppet[:hostprivkey])
+
+      expects_command_to_pass(%r{Generated certificate request in '#{csr_path}'})
+    end
+
+    it 'generates an EC private key' do
+      Puppet[:key_type] = 'ec'
+      File.unlink(Puppet[:hostprivkey])
+
+      expects_command_to_pass(%r{Generated certificate request in '#{csr_path}'})
+    end
+
+    it 'registers OIDs' do
+      expect(Puppet::SSL::Oids).to receive(:register_puppet_oids)
+
+      expects_command_to_pass(%r{Generated certificate request in '#{csr_path}'})
+    end
+
+    it 'saves the CSR locally' do
+      expects_command_to_pass(%r{Generated certificate request in '#{csr_path}'})
+
+      expect(Puppet::FileSystem).to be_exist(csr_path)
+    end
+
+    it 'accepts dns alt names' do
+      Puppet[:dns_alt_names] = 'majortom'
+
+      expects_command_to_pass
+
+      csr = Puppet::SSL::CertificateRequest.new(name)
+      csr.read(csr_path)
+      expect(csr.subject_alt_names).to include('DNS:majortom')
+    end
+  end
+
   context 'when downloading a certificate' do
     before do
       ssl.command_line.args << 'download_cert'
@@ -347,6 +391,11 @@ describe Puppet::Application::Ssl, unless: Puppet::Util::Platform.jruby? do
       expects_command_to_fail(%r{Failed to connect to the CA to determine if certificate #{name} has been cleaned})
     end
 
+    it 'raises if we have extra args' do
+      ssl.command_line.args << 'hostname.example.biz'
+      expects_command_to_fail(/Extra arguments detected: hostname.example.biz/)
+    end
+
     context 'when deleting local CA' do
       before do
         ssl.command_line.args << '--localca'

data/spec/unit/functions/split_spec.rb

@@ -50,4 +50,10 @@ describe 'the split function' do
   it 'should handle pattern in Regexp Type form with missing regular expression' do
     expect(split('ab',type_parser.parse('Regexp'))).to eql(['a', 'b'])
   end
+
+  it 'should handle sensitive String' do
+    expect(split(Puppet::Pops::Types::PSensitiveType::Sensitive.new('a,b'), ',')).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
+    expect(split(Puppet::Pops::Types::PSensitiveType::Sensitive.new('a,b'), /,/)).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
+    expect(split(Puppet::Pops::Types::PSensitiveType::Sensitive.new('a,b'), type_parser.parse('Regexp[/,/]'))).to be_a(Puppet::Pops::Types::PSensitiveType::Sensitive)
+  end
 end

data/spec/unit/info_service_spec.rb

@@ -47,7 +47,7 @@ describe "Puppet::InfoService" do
                                                                              :content => metadata.to_json}]]})
           File.write("#{modpath}/#{mod_name}/tasks/atask.json", "NOT JSON")
 
-          expect(Puppet).to receive(:send_log).with(:err, 'Failed to validate task')
+          expect(Puppet).to receive(:send_log).with(:err, /unexpected token at 'NOT JSON'/)
 
           @tasks = Puppet::InfoService.tasks_per_environment(env_name)
           expect(@tasks.map{|t| t[:name]}).to contain_exactly('test1::btask', 'test1::ctask')

data/spec/unit/ssl/certificate_signer_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe Puppet::SSL::CertificateSigner do
+  include PuppetSpec::Files
+
+  let(:wrong_key) { OpenSSL::PKey::RSA.new(512) }
+  let(:client_cert) { cert_fixture('signed.pem') }
+
+  # jruby-openssl >= 0.13.0 (JRuby >= 9.3.5.0) raises an error when signing a
+  # certificate when there is a discrepancy between the certificate and key.
+  it 'raises if client cert signature is invalid', if: Puppet::Util::Platform.jruby? && RUBY_VERSION.to_f >= 2.6 do
+    expect {
+      client_cert.sign(wrong_key, OpenSSL::Digest::SHA256.new)
+    }.to raise_error(OpenSSL::X509::CertificateError,
+                     'invalid public key data')
+  end
+end

data/spec/unit/ssl/ssl_provider_spec.rb

@@ -338,7 +338,7 @@ describe Puppet::SSL::SSLProvider do
       end
     end
 
-    it 'raises if intermediate CA signature is invalid' do
+    it 'raises if intermediate CA signature is invalid', unless: Puppet::Util::Platform.jruby? && RUBY_VERSION.to_f >= 2.6 do
       int = global_cacerts.last
       int.public_key = wrong_key.public_key if Puppet::Util::Platform.jruby?
       int.sign(wrong_key, OpenSSL::Digest::SHA256.new)

data/spec/unit/util/execution_spec.rb

@@ -29,6 +29,7 @@ describe Puppet::Util::Execution, if: !Puppet::Util::Platform.jruby? do
         allow(FFI::WIN32).to receive(:CloseHandle).with(thread_handle)
       else
         allow(Process).to receive(:waitpid2).with(pid, Process::WNOHANG).and_return(nil, [pid, double('child_status', :exitstatus => exitstatus)])
+        allow(Process).to receive(:waitpid2).with(pid, 0).and_return(nil, [pid, double('child_status', :exitstatus => exitstatus)])
         allow(Process).to receive(:waitpid2).with(pid).and_return([pid, double('child_status', :exitstatus => exitstatus)])
       end
     end