puppet 3.0.2 → 3.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/Gemfile +13 -11
- data/README.md +9 -7
- data/README_DEVELOPER.md +21 -30
- data/bin/extlookup2hiera +0 -0
- data/conf/auth.conf +42 -26
- data/conf/fileserver.conf +41 -0
- data/conf/tagmail.conf +16 -0
- data/examples/hiera/modules/data/manifests/common.pp +2 -1
- data/examples/hiera/modules/ntp/manifests/config.pp +4 -3
- data/examples/hiera/modules/ntp/manifests/data.pp +2 -1
- data/examples/hiera/modules/users/manifests/common.pp +2 -1
- data/examples/hiera/modules/users/manifests/dc1.pp +2 -1
- data/examples/hiera/modules/users/manifests/development.pp +2 -1
- data/examples/hiera/site.pp +1 -1
- data/ext/debian/fileserver.conf +39 -15
- data/ext/envpuppet +2 -0
- data/ext/gentoo/puppet/fileserver.conf +41 -12
- data/ext/ips/puppet-agent +1 -6
- data/ext/ips/puppetagent.xml +0 -4
- data/ext/osx/postflight.erb +109 -0
- data/ext/project_data.yaml +2 -2
- data/ext/redhat/fileserver.conf +41 -12
- data/ext/redhat/puppet.spec.erb +8 -13
- data/install.rb +2 -5
- data/lib/puppet.rb +30 -13
- data/lib/puppet/application.rb +34 -16
- data/lib/puppet/application/agent.rb +4 -4
- data/lib/puppet/application/master.rb +25 -5
- data/lib/puppet/defaults.rb +11 -7
- data/lib/puppet/dsl.rb +7 -3
- data/lib/puppet/dsl/actions.rb +283 -0
- data/lib/puppet/dsl/blank_slate.rb +55 -0
- data/lib/puppet/dsl/context.rb +393 -0
- data/lib/puppet/dsl/parser.rb +57 -0
- data/lib/puppet/dsl/resource_decorator.rb +56 -0
- data/lib/puppet/dsl/resource_reference.rb +95 -0
- data/lib/puppet/dsl/type_reference.rb +102 -0
- data/lib/puppet/error.rb +1 -1
- data/lib/puppet/face/help.rb +2 -4
- data/lib/puppet/face/man.rb +8 -2
- data/lib/puppet/feature/pson.rb +1 -3
- data/lib/puppet/indirector/catalog/active_record.rb +3 -0
- data/lib/puppet/indirector/catalog/compiler.rb +1 -2
- data/lib/puppet/indirector/catalog/queue.rb +4 -0
- data/lib/puppet/indirector/catalog/static_compiler.rb +30 -0
- data/lib/puppet/indirector/catalog/store_configs.rb +3 -0
- data/lib/puppet/indirector/certificate_request/rest.rb +1 -0
- data/lib/puppet/indirector/certificate_revocation_list/rest.rb +1 -0
- data/lib/puppet/indirector/certificate_status/file.rb +4 -0
- data/lib/puppet/indirector/certificate_status/rest.rb +1 -0
- data/lib/puppet/indirector/facts/active_record.rb +3 -0
- data/lib/puppet/indirector/facts/couch.rb +3 -0
- data/lib/puppet/indirector/facts/inventory_active_record.rb +4 -0
- data/lib/puppet/indirector/facts/store_configs.rb +3 -0
- data/lib/puppet/indirector/file_metadata/rest.rb +2 -0
- data/lib/puppet/indirector/instrumentation_data/local.rb +3 -0
- data/lib/puppet/indirector/instrumentation_data/rest.rb +3 -0
- data/lib/puppet/indirector/instrumentation_listener/local.rb +3 -0
- data/lib/puppet/indirector/instrumentation_listener/rest.rb +3 -0
- data/lib/puppet/indirector/instrumentation_probe/local.rb +3 -0
- data/lib/puppet/indirector/instrumentation_probe/rest.rb +3 -0
- data/lib/puppet/indirector/node/active_record.rb +3 -0
- data/lib/puppet/indirector/node/rest.rb +2 -2
- data/lib/puppet/indirector/node/store_configs.rb +3 -0
- data/lib/puppet/indirector/node/write_only_yaml.rb +32 -0
- data/lib/puppet/indirector/queue.rb +0 -1
- data/lib/puppet/indirector/request.rb +1 -2
- data/lib/puppet/indirector/resource/active_record.rb +4 -0
- data/lib/puppet/indirector/resource/ral.rb +3 -0
- data/lib/puppet/indirector/resource/rest.rb +3 -0
- data/lib/puppet/indirector/resource/store_configs.rb +3 -0
- data/lib/puppet/indirector/run/local.rb +3 -0
- data/lib/puppet/indirector/ssl_file.rb +16 -14
- data/lib/puppet/indirector/status/local.rb +3 -0
- data/lib/puppet/indirector/status/rest.rb +4 -0
- data/lib/puppet/interface.rb +78 -3
- data/lib/puppet/interface/action.rb +39 -3
- data/lib/puppet/interface/action_builder.rb +74 -1
- data/lib/puppet/interface/action_manager.rb +33 -3
- data/lib/puppet/interface/documentation.rb +116 -5
- data/lib/puppet/interface/face_collection.rb +6 -7
- data/lib/puppet/interface/option.rb +10 -1
- data/lib/puppet/interface/option_builder.rb +29 -1
- data/lib/puppet/interface/option_manager.rb +21 -6
- data/lib/puppet/metatype/manager.rb +47 -9
- data/lib/puppet/module_tool.rb +0 -1
- data/lib/puppet/network/formats.rb +0 -2
- data/lib/puppet/node.rb +2 -3
- data/lib/puppet/node/environment.rb +14 -1
- data/lib/puppet/parameter.rb +309 -44
- data/lib/puppet/parameter/package_options.rb +5 -0
- data/lib/puppet/parameter/path.rb +26 -3
- data/lib/puppet/parameter/value.rb +30 -6
- data/lib/puppet/parameter/value_collection.rb +82 -20
- data/lib/puppet/parser.rb +3 -0
- data/lib/puppet/parser/ast/definition.rb +2 -5
- data/lib/puppet/parser/ast/hostclass.rb +2 -3
- data/lib/puppet/parser/ast/node.rb +2 -5
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/compiler.rb +10 -0
- data/lib/puppet/parser/functions.rb +111 -7
- data/lib/puppet/parser/functions/create_resources.rb +23 -2
- data/lib/puppet/parser/functions/defined.rb +1 -1
- data/lib/puppet/parser/functions/extlookup.rb +2 -1
- data/lib/puppet/parser/functions/fail.rb +1 -1
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/fqdn_rand.rb +1 -1
- data/lib/puppet/parser/functions/generate.rb +1 -1
- data/lib/puppet/parser/functions/hiera.rb +1 -1
- data/lib/puppet/parser/functions/hiera_array.rb +1 -1
- data/lib/puppet/parser/functions/hiera_hash.rb +1 -1
- data/lib/puppet/parser/functions/hiera_include.rb +1 -1
- data/lib/puppet/parser/functions/include.rb +1 -1
- data/lib/puppet/parser/functions/inline_template.rb +1 -1
- data/lib/puppet/parser/functions/md5.rb +1 -1
- data/lib/puppet/parser/functions/realize.rb +1 -1
- data/lib/puppet/parser/functions/regsubst.rb +54 -57
- data/lib/puppet/parser/functions/require.rb +1 -0
- data/lib/puppet/parser/functions/search.rb +1 -1
- data/lib/puppet/parser/functions/sha1.rb +1 -1
- data/lib/puppet/parser/functions/shellquote.rb +1 -1
- data/lib/puppet/parser/functions/split.rb +1 -2
- data/lib/puppet/parser/functions/sprintf.rb +7 -10
- data/lib/puppet/parser/functions/tag.rb +1 -1
- data/lib/puppet/parser/functions/tagged.rb +1 -1
- data/lib/puppet/parser/functions/template.rb +1 -1
- data/lib/puppet/parser/functions/versioncmp.rb +1 -5
- data/lib/puppet/parser/parser_support.rb +11 -27
- data/lib/puppet/parser/scope.rb +48 -4
- data/lib/puppet/parser/type_loader.rb +31 -7
- data/lib/puppet/property.rb +304 -70
- data/lib/puppet/property/ensure.rb +14 -1
- data/lib/puppet/property/keyvalue.rb +17 -8
- data/lib/puppet/property/list.rb +3 -0
- data/lib/puppet/property/ordered_list.rb +7 -0
- data/lib/puppet/provider.rb +275 -53
- data/lib/puppet/provider/augeas/augeas.rb +17 -3
- data/lib/puppet/provider/confiner.rb +30 -1
- data/lib/puppet/provider/group/pw.rb +2 -2
- data/lib/puppet/provider/package/pip.rb +0 -1
- data/lib/puppet/provider/package/pkgin.rb +2 -0
- data/lib/puppet/provider/service/bsd.rb +1 -1
- data/lib/puppet/provider/service/freebsd.rb +10 -6
- data/lib/puppet/provider/service/init.rb +1 -1
- data/lib/puppet/provider/service/service.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +2 -2
- data/lib/puppet/provider/user/useradd.rb +2 -3
- data/lib/puppet/reference/configuration.rb +6 -0
- data/lib/puppet/reports.rb +44 -4
- data/lib/puppet/reports/tagmail.rb +1 -1
- data/lib/puppet/resource.rb +38 -25
- data/lib/puppet/resource/type.rb +14 -6
- data/lib/puppet/settings.rb +66 -142
- data/lib/puppet/settings/config_file.rb +99 -0
- data/lib/puppet/settings/file_setting.rb +92 -24
- data/lib/puppet/settings/value_translator.rb +15 -0
- data/lib/puppet/ssl/certificate_authority/interface.rb +2 -2
- data/lib/puppet/test/test_helper.rb +8 -3
- data/lib/puppet/transaction.rb +1 -2
- data/lib/puppet/transaction/report.rb +122 -13
- data/lib/puppet/type.rb +763 -150
- data/lib/puppet/type/augeas.rb +4 -0
- data/lib/puppet/type/file/ensure.rb +1 -1
- data/lib/puppet/type/file/group.rb +1 -1
- data/lib/puppet/type/file/mode.rb +2 -0
- data/lib/puppet/type/file/selcontext.rb +1 -0
- data/lib/puppet/type/group.rb +12 -0
- data/lib/puppet/type/mount.rb +2 -2
- data/lib/puppet/type/notify.rb +1 -1
- data/lib/puppet/type/router.rb +1 -1
- data/lib/puppet/type/service.rb +1 -0
- data/lib/puppet/type/ssh_authorized_key.rb +3 -1
- data/lib/puppet/type/user.rb +8 -1
- data/lib/puppet/util.rb +8 -0
- data/lib/puppet/util/autoload.rb +7 -10
- data/lib/puppet/util/classgen.rb +58 -33
- data/lib/puppet/util/command_line.rb +120 -77
- data/lib/puppet/util/constant_inflector.rb +2 -0
- data/lib/puppet/util/execution.rb +63 -33
- data/lib/puppet/util/filetype.rb +1 -1
- data/lib/puppet/util/manifest_filetype_helper.rb +22 -0
- data/lib/puppet/util/methodhelper.rb +19 -0
- data/lib/puppet/util/monkey_patches.rb +46 -0
- data/lib/puppet/util/plugins.rb +2 -2
- data/lib/puppet/util/provider_features.rb +24 -8
- data/lib/puppet/util/rubygems.rb +8 -1
- data/lib/puppet/util/zaml.rb +1 -1
- data/lib/puppet/version.rb +74 -3
- data/spec/integration/application/apply_spec.rb +1 -1
- data/spec/integration/defaults_spec.rb +1 -0
- data/spec/integration/dsl/classes_spec.rb +191 -0
- data/spec/integration/dsl/defaults_spec.rb +38 -0
- data/spec/integration/dsl/definitions_spec.rb +73 -0
- data/spec/integration/dsl/functions_spec.rb +95 -0
- data/spec/integration/dsl/nodes_spec.rb +96 -0
- data/spec/integration/dsl/params_spec.rb +146 -0
- data/spec/integration/dsl/relationships_spec.rb +46 -0
- data/spec/integration/dsl/resources_spec.rb +202 -0
- data/spec/integration/dsl/type_loading_spec.rb +64 -0
- data/spec/integration/indirector/catalog/queue_spec.rb +1 -1
- data/spec/integration/network/formats_spec.rb +32 -45
- data/spec/integration/parser/collector_spec.rb +105 -25
- data/spec/integration/parser/scope_spec.rb +64 -1
- data/spec/integration/resource/catalog_spec.rb +2 -4
- data/spec/integration/type/package_spec.rb +1 -1
- data/spec/lib/matchers/catalog.rb +50 -0
- data/spec/lib/puppet_spec/compiler.rb +11 -0
- data/spec/lib/puppet_spec/dsl.rb +29 -0
- data/spec/spec_helper.rb +17 -3
- data/spec/unit/application/agent_spec.rb +0 -1
- data/spec/unit/application/apply_spec.rb +1 -1
- data/spec/unit/application/face_base_spec.rb +11 -4
- data/spec/unit/application/indirection_base_spec.rb +4 -8
- data/spec/unit/application/kick_spec.rb +5 -2
- data/spec/unit/application/master_spec.rb +0 -6
- data/spec/unit/application_spec.rb +38 -14
- data/spec/unit/dsl/actions_spec.rb +402 -0
- data/spec/unit/dsl/blank_slate_spec.rb +27 -0
- data/spec/unit/dsl/context_spec.rb +678 -0
- data/spec/unit/dsl/parser_spec.rb +56 -0
- data/spec/unit/dsl/resource_decorator_spec.rb +94 -0
- data/spec/unit/dsl/resource_reference_spec.rb +150 -0
- data/spec/unit/dsl/type_reference_spec.rb +164 -0
- data/spec/unit/face/help_spec.rb +5 -7
- data/spec/unit/indirector/certificate_request/rest_spec.rb +4 -0
- data/spec/unit/indirector/certificate_revocation_list/rest_spec.rb +4 -0
- data/spec/unit/indirector/certificate_status/rest_spec.rb +4 -0
- data/spec/unit/indirector/file_metadata/rest_spec.rb +5 -0
- data/spec/unit/indirector/hiera_spec.rb +3 -1
- data/spec/unit/indirector/queue_spec.rb +1 -7
- data/spec/unit/indirector/ssl_file_spec.rb +66 -39
- data/spec/unit/module_spec.rb +1 -1
- data/spec/unit/network/authstore_spec.rb +22 -1
- data/spec/unit/network/formats_spec.rb +1 -1
- data/spec/unit/node/environment_spec.rb +13 -0
- data/spec/unit/parser/collector_spec.rb +1 -1
- data/spec/unit/parser/compiler_spec.rb +26 -0
- data/spec/unit/parser/functions/create_resources_spec.rb +12 -1
- data/spec/unit/parser/functions/extlookup_spec.rb +4 -4
- data/spec/unit/parser/functions/hiera_array_spec.rb +1 -1
- data/spec/unit/parser/functions/hiera_hash_spec.rb +1 -1
- data/spec/unit/parser/functions/hiera_include_spec.rb +1 -1
- data/spec/unit/parser/functions/hiera_spec.rb +1 -1
- data/spec/unit/parser/functions/regsubst_spec.rb +4 -4
- data/spec/unit/parser/functions/split_spec.rb +4 -4
- data/spec/unit/parser/functions/sprintf_spec.rb +2 -2
- data/spec/unit/parser/functions/versioncmp_spec.rb +4 -4
- data/spec/unit/parser/functions_spec.rb +51 -1
- data/spec/unit/parser/parser_spec.rb +0 -14
- data/spec/unit/parser/type_loader_spec.rb +15 -1
- data/spec/unit/provider/augeas/augeas_spec.rb +31 -0
- data/spec/unit/provider/package/apt_spec.rb +0 -2
- data/spec/unit/provider/package/pip_spec.rb +12 -2
- data/spec/unit/provider/service/freebsd_spec.rb +8 -0
- data/spec/unit/provider/service/gentoo_spec.rb +20 -20
- data/spec/unit/provider/service/openrc_spec.rb +20 -20
- data/spec/unit/provider/service/src_spec.rb +4 -4
- data/spec/unit/provider/service/systemd_spec.rb +0 -8
- data/spec/unit/provider/service/windows_spec.rb +1 -1
- data/spec/unit/provider/user/useradd_spec.rb +2 -9
- data/spec/unit/relationship_spec.rb +2 -2
- data/spec/unit/resource/catalog_spec.rb +2 -2
- data/spec/unit/resource/type_spec.rb +49 -25
- data/spec/unit/resource_spec.rb +34 -2
- data/spec/unit/settings/config_file_spec.rb +100 -0
- data/spec/unit/settings/file_setting_spec.rb +87 -84
- data/spec/unit/settings/value_translator_spec.rb +77 -0
- data/spec/unit/settings_spec.rb +96 -29
- data/spec/unit/type/file/ensure_spec.rb +75 -36
- data/spec/unit/type/file_spec.rb +0 -68
- data/spec/unit/type/group_spec.rb +10 -0
- data/spec/unit/util/autoload_spec.rb +6 -0
- data/spec/unit/util/command_line_spec.rb +54 -62
- data/spec/unit/util/manifest_filetype_helper_spec.rb +29 -0
- data/spec/unit/util/metric_spec.rb +0 -9
- data/spec/unit/util/posix_spec.rb +0 -4
- data/spec/unit/util/rdoc_spec.rb +0 -12
- data/spec/unit/util/zaml_spec.rb +188 -130
- data/spec/unit/version_spec.rb +42 -0
- metadata +123 -90
- data/README_HIERA.md +0 -148
- data/conf/epm.list +0 -8
- data/conf/namespaceauth.conf +0 -20
- data/conf/puppet-queue.conf +0 -10
- data/examples/allatonce +0 -13
- data/examples/assignments +0 -11
- data/examples/components +0 -73
- data/examples/etc/init.d/sleeper +0 -70
- data/examples/etc/otherfile +0 -0
- data/examples/etc/puppet/fileserver.conf +0 -13
- data/examples/etc/puppet/namespaceauth.conf +0 -20
- data/examples/etc/puppet/puppet.conf +0 -10
- data/examples/etc/puppet/tagmail.conf +0 -1
- data/examples/execs +0 -16
- data/examples/file.bl +0 -11
- data/examples/filedefaults +0 -10
- data/examples/fileparsing +0 -116
- data/examples/filerecursion +0 -15
- data/examples/functions +0 -3
- data/examples/groups +0 -7
- data/examples/head +0 -30
- data/examples/importing +0 -8
- data/examples/mac_dscl.pp +0 -28
- data/examples/mac_dscl_revert.pp +0 -26
- data/examples/mac_pkgdmg.pp +0 -7
- data/examples/modules/sample_module.pp +0 -10
- data/examples/modules/sample_module/lib/puppet/parser/functions/hostname_to_dn.rb +0 -36
- data/examples/modules/sample_module/manifests/init.pp +0 -12
- data/examples/modules/sample_module/templates/sample.erb +0 -5
- data/examples/nodes +0 -20
- data/examples/one +0 -8
- data/examples/relationships +0 -34
- data/examples/selectors +0 -28
- data/examples/simpletests +0 -11
- data/examples/svncommit +0 -13
- data/lib/puppet/dsl/resource_api.rb +0 -120
- data/lib/puppet/dsl/resource_type_api.rb +0 -34
- data/spec/integration/parser/ruby_manifest_spec.rb +0 -127
- data/spec/unit/dsl/resource_api_spec.rb +0 -180
- data/spec/unit/dsl/resource_type_api_spec.rb +0 -53
data/Gemfile
CHANGED
@@ -1,13 +1,10 @@
|
|
1
1
|
source :rubygems
|
2
2
|
|
3
|
-
# This is a fake version just to make bundler happy during development
|
4
|
-
FAKE_VERSION = '9999.0.0'
|
5
|
-
|
6
3
|
def location_for(place)
|
7
4
|
if place =~ /^(git:[^#]*)#(.*)/
|
8
5
|
[{ :git => $1, :branch => $2, :require => false }]
|
9
6
|
elsif place =~ /^file:\/\/(.*)/
|
10
|
-
[
|
7
|
+
['>= 0', { :path => File.expand_path($1), :require => false }]
|
11
8
|
else
|
12
9
|
[place, { :require => false }]
|
13
10
|
end
|
@@ -15,17 +12,22 @@ end
|
|
15
12
|
|
16
13
|
group(:development, :test) do
|
17
14
|
gem "puppet", *location_for('file://.')
|
18
|
-
gem "facter", *location_for(ENV['FACTER_LOCATION'] || '~> 1.6
|
19
|
-
gem "hiera", *location_for(ENV['HIERA_LOCATION'] || '~> 1.0
|
20
|
-
gem "rack", "~> 1.4
|
21
|
-
gem "rake",
|
22
|
-
gem "rspec", "~> 2.
|
15
|
+
gem "facter", *location_for(ENV['FACTER_LOCATION'] || '~> 1.6')
|
16
|
+
gem "hiera", *location_for(ENV['HIERA_LOCATION'] || '~> 1.0')
|
17
|
+
gem "rack", "~> 1.4", :require => false
|
18
|
+
gem "rake", :require => false
|
19
|
+
gem "rspec", "~> 2.11.0", :require => false
|
23
20
|
gem "mocha", "~> 0.10.5", :require => false
|
21
|
+
gem "activerecord", *location_for('~> 3.0.7')
|
22
|
+
gem "couchrest", *location_for('~> 1.0')
|
23
|
+
gem "net-ssh", *location_for('~> 2.1')
|
24
|
+
gem "puppetlabs_spec_helper"
|
25
|
+
gem "sqlite3"
|
26
|
+
gem "stomp"
|
27
|
+
gem "tzinfo"
|
24
28
|
end
|
25
29
|
|
26
30
|
platforms :mswin, :mingw do
|
27
|
-
# See http://jenkins.puppetlabs.com/ for current Gem listings for the Windows
|
28
|
-
# CI Jobs.
|
29
31
|
gem "sys-admin", "~> 1.5.6", :require => false
|
30
32
|
gem "win32-api", "~> 1.4.8", :require => false
|
31
33
|
gem "win32-dir", "~> 0.3.7", :require => false
|
data/README.md
CHANGED
@@ -1,7 +1,9 @@
|
|
1
1
|
Puppet
|
2
2
|
======
|
3
3
|
|
4
|
-
|
4
|
+
[![Build Status](https://travis-ci.org/puppetlabs/puppet.png?branch=master)](https://travis-ci.org/puppetlabs/puppet)
|
5
|
+
|
6
|
+
Puppet, an automated administrative engine for your Linux, Unix, and Windows systems, performs
|
5
7
|
administrative tasks (such as adding users, installing packages, and updating server
|
6
8
|
configurations) based on a centralized specification.
|
7
9
|
|
@@ -14,11 +16,7 @@ Installation
|
|
14
16
|
|
15
17
|
Generally, you need the following things installed:
|
16
18
|
|
17
|
-
* A supported Ruby version. Ruby 1.8.
|
18
|
-
(with a handful of known issues under 1.9.2); Ruby 1.8.1 is supported on a
|
19
|
-
best-effort basis for agent use only. Other versions of Ruby are used at your
|
20
|
-
own risk, and Ruby 1.8.6, 1.9.0, and 1.9.1 are not recommended for
|
21
|
-
compatibility reasons.
|
19
|
+
* A supported Ruby version. Ruby 1.8.7, and 1.9.3 are fully supported.
|
22
20
|
|
23
21
|
* The Ruby OpenSSL library. For some reason, this often isn't included
|
24
22
|
in the main ruby distributions. You can test for it by running
|
@@ -48,4 +46,8 @@ See LICENSE file.
|
|
48
46
|
Support
|
49
47
|
-------
|
50
48
|
|
51
|
-
Please log tickets and issues at our [Projects
|
49
|
+
Please log tickets and issues at our [Projects
|
50
|
+
site](http://projects.puppetlabs.com). A [mailing
|
51
|
+
list](https://groups.google.com/forum/?fromgroups#!forum/puppet-users) is
|
52
|
+
available for asking questions and getting help from others. In addition there
|
53
|
+
is an active #puppet channel on Freenode.
|
data/README_DEVELOPER.md
CHANGED
@@ -3,36 +3,13 @@
|
|
3
3
|
This file is intended to provide a place for developers and contributors to
|
4
4
|
document what other developers need to know about changes made to Puppet.
|
5
5
|
|
6
|
-
#
|
6
|
+
# Internal Structures
|
7
7
|
|
8
|
-
|
9
|
-
repository, is considered dangerous. The reason we consider RVM to be
|
10
|
-
dangerous is because the default behavior of RVM is to hijack the builtin
|
11
|
-
behavior of the shell, causing Gemfile files to be loaded and evaluated when
|
12
|
-
the shell changes directories into the project root.
|
13
|
-
|
14
|
-
This behavior causes the CI Job execution environment that runs with `set -e`
|
15
|
-
to be incompatible with RVM.
|
16
|
-
|
17
|
-
We work around this issue by disabling the per-project RC file parsing using
|
18
|
-
|
19
|
-
if ! grep -qx rvm_project_rvmrc=0 ~/.rvmrc; then
|
20
|
-
echo rvm_project_rvmrc=0 >> ~/.rvmrc
|
21
|
-
fi
|
22
|
-
|
23
|
-
When we setup CI nodes, but this is not standard or expected behavior.
|
24
|
-
|
25
|
-
Please consider rbenv instead of rvm. The default behavior of rvm is difficult
|
26
|
-
to maintain with `set -e` shell environments.
|
27
|
-
|
28
|
-
# Two Types of Catalog
|
8
|
+
## Two Types of Catalog
|
29
9
|
|
30
10
|
When working on subsystems of Puppet that deal with the catalog it is important
|
31
|
-
to be aware of the two different types of Catalog.
|
32
|
-
|
33
|
-
to determine if an upgrade in Puppet produces the same configuration catalogs.
|
34
|
-
As a developer I've run into this difference while working on spec tests for
|
35
|
-
the static compiler and working on spec tests for types and providers.
|
11
|
+
to be aware of the two different types of Catalog. Developers will often find
|
12
|
+
this difference while working on the static compiler and types and providers.
|
36
13
|
|
37
14
|
The two different types of catalog becomes relevant when writing spec tests
|
38
15
|
because we frequently need to wire up a fake catalog so that we can exercise
|
@@ -48,7 +25,7 @@ is used to apply the configuration model to the system.
|
|
48
25
|
Resource dependency information is most easily obtained from a RAL catalog by
|
49
26
|
walking the graph instance produced by the `relationship_graph` method.
|
50
27
|
|
51
|
-
|
28
|
+
### Resource Catalog
|
52
29
|
|
53
30
|
If you're writing spec tests for something that deals with a catalog "server
|
54
31
|
side," a new catalog terminus for example, then you'll be dealing with a
|
@@ -73,7 +50,7 @@ Resource dependencies are not easily walked using a resource catalog however.
|
|
73
50
|
To walk the dependency tree convert the catalog to a RAL catalog as described
|
74
51
|
in
|
75
52
|
|
76
|
-
|
53
|
+
### RAL Catalog
|
77
54
|
|
78
55
|
The resource catalog may be converted to a RAL catalog using `catalog.to_ral`.
|
79
56
|
The RAL catalog contains `Puppet::Type` instances instead of `Puppet::Resource`
|
@@ -403,7 +380,7 @@ This special filebucket resource named "puppet" will cause the agent to fetch
|
|
403
380
|
file contents specified by checksum from the remote filebucket instead of the
|
404
381
|
default clientbucket.
|
405
382
|
|
406
|
-
##
|
383
|
+
## Trying out the Static Compiler
|
407
384
|
|
408
385
|
Create a module that recursively downloads something. The jeffmccune-filetest
|
409
386
|
module will recursively copy the rubygems source tree.
|
@@ -434,4 +411,18 @@ checksum representing the content. When managing an out of sync file resource,
|
|
434
411
|
the real contents should be fetched from the server instead of the
|
435
412
|
clientbucket.
|
436
413
|
|
414
|
+
Package Maintainers
|
415
|
+
=====
|
416
|
+
|
417
|
+
Software Version API
|
418
|
+
-----
|
419
|
+
|
420
|
+
Please see the public API regarding the software version as described in
|
421
|
+
`lib/puppet/version.rb`. Puppet provides the means to easily specify the exact
|
422
|
+
version of the software packaged using the VERSION file, for example:
|
423
|
+
|
424
|
+
$ git describe --match "3.0.*" > lib/puppet/VERSION
|
425
|
+
$ ruby -r puppet/version -e 'puts Puppet.version'
|
426
|
+
3.0.1-260-g9ca4e54
|
427
|
+
|
437
428
|
EOF
|
data/bin/extlookup2hiera
CHANGED
File without changes
|
data/conf/auth.conf
CHANGED
@@ -1,15 +1,19 @@
|
|
1
|
-
# This is
|
2
|
-
#
|
1
|
+
# This is the default auth.conf file, which implements the default rules
|
2
|
+
# used by the puppet master. (That is, the rules below will still apply
|
3
|
+
# even if this file is deleted.)
|
3
4
|
#
|
4
|
-
# The ACLs are evaluated in top-down order. More
|
5
|
-
#
|
6
|
-
#
|
7
|
-
#
|
5
|
+
# The ACLs are evaluated in top-down order. More specific stanzas should
|
6
|
+
# be towards the top of the file and more general ones at the bottom;
|
7
|
+
# otherwise, the general rules may "steal" requests that should be
|
8
|
+
# governed by the specific rules.
|
9
|
+
#
|
10
|
+
# See http://docs.puppetlabs.com/guides/rest_auth_conf.html for a more complete
|
11
|
+
# description of auth.conf's behavior.
|
8
12
|
#
|
9
13
|
# Supported syntax:
|
10
|
-
# Each stanza in auth.conf starts with a path to
|
14
|
+
# Each stanza in auth.conf starts with a path to match, followed
|
11
15
|
# by optional modifiers, and finally, a series of allow or deny
|
12
|
-
# directives.
|
16
|
+
# directives.
|
13
17
|
#
|
14
18
|
# Example Stanza
|
15
19
|
# ---------------------------------
|
@@ -18,25 +22,33 @@
|
|
18
22
|
# [environment envlist]
|
19
23
|
# [method methodlist]
|
20
24
|
# [auth[enthicated] {yes|no|on|off|any}]
|
21
|
-
# allow [host|backreference
|
22
|
-
# deny [host|backreference
|
25
|
+
# allow [host|backreference|*|regex]
|
26
|
+
# deny [host|backreference|*|regex]
|
23
27
|
# allow_ip [ip|cidr|ip_wildcard|*]
|
24
28
|
# deny_ip [ip|cidr|ip_wildcard|*]
|
25
29
|
#
|
26
|
-
# The path match can either be a simple prefix match or a regular
|
30
|
+
# The path match can either be a simple prefix match or a regular
|
27
31
|
# expression. `path /file` would match both `/file_metadata` and
|
28
32
|
# `/file_content`. Regex matches allow the use of backreferences
|
29
33
|
# in the allow/deny directives.
|
30
|
-
#
|
34
|
+
#
|
31
35
|
# The regex syntax is the same as for Ruby regex, and captures backreferences
|
32
36
|
# for use in the `allow` and `deny` lines of that stanza
|
33
37
|
#
|
34
38
|
# Examples:
|
35
|
-
# path ~ ^/path/to/resource # equivalent to `path /path/to/resource`
|
36
|
-
# allow *
|
37
39
|
#
|
38
|
-
# path ~ ^/
|
39
|
-
# allow
|
40
|
+
# path ~ ^/path/to/resource # Equivalent to `path /path/to/resource`.
|
41
|
+
# allow * # Allow all authenticated nodes (since auth
|
42
|
+
# # defaults to `yes`).
|
43
|
+
#
|
44
|
+
# path ~ ^/catalog/([^/]+)$ # Permit nodes to access their own catalog (by
|
45
|
+
# allow $1 # certname), but not any other node's catalog.
|
46
|
+
#
|
47
|
+
# path ~ ^/file_(metadata|content)/extra_files/ # Only allow certain nodes to
|
48
|
+
# auth yes # access the "extra_files"
|
49
|
+
# allow /^(.+)\.example\.com$/ # mount point; note this must
|
50
|
+
# allow_ip 192.168.100.0/24 # go ABOVE the "/file" rule,
|
51
|
+
# # since it is more specific.
|
40
52
|
#
|
41
53
|
# environment:: restrict an ACL to a comma-separated list of environments
|
42
54
|
# method:: restrict an ACL to a comma-separated list of HTTP methods
|
@@ -45,7 +57,7 @@
|
|
45
57
|
# (ie exactly as if auth yes was present).
|
46
58
|
#
|
47
59
|
|
48
|
-
### Authenticated
|
60
|
+
### Authenticated ACLs - these rules apply only when the client
|
49
61
|
### has a valid certificate and is thus authenticated
|
50
62
|
|
51
63
|
# allow nodes to retrieve their own catalog
|
@@ -68,33 +80,37 @@ path /report
|
|
68
80
|
method save
|
69
81
|
allow *
|
70
82
|
|
71
|
-
#
|
72
|
-
#
|
73
|
-
#
|
83
|
+
# Allow all nodes to access all file services; this is necessary for
|
84
|
+
# pluginsync, file serving from modules, and file serving from custom
|
85
|
+
# mount points (see fileserver.conf). Note that the `/file` prefix matches
|
86
|
+
# requests to both the file_metadata and file_content paths. See "Examples"
|
87
|
+
# above if you need more granular access control for custom mount points.
|
74
88
|
path /file
|
75
89
|
allow *
|
76
90
|
|
77
|
-
### Unauthenticated
|
78
|
-
###
|
79
|
-
### there isn't a great harm in letting that request through.
|
91
|
+
### Unauthenticated ACLs, for clients without valid certificates; authenticated
|
92
|
+
### clients can also access these paths, though they rarely need to.
|
80
93
|
|
81
|
-
# allow access to the
|
94
|
+
# allow access to the CA certificate; unauthenticated nodes need this
|
95
|
+
# in order to validate the puppet master's certificate
|
82
96
|
path /certificate/ca
|
83
97
|
auth any
|
84
98
|
method find
|
85
99
|
allow *
|
86
100
|
|
101
|
+
# allow nodes to retrieve the certificate they requested earlier
|
87
102
|
path /certificate/
|
88
103
|
auth any
|
89
104
|
method find
|
90
105
|
allow *
|
91
106
|
|
107
|
+
# allow nodes to request a new certificate
|
92
108
|
path /certificate_request
|
93
109
|
auth any
|
94
110
|
method find, save
|
95
111
|
allow *
|
96
112
|
|
97
|
-
# this
|
98
|
-
#
|
113
|
+
# deny everything else; this ACL is not strictly necessary, but
|
114
|
+
# illustrates the default policy.
|
99
115
|
path /
|
100
116
|
auth any
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# fileserver.conf
|
2
|
+
|
3
|
+
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in
|
4
|
+
# <module name>/files/<file name> is available to authenticated nodes at
|
5
|
+
# puppet:///modules/<module name>/<file name>. You do not need to edit this
|
6
|
+
# file to enable this.
|
7
|
+
|
8
|
+
# MOUNT POINTS
|
9
|
+
|
10
|
+
# If you need to serve files from a directory that is NOT in a module,
|
11
|
+
# you must create a static mount point in this file:
|
12
|
+
#
|
13
|
+
# [extra_files]
|
14
|
+
# path /etc/puppet/files
|
15
|
+
# allow *
|
16
|
+
#
|
17
|
+
# In the example above, anything in /etc/puppet/files/<file name> would be
|
18
|
+
# available to authenticated nodes at puppet:///extra_files/<file name>.
|
19
|
+
#
|
20
|
+
# Mount points may also use three placeholders as part of their path:
|
21
|
+
#
|
22
|
+
# %H - The node's certname.
|
23
|
+
# %h - The portion of the node's certname before the first dot. (Usually the
|
24
|
+
# node's short hostname.)
|
25
|
+
# %d - The portion of the node's certname after the first dot. (Usually the
|
26
|
+
# node's domain name.)
|
27
|
+
|
28
|
+
# PERMISSIONS
|
29
|
+
|
30
|
+
# Every static mount point should have an `allow *` line; setting more
|
31
|
+
# granular permissions in this file is deprecated. Instead, you can
|
32
|
+
# control file access in auth.conf by controlling the
|
33
|
+
# /file_metadata/<mount point> and /file_content/<mount point> paths:
|
34
|
+
#
|
35
|
+
# path ~ ^/file_(metadata|content)/extra_files/
|
36
|
+
# auth yes
|
37
|
+
# allow /^(.+)\.example\.com$/
|
38
|
+
# allow_ip 192.168.100.0/24
|
39
|
+
#
|
40
|
+
# If added to auth.conf BEFORE the "path /file" rule, the rule above
|
41
|
+
# will add stricter restrictions to the extra_files mount point.
|
data/conf/tagmail.conf
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
# tagmail.conf
|
2
|
+
|
3
|
+
# This file configures the `tagmail` report, which can be enabled by including
|
4
|
+
# tagmail in the puppet master's `reports` setting. (`reports = https, tagmail`)
|
5
|
+
|
6
|
+
# Each line in this file should consist of a comma-separated list of tags and/or
|
7
|
+
# negated tags (`!tag`), a colon, and a comma-separated list of email addresses.
|
8
|
+
# The `all` psuedo-tag will email all log events.
|
9
|
+
# See http://docs.puppetlabs.com/guides/configuring.html#tagmailconf for
|
10
|
+
# a complete description of this file.
|
11
|
+
|
12
|
+
# Example:
|
13
|
+
|
14
|
+
# all: log-archive@example.com
|
15
|
+
# webserver, !mailserver: httpadmins@example.com
|
16
|
+
# emerg, crit: james@example.com, zach@example.com, ben@example.com
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
1
|
+
# lookup ntpservers from hiera, or allow user of class to provide other value
|
2
|
+
class ntp::config($ntpservers = hiera('ntpservers')) {
|
3
|
+
file{'/tmp/ntp.conf':
|
4
|
+
content => template('ntp/ntp.conf.erb')
|
4
5
|
}
|
5
6
|
}
|
data/examples/hiera/site.pp
CHANGED
data/ext/debian/fileserver.conf
CHANGED
@@ -1,17 +1,41 @@
|
|
1
|
-
#
|
2
|
-
# defining where files are served from and to whom
|
1
|
+
# fileserver.conf
|
3
2
|
|
4
|
-
#
|
5
|
-
#
|
6
|
-
#
|
7
|
-
#
|
8
|
-
#[files]
|
9
|
-
# path /etc/puppet/files
|
10
|
-
# allow *.example.com
|
11
|
-
# deny *.evil.example.com
|
12
|
-
# allow 192.168.0.0/24
|
3
|
+
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in
|
4
|
+
# <module name>/files/<file name> is available to authenticated nodes at
|
5
|
+
# puppet:///modules/<module name>/<file name>. You do not need to edit this
|
6
|
+
# file to enable this.
|
13
7
|
|
14
|
-
#
|
15
|
-
|
16
|
-
#
|
17
|
-
#
|
8
|
+
# MOUNT POINTS
|
9
|
+
|
10
|
+
# If you need to serve files from a directory that is NOT in a module,
|
11
|
+
# you must create a static mount point in this file:
|
12
|
+
#
|
13
|
+
# [extra_files]
|
14
|
+
# path /etc/puppet/files
|
15
|
+
# allow *
|
16
|
+
#
|
17
|
+
# In the example above, anything in /etc/puppet/files/<file name> would be
|
18
|
+
# available to authenticated nodes at puppet:///extra_files/<file name>.
|
19
|
+
#
|
20
|
+
# Mount points may also use three placeholders as part of their path:
|
21
|
+
#
|
22
|
+
# %H - The node's certname.
|
23
|
+
# %h - The portion of the node's certname before the first dot. (Usually the
|
24
|
+
# node's short hostname.)
|
25
|
+
# %d - The portion of the node's certname after the first dot. (Usually the
|
26
|
+
# node's domain name.)
|
27
|
+
|
28
|
+
# PERMISSIONS
|
29
|
+
|
30
|
+
# Every static mount point should have an `allow *` line; setting more
|
31
|
+
# granular permissions in this file is deprecated. Instead, you can
|
32
|
+
# control file access in auth.conf by controlling the
|
33
|
+
# /file_metadata/<mount point> and /file_content/<mount point> paths:
|
34
|
+
#
|
35
|
+
# path ~ ^/file_(metadata|content)/extra_files/
|
36
|
+
# auth yes
|
37
|
+
# allow /^(.+)\.example\.com$/
|
38
|
+
# allow_ip 192.168.100.0/24
|
39
|
+
#
|
40
|
+
# If added to auth.conf BEFORE the "path /file" rule, the rule above
|
41
|
+
# will add stricter restrictions to the extra_files mount point.
|