puppet 4.7.0-universal-darwin → 4.7.1-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

data/Gemfile CHANGED
@@ -53,6 +53,9 @@ group(:development, :test) do
53
53
 
54
54
  gem 'rdoc', "~> 4.1", :platforms => [:ruby]
55
55
 
56
+ # webmock requires addressable as as of 2.5.0 addressable started
57
+ # requiring the public_suffix gem which requires Ruby 2
58
+ gem 'addressable', '< 2.5.0'
56
59
  gem 'webmock', '~> 1.24'
57
60
  gem 'vcr', '~> 2.9'
58
61
  end
data/Rakefile CHANGED
@@ -83,8 +83,8 @@ task(:commits) do
83
83
  # populated with the range of commits the PR contains. If not available, this
84
84
  # falls back to `master..HEAD` as a next best bet as `master` is unlikely to
85
85
  # ever be absent.
86
- commit_range = ENV['TRAVIS_COMMIT_RANGE'].nil? ? 'master..HEAD' : ENV['TRAVIS_COMMIT_RANGE']
87
- puts "Checking commits..."
86
+ commit_range = ENV['TRAVIS_COMMIT_RANGE'].nil? ? 'master..HEAD' : ENV['TRAVIS_COMMIT_RANGE'].sub(/\.\.\./, '..')
87
+ puts "Checking commits #{commit_range}"
88
88
  %x{git log --no-merges --pretty=%s #{commit_range}}.each_line do |commit_summary|
89
89
  # This regex tests for the currently supported commit summary tokens: maint, doc, packaging, or pup-<number>.
90
90
  # The exception tries to explain it in more full.
@@ -1,3 +1,13 @@
1
+ #
2
+ # Local settings can be configured without being overwritten by package upgrades, for example
3
+ # if you want to increase puppet open-files-limit to 10000,
4
+ # you need to increase systemd's LimitNOFILE setting, so create a file named
5
+ # "/etc/systemd/system/puppet.service.d/limits.conf" containing:
6
+ # [Service]
7
+ # LimitNOFILE=10000
8
+ # You can confirm it worked by running systemctl daemon-reload
9
+ # then running systemctl show puppet | grep LimitNOFILE
10
+ #
1
11
  [Unit]
2
12
  Description=Puppet agent
3
13
  Wants=basic.target
@@ -59,7 +59,7 @@ module Puppet::Network::HTTP::Error
59
59
 
60
60
  def initialize(original_error, issue_kind = Issues::RUNTIME_ERROR)
61
61
  super("Server Error: " + original_error.message, CODE, issue_kind)
62
- @backtrace = original_error.backtrace
62
+ @backtrace = ["Warning: The 'stacktrace' property is deprecated and will be removed in a future version of Puppet. For security reasons, stacktraces are not returned with Puppet HTTP Error responses."]
63
63
  end
64
64
 
65
65
  def to_json
@@ -68,7 +68,8 @@ module Puppet::Network::HTTP::Handler
68
68
  new_response.respond_with(e.status, "application/json", e.to_json)
69
69
  rescue StandardError => e
70
70
  http_e = Puppet::Network::HTTP::Error::HTTPServerError.new(e)
71
- Puppet.err(http_e.message)
71
+ log_msg = [http_e.message, *e.backtrace].join("\n")
72
+ Puppet.err(log_msg)
72
73
  new_response.respond_with(http_e.status, "application/json", http_e.to_json)
73
74
  ensure
74
75
  if profiler
@@ -1,5 +1,5 @@
1
1
  Puppet::Parser::Functions::newfunction(
2
- :lest,
2
+ :then,
3
3
  :type => :rvalue,
4
4
  :arity => -2,
5
5
  :doc => <<-DOC
@@ -31,7 +31,7 @@ notice $data.dig(a, b, 1, x).then |$x| { $x * 2 }
31
31
  Which would notice `undef` since the last lookup of 'x' results in `undef` which
32
32
  is returned (without calling the lambda given to the `then` function).
33
33
 
34
- As a result there is no need for conditional logic or a temporary (non local)
34
+ As a result there is no need for conditional logic or a temporary (non local)
35
35
  variable as the result is now either the wanted value (`x`) multiplied
36
36
  by 2 or `undef`.
37
37
 
@@ -2,18 +2,20 @@ module Puppet
2
2
  Type.newtype(:ssh_authorized_key) do
3
3
  @doc = "Manages SSH authorized keys. Currently only type 2 keys are supported.
4
4
 
5
- In their native habitat, SSH keys usually appear as a single long line. This
6
- resource type requires you to split that line into several attributes. Thus, a
7
- key that appears in your `~/.ssh/id_rsa.pub` file like this...
5
+ In their native habitat, SSH keys usually appear as a single long line, in
6
+ the format `<TYPE> <KEY> <NAME/COMMENT>`. This resource type requires you
7
+ to split that line into several attributes. Thus, a key that appears in
8
+ your `~/.ssh/id_rsa.pub` file like this...
8
9
 
9
- ssh-rsa AAAAB3Nza[...]qXfdaQ== nick@magpie.puppetlabs.lan
10
+ ssh-rsa AAAAB3Nza[...]qXfdaQ== nick@magpie.example.com
10
11
 
11
12
  ...would translate to the following resource:
12
13
 
13
- ssh_authorized_key { 'nick@magpie.puppetlabs.lan':
14
- user => 'nick',
15
- type => 'ssh-rsa',
16
- key => 'AAAAB3Nza[...]qXfdaQ== nick@magpie.puppetlabs.lan',
14
+ ssh_authorized_key { 'nick@magpie.example.com':
15
+ ensure => present,
16
+ user => 'nick',
17
+ type => 'ssh-rsa',
18
+ key => 'AAAAB3Nza[...]qXfdaQ==',
17
19
  }
18
20
 
19
21
  To ensure that only the currently approved keys are present, you can purge
@@ -36,8 +38,12 @@ module Puppet
36
38
  ensurable
37
39
 
38
40
  newparam(:name) do
39
- desc "The SSH key comment. This attribute is currently used as a
40
- system-wide primary key and therefore has to be unique."
41
+ desc "The SSH key comment. This can be anything, and doesn't need to match
42
+ the original comment from the `.pub` file.
43
+
44
+ Due to internal limitations, this must be unique across all user accounts;
45
+ if you want to specify one key for multiple users, you must use a different
46
+ comment for each instance."
41
47
 
42
48
  isnamevar
43
49
 
@@ -1,7 +1,7 @@
1
1
  require 'puppet/util/tag_set'
2
2
 
3
3
  module Puppet::Util::Tagging
4
- ValidTagRegex = /^[0-9A-Za-z_][0-9A-Za-z_:.-]*$/
4
+ ValidTagRegex = /\A[0-9A-Za-z_][0-9A-Za-z_:.-]*\Z/
5
5
 
6
6
  # Add a tag to the current tag set.
7
7
  # When a tag set is used for a scope, these tags will be added to all of
@@ -7,7 +7,7 @@
7
7
 
8
8
 
9
9
  module Puppet
10
- PUPPETVERSION = '4.7.0'
10
+ PUPPETVERSION = '4.7.1'
11
11
 
12
12
  ##
13
13
  # version is a public API method intended to always provide a fast and
@@ -8,7 +8,7 @@ describe Puppet::Util::Windows::SID::Principal, :if => Puppet.features.microsoft
8
8
  let (:system_bytes) { [1, 1, 0, 0, 0, 0, 0, 5, 18, 0, 0, 0] }
9
9
  let (:null_sid_bytes) { bytes = [1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] }
10
10
  let (:administrator_bytes) { [1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 32, 2, 0, 0] }
11
- let (:computer_sid) { Puppet::Util::Windows::SID.name_to_sid_object(Socket.gethostname) }
11
+ let (:computer_sid) { Puppet::Util::Windows::SID.name_to_sid_object(Puppet::Util::Windows::ADSI.computer_name) }
12
12
  # BUILTIN is localized on German Windows, but not French
13
13
  # looking this up like this dilutes the values of the tests as we're comparing two mechanisms
14
14
  # for returning the same values, rather than to a known good
@@ -64,7 +64,7 @@ describe Puppet::Util::Windows::SID::Principal, :if => Puppet.features.microsoft
64
64
  # otherwise running in AppVeyor there is no Administrator and a the current local user can be used
65
65
  skip if (running_as_system && !user_exists)
66
66
 
67
- hostname = Socket.gethostname
67
+ hostname = Puppet::Util::Windows::ADSI.computer_name
68
68
 
69
69
  principal = Puppet::Util::Windows::SID::Principal.lookup_account_name("#{hostname}\\#{username}")
70
70
  expect(principal.account).to match(/^#{Regexp.quote(username)}$/i)
@@ -129,7 +129,7 @@ describe Puppet::Util::Windows::Registry do
129
129
 
130
130
  let (:hklm) { Win32::Registry::HKEY_LOCAL_MACHINE }
131
131
  let (:puppet_key) { "SOFTWARE\\Puppet Labs"}
132
- let (:subkey_name) { "PuppetRegistryTest" }
132
+ let (:subkey_name) { "PuppetRegistryTest#{SecureRandom.uuid}" }
133
133
  let (:guid) { SecureRandom.uuid }
134
134
  let (:regsam) { Puppet::Util::Windows::Registry::KEY32 }
135
135
 
@@ -187,7 +187,7 @@ describe Puppet::Util::Windows::Registry do
187
187
  context "when reading values" do
188
188
  let (:hklm) { Win32::Registry::HKEY_LOCAL_MACHINE }
189
189
  let (:puppet_key) { "SOFTWARE\\Puppet Labs"}
190
- let (:subkey_name) { "PuppetRegistryTest" }
190
+ let (:subkey_name) { "PuppetRegistryTest#{SecureRandom.uuid}" }
191
191
  let (:value_name) { SecureRandom.uuid }
192
192
 
193
193
  after(:each) do
@@ -228,7 +228,7 @@ describe Puppet::Util::Windows::Registry do
228
228
  context "when reading corrupt values" do
229
229
  let (:hklm) { Win32::Registry::HKEY_LOCAL_MACHINE }
230
230
  let (:puppet_key) { "SOFTWARE\\Puppet Labs"}
231
- let (:subkey_name) { "PuppetRegistryTest" }
231
+ let (:subkey_name) { "PuppetRegistryTest#{SecureRandom.uuid}" }
232
232
  let (:value_name) { SecureRandom.uuid }
233
233
 
234
234
  before(:each) do
@@ -254,4 +254,4 @@ describe Puppet::Util::Windows::Registry do
254
254
  end
255
255
  end
256
256
  end
257
- end
257
+ end
@@ -15,7 +15,7 @@ describe Puppet::Network::HTTP::Error do
15
15
  end
16
16
 
17
17
  describe Puppet::Network::HTTP::Error::HTTPServerError do
18
- it "should serialize to JSON that matches the error schema and has the optional stacktrace property" do
18
+ it "should serialize to JSON that matches the error schema and has a deprecated stacktrace property" do
19
19
  begin
20
20
  raise Exception, "a wild Exception appeared!"
21
21
  rescue Exception => e
@@ -24,6 +24,7 @@ describe Puppet::Network::HTTP::Error do
24
24
  error = Puppet::Network::HTTP::Error::HTTPServerError.new(culpable)
25
25
 
26
26
  expect(error.to_json).to validate_against('api/schemas/error.json')
27
+ expect(error.to_json).to match(/The 'stacktrace' property is deprecated/)
27
28
  end
28
29
  end
29
30
 
@@ -74,9 +74,16 @@ describe Puppet::Network::HTTP::Handler do
74
74
  expect(res[:status]).to eq(404)
75
75
  end
76
76
 
77
- it "returns a structured error response with a stacktrace when the server encounters an internal error" do
77
+ it "returns a structured error response when the server encounters an internal error" do
78
+ error = StandardError.new("the sky is falling!")
79
+ original_stacktrace = ['a.rb', 'b.rb']
80
+ error.set_backtrace(original_stacktrace)
81
+
78
82
  handler = PuppetSpec::Handler.new(
79
- Puppet::Network::HTTP::Route.path(/.*/).get(lambda { |_, _| raise StandardError.new("the sky is falling!")}))
83
+ Puppet::Network::HTTP::Route.path(/.*/).get(lambda { |_, _| raise error}))
84
+
85
+ # Stacktraces should be included in logs
86
+ Puppet.expects(:err).with("Server Error: the sky is falling!\na.rb\nb.rb")
80
87
 
81
88
  req = a_request("GET", "/vtest/foo")
82
89
  res = {}
@@ -89,7 +96,8 @@ describe Puppet::Network::HTTP::Handler do
89
96
  expect(res_body["issue_kind"]).to eq(Puppet::Network::HTTP::Issues::RUNTIME_ERROR.to_s)
90
97
  expect(res_body["message"]).to eq("Server Error: the sky is falling!")
91
98
  expect(res_body["stacktrace"].is_a?(Array) && !res_body["stacktrace"].empty?).to be_truthy
92
- expect(res_body["stacktrace"][0]).to match("spec/unit/network/http/handler_spec.rb")
99
+ expect(res_body["stacktrace"][0]).to match(/The 'stacktrace' property is deprecated/)
100
+ expect(res_body["stacktrace"] & original_stacktrace).to be_empty
93
101
  expect(res[:status]).to eq(500)
94
102
  end
95
103
 
@@ -287,7 +287,7 @@ describe Puppet::SSL::CertificateRequest do
287
287
  exts = {"thats.no.moon" => "death star"}
288
288
  expect do
289
289
  request.generate(key, :extension_requests => exts)
290
- end.to raise_error Puppet::Error, /Cannot create CSR with extension request thats\.no\.moon: first num too large/
290
+ end.to raise_error Puppet::Error, /Cannot create CSR with extension request thats\.no\.moon.*: first num too large/
291
291
  end
292
292
  end
293
293
 
@@ -148,7 +148,12 @@ describe Puppet::Transaction::Persistence do
148
148
  persistence = Puppet::Transaction::Persistence.new
149
149
 
150
150
  if Puppet.features.microsoft_windows?
151
- expect { persistence.save }.to raise_error(Puppet::Util::Windows::Error, /Access is denied/)
151
+ expect do
152
+ persistence.save
153
+ end.to raise_error do |error|
154
+ expect(error).to be_a(Puppet::Util::Windows::Error)
155
+ expect(error.code).to eq(5) # ERROR_ACCESS_DENIED
156
+ end
152
157
  else
153
158
  expect { persistence.save }.to raise_error(Errno::EISDIR, /Is a directory/)
154
159
  end
@@ -36,6 +36,10 @@ describe Puppet::Util::Tagging do
36
36
  expect { tagger.tag("bad tag") }.to raise_error(Puppet::ParseError)
37
37
  end
38
38
 
39
+ it "should fail on tags containing newline characters" do
40
+ expect { tagger.tag("bad\ntag") }.to raise_error(Puppet::ParseError)
41
+ end
42
+
39
43
  it "should allow alpha tags" do
40
44
  expect { tagger.tag("good_tag") }.not_to raise_error
41
45
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.7.0
4
+ version: 4.7.1
5
5
  prerelease:
6
6
  platform: universal-darwin
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-09-22 00:00:00.000000000 Z
12
+ date: 2017-01-17 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: facter