puppet 6.0.4-universal-darwin → 6.0.5-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (125) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +15 -15
  3. data/Rakefile +3 -1
  4. data/ext/solaris/smf/svc-puppetd +8 -1
  5. data/ext/solaris/smf/svc-puppetmasterd +8 -1
  6. data/lib/puppet/application/device.rb +48 -32
  7. data/lib/puppet/application/ssl.rb +31 -17
  8. data/lib/puppet/defaults.rb +2 -1
  9. data/lib/puppet/face/config.rb +1 -1
  10. data/lib/puppet/forge.rb +4 -1
  11. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +3 -1
  12. data/lib/puppet/pops/model/pn_transformer.rb +5 -0
  13. data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
  14. data/lib/puppet/pops/types/string_converter.rb +11 -2
  15. data/lib/puppet/provider/package/dnf.rb +2 -1
  16. data/lib/puppet/provider/package/windows/exe_package.rb +13 -0
  17. data/lib/puppet/provider/package/windows/msi_package.rb +8 -0
  18. data/lib/puppet/provider/package/windows/package.rb +9 -1
  19. data/lib/puppet/provider/package/yum.rb +1 -1
  20. data/lib/puppet/provider/parsedfile.rb +25 -4
  21. data/lib/puppet/provider/service/smf.rb +54 -0
  22. data/lib/puppet/provider/service/systemd.rb +2 -0
  23. data/lib/puppet/provider/service/upstart.rb +1 -0
  24. data/lib/puppet/rest/route.rb +1 -1
  25. data/lib/puppet/ssl/host.rb +23 -11
  26. data/lib/puppet/transaction.rb +4 -1
  27. data/lib/puppet/transaction/event_manager.rb +13 -1
  28. data/lib/puppet/transaction/resource_harness.rb +3 -1
  29. data/lib/puppet/util/command_line.rb +2 -3
  30. data/lib/puppet/util/filetype.rb +36 -4
  31. data/lib/puppet/util/selinux.rb +1 -1
  32. data/lib/puppet/util/windows/api_types.rb +1 -1
  33. data/lib/puppet/util/windows/registry.rb +29 -5
  34. data/lib/puppet/util/windows/service.rb +106 -99
  35. data/lib/puppet/version.rb +1 -1
  36. data/locales/ja/puppet.po +232 -183
  37. data/locales/puppet.pot +145 -117
  38. data/man/man5/puppet.conf.5 +3 -3
  39. data/man/man8/puppet-agent.8 +1 -1
  40. data/man/man8/puppet-apply.8 +1 -1
  41. data/man/man8/puppet-catalog.8 +1 -1
  42. data/man/man8/puppet-config.8 +2 -2
  43. data/man/man8/puppet-describe.8 +1 -1
  44. data/man/man8/puppet-device.8 +23 -19
  45. data/man/man8/puppet-doc.8 +1 -1
  46. data/man/man8/puppet-epp.8 +1 -1
  47. data/man/man8/puppet-facts.8 +1 -1
  48. data/man/man8/puppet-filebucket.8 +1 -1
  49. data/man/man8/puppet-generate.8 +1 -1
  50. data/man/man8/puppet-help.8 +1 -1
  51. data/man/man8/puppet-key.8 +1 -1
  52. data/man/man8/puppet-lookup.8 +1 -1
  53. data/man/man8/puppet-man.8 +1 -1
  54. data/man/man8/puppet-module.8 +1 -1
  55. data/man/man8/puppet-node.8 +1 -1
  56. data/man/man8/puppet-parser.8 +1 -1
  57. data/man/man8/puppet-plugin.8 +1 -1
  58. data/man/man8/puppet-report.8 +1 -1
  59. data/man/man8/puppet-resource.8 +1 -1
  60. data/man/man8/puppet-script.8 +1 -1
  61. data/man/man8/puppet-ssl.8 +6 -3
  62. data/man/man8/puppet-status.8 +1 -1
  63. data/man/man8/puppet.8 +2 -2
  64. data/spec/fixtures/unit/provider/service/smf/svcs_fmri.out +6 -0
  65. data/spec/fixtures/unit/provider/service/smf/svcs_multiple_fmris.out +13 -0
  66. data/spec/integration/ssl/key_spec.rb +0 -4
  67. data/spec/integration/transaction_spec.rb +559 -0
  68. data/spec/integration/util/windows/registry_spec.rb +39 -0
  69. data/spec/unit/application/device_spec.rb +10 -7
  70. data/spec/unit/application/lookup_spec.rb +2 -1
  71. data/spec/unit/application/ssl_spec.rb +21 -2
  72. data/spec/unit/forge/forge_spec.rb +4 -2
  73. data/spec/unit/functions/logging_spec.rb +10 -3
  74. data/spec/unit/indirector/yaml_spec.rb +1 -1
  75. data/spec/unit/pops/loaders/loader_spec.rb +6 -7
  76. data/spec/unit/pops/model/pn_transformer_spec.rb +4 -0
  77. data/spec/unit/pops/types/p_timespan_type_spec.rb +22 -0
  78. data/spec/unit/pops/types/p_timestamp_type_spec.rb +19 -0
  79. data/spec/unit/pops/types/string_converter_spec.rb +20 -0
  80. data/spec/unit/provider/group/ldap_spec.rb +22 -25
  81. data/spec/unit/provider/group/pw_spec.rb +7 -10
  82. data/spec/unit/provider/nameservice/directoryservice_spec.rb +97 -103
  83. data/spec/unit/provider/package/aix_spec.rb +5 -8
  84. data/spec/unit/provider/package/apt_spec.rb +3 -6
  85. data/spec/unit/provider/package/dnf_spec.rb +36 -37
  86. data/spec/unit/provider/package/dpkg_spec.rb +18 -21
  87. data/spec/unit/provider/package/freebsd_spec.rb +4 -7
  88. data/spec/unit/provider/package/gem_spec.rb +41 -41
  89. data/spec/unit/provider/package/hpux_spec.rb +7 -10
  90. data/spec/unit/provider/package/macports_spec.rb +13 -15
  91. data/spec/unit/provider/package/nim_spec.rb +3 -10
  92. data/spec/unit/provider/package/openbsd_spec.rb +14 -17
  93. data/spec/unit/provider/package/pip3_spec.rb +3 -6
  94. data/spec/unit/provider/package/pip_spec.rb +45 -49
  95. data/spec/unit/provider/package/pkgin_spec.rb +13 -18
  96. data/spec/unit/provider/package/pkgng_spec.rb +21 -24
  97. data/spec/unit/provider/package/puppet_gem_spec.rb +6 -9
  98. data/spec/unit/provider/package/tdnf_spec.rb +9 -12
  99. data/spec/unit/provider/package/yum_spec.rb +30 -16
  100. data/spec/unit/provider/package/zypper_spec.rb +17 -19
  101. data/spec/unit/provider/service/bsd_spec.rb +7 -9
  102. data/spec/unit/provider/service/daemontools_spec.rb +12 -16
  103. data/spec/unit/provider/service/debian_spec.rb +6 -10
  104. data/spec/unit/provider/service/freebsd_spec.rb +2 -2
  105. data/spec/unit/provider/service/openbsd_spec.rb +13 -17
  106. data/spec/unit/provider/service/rcng_spec.rb +2 -4
  107. data/spec/unit/provider/service/redhat_spec.rb +12 -11
  108. data/spec/unit/provider/service/runit_spec.rb +7 -14
  109. data/spec/unit/provider/service/smf_spec.rb +77 -13
  110. data/spec/unit/provider/service/src_spec.rb +11 -16
  111. data/spec/unit/provider/service/systemd_spec.rb +18 -0
  112. data/spec/unit/provider/user/hpux_spec.rb +3 -5
  113. data/spec/unit/provider/user/ldap_spec.rb +29 -32
  114. data/spec/unit/provider/user/pw_spec.rb +10 -13
  115. data/spec/unit/rest/route_spec.rb +1 -1
  116. data/spec/unit/ssl/host_spec.rb +21 -0
  117. data/spec/unit/ssl/key_spec.rb +2 -4
  118. data/spec/unit/transaction/event_manager_spec.rb +12 -1
  119. data/spec/unit/transaction/resource_harness_spec.rb +18 -0
  120. data/spec/unit/transaction_spec.rb +25 -0
  121. data/spec/unit/util/filetype_spec.rb +13 -5
  122. data/spec/unit/util/logging_spec.rb +0 -41
  123. data/spec/unit/util/monkey_patches_spec.rb +18 -5
  124. data/spec/unit/util/selinux_spec.rb +4 -0
  125. metadata +8 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9d05cbc4b083661115e49efe6dfc865051e650f81454ad360a57a8ff3fb18fd4
4
- data.tar.gz: 7f3ee431ecc2b7cba9e3918652e18216a69cc0dabf7a9c0b2fd94377c90fbcd4
3
+ metadata.gz: d34c5ebd73a762d6df54fc3ed4853b1de7c34e05918a745ef4a2c36065828a4d
4
+ data.tar.gz: 114ef1d3984ce2ae4238259557df37bc545c3070786ddeb3371e38c384ceee8e
5
5
  SHA512:
6
- metadata.gz: b13a76f5e141758210968a3829e5f36f569c46fea33e5f01b7ad95be5b29e43149f31ccaddfd93b8b64c3b3c588bd996f6f16e041949dc326c2776b2a630edb0
7
- data.tar.gz: dac192cc311a2b59124063fe1ad2bf3085f52d351ea9c55a69a5355c502d2f8daf175eb5c024880fb7bc8a41a1ce397c40eb64d705631aa2c0eab68536a66293
6
+ metadata.gz: e88e63a3839496a24a80a696ef210a0930e4192cd284700b7b87fb48f080140852b718b9c2cf7209b52579c01cc70a2bb4b6ef5a805d2f0df727bedb4192551f
7
+ data.tar.gz: 4ae4dd93f729f447cf501775eaaa9b22b00dffd74b2bb5de0d707b6bb315b81ba75a0543be1148c29b760ac598b7fe7aba4bdc3376e838162b978a981ad59100
@@ -1,9 +1,9 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- puppet (6.0.4)
4
+ puppet (6.0.5)
5
5
  CFPropertyList (~> 2.2)
6
- facter (>= 2.0.1, < 4)
6
+ facter (>= 2.4.0, < 4)
7
7
  fast_gettext (~> 1.1.2)
8
8
  hiera (>= 3.2.1, < 4)
9
9
  httpclient (~> 2.8)
@@ -32,8 +32,8 @@ GEM
32
32
  fast_gettext (~> 1.1.0)
33
33
  gettext (>= 3.0.2)
34
34
  locale
35
- hashdiff (0.3.7)
36
- hiera (3.4.5.13)
35
+ hashdiff (0.3.8)
36
+ hiera (3.5.0)
37
37
  hiera-eyaml (2.1.0)
38
38
  highline (~> 1.6.19)
39
39
  trollop (~> 2.0)
@@ -46,34 +46,34 @@ GEM
46
46
  locale (2.1.2)
47
47
  memory_profiler (0.9.12)
48
48
  metaclass (0.0.4)
49
- method_source (0.9.0)
50
- minitar (0.7)
49
+ method_source (0.9.2)
50
+ minitar (0.8)
51
51
  mocha (1.5.0)
52
52
  metaclass (~> 0.0.1)
53
- msgpack (1.2.4)
53
+ msgpack (1.2.6)
54
54
  multi_json (1.13.1)
55
55
  mustache (1.1.0)
56
- packaging (0.99.16)
57
- artifactory
56
+ packaging (0.99.21)
57
+ artifactory (~> 2)
58
58
  rake (~> 12.3)
59
59
  parallel (1.12.1)
60
- parser (2.5.1.2)
60
+ parser (2.5.3.0)
61
61
  ast (~> 2.4.0)
62
62
  powerpack (0.1.2)
63
- pry (0.11.3)
63
+ pry (0.12.2)
64
64
  coderay (~> 1.1.0)
65
65
  method_source (~> 0.9.0)
66
66
  public_suffix (3.0.3)
67
67
  puppet-resource_api (1.6.2)
68
68
  hocon (>= 1.0)
69
- puppetserver-ca (1.1.1)
69
+ puppetserver-ca (1.2.1)
70
70
  facter (>= 2.0.1, < 4)
71
71
  racc (1.4.9)
72
72
  rainbow (2.2.2)
73
73
  rake
74
- rake (12.3.1)
74
+ rake (12.3.2)
75
75
  rdiscount (2.2.0.1)
76
- rdoc (6.0.4)
76
+ rdoc (6.1.1)
77
77
  ronn (0.7.3)
78
78
  hpricot (>= 0.8.2)
79
79
  mustache (>= 0.7.0)
@@ -111,7 +111,7 @@ GEM
111
111
  semantic_puppet (1.0.2)
112
112
  text (1.3.1)
113
113
  trollop (2.9.9)
114
- unicode-display_width (1.4.0)
114
+ unicode-display_width (1.4.1)
115
115
  vcr (2.9.3)
116
116
  webmock (1.24.6)
117
117
  addressable (>= 2.3.6)
data/Rakefile CHANGED
@@ -101,7 +101,9 @@ task(:warnings) do
101
101
  puts "Checking modified files #{commit_range}"
102
102
  %x{git diff --diff-filter=ACM --name-only #{commit_range}}.each_line do |modified_file|
103
103
  modified_file.chomp!
104
- next unless File.extname(modified_file) == '.rb'
104
+ # Skip racc generated file as it can have many warnings that cannot be manually fixed
105
+ next if modified_file.end_with?("pops/parser/eparser.rb")
106
+ next if modified_file.start_with?('spec/fixtures/', 'acceptance/fixtures/') || File.extname(modified_file) != '.rb'
105
107
  puts modified_file
106
108
 
107
109
  stdout, stderr, _ = Open3.capture3("ruby -wc \"#{modified_file}\"")
@@ -12,7 +12,13 @@ exec_prefix=/opt/csw
12
12
  sysconfdir=/opt/csw/etc
13
13
  sbindir=/opt/csw/sbin
14
14
 
15
- pidfile=/var/run/puppetlabs/agent.pid
15
+ if [ -z $SMF_SYSVOL_FS ]; then
16
+ piddir=/var/run/puppetlabs
17
+ else
18
+ piddir=$SMF_SYSVOL_FS/puppetlabs
19
+ fi;
20
+
21
+ pidfile=$piddir/agent.pid
16
22
 
17
23
  case "$1" in
18
24
  start)
@@ -20,6 +26,7 @@ start)
20
26
  # Start daemons.
21
27
 
22
28
  printf "Starting Puppet client services:"
29
+ mkdir -p $piddir
23
30
 
24
31
  /opt/csw/sbin/puppetd
25
32
 
@@ -8,7 +8,13 @@ exec_prefix=/opt/csw
8
8
  sysconfdir=/opt/csw/etc
9
9
  sbindir=/opt/csw/sbin
10
10
 
11
- pidfile=/var/run/puppetlabs/master.pid
11
+ if [ -z $SMF_SYSVOL_FS ]; then
12
+ piddir=/var/run/puppetlabs
13
+ else
14
+ piddir=$SMF_SYSVOL_FS/puppetlabs
15
+ fi;
16
+
17
+ pidfile=$piddir/master.pid
12
18
 
13
19
  case "$1" in
14
20
  start)
@@ -16,6 +22,7 @@ start)
16
22
  # Start daemons.
17
23
 
18
24
  printf "Starting Puppet server services:"
25
+ mkdir -p $piddir
19
26
 
20
27
  /opt/csw/sbin/puppetmasterd
21
28
 
@@ -1,4 +1,5 @@
1
1
  require 'puppet/application'
2
+ require 'puppet/configurer'
2
3
  require 'puppet/util/network_device'
3
4
 
4
5
  class Puppet::Application::Device < Puppet::Application
@@ -53,6 +54,10 @@ class Puppet::Application::Device < Puppet::Application
53
54
  options[:detailed_exitcodes] = true
54
55
  end
55
56
 
57
+ option("--libdir LIBDIR") do |arg|
58
+ options[:libdir] = arg
59
+ end
60
+
56
61
  option("--apply MANIFEST") do |arg|
57
62
  options[:apply] = arg.to_s
58
63
  end
@@ -93,10 +98,11 @@ a scheduled task, or a similar tool.
93
98
 
94
99
  USAGE
95
100
  -----
96
- puppet device [-d|--debug] [--detailed-exitcodes] [--deviceconfig <file>]
97
- [-h|--help] [-l|--logdest syslog|<file>|console]
98
- [-v|--verbose] [-w|--waitforcert <seconds>] [-f|--facts]
99
- [-a|--apply <file>] [-r|--resource <type> [name]]
101
+ puppet device [-h|--help] [-v|--verbose] [-d|--debug]
102
+ [-l|--logdest syslog|<file>|console] [--detailed-exitcodes]
103
+ [--deviceconfig <file>] [-w|--waitforcert <seconds>]
104
+ [--libdir <directory>]
105
+ [-a|--apply <file>] [-f|--facts] [-r|--resource <type> [name]]
100
106
  [-t|--target <device>] [--user=<user>] [-V|--version]
101
107
 
102
108
 
@@ -135,9 +141,25 @@ Note that any setting that's valid in the configuration file is also a valid
135
141
  long argument. For example, 'server' is a valid configuration parameter, so
136
142
  you can specify '--server <servername>' as an argument.
137
143
 
138
- * --debug:
144
+ * --help, -h:
145
+ Print this help message
146
+
147
+ * --verbose, -v:
148
+ Turn on verbose reporting.
149
+
150
+ * --debug, -d:
139
151
  Enable full debugging.
140
152
 
153
+ * --logdest, -l:
154
+ Where to send log messages. Choose between 'syslog' (the POSIX syslog
155
+ service), 'console', or the path to a log file. If debugging or verbosity is
156
+ enabled, this defaults to 'console'. Otherwise, it defaults to 'syslog'.
157
+
158
+ A path ending with '.json' will receive structured output in JSON format. The
159
+ log file will not have an ending ']' automatically written to it due to the
160
+ appending nature of logging. It must be appended manually to make the content
161
+ valid JSON.
162
+
141
163
  * --detailed-exitcodes:
142
164
  Provide transaction information via exit codes. If this is enabled, an exit
143
165
  code of '1' means at least one device had a compile failure, an exit code of
@@ -149,18 +171,16 @@ you can specify '--server <servername>' as an argument.
149
171
  Path to the device config file for puppet device.
150
172
  Default: $confdir/device.conf
151
173
 
152
- * --help:
153
- Print this help message
174
+ * --waitforcert, -w:
175
+ This option only matters for targets that do not yet have certificates
176
+ and it is enabled by default, with a value of 120 (seconds). This causes
177
+ +puppet device+ to poll the server every 2 minutes and ask it to sign a
178
+ certificate request. This is useful for the initial setup of a target.
179
+ You can turn off waiting for certificates by specifying a time of 0.
154
180
 
155
- * --logdest:
156
- Where to send log messages. Choose between 'syslog' (the POSIX syslog
157
- service), 'console', or the path to a log file. If debugging or verbosity is
158
- enabled, this defaults to 'console'. Otherwise, it defaults to 'syslog'.
159
-
160
- A path ending with '.json' will receive structured output in JSON format. The
161
- log file will not have an ending ']' automatically written to it due to the
162
- appending nature of logging. It must be appended manually to make the content
163
- valid JSON.
181
+ * --libdir:
182
+ Override the per-device libdir with a local directory. Specifying a libdir also
183
+ disables pluginsync. This is useful for testing.
164
184
 
165
185
  * --apply:
166
186
  Apply a manifest against a remote target. Target must be specified.
@@ -183,16 +203,6 @@ you can specify '--server <servername>' as an argument.
183
203
  * --user:
184
204
  The user to run as.
185
205
 
186
- * --verbose:
187
- Turn on verbose reporting.
188
-
189
- * --waitforcert:
190
- This option only matters for daemons that do not yet have certificates
191
- and it is enabled by default, with a value of 120 (seconds). This causes
192
- +puppet agent+ to connect to the server every 2 minutes and ask it to sign a
193
- certificate request. This is useful for the initial setup of a puppet
194
- client. You can turn off waiting for certificates by specifying a time of 0.
195
-
196
206
 
197
207
  EXAMPLE
198
208
  -------
@@ -205,7 +215,7 @@ Brice Figureau
205
215
 
206
216
  COPYRIGHT
207
217
  ---------
208
- Copyright (c) 2011 Puppet Inc., LLC
218
+ Copyright (c) 2011-2018 Puppet Inc., LLC
209
219
  Licensed under the Apache 2.0 License
210
220
  HELP
211
221
  end
@@ -222,11 +232,12 @@ Licensed under the Apache 2.0 License
222
232
  raise _("missing argument: --target is required when using --apply") if options[:target].nil?
223
233
  raise _("%{file} does not exist, cannot apply") % { file: options[:apply] } unless File.file?(options[:apply])
224
234
  end
235
+ libdir = Puppet[:libdir]
225
236
  vardir = Puppet[:vardir]
226
237
  confdir = Puppet[:confdir]
227
238
  certname = Puppet[:certname]
228
239
 
229
- env = Puppet.lookup(:environments).get(Puppet[:environment])
240
+ env = Puppet::Node::Environment.remote(Puppet[:environment])
230
241
  returns = Puppet.override(:current_environment => env, :loaders => Puppet::Pops::Loaders.new(env)) do
231
242
  # find device list
232
243
  require 'puppet/util/network_device/config'
@@ -251,9 +262,13 @@ Licensed under the Apache 2.0 License
251
262
 
252
263
  # override local $vardir and $certname
253
264
  Puppet[:confdir] = ::File.join(Puppet[:devicedir], device.name)
265
+ Puppet[:libdir] = options[:libdir] || ::File.join(Puppet[:devicedir], device.name, 'lib')
254
266
  Puppet[:vardir] = ::File.join(Puppet[:devicedir], device.name)
255
267
  Puppet[:certname] = device.name
256
268
 
269
+ unless options[:resource] || options[:facts] || options[:apply] || options[:libdir]
270
+ Puppet::Configurer::PluginHandler.new.download_plugins(env)
271
+ end
257
272
  # this init the device singleton, so that the facts terminus
258
273
  # and the various network_device provider can use it
259
274
  Puppet::Util::NetworkDevice.init(device)
@@ -305,17 +320,18 @@ Licensed under the Apache 2.0 License
305
320
  Puppet.settings.use :main, :agent, :ssl
306
321
  # ask for a ssl cert if needed, but at least
307
322
  # setup the ssl system for this device.
308
- setup_host
323
+ setup_host(device.name)
309
324
 
310
325
  require 'puppet/configurer'
311
326
  configurer = Puppet::Configurer.new
312
- configurer.run(:network_device => true, :pluginsync => Puppet::Configurer.should_pluginsync?)
327
+ configurer.run(:network_device => true, :pluginsync => Puppet::Configurer.should_pluginsync? && !options[:libdir])
313
328
  end
314
329
  rescue => detail
315
330
  Puppet.log_exception(detail)
316
331
  # If we rescued an error, then we return 1 as the exit code
317
332
  1
318
333
  ensure
334
+ Puppet[:libdir] = libdir
319
335
  Puppet[:vardir] = vardir
320
336
  Puppet[:confdir] = confdir
321
337
  Puppet[:certname] = certname
@@ -354,8 +370,8 @@ Licensed under the Apache 2.0 License
354
370
  end
355
371
  end
356
372
 
357
- def setup_host
358
- @host = Puppet::SSL::Host.new
373
+ def setup_host(name)
374
+ @host = Puppet::SSL::Host.new(name, true)
359
375
  waitforcert = options[:waitforcert] || (Puppet[:onetime] ? 0 : Puppet[:waitforcert])
360
376
  @host.wait_for_cert(waitforcert)
361
377
  end
@@ -21,7 +21,7 @@ to communicate with a puppet infrastructure.
21
21
 
22
22
  USAGE
23
23
  -----
24
- puppet ssl <action> [-h|--help] [-v|--verbose] [-d|--debug] [--localca]
24
+ puppet ssl <action> [-h|--help] [-v|--verbose] [-d|--debug] [--localca] [--target CERTNAME]
25
25
 
26
26
 
27
27
  OPTIONS
@@ -39,6 +39,8 @@ OPTIONS
39
39
  * --localca
40
40
  Also clean the local CA certificate and CRL.
41
41
 
42
+ * --target CERTNAME
43
+ Clean the specified device certificate instead of this host's certificate.
42
44
 
43
45
  ACTIONS
44
46
  -------
@@ -62,10 +64,14 @@ ACTIONS
62
64
  * clean:
63
65
  Remove the private key and certificate related files for this host. If
64
66
  `--localca` is specified, then also remove this host's local copy of the
65
- CA certificate(s) and CRL bundle.
67
+ CA certificate(s) and CRL bundle. if `--target CERTNAME` is specified, then
68
+ remove the files for the specified device on this host instead of this host.
66
69
  HELP
67
70
  end
68
71
 
72
+ option('--target CERTNAME') do |arg|
73
+ options[:target] = arg.to_s
74
+ end
69
75
  option('--localca')
70
76
  option('--verbose', '-v')
71
77
  option('--debug', '-d')
@@ -80,8 +86,17 @@ HELP
80
86
  raise Puppet::Error, _("An action must be specified.")
81
87
  end
82
88
 
83
- Puppet.settings.use(:main, :agent)
84
- host = Puppet::SSL::Host.new(options[:certname])
89
+ if options[:target]
90
+ # Override the following, as per lib/puppet/application/device.rb
91
+ Puppet[:certname] = options[:target]
92
+ Puppet[:confdir] = File.join(Puppet[:devicedir], Puppet[:certname])
93
+ Puppet[:vardir] = File.join(Puppet[:devicedir], Puppet[:certname])
94
+ host = Puppet::SSL::Host.new(Puppet[:certname], true)
95
+ Puppet.settings.use(:main, :agent, :device)
96
+ else
97
+ host = Puppet::SSL::Host.new(Puppet[:certname])
98
+ Puppet.settings.use(:main, :agent)
99
+ end
85
100
 
86
101
  action = command_line.args.first
87
102
  case action
@@ -166,16 +181,16 @@ HELP
166
181
 
167
182
  def clean(host)
168
183
  # make sure cert has been removed from the CA
169
- if Puppet[:certname] == Puppet[:ca_server]
184
+ if host.name == Puppet[:ca_server]
170
185
  cert =
171
186
  begin
172
- host.download_certificate_from_ca(Puppet[:certname])
187
+ host.download_certificate_from_ca(host.name)
173
188
  rescue => e
174
- raise Puppet::Error.new(_("Failed to connect to the CA to determine if certificate %{certname} has been cleaned") % { certname: Puppet[:certname] }, e)
189
+ raise Puppet::Error.new(_("Failed to connect to the CA to determine if certificate %{certname} has been cleaned") % { certname: host.name }, e)
175
190
  end
176
191
 
177
192
  if cert
178
- raise Puppet::Error, _(<<END) % { certname: Puppet[:certname] }
193
+ raise Puppet::Error, _(<<END) % { certname: host.name }
179
194
  The certificate %{certname} must be cleaned from the CA first. To fix this,
180
195
  run the following commands on the CA:
181
196
  puppetserver ca clean --certname %{certname}
@@ -184,16 +199,15 @@ END
184
199
  end
185
200
  end
186
201
 
187
- settings = {
188
- hostprivkey: 'private key',
189
- hostpubkey: 'public key',
190
- hostcsr: 'certificate request',
191
- hostcert: 'certificate',
192
- passfile: 'private key password file'
202
+ paths = {
203
+ 'private key' => Puppet[:hostprivkey],
204
+ 'public key' => Puppet[:hostpubkey],
205
+ 'certificate request' => File.join(Puppet[:requestdir], "#{Puppet[:certname]}.pem"),
206
+ 'certificate' => Puppet[:hostcert],
207
+ 'private key password file' => Puppet[:passfile]
193
208
  }
194
- settings.merge!(localcacert: 'local CA certificate', hostcrl: 'local CRL') if options[:localca]
195
- settings.each_pair do |setting, label|
196
- path = Puppet[setting]
209
+ paths.merge!('local CA certificate' => Puppet[:localcacert], 'local CRL' => Puppet[:hostcrl]) if options[:localca]
210
+ paths.each_pair do |label, path|
197
211
  if Puppet::FileSystem.exist?(path)
198
212
  Puppet::FileSystem.unlink(path)
199
213
  Puppet.notice _("Removed %{label} %{path}") % { label: label, path: path }
@@ -851,7 +851,8 @@ EOT
851
851
  :mode => "0644",
852
852
  :owner => "service",
853
853
  :group => "service",
854
- :desc => "Where individual hosts store and look for their certificate requests."
854
+ :deprecated => :completely,
855
+ :desc => "This setting is deprecated."
855
856
  },
856
857
  :hostcert => {
857
858
  :default => "$certdir/$certname.pem",
@@ -35,7 +35,7 @@ Puppet::Face.define(:config, '0.0.1') do
35
35
 
36
36
  action(:print) do
37
37
  summary _("Examine Puppet's current settings.")
38
- arguments _("(all | <setting> [<setting> ...]")
38
+ arguments _("all | <setting> [<setting> ...]")
39
39
  description <<-'EOT'
40
40
  Prints the value of a single setting or a list of settings.
41
41
 
@@ -17,6 +17,9 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
17
17
 
18
18
  USER_AGENT = "PMT/1.1.1 (v3; Net::HTTP)".freeze
19
19
 
20
+ # From https://forgeapi.puppet.com/#!/release/getReleases
21
+ MODULE_RELEASE_EXCLUSIONS=%w[readme changelog license uri module tags supported file_size downloads created_at updated_at deleted_at].join(',').freeze
22
+
20
23
  attr_reader :host, :repository
21
24
 
22
25
  def initialize(host = Puppet[:module_repository])
@@ -89,7 +92,7 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
89
92
  # @see SemanticPuppet::Dependency::Source#fetch
90
93
  def fetch(input)
91
94
  name = input.tr('/', '-')
92
- uri = "/v3/releases?module=#{name}&sort_by=version"
95
+ uri = "/v3/releases?module=#{name}&sort_by=version&exclude_fields=#{MODULE_RELEASE_EXCLUSIONS}"
93
96
  if Puppet[:module_groups]
94
97
  uri += "&module_groups=#{Puppet[:module_groups].gsub('+', ' ')}"
95
98
  end