puppet 6.13.0 → 6.14.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 77d2129b60ff6de7ba7a09cc3b6a5248977c58ae3787daf6d0cb2229c4bcc913
-  data.tar.gz: b69f4e35d6b46f3ee84c06f5179c30673ad1d893209d66397817810477bed9ff
+  metadata.gz: fc1216f1f77ee762e957b53119e4b3ece7c58f1bd70c3e0737b9c508a8a81be2
+  data.tar.gz: d24df2321580cf5576069d809557f5ba60668dbd227c1403f602f5d6b99d48f4
 SHA512:
-  metadata.gz: b9f16ed09bc8bad983e06482145e6444e14bd871bde8ef01be4043dbcb8ec053e43af3c5b08417e8ca19e30400b847d14c39a302f1b96c84c7dd86154fdda7b1
-  data.tar.gz: 691779a9ace904f1f598fc86d0cbc670f46bd93b9f85d7a0414f6130b6e27078efc31a836424ebb876d364b55f7c38b71598e605c0e7f0b562035c5731be8e5a
+  metadata.gz: '09c7f51ea3a5d6b9104d04a7409ef44cc77f0199f51ffe00c0daad6ff4a1f844b9f5d3f359d3b686ec68e546a0343b5d52e8307f03c1bf0385fe4b50af081cf4'
+  data.tar.gz: 334425bf5c64658b01588756ee26a2090e8245f4962c16ab31f85f39809e7fadef3d5d95b84ff6a2bc4b0cc2c3f602fad70887007292bf4664e268866c23d7cd

data/CONTRIBUTING.md

@@ -28,7 +28,7 @@ the [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev
 ## Getting Started
 
 * Make sure you have a [Jira account](https://tickets.puppetlabs.com).
-* Make sure you have a [GitHub account](https://github.com/signup/free).
+* Make sure you have a [GitHub account](https://github.com/join).
 * Submit a Jira ticket for your issue if one does not already exist.
   * Clearly describe the issue including steps to reproduce when it is a bug.
   * Make sure you fill in the earliest version that you know has the issue.
@@ -89,7 +89,7 @@ user-facing strings are marked in new PRs before merging.
 
 For [changes of a trivial nature](https://puppet.com/community/trivial-patch-exemption-policy), it is not always necessary to create a new
 ticket in Jira. In this case, it is appropriate to start the first line of a
-commit with one of  `(docs)`, `(maint)`, or `(packaging)` instead of a ticket
+commit with one of `(docs)`, `(maint)`, or `(packaging)` instead of a ticket
 number.
 
 If a Jira ticket exists for the documentation commit, you can include it
@@ -117,15 +117,10 @@ respectively.
 * Sign the [Contributor License Agreement](https://cla.puppet.com).
 * Push your changes to a topic branch in your fork of the repository.
 * Submit a pull request to the repository in the puppetlabs organization.
-* Update your Jira ticket to mark that you have submitted code and are ready
+* Update the related Jira ticket to mark that you have submitted code and are ready
   for it to be reviewed (Status: Ready for Merge).
-  * Include a link to the pull request in the ticket.
-* The core team looks at Pull Requests on a regular basis in a weekly triage
-  meeting that we hold in a public Google Hangout. The hangout is announced in
-  the weekly status updates that are sent to the puppet-dev list. Notes are
-  posted to the [Puppet Community community-triage
-  repo](https://github.com/puppet-community/community-triage/tree/master/core/notes)
-  and include a link to a YouTube recording of the hangout.
+* The core team looks at pull requests on a regular basis in a weekly triage
+  meeting.
 * After feedback has been given we expect responses within two weeks. After two
   weeks we may close the pull request if it isn't showing any activity.
 
@@ -159,9 +154,8 @@ ensure the issue has been resolved.
 
 * [Puppet community guidelines](https://puppet.com/community/community-guidelines)
 * [Bug tracker (Jira)](https://tickets.puppetlabs.com)
-* [Contributor License Agreement](http://links.puppet.com/cla)
+* [Contributor License Agreement](https://cla.puppet.com/)
 * [General GitHub documentation](https://help.github.com/)
 * [GitHub pull request documentation](https://help.github.com/articles/creating-a-pull-request/)
-* #puppet-dev IRC channel on freenode.org ([Archive](https://botbot.me/freenode/puppet-dev/))
 * [puppet-dev mailing list](https://groups.google.com/forum/#!forum/puppet-dev)
-* [Community PR Triage notes](https://github.com/puppet-community/community-triage/tree/master/core/notes)
+* [Puppet community slack](https://slack.puppet.com)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    puppet (6.13.0)
+    puppet (6.14.0)
       CFPropertyList (~> 2.2)
       concurrent-ruby (~> 1.0)
       deep_merge (~> 1.0)
@@ -38,7 +38,7 @@ GEM
       fast_gettext (~> 1.1.0)
       gettext (>= 3.0.2, < 3.3.0)
       locale
-    hashdiff (1.0.0)
+    hashdiff (1.0.1)
     hiera (3.6.0)
     hiera-eyaml (3.2.0)
       highline (~> 1.6.19)
@@ -57,19 +57,19 @@ GEM
     multi_json (1.14.1)
     mustache (1.1.1)
     optimist (3.0.0)
-    packaging (0.99.56)
+    packaging (0.99.58)
       artifactory (~> 2)
       rake (>= 12.3)
       release-metrics
     parallel (1.19.1)
-    parser (2.7.0.2)
+    parser (2.7.0.4)
       ast (~> 2.4.0)
     powerpack (0.1.2)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
     public_suffix (4.0.3)
-    puppet-resource_api (1.8.7)
+    puppet-resource_api (1.8.12)
       hocon (>= 1.0)
     puppetserver-ca (1.5.0)
       facter (>= 2.0.1, < 4)
@@ -111,7 +111,7 @@ GEM
       unicode-display_width (~> 1.0, >= 1.0.1)
     rubocop-i18n (1.2.0)
       rubocop (~> 0.49.0)
-    ruby-prof (1.2.0)
+    ruby-prof (1.3.0)
     ruby-progressbar (1.10.1)
     safe_yaml (1.0.5)
     semantic_puppet (1.0.2)

data/README.md

@@ -1,5 +1,4 @@
-Puppet
-======
+# Puppet
 
 [![Travis Status](https://travis-ci.com/puppetlabs/puppet.svg?branch=master)](https://travis-ci.com/puppetlabs/puppet)
 [![Appveyor Status](https://ci.appveyor.com/api/projects/status/cvhpypd4504sevqq/branch/master?svg=true)](https://ci.appveyor.com/project/puppetlabs/puppet/branch/master)
@@ -10,18 +9,16 @@ Puppet, an automated administrative engine for your Linux, Unix, and Windows sys
 administrative tasks (such as adding users, installing packages, and updating server
 configurations) based on a centralized specification.
 
-Documentation
--------------
+## Documentation
 
 Documentation for Puppet and related projects can be found online at the
 [Puppet Docs site](https://puppet.com/docs).
 
-HTTP API
---------
+### HTTP API
+
 [HTTP API Index](https://puppet.com/docs/puppet/5.5/http_api/http_api_index.html)
 
-Installation
-------------
+## Installation
 
 The best way to run Puppet is with [Puppet Enterprise (PE)](https://puppet.com/products/puppet-enterprise/),
 which also includes orchestration features, a web console, and professional support.
@@ -33,8 +30,7 @@ To install an open source release of Puppet,
 If you need to run Puppet from source as a tester or developer,
 see the [Running Puppet from Source](https://docs.puppet.com/puppet/3.8/from_source.html) guide on the docs site.
 
-Developing and Contributing
-------
+## Developing and Contributing
 
 We'd love to get contributions from you! For a quick guide to getting your
 system setup for developing, take a look at our [Quickstart
@@ -45,32 +41,29 @@ in.
 For more complete docs on developing with Puppet, take a look at the
 rest of the [developer documents](https://github.com/puppetlabs/puppet/blob/master/docs/index.md).
 
-Licensing
----------
+## Licensing
 
 See [LICENSE](https://github.com/puppetlabs/puppet/blob/master/LICENSE) file. Puppet is licensed by Puppet, Inc. under the Apache license. Puppet, Inc. can be contacted at: info@puppet.com
 
-Support
--------
+## Support
 
-Please log tickets and issues at our [JIRA tracker](https://tickets.puppetlabs.com).  A [mailing
+Please log tickets and issues at our [JIRA tracker](https://tickets.puppetlabs.com). A [mailing
 list](https://groups.google.com/forum/?fromgroups#!forum/puppet-users) is
-available for asking questions and getting help from others. In addition, there
-is an active #puppet channel on Freenode.
+available for asking questions and getting help from others, or if you prefer chat, we also have a [Puppet Community slack.](https://puppetcommunity.slack.com/)
 
 We use semantic version numbers for our releases and recommend that users stay
 as up-to-date as possible by upgrading to patch releases and minor releases as
 they become available.
 
-Bugfixes and ongoing development will occur in minor releases for the current
+Bug fixes and ongoing development will occur in minor releases for the current
 major version. Security fixes will be backported to a previous major version on
 a best-effort basis, until the previous major version is no longer maintained.
 
-For example: If a security vulnerability is discovered in Puppet 4.1.1, we
-would fix it in the 4 series, most likely as 4.1.2. Maintainers would then make
-a best effort to backport that fix onto the latest Puppet 3 release.
+For example: If a security vulnerability is discovered in Puppet 6.1.1, we
+would fix it in the 6 series, most likely as 6.1.2. Maintainers would then make
+a best effort to backport that fix onto the latest Puppet 5 release.
 
 Long-term support, including security patches and bug fixes, is available for
 commercial customers. Please see the following page for more details:
 
-[Puppet Enterprise Support Lifecycle](https://puppet.com/misc/puppet-enterprise-lifecycle)
+[Puppet Enterprise Support Lifecycle](https://puppet.com/docs/puppet-enterprise/product-support-lifecycle/)

data/lib/puppet.rb

@@ -237,6 +237,7 @@ module Puppet
         end
       },
       :ssl_host => proc { Puppet::SSL::Host.localhost },
+      :http_session => proc { Puppet.runtime["http"].create_session },
       :plugins => proc { Puppet::Plugins::Configuration.load_plugins },
       :rich_data => false
     }
@@ -322,7 +323,6 @@ module Puppet
 
   require 'puppet/runtime'
   @runtime = Puppet::Runtime.instance
-  @runtime['http'] = proc { Puppet::HTTP::Client.new }
 end
 
 # This feels weird to me; I would really like for us to get to a state where there is never a "require" statement

data/lib/puppet/application/agent.rb

@@ -90,7 +90,7 @@ puppet-agent(8) -- #{summary}
 
 SYNOPSIS
 --------
-Retrieves the client configuration from the puppet master and applies it to
+Retrieves the client configuration from the Puppet master and applies it to
 the local host.
 
 This service may be run as a daemon, run periodically using cron (or something
@@ -164,13 +164,15 @@ when signing certificates).
 only resources not tagged with the specified tags will be applied.
 Values must be comma-separated.
 
+
 OPTIONS
 -------
 
 Note that any Puppet setting that's valid in the configuration file is also a
 valid long argument. For example, 'server' is a valid setting, so you can
-specify '--server <servername>' as an argument. Boolean settings translate into
-'--setting' and '--no-setting' pairs.
+specify '--server <servername>' as an argument. Boolean settings accept a '--no-' 
+prefix to turn off a behavior, translating into '--setting' and '--no-setting' 
+pairs, such as `--daemonize` and `--no-daemonize`.
 
 See the configuration file documentation at
 https://puppet.com/docs/puppet/latest/configuration.html for the
@@ -237,15 +239,14 @@ generated by running puppet agent with '--genconfig'.
 * --enable:
   Enable working on the local system. This removes any lock file,
   causing 'puppet agent' to start managing the local system again
-  (although it will continue to use its normal scheduling, so it might
-  not start for another half hour).
+  However, it continues to use its normal scheduling, so it might
+  not start for another half hour.
 
   'puppet agent' exits after executing this.
   
 *  --evaltrace:
   Logs each resource as it is being evaluated. This allows you to interactively see exactly what is being done. (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
 
-
 * --fingerprint:
   Display the current certificate or certificate signing request
   fingerprint and then exit. Use the '--digest' option to change the
@@ -278,7 +279,7 @@ generated by running puppet agent with '--genconfig'.
 
 * --noop:
   Use 'noop' mode where the daemon runs in a no-op or dry-run mode. This
-  is useful for seeing what changes Puppet will make without actually
+  is useful for seeing what changes Puppet would make without actually
   executing the changes.
   (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
   prefix for boolean settings on the command line.)
@@ -302,8 +303,6 @@ generated by running puppet agent with '--genconfig'.
 * --trace
   Prints stack traces on some errors. (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
 
-
-
 * --verbose:
   Turn on verbose reporting.
 
@@ -317,8 +316,7 @@ generated by running puppet agent with '--genconfig'.
   it to sign a certificate request. This is useful for the initial setup
   of a puppet client. You can turn off waiting for certificates by
   specifying a time of 0.
-  (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
-  prefix for boolean settings on the command line.)
+  (This is a Puppet setting, and can go in puppet.conf.)
 
 
 EXAMPLE

data/lib/puppet/application/describe.rb

@@ -67,13 +67,15 @@ class TypeDoc
     @types.keys.sort_by(&:to_s).each do |name|
       type = @types[name]
       s = type.doc.gsub(/\s+/, " ")
-      n = s.index(". ")
-      if n.nil?
+      if s.empty?
         s = ".. no documentation .."
-      elsif n > 45
-        s = s[0, 45] + " ..."
       else
-        s = s[0, n]
+        n = s.index(".") || s.length
+        if n > 45
+          s = s[0, 45] + " ..."
+        else
+          s = s[0, n]
+        end
       end
       printf "%-15s - %s\n", name, s
     end

data/lib/puppet/application/device.rb

@@ -194,7 +194,7 @@ you can specify '--server <servername>' as an argument.
 
 * --resource:
   Displays a resource state as Puppet code, roughly equivalent to
-  `puppet resource`.  Can be filterd by title. Requires --target be specified.
+  `puppet resource`.  Can be filtered by title. Requires --target be specified.
 
 * --target:
   Target a specific device/certificate in the device.conf. Doing so will perform a
@@ -259,7 +259,7 @@ Licensed under the Apache 2.0 License
         end
       end
       devices.collect do |devicename,device|
-        pool = Puppet::Network::HTTP::Pool.new(Puppet[:http_keepalive_timeout])
+        pool = Puppet.runtime['http'].pool
         Puppet.override(:http_pool => pool) do
           # TODO when we drop support for ruby < 2.5 we can remove the extra block here
           begin

data/lib/puppet/application/filebucket.rb

@@ -69,6 +69,19 @@ running as a user with valid Puppet certificates. Alternatively, you can
 use your local file bucket by specifying '--local', or by specifying
 '--bucket' with a local path.
 
+> **Note**: Enabling and using the backup option, and by extension the 
+  filebucket resource, requires appropriate planning and management to ensure 
+  that sufficient disk space is available for the file backups. Generally, you 
+  can implement this using one of the following two options:
+  - Use a `find` command and `crontab` entry to retain only the last X days 
+  of file backups. For example: 
+
+  ```shell
+  find /opt/puppetlabs/server/data/puppetserver/bucket -type f -mtime +45 -atime +45 -print0 | xargs -0 rm
+  ```
+
+  - Restrict the directory to a maximum size after which the oldest items are removed.
+
 
 OPTIONS
 -------
@@ -108,7 +121,7 @@ configuration options can also be generated by running puppet with
   by default.
 
 * --server_list:
-  A list of comma seperated servers; only the first entry is used for file storage.
+  A list of comma separated servers; only the first entry is used for file storage.
   This setting takes precidence over `server`.
 
 * --server:

data/lib/puppet/application/ssl.rb

@@ -28,7 +28,7 @@ OPTIONS
 -------
 
 * --help:
-  Print this help messsge.
+  Print this help message.
 
 * --verbose:
   Print extra information.

data/lib/puppet/configurer.rb

@@ -1,6 +1,5 @@
 # The client for interacting with the puppetmaster config server.
 require 'timeout'
-require 'puppet/network/http_pool'
 require 'puppet/util'
 require 'securerandom'
 #require 'puppet/parser/script_compiler'
@@ -64,7 +63,7 @@ class Puppet::Configurer
   end
 
   # Get the remote catalog, yo.  Returns nil if no catalog can be found.
-  def retrieve_catalog(query_options)
+  def retrieve_catalog(facts, query_options)
     query_options ||= {}
     result = retrieve_catalog_from_cache(query_options) if Puppet[:use_cached_catalog]
     if result
@@ -72,7 +71,7 @@ class Puppet::Configurer
 
       Puppet.info _("Using cached catalog from environment '%{environment}'") % { environment: result.environment }
     else
-      result = retrieve_new_catalog(query_options)
+      result = retrieve_new_catalog(facts, query_options)
 
       if !result
         if !Puppet[:usecacheonfailure]
@@ -99,12 +98,11 @@ class Puppet::Configurer
   end
 
   # Convert a plain resource catalog into our full host catalog.
-  def convert_catalog(result, duration, options = {})
+  def convert_catalog(result, duration, facts, options = {})
     catalog = nil
 
     catalog_conversion_time = thinmark do
       # Will mutate the result and replace all Deferred values with resolved values
-      facts = options[:convert_with_facts]
       if facts
         Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(facts, result)
       end
@@ -133,6 +131,7 @@ class Puppet::Configurer
     end
 
     facts_hash = {}
+    facts = nil
     if Puppet::Resource::Catalog.indirection.terminus_class == :rest
       # This is a bit complicated.  We need the serialized and escaped facts,
       # and we need to know which format they're encoded in.  Thus, we
@@ -141,15 +140,14 @@ class Puppet::Configurer
       # facts_for_uploading may set Puppet[:node_name_value] as a side effect
       facter_time = thinmark do
         facts = find_facts
-        options[:convert_with_facts] =  facts
         facts_hash = encode_facts(facts) # encode for uploading # was: facts_for_uploading
       end
       options[:report].add_times(:fact_generation, facter_time) if options[:report]
     end
-    facts_hash
+    [facts_hash, facts]
   end
 
-  def prepare_and_retrieve_catalog(cached_catalog, options, query_options)
+  def prepare_and_retrieve_catalog(cached_catalog, facts, options, query_options)
     # set report host name now that we have the fact
     options[:report].host = Puppet[:node_name_value]
 
@@ -165,7 +163,7 @@ class Puppet::Configurer
     catalog = cached_catalog || options[:catalog]
     unless catalog
       # retrieve_catalog returns resource catalog
-      catalog = retrieve_catalog(query_options)
+      catalog = retrieve_catalog(facts, query_options)
       Puppet.err _("Could not retrieve catalog; skipping run") unless catalog
     end
     catalog
@@ -196,7 +194,7 @@ class Puppet::Configurer
   # This just passes any options on to the catalog,
   # which accepts :tags and :ignoreschedules.
   def run(options = {})
-    pool = Puppet::Network::HTTP::Pool.new(Puppet[:http_keepalive_timeout])
+    pool = Puppet.runtime['http'].pool
     # We create the report pre-populated with default settings for
     # environment and transaction_uuid very early, this is to ensure
     # they are sent regardless of any catalog compilation failures or
@@ -210,13 +208,9 @@ class Puppet::Configurer
     completed = nil
     begin
       Puppet.override(:http_pool => pool) do
-
         # Skip failover logic if the server_list setting is empty
-        if Puppet.settings[:server_list].nil? || Puppet.settings[:server_list].empty?
-          do_failover = false
-        else
-          do_failover = true
-        end
+        do_failover = Puppet.settings[:server_list] && !Puppet.settings[:server_list].empty?
+
         # When we are passed a catalog, that means we're in apply
         # mode. We shouldn't try to do any failover in that case.
         if options[:catalog].nil? && do_failover
@@ -224,8 +218,6 @@ class Puppet::Configurer
           if server.nil?
             raise Puppet::Error, _("Could not select a functional puppet master from server_list: '%{server_list}'") % { server_list: Puppet.settings.value(:server_list, Puppet[:environment].to_sym, true) }
           else
-            #TRANSLATORS 'server_list' is the name of a setting and should not be translated
-            Puppet.debug _("Selected puppet server from the `server_list` setting: %{server}:%{port}") % { server: server, port: port }
             report.master_used = "#{server}:#{port}"
           end
           Puppet.override(server: server, serverport: port) do
@@ -273,7 +265,7 @@ class Puppet::Configurer
 
     begin
       unless Puppet[:node_name_fact].empty?
-        query_options = get_facts(options)
+        query_options, facts = get_facts(options)
       end
 
       configured_environment = Puppet[:environment] if Puppet.settings.set_by_config?(:environment)
@@ -306,6 +298,7 @@ class Puppet::Configurer
               @environment = node.environment.to_s
               report.environment = @environment
               query_options = nil
+              facts = nil
             else
               Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
             end
@@ -330,11 +323,11 @@ class Puppet::Configurer
         :loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
       }, "Local node environment for configurer transaction")
 
-      query_options = get_facts(options) unless query_options
+      query_options, facts = get_facts(options) unless query_options
       query_options[:configured_environment] = configured_environment
       options[:convert_for_node] = node
 
-      catalog = prepare_and_retrieve_catalog(cached_catalog, options, query_options)
+      catalog = prepare_and_retrieve_catalog(cached_catalog, facts, options, query_options)
       unless catalog
         return nil
       end
@@ -357,11 +350,11 @@ class Puppet::Configurer
         @environment = catalog.environment
         report.environment = @environment
 
-        query_options = get_facts(options)
+        query_options, facts = get_facts(options)
         query_options[:configured_environment] = configured_environment
 
         # if we get here, ignore the cached catalog
-        catalog = prepare_and_retrieve_catalog(nil, options, query_options)
+        catalog = prepare_and_retrieve_catalog(nil, facts, options, query_options)
         return nil unless catalog
         tries += 1
       end
@@ -373,7 +366,7 @@ class Puppet::Configurer
       else
         # REMIND @duration is the time spent loading the last catalog, and doesn't
         # account for things like we failed to download and fell back to the cache
-        ral_catalog = convert_catalog(catalog, @duration, options)
+        ral_catalog = convert_catalog(catalog, @duration, facts, options)
 
         # If not noop, commit the cached resource catalog (not ral catalog). Ideally
         # we'd just copy the downloaded response body, instead of serializing the
@@ -418,21 +411,16 @@ class Puppet::Configurer
   private :run_internal
 
   def find_functional_server
-    Puppet.settings[:server_list].each do |server|
-      host = server[0]
-      port = server[1] || Puppet[:masterport]
-      begin
-        ssl_context = Puppet.lookup(:ssl_context)
-        http = Puppet::Network::HttpPool.connection(host, port.to_i, ssl_context: ssl_context)
-        response = http.get('/status/v1/simple/master')
-        return [host, port] if response.is_a?(Net::HTTPOK)
-
-        Puppet.debug(_("Puppet server %{host}:%{port} is unavailable: %{code} %{reason}") %
-                     { host: host, port: port, code: response.code, reason: response.message })
-      rescue => detail
-        #TRANSLATORS 'server_list' is the name of a setting and should not be translated
-        Puppet.debug _("Unable to connect to server from server_list setting: %{detail}") % {detail: detail}
-      end
+    begin
+      session = Puppet.lookup(:http_session)
+      service = session.route_to(:puppet)
+      return [service.url.host, service.url.port]
+    rescue Puppet::HTTP::ResponseError => e
+      Puppet.debug(_("Puppet server %{host}:%{port} is unavailable: %{code} %{reason}") %
+                   { host: e.response.url.host, port: e.response.url.port, code: e.response.code, reason: e.response.reason })
+    rescue => detail
+      #TRANSLATORS 'server_list' is the name of a setting and should not be translated
+      Puppet.debug _("Unable to connect to server from server_list setting: %{detail}") % {detail: detail}
     end
     [nil, nil]
   end
@@ -516,7 +504,7 @@ class Puppet::Configurer
     return nil
   end
 
-  def retrieve_new_catalog(query_options)
+  def retrieve_new_catalog(facts, query_options)
     result = nil
     @duration = thinmark do
       result = Puppet::Resource::Catalog.indirection.find(
@@ -526,7 +514,8 @@ class Puppet::Configurer
           # don't update cache until after environment converges
           :ignore_cache_save => true,
           :environment       => Puppet::Node::Environment.remote(@environment),
-          :fail_on_404       => true
+          :fail_on_404       => true,
+          :facts_for_catalog => facts
         )
       )
     end