puppet 6.14.0 → 6.15.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (195) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +15 -15
  3. data/ext/windows/service/daemon.rb +3 -3
  4. data/lib/puppet.rb +1 -1
  5. data/lib/puppet/agent.rb +2 -10
  6. data/lib/puppet/application/agent.rb +2 -1
  7. data/lib/puppet/application/filebucket.rb +5 -14
  8. data/lib/puppet/application/ssl.rb +2 -2
  9. data/lib/puppet/configurer.rb +7 -3
  10. data/lib/puppet/configurer/plugin_handler.rb +1 -1
  11. data/lib/puppet/defaults.rb +22 -2
  12. data/lib/puppet/environments.rb +4 -5
  13. data/lib/puppet/face/plugin.rb +1 -1
  14. data/lib/puppet/file_system/file_impl.rb +13 -9
  15. data/lib/puppet/forge/repository.rb +1 -1
  16. data/lib/puppet/functions/call.rb +1 -1
  17. data/lib/puppet/functions/reduce.rb +2 -4
  18. data/lib/puppet/http.rb +2 -0
  19. data/lib/puppet/http/client.rb +191 -52
  20. data/lib/puppet/http/external_client.rb +96 -0
  21. data/lib/puppet/http/redirector.rb +34 -0
  22. data/lib/puppet/http/resolver.rb +46 -3
  23. data/lib/puppet/http/resolver/server_list.rb +75 -15
  24. data/lib/puppet/http/resolver/settings.rb +22 -2
  25. data/lib/puppet/http/resolver/srv.rb +28 -2
  26. data/lib/puppet/http/response.rb +63 -1
  27. data/lib/puppet/http/retry_after_handler.rb +39 -0
  28. data/lib/puppet/http/service.rb +67 -1
  29. data/lib/puppet/http/service/ca.rb +71 -9
  30. data/lib/puppet/http/service/compiler.rb +213 -11
  31. data/lib/puppet/http/service/file_server.rb +105 -4
  32. data/lib/puppet/http/service/report.rb +36 -3
  33. data/lib/puppet/http/session.rb +59 -8
  34. data/lib/puppet/indirector/catalog/rest.rb +2 -1
  35. data/lib/puppet/indirector/facts/rest.rb +2 -1
  36. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  37. data/lib/puppet/indirector/file_metadata/rest.rb +4 -2
  38. data/lib/puppet/indirector/node/rest.rb +2 -1
  39. data/lib/puppet/indirector/report/yaml.rb +23 -0
  40. data/lib/puppet/indirector/status/rest.rb +2 -1
  41. data/lib/puppet/metatype/manager.rb +80 -80
  42. data/lib/puppet/network/http/base_pool.rb +6 -1
  43. data/lib/puppet/network/http/pool.rb +2 -4
  44. data/lib/puppet/network/http_pool.rb +1 -0
  45. data/lib/puppet/node/environment.rb +11 -1
  46. data/lib/puppet/pal/pal_impl.rb +1 -29
  47. data/lib/puppet/parser/compiler.rb +14 -7
  48. data/lib/puppet/parser/functions.rb +18 -13
  49. data/lib/puppet/pops/loaders.rb +7 -5
  50. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  51. data/lib/puppet/provider/package/apt.rb +61 -1
  52. data/lib/puppet/provider/package/dnfmodule.rb +39 -12
  53. data/lib/puppet/provider/package/gem.rb +41 -7
  54. data/lib/puppet/provider/package/pacman.rb +2 -5
  55. data/lib/puppet/provider/package/pip.rb +105 -33
  56. data/lib/puppet/provider/package/pip3.rb +0 -2
  57. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  58. data/lib/puppet/provider/package/pkgng.rb +16 -4
  59. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  60. data/lib/puppet/provider/package/rpm.rb +6 -213
  61. data/lib/puppet/provider/package/yum.rb +92 -19
  62. data/lib/puppet/provider/service/systemd.rb +2 -1
  63. data/lib/puppet/reports/http.rb +13 -11
  64. data/lib/puppet/resource/type_collection.rb +20 -16
  65. data/lib/puppet/ssl.rb +1 -0
  66. data/lib/puppet/ssl/host.rb +4 -4
  67. data/lib/puppet/ssl/oids.rb +1 -0
  68. data/lib/puppet/ssl/state_machine.rb +50 -33
  69. data/lib/puppet/transaction/report.rb +2 -2
  70. data/lib/puppet/type.rb +6 -1
  71. data/lib/puppet/type/file/source.rb +4 -2
  72. data/lib/puppet/type/package.rb +25 -2
  73. data/lib/puppet/type/user.rb +0 -19
  74. data/lib/puppet/util/at_fork.rb +1 -1
  75. data/lib/puppet/util/autoload.rb +3 -0
  76. data/lib/puppet/util/instance_loader.rb +14 -10
  77. data/lib/puppet/util/package/version/debian.rb +175 -0
  78. data/lib/puppet/util/package/version/gem.rb +15 -0
  79. data/lib/puppet/util/package/version/pip.rb +167 -0
  80. data/lib/puppet/util/package/version/range.rb +50 -0
  81. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  82. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  83. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  84. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  85. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  86. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  87. data/lib/puppet/util/package/version/rpm.rb +73 -0
  88. data/lib/puppet/util/pidlock.rb +13 -7
  89. data/lib/puppet/util/platform.rb +5 -0
  90. data/lib/puppet/util/rpm_compare.rb +193 -0
  91. data/lib/puppet/util/windows/adsi.rb +2 -2
  92. data/lib/puppet/util/windows/process.rb +15 -14
  93. data/lib/puppet/util/windows/security.rb +1 -0
  94. data/lib/puppet/util/windows/sid.rb +3 -3
  95. data/lib/puppet/version.rb +1 -1
  96. data/locales/puppet.pot +207 -201
  97. data/man/man5/puppet.conf.5 +11 -3
  98. data/man/man8/puppet-agent.8 +1 -1
  99. data/man/man8/puppet-apply.8 +1 -1
  100. data/man/man8/puppet-catalog.8 +1 -1
  101. data/man/man8/puppet-config.8 +1 -1
  102. data/man/man8/puppet-describe.8 +1 -1
  103. data/man/man8/puppet-device.8 +1 -1
  104. data/man/man8/puppet-doc.8 +1 -1
  105. data/man/man8/puppet-epp.8 +1 -1
  106. data/man/man8/puppet-facts.8 +1 -1
  107. data/man/man8/puppet-filebucket.8 +1 -1
  108. data/man/man8/puppet-generate.8 +1 -1
  109. data/man/man8/puppet-help.8 +1 -1
  110. data/man/man8/puppet-key.8 +1 -1
  111. data/man/man8/puppet-lookup.8 +1 -1
  112. data/man/man8/puppet-man.8 +1 -1
  113. data/man/man8/puppet-module.8 +1 -1
  114. data/man/man8/puppet-node.8 +1 -1
  115. data/man/man8/puppet-parser.8 +1 -1
  116. data/man/man8/puppet-plugin.8 +1 -1
  117. data/man/man8/puppet-report.8 +1 -1
  118. data/man/man8/puppet-resource.8 +1 -1
  119. data/man/man8/puppet-script.8 +1 -1
  120. data/man/man8/puppet-ssl.8 +1 -1
  121. data/man/man8/puppet-status.8 +1 -1
  122. data/man/man8/puppet.8 +2 -2
  123. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  124. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  125. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  126. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  127. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list-enabled.txt} +2 -0
  128. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  129. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  130. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  131. data/spec/integration/application/agent_spec.rb +329 -0
  132. data/spec/integration/application/apply_spec.rb +132 -3
  133. data/spec/integration/application/filebucket_spec.rb +190 -0
  134. data/spec/integration/application/plugin_spec.rb +50 -0
  135. data/spec/integration/http/client_spec.rb +34 -40
  136. data/spec/integration/indirector/report/yaml.rb +83 -0
  137. data/spec/integration/module_tool/forge_spec.rb +2 -15
  138. data/spec/integration/network/http_pool_spec.rb +11 -19
  139. data/spec/integration/node/environment_spec.rb +15 -0
  140. data/spec/integration/util/windows/adsi_spec.rb +1 -1
  141. data/spec/lib/puppet/test_ca.rb +2 -2
  142. data/spec/lib/puppet_spec/https.rb +10 -7
  143. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  144. data/spec/shared_contexts/https.rb +29 -0
  145. data/spec/unit/agent_spec.rb +33 -25
  146. data/spec/unit/application/agent_spec.rb +5 -1
  147. data/spec/unit/application/device_spec.rb +2 -2
  148. data/spec/unit/application/filebucket_spec.rb +22 -2
  149. data/spec/unit/configurer_spec.rb +1 -1
  150. data/spec/unit/defaults_spec.rb +24 -1
  151. data/spec/unit/environments_spec.rb +8 -0
  152. data/spec/unit/file_system_spec.rb +10 -0
  153. data/spec/unit/http/client_spec.rb +105 -46
  154. data/spec/unit/http/external_client_spec.rb +201 -0
  155. data/spec/unit/http/resolver_spec.rb +20 -0
  156. data/spec/unit/http/service/ca_spec.rb +25 -2
  157. data/spec/unit/http/service/compiler_spec.rb +184 -6
  158. data/spec/unit/http/service/file_server_spec.rb +35 -3
  159. data/spec/unit/http/service/report_spec.rb +3 -1
  160. data/spec/unit/http/service_spec.rb +3 -3
  161. data/spec/unit/http/session_spec.rb +56 -7
  162. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  163. data/spec/unit/network/http/pool_spec.rb +3 -3
  164. data/spec/unit/node/environment_spec.rb +16 -0
  165. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  166. data/spec/unit/provider/package/apt_spec.rb +30 -0
  167. data/spec/unit/provider/package/dnfmodule_spec.rb +33 -14
  168. data/spec/unit/provider/package/gem_spec.rb +40 -0
  169. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  170. data/spec/unit/provider/package/pip_spec.rb +26 -3
  171. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  172. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  173. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  174. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  175. data/spec/unit/provider/package/yum_spec.rb +235 -1
  176. data/spec/unit/provider/service/systemd_spec.rb +10 -1
  177. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  178. data/spec/unit/puppet_pal_2pec.rb +0 -29
  179. data/spec/unit/reports/http_spec.rb +70 -52
  180. data/spec/unit/ssl/host_spec.rb +4 -2
  181. data/spec/unit/ssl/oids_spec.rb +1 -0
  182. data/spec/unit/ssl/state_machine_spec.rb +38 -6
  183. data/spec/unit/transaction/report_spec.rb +4 -0
  184. data/spec/unit/util/at_fork_spec.rb +2 -2
  185. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  186. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  187. data/spec/unit/util/package/version/range_spec.rb +154 -0
  188. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  189. data/spec/unit/util/pidlock_spec.rb +83 -47
  190. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  191. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  192. data/spec/unit/util/windows/sid_spec.rb +2 -2
  193. data/tasks/generate_cert_fixtures.rake +15 -1
  194. metadata +51 -6
  195. data/spec/integration/faces/plugin_spec.rb +0 -63
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fc1216f1f77ee762e957b53119e4b3ece7c58f1bd70c3e0737b9c508a8a81be2
4
- data.tar.gz: d24df2321580cf5576069d809557f5ba60668dbd227c1403f602f5d6b99d48f4
3
+ metadata.gz: b9e741fedb22cc09759911a15e38ec7c05726d6105a6f63cb2d8ab636b62244c
4
+ data.tar.gz: 85206eb352d11694e203c16725c706a791898f721bff00064833202f3309eef7
5
5
  SHA512:
6
- metadata.gz: '09c7f51ea3a5d6b9104d04a7409ef44cc77f0199f51ffe00c0daad6ff4a1f844b9f5d3f359d3b686ec68e546a0343b5d52e8307f03c1bf0385fe4b50af081cf4'
7
- data.tar.gz: 334425bf5c64658b01588756ee26a2090e8245f4962c16ab31f85f39809e7fadef3d5d95b84ff6a2bc4b0cc2c3f602fad70887007292bf4664e268866c23d7cd
6
+ metadata.gz: 7eaacd3a269d0f2853b7475e8adf4ca13ee5f865f5c8380be1861095040eb66cd9f443306179291901353e24786409f316b101c333a8255aefc311dec5e1f41e
7
+ data.tar.gz: dbd894221a877f18e6672ca7696555838d742226f185c559a73b05f16285fb4e842c92dbf5532596cd4c8b6a18911d43d2e241108307c01b3c044efe0614d235
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- puppet (6.14.0)
4
+ puppet (6.15.0)
5
5
  CFPropertyList (~> 2.2)
6
6
  concurrent-ruby (~> 1.0)
7
7
  deep_merge (~> 1.0)
@@ -51,27 +51,27 @@ GEM
51
51
  addressable (>= 2.4)
52
52
  locale (2.1.3)
53
53
  memory_profiler (0.9.14)
54
- method_source (0.9.2)
54
+ method_source (1.0.0)
55
55
  minitar (0.9)
56
56
  msgpack (1.3.3)
57
57
  multi_json (1.14.1)
58
58
  mustache (1.1.1)
59
- optimist (3.0.0)
60
- packaging (0.99.58)
59
+ optimist (3.0.1)
60
+ packaging (0.99.61)
61
61
  artifactory (~> 2)
62
62
  rake (>= 12.3)
63
63
  release-metrics
64
64
  parallel (1.19.1)
65
- parser (2.7.0.4)
65
+ parser (2.7.1.1)
66
66
  ast (~> 2.4.0)
67
67
  powerpack (0.1.2)
68
- pry (0.12.2)
69
- coderay (~> 1.1.0)
70
- method_source (~> 0.9.0)
71
- public_suffix (4.0.3)
72
- puppet-resource_api (1.8.12)
68
+ pry (0.13.1)
69
+ coderay (~> 1.1)
70
+ method_source (~> 1.0)
71
+ public_suffix (4.0.4)
72
+ puppet-resource_api (1.8.13)
73
73
  hocon (>= 1.0)
74
- puppetserver-ca (1.5.0)
74
+ puppetserver-ca (1.7.0)
75
75
  facter (>= 2.0.1, < 4)
76
76
  racc (1.4.9)
77
77
  rainbow (2.2.2)
@@ -92,7 +92,7 @@ GEM
92
92
  rspec-mocks (~> 3.9.0)
93
93
  rspec-core (3.9.1)
94
94
  rspec-support (~> 3.9.1)
95
- rspec-expectations (3.9.0)
95
+ rspec-expectations (3.9.1)
96
96
  diff-lcs (>= 1.2.0, < 2.0)
97
97
  rspec-support (~> 3.9.0)
98
98
  rspec-its (1.3.0)
@@ -111,14 +111,14 @@ GEM
111
111
  unicode-display_width (~> 1.0, >= 1.0.1)
112
112
  rubocop-i18n (1.2.0)
113
113
  rubocop (~> 0.49.0)
114
- ruby-prof (1.3.0)
114
+ ruby-prof (1.3.2)
115
115
  ruby-progressbar (1.10.1)
116
116
  safe_yaml (1.0.5)
117
117
  semantic_puppet (1.0.2)
118
118
  text (1.3.1)
119
- unicode-display_width (1.6.1)
119
+ unicode-display_width (1.7.0)
120
120
  vcr (5.1.0)
121
- webmock (3.8.2)
121
+ webmock (3.8.3)
122
122
  addressable (>= 2.3.6)
123
123
  crack (>= 0.3.2)
124
124
  hashdiff (>= 0.4.0, < 2.0.0)
@@ -160,7 +160,7 @@ class WindowsDaemon < Win32::Daemon
160
160
 
161
161
  def parse_runinterval(puppet_path)
162
162
  begin
163
- runinterval = %x{ #{puppet_path} agent --configprint runinterval }.to_i
163
+ runinterval = %x{ #{puppet_path} config --section agent --log_level notice print runinterval }.to_i
164
164
  if runinterval == 0
165
165
  runinterval = 1800
166
166
  log_err("Failed to determine runinterval, defaulting to #{runinterval} seconds")
@@ -175,8 +175,8 @@ class WindowsDaemon < Win32::Daemon
175
175
 
176
176
  def parse_log_level(puppet_path,cmdline_debug)
177
177
  begin
178
- loglevel = %x{ #{puppet_path} agent --configprint log_level}.chomp
179
- unless loglevel
178
+ loglevel = %x{ #{puppet_path} config --section agent --log_level notice print log_level }.chomp
179
+ unless loglevel && respond_to?("log_#{loglevel}")
180
180
  loglevel = :notice
181
181
  log_err("Failed to determine loglevel, defaulting to #{loglevel}")
182
182
  end
@@ -236,7 +236,7 @@ module Puppet
236
236
  raise e
237
237
  end
238
238
  },
239
- :ssl_host => proc { Puppet::SSL::Host.localhost },
239
+ :ssl_host => proc { Puppet::SSL::Host.localhost(true) },
240
240
  :http_session => proc { Puppet.runtime["http"].create_session },
241
241
  :plugins => proc { Puppet::Plugins::Configuration.load_plugins },
242
242
  :rich_data => false
@@ -95,11 +95,9 @@ class Puppet::Agent
95
95
  atForkHandler.child
96
96
  $0 = _("puppet agent: applying configuration")
97
97
  begin
98
- exit(yield)
99
- rescue SystemExit
100
- exit(-1)
98
+ exit(yield || 1)
101
99
  rescue NoMemoryError
102
- exit(-2)
100
+ exit(254)
103
101
  end
104
102
  end
105
103
  ensure
@@ -107,12 +105,6 @@ class Puppet::Agent
107
105
  end
108
106
 
109
107
  exit_code = Process.waitpid2(child_pid)
110
- case exit_code[1].exitstatus
111
- when -1
112
- raise SystemExit
113
- when -2
114
- raise NoMemoryError
115
- end
116
108
  exit_code[1].exitstatus
117
109
  end
118
110
 
@@ -39,6 +39,7 @@ class Puppet::Application::Agent < Puppet::Application
39
39
  :graph => true,
40
40
  :fingerprint => false,
41
41
  :sourceaddress => nil,
42
+ :start_time => Time.now,
42
43
  }.each do |opt,val|
43
44
  options[opt] = val
44
45
  end
@@ -405,7 +406,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
405
406
 
406
407
  def onetime(daemon)
407
408
  begin
408
- exitstatus = daemon.agent.run(:job_id => options[:job_id])
409
+ exitstatus = daemon.agent.run({:job_id => options[:job_id], :start_time => options[:start_time]})
409
410
  rescue => detail
410
411
  Puppet.log_exception(detail)
411
412
  end
@@ -292,7 +292,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
292
292
  Puppet::Log.level = :info
293
293
  end
294
294
 
295
- exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
295
+ exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
296
296
 
297
297
  require 'puppet/file_bucket/dipper'
298
298
  begin
@@ -300,19 +300,10 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
300
300
  path = options[:bucket] || Puppet[:clientbucketdir]
301
301
  @client = Puppet::FileBucket::Dipper.new(:Path => path)
302
302
  else
303
- if Puppet[:server_list] && !Puppet[:server_list].empty?
304
- server = Puppet[:server_list].first
305
- #TRANSLATORS 'server_list' is the name of a setting and should not be translated
306
- Puppet.debug _("Selected server from first entry of the `server_list` setting: %{server}:%{port}") % {server: server[0], port: server[1]}
307
- @client = Puppet::FileBucket::Dipper.new(
308
- :Server => server[0],
309
- :Port => server[1]
310
- )
311
- else
312
- #TRANSLATORS 'server' is the name of a setting and should not be translated
313
- Puppet.debug _("Selected server from the `server` setting: %{server}") % {server: Puppet[:server]}
314
- @client = Puppet::FileBucket::Dipper.new(:Server => Puppet[:server])
315
- end
303
+ session = Puppet.lookup(:http_session)
304
+ api = session.route_to(:puppet)
305
+
306
+ @client = Puppet::FileBucket::Dipper.new(Server: api.url.host, Port: api.url.port)
316
307
  end
317
308
  rescue => detail
318
309
  Puppet.log_exception(detail)
@@ -182,7 +182,7 @@ HELP
182
182
  route = create_route(ssl_context)
183
183
  Puppet.info _("Downloading certificate '%{name}' from %{url}") % { name: Puppet[:certname], url: route.url }
184
184
 
185
- x509 = route.get_certificate(Puppet[:certname], ssl_context: ssl_context)
185
+ _, x509 = route.get_certificate(Puppet[:certname], ssl_context: ssl_context)
186
186
  cert = OpenSSL::X509::Certificate.new(x509)
187
187
  Puppet.notice _("Downloaded certificate '%{name}' with fingerprint %{fingerprint}") % { name: Puppet[:certname], fingerprint: fingerprint(cert) }
188
188
 
@@ -226,7 +226,7 @@ HELP
226
226
  begin
227
227
  ssl_context = @machine.ensure_ca_certificates
228
228
  route = create_route(ssl_context)
229
- cert = route.get_certificate(certname, ssl_context: ssl_context)
229
+ _, cert = route.get_certificate(certname, ssl_context: ssl_context)
230
230
  rescue Puppet::HTTP::ResponseError => e
231
231
  if e.response.code.to_i != 404
232
232
  raise Puppet::Error.new(_("Failed to connect to the CA to determine if certificate %{certname} has been cleaned") % { certname: certname }, e)
@@ -199,7 +199,7 @@ class Puppet::Configurer
199
199
  # environment and transaction_uuid very early, this is to ensure
200
200
  # they are sent regardless of any catalog compilation failures or
201
201
  # exceptions.
202
- options[:report] ||= Puppet::Transaction::Report.new(nil, @environment, @transaction_uuid, @job_id)
202
+ options[:report] ||= Puppet::Transaction::Report.new(nil, @environment, @transaction_uuid, @job_id, options[:start_time] || Time.now)
203
203
  report = options[:report]
204
204
  init_storage
205
205
 
@@ -235,9 +235,13 @@ class Puppet::Configurer
235
235
  end
236
236
 
237
237
  def run_internal(options)
238
- start = Time.now
239
238
  report = options[:report]
240
239
 
240
+ if options[:start_time]
241
+ startup_time = Time.now - options[:start_time]
242
+ report.add_times(:startup_time, startup_time)
243
+ end
244
+
241
245
  # If a cached catalog is explicitly requested, attempt to retrieve it. Skip the node request,
242
246
  # don't pluginsync and switch to the catalog's environment if we successfully retrieve it.
243
247
  if Puppet[:use_cached_catalog]
@@ -402,7 +406,7 @@ class Puppet::Configurer
402
406
  end
403
407
 
404
408
  report.cached_catalog_status ||= @cached_catalog_status
405
- report.add_times(:total, Time.now - start)
409
+ report.add_times(:total, Time.now - report.time)
406
410
  report.finalize_report
407
411
  Puppet::Util::Log.close(report)
408
412
  send_report(report)
@@ -36,7 +36,7 @@ class Puppet::Configurer::PluginHandler
36
36
  locales = Gem::Version.new(server_agent_version) >= SUPPORTED_LOCALES_MOUNT_AGENT_VERSION
37
37
  unless locales
38
38
  session = Puppet.lookup(:http_session)
39
- locales = session.supports?(:puppet, 'locales')
39
+ locales = session.supports?(:fileserver, 'locales') || session.supports?(:puppet, 'locales')
40
40
  end
41
41
 
42
42
  if locales
@@ -81,7 +81,10 @@ module Puppet
81
81
  begin
82
82
  original_facter = Object.const_get(:Facter)
83
83
  Object.send(:remove_const, :Facter)
84
+
84
85
  require 'facter-ng'
86
+ # It is required to re-setup logger for facter-ng
87
+ Puppet::Util::Logging.setup_facter_logging!
85
88
  rescue LoadError
86
89
  Object.const_set(:Facter, original_facter)
87
90
  raise ArgumentError, 'facter-ng could not be loaded'
@@ -1637,7 +1640,7 @@ EOT
1637
1640
  :default => [],
1638
1641
  :type => :http_extra_headers,
1639
1642
  :desc => "The list of extra headers that will be sent with http requests to the master.
1640
- The header definition consists of a name and a value separated by a colon."
1643
+ The header definition consists of a name and a value separated by a colon."
1641
1644
  },
1642
1645
  :ignoreschedules => {
1643
1646
  :default => false,
@@ -1795,10 +1798,27 @@ EOT
1795
1798
  :type => :boolean,
1796
1799
  :desc => "Whether to send reports after every transaction.",
1797
1800
  },
1801
+ :report_include_system_store => {
1802
+ :default => false,
1803
+ :type => :boolean,
1804
+ :desc => "Whether the 'http' report processor should include the system
1805
+ certificate store when submitting reports to HTTPS URLs. If false, then
1806
+ the 'http' processor will only trust HTTPS report servers whose certificates
1807
+ are issued by the puppet CA or one of its intermediate CAs. If true, the
1808
+ processor will additionally trust CA certificates in the system's
1809
+ certificate store."
1810
+ },
1798
1811
  :resubmit_facts => {
1799
1812
  :default => false,
1800
1813
  :type => :boolean,
1801
- :desc => "Whether to send updated facts after every transaction.",
1814
+ :desc => "Whether to send updated facts after every transaction. By default
1815
+ puppet only submits facts at the beginning of the transaction before applying a
1816
+ catalog. Since puppet can modify the state of the system, the value of the facts
1817
+ may change after puppet finishes. Therefore, any facts stored in puppetdb may not
1818
+ be consistent until the agent next runs, typically in 30 minutes. If this feature
1819
+ is enabled, puppet will resubmit facts after applying its catalog, ensuring facts
1820
+ for the node stored in puppetdb are current. However, this will double the fact
1821
+ submission load on puppetdb, so it is disabled by default.",
1802
1822
  },
1803
1823
  :lastrunfile => {
1804
1824
  :default => "$statedir/last_run_summary.yaml",
@@ -247,11 +247,10 @@ module Puppet::Environments
247
247
  end
248
248
 
249
249
  def valid_environment_names
250
- if Puppet::FileSystem.directory?(@environment_dir)
251
- Puppet::FileSystem.children(@environment_dir).map do |child|
252
- Puppet::FileSystem.basename_string(child).intern if validated_directory(child)
253
- end.compact
254
- end
250
+ return [] unless Puppet::FileSystem.directory?(@environment_dir)
251
+ Puppet::FileSystem.children(@environment_dir).map do |child|
252
+ Puppet::FileSystem.basename_string(child).intern if validated_directory(child)
253
+ end.compact
255
254
  end
256
255
  end
257
256
 
@@ -44,7 +44,7 @@ Puppet::Face.define(:plugin, '0.0.1') do
44
44
  pool = Puppet.runtime['http'].pool
45
45
  Puppet.override(:http_pool => pool) do
46
46
  begin
47
- handler = Puppet::Configurer::PluginHandler.new()
47
+ handler = Puppet::Configurer::PluginHandler.new
48
48
  handler.download_plugins(remote_environment_for_plugins)
49
49
  ensure
50
50
  pool.close
@@ -80,7 +80,7 @@ class Puppet::FileSystem::FileImpl
80
80
  end
81
81
 
82
82
  def read(path, opts = {})
83
- path.read(opts)
83
+ path.read(**opts)
84
84
  end
85
85
 
86
86
  def read_preserve_line_endings(path)
@@ -156,12 +156,14 @@ class Puppet::FileSystem::FileImpl
156
156
  end
157
157
 
158
158
  def replace_file(path, mode = nil)
159
- mode ||= begin
160
- stat = Puppet::FileSystem.lstat(path)
161
- stat.mode & 07777
162
- rescue Errno::ENOENT
163
- 0640
164
- end
159
+ begin
160
+ stat = Puppet::FileSystem.lstat(path)
161
+ gid = stat.gid
162
+ uid = stat.uid
163
+ mode ||= stat.mode & 07777
164
+ rescue Errno::ENOENT
165
+ mode ||= 0640
166
+ end
165
167
 
166
168
  tempfile = Puppet::FileSystem::Uniquefile.new(Puppet::FileSystem.basename_string(path), Puppet::FileSystem.dir_string(path))
167
169
  begin
@@ -173,8 +175,10 @@ class Puppet::FileSystem::FileImpl
173
175
  tempfile.close
174
176
  end
175
177
 
176
- chmod(mode, tempfile.path)
177
- File.rename(tempfile.path, Puppet::FileSystem.path_string(path))
178
+ tempfile_path = tempfile.path
179
+ FileUtils.chown(uid, gid, tempfile_path) if uid && gid
180
+ chmod(mode, tempfile_path)
181
+ File.rename(tempfile_path, Puppet::FileSystem.path_string(path))
178
182
  ensure
179
183
  tempfile.close!
180
184
  end
@@ -48,7 +48,7 @@ class Puppet::Forge
48
48
  end
49
49
 
50
50
  http = Puppet.runtime['http']
51
- response = http.get(uri, headers: headers, user: user, password: password, ssl_context: @ssl_context)
51
+ response = http.get(uri, headers: headers, options: {user: user, password: password, ssl_context: @ssl_context})
52
52
  io.write(response.body) if io.respond_to?(:write)
53
53
  response
54
54
  rescue Puppet::SSL::CertVerifyError => e
@@ -51,7 +51,7 @@
51
51
  #
52
52
  # Would notice the value of `$facts['processors']['count']` at the time when the `call` is made.
53
53
  #
54
- # * Deferred values supported since Puppet 5.6.0
54
+ # * Deferred values supported since Puppet 6.0
55
55
  #
56
56
  # @since 5.0.0
57
57
  #
@@ -39,11 +39,9 @@
39
39
  # values to the lambda.
40
40
  #
41
41
  # Puppet calls the lambda for each of the data structure's remaining values. For each
42
- # call, it passes the result of the previous call as the first parameter ($memo in the
42
+ # call, it passes the result of the previous call as the first parameter (`$memo` in the
43
43
  # above examples) and the next value from the data structure as the second parameter
44
- # ($value).
45
- #
46
- # If the structure has one value, Puppet returns the value and does not call the lambda.
44
+ # (`$value`).
47
45
  #
48
46
  # @example Using the `reduce` function
49
47
  #
@@ -11,6 +11,7 @@ module Puppet
11
11
  end
12
12
  end
13
13
 
14
+ # @api private
14
15
  module HTTP
15
16
  ACCEPT_ENCODING = "gzip;q=1.0,deflate;q=0.6,identity;q=0.3".freeze
16
17
  HEADER_PUPPET_VERSION = "X-Puppet-Version".freeze
@@ -30,5 +31,6 @@ module Puppet
30
31
  require 'puppet/http/client'
31
32
  require 'puppet/http/redirector'
32
33
  require 'puppet/http/retry_after_handler'
34
+ require 'puppet/http/external_client'
33
35
  end
34
36
  end
@@ -1,7 +1,34 @@
1
+ #
2
+ # @api private
3
+ #
4
+ # The client contains a pool of persistent HTTP connections and creates HTTP
5
+ # sessions.
6
+ #
1
7
  class Puppet::HTTP::Client
8
+
9
+ # @api private
10
+ # @return [Puppet::Network::HTTP::Pool] the pool instance associated with
11
+ # this client
2
12
  attr_reader :pool
3
13
 
4
- def initialize(pool: Puppet::Network::HTTP::Pool.new, ssl_context: nil, system_ssl_context: nil, redirect_limit: 10, retry_limit: 100)
14
+ #
15
+ # @api private
16
+ #
17
+ # Create a new http client instance. The client contains a pool of persistent
18
+ # HTTP connections and creates HTTP sessions.
19
+ #
20
+ # @param [Puppet::Network::HTTP::Pool] pool pool of persistent Net::HTTP
21
+ # connections
22
+ # @param [Puppet::SSL::SSLContext] ssl_context ssl context to be used for
23
+ # connections
24
+ # @param [Puppet::SSL::SSLContext] system_ssl_context the system ssl context
25
+ # used if :include_system_store is set to true
26
+ # @param [Integer] redirect_limit number of HTTP redirections to allow in a
27
+ # given request
28
+ # @param [Integer] retry_limit number of HTTP reties allowed in a given
29
+ # request
30
+ #
31
+ def initialize(pool: Puppet::Network::HTTP::Pool.new(Puppet[:http_keepalive_timeout]), ssl_context: nil, system_ssl_context: nil, redirect_limit: 10, retry_limit: 100)
5
32
  @pool = pool
6
33
  @default_headers = {
7
34
  'X-Puppet-Version' => Puppet.version,
@@ -11,24 +38,48 @@ class Puppet::HTTP::Client
11
38
  @default_system_ssl_context = system_ssl_context
12
39
  @redirector = Puppet::HTTP::Redirector.new(redirect_limit)
13
40
  @retry_after_handler = Puppet::HTTP::RetryAfterHandler.new(retry_limit, Puppet[:runinterval])
14
- @resolvers = build_resolvers
15
41
  end
16
42
 
43
+ #
44
+ # @api private
45
+ #
46
+ # Create a new HTTP session. A session is the object through which services
47
+ # may be connected to and accessed.
48
+ #
49
+ # @return [Puppet::HTTP::Session] the newly created HTTP session
50
+ #
17
51
  def create_session
18
- Puppet::HTTP::Session.new(self, @resolvers)
52
+ Puppet::HTTP::Session.new(self, build_resolvers)
19
53
  end
20
54
 
21
- def connect(uri, ssl_context: nil, include_system_store: false, &block)
55
+ #
56
+ # @api private
57
+ #
58
+ # Open a connection to the given URI
59
+ #
60
+ # @param [URI] uri the connection destination
61
+ # @param [Hash] options
62
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
63
+ # be used for connections
64
+ # @option options [Boolean] :include_system_store (false) if we should include
65
+ # the system store for connection
66
+ #
67
+ # @yield [Net::HTTP] If a block is given, yields an active http connection
68
+ # from the pool
69
+ #
70
+ def connect(uri, options: {}, &block)
22
71
  start = Time.now
23
- ctx = resolve_ssl_context(ssl_context, include_system_store)
24
- site = Puppet::Network::HTTP::Site.from_uri(uri)
25
- verifier = if site.use_ssl?
26
- Puppet::SSL::Verifier.new(site.host, ctx)
27
- else
28
- nil
29
- end
72
+ verifier = nil
30
73
  connected = false
31
74
 
75
+ site = Puppet::Network::HTTP::Site.from_uri(uri)
76
+ if site.use_ssl?
77
+ ssl_context = options.fetch(:ssl_context, nil)
78
+ include_system_store = options.fetch(:include_system_store, false)
79
+ ctx = resolve_ssl_context(ssl_context, include_system_store)
80
+ verifier = Puppet::SSL::Verifier.new(site.host, ctx)
81
+ end
82
+
32
83
  @pool.with_connection(site, verifier) do |http|
33
84
  connected = true
34
85
  if block_given?
@@ -50,16 +101,30 @@ class Puppet::HTTP::Client
50
101
  {uri: uri, elapsed: elapsed(start), message: e.message}, e, connected)
51
102
  end
52
103
 
53
- def get(url, headers: {}, params: {}, user: nil, password: nil, ssl_context: nil, include_system_store: false, &block)
54
- query = encode_params(params)
55
- unless query.empty?
56
- url = url.dup
57
- url.query = query
58
- end
104
+ #
105
+ # @api private
106
+ #
107
+ # Submits a GET HTTP request to the given url
108
+ #
109
+ # @param [URI] url the location to submit the http request
110
+ # @param [Hash] headers merged with the default headers defined by the client
111
+ # @param [Hash] params encoded and set as the url query
112
+ # @param [Hash] options passed through to the request execution
113
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
114
+ # be used for connections
115
+ # @option options [Boolean] :include_system_store (false) if we should include
116
+ # the system store for connection
117
+ #
118
+ # @yield [Puppet::HTTP::Response] if a block is given yields the response
119
+ #
120
+ # @return [String] if a block is not given, returns the response body
121
+ #
122
+ def get(url, headers: {}, params: {}, options: {}, &block)
123
+ url = encode_query(url, params)
59
124
 
60
125
  request = Net::HTTP::Get.new(url, @default_headers.merge(headers))
61
126
 
62
- execute_streaming(request, user: user, password: password, ssl_context: ssl_context, include_system_store: include_system_store) do |response|
127
+ execute_streaming(request, options: options) do |response|
63
128
  if block_given?
64
129
  yield response
65
130
  else
@@ -68,50 +133,94 @@ class Puppet::HTTP::Client
68
133
  end
69
134
  end
70
135
 
71
- def head(url, headers: {}, params: {}, user: nil, password: nil, ssl_context: nil, include_system_store: false)
72
- query = encode_params(params)
73
- unless query.empty?
74
- url = url.dup
75
- url.query = query
76
- end
136
+ #
137
+ # @api private
138
+ #
139
+ # Submits a HEAD HTTP request to the given url
140
+ #
141
+ # @param [URI] url the location to submit the http request
142
+ # @param [Hash] headers merged with the default headers defined by the client
143
+ # @param [Hash] params encoded and set as the url query
144
+ # @param [Hash] options passed through to the request execution
145
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
146
+ # be used for connections
147
+ # @option options [Boolean] :include_system_store (false) if we should include
148
+ # the system store for connection
149
+ #
150
+ # @return [String] the body of the request response
151
+ #
152
+ def head(url, headers: {}, params: {}, options: {})
153
+ url = encode_query(url, params)
77
154
 
78
155
  request = Net::HTTP::Head.new(url, @default_headers.merge(headers))
79
156
 
80
- execute_streaming(request, user: user, password: password, ssl_context: ssl_context, include_system_store: include_system_store) do |response|
157
+ execute_streaming(request, options: options) do |response|
81
158
  response.body
82
159
  end
83
160
  end
84
161
 
85
- def put(url, headers: {}, params: {}, content_type:, body:, user: nil, password: nil, ssl_context: nil, include_system_store: false)
86
- query = encode_params(params)
87
- unless query.empty?
88
- url = url.dup
89
- url.query = query
90
- end
162
+ #
163
+ # @api private
164
+ #
165
+ # Submits a PUT HTTP request to the given url
166
+ #
167
+ # @param [URI] url the location to submit the http request
168
+ # @param [String] body the body of the PUT request
169
+ # @param [Hash] headers merged with the default headers defined by the client
170
+ # @param [Hash] params encoded and set as the url query
171
+ # @param [Hash] options passed through to the request execution
172
+ # @option options [String] :content_type the type of the body content
173
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
174
+ # be used for connections
175
+ # @option options [Boolean] :include_system_store (false) if we should include
176
+ # the system store for connection
177
+ #
178
+ # @return [String] the body of the request response
179
+ #
180
+ def put(url, body, headers: {}, params: {}, options: {})
181
+ raise ArgumentError, "'put' requires a string 'body' argument" unless body.is_a?(String)
182
+ url = encode_query(url, params)
91
183
 
92
184
  request = Net::HTTP::Put.new(url, @default_headers.merge(headers))
93
185
  request.body = body
94
- request['Content-Length'] = body.bytesize
95
- request['Content-Type'] = content_type
186
+ request.content_length = body.bytesize
187
+
188
+ raise ArgumentError, "'put' requires a 'content-type' header" unless request['Content-Type']
96
189
 
97
- execute_streaming(request, user: user, password: password, ssl_context: ssl_context, include_system_store: include_system_store) do |response|
190
+ execute_streaming(request, options: options) do |response|
98
191
  response.body
99
192
  end
100
193
  end
101
194
 
102
- def post(url, headers: {}, params: {}, content_type:, body:, user: nil, password: nil, ssl_context: nil, include_system_store: false, &block)
103
- query = encode_params(params)
104
- unless query.empty?
105
- url = url.dup
106
- url.query = query
107
- end
195
+ #
196
+ # @api private
197
+ #
198
+ # Submits a POST HTTP request to the given url
199
+ #
200
+ # @param [URI] url the location to submit the http request
201
+ # @param [String] body the body of the POST request
202
+ # @param [Hash] headers merged with the default headers defined by the client
203
+ # @param [Hash] params encoded and set as the url query
204
+ # @param [Hash] options passed through to the request execution
205
+ # @option options [String] :content_type the type of the body content
206
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
207
+ # be used for connections
208
+ # @option options [Boolean] :include_system_store (false) if we should include
209
+ # the system store for connection
210
+ #
211
+ # @return [String] the body of the request response
212
+ #
213
+ def post(url, body, headers: {}, params: {}, options: {}, &block)
214
+ raise ArgumentError, "'post' requires a string 'body' argument" unless body.is_a?(String)
215
+ url = encode_query(url, params)
108
216
 
109
217
  request = Net::HTTP::Post.new(url, @default_headers.merge(headers))
110
218
  request.body = body
111
- request['Content-Length'] = body.bytesize
112
- request['Content-Type'] = content_type
219
+ request.content_length = body.bytesize
220
+
221
+ raise ArgumentError, "'post' requires a 'content-type' header" unless request['Content-Type']
113
222
 
114
- execute_streaming(request, user: user, password: password, ssl_context: ssl_context, include_system_store: include_system_store) do |response|
223
+ execute_streaming(request, options: options) do |response|
115
224
  if block_given?
116
225
  yield response
117
226
  else
@@ -120,34 +229,64 @@ class Puppet::HTTP::Client
120
229
  end
121
230
  end
122
231
 
123
- def delete(url, headers: {}, params: {}, user: nil, password: nil, ssl_context: nil, include_system_store: false)
124
- query = encode_params(params)
125
- unless query.empty?
126
- url = url.dup
127
- url.query = query
128
- end
232
+ #
233
+ # @api private
234
+ #
235
+ # Submits a DELETE HTTP request to the given url
236
+ #
237
+ # @param [URI] url the location to submit the http request
238
+ # @param [Hash] headers merged with the default headers defined by the client
239
+ # @param [Hash] params encoded and set as the url query
240
+ # @param [Hash] options options hash passed through to the request execution
241
+ # @option options [Puppet::SSL::SSLContext] :ssl_context (nil) ssl context to
242
+ # be used for connections
243
+ # @option options [Boolean] :include_system_store (false) if we should include
244
+ # the system store for connection
245
+ #
246
+ # @return [String] the body of the request response
247
+ #
248
+ def delete(url, headers: {}, params: {}, options: {})
249
+ url = encode_query(url, params)
129
250
 
130
251
  request = Net::HTTP::Delete.new(url, @default_headers.merge(headers))
131
252
 
132
- execute_streaming(request, user: user, password: password, ssl_context: ssl_context, include_system_store: include_system_store) do |response|
253
+ execute_streaming(request, options: options) do |response|
133
254
  response.body
134
255
  end
135
256
  end
136
257
 
258
+ #
259
+ # @api private
260
+ #
261
+ # Close persistent connections in the pool
262
+ #
137
263
  def close
138
264
  @pool.close
139
265
  end
140
266
 
267
+ protected
268
+
269
+ def encode_query(url, params)
270
+ return url if params.empty?
271
+
272
+ url = url.dup
273
+ url.query = encode_params(params)
274
+ url
275
+ end
276
+
141
277
  private
142
278
 
143
- def execute_streaming(request, user: nil, password: nil, ssl_context:, include_system_store:, &block)
279
+ def execute_streaming(request, options: {}, &block)
280
+ user = options.fetch(:user, nil)
281
+ password = options.fetch(:password, nil)
282
+
144
283
  redirects = 0
145
284
  retries = 0
146
285
  response = nil
147
286
  done = false
148
287
 
149
288
  while !done do
150
- connect(request.uri, ssl_context: ssl_context, include_system_store: include_system_store) do |http|
289
+ connect(request.uri, options: options) do |http|
151
290
  apply_auth(request, user, password)
152
291
 
153
292
  # don't call return within the `request` block