puppet 6.26.0-x64-mingw32 → 6.27.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (45) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +1 -1
  3. data/Gemfile.lock +22 -22
  4. data/lib/puppet/application/lookup.rb +24 -28
  5. data/lib/puppet/configurer.rb +6 -2
  6. data/lib/puppet/defaults.rb +0 -1
  7. data/lib/puppet/functions/next.rb +18 -1
  8. data/lib/puppet/functions/tree_each.rb +0 -1
  9. data/lib/puppet/ssl/ssl_provider.rb +10 -7
  10. data/lib/puppet/type/exec.rb +1 -1
  11. data/lib/puppet/util/monkey_patches.rb +0 -2
  12. data/lib/puppet/util.rb +1 -2
  13. data/lib/puppet/version.rb +1 -1
  14. data/man/man5/puppet.conf.5 +2 -2
  15. data/man/man8/puppet-agent.8 +1 -1
  16. data/man/man8/puppet-apply.8 +1 -1
  17. data/man/man8/puppet-catalog.8 +1 -1
  18. data/man/man8/puppet-config.8 +1 -1
  19. data/man/man8/puppet-describe.8 +1 -1
  20. data/man/man8/puppet-device.8 +1 -1
  21. data/man/man8/puppet-doc.8 +1 -1
  22. data/man/man8/puppet-epp.8 +1 -1
  23. data/man/man8/puppet-facts.8 +1 -1
  24. data/man/man8/puppet-filebucket.8 +1 -1
  25. data/man/man8/puppet-generate.8 +1 -1
  26. data/man/man8/puppet-help.8 +1 -1
  27. data/man/man8/puppet-key.8 +1 -1
  28. data/man/man8/puppet-lookup.8 +1 -1
  29. data/man/man8/puppet-man.8 +1 -1
  30. data/man/man8/puppet-module.8 +1 -1
  31. data/man/man8/puppet-node.8 +1 -1
  32. data/man/man8/puppet-parser.8 +1 -1
  33. data/man/man8/puppet-plugin.8 +1 -1
  34. data/man/man8/puppet-report.8 +1 -1
  35. data/man/man8/puppet-resource.8 +1 -1
  36. data/man/man8/puppet-script.8 +1 -1
  37. data/man/man8/puppet-ssl.8 +1 -1
  38. data/man/man8/puppet-status.8 +1 -1
  39. data/man/man8/puppet.8 +2 -2
  40. data/spec/integration/application/lookup_spec.rb +64 -59
  41. data/spec/integration/application/resource_spec.rb +6 -2
  42. data/spec/integration/http/client_spec.rb +30 -0
  43. data/spec/unit/configurer_spec.rb +34 -3
  44. data/spec/unit/util/windows_spec.rb +23 -0
  45. metadata +5 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5d5c7006fa02f3f45a2c0aada3f63623468858eeccda70db5ca0b0d08cc3c504
4
- data.tar.gz: 71ab615ddcd0d04438079947ed0c69f49609c103c6e0c4768c0ce8f61588aab8
3
+ metadata.gz: fbd8f97ab1adb37d7867f4ac08d794c5eea6dbe90b63bb74ed66d45313b09b1d
4
+ data.tar.gz: a41173a9cdee61c24c191c6a719ef33360b613d112a5e1da6e199c1bffe57bc9
5
5
  SHA512:
6
- metadata.gz: 3d6720cc5962bbc50129b510b7cbd4adbea2121cbbd42f062cde15a418c3cd74f81537bd8fdfa6f222b14ac5af5aefdc0dd18b4bfd15ab3db6ffb770abe15e5e
7
- data.tar.gz: 99dcb372be188fece45cd50f3fe456991a6aacd789a52cf177fa648cf6af0fe4557a8add75a7718a57d8bf712f4200dc6f457b31ab386ecb7bae8ada404309cb
6
+ metadata.gz: '0568fa8396cd9c3848c00b930a89c4ca698cf27a1c175a61e9af3a0e56180cbc670a297779a37b5db2de1c1fe0024cce73bd9a2262d6a78395c3d8e178941761'
7
+ data.tar.gz: 967d852cbf0e1b8c8f2cc154ac7fa8316a8131044314a758295ca2f75a8cfa6537e4f69a3e99f88847b9df4cccc380e44b7b919c1e161954e484403d4b884504
data/CODEOWNERS CHANGED
@@ -1,5 +1,5 @@
1
1
  # defaults
2
- * @puppetlabs/platform-core @puppetlabs/puppetserver-maintainers @puppetlabs/night-s-watch
2
+ * @puppetlabs/phoenix @puppetlabs/puppetserver-maintainers
3
3
 
4
4
  # PAL
5
5
  /lib/puppet/pal @puppetlabs/bolt
data/Gemfile.lock CHANGED
@@ -1,11 +1,11 @@
1
1
  GIT
2
2
  remote: https://github.com/puppetlabs/packaging
3
- revision: 9d36e41d10ce14c66d9c3c35157788e63c1afef8
3
+ revision: 6f7b1ff00ab557f6a47f3f553cc87ec15d718470
4
4
  branch: 1.0.x
5
5
  specs:
6
- packaging (0.105.0)
6
+ packaging (0.106.0.27.g6f7b1ff)
7
7
  apt_stage_artifacts
8
- artifactory (~> 2)
8
+ artifactory (~> 3)
9
9
  csv (= 3.1.5)
10
10
  rake (>= 12.3)
11
11
  release-metrics
@@ -13,7 +13,7 @@ GIT
13
13
  PATH
14
14
  remote: .
15
15
  specs:
16
- puppet (6.26.0)
16
+ puppet (6.27.0)
17
17
  CFPropertyList (~> 2.2)
18
18
  concurrent-ruby (~> 1.0)
19
19
  deep_merge (~> 1.0)
@@ -33,17 +33,17 @@ GEM
33
33
  public_suffix (>= 2.0.2, < 5.0)
34
34
  apt_stage_artifacts (0.10.1)
35
35
  docopt
36
- artifactory (2.8.2)
36
+ artifactory (3.0.15)
37
37
  ast (2.4.2)
38
38
  coderay (1.1.3)
39
- concurrent-ruby (1.1.9)
39
+ concurrent-ruby (1.1.10)
40
40
  crack (0.4.5)
41
41
  rexml
42
42
  csv (3.1.5)
43
43
  deep_merge (1.2.2)
44
44
  diff-lcs (1.5.0)
45
45
  docopt (0.6.1)
46
- facter (4.2.7)
46
+ facter (4.2.9)
47
47
  hocon (~> 1.3)
48
48
  thor (>= 1.0.1, < 2.0)
49
49
  fast_gettext (1.1.2)
@@ -70,11 +70,11 @@ GEM
70
70
  memory_profiler (1.0.0)
71
71
  method_source (1.0.0)
72
72
  minitar (0.9)
73
- msgpack (1.4.2)
73
+ msgpack (1.5.0)
74
74
  multi_json (1.15.0)
75
75
  mustache (1.1.1)
76
76
  optimist (3.0.1)
77
- parallel (1.21.0)
77
+ parallel (1.22.1)
78
78
  parser (2.7.2.0)
79
79
  ast (~> 2.4.1)
80
80
  powerpack (0.1.3)
@@ -84,7 +84,7 @@ GEM
84
84
  public_suffix (4.0.6)
85
85
  puppet-resource_api (1.8.14)
86
86
  hocon (>= 1.0)
87
- puppetserver-ca (1.11.6)
87
+ puppetserver-ca (1.11.7)
88
88
  facter (>= 2.0.1, < 5)
89
89
  racc (1.5.2)
90
90
  rainbow (2.2.2)
@@ -100,22 +100,22 @@ GEM
100
100
  hpricot (>= 0.8.2)
101
101
  mustache (>= 0.7.0)
102
102
  rdiscount (>= 1.5.8)
103
- rspec (3.10.0)
104
- rspec-core (~> 3.10.0)
105
- rspec-expectations (~> 3.10.0)
106
- rspec-mocks (~> 3.10.0)
107
- rspec-core (3.10.1)
108
- rspec-support (~> 3.10.0)
109
- rspec-expectations (3.10.2)
103
+ rspec (3.11.0)
104
+ rspec-core (~> 3.11.0)
105
+ rspec-expectations (~> 3.11.0)
106
+ rspec-mocks (~> 3.11.0)
107
+ rspec-core (3.11.0)
108
+ rspec-support (~> 3.11.0)
109
+ rspec-expectations (3.11.0)
110
110
  diff-lcs (>= 1.2.0, < 2.0)
111
- rspec-support (~> 3.10.0)
111
+ rspec-support (~> 3.11.0)
112
112
  rspec-its (1.3.0)
113
113
  rspec-core (>= 3.0.0)
114
114
  rspec-expectations (>= 3.0.0)
115
- rspec-mocks (3.10.2)
115
+ rspec-mocks (3.11.1)
116
116
  diff-lcs (>= 1.2.0, < 2.0)
117
- rspec-support (~> 3.10.0)
118
- rspec-support (3.10.3)
117
+ rspec-support (~> 3.11.0)
118
+ rspec-support (3.11.0)
119
119
  rubocop (0.49.1)
120
120
  parallel (~> 1.10)
121
121
  parser (>= 2.3.3.1, < 3.0)
@@ -176,4 +176,4 @@ DEPENDENCIES
176
176
  yard
177
177
 
178
178
  BUNDLED WITH
179
- 2.2.6
179
+ 2.3.9
@@ -373,38 +373,34 @@ Copyright (c) 2015 Puppet Inc., LLC Licensed under the Apache 2.0 License
373
373
  end
374
374
 
375
375
  unless node.is_a?(Puppet::Node) # to allow unit tests to pass a node instance
376
- facts = retrieve_node_facts(node, given_facts)
377
- if Puppet.settings.set_by_cli?('environment')
378
- node = Puppet::Node.new(node, :classes => nil, :parameters => nil, :facts => facts, :environment => Puppet.settings.value('environment'))
379
- else
380
- ni = Puppet::Node.indirection
381
- tc = ni.terminus_class
382
- if options[:compile]
383
- if tc == :plain
384
- node = ni.find(node, facts: facts)
385
- else
386
- begin
387
- service = Puppet.runtime[:http]
388
- session = service.create_session
389
- cert = session.route_to(:ca)
390
-
391
- _, x509 = cert.get_certificate(node)
392
- cert = OpenSSL::X509::Certificate.new(x509)
393
- Puppet::SSL::Oids.register_puppet_oids
394
- trusted = Puppet::Context::TrustedInformation.remote(true, facts.values['certname'] || node, Puppet::SSL::Certificate.from_instance(cert))
395
- Puppet.override(trusted_information: trusted) do
396
- node = ni.find(node, facts: facts)
397
- end
398
- rescue
399
- Puppet.warning _("CA is not available, the operation will continue without using trusted facts.")
376
+ facts = retrieve_node_facts(node, given_facts)
377
+ ni = Puppet::Node.indirection
378
+ tc = ni.terminus_class
379
+ if options[:compile] && !Puppet.settings.set_by_cli?('environment')
380
+ if tc == :plain
381
+ node = ni.find(node, facts: facts)
382
+ else
383
+ begin
384
+ service = Puppet.runtime[:http]
385
+ session = service.create_session
386
+ cert = session.route_to(:ca)
387
+
388
+ _, x509 = cert.get_certificate(node)
389
+ cert = OpenSSL::X509::Certificate.new(x509)
390
+ Puppet::SSL::Oids.register_puppet_oids
391
+ trusted = Puppet::Context::TrustedInformation.remote(true, facts.values['certname'] || node, Puppet::SSL::Certificate.from_instance(cert))
392
+ Puppet.override(trusted_information: trusted) do
400
393
  node = ni.find(node, facts: facts)
401
394
  end
395
+ rescue
396
+ Puppet.warning _("CA is not available, the operation will continue without using trusted facts.")
397
+ node = ni.find(node, facts: facts)
402
398
  end
403
- else
404
- ni.terminus_class = :plain
405
- node = ni.find(node, facts: facts)
406
- ni.terminus_class = tc
407
399
  end
400
+ else
401
+ ni.terminus_class = :plain
402
+ node = ni.find(node, facts: facts, environment: Puppet[:environment])
403
+ ni.terminus_class = tc
408
404
  end
409
405
  else
410
406
  node.add_extra_facts(given_facts) if given_facts
@@ -330,7 +330,7 @@ class Puppet::Configurer
330
330
  temp_value = options[:pluginsync]
331
331
 
332
332
  # only validate server environment if pluginsync is requested
333
- options[:pluginsync] = valid_server_environment? if options[:pluginsync] == true
333
+ options[:pluginsync] = valid_server_environment? if options[:pluginsync]
334
334
 
335
335
  query_options, facts = get_facts(options) unless query_options
336
336
  options[:pluginsync] = temp_value
@@ -443,7 +443,11 @@ class Puppet::Configurer
443
443
  true
444
444
  rescue Puppet::HTTP::ResponseError => detail
445
445
  if detail.response.code == 404
446
- Puppet.notice(_("Environment '%{environment}' not found on server, skipping initial pluginsync.") % { environment: @environment })
446
+ if Puppet[:strict_environment_mode]
447
+ raise Puppet::Error.new(_("Environment '%{environment}' not found on server, aborting run.") % { environment: @environment })
448
+ else
449
+ Puppet.notice(_("Environment '%{environment}' not found on server, skipping initial pluginsync.") % { environment: @environment })
450
+ end
447
451
  else
448
452
  Puppet.log_exception(detail, detail.message)
449
453
  end
@@ -2068,7 +2068,6 @@ EOT
2068
2068
  :hook => proc do |value|
2069
2069
  paths = value.split(File::PATH_SEPARATOR)
2070
2070
  facter = Puppet.runtime[:facter]
2071
- facter.reset
2072
2071
  facter.search(*paths)
2073
2072
  end
2074
2073
  }
@@ -1,8 +1,25 @@
1
1
  # Makes iteration continue with the next value, optionally with a given value for this iteration.
2
2
  # If a value is not given it defaults to `undef`
3
+ #
4
+ # @example Using the `next()` function
3
5
  #
4
- # @since 4.7.0
6
+ # ```puppet
7
+ # $data = ['a','b','c']
8
+ # $data.each |Integer $index, String $value| {
9
+ # if $index == 1 {
10
+ # next()
11
+ # }
12
+ # notice ("${index} = ${value}")
13
+ # }
14
+ # ```
15
+ #
16
+ # Would notice:
17
+ # ```
18
+ # Notice: Scope(Class[main]): 0 = a
19
+ # Notice: Scope(Class[main]): 2 = c
20
+ # ```
5
21
  #
22
+ # @since 4.7.0
6
23
  Puppet::Functions.create_function(:next) do
7
24
  dispatch :next_impl do
8
25
  optional_param 'Any', :value
@@ -112,7 +112,6 @@
112
112
  # * `reverse_each` - get "leaves before root"
113
113
  # * `filter` - prune the tree
114
114
  # * `map` - transform each element
115
- # * `reduce` - produce something else
116
115
  #
117
116
  # Note than when chaining, the value passed on is a `Tuple` with `[path, value]`.
118
117
  #
@@ -51,8 +51,7 @@ class Puppet::SSL::SSLProvider
51
51
  # @raise (see #create_context)
52
52
  # @api private
53
53
  def create_system_context(cacerts:, path: Puppet[:ssl_trust_store])
54
- store = create_x509_store(cacerts, [], false)
55
- store.set_default_paths
54
+ store = create_x509_store(cacerts, [], false, include_system_store: true)
56
55
 
57
56
  if path
58
57
  stat = Puppet::FileSystem.stat(path)
@@ -94,19 +93,20 @@ class Puppet::SSL::SSLProvider
94
93
  # @param client_cert [OpenSSL::X509::Certificate] client's cert whose public
95
94
  # key matches the `private_key`
96
95
  # @param revocation [:chain, :leaf, false] revocation mode
96
+ # @param include_system_store [true, false] Also trust system CA
97
97
  # @return [Puppet::SSL::SSLContext] A context to use to create connections
98
98
  # @raise [Puppet::SSL::CertVerifyError] There was an issue with
99
99
  # one of the certs or CRLs.
100
100
  # @raise [Puppet::SSL::SSLError] There was an issue with the
101
101
  # `private_key`.
102
102
  # @api private
103
- def create_context(cacerts:, crls:, private_key:, client_cert:, revocation: Puppet[:certificate_revocation])
103
+ def create_context(cacerts:, crls:, private_key:, client_cert:, revocation: Puppet[:certificate_revocation], include_system_store: false)
104
104
  raise ArgumentError, _("CA certs are missing") unless cacerts
105
105
  raise ArgumentError, _("CRLs are missing") unless crls
106
106
  raise ArgumentError, _("Private key is missing") unless private_key
107
107
  raise ArgumentError, _("Client cert is missing") unless client_cert
108
108
 
109
- store = create_x509_store(cacerts, crls, revocation)
109
+ store = create_x509_store(cacerts, crls, revocation, include_system_store: include_system_store)
110
110
  client_chain = verify_cert_with_store(store, client_cert)
111
111
 
112
112
  if !private_key.is_a?(OpenSSL::PKey::RSA) && !private_key.is_a?(OpenSSL::PKey::EC)
@@ -134,12 +134,13 @@ class Puppet::SSL::SSLProvider
134
134
  # @param password [String, nil] If the private key is encrypted, decrypt
135
135
  # it using the password. If the key is encrypted, but a password is
136
136
  # not specified, then the key cannot be loaded.
137
+ # @param include_system_store [true, false] Also trust system CA
137
138
  # @return [Puppet::SSL::SSLContext] A context to use to create connections
138
139
  # @raise [Puppet::SSL::CertVerifyError] There was an issue with
139
140
  # one of the certs or CRLs.
140
141
  # @raise [Puppet::Error] There was an issue with one of the required components.
141
142
  # @api private
142
- def load_context(certname: Puppet[:certname], revocation: Puppet[:certificate_revocation], password: nil)
143
+ def load_context(certname: Puppet[:certname], revocation: Puppet[:certificate_revocation], password: nil, include_system_store: false)
143
144
  cert = Puppet::X509::CertProvider.new
144
145
  cacerts = cert.load_cacerts(required: true)
145
146
  crls = case revocation
@@ -151,7 +152,7 @@ class Puppet::SSL::SSLProvider
151
152
  private_key = cert.load_private_key(certname, required: true, password: password)
152
153
  client_cert = cert.load_client_cert(certname, required: true)
153
154
 
154
- create_context(cacerts: cacerts, crls: crls, private_key: private_key, client_cert: client_cert, revocation: revocation)
155
+ create_context(cacerts: cacerts, crls: crls, private_key: private_key, client_cert: client_cert, revocation: revocation, include_system_store: include_system_store)
155
156
  rescue OpenSSL::PKey::PKeyError => e
156
157
  raise Puppet::SSL::SSLError.new(_("Failed to load private key for host '%{name}': %{message}") % { name: certname, message: e.message }, e)
157
158
  end
@@ -186,7 +187,7 @@ class Puppet::SSL::SSLProvider
186
187
  end
187
188
  end
188
189
 
189
- def create_x509_store(roots, crls, revocation)
190
+ def create_x509_store(roots, crls, revocation, include_system_store: false)
190
191
  store = OpenSSL::X509::Store.new
191
192
  store.purpose = OpenSSL::X509::PURPOSE_ANY
192
193
  store.flags = default_flags | revocation_mode(revocation)
@@ -194,6 +195,8 @@ class Puppet::SSL::SSLProvider
194
195
  roots.each { |cert| store.add_cert(cert) }
195
196
  crls.each { |crl| store.add_crl(crl) }
196
197
 
198
+ store.set_default_paths if include_system_store
199
+
197
200
  store
198
201
  end
199
202
 
@@ -457,7 +457,7 @@ module Puppet
457
457
 
458
458
  exec { '/bin/echo root >> /usr/lib/cron/cron.allow':
459
459
  path => '/usr/bin:/usr/sbin:/bin',
460
- unless => 'grep root /usr/lib/cron/cron.allow 2>/dev/null',
460
+ unless => 'grep ^root$ /usr/lib/cron/cron.allow 2>/dev/null',
461
461
  }
462
462
 
463
463
  This would add `root` to the cron.allow file (on Solaris) unless
@@ -70,8 +70,6 @@ unless Puppet::Util::Platform.jruby_fips?
70
70
  end
71
71
 
72
72
  if Puppet::Util::Platform.windows?
73
- require 'puppet/util/windows'
74
-
75
73
  class OpenSSL::X509::Store
76
74
  @puppet_certs_loaded = false
77
75
  alias __original_set_default_paths set_default_paths
data/lib/puppet/util.rb CHANGED
@@ -7,6 +7,7 @@ require 'uri'
7
7
  require 'pathname'
8
8
  require 'ostruct'
9
9
  require 'puppet/util/platform'
10
+ require 'puppet/util/windows'
10
11
  require 'puppet/util/symbolic_file_mode'
11
12
  require 'puppet/file_system/uniquefile'
12
13
  require 'securerandom'
@@ -22,8 +23,6 @@ module Util
22
23
  require 'puppet/util/posix'
23
24
  extend Puppet::Util::POSIX
24
25
 
25
- require 'puppet/util/windows/process' if Puppet::Util::Platform.windows?
26
-
27
26
  extend Puppet::Util::SymbolicFileMode
28
27
 
29
28
  def default_env
@@ -6,7 +6,7 @@
6
6
  # Raketasks and such to set the version based on the output of `git describe`
7
7
 
8
8
  module Puppet
9
- PUPPETVERSION = '6.26.0'
9
+ PUPPETVERSION = '6.27.0'
10
10
 
11
11
  ##
12
12
  # version is a public API method intended to always provide a fast and
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPETCONF" "5" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPETCONF" "5" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  \fBThis page is autogenerated; any changes will get overwritten\fR
6
6
  .
7
7
  .SH "Configuration settings"
@@ -945,7 +945,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
945
945
  The HTTP User\-Agent string to send when making network requests\.
946
946
  .
947
947
  .IP "\(bu" 4
948
- \fIDefault\fR: \fBPuppet/6\.26\.0 Ruby/2\.7\.1\-p83 (x86_64\-linux)\fR
948
+ \fIDefault\fR: \fBPuppet/6\.27\.0 Ruby/2\.7\.5\-p203 (x86_64\-linux)\fR
949
949
  .
950
950
  .IP "" 0
951
951
  .
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-AGENT" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-AGENT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-agent\fR \- The puppet agent daemon
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-APPLY" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-APPLY" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-apply\fR \- Apply Puppet manifests locally
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CATALOG" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CATALOG" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CONFIG" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CONFIG" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-config\fR \- Interact with Puppet\'s settings\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DESCRIBE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DESCRIBE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-describe\fR \- Display help about resource types
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DEVICE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DEVICE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-device\fR \- Manage remote network devices
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DOC" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DOC" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-doc\fR \- Generate Puppet references
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-EPP" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-EPP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FACTS" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FACTS" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-facts\fR \- Retrieve and store facts\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FILEBUCKET" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FILEBUCKET" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-GENERATE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-GENERATE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-HELP" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-HELP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-help\fR \- Display Puppet help\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-KEY" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-KEY" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-key\fR \- Create, save, and remove certificate keys\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-LOOKUP" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-LOOKUP" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-lookup\fR \- Interactive Hiera lookup
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-MAN" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-MAN" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-man\fR \- Display Puppet manual pages\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-MODULE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-MODULE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-NODE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-NODE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-node\fR \- View and manage node definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PARSER" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PARSER" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-parser\fR \- Interact directly with the parser\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PLUGIN" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PLUGIN" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-REPORT" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-REPORT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-report\fR \- Create, display, and submit reports\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-RESOURCE" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-RESOURCE" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-resource\fR \- The resource abstraction layer shell
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SCRIPT" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SCRIPT" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SSL" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SSL" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-STATUS" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-STATUS" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-status\fR \- View puppet server status\.
data/man/man8/puppet.8 CHANGED
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET" "8" "January 2022" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET" "8" "March 2022" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\fR
@@ -25,4 +25,4 @@ Specialized:
25
25
  catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
26
26
  .
27
27
  .P
28
- See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.26\.0
28
+ See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.27\.0
@@ -7,7 +7,7 @@ describe 'lookup' do
7
7
  include PuppetSpec::Files
8
8
 
9
9
  context 'with an environment' do
10
- let(:fqdn) { Puppet.runtime[:facter].value(:fqdn) }
10
+ let(:fqdn) { Puppet[:certname] }
11
11
  let(:env_name) { 'spec' }
12
12
  let(:env_dir) { tmpdir('environments') }
13
13
  let(:environment_files) do
@@ -43,12 +43,10 @@ describe 'lookup' do
43
43
  end
44
44
 
45
45
  let(:app) { Puppet::Application[:lookup] }
46
- let(:env) { Puppet::Node::Environment.create(env_name.to_sym, [File.join(populated_env_dir, env_name, 'modules')]) }
47
- let(:environments) { Puppet::Environments::Directories.new(populated_env_dir, []) }
48
46
  let(:facts) { Puppet::Node::Facts.new("facts", {'my_fact' => 'my_fact_value'}) }
49
47
  let(:cert) { pem_content('oid.pem') }
50
48
 
51
- let(:node) { Puppet::Node.new('testnode', :facts => facts, :environment => env) }
49
+ let(:node) { Puppet::Node.new('testnode', :facts => facts) }
52
50
  let(:populated_env_dir) do
53
51
  dir_contained_in(env_dir, environment_files)
54
52
  env_dir
@@ -57,75 +55,72 @@ describe 'lookup' do
57
55
  before do
58
56
  stub_request(:get, "https://puppet:8140/puppet-ca/v1/certificate/#{fqdn}").to_return(body: cert)
59
57
  allow(Puppet::Node::Facts.indirection).to receive(:find).and_return(facts)
60
- end
61
58
 
62
- def lookup(key, options = {}, explain = false)
63
- key = [key] unless key.is_a?(Array)
64
- allow(app.command_line).to receive(:args).and_return(key)
65
- if explain
66
- app.options[:explain] = true
67
- app.options[:render_as] = :s
68
- else
69
- app.options[:render_as] = :json
70
- end
71
- options.each_pair { |k, v| app.options[k] = v }
72
- capture = StringIO.new
73
- saved_stdout = $stdout
74
- begin
75
- $stdout = capture
76
- expect { app.run_command }.to exit_with(0)
77
- ensure
78
- $stdout = saved_stdout
79
- end
80
- out = capture.string.strip
81
- if explain
82
- out
83
- else
84
- out.empty? ? nil : JSON.parse("[#{out}]")[0]
85
- end
86
- end
59
+ Puppet[:environment] = env_name
60
+ Puppet[:environmentpath] = populated_env_dir
87
61
 
88
- def explain(key, options = {})
89
- lookup(key, options, true)
62
+ http = Puppet::HTTP::Client.new(ssl_context: Puppet::SSL::SSLProvider.new.create_insecure_context)
63
+ Puppet.runtime[:http] = http
90
64
  end
91
65
 
92
- around(:each) do |example|
93
- Puppet.override(:environments => environments, :current_environment => env) do
94
- example.run
95
- end
66
+ def expect_lookup_with_output(exitcode, out)
67
+ expect { app.run }.to exit_with(exitcode).and output(out).to_stdout
96
68
  end
97
69
 
98
70
  it 'finds data in the environment' do
99
- expect(lookup('a')).to eql('value a')
71
+ app.command_line.args << 'a'
72
+ expect_lookup_with_output(0, /value a/)
100
73
  end
101
74
 
102
- it 'loads trusted information from the node certificate' do
103
- allow(Puppet).to receive(:override).and_call_original
104
- expect(Puppet).to receive(:override).with(trusted_information: an_object_having_attributes(
105
- certname: fqdn,
106
- extensions: { "1.3.6.1.4.1.34380.1.2.1.1" => "somevalue" }))
75
+ it "resolves hiera data using a top-level node parameter" do
76
+ File.write(File.join(env_dir, env_name, 'hiera.yaml'), <<~YAML)
77
+ ---
78
+ version: 5
79
+ hierarchy:
80
+ - name: "Per Node"
81
+ data_hash: yaml_data
82
+ path: "%{my_fact}.yaml"
83
+ YAML
84
+
85
+ File.write(File.join(env_dir, env_name, 'data', "my_fact_value.yaml"), <<~YAML)
86
+ ---
87
+ a: value from per node data
88
+ YAML
89
+
90
+ app.command_line.args << 'a'
91
+ expect_lookup_with_output(0, /--- value from per node data/)
92
+ end
107
93
 
94
+ it 'loads trusted information from the node certificate' do
108
95
  Puppet.settings[:node_terminus] = 'exec'
109
- expect_any_instance_of(Puppet::Node::Exec).to receive(:find).and_return(node)
110
- lookup('a', :compile => true)
96
+ expect_any_instance_of(Puppet::Node::Exec).to receive(:find) do |args|
97
+ info = Puppet.lookup(:trusted_information)
98
+ expect(info.certname).to eq(fqdn)
99
+ expect(info.extensions).to eq({ "1.3.6.1.4.1.34380.1.2.1.1" => "somevalue" })
100
+ end.and_return(node)
101
+
102
+ app.command_line.args << 'a' << '--compile'
103
+ expect_lookup_with_output(0, /--- value a/)
111
104
  end
112
105
 
113
106
  it 'loads external facts when running without --node' do
114
107
  expect(Puppet::Util).not_to receive(:skip_external_facts)
115
108
  expect(Facter).not_to receive(:load_external)
116
- lookup('a')
109
+
110
+ app.command_line.args << 'a'
111
+ expect_lookup_with_output(0, /--- value a/)
117
112
  end
118
113
 
119
114
  describe 'when using --node' do
120
115
  let(:fqdn) { 'random_node' }
121
116
 
122
117
  it 'skips loading of external facts' do
123
- app.options[:node] = fqdn
118
+ app.command_line.args << 'a' << '--node' << fqdn
124
119
 
125
120
  expect(Puppet::Node::Facts.indirection).to receive(:find).and_return(facts)
126
- expect(Facter).to receive(:load_external).once.with(false)
127
- expect(Facter).to receive(:load_external).once.with(true)
128
- lookup('a')
121
+ expect(Facter).to receive(:load_external).twice.with(false)
122
+ expect(Facter).to receive(:load_external).twice.with(true)
123
+ expect_lookup_with_output(0, /--- value a/)
129
124
  end
130
125
  end
131
126
 
@@ -133,29 +128,32 @@ describe 'lookup' do
133
128
  require 'puppet/indirector/node/exec'
134
129
  require 'puppet/indirector/node/plain'
135
130
 
136
- let(:node) { Puppet::Node.new('testnode', :facts => facts, :environment => env) }
131
+ let(:node) { Puppet::Node.new('testnode', :facts => facts) }
137
132
 
138
133
  it ':plain without --compile' do
139
134
  Puppet.settings[:node_terminus] = 'exec'
140
135
  expect_any_instance_of(Puppet::Node::Plain).to receive(:find).and_return(node)
141
136
  expect_any_instance_of(Puppet::Node::Exec).not_to receive(:find)
142
- expect(lookup('a')).to eql('value a')
137
+
138
+ app.command_line.args << 'a'
139
+ expect_lookup_with_output(0, /--- value a/)
143
140
  end
144
141
 
145
142
  it 'configured in Puppet settings with --compile' do
146
143
  Puppet.settings[:node_terminus] = 'exec'
147
144
  expect_any_instance_of(Puppet::Node::Plain).not_to receive(:find)
148
145
  expect_any_instance_of(Puppet::Node::Exec).to receive(:find).and_return(node)
149
- expect(lookup('a', :compile => true)).to eql('value a')
146
+
147
+ app.command_line.args << 'a' << '--compile'
148
+ expect_lookup_with_output(0, /--- value a/)
150
149
  end
151
150
  end
152
151
 
153
152
  context 'configured with the wrong environment' do
154
- let(:env) { Puppet::Node::Environment.create(env_name.to_sym, [File.join(populated_env_dir, env_name, 'modules')]) }
155
153
  it 'does not find data in non-existing environment' do
156
- Puppet.override(:environments => environments, :current_environment => 'someother') do
157
- expect(lookup('a', {}, true)).to match(/did not find a value for the name 'a'/)
158
- end
154
+ Puppet[:environment] = 'doesntexist'
155
+ app.command_line.args << 'a'
156
+ expect { app.run }.to raise_error(Puppet::Environments::EnvironmentNotFound, /Could not find a directory environment named 'doesntexist'/)
159
157
  end
160
158
  end
161
159
 
@@ -200,15 +198,22 @@ describe 'lookup' do
200
198
  end
201
199
 
202
200
  it 'finds data in the module' do
203
- expect(lookup('mod_a::b')).to eql('value mod_a::b (from mod_a)')
201
+ app.command_line.args << 'mod_a::b'
202
+ expect_lookup_with_output(0, /value mod_a::b \(from mod_a\)/)
204
203
  end
205
204
 
206
205
  it 'finds quoted keys in the module' do
207
- expect(lookup('"mod_a::a.quoted.key"')).to eql('value mod_a::a.quoted.key (from mod_a)')
206
+ app.command_line.args << "'mod_a::a.quoted.key'"
207
+ expect_lookup_with_output(0, /value mod_a::a.quoted.key \(from mod_a\)/)
208
208
  end
209
209
 
210
210
  it 'merges hashes from environment and module when merge strategy hash is used' do
211
- expect(lookup('mod_a::hash_a', :merge => 'hash')).to eql({'a' => 'value mod_a::hash_a.a (from environment)', 'b' => 'value mod_a::hash_a.b (from mod_a)'})
211
+ app.command_line.args << 'mod_a::hash_a' << '--merge' << 'hash'
212
+ expect_lookup_with_output(0, <<~END)
213
+ ---
214
+ a: value mod_a::hash_a.a (from environment)
215
+ b: value mod_a::hash_a.b (from mod_a)
216
+ END
212
217
  end
213
218
  end
214
219
  end
@@ -28,14 +28,18 @@ describe "puppet resource", unless: Puppet::Util::Platform.jruby? do
28
28
  end
29
29
 
30
30
  it 'lists types from the default environment' do
31
+ begin
31
32
  modulepath = File.join(Puppet[:codedir], 'modules', 'test', 'lib', 'puppet', 'type')
32
33
  FileUtils.mkdir_p(modulepath)
33
- File.write(File.join(modulepath, 'test.rb'), 'Puppet::Type.newtype(:test)')
34
+ File.write(File.join(modulepath, 'test_resource_spec.rb'), 'Puppet::Type.newtype(:test_resource_spec)')
34
35
  resource.command_line.args = ['--types']
35
36
 
36
37
  expect {
37
38
  resource.run
38
- }.to exit_with(0).and output(/test/).to_stdout
39
+ }.to exit_with(0).and output(/test_resource_spec/).to_stdout
40
+ ensure
41
+ Puppet::Type.rmtype(:test_resource_spec)
42
+ end
39
43
  end
40
44
  end
41
45
 
@@ -77,6 +77,12 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
77
77
  }
78
78
  }
79
79
 
80
+ let(:systemstore) do
81
+ res = tmpfile('systemstore')
82
+ File.write(res, https_server.ca_cert)
83
+ res
84
+ end
85
+
80
86
  it "mutually authenticates the connection" do
81
87
  client_context = ssl_provider.create_context(
82
88
  cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
@@ -88,6 +94,30 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
88
94
  expect(res).to be_success
89
95
  end
90
96
  end
97
+
98
+ it "connects when the server's CA is in the system store and the connection is mutually authenticated using create_context" do
99
+ Puppet::Util.withenv("SSL_CERT_FILE" => systemstore) do
100
+ client_context = ssl_provider.create_context(
101
+ cacerts: [https_server.ca_cert], crls: [https_server.ca_crl],
102
+ client_cert: https_server.server_cert, private_key: https_server.server_key,
103
+ revocation: false, include_system_store: true
104
+ )
105
+ https_server.start_server(ctx_proc: ctx_proc) do |port|
106
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
107
+ expect(res).to be_success
108
+ end
109
+ end
110
+ end
111
+
112
+ it "connects when the server's CA is in the system store and the connection is mutually authenticated uning load_context" do
113
+ Puppet::Util.withenv("SSL_CERT_FILE" => systemstore) do
114
+ client_context = ssl_provider.load_context(revocation: false, include_system_store: true)
115
+ https_server.start_server(ctx_proc: ctx_proc) do |port|
116
+ res = client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: client_context})
117
+ expect(res).to be_success
118
+ end
119
+ end
120
+ end
91
121
  end
92
122
 
93
123
  context "with a system trust store" do
@@ -9,9 +9,6 @@ describe Puppet::Configurer do
9
9
  Puppet[:report] = true
10
10
 
11
11
  catalog.add_resource(resource)
12
- allow_any_instance_of(described_class).to(
13
- receive(:valid_server_environment?).and_return(true)
14
- )
15
12
 
16
13
  Puppet[:lastrunfile] = file_containing('last_run_summary.yaml', <<~SUMMARY)
17
14
  ---
@@ -78,10 +75,44 @@ describe Puppet::Configurer do
78
75
  end
79
76
  end
80
77
 
78
+ describe "when executing a catalog run without stubbing valid_server_environment?" do
79
+ before do
80
+ Puppet::Resource::Catalog.indirection.terminus_class = :rest
81
+ allow(Puppet::Resource::Catalog.indirection).to receive(:find).and_return(catalog)
82
+ end
83
+
84
+ it 'skips initial plugin sync if environment is not found and no strict_environment_mode' do
85
+ body = "{\"message\":\"Not Found: Could not find environment 'fasdfad'\",\"issue_kind\":\"RUNTIME_ERROR\"}"
86
+ stub_request(:get, %r{/puppet/v3/file_metadatas/plugins?}).to_return(
87
+ status: 404, body: body, headers: {'Content-Type' => 'application/json'}
88
+ )
89
+
90
+ configurer.run(:pluginsync => true)
91
+
92
+ expect(@logs).to include(an_object_having_attributes(level: :notice, message: %r{Environment 'production' not found on server, skipping initial pluginsync.}))
93
+ expect(@logs).to include(an_object_having_attributes(level: :notice, message: /Applied catalog in .* seconds/))
94
+ end
95
+
96
+ it 'if strict_environment_mode is set and environment is not found, aborts the puppet run' do
97
+ Puppet[:strict_environment_mode] = true
98
+ body = "{\"message\":\"Not Found: Could not find environment 'fasdfad'\",\"issue_kind\":\"RUNTIME_ERROR\"}"
99
+ stub_request(:get, %r{/puppet/v3/file_metadatas/plugins?}).to_return(
100
+ status: 404, body: body, headers: {'Content-Type' => 'application/json'}
101
+ )
102
+
103
+ configurer.run(:pluginsync => true)
104
+
105
+ expect(@logs).to include(an_object_having_attributes(level: :err, message: %r{Failed to apply catalog: Environment 'production' not found on server, aborting run.}))
106
+ end
107
+ end
108
+
81
109
  describe "when executing a catalog run" do
82
110
  before do
83
111
  Puppet::Resource::Catalog.indirection.terminus_class = :rest
84
112
  allow(Puppet::Resource::Catalog.indirection).to receive(:find).and_return(catalog)
113
+ allow_any_instance_of(described_class).to(
114
+ receive(:valid_server_environment?).and_return(true)
115
+ )
85
116
  end
86
117
 
87
118
  it "downloads plugins when told" do
@@ -0,0 +1,23 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Puppet::Util::Windows do
6
+ %w[
7
+ ADSI
8
+ ADSI::ADSIObject
9
+ ADSI::User
10
+ ADSI::UserProfile
11
+ ADSI::Group
12
+ EventLog
13
+ File
14
+ Process
15
+ Registry
16
+ Service
17
+ SID
18
+ ].each do |name|
19
+ it "defines Puppet::Util::Windows::#{name}" do
20
+ expect(described_class.const_get(name)).to be
21
+ end
22
+ end
23
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.26.0
4
+ version: 6.27.0
5
5
  platform: x64-mingw32
6
6
  authors:
7
7
  - Puppet Labs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-01-18 00:00:00.000000000 Z
11
+ date: 2022-04-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: facter
@@ -2669,6 +2669,7 @@ files:
2669
2669
  - spec/unit/util/windows/service_spec.rb
2670
2670
  - spec/unit/util/windows/sid_spec.rb
2671
2671
  - spec/unit/util/windows/string_spec.rb
2672
+ - spec/unit/util/windows_spec.rb
2672
2673
  - spec/unit/util/yaml_spec.rb
2673
2674
  - spec/unit/util_spec.rb
2674
2675
  - spec/unit/version_spec.rb
@@ -2708,7 +2709,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2708
2709
  - !ruby/object:Gem::Version
2709
2710
  version: 1.3.1
2710
2711
  requirements: []
2711
- rubygems_version: 3.1.2
2712
+ rubygems_version: 3.1.6
2712
2713
  signing_key:
2713
2714
  specification_version: 4
2714
2715
  summary: Puppet, an automated configuration management tool
@@ -3957,6 +3958,7 @@ test_files:
3957
3958
  - spec/unit/util/windows/service_spec.rb
3958
3959
  - spec/unit/util/windows/sid_spec.rb
3959
3960
  - spec/unit/util/windows/string_spec.rb
3961
+ - spec/unit/util/windows_spec.rb
3960
3962
  - spec/unit/util/yaml_spec.rb
3961
3963
  - spec/unit/util_spec.rb
3962
3964
  - spec/unit/version_spec.rb