| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
The previous implementation checked the argument types twice against the
signature. This reduces it to a single check. The error for a missing
argument is now caught in a place that used to be unreachable and so the
error has been converted into an issue, which also provides the
information about where the failure occurred.
|
|
This adds a check when the signature for a closure is being calculated
to catch invalid parameter specifications where required arguments are
placed after optional onces. Allowing that would mean that the argument
range information would be incorrect.
|
|
This updates Closure code to implement type checking for the parameter
values.
|
|
The work so far has not been able to deal with type checking lambdas.
This adds tests for the conditions that will need to be handled for
lambdas to properly type check their arguments. Currently none of these
new tests pass.
|
|
|
|
This changes the warning issued on the code path when a resource type
is required in order to do deserialization (apply phase). When this
happens on the server side (or during apply), the full source is
available, and the type in "known resource types" is loaded code that
may have typed parameters. This second time, no validation can and will
not take place because it is happening where there is no top scope
available. (This is fine, and should use result in a debug output).
This also fixes a couple of typos.
|
|
|
|
This makes define and class parameters support optionally typed
parameters when using the future parser. The type expressions
are evaluated by the Pops Bridge when parameters are transformed t 3x.
The 3x parameters are not aware of type information (they are encoded as
arrays), and changes to all the logic that deals with parameters turned
on to not be a good design. The resource type and resource is instead
made aware of the opt-in types via a separate param-name to type map
that it applies in the validation step that was already performed.
|
|
An empty string is no longer undef when parser is future, and will
evaluate as true in a conditional test. This commit fixes a test that
was failing this check for the future parser. This, and several like
it, was an acceptance test which was just compiling a simple manifest
with some conditional logic to test evaluation of conditionals. Since
acceptance tests are expensive, I've pulled them back into the
integration specs.
The actual test being fixed is
acceptance/tests/apply/conditionals/should_evaluate_empty.rb which is
now the two 'evaluates empty string as <false|true>' specs in the new
spec/integration/parser/conditionals_spec.rb
|
|
Previously this spec's tests were a shared_example that had been shared
between runs with parser=current and parser=future. The future compiler
tests were moved out into
spec/integration/parser/future_compiler_spec.rb in 7a6a7d8. This maint
fix just removes the unused rspec construction of shared_examples_for
from around the specs in parser/compiler_spec, since they are only being
run against the current parser now.
|
|
(PUP-121) remove relative name spacing
|
|
* pr/2704:
(maint) Untangle fetching of serial numbers
(PUP-2569) Revoke all certificate matching a given name
|
|
* upstream/stable:
(maint) stop enforcing the random prioritizer for evaluation in spectests
(PUP-2683) Fix fact terminus to load facts without '.' on the load path.
(packaging) Update PUPPETVERSION to 3.6.2
(PUP-2533) Insert SSLCARevocationCheck on upgrade
(maint) extract initial Passenger configuration
(PUP-2533) Apache 2.4 requires explicit CRL configuration
(PUP-2478) Remove current directory from Ruby load path.
|
|
The attempt to make all catalogEntryTypes absolute did not
work out so great as the lower level APIs in 3x expect non :: prefixed
names to be absolute.
This changes the transformation made in the evaluator to always use
"relative" names.
|
|
When the 3x to 4x calls take place, resource references in the form
of a PCatalogEntryType are transformed to Puppet::Resource.
Depending on where these (reference) Puppet::Resource instances are
used they need to either be absolute, or not (yes, 3x is inconsistent).
Since future parser in 3.7 (and later 4.0) will not support dynamic
name scoping, the PCatalogEntryType's should in general be absolute.
This commit changes the transformation to make the created
Puppet::Resource (references) absolute (when it is possible).
This also adds more tests
|
|
The default mode for files that a ParsedFile provider newly creates
is 0600. This makes no sense for the ssh_known_hosts file, because it
contains public information that adds to security for all users.
|
|
It is helpful to have a simple helper method to match desired file modes
from spec tests.
|
|
* stable:
(PUP-2364) Correct host variable reference
(PUP-2364) Fix usage of puppet vardir setting Win2003
(PUP-2635) Skip this test on windows
(PUP-2635) integration test for the purging of authorized ssh keys
(PUP-2635) use generate instead of eval_generate to purge ssh keys
(maint) Use same prioritizer throughout catalog
|
|
Before 95ddc530 the integration tests for Type::User purging authorized
SSH keys did not work when using the SequentialPrioritizer that is
actually the default in the transaction runner methods defined in
PuppetSpec::Compiler.
Since the cause has been removed, so should we do with the workaround.
The tests should rely on the defaults and not impose a (random) preference
unnecessarily.
|
|
|
|
Compile manifests that purge keys from a specific file and verify
their effect. Adds a test that detects the eval_generate problem
fixed in this branch.
|
|
puppet cert revoke <name> was revoking only the first certificate
when the certificate file wasn't present on the system.
This patch makes sure all issued certificate matching a given name
are now revoked.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
|
* upstream/stable:
(maint) Remove failure for empty generated tags
(maint) Update test to use resource matcher
(maint) Add sitemoduledir to env env tests
(PUP-2689) Make AST Resource check tags against "inherited" tags
(maint) Remove unused Puppet::Parser::AST::Tag class
|
|
The other test added for checking the tagging behavior used the resource
matcher but the current compiler spec didn't. This updates it to be
consistent with the future compiler spec and use the matcher.
|
|
The integration spec checking help output for the faces was setting
modulepath directly in the body of an RSpec context block. This caused
modulepath to be set on test file load. Normally, this is not an issue,
since most specs are not sensitive to the Puppet modulepath setting, and
the test_helper clears all settings in its after_each_test hook.
However, a recent run of specs on Solaris master just happened to run
with the very first spec being sensitive to modulepath
(spec/integration/directory_environments_spec.rb) which then failed.
Fortunately, the current version of puppet no longer requires this early
setting of modulepath for the documentation spec to run, so I'm just
removing it here.
|
|
This overrides the tagged? method in AST Resource to also search
for tags in its containing resource. These tags will be set when
the resource is finalized (just before serialization on transformation
to external format).
If this is not done, resources will have a different tag set when
a search is made for the node itself (exported or virtual) vs. searching
external resources.
This also correct minor problems with passing an array (which could
result in an array being set as a tag).
It was also possible for empty tags to be set if a string tag contained
multiple :: in sequence, or if ending with ::. Now an error is raised
for these conditions (just like for empty segments generated by using a
sequence of commas (which was on a different code path).
|
|
* pr/2549:
(PUP-2298) Use resource specific log_exception
(PUP-2298) protect transaction spec test against new exceptions
(PUP-2298) add resource lifecycle method Puppet::Type#pre_run_check
Closes GH-2549
|
|
* ticket/master/PUP-838-FFI_Windows_Process:
(PUP-838) Use FFI helpers read_handle / read_dword
(PUP-838) Process uses LookupPrivilegeValueW
(PUP-838) GetExitCodeProcess checks FFI::WIN32_FALSE
(PUP-838) FFI Puppet::Util::Windows::Process module
(PUP-838) Move FFI code to bottom of process.rb
|
|
- Switch from LookupPrivilegeValueA to LookupPrivilegeValueW
- In reality, this doesn't absolutely need to be done, but for the sake
of consistency with other API calls, we use W suffixed functions
- Add 2 tests that confirm that our usage of the Win32 API call is
correct
|
|
(PUP-867) Remove support for dynamic defaults for future parser
|
|
- Previously check_token_membership was failing in 2003 spec tests
due to 2 issues
- FFI::Pointer::NULL cannot be used in place of our :handle typedef,
and therefore we must add a new constant of 0 to be used for NULL
handles
- FFI defines a :bool as variable width "(?? 1 byte in C++)", while
Win32 defines a BOOL as int, and is fixed to 4 bytes on x86 and x64
- Fortunately the bool issue really only bit us in the one spot where
we were using a pointer to a bool, but by adding a new typedef for
:win32_bool, all call sites comparing the return value needed to be
updated for correctness to compare against FFI::WIN32_FALSE
- A test was added to ensure these APIs are called during spec tests
on all Windows platforms, and not just 2003
|
|
- Move Windows ADSI code out of puppet/util and into
puppet/util/windows
- Update namespace from Puppet::Util::ADSI to
Puppet::Util::Windows::ADSI
- Add module / class definitions for ADSI to util/windows.rb
to prevent tests from blowing up on non-Windows
- Moving Puppet.features.microsoft_windows? checks to top of
user and group provider tests for ADSI
- Update all dependent code, remove unnecessary references
|
|
- Refactor Puppet::Util::Windows::Process to implement new method
elevated_security? that was in win32-security gem
- Refactor get_token_information to return an FFI::MemoryPointer buffer
instead of a parsed structure, since GetTokenInformation is a generic
call that can return many structure types, including TOKEN_ELEVATION.
- Remove any reliance on win32-security gem from user.rb
- Adjust tests accordingly
|
|
- LogonUserW, LoadUserProfile, UnloadUserProfile and PROFILEINFO
have been converted from manually packing params with Win32API.new to
automatically managed with FFI definitions.
- Use MemoryPointer where appropriate.
- Note that wide character LogonUserW is used rather than platform
varying LogonUser as FFI is unable to use that. The pointer
widths of PROFILEINFO vary depending on platform, which is handled
by using :pointer. With LogonUserW the string pointed to is always
wide character, which is properly handled by using wide_string.
- Add FFI::MemoryPointer helper read_handle
- Add FFI::MemoryPointer.from_wide_string and corresponding tests that
ensure that a properly terminated UTF-16LE string is passed in
- Add FFI::MemoryPointer#read_wide_string that reads a wide string buffer
into a Ruby string with Encoding.default_external and corresponding tests
- Add additional tests around User methods that make native Win32 API calls
that will intentionally fail
- Fix wide_string helper to return nil when given nil so that can be passed
directly to Win32 as a null pointer
|
|
WHen future parser is in effect, the lookup of default values
will now not look in "parent scopes" (i.e. scopes that *contain*
the resource). Instead it now only looks in inherited and enclosing
scopes + itself.
This removes the confusion that occurs when a class may be included
from different locations, and the location that wins manages to impose
the defaults from its scope.
This removal goes hand in hand with dynamic scoping being removed
everywhere else.
|
|
The goal here was to only produce a fallback environment for the default
'production' environment which would only be found if the production
directory environment did not exist. All other cases would raise an
error during application start up if the environment did not exist.
Except for applications in agent mode which currently need the concept of
the environment they will be requesting, but should not have to create
or verify the existence of a locally matching environment in their
environmentpath.
A few other changes are made to further narrow the scope of code making
open requests for the configured environment:
* indirection request - looks up current environment now, relying on
this having been set by whatever application is making the request.
* puppet apply - instead of creating a new loader with a single static
environment, it overrides current_environment instead.
* puppet util commandline - does not attempt to look for additional
plugins if there is no environment to search in. It relies on
application to raise an error instead, if necessary.
|
|
The new perform_pre_run_checks method in the transaction loops over
all resources in the catalog. This is prone to failures if any nil references
end up in the catalog. This can happen during the addition of resources
to the catalog under test conditions, because the mock resources are not
sufficiently contained.
To work around this effect, stub the very #container_of method in the mock
catalog so that all resources will have an apparent container.
|
|
In order to deprecate the builtin defined function (which is often abused
to work around resource duplication among modules) it is desirable to
add resource constraints to the language. An easy approach to allowing such
constraints to work is to add them as a special resource type that does not
take effect during the transaction, but fails the whole catalog in case of
validation failure.
To make this possible, add a new method #pre_run_check to the Type base class
for overriding in appropriate resource types (such as constraint).
The semantics is simply
- raise nothing if the pre-run check is succesful
- raise a Puppet::Error otherwise
The check is performed during evaluation of the transaction, just before
the catalog is applied. The generating of additional resources should be
complete when this is done (because the hook is meant to be able to
check the whole catalog for consistency).
|
|
hlindberg/pup-2214_change-env-lookup-to-current-env
(PUP-2214) change env lookup to current env
|
|
Fixes some rdoc1 spec issues by providing explicit envs in the specs.
|
|
The new parser has been updated to be able to handle nodes with numeric
names and so the test for that case now passes for both the current and
future parser. The only remaining case is when the name is an invalid
number. The future parser won't ever parse this correctly and so the
test has been changed to assert the desired behavior, in which the
parser fails.
The new changes to the parser also allows it to handle dotted names and
so a new test has been added for that.
|
|
There were no tests that tried to specify how node statements are
selected. This adds coverage for various ways in which a node statements
can match a given node object and varifies that the future evaluator and
the current evaluator produce the same results.
There are 2 cases where the future evaluator isn't able to handle the
same node statements: using numbers. One case, where a name begins with
a number, seems completely reasonable. The other case, where the name is
a valid number, seems like an arbitrary restriction and so we need to
discuss.
|
|
|
|
adrienthebo/feature/master/pup-1840-tunable-digest-algorithm
Feature/master/pup 1840 tunable digest algorithm
|
|
Puppet does not consider Facter 1.7.5 to provide external_facts, so the
pluginfacts step was being skipped when specs were run with Facter
1.7.5. Altered the plugin spec to work with the application rather than
the face so that we can check the rendered output, and to generate lib
and facts.d dirs to normalize the output (otherwise the downloader
reports the creation of the base plugin target directories, something
which normally would be handled by Puppet's Settings catalog).
As part of this, I noticed that the plugin face would return different
results. If external facts were supported, it would return the list of
any external facts pluginsynced. Otherwise it would return the list of
any plugins pluginsynced. Changed this to accumlate and list both sets
of changes.
|
|
Two specs were using the same constant names to track classes that they
were generating Memory indirector classes for. Because specs share the
same module namespace, they were overwriting one another on load and
causing spec order failures. Guarding the specs within a namespace
module should keep them isolated and prevent them for unexpectedly
tinkering with one another's test setup.
|
|
|
|
Puppet::Configurer::Downloader is also called by the plugin face, but we
were not submitting an environment there. On Ruby 1.9.3 this nil
environment was being interned as :'' and would produce a failure server
side when a request with an empty environment was parsed. On Ruby
1.8.7, nil raises an error when interned and it was failing much sooner
on the agent side.
To resolve this, we're passing in a reference to the configured
environment. Also added an integration test for the plugin face, because we
weren't seeing any failure in our test suite.
|
|
Previously resources would end up "floating away" from the catalog that
contained them because they wouldn't use the catalog as their
source for an environment. This also extended to catalogs, which lost
track of their environment at times. So in order to have resources use
the environment of their catalog, the catalog needed to have a
guaranteed environment.
This adds an environment parameter to the catalog constructor and uses
it to drive the environment to use for everything in that catalog. The
resource now uses its catalog's environment, if it has a catalog, or it
uses the new NONE environment, if it does not have a catalog.
When catalogs are deserialized, they also need to have a reference to
*some* environment. However, since they only have a name of the
environment, there isn't any guarantee that an environment of that name
is available locally. To deal with this there is a new "remote"
environment constructor to be able to create references to the remote
environment of the catalog. This is used as the environment of a
deserialized catalog.
We (Joshua Partlow and Andrew Parker) tried to have the environment a
required parameter of catalog construction, but it appears that creating
catalogs is public API and so cannot be changed (we verified this by
checking stdlib tests).
|
