Age | Commit message (Collapse) | Author | Files | Lines |
|
* 2.7.x: (26 commits)
Extract host validation in store report processor
Use cross-platform absolute paths in file_serving tests
(#15221) Create /etc/puppet/modules directory for puppet module tool
(Maint:) Fix bad doc strings for two settings ("wether")
Try again to avoid circular dependency in file indirections
Remove useless tests for Envelope
Clear deprecation warnings between tests
Avoid circular requirement in FileMetadata indirection
(Maint) Document common Windows issues
Update CHANGELOG lib/puppet.rb conf/redhat/puppet.spec for 2.7.18
Maint: Note in docs that the file type's "replace" attribute defaults to true
Reject directory traversal in store report processor
Tighten permissions on classfile, resourcefile, lastrunfile, and lastrunreport.
Use "inspect" when listing certificates
Don't allow the creation of SSL objects with invalid certnames
Validate CSR CN and provided certname before signing
Add specs for selector terminuses of file_{content,metadata}
Fix whitespace inside parentheses
Use head method to determine if file is in file bucket
Always use the local file_bucket on master
...
Conflicts:
CHANGELOG
conf/redhat/puppet.spec
lib/puppet.rb
lib/puppet/application/master.rb
lib/puppet/defaults.rb
lib/puppet/file_serving/terminus_selector.rb
lib/puppet/reports/store.rb
lib/puppet/test/test_helper.rb
spec/integration/file_serving/content_spec.rb
spec/integration/file_serving/metadata_spec.rb
spec/shared_behaviours/file_serving.rb
spec/unit/file_serving/terminus_selector_spec.rb
spec/unit/network/handler/ca_spec.rb
test/ral/manager/attributes.rb
|
|
Without this patch some spec files are using `ruby -S rspec` and others
are using `rspec`.
We should standardize on a single form of the interpreter used for spec
files.
`ruby -S rspec` is the best choice because it correctly informs editors
such as Vim with Syntastic that the file is a Ruby file rather than an
Rspec file.
|
|
Previously this would just complain about trying to call `nil.split`.
|
|
|
|
This terminus is now the default, and encapsulates the behavior that was
previously in the IndirectionHooks. That is, we dynamically select the
terminus to use for a file request based on the key. However, for the
puppet master, we instead explicitly always use the FileServer terminus,
so that *all* requests for files from the master will go through
the file server. This ensures that we will never accidentally
serve local files on the puppet master.
|
|
This setting is used to determine the default source of files accessed
with a puppet: url and no server specified, e.g. puppet:///path/to/file.
Before now, this was done by checking if Puppet[:name] was `apply`. Since
Puppet[:name] is removed and we don't want application specific logic spread
throughout the code, we are adding a setting specific to this particular
behavior. The `apply` application sets a default value of `file_terminus`,
which retains the previous behavior of `apply`. Otherwise the default value is
`rest`, causing Puppet[:server] to be used to retrieve the file.
|
|
Puppet::Indirector::Request#initialize had a weird implementation giving
variable semantics to positional arguments. This makes it normal again.
|
|
Major changes include:
* support multiple config files (/etc/puppet, ~/.puppet). we no longer
use "run_mode" to determine the location of the config file.
* remove all references to application run_mode/state from defaults
* make the typing of settings a little more strict
* create a new setting type for directories, to make us a little less vulnerable to the terrible matching algorithm in FileSetting
|
|
cprice/cleanup/master/improved-logging-during-plugin-loading
* cprice/cleanup/master/improved-logging-during-plugin-loading:
Extra debug logging during plugin loading
|
|
* 2.7.x: (63 commits)
Maint: Fix bad copy and paste
(#12725) Fix puppet agent --listen on Windows
(#11740) Wait on the handle from the PROCESS_INFORMATION structure
(#12564) Stub CHILDSTATUS in all test cases, not just failure cases.
Updating CHANGELOG and lib/puppet.rb for 2.7.11
(#12412) Mark symbolic file modes test as pending on Windows
Symbolic file mode test fixes when no mode change happens.
Fix spec ordering failure on environment
Updating CHANGELOG and lib/puppet.rb for 2.7.11
Disable specs that use replace_file on Windows
Disable replace_file on Windows
Remove unnecessary fallbacks in change_{user,group}
Document uid/gid-related methods in Puppet::Util
Copy owner/group in replace_file
(#12463) eliminate `secure_open` in favour of `replace_file`
(#12460) use `replace_file` for the .k5login file
(#12462) user_role_add: use `replace_file` for /etc/shadow
(#12463) add secure `replace_file` to Puppet::Util
(#12459) drop supplementary groups when permanently dropping UID
(#12458) default to users primary group, not root, in `asuser`
...
Conflicts:
lib/puppet/application/queue.rb
lib/puppet/provider/package/openbsd.rb
lib/puppet/util.rb
spec/unit/network/http/webrick_spec.rb
spec/unit/util_spec.rb
test/lib/puppettest/servertest.rb
|
|
As a new-ish puppet user, it is incredibly easy to screw up your
module path (e.g., by adding a directory that directly contains
module/plugin contents to the module path, rather than adding the
*parent* directory. This basically means that there would be a
'lib' directory directly in your module path.)
This commit just adds a few debug messages that may give a user
hints about what could be wrong with their module path when
we are able to detect these sorts of situations.
|
|
Previously, Windows agents would fail during fact and plugin sync. The
agent would retrieve the remote file metadata and attempt to set the
metadata's path based on the path of the file as it exists on the
remote system. Since the remote system is typically a POSIX puppet
master, our `Puppet::Util.absolute_path?` path check would fail on
Windows.
To complicate matters, the path of the "remote" file can in fact be a
Windows-style path, such as when using puppet apply and a modulepath
that refers to the local filesystem.
This commit changes the `Puppet::FileServing::Base#path=` method to
allow both POSIX and Windows style paths on Windows hosts, but only
allows POSIX style paths on POSIX hosts, since we don't support
running puppet master on Windows.
|
|
Conflicts:
lib/puppet/network/handler/fileserver.rb
spec/unit/provider/package/dpkg_spec.rb
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Puppet.deprecation_warning
|
|
plugins
Prior to this if there were no plugins in the modulepath then the plugin mount
(used for pluginsync) would return nil. If the modulepath is valid then the
correct behavior would be to appear as an empty directory, just as a normal
file source would. We can hack this by returning the modulepath and turning
off recursion so it appears empty.
The error message one would see previous is:
Could not evaluate: Could not retrieve information from environment production source(s) puppet://host/plugins
|
|
In earlier versions of Ruby, String#each and String#each_line were identical.
In the 1.9 series the former was dropped; this audits the code for places that
should by using `each_line` instead.
This includes some fixes for tests that had very specific stubs around reading
file content, where the expectation - but not the test - was broken by
changing the method we invoke.
It also fixes a stub over `execpipe` that had a different return type to the
actual method, but which happened to work because `each` was defined on both
Array and String in earlier versions.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Conflicts:
spec/unit/daemon_spec.rb
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Conflicts:
acceptance/tests/ticket_3360_allow_duplicate_csr_with_option_set.rb
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Previously, I had created a utility method `Puppet::Util.binread`,
since `IO.binread` was added in ruby 1.9. This commit monkey patches
the method, if it's not defined, to make the transition to ruby 1.9
seamless. And while I was at it, I add the corresponding `IO.binwrite`
method.
The motivation for these methods is that, in general, we should always
be using binary mode when performing file I/O. However, text mode is
the default on Windows, and using text mode can corrupt binary data,
e.g. executables. So use binary mode, unless you know what text mode
is and why you need to use it.
Conflicts:
spec/unit/file_serving/content_spec.rb
|
|
Previously, there were still some places where we were using a
POSIX-specific regex to validate fully-qualified paths, which fails
with Windows paths.
This commit just changes them to use `Puppet::Util.absolute_path?`,
which handles both POSIX and Windows paths, based on the platform
we're currently running on.
|
|
|
|
Previously, Windows agents were reading files in text mode when serving
them locally, such as when serving files from a local module, corrupting
binary files in the process.
This commit reads files in binary mode, which is a noop on Unix.
Serving files from remote puppet masters was fixed in #9983.
|
|
The XMLRPC code was left in place to ensure backward compatibility with
Puppet 0.24.x clients, but 0.24.x clients haven't been able to talk to
masters since 0.25.6 due to other bugs and incompatibilities.
Therefore, the XMLRPC code has been dead code for a long time and
removing it makes the codebase a lot easier to navigate.
Paired with Patrick Carlisle <patrick@puppetlabs.com>
|
|
Previously, when sourcing file content from a volume that doesn't
support Windows ACLs, e.g. VMware shared drive, puppet would raise an
error.
This commit defaults the owner (Administrators), group (Nobody), and
mode (0644), so that content can be sourced without requiring the
owner, group, and mode to be specified in the manifest.
Paired-with: Nick Lewis <nick@puppetlabs.com>
|
|
2.7.x
* josh/ticket/2.7.x/10614-handle-non-ntfs:
(#10614) Detect when trying to managing ACLs on a non-ACL volume
(#10614) Provide default metadata values for Windows ACLs
(#10614) Add method for detecting Windows volumes that support ACLs
(#10614) Fix setting and clearing read-only attribute on Windows
(#10614) Fix error checking for Windows BOOL return values
|
|
Previously, when sourcing file content from a volume that doesn't
support Windows ACLs, e.g. VMware shared drive, puppet would raise an
error.
This commit defaults the owner (Administrators), group (Nobody), and
mode (0644), so that content can be sourced without requiring the
owner, group, and mode to be specified in the manifest.
Paired-with: Nick Lewis <nick@puppetlabs.com>
|
|
Previously, Puppet::FileServing::Content opened files in text
mode. Changed to binary mode.
|
|
Previously, we were opening files in text mode when calculating file
checksums. On Windows, '\r\n' characters are automatically translated
to '\n', which corrupts the resulting checksum.
This commit ensures we open files in binary mode, similar to what
Digest::MD5.file(path).hexdigest does. Binary mode is a noop on Unix.
Similarly, Puppet::Type::File#write was writing the file content in
text mode, which was later validated using the checksum code, now
reading in binary mode. So Puppet::Type::File was changed to use
binary mode as well.
Also, some of the tests were writing files in text mode, but
checksumming them in binary mode, and obviously failing. Changed the
spec tests to write in binary mode also.
|
|
Issuing a set_mode on a symlink with 0755 on MacOSX produces a link
with the correct mode. On other Linux's (Ubuntu, specifically) all
symlinks report 0777 regardless of how it was set. This mod simply
gets the mode after the symlink is created and uses that in the test
evaluation.
Reviewed by: josh@puppetlabs.com
|
|
Previously, we were trying to detect absolute-path-ness if
File.expand_path == path, but we now have a method for checking
absolute pathness, so we use that.
|
|
The file serving indirection hooks attempts to short-circuit requests
whose key is an absolute path or a file protocol. Previously, it was
performing platform-specific regex matching to detect absolute
paths. This commit changes it to use the Puppet::Util.absolute_path?
method that does just that.
|
|
Puppet::File_Serving::MetaData was not able to retrieve owner, group
or mode on Windows, because the underlying Ruby File.stat
implementation always returns 0 for uid and gid, and returns either
644 or 444 (the latter for read-only).
This commit wraps File::Stat in platform-specific objects that
delegate to the appropriate object and method. By default, owner,
group, mode, ftype delegate to methods on the normal File::Stat
object. On Windows, we delegate owner, group, and mode to the get/set
class methods of Puppet::Util::Windows::Security.
|
|
Allowing this value to be expirable is superfluous; it is only used on the
master, which never expires its cache. Additionally, it was providing partial
support for an event we don't fully support already (hostname and domain
changing during the lifetime of a master).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 6a1b65760a0d8c6299d5c6d260dc37b5e0637706)
|
|
This class was using Util::Cacher for its singleton instance, when that was
unnecessary. The FileServing::Configuration instance already manages whether or
not to reparse its config file, based on whether it has changed. Thus, there is
no need for it to be manually expired via the cacher.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 4bad729f56c26d8154cd0f20614fa4e478de9d40)
|
|
Many spec tests fail on Windows because there are no default
providers implemented for Windows yet. Several others are
failing due to Puppet::Util::Cacher not working correctly,
so for now the tests that are known to fail are marked with
:fails_on_windows => true. To skip these tests, you can run:
rspec --tag ~fails_on_windows spec
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 255c5b4663bd389d2c87a2d39ec350034421a6f0)
Conflicts:
spec/unit/resource/catalog_spec.rb
|
|
Absolute paths on Unix, e.g. /foo/bar, are not absolute on Windows,
which breaks many test cases. This commit adds a method to
PuppetSpec::Files.make_absolute that makes the path absolute in
test cases.
On Unix (Puppet.features.posix?) it is a no-op. On Windows,
(Puppet.features.microsoft_windows?) the drive from the current
working directory is prepended.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 462a95e3d077b1915a919399b846068816c84583)
Conflicts:
spec/unit/parser/functions/extlookup_spec.rb
|
|
For a while Luke, and other authors, injected a created tag, copyright
statement, and "All rights reserved" into every new file they added to the
Puppet project.
This isn't really true, and we have a global license covering the code, so
we have now stripped out all those old tags.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Auth.conf, namespaceauth.conf and fileserver.conf were not supporting
trailing inlined comments.
Also this commit fixes some indentation and error management.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
|
This was unconditionally removing the trailing file separator ('/'), which is
only valid when the file separator isn't the entire path. This fixes 'puppet
resource file <path>'.
Paired-With: Jacob Helwig
|
|
We now use a shebang of: #!/usr/bin/env rspec
This enables the direct execution of spec tests again, which was lost earlier
during the transition to more directly using the rspec2 runtime environment.
|
|
rspec2 automatically sets a bunch of load-path stuff we were by hand, so we
can just stop. As a side-effect we can now avoid a whole pile of stupid things
to try and include the spec_helper.rb file...
...and then we can stop protecting spec_helper from evaluating twice, since we
now require it with a consistent name. Yay.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
|
These changes were superseded by existing commits in next:
lib/puppet/parser/compiler.rb
spec/unit/parser/compiler_spec.rb
|
|
Reviewed-By: Pieter van de Bruggen
|
|
Conflicts:
Rakefile
lib/puppet/resource/type_collection.rb
lib/puppet/simple_graph.rb
lib/puppet/transaction.rb
lib/puppet/transaction/report.rb
lib/puppet/util/metric.rb
spec/integration/indirector/report/rest_spec.rb
spec/spec_specs/runnable_spec.rb
spec/unit/configurer_spec.rb
spec/unit/indirector_spec.rb
spec/unit/transaction/change_spec.rb
|
|
The biggest change is that we no longer need to monkey patch rspec to
get confine behavior. Describe blocks can now be conditional like
confine used to be. "describe" blocks with "shared => true" are now
"shared_examples_for".
Paired-With: Nick Lewis
|
|
Manually Resolved Conflicts:
lib/puppet/resource/type_collection.rb
spec/unit/configurer_spec.rb
spec/unit/indirector/catalog/active_record_spec.rb
spec/unit/resource/type_collection_spec.rb
spec/unit/transaction/resource_harness_spec.rb
|
|
This missing stub was raising an exception that, in versions of Mocha
less than 0.9.10, was coincidentally causing the method under test to
behave as expected.
Paired-With: Nick Lewis <nick@puppetlabs.com>
|
|
Doing a require to a relative path can cause files to be required more
than once when they're required from different relative paths. If you
expand the path fully, this won't happen. Ruby 1.9 also requires that
you use expand_path when doing these requires.
Paired-with: Jesse Wolfe
|
|
Replaced 106806 occurances of ^( +)(.*$) with
The ruby community almost universally (i.e. everyone but Luke, Markus, and the other eleven people
who learned ruby in the 1900s) uses two-space indentation.
3 Examples:
The code:
end
# Tell getopt which arguments are valid
def test_get_getopt_args
element = Setting.new :name => "foo", :desc => "anything", :settings => Puppet::Util::Settings.new
assert_equal([["--foo", GetoptLong::REQUIRED_ARGUMENT]], element.getopt_args, "Did not produce appropriate getopt args")
becomes:
end
# Tell getopt which arguments are valid
def test_get_getopt_args
element = Setting.new :name => "foo", :desc => "anything", :settings => Puppet::Util::Settings.new
assert_equal([["--foo", GetoptLong::REQUIRED_ARGUMENT]], element.getopt_args, "Did not produce appropriate getopt args")
The code:
assert_equal(str, val)
assert_instance_of(Float, result)
end
# Now test it with a passed object
becomes:
assert_equal(str, val)
assert_instance_of(Float, result)
end
# Now test it with a passed object
The code:
end
assert_nothing_raised do
klass[:Yay] = "boo"
klass["Cool"] = :yayness
end
becomes:
end
assert_nothing_raised do
klass[:Yay] = "boo"
klass["Cool"] = :yayness
end
|
|
* Replaced 704 occurances of (.*)\b([a-z_]+)\(\) with \1\2
3 Examples:
The code:
ctx = OpenSSL::SSL::SSLContext.new()
becomes:
ctx = OpenSSL::SSL::SSLContext.new
The code:
skip()
becomes:
skip
The code:
path = tempfile()
becomes:
path = tempfile
* Replaced 31 occurances of ^( *)end *#.* with \1end
3 Examples:
The code:
becomes:
The code:
end # Dir.foreach
becomes:
end
The code:
end # def
becomes:
end
|