| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This commit ports Puppet::Util::Execution over to use our
alternate implementation of Tempfile. This will allow
us to have more explicit control over the life cycle of
these files on the server.
|
|
There was some logic in the 'store' report processor that was
almost identical to the logic in 'puppet/util.rb''s 'replace_file'
method. This commit refactors 'store' to re-use the existing
logic.
|
|
|
|
It is now possible by checking if the result of a "produce" had
no effect on the catalog by comparing against an empty array.
|
|
This changes the tests of the puppet language, which should become part
of the language specification's example and test suite, to be entirely
expressed in the puppet language. This removes any dependency on ruby!
Well, any dependency on ruby for specifying the language tests.
|
|
PUP-121 was supposed to make all references to classes and resource
types absolute, but it looks like it missed a spot. The class referenced
in an inherits clause was not being looked up in an absolute manner,
which caused it to find the wrong parent class in certain cases. This
changes the future parser so that inherited classes are always absolute
names.
|
|
The resource_expressions_spec contained a useful way of writing language
specification tests. This extracts those out so that they can be reused
in other places.
|
|
The comment had trailing whitespace and a comma. It makes more sense
without either.
|
|
This commit adds a new setting, :always_cache_features, which affects
how we cache attempts to load Puppet 'features'. If false, then
calls to `Puppet.features.<feature>?` will always attempt to load the
feature (which can be an expensive operation) unless it has already been
loaded successfully. This makes it possible for a single agent run to,
e.g., install a package that provides the underlying capabilities for
a feature, and then later load that feature during the same run (even if
the feature had been tested earlier and had not been available).
If this setting is set to true, then features will only be checked once,
and if they are not available, the negative result is cached and returned
for all subsequent attempts to load the feature. This behavior is almost
always appropriate for the server, and can result in a significant performance
improvement for features that are checked frequently.
|
|
Previously, mode was specified in some places as a Fixnum, in others
as a String. Consistently specify mode as a string containing octal.
|
|
(PUP-1527) After upgrade from 3.3.2-1 to 3.4.2-1 naginator fails to crea...
|
|
Before this patch, parsing /etc/shadow, when empty trailing fields were
present, they were discarded, and inturn a nil check was used to ensure that
the fields did not exist. However, this ran into trouble when a value was
appended to the end, causing all the empty fields to be returned as empty
strings instead, failing the nil checks.
This patch ensures that all empty fields are returned as empty strings, and
a check for empty string is used to check whether the field exists or not.
|
|
(PUP-3050) Update cfacter option for recent cfacter gem changes.
|
|
|
|
cprice404/maint/master/PUP-3031-move-cert-expiration-check
(PUP-3031) Move certification expiration check up
|
|
The http handler code contains a check to see if the expiration
date of the client certificate is within a certain window, so
that we can log a warning message if it will expire soon.
However, the mechanisms for handling this kind of check can
really vary depending on what web server you're running in, so
it doesn't make sense for this check to occur in a code path
that is common to all of the different web servers.
This commit simply moves the logic up into the code for
the individual web servers so that they will have the
ability to adjust the behavior according to their own
needs.
|
|
When the agent encounters a 404 response from the master and it has been
told to fail on 404, it previously output the entire path plus query
string that it requested. However, the most common case where this
occurs is when requesting a catalog, which can have a very long query
string if the request was done with a GET. This does not always occur
because even longer query strings will result in the agent using a POST
instead of a GET, which causes the long query string output problem to
go away.
In order to fix this the query string is now elided to 100 characters
(97 characters of the original text plus 3 periods). In order to still
be able to debug any problems that might result from the query, however,
the query string is *not* elided if the log level is `debug`.
|
|
ticket/master/pup 2907
|
|
Previously, puppet on windows would always issue a warning:
Copying owner/mode/group from the source file on Windows is
deprecated; use source_permissions => ignore
Regardless of what was in the user's catalog. The reason is because
puppet applies an internal catalog to download external facts, and that
catalog contains a file resource whose source_permissions parameter is
set to `:use`.
This is done because external facts are often times scripts, which must
be executable for puppet to invoke them. See commit 21edcd67b for
PUP-2705.
This commit makes it so that source permissions for external facts are
ignored on Windows, while preserving existing behavior on other
platforms.
Permissions can be ignored on Windows, because puppet always has full
control of files it creates.
|
|
Now that cfacter implements the Ruby Facter interoperability layer, there
is no need for Puppet to "switch out" the Facter module for the CFacter
module. libfacter itself will now expose a compatible Facter module in
C++.
Therefore, we no longer need facts.rb or the corresponding spec.
Instead, simply require cfacter and call CFacter.initialize. This will
replace Ruby Facter with the libfacter implementation.
|
|
kylog/issue/pup-2879/add-more-services-to-blacklist
(PUP-2879) Add two nfsd-related upstart services to the blacklist
|
|
(PUP-2972) Remove += and -=
|
|
The previous error message was very abrupt and didn't provide any kind
of guidance for the user. The new message for += and -= let's them know
that it is *no longer* supported and has a link to where they can get
more information.
|
|
|
|
Previously the future parser supported += and -=. += was very similar to
the same operator that is in the current parser, but with a few
differences to make it consistent with the rest of the
language. The += operator no longer performed string concatenation and
instead acted like $a = $a + $b. The -= operator was added to complete
the set of operators available.
However, many people have been confused by these operators (even as they
exist in the current parser):
* It looks like mutation, but the language does not have mutation
* It looks like += from other languages, but doesn't behave like them
* Shadowing a variable is something that needs to be explicit,
otherwise it becomes confusing.
This removes += and -= from the future parser. They are still parsed,
but the validation step will issue errors if they are encountered.
|
|
This reverts the change in PUP-867 by (again) calling the same 3x logic
for looking up defaults. The implementation of PUP-867 also added tests,
and one of those are now changed to reflect the changed behavior.
|
|
Also this patch splits out the long line in upstart_spec.rb to be
one line per service, so more diff-friendly.
|
|
The persistent http connection work introduced a regression,
preventing the agent from displaying useful error messages when SSL
verification fails, e.g. the server's SSL certificate doesn't match
the hostname the agent tried to connect to. The connection_spec test
didn't catch the issue, because those tests execute with the
non-caching pool, which always uses non-persistent connections.
The root cause is because the Connection class assumed http
connections are started by ruby in the `Net::HTTP#request`
method, so the OpenSSL rescue block wrapped that call.
However, in order to use persistent http connection, the caller needs
to explicitly start the connection prior to calling Net::HTTP#request,
which happens in the outer `Connection#with_connection` method.
This commit expands the scope of the rescue block. This way we receive
meaningful error messages if the connection is started explicitly for
persistent connections, or on-demand for non-persistent connections. It
also executes the ssl verification tests using persistent connections.
Also note that `with_connection` is private, so the fact that
`Pool#with_connection` or `Net::HTTP#request` can start the connection
is not visible to users of the Connection class.
|
|
This commit refactors the spec tests that ensure puppet displays
meaningful error messages when SSL verification fails, e.g. when the
server certificate doesn't match the hostname we connected to.
|
|
In Ruby commit 2142287c `FileUtils.compare_stream` was optimized to
produce fewer objects while comparing streams by predeclaring a pair of
strings and reusing them for each iteration of the comparison. However,
this change exposes some inconsistency in how ruby handles IO#read vs
StringIO#read. When IO#read is passed a length and string, it will copy
the read data into the string, but will convert the encoding from the
expected ASCII-8BIT into the encoding of the string regardless of if the
file was opened as a binary file. However, when StringIO#read is passed
a length and string it will convert the passed string to the expected
ASCII-8BIT. Because of this it's impossible to use `FileUtils.compare_stream`
to compare a binary file and StringIO instance.
To resolve this issue, this commit adds a custom compare_stream method
which sets the encoding of the strings to always be ASCII-8BIT on Ruby
1.9+.
|
|
create config from exported resources taken from hiera
Some changes introduced in hiera around 3.4 resulted in type coersion
from strings to FixNums when creating exported resources that were
partially built from hiera data.
This patch ensures that any non-array parameter passed through the
Nagios::Base.to_s is actually a string before trying to run the .sub
method on it, and so fixes the above error with exported resources
whilst also introducing support for fixnum params for any of the nagios
type parameters
|
|
Previously, the test was trying to verify that the downloader objects
were created with the correct arguments, and testing that the
downloader was evaluated twice (since the same downloader was used for
both pluginsync and facts).
However, the downloader_factory_spec now tests that downloader objects
are created correctly, e.g. based on Puppet[:plugindest], so it is not
necessary to repeat that here.
This commit modifies the test to ensure the Downloader#evaluate
methods are called for both downloader objects, and adds a test to
ensure we skip downloading facts if the external facts feature is
false.
|
|
Previously, the plugin_handler module was responsible for creating
downloaders and evaluating them. Since all of this happens within a
single method it is hard to test that the downloaders are created with
the correct set of properties. For example, we `ignore` source
permissions when downloading plugins, but we `use` source permissions
when downloading external facts, since those often contain scripts,
which must be executable.
This commit moves the logic for creating the downloaders to a factory
and updates the tests accordingly. As part of this change, the
PluginHandler module is changed to a class and is no longer mixed into
the Configurer.
|
|
(PUP-2971) Fix yum package provider missing install_options for list.
|
|
(PUP-744) Support persistent HTTP connections
|
|
Previously PMT was checking for integer status codes when downloading
modules. This results in all module downloads failing. After this PMT
will check for string status codes when downloading modules.
|
|
We're getting spec failures on Windows running Ruby 2.0, we have to
revert this and try again so the build doesn't stay red.
|
|
This reverts commit 1a428b92c900e84d9faa5d0aaa1a32f3c0b1d42b, reversing
changes made to cb26e23706b76e44544c14f4c921885f17dccbb3.
|
|
This reverts commit 133c0b8009a48eef77d68c0bd8d5f79c930dab50.
|
|
(PUP-3009) Add error handling to PMT module downloads
|
|
Previously, validator_spec.rb was requiring
'puppet/ssl/configuration', because puppet/ssl.rb did not require
it. Commit 658e4fd34 fixed puppet/ssl.rb, so it is no longer necessary
or desired for validator_spec.rb to require puppet/ssl/configuration.
Also, the default and no_validators were not consistent in expressing
their dependencies on openssl and puppet/ssl.
|
|
|
|
|
|
Before this PMT would not check if the module download request
succeeded before trying install the module. This causes informative
errors from forge to be hidden by an error about the checksum of the
download not matching. After this PMT will only move forward with module
installation if a 200 is received from forge otherwise it will display
the error returned by forge.
|
|
FileUtils.compare_stream in Ruby 2 is broken when comparing
binary file stream with StringIO stream of different encoding.
This change reverts FileUtils.compare_stream to stdlib v1.9.3
implementation.
|
|
There was a regression in the future parser in d25e462 which caused
resources with multiple attributeless bodies constructed like this:
file {
'/foo':;
'/bar':;
}
to fail because the future parser grammar was not allowing the terminal
semicolon. The acceptance suite picked this up running with parser
future. It slipped past specs because, even though we have a spec
testing multiple attributeless resource bodies, it lacked a terminal
semicolon.
Henrik Lindberg figured out the minor egrammar fix here to correct the
expression, and a test case is added to catch it in specs.
|
|
When executing the list command to filter virtual packages (when
allow_virtual is false or nil), the yum package provider was not passing
down the install options to the list command. For users passing options
like --enablerepo, this prevents the packages from being discovered and
the list command fails.
The fix is to properly pass down the install options when executing the
list command.
|
|
PUP-2745 Forge malformed dependency fix
|
|
Ruby 1.8.7 doesn't allow trailing commas in parameter lists. This
problem was present in the resource_expressions_spec file and is removed
by this commit.
Ruby 1.8.7 doesn't have an empty? method for Symbol. This changes the
evaluator_impl to compare against the EMPTY_STRING constant instead,
which does work on 1.8 and 1.9.
|
|
This adds a combined example of most of the features being used
together: title expressions, type expressions, splatted parameters,
exported resource, and resource reference.
|
