| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Alternate names, if present, are specified in the subjectAltName extension of
the certificate. The values are in the form:
"DNS:alternate_name1, DNS:alternate_name2"
This helper will retrieve the value of the subjectAltName extension and extract
the alternate names, returning and empty list if the extension is absent. This
will make it easier to access the entire list of possible names for a
certificate, rather than just the common name; this is helpful for generating
more detailed SSL error messages.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
and environment options
Puppet doc didn't have the usual subcommand caveat about configuration settings
being valid command line options, nor did it explicitly call out the three
settings that it actually cares about.
I opted to do the latter, since the number of relevant settings was so small.
Note that --environment is currently broken; this is filed as bug #7907.
|
| | | | |\ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* template-not-defined-test-failure:
Clean up indentation, whitespace, and commented out code
Remove order dependency from functions integration spec
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The mis-indented code, extra newlines, and commented out code were
noticed while investigating the order dependent test failure fixed in
4365c8ba.
Reviewed-by: Max Martin <max@puppetlabs.com>
|
| | | | |/ /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The test in spec/integration/parser/functions_spec.rb would fail when
the spec tests were run in the order (among other orderings):
spec/unit/parser/functions/tag_spec.rb
spec/unit/parser/templatewrapper_spec.rb
spec/integration/parser/functions_spec.rb
There are tests that would cause the "template" function to be loaded
into the root environment.
Puppet::Parser::Functions.function("template") would then detect its
presence and P::P::F.rmfunction("template") would fail since #function(...)
looks in more than just the current environment to see if a function
is defined, while #rmfunction(...) only looks in the current
environment to see if a function can be removed.
In the test ordering specified earlier, tag_spec.rb would load the
"template" function, and templatewrapper_spec.rb would create a
current environment that would mask the root environment for #rmfunction(...),
but not for #function(...)
Since #rmfunction(...) only looks in the current environment, we
should be using #functions.include?("template") since that matches the
check that #rmfunction(...) itself uses.
Paired-with: Nick Lewis <nick@puppetlabs.com>
|
| | | | |\ \
| |_|_|/ /
|/| | | |
| | | | |
| | | | | |
Conflicts:
acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The create_remote_file method uploads files with mode 600 since that is the
default mode for Tempfile. The puppet user thus isn't able to read the
temporary auth.conf, so it just uses the default rules instead, causing this
test to fail.
Also, this test was dependent on running after another test which set up a cert
on the agents. Since that can't be guaranteed, the master now runs with
autosign to ensure the agents can connect.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| |\ \ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This test was previously replacing the default auth.conf with its own, and
restoring it afterward. This was error-prone, failing if there wasn't an
initial auth.conf present. It would also causing cascading failures when this
test failed, by leaving a non-standard auth.conf for other tests to use. Since
this copy-and-restore behavior can be replaced by simply specifying a different
auth file to use, we do that instead.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
A leftover SSL directory from another test, including a cert for the agent,
will cause this test to fail. So before running, we remove the SSL directory
to ensure this doesn't happen.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
A few of these tests weren't yet using this helper, and were instead
implementing similar behavior on their own. Now they all use the standard
method.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This test was introduced as pending in 2.6.x, and active in 2.7.x. When 2.6.x
was merged to 2.7.x, the pending version was merged along as well, causing no
visible conflicts. It's obviously not pending, so remove it.
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | | |\ \
| |_|_|/ /
|/| | | | |
|
| |\| | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>
|
| | |\ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This commit updates the static man pages for the final 2.7.0 release.
Reviewed-By: Nick Lewis <nick@puppetlabs.com>
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The man page updater wasn't making man pages for the new Faces app. This commit
gives it that capability, and handles the name collision on puppet resource.
Reviewed-By: Nick Lewis <nick@puppetlabs.com>
|
| | |\ \ \ \ |
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit makes the following changes:
* Changes wrapping on some "returns" blocks to accomodate the way we prepend
"RETURNS: " to the first line in short help.
* Overrides description for save on faces where save is invalid. (Since save has
an inherited description, the description was contradicting the summary.)
* Adds notes on dummy arguments to short_description where applicable, so as to
show up in short help.
* Adds the termini list to the action short help template.
* Removes the authors block from short help for faces. (Save it for the man page.)
* Several trivial wording changes.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Because Mac and Linux systems hide bin/false in different places, we should
have the catalog we are testing with search for it in the candidate places.
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
into 2.7rc
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We accidentally omitted whitespace between multiple options while building the
synopsis. This fixes that, by introducing a breakable space in the right
location.
Additionally, we extract the code that was 99 percent identical from the face
and action synopsis generators, push it down into the documentation module,
and then invoke it from both places.
This eliminates the duplicate code, allowing me to fix that bug once and have
it apply to both parts of the code; this is pretty much assured to be true
any time we change the synopsis generation.
Reviewed-By: Nick Fagerlund <nick.fagerlund@puppetlabs.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
So, it turns out that the 1.8.7 Test::Unit assertions are a bit quirky. If we
use 'assert_match' it will turn a String into a regular expression by passing
it through Regexp.quote automatically.
If you use 'assert_no_match', though, it will not do that. It will just
complain that it isn't a Regexp and blow up. So, we manually quote outside
the assertion in both cases, and things should just work.
|
| | |\ \ \ \ |
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds the static compiler terminus to the release. This wraps the default
compiler terminus, and post-processes the catalog to rewrite every file
reference using the 'puppet://' URI/protocol into filebucket references that
use the MD5 checksum of the file contents.
This provides a genuinely static catalog, in terms of content: there are no
external dependencies that can change to make the behaviour of applying this
catalog change.
It also eliminates the describe calls from file checking, as all the metadata
is stored locally in the catalog. This can be a substantial performance
increase for nodes, especially those that manage large trees of recursive
files.
To use this set the `catalog_terminus` to `static_compiler`; the resultant
catalog will then reference only static content. This does not, however, put
the required files into the filebucket on the client.
There are some limitations of this code:
* Files are all read into memory rather than streamed. This will definitely
cause problems with large files, but the filebucket doesn't currently
handle streaming.
* We think the recursion behavior is equivalent, but can't really guarantee
it without a good bit of testing.
* You have to populate the client filebucket manually. We don't have any
support for doing this automatically, not even through variant access to
the catalog downloader.
* Behavior on the server is currently undefined if your puppet masters are
behind a load balancer and they're configured to do fileserving through
that load balancer. It should work, but it probably won't be that fast.
You can see https://github.com/lak/puppet-static-compiler for the original
prototype this was inherited from, which includes some example code for
scanning the downloaded catalog and fetching resources into the filebucket.
Reviewed-By: Daniel Pittman <daniel@puppetlabs.com>
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
2.7rc
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This adds an acceptance test to verify that we emit the expected logs, but
none of the unexpected logs, when we process a manifest showing the whit
notification problem.
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We introduced changes to our graph to reduce the number of edges when we had
container dependencies. As part of this the 'whit' object was created, and
used as an intermediate vertex to simplify processing.
During that change we introduced additional reporting, based on those whit
objects, about containment relationships during resource application failure.
Specifically, we would now report that the containing class(es) and stages of
any failed resource were failed, point-blank. This was unclear, because the
entire class had not failed, but only part of it, but also unhelpful, because
it turned a single failure into at least one additional report that contained
no additional information.
Now, instead, we suppress reporting for the whit resources. We still process
them identically; just the report is eliminated.
It isn't absolutely clear that this is the correct long term direction for
handling these objects, but it is the minimal change for the RC release.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This has been pending approximately forever, and adds little value; removing
the warning reduces noise without value.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Just s/\.rm/\.rb/ on the filename.
|
| | |\ \ \ \ \
| | |/ / / /
| |/| | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Per UX review of help text, this commit makes several changes over the breadth
of the Faces help:
* Preface API-only action summaries/descriptions with "API only." (issue #7775)
* Provide both CLI and API info in "returns," with the CLI info first. (issue #7778)
* Summaries should be sentences. (Add punctuation.)
* First sentences of descriptions should reiterate summaries. (Summaries and
descriptions should be displayed far enough apart that this isn't a problem.)
* Standardize on "subcommand" instead of "face" when talking about the entity
you invoke at the command line. (Use "face" when describing API use.)
* Fix outdated or clunky text in several faces.
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Per UX review of help output, this commit makes several changes to templates and
shared help text:
* Change "unknown" to "undocumented"
* Remove copyright from short help
* Point readers to the man pages (issue 7773)
* Remove examples from short help (issue 7776)
* Remove summary from short help and make it a fallback for description
* Edit common option summaries to fit on a single 80-col line
|
| |\ \ \ \ \
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
lib/puppet/application/apply.rb
lib/puppet/configurer.rb
lib/puppet/configurer/fact_handler.rb
spec/unit/application/apply_spec.rb
spec/unit/configurer/fact_handler_spec.rb
spec/unit/configurer_spec.rb
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* ticket/2.6.x/2128_docstrings:
(#2128) Add WARNING for node_name_{fact,value} descriptions
(#2128) Whitespace only reflow commit
(#2128) In-line docs for node_name_{fact,value}
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Minor change to add a WARNING string as per feedback from UX.
Reviewed-by: Randall Hansen <randall@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The output of puppet --genconfig was showing a blank line between the
description of the option and the default value line. This is because
of the here document being used in the first commit.
This change replaces the HERE document with a normal string that does
not contain a final newline.
In addition, the indentation of one of the default options was using 4
spaces instead of 2 and this has been corrected.
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This change augments the in-line documentation for the node_name_fact and
node_name_value configuration settings. These settings will not work
effectively without additional changes elsewhere in the system, e.g. to
auth.conf.
In order to help the end user land softly if they choose to change these
settings, a short link URL we control and can redirect has been added
to each setting. These currently point to the community Wiki but may be
redirected to docs.puppetlabs.com in the future.
|
| | |\ \ \ \ |
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, pointing a setting like 'confdir' at a symlink to a directory would
replace the symlink with a directory. This was because files created by
settings implicitly managed links, rather than following them. This behavior is
now changed so that file settings will follow links.
The behavior of these symlinks is the same as any other file resource. That is,
if the target of the symlink doesn't exist, Puppet will consider this an
error. Similarly, if the target of the symlink is a file, then the symlink
will still be replaced with a directory, rather than replacing its target.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
These tests were assuming a master was already started when they were run,
which caused order-dependent failures. They will now start their own
masters, and use newer helper methods to run master and agent.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | |\ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This adds the node_name_fact setting, which specifies a fact to use to
determine the node name. This allows dynamically determining the node name
without having to modify puppet.conf or command line options.
Using this setting requires modifying auth.conf to allow nodes to request
catalogs not matching their certnames.
For example, this would allow any authenticated node to retrieve any catalog:
# $confdir/auth.conf
path ~ /catalog/.+
allow *
The node_name_fact and node_name_value options are mutually exclusive, because
it is ambiguous which setting should take precedence.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Retrieving a catalog and getting the facts to submit with the catalog request
are distinct operations, and should be done separately. This is also to prepare
for adding the ability to determine the node name based on a fact, in which
case the node name needs to be determined before it is used for either the
catalog or the report.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The setting node_name_value may now be used for 'puppet apply' or 'puppet
agent' to specify the name for the node. This will not affect the certificate
used by the node, and the node will still be authenticated based on its
certname. The default value for node_name_value is the certname.
This is useful for eg. EC2 nodes whose random hostnames cannot be easily used
to classify them.
Paired-With: Jacob Helwig
|
| | | | |_|/
| | |/| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
These tests were stubbing when it was unnecessary, so replace much of it with
actual objects and files.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Some rearranging of the acceptance test directories caused some ruby
tests that referenced old shell tests to lose their relative paths.
Paired-with: Dominic Maraglia <dominic@puppetlabs.com>
|
