| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
|
| | |
| |
| |
| |
| |
| | |
We don't actually rely on iconv's UTF-8 support, so its absence
shouldn't cause the PSON feature to fail on system (e.g. HPUX)
where it isn't fully implemented.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Attempting to call a constructed method name with a nil component
(the checksum type in this case) causes an unhelpful error message
in a case where either 1) the results were not needed anyway or 2)
a more useful error message would otherwise be generated. It also
opens (at least hypothetically) then possibility that some unrelated
method (in this case "_file" would be called if it existed.
|
| | |
| |
| |
| | |
It looks like something got lost during transition to host_aliases.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The core bug here was a regression introduced by my IPv6 patch.
Wildcarded domains are stored as ["com","reductivelabs","*"] but
the code in question was assuming it was in normal order.
Added tests to prevet recurrence.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than just creating a new featureless resource for cases like:
ralsh host localhost.localdomain
(and the analogous cases with other parsed resources such as ssh keys, etc),
we first check to see if the appropriate provider can find a resource with
the requested name. If so, we use it; if not we fall back to the featureless
form.
There are a number of potential shortcomings with this fix:
* It may not be particularly performant if there are many resources to
be parsed.
* It always (and only) checks the first provider; perhaps it should try
all providers of the appropriate type.
* It only checks the name property, and not any aliases or host_aliases.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| | |
These are a grab-bag of code simplification changes I made in
the process of figuring out what was going on with #2881; they
should all be absolutely behavior neutral.
|
| | |
| |
| |
| |
| | |
When I changed the alias property of hosts to host_aliases I missed
these changes in the parsed file provider.
|
| | |
| |
| |
| |
| |
| |
| | |
This logic had a bug where it would not insert data if it had just been
deleted.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases communicating with child processes via temprary files is not
viable. This is Ricky Zhou's patch from the ticket, which solves the problem
by using the more normal system of pipes. It is a broader reaching change
than suggested by the ticket (it affects all execs, not just SELinux) but IMHO
is the right way to go.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
modifying the filesystem tab should write the mount to disk when :flush is called
I found this doing idempotency tests (#2879), but there are apparently
other ways for external state to leak into this test, as reported by
James.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| | |
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Some tests in this file were leaking a global setting, some other tests
depended on those changes, and some tests were incompatible with that
setting.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
As suggested in the ticket, set :reconnect to true. Our in-house Rails
experts suggest that this is unlikely to cause any problems.
The setting is silently ignored before Rails 2.3
|
| | |
| |
| |
| |
| |
| |
| | |
Renamed :alias property to :host_aliases / :port_aliases (in the
sidelined port code) and corrected the comments.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This is basically the fix suggested on the ticket, cleaned up and
ruby-ized, with tests. The only functional modification is leaving
the default on entry2hash as --no-fqdn to preserve 0.25.1 behaviour
as the default.
Signed- ff-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This appears to be regression introduced by threading changes. The fix was
to rearrange things to keep the old behaviour (don't clear the settings
until you know the config file parses) and the new (don't nest calls to
synchronize) by:
1. Splitting clear into two parts--clear, which works as before, and
unsafe_clear which it calls and which expects synchronization to be
handled externally.
2. Rearranging the code to recover the previous calling order
3. Trapping syntax errors and turning them into logged messages and a
no-op effect.
4. Fixing reparse to not wrap a call to this code with a synchronize.
5. Tests.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This spec wasn't cleaing up after itself, and raised several exceptions
when trying to register the same queue type again.
Part of the #2879 test idempotency suite.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
An Autoload spec was depending on files having not yet been autoloaded.
Detected as part of #2879.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I was getting inconsistent errors in this file, and it's really two
separate issues but they're both trivial.
1) The spec launches ./sbin/puppetmasterd, which may have trouble
finding the puppet libraries. It could even load the system-installed
puppet rather than the files in the repository -- I think this effect is
why the tests were passing on Markus's machine, for example.
2) There's a race condition in this test, and puppetmasterd has gotten
slower to start up (perhaps due to the #2877 fix?)
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the SELinux library marginally more robust by dealing
consistently with a missing proc/mounts, and also resoves the test
failures in a way that allows meaningful test runs on non-SELinux
systems.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch implements the two-part suggestion from the ticket;
1) a client that receives a certificate that doesn't match its current
private key does not accept, store or use the certificate--instead it
removes any locally cached copies and acts as if the certificate had
never been found.
2) a puppetmaster that receives a csr from a client for whom it already
has a signed certificate now honors the request and considers it to
supercede any previously signed certificates.
In order to make the cache expiration work as expected, I changed a few
assumptions in the caching system:
* The expiration of a cached certificate is the earlier of the envelope
expiration and the certificate's expiration, as opposed to just overriding
the cache value
* Telling the cache to expire an item now removes it from the cache if
possible, rather than just setting an expiration date in the past and
hoping that somebody notices.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
finding files should find plugin file content in the environment specified in the request
The change in #2590 (ea584787) clears the environment list that this
spec relies on. Reordered the spec so that doesn't happen anymore.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The problem was that the setup for the tests was expecting the defaultprovider
for Selboolean and Selmodule to be called, rather than stubbing it. This
worked as long as no other spec which initializes the providers was run before
it.
The fix here (stubbing rather than expecting) is minimal but not ideal; if
there were some other provider for these types it could result in a test
indetermenacy (different results depending on which provider) but I'm not
seeing an easy way to address that.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This removes some of the IPv4 centricism from authstore's handling
of IP addresses. It isn't full IPv6 support (and doesn't even fully
handle all the cases within its limited scope, as ruby's IPAddr
library does not work with hybrid addresses), but it should simplify
adding IPv6 support when the time comes.
|
| | |
| |
| |
| |
| | |
This patch fixes #2567 by always pre-validating IP addresses with a
strict regular expression check before calling IPAddr.new() on them.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit refactors the code in authstore to enable a fix for #2567,
goes part of the way towards fixing #2708 (DNS/reverse DNS dependence),
and is a start on #2623 (authstore needs to be refactored), though it
stops short of fully addressing some of the more egregious structural
issues ("opaque", ill-placed pattern transformations, etc.).
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| | |
Specs didn't reflect some recent changes.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The fix for #2661 changed the behavior of Puppet::SSL::Host enough to
confuse these mocks.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| | |
We've got a real OID for LDAP, now.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added an info message about what database we're connecting to.
In the case of the default database, it looks like:
info: Connecting to sqlite3 database: /var/lib/puppet/state/clientconfigs.sqlite3
Also squashes the deprecation warning #2941, since fixing that makes
this patch smaller.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some test names change arbitrarily since they were interpolating
hashes instead of strings.
This patch replaces, for example:
- should insert methodfindacl/certificate_revocation_list/caauthenticatedtrue if not present
with:
- should insert /certificate_revocation_list/ca if not present
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Disables the b64_zlib_yaml format if zlib cannot be loaded.
I've added a --no-zlib to make it possible to test this on a single
machine, but it might also be useful if someone finds themselves failing
to connect to a server that doesn't have zlib installed.
FactHandler' format is still hard-coded to YAML rather than using
facts.class.default_format
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
other tests
Puppet[:libdir] is nil due to stubbing, causing an exception in autoload.
Depending on the order of loaded libs, sometimes this exception is
logged using Kernel#warn, but sometimes it's logged using Puppet.err
Only Kernel#warn writes to the terminal during unit testing!
|
| | |
| |
| |
| |
| |
| |
| | |
1) Improve test so it doesn't fail if an autoload happens.
2) Improve test so it doesn't show a warning.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| | |
Fixing #2877 introduced some spec failures, by using more of the webrick
API than was mocked here.
|
| | |
| |
| |
| | |
This is Luke's suggested fix, from the ticket.
|
| | | |
|
