| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |\ \ \ \ \ \
| | | |_|/ / / /
| | |/| | | / /
| | | | |_|/ /
| | | |/| | | |
* 2.6.x:
Confine password disclosure acceptance test to hosts with required libraries
|
| | | | |\ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* confine_shadow_acceptance_tests:
Confine password disclosure acceptance test to hosts with required libraries
|
| | | | |/ / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The useradd provider has the requirement that ruby-shadow[1] be
installed to be able to manage passwords.
On systems where we would use the useradd provider and this library
has not been installed we don't bother running the test, since we will
never be able to see the output we are testing.
[1] http://ttsky.net/ruby/
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Dominic Maraglia <dominic@puppetlabs.com>
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
These methods aren't available until Ruby 1.8.6 (Dir.mktmpdir) and Ruby 1.8.7
(Object#tap).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |\ \ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
We have removed every usage of cached_attr in which the attribute needs to be
manually expired. Thus, the only meaningful behavior provided by
Puppet::Util::Cacher is expiration based on TTLs. This commit reworks the
cacher to only support that behavior.
Rather than accepting an options hash, of which :ttl is the only available
option, cached_attr now requires a second argument, which is the TTL.
TTLs are now used to compute expirations, which are stored and used for
expiring values. Previously, we stored a timestamp and used it and the TTL to
determine whether the attribute was expired. This had the potentially
undesirable side effect that the lifetime of a cached attribute could be
extended after its insertion by modifying the TTL setting for the cache. Now,
the lifetime of an attribute is determined when it is set, and is thereafter
immutable, aside from deliberately re-setting the expiration for that
particular attribute.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This class was previously using a cached_attr for its 'localhost' attribute,
representing the Puppet::SSL::Host entry corresponding to the cert in
Puppet[:certname]. We now no longer expire this attribute. This has the effect
that a change to certname during the lifetime of an agent will not be reflected
in the certificate it uses. If this behavior is desired, it will need to be
reimplemented another way.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
In the past, Puppet::Util::Autoload used a cached_attr for its 'searchpath'.
However, it no longer does that, so its references to Puppet::Util::Cacher are
unnecessary.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Previously, indirections were storing their termini in a cached_attr, so that
they could be easily cleared for tests. Because this provides no value outside
of testing, we instead simply create an attr_reader for termini, and expire
them manually in tests.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Types and parameters were registering their catalog as their expirer, so that
the catalog could expire them between uses. However, because catalogs are never
reused (and neither are types or parameters), there is no need to expire
anything. Thus, we remove the entire cleanup/expire logic from catalog, type,
and parameter.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
These values needn't be cached_attrs, because they can be managed manually.
'stat' does need to be cached, so that we avoid statting the file for each
property we want to check from disk. The 'content' attribute of 'source' also
needs to be cached, because it's retrieved from the server, which we certainly
don't want to do multiple times.
We need a mechanism for invalidating the 'stat' after we've written the file,
so we use a special value :needs_stat, which essentially represented
"undefined". We use this rather than nil so that we can store a failed stat
if it occurs.
Because the content and metadata of our source file will never change, there is
no need to be able to similarly expire the values of those attributes.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The path attribute was being unnecessarily cached. The value is a LoadedFile
instance, which already knows how to check whether it needs to be reloaded. The
act of reparsing was being triggered separately from the cacher mechanism.
The comment indicated this value was only being cached so it could be easily
cleared for tests, but it wasn't being cleared for tests. Thus, there is no
reason for this attribute to be cached, so remove it.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Allowing the singleton_instance value to be expirable is unnecessary, because
there will never be a need for a different CA instance in the lifetime of a
master. Additionally, the master never expired its cache anyway. This was only
using the cacher so it could be expired for tests, so it can safely be removed.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The use of Puppet::Util::Cacher in this module was removed previously, and this
stray, unnecessary require was left around.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Allowing this value to be expirable is superfluous; it is only used on the
master, which never expires its cache. Additionally, it was providing partial
support for an event we don't fully support already (hostname and domain
changing during the lifetime of a master).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This class was using Util::Cacher for its singleton instance, when that was
unnecessary. The FileServing::Configuration instance already manages whether or
not to reparse its config file, based on whether it has changed. Thus, there is
no need for it to be manually expired via the cacher.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |\ \ \ \ \ \ \
| | |/ / / / / /
| |/| / / / / /
| | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* 2.7.x:
(#7123) Make `find` the default action...
(#7123) Support runtime setting of 'default' on actions.
(#6787) Add `default_to` for options.
(#6857) Password disclosure when changing a user's password
|
| | | |\| | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* 2.6.x:
(#6857) Password disclosure when changing a user's password
|
| | | | |\ \ \ \
| | | | |_|_|/
| | | |/| | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
'barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password' into 2.6.x
* barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password:
(#6857) Password disclosure when changing a user's password
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Make the should_to_s and is_to_s functions to return a form of 'redacted'.
Rather than send the password hash to system logs in cases of failure or
running in --noop mode, just state whether it's the new or old hash. We're
already doing this with password changes that work, so this just brings it
inline with those, albeit via a slightly different pair of methods.
|
| | | |\ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Part of the progress toward getting the `puppet status` invocation working
nicely is that it should default to invoking the `find` operation. This
implements that, using the new runtime default action facility.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Given the inheritance model for actions, we are sometimes going to need to set
them to 'default' at runtime, rather than during their static declaration.
Add tests to verify that this works correctly, and update the code to ensure
that happens. This gives up caching of the default action, but this should be
an extremely rare operation - pretty much only CLI invocation, really.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This implement support for options with default values, allowing faces to set
those values when not invoked. This can eliminate substantial duplicate code
from actions, especially when there are face-level options in use.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | |\| | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Array#count is not available in Ruby 1.8.5, so we need to use #length in these
specs for compatibility.
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
|
| | | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This test was failing if the SSL indirections had previously been configured as
:ca. The was due to the fact that we are explicitly testing the
certificate_status :file terminus, which depends on the other SSL indirections
using corresponding termini. This spec wasn't appropriately ensuring they were
also set to :file, breaking that precondition, and causing failures.
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
|
| | | |\ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The Puppet::SSL::CertificateAuthority::Interface class was an early prototype
heading toward building out a system like Faces. Now that we have done that,
this changeset ports the early code to a new face.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Our SSL inventory was able to find the serial number of a certificate by name,
but was incapable of living up to the contract it offered, that it would
actually report when a certificate was missing.
Now it returns `nil`, which is the same case as "no inventory", if the
certificate was not found, rather than accidentally returning the entire
inventory data as raw strings.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This introduces a class representing a semantic version, and
implementing a few of the most common uses of them: validation,
comparison, and finding the greatest available version matching
a range. This refactoring also allows us to easily expand our
matching of version ranges in the future, which is a big plus.
Reviewed-By: Daniel Pittman
|
| | | |\ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The problem was caused by the fact that the
options method returns a list of options that
treated the aliases as seperate options.
The fix is to only maintain a list of options
and not add all aliases to the options list.
|
| | | |\ \ \ \ \ \ |
|
| | | |/ / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The agent/apply/device man pages mentioned the 2 and 4 exit codes, but didn't
mention that they can combine to make 6 if there are both changes and failures.
This commit adds the missing information to all three man pages.
Reviewed-by: Matt Robinson <matt@puppetlabs.com>
|
| | | |\ \ \ \ \ \
| | | | |/ / / /
| | | |/| | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* 2.6.x:
(maint) Cleanup and strengthen acceptance tests
(#7144) Update Settings#writesub to convert mode to Fixnum
(maint) Fix platform dection for RHEL
Manually Resolved Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
spec/unit/util/settings_spec.rb
|
| | | | |\ \ \ \ \ |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Converted plain regex checks to use Test::Unit::Accertions.
Adding more verbose output in the case of failure to speeed
debugging.
|
| | | | |\ \ \ \ \ \
| | | | |/ / / / /
| | | |/| | | | |
| | | | | | | | |
| | | | | | | | | |
* ticket/2.6.x/7144-private-keys:
(#7144) Update Settings#writesub to convert mode to Fixnum
|
| | | | |/ / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Settings#writesub was not checking the type of the mode value passed in
from the defaults, causing it to pass a string for mode to File.open,
leading to failures. This commit resolves that issue.
Paired-with: Matt Robinson <matt@puppetlabs.com>
|
| | | | |\ \ \ \ \ |
|
| | | | |/ / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Detecting supported platform used incorrect string for RHEL.
Changed string from 'redhat' to 'rhel'
|
| | | |\ \ \ \ \ \
| | | |_|/ / / /
| | |/| | | | |
| | | | | | | |
| | | | | | | | |
* ticket/2.7.x/maint-fix_doc_link:
maint: Fix documentation link for fileserver configuration
|
| | | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The link to the filesever configuration page linked to the wiki, which
links back to the docs site. Short circuiting that do just link to
where you want to go.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | |\ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* ticket/2.7.x/4142-metadata_json:
(#4142) Fix module check not to fail when empty metadata.json
|
| | | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Even though the puppet module tool was fixed to generate the required
metadata attributes when it packages modules, it still creates an empty
metadata.json file that gets checked into everybody's module repos.
This causes the module to be unusable straight from a git clone since
puppet was requiring all the required metadata attributes just with the
presence of that file, and resulting in the error:
No source module metadata provided for mcollective at
This change makes it so that if you have an empty metadata.json (like
the moduletool generates), puppet doesn't consider it to have metadata.
If you have ANY metadata attributes in that file, it will still check to
make sure all the required attributes are present.
The work around up to this point has just been to delete the
metadata.json file in git cloned modules.
This also fixed the tests around this to actually run, since previously
the tests depended on the a json feature, which we didn't have. We do,
however, have a pson feature.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
2.7.x"
This reverts commit b7ee0258ab40478329c20177eda9b250f27ede18, reversing
changes made to 8fe2e555ac3d57f5b6503ffe1a5466db8d6e190a.
|
| | | |\ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* ticket/2.7.x/7699_fix_help_listing_options_twice:
(#7699) - Help should only show options once
|
| | | |/ / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
puppet help was reprinting every option once
for every alias that is had.
This fix involves only storing the option.name
in the @options instance var for both face and
actions options. The @options_hash still
maintains the list of options and aliases as its
keys.
Reviewed-by: Daniel Pittman (puppet-dev list)
|
| | | |\ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* ticket/2.7.x/8032_create_resource_containment:
(#8032) Add containment to create_resources
|
