| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| | |
* 2.6.x:
Confine password disclosure acceptance test to hosts with required libraries
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The useradd provider has the requirement that ruby-shadow[1] be
installed to be able to manage passwords.
On systems where we would use the useradd provider and this library
has not been installed we don't bother running the test, since we will
never be able to see the output we are testing.
[1] http://ttsky.net/ruby/
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Dominic Maraglia <dominic@puppetlabs.com>
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
|\|
| |
| |
| |
| | |
* 2.6.x:
(#6857) Password disclosure when changing a user's password
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
'barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password' into 2.6.x
* barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password:
(#6857) Password disclosure when changing a user's password
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make the should_to_s and is_to_s functions to return a form of 'redacted'.
Rather than send the password hash to system logs in cases of failure or
running in --noop mode, just state whether it's the new or old hash. We're
already doing this with password changes that work, so this just brings it
inline with those, albeit via a slightly different pair of methods.
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.6.x:
(maint) Cleanup and strengthen acceptance tests
(#7144) Update Settings#writesub to convert mode to Fixnum
(maint) Fix platform dection for RHEL
Manually Resolved Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
spec/unit/util/settings_spec.rb
|
| | |
| | |
| | |
| | |
| | |
| | | |
Converted plain regex checks to use Test::Unit::Accertions.
Adding more verbose output in the case of failure to speeed
debugging.
|
| | |
| | |
| | |
| | |
| | | |
Detecting supported platform used incorrect string for RHEL.
Changed string from 'redhat' to 'rhel'
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.6.x:
(#7956) Porting cron tests
(#7956) Port resource acceptance tests
Readying for release of 2.6.9
(#6854) Update Red Hat spec file
Bumping release in lib/puppet.rb and updating CHANGELOG.
Bumping RPM spec file to 2.6.9rc1.
(#7506) Organize READMEs; specify supported Ruby versions in README.md
(#6418) Make test 64118 more portable
(#7127) Stop puppet if a prerun command fails
Do not needlessly create multiple reports when creating a transaction
(#4416) Ensure types are providified after reloading
(#4416) Always remove old provider before recreating it
Cleanup indentation, comment, and unused code
Conflicts:
CHANGELOG
README.md
conf/redhat/puppet.spec
lib/puppet.rb
lib/puppet/transaction.rb
spec/unit/configurer_spec.rb
spec/unit/transaction_spec.rb
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Ported cron tests were still weak. Coverted tests to use
Ruby asserts for better debugging of subsequent failures.
Add stronger regex's to look for expected output when applying puppet
resource manifests.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Many of the Puppet resource acceptance tests were RHEL/Centos
specifc. These tests were ported under the enterptise-dist
repo; move the tests into 2.6.x for merging.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Test used a bash command negation to negate the a grep:
'! grep ensure.*directory /var/opt/lib/pe-puppet/state/state.yaml'
which only works on newer bash shells only. Removed the shell
negation and use the harnesses ":acceptable_exit_codes" parameter.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This error message is grammatically incorrect and unhelpful, so we replace it
with a message that explains more correctly what went wrong and what was
expected. This message happens when making an authenticated connection to a
server where the certificate doesn't match its hostname. This happens in the
REST terminuses, so we wrap their HTTP methods with a helper that will catch
the appropriate SSLError and re-raise it with the better message stating the
hostname used, and the list of hostnames that we were expecting it to be a part
of.
Unfortunately, because the certificate in question isn't available at error
time, we have to use the Net::HTTP#verify_callback to capture it.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The create_remote_file method uploads files with mode 600 since that is the
default mode for Tempfile. The puppet user thus isn't able to read the
temporary auth.conf, so it just uses the default rules instead, causing this
test to fail.
Also, this test was dependent on running after another test which set up a cert
on the agents. Since that can't be guaranteed, the master now runs with
autosign to ensure the agents can connect.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test was previously replacing the default auth.conf with its own, and
restoring it afterward. This was error-prone, failing if there wasn't an
initial auth.conf present. It would also causing cascading failures when this
test failed, by leaving a non-standard auth.conf for other tests to use. Since
this copy-and-restore behavior can be replaced by simply specifying a different
auth file to use, we do that instead.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A leftover SSL directory from another test, including a cert for the agent,
will cause this test to fail. So before running, we remove the SSL directory
to ensure this doesn't happen.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A few of these tests weren't yet using this helper, and were instead
implementing similar behavior on their own. Now they all use the standard
method.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test was introduced as pending in 2.6.x, and active in 2.7.x. When 2.6.x
was merged to 2.7.x, the pending version was merged along as well, causing no
visible conflicts. It's obviously not pending, so remove it.
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
|\ \ \ |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Because Mac and Linux systems hide bin/false in different places, we should
have the catalog we are testing with search for it in the candidate places.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
So, it turns out that the 1.8.7 Test::Unit assertions are a bit quirky. If we
use 'assert_match' it will turn a String into a regular expression by passing
it through Regexp.quote automatically.
If you use 'assert_no_match', though, it will not do that. It will just
complain that it isn't a Regexp and blow up. So, we manually quote outside
the assertion in both cases, and things should just work.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds an acceptance test to verify that we emit the expected logs, but
none of the unexpected logs, when we process a manifest showing the whit
notification problem.
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | |
| | | |
| | | |
| | | | |
Just s/\.rm/\.rb/ on the filename.
|
|\ \ \ \
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
lib/puppet/application/apply.rb
lib/puppet/configurer.rb
lib/puppet/configurer/fact_handler.rb
spec/unit/application/apply_spec.rb
spec/unit/configurer/fact_handler_spec.rb
spec/unit/configurer_spec.rb
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, pointing a setting like 'confdir' at a symlink to a directory would
replace the symlink with a directory. This was because files created by
settings implicitly managed links, rather than following them. This behavior is
now changed so that file settings will follow links.
The behavior of these symlinks is the same as any other file resource. That is,
if the target of the symlink doesn't exist, Puppet will consider this an
error. Similarly, if the target of the symlink is a file, then the symlink
will still be replaced with a directory, rather than replacing its target.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These tests were assuming a master was already started when they were run,
which caused order-dependent failures. They will now start their own
masters, and use newer helper methods to run master and agent.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds the node_name_fact setting, which specifies a fact to use to
determine the node name. This allows dynamically determining the node name
without having to modify puppet.conf or command line options.
Using this setting requires modifying auth.conf to allow nodes to request
catalogs not matching their certnames.
For example, this would allow any authenticated node to retrieve any catalog:
# $confdir/auth.conf
path ~ /catalog/.+
allow *
The node_name_fact and node_name_value options are mutually exclusive, because
it is ambiguous which setting should take precedence.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | | |/
| | |/|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The setting node_name_value may now be used for 'puppet apply' or 'puppet
agent' to specify the name for the node. This will not affect the certificate
used by the node, and the node will still be authenticated based on its
certname. The default value for node_name_value is the certname.
This is useful for eg. EC2 nodes whose random hostnames cannot be easily used
to classify them.
Paired-With: Jacob Helwig
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Some rearranging of the acceptance test directories caused some ruby
tests that referenced old shell tests to lose their relative paths.
Paired-with: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | | |
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Dominic Maraglia <dominic@puppetlabs.com>
|
|\ \ \
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
* 2.7rc:
(#7624) Manually fetch all properties in instances.
(#7193) Fix path issues with acceptance tests that call old shell tests
(#7632) Make secret_agent application compatible with secret_agent face
(#7624) Auditing should not be enabled by default for purged resources.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some rearranging of the acceptance test directories caused some ruby
tests that referenced old shell tests to lose their relative paths.
Paired-with: Dominic Maraglia <dominic@puppetlabs.com>
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7rc: (24 commits)
(#7746) Fix bootstrap issues from #7717 fix.
(#7683) Use ronn, when available, to render the output.
(#7683) Add a 'man' face and subcommand to Puppet.
maint: remove obsolete work-around code from help face.
(#7699) Don't duplicate inherited action names on faces.
(#7177) Deprecate implicit 'puppet apply' for 2.7.0
(#7717) Layout cleanup for subcommand extraction.
#7211: Test unknown options don't shadow unknown actions.
#7211: nasty logic error with global Face options taking arguments.
#7211: more helpful error messages in various cases.
(#7708) Delete extended documentation from configuration reference
(#7707) Document signals in puppet agent and puppet master help
add puppet master polling step for ticket 7117
(#5318) Always notice changes to manifests when compiling.
(#7557) Remove Faces Application
maint: Fix order dependent spec failure for face indirection
(#7690) Don't blow up when listing terminuses available for faces
maint: Dedup the loadpath so we don't have to walk it multiple times
Maint: Fix ellipses for short descriptions
(#7563) DRY: Remove indirector boilerplate from individual faces
...
Conflicts (resolved manually):
acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb
lib/puppet/application/faces.rb
lib/puppet/face/help/man.erb
lib/puppet/indirector/face.rb
spec/shared_behaviours/documentation_on_faces.rb
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The test for ticket 7117 producedes spurious failures due to timing:
a curl command is executed from an agent to a freshly started
Puppet Master; if the Puppet Master is not ready to accept the connection
the test will fail. Added an until loop that issues simple curl
command to see if the Puppet Master is up and ready
|
|\| | |
|
| | |
| | |
| | |
| | |
| | | |
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Occasional spurious errors seen when running this test -- curl
reports an SSL protocol error; I suspect this is actually a timing
issue related to starting up the master and not being
ready to to accecpt connections.
|
|\ \ \
| | |/
| |/| |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Older versions of egrep do not support the character class
"\s". Changed:
puppet resource service | egrep -B1 "ensure\s*=>.*'running"
to:
puppet resource service | egrep -B1 "ensure.*=>.*'running"
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The test for ticket 7117 producedes spurious failures due to timing:
a curl command is executed from an agent to a freshly started
Puppet Master; if the Puppet Master is not ready to accept the connection
the test will fail. Added an until loop that issues simple curl
command to see if the Puppet Master is up and ready
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Occasional spurious errors seen when running this test -- curl
reports an SSL protocol error; I suspect this is actually a timing
issue related to starting up the master and not being
ready to to accecpt connections.
|
|\ \ \
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
* spec/unit/node/facts_spec.rb
Updates:
* spec/unit/interface/action{,_builder}_spec.rb
=> update for 'when_invoked' block being required.
|
| | | |
|
| | |
| | |
| | |
| | | |
other tests
|
| | |
| | |
| | |
| | | |
Need to restart puppet master to detect changes made to auth.conf
|
| | | |
|
| | | |
|