summaryrefslogtreecommitdiffstats
path: root/lib/puppet/indirector
Commit message (Collapse)AuthorAgeFilesLines
* Removed spurious "exec" from a debug stringJeff Blaine2011-08-251-1/+1
|
* Merge branch '2.7.x'Nick Lewis2011-08-248-32/+0
|\ | | | | | | | | | | | | | | | | | | Conflicts: lib/puppet/feature/base.rb lib/puppet/file_serving/configuration.rb spec/unit/indirector/ssl_file_spec.rb spec/unit/parser/functions/extlookup_spec.rb spec/unit/resource/catalog_spec.rb test/language/ast/variable.rb
| * Treat Windows absolute paths as absolute pathsJacob Helwig2011-08-191-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we only considered files that matched the *nix concept of 'absolute' as being absolute paths. Since absolute paths on Windows look more like URLs with this world-view, we need to specifically look for the Windows absolute paths, and treat them as such. We will still treat *nix absolute paths as absolute on Windows, even though they are actually relative to the "current" drive. We do not currently limit which "style" of absolute path is allowed based on what the agent is. Reviewed-by: Nick Lewis <nick@puppetlabs.com> (cherry picked from commit 568d25ee10effd5e87c57cdc8c24280eabf9cd93)
| * Remove Puppet::Util::Cacher use from Puppet::Indirector::IndirectionNick Lewis2011-08-191-5/+3
| | | | | | | | | | | | | | | | | | | | Previously, indirections were storing their termini in a cached_attr, so that they could be easily cleared for tests. Because this provides no value outside of testing, we instead simply create an attr_reader for termini, and expire them manually in tests. Reviewed-By: Jacob Helwig <jacob@puppetlabs.com> (cherry picked from commit e74090468192697a6a2447dc6fcece3dd09a46f1)
| * Remove use of Util::Cacher in FileServing::ConfigurationNick Lewis2011-08-191-1/+1
| | | | | | | | | | | | | | | | | | | | This class was using Util::Cacher for its singleton instance, when that was unnecessary. The FileServing::Configuration instance already manages whether or not to reparse its config file, based on whether it has changed. Thus, there is no need for it to be manually expired via the cacher. Reviewed-By: Jacob Helwig <jacob@puppetlabs.com> (cherry picked from commit 4bad729f56c26d8154cd0f20614fa4e478de9d40)
| * (#8489) Consistently use File::PATH_SEPARATORJosh Cooper2011-08-191-2/+2
| | | | | | | | | | | | | | | | | | Puppet uses both colon and File::PATH_SEPARATOR in various places, which does not work on Windows, where File::PATH_SEPARATOR is a semi-colon. This commit changes the code and tests to consistently use File::PATH_SEPARATOR. Reviewed-by: Jacob Helwig <jacob@puppetlabs.com> (cherry picked from commit 26ee468e8b963d63933d9a27a65d55510ff87618)
| * maint: remove inaccurate copyright and license statements.Daniel Pittman2011-08-188-32/+0
| | | | | | | | | | | | | | | | | | | | | | For a while Luke, and other authors, injected a created tag, copyright statement, and "All rights reserved" into every new file they added to the Puppet project. This isn't really true, and we have a global license covering the code, so we have now stripped out all those old tags. Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
* | Merge branch '2.7.x'Matt Robinson2011-08-152-17/+33
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7.x: (25 commits) (#4411) Explain that runinterval = 0 does not mean "never run" Maint: Fix missing option text in puppet agent and arrange options alphabetically (#8302) Improve documentation of exec providers (#7853) Clarify and complete docs for the tagmail report processor Maint: Mention that audit metaparameter will accept "all" Maint: Adjust wording for file type's content parameter Maint: Fix poor documentation for versioncmp function. maint: Fix case sensitive require maint: Add inspect app options to help maint: Fix inspect help Increment lib/puppet.rb VERSION string Updated CHANGELOG for 2.7.3rc1 (#4762) Ensure that clients on the moon can successfully connect. Add document outlining preferred contribution methods Add document outlining preferred contribution methods Add document outlining preferred contribution methods Revert "Merge branch 'vcsrepo'" Revert "Merge branch 'vcsrepo'" Updating CHANGELOG for 2.7.2rc3 (#8704) Give better errors for invalid fileserver.conf ... Manually Resolved Conflicts: lib/puppet/parser/functions/versioncmp.rb spec/integration/node/facts_spec.rb
| * Fix #1886 - Add node cleanup capabilityPeter Meier2011-07-272-17/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Here is a changeset that adds a new action to the puppet node face. This application removes all traces of a node on the puppetmaster (including certs, cached facts and nodes, reports, and storedconfig entries). Furthermore it is capable of unexporting exported resources of a host so that consumers of these resources can remove the exported resources and we will safely remove the node from our infrastructure. Usage: puppet node clean [--unexport] <host> [<host2> ...] To achieve this we add different destroy methods to the different parts of the indirector. So for example for yaml indirections we already offer read access for the yaml, this changeset adds the destroy handler which only removes the yaml file for a request. This can be used to remove cached entries. This work is based on the initial work of Brice Figureau <brice-puppet@daysofwonder.com>
* | Treat Windows absolute paths as absolute pathsJacob Helwig2011-08-021-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we only considered files that matched the *nix concept of 'absolute' as being absolute paths. Since absolute paths on Windows look more like URLs with this world-view, we need to specifically look for the Windows absolute paths, and treat them as such. We will still treat *nix absolute paths as absolute on Windows, even though they are actually relative to the "current" drive. We do not currently limit which "style" of absolute path is allowed based on what the agent is. Reviewed-by: Nick Lewis <nick@puppetlabs.com>
* | Merge branch '2.7.x'Matt Robinson2011-07-261-1/+3
|\| | | | | | | | | | | * 2.7.x: maint: Suggest where to start troubleshooting SSL error message maint: Fix cert app to print help and exit if no subcommand
| * maint: Suggest where to start troubleshooting SSL error messageMatt Robinson2011-07-261-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Much like the infamous "hostname was not match" error message, there's another SSL error that people run into that isn't clear how to troubleshoot. err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. As far as I can tell this only ever happens when the clock is off on the master or client. People seem to think it will happen other times, but I haven't been able to reproduce it other ways - missing private key, revoked cert, offline CA all have their own errors. I googled around and the only thing I've seen for this error in relation to puppet is the time sync problem. So the error message text just has some additional info to suggest you check your clocks. Reviewed-by: Nick Lewis <nick@puppetlabs.com>
* | Merge branch '2.7.x'Nick Lewis2011-07-252-7/+19
|\| | | | | | | | | | | Conflicts: lib/puppet/type/file/source.rb spec/unit/resource/catalog_spec.rb
| * Merge branch '2.6.x' into 2.7.xNick Lewis2011-07-251-0/+2
| |\
| | * maint: Add debug logging when the master receives a reportMatt Robinson2011-07-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | It's always bothered me that when running puppet inspect (or any application that produces a report really) the master gives no indication that anything happened when it processes the report. Reviewed-by: Max Martin <max@puppetlabs.com>
| * | (#7290) Update indirected Faces to avoid unknown options.Daniel Pittman2011-07-221-4/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that we enforce that options must be declared, the model we exposed in the Ruby API (but not the CLI facade) was that you could pass additional arguments to the indirection method by passing them as unknown options doesn't work. Instead, explicitly declare an option, `extra`, that accepts the final argument to be passed direct to the indirection. This makes things work smoothly, as well as making it possible (once you can input a hash on the command line) to invoke extra arguments from the facade too... Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
| * | maint: don't print inside action implementations.Daniel Pittman2011-07-221-3/+3
| | | | | | | | | | | | | | | | | | | | | Rather than printing directly, we should return the data from the Action and allow the facade to route that to the user directly. Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
* | | Remove Puppet::Util::Cacher use from Puppet::Indirector::IndirectionNick Lewis2011-07-211-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, indirections were storing their termini in a cached_attr, so that they could be easily cleared for tests. Because this provides no value outside of testing, we instead simply create an attr_reader for termini, and expire them manually in tests. Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
* | | Remove use of Util::Cacher in FileServing::ConfigurationNick Lewis2011-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | This class was using Util::Cacher for its singleton instance, when that was unnecessary. The FileServing::Configuration instance already manages whether or not to reparse its config file, based on whether it has changed. Thus, there is no need for it to be manually expired via the cacher. Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
* | | (#8489) Consistently use File::PATH_SEPARATORJosh Cooper2011-07-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Puppet uses both colon and File::PATH_SEPARATOR in various places, which does not work on Windows, where File::PATH_SEPARATOR is a semi-colon. This commit changes the code and tests to consistently use File::PATH_SEPARATOR. Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
* | | (#7080) Registering PSON document typesLuke Kanies2011-07-151-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | We were originally using the actual constant for both Indirector Requests and Nodes, and this registers their document types as symbolic names. Signed-off-by: Luke Kanies <luke@puppetlabs.com> Reviewed-by: Nick Lewis <nick@puppetlabs.com>
* | | (7080) Adding json support to Indirector RequestLuke Kanies2011-07-151-2/+49
|/ / | | | | | | | | | | | | | | We'll be using this to do RPC over mcollective. Reviewed-by: Daniel Pittman <daniel@puppetlabs.com> Reviewed-by: Nick Lewis <nick@puppetlabs.com> Signed-off-by: Luke Kanies <luke@puppetlabs.com>
* | (#7224) Reword 'hostname was not match' error messageNick Lewis2011-06-141-7/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This error message is grammatically incorrect and unhelpful, so we replace it with a message that explains more correctly what went wrong and what was expected. This message happens when making an authenticated connection to a server where the certificate doesn't match its hostname. This happens in the REST terminuses, so we wrap their HTTP methods with a helper that will catch the appropriate SSLError and re-raise it with the better message stating the hostname used, and the list of hostnames that we were expecting it to be a part of. Unfortunately, because the certificate in question isn't available at error time, we have to use the Net::HTTP#verify_callback to capture it. Paired-With: Jacob Helwig <jacob@puppetlabs.com> Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
* | Merge branch '2.7rc' into 2.7.xNick Lewis2011-06-082-6/+145
|\ \
| * | (#6873) Add Static Compiler terminus to 2.7.0Luke Kaines2011-06-071-0/+137
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the static compiler terminus to the release. This wraps the default compiler terminus, and post-processes the catalog to rewrite every file reference using the 'puppet://' URI/protocol into filebucket references that use the MD5 checksum of the file contents. This provides a genuinely static catalog, in terms of content: there are no external dependencies that can change to make the behaviour of applying this catalog change. It also eliminates the describe calls from file checking, as all the metadata is stored locally in the catalog. This can be a substantial performance increase for nodes, especially those that manage large trees of recursive files. To use this set the `catalog_terminus` to `static_compiler`; the resultant catalog will then reference only static content. This does not, however, put the required files into the filebucket on the client. There are some limitations of this code: * Files are all read into memory rather than streamed. This will definitely cause problems with large files, but the filebucket doesn't currently handle streaming. * We think the recursion behavior is equivalent, but can't really guarantee it without a good bit of testing. * You have to populate the client filebucket manually. We don't have any support for doing this automatically, not even through variant access to the catalog downloader. * Behavior on the server is currently undefined if your puppet masters are behind a load balancer and they're configured to do fileserving through that load balancer. It should work, but it probably won't be that fast. You can see https://github.com/lak/puppet-static-compiler for the original prototype this was inherited from, which includes some example code for scanning the downloaded catalog and fetching resources into the filebucket. Reviewed-By: Daniel Pittman <daniel@puppetlabs.com>
| * | (#7764, 7775, 7778) Revisions to Faces help textnfagerlund2011-06-071-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per UX review of help text, this commit makes several changes over the breadth of the Faces help: * Preface API-only action summaries/descriptions with "API only." (issue #7775) * Provide both CLI and API info in "returns," with the CLI info first. (issue #7778) * Summaries should be sentences. (Add punctuation.) * First sentences of descriptions should reiterate summaries. (Summaries and descriptions should be displayed far enough apart that this isn't a problem.) * Standardize on "subcommand" instead of "face" when talking about the entity you invoke at the command line. (Use "face" when describing API use.) * Fix outdated or clunky text in several faces.
| * | (#7773, 7776, 7764) Several help template tweaksnfagerlund2011-06-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per UX review of help output, this commit makes several changes to templates and shared help text: * Change "unknown" to "undocumented" * Remove copyright from short help * Point readers to the man pages (issue 7773) * Remove examples from short help (issue 7776) * Remove summary from short help and make it a fallback for description * Edit common option summaries to fit on a single 80-col line
* | | Merge branch '2.7rc' into 2.7.xMax Martin2011-06-021-2/+2
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7rc: (24 commits) (#7746) Fix bootstrap issues from #7717 fix. (#7683) Use ronn, when available, to render the output. (#7683) Add a 'man' face and subcommand to Puppet. maint: remove obsolete work-around code from help face. (#7699) Don't duplicate inherited action names on faces. (#7177) Deprecate implicit 'puppet apply' for 2.7.0 (#7717) Layout cleanup for subcommand extraction. #7211: Test unknown options don't shadow unknown actions. #7211: nasty logic error with global Face options taking arguments. #7211: more helpful error messages in various cases. (#7708) Delete extended documentation from configuration reference (#7707) Document signals in puppet agent and puppet master help add puppet master polling step for ticket 7117 (#5318) Always notice changes to manifests when compiling. (#7557) Remove Faces Application maint: Fix order dependent spec failure for face indirection (#7690) Don't blow up when listing terminuses available for faces maint: Dedup the loadpath so we don't have to walk it multiple times Maint: Fix ellipses for short descriptions (#7563) DRY: Remove indirector boilerplate from individual faces ... Conflicts (resolved manually): acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb lib/puppet/application/faces.rb lib/puppet/face/help/man.erb lib/puppet/indirector/face.rb spec/shared_behaviours/documentation_on_faces.rb
| * | Merge branch 'ticket/2.7rc/maint-faces_docs_spec_fixes' into ↵Matt Robinson2011-05-261-6/+3
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ticket/2.7rc/maint-doc_changes_without_failures * ticket/2.7rc/maint-faces_docs_spec_fixes: maint: Fix order dependent spec failure for face indirection (#7690) Don't blow up when listing terminuses available for faces maint: Dedup the loadpath so we don't have to walk it multiple times Maint: Fix ellipses for short descriptions Resolved Conflicts: lib/puppet/interface/documentation.rb
| | * | (#7690) Don't blow up when listing terminuses available for facesMatt Robinson2011-05-261-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, in order to list the available terminuses for an indirected face we loaded all the the terminuses in order to list them. This meant that if a terminus like active_record didn't have the dependencies it needed, the documentation would raise errors and not list terminuses. <Puppet::Error: Could not autoload filename uninitialized constant Object::ActiveRecord> Now we just list the terminuses available in the load path without trying to load them. The terminus will still raise an error if you try to use it without its dependencies being met. Paired-with: Max Martin <max@puppetlabs.com>
| * | | (#7561) Complete help text for all faces and actionsnfagerlund2011-05-261-26/+29
| |/ / | | | | | | | | | | | | | | | Faces help output relies on input from the documentation methods in each of the faces to be documented. This commit calls those methods in each of our faces, with varying levels of detail depending on their complexity.
* | | (#7690) Don't blow up when listing terminuses available for facesMatt Robinson2011-05-261-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, in order to list the available terminuses for an indirected face we loaded all the the terminuses in order to list them. This meant that if a terminus like active_record didn't have the dependencies it needed, the documentation would raise errors and not list terminuses. <Puppet::Error: Could not autoload filename uninitialized constant Object::ActiveRecord> Now we just list the terminuses available in the load path without trying to load them. The terminus will still raise an error if you try to use it without its dependencies being met. Paired-with: Max Martin <max@puppetlabs.com>
* | | (#7561) Complete help text for all faces and actionsnfagerlund2011-05-261-26/+29
| | | | | | | | | | | | | | | | | | Faces help output relies on input from the documentation methods in each of the faces to be documented. This commit calls those methods in each of our faces, with varying levels of detail depending on their complexity.
* | | Merge branch '2.6.x' into 2.7.nextPieter van de Bruggen2011-05-181-3/+3
|\ \ \ | |/ / |/| / | |/
| * (#3836) External nodes should only capture stdoutOliver Hookins2011-05-131-3/+3
| | | | | | | | This patch prevents stdout and stderr from being combined by Puppet::Util.execute, when used by Puppet::Indirector::Exec for external nodes.
| * Fixed #7166 - Replaced deprecated stomp "send" method with "publish"James Turnbull2011-04-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | The "send" method in the stomp gem has been deprecated since: http://gitorious.org/stomp/mainline/commit/d542a976028cb4c5badcbb69e3383e746721e44c It's been replaced with the "publish" method. Also renamed the send_message method to publish_message more in keeping with language used in queuing.
| * Fix #4339 - Locally save the last report to $lastrunreportBrice Figureau2011-04-051-0/+11
| | | | | | | | | | | | | | | | Using the cache terminus system, when --report is on, we are now caching the last report as a yaml file in the $lastrunreport file (which by default is $statedir/last_run_report.yaml). Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
* | (Maint) Adjust documentation whitespacenfagerlund2011-05-041-5/+5
| | | | | | | | | | The patch from issue #7221 permits indented heredocs. This patch takes advantage of that to make the doc strings less messy.
* | (#6962) Add self-documentation data to puppet facesnfagerlund2011-05-041-4/+32
| | | | | | | | | | | | This patch adds documentation strings to most of the faces, actions, and options introduced in 2.7.0. There are a small number of TK notes remaining, and longer strings have not been indented to take advantage of the patch from issue #7221.
* | maint: move the indirector face base out of puppet/faceDaniel Pittman2011-05-021-0/+94
| | | | | | | | | | | | | | | | | | We used to shove the base class Puppet::Face::Indirector next to the actual faces; this made a bunch of things, including testing, confusing. Instead, move it away into the indirector where it lives with the rest of the indirector related things. Reviewed-By: Nick Lewis <nick@puppetlabs.com>
* | Revert "(7080) Adding json support to Indirector Request"Max Martin2011-04-211-49/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit e0615cbc1eea67ef8caf4edbc8b7b3d3ce618f4d. The JSON patch series has caused problems with the inventory service, and further discussion is needed to decide how to serialize objects to PSON with regards to future compatibility. Conflicts: spec/unit/indirector/request_spec.rb Paired-with:Matt Robinson <matt@puppetlabs.com>
* | Fixed #7166 - Replaced deprecated stomp "send" method with "publish"James Turnbull2011-04-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | The "send" method in the stomp gem has been deprecated since: http://gitorious.org/stomp/mainline/commit/d542a976028cb4c5badcbb69e3383e746721e44c It's been replaced with the "publish" method. Also renamed the send_message method to publish_message more in keeping with language used in queuing.
* | Merge remote-tracking branch 'community/feature/puppet-device' into 2.7.xPieter van de Bruggen2011-04-181-0/+25
| | | | | | | | Reviewed-By: Mike Stahnke
* | (7080) Adding json support to Indirector RequestLuke Kanies2011-04-141-2/+49
| | | | | | | | | | | | | | We'll be using this to do RPC over mcollective. Reviewed-by: Daniel Pittman <daniel@puppetlabs.com> Signed-off-by: Luke Kanies <luke@puppetlabs.com>
* | (#6117) Add POST support to indirector requestsNick Lewis2011-04-121-1/+11
| | | | | | | | | | | | | | | | | | POST with a singular indirection is turned into a find in the indirector. When making a large find request from a REST terminus, POST is used, and for small requests, GET is used for backward compatibility. Paired-With: Jesse Wolfe
* | Merge branch 'ticket/next/3360' into nextNick Lewis2011-04-121-0/+8
|\ \
| * | (#3360) Add an allow_duplicate_certs optionNick Lewis2011-04-121-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | If this option is true, a certificate request with the same CN as an existing certificate will override the existing certificate when signed. With the option false, the new certificate request will be rejected. This option will default to false. Paired-With: Max Martin
* | | Fixing Indirector::Facts::Couch loadingLuke Kanies2011-04-091-3/+5
|/ / | | | | | | | | | | | | | | | | | | | | It was previously failing to load at all if couch was missing, but now it only fails on initialization. This means that you can tell that the terminus is there when you're missing couch, but you just can't use it. Signed-off-by: Luke Kanies <luke@puppetlabs.com> Reviewed-by: Daniel Pittman <daniel@puppetlabs.com>
* | Merge branch 'feature/master/5528-certificates_signing_api' into nextMax Martin2011-04-053-0/+96
|\ \ | | | | | | | | | | | | * feature/master/5528-certificates_signing_api: (#5528) Add REST API for signing, revoking, retrieving, cleaning certs
| * | (#5528) Add REST API for signing, revoking, retrieving, cleaning certsMax Martin2011-04-053-0/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a new Indirector terminus, certificate_status, which allows for signing, revoking, listing, and cleaning SSL certificates over HTTP via REST. Documentation for these new features can be found in our REST API documentation on the docs site: http://docs.puppetlabs.com/guides/rest_api.html This documentation has not been updated as of the writing of this commit, but will be very soon. Puppet::SSL::Host is now fully integrated into the Indirector. Paired-with:Matt Robinson, Jacob Helwig, Jesse Wolfe, Richard Crowley, Luke Kanies