| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/feature/base.rb
lib/puppet/file_serving/configuration.rb
spec/unit/indirector/ssl_file_spec.rb
spec/unit/parser/functions/extlookup_spec.rb
spec/unit/resource/catalog_spec.rb
test/language/ast/variable.rb
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we only considered files that matched the *nix concept of
'absolute' as being absolute paths. Since absolute paths on Windows
look more like URLs with this world-view, we need to specifically look
for the Windows absolute paths, and treat them as such.
We will still treat *nix absolute paths as absolute on Windows, even
though they are actually relative to the "current" drive. We do not
currently limit which "style" of absolute path is allowed based on
what the agent is.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
(cherry picked from commit 568d25ee10effd5e87c57cdc8c24280eabf9cd93)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, indirections were storing their termini in a cached_attr, so that
they could be easily cleared for tests. Because this provides no value outside
of testing, we instead simply create an attr_reader for termini, and expire
them manually in tests.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit e74090468192697a6a2447dc6fcece3dd09a46f1)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This class was using Util::Cacher for its singleton instance, when that was
unnecessary. The FileServing::Configuration instance already manages whether or
not to reparse its config file, based on whether it has changed. Thus, there is
no need for it to be manually expired via the cacher.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 4bad729f56c26d8154cd0f20614fa4e478de9d40)
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Puppet uses both colon and File::PATH_SEPARATOR in various places, which
does not work on Windows, where File::PATH_SEPARATOR is a semi-colon. This
commit changes the code and tests to consistently use File::PATH_SEPARATOR.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 26ee468e8b963d63933d9a27a65d55510ff87618)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For a while Luke, and other authors, injected a created tag, copyright
statement, and "All rights reserved" into every new file they added to the
Puppet project.
This isn't really true, and we have a global license covering the code, so
we have now stripped out all those old tags.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.7.x: (25 commits)
(#4411) Explain that runinterval = 0 does not mean "never run"
Maint: Fix missing option text in puppet agent and arrange options alphabetically
(#8302) Improve documentation of exec providers
(#7853) Clarify and complete docs for the tagmail report processor
Maint: Mention that audit metaparameter will accept "all"
Maint: Adjust wording for file type's content parameter
Maint: Fix poor documentation for versioncmp function.
maint: Fix case sensitive require
maint: Add inspect app options to help
maint: Fix inspect help
Increment lib/puppet.rb VERSION string
Updated CHANGELOG for 2.7.3rc1
(#4762) Ensure that clients on the moon can successfully connect.
Add document outlining preferred contribution methods
Add document outlining preferred contribution methods
Add document outlining preferred contribution methods
Revert "Merge branch 'vcsrepo'"
Revert "Merge branch 'vcsrepo'"
Updating CHANGELOG for 2.7.2rc3
(#8704) Give better errors for invalid fileserver.conf
...
Manually Resolved Conflicts:
lib/puppet/parser/functions/versioncmp.rb
spec/integration/node/facts_spec.rb
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Here is a changeset that adds a new action to the puppet node face.
This application removes all traces of a node on the puppetmaster
(including certs, cached facts and nodes, reports, and storedconfig
entries).
Furthermore it is capable of unexporting exported resources of a
host so that consumers of these resources can remove the exported
resources and we will safely remove the node from our
infrastructure.
Usage:
puppet node clean [--unexport] <host> [<host2> ...]
To achieve this we add different destroy methods to the different
parts of the indirector. So for example for yaml indirections we
already offer read access for the yaml, this changeset adds
the destroy handler which only removes the yaml file for
a request. This can be used to remove cached entries.
This work is based on the initial work of Brice Figureau
<brice-puppet@daysofwonder.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we only considered files that matched the *nix concept of
'absolute' as being absolute paths. Since absolute paths on Windows
look more like URLs with this world-view, we need to specifically look
for the Windows absolute paths, and treat them as such.
We will still treat *nix absolute paths as absolute on Windows, even
though they are actually relative to the "current" drive. We do not
currently limit which "style" of absolute path is allowed based on
what the agent is.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
|\|
| |
| |
| |
| |
| | |
* 2.7.x:
maint: Suggest where to start troubleshooting SSL error message
maint: Fix cert app to print help and exit if no subcommand
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Much like the infamous "hostname was not match" error message, there's
another SSL error that people run into that isn't clear how to
troubleshoot.
err: Could not send report: SSL_connect returned=1 errno=0
state=SSLv3 read server certificate B: certificate verify failed.
As far as I can tell this only ever happens when the clock is off on the
master or client. People seem to think it will happen other times, but
I haven't been able to reproduce it other ways - missing private key,
revoked cert, offline CA all have their own errors. I googled around
and the only thing I've seen for this error in relation to puppet is the
time sync problem.
So the error message text just has some additional info to suggest you
check your clocks.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
|\|
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/type/file/source.rb
spec/unit/resource/catalog_spec.rb
|
| |\ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's always bothered me that when running puppet inspect (or any
application that produces a report really) the master gives no
indication that anything happened when it processes the report.
Reviewed-by: Max Martin <max@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now that we enforce that options must be declared, the model we exposed in the
Ruby API (but not the CLI facade) was that you could pass additional arguments
to the indirection method by passing them as unknown options doesn't work.
Instead, explicitly declare an option, `extra`, that accepts the final
argument to be passed direct to the indirection. This makes things work
smoothly, as well as making it possible (once you can input a hash on the
command line) to invoke extra arguments from the facade too...
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Rather than printing directly, we should return the data from the Action and
allow the facade to route that to the user directly.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, indirections were storing their termini in a cached_attr, so that
they could be easily cleared for tests. Because this provides no value outside
of testing, we instead simply create an attr_reader for termini, and expire
them manually in tests.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This class was using Util::Cacher for its singleton instance, when that was
unnecessary. The FileServing::Configuration instance already manages whether or
not to reparse its config file, based on whether it has changed. Thus, there is
no need for it to be manually expired via the cacher.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Puppet uses both colon and File::PATH_SEPARATOR in various places, which
does not work on Windows, where File::PATH_SEPARATOR is a semi-colon. This
commit changes the code and tests to consistently use File::PATH_SEPARATOR.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We were originally using the actual constant for both Indirector
Requests and Nodes, and this registers their document types
as symbolic names.
Signed-off-by: Luke Kanies <luke@puppetlabs.com>
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
We'll be using this to do RPC over mcollective.
Reviewed-by: Daniel Pittman <daniel@puppetlabs.com>
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
Signed-off-by: Luke Kanies <luke@puppetlabs.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This error message is grammatically incorrect and unhelpful, so we replace it
with a message that explains more correctly what went wrong and what was
expected. This message happens when making an authenticated connection to a
server where the certificate doesn't match its hostname. This happens in the
REST terminuses, so we wrap their HTTP methods with a helper that will catch
the appropriate SSLError and re-raise it with the better message stating the
hostname used, and the list of hostnames that we were expecting it to be a part
of.
Unfortunately, because the certificate in question isn't available at error
time, we have to use the Net::HTTP#verify_callback to capture it.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adds the static compiler terminus to the release. This wraps the default
compiler terminus, and post-processes the catalog to rewrite every file
reference using the 'puppet://' URI/protocol into filebucket references that
use the MD5 checksum of the file contents.
This provides a genuinely static catalog, in terms of content: there are no
external dependencies that can change to make the behaviour of applying this
catalog change.
It also eliminates the describe calls from file checking, as all the metadata
is stored locally in the catalog. This can be a substantial performance
increase for nodes, especially those that manage large trees of recursive
files.
To use this set the `catalog_terminus` to `static_compiler`; the resultant
catalog will then reference only static content. This does not, however, put
the required files into the filebucket on the client.
There are some limitations of this code:
* Files are all read into memory rather than streamed. This will definitely
cause problems with large files, but the filebucket doesn't currently
handle streaming.
* We think the recursion behavior is equivalent, but can't really guarantee
it without a good bit of testing.
* You have to populate the client filebucket manually. We don't have any
support for doing this automatically, not even through variant access to
the catalog downloader.
* Behavior on the server is currently undefined if your puppet masters are
behind a load balancer and they're configured to do fileserving through
that load balancer. It should work, but it probably won't be that fast.
You can see https://github.com/lak/puppet-static-compiler for the original
prototype this was inherited from, which includes some example code for
scanning the downloaded catalog and fetching resources into the filebucket.
Reviewed-By: Daniel Pittman <daniel@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Per UX review of help text, this commit makes several changes over the breadth
of the Faces help:
* Preface API-only action summaries/descriptions with "API only." (issue #7775)
* Provide both CLI and API info in "returns," with the CLI info first. (issue #7778)
* Summaries should be sentences. (Add punctuation.)
* First sentences of descriptions should reiterate summaries. (Summaries and
descriptions should be displayed far enough apart that this isn't a problem.)
* Standardize on "subcommand" instead of "face" when talking about the entity
you invoke at the command line. (Use "face" when describing API use.)
* Fix outdated or clunky text in several faces.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Per UX review of help output, this commit makes several changes to templates and
shared help text:
* Change "unknown" to "undocumented"
* Remove copyright from short help
* Point readers to the man pages (issue 7773)
* Remove examples from short help (issue 7776)
* Remove summary from short help and make it a fallback for description
* Edit common option summaries to fit on a single 80-col line
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7rc: (24 commits)
(#7746) Fix bootstrap issues from #7717 fix.
(#7683) Use ronn, when available, to render the output.
(#7683) Add a 'man' face and subcommand to Puppet.
maint: remove obsolete work-around code from help face.
(#7699) Don't duplicate inherited action names on faces.
(#7177) Deprecate implicit 'puppet apply' for 2.7.0
(#7717) Layout cleanup for subcommand extraction.
#7211: Test unknown options don't shadow unknown actions.
#7211: nasty logic error with global Face options taking arguments.
#7211: more helpful error messages in various cases.
(#7708) Delete extended documentation from configuration reference
(#7707) Document signals in puppet agent and puppet master help
add puppet master polling step for ticket 7117
(#5318) Always notice changes to manifests when compiling.
(#7557) Remove Faces Application
maint: Fix order dependent spec failure for face indirection
(#7690) Don't blow up when listing terminuses available for faces
maint: Dedup the loadpath so we don't have to walk it multiple times
Maint: Fix ellipses for short descriptions
(#7563) DRY: Remove indirector boilerplate from individual faces
...
Conflicts (resolved manually):
acceptance/tests/ticket_7117_broke_env_criteria_authconf.rb
lib/puppet/application/faces.rb
lib/puppet/face/help/man.erb
lib/puppet/indirector/face.rb
spec/shared_behaviours/documentation_on_faces.rb
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
ticket/2.7rc/maint-doc_changes_without_failures
* ticket/2.7rc/maint-faces_docs_spec_fixes:
maint: Fix order dependent spec failure for face indirection
(#7690) Don't blow up when listing terminuses available for faces
maint: Dedup the loadpath so we don't have to walk it multiple times
Maint: Fix ellipses for short descriptions
Resolved Conflicts:
lib/puppet/interface/documentation.rb
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, in order to list the available terminuses for an indirected
face we loaded all the the terminuses in order to list them. This meant
that if a terminus like active_record didn't have the dependencies it
needed, the documentation would raise errors and not list terminuses.
<Puppet::Error: Could not autoload filename uninitialized constant Object::ActiveRecord>
Now we just list the terminuses available in the load path without
trying to load them. The terminus will still raise an error if you try
to use it without its dependencies being met.
Paired-with: Max Martin <max@puppetlabs.com>
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
Faces help output relies on input from the documentation methods in each
of the faces to be documented. This commit calls those methods in each of our
faces, with varying levels of detail depending on their complexity.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, in order to list the available terminuses for an indirected
face we loaded all the the terminuses in order to list them. This meant
that if a terminus like active_record didn't have the dependencies it
needed, the documentation would raise errors and not list terminuses.
<Puppet::Error: Could not autoload filename uninitialized constant Object::ActiveRecord>
Now we just list the terminuses available in the load path without
trying to load them. The terminus will still raise an error if you try
to use it without its dependencies being met.
Paired-with: Max Martin <max@puppetlabs.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Faces help output relies on input from the documentation methods in each
of the faces to be documented. This commit calls those methods in each of our
faces, with varying levels of detail depending on their complexity.
|
|\ \ \
| |/ /
|/| /
| |/ |
|
| |
| |
| |
| | |
This patch prevents stdout and stderr from being combined by Puppet::Util.execute, when used by Puppet::Indirector::Exec for external nodes.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "send" method in the stomp gem has been deprecated since:
http://gitorious.org/stomp/mainline/commit/d542a976028cb4c5badcbb69e3383e746721e44c
It's been replaced with the "publish" method.
Also renamed the send_message method to publish_message more in
keeping with language used in queuing.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Using the cache terminus system, when --report is on, we are now
caching the last report as a yaml file in the $lastrunreport file
(which by default is $statedir/last_run_report.yaml).
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
| |
| |
| |
| | |
The patch from issue #7221 permits indented heredocs. This patch takes advantage
of that to make the doc strings less messy.
|
| |
| |
| |
| |
| |
| | |
This patch adds documentation strings to most of the faces, actions, and options
introduced in 2.7.0. There are a small number of TK notes remaining, and longer strings
have not been indented to take advantage of the patch from issue #7221.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We used to shove the base class Puppet::Face::Indirector next to the actual
faces; this made a bunch of things, including testing, confusing. Instead,
move it away into the indirector where it lives with the rest of the
indirector related things.
Reviewed-By: Nick Lewis <nick@puppetlabs.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit e0615cbc1eea67ef8caf4edbc8b7b3d3ce618f4d.
The JSON patch series has caused problems with the inventory service,
and further discussion is needed to decide how to serialize objects to
PSON with regards to future compatibility.
Conflicts:
spec/unit/indirector/request_spec.rb
Paired-with:Matt Robinson <matt@puppetlabs.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "send" method in the stomp gem has been deprecated since:
http://gitorious.org/stomp/mainline/commit/d542a976028cb4c5badcbb69e3383e746721e44c
It's been replaced with the "publish" method.
Also renamed the send_message method to publish_message more in
keeping with language used in queuing.
|
| |
| |
| |
| | |
Reviewed-By: Mike Stahnke
|
| |
| |
| |
| |
| |
| |
| | |
We'll be using this to do RPC over mcollective.
Reviewed-by: Daniel Pittman <daniel@puppetlabs.com>
Signed-off-by: Luke Kanies <luke@puppetlabs.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
POST with a singular indirection is turned into a find in the indirector.
When making a large find request from a REST terminus, POST is used, and for
small requests, GET is used for backward compatibility.
Paired-With: Jesse Wolfe
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If this option is true, a certificate request with the same CN as an existing
certificate will override the existing certificate when signed. With the option
false, the new certificate request will be rejected. This option will default
to false.
Paired-With: Max Martin
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It was previously failing to load at all if couch was missing,
but now it only fails on initialization.
This means that you can tell that the terminus is there when
you're missing couch, but you just can't use it.
Signed-off-by: Luke Kanies <luke@puppetlabs.com>
Reviewed-by: Daniel Pittman <daniel@puppetlabs.com>
|
|\ \
| | |
| | |
| | |
| | | |
* feature/master/5528-certificates_signing_api:
(#5528) Add REST API for signing, revoking, retrieving, cleaning certs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit introduces a new Indirector terminus, certificate_status,
which allows for signing, revoking, listing, and cleaning
SSL certificates over HTTP via REST. Documentation for these new
features can be found in our REST API documentation on the docs site:
http://docs.puppetlabs.com/guides/rest_api.html
This documentation has not been updated as of the writing of this
commit, but will be very soon. Puppet::SSL::Host is now fully integrated
into the Indirector.
Paired-with:Matt Robinson, Jacob Helwig, Jesse Wolfe, Richard Crowley,
Luke Kanies
|