| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
When we first touch a Face, we load all the available Actions from disk.
Given they define themselves against a specific version of a Face, they are
automatically available tied to the correct version; this makes it trivially
possible to locate those on demand and return them.
Now, we have the ability to find and, consequently, invoke Actions on older
versions of Faces. We don't load enough context, though: the older face will
only have external Actions defined, not anything core.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
As part of moving to load actions first, and their associated face, when
invoked from the command line, it makes sense to push the logic for finding
the action and face down into the Puppet::Face implementation.
This means that we can change the logic there without needing to update the
public part of the CLI implementation, and that any further facades can use
the same, correct, logic to locate the action for the face.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \
| | |_|_|_|_|_|_|_|_|_|_|/ /
| |/| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* 2.6.x:
(#6857) Password disclosure when changing a user's password
|
| | |\ \ \ \ \ \ \ \ \ \ \ \ \
| | |_|_|_|_|_|_|_|_|_|_|_|/
| |/| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
'barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password' into 2.6.x
* barn/tickets/2.6.x/6857-password-disclosure-when-changing-a-users-password:
(#6857) Password disclosure when changing a user's password
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Make the should_to_s and is_to_s functions to return a form of 'redacted'.
Rather than send the password hash to system logs in cases of failure or
running in --noop mode, just state whether it's the new or old hash. We're
already doing this with password changes that work, so this just brings it
inline with those, albeit via a slightly different pair of methods.
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Part of the progress toward getting the `puppet status` invocation working
nicely is that it should default to invoking the `find` operation. This
implements that, using the new runtime default action facility.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Given the inheritance model for actions, we are sometimes going to need to set
them to 'default' at runtime, rather than during their static declaration.
Add tests to verify that this works correctly, and update the code to ensure
that happens. This gives up caching of the default action, but this should be
an extremely rare operation - pretty much only CLI invocation, really.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This implement support for options with default values, allowing faces to set
those values when not invoked. This can eliminate substantial duplicate code
from actions, especially when there are face-level options in use.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
The Puppet::SSL::CertificateAuthority::Interface class was an early prototype
heading toward building out a system like Faces. Now that we have done that,
this changeset ports the early code to a new face.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Our SSL inventory was able to find the serial number of a certificate by name,
but was incapable of living up to the contract it offered, that it would
actually report when a certificate was missing.
Now it returns `nil`, which is the same case as "no inventory", if the
certificate was not found, rather than accidentally returning the entire
inventory data as raw strings.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This introduces a class representing a semantic version, and
implementing a few of the most common uses of them: validation,
comparison, and finding the greatest available version matching
a range. This refactoring also allows us to easily expand our
matching of version ranges in the future, which is a big plus.
Reviewed-By: Daniel Pittman
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
The problem was caused by the fact that the
options method returns a list of options that
treated the aliases as seperate options.
The fix is to only maintain a list of options
and not add all aliases to the options list.
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
The agent/apply/device man pages mentioned the 2 and 4 exit codes, but didn't
mention that they can combine to make 6 if there are both changes and failures.
This commit adds the missing information to all three man pages.
Reviewed-by: Matt Robinson <matt@puppetlabs.com>
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | |/ / / / / / / / / / / / /
| |/| | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
* 2.6.x:
(maint) Cleanup and strengthen acceptance tests
(#7144) Update Settings#writesub to convert mode to Fixnum
(maint) Fix platform dection for RHEL
Manually Resolved Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
spec/unit/util/settings_spec.rb
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
Settings#writesub was not checking the type of the mode value passed in
from the defaults, causing it to pass a string for mode to File.open,
leading to failures. This commit resolves that issue.
Paired-with: Matt Robinson <matt@puppetlabs.com>
|
| | |/ / / / / / / / / / / / /
|/| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
The link to the filesever configuration page linked to the wiki, which
links back to the docs site. Short circuiting that do just link to
where you want to go.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Even though the puppet module tool was fixed to generate the required
metadata attributes when it packages modules, it still creates an empty
metadata.json file that gets checked into everybody's module repos.
This causes the module to be unusable straight from a git clone since
puppet was requiring all the required metadata attributes just with the
presence of that file, and resulting in the error:
No source module metadata provided for mcollective at
This change makes it so that if you have an empty metadata.json (like
the moduletool generates), puppet doesn't consider it to have metadata.
If you have ANY metadata attributes in that file, it will still check to
make sure all the required attributes are present.
The work around up to this point has just been to delete the
metadata.json file in git cloned modules.
This also fixed the tests around this to actually run, since previously
the tests depended on the a json feature, which we didn't have. We do,
however, have a pson feature.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
2.7.x"
This reverts commit b7ee0258ab40478329c20177eda9b250f27ede18, reversing
changes made to 8fe2e555ac3d57f5b6503ffe1a5466db8d6e190a.
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
puppet help was reprinting every option once
for every alias that is had.
This fix involves only storing the option.name
in the @options instance var for both face and
actions options. The @options_hash still
maintains the list of options and aliases as its
keys.
Reviewed-by: Daniel Pittman (puppet-dev list)
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Without this change native resource types declared using the
create_resources() function are not contained within the class scope of
the function call. As a result, resources were "floating off" in the
graph, disconnected from the rest of the relationship edges.
With this change, the scope is preserved and native resources are
contained by the class the function call is executed from.
Reviewed-by: Dan Bode <dan@puppetlabs.com>
|
| | |_|_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Puppet's default reporturl setting was http://localhost:3000/reports, which has
been deprecated in Puppet Dashboard in favor of
http://localhost:3000/reports/upload. As Dashboard is the first-class
destination for the http report processor, this commit changes Puppet's default
to match what current versions of Dashboard expect.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| |\| | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
* 2.6.x:
(#7956) Porting cron tests
(#7956) Port resource acceptance tests
Readying for release of 2.6.9
(#6854) Update Red Hat spec file
Bumping release in lib/puppet.rb and updating CHANGELOG.
Bumping RPM spec file to 2.6.9rc1.
(#7506) Organize READMEs; specify supported Ruby versions in README.md
(#6418) Make test 64118 more portable
(#7127) Stop puppet if a prerun command fails
Do not needlessly create multiple reports when creating a transaction
(#4416) Ensure types are providified after reloading
(#4416) Always remove old provider before recreating it
Cleanup indentation, comment, and unused code
Conflicts:
CHANGELOG
README.md
conf/redhat/puppet.spec
lib/puppet.rb
lib/puppet/transaction.rb
spec/unit/configurer_spec.rb
spec/unit/transaction_spec.rb
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Before this change there were several problems with pre and post run
commands, logging, and sending of reports.
1. If a prerun command failed, puppet would attempt to apply the
catalog. Now puppet will not apply the catalog, but it will run the
postrun command and send the report (as it did before).
2. If a postrun command failed, puppet would not send the report. Sending the
report is now in an outer ensure block from the postrun command, so
postrun failures won't prevent the report from being sent.
3. Errors, e.g. Puppet.err, occuring during the prepare step, which
which includes plugin/fact download and prerun commands were not
appended to the report. Now the report log destination is registered as
early as possible, and unregistered as late as possible to ensure
Configurer errors that occur in the run method are included in the report.
4. The transaction was closing the Configurer's report destination out
from underneath it. As a result, postrun errors were not included in the
report.
Paired-with: Nick Lewis <nick@puppetlabs.com>
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Previously, the transaction would always create a report, which would
some times be overridden with a new report.
Now, the transaction optionally takes a report at initialization time,
and only creates a report of its own if none was provided.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Previously, the 'provider' parameter for a type was only added when creating a
provider for that type. This would cause a type to forget about its 'provider'
parameter when only the type was reloaded.
This was manifesting itself in pluginsync, when a provider plugin would be
loaded before its type, causing the type to be autoloaded. The type plugin
would then be loaded again by the plugin handler. Because the type => provider
information is stored separately from the type, the providers don't need to be
reloaded, and thus don't recreate the type's 'provider' parameter.
Now we always "providify" the type (add its 'provider' parameter) upon
creation, after trying to load its providers, if any providers are present.
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
In the case where provider class evaluation failed midway, the provider class
would be created but not registered. Thus, when checking whether it should be
removed, it wasn't found, and wasn't removed. This caused it to then fail to be
recreated, because it collided with the existing class.
Now we don't bother checking whether the provider is registered before we
remove it, since rmclass has the appropriate checks to do the unregistration,
and class removal safely.
Removing a provider class that has been created but not registered should not
be a problem since the only time this can happen is when the class is unusable
because of parsing or other fatal errors in the provider itself.
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
The Great Reindentation of '10 left certain structures indented incorrectly;
this addresses some of these instances.
The comment about loading all providers incorrectly stated that we're trying to
figure out the type, when we're actually trying to figure out the provider.
There was an unused variable initialization that was introduced in 2b14f627,
which was reverting c19835c, 9290cc8, and ffb4c2d.
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
The mis-indented code, extra newlines, and commented out code were
noticed while investigating the order dependent test failure fixed in
4365c8ba.
Reviewed-by: Max Martin <max@puppetlabs.com>
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Rdoc wouldn't parse lib/puppet/interface/options.rb
The offending code has been removed.
This was causing issues for users wishing to upgrade puppet,
via gem or puppet.
Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
This error message is grammatically incorrect and unhelpful, so we replace it
with a message that explains more correctly what went wrong and what was
expected. This message happens when making an authenticated connection to a
server where the certificate doesn't match its hostname. This happens in the
REST terminuses, so we wrap their HTTP methods with a helper that will catch
the appropriate SSLError and re-raise it with the better message stating the
hostname used, and the list of hostnames that we were expecting it to be a part
of.
Unfortunately, because the certificate in question isn't available at error
time, we have to use the Net::HTTP#verify_callback to capture it.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | | |_|_|_|_|_|_|_|_|_|_|_|/
| |/| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Alternate names, if present, are specified in the subjectAltName extension of
the certificate. The values are in the form:
"DNS:alternate_name1, DNS:alternate_name2"
This helper will retrieve the value of the subjectAltName extension and extract
the alternate names, returning and empty list if the extension is absent. This
will make it easier to access the entire list of possible names for a
certificate, rather than just the common name; this is helpful for generating
more detailed SSL error messages.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| |/ / / / / / / / / / / / /
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
and environment options
Puppet doc didn't have the usual subcommand caveat about configuration settings
being valid command line options, nor did it explicitly call out the three
settings that it actually cares about.
I opted to do the latter, since the number of relevant settings was so small.
Note that --environment is currently broken; this is filed as bug #7907.
|
| |\| | | | | | | | | | | | |
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This commit makes the following changes:
* Changes wrapping on some "returns" blocks to accomodate the way we prepend
"RETURNS: " to the first line in short help.
* Overrides description for save on faces where save is invalid. (Since save has
an inherited description, the description was contradicting the summary.)
* Adds notes on dummy arguments to short_description where applicable, so as to
show up in short help.
* Adds the termini list to the action short help template.
* Removes the authors block from short help for faces. (Save it for the man page.)
* Several trivial wording changes.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
We accidentally omitted whitespace between multiple options while building the
synopsis. This fixes that, by introducing a breakable space in the right
location.
Additionally, we extract the code that was 99 percent identical from the face
and action synopsis generators, push it down into the documentation module,
and then invoke it from both places.
This eliminates the duplicate code, allowing me to fix that bug once and have
it apply to both parts of the code; this is pretty much assured to be true
any time we change the synopsis generation.
Reviewed-By: Nick Fagerlund <nick.fagerlund@puppetlabs.com>
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This adds the static compiler terminus to the release. This wraps the default
compiler terminus, and post-processes the catalog to rewrite every file
reference using the 'puppet://' URI/protocol into filebucket references that
use the MD5 checksum of the file contents.
This provides a genuinely static catalog, in terms of content: there are no
external dependencies that can change to make the behaviour of applying this
catalog change.
It also eliminates the describe calls from file checking, as all the metadata
is stored locally in the catalog. This can be a substantial performance
increase for nodes, especially those that manage large trees of recursive
files.
To use this set the `catalog_terminus` to `static_compiler`; the resultant
catalog will then reference only static content. This does not, however, put
the required files into the filebucket on the client.
There are some limitations of this code:
* Files are all read into memory rather than streamed. This will definitely
cause problems with large files, but the filebucket doesn't currently
handle streaming.
* We think the recursion behavior is equivalent, but can't really guarantee
it without a good bit of testing.
* You have to populate the client filebucket manually. We don't have any
support for doing this automatically, not even through variant access to
the catalog downloader.
* Behavior on the server is currently undefined if your puppet masters are
behind a load balancer and they're configured to do fileserving through
that load balancer. It should work, but it probably won't be that fast.
You can see https://github.com/lak/puppet-static-compiler for the original
prototype this was inherited from, which includes some example code for
scanning the downloaded catalog and fetching resources into the filebucket.
Reviewed-By: Daniel Pittman <daniel@puppetlabs.com>
|
| | |\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
2.7rc
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
We introduced changes to our graph to reduce the number of edges when we had
container dependencies. As part of this the 'whit' object was created, and
used as an intermediate vertex to simplify processing.
During that change we introduced additional reporting, based on those whit
objects, about containment relationships during resource application failure.
Specifically, we would now report that the containing class(es) and stages of
any failed resource were failed, point-blank. This was unclear, because the
entire class had not failed, but only part of it, but also unhelpful, because
it turned a single failure into at least one additional report that contained
no additional information.
Now, instead, we suppress reporting for the whit resources. We still process
them identically; just the report is eliminated.
It isn't absolutely clear that this is the correct long term direction for
handling these objects, but it is the minimal change for the RC release.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Per UX review of help text, this commit makes several changes over the breadth
of the Faces help:
* Preface API-only action summaries/descriptions with "API only." (issue #7775)
* Provide both CLI and API info in "returns," with the CLI info first. (issue #7778)
* Summaries should be sentences. (Add punctuation.)
* First sentences of descriptions should reiterate summaries. (Summaries and
descriptions should be displayed far enough apart that this isn't a problem.)
* Standardize on "subcommand" instead of "face" when talking about the entity
you invoke at the command line. (Use "face" when describing API use.)
* Fix outdated or clunky text in several faces.
|
| | |/ / / / / / / / / / / /
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Per UX review of help output, this commit makes several changes to templates and
shared help text:
* Change "unknown" to "undocumented"
* Remove copyright from short help
* Point readers to the man pages (issue 7773)
* Remove examples from short help (issue 7776)
* Remove summary from short help and make it a fallback for description
* Edit common option summaries to fit on a single 80-col line
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \
| | |/ / / / / / / / / / /
| |/| | | | | | | | | | /
| |_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Conflicts:
acceptance/tests/ticket_5477_master_not_dectect_sitepp.rb
lib/puppet/application/apply.rb
lib/puppet/configurer.rb
lib/puppet/configurer/fact_handler.rb
spec/unit/application/apply_spec.rb
spec/unit/configurer/fact_handler_spec.rb
spec/unit/configurer_spec.rb
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Minor change to add a WARNING string as per feedback from UX.
Reviewed-by: Randall Hansen <randall@puppetlabs.com>
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
The output of puppet --genconfig was showing a blank line between the
description of the option and the default value line. This is because
of the here document being used in the first commit.
This change replaces the HERE document with a normal string that does
not contain a final newline.
In addition, the indentation of one of the default options was using 4
spaces instead of 2 and this has been corrected.
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
This change augments the in-line documentation for the node_name_fact and
node_name_value configuration settings. These settings will not work
effectively without additional changes elsewhere in the system, e.g. to
auth.conf.
In order to help the end user land softly if they choose to change these
settings, a short link URL we control and can redirect has been added
to each setting. These currently point to the community Wiki but may be
redirected to docs.puppetlabs.com in the future.
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Previously, pointing a setting like 'confdir' at a symlink to a directory would
replace the symlink with a directory. This was because files created by
settings implicitly managed links, rather than following them. This behavior is
now changed so that file settings will follow links.
The behavior of these symlinks is the same as any other file resource. That is,
if the target of the symlink doesn't exist, Puppet will consider this an
error. Similarly, if the target of the symlink is a file, then the symlink
will still be replaced with a directory, rather than replacing its target.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| | |\ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This adds the node_name_fact setting, which specifies a fact to use to
determine the node name. This allows dynamically determining the node name
without having to modify puppet.conf or command line options.
Using this setting requires modifying auth.conf to allow nodes to request
catalogs not matching their certnames.
For example, this would allow any authenticated node to retrieve any catalog:
# $confdir/auth.conf
path ~ /catalog/.+
allow *
The node_name_fact and node_name_value options are mutually exclusive, because
it is ambiguous which setting should take precedence.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
