| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6.x:
(#5304) Use internal_name rather than real_name for maillist provider
Updated CHANGELOG and version for 2.6.4
Revert "(#5304) Use internal_name rather than real_name for maillist provider"
Disable remote ralsh by default
(#5424) Ship auth.conf as part of installing from source
(#5304) Use internal_name rather than real_name for maillist provider
Renamed Reductive to Puppet
Manually Resolved Conflicts:
lib/puppet/provider/maillist/mailman.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We've switched to using list_lists --bare which shows the internal_name
rather than "real_name", which is the authoritative identifier.
Doing this also means we have less output to scrub, so the code is simpler.
Modified by Markus as-per discussion with Nigel.
Signed-off-by: Nigel Kersten <nigel@puppetlabs.com>
|
| | |
| |
| |
| | |
This reverts commit 779fea867a9e23ad48cd877a88756cc5792e9e0c.
|
| | |
| |
| |
| |
| |
| |
| | |
Changed the default auth.conf so that accesses to "/resource" are no
longer allowed. This means that to use "puppet resource -H" you will
need to configure the target machine to enable access to the
"/resource" URLs.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We've switched to using list_lists --bare which shows the internal_name
rather than "real_name", which is the authoritative identifier.
Doing this also means we have less output to scrub, so the code is simpler.
Signed-off-by: Nigel Kersten <nigel@puppetlabs.com>
|
| | |
| |
| |
| | |
I swear I've done this before. *confused*
|
| |\ \
| | |
| | |
| | |
| | | |
* ticket/next/5211:
(#5211) Added patch and tests for checking the size of the arrary which is returned
|
| | |/
| |
| |
| | |
returned
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As mentioned in the ticket it is not obvious that aliases do not belong
in the resourcename but have to be specified with the property
"host_aliases". On the puppet-user list I saw someone using this as a
resource
@@sshkey {"$fqdn,$hostname,$ipaddress":
type => rsa,
key => $sshrsakey,
}
Puppet will now write a correct entry to the know_hosts file, but when
it rereads the file, the field $fqdn,$hostname,$ipaddress is split into
name ($fqdn) and host_aliases ([$hostname,$ipaddress]). Since we dont
find the resource the user specified, puppet will put the same key in
the file over and over again. This patch adds a simple validation on
resourcename.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change replaces calls to <model object>.save with calls to <model
class>.indirection.save(<model object>). This makes the use of the
indirector explicit rather than implicit so that it will be easier to
search for all indirector call sites using grep. This is an
intermediate refactor on the way towards allowing indirector calls to
be explicitly routed to multiple termini.
This patch affects production code.
|
| | |
| |
| |
| |
| | |
Changed to match the signature of the method being overridden. This
will allow code to call Facts.indirection.save() without a key.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Autosigning was previously accomplished by overriding
CertificateRequest#save. This meant that it wouldn't work if
certificate requests were saved via a direct call to Indirection#save.
Changed it to use the indirector :extend mechanism, which works no
matter how the save is invoked.
|
| | |
| |
| |
| | |
The first argument was often nil, and the second was mandatory.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
In commit 71ecad9904c8c48c023e90e5fbea5b26b180c9cf we removed the
delegation from model class to indirection for the "find", "search",
"destroy", and "expire" methods. When we did this we neglected to
modify http handler code to call the indirector directly. This patch
makes the appropriate changes to http handler code.
|
| | |
| |
| |
| |
| |
| | |
Replaced uses of the find, search, destroy, and expire methods on
model classes with direct calls to the indirection objects. Also
removed the old methods that delegated to the indirection object.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
indirector
This file was never being required, and was inconsistent with the way
SSL is used in the indirector.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Puppet apply used to contain code that duplicated the functionality of
configurer.run. Refactored to share code.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
patch originally from Grzegorz Nosek with contributions on
the test from Oliver Hookins.
checks if the current version is greater than the should
version, if so, calls yum downgrade.
Reviewed-by: Matt Robinson
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch removes the escaping of valid UTF-8 sequences as "\uXXXX".
This code was unreliable, as it relied on Iconv's ability to convert
those codepoints between UTF-8 and UTF-16, but some versions of Iconv
barf on some valid codepoints.
Invalid UTF-8 sequences are still passed through unchanged. We believe
that this is fine; if you are concerned about complience with the JSON
standard, what we are doing is equivalent to:
* interpreting binary files as Latin-1 encoded character sequences
* JSON-encoding those characters according to RFC 4627
* outputting the JSON as Latin-1
This allows all raw binary files to be transmitted losslessly.
Paired-With: Paul Berry <paul@puppetlabs.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
From the spec directory I found all the specs that fail when run on their own.
for TEST in `find . -name "*.rb" -type f`; do
spec $TEST > /dev/null 2>&1
if [[ $? != 0 ]]; then
echo $TEST
fi
done
All of them were cases of missing requires.
Paired-with: Nick Lewis <nick@puppetlabs.com>
|
| |\ \
| | |
| | |
| | |
| | | |
Manually resolved conflicts:
spec/unit/configurer_spec.rb
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Using the cache terminus system, when --report is on, we are now
caching the last report as a yaml file in the $lastrunreport file
(which by default is $statedir/last_run_report.yaml).
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Puppet apply inconditionally saves its last run summary
like puppet agent.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Once a configuration run is done, puppetd will save on the node a
yaml summary report roughly akin to:
---
time:
notify: 0.001025
last_run: 1289561427
schedule: 0.00071
config_retrieval: 0.039518
filebucket: 0.000126
resources:
changed: 1
total: 8
out_of_sync: 1
events:
total: 1
success: 1
changes:
total: 1
This is almost an hash version of the current --summarize output, with
the notable exception that the time section includes the last run unix
timestamp.
The whole idea is to be able to monitor locally if a puppetd does its job.
For instance this could be used in a nagios check or to send an SNMP trap.
The last_run information might help detect staleness, and this summary
can also be used for performance monitoring (ie time section).
The resource section can also show the number of failed resources.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Puppet apply and Puppet agent use different code paths to run the
transaction. In the code path for Puppet apply, we weren't passing
the report to catalog.apply, and as a result catalog.apply was
creating its own report to store metrics in; this report was then
discarded. As a result, reports generated using "puppet apply" had no
metrics, and the "--summarize" option didn't work at all.
Fixed by modifying the "puppet apply" code path to pass the report to
catalog.apply. In the future it would be nice to refactor the two
code paths to be the same.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
If the hash containing log destinations gets corrupted, Log.close_all
could fail silently. This change adds an exception to make these
failures easier to debug should they ever happen again.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
destination.
Using an Array as a log destination is unreliable because Puppet's log
mechanism stores log destinations in a hash whose key is the
destination itself. Since arrays can change their hash when they are
modified, this was causing the log destination hash to become
corrupted, producing sporadic spec test failures.
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the parsefile provider for host parses /etc/hosts, it throws any
inlinecomment away. As a result they are also purged in /etc/hosts after
a puppetrun that detects a change. That could be dangerous because you
will lose information even about unmanaged resources.
So if you have something like
192.168.0.1 hostentry_not_managed_by_puppet # Important comment
in /etc/hosts the endresult will be
192.168.0.1\thostentry_not_managed_by_puppet
This patch introduces a new property "comment" for the host type. The
provider is nearly a complete rewrite and a lot shorter and hopefully
easier to understand.
|
| |\ \ \ |
|
| | | |/
| |/| |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We've switched to using list_lists --bare which shows the internal_name
rather than "real_name", which is the authoritative identifier.
Doing this also means we have less output to scrub, so the code is simpler.
Signed-off-by: Nigel Kersten <nigel@puppetlabs.com>
|
| |\ \ \
| | |/
| |/|
| | |
| | |
| | | |
Resolved conflicts manually:
spec/integration/indirector/bucket_file/rest_spec.rb
spec/integration/indirector/certificate_revocation_list/rest_spec.rb
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The patch for #4726 causes old unit tests of the rrd reporting
infrastructure to run on my machine. These tests were calling the old
report api, which does not succeed.
Also, the rrd settings had unintentionally been moved out of the
:metrics section, making it possible that the rrd report directory would
fail to get created during testing.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There was a section of code that didn't take the legacy RRD library into
account. This caused a unit test failure, but only if you have the RRD
legacy library installed, which I did.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | | |
This is based on the discussion on ticket, simplified slightly and with test
adjustment.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
The currious part is that this wasn't noticed before since it appears to block
server-first migration to 2.6.x and doesn’t appear to be the consequence of a
recent (2.6.3) change (unless, as is quite possible, I’m missing something).
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the responsibility for type-name resolution was moved to the AST nodes in
commit 449315a2c705df2396852462a1d1e14774b9f117, at least one instance was
missed: the space ship operator
Myclass <<| tag == foo |>>
fails unless Myclass has been previously loaded. This commit adds the lookup
to AST::Collection nodes in the same way it was added to the other node types.
Note that I haven't audited the other note types for similar cases.
|
| | | |
| | |
| | |
| | | |
My code smell routines bobbled this one, so I'm fixing it manually.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The query methods for the newly added password age properties didn't have the
same name as the properties, and thus the default retrieve method wan't finding
them and never got the current value from the provider. They were therefore
always seen as :absent and puppet always thought they needed to be set.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
We already had an internal implementation of which hiding under an assumed
name (Puppet::Util.binary); this commit calls it out of hiding and uses it
consisantly.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is a behavior change. Before this patch, we always used the currently
connected node's certname to compile the catalog, despite the value of
the catalog URI REST request.
With this patch we now use the URI as the compiled node name.
This is safe because the default auth.conf (and default inserted rules
when no auth.conf is present) only allow the given connected node to
compile its own catalog.
But this also allows for greater flexibility with auth.conf. For instance
it can be used by a monitoring system to check multiple nodes catalogs
with only one certificate:
path ~ ^/catalog/([^/]+)$
method find
allow $1
allow monitoring-station.domain.com
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The Puppet::Util.sync method was not thread safe and also leaked memory. I'm
not certain, but I believe the first is ironic and the second is merely a bug.
This patch addresses the problem by 1) refactoring so the sync objects
are never returned (and thus no one can cache a reference to one) 2) adding
reference counting 3) deleting them when they are no longer needed 4) doing
the thread safty dance.
It wasn't the first (or even second) solution considered, but it's the one
that I was able to make work in a way that I'm convinced is correct. Its
main advantage is that it puts all the tricky bits in one place.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The autoloading is not thread safe, which means two threads could both
autoload the same function at the same time.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It is a resurgence of #2366 that appeared because of the commit
8971d8.
Before this commit, for associating documentation comments, we
were preferring line numbers coming from the parser currently reducing rule,
instead of the current lexer line number (which can be in advance
of several tokens due to the nature of LALR parsers).
We now merge the ast line number before fetching the comment from the
lexer.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | | |
| | |
| | |
| | |
| | | |
The dbconnection option, if set to a positive integer, will be passed to
active record as the connection pool size (pool).
|
