| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
| | |
| | |
| | |
| | | |
File ctime and mtime are now implemented as read-only properties, so
they can be examined with audit.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- #change_count now only counts events that represent successful
changes. It does not count failures, audits, or noops.
- #changed is equivalent to #change_count > 0.
- #out_of_sync_count (a new attribute) counts all events except audits.
- #out_of_sync is equivalent to #out_of_sync_count > 0.
This should hopefully make the summary statistics in reports more useful.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
are tested
This patch removes the Puppet::Transaction::Change class and replaces
it with a method,
Puppet::Transaction::ResourceHarness#apply_parameter. The new code is
shorter, more thoroughly unit tested, and addresses known bugs in
the interaction between auditing and performing changes.
This code does not address drawbacks in the report output (for example
a resource is still flagged as changed even if it merely contains
audit information); those will be addressed in a follow-up patch.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Current report formats are:
0: 0.25 reports and earlier
1: 0.26.1 - 0.26.4 reports
2: 0.26.5 and beyond
Paired-With: Jesse Wolfe
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Puppet apply used to contain code that duplicated the functionality of
configurer.run. Refactored to share code.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
The #write method in lib/puppet/type/file/content.rb relies on the block
passed to #sum_stream getting executed. "none", "mtime", and "ctime"
aren't real checksums, so they violated that assumption and just
returned empty results. This patch causes that block to get executed.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
From the spec directory I found all the specs that fail when run on their own.
for TEST in `find . -name "*.rb" -type f`; do
spec $TEST > /dev/null 2>&1
if [[ $? != 0 ]]; then
echo $TEST
fi
done
All of them were cases of missing requires.
Paired-with: Nick Lewis <nick@puppetlabs.com>
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
An entire environment object was being stored in a string field,
causing the ZAML form of the environment to be stored. This was
over-ridden to return just the ZAML serialized version of the name.
Since the hosts model didn't know how to interpret a serialized
value, it just returned the ZAML string as the environment. This
patch stringifies the environment before putting it in the hosts
table, which stores it properly.
This patch also introduces a new method of testing using Tableless
ActiveRecord models, which emulate their database schema. This
helps to eliminate some stubbing, but it is still impossible to
fully and accurately test all ActiveRecord interactions without a
real database.
Paired-With: Matt Robinson
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The previous maintenance patch for this file didn't provide as strong of
a guarantee of loading plugins as the code it replaced.
This patch restores the extremely broad exception catching, but prevents
mocha exceptions from being silently ignored.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch makes it possible to both audit and manage an attribute.
It introduces a new field on Event objects "historical_value", which is
the value from state.yaml. The value from the RAL is written to
state.yaml, and then the RAL is updated with the desired value.
Paired-With: Nick Lewis <nick@puppetlabs.com>
Paired-With: Matt Robinson <matt@puppetlabs.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A test was not testing what it claimed, but the failure exception was
getting swallowed by an unnecessarily broad rescue match.
Paired-With: Nick Lewis <nick@puppetlabs.com>
|
| |\ \ \ \ |
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch changes the internal representation of a file's mode to a
string instead of an integer. This simplifies the problem of displaying
the value consistently throughout all of puppet.
|
| |/ / /
| | |
| | |
| | | |
thus minimizing room for damage when usermod is in use.
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
"puppet inspect" will load the locally stored YAML catalog and record
the current state of the audited properties in the catalog. It uses
settings specified in the [agent] configuration section, and will send
its inspect report to the specified server.
Paired-With: Jesse Wolfe
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch removes the escaping of valid UTF-8 sequences as "\uXXXX".
This code was unreliable, as it relied on Iconv's ability to convert
those codepoints between UTF-8 and UTF-16, but some versions of Iconv
barf on some valid codepoints.
Invalid UTF-8 sequences are still passed through unchanged. We believe
that this is fine; if you are concerned about complience with the JSON
standard, what we are doing is equivalent to:
* interpreting binary files as Latin-1 encoded character sequences
* JSON-encoding those characters according to RFC 4627
* outputting the JSON as Latin-1
This allows all raw binary files to be transmitted losslessly.
Paired-With: Paul Berry <paul@puppetlabs.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
loading site.pp"
The fix for #4349 caused --parse-only not to detect syntax errors when
--ignore-import was used by adding a return statement that bypassed the
initial import:
commit 760e418d254a8d2198d2c6eb466d783a5930ef47
def perform_initial_import
+ return if Puppet.settings[:ignoreimport]
The problem that #4349 fixed was more generally fixed in commit
99c1019e1d3402ec8e476dc859d5aaef82ec4f69 for ticket #4798 so the return
statement is no longer needed, so reverting the commit for #4349 does
not reintroduce the problem of an import loop error when running puppet
doc.
Paired-with: Jesse Wolfe
|
| |/
|
|
|
|
|
|
|
|
|
| |
We've switched to using list_lists --bare which shows the internal_name
rather than "real_name", which is the authoritative identifier.
Doing this also means we have less output to scrub, so the code is simpler.
Modified by Markus as-per discussion with Nigel.
Signed-off-by: Nigel Kersten <nigel@puppetlabs.com>
|
| | |
|
| |
|
|
| |
This reverts commit 779fea867a9e23ad48cd877a88756cc5792e9e0c.
|
| |
|
|
|
|
|
| |
Changed the default auth.conf so that accesses to "/resource" are no
longer allowed. This means that to use "puppet resource -H" you will
need to configure the target machine to enable access to the
"/resource" URLs.
|
| |
|
|
|
|
|
|
|
| |
We've switched to using list_lists --bare which shows the internal_name
rather than "real_name", which is the authoritative identifier.
Doing this also means we have less output to scrub, so the code is simpler.
Signed-off-by: Nigel Kersten <nigel@puppetlabs.com>
|
| |
|
|
| |
I swear I've done this before. *confused*
|
| |
|
|
|
|
|
|
|
| |
The patch for #4726 causes old unit tests of the rrd reporting
infrastructure to run on my machine. These tests were calling the old
report api, which does not succeed.
Also, the rrd settings had unintentionally been moved out of the
:metrics section, making it possible that the rrd report directory would
fail to get created during testing.
|
| |
|
|
|
|
|
|
| |
There was a section of code that didn't take the legacy RRD library into
account. This caused a unit test failure, but only if you have the RRD
legacy library installed, which I did.
Paired-with: Jesse Wolfe <jesse@puppetlabs.com>
|
| |
|
|
|
| |
This is based on the discussion on ticket, simplified slightly and with test
adjustment.
|
| |
|
|
|
|
| |
The currious part is that this wasn't noticed before since it appears to block
server-first migration to 2.6.x and doesn’t appear to be the consequence of a
recent (2.6.3) change (unless, as is quite possible, I’m missing something).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When the responsibility for type-name resolution was moved to the AST nodes in
commit 449315a2c705df2396852462a1d1e14774b9f117, at least one instance was
missed: the space ship operator
Myclass <<| tag == foo |>>
fails unless Myclass has been previously loaded. This commit adds the lookup
to AST::Collection nodes in the same way it was added to the other node types.
Note that I haven't audited the other note types for similar cases.
|
| |
|
|
| |
My code smell routines bobbled this one, so I'm fixing it manually.
|
| | |
|
| |
|
|
|
|
|
| |
The query methods for the newly added password age properties didn't have the
same name as the properties, and thus the default retrieve method wan't finding
them and never got the current value from the provider. They were therefore
always seen as :absent and puppet always thought they needed to be set.
|
| |
|
|
|
|
| |
We already had an internal implementation of which hiding under an assumed
name (Puppet::Util.binary); this commit calls it out of hiding and uses it
consisantly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a behavior change. Before this patch, we always used the currently
connected node's certname to compile the catalog, despite the value of
the catalog URI REST request.
With this patch we now use the URI as the compiled node name.
This is safe because the default auth.conf (and default inserted rules
when no auth.conf is present) only allow the given connected node to
compile its own catalog.
But this also allows for greater flexibility with auth.conf. For instance
it can be used by a monitoring system to check multiple nodes catalogs
with only one certificate:
path ~ ^/catalog/([^/]+)$
method find
allow $1
allow monitoring-station.domain.com
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Puppet::Util.sync method was not thread safe and also leaked memory. I'm
not certain, but I believe the first is ironic and the second is merely a bug.
This patch addresses the problem by 1) refactoring so the sync objects
are never returned (and thus no one can cache a reference to one) 2) adding
reference counting 3) deleting them when they are no longer needed 4) doing
the thread safty dance.
It wasn't the first (or even second) solution considered, but it's the one
that I was able to make work in a way that I'm convinced is correct. Its
main advantage is that it puts all the tricky bits in one place.
|
| |
|
|
|
|
|
| |
The autoloading is not thread safe, which means two threads could both
autoload the same function at the same time.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is a resurgence of #2366 that appeared because of the commit
8971d8.
Before this commit, for associating documentation comments, we
were preferring line numbers coming from the parser currently reducing rule,
instead of the current lexer line number (which can be in advance
of several tokens due to the nature of LALR parsers).
We now merge the ast line number before fetching the comment from the
lexer.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
| |
The dbconnection option, if set to a positive integer, will be passed to
active record as the connection pool size (pool).
|
| |
|
|
|
| |
Multiple attemps were made to contact the author of this code in order to
obtain a Contributor Licence Agreement, but we were unable to do so.
|
| |
|
|
|
| |
This commit implements the base path-to-source functionality and adds an
(adapted) version of Matt's code on top of it.
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit removes code contributed by Ryan McBride, an author we have been
unable to contact to sign a Contributor License Agreement. It also removes
code writen by Matt Robinson (a Puppet Labs employee) which only made sense
in the context of the removed code. The code in question comes from these
commits:
6ac36eb4 Matt Robinson
55a9009c Ryan McBride
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using File.open(file, "w") calls open(2) with O_CREAT|O_TRUNC which
means when the file exists it is immediately truncated.
But the file is not locked yet, so another process can either write or
read to the file, leading to file corruption.
The fix is to truncate only when the file is exclusively locked. This can
be done on some operating system with O_EXLOCK open(2) flag.
I chose the more portable option of:
* open
* flock
* truncate
* write
* close
It might also be good to flush and fsync the file after writing it,
otherwise in case of crash an incomplete file can stay on disk.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Running "/etc/rc.d/SERVICE rcvar" outputs different formats for
different versions of FreeBSD. This patch adds support for those
formats, as well as tests.
Based on patches from:
o Joost van Beurden
o Russell Jackson
Paired-With: Matt Robinson
|
| |
|
|
|
|
| |
This should allow to run puppetdoc on ruby 1.8.5.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
def self.clean – became orphaned in commit 28cee40689440388994a4768bd301ae32c8ecc05
def self.store – became orphaned in commit 863c50b1273a7fa48d74fb74948938214b45967c
def fact – was added as a helper method for unit tests in commit
9f4870637ce57d548d23c0b3330200014327c268. The test file that used this
method was removed in commit 93246c0c70796a606fc8c05b51e1feb09c94e377
def update_connect_time – Not sure when this was ever used.
I also ran a client master storeconfigs run a few times and didn’t see
any problems, so I’m pretty sure deleting these methods is safe.
|
| |
|
|
|
|
|
|
|
| |
RDoc has some standard parsers for .c,.cc or fortran files (don't ask why).
Unfortunately our html generator doesn't support the data structures
generated by those parsers and we were bombing on unknown methods.
This patch makes sure we generate html only for our own top level objects.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Accesing an array with an integer index (ie $array[1]) is producing
a ruby error: can't convert String into Integer
This is because the array index is not properly converted to an number
before the array element lookup is performed.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
