From 16b2311256a142a69cb9ddadf29eea804b281e1c Mon Sep 17 00:00:00 2001
From: Ben Hughes <ben@puppetlabs.com>
Date: Tue, 5 Apr 2011 16:19:01 +1000
Subject: (#6885) puppet agent fingerprint requires --verbose to return a
 value.

Always output the fingerprint to STDOUT, no matter what loglevel is used,
as that's the whole purpose of the comment.

Having to specify --verbose in addition to --fingerprint to get the finger
is nonsensical.

Update the spec test to stub @puppet puts, instead of the
Puppet.logging facilities.

Reviewed-by: Daniel Pittman <daniel@puppetlabs.com>
---
 lib/puppet/application/agent.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/application/agent.rb b/lib/puppet/application/agent.rb
index 3749241f8..53e083232 100644
--- a/lib/puppet/application/agent.rb
+++ b/lib/puppet/application/agent.rb
@@ -98,7 +98,7 @@ class Puppet::Application::Agent < Puppet::Application
     unless fingerprint = cert.fingerprint(options[:digest])
       raise ArgumentError, "Could not get fingerprint for digest '#{options[:digest]}'"
     end
-    Puppet.notice fingerprint
+    puts fingerprint
   end
 
   def onetime
-- 
cgit 


From cd4fe148aae923f1167a3db450b64ead87418018 Mon Sep 17 00:00:00 2001
From: Nick Lewis <nick@puppetlabs.com>
Date: Thu, 2 Jun 2011 16:16:12 -0700
Subject: (#2128) Add the ability to specify a node name

The setting node_name_value may now be used for 'puppet apply' or 'puppet
agent' to specify the name for the node. This will not affect the certificate
used by the node, and the node will still be authenticated based on its
certname. The default value for node_name_value is the certname.

This is useful for eg. EC2 nodes whose random hostnames cannot be easily used
to classify them.

Paired-With: Jacob Helwig
---
 lib/puppet/application/apply.rb       | 8 ++++----
 lib/puppet/configurer.rb              | 4 ++--
 lib/puppet/configurer/fact_handler.rb | 2 +-
 lib/puppet/defaults.rb                | 1 +
 lib/puppet/transaction/report.rb      | 2 +-
 5 files changed, 9 insertions(+), 8 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/application/apply.rb b/lib/puppet/application/apply.rb
index 7f0b95a89..3f423a4c4 100644
--- a/lib/puppet/application/apply.rb
+++ b/lib/puppet/application/apply.rb
@@ -85,13 +85,13 @@ class Puppet::Application::Apply < Puppet::Application
     end
 
     # Collect our facts.
-    unless facts = Puppet::Node::Facts.find(Puppet[:certname])
-      raise "Could not find facts for #{Puppet[:certname]}"
+    unless facts = Puppet::Node::Facts.find(Puppet[:node_name_value])
+      raise "Could not find facts for #{Puppet[:node_name_value]}"
     end
 
     # Find our Node
-    unless node = Puppet::Node.find(Puppet[:certname])
-      raise "Could not find node #{Puppet[:certname]}"
+    unless node = Puppet::Node.find(Puppet[:node_name_value])
+      raise "Could not find node #{Puppet[:node_name_value]}"
     end
 
     # Merge in the facts.
diff --git a/lib/puppet/configurer.rb b/lib/puppet/configurer.rb
index 9f68ca499..d0251de82 100644
--- a/lib/puppet/configurer.rb
+++ b/lib/puppet/configurer.rb
@@ -220,7 +220,7 @@ class Puppet::Configurer
   def retrieve_catalog_from_cache(fact_options)
     result = nil
     @duration = thinmark do
-      result = Puppet::Resource::Catalog.find(Puppet[:certname], fact_options.merge(:ignore_terminus => true))
+      result = Puppet::Resource::Catalog.find(Puppet[:node_name_value], fact_options.merge(:ignore_terminus => true))
     end
     Puppet.notice "Using cached catalog"
     result
@@ -233,7 +233,7 @@ class Puppet::Configurer
   def retrieve_new_catalog(fact_options)
     result = nil
     @duration = thinmark do
-      result = Puppet::Resource::Catalog.find(Puppet[:certname], fact_options.merge(:ignore_cache => true))
+      result = Puppet::Resource::Catalog.find(Puppet[:node_name_value], fact_options.merge(:ignore_cache => true))
     end
     result
   rescue SystemExit,NoMemoryError
diff --git a/lib/puppet/configurer/fact_handler.rb b/lib/puppet/configurer/fact_handler.rb
index 075a59458..4d80e17b6 100644
--- a/lib/puppet/configurer/fact_handler.rb
+++ b/lib/puppet/configurer/fact_handler.rb
@@ -16,7 +16,7 @@ module Puppet::Configurer::FactHandler
     # compile them and then "cache" them on the server.
     begin
       reload_facter
-      Puppet::Node::Facts.find(Puppet[:certname])
+      Puppet::Node::Facts.find(Puppet[:node_name_value])
     rescue SystemExit,NoMemoryError
       raise
     rescue Exception => detail
diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index 2a1ded592..17c2850e5 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -486,6 +486,7 @@ module Puppet
   )
 
   setdefaults(:agent,
+    :node_name_value => ["$certname", "The name of the node."],
     :localconfig => { :default => "$statedir/localconfig",
       :owner => "root",
       :mode => 0660,
diff --git a/lib/puppet/transaction/report.rb b/lib/puppet/transaction/report.rb
index 16fee42ae..841c56968 100644
--- a/lib/puppet/transaction/report.rb
+++ b/lib/puppet/transaction/report.rb
@@ -67,7 +67,7 @@ class Puppet::Transaction::Report
     @logs = []
     @resource_statuses = {}
     @external_times ||= {}
-    @host = Puppet[:certname]
+    @host = Puppet[:node_name_value]
     @time = Time.now
     @kind = kind
     @report_format = 2
-- 
cgit 


From c629958fb45f9ae3581f01835bf89654dd7967b7 Mon Sep 17 00:00:00 2001
From: Nick Lewis <nick@puppetlabs.com>
Date: Thu, 2 Jun 2011 16:23:34 -0700
Subject: (#2128) Get facts before retrieving catalog

Retrieving a catalog and getting the facts to submit with the catalog request
are distinct operations, and should be done separately. This is also to prepare
for adding the ability to determine the node name based on a fact, in which
case the node name needs to be determined before it is used for either the
catalog or the report.

Paired-With: Jacob Helwig <jacob@puppetlabs.com>
---
 lib/puppet/configurer.rb | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/configurer.rb b/lib/puppet/configurer.rb
index d0251de82..596d2dc53 100644
--- a/lib/puppet/configurer.rb
+++ b/lib/puppet/configurer.rb
@@ -84,16 +84,8 @@ class Puppet::Configurer
   end
 
   # Get the remote catalog, yo.  Returns nil if no catalog can be found.
-  def retrieve_catalog
-    if Puppet::Resource::Catalog.indirection.terminus_class == :rest
-      # This is a bit complicated.  We need the serialized and escaped facts,
-      # and we need to know which format they're encoded in.  Thus, we
-      # get a hash with both of these pieces of information.
-      fact_options = facts_for_uploading
-    else
-      fact_options = {}
-    end
-
+  def retrieve_catalog(fact_options)
+    fact_options ||= {}
     # First try it with no cache, then with the cache.
     unless (Puppet[:use_cached_catalog] and result = retrieve_catalog_from_cache(fact_options)) or result = retrieve_new_catalog(fact_options)
       if ! Puppet[:usecacheonfailure]
@@ -130,13 +122,20 @@ class Puppet::Configurer
       Puppet.err "Failed to prepare catalog: #{detail}"
     end
 
+    if Puppet::Resource::Catalog.indirection.terminus_class == :rest
+      # This is a bit complicated.  We need the serialized and escaped facts,
+      # and we need to know which format they're encoded in.  Thus, we
+      # get a hash with both of these pieces of information.
+      fact_options = facts_for_uploading
+    end
+
     options[:report] ||= Puppet::Transaction::Report.new("apply")
     report = options[:report]
     Puppet::Util::Log.newdestination(report)
 
     if catalog = options[:catalog]
       options.delete(:catalog)
-    elsif ! catalog = retrieve_catalog
+    elsif ! catalog = retrieve_catalog(fact_options)
       Puppet.err "Could not retrieve catalog; skipping run"
       return
     end
-- 
cgit 


From 1c70f0ce54022b55119b9e2d6d60cd1ae9bc019e Mon Sep 17 00:00:00 2001
From: Nick Lewis <nick@puppetlabs.com>
Date: Thu, 2 Jun 2011 16:24:16 -0700
Subject: (#2128) Add support for setting node name based on a fact

This adds the node_name_fact setting, which specifies a fact to use to
determine the node name. This allows dynamically determining the node name
without having to modify puppet.conf or command line options.

Using this setting requires modifying auth.conf to allow nodes to request
catalogs not matching their certnames.

For example, this would allow any authenticated node to retrieve any catalog:

  # $confdir/auth.conf
  path ~ /catalog/.+
  allow *

The node_name_fact and node_name_value options are mutually exclusive, because
it is ambiguous which setting should take precedence.

Paired-With: Jacob Helwig <jacob@puppetlabs.com>
---
 lib/puppet/application/apply.rb       | 5 +++++
 lib/puppet/configurer/fact_handler.rb | 7 ++++++-
 lib/puppet/defaults.rb                | 8 ++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/application/apply.rb b/lib/puppet/application/apply.rb
index 3f423a4c4..717935640 100644
--- a/lib/puppet/application/apply.rb
+++ b/lib/puppet/application/apply.rb
@@ -89,6 +89,11 @@ class Puppet::Application::Apply < Puppet::Application
       raise "Could not find facts for #{Puppet[:node_name_value]}"
     end
 
+    unless Puppet[:node_name_fact].empty?
+      Puppet[:node_name_value] = facts.values[Puppet[:node_name_fact]]
+      facts.name = Puppet[:node_name_value]
+    end
+
     # Find our Node
     unless node = Puppet::Node.find(Puppet[:node_name_value])
       raise "Could not find node #{Puppet[:node_name_value]}"
diff --git a/lib/puppet/configurer/fact_handler.rb b/lib/puppet/configurer/fact_handler.rb
index 4d80e17b6..77bd1e5f1 100644
--- a/lib/puppet/configurer/fact_handler.rb
+++ b/lib/puppet/configurer/fact_handler.rb
@@ -16,7 +16,12 @@ module Puppet::Configurer::FactHandler
     # compile them and then "cache" them on the server.
     begin
       reload_facter
-      Puppet::Node::Facts.find(Puppet[:node_name_value])
+      facts = Puppet::Node::Facts.find(Puppet[:node_name_value])
+      unless Puppet[:node_name_fact].empty?
+        Puppet[:node_name_value] = facts.values[Puppet[:node_name_fact]]
+        facts.name = Puppet[:node_name_value]
+      end
+      facts
     rescue SystemExit,NoMemoryError
       raise
     rescue Exception => detail
diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index 17c2850e5..4502dae16 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -487,6 +487,14 @@ module Puppet
 
   setdefaults(:agent,
     :node_name_value => ["$certname", "The name of the node."],
+    :node_name_fact => { :default => "",
+        :desc => "The fact to use as the node name.",
+        :hook => proc do |value|
+          if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
+            raise "Cannot specify both the node_name_value and node_name_fact settings"
+          end
+        end
+      },
     :localconfig => { :default => "$statedir/localconfig",
       :owner => "root",
       :mode => 0660,
-- 
cgit 


From 5a9998e41bc442ca66ca2ff151750355d2ef6d6f Mon Sep 17 00:00:00 2001
From: nfagerlund <nick.fagerlund@gmail.com>
Date: Wed, 1 Jun 2011 18:07:40 -0700
Subject: (#7773, 7776, 7764) Several help template tweaks

Per UX review of help output, this commit makes several changes to templates and
shared help text:

* Change "unknown" to "undocumented"
* Remove copyright from short help
* Point readers to the man pages (issue 7773)
* Remove examples from short help (issue 7776)
* Remove summary from short help and make it a fallback for description
* Edit common option summaries to fit on a single 80-col line
---
 lib/puppet/face/help/action.erb | 16 ++++------------
 lib/puppet/face/help/face.erb   | 17 +++++------------
 lib/puppet/face/help/man.erb    | 14 +++++++++-----
 lib/puppet/indirector/face.rb   |  2 +-
 4 files changed, 19 insertions(+), 30 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/face/help/action.erb b/lib/puppet/face/help/action.erb
index c788f34fd..94b935fed 100644
--- a/lib/puppet/face/help/action.erb
+++ b/lib/puppet/face/help/action.erb
@@ -1,21 +1,16 @@
-<%= action.summary || face.summary || "unknown face..." %>
-
 <% if action.synopsis -%>
 USAGE: <%= action.synopsis %>
 
 <% end -%>
-<% if action.short_description -%>
-<%= action.short_description.strip %>
+<%= action.short_description || action.summary || face.summary || "undocumented face" %>
 
-<% end -%>
 <% if action.returns -%>
 RETURNS: <%= action.returns.strip %>
 
 <% end -%>
 OPTIONS:
 <%# Remove these options once we can introspect them normally. -%>
-  --mode MODE                    - The run mode to use (`user`, `agent`, or
-                                   `master`).
+  --mode MODE                    - The run mode to use (user, agent, or master).
   --render-as FORMAT             - The rendering format to use.
   --verbose                      - Whether to log verbosely.
   --debug                        - Whether to log debug information.
@@ -26,7 +21,7 @@ OPTIONS:
         option = action.get_option name -%>
 <%= "  " + option.optparse.join(" | ")[0,(optionroom - 1)].ljust(optionroom) + ' - ' -%>
 <%     if !(option.summary) -%>
-unknown option...
+undocumented option
 <%     elsif option.summary.length <= summaryroom -%>
 <%= option.summary %>
 <%
@@ -51,7 +46,4 @@ unknown option...
       end -%>
 <% end -%>
 
-<% if action.examples -%>
-EXAMPLES:
-<%= action.examples %>
-<% end -%>
+See 'puppet man <%= face.name %>' or 'man puppet-<%= face.name %>' for full help.
diff --git a/lib/puppet/face/help/face.erb b/lib/puppet/face/help/face.erb
index 2a0f0181c..870cc547f 100644
--- a/lib/puppet/face/help/face.erb
+++ b/lib/puppet/face/help/face.erb
@@ -1,17 +1,12 @@
-<%= face.summary || "unknown face..." %>
-
 <% if face.synopsis -%>
 USAGE: <%= face.synopsis %>
 
 <% end -%>
-<% if face.short_description -%>
-<%= face.short_description %>
+<%= (face.short_description || face.summary || "undocumented subcommand").strip %>
 
-<% end -%>
 OPTIONS:
 <%# Remove these options once we can introspect them normally. -%>
-  --mode MODE                    - The run mode to use (`user`, `agent`, or
-                                   `master`).
+  --mode MODE                    - The run mode to use (user, agent, or master).
   --render-as FORMAT             - The rendering format to use.
   --verbose                      - Whether to log verbosely.
   --debug                        - Whether to log debug information.
@@ -22,7 +17,7 @@ OPTIONS:
         option = face.get_option name -%>
 <%= "  " + option.optparse.join(" | ")[0,(optionroom - 1)].ljust(optionroom) + ' - ' -%>
 <%     if !(option.summary) -%>
-unknown option...
+undocumented option
 <%     elsif option.summary.length <= summaryroom -%>
 <%= option.summary %>
 <%
@@ -54,7 +49,7 @@ ACTIONS:
      action = face.get_action(actionname) -%>
   <%= action.name.to_s.ljust(padding) + '  ' -%>
 <% if !(action.summary) -%>
-unknown action...
+undocumented action
 <% elsif action.summary.length <= summaryroom -%>
 <%= action.summary %>
 <% else
@@ -86,6 +81,4 @@ AUTHOR
 <%= face.authors.join("\n").gsub(/^/, ' * ') %>
 
 <% end -%>
-COPYRIGHT AND LICENSE:
-<%= face.copyright.gsub(/^/, '  ') %>
-<%= face.license.gsub(/^/, '  ')   %>
+See 'puppet man <%= face.name %>' or 'man puppet-<%= face.name %>' for full help.
diff --git a/lib/puppet/face/help/man.erb b/lib/puppet/face/help/man.erb
index 6f21fe413..0122d974c 100644
--- a/lib/puppet/face/help/man.erb
+++ b/lib/puppet/face/help/man.erb
@@ -1,4 +1,4 @@
-puppet-<%= face.name %>(8) -- <%= face.summary || "Unknown face." %>
+puppet-<%= face.name %>(8) -- <%= face.summary || "Undocumented face." %>
 <%= '=' * (_erbout.length - 1) %>
 
 <% if face.synopsis -%>
@@ -32,7 +32,7 @@ configuration options can also be generated by running puppet with
   and `master`.
 * --render-as FORMAT:
   The format in which to render output. The most common formats are `json`,
-  `s` (string), and `yaml`, but other options such as `dot` are
+  `s` (string), `yaml`, and `console`, but other options such as `dot` are
   sometimes available.
 * --verbose:
   Whether to log verbosely.
@@ -57,12 +57,15 @@ ACTIONS
   <%= action.synopsis %>
 
 <%   end -%>
-<%   if action.description -%>
   `DESCRIPTION`
 
+<%   if action.description -%>
 <%= action.description.gsub(/^/, '  ') %>
-<%   end
-     unique_options = action.options - face.options
+<% else -%>
+  <%= action.summary || "Undocumented action." %>
+<%   end -%>
+
+<%   unique_options = action.options - face.options
      unless unique_options.empty? -%>
   `OPTIONS`
 
@@ -101,6 +104,7 @@ EXAMPLES
 `<%= action.name.to_s %>`
 
 <%= action.examples.strip %>
+
 <%   end
    end -%>
 
diff --git a/lib/puppet/indirector/face.rb b/lib/puppet/indirector/face.rb
index 756306a2f..bb8ce2ceb 100644
--- a/lib/puppet/indirector/face.rb
+++ b/lib/puppet/indirector/face.rb
@@ -2,7 +2,7 @@ require 'puppet/face'
 
 class Puppet::Indirector::Face < Puppet::Face
   option "--terminus TERMINUS" do
-    summary "The indirector terminus to use for this action."
+    summary "The indirector terminus to use."
     description <<-EOT
       Indirector faces expose indirected subsystems of Puppet. These
       subsystems are each able to retrieve and alter a specific type of data
-- 
cgit 


From 17723634875e308b2752efed8ebdfd3db3239215 Mon Sep 17 00:00:00 2001
From: nfagerlund <nick.fagerlund@gmail.com>
Date: Fri, 3 Jun 2011 10:28:52 -0700
Subject: (#7764, 7775, 7778) Revisions to Faces help text

Per UX review of help text, this commit makes several changes over the breadth
of the Faces help:

* Preface API-only action summaries/descriptions with "API only." (issue #7775)
* Provide both CLI and API info in "returns," with the CLI info first. (issue #7778)
* Summaries should be sentences. (Add punctuation.)
* First sentences of descriptions should reiterate summaries. (Summaries and
  descriptions should be displayed far enough apart that this isn't a problem.)
* Standardize on "subcommand" instead of "face" when talking about the entity
  you invoke at the command line. (Use "face" when describing API use.)
* Fix outdated or clunky text in several faces.
---
 lib/puppet/face/catalog.rb                     | 52 ++++++++++++++++----------
 lib/puppet/face/catalog/select.rb              | 10 ++---
 lib/puppet/face/certificate.rb                 | 31 ++++++++-------
 lib/puppet/face/certificate_request.rb         | 23 ++++++------
 lib/puppet/face/certificate_revocation_list.rb | 24 ++++++------
 lib/puppet/face/config.rb                      | 10 ++---
 lib/puppet/face/facts.rb                       | 34 ++++++++++-------
 lib/puppet/face/file.rb                        |  8 ++--
 lib/puppet/face/file/download.rb               | 10 ++---
 lib/puppet/face/help.rb                        | 12 +++---
 lib/puppet/face/help/action.erb                |  2 +-
 lib/puppet/face/help/man.erb                   |  8 ++--
 lib/puppet/face/key.rb                         |  8 ++--
 lib/puppet/face/man.rb                         | 36 +++++++++---------
 lib/puppet/face/node.rb                        | 25 ++++++++-----
 lib/puppet/face/parser.rb                      |  9 +++++
 lib/puppet/face/plugin.rb                      | 17 +++++----
 lib/puppet/face/report.rb                      | 16 ++++----
 lib/puppet/face/resource.rb                    | 24 ++++++------
 lib/puppet/face/resource_type.rb               | 48 ++++++++++++++----------
 lib/puppet/face/secret_agent.rb                | 30 +++++++--------
 lib/puppet/face/status.rb                      | 21 ++++++-----
 lib/puppet/indirector/face.rb                  | 12 +++---
 23 files changed, 261 insertions(+), 209 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/face/catalog.rb b/lib/puppet/face/catalog.rb
index 13351540a..9bcaa19c6 100644
--- a/lib/puppet/face/catalog.rb
+++ b/lib/puppet/face/catalog.rb
@@ -6,25 +6,40 @@ Puppet::Indirector::Face.define(:catalog, '0.0.1') do
 
   summary "Compile, save, view, and convert catalogs."
   description <<-'EOT'
-    This face primarily interacts with the compiling subsystem. By default,
-    it compiles a catalog using the default manifest and the hostname from
-    `certname`, but you can choose to retrieve a catalog from the server by
-    specifying '--terminus rest'.  You can also choose to print any catalog
-    in 'dot' format (for easy graph viewing with OmniGraffle or Graphviz)
-    with '--render-as dot'.
+    This subcommand deals with catalogs, which are compiled per-node artifacts
+    generated from a set of Puppet manifests. By default, it interacts with the
+    compiling subsystem and compiles a catalog using the default manifest and
+    `certname`, but you can change the source of the catalog with the
+    `--terminus` option. You can also choose to print any catalog in 'dot'
+    format (for easy graph viewing with OmniGraffle or Graphviz) with
+    '--render-as dot'.
+  EOT
+  short_description <<-'EOT'
+    This subcommand deals with catalogs, which are compiled per-node artifacts
+    generated from a set of Puppet manifests. By default, it interacts with the
+    compiling subsystem and compiles a catalog using the default manifest and
+    `certname`; use the `--terminus` option to change the source of the catalog.
   EOT
 
-  get_action(:destroy).summary "Invalid for this face."
-  get_action(:search).summary "Query format unknown; potentially invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
+  get_action(:search).summary "Invalid for this subcommand."
+  find = get_action(:find)
+  find.summary "Retrieve the catalog for a node."
+  find.arguments "<certname>"
+  find.returns <<-'EOT'
+    A serialized catalog. When used from the Ruby API, returns a
+    Puppet::Resource::Catalog object.
+  EOT
 
   action(:apply) do
-    summary "Apply a Puppet::Resource::Catalog object."
+    summary "Find and apply a catalog."
     description <<-'EOT'
       Finds and applies a catalog. This action takes no arguments, but
-      the source of the catalog can be managed with the --terminus option.
+      the source of the catalog can be managed with the `--terminus` option.
     EOT
     returns <<-'EOT'
-      A Puppet::Transaction::Report object.
+      Nothing. When used from the Ruby API, returns a Puppet::Transaction::Report
+      object.
     EOT
     examples <<-'EOT'
       Apply the locally cached catalog:
@@ -71,18 +86,17 @@ Puppet::Indirector::Face.define(:catalog, '0.0.1') do
   action(:download) do
     summary "Download this node's catalog from the puppet master server."
     description <<-'EOT'
-      Retrieves a catalog from the puppet master and saves it to the
-      local yaml cache. The saved catalog can be used in subsequent
-      catalog actions by specifying '--terminus rest'.
-
-      This action always contacts the puppet master and will ignore
+      Retrieves a catalog from the puppet master and saves it to the local yaml
+      cache. This action always contacts the puppet master and will ignore
       alternate termini.
+
+      The saved catalog can be used in any subsequent catalog action by specifying
+      '--terminus yaml' for that action.
     EOT
     returns "Nothing."
     notes <<-'EOT'
-      As termini are singletons, this action has a side effect of
-      exporting Puppet::Resource::Catalog.indirection.terminus_class =
-      yaml to the calling context when used with the Ruby Faces API. The
+      When used from the Ruby API, this action has a side effect of leaving
+      Puppet::Resource::Catalog.indirection.terminus_class set to yaml. The
       terminus must be explicitly re-set for subsequent catalog actions.
     EOT
     examples <<-'EOT'
diff --git a/lib/puppet/face/catalog/select.rb b/lib/puppet/face/catalog/select.rb
index d86963e75..de2ca803b 100644
--- a/lib/puppet/face/catalog/select.rb
+++ b/lib/puppet/face/catalog/select.rb
@@ -1,15 +1,15 @@
 # Select and show a list of resources of a given type.
 Puppet::Face.define(:catalog, '0.0.1') do
   action :select do
-    summary "Select and show a list of resources of a given type"
+    summary "Retrieve a catalog and filter it for resources of a given type."
     arguments "<host> <resource_type>"
     returns <<-'EOT'
-      An array of resource objects excised from a catalog. When used at
-      the command line, returns a list of resource references (Type[title]).
+      A list of resource references ("Type[title]"). When used from the API,
+      returns an array of Puppet::Resource objects excised from a catalog.
     EOT
     description <<-'EOT'
-      Retrieves a catalog for the specified host and returns an array of
-      resources of the given type.
+      Retrieves a catalog for the specified host, then searches it for all
+      resources of the requested type.
     EOT
     notes <<-'NOTES'
       By default, this action will retrieve a catalog from Puppet's compiler
diff --git a/lib/puppet/face/certificate.rb b/lib/puppet/face/certificate.rb
index cab8817e3..cb0f61e3b 100644
--- a/lib/puppet/face/certificate.rb
+++ b/lib/puppet/face/certificate.rb
@@ -5,9 +5,9 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
   copyright "Puppet Labs", 2011
   license   "Apache 2 license; see COPYING"
 
-  summary "Provide access to the CA for certificate management"
+  summary "Provide access to the CA for certificate management."
   description <<-'EOT'
-    This face interacts with a local or remote Puppet certificate
+    This subcommand interacts with a local or remote Puppet certificate
     authority. Currently, its behavior is not a full superset of `puppet
     cert`; specifically, it is unable to mimic puppet cert's "clean" option,
     and its "generate" action submits a CSR rather than creating a
@@ -15,10 +15,12 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
   EOT
 
   option "--ca-location LOCATION" do
-    summary "The certificate authority to query"
+    summary "The certificate authority to query (local or remote)."
     description <<-'EOT'
       Whether to act on the local certificate authority or one provided by a
       remote puppet master. Allowed values are 'local' and 'remote.'
+
+      This option is required.
     EOT
 
     before_action do |action, args, options|
@@ -27,7 +29,7 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
   end
 
   action :generate do
-    summary "Generate a new certificate signing request for HOST."
+    summary "Generate a new certificate signing request."
     arguments "<host>"
     returns "Nothing."
     description <<-'EOT'
@@ -55,8 +57,10 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
   action :list do
     summary "List all certificate signing requests."
     returns <<-'EOT'
-      An array of CSR object #inspect strings. This output is currently messy,
-      but does contain the names of nodes requesting certificates.
+      An array of #inspect output from CSR objects. This output is
+      currently messy, but does contain the names of nodes requesting
+      certificates. This action returns #inspect strings even when used
+      from the Ruby API.
     EOT
 
     when_invoked do |options|
@@ -70,8 +74,7 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
     summary "Sign a certificate signing request for HOST."
     arguments "<host>"
     returns <<-'EOT'
-      A string that appears to be an x509 certificate, but is actually
-      not. Retrieve certificates using the `find` action.
+      A string that appears to be (but isn't) an x509 certificate.
     EOT
     examples <<-'EOT'
       Sign somenode.puppetlabs.lan's certificate:
@@ -88,24 +91,24 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
 
   # Indirector action doc overrides
   find = get_action(:find)
-  find.summary "Retrieve a certificate"
+  find.summary "Retrieve a certificate."
   find.arguments "<host>"
   find.returns <<-'EOT'
     An x509 SSL certificate. You will usually want to render this as a
-    string ('--render-as s').
+    string (--render-as s).
 
     Note that this action has a side effect of caching a copy of the
     certificate in Puppet's `ssldir`.
   EOT
 
   destroy = get_action(:destroy)
-  destroy.summary "Delete a local certificate."
+  destroy.summary "Delete a certificate."
   destroy.arguments "<host>"
   destroy.returns "Nothing."
   destroy.description <<-'EOT'
-    Deletes a certificate. This action currently only works with a local CA.
+    Deletes a certificate. This action currently only works on the local CA.
   EOT
 
-  get_action(:search).summary "Invalid for this face."
-  get_action(:save).summary "Invalid for this face."
+  get_action(:search).summary "Invalid for this subcommand."
+  get_action(:save).summary "Invalid for this subcommand."
 end
diff --git a/lib/puppet/face/certificate_request.rb b/lib/puppet/face/certificate_request.rb
index 29cf7dc78..12694ba21 100644
--- a/lib/puppet/face/certificate_request.rb
+++ b/lib/puppet/face/certificate_request.rb
@@ -6,20 +6,20 @@ Puppet::Indirector::Face.define(:certificate_request, '0.0.1') do
 
   summary "Manage certificate requests."
   description <<-'EOT'
-    Retrieves and submits certificate signing requests (CSRs). Invoke
-    `search` with a dummy key to retrieve all outstanding CSRs, invoke
-    `find` with a node certificate name to retrieve a specific request, and
-    invoke `save` to submit a CSR.
+    This subcommand retrieves and submits certificate signing requests (CSRs).
   EOT
 
   # Per-action doc overrides
-  get_action(:destroy).summary "Invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
 
   get_action(:find).summary "Retrieve a single CSR."
   get_action(:find).arguments "<host>"
   get_action(:find).returns <<-'EOT'
-    A single certificate request. In most cases, you will want to render
-    this as a string ('--render-as s').
+    A single certificate request. When used from the Ruby API, returns a
+    Puppet::SSL::CertificateRequest object.
+
+    RENDERING ISSUES: In most cases, you will want to render this as a string
+    ('--render-as s').
   EOT
   get_action(:find).examples <<-'EOT'
     Retrieve a single CSR from the puppet master's CA:
@@ -30,16 +30,17 @@ Puppet::Indirector::Face.define(:certificate_request, '0.0.1') do
   get_action(:search).summary "Retrieve all outstanding CSRs."
   get_action(:search).arguments "<dummy_key>"
   get_action(:search).returns <<-'EOT'
-    An array of certificate request objects. In most cases, you will
-    want to render this as a string ('--render-as s').
+    A list of certificate requests; be sure to to render this as a string
+    ('--render-as s'). When used from the Ruby API, returns an array of
+    Puppet::SSL::CertificateRequest objects.
   EOT
   get_action(:search).notes "This action always returns all CSRs, but requires a dummy search key."
   get_action(:search).examples <<-'EOT'
-    Retrieve all CSRs from the local CA:
+    Retrieve all CSRs from the local CA (similar to 'puppet cert list'):
 
     $ puppet certificate_request search x --terminus ca
   EOT
 
-  get_action(:save).summary "Submit a certificate signing request."
+  get_action(:save).summary "API only: submit a certificate signing request."
   get_action(:save).arguments "<x509_CSR>"
 end
diff --git a/lib/puppet/face/certificate_revocation_list.rb b/lib/puppet/face/certificate_revocation_list.rb
index 0525a601f..12ba1f73f 100644
--- a/lib/puppet/face/certificate_revocation_list.rb
+++ b/lib/puppet/face/certificate_revocation_list.rb
@@ -6,16 +6,18 @@ Puppet::Indirector::Face.define(:certificate_revocation_list, '0.0.1') do
 
   summary "Manage the list of revoked certificates."
   description <<-'EOT'
-    This face is primarily for retrieving the certificate revocation
-    list from the CA. Although it exposes search/save/destroy methods,
-    they shouldn't be used under normal circumstances.
+    This subcommand is primarily for retrieving the certificate revocation
+    list from the CA.
   EOT
 
   get_action(:find).summary "Retrieve the certificate revocation list."
   get_action(:find).arguments "<dummy_key>"
   get_action(:find).returns <<-'EOT'
-    A certificate revocation list. You will usually want to render this
-    as a string ('--render-as s').
+    A certificate revocation list. When used from the Ruby API: returns an
+    OpenSSL::X509::CRL object.
+
+    RENDERING ISSUES: this should usually be rendered as a string
+    ('--render-as s').
   EOT
   get_action(:find).examples <<-'EXAMPLES'
     Retrieve a copy of the puppet master's CRL:
@@ -27,13 +29,11 @@ Puppet::Indirector::Face.define(:certificate_revocation_list, '0.0.1') do
   get_action(:destroy).arguments "<dummy_key>"
   get_action(:destroy).returns "Nothing."
   get_action(:destroy).description <<-'EOT'
-    Deletes the certificate revocation list. This cannot be done over
-    REST, but it is possible to both delete the locally cached copy of
-    the CA's CRL and delete the CA's own copy (if running on the CA
-    machine and invoked with '--terminus ca'). Needless to say, don't do
-    this unless you know what you're up to.
+    Deletes the certificate revocation list. This cannot be done over REST, but
+    it is possible to delete the locally cached copy or (if run from the CA) the
+    CA's own copy of the CRL.
   EOT
 
-  get_action(:search).summary "Invalid for this face."
-  get_action(:save).summary "Invalid for this face."
+  get_action(:search).summary "Invalid for this subcommand."
+  get_action(:save).summary "Invalid for this subcommand."
 end
diff --git a/lib/puppet/face/config.rb b/lib/puppet/face/config.rb
index 6e5bff071..3fce0ed70 100644
--- a/lib/puppet/face/config.rb
+++ b/lib/puppet/face/config.rb
@@ -7,13 +7,11 @@ Puppet::Face.define(:config, '0.0.1') do
   summary "Interact with Puppet's configuration options."
 
   action(:print) do
-    summary "Examine Puppet's current configuration options."
-    arguments "(all | <option> [<option> ...]"
+    summary "Examine Puppet's current configuration settings."
+    arguments "(all | <setting> [<setting> ...]"
     returns <<-'EOT'
-      When called with one option: a single value.
-
-      When called with "all" or multiple options: a list of options and
-      their values.
+      A single value when called with one config setting, and a list of settings
+      and values when called with multiple options or "all."
     EOT
     description <<-'EOT'
       Prints the value of a single configuration option or a list of
diff --git a/lib/puppet/face/facts.rb b/lib/puppet/face/facts.rb
index 05028a435..99ff14bd9 100644
--- a/lib/puppet/face/facts.rb
+++ b/lib/puppet/face/facts.rb
@@ -7,22 +7,28 @@ Puppet::Indirector::Face.define(:facts, '0.0.1') do
 
   summary "Retrieve and store facts."
   description <<-'EOT'
-    This face manages facts, the collections of normalized system
-    information used by Puppet. It can read facts directly from the
-    local system (using the default `facter` terminus), look up facts
-    reported by other systems, and submit facts to the puppet master.
+    This subcommand manages facts, which are collections of normalized system
+    information used by Puppet. It can read facts directly from the local system
+    (with the default `facter` terminus), look up facts reported by other
+    systems, and submit facts to the puppet master.
 
-    When used with the `rest` terminus, this face is essentially a
-    front-end to the inventory service REST API. See the inventory
-    service documentation for more detail.
+    When used with the `rest` terminus, this subcommand is essentially a front-end
+    to the inventory service REST API. See the inventory service documentation at
+    <http://docs.puppetlabs.com/guides/inventory_service.html> for more detail.
   EOT
 
   find = get_action(:find)
-  find.summary "Retrieve a host's facts."
-  find.arguments "<host>"
-  find.returns "A Puppet::Node::Facts object."
+  find.summary "Retrieve a node's facts."
+  find.arguments "<node_certname>"
+  find.returns <<-'EOT'
+    A hash containing some metadata and (under the "values" key) the set
+    of facts for the requested node. When used from the Ruby API: A
+    Puppet::Node::Facts object.
+
+    RENDERING ISSUES: Facts cannot currently be rendered as a string.
+  EOT
   find.notes <<-'EOT'
-    When using the `facter` terminus, the host argument is essentially ignored.
+    When using the `facter` terminus, the host argument is ignored.
   EOT
   find.examples <<-'EOT'
     Get facts from the local system:
@@ -38,13 +44,13 @@ Puppet::Indirector::Face.define(:facts, '0.0.1') do
     $ puppet facts find somenode.puppetlabs.lan --terminus inventory_active_record --mode master
   EOT
 
-  get_action(:destroy).summary "Invalid for this face."
-  get_action(:search).summary "Query format unknown; potentially invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
+  get_action(:search).summary "Invalid for this subcommand."
 
   action(:upload) do
     summary "Upload local facts to the puppet master."
     description <<-'EOT'
-      Reads facts from the local system using the facter terminus, then
+      Reads facts from the local system using the `facter` terminus, then
       saves the returned facts using the rest terminus.
     EOT
     returns "Nothing."
diff --git a/lib/puppet/face/file.rb b/lib/puppet/face/file.rb
index 1cf9bc7f3..f63350e3b 100644
--- a/lib/puppet/face/file.rb
+++ b/lib/puppet/face/file.rb
@@ -6,7 +6,7 @@ Puppet::Indirector::Face.define(:file, '0.0.1') do
 
   summary "Retrieve and store files in a filebucket"
   description <<-'EOT'
-    This face interacts with objects stored in a local or remote
+    This subcommand interacts with objects stored in a local or remote
     filebucket. File objects are accessed by their MD5 sum; see the
     examples for the relevant syntax.
   EOT
@@ -15,7 +15,7 @@ Puppet::Indirector::Face.define(:file, '0.0.1') do
     --render-as s. Rendering as yaml will return a hash of metadata
     about the file, including its contents.
 
-    This face does not interact with the `clientbucketdir` (the default
+    This subcommand does not interact with the `clientbucketdir` (the default
     local filebucket for puppet agent); it interacts with the primary
     "master"-type filebucket located in the `bucketdir`. If you wish to
     interact with puppet agent's default filebucket, you'll need to set
@@ -40,8 +40,8 @@ Puppet::Indirector::Face.define(:file, '0.0.1') do
     $ puppet file find md5/9aedba7f413c97dc65895b1cd9421f2c --render-as s
   EOT
 
-  get_action(:search).summary "Invalid for this face."
-  get_action(:destroy).summary "Invalid for this face."
+  get_action(:search).summary "Invalid for this subcommand."
+  get_action(:destroy).summary "Invalid for this subcommand."
 
   set_indirection_name :file_bucket_file
 end
diff --git a/lib/puppet/face/file/download.rb b/lib/puppet/face/file/download.rb
index 8a300fbf1..3e67e452a 100644
--- a/lib/puppet/face/file/download.rb
+++ b/lib/puppet/face/file/download.rb
@@ -2,12 +2,12 @@
 Puppet::Face.define(:file, '0.0.1') do
   action :download do |*args|
     summary "Download a file into the local filebucket."
-    arguments "( {md5}<checksum> | puppet:///... )"
-    returns "Nothing"
+    arguments "( {md5}<checksum> | <puppet_url> )"
+    returns "Nothing."
     description <<-EOT
-      Downloads a file from the puppet master's filebucket and
-      duplicates it in the local filebucket. This action's checksum
-      syntax differs from `find`'s, and it can accept a <puppet:///> URL.
+      Downloads a file from the puppet master's filebucket and duplicates it in
+      the local filebucket. This action's checksum syntax differs from `find`'s,
+      and it can accept a <puppet:///> URL.
     EOT
     examples <<-'EOT'
       Download a file by URL:
diff --git a/lib/puppet/face/help.rb b/lib/puppet/face/help.rb
index 9376adf04..4a16a0d51 100644
--- a/lib/puppet/face/help.rb
+++ b/lib/puppet/face/help.rb
@@ -10,9 +10,9 @@ Puppet::Face.define(:help, '0.0.1') do
   summary "Display Puppet help."
 
   action(:help) do
-    summary "Display help about faces and their actions."
-    arguments "[<face>] [<action>]"
-    returns "Short help text for the specified face or action."
+    summary "Display help about Puppet subcommands and their actions."
+    arguments "[<subcommand>] [<action>]"
+    returns "Short help text for the specified subcommand or action."
     examples <<-'EOT'
       Get help for an action:
 
@@ -20,7 +20,7 @@ Puppet::Face.define(:help, '0.0.1') do
     EOT
 
     option "--version VERSION" do
-      summary "The version of the face for which to show help."
+      summary "The version of the subcommand for which to show help."
     end
 
     default
@@ -46,7 +46,7 @@ Puppet::Face.define(:help, '0.0.1') do
           EOT
           353.times{i,x=i.divmod(1184);a,b=x.divmod(37);print(c[a]*b)}
         end
-        raise ArgumentError, "help only takes two (optional) arguments, a face name, and an action"
+        raise ArgumentError, "Puppet help only takes two (optional) arguments: a subcommand and an action"
       end
 
       version = :current
@@ -55,7 +55,7 @@ Puppet::Face.define(:help, '0.0.1') do
           version = options[:version]
         else
           if args.length == 0 then
-            raise ArgumentError, "version only makes sense when a face is given"
+            raise ArgumentError, "Version only makes sense when a Faces subcommand is given"
           end
         end
       end
diff --git a/lib/puppet/face/help/action.erb b/lib/puppet/face/help/action.erb
index 94b935fed..5242ed218 100644
--- a/lib/puppet/face/help/action.erb
+++ b/lib/puppet/face/help/action.erb
@@ -2,7 +2,7 @@
 USAGE: <%= action.synopsis %>
 
 <% end -%>
-<%= action.short_description || action.summary || face.summary || "undocumented face" %>
+<%= action.short_description || action.summary || face.summary || "undocumented subcommand" %>
 
 <% if action.returns -%>
 RETURNS: <%= action.returns.strip %>
diff --git a/lib/puppet/face/help/man.erb b/lib/puppet/face/help/man.erb
index 0122d974c..90e27964c 100644
--- a/lib/puppet/face/help/man.erb
+++ b/lib/puppet/face/help/man.erb
@@ -1,4 +1,4 @@
-puppet-<%= face.name %>(8) -- <%= face.summary || "Undocumented face." %>
+puppet-<%= face.name %>(8) -- <%= face.summary || "Undocumented subcommand." %>
 <%= '=' * (_erbout.length - 1) %>
 
 <% if face.synopsis -%>
@@ -116,9 +116,9 @@ NOTES
 
 <% end # notes
 if face.respond_to? :indirection -%>
-This is an indirector face, which exposes `find`, `search`, `save`, and
-`destroy` actions for an indirected subsystem of Puppet. Valid termini
-for this face include:
+This subcommand is an indirector face, which exposes `find`, `search`, `save`,
+and `destroy` actions for an indirected subsystem of Puppet. Valid termini for
+this face include:
 
 * `<%= face.class.terminus_classes(face.indirection.name).join("`\n* `") %>`
 
diff --git a/lib/puppet/face/key.rb b/lib/puppet/face/key.rb
index 54c4975c5..96cfebe3a 100644
--- a/lib/puppet/face/key.rb
+++ b/lib/puppet/face/key.rb
@@ -6,10 +6,10 @@ Puppet::Indirector::Face.define(:key, '0.0.1') do
 
   summary "Create, save, and remove certificate keys."
   description <<-'EOT'
-    Manages certificate private keys. Keys are created for you
-    automatically when certificate requests are generated with 'puppet
-    certificate generate', and it should not be necessary to use this action
-    directly.
+    This subcommand manages certificate private keys. Keys are created
+    automatically by puppet agent and when certificate requests are generated
+    with 'puppet certificate generate'; it should not be necessary to use this
+    subcommand directly.
   EOT
 
 end
diff --git a/lib/puppet/face/man.rb b/lib/puppet/face/man.rb
index 38b9202eb..c43ead3ec 100644
--- a/lib/puppet/face/man.rb
+++ b/lib/puppet/face/man.rb
@@ -7,34 +7,32 @@ Puppet::Face.define(:man, '0.0.1') do
   copyright "Puppet Labs", 2011
   license   "Apache 2 license; see COPYING"
 
-  summary "Display Puppet subcommand manual pages."
+  summary "Display Puppet manual pages."
 
   description <<-EOT
-    The man face, when invoked from the command line, tries very hard to
-    behave nicely for interactive use.  If possible, it delegates to the
-    ronn(1) command to format the output as a real manual page.
-
-    If ronn(1) is not available, it will use the first of `$MANPAGER`,
-    `$PAGER`, `less`, `most`, or `more` to paginate the (human-readable)
-    input text for the manual page.
-
-    We do try hard to ensure that this behaves correctly when used as
-    part of a pipeline.  (Well, we delegate to tools that do the right
-    thing, which is more or less the same.)
+    This subcommand displays manual pages for all Puppet subcommands. If the
+    `ronn` gem (<https://github.com/rtomayko/ronn/>) is installed on your
+    system, puppet man will display fully-formated man pages. If `ronn` is not
+    available, puppet man will display the raw (but human-readable) source text
+    in a pager.
   EOT
 
   notes <<-EOT
-    We strongly encourage you to install the `ronn` gem on your system,
-    or otherwise make it available, so that we can display well structured
-    output from this face.
+    The pager used for display will be the first found of `$MANPAGER`, `$PAGER`,
+    `less`, `most`, or `more`.
   EOT
 
   action(:man) do
-    summary "Display the manual page for a face."
-    arguments "<face>"
-    returns "The man data, in markdown format, suitable for consumption by Ronn."
+    summary "Display the manual page for a Puppet subcommand."
+    arguments "<subcommand>"
+    returns <<-'EOT'
+      The man data, in Markdown format, suitable for consumption by Ronn.
+
+      RENDERING ISSUES: To skip fancy formatting and output the raw Markdown
+      text (e.g. for use in a pipeline), call this action with '--render-as s'.
+    EOT
     examples <<-'EOT'
-      Get the manual page for a face:
+      View the manual page for a subcommand:
 
       $ puppet man facts
     EOT
diff --git a/lib/puppet/face/node.rb b/lib/puppet/face/node.rb
index d244127a4..cd27e0b26 100644
--- a/lib/puppet/face/node.rb
+++ b/lib/puppet/face/node.rb
@@ -5,33 +5,38 @@ Puppet::Indirector::Face.define(:node, '0.0.1') do
 
   summary "View and manage node definitions."
   description <<-'EOT'
-    This face interacts with node objects, which are used by Puppet to
-    build a catalog. A node object consists of the node's facts,
-    environment, node parameters (exposed in the parser as top-scope
-    variables), and classes.
+    This subcommand interacts with node objects, which are used by Puppet to
+    build a catalog. A node object consists of the node's facts, environment,
+    node parameters (exposed in the parser as top-scope variables), and classes.
   EOT
 
-  get_action(:destroy).summary "Invalid for this face."
-  get_action(:search).summary "Invalid for this face."
-  get_action(:save).summary "Invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
+  get_action(:search).summary "Invalid for this subcommand."
+  get_action(:save).summary "Invalid for this subcommand."
 
   find = get_action(:find)
   find.summary "Retrieve a node object."
   find.arguments "<host>"
   find.returns <<-'EOT'
-    A Puppet::Node object.
+    A hash containing the node's `classes`, `environment`, `expiration`, `name`,
+    `parameters` (its facts, combined with any ENC-set parameters), and `time`.
+    When used from the Ruby API: a Puppet::Node object.
 
     RENDERING ISSUES: Rendering as string and json are currently broken;
     node objects can only be rendered as yaml.
   EOT
   find.examples <<-'EOT'
-    Retrieve an "empty" (no classes, fact and bulit-in parameters only,
-    and an environment of "production") node:
+    Retrieve an "empty" (no classes, no ENC-imposed parameters, and an
+    environment of "production") node:
 
     $ puppet node find somenode.puppetlabs.lan --terminus plain --render-as yaml
 
     Retrieve a node using the puppet master's configured ENC:
 
     $ puppet node find somenode.puppetlabs.lan --terminus exec --mode master --render-as yaml
+
+    Retrieve the same node from the puppet master:
+
+    $ puppet node find somenode.puppetlabs.lan --terminus rest --render-as yaml
   EOT
 end
diff --git a/lib/puppet/face/parser.rb b/lib/puppet/face/parser.rb
index 8dd3efb75..c99cbb747 100644
--- a/lib/puppet/face/parser.rb
+++ b/lib/puppet/face/parser.rb
@@ -16,6 +16,15 @@ Puppet::Face.define(:parser, '0.0.1') do
       syncing any resources. If no manifest files are provided, it will
       validate the default site manifest.
     EOT
+    examples <<-'EOT'
+      Validate the default site manifest at /etc/puppet/manifests/site.pp:
+
+      $ puppet parser validate
+
+      Validate two arbitrary manifest files:
+
+      $ puppet parser validate init.pp vhost.pp
+    EOT
     when_invoked do |*args|
       args.pop
       files = args
diff --git a/lib/puppet/face/plugin.rb b/lib/puppet/face/plugin.rb
index 541468d39..76c79f38d 100644
--- a/lib/puppet/face/plugin.rb
+++ b/lib/puppet/face/plugin.rb
@@ -5,13 +5,13 @@ Puppet::Face.define(:plugin, '0.0.1') do
 
   summary "Interact with the Puppet plugin system."
   description <<-'EOT'
-    This face provides network access to the puppet master's store of
+    This subcommand provides network access to the puppet master's store of
     plugins.
-  EOT
-  notes <<-'EOT'
-    The puppet master can serve Ruby code collected from the lib directories
+
+    The puppet master serves Ruby code collected from the `lib` directories
     of its modules. These plugins can be used on agent nodes to extend
-    Facter and implement custom types and providers.
+    Facter and implement custom types and providers. Plugins are normally
+    downloaded by puppet agent during the course of a run.
   EOT
 
   action :download do
@@ -19,12 +19,13 @@ Puppet::Face.define(:plugin, '0.0.1') do
     description <<-'EOT'
       Downloads plugins from the configured puppet master. Any plugins
       downloaded in this way will be used in all subsequent Puppet activity.
+      This action modifies files on disk.
     EOT
     returns <<-'EOT'
-      A display-formatted list of the files downloaded. If all plugin
-      files were in sync, this list will be empty.
+      A list of the files downloaded, or a confirmation that no files were
+      downloaded. When used from the Ruby API, this action returns an array of
+      the files downloaded, which will be empty if none were retrieved.
     EOT
-    notes "This action modifies files on disk."
     examples <<-'EOT'
       Retrieve plugins from the puppet master:
 
diff --git a/lib/puppet/face/report.rb b/lib/puppet/face/report.rb
index 1345d6359..22737103c 100644
--- a/lib/puppet/face/report.rb
+++ b/lib/puppet/face/report.rb
@@ -4,13 +4,13 @@ Puppet::Indirector::Face.define(:report, '0.0.1') do
   copyright "Puppet Labs", 2011
   license   "Apache 2 license; see COPYING"
 
-  summary "Create, display, and submit reports"
+  summary "Create, display, and submit reports."
 
   get_action(:find).summary "Invalid for this face."
   get_action(:search).summary "Invalid for this face."
   get_action(:destroy).summary "Invalid for this face."
   save = get_action(:save)
-  save.summary "Submit a report."
+  save.summary "API only: submit a report."
   save.arguments "<report>"
   save.returns "Nothing."
   save.examples <<-'EOT'
@@ -27,15 +27,15 @@ Puppet::Indirector::Face.define(:report, '0.0.1') do
   EOT
 
   action(:submit) do
-    summary "Submit a report object to the puppet master"
+    summary "API only: submit a report with error handling."
     description <<-'EOT'
-      This action is essentially a shortcut and wrapper for the `save` action
-      with the `rest` terminus, which provides additional details in the
-      event of a report submission failure. It is not intended for use from
-      a command line.
+      API only: Submits a report to the puppet master. This action is
+      essentially a shortcut and wrapper for the `save` action with the `rest`
+      terminus, and provides additional details in the event of a failure.
     EOT
+    arguments "<report>"
     examples <<-'EOT'
-      From secret_agent.rb:
+      From secret_agent.rb (API example):
 
           # ...
           report  = Puppet::Face[:catalog, '0.0.1'].apply
diff --git a/lib/puppet/face/resource.rb b/lib/puppet/face/resource.rb
index 59f628675..95a2ffc9a 100644
--- a/lib/puppet/face/resource.rb
+++ b/lib/puppet/face/resource.rb
@@ -4,19 +4,18 @@ Puppet::Indirector::Face.define(:resource, '0.0.1') do
   copyright "Puppet Labs", 2011
   license   "Apache 2 license; see COPYING"
 
-  summary "Interact directly with resources via the RAL, like ralsh"
+  summary "API only: interact directly with resources via the RAL."
   description <<-'EOT'
-    This face provides a Ruby API with functionality similar to the puppet
-    resource (originally ralsh) command line application. It is not intended to be
-    used from the command line.
+    API only: this face provides a Ruby API with functionality similar to the
+    puppet resource (or ralsh) subcommand.
   EOT
 
-  get_action(:destroy).summary "Invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
 
   search = get_action(:search)
-  search.summary "Get all resources of a single type."
+  search.summary "API only: get all resources of a single type."
   search.arguments "<resource_type>"
-  search.returns "An array of resource objects."
+  search.returns "An array of Puppet::Resource objects."
   search.examples <<-'EOT'
     Get a list of all user resources (API example):
 
@@ -24,9 +23,9 @@ Puppet::Indirector::Face.define(:resource, '0.0.1') do
   EOT
 
   find = get_action(:find)
-  find.summary "Get a single resource."
+  find.summary "API only: get a single resource."
   find.arguments "<type>/<title>"
-  find.returns "A resource object."
+  find.returns "A Puppet::Resource object."
   find.examples <<-'EOT'
     Print information about a user on this system (API example):
 
@@ -34,9 +33,12 @@ Puppet::Indirector::Face.define(:resource, '0.0.1') do
   EOT
 
   save = get_action(:save)
-  save.summary "Create a new resource."
+  save.summary "API only: create a new resource."
+  save.description <<-EOT
+    API only: creates a new resource.
+  EOT
   save.arguments "<resource_object>"
-  save.returns "The same resource object passed."
+  save.returns "The same resource object passed as an argument."
   save.examples <<-'EOT'
     Create a new file resource (API example):
 
diff --git a/lib/puppet/face/resource_type.rb b/lib/puppet/face/resource_type.rb
index 9d7639fc5..dc6d9de90 100644
--- a/lib/puppet/face/resource_type.rb
+++ b/lib/puppet/face/resource_type.rb
@@ -4,39 +4,48 @@ Puppet::Indirector::Face.define(:resource_type, '0.0.1') do
   copyright "Puppet Labs", 2011
   license   "Apache 2 license; see COPYING"
 
-  summary "View classes, defined resource types, and nodes from all manifests"
+  summary "View classes, defined resource types, and nodes from all manifests."
   description <<-'EOT'
-    This face reads information about the resource collections (classes,
+    This subcommand reads information about the resource collections (classes,
     nodes, and defined types) available in Puppet's site manifest and
     modules.
 
     It will eventually be extended to examine native resource types.
   EOT
-
-  # Action documentation overrides:
-  get_action(:save).summary = "Invalid for this face."
-  get_action(:destroy).summary = "Invalid for this face."
-
-  find = get_action(:find)
-  find.summary "Retrieve info about a resource collection."
-  find.arguments "<collection_name>"
-  find.returns <<-'EOT'
-    A hash of info about one resource collection. This hash will include the
-    following four keys:
+  notes <<-'EOT'
+    The `find` and `search` actions return similar hashes of resource collection
+    info. These hashes will include the following four keys:
 
     * `file` (a string)
     * `name` (a string)
     * `type` (<hostclass>, <definition>, or <node>)
     * `line` (an integer)
 
-    It may also include the following keys:
+    They may optionally include the following keys:
 
     * `parent`    (<name_of_resource_collection>)
     * `arguments` (a hash of parameters and default values)
     * `doc`       (a string)
+  EOT
 
-    RENDERING ISSUES: yaml and string output for this indirection are
-    currently unusable; use json instead.
+  # Action documentation overrides:
+  get_action(:save).summary = "Invalid for this subcommand."
+  get_action(:destroy).summary = "Invalid for this subcommand."
+
+  find = get_action(:find)
+  find.summary "Retrieve info about a resource collection."
+  find.arguments "<collection_name>"
+  find.returns <<-'EOT'
+    A hash of info about the requested resource collection. When used from the
+    Ruby API: returns a Puppet::Resource::Type object.
+
+    RENDERING ISSUES: yaml and string output for this indirection are currently
+    unusable; use json instead.
+  EOT
+  find.notes <<-'EOT'
+    If two resource collections share the same name (e.g. you have both a node
+    and a class named "default"), `find` will only return one of them. This can
+    be worked around by using `search` instead.
   EOT
   find.examples <<-'EOT'
     Retrieve info about a specific locally-defined class:
@@ -52,10 +61,11 @@ Puppet::Indirector::Face.define(:resource_type, '0.0.1') do
   search.summary "Search for collections matching a regular expression."
   search.arguments "<regular_expression>"
   search.returns <<-'EOT'
-    An array of resource collection info hashes. (See "RETURNS" under `find`.)
+    An array of hashes of resource collection info. When used from the Ruby API:
+    returns an array of Puppet::Resource::Type objects.
 
-    RENDERING ISSUES: yaml and string output for this indirection are
-    currently unusable; use json instead.
+    RENDERING ISSUES: yaml and string output for this indirection are currently
+    unusable; use json instead.
   EOT
   search.examples <<-'EOT'
     Retrieve all classes, nodes, and defined types:
diff --git a/lib/puppet/face/secret_agent.rb b/lib/puppet/face/secret_agent.rb
index 79241da72..7771d576a 100644
--- a/lib/puppet/face/secret_agent.rb
+++ b/lib/puppet/face/secret_agent.rb
@@ -6,34 +6,34 @@ Puppet::Face.define(:secret_agent, '0.0.1') do
 
   summary "Mimics puppet agent."
   description <<-'EOT'
-    This face currently functions as a proof of concept, demonstrating
-    how Faces allows the separation of application logic from Puppet's
-    internal systems; compare the actual code for puppet agent. It will
-    eventually replace puppet agent entirely, and can provide a template
-    for users who wish to implement agent-like functionality with
-    non-standard application logic.
+    This subcommand currently functions as a proof of concept, demonstrating how
+    the Faces API exposes Puppet's internal systems to application logic;
+    compare the actual code for puppet agent. It will eventually replace puppet
+    agent entirely, and can provide a template for users who wish to implement
+    agent-like functionality with non-standard application logic.
   EOT
 
   action(:synchronize) do
     default
     summary "Run secret_agent once."
-    arguments "[-v | --verbose] [-d | --debug]" # Remove this once options are introspectible
     description <<-'EOT'
-      This action mimics a single run of the puppet agent application.
-      It does not currently daemonize, but can download plugins, submit
-      facts, retrieve and apply a catalog, and submit a report to the
-      puppet master.
+      Mimics a single run of puppet agent. This action does not currently
+      daemonize, but can download plugins, submit facts, retrieve and apply a
+      catalog, and submit a report to the puppet master.
+    EOT
+    returns <<-'EOT'
+      Verbose logging from the completed run. When used from the Ruby API:
+      returns a Puppet::Transaction::Report object.
     EOT
-    returns "A Puppet::Transaction::Report object."
     examples <<-'EOT'
       Trigger a Puppet run with the configured puppet master:
 
       $ puppet secret_agent
     EOT
     notes <<-'EOT'
-      This action requires that the puppet master's `auth.conf` file
-      allow save access to the `facts` REST terminus. Puppet agent does
-      not use this facility, and it is turned off by default. See
+      This action requires that the puppet master's `auth.conf` file allow save
+      access to the `facts` REST terminus. Puppet agent does not use this
+      facility, and it is turned off by default. See
       <http://docs.puppetlabs.com/guides/rest_auth_conf.html> for more details.
     EOT
 
diff --git a/lib/puppet/face/status.rb b/lib/puppet/face/status.rb
index 4ae24e81b..690c6b371 100644
--- a/lib/puppet/face/status.rb
+++ b/lib/puppet/face/status.rb
@@ -6,24 +6,27 @@ Puppet::Indirector::Face.define(:status, '0.0.1') do
 
   summary "View puppet server status."
 
-  get_action(:destroy).summary "Invalid for this face."
-  get_action(:save).summary "Invalid for this face."
-  get_action(:search).summary "Invalid for this face."
+  get_action(:destroy).summary "Invalid for this subcommand."
+  get_action(:save).summary "Invalid for this subcommand."
+  get_action(:search).summary "Invalid for this subcommand."
 
   find = get_action(:find)
   find.summary "Check status of puppet master server."
   find.arguments "<dummy_key>"
-  find.returns "A Puppet::Status object, or a low-level connection error."
+  find.returns <<-'EOT'
+    A "true" response or a low-level connection error. When used from the Ruby
+    API: returns a Puppet::Status object.
+  EOT
   find.description <<-'EOT'
     Checks whether a Puppet server is properly receiving and processing
-    REST requests. This action is only useful when used with '--terminus
+    HTTP requests. This action is only useful when used with '--terminus
     rest'; when invoked with the `local` terminus, `find` will always
     return true.
 
-    This action will query the configured puppet master. To query other
-    servers, including puppet agent nodes started with the --listen
-    option, you can set set the global --server and --masterport options
-    on the command line; note that agent nodes listen on port 8139.
+    Over REST, this action will query the configured puppet master by default.
+    To query other servers, including puppet agent nodes started with the
+    <--listen> option, you can set set the global <--server> and <--masterport>
+    options on the command line; note that agent nodes listen on port 8139.
   EOT
   find.notes <<-'EOT'
     This action requires that the server's `auth.conf` file allow find
diff --git a/lib/puppet/indirector/face.rb b/lib/puppet/indirector/face.rb
index bb8ce2ceb..ead3f4b46 100644
--- a/lib/puppet/indirector/face.rb
+++ b/lib/puppet/indirector/face.rb
@@ -61,11 +61,12 @@ class Puppet::Indirector::Face < Puppet::Face
   end
 
   action :save do
-    summary "Create or overwrite an object."
+    summary "API only: create or overwrite an object."
     arguments "<object>"
     description <<-EOT
-      Create or overwrite an object. Save actions cannot currently be
-      invoked from the command line, and are for API use only.
+      API only: create or overwrite an object. As the Faces framework does not
+      currently accept data from STDIN, save actions cannot currently be invoked
+      from the command line.
     EOT
     when_invoked { |key, options| call_indirection_method(:save, key, options) }
   end
@@ -80,8 +81,9 @@ class Puppet::Indirector::Face < Puppet::Face
   action :info do
     summary "Print the default terminus class for this face."
     description <<-EOT
-      Prints the default terminus class for this face. Note that
-      different run modes may have different default terminuses.
+      Prints the default terminus class for this subcommand. Note that different
+      run modes may have different default termini; when in doubt, specify the
+      run mode with the '--mode' option.
     EOT
 
     when_invoked do |*args|
-- 
cgit 


From 3f0dbb5fb7d9f4d88684fa07189270f42074e5f4 Mon Sep 17 00:00:00 2001
From: Nick Lewis <nick@puppetlabs.com>
Date: Tue, 7 Jun 2011 13:00:46 -0700
Subject: (#650) Allow symlinks for configuration directories

Previously, pointing a setting like 'confdir' at a symlink to a directory would
replace the symlink with a directory. This was because files created by
settings implicitly managed links, rather than following them. This behavior is
now changed so that file settings will follow links.

The behavior of these symlinks is the same as any other file resource. That is,
if the target of the symlink doesn't exist, Puppet will consider this an
error. Similarly, if the target of the symlink is a file, then the symlink
will still be replaced with a directory, rather than replacing its target.

Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
---
 lib/puppet/util/settings/file_setting.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/puppet')

diff --git a/lib/puppet/util/settings/file_setting.rb b/lib/puppet/util/settings/file_setting.rb
index edbab1d0c..776398ef4 100644
--- a/lib/puppet/util/settings/file_setting.rb
+++ b/lib/puppet/util/settings/file_setting.rb
@@ -101,6 +101,7 @@ class Puppet::Util::Settings::FileSetting < Puppet::Util::Settings::Setting
 
     resource[:ensure] = type
     resource[:loglevel] = :debug
+    resource[:links] = :follow
     resource[:backup] = false
 
     resource.tag(self.section, self.name, "settings")
-- 
cgit 


From 973e752cc210cc64ec50b942ee989f6e6acaaca0 Mon Sep 17 00:00:00 2001
From: Daniel Pittman <daniel@puppetlabs.com>
Date: Mon, 6 Jun 2011 17:56:53 -0700
Subject: (#7728) Suppress notifications from container whits.

We introduced changes to our graph to reduce the number of edges when we had
container dependencies.  As part of this the 'whit' object was created, and
used as an intermediate vertex to simplify processing.

During that change we introduced additional reporting, based on those whit
objects, about containment relationships during resource application failure.

Specifically, we would now report that the containing class(es) and stages of
any failed resource were failed, point-blank.  This was unclear, because the
entire class had not failed, but only part of it, but also unhelpful, because
it turned a single failure into at least one additional report that contained
no additional information.

Now, instead, we suppress reporting for the whit resources.  We still process
them identically; just the report is eliminated.

It isn't absolutely clear that this is the correct long term direction for
handling these objects, but it is the minimal change for the RC release.

Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
---
 lib/puppet/transaction.rb | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/transaction.rb b/lib/puppet/transaction.rb
index 3728a2fff..089f4d945 100644
--- a/lib/puppet/transaction.rb
+++ b/lib/puppet/transaction.rb
@@ -131,10 +131,22 @@ class Puppet::Transaction
     # enough to check the immediate dependencies, which is why we use
     # a tree from the reversed graph.
     found_failed = false
+
+
+    # When we introduced the :whit into the graph, to reduce the combinatorial
+    # explosion of edges, we also ended up reporting failures for containers
+    # like class and stage.  This is undesirable; while just skipping the
+    # output isn't perfect, it is RC-safe. --daniel 2011-06-07
+    suppress_report = (resource.class == Puppet::Type.type(:whit))
+
     relationship_graph.dependencies(resource).each do |dep|
       next unless failed?(dep)
-      resource.notice "Dependency #{dep} has failures: #{resource_status(dep).failed}"
       found_failed = true
+
+      # See above. --daniel 2011-06-06
+      unless suppress_report then
+        resource.notice "Dependency #{dep} has failures: #{resource_status(dep).failed}"
+      end
     end
 
     found_failed
@@ -336,7 +348,13 @@ class Puppet::Transaction
     elsif ! scheduled?(resource)
       resource.debug "Not scheduled"
     elsif failed_dependencies?(resource)
-      resource.warning "Skipping because of failed dependencies"
+      # When we introduced the :whit into the graph, to reduce the combinatorial
+      # explosion of edges, we also ended up reporting failures for containers
+      # like class and stage.  This is undesirable; while just skipping the
+      # output isn't perfect, it is RC-safe. --daniel 2011-06-07
+      unless resource.class == Puppet::Type.type(:whit) then
+        resource.warning "Skipping because of failed dependencies"
+      end
     elsif resource.virtual?
       resource.debug "Skipping because virtual"
     elsif resource.appliable_to_device? ^ for_network_device
-- 
cgit 


From 48aafa3a5c553fec7b9a5193febd5591937d5680 Mon Sep 17 00:00:00 2001
From: Luke Kaines <luke@puppetlabs.com>
Date: Tue, 7 Jun 2011 15:58:26 -0700
Subject: (#6873) Add Static Compiler terminus to 2.7.0

This adds the static compiler terminus to the release.  This wraps the default
compiler terminus, and post-processes the catalog to rewrite every file
reference using the 'puppet://' URI/protocol into filebucket references that
use the MD5 checksum of the file contents.

This provides a genuinely static catalog, in terms of content: there are no
external dependencies that can change to make the behaviour of applying this
catalog change.

It also eliminates the describe calls from file checking, as all the metadata
is stored locally in the catalog.  This can be a substantial performance
increase for nodes, especially those that manage large trees of recursive
files.

To use this set the `catalog_terminus` to `static_compiler`; the resultant
catalog will then reference only static content.  This does not, however, put
the required files into the filebucket on the client.

There are some limitations of this code:

 * Files are all read into memory rather than streamed. This will definitely
   cause problems with large files, but the filebucket doesn't currently
   handle streaming.

 * We think the recursion behavior is equivalent, but can't really guarantee
   it without a good bit of testing.

 * You have to populate the client filebucket manually.  We don't have any
   support for doing this automatically, not even through variant access to
   the catalog downloader.

 * Behavior on the server is currently undefined if your puppet masters are
   behind a load balancer and they're configured to do fileserving through
   that load balancer. It should work, but it probably won't be that fast.

You can see https://github.com/lak/puppet-static-compiler for the original
prototype this was inherited from, which includes some example code for
scanning the downloaded catalog and fetching resources into the filebucket.

Reviewed-By: Daniel Pittman <daniel@puppetlabs.com>
---
 lib/puppet/indirector/catalog/static_compiler.rb | 137 +++++++++++++++++++++++
 1 file changed, 137 insertions(+)
 create mode 100644 lib/puppet/indirector/catalog/static_compiler.rb

(limited to 'lib/puppet')

diff --git a/lib/puppet/indirector/catalog/static_compiler.rb b/lib/puppet/indirector/catalog/static_compiler.rb
new file mode 100644
index 000000000..1d92121ed
--- /dev/null
+++ b/lib/puppet/indirector/catalog/static_compiler.rb
@@ -0,0 +1,137 @@
+require 'puppet/node'
+require 'puppet/resource/catalog'
+require 'puppet/indirector/code'
+
+class Puppet::Resource::Catalog::StaticCompiler < Puppet::Indirector::Code
+  def compiler
+    @compiler ||= indirection.terminus(:compiler)
+  end
+
+  def find(request)
+    return nil unless catalog = compiler.find(request)
+
+    raise "Did not get catalog back" unless catalog.is_a?(model)
+
+    catalog.resources.find_all { |res| res.type == "File" }.each do |resource|
+      next unless source = resource[:source]
+      next unless source =~ /^puppet:/
+
+      file = resource.to_ral
+      if file.recurse?
+        add_children(request.key, catalog, resource, file)
+      else
+        find_and_replace_metadata(request.key, resource, file)
+      end
+    end
+
+    catalog
+  end
+
+  def find_and_replace_metadata(host, resource, file)
+    # We remove URL info from it, so it forces a local copy
+    # rather than routing through the network.
+    # Weird, but true.
+    newsource = file[:source][0].sub("puppet:///", "")
+    file[:source][0] = newsource
+
+    raise "Could not get metadata for #{resource[:source]}" unless metadata = file.parameter(:source).metadata
+
+    replace_metadata(host, resource, metadata)
+  end
+
+  def replace_metadata(host, resource, metadata)
+    [:mode, :owner, :group].each do |param|
+      resource[param] ||= metadata.send(param)
+    end
+
+    resource[:ensure] = metadata.ftype
+    if metadata.ftype == "file"
+      unless resource[:content]
+        resource[:content] = metadata.checksum
+        resource[:checksum] = metadata.checksum_type
+      end
+    end
+
+    store_content(resource) if resource[:ensure] == "file"
+    old_source = resource.delete(:source)
+    Puppet.info "Metadata for #{resource} in catalog for '#{host}' added from '#{old_source}'"
+  end
+
+  def add_children(host, catalog, resource, file)
+    file = resource.to_ral
+
+    children = get_child_resources(host, catalog, resource, file)
+
+    remove_existing_resources(children, catalog)
+
+    children.each do |name, res|
+      catalog.add_resource res
+      catalog.add_edge(resource, res)
+    end
+  end
+
+  def get_child_resources(host, catalog, resource, file)
+    sourceselect = file[:sourceselect]
+    children = {}
+
+    source = resource[:source]
+
+    # This is largely a copy of recurse_remote in File
+    total = file[:source].collect do |source|
+      next unless result = file.perform_recursion(source)
+      return if top = result.find { |r| r.relative_path == "." } and top.ftype != "directory"
+      result.each { |data| data.source = "#{source}/#{data.relative_path}" }
+      break result if result and ! result.empty? and sourceselect == :first
+      result
+    end.flatten
+
+    # This only happens if we have sourceselect == :all
+    unless sourceselect == :first
+      found = []
+      total.reject! do |data|
+        result = found.include?(data.relative_path)
+        found << data.relative_path unless found.include?(data.relative_path)
+        result
+      end
+    end
+
+    total.each do |meta|
+      # This is the top-level parent directory
+      if meta.relative_path == "."
+        replace_metadata(host, resource, meta)
+        next
+      end
+      children[meta.relative_path] ||= Puppet::Resource.new(:file, File.join(file[:path], meta.relative_path))
+
+      # I think this is safe since it's a URL, not an actual file
+      children[meta.relative_path][:source] = source + "/" + meta.relative_path
+      replace_metadata(host, children[meta.relative_path], meta)
+    end
+
+    children
+  end
+
+  def remove_existing_resources(children, catalog)
+    existing_names = catalog.resources.collect { |r| r.to_s }
+
+    both = (existing_names & children.keys).inject({}) { |hash, name| hash[name] = true; hash }
+    
+    both.each { |name| children.delete(name) }
+  end
+
+  def store_content(resource)
+    @summer ||= Object.new
+    @summer.extend(Puppet::Util::Checksums)
+
+    type = @summer.sumtype(resource[:content])
+    sum = @summer.sumdata(resource[:content])
+
+    if Puppet::FileBucket::File.indirection.find("#{type}/#{sum}")
+      Puppet.info "Content for '#{resource[:source]}' already exists"
+    else
+      Puppet.info "Storing content for source '#{resource[:source]}'"
+      content = Puppet::FileServing::Content.find(resource[:source])
+      Puppet::FileBucket::File.new(content.content).save
+    end
+  end
+end
-- 
cgit 


From 0ae4732fd9058c2ae67f664c545dbd1846cef2df Mon Sep 17 00:00:00 2001
From: Daniel Pittman <daniel@puppetlabs.com>
Date: Tue, 7 Jun 2011 16:52:39 -0700
Subject: (#7828) Fix whitespace in synopsis generator.

We accidentally omitted whitespace between multiple options while building the
synopsis.  This fixes that, by introducing a breakable space in the right
location.

Additionally, we extract the code that was 99 percent identical from the face
and action synopsis generators, push it down into the documentation module,
and then invoke it from both places.

This eliminates the duplicate code, allowing me to fix that bug once and have
it apply to both parts of the code; this is pretty much assured to be true
any time we change the synopsis generation.

Reviewed-By: Nick Fagerlund <nick.fagerlund@puppetlabs.com>
---
 lib/puppet/interface.rb               | 21 +--------------------
 lib/puppet/interface/action.rb        | 23 +----------------------
 lib/puppet/interface/documentation.rb | 31 +++++++++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 42 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/interface.rb b/lib/puppet/interface.rb
index 10e2ec8d7..6be8b6930 100644
--- a/lib/puppet/interface.rb
+++ b/lib/puppet/interface.rb
@@ -76,26 +76,7 @@ class Puppet::Interface
   # splits out this should merge into a module that both the action and face
   # include. --daniel 2011-04-17
   def synopsis
-    output = PrettyPrint.format do |s|
-      s.text("puppet #{name} <action>")
-      s.breakable
-
-      options.each do |option|
-        option = get_option(option)
-        wrap = option.required? ? %w{ < > } : %w{ [ ] }
-
-        s.group(0, *wrap) do
-          option.optparse.each do |item|
-            unless s.current_group.first?
-              s.breakable
-              s.text '|'
-              s.breakable
-            end
-            s.text item
-          end
-        end
-      end
-    end
+    build_synopsis self.name, '<action>'
   end
 
 
diff --git a/lib/puppet/interface/action.rb b/lib/puppet/interface/action.rb
index 748888c2e..185302b07 100644
--- a/lib/puppet/interface/action.rb
+++ b/lib/puppet/interface/action.rb
@@ -48,28 +48,7 @@ class Puppet::Interface::Action
   attr_doc :returns
   attr_doc :arguments
   def synopsis
-    output = PrettyPrint.format do |s|
-      s.text("puppet #{@face.name}")
-      s.text(" #{name}") unless default?
-      s.breakable
-
-      options.each do |option|
-        option = get_option(option)
-        wrap = option.required? ? %w{ < > } : %w{ [ ] }
-
-        s.group(0, *wrap) do
-          option.optparse.each do |item|
-            unless s.current_group.first?
-              s.breakable
-              s.text '|'
-              s.breakable
-            end
-            s.text item
-          end
-        end
-      end
-      s.text(" #{arguments}") if arguments
-    end
+    build_synopsis(@face.name, default? ? nil : name, arguments)
   end
 
   ########################################################################
diff --git a/lib/puppet/interface/documentation.rb b/lib/puppet/interface/documentation.rb
index fcaec2568..47e478a44 100644
--- a/lib/puppet/interface/documentation.rb
+++ b/lib/puppet/interface/documentation.rb
@@ -61,6 +61,37 @@ class Puppet::Interface
     end
 
     attr_doc :description
+
+    def build_synopsis(face, action = nil, arguments = nil)
+      output = PrettyPrint.format do |s|
+        s.text("puppet #{face}")
+        s.text(" #{action}") unless action.nil?
+        s.text(" ")
+
+        options.each do |option|
+          option = get_option(option)
+          wrap = option.required? ? %w{ < > } : %w{ [ ] }
+
+          s.group(0, *wrap) do
+            option.optparse.each do |item|
+              unless s.current_group.first?
+                s.breakable
+                s.text '|'
+                s.breakable
+              end
+              s.text item
+            end
+          end
+
+          s.breakable
+        end
+
+        if arguments then
+          s.text arguments.to_s
+        end
+      end
+    end
+
   end
 
   module FullDocs
-- 
cgit 


From d9b5c1aaa7af277d74d1c9cb33d5be76c4ca7135 Mon Sep 17 00:00:00 2001
From: Jeff McCune <jeff@puppetlabs.com>
Date: Wed, 8 Jun 2011 11:29:52 -0700
Subject: (#2128) In-line docs for node_name_{fact,value}

This change augments the in-line documentation for the node_name_fact and
node_name_value configuration settings.  These settings will not work
effectively without additional changes elsewhere in the system, e.g. to
auth.conf.

In order to help the end user land softly if they choose to change these
settings, a short link URL we control and can redirect has been added
to each setting.  These currently point to the community Wiki but may be
redirected to docs.puppetlabs.com in the future.
---
 lib/puppet/defaults.rb | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index 4502dae16..fa0736387 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -486,9 +486,21 @@ module Puppet
   )
 
   setdefaults(:agent,
-    :node_name_value => ["$certname", "The name of the node."],
+    :node_name_value => ["$certname", <<-'ENDnodenamevalueDESChereDOC' ],
+      The explicit value used for the node name for all requests the agent makes to
+      the master. This setting is mutually exclusive with node_name_fact. Changing
+      this setting also requires changes to the default auth.conf configuration on
+      the Puppet Master.  Please see http://links.puppetlabs.com/node_name_value for
+      more information.
+      ENDnodenamevalueDESChereDOC
     :node_name_fact => { :default => "",
-        :desc => "The fact to use as the node name.",
+        :desc => <<-'ENDnodenamefactDESChereDOC',
+          The fact name used to determine the node name used for all requests the agent
+          makes to the master. This setting is mutually exclusive with node_name_value.
+          Changing this setting also requires changes to the default auth.conf
+          configuration on the Puppet Master.  Please see
+          http://links.puppetlabs.com/node_name_fact for more information.
+          ENDnodenamefactDESChereDOC
         :hook => proc do |value|
           if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
             raise "Cannot specify both the node_name_value and node_name_fact settings"
-- 
cgit 


From 1cd848c5e28835f96f66b9d0e17b353dc02a60e3 Mon Sep 17 00:00:00 2001
From: Jeff McCune <jeff@puppetlabs.com>
Date: Wed, 8 Jun 2011 13:08:39 -0700
Subject: (#2128) Whitespace only reflow commit

The output of puppet --genconfig was showing a blank line between the
description of the option and the default value line.  This is because
of the here document being used in the first commit.

This change replaces the HERE document with a normal string that does
not contain a final newline.

In addition, the indentation of one of the default options was using 4
spaces instead of 2 and this has been corrected.
---
 lib/puppet/defaults.rb | 36 +++++++++++++++++-------------------
 1 file changed, 17 insertions(+), 19 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index fa0736387..b6d25d6d6 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -486,27 +486,25 @@ module Puppet
   )
 
   setdefaults(:agent,
-    :node_name_value => ["$certname", <<-'ENDnodenamevalueDESChereDOC' ],
-      The explicit value used for the node name for all requests the agent makes to
-      the master. This setting is mutually exclusive with node_name_fact. Changing
-      this setting also requires changes to the default auth.conf configuration on
-      the Puppet Master.  Please see http://links.puppetlabs.com/node_name_value for
-      more information.
-      ENDnodenamevalueDESChereDOC
+    :node_name_value => { :default => "$certname",
+      :desc => "The explicit value used for the node name for all requests the agent
+        makes to the master. This setting is mutually exclusive with node_name_fact.
+        Changing this setting also requires changes to the default auth.conf
+        configuration on the Puppet Master.  Please see
+        http://links.puppetlabs.com/node_name_value for more information."
+    },
     :node_name_fact => { :default => "",
-        :desc => <<-'ENDnodenamefactDESChereDOC',
-          The fact name used to determine the node name used for all requests the agent
-          makes to the master. This setting is mutually exclusive with node_name_value.
-          Changing this setting also requires changes to the default auth.conf
-          configuration on the Puppet Master.  Please see
-          http://links.puppetlabs.com/node_name_fact for more information.
-          ENDnodenamefactDESChereDOC
-        :hook => proc do |value|
-          if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
-            raise "Cannot specify both the node_name_value and node_name_fact settings"
-          end
+      :desc => " The fact name used to determine the node name used for all requests the agent
+        makes to the master. This setting is mutually exclusive with node_name_value.
+        Changing this setting also requires changes to the default auth.conf
+        configuration on the Puppet Master.  Please see
+        http://links.puppetlabs.com/node_name_fact for more information.",
+      :hook => proc do |value|
+        if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
+          raise "Cannot specify both the node_name_value and node_name_fact settings"
         end
-      },
+      end
+    },
     :localconfig => { :default => "$statedir/localconfig",
       :owner => "root",
       :mode => 0660,
-- 
cgit 


From 98f58ceff86547753bfb625ef6c222fbbf70ce28 Mon Sep 17 00:00:00 2001
From: Jeff McCune <jeff@puppetlabs.com>
Date: Wed, 8 Jun 2011 13:53:21 -0700
Subject: (#2128) Add WARNING for node_name_{fact,value} descriptions

Minor change to add a WARNING string as per feedback from UX.

Reviewed-by: Randall Hansen <randall@puppetlabs.com>
---
 lib/puppet/defaults.rb | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index b6d25d6d6..82ff1095f 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -488,16 +488,16 @@ module Puppet
   setdefaults(:agent,
     :node_name_value => { :default => "$certname",
       :desc => "The explicit value used for the node name for all requests the agent
-        makes to the master. This setting is mutually exclusive with node_name_fact.
-        Changing this setting also requires changes to the default auth.conf
-        configuration on the Puppet Master.  Please see
+        makes to the master. WARNING: This setting is mutually exclusive with
+        node_name_fact.  Changing this setting also requires changes to the default
+        auth.conf configuration on the Puppet Master.  Please see
         http://links.puppetlabs.com/node_name_value for more information."
     },
     :node_name_fact => { :default => "",
-      :desc => " The fact name used to determine the node name used for all requests the agent
-        makes to the master. This setting is mutually exclusive with node_name_value.
-        Changing this setting also requires changes to the default auth.conf
-        configuration on the Puppet Master.  Please see
+      :desc => "The fact name used to determine the node name used for all requests the agent
+        makes to the master. WARNING: This setting is mutually exclusive with
+        node_name_value.  Changing this setting also requires changes to the default
+        auth.conf configuration on the Puppet Master.  Please see
         http://links.puppetlabs.com/node_name_fact for more information.",
       :hook => proc do |value|
         if !value.empty? and Puppet[:node_name_value] != Puppet[:certname]
-- 
cgit 


From f370d5a9e2587c067c458eca65198dbf90c800a6 Mon Sep 17 00:00:00 2001
From: nfagerlund <nick.fagerlund@gmail.com>
Date: Wed, 8 Jun 2011 15:04:51 -0700
Subject: (#7833) Several help text/template edits

This commit makes the following changes:

* Changes wrapping on some "returns" blocks to accomodate the way we prepend
  "RETURNS: " to the first line in short help.
* Overrides description for save on faces where save is invalid. (Since save has
  an inherited description, the description was contradicting the summary.)
* Adds notes on dummy arguments to short_description where applicable, so as to
  show up in short help.
* Adds the termini list to the action short help template.
* Removes the authors block from short help for faces. (Save it for the man page.)
* Several trivial wording changes.

Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
---
 lib/puppet/face/catalog.rb                     |  4 +--
 lib/puppet/face/certificate.rb                 |  3 +-
 lib/puppet/face/certificate_request.rb         | 27 ++++++++++------
 lib/puppet/face/certificate_revocation_list.rb | 43 +++++++++++++++++++-------
 lib/puppet/face/config.rb                      |  4 +--
 lib/puppet/face/facts.rb                       |  3 +-
 lib/puppet/face/help/action.erb                |  4 +++
 lib/puppet/face/help/face.erb                  |  5 ---
 lib/puppet/face/node.rb                        |  1 +
 lib/puppet/face/resource_type.rb               |  1 +
 lib/puppet/face/status.rb                      | 12 ++++++-
 11 files changed, 75 insertions(+), 32 deletions(-)

(limited to 'lib/puppet')

diff --git a/lib/puppet/face/catalog.rb b/lib/puppet/face/catalog.rb
index 9bcaa19c6..10b15d250 100644
--- a/lib/puppet/face/catalog.rb
+++ b/lib/puppet/face/catalog.rb
@@ -38,8 +38,8 @@ Puppet::Indirector::Face.define(:catalog, '0.0.1') do
       the source of the catalog can be managed with the `--terminus` option.
     EOT
     returns <<-'EOT'
-      Nothing. When used from the Ruby API, returns a Puppet::Transaction::Report
-      object.
+      Nothing. When used from the Ruby API, returns a
+      Puppet::Transaction::Report object.
     EOT
     examples <<-'EOT'
       Apply the locally cached catalog:
diff --git a/lib/puppet/face/certificate.rb b/lib/puppet/face/certificate.rb
index cb0f61e3b..9a306da37 100644
--- a/lib/puppet/face/certificate.rb
+++ b/lib/puppet/face/certificate.rb
@@ -15,7 +15,7 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
   EOT
 
   option "--ca-location LOCATION" do
-    summary "The certificate authority to query (local or remote)."
+    summary "Which certificate authority to use (local or remote)."
     description <<-'EOT'
       Whether to act on the local certificate authority or one provided by a
       remote puppet master. Allowed values are 'local' and 'remote.'
@@ -111,4 +111,5 @@ Puppet::Indirector::Face.define(:certificate, '0.0.1') do
 
   get_action(:search).summary "Invalid for this subcommand."
   get_action(:save).summary "Invalid for this subcommand."
+  get_action(:save).description "Invalid for this subcommand."
 end
diff --git a/lib/puppet/face/certificate_request.rb b/lib/puppet/face/certificate_request.rb
index 12694ba21..774821f12 100644
--- a/lib/puppet/face/certificate_request.rb
+++ b/lib/puppet/face/certificate_request.rb
@@ -12,30 +12,39 @@ Puppet::Indirector::Face.define(:certificate_request, '0.0.1') do
   # Per-action doc overrides
   get_action(:destroy).summary "Invalid for this subcommand."
 
-  get_action(:find).summary "Retrieve a single CSR."
-  get_action(:find).arguments "<host>"
-  get_action(:find).returns <<-'EOT'
+  find = get_action(:find)
+  find.summary "Retrieve a single CSR."
+  find.arguments "<host>"
+  find.returns <<-'EOT'
     A single certificate request. When used from the Ruby API, returns a
     Puppet::SSL::CertificateRequest object.
 
     RENDERING ISSUES: In most cases, you will want to render this as a string
     ('--render-as s').
   EOT
-  get_action(:find).examples <<-'EOT'
+  find.examples <<-'EOT'
     Retrieve a single CSR from the puppet master's CA:
 
     $ puppet certificate_request find somenode.puppetlabs.lan --terminus rest
   EOT
 
-  get_action(:search).summary "Retrieve all outstanding CSRs."
-  get_action(:search).arguments "<dummy_key>"
-  get_action(:search).returns <<-'EOT'
+  search = get_action(:search)
+  search.summary "Retrieve all outstanding CSRs."
+  search.arguments "<dummy_text>"
+  search.returns <<-'EOT'
     A list of certificate requests; be sure to to render this as a string
     ('--render-as s'). When used from the Ruby API, returns an array of
     Puppet::SSL::CertificateRequest objects.
   EOT
-  get_action(:search).notes "This action always returns all CSRs, but requires a dummy search key."
-  get_action(:search).examples <<-'EOT'
+  search.short_description <<-EOT
+    Retrieves all outstanding certificate signing requests. Due to a known bug,
+    this action requires a dummy search key, the content of which is irrelevant.
+  EOT
+  search.notes <<-EOT
+    Although this action always returns all CSRs, it requires a dummy search
+    key; this is a known bug.
+  EOT
+  search.examples <<-'EOT'
     Retrieve all CSRs from the local CA (similar to 'puppet cert list'):
 
     $ puppet certificate_request search x --terminus ca
diff --git a/lib/puppet/face/certificate_revocation_list.rb b/lib/puppet/face/certificate_revocation_list.rb
index 12ba1f73f..f58368f75 100644
--- a/lib/puppet/face/certificate_revocation_list.rb
+++ b/lib/puppet/face/certificate_revocation_list.rb
@@ -10,30 +10,51 @@ Puppet::Indirector::Face.define(:certificate_revocation_list, '0.0.1') do
     list from the CA.
   EOT
 
-  get_action(:find).summary "Retrieve the certificate revocation list."
-  get_action(:find).arguments "<dummy_key>"
-  get_action(:find).returns <<-'EOT'
-    A certificate revocation list. When used from the Ruby API: returns an
+  find = get_action(:find)
+  find.summary "Retrieve the certificate revocation list."
+  find.arguments "<dummy_text>"
+  find.returns <<-'EOT'
+    The certificate revocation list. When used from the Ruby API: returns an
     OpenSSL::X509::CRL object.
 
     RENDERING ISSUES: this should usually be rendered as a string
     ('--render-as s').
   EOT
-  get_action(:find).examples <<-'EXAMPLES'
+  find.short_description <<-EOT
+    Retrieves the certificate revocation list. Due to a known bug, this action
+    requires a dummy argument, the content of which is irrelevant.
+  EOT
+  find.notes <<-EOT
+    Although this action always returns the CRL from the specified terminus, it
+    requires a dummy argument; this is a known bug.
+  EOT
+  find.examples <<-'EXAMPLES'
     Retrieve a copy of the puppet master's CRL:
 
     $ puppet certificate_revocation_list find crl --terminus rest
   EXAMPLES
 
-  get_action(:destroy).summary "Delete the certificate revocation list."
-  get_action(:destroy).arguments "<dummy_key>"
-  get_action(:destroy).returns "Nothing."
-  get_action(:destroy).description <<-'EOT'
+  destroy = get_action(:destroy)
+  destroy.summary "Delete the certificate revocation list."
+  destroy.arguments "<dummy_text>"
+  destroy.returns "Nothing."
+  destroy.description <<-'EOT'
     Deletes the certificate revocation list. This cannot be done over REST, but
-    it is possible to delete the locally cached copy or (if run from the CA) the
-    CA's own copy of the CRL.
+    it is possible to delete the locally cached copy or the local CA's copy of
+    the CRL.
+  EOT
+  destroy.short_description <<-EOT
+    Deletes the certificate revocation list. This cannot be done over REST, but
+    it is possible to delete the locally cached copy or the local CA's copy of
+    the CRL. Due to a known bug, this action requires a dummy argument, the
+    content of which is irrelevant.
+  EOT
+  destroy.notes <<-EOT
+    Although this action always deletes the CRL from the specified terminus, it
+    requires a dummy argument; this is a known bug.
   EOT
 
   get_action(:search).summary "Invalid for this subcommand."
   get_action(:save).summary "Invalid for this subcommand."
+  get_action(:save).description "Invalid for this subcommand."
 end
diff --git a/lib/puppet/face/config.rb b/lib/puppet/face/config.rb
index 3fce0ed70..05fc40684 100644
--- a/lib/puppet/face/config.rb
+++ b/lib/puppet/face/config.rb
@@ -10,8 +10,8 @@ Puppet::Face.define(:config, '0.0.1') do
     summary "Examine Puppet's current configuration settings."
     arguments "(all | <setting> [<setting> ...]"
     returns <<-'EOT'
-      A single value when called with one config setting, and a list of settings
-      and values when called with multiple options or "all."
+      A single value when called with one config setting, and a list of
+      settings and values when called with multiple options or "all."
     EOT
     description <<-'EOT'
       Prints the value of a single configuration option or a list of
diff --git a/lib/puppet/face/facts.rb b/lib/puppet/face/facts.rb
index 99ff14bd9..9d83e3d44 100644
--- a/lib/puppet/face/facts.rb
+++ b/lib/puppet/face/facts.rb
@@ -25,7 +25,8 @@ Puppet::Indirector::Face.define(:facts, '0.0.1') do
     of facts for the requested node. When used from the Ruby API: A
     Puppet::Node::Facts object.
 
-    RENDERING ISSUES: Facts cannot currently be rendered as a string.
+    RENDERING ISSUES: Facts cannot currently be rendered as a string; use yaml
+    or json.
   EOT
   find.notes <<-'EOT'
     When using the `facter` terminus, the host argument is ignored.
diff --git a/lib/puppet/face/help/action.erb b/lib/puppet/face/help/action.erb
index 5242ed218..c84e46cf9 100644
--- a/lib/puppet/face/help/action.erb
+++ b/lib/puppet/face/help/action.erb
@@ -46,4 +46,8 @@ undocumented option
       end -%>
 <% end -%>
 
+<% if face.respond_to? :indirection -%>
+TERMINI: <%= face.class.terminus_classes(face.indirection.name).join(", ") %>
+
+<% end -%>
 See 'puppet man <%= face.name %>' or 'man puppet-<%= face.name %>' for full help.
diff --git a/lib/puppet/face/help/face.erb b/lib/puppet/face/help/face.erb
index 870cc547f..255d3d55b 100644
--- a/lib/puppet/face/help/face.erb
+++ b/lib/puppet/face/help/face.erb
@@ -75,10 +75,5 @@ end -%>
 <% if face.respond_to? :indirection -%>
 TERMINI: <%= face.class.terminus_classes(face.indirection.name).join(", ") %>
 
-<% end
-   unless face.authors.empty? -%>
-AUTHOR
-<%= face.authors.join("\n").gsub(/^/, ' * ') %>
-
 <% end -%>
 See 'puppet man <%= face.name %>' or 'man puppet-<%= face.name %>' for full help.
diff --git a/lib/puppet/face/node.rb b/lib/puppet/face/node.rb
index cd27e0b26..1153ad447 100644
--- a/lib/puppet/face/node.rb
+++ b/lib/puppet/face/node.rb
@@ -13,6 +13,7 @@ Puppet::Indirector::Face.define(:node, '0.0.1') do
   get_action(:destroy).summary "Invalid for this subcommand."
   get_action(:search).summary "Invalid for this subcommand."
   get_action(:save).summary "Invalid for this subcommand."
+  get_action(:save).description "Invalid for this subcommand."
 
   find = get_action(:find)
   find.summary "Retrieve a node object."
diff --git a/lib/puppet/face/resource_type.rb b/lib/puppet/face/resource_type.rb
index dc6d9de90..3cd28daa3 100644
--- a/lib/puppet/face/resource_type.rb
+++ b/lib/puppet/face/resource_type.rb
@@ -30,6 +30,7 @@ Puppet::Indirector::Face.define(:resource_type, '0.0.1') do
 
   # Action documentation overrides:
   get_action(:save).summary = "Invalid for this subcommand."
+  get_action(:save).description "Invalid for this subcommand."
   get_action(:destroy).summary = "Invalid for this subcommand."
 
   find = get_action(:find)
diff --git a/lib/puppet/face/status.rb b/lib/puppet/face/status.rb
index 690c6b371..bdb0c4d26 100644
--- a/lib/puppet/face/status.rb
+++ b/lib/puppet/face/status.rb
@@ -8,11 +8,12 @@ Puppet::Indirector::Face.define(:status, '0.0.1') do
 
   get_action(:destroy).summary "Invalid for this subcommand."
   get_action(:save).summary "Invalid for this subcommand."
+  get_action(:save).description "Invalid for this subcommand."
   get_action(:search).summary "Invalid for this subcommand."
 
   find = get_action(:find)
   find.summary "Check status of puppet master server."
-  find.arguments "<dummy_key>"
+  find.arguments "<dummy_text>"
   find.returns <<-'EOT'
     A "true" response or a low-level connection error. When used from the Ruby
     API: returns a Puppet::Status object.
@@ -28,11 +29,20 @@ Puppet::Indirector::Face.define(:status, '0.0.1') do
     <--listen> option, you can set set the global <--server> and <--masterport>
     options on the command line; note that agent nodes listen on port 8139.
   EOT
+  find.short_description <<-EOT
+    Checks whether a Puppet server is properly receiving and processing HTTP
+    requests. Due to a known bug, this action requires a dummy argument, the
+    content of which is irrelevant. This action is only useful when used with
+    '--terminus rest', and will always return true when invoked locally.
+  EOT
   find.notes <<-'EOT'
     This action requires that the server's `auth.conf` file allow find
     access to the `status` REST terminus. Puppet agent does not use this
     facility, and it is turned off by default. See
     <http://docs.puppetlabs.com/guides/rest_auth_conf.html> for more details.
+
+    Although this action always returns an unnamed status object, it requires a
+    dummy argument. This is a known bug.
   EOT
   find.examples <<-'EOT'
     Check the status of the configured puppet master:
-- 
cgit