diff --git a/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb b/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb new file mode 100644 index 000000000..ba02227ea --- /dev/null +++ b/acceptance/pending/ticket_3360_allow_duplicate_csr_with_option_set.rb @@ -0,0 +1,50 @@ +test_name "#3360: Allow duplicate CSR when allow_duplicate_certs is on" + +agent_hostnames = agents.map {|a| a.to_s} + +# Kill running Puppet Master -- should not be running at this point +step "Master: kill running Puppet Master" +on master, "ps -U puppet | awk '/puppet/ { print \$1 }' | xargs kill || echo \"Puppet Master not running\"" + +step "Master: Start Puppet Master" +on master, puppet_master("--allow_duplicate_certs --certdnsnames=\"puppet:$(hostname -s):$(hostname -f)\" --verbose --noop") + +step "Generate a certificate request for the agent" +on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + +step "Collect the original certs" +on master, puppet_cert("--sign --all") +original_certs = on master, puppet_cert("--list --all") + +old_certs = {} +original_certs.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + old_certs[$1] = $2 + puts "old cert: #{$1} #{$2}" + end +end + +step "Make another request with the same certname" +on agents, "puppet certificate generate `hostname -f` --ca-location remote --server #{master}" + +step "Collect the new certs" + +on master, puppet_cert("--sign --all") +new_cert_list = on master, puppet_cert("--list --all") + +new_certs = {} +new_cert_list.stdout.each_line do |line| + if line =~ /^\+ (\S+) \((.+)\)$/ + new_certs[$1] = $2 + puts "new cert: #{$1} #{$2}" + end +end + +step "Verify the certs have changed" +# using the agent name as the key may cause errors; +# agent name from cfg file is likely to have short name +# where certs might be signed with long names. +old_certs.each_key { |key| + next if key.include? master # skip the masters cert, only care about agents + fail_test("#{key} does not have a new signed certificate") if old_certs[key] == new_certs[key] +} diff --git a/acceptance/pending/ticket_3360_reject_duplicate_csr_with_option_unset.rb b/acceptance/pending/ticket_3360_reject_duplicate_csr_with_option_unset.rb new file mode 100644 index 000000000..e69de29bb diff --git a/acceptance/pending/ticket_5027_warn_on_dynamic_scope.rb b/acceptance/pending/ticket_5027_warn_on_dynamic_scope.rb new file mode 100644 index 000000000..762116ce9 --- /dev/null +++ b/acceptance/pending/ticket_5027_warn_on_dynamic_scope.rb @@ -0,0 +1,28 @@ +test_name "#5027: Issue warnings when using dynamic scope" + +step "Apply dynamic scoping manifest on agents" +apply_manifest_on agents, %q{ + $foo = 'foo_value' + + class a { + $bar = 'bar_value' + + include b + } + + class b inherits c { + notify { $baz: } # should not generate a warning -- inherited from class c + notify { $bar: } # should generate a warning -- uses dynamic scoping + notify { $foo: } # should not generate a warning -- comes from top scope + } + + class c { + $baz = 'baz_value' + } + + include a +} + +step "Verify deprecation warning" +fail_test "Deprecation warning not issued" unless + stdout.include? 'warning: Dynamic lookup of $bar will not be supported in future versions. Use a fully-qualified variable name or parameterized classes.' diff --git a/acceptance/pending/ticket_6928_puppet_master_parse_fails.rb b/acceptance/pending/ticket_6928_puppet_master_parse_fails.rb new file mode 100644 index 000000000..aac53138a --- /dev/null +++ b/acceptance/pending/ticket_6928_puppet_master_parse_fails.rb @@ -0,0 +1,38 @@ +test_name "#6928: Puppet --parseonly should return deprication message" + +# Create good and bad formatted manifests +step "Master: create valid, invalid formatted manifests" +create_remote_file(master, '/tmp/good.pp', %w{notify{good:}} ) +create_remote_file(master, '/tmp/bad.pp', 'notify{bad:') + +step "Master: use --parseonly on an invalid manifest, should return 1 and issue deprecation warning" +on master, puppet_master( %w{--parseonly /tmp/bad.pp} ), :acceptable_exit_codes => [ 1 ] + fail_test "Deprecation warning not issued for --parseonly" unless + stdout.include? '--parseonly has been removed. Please use \'puppet parser validate \'' + +step "Agents: create valid, invalid formatted manifests" +agents.each do |host| + create_remote_file(host, '/tmp/good.pp', %w{notify{good:}} ) + create_remote_file(host, '/tmp/bad.pp', 'notify{bad:') +end + +step "Agents: use --parseonly on an invalid manifest, should return 1 and issue deprecation warning" +agents.each do |host| + on(host, "puppet --parseonly /tmp/bad.pp}", :acceptable_exit_codes => [ 1 ]) do + fail_test "Deprecation warning not issued for --parseonly" unless + stdout.include? '--parseonly has been removed. Please use \'puppet parser validate \'' + end +end + +step "Test Face for ‘parser validate’ with good manifest -- should pass" +agents.each do |host| + on(host, "puppet parser validate /tmp/good.pp", :acceptable_exit_codes => [ 0 ]) +end + +step "Test Face for ‘parser validate’ with bad manifest -- should fail" +agents.each do |host| + on(host, "puppet parser validate /tmp/bad.pp", :acceptable_exit_codes => [ 1 ]) do + fail_test "Bad manifest detection failed" unless + stderr.include? 'Could not run: Could not parse for environment production' + end +end diff --git a/lib/puppet/provider/network_device.rb b/lib/puppet/provider/network_device.rb index b178df977..46be27968 100644 --- a/lib/puppet/provider/network_device.rb +++ b/lib/puppet/provider/network_device.rb @@ -1,68 +1,68 @@ # This is the base class of all prefetched network device provider class Puppet::Provider::NetworkDevice < Puppet::Provider def self.device(url) raise "This provider doesn't implement the necessary device method" end def self.lookup(device, name) raise "This provider doesn't implement the necessary lookup method" end def self.prefetch(resources) resources.each do |name, resource| device = Puppet::Util::NetworkDevice.current || device(resource[:device_url]) if result = lookup(device, name) result[:ensure] = :present resource.provider = new(device, result) else resource.provider = new(device, :ensure => :absent) end end end def exists? @property_hash[:ensure] != :absent end attr_accessor :device def initialize(device, *args) super(*args) @device = device # Make a duplicate, so that we have a copy for comparison # at the end. @properties = @property_hash.dup end def create @property_hash[:ensure] = :present self.class.resource_type.validproperties.each do |property| if val = resource.should(property) @property_hash[property] = val end end end def destroy @property_hash[:ensure] = :absent end def flush @property_hash.clear end def self.instances end def former_properties @properties.dup end def properties @property_hash.dup end -end \ No newline at end of file +end diff --git a/lib/puppet/provider/package/aptitude.rb b/lib/puppet/provider/package/aptitude.rb index 8bdf984e6..2eafd3ef8 100755 --- a/lib/puppet/provider/package/aptitude.rb +++ b/lib/puppet/provider/package/aptitude.rb @@ -1,29 +1,30 @@ Puppet::Type.type(:package).provide :aptitude, :parent => :apt, :source => :dpkg do desc "Package management via `aptitude`." has_feature :versionable commands :aptitude => "/usr/bin/aptitude" commands :aptcache => "/usr/bin/apt-cache" ENV['DEBIAN_FRONTEND'] = "noninteractive" def aptget(*args) args.flatten! # Apparently aptitude hasn't always supported a -q flag. args.delete("-q") if args.include?("-q") + args.delete("--force-yes") if args.include?("--force-yes") output = aptitude(*args) # Yay, stupid aptitude doesn't throw an error when the package is missing. if args.include?(:install) and output =~ /Couldn't find any package/ raise Puppet::Error.new( "Could not find package #{self.name}" ) end end def purge aptitude '-y', 'purge', @resource[:name] end end diff --git a/lib/puppet/util/network_device.rb b/lib/puppet/util/network_device.rb index d9c1aa34d..7fb8e2ff3 100644 --- a/lib/puppet/util/network_device.rb +++ b/lib/puppet/util/network_device.rb @@ -1,12 +1,17 @@ class Puppet::Util::NetworkDevice class << self attr_reader :current end def self.init(device) require "puppet/util/network_device/#{device.provider}/device" @current = Puppet::Util::NetworkDevice.const_get(device.provider.capitalize).const_get(:Device).new(device.url) rescue => detail raise "Can't load #{device.provider} for #{device.name}: #{detail}" end -end \ No newline at end of file + + # Should only be used in tests + def self.teardown + @current = nil + end +end diff --git a/spec/unit/util/network_device_spec.rb b/spec/unit/util/network_device_spec.rb index 70cb509b4..0f7c6036b 100644 --- a/spec/unit/util/network_device_spec.rb +++ b/spec/unit/util/network_device_spec.rb @@ -1,46 +1,50 @@ #!/usr/bin/env rspec require 'spec_helper' require 'ostruct' require 'puppet/util/network_device' describe Puppet::Util::NetworkDevice do before(:each) do @device = OpenStruct.new(:name => "name", :provider => "test") end + after(:each) do + Puppet::Util::NetworkDevice.teardown + end + class Puppet::Util::NetworkDevice::Test class Device def initialize(device) end end end describe "when initializing the remote network device singleton" do it "should load the network device code" do Puppet::Util::NetworkDevice.expects(:require) Puppet::Util::NetworkDevice.init(@device) end it "should create a network device instance" do Puppet::Util::NetworkDevice.stubs(:require) Puppet::Util::NetworkDevice::Test::Device.expects(:new) Puppet::Util::NetworkDevice.init(@device) end it "should raise an error if the remote device instance can't be created" do Puppet::Util::NetworkDevice.stubs(:require).raises("error") lambda { Puppet::Util::NetworkDevice.init(@device) }.should raise_error end it "should let caller to access the singleton device" do device = stub 'device' Puppet::Util::NetworkDevice.stubs(:require) Puppet::Util::NetworkDevice::Test::Device.expects(:new).returns(device) Puppet::Util::NetworkDevice.init(@device) Puppet::Util::NetworkDevice.current.should == device end end -end \ No newline at end of file +end diff --git a/test/lib/puppettest/railstesting.rb b/test/lib/puppettest/railstesting.rb index e05511e3b..f5666f2c4 100644 --- a/test/lib/puppettest/railstesting.rb +++ b/test/lib/puppettest/railstesting.rb @@ -1,52 +1,18 @@ module PuppetTest::RailsTesting Parser = Puppet::Parser AST = Puppet::Parser::AST include PuppetTest::ParserTesting def teardown super # If we don't clean up the connection list, then the rails # lib will still think it's connected. ActiveRecord::Base.clear_active_connections! if Puppet.features.rails? end def railsinit Puppet::Rails.init end - - def railsteardown - Puppet::Rails.teardown if Puppet[:dbadapter] != "sqlite3" - end - - def railsresource(type = "file", title = "/tmp/testing", params = {}) - railsteardown - railsinit - - # We need a host for resources - #host = Puppet::Rails::Host.new(:name => Facter.value("hostname")) - - # Now build a resource - resources = [] - - resources << mkresource( - :type => type, :title => title, :exported => true, - - :parameters => params) - - # Now collect our facts - facts = Facter.to_hash - - # Now try storing our crap - host = nil - node = mknode(facts["hostname"]) - node.parameters = facts - assert_nothing_raised { - host = Puppet::Rails::Host.store(node, resources) - } - - # Now save the whole thing - host.save - end end