A new version of dig was introduced in Puppet 4.5.0 that
isn't compatible with the stdlib version of dig. To maintain
backwards compatibility and ensure that tests for stdlib aren't
broken, this patch renames dig to dig44 and adds a deprecation
warning to the stdlib dig function.
When replacing the lib/ and manifests/ symlinks in the fixtures with
a proper top-level symlink, puppet 4 starts loading the metadata.json
before loading functions, which confuses these tests. Added more specific
expectations, and provide data for that call.
As described in PUP-6422,
ensure_resources('File[/tmp/a]', { owner => undef })
would not actually create the file. This fixes it, and adds tests to prove
it.
This value will be returned if the is no file
to load or a file could not be parsed.
It's similar to the "parseyaml" function's
default value.
Add the "loadjson" function too
85d5ead Updated the concat function so that it wouldn't modify the
original array. A side-effect of this change is that it now always calls
`Array()` on the second argument. If thit is a Hash, this results in
`to_a` being called on the hash, which converts it to an array or
tuples. This is undesired.
Update the behaviour so that it doesn't (indirectly) call `to_a` on
anything, instead test for the type of the argument, wrapping it in an
array if it's not already an array.
`file_line` type: During validation, do not require `line` attribute if:
* `ensure` is `absent`,
* `match` is not empty,
* and `match_for_absence` is `true`.
Also update `spec` tests to reflect this.
Puppet 4.4.0 and later has changed fqdn_rand to use a higher ceiling
(PUP-5646), the tests for fqdn_rand_string needed to be updated to
reflect the new expected output.
Copy a function from puppetlabs/apache, created by Benedikt Bock by
55cc3b4e8f4bc859a1255cb57be2c7923005d822 .
This function enclose IPv6 addresses in square brackets.
It takes an array of ip addresses and encloses the ipv6 addresses with
square brackets.
Co-Authored-By: Benedikt Bock <benedikt_bock@web.de>
Add a function to validate an x509 RSA certificate and key pair, as
commonly used for TLS certificates.
The rationale behind this is that we store our TLS certificates and
private keys in Hiera YAML files, and poor indentation or formatting in
the YAML file could cause a valid certificate to be considered invalid.
Will cause the Puppet run to fail if:
- an invalid certificate is detected
- an invalid RSA key is detected
- the certificate does not match the key, i.e. the certificate
has not been signed by the supplied key
The test certificates I've used in the spec tests were generated using
the Go standard library:
$ go run $GOROOT/src/crypto/tls/generate_cert.go -host localhost
Example output:
==> cache-1.router: Error: Not a valid RSA key: Neither PUB key nor PRIV key:: nested asn1 error at /var/govuk/puppet/modules/nginx/manifests/config/ssl.pp:30 on node cache-1.router.dev.gov.uk
PE 3.x emits a puppetversion fact in the format "3.x.x (Puppet Enterprise 3.x.x)". This fact causes an error when invoked on PE 3.x: Could not retrieve fact='package_provider', resolution='<anonymous>': Malformed version number string 3.8.1 (Puppet Enterprise 3.8.1
This fix has been tested on PE 3.8.2 and should work for PE 3.3, 3.7, and 3.8.
Original-fix-by: Alex Harden <aharden@gmail.com>
The -C (capital C) flag to lsuser is incorrect. It should be -c
(lowercase).
this commit updates the aix root_home fact to use `lsuser -c`, rather
than `lsuser -C`.
