This patch adds a new function to validate if a string is an absolute
filesystem path or not.
The intent of this is to make this functionality generic and reusable.
Josh left a comment in another pull request I had:
If node_installdir or $node_vardir is not defined, then we should
raise an error, otherwise we may create a scheduled task to an
untrusted directory.
One solution to this comment is to validate the Puppet variable is an
absolute path.
Examples of this function look like:
function_validate_absolute_path
Using Puppet::Parser::Scope.new
Garbage inputs
validate_absolute_path(nil) should fail
validate_absolute_path([nil]) should fail
validate_absolute_path({"foo"=>"bar"}) should fail
validate_absolute_path({}) should fail
validate_absolute_path("") should fail
relative paths
validate_absolute_path("relative1") should fail
validate_absolute_path(".") should fail
validate_absolute_path("..") should fail
validate_absolute_path("./foo") should fail
validate_absolute_path("../foo") should fail
validate_absolute_path("etc/puppetlabs/puppet") should fail
validate_absolute_path("opt/puppet/bin") should fail
absolute paths
validate_absolute_path("C:/") should not fail
validate_absolute_path("C:\\") should not fail
validate_absolute_path("C:\\WINDOWS\\System32") should not fail
validate_absolute_path("C:/windows/system32") should not fail
validate_absolute_path("X:/foo/bar") should not fail
validate_absolute_path("X:\\foo\\bar") should not fail
validate_absolute_path("/var/tmp") should not fail
validate_absolute_path("/var/lib/puppet") should not fail
validate_absolute_path("/var/opt/../lib/puppet") should not fail
validate_absolute_path("C:\\Program Files (x86)\\Puppet Labs\\Puppet Enterprise") should not fail
validate_absolute_path("C:/Program Files (x86)/Puppet Labs/Puppet Enterprise") should not fail
Finished in 0.05637 seconds
23 examples, 0 failures
This function is used to validate a string is less than a maximum length. The
string, or array of strings, is passed as the first argument to the function.
The maximum length of the string is passed as the second argument.
It is useful to validate, for example, that Puppet is not sending a username
to a downstream system that the system cannot cope with, but that might not
cause an error message - for example, MySQL will not accept a username of
more than 16 characters. This enables a Puppet administrator to validate
the data that it may have been passed from upstream through, for example,
Hiera.
OS X 10.7 introduced salted-SHA512 password hashes as opposed to the
older LANMAN + SHA1 hashes. To assist in generating properly-formatted
password hashes, this commit adds the str2saltedsha512() function which
accepts a single string argument (the password) and returns a
salted-SHA512 password hash which can be fed as the password attribute
of a user resource in OS X 10.7.
Spec tests are also added to ensure that functionality isn't broken with
future commits.
* v2.1.x:
(maint) Add semantic versioning info to README
Docs: Clarify the use case for the anchor type
Docs: Remove author emails from stdlib functions
Docs: Copyedit function doc strings
Docs: Correct indentation of markdown code examples
Docs: Update documentation of stdlib classes
Docs: Update file_line documentation
Docs: Improve example in merge function
* v2.x:
Docs: Clarify the use case for the anchor type
Docs: Remove author emails from stdlib functions
Docs: Copyedit function doc strings
Docs: Correct indentation of markdown code examples
Docs: Update documentation of stdlib classes
Docs: Update file_line documentation
Docs: Improve example in merge function
This commit adds a new function called get_module_path.
get_module_path returns the absolute path of a specified module. The
code and functionality is very similar to how templates and files
are detected inside of modules.
the function has been tested against puppet 2.6.10 and 2.7.x
Author email addresses were included in the doc strings for some (but not all)
stdlib functions. This commit removes them in the interest of consistency.
Code examples in several function doc strings were only indented by two
spaces, which would not result in proper display when rendered as HTML. This
commit corrects the indentation to four spaces.
This commit replaces the example in the merge function with a much clearer
one. It also mentions that the rightmost value wins in the event of duplicated
hash keys.
certificates from a CA (or locally).
This function works by either obtaining the file locally
or remotely based on Puppets configuration.
Also added get_pubkey which wraps get_certificate and extracts the
public key.
It was decided that maintaining puppetlabs-functions and
puppetlabs-stdlib was duplication as both are trying to
achieve the same goal.
This patch provides a merge of the puppetlabs-functions
into the puppetlabs-stdlib repository, with history
preservation.
The following conflicts were found and resolved:
* LICENSE file from functions was used as it aligns with
ASL usage instructions and contains relevant copyright
information:
http://www.apache.org/licenses/LICENSE-2.0.html
* Used spec_helper.rb from functions - this is what
Puppet core uses and doesn't break tests.
* Merged .gitignore and spec.opts options.
The accounts module is making use of validate_array() and
validate_string() which do not exist int he stdlib module without this
patch.
This patch adds the two functions to the stdlib with unit tests.
Reviewed-by: Dan Bode
The previous behavior of the merge() function used Array#inject with two
arguments. Ruby 1.8.5 only supports inject being used with one
argument.
This change initializes and empty Hash object and merges each argument
into the accumulator. The last argument still "wins" in the merge.
rspec tests (cd spec; rspec **/*_spec.rb) verified as passing with this
change.
Reviewed-by: Dan Bode
In Puppet, it is not possible to reassign hash
values.
This function allows a reasonable way to perform
hash munging in Puppet.
Reviewed-by: Jeff McCune
It is difficult to use existance of keys in a hash
as a boolean condition in Puppet (see #8705)
This function provides a working solution until
the underlying issue in Puppet can be resolved.
Reviewed-by: Jeff McCune
This change adds a loadyaml() puppet function that takes a path to a
YAML data file and returns the contents as a Puppet variable. There is
currently no validation of the contents of the file.
This commit is intentionally lacking unit tests because of time
constraints.
Reviewed-by: Dan Bode
This isn't directly related to #8010, but rather indirectly fills the
need to allow the end user to configure where data values are looked up.
This allows the namespace to be passed as a class parameter. A module
may then quickly and easily look up data from the user-defined
namespace.
This function aborts catalog compilation if any of the passed
values are not true or false. Note, this catches the string
values of true and false correct and will abort catalog
compilation if they are not boolean values.
Paired-with: Dan Bode <dan@puppetlabs.com>
While developing Puppet Modules with class parameters, data from the
user should be validated as per the Style Guide. Puppet should fail
early and hard in the situation of invalid data being passed into the
module.
This function provides a more concise method to the alternative of using
if statements in the Puppet manifests.
