├── .gitattributes ├── VERSION ├── .dockerignore ├── resources ├── files │ ├── hiera.yaml │ ├── osx_paths.txt │ ├── puppet-agent.csh │ ├── ftdetect │ │ └── ftdetect_puppet.vim │ ├── windows │ │ ├── facter.bat │ │ ├── puppet.bat │ │ ├── facter_interactive.bat │ │ ├── puppet_shell.bat │ │ ├── puppet_interactive.bat │ │ ├── run_facter_interactive.bat │ │ ├── run_puppet_interactive.bat │ │ ├── elevate.exe.config │ │ └── environment.bat │ ├── README │ ├── puppet-agent.sh │ ├── osx-wrapper.sh │ ├── aix-wrapper.sh │ ├── sysv-wrapper.sh │ ├── indent │ │ └── indent_puppet.vim │ └── ftplugin │ │ └── ftplugin_puppet.vim ├── aix │ ├── puppet.service │ └── pxp-agent.service ├── windows │ └── wix │ │ ├── icon │ │ └── puppet.ico │ │ ├── ui │ │ ├── bitmaps │ │ │ ├── up.ico │ │ │ ├── info.ico │ │ │ ├── new.ico │ │ │ ├── bannrbmp.bmp │ │ │ ├── dlgbmp-pe.bmp │ │ │ ├── exclamic.ico │ │ │ └── dlgbmp-foss.bmp │ │ ├── WarningDlg.wxs │ │ ├── PuppetWelcomeDlg.wxs │ │ ├── PuppetLicenseAgreementDlg.wxs.erb │ │ └── PuppetInstallDirDlg.wxs │ │ ├── include │ │ └── textstyles.wxi │ │ ├── directorylist.wxs.erb │ │ ├── icon.wxs.erb │ │ ├── environment.wxs.erb │ │ ├── wixvariables.wxs.erb │ │ ├── condition.wxs.erb │ │ ├── project.wxs.erb │ │ ├── users.wxs.erb │ │ ├── componentgroup.wxs.erb │ │ ├── filter.xslt.erb │ │ ├── service.pxp-agent.wxs.erb │ │ └── registryEntries.wxs.erb ├── osx │ ├── productbuild │ │ ├── resources │ │ │ └── puppet-agent-Background.png │ │ └── plugins │ │ │ ├── puppet-agent-installer-plugin.bundle │ │ │ └── Contents │ │ │ │ ├── MacOS │ │ │ │ └── puppet-agent-installer-plugin │ │ │ │ ├── Resources │ │ │ │ ├── en.lproj │ │ │ │ │ ├── InfoPlist.strings │ │ │ │ │ └── Localizable.strings │ │ │ │ ├── puppet_agent_installer_plugin.nib │ │ │ │ ├── Base.lproj │ │ │ │ │ └── puppet_enterprise_installer_plugin.nib │ │ │ │ ├── InstallerSections.plist │ │ │ │ └── puppet-agent-installer-plugin-Info.plist │ │ │ │ └── Info.plist │ │ │ └── InstallerSections.plist │ ├── preinstall-extras │ └── postinstall-extras └── patches │ └── openssl │ └── openssl-fips.cnf.patch ├── CODEOWNERS ├── ext ├── project_data.yaml ├── smoke │ ├── README.md │ ├── packages │ │ ├── run-smoke-test.sh │ │ └── steps │ │ │ └── setup-master.sh │ ├── repos │ │ ├── run-smoke-test.sh │ │ └── steps │ │ │ └── setup-masters.sh │ └── steps │ │ ├── setup-agent.sh │ │ └── run-validation-tests.sh └── build_defaults.yaml ├── configs ├── platforms │ ├── el-9-x86_64.rb │ ├── debian-11-amd64.rb │ ├── debian-12-amd64.rb │ ├── amazon-2-aarch64.rb │ ├── amazon-2023-x86_64.rb │ ├── debian-11-aarch64.rb │ ├── debian-12-aarch64.rb │ ├── fedora-40-x86_64.rb │ ├── ubuntu-22.04-amd64.rb │ ├── ubuntu-24.04-amd64.rb │ ├── amazon-2023-aarch64.rb │ ├── redhatfips-9-x86_64.rb │ ├── ubuntu-18.04-aarch64.rb │ ├── ubuntu-22.04-aarch64.rb │ ├── ubuntu-24.04-aarch64.rb │ ├── osx-13-x86_64.rb │ ├── osx-14-x86_64.rb │ ├── osx-11-x86_64.rb │ ├── osx-12-x86_64.rb │ ├── fedora-36-x86_64.rb │ ├── osx-13-arm64.rb │ ├── osx-14-arm64.rb │ ├── osx-12-arm64.rb │ ├── el-9-ppc64le.rb │ ├── el-7-x86_64.rb │ ├── el-8-x86_64.rb │ ├── redhatfips-7-x86_64.rb │ ├── el-8-aarch64.rb │ ├── el-9-aarch64.rb │ ├── sles-12-x86_64.rb │ ├── sles-15-x86_64.rb │ ├── solaris-11-i386.rb │ ├── debian-11-armhf.rb │ ├── debian-12-armhf.rb │ ├── solaris-11-sparc.rb │ ├── ubuntu-18.04-amd64.rb │ ├── ubuntu-20.04-aarch64.rb │ ├── debian-10-amd64.rb │ ├── debian-10-armhf.rb │ ├── sles-11-x86_64.rb │ ├── ubuntu-20.04-amd64.rb │ ├── redhatfips-8-x86_64.rb │ ├── el-8-ppc64le.rb │ ├── windows-2012r2-x64.rb │ ├── windows-2012r2-x86.rb │ ├── aix-7.2-ppc.rb │ ├── windowsfips-2016-x64.rb │ └── windowsfips-2012r2-x64.rb └── components │ ├── facter.json │ ├── puppet-resource_api.json │ ├── puppet.json │ ├── module-puppetlabs-cron_core.json │ ├── module-puppetlabs-host_core.json │ ├── module-puppetlabs-mount_core.json │ ├── module-puppetlabs-zfs_core.json │ ├── module-puppetlabs-zone_core.json │ ├── module-puppetlabs-augeas_core.json │ ├── module-puppetlabs-selinux_core.json │ ├── module-puppetlabs-sshkeys_core.json │ ├── module-puppetlabs-yumrepo_core.json │ ├── pxp-agent.json │ ├── module-puppetlabs-scheduled_task.json │ ├── openssl-fips.json │ ├── puppet-runtime.json │ ├── module-puppetlabs-cron_core.rb │ ├── module-puppetlabs-host_core.rb │ ├── module-puppetlabs-zfs_core.rb │ ├── module-puppetlabs-mount_core.rb │ ├── module-puppetlabs-zone_core.rb │ ├── module-puppetlabs-augeas_core.rb │ ├── module-puppetlabs-selinux_core.rb │ ├── module-puppetlabs-sshkeys_core.rb │ ├── module-puppetlabs-yumrepo_core.rb │ ├── module-puppetlabs-scheduled_task.rb │ ├── shellpath.rb │ ├── wrapper-script.rb │ ├── puppet-resource_api.rb │ ├── facter.rb │ ├── cleanup.rb │ ├── _base-module.rb │ ├── pl-ruby-patch.rb │ ├── puppet-runtime.rb │ └── openssl-fips.rb ├── acceptance ├── lib │ ├── helper.rb │ └── puppet │ │ └── acceptance │ │ └── common_utils.rb ├── fixtures │ └── dyld │ │ ├── libexplode.so.aix │ │ ├── libexplode.so.linux32 │ │ ├── libexplode.so.linux64 │ │ ├── libexplode.so.solaris │ │ └── explode.c ├── config │ └── aio │ │ └── options.rb ├── tests │ ├── ffi.rb │ ├── ensure_facter_command_can_be_executed.rb │ ├── selinux.rb │ ├── ensure_SCL_python_pip_works.rb │ ├── module_install.rb │ ├── ensure_macos_executables_are_signed.rb │ ├── test_manpage_clobber.rb │ ├── augeas_validation.rb │ ├── ensure_version_file.rb │ ├── env_windows_installdir_fact.rb │ ├── puppet_facts.rb │ ├── ensure_puppet_facts_can_use_facter.rb │ ├── validate_vendored_modules.rb │ ├── ensure_facter_values_for_simple_external_fact.rb │ ├── windows_eventlog.rb │ ├── ensure_facter_values_for_dotted_external_fact.rb │ ├── ensure_facter_values_for_simple_custom_fact.rb │ ├── ensure_facter_values_for_dotted_custom_fact.rb │ ├── ensure_facter_values_for_external_overrides_core_dotted_fact.rb │ ├── ensure_facter_values_for_custom_overrides_external.rb │ ├── ensure_facter_values_for_external_overrides_custom.rb │ ├── linker_variable_cleanup.rb │ ├── ensure_facter_values_for_external_overrides_core_top_fact.rb │ ├── ensure_facter_values_for_custom_overrides_core_top_fact.rb │ ├── ensure_facter_values_for_external_overrides_custom_overrides_core_dotted_fact.rb │ ├── validate_vendored_openssl.rb │ ├── ensure_facter_values_for_external_overrides_custom_overrides_core_top_fact.rb │ ├── ensure_facter_values_for_json_external_fact.rb │ ├── ensure_facter_values_for_json_custom_fact.rb │ ├── ensure_facter_values_for_custom_overrides_core_dotted_fact.rb │ └── file_permissions.rb ├── .beaker.yml ├── Gemfile └── README.md ├── .github ├── release.yml └── workflows │ ├── jira.yml │ ├── backport.yml │ ├── checks.yaml │ └── mend.yaml ├── .gitignore ├── LICENSE ├── Gemfile ├── .rubocop.yml └── Rakefile /.gitattributes: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 8.11.0 2 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /resources/files/hiera.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @puppetlabs/phoenix 2 | -------------------------------------------------------------------------------- /ext/project_data.yaml: -------------------------------------------------------------------------------- 1 | build_defaults.yaml -------------------------------------------------------------------------------- /resources/files/osx_paths.txt: -------------------------------------------------------------------------------- 1 | /opt/puppetlabs/bin 2 | -------------------------------------------------------------------------------- /resources/aix/puppet.service: -------------------------------------------------------------------------------- 1 | /opt/puppetlabs/bin/puppet -s puppet -u root -a 'agent --no-daemonize' 2 | -------------------------------------------------------------------------------- /resources/aix/pxp-agent.service: -------------------------------------------------------------------------------- 1 | /opt/puppetlabs/bin/pxp-agent -a '--foreground' -s pxp-agent -u root 2 | -------------------------------------------------------------------------------- /configs/platforms/el-9-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "el-9-x86_64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /acceptance/lib/helper.rb: -------------------------------------------------------------------------------- 1 | $LOAD_PATH << File.expand_path(File.dirname(__FILE__)) 2 | 3 | require 'beaker-puppet' 4 | -------------------------------------------------------------------------------- /configs/platforms/debian-11-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "debian-11-amd64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/debian-12-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "debian-12-amd64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/amazon-2-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform 'amazon-2-aarch64' do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/amazon-2023-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'amazon-2023-x86_64' do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/debian-11-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "debian-11-aarch64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/debian-12-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "debian-12-aarch64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/fedora-40-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'fedora-40-x86_64' do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-22.04-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-22.04-amd64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-24.04-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-24.04-amd64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/amazon-2023-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform 'amazon-2023-aarch64' do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/redhatfips-9-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "redhatfips-9-x86_64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-18.04-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-18.04-aarch64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-22.04-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-22.04-aarch64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-24.04-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-24.04-aarch64" do |plat| 2 | plat.inherit_from_default 3 | end 4 | -------------------------------------------------------------------------------- /configs/components/facter.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/facter.git","ref":"0656d9a34ce4790129f1fd6eba5bb4d49a9b9ad1"} 2 | -------------------------------------------------------------------------------- /configs/components/puppet-resource_api.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppet-resource_api.git","ref":"refs/tags/1.9.0"} 2 | -------------------------------------------------------------------------------- /configs/components/puppet.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppet.git","ref":"e9671155fea02a3ec18d336cf57b3c057711ca32"} 2 | -------------------------------------------------------------------------------- /resources/files/puppet-agent.csh: -------------------------------------------------------------------------------- 1 | # Add /opt/puppetlabs/bin to the path for csh users 2 | set path = ($path /opt/puppetlabs/bin) 3 | -------------------------------------------------------------------------------- /resources/windows/wix/icon/puppet.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/icon/puppet.ico -------------------------------------------------------------------------------- /resources/files/ftdetect/ftdetect_puppet.vim: -------------------------------------------------------------------------------- 1 | " detect puppet filetype 2 | au BufRead,BufNewFile *.pp set filetype=puppet 3 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/up.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/up.ico -------------------------------------------------------------------------------- /acceptance/fixtures/dyld/libexplode.so.aix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/acceptance/fixtures/dyld/libexplode.so.aix -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-cron_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-cron_core.git","ref":"refs/tags/v1.3.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-host_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-host_core.git","ref":"refs/tags/v1.3.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-mount_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-mount_core.git","ref":"refs/tags/v1.3.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-zfs_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-zfs_core.git","ref":"refs/tags/v1.6.1"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-zone_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-zone_core.git","ref":"refs/tags/v1.2.0"} 2 | -------------------------------------------------------------------------------- /resources/files/windows/facter.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | SETLOCAL 3 | 4 | call "%~dp0environment.bat" %0 %* 5 | 6 | ruby -S -- facter %* 7 | -------------------------------------------------------------------------------- /resources/files/windows/puppet.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | SETLOCAL 3 | 4 | call "%~dp0environment.bat" %0 %* 5 | 6 | ruby -S -- puppet %* 7 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/info.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/info.ico -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/new.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/new.ico -------------------------------------------------------------------------------- /acceptance/config/aio/options.rb: -------------------------------------------------------------------------------- 1 | { 2 | :type => 'aio', 3 | :post_suite => [ 4 | 'teardown/common/099_Archive_Logs.rb', 5 | ], 6 | } 7 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-augeas_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-augeas_core.git","ref":"refs/tags/v1.5.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-selinux_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-selinux_core.git","ref":"refs/tags/v1.4.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-sshkeys_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-sshkeys_core.git","ref":"refs/tags/v2.5.0"} 2 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-yumrepo_core.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-yumrepo_core.git","ref":"refs/tags/v2.1.0"} 2 | -------------------------------------------------------------------------------- /configs/components/pxp-agent.json: -------------------------------------------------------------------------------- 1 | {"location":"https://builds.delivery.puppetlabs.net/pxp-agent/202410300/artifacts/","version":"202410300"} 2 | -------------------------------------------------------------------------------- /acceptance/fixtures/dyld/libexplode.so.linux32: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/acceptance/fixtures/dyld/libexplode.so.linux32 -------------------------------------------------------------------------------- /acceptance/fixtures/dyld/libexplode.so.linux64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/acceptance/fixtures/dyld/libexplode.so.linux64 -------------------------------------------------------------------------------- /acceptance/fixtures/dyld/libexplode.so.solaris: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/acceptance/fixtures/dyld/libexplode.so.solaris -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-scheduled_task.json: -------------------------------------------------------------------------------- 1 | {"url":"git@github.com:puppetlabs/puppetlabs-scheduled_task.git","ref":"refs/tags/v3.2.0"} 2 | -------------------------------------------------------------------------------- /configs/components/openssl-fips.json: -------------------------------------------------------------------------------- 1 | {"location":"https://builds.delivery.puppetlabs.net/openssl-fips/202409160/artifacts/","version":"202409160"} 2 | -------------------------------------------------------------------------------- /resources/files/windows/facter_interactive.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | echo Running Facter on demand ... 3 | cd "%~dp0" 4 | call .\facter.bat %* 5 | PAUSE 6 | -------------------------------------------------------------------------------- /resources/files/windows/puppet_shell.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | 3 | call "%~dp0environment.bat" %0 %* 4 | 5 | REM Display Ruby version 6 | ruby.exe -v 7 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/bannrbmp.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/bannrbmp.bmp -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/dlgbmp-pe.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/dlgbmp-pe.bmp -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/exclamic.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/exclamic.ico -------------------------------------------------------------------------------- /configs/components/puppet-runtime.json: -------------------------------------------------------------------------------- 1 | {"location":"https://builds.delivery.puppetlabs.net/puppet-runtime/202410290/artifacts/","version":"202410290"} 2 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/bitmaps/dlgbmp-foss.bmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/windows/wix/ui/bitmaps/dlgbmp-foss.bmp -------------------------------------------------------------------------------- /acceptance/fixtures/dyld/explode.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | static void explode() __attribute__((constructor)); 4 | 5 | void explode() { 6 | exit(42); 7 | } 8 | -------------------------------------------------------------------------------- /resources/files/windows/puppet_interactive.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | echo Running Puppet agent on demand ... 3 | cd "%~dp0" 4 | call puppet.bat agent --test %* 5 | PAUSE 6 | -------------------------------------------------------------------------------- /configs/platforms/osx-13-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-13-x86_64' do |plat| 2 | plat.inherit_from_default 3 | plat.output_dir File.join('apple', '13', 'puppet8', 'x86_64') 4 | end 5 | -------------------------------------------------------------------------------- /configs/platforms/osx-14-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-14-x86_64' do |plat| 2 | plat.inherit_from_default 3 | plat.output_dir File.join('apple', '14', 'puppet8', 'x86_64') 4 | end 5 | -------------------------------------------------------------------------------- /resources/osx/productbuild/resources/puppet-agent-Background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/resources/puppet-agent-Background.png -------------------------------------------------------------------------------- /.github/release.yml: -------------------------------------------------------------------------------- 1 | changelog: 2 | categories: 3 | - title: Features & Enhancements 4 | labels: 5 | - enhancement 6 | - title: Bug Fixes 7 | labels: 8 | - bug 9 | -------------------------------------------------------------------------------- /resources/files/windows/run_facter_interactive.bat: -------------------------------------------------------------------------------- 1 | @echo Running puppet on demand ... 2 | @echo off 3 | SETLOCAL 4 | call "%~dp0environment.bat" %0 %* 5 | @elevate.exe "%~dp0facter_interactive.bat" 6 | -------------------------------------------------------------------------------- /resources/files/windows/run_puppet_interactive.bat: -------------------------------------------------------------------------------- 1 | @echo Running puppet on demand ... 2 | @echo off 3 | SETLOCAL 4 | call "%~dp0environment.bat" %0 %* 5 | @elevate.exe "%~dp0puppet_interactive.bat" 6 | -------------------------------------------------------------------------------- /configs/platforms/osx-11-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-11-x86_64' do |plat| 2 | plat.inherit_from_default 3 | # PA-5471 override default 'osx' directory 4 | plat.output_dir File.join('apple', '11', 'puppet8', 'x86_64') 5 | end 6 | -------------------------------------------------------------------------------- /configs/platforms/osx-12-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-12-x86_64' do |plat| 2 | plat.inherit_from_default 3 | # PA-5471 override default 'osx' directory 4 | plat.output_dir File.join('apple', '12', 'puppet8', 'x86_64') 5 | end 6 | -------------------------------------------------------------------------------- /resources/files/README: -------------------------------------------------------------------------------- 1 | To install these files, copy them into ~/.vim, or the relevant 2 | system-wide location. To use the ftplugin and indenting, you may need 3 | to enable them with "filetype plugin indent on" in your vimrc. 4 | -------------------------------------------------------------------------------- /configs/platforms/fedora-36-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform 'fedora-36-x86_64' do |plat| 2 | plat.inherit_from_default 3 | 4 | packages = %w[binutils] 5 | plat.provision_with("/usr/bin/dnf install -y --best --allowerasing #{packages.join(' ')}") 6 | end 7 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-cron_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-cron_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-cron_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-host_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-host_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-host_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-zfs_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-zfs_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-zfs_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-mount_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-mount_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-mount_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-zone_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-zone_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-zone_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | 7 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-augeas_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-augeas_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-augeas_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-selinux_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-selinux_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-selinux_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-sshkeys_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-sshkeys_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-sshkeys_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-yumrepo_core.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-yumrepo_core" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-yumrepo_core.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/MacOS/puppet-agent-installer-plugin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/MacOS/puppet-agent-installer-plugin -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/en.lproj/InfoPlist.strings: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/en.lproj/InfoPlist.strings -------------------------------------------------------------------------------- /configs/components/module-puppetlabs-scheduled_task.rb: -------------------------------------------------------------------------------- 1 | component "module-puppetlabs-scheduled_task" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/module-puppetlabs-scheduled_task.json") 3 | 4 | instance_eval File.read("configs/components/_base-module.rb") 5 | end 6 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/en.lproj/Localizable.strings: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/en.lproj/Localizable.strings -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/puppet_agent_installer_plugin.nib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/puppet_agent_installer_plugin.nib -------------------------------------------------------------------------------- /configs/platforms/osx-13-arm64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-13-arm64' do |plat| 2 | plat.inherit_from_default 3 | packages = %w[cmake pkg-config yaml-cpp] 4 | plat.provision_with "su test -c '/opt/homebrew/bin/brew install #{packages.join(' ')}'" 5 | plat.output_dir File.join('apple', '13', 'puppet8', 'arm64') 6 | end 7 | -------------------------------------------------------------------------------- /configs/platforms/osx-14-arm64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-14-arm64' do |plat| 2 | plat.inherit_from_default 3 | packages = %w[cmake pkg-config yaml-cpp] 4 | plat.provision_with "su test -c '/opt/homebrew/bin/brew install #{packages.join(' ')}'" 5 | plat.output_dir File.join('apple', '14', 'puppet8', 'arm64') 6 | end 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | vendor/* 2 | output/* 3 | .bundle 4 | Gemfile.lock 5 | Gemfile.local 6 | *.log 7 | ext/build_metadata.* 8 | ext/packaging 9 | pkg/* 10 | *.swp 11 | acceptance/junit/* 12 | acceptance/log/* 13 | acceptance/tmp/* 14 | acceptance/merged_options.rb 15 | acceptance/.beaker/* 16 | ext/smoke/*output.txt 17 | *~ 18 | -------------------------------------------------------------------------------- /acceptance/tests/ffi.rb: -------------------------------------------------------------------------------- 1 | test_name 'FFI can be required' do 2 | 3 | tag 'audit:low', 4 | 'audit:acceptance' 5 | 6 | require 'puppet/acceptance/common_utils' 7 | 8 | agents.each do |agent| 9 | step "test require 'ffi'" 10 | on agent, "#{ruby_command(agent)} -e 'require \"ffi\"'" 11 | end 12 | end 13 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/Base.lproj/puppet_enterprise_installer_plugin.nib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/puppetlabs/puppet-agent/HEAD/resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/Base.lproj/puppet_enterprise_installer_plugin.nib -------------------------------------------------------------------------------- /configs/platforms/osx-12-arm64.rb: -------------------------------------------------------------------------------- 1 | platform 'osx-12-arm64' do |plat| 2 | plat.inherit_from_default 3 | packages = %w[cmake pkg-config yaml-cpp] 4 | plat.provision_with "su test -c '/usr/local/bin/brew install #{packages.join(' ')}'" 5 | # PA-5471 override default 'osx' directory 6 | plat.output_dir File.join('apple', '12', 'puppet8', 'arm64') 7 | end 8 | -------------------------------------------------------------------------------- /resources/files/windows/elevate.exe.config: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | -------------------------------------------------------------------------------- /configs/platforms/el-9-ppc64le.rb: -------------------------------------------------------------------------------- 1 | platform 'el-9-ppc64le' do |plat| 2 | plat.inherit_from_default 3 | 4 | packages = %w(gcc gcc-c++ autoconf automake createrepo rsync cmake make rpm-libs rpm-build libarchive) 5 | plat.provision_with "dnf install -y --allowerasing #{packages.join(' ')}" 6 | plat.install_build_dependencies_with 'dnf install -y --allowerasing ' 7 | plat.vmpooler_template 'redhat-9-power9' 8 | end 9 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_command_can_be_executed.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure facter command can be executed' do 2 | 3 | require 'puppet/acceptance/common_utils' 4 | 5 | facter = agent['platform'] =~ /win/ ? 'cmd /c facter' : 'facter' 6 | 7 | agents.each do |agent| 8 | step "test facter command" do 9 | on agent, "#{facter} --version", :acceptable_exit_codes => [0] 10 | end 11 | end 12 | end 13 | -------------------------------------------------------------------------------- /configs/platforms/el-7-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "el-7-x86_64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = ['make', 'rsync', 'rpm-build'] 7 | plat.provision_with "yum install --assumeyes #{packages.join(' ')}" 8 | plat.install_build_dependencies_with "yum install --assumeyes" 9 | plat.vmpooler_template "centos-7-x86_64" 10 | end 11 | -------------------------------------------------------------------------------- /configs/platforms/el-8-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "el-8-x86_64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = ['make', 'rsync', 'rpm-build'] 7 | plat.provision_with "dnf install -y --allowerasing #{packages.join(' ')}" 8 | plat.install_build_dependencies_with "dnf install -y --allowerasing " 9 | plat.inherit_from_default 10 | end 11 | -------------------------------------------------------------------------------- /resources/files/puppet-agent.sh: -------------------------------------------------------------------------------- 1 | # Add /opt/puppetlabs/bin to the path for sh compatible users 2 | 3 | if [ -z "${PATH-}" ] ; then 4 | export PATH=/opt/puppetlabs/bin 5 | elif ! echo "${PATH}" | grep -q /opt/puppetlabs/bin ; then 6 | export PATH="${PATH}:/opt/puppetlabs/bin" 7 | fi 8 | 9 | if ! echo "${MANPATH-}" | grep -q /opt/puppetlabs/puppet/share/man ; then 10 | export MANPATH="${MANPATH-}:/opt/puppetlabs/puppet/share/man" 11 | fi 12 | -------------------------------------------------------------------------------- /acceptance/tests/selinux.rb: -------------------------------------------------------------------------------- 1 | test_name 'PA-3067: Manage selinux' do 2 | 3 | tag 'audit:high', 4 | 'audit:acceptance' 5 | 6 | confine :to, :platform => /el-|fedora-|debian-|ubuntu-/ 7 | confine :except, :platform => /el-6/ 8 | 9 | require 'puppet/acceptance/common_utils' 10 | 11 | agents.each do |agent| 12 | step "test require 'selinux'" 13 | on agent, "#{ruby_command(agent)} -e 'require \"selinux\"'" 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /configs/platforms/redhatfips-7-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "redhatfips-7-x86_64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = ['make', 'rsync', 'rpm-build'] 7 | plat.provision_with "yum install --assumeyes #{packages.join(' ')}" 8 | plat.install_build_dependencies_with "yum install --assumeyes" 9 | plat.vmpooler_template "redhat-fips-7-x86_64" 10 | end 11 | -------------------------------------------------------------------------------- /resources/windows/wix/include/textstyles.wxi: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /configs/platforms/el-8-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "el-8-aarch64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = %w(gcc-c++ rsync make rpm-libs rpm-build) 7 | 8 | plat.provision_with "dnf install -y --allowerasing #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "dnf install -y --allowerasing " 10 | plat.vmpooler_template "redhat-8-arm64" 11 | end 12 | -------------------------------------------------------------------------------- /configs/platforms/el-9-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "el-9-aarch64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = %w(gcc-c++ rsync make rpm-libs rpm-build) 7 | 8 | plat.provision_with "dnf install -y --allowerasing #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "dnf install -y --allowerasing " 10 | plat.vmpooler_template "redhat-9-arm64" 11 | end 12 | -------------------------------------------------------------------------------- /configs/platforms/sles-12-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "sles-12-x86_64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = ['make', 'rsync', 'rpm-build'] 7 | plat.provision_with "zypper -n --no-gpg-checks install -y #{packages.join(' ')}" 8 | plat.install_build_dependencies_with "zypper -n --no-gpg-checks install -y" 9 | plat.vmpooler_template "sles-12-x86_64" 10 | end 11 | -------------------------------------------------------------------------------- /configs/platforms/sles-15-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "sles-15-x86_64" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | packages = ['make', 'rsync', 'rpm-build'] 7 | plat.provision_with "zypper -n --no-gpg-checks install -y #{packages.join(' ')}" 8 | plat.install_build_dependencies_with "zypper -n --no-gpg-checks install -y" 9 | plat.vmpooler_template "sles-15-x86_64" 10 | end 11 | -------------------------------------------------------------------------------- /configs/components/shellpath.rb: -------------------------------------------------------------------------------- 1 | component "shellpath" do |pkg, settings, platform| 2 | pkg.version "2023-02-15" 3 | pkg.add_source "file://resources/files/puppet-agent.sh", sum: "f5987a68adf3844ca15ba53813ad6f63" 4 | pkg.add_source "file://resources/files/puppet-agent.csh", sum: "62b360a7d15b486377ef6c7c6d05e881" 5 | pkg.install_file("./puppet-agent.sh", "/etc/profile.d/puppet-agent.sh") 6 | pkg.install_file("./puppet-agent.csh", "/etc/profile.d/puppet-agent.csh") 7 | end 8 | -------------------------------------------------------------------------------- /.github/workflows/jira.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Export issue to Jira 3 | 4 | on: 5 | issues: 6 | types: [labeled] 7 | 8 | permissions: 9 | issues: write 10 | 11 | jobs: 12 | export: 13 | uses: "puppetlabs/phoenix-github-actions/.github/workflows/jira.yml@main" 14 | with: 15 | jira-project: PA 16 | jira-base-url: ${{ vars.jira_base_url }} 17 | jira-user-email: ${{ vars.jira_user_email }} 18 | secrets: 19 | jira-api-token: ${{ secrets.JIRA_ISSUES_ACTION }} 20 | -------------------------------------------------------------------------------- /acceptance/.beaker.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ssh: 3 | keys: 4 | - id_rsa_acceptance 5 | - ~/.ssh/id_rsa-acceptance 6 | xml: true 7 | timesync: false 8 | repo_proxy: true 9 | add_el_extras: false 10 | forge_host: api-forge-aio02-petest.puppet.com 11 | 'master-start-curl-retries': 30 12 | log_level: debug 13 | preserve_hosts: onfail 14 | helper: ./lib/helper.rb 15 | options_file: ./config/aio/options.rb 16 | -------------------------------------------------------------------------------- /configs/platforms/solaris-11-i386.rb: -------------------------------------------------------------------------------- 1 | platform "solaris-11-i386" do |plat| 2 | plat.servicedir "/lib/svc/manifest" 3 | plat.defaultdir "/lib/svc/method" 4 | plat.servicetype "smf" 5 | plat.vmpooler_template "solaris-11-x86_64" 6 | plat.add_build_repository 'http://solaris-11-reposync.delivery.puppetlabs.net:81', 'puppetlabs.com' 7 | plat.install_build_dependencies_with "pkg install ", " || [[ $? -eq 4 ]]" 8 | # PA-5702 override default directory to exclude 'i386' directory 9 | plat.output_dir File.join("solaris", "11", "puppet8") 10 | end 11 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/InstallerSections.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | SectionOrder 6 | 7 | Introduction 8 | ReadMe 9 | License 10 | Target 11 | PackageSelection 12 | puppet-agent-installer-plugin.bundle 13 | Install 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /configs/platforms/debian-11-armhf.rb: -------------------------------------------------------------------------------- 1 | platform "debian-11-armhf" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "bullseye" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 10 | end 11 | -------------------------------------------------------------------------------- /configs/platforms/debian-12-armhf.rb: -------------------------------------------------------------------------------- 1 | platform "debian-12-armhf" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "bookworm" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 10 | end 11 | -------------------------------------------------------------------------------- /configs/platforms/solaris-11-sparc.rb: -------------------------------------------------------------------------------- 1 | platform "solaris-11-sparc" do |plat| 2 | plat.servicedir "/lib/svc/manifest" 3 | plat.defaultdir "/lib/svc/method" 4 | plat.servicetype "smf" 5 | plat.cross_compiled true 6 | plat.vmpooler_template "solaris-11-x86_64" 7 | plat.add_build_repository 'http://solaris-11-reposync.delivery.puppetlabs.net:81', 'puppetlabs.com' 8 | plat.install_build_dependencies_with "pkg install ", " || [[ $? -eq 4 ]]" 9 | # PA-5702 override default directory to exclude 'sparc' directory 10 | plat.output_dir File.join("solaris", "11", "puppet8") 11 | end 12 | -------------------------------------------------------------------------------- /acceptance/lib/puppet/acceptance/common_utils.rb: -------------------------------------------------------------------------------- 1 | module Puppet 2 | module Acceptance 3 | module CommandUtils 4 | def irb_command(host, type='aio') 5 | command(host, 'irb', type) 6 | end 7 | module_function :irb_command 8 | 9 | def command(host, cmd, type) 10 | return on(host, "which #{cmd}").stdout.chomp unless type == 'aio' 11 | return "env PATH=\"#{host['privatebindir']}:${PATH}\" cmd /c #{cmd}" if host['platform'] =~ /windows/ 12 | "env PATH=\"#{host['privatebindir']}:${PATH}\" #{cmd}" 13 | end 14 | end 15 | end 16 | end 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2014-2016 Puppet, Inc 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-18.04-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-18.04-amd64" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "bionic" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "apt-get install -qy --no-install-recommends " 10 | plat.vmpooler_template "ubuntu-1804-x86_64" 11 | end 12 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-20.04-aarch64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-20.04-aarch64" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "focal" 6 | 7 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends build-essential devscripts make quilt pkg-config debhelper rsync fakeroot cmake" 8 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 9 | plat.vmpooler_template "ubuntu-2004-arm64" 10 | end 11 | -------------------------------------------------------------------------------- /configs/platforms/debian-10-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "debian-10-amd64" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "buster" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 10 | plat.vmpooler_template "debian-10-x86_64" 11 | end 12 | -------------------------------------------------------------------------------- /configs/platforms/debian-10-armhf.rb: -------------------------------------------------------------------------------- 1 | platform "debian-10-armhf" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "buster" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 10 | plat.vmpooler_template "debian-10-armhf" 11 | end 12 | -------------------------------------------------------------------------------- /configs/platforms/sles-11-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "sles-11-x86_64" do |plat| 2 | plat.servicedir "/etc/init.d" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "sysv" 5 | plat.add_build_repository "http://osmirror.delivery.puppetlabs.net/sles-11-deps-x86_64/sles-11-deps-x86_64.repo" 6 | plat.add_build_repository "http://pl-build-tools.delivery.puppetlabs.net/yum/sles/11/x86_64/pl-build-tools-sles-11-x86_64.repo" 7 | plat.provision_with "zypper -n --no-gpg-checks install -y make rsync" 8 | plat.install_build_dependencies_with "zypper -n --no-gpg-checks install -y" 9 | plat.vmpooler_template "sles-11-x86_64" 10 | end -------------------------------------------------------------------------------- /resources/files/osx-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | unset DYLD_LIBRARY_PATH 4 | unset DYLD_INSERT_LIBRARIES 5 | unset GEM_HOME 6 | unset GEM_PATH 7 | unset DLN_LIBRARY_PATH 8 | unset RUBYLIB 9 | unset RUBYLIB_PREFIX 10 | unset RUBYOPT 11 | unset RUBYPATH 12 | unset RUBYSHELL 13 | 14 | # If $PATH does not match a regex for /opt/puppetlabs/bin 15 | if [ `expr "${PATH}" : '.*/opt/puppetlabs/bin'` -eq 0 ]; then 16 | # Add /opt/puppetlabs/bin to a possibly empty $PATH 17 | PATH="${PATH:+${PATH}:}/opt/puppetlabs/bin" 18 | export PATH 19 | fi 20 | 21 | COMMAND=`basename "${0}"` 22 | 23 | exec /opt/puppetlabs/puppet/bin/${COMMAND} "$@" 24 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/InstallerSections.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | SectionOrder 6 | 7 | Introduction 8 | ReadMe 9 | License 10 | Target 11 | PackageSelection 12 | puppet-agent-installer-plugin.bundle 13 | Install 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /configs/platforms/ubuntu-20.04-amd64.rb: -------------------------------------------------------------------------------- 1 | platform "ubuntu-20.04-amd64" do |plat| 2 | plat.servicedir "/lib/systemd/system" 3 | plat.defaultdir "/etc/default" 4 | plat.servicetype "systemd" 5 | plat.codename "focal" 6 | 7 | packages = ['build-essential', 'devscripts', 'rsync', 'fakeroot', 'debhelper'] 8 | plat.provision_with "export DEBIAN_FRONTEND=noninteractive; apt-get update -qq; apt-get install -qy --no-install-recommends #{packages.join(' ')}" 9 | plat.install_build_dependencies_with "DEBIAN_FRONTEND=noninteractive; apt-get install -qy --no-install-recommends " 10 | plat.vmpooler_template "ubuntu-2004-x86_64" 11 | end 12 | -------------------------------------------------------------------------------- /resources/files/aix-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | unset LIBPATH 4 | unset LDR_PRELOAD 5 | unset LDR_PRELOAD64 6 | unset LD_LIBRARY_PATH 7 | unset GEM_HOME 8 | unset GEM_PATH 9 | unset DLN_LIBRARY_PATH 10 | unset RUBYLIB 11 | unset RUBYLIB_PREFIX 12 | unset RUBYOPT 13 | unset RUBYPATH 14 | unset RUBYSHELL 15 | 16 | # If $PATH does not match a regex for /opt/puppetlabs/bin 17 | if [ `expr "${PATH}" : '.*/opt/puppetlabs/bin'` -eq 0 ]; then 18 | # Add /opt/puppetlabs/bin to a possibly empty $PATH 19 | PATH="${PATH:+${PATH}:}/opt/puppetlabs/bin" 20 | export PATH 21 | fi 22 | 23 | COMMAND=`basename "${0}"` 24 | 25 | exec /opt/puppetlabs/puppet/bin/${COMMAND} "$@" 26 | -------------------------------------------------------------------------------- /resources/windows/wix/directorylist.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | <%= @platform.generate_service_bin_dirs(self.get_services, self) %> 9 | 10 | 11 | 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source ENV['GEM_SOURCE'] || "https://rubygems.org" 2 | 3 | def location_for(place) 4 | if place =~ /^((?:git[:@]|https:)[^#]*)#(.*)/ 5 | [{ :git => $1, :branch => $2, :require => false }] 6 | elsif place =~ /^file:\/\/(.*)/ 7 | ['>= 0', { :path => File.expand_path($1), :require => false }] 8 | else 9 | [place, { :require => false }] 10 | end 11 | end 12 | 13 | gem 'vanagon', *location_for(ENV['VANAGON_LOCATION'] || '~> 0.24') 14 | gem 'packaging', *location_for(ENV['PACKAGING_LOCATION'] || '~> 0.105') 15 | gem 'artifactory' 16 | gem 'rake' 17 | gem 'json' 18 | gem 'octokit' 19 | gem 'rubocop', "~> 1.22" 20 | 21 | eval_gemfile("#{__FILE__}.local") if File.exist?("#{__FILE__}.local") 22 | -------------------------------------------------------------------------------- /configs/platforms/redhatfips-8-x86_64.rb: -------------------------------------------------------------------------------- 1 | platform "redhatfips-8-x86_64" do |plat| 2 | # Uncomment the lines below when a vanagon with defaults for this platform is released 3 | # plat.inherit_from_default 4 | # plat.clear_provisioning 5 | 6 | packages = %w(rpm-build rpmdevtools rsync yum-utils) 7 | plat.provision_with("dnf install -y --allowerasing #{packages.join(' ')}") 8 | 9 | # Delete everything below when a vanagon with defaults for this platform is released 10 | plat.servicedir "/usr/lib/systemd/system" 11 | plat.defaultdir "/etc/sysconfig" 12 | plat.servicetype "systemd" 13 | plat.install_build_dependencies_with "yum install --assumeyes" 14 | plat.vmpooler_template "redhat-fips-8-x86_64" 15 | end 16 | -------------------------------------------------------------------------------- /resources/osx/preinstall-extras: -------------------------------------------------------------------------------- 1 | ## This works around an issue with the OSX service names in 2 | ## puppet-agent. We're using a short service name intead of 3 | ## the fully qualified name (puppet instead of com.puppetlabs.puppet) 4 | 5 | ## Putting this workaround here until we can fix the service names in 6 | ## the next major version, at which point the more generic logic in 7 | ## vanagon will do the right thing 8 | 9 | if [ -n "$foundpkg" ]; then 10 | for service in "puppet" "pxp-agent" ; do 11 | if /bin/launchctl list "${service}" &> /dev/null; then 12 | touch "/tmp/.puppet-agent.upgrade/${service}" 13 | /bin/launchctl unload "/Library/LaunchDaemons/com.puppetlabs.${service}.plist" 14 | fi 15 | done 16 | fi 17 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_SCL_python_pip_works.rb: -------------------------------------------------------------------------------- 1 | test_name 'PUP-8351: Ensure pip provider works with RHSCL python' do 2 | confine :to, :platform => /centos-(6|7)-x86_64/ 3 | tag 'audit:medium', 4 | 'audit:acceptance' 5 | 6 | teardown do 7 | on agent, 'yum remove python27-python-pip -y' 8 | end 9 | 10 | step 'install and enable RHSCL python' do 11 | on agent, 'yum install centos-release-scl -y' 12 | on agent, 'yum install python27-python-pip -y' 13 | end 14 | 15 | step 'With with the SCL python enabled: Attempt \'resource package\' with a python package and the pip provider' do 16 | on(agent, 'source /opt/rh/python27/enable && puppet resource package vulture ensure=present provider=\'pip\'') 17 | end 18 | end 19 | -------------------------------------------------------------------------------- /acceptance/tests/module_install.rb: -------------------------------------------------------------------------------- 1 | test_name 'PA-3125: make sure we can install a forge module' do 2 | 3 | tag 'audit:high', 4 | 'audit:acceptance' 5 | 6 | require 'puppet/acceptance/common_utils' 7 | module_name = "puppetlabs/mailalias_core" 8 | agents.each do |agent| 9 | need_to_uninstall = false 10 | 11 | teardown do 12 | on agent, puppet("module", "uninstall", "--force", module_name) if need_to_uninstall 13 | end 14 | 15 | step "test we can install puppetlabs/mailalias_core forge module" do 16 | on agent, puppet("module", "install", module_name) do |result| 17 | need_to_uninstall = true unless result.stdout =~ /Module .* is already installed./ 18 | end 19 | end 20 | end 21 | end 22 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_macos_executables_are_signed.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure puppet executables are codesigned on mac OS' do 2 | confine :to, :platform => /osx/ 3 | tag 'audit:high' 4 | 5 | agents.each do |agent| 6 | [ 7 | '/opt/puppetlabs/bin/puppet', 8 | '/opt/puppetlabs/puppet/bin/puppet', 9 | '/opt/puppetlabs/puppet/bin/pxp-agent', 10 | '/opt/puppetlabs/puppet/bin/wrapper.sh' 11 | ].each do |path| 12 | step "test #{path}" do 13 | on(agent, "codesign -vv #{path}") do |result| 14 | output = result.output 15 | 16 | assert_match(/valid on disk/, output) 17 | assert_match(/satisfies its Designated Requirement/, output) 18 | end 19 | end 20 | end 21 | end 22 | end 23 | -------------------------------------------------------------------------------- /configs/platforms/el-8-ppc64le.rb: -------------------------------------------------------------------------------- 1 | platform "el-8-ppc64le" do |plat| 2 | plat.servicedir "/usr/lib/systemd/system" 3 | plat.defaultdir "/etc/sysconfig" 4 | plat.servicetype "systemd" 5 | 6 | # Workaround for an issue with RedHat subscription metadata, see ITSYS-2543 7 | plat.provision_with('subscription-manager repos --disable rhel-8-for-ppc64le-baseos-rpms && subscription-manager repos --enable rhel-8-for-ppc64le-baseos-rpms') 8 | 9 | packages = %w(gcc gcc-c++ autoconf automake createrepo rsync cmake make rpm-libs rpm-build libarchive) 10 | 11 | plat.provision_with "dnf install -y --allowerasing #{packages.join(' ')}" 12 | plat.install_build_dependencies_with "dnf install -y --allowerasing " 13 | plat.vmpooler_template "redhat-8-power8" 14 | end 15 | -------------------------------------------------------------------------------- /.github/workflows/backport.yml: -------------------------------------------------------------------------------- 1 | name: Backport merged pull request 2 | on: 3 | pull_request_target: 4 | types: [labeled] 5 | permissions: 6 | contents: write # so it can comment 7 | pull-requests: write # so it can create pull requests 8 | jobs: 9 | backport: 10 | name: Backport merged pull request 11 | runs-on: ubuntu-latest 12 | # For security reasons, we don't want to checkout and run arbitrary code when 13 | # using the pull_request_target trigger. So restrict this to cases where the 14 | # backport label is applied to an already merged PR. 15 | if: github.event.pull_request.merged && contains(github.event.label.name, 'backport') 16 | steps: 17 | - uses: actions/checkout@v4 18 | - name: Create backport pull requests 19 | uses: korthout/backport-action@v1 20 | -------------------------------------------------------------------------------- /resources/windows/wix/icon.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 12 | 13 | 14 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /configs/components/wrapper-script.rb: -------------------------------------------------------------------------------- 1 | # This component creates wrapper scripts to clean up the environment on UNIX platforms 2 | component "wrapper-script" do |pkg, settings, platform| 3 | 4 | pkg.add_source "file://resources/files/aix-wrapper.sh" 5 | pkg.add_source "file://resources/files/osx-wrapper.sh" 6 | pkg.add_source "file://resources/files/sysv-wrapper.sh" 7 | 8 | wrapper = "#{settings[:bindir]}/wrapper.sh" 9 | 10 | if platform.is_aix? 11 | pkg.install_file "aix-wrapper.sh", wrapper, mode: '0755' 12 | elsif platform.is_macos? 13 | pkg.install_file "osx-wrapper.sh", wrapper, mode: '0755' 14 | else 15 | pkg.install_file "sysv-wrapper.sh", wrapper, mode: '0755' 16 | end 17 | 18 | ["facter", "puppet", "pxp-agent"].each do |exe| 19 | pkg.link wrapper, "#{settings[:link_bindir]}/#{exe}" 20 | end 21 | end 22 | -------------------------------------------------------------------------------- /.github/workflows/checks.yaml: -------------------------------------------------------------------------------- 1 | name: Checks 2 | 3 | on: 4 | push: 5 | branches: [main] 6 | pull_request: 7 | branches: [main] 8 | 9 | permissions: 10 | contents: read 11 | 12 | jobs: 13 | rake_checks: 14 | name: Rake Checks 15 | runs-on: ubuntu-latest 16 | strategy: 17 | matrix: 18 | check: [ 'rubocop', 'commits' ] 19 | steps: 20 | - name: Checkout current PR 21 | uses: actions/checkout@v4 22 | with: 23 | fetch-depth: 0 24 | - name: Install Ruby version 3.3 25 | uses: ruby/setup-ruby@v1 26 | with: 27 | ruby-version: 3.3 28 | - name: Update rubygems and install gems 29 | run: | 30 | gem update --system --silent --no-document 31 | bundle install --jobs 4 --retry 3 32 | - run: bundle exec rake ${{ matrix.check }} -------------------------------------------------------------------------------- /resources/windows/wix/environment.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 7 | 8 | 9 | 14 | 22 | 23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /configs/components/puppet-resource_api.rb: -------------------------------------------------------------------------------- 1 | component "puppet-resource_api" do |pkg, settings, platform| 2 | pkg.load_from_json("configs/components/puppet-resource_api.json") 3 | 4 | pkg.build_requires "puppet-runtime" 5 | 6 | # Install into the directory for gems shared by puppet and puppetserver 7 | pkg.environment "GEM_HOME", settings[:puppet_gem_vendor_dir] 8 | 9 | # PA-25 in order to install gems in a cross-compiled environment we need to 10 | # set RUBYLIB to include puppet, so that its gemspec can resolve 11 | # puppet/version requires. Without this the gem install 12 | # will fail by blowing out the stack. 13 | pkg.environment "RUBYLIB", "#{settings[:ruby_vendordir]}:$(RUBYLIB)" 14 | 15 | pkg.build do 16 | ["#{settings[:host_gem]} build puppet-resource_api.gemspec"] 17 | end 18 | 19 | pkg.install do 20 | ["#{settings[:gem_install]} puppet-resource_api-*.gem"] 21 | end 22 | end 23 | -------------------------------------------------------------------------------- /acceptance/tests/test_manpage_clobber.rb: -------------------------------------------------------------------------------- 1 | test_name 'PA-2768: Extend manpath instead of overriding it' do 2 | 3 | tag 'audit:low', 4 | 'audit:acceptance' 5 | 6 | # shellpath scripts are only installed on linux, however macos knows how to find 7 | # man directories relative to the existing path 8 | confine :except, :platform => ['windows', 'aix', 'solaris'] 9 | 10 | agents.each do |agent| 11 | man_command = nil 12 | 13 | step 'test for man command' do 14 | on(agent, 'command -v man', :acceptable_exit_codes => [0, 1]) do |result| 15 | man_command = result.stdout.chomp 16 | end 17 | end 18 | 19 | skip_test "man command not found on #{agent.hostname} (#{agent.platform})" unless man_command 20 | 21 | step 'test if we have puppet manpages' do 22 | on(agent, "#{man_command} puppet") 23 | end 24 | 25 | step 'test if we have unix manpages' do 26 | on(agent, "#{man_command} ls") 27 | end 28 | end 29 | end 30 | -------------------------------------------------------------------------------- /resources/files/sysv-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # We keep around any paths in LD_LIBRARY_PATH that start with /opt/rh/. Those paths are 4 | # from redhat software collections packages and are required for things like SCL python 5 | # to work. See PUP-8351. 6 | STRIP_LDLYP_COMMAND=" \ 7 | if ENV['LD_LIBRARY_PATH']; \ 8 | print ENV['LD_LIBRARY_PATH'].split(':', -1).keep_if { |path| path.start_with?('/opt/rh/') }.join(':') \ 9 | end" 10 | LD_LIBRARY_PATH=`/opt/puppetlabs/puppet/bin/ruby -e "$STRIP_LDLYP_COMMAND"` 11 | export LD_LIBRARY_PATH 12 | unset LD_PRELOAD 13 | unset GEM_HOME 14 | unset GEM_PATH 15 | unset DLN_LIBRARY_PATH 16 | unset RUBYLIB 17 | unset RUBYLIB_PREFIX 18 | unset RUBYOPT 19 | unset RUBYPATH 20 | unset RUBYSHELL 21 | 22 | # If $PATH does not match a regex for /opt/puppetlabs/bin 23 | if [ `expr "${PATH}" : '.*/opt/puppetlabs/bin'` -eq 0 ]; then 24 | # Add /opt/puppetlabs/bin to a possibly empty $PATH 25 | PATH="${PATH:+${PATH}:}/opt/puppetlabs/bin" 26 | export PATH 27 | fi 28 | 29 | COMMAND=`basename "${0}"` 30 | 31 | exec /opt/puppetlabs/puppet/bin/${COMMAND} "$@" 32 | -------------------------------------------------------------------------------- /ext/smoke/README.md: -------------------------------------------------------------------------------- 1 | ## Release Validation 2 | 3 | These scripts will help with steps leading up to a new puppet-agent 4 | release. 5 | 6 | ### Overview 7 | 8 | This folder contains scripts to help with two smoke testing stages of 9 | the release process. 10 | 11 | #### Manually smoke test platform components installed from packages 12 | 13 | To run these smoke tests, check out 2 redhat-7-x86_64 VMs. 14 | Then run the `packages/run-smoke-test.sh` script as follows: 15 | 16 | ``` 17 | ./packages/run-smoke-test.sh 18 | 19 | ``` 20 | 21 | #### Manually smoke test platform components installed from shared respository 22 | 23 | These tests will ensure that released packages can run. There are two 24 | scenarios, one where puppetdb is installed via packages and one where 25 | puppetdb is installed via module. 26 | 27 | To run these smoke tests, check out 4 redhat-7-x86_64 VMs. 28 | Then run the `repos/run-smoke-test.sh` script as follows: 29 | 30 | ``` 31 | ./repos/run-smoke-test.sh 32 | ``` 33 | -------------------------------------------------------------------------------- /acceptance/tests/augeas_validation.rb: -------------------------------------------------------------------------------- 1 | skip_test 'non-windows only test' if hosts.any? { |host| host.platform =~ /windows/ } 2 | tag 'audit:high' 3 | test_name 'Augeas Validation' do 4 | teardown do 5 | hosts.each do |agent| 6 | file = <<-EOF 7 | augeas { 'test_ssh': 8 | lens => 'Ssh.lns', 9 | incl => '/etc/ssh/ssh_config', 10 | context => '/files/etc/ssh/ssh_config', 11 | changes => [ 12 | 'remove Host testing.testville.nil' 13 | ] 14 | } 15 | EOF 16 | on(agent, "puppet apply -e \"#{file}\"") 17 | end 18 | end 19 | 20 | hosts.each do |agent| 21 | step 'validate Augeas binary' do 22 | on(agent, '/opt/puppetlabs/puppet/bin/augtool --version') 23 | end 24 | step 'validate we can apply a resource type augeas' do 25 | file = <<-EOF 26 | augeas { 'test_ssh': 27 | lens => 'Ssh.lns', 28 | incl => '/etc/ssh/ssh_config', 29 | context => '/files/etc/ssh/ssh_config', 30 | changes => [ 31 | 'set Host testing.testville.nil' 32 | ] 33 | } 34 | EOF 35 | assert_equal(on(agent, "puppet apply -e \"#{file}\"").exit_code, 0, 'Puppet apply of the augeas resource returned a non-zero exit code') 36 | end 37 | end 38 | end 39 | -------------------------------------------------------------------------------- /resources/files/windows/environment.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | REM This is the parent directory of the directory containing this script (resolves to :install_root/Puppet) 3 | SET PL_BASEDIR=%~dp0.. 4 | REM Avoid the nasty \..\ littering the paths. 5 | SET PL_BASEDIR=%PL_BASEDIR:\bin\..=% 6 | 7 | SET PUPPET_DIR=%PL_BASEDIR%\puppet 8 | 9 | REM Set a fact so we can easily source the environment.bat file in the future. 10 | SET FACTER_env_windows_installdir=%PL_BASEDIR% 11 | 12 | REM Add puppet's bindirs to the PATH 13 | SET PATH=%PUPPET_DIR%\bin;%PL_BASEDIR%\bin;%PATH% 14 | 15 | REM Set the RUBY LOAD_PATH using the RUBYLIB environment variable 16 | SET RUBYLIB=%PUPPET_DIR%\lib;%RUBYLIB% 17 | 18 | REM Translate all slashes to / style to avoid issue #11930 19 | SET RUBYLIB=%RUBYLIB:\=/% 20 | 21 | REM Now return to the caller. 22 | 23 | REM Set SSL variables to ensure trusted locations are used 24 | SET SSL_CERT_FILE=%PUPPET_DIR%\ssl\cert.pem 25 | SET SSL_CERT_DIR=%PUPPET_DIR%\ssl\certs 26 | SET OPENSSL_CONF=%PUPPET_DIR%\ssl\openssl.cnf 27 | SET OPENSSL_CONF_INCLUDE=%PUPPET_DIR%\ssl 28 | SET OPENSSL_MODULES=%PUPPET_DIR%\lib\ossl-modules 29 | SET OPENSSL_ENGINES=%PUPPET_DIR%\lib\engines-3 30 | -------------------------------------------------------------------------------- /resources/windows/wix/wixvariables.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /.github/workflows/mend.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Mend Monitor 3 | on: 4 | push: 5 | branches: 6 | - 7.x 7 | - main 8 | jobs: 9 | mend_monitor: 10 | if: ${{ github.repository_owner == 'puppetlabs' }} 11 | runs-on: ubuntu-latest 12 | name: Mend Monitor 13 | steps: 14 | - name: Checkout current PR 15 | uses: actions/checkout@v4 16 | - name: Setup Ruby 17 | uses: ruby/setup-ruby@v1 18 | with: 19 | ruby-version: 2.7 20 | - name: Create lock 21 | run: bundle lock 22 | - uses: actions/setup-java@v3 23 | with: 24 | distribution: 'temurin' 25 | java-version: '17' 26 | - name: Download Mend 27 | run: curl -o wss-unified-agent.jar https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar 28 | - name: Run Mend 29 | run: java -jar wss-unified-agent.jar 30 | env: 31 | WS_APIKEY: ${{ secrets.MEND_API_KEY }} 32 | WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent 33 | WS_USERKEY: ${{ secrets.MEND_TOKEN }} 34 | WS_PRODUCTNAME: Puppet Agent 35 | WS_PROJECTNAME: ${{ github.event.repository.name }}-${{ github.ref_name }} 36 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_version_file.rb: -------------------------------------------------------------------------------- 1 | require 'puppet/acceptance/temp_file_utils' 2 | extend Puppet::Acceptance::TempFileUtils 3 | 4 | # ensure a version file is created according to the puppet-agent path specification: 5 | # https://github.com/puppetlabs/puppet-specifications/blob/master/file_paths.md 6 | 7 | test_name 'PA-466: Ensure version file is created on agent' do 8 | 9 | skip_test 'requires version file which is created by AIO' if [:gem, :git].include?(@options[:type]) 10 | 11 | step "test for existence of version file" do 12 | agents.each do |agent| 13 | platform = agent[:platform] 14 | ruby_arch = agent[:ruby_arch] || 'x86' # ruby_arch defaults to x86 if nil 15 | 16 | if platform =~ /windows/ 17 | version_file = platform =~ /-64$/ && ruby_arch == 'x86' ? 18 | "C:/Program Files (x86)/Puppet Labs/Puppet/VERSION" : 19 | "C:/Program Files/Puppet Labs/Puppet/VERSION" 20 | else 21 | version_file = "/opt/puppetlabs/puppet/VERSION" 22 | end 23 | 24 | if !file_exists?(agent, version_file) 25 | fail_test("Failed to find version file #{version_file} on agent #{agent}") 26 | end 27 | end 28 | end 29 | end 30 | 31 | -------------------------------------------------------------------------------- /acceptance/tests/env_windows_installdir_fact.rb: -------------------------------------------------------------------------------- 1 | # (PA-466) The env_windows_installdir fact is set as an environment variable 2 | # fact via environment.bat on Windows systems. Test to ensure it is both 3 | # present and accurate. 4 | test_name 'PA-466: Ensure env_windows_installdir fact is present and correct' do 5 | 6 | tag 'audit:high', # PE and modules rely on this fact in order to execute ruby, curl, etc 7 | 'audit:acceptance' 8 | 9 | confine :to, :platform => 'windows' 10 | 11 | require 'json' 12 | 13 | agents.each do |agent| 14 | step "test for presence/accuracy of fact on #{agent}" do 15 | platform = agent[:platform] 16 | ruby_arch = agent[:ruby_arch] || 'x86' # ruby_arch defaults to x86 if nil 17 | 18 | install_dir = platform =~ /-64$/ && ruby_arch == 'x86' ? 19 | "C:\\Program Files (x86)\\Puppet Labs\\Puppet" : 20 | "C:\\Program Files\\Puppet Labs\\Puppet" 21 | 22 | on agent, puppet('facts', '--render-as json') do |result| 23 | facts = JSON.parse(result.stdout) 24 | actual_value = facts["env_windows_installdir"] 25 | assert_equal(install_dir, actual_value, "env_windows_installdir fact did not match expected output") 26 | end 27 | end 28 | end 29 | end 30 | -------------------------------------------------------------------------------- /configs/platforms/windows-2012r2-x64.rb: -------------------------------------------------------------------------------- 1 | platform "windows-2012r2-x64" do |plat| 2 | plat.vmpooler_template "win-2012r2-x86_64" 3 | plat.servicetype 'windows' 4 | 5 | # We need to ensure we install chocolatey prior to adding any nuget repos. Otherwise, everything will fall over 6 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/generic/buildsources/windows/chocolatey/install-chocolatey.ps1" 7 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/api/nuget/nuget" 8 | 9 | # We don't want to install any packages from the chocolatey repo by accident 10 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe upgrade -y chocolatey --no-progress" 11 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe sources remove -name chocolatey" 12 | 13 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe install -y wixtoolset -version 3.14.1 -debug -x86 --no-progress --ignore-dependencies" 14 | 15 | plat.install_build_dependencies_with "C:/ProgramData/chocolatey/bin/choco.exe install -y --no-progress" 16 | 17 | plat.make "/usr/bin/make" 18 | plat.patch "TMP=/var/tmp /usr/bin/patch.exe --binary" 19 | 20 | plat.platform_triple "x86_64-w64-mingw32" 21 | 22 | plat.package_type "msi" 23 | plat.output_dir "windows" 24 | end 25 | -------------------------------------------------------------------------------- /configs/platforms/windows-2012r2-x86.rb: -------------------------------------------------------------------------------- 1 | platform "windows-2012r2-x86" do |plat| 2 | plat.vmpooler_template "win-2012r2-x86_64" 3 | plat.servicetype "windows" 4 | 5 | # We need to ensure we install chocolatey prior to adding any nuget repos. Otherwise, everything will fall over 6 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/generic/buildsources/windows/chocolatey/install-chocolatey.ps1" 7 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/api/nuget/nuget" 8 | 9 | # We don't want to install any packages from the chocolatey repo by accident 10 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe upgrade -y chocolatey --no-progress" 11 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe sources remove -name chocolatey" 12 | 13 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe install -y wixtoolset -version 3.14.1 -debug -x86 --no-progress --ignore-dependencies" 14 | 15 | plat.install_build_dependencies_with "C:/ProgramData/chocolatey/bin/choco.exe install -y --no-progress" 16 | 17 | plat.make "/usr/bin/make" 18 | plat.patch "TMP=/var/tmp /usr/bin/patch.exe --binary" 19 | 20 | plat.platform_triple "i686-w64-mingw32" 21 | 22 | plat.package_type "msi" 23 | plat.output_dir "windows" 24 | end 25 | -------------------------------------------------------------------------------- /resources/windows/wix/condition.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 7 | 8 | 9 | 10 | <%- if @platform.architecture == "x64" -%> 11 | 12 | 13 | = 601)]]> 14 | 15 | <%- else %> 16 | 17 | 18 | = 601)]]> 19 | 20 | 21 | 22 | 23 | 24 | 25 | <%- end -%> 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /acceptance/tests/puppet_facts.rb: -------------------------------------------------------------------------------- 1 | # Verify that -p loads external and custom facts from puppet locations 2 | test_name "C14783: puppet facts show loads facts from puppet" do 3 | tag 'audit:high' 4 | 5 | agents.each do |agent| 6 | external_dir = agent.puppet['pluginfactdest'] 7 | external_file = File.join(external_dir, "external.txt") 8 | custom_dir = File.join(agent.puppet['plugindest'], "facter") 9 | custom_file = File.join(custom_dir, 'custom.rb') 10 | 11 | teardown do 12 | agent.rm_rf(external_file) 13 | agent.rm_rf(custom_dir) 14 | end 15 | 16 | step "Agent #{agent}: create external fact" do 17 | agent.mkdir_p(external_dir) 18 | create_remote_file(agent, external_file, "external=external") 19 | end 20 | 21 | step "Agent #{agent}: create custom fact" do 22 | agent.mkdir_p(custom_dir) 23 | create_remote_file(agent, custom_file, "Facter.add(:custom) { setcode { 'custom' } }") 24 | end 25 | 26 | step "Agent #{agent}: verify facts" do 27 | on(agent, puppet("facts show external")) do |puppet_output| 28 | assert_match(/"external": "external"/, puppet_output.stdout.chomp) 29 | end 30 | 31 | on(agent, puppet("facts show custom")) do |puppet_output| 32 | assert_match(/"custom": "custom"/, puppet_output.stdout.chomp) 33 | end 34 | end 35 | end 36 | end 37 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Resources/puppet-agent-installer-plugin-Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | English 7 | CFBundleExecutable 8 | ${EXECUTABLE_NAME} 9 | CFBundleIconFile 10 | 11 | CFBundleIdentifier 12 | com.puppetlabs.${PRODUCT_NAME:rfc1034identifier} 13 | CFBundleInfoDictionaryVersion 14 | 6.0 15 | CFBundleName 16 | ${PRODUCT_NAME} 17 | CFBundlePackageType 18 | BNDL 19 | CFBundleShortVersionString 20 | 4.0 21 | CFBundleSignature 22 | ???? 23 | CFBundleVersion 24 | 2.0 25 | InstallerSectionTitle 26 | Configuration 27 | NSHumanReadableCopyright 28 | Copyright © 2015 Puppet Labs. All rights reserved. 29 | NSMainNibFile 30 | puppet_agent_installer_plugin 31 | NSPrincipalClass 32 | InstallerSection 33 | 34 | 35 | -------------------------------------------------------------------------------- /resources/patches/openssl/openssl-fips.cnf.patch: -------------------------------------------------------------------------------- 1 | --- a/openssl-fips.cnf 2023-05-02 16:52:22.883933027 +0000 2 | +++ b/openssl-fips.cnf 2023-05-02 16:52:16.213933118 +0000 3 | @@ -48,17 +48,18 @@ 4 | # fips provider. It contains a named section e.g. [fips_sect] which is 5 | # referenced from the [provider_sect] below. 6 | # Refer to the OpenSSL security policy for more information. 7 | -# .include fipsmodule.cnf 8 | +.include /opt/puppetlabs/puppet/ssl/fipsmodule.cnf 9 | 10 | [openssl_init] 11 | providers = provider_sect 12 | +alg_section = evp_properties 13 | 14 | # List of providers to load 15 | [provider_sect] 16 | default = default_sect 17 | # The fips section name should match the section name inside the 18 | # included fipsmodule.cnf. 19 | -# fips = fips_sect 20 | +fips = fips_sect 21 | 22 | # If no providers are activated explicitly, the default one is activated implicitly. 23 | # See man 7 OSSL_PROVIDER-default for more details. 24 | @@ -69,8 +70,11 @@ 25 | # OpenSSL may not work correctly which could lead to significant system 26 | # problems including inability to remotely access the system. 27 | [default_sect] 28 | -# activate = 1 29 | +activate = 1 30 | 31 | +# IMPORTANT: This ensures only FIPS algorithms are used, e.g. not MD5 32 | +[evp_properties] 33 | +default_properties = "fips=yes" 34 | 35 | #################################################################### 36 | [ ca ] 37 | -------------------------------------------------------------------------------- /resources/windows/wix/project.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 11 | 12 | Installer" 16 | Comments="<%= @homepage %>" 17 | Compressed="yes" 18 | Platform="<%= @platform.architecture %>" /> 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 30 | 31 | 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_puppet_facts_can_use_facter.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure puppet facts can use facter' do 2 | 3 | require 'puppet/acceptance/common_utils' 4 | 5 | agents.each do |agent| 6 | step 'test puppet facts with correct facter version' do 7 | on(agent, puppet('facts'), :acceptable_exit_codes => [0]) do |result| 8 | facter_major_version = Integer(JSON.parse(result.stdout)["facterversion"].split('.').first) 9 | assert(4 >= facter_major_version, "wrong facter version") 10 | end 11 | end 12 | 13 | step "test puppet facts with facter has all the dependencies installed" do 14 | on(agent, puppet('facts --debug'), :acceptable_exit_codes => [0]) do |result| 15 | if agent['platform'] =~ /win/ 16 | # exclude augeas as it is not provided on Windows 17 | unresolved_fact = result.stdout.match(/(resolving fact (?!augeas).+\, but)/) 18 | else 19 | unresolved_fact = result.stdout.match(/(resolving fact .+\, but)/) 20 | end 21 | 22 | assert_nil(unresolved_fact, "missing dependency for facter from: #{unresolved_fact.inspect}") 23 | end 24 | end 25 | 26 | step "test that stderr is empty on puppet facts'" do 27 | on(agent, puppet('facts'), :acceptable_exit_codes => [0]) do |result| 28 | assert_empty(result.stderr, "Expected `puppet facts` stderr to be empty") 29 | end 30 | end 31 | end 32 | end 33 | 34 | -------------------------------------------------------------------------------- /resources/windows/wix/users.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 13 | 14 | 15 | 20 | "LocalSystem"]]> 21 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /acceptance/Gemfile: -------------------------------------------------------------------------------- 1 | # Specifies a gem mirror; duplicated in acceptance setup 2 | # to ensure a similar environment on acceptance hosts. 3 | source ENV['GEM_SOURCE'] || 'https://rubygems.org' 4 | 5 | def location_for(place, fake_version = nil) 6 | if place =~ /^((?:git[:@]|https:)[^#]*)#(.*)/ 7 | [fake_version, { :git => $1, :branch => $2, :require => false }].compact 8 | elsif place =~ /^file:\/\/(.*)/ 9 | ['>= 0', { :path => File.expand_path($1), :require => false }] 10 | else 11 | [place, { :require => false }] 12 | end 13 | end 14 | 15 | gem "beaker", *location_for(ENV['BEAKER_VERSION'] || "~> 6") 16 | gem "beaker-puppet", *location_for(ENV['BEAKER_PUPPET_VERSION'] || "~> 4") 17 | gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION'] || "~> 2") 18 | gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || "~> 1") 19 | gem "beaker-vagrant", *location_for(ENV['BEAKER_VAGRANT_VERSION'] || "~> 0") 20 | gem "beaker-vmpooler", *location_for(ENV['BEAKER_VMPOOLER_VERSION'] || "~> 1") 21 | gem "beaker-vcloud", *location_for(ENV['BEAKER_VCLOUD_VERSION'] || "~> 1") 22 | gem "rake", ">= 12.3.3" 23 | gem "httparty", :require => false 24 | gem 'uuidtools', :require => false 25 | 26 | group(:test) do 27 | gem "rspec", "~> 2.14.0", :require => false 28 | gem "mocha", "~> 0.10.5", :require => false 29 | end 30 | if File.exist? "#{__FILE__}.local" 31 | eval(File.read("#{__FILE__}.local"), binding) 32 | end 33 | -------------------------------------------------------------------------------- /configs/platforms/aix-7.2-ppc.rb: -------------------------------------------------------------------------------- 1 | platform "aix-7.2-ppc" do |plat| 2 | plat.servicetype "aix" 3 | 4 | plat.make "gmake" 5 | plat.tar "/opt/freeware/bin/tar" 6 | plat.rpmbuild "/usr/bin/rpm" 7 | plat.patch "/opt/freeware/bin/patch" 8 | 9 | # Basic vanagon operations require mktemp, rsync, coreutils, make, tar and sed so leave this in there 10 | plat.provision_with "rpm -Uvh --replacepkgs http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/mktemp-1.7-1.aix5.1.ppc.rpm http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/rsync-3.0.6-1.aix5.3.ppc.rpm http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/coreutils-5.2.1-2.aix5.1.ppc.rpm http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/sed-4.1.1-1.aix5.1.ppc.rpm http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/make-3.80-1.aix5.1.ppc.rpm http://osmirror.delivery.puppetlabs.net/AIX_MIRROR/tar-1.22-1.aix6.1.ppc.rpm" 11 | 12 | # lots of things expect mktemp to be installed in the usual place, so link it 13 | plat.provision_with "ln -sf /opt/freeware/bin/mktemp /usr/bin/mktemp" 14 | 15 | # We use --force with rpm because the pl-gettext and pl-autoconf 16 | # packages conflict with a charset.alias file. 17 | # 18 | # Until we get those packages to not conflict (or we remove the need 19 | # for pl-autoconf) we'll need to force the installation 20 | # Sean P. McD. 21 | plat.install_build_dependencies_with "rpm -Uvh --replacepkgs --force " 22 | plat.vmpooler_template "aix-7.2-power" 23 | end 24 | -------------------------------------------------------------------------------- /resources/windows/wix/componentgroup.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | <%- get_services.each do |service| -%> 14 | 15 | <%- end -%> 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /configs/components/facter.rb: -------------------------------------------------------------------------------- 1 | component "facter" do |pkg, settings, platform| 2 | pkg.load_from_json('configs/components/facter.json') 3 | 4 | pkg.build_requires 'puppet-runtime' # Provides ruby and rubygem-deep-merge 5 | 6 | flags = " --bindir=#{settings[:bindir]} \ 7 | --sitelibdir=#{settings[:ruby_vendordir]} \ 8 | --mandir=#{settings[:mandir]} \ 9 | --ruby=#{File.join(settings[:bindir], 'ruby')} " 10 | 11 | if platform.is_windows? 12 | pkg.add_source("file://resources/files/windows/facter.bat", sum: "eabed128c7160289790a2b59a84a9a13") 13 | pkg.add_source("file://resources/files/windows/facter_interactive.bat", sum: "20a1c0bc5368ffb24980f42432f1b372") 14 | pkg.add_source("file://resources/files/windows/run_facter_interactive.bat", sum: "c5e0c0a80e5c400a680a06a4bac8abd4") 15 | 16 | pkg.install_file "../facter.bat", "#{settings[:link_bindir]}/facter.bat" 17 | pkg.install_file "../facter_interactive.bat", "#{settings[:link_bindir]}/facter_interactive.bat" 18 | pkg.install_file "../run_facter_interactive.bat", "#{settings[:link_bindir]}/run_facter_interactive.bat" 19 | end 20 | 21 | pkg.install do 22 | ["#{settings[:host_ruby]} install.rb \ 23 | --no-batch-files \ 24 | --no-configs \ 25 | #{flags}"] 26 | end 27 | 28 | pkg.install_file "facter.gemspec", "#{settings[:gem_home]}/specifications/#{pkg.get_name}-#{pkg.get_version_forced}.gemspec" 29 | 30 | if platform.is_windows? 31 | pkg.directory File.join(settings[:sysconfdir], 'facter', 'facts.d') 32 | else 33 | pkg.directory File.join(settings[:install_root], 'facter', 'facts.d') 34 | end 35 | end 36 | -------------------------------------------------------------------------------- /configs/components/cleanup.rb: -------------------------------------------------------------------------------- 1 | # This component exists only to remove unnecessary files that bloat the final puppet-agent package. 2 | component "cleanup" do |pkg, settings, platform| 3 | unless settings[:dev_build] 4 | # Unless the settings specify that this is a development build, remove 5 | # unneeded header files (boost headers, for example, increase the size of 6 | # the package to an unacceptable degree). 7 | # 8 | # Note that: 9 | # - Ruby is not in this list because its headers are required to build native 10 | # extensions for gems. 11 | # - Curl and OpenSSL are not in this list because their headers are 12 | # required to build other libraries (e.g. libssh2 and libgit2) in other 13 | # projects that rely on puppet-agent (e.g. pe-r10k-vanagon). 14 | unwanted_headers = ["augeas.h", "boost", "cpp-pcp-client", "fa.h", 15 | "facter", "hocon", "leatherman", "libexslt", "libxml2", 16 | "libxslt", "whereami", "yaml-cpp"] 17 | 18 | # We need a full path on windows because /usr/bin is not in the PATH at this point 19 | rm = platform.is_windows? ? '/usr/bin/rm' : 'rm' 20 | 21 | cleanup_steps = [ 22 | unwanted_headers.map { |h| "#{rm} -rf #{settings[:includedir]}/#{h}" }, 23 | # Also remove OpenSSL manpages 24 | "#{rm} -rf #{settings[:prefix]}/ssl/man", 25 | ] 26 | 27 | if platform.is_windows? 28 | # On Windows releases that distribute curl, these curl binaries can 29 | # interfere with the native ones when puppet-agent's bindir is in the PATH: 30 | cleanup_steps << "#{rm} #{settings[:bindir]}/curl*" 31 | end 32 | 33 | cleanup_steps << "#{rm} -rf #{settings[:service_conf]}" 34 | 35 | pkg.install { cleanup_steps } 36 | end 37 | end 38 | -------------------------------------------------------------------------------- /resources/osx/productbuild/plugins/puppet-agent-installer-plugin.bundle/Contents/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | BuildMachineOSBuild 6 | 14E46 7 | CFBundleDevelopmentRegion 8 | English 9 | CFBundleExecutable 10 | puppet-agent-installer-plugin 11 | CFBundleIdentifier 12 | com.puppetlabs.puppet-agent-installer-plugin 13 | CFBundleInfoDictionaryVersion 14 | 6.0 15 | CFBundleName 16 | puppet-agent-installer-plugin 17 | CFBundlePackageType 18 | BNDL 19 | CFBundleShortVersionString 20 | 4.0 21 | CFBundleSignature 22 | ???? 23 | CFBundleVersion 24 | 2.0 25 | DTCompiler 26 | com.apple.compilers.llvm.clang.1_0 27 | DTPlatformBuild 28 | 6E35b 29 | DTPlatformVersion 30 | GM 31 | DTSDKBuild 32 | 14D125 33 | DTSDKName 34 | macosx10.12 35 | DTXcode 36 | 0640 37 | DTXcodeBuild 38 | 6E35b 39 | InstallerSectionTitle 40 | Configuration 41 | NSHumanReadableCopyright 42 | Copyright © 2015 Puppet Labs. All rights reserved. 43 | NSMainNibFile 44 | puppet_agent_installer_plugin 45 | NSPrincipalClass 46 | InstallerSection 47 | 48 | 49 | -------------------------------------------------------------------------------- /resources/osx/postinstall-extras: -------------------------------------------------------------------------------- 1 | function set_answers(){ 2 | if [ -z "${HOME}" ] ; then 3 | HOME="/var/root" 4 | fi 5 | 6 | if [ -z "${answers_dir}" ] ; then 7 | answers_dir="${HOME}/Library/Caches/puppet-agent-installer" 8 | fi 9 | 10 | if [ -z "${answers}" ] ; then 11 | answers="${answers_dir}/PuppetagentInterviewConfiguration.txt" 12 | fi 13 | } 14 | 15 | function remove_answers(){ 16 | if [ -d "${answers_dir}" ] ; then 17 | /bin/rm -rf "${answers_dir}" 18 | fi 19 | } 20 | 21 | function setup_puppet(){ 22 | if [ -f "${answers}" ] && [ -r "${answers}" ] ; then 23 | echo "Setting up puppet" 24 | source "${answers}" 25 | 26 | if [ -n "${PUPPET_MASTER_HOSTNAME}" ] ; then 27 | /opt/puppetlabs/bin/puppet config set server "${PUPPET_MASTER_HOSTNAME}" 28 | else 29 | echo "No value to set for Puppet Master (server)...skipping. This is default on first time command line installs." 30 | fi 31 | if [ -n "${PUPPET_AGENT_CERTNAME}" ] ; then 32 | /opt/puppetlabs/bin/puppet config set certname "${PUPPET_AGENT_CERTNAME}" 33 | else 34 | echo "No value to set for Puppet Agent Certname (certname)...skipping. This is the default on first time command line installs." 35 | fi 36 | else 37 | echo "No interview configuration file found, skipping initial setup of puppet.conf. This is the default on first time command line installs." 38 | fi 39 | } 40 | 41 | function reload_services(){ 42 | for service in "puppet" "pxp-agent" ; do 43 | if [ -f "/tmp/.puppet-agent.upgrade/${service}" ] ; then 44 | /bin/launchctl load -F "/Library/LaunchDaemons/com.puppetlabs.${service}.plist" 45 | fi 46 | done 47 | } 48 | 49 | if [ -d "/tmp/.puppet-agent.upgrade" ]; then 50 | set_answers 51 | setup_puppet 52 | remove_answers 53 | reload_services 54 | fi 55 | -------------------------------------------------------------------------------- /acceptance/tests/validate_vendored_modules.rb: -------------------------------------------------------------------------------- 1 | def vendor_modules_path(host) 2 | case host['platform'] 3 | when /windows/ 4 | "'C:\\Program Files\\Puppet Labs\\Puppet\\puppet\\vendor_modules;C:\\Program Files (x86)\\Puppet Labs\\Puppet\\puppet\\vendor_modules'" 5 | else 6 | '/opt/puppetlabs/puppet/vendor_modules/' 7 | end 8 | end 9 | 10 | test_name "PA-1998: Validate that vendored modules are installed" do 11 | step "'module list' lists the vendored modules and reports no missing dependencies" do 12 | agents.each do |agent| 13 | vendor_modules = vendor_modules_path(agent) 14 | on(agent, puppet("module --modulepath=#{vendor_modules} list")) do |result| 15 | refute_empty(result.stdout.strip, "Expected to find vendor modules in #{vendor_modules}, but the directory did not exist") 16 | refute_match(/no modules installed/i, result.stdout, "Expected to find vendor modules in #{vendor_modules}, but the directory was empty") 17 | refute_match(/Missing dependency/i, result.stderr, "Some vendored module dependencies are missing in #{vendor_modules}") 18 | end 19 | end 20 | end 21 | 22 | step "`describe --list` lists vendored module types" do 23 | vendored_types = %w[ 24 | augeas 25 | cron 26 | host 27 | mount 28 | scheduled_task 29 | selboolean 30 | selmodule 31 | ssh_authorized_key 32 | sshkey 33 | yumrepo 34 | zfs 35 | zone 36 | zpool 37 | ] 38 | agents.each do |agent| 39 | on(agent, puppet("describe --modulepath=#{vendor_modules_path(agent)} --list")) do |result| 40 | vendored_types.each do |type| 41 | assert_match(/#{type}/, result.stdout, "Vendored module type `#{type}` didn't appear in the list of known types") 42 | end 43 | end 44 | end 45 | end 46 | end 47 | -------------------------------------------------------------------------------- /configs/platforms/windowsfips-2016-x64.rb: -------------------------------------------------------------------------------- 1 | platform "windowsfips-2016-x64" do |plat| 2 | plat.vmpooler_template 'win-2016-fips-x86_64' 3 | plat.servicetype 'windows' 4 | 5 | # We need to ensure we install chocolatey prior to adding any nuget repos. Otherwise, everything will fall over 6 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/generic/buildsources/windows/chocolatey/install-chocolatey-1.4.0.ps1" 7 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe feature enable -n useFipsCompliantChecksums" 8 | 9 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/api/nuget/nuget" 10 | 11 | # We don't want to install any packages from the chocolatey repo by accident 12 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe sources remove -name chocolatey" 13 | 14 | # Install 7zip from chocolatey since it does not come pre-installed in the windowsfips-2016 VM. 15 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe install -y -debug 7zip.install" 16 | 17 | #FIXME we need Fips Compliant Wix, currently not in choco repositories 18 | plat.provision_with "curl -L --fail --retry 3 -o /tmp/wix314-binaries.zip https://artifactory.delivery.puppetlabs.net/artifactory/generic__buildsources/buildsources/wix314-binaries.zip && \"C:/Program Files/7-Zip/7z.exe\" x -y -o\"C:/Program Files (x86)/WiX Toolset v3.14/bin\" C:/cygwin64/tmp/wix314-binaries.zip && rm /tmp/wix314-binaries.zip && SETX WIX \"C:\\Program Files (x86)\\WiX Toolset v3.14\" /M" 19 | 20 | plat.install_build_dependencies_with "C:/ProgramData/chocolatey/bin/choco.exe install -y --no-progress" 21 | 22 | plat.make "/usr/bin/make" 23 | plat.patch "TMP=/var/tmp /usr/bin/patch.exe --binary" 24 | 25 | plat.platform_triple "x86_64-w64-mingw32" 26 | 27 | plat.package_type "msi" 28 | plat.output_dir "windowsfips" 29 | end 30 | -------------------------------------------------------------------------------- /configs/platforms/windowsfips-2012r2-x64.rb: -------------------------------------------------------------------------------- 1 | platform "windowsfips-2012r2-x64" do |plat| 2 | plat.vmpooler_template 'win-2012r2-fips-x86_64' 3 | plat.servicetype 'windows' 4 | 5 | # We need to ensure we install chocolatey prior to adding any nuget repos. Otherwise, everything will fall over 6 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/generic/buildsources/windows/chocolatey/install-chocolatey.ps1" 7 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe feature enable -n useFipsCompliantChecksums" 8 | 9 | plat.add_build_repository "https://artifactory.delivery.puppetlabs.net/artifactory/api/nuget/nuget" 10 | 11 | # We don't want to install any packages from the chocolatey repo by accident 12 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe upgrade -y chocolatey --no-progress" 13 | plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe sources remove -name chocolatey" 14 | 15 | #FIXME we need Fips Compliant Wix, currently not in choco repositories 16 | #plat.provision_with "C:/ProgramData/chocolatey/bin/choco.exe install -y Wix310 -version 3.10.2 -debug -x86 --no-progress" 17 | plat.provision_with "curl -L --fail --retry 3 -o /tmp/wix314-binaries.zip https://artifactory.delivery.puppetlabs.net/artifactory/generic__buildsources/buildsources/wix314-binaries.zip && \"C:/Program Files/7-Zip/7z.exe\" x -y -o\"C:/Program Files (x86)/WiX Toolset v3.14/bin\" C:/cygwin64/tmp/wix314-binaries.zip && rm /tmp/wix314-binaries.zip && SETX WIX \"C:\\Program Files (x86)\\WiX Toolset v3.14\" /M" 18 | 19 | plat.install_build_dependencies_with "C:/ProgramData/chocolatey/bin/choco.exe install -y --no-progress" 20 | 21 | plat.make "/usr/bin/make" 22 | plat.patch "TMP=/var/tmp /usr/bin/patch.exe --binary" 23 | 24 | plat.platform_triple "x86_64-w64-mingw32" 25 | 26 | plat.package_type "msi" 27 | plat.output_dir "windowsfips" 28 | end 29 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/WarningDlg.wxs: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 1 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /resources/files/indent/indent_puppet.vim: -------------------------------------------------------------------------------- 1 | " Vim indent file 2 | " Language: Puppet 3 | " Maintainer: Todd Zullinger 4 | " Last Change: 2009 Aug 19 5 | " vim: set sw=4 sts=4: 6 | 7 | if exists("b:did_indent") 8 | finish 9 | endif 10 | let b:did_indent = 1 11 | 12 | setlocal autoindent smartindent 13 | setlocal indentexpr=GetPuppetIndent() 14 | setlocal indentkeys+=0],0) 15 | 16 | if exists("*GetPuppetIndent") 17 | finish 18 | endif 19 | 20 | " Check if a line is part of an include 'block', e.g.: 21 | " include foo, 22 | " bar, 23 | " baz 24 | function! s:PartOfInclude(lnum) 25 | let lnum = a:lnum 26 | while lnum 27 | let lnum = lnum - 1 28 | let line = getline(lnum) 29 | if line !~ ',$' 30 | break 31 | endif 32 | if line =~ '^\s*include\s\+[^,]\+,$' 33 | return 1 34 | endif 35 | endwhile 36 | return 0 37 | endfunction 38 | 39 | function! s:OpenBrace(lnum) 40 | call cursor(a:lnum, 1) 41 | return searchpair('{\|\[\|(', '', '}\|\]\|)', 'nbW') 42 | endfunction 43 | 44 | function! GetPuppetIndent() 45 | let pnum = prevnonblank(v:lnum - 1) 46 | if pnum == 0 47 | return 0 48 | endif 49 | 50 | let line = getline(v:lnum) 51 | let pline = getline(pnum) 52 | let ind = indent(pnum) 53 | 54 | if pline =~ '^\s*#' 55 | return ind 56 | endif 57 | 58 | if pline =~ '\({\|\[\|(\|:\)$' 59 | let ind += &sw 60 | elseif pline =~ ';$' && pline !~ '[^:]\+:.*[=+]>.*' 61 | let ind -= &sw 62 | elseif pline =~ '^\s*include\s\+.*,$' 63 | let ind += &sw 64 | endif 65 | 66 | if pline !~ ',$' && s:PartOfInclude(pnum) 67 | let ind -= &sw 68 | endif 69 | 70 | " Match } }, }; ] ]: ) 71 | if line =~ '^\s*\(}\(,\|;\)\?$\|]:\?$\|)\)' 72 | let ind = indent(s:OpenBrace(v:lnum)) 73 | endif 74 | 75 | return ind 76 | endfunction 77 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_simple_external_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for simple external fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_facts_dir = File.join(foo_module_dir, 'facts.d') 15 | 16 | step 'create module directories' do 17 | agent.mkdir_p(foo_facts_dir) 18 | end 19 | 20 | teardown do 21 | agent.rm_rf(foo_module_dir) 22 | end 23 | 24 | step 'create simple external fact' do 25 | create_remote_file(agent, File.join(foo_facts_dir, "my_fizz_fact.txt"),'fizz=buzz') 26 | end 27 | 28 | step 'check that external fact is visible to puppet in $facts' do 29 | on agent, puppet("apply -e 'notice(\$facts[\"fizz\"])'") do |output| 30 | assert_match(/Notice: .*: buzz/, output.stdout) 31 | end 32 | end 33 | 34 | step 'check that external fact is visible to puppet in $facts.dig' do 35 | on agent, puppet("apply -e 'notice(\$facts.dig(\"fizz\"))'") do |output| 36 | assert_match(/Notice: .*: buzz/, output.stdout) 37 | end 38 | end 39 | 40 | step 'check that external fact is visible to puppet in $facts.get' do 41 | on agent, puppet("apply -e 'notice(\$facts.get(\"fizz\"))'") do |output| 42 | assert_match(/Notice: .*: buzz/, output.stdout) 43 | end 44 | end 45 | 46 | step 'check that external fact is visible to puppet in getvar' do 47 | on agent, puppet("apply -e 'notice(getvar(\"facts.fizz\"))'") do |output| 48 | assert_match(/Notice: .*: buzz/, output.stdout) 49 | end 50 | end 51 | end 52 | end 53 | -------------------------------------------------------------------------------- /acceptance/tests/windows_eventlog.rb: -------------------------------------------------------------------------------- 1 | test_name "Write to Windows eventlog" 2 | 3 | tag 'audit:medium', # core feature, high impact, but low risk 4 | 'audit:refactor', # Use block style `test_name` 5 | 'audit:acceptance' # unclear if this is an important packaging level feature 6 | # test (warrants acceptance level) that wouldn't also be 7 | # caught by other test (perhaps combine with other tests), 8 | # or if the functionality is assumed by other acceptance tests 9 | # (then this test can be deleted), or if packaging can be 10 | # assumed and the logging functionality can be tested at the 11 | # integration level. 12 | 13 | confine :to, :platform => 'windows' 14 | 15 | require 'puppet/acceptance/common_utils' 16 | extend Puppet::Acceptance::CommandUtils 17 | 18 | agents.each do |agent| 19 | # get remote time 20 | # https://msdn.microsoft.com/en-us/library/aa394226(v=vs.85).aspx 21 | # set Microsecond and time zone offset both to 0 22 | now = on(agent, "#{ruby_command(agent)} -e \"puts Time.now.utc.strftime('%Y%m%d%H%M%S.000000-000')\"").stdout.chomp 23 | 24 | # generate an error, no master on windows boxes 25 | # we use `agent` because it creates an eventlog log destination by default, 26 | # whereas `apply` does not. 27 | on(agent, puppet('agent', '--server', '127.0.0.1', '--test'), :acceptable_exit_codes => [1]) 28 | 29 | # make sure there's a Puppet error message in the log 30 | # cygwin + ssh + wmic hangs trying to read stdin, so echo '' | 31 | on(agent, "cmd /c echo '' | wmic ntevent where \"LogFile='Application' and SourceName='Puppet' and TimeWritten >= '#{now}'\" get Message,Type /format:csv") do |result| 32 | fail_test "Event not found in Application event log" unless 33 | result.stdout.include?('target machine actively refused it. - connect(2) for "127.0.0.1"') 34 | end 35 | end 36 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_dotted_external_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for dotted external fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_facts_dir = File.join(foo_module_dir, 'facts.d') 15 | 16 | step 'create module directories' do 17 | agent.mkdir_p(foo_facts_dir) 18 | end 19 | 20 | teardown do 21 | agent.rm_rf(foo_module_dir) 22 | end 23 | 24 | step 'create simple external fact' do 25 | create_remote_file(agent, File.join(foo_facts_dir, "my_fizz_fact.txt"),'f.i.z.z=buzz') 26 | end 27 | 28 | step 'check that external fact is visible to puppet in $facts' do 29 | on agent, puppet("apply -e 'notice(\$facts[\"f.i.z.z\"])'") do |output| 30 | assert_match(/Notice: .*: buzz/, output.stdout) 31 | end 32 | end 33 | 34 | step 'check that external fact is visible to puppet in $facts.dig' do 35 | on agent, puppet("apply -e 'notice(\$facts.dig(\"f.i.z.z\"))'") do |output| 36 | assert_match(/Notice: .*: buzz/, output.stdout) 37 | end 38 | end 39 | 40 | step 'check that external fact is visible to puppet in $facts.get' do 41 | on agent, puppet("apply -e 'notice(\$facts.get(\"\\\"f.i.z.z\\\"\"))'") do |output| 42 | assert_match(/Notice: .*: buzz/, output.stdout) 43 | end 44 | end 45 | 46 | step 'check that external fact is visible to puppet in getvar' do 47 | on agent, puppet("apply -e 'notice(getvar(\"facts.\\\"f.i.z.z\\\"\"))'") do |output| 48 | assert_match(/Notice: .*: buzz/, output.stdout) 49 | end 50 | end 51 | end 52 | end 53 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_simple_custom_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for simple xustom fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | foo_module_dir = File.join(module_path, 'foo') 13 | foo_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 14 | 15 | step 'create module directories' do 16 | agent.mkdir_p(foo_facts_dir) 17 | end 18 | 19 | teardown do 20 | agent.rm_rf(foo_module_dir) 21 | end 22 | 23 | step 'create simple custom fact' do 24 | create_remote_file(agent, File.join(foo_facts_dir, "my_fizz_fact.rb"), <<-FILE) 25 | Facter.add(:fizz) do 26 | setcode do 27 | 'buzz' 28 | end 29 | end 30 | FILE 31 | end 32 | 33 | step 'check that custom fact is visible to puppet in $facts' do 34 | on agent, puppet("apply -e 'notice(\$facts[\"fizz\"])'") do |output| 35 | assert_match(/Notice: .*: buzz/, output.stdout) 36 | end 37 | end 38 | 39 | step 'check that custom fact is visible to puppet in $facts.dig' do 40 | on agent, puppet("apply -e 'notice(\$facts.dig(\"fizz\"))'") do |output| 41 | assert_match(/Notice: .*: buzz/, output.stdout) 42 | end 43 | end 44 | 45 | step 'check that custom fact is visible to puppet in $facts.get' do 46 | on agent, puppet("apply -e 'notice(\$facts.get(\"fizz\"))'") do |output| 47 | assert_match(/Notice: .*: buzz/, output.stdout) 48 | end 49 | end 50 | 51 | step 'check that custom fact is visible to puppet in getvar' do 52 | on agent, puppet("apply -e 'notice(getvar(\"facts.fizz\"))'") do |output| 53 | assert_match(/Notice: .*: buzz/, output.stdout) 54 | end 55 | end 56 | end 57 | end 58 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_dotted_custom_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for dotted custom fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | 16 | step 'create module directories' do 17 | agent.mkdir_p(foo_facts_dir) 18 | end 19 | 20 | teardown do 21 | agent.rm_rf(foo_module_dir) 22 | end 23 | 24 | step 'create simple custom fact' do 25 | create_remote_file(agent, File.join(foo_facts_dir, "my_fizz_fact.rb"), <<-FILE) 26 | Facter.add('f.i.z.z') do 27 | setcode do 28 | 'buzz' 29 | end 30 | end 31 | FILE 32 | end 33 | 34 | step 'check that custom fact is visible to puppet in $facts' do 35 | on agent, puppet("apply -e 'notice(\$facts[\"f.i.z.z\"])'") do |output| 36 | assert_match(/Notice: .*: buzz/, output.stdout) 37 | end 38 | end 39 | 40 | step 'check that custom fact is visible to puppet in $facts.dig' do 41 | on agent, puppet("apply -e 'notice(\$facts.dig(\"f.i.z.z\"))'") do |output| 42 | assert_match(/Notice: .*: buzz/, output.stdout) 43 | end 44 | end 45 | 46 | step 'check that custom fact is visible to puppet in $facts.get' do 47 | on agent, puppet("apply -e 'notice(\$facts.get(\"\\\"f.i.z.z\\\"\"))'") do |output| 48 | assert_match(/Notice: .*: buzz/, output.stdout) 49 | end 50 | end 51 | 52 | step 'check that custom fact is visible to puppet in getvar' do 53 | on agent, puppet("apply -e 'notice(getvar(\"facts.\\\"f.i.z.z\\\"\"))'") do |output| 54 | assert_match(/Notice: .*: buzz/, output.stdout) 55 | end 56 | end 57 | end 58 | end 59 | -------------------------------------------------------------------------------- /configs/components/_base-module.rb: -------------------------------------------------------------------------------- 1 | # This file is a basis for vendor modules that should be installed alongside 2 | # puppet-agent in settings[:module_vendordir]. It should not be used as a 3 | # component; Instead, other module components should load it using 4 | # `instance_eval`. Here's an example: 5 | # 6 | # component "module-puppetlabs-stdlib" do |pkg, settings, platform| 7 | # pkg.version "4.25.1" 8 | # pkg.md5sum "f18f3361cb8c85770e96eeed05358f05" 9 | # 10 | # instance_eval File.read("configs/components/_base-module.rb") 11 | # end 12 | # 13 | # Module components must be named with the following format: 14 | # module--.rb 15 | # 16 | # No dependency resolution is attempted automatically; You must define separate 17 | # vanagon components for each module and make their dependencies explicit. 18 | 19 | unless defined?(pkg) 20 | raise "_base-module.rb is not a valid vanagon component; Load it with `instance_eval` in another component instead." 21 | end 22 | 23 | match_data = pkg.get_name.match(/module-([^-]+)-([^-]+)/) 24 | unless match_data 25 | raise "module components must be named with the format `module--.rb`" 26 | end 27 | module_author, module_name = match_data.captures 28 | 29 | # Modules must have puppet 30 | pkg.build_requires 'puppet' 31 | 32 | # This is just a tarball; Skip unpack, patch, configure, build, check steps 33 | pkg.install_only true 34 | 35 | # Ensure the vendored modules directory makes it into the package with the right permissions 36 | if platform.is_windows? 37 | pkg.directory(settings[:module_vendordir]) 38 | else 39 | pkg.directory(settings[:module_vendordir], mode: '0755', owner: 'root', group: 'root') 40 | end 41 | 42 | target_directory = File.join(settings[:module_vendordir], module_name) 43 | 44 | pkg.install do 45 | [ 46 | # Rename appropriately for use with puppet 47 | "mv #{module_author}-#{module_name} #{target_directory}", 48 | # Remove git and CI-related files 49 | "rm -r #{File.join(target_directory, '.[!.]*')} 2>/dev/null", 50 | ] 51 | end 52 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_external_overrides_core_dotted_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for external fact overriding core dotted fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 15 | 16 | step 'create module directories' do 17 | agent.mkdir_p(foo_external_facts_dir) 18 | end 19 | 20 | teardown do 21 | agent.rm_rf(foo_module_dir) 22 | end 23 | 24 | step 'create external and custom fact' do 25 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),'ruby.version=1.1.1') 26 | end 27 | 28 | step 'check that external fact is visible to puppet in $facts' do 29 | on agent, puppet("apply -e 'notice(\$facts[\"ruby.version\"])'") do |output| 30 | assert_match(/Notice: .*: 1.1.1/, output.stdout) 31 | end 32 | end 33 | 34 | step 'check that external fact is visible to puppet in $facts.dig' do 35 | on agent, puppet("apply -e 'notice(\$facts.dig(\"ruby.version\"))'") do |output| 36 | assert_match(/Notice: .*: 1.1.1/, output.stdout) 37 | end 38 | end 39 | 40 | step 'check that external fact is visible to puppet in $facts.get' do 41 | on agent, puppet("apply -e 'notice(\$facts.get(\"\\\"ruby.version\\\"\"))'") do |output| 42 | assert_match(/Notice: .*: 1.1.1/, output.stdout) 43 | end 44 | end 45 | 46 | step 'check that external fact is visible to puppet in getvar' do 47 | on agent, puppet("apply -e 'notice(getvar(\"facts.\\\"ruby.version\\\"\"))'") do |output| 48 | assert_match(/Notice: .*: 1.1.1/, output.stdout) 49 | end 50 | end 51 | end 52 | end 53 | -------------------------------------------------------------------------------- /resources/windows/wix/filter.xslt.erb: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | <%- service_files = Array.new -%> 22 | <%- get_services.each do |service| -%> 23 | 24 | <%- service_files << service.service_file.sub("SourceDir\\#{self.settings[:base_dir]}\\#{self.settings[:company_id]}\\#{self.settings[:product_id]}", "$(var.AppSourcePath)") -%> 25 | <%- end -%> 26 | <%- service_files.uniq.each do |service_file| -%> 27 | 28 | <%- end -%> 29 | 30 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /ext/smoke/packages/run-smoke-test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | source "$(dirname $0)/../helpers.sh" 5 | 6 | # Redirect stdout ( > ) into a named pipe ( >() ) running "tee" 7 | exec > >(tee -i "$(dirname $0)/../puppet-agent-${3}-smoke-test-packages-output.txt") 8 | 9 | # Include stderr 10 | exec 2>&1 11 | 12 | USAGE="USAGE: $0 []" 13 | domain=".delivery.puppetlabs.net" 14 | 15 | master_vm="$1" 16 | agent_vm="$2" 17 | agent_version="$3" 18 | server_version="$4" 19 | puppetdb_version="$5" 20 | 21 | if [[ -z "${master_vm}" || -z "${agent_vm}" || -z "${agent_version}" || \ 22 | -z "${server_version}" || -z "${puppetdb_version}" ]]; then 23 | echo "${USAGE}" 24 | exit 1 25 | fi 26 | 27 | master_vm=$(hostname_with_domain $master_vm) 28 | agent_vm=$(hostname_with_domain $agent_vm) 29 | collection="${6:-$(guess_puppet_collection_for $agent_version)}" 30 | 31 | echo "##### master_vm = ${master_vm}" 32 | echo "##### agent_vm = ${agent_vm}" 33 | echo "##### agent_version = ${agent_version}" 34 | echo "##### server_version = ${server_version}" 35 | echo "##### puppetdb_version = ${puppetdb_version}" 36 | echo "##### collection = ${collection}" 37 | echo "" 38 | echo "#### Setting up master..." 39 | $(dirname $0)/steps/setup-master.sh ${master_vm} ${agent_version} ${server_version} ${puppetdb_version} ${collection} 40 | 41 | echo "#### Setting up agent..." 42 | $(dirname $0)/../steps/setup-agent.sh ${master_vm} ${agent_vm} ${agent_version} "package" ${collection} 43 | 44 | echo "#### Running validation" 45 | $(dirname $0)/../steps/run-validation-tests.sh ${master_vm} ${agent_vm} 46 | 47 | echo "#### Sending parameters to Artifactory for use by repo smoke test" 48 | versions_file=${agent_version}.json 49 | version_data="{ 50 | \"puppetserver\":\"$server_version\", 51 | \"puppetdb\":\"$puppetdb_version\" 52 | }" 53 | echo $version_data > $versions_file 54 | curl -T $versions_file "https://artifactory.delivery.puppetlabs.net/artifactory/scratchpad__local/puppet-agent-version-compatibility/${versions_file}" 55 | rm $versions_file 56 | 57 | echo 58 | echo "All done!" 59 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | AllCops: 2 | NewCops: enable 3 | Include: 4 | - 'bin/**/*.rb' 5 | - 'configs/**/*.rb' 6 | Exclude: 7 | - 'acceptance/**/*' 8 | - 'resources/**/*.rb' 9 | - 'ext/**/*' 10 | - 'vendor/**/*' 11 | - 'bundle/**/*' 12 | 13 | Layout/ArgumentAlignment: 14 | Enabled: false 15 | 16 | Layout/BlockAlignment: 17 | Enabled: false 18 | 19 | Layout/ClosingHeredocIndentation: 20 | Enabled: false 21 | 22 | Layout/EmptyLineAfterGuardClause: 23 | Enabled: false 24 | 25 | Layout/EmptyLines: 26 | Enabled: false 27 | 28 | Layout/EmptyLinesAroundBlockBody: 29 | Enabled: false 30 | 31 | Layout/FirstArrayElementIndentation: 32 | Enabled: false 33 | 34 | Layout/FirstHashElementIndentation: 35 | Enabled: false 36 | 37 | Layout/HeredocIndentation: 38 | Enabled: false 39 | 40 | Layout/LeadingCommentSpace: 41 | Enabled: false 42 | 43 | Layout/MultilineArrayBraceLayout: 44 | Enabled: false 45 | 46 | Layout/TrailingEmptyLines: 47 | Enabled: false 48 | 49 | Lint/UnusedBlockArgument: 50 | Enabled: false 51 | 52 | Metrics/BlockLength: 53 | Enabled: false 54 | 55 | Metrics/BlockNesting: 56 | Enabled: false 57 | 58 | Naming/FileName: 59 | Enabled: false 60 | 61 | Style/CaseLikeIf: 62 | Enabled: false 63 | 64 | Style/CommentAnnotation: 65 | Enabled: false 66 | 67 | Style/ConditionalAssignment: 68 | Enabled: false 69 | 70 | Style/FormatStringToken: 71 | Enabled: false 72 | 73 | Style/FrozenStringLiteralComment: 74 | Enabled: false 75 | 76 | Style/HashSyntax: 77 | Enabled: false 78 | 79 | Style/IfUnlessModifier: 80 | Enabled: false 81 | 82 | Style/PercentLiteralDelimiters: 83 | Enabled: false 84 | 85 | Style/RedundantInterpolation: 86 | Enabled: false 87 | 88 | Style/RedundantLineContinuation: 89 | Enabled: false 90 | 91 | Style/SignalException: 92 | Enabled: false 93 | 94 | Style/StringLiterals: 95 | Enabled: false 96 | 97 | Style/SymbolProc: 98 | Enabled: false 99 | 100 | Style/TrailingCommaInArrayLiteral: 101 | Enabled: false 102 | 103 | Style/TrailingCommaInHashLiteral: 104 | Enabled: false 105 | 106 | Style/WordArray: 107 | Enabled: false 108 | 109 | Layout/LineLength: 110 | Enabled: false 111 | -------------------------------------------------------------------------------- /ext/smoke/repos/run-smoke-test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | source "$(dirname $0)/../helpers.sh" 5 | 6 | # Redirect stdout ( > ) into a named pipe ( >() ) running "tee" 7 | exec > >(tee -i "$(dirname $0)/../puppet-agent-${5}-smoke-test-repos-output.txt") 8 | 9 | # Include stderr 10 | exec 2>&1 11 | 12 | USAGE="USAGE: $0 []" 13 | domain=".delivery.puppetlabs.net" 14 | 15 | master_vm1="$1" 16 | master_vm2="$2" 17 | agent_vm1="$3" 18 | agent_vm2="$4" 19 | agent_version="$5" 20 | server_version="$6" 21 | puppetdb_version="$7" 22 | 23 | if [[ -z "${master_vm1}" || -z "${master_vm2}" || -z "${agent_vm1}" || \ 24 | -z "${agent_vm2}" || -z "${agent_version}" || -z "${server_version}" || \ 25 | -z "${puppetdb_version}" ]]; then 26 | echo "${USAGE}" 27 | exit 1 28 | fi 29 | 30 | master_vm1=$(hostname_with_domain $master_vm1) 31 | master_vm2=$(hostname_with_domain $master_vm2) 32 | agent_vm1=$(hostname_with_domain $agent_vm1) 33 | agent_vm2=$(hostname_with_domain $agent_vm2) 34 | collection="${8:-$(guess_puppet_collection_for $agent_version)}" 35 | 36 | echo "##### master_vm1 = ${master_vm1}" 37 | echo "##### master_vm2 = ${master_vm2}" 38 | echo "##### agent_vm1 = ${agent_vm1}" 39 | echo "##### agent_vm2 = ${agent_vm2}" 40 | echo "##### agent_version = ${agent_version}" 41 | echo "##### server_version = ${server_version}" 42 | echo "##### puppetdb_version = ${puppetdb_version}" 43 | echo "##### collection = ${collection}" 44 | echo "" 45 | echo "##### Setting up masters..." 46 | $(dirname $0)/steps/setup-masters.sh ${master_vm1} ${master_vm2} ${agent_version} ${server_version} ${puppetdb_version} ${collection} 47 | 48 | # One agent starts with master 1, one agent starts with master 2 49 | echo "##### Master 1 (PuppetDB Module) + Agent 1" 50 | $(dirname $0)/../steps/setup-agent.sh ${master_vm1} ${agent_vm1} ${agent_version} "repo" ${collection} 51 | $(dirname $0)/../steps/run-validation-tests.sh ${master_vm1} ${agent_vm1} 52 | echo "##### Master 2 (PuppetDB Package) + Agent 2" 53 | $(dirname $0)/../steps/setup-agent.sh ${master_vm2} ${agent_vm2} ${agent_version} "repo" ${collection} 54 | $(dirname $0)/../steps/run-validation-tests.sh ${master_vm2} ${agent_vm2} 55 | 56 | echo "All done!" 57 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_custom_overrides_external.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage custom fact overriding external fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_custom_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 16 | 17 | step 'create module directories' do 18 | agent.mkdir_p(foo_custom_facts_dir) 19 | agent.mkdir_p(foo_external_facts_dir) 20 | end 21 | 22 | teardown do 23 | agent.rm_rf(foo_module_dir) 24 | end 25 | 26 | step 'create external and custom fact' do 27 | create_remote_file(agent, File.join(foo_custom_facts_dir, "my_fizz_fact.rb"), <<-FILE) 28 | Facter.add(:fizz) do 29 | has_weight 10001 30 | setcode do 31 | 'custom_fact_buzz' 32 | end 33 | end 34 | FILE 35 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),'fizz=external_fact_buzz') 36 | end 37 | 38 | step 'check that custom fact is visible to puppet in $facts' do 39 | on agent, puppet("apply -e 'notice(\$facts[\"fizz\"])'") do |output| 40 | assert_match(/Notice: .*: custom_fact_buzz/, output.stdout) 41 | end 42 | end 43 | 44 | step 'check that custom fact is visible to puppet in $facts.dig' do 45 | on agent, puppet("apply -e 'notice(\$facts.dig(\"fizz\"))'") do |output| 46 | assert_match(/Notice: .*: custom_fact_buzz/, output.stdout) 47 | end 48 | end 49 | 50 | step 'check that custom fact is visible to puppet in $facts.get' do 51 | on agent, puppet("apply -e 'notice(\$facts.get(\"fizz\"))'") do |output| 52 | assert_match(/Notice: .*: custom_fact_buzz/, output.stdout) 53 | end 54 | end 55 | 56 | step 'check that custom fact is visible to puppet in getvar' do 57 | on agent, puppet("apply -e 'notice(getvar(\"facts.fizz\"))'") do |output| 58 | assert_match(/Notice: .*: custom_fact_buzz/, output.stdout) 59 | end 60 | end 61 | end 62 | end 63 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_external_overrides_custom.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for external fact overriding custom fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_custom_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 16 | 17 | step 'create module directories' do 18 | agent.mkdir_p(foo_custom_facts_dir) 19 | agent.mkdir_p(foo_external_facts_dir) 20 | end 21 | 22 | teardown do 23 | agent.rm_rf(foo_module_dir) 24 | end 25 | 26 | step 'create external and custom fact' do 27 | create_remote_file(agent, File.join(foo_custom_facts_dir, "my_fizz_fact.rb"), <<-FILE) 28 | Facter.add(:fizz) do 29 | setcode do 30 | 'custom_fact_buzz' 31 | end 32 | end 33 | FILE 34 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),'fizz=external_fact_buzz') 35 | end 36 | 37 | step 'check that external fact is visible to puppet in $facts' do 38 | on agent, puppet("apply -e 'notice(\$facts[\"fizz\"])'") do |output| 39 | assert_match(/Notice: .*: external_fact_buzz/, output.stdout) 40 | end 41 | end 42 | 43 | step 'check that external fact is visible to puppet in $facts.dig' do 44 | on agent, puppet("apply -e 'notice(\$facts.dig(\"fizz\"))'") do |output| 45 | assert_match(/Notice: .*: external_fact_buzz/, output.stdout) 46 | end 47 | end 48 | 49 | step 'check that external fact is visible to puppet in $facts.get' do 50 | on agent, puppet("apply -e 'notice(\$facts.get(\"fizz\"))'") do |output| 51 | assert_match(/Notice: .*: external_fact_buzz/, output.stdout) 52 | end 53 | end 54 | 55 | step 'check that external fact is visible to puppet in getvar' do 56 | on agent, puppet("apply -e 'notice(getvar(\"facts.fizz\"))'") do |output| 57 | assert_match(/Notice: .*: external_fact_buzz/, output.stdout) 58 | end 59 | end 60 | end 61 | end 62 | -------------------------------------------------------------------------------- /acceptance/tests/linker_variable_cleanup.rb: -------------------------------------------------------------------------------- 1 | require 'puppet/acceptance/common_utils' 2 | extend Puppet::Acceptance::CommandUtils 3 | 4 | confine :except, :platform => 'windows' 5 | 6 | def libsource(host) 7 | kernel = on(host, facter("kernel")).stdout.chomp.downcase 8 | arch = on(host, facter("architecture")).stdout.chomp.downcase 9 | 10 | case kernel 11 | when "linux" 12 | case arch 13 | when "x86_64", "amd64" 14 | "libexplode.so.linux64" 15 | when "i386" 16 | "libexplode.so.linux32" 17 | else 18 | nil 19 | end 20 | when "aix" 21 | "libexplode.so.aix" 22 | when "sunos" 23 | case arch 24 | when "i86sol" 25 | "libexplode.so.solaris" 26 | else 27 | nil 28 | end 29 | else 30 | nil 31 | end 32 | end 33 | 34 | def libdest(host) 35 | kernel = on(host, facter("kernel")).stdout.chomp.downcase 36 | 37 | case kernel 38 | when "aix" 39 | "libruby.so" 40 | when "sunos" 41 | "libm.so.2" 42 | else 43 | "libm.so.6" 44 | end 45 | end 46 | 47 | test_name 'PA-437: cleanup linker environment' do 48 | skip_test 'requires wrapper script which is created by the AIO' if [:gem, :git].include?(@options[:type]) 49 | 50 | fixtures = File.dirname(__FILE__) + "/../fixtures/dyld/" 51 | dirs = {} 52 | libs = {} 53 | 54 | step "Lay down a crashing library on the SUT" do 55 | agents.each do |agent| 56 | source = libsource(agent) 57 | if source == nil then 58 | libs[agent] = nil 59 | dirs[agent] = nil 60 | next 61 | end 62 | dirs[agent] = agent.tmpdir("lib") + "/" 63 | libs[agent] = dirs[agent] + libdest(agent) 64 | fixture = fixtures + source 65 | 66 | scp_to(agent, fixture, libs[agent]) 67 | end 68 | end 69 | 70 | teardown do 71 | agents.each do |agent| 72 | next if dirs[agent] == nil 73 | on agent, "rm -rf #{dirs[agent]}" 74 | end 75 | end 76 | 77 | step "Put the crashing library on the load path" do 78 | agents.each do |agent| 79 | next if dirs[agent] == nil 80 | kernel = on(agent, facter("kernel")).stdout.downcase.strip 81 | 82 | var = case kernel 83 | when "aix" 84 | "LIBPATH" 85 | else 86 | "LD_LIBRARY_PATH" 87 | end 88 | on agent, puppet("--version"), :environment => { var => dirs[agent] } 89 | end 90 | end 91 | end 92 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_external_overrides_core_top_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for external fact overriding core top fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 15 | 16 | external_ruby_value = '{"version": "1.1.1"}' 17 | 18 | step 'create module directories' do 19 | agent.mkdir_p(foo_external_facts_dir) 20 | end 21 | 22 | teardown do 23 | agent.rm_rf(foo_module_dir) 24 | end 25 | 26 | step 'create external and custom fact' do 27 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),"ruby=#{external_ruby_value}") 28 | end 29 | 30 | step 'check that external fact is visible to puppet in $facts' do 31 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"])'") do |output| 32 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 33 | end 34 | end 35 | 36 | step 'check that external fact is visible to puppet in $facts.dig' do 37 | on agent, puppet("apply -e 'notice(\$facts.dig(\"ruby\"))'") do |output| 38 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 39 | end 40 | end 41 | 42 | step 'check that external fact is visible to puppet in $facts.get' do 43 | on agent, puppet("apply -e 'notice(\$facts.get(\"ruby\"))'") do |output| 44 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 45 | end 46 | end 47 | 48 | step 'check that external fact is visible to puppet in getvar' do 49 | on agent, puppet("apply -e 'notice(getvar(\"facts.ruby\"))'") do |output| 50 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 51 | end 52 | end 53 | 54 | step 'check that external json fact is interpreted as text' do 55 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"][\"version\"])'") , acceptable_exit_codes: [1] do |output| 56 | refute_match(/Notice: .*: 1.1.1/, output.stdout) 57 | end 58 | end 59 | end 60 | end 61 | -------------------------------------------------------------------------------- /configs/components/pl-ruby-patch.rb: -------------------------------------------------------------------------------- 1 | # This component patches the pl-ruby package on cross compiled 2 | # platforms. Ruby gem components should require this. 3 | # 4 | # We have to do this when installing gems with native extensions in 5 | # order to trick rubygems into thinking we have a different ruby 6 | # version and target architecture 7 | # 8 | # This component should also be present in the puppet-runtime project 9 | component "pl-ruby-patch" do |pkg, settings, platform| 10 | if platform.is_cross_compiled? 11 | if platform.is_macos? 12 | pkg.build_requires 'gnu-sed' 13 | pkg.environment "PATH", "/usr/local/opt/gnu-sed/libexec/gnubin:$(PATH)" 14 | end 15 | 16 | ruby_api_version = settings[:ruby_version].gsub(/\.\d*$/, '.0') 17 | ruby_version_y = settings[:ruby_version].gsub(/(\d+)\.(\d+)\.(\d+)/, '\1.\2') 18 | 19 | base_ruby = if platform.name =~ /osx/ 20 | "/usr/local/opt/ruby@#{ruby_version_y}/lib/ruby/#{ruby_api_version}" 21 | else 22 | "/opt/pl-build-tools/lib/ruby/2.1.0" 23 | end 24 | 25 | target_triple = if platform.architecture =~ /ppc64el|ppc64le/ 26 | "powerpc64le-linux" 27 | elsif platform.name == 'solaris-11-sparc' 28 | "sparc-solaris-2.11" 29 | elsif platform.is_macos? 30 | "aarch64-darwin" 31 | else 32 | "#{platform.architecture}-linux" 33 | end 34 | 35 | pkg.build do 36 | [ 37 | %(#{platform[:sed]} -i 's/Gem::Platform.local.to_s/"#{target_triple}"/' #{base_ruby}/rubygems/basic_specification.rb), 38 | %(#{platform[:sed]} -i 's/Gem.extension_api_version/"#{ruby_api_version}"/' #{base_ruby}/rubygems/basic_specification.rb) 39 | ] 40 | end 41 | 42 | # make rubygems use our target rbconfig when installing gems 43 | case File.basename(base_ruby) 44 | when '2.0.0', '2.1.0' 45 | sed_command = %(s|Gem.ruby|&, '-r/opt/puppetlabs/puppet/share/doc/rbconfig-#{settings[:ruby_version]}-orig.rb'|) 46 | else 47 | sed_command = %(s|Gem.ruby.shellsplit|& << '-r/opt/puppetlabs/puppet/share/doc/rbconfig-#{settings[:ruby_version]}-orig.rb'|) 48 | end 49 | 50 | pkg.build do 51 | [ 52 | %(#{platform[:sed]} -i "#{sed_command}" #{base_ruby}/rubygems/ext/ext_conf_builder.rb) 53 | ] 54 | end 55 | end 56 | end 57 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_custom_overrides_core_top_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for custom fact overriding core top fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_custom_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | 16 | custom_ruby_value = '{"version": "1.1.1"}' 17 | 18 | step 'create module directories' do 19 | agent.mkdir_p(foo_custom_facts_dir) 20 | end 21 | 22 | teardown do 23 | agent.rm_rf(foo_module_dir) 24 | end 25 | 26 | step 'create external and custom fact' do 27 | create_remote_file(agent, File.join(foo_custom_facts_dir, "ruby.rb"), <<-FILE) 28 | Facter.add('ruby') do 29 | has_weight(999) 30 | setcode do 31 | '#{custom_ruby_value}' 32 | end 33 | end 34 | FILE 35 | end 36 | 37 | step 'check that custom fact is visible to puppet in $facts' do 38 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"])'") do |output| 39 | assert_match(/Notice: .*: #{custom_ruby_value}/, output.stdout) 40 | end 41 | end 42 | 43 | step 'check that custom fact is visible to puppet in $facts.dig' do 44 | on agent, puppet("apply -e 'notice(\$facts.dig(\"ruby\"))'") do |output| 45 | assert_match(/Notice: .*: #{custom_ruby_value}/, output.stdout) 46 | end 47 | end 48 | 49 | step 'check that custom fact is visible to puppet in $facts.get' do 50 | on agent, puppet("apply -e 'notice(\$facts.get(\"ruby\"))'") do |output| 51 | assert_match(/Notice: .*: #{custom_ruby_value}/, output.stdout) 52 | end 53 | end 54 | 55 | step 'check that custom fact is visible to puppet in getvar' do 56 | on agent, puppet("apply -e 'notice(getvar(\"facts.ruby\"))'") do |output| 57 | assert_match(/Notice: .*: #{custom_ruby_value}/, output.stdout) 58 | end 59 | end 60 | 61 | step 'check that json custom fact is interpreted as text' do 62 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"][\"version\"])'") , acceptable_exit_codes: [1] do |output| 63 | refute_match(/Notice: .*: 1.1.1/, output.stdout) 64 | end 65 | end 66 | end 67 | end 68 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_external_overrides_custom_overrides_core_dotted_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for external fact overriding custom and core dotted fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_custom_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 16 | 17 | custom_ruby_value = '1.1.1' 18 | external_ruby_value = '0.0.0' 19 | 20 | step 'create module directories' do 21 | agent.mkdir_p(foo_custom_facts_dir) 22 | agent.mkdir_p(foo_external_facts_dir) 23 | end 24 | 25 | teardown do 26 | agent.rm_rf(foo_module_dir) 27 | end 28 | 29 | step 'create external and custom fact' do 30 | create_remote_file(agent, File.join(foo_custom_facts_dir, "my_fizz_fact.rb"), <<-FILE) 31 | Facter.add('ruby.version') do 32 | setcode do 33 | '#{custom_ruby_value}' 34 | end 35 | end 36 | FILE 37 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),"ruby.version=#{external_ruby_value}") 38 | end 39 | 40 | step 'check that external fact is visible to puppet in $facts' do 41 | on agent, puppet("apply -e 'notice(\$facts[\"ruby.version\"])'") do |output| 42 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 43 | end 44 | end 45 | 46 | step 'check that external fact is visible to puppet in $facts.dig' do 47 | on agent, puppet("apply -e 'notice(\$facts.dig(\"ruby.version\"))'") do |output| 48 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 49 | end 50 | end 51 | 52 | step 'check that external fact is visible to puppet in $facts.get' do 53 | on agent, puppet("apply -e 'notice(\$facts.get(\"\\\"ruby.version\\\"\"))'") do |output| 54 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 55 | end 56 | end 57 | 58 | step 'check that external fact is visible to puppet in getvar' do 59 | on agent, puppet("apply -e 'notice(getvar(\"facts.\\\"ruby.version\\\"\"))'") do |output| 60 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 61 | end 62 | end 63 | end 64 | end 65 | -------------------------------------------------------------------------------- /acceptance/tests/validate_vendored_openssl.rb: -------------------------------------------------------------------------------- 1 | require 'puppet/acceptance/temp_file_utils' 2 | 3 | test_name 'Validate openssl version and fips' do 4 | extend Puppet::Acceptance::TempFileUtils 5 | 6 | tag 'audit:high' 7 | 8 | def openssl_command(host) 9 | puts "privatebindir=#{host['privatebindir']}" 10 | "env PATH=\"#{host['privatebindir']}:${PATH}\" openssl" 11 | end 12 | 13 | def create_bat_wrapper(host, file, command) 14 | tempfile = get_test_file_path(agent, file) 15 | create_remote_file(agent, tempfile, command) 16 | "cmd /c $(cygpath -w #{tempfile})" 17 | end 18 | 19 | agents.each do |agent| 20 | openssl = openssl_command(agent) 21 | 22 | step "check openssl version" do 23 | on(agent, "#{openssl} version -v") do |result| 24 | assert_match(/^OpenSSL 3\./, result.stdout) 25 | end 26 | end 27 | 28 | if agent['template'] =~ /fips/ 29 | step "check fips_enabled fact" do 30 | on(agent, facter("fips_enabled")) do |result| 31 | assert_match(/^true/, result.stdout) 32 | end 33 | end 34 | 35 | step "check openssl providers" do 36 | if agent['template'] =~ /^win/ 37 | list_command = create_bat_wrapper(agent, "list_providers.bat", <<~END) 38 | call "C:\\Program Files\\Puppet Labs\\Puppet\\bin\\environment.bat" %0 %* 39 | openssl list -providers 40 | END 41 | else 42 | list_command = "#{openssl} list -providers" 43 | end 44 | 45 | on(agent, list_command) do |result| 46 | assert_match(Regexp.new(<<~END, Regexp::MULTILINE), result.stdout) 47 | \s*fips 48 | \s*name: OpenSSL FIPS Provider 49 | \s*version: 3.0.9 50 | \s*status: active 51 | END 52 | end 53 | end 54 | 55 | step "check fipsmodule.cnf" do 56 | if agent['template'] =~ /^win/ 57 | verify_command = create_bat_wrapper(agent, "verify_fips.bat", <<~END) 58 | call "C:\\Program Files\\Puppet Labs\\Puppet\\bin\\environment.bat" %0 %* 59 | openssl fipsinstall -module "%OPENSSL_MODULES%\\fips.dll" -provider_name fips -in "%OPENSSL_CONF_INCLUDE%\\fipsmodule.cnf" -verify 60 | END 61 | else 62 | verify_command = "#{openssl} fipsinstall -module /opt/puppetlabs/puppet/lib/ossl-modules/fips.so -provider_name fips -in /opt/puppetlabs/puppet/ssl/fipsmodule.cnf -verify" 63 | end 64 | 65 | on(agent, verify_command) do |result| 66 | assert_match(/VERIFY PASSED/, result.stderr) 67 | end 68 | end 69 | end 70 | end 71 | end 72 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'packaging' 2 | 3 | load './ext/release-lead.rake' 4 | 5 | Pkg::Util::RakeUtils.load_packaging_tasks 6 | 7 | namespace :package do 8 | task :bootstrap do 9 | puts 'Bootstrap is no longer needed, using packaging-as-a-gem' 10 | end 11 | task :implode do 12 | puts 'Implode is no longer needed, using packaging-as-a-gem' 13 | end 14 | end 15 | 16 | desc 'run static analysis with rubocop' 17 | task(:rubocop) do 18 | require 'rubocop' 19 | cli = RuboCop::CLI.new 20 | exit_code = cli.run(%w(--display-cop-names --format simple)) 21 | raise "RuboCop detected offenses" if exit_code != 0 22 | end 23 | 24 | desc "verify that commit messages match CONTRIBUTING.md requirements" 25 | task(:commits) do 26 | # This rake task looks at the summary from every commit from this branch not 27 | # in the branch targeted for a PR. This is accomplished by using the 28 | # TRAVIS_COMMIT_RANGE environment variable, which is present in travis CI and 29 | # populated with the range of commits the PR contains. If not available, this 30 | # falls back to `main..HEAD` as a next best bet as `main` is unlikely to 31 | # ever be absent. 32 | # 33 | # When we move to GH actions, use `GITHUB_BASE_REF` to resolve the merge base 34 | # ref, which is the common ancestor between the base branch and PR. Then do 35 | # git log for all of the commits in `HEAD` that are not in the base ref 36 | # 37 | # baseref = %x{git merge-base HEAD $GITHUB_BASE_REF} 38 | # commits = "#{baseref}..HEAD" 39 | commits = ENV['TRAVIS_COMMIT_RANGE'].nil? ? 'main..HEAD' : ENV['TRAVIS_COMMIT_RANGE'].sub(/\.\.\./, '..') 40 | %x{git log --no-merges --pretty=%s #{commits}}.each_line do |commit_summary| 41 | error_message=<<-HEREDOC 42 | \n\n\n\tThis commit summary didn't match CONTRIBUTING.md guidelines:\n \ 43 | \n\t\t#{commit_summary}\n \ 44 | \tThe commit summary (i.e. the first line of the commit message) should start with one of:\n \ 45 | \t\t(docs)\n \ 46 | \t\t(maint)\n \ 47 | \t\t(packaging)\n \ 48 | \t\t()\n \ 49 | \n\tThis test for the commit summary is case-insensitive.\n\n\n 50 | HEREDOC 51 | 52 | if /^\((maint|doc|docs|packaging|pa-\d+)\)|revert|bumping|merge|promoting/i.match(commit_summary).nil? 53 | ticket = commit_summary.match(/^\(([[:alpha:]]+-[[:digit:]]+)\).*/) 54 | if ticket.nil? 55 | raise error_message 56 | else 57 | require 'net/http' 58 | require 'uri' 59 | uri = URI.parse("https://tickets.puppetlabs.com/browse/#{ticket[1]}") 60 | response = Net::HTTP.get_response(uri) 61 | if response.code != "200" 62 | raise error_message 63 | end 64 | end 65 | end 66 | end 67 | end 68 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/PuppetWelcomeDlg.wxs: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 17 | 18 | Installed AND PATCH 19 | 20 | 21 | 1 22 | 23 | 24 | 25 | 1 26 | 27 | 28 | 29 | NOT Installed OR NOT PATCH 30 | Installed AND PATCH 31 | 32 | 33 | Installed AND PATCH 34 | NOT Installed OR NOT PATCH 35 | 36 | 37 | 38 | 39 | 40 | NOT Installed OR PATCH 41 | 42 | 43 | 44 | 45 | -------------------------------------------------------------------------------- /resources/windows/wix/ui/PuppetLicenseAgreementDlg.wxs.erb: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 1 24 | 25 | 26 | 27 | !(wix.WixUICostingPopupOptOut) OR CostingComplete = 1 28 | "1"]]> 29 | LicenseAccepted = "1" 30 | 31 | 32 | 1 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | -------------------------------------------------------------------------------- /acceptance/tests/ensure_facter_values_for_external_overrides_custom_overrides_core_top_fact.rb: -------------------------------------------------------------------------------- 1 | test_name 'Ensure Facter values usage for external fact overriding custom and core top fact' do 2 | agents.each do |agent| 3 | 4 | output = on agent, puppet('config print modulepath') 5 | 6 | if agent.platform =~ /windows/ 7 | delimiter = ';' 8 | else 9 | delimiter = ':' 10 | end 11 | module_path = output.stdout.split(delimiter)[0] 12 | 13 | foo_module_dir = File.join(module_path, 'foo') 14 | foo_custom_facts_dir = File.join(foo_module_dir, 'lib', 'facter') 15 | foo_external_facts_dir = File.join(foo_module_dir, 'facts.d') 16 | 17 | custom_ruby_value = '{"version": "1.1.1"}' 18 | external_ruby_value = '{"version": "0.0.0"}' 19 | 20 | step 'create module directories' do 21 | agent.mkdir_p(foo_custom_facts_dir) 22 | agent.mkdir_p(foo_external_facts_dir) 23 | end 24 | 25 | teardown do 26 | agent.rm_rf(foo_module_dir) 27 | end 28 | 29 | step 'create external and custom fact' do 30 | create_remote_file(agent, File.join(foo_custom_facts_dir, "my_fizz_fact.rb"), <<-FILE) 31 | Facter.add('ruby') do 32 | has_weight(999) 33 | setcode do 34 | '#{custom_ruby_value}' 35 | end 36 | end 37 | FILE 38 | create_remote_file(agent, File.join(foo_external_facts_dir, "my_fizz_fact.txt"),"ruby=#{external_ruby_value}") 39 | end 40 | 41 | step 'check that json custom fact is visible to puppet in $facts' do 42 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"])'") do |output| 43 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 44 | end 45 | end 46 | 47 | step 'check that json custom fact is visible to puppet in $facts.dig' do 48 | on agent, puppet("apply -e 'notice(\$facts.dig(\"ruby\"))'") do |output| 49 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 50 | end 51 | end 52 | 53 | step 'check that json custom fact is visible to puppet in $facts.get' do 54 | on agent, puppet("apply -e 'notice(\$facts.get(\"ruby\"))'") do |output| 55 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 56 | end 57 | end 58 | 59 | step 'check that json custom fact is visible to puppet in getvar' do 60 | on agent, puppet("apply -e 'notice(getvar(\"facts.ruby\"))'") do |output| 61 | assert_match(/Notice: .*: #{external_ruby_value}/, output.stdout) 62 | end 63 | end 64 | 65 | step 'check that json custom fact is interpreted as text' do 66 | on agent, puppet("apply -e 'notice(\$facts[\"ruby\"][\"version\"])'") , acceptable_exit_codes: [1] do |output| 67 | refute_match(/Notice: .*: 1.1.1/, output.stdout) 68 | end 69 | end 70 | end 71 | end 72 | -------------------------------------------------------------------------------- /resources/files/ftplugin/ftplugin_puppet.vim: -------------------------------------------------------------------------------- 1 | " Vim filetype plugin 2 | " Language: Puppet 3 | " Maintainer: Todd Zullinger 4 | " Last Change: 2009 Aug 19 5 | " vim: set sw=4 sts=4: 6 | 7 | if exists("b:did_ftplugin") 8 | finish 9 | endif 10 | let b:did_ftplugin = 1 11 | 12 | if !exists("no_plugin_maps") && !exists("no_puppet_maps") 13 | if !hasmapto("AlignRange") 14 | map = AlignRange 15 | endif 16 | endif 17 | 18 | noremap