diff --git a/Gemfile b/Gemfile index 3f4709fd7..d88542885 100644 --- a/Gemfile +++ b/Gemfile @@ -18,11 +18,11 @@ gem 'rake', :group => [:development, :test] group :test do gem 'rspec' - gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 4.11') + gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 6.0') gem "beaker-hostgenerator", *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION'] || "~> 2.4") - gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || "~> 0.1") + gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || "~> 1.0") gem "beaker-vmpooler", *location_for(ENV['BEAKER_VMPOOLER_VERSION'] || "~> 1.3") - gem "beaker-puppet", *location_for(ENV['BEAKER_PUPPET_VERSION'] || ["~> 1.0", ">= 1.0.1"]) + gem "beaker-puppet", *location_for(ENV['BEAKER_PUPPET_VERSION'] || "~> 4.0") gem 'uuidtools' gem 'httparty' gem 'master_manipulator' diff --git a/acceptance/lib/helper.rb b/acceptance/lib/helper.rb index 9a88f1f3f..df0762aaf 100644 --- a/acceptance/lib/helper.rb +++ b/acceptance/lib/helper.rb @@ -63,13 +63,14 @@ def self.print_config def puppetdb_supported_platforms() [ /debian-11/, - /debian-10/, - /el-7/, + /debian-12/, /el-8/, + /el-9/, /sles-12/, /sles-15/, - /ubuntu-18.04/, - /ubuntu-20.04/ + /ubuntu-20.04/, + /ubuntu-22.04/, + /ubuntu-24.04/ ] end @@ -231,8 +232,7 @@ def get_defaults_file def get_defaults_var(host, varname) defaults_file = get_defaults_file - on(host, "source #{defaults_file}; echo -n $#{varname}") - stdout + on(host, "source #{defaults_file}; echo -n $#{varname}").stdout end # If we are getting the certificate for the first time, store it in the diff --git a/acceptance/lib/puppetserver/acceptance/gem_utils.rb b/acceptance/lib/puppetserver/acceptance/gem_utils.rb index 2a73a2ff3..bc8e37502 100644 --- a/acceptance/lib/puppetserver/acceptance/gem_utils.rb +++ b/acceptance/lib/puppetserver/acceptance/gem_utils.rb @@ -7,8 +7,8 @@ def get_gem_list(host, gem_list_command) # gem_list_regex = Regexp.new('(?[\w-]*) (?.*)') array = [] - on(host, "#{gem_list_command}") do - split_output = stdout.split + on(host, "#{gem_list_command}") do |result| + split_output = result.stdout.split split_output.each do |line| match = gem_list_regex.match(line) if match diff --git a/acceptance/scripts/generic/testrun.sh b/acceptance/scripts/generic/testrun.sh index a64ef31a0..d7856784c 100755 --- a/acceptance/scripts/generic/testrun.sh +++ b/acceptance/scripts/generic/testrun.sh @@ -15,7 +15,6 @@ do_init() BEAKER_INIT="$BEAKER_INIT --keyfile $BEAKER_KEYFILE" BEAKER_INIT="$BEAKER_INIT --helper $BEAKER_HELPER" BEAKER_INIT="$BEAKER_INIT --options-file $BEAKER_OPTIONS" - BEAKER_INIT="$BEAKER_INIT --post-suite $BEAKER_POSTSUITE" BEAKER_INIT="$BEAKER_INIT --load-path $BEAKER_LOADPATH" BEAKER_INIT="$BEAKER_INIT --hosts $BEAKER_CONFIG" BEAKER_INIT="$BEAKER_INIT --pre-suite $BEAKER_PRESUITE" @@ -39,10 +38,9 @@ do_init() set -x export GEM_SOURCE="https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/" -export GENCONFIG_LAYOUT="${GENCONFIG_LAYOUT:-redhat8-64ma-debian11-64a}" +export GENCONFIG_LAYOUT="${GENCONFIG_LAYOUT:-redhat9-64ma-debian12-64a}" export BEAKER_TESTSUITE="${BEAKER_TESTSUITE:-acceptance/suites/tests}" export BEAKER_PRESUITE="${BEAKER_PRESUITE:-acceptance/suites/pre_suite/foss}" -export BEAKER_POSTSUITE="${BEAKER_POSTSUITE:-acceptance/suites/post_suite}" export BEAKER_OPTIONS="${BEAKER_OPTIONS:-acceptance/config/beaker/options.rb}" export BEAKER_CONFIG="${BEAKER_CONFIG:-acceptance/scripts/hosts.cfg}" export BEAKER_KEYFILE="${BEAKER_KEYFILE:-~/.ssh/id_rsa-acceptance}" diff --git a/acceptance/suites/pre_suite/foss/95_install_pdb.rb b/acceptance/suites/pre_suite/foss/95_install_pdb.rb index af1841810..5d6c81927 100644 --- a/acceptance/suites/pre_suite/foss/95_install_pdb.rb +++ b/acceptance/suites/pre_suite/foss/95_install_pdb.rb @@ -10,38 +10,19 @@ on(master, "rm -f #{sitepp}") end -# Puppet pulls in OpenSSL 3 which breaks ssl-cert < 1.1.1 -# Unfortunately we need jammy to bring a workable version of ssl-cert into bionic -step 'Update Ubuntu 18 package repo' do - if master.platform =~ /ubuntu-18/ - # There's a bunch of random crap that gets upgraded in our installs, - # just upgrade everything before we try to install postgres - on master, 'apt-get update' - on master, 'DEBIAN_FRONTEND=noninteractive apt-get upgrade --assume-yes --force-yes -o "DPkg::Options::=--force-confold"' - # Install jammy repos so we can pull in its ssl-cert - on master, "echo 'deb http://archive.ubuntu.com/ubuntu/ jammy main restricted universe multiverse' > /etc/apt/sources.list.d/jammy.list" - on master, "echo 'deb-src http://archive.ubuntu.com/ubuntu/ jammy main restricted universe multiverse' >> /etc/apt/sources.list.d/jammy.list" - on master, 'apt-get update' - on master, 'apt-get install -y -t jammy ssl-cert' - # Once we have jammy's ssl-cert get rid of jammy packages to avoid unintentially pulling in other packages - on master, 'rm /etc/apt/sources.list.d/jammy.list' - on master, 'apt-get update' - - # bionic is EOL, so get postgresql from the archive - on master, 'echo "deb https://apt-archive.postgresql.org/pub/repos/apt bionic-pgdg main" >> /etc/apt/sources.list' - on master, 'curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -' - on master, 'apt update' - end -end - step 'Install Puppet nightly repo' do install_puppetlabs_release_repo_on(master, 'puppet8-nightly') end -step 'Update EL 8 postgresql repos' do - if master.platform =~ /el-8/ - # work around for testing on rhel8 and the repos on the image not finding the pg packages it needs - on master, "dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm" +step 'Update EL postgresql repos' do + # work around for testing on rhel and the repos on the image not finding the pg packages it needs + if master.platform =~ /el-/ + major_version = case master.platform + when /-8/ then 8 + when /-9/ then 9 + end + + on master, "dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-#{major_version}-x86_64/pgdg-redhat-repo-latest.noarch.rpm" on master, "dnf -qy module disable postgresql" end end @@ -55,12 +36,11 @@ end step 'Configure PuppetDB via site.pp' do - manage_package_repo = ! master.platform.match?(/ubuntu-18/) create_remote_file(master, sitepp, < false, - manage_package_repo => #{manage_package_repo}, + manage_package_repo => true, postgres_version => '14', } diff --git a/acceptance/suites/puppet3_tests/puppet3_version_test.rb b/acceptance/suites/puppet3_tests/puppet3_version_test.rb index 40e7584ea..c56134aaf 100644 --- a/acceptance/suites/puppet3_tests/puppet3_version_test.rb +++ b/acceptance/suites/puppet3_tests/puppet3_version_test.rb @@ -4,13 +4,13 @@ legacy_agents = agents.reject { |agent| agent == master } step "Check that legacy agents have Puppet 3.x installed" -on(legacy_agents, puppet("--version")) do - assert(stdout.start_with? "3.", "puppet --version does not start with major version 3.") +on(legacy_agents, puppet("--version")) do |result| + assert(result.stdout.start_with? "3.", "puppet --version does not start with major version 3.") end step "Check that Puppet Server has Puppet 6.x installed" -on(master, puppet("--version")) do - assert_match(/\A6/, stdout, "puppet --version does not start with major version 6.x") +on(master, puppet("--version")) do |result| + assert_match(/\A6/, result.stdout, "puppet --version does not start with major version 6.x") end step "Check that the agent on the master runs against the master" diff --git a/acceptance/suites/tests/00_smoke/puppetdb_integration.rb b/acceptance/suites/tests/00_smoke/puppetdb_integration.rb index 89b38129b..2139153ef 100644 --- a/acceptance/suites/tests/00_smoke/puppetdb_integration.rb +++ b/acceptance/suites/tests/00_smoke/puppetdb_integration.rb @@ -101,8 +101,8 @@ # ISO 8601 timestamp, with milliseconds and time zone. Local time is used # instead of UTC as both PuppetDB and Puppet Server log in local time. run_timestamp = Time.iso8601(on(master, 'date +"%Y-%m-%dT%H:%M:%S.%3N%:z"').stdout.chomp) - on(master, puppet_agent("--test"), :acceptable_exit_codes => [0,2]) do - assert_match(/Notice: #{random_string}/, stdout, + on(master, puppet_agent("--test"), :acceptable_exit_codes => [0,2]) do |result| + assert_match(/Notice: #{random_string}/, result.stdout, 'Puppet run collects exported Notify') end end @@ -116,15 +116,26 @@ # name passed to Puppet::Util::Profiler.profile over in the Ruby # terminus code of the PuppetDB project without realizing that is a # breaking change to metrics critical for measuring compiler performance. - %w[ - facts_encode command_submit_replace_facts - catalog_munge command_submit_replace_catalog - report_convert_to_wire_format_hash command_submit_store_report - resource_search query + [ + "query", + "resource_search", + "facts_find", + "catalog_save", + "facts_save", + "command_submit_replace_catalog", + "command_submit_replace_facts", + "report_process", + "command_submit_store_report", + "payload_format", + "facts_encode", + "catalog_munge", + "report_convert_to_wire_format_hash" ].each do |metric_name| - metric_data = pdb_metrics.find({}) {|m| m['metric'] == metric_name } + metric_data = pdb_metrics.find {|m| m['metric'] == metric_name } || {} - assert_operator(metric_data.fetch('count', 0), :>, 0, + metric_count = metric_data.fetch('count', 0) + logger.debug("PuppetDB metrics #{metric_name} recorded #{metric_count} times") + assert_operator(metric_count, :>, 0, "PuppetDB metrics recorded for: #{metric_name}") end end diff --git a/acceptance/suites/tests/010-puppetserver-cli/subcommand/SERVER-297_common_behavior.rb b/acceptance/suites/tests/010-puppetserver-cli/subcommand/SERVER-297_common_behavior.rb index 8df777ff8..bbb185a99 100644 --- a/acceptance/suites/tests/010-puppetserver-cli/subcommand/SERVER-297_common_behavior.rb +++ b/acceptance/suites/tests/010-puppetserver-cli/subcommand/SERVER-297_common_behavior.rb @@ -5,8 +5,8 @@ proxy_env_vars = "HTTP_PROXY=foo http_proxy=foo HTTPS_PROXY=foo https_proxy=foo NO_PROXY=foo no_proxy=foo" step "ruby: Check that PATH, HOME, GEM_HOME JARS_REQUIRE and JARS_NO_REQUIRE are present" -on(master, "puppetserver ruby -rjson -e 'puts JSON.pretty_generate(ENV.to_hash)'") do - env = JSON.parse(stdout) +on(master, "puppetserver ruby -rjson -e 'puts JSON.pretty_generate(ENV.to_hash)'") do |result| + env = JSON.parse(result.stdout) assert(env['PATH'], "PATH missing") assert(env['HOME'], "HOME missing") assert(env['GEM_HOME'], "GEM_HOME missing") @@ -15,8 +15,8 @@ end step "ruby: Check that proxy env-variables are present" -on(master, "#{proxy_env_vars} puppetserver ruby -rjson -e 'puts JSON.pretty_generate(ENV.to_hash)'") do - env = JSON.parse(stdout) +on(master, "#{proxy_env_vars} puppetserver ruby -rjson -e 'puts JSON.pretty_generate(ENV.to_hash)'") do |result| + env = JSON.parse(result.stdout) assert_equal(env['HTTP_PROXY'], "foo", "HTTP_PROXY is missing or has wrong value: '#{env['HTTP_PROXY']}'") assert_equal(env['http_proxy'], "foo", @@ -32,20 +32,20 @@ end step "irb: Check that PATH, HOME, GEM_HOME JARS_REQUIRE and JARS_NO_REQUIRE are present" -on(master, "echo 'puts JSON.pretty_generate(ENV.to_hash)' | puppetserver irb -f -rjson") do - assert_match(/\bPATH\b/, stdout, "PATH missing") - assert_match(/\bHOME\b/, stdout, "HOME missing") - assert_match(/\bGEM_HOME\b/, stdout, "GEM_HOME missing") - assert_match(/\bJARS_REQUIRE\b/, stdout, "JARS_REQUIRE missing") - assert_match(/\bJARS_NO_REQUIRE\b/, stdout, "JARS_NO_REQUIRE missing") +on(master, "echo 'puts JSON.pretty_generate(ENV.to_hash)' | puppetserver irb -f -rjson") do |result| + assert_match(/\bPATH\b/, result.stdout, "PATH missing") + assert_match(/\bHOME\b/, result.stdout, "HOME missing") + assert_match(/\bGEM_HOME\b/, result.stdout, "GEM_HOME missing") + assert_match(/\bJARS_REQUIRE\b/, result.stdout, "JARS_REQUIRE missing") + assert_match(/\bJARS_NO_REQUIRE\b/, result.stdout, "JARS_NO_REQUIRE missing") end step "irb: Check that proxy env-variables are present" -on(master, "echo 'puts JSON.pretty_generate(ENV.to_hash)' | #{proxy_env_vars} puppetserver irb -f -rjson") do - assert_match(/\bHTTP_PROXY\b\W\W\s\W\bfoo\b/, stdout, "HTTP_PROXY missing or has wrong value") - assert_match(/\bhttp_proxy\b\W\W\s\W\bfoo\b/, stdout, "http_proxy missing or has wrong value") - assert_match(/\bHTTPS_PROXY\b\W\W\s\W\bfoo\b/, stdout, "HTTPS_PROXY missing or has wrong value") - assert_match(/\bhttps_proxy\b\W\W\s\W\bfoo\b/, stdout, "https_proxy missing or has wrong value") - assert_match(/\bNO_PROXY\b\W\W\s\W\bfoo\b/, stdout, "NO_PROXY missing or has wrong value") - assert_match(/\bno_proxy\b\W\W\s\W\bfoo\b/, stdout, "no_proxy missing or has wrong value") +on(master, "echo 'puts JSON.pretty_generate(ENV.to_hash)' | #{proxy_env_vars} puppetserver irb -f -rjson") do |result| + assert_match(/\bHTTP_PROXY\b\W\W\s\W\bfoo\b/, result.stdout, "HTTP_PROXY missing or has wrong value") + assert_match(/\bhttp_proxy\b\W\W\s\W\bfoo\b/, result.stdout, "http_proxy missing or has wrong value") + assert_match(/\bHTTPS_PROXY\b\W\W\s\W\bfoo\b/, result.stdout, "HTTPS_PROXY missing or has wrong value") + assert_match(/\bhttps_proxy\b\W\W\s\W\bfoo\b/, result.stdout, "https_proxy missing or has wrong value") + assert_match(/\bNO_PROXY\b\W\W\s\W\bfoo\b/, result.stdout, "NO_PROXY missing or has wrong value") + assert_match(/\bno_proxy\b\W\W\s\W\bfoo\b/, result.stdout, "no_proxy missing or has wrong value") end diff --git a/acceptance/suites/tests/010-puppetserver-cli/subcommand/foreground.rb b/acceptance/suites/tests/010-puppetserver-cli/subcommand/foreground.rb index 366838dcb..5520db047 100644 --- a/acceptance/suites/tests/010-puppetserver-cli/subcommand/foreground.rb +++ b/acceptance/suites/tests/010-puppetserver-cli/subcommand/foreground.rb @@ -1,9 +1,5 @@ test_name "Puppetserver 'foreground' subcommand tests." -if (master['platform'] =~ /el-5/) - skip_test("RHEL5 is not supported by this test case. See SERVER-653") -end - cli = "puppetserver" service = options['puppetservice'] @@ -25,7 +21,7 @@ step "Run #{cli} with foreground subcommand, wait for #{timout_length}" on(master, timeout_cmd, :acceptable_exit_codes => [124]) do |result| - assert_no_match(/error:/i, result.stderr, "Unexpected error running puppetserver!") + refute_match(/error:/i, result.stderr, "Unexpected error running puppetserver!") step "Check that #{cli} ran successfully and shutdown triggered" expected_messages.each do |message, explanation| diff --git a/acceptance/suites/tests/010-puppetserver-cli/subcommand/gem.rb b/acceptance/suites/tests/010-puppetserver-cli/subcommand/gem.rb index 99a9f6934..7d0a619c4 100644 --- a/acceptance/suites/tests/010-puppetserver-cli/subcommand/gem.rb +++ b/acceptance/suites/tests/010-puppetserver-cli/subcommand/gem.rb @@ -43,8 +43,8 @@ on(master, "#{gem_install} #{gem_name} -v #{gem_version}") step "Check that test gem is present." - on(master, "#{gem_list}") do - assert(/^#{gem_name}/.match(stdout), "#{gem_name} was not found after installation.") + on(master, "#{gem_list}") do |result| + assert(/^#{gem_name}/.match(result.stdout), "#{gem_name} was not found after installation.") end if gem_name == 'excon' @@ -56,8 +56,8 @@ end on(master, "su #{runuser} -s /bin/bash -c "\ "'/opt/puppetlabs/bin/puppetserver ruby "\ - "-rexcon -e \"puts Excon::VERSION\"'") do - assert_equal(gems['excon'], stdout.strip, + "-rexcon -e \"puts Excon::VERSION\"'") do |result| + assert_equal(gems['excon'], result.stdout.strip, "Unexpected output for excon version") end end @@ -67,8 +67,8 @@ on(master, "#{gem_uninstall} #{gem_name}") step "Check that test gem is no longer present." - on(master, "#{gem_list}") do - assert_no_match(/^#{gem_name}/, stdout, "#{gem_name} was found after uninstallation.") + on(master, "#{gem_list}") do |result| + refute_match(/^#{gem_name}/, result.stdout, "#{gem_name} was found after uninstallation.") end end @@ -88,14 +88,14 @@ on(master, "#{cli} gem env", :acceptable_exit_codes => [0]) step "Verify that Java cli args passed through to gem command" -on(master, "JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} gem help") do - assert_match(/jruby \d\.\d\.\d.*$/, stdout, +on(master, "JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} gem help") do |result| + assert_match(/jruby \d\.\d\.\d.*$/, result.stdout, 'jruby version not included in gem command output') end step "(SERVER-1759) Verify that installing a non-existent gem produces a non-zero exit return value" gem_name = 'if-this-gem-exists-then-someone-has-a-cruel-sense-of-humor' -on(master, "#{cli} gem install #{gem_name}", :acceptable_exit_codes => [2]) do - assert_match(/Could not find a valid gem/, stderr) +on(master, "#{cli} gem install #{gem_name}", :acceptable_exit_codes => [2]) do |result| + assert_match(/Could not find a valid gem/, result.stderr) end diff --git a/acceptance/suites/tests/010-puppetserver-cli/subcommand/irb.rb b/acceptance/suites/tests/010-puppetserver-cli/subcommand/irb.rb index 3ee5bc07e..26ea387a8 100644 --- a/acceptance/suites/tests/010-puppetserver-cli/subcommand/irb.rb +++ b/acceptance/suites/tests/010-puppetserver-cli/subcommand/irb.rb @@ -10,28 +10,28 @@ step "Check that GEM_HOME is managed" cmd = "echo 'puts ENV.to_hash.to_yaml' | GEM_HOME=UHOH #{cli} irb -ryaml -f" -on(master, cmd) do - assert_match(/GEM_HOME/, stdout) - assert_no_match(/UHOH/, stdout) +on(master, cmd) do |result| + assert_match(/GEM_HOME/, result.stdout) + refute_match(/UHOH/, result.stdout) end step "Check that FOO_DEBUG is filtered" cmd = "echo 'puts ENV[%{FOO_DEBUG}] || %{OK}' | FOO_DEBUG=BAD #{cli} irb -f" -on(master, cmd) do - assert_match(/^OK$/, stdout) - assert_no_match(/^BAD$/, stdout, "FOO_DEBUG is not being filtered out") +on(master, cmd) do |result| + assert_match(/^OK$/, result.stdout) + refute_match(/^BAD$/, result.stdout, "FOO_DEBUG is not being filtered out") end step "Check that puppet is loadable" cmd = "echo 'puts %{GOOD: } + Puppet.version' | #{cli} irb -rpuppet -f" -on(master, cmd) do - assert_match(/GOOD:/, stdout) - assert_no_match(/error/i, stdout) +on(master, cmd) do |result| + assert_match(/GOOD:/, result.stdout) + refute_match(/error/i, result.stdout) end step "Verify that Java cli args passed through to irb command" -on(master, "echo '' | JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} irb -f") do - assert_match(/jruby \d\.\d\.\d.*$/, stdout, +on(master, "echo '' | JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} irb -f") do |result| + assert_match(/jruby \d\.\d\.\d.*$/, result.stdout, 'jruby version not included in irb command output') end diff --git a/acceptance/suites/tests/010-puppetserver-cli/subcommand/ruby.rb b/acceptance/suites/tests/010-puppetserver-cli/subcommand/ruby.rb index 9b35f0d55..973261bdf 100644 --- a/acceptance/suites/tests/010-puppetserver-cli/subcommand/ruby.rb +++ b/acceptance/suites/tests/010-puppetserver-cli/subcommand/ruby.rb @@ -10,27 +10,27 @@ step "Check that GEM_HOME is managed" cmd = "GEM_HOME=UHOH #{cli} ruby -ryaml -e 'puts ENV.to_hash.to_yaml'" -on(master, cmd) do - assert_match(/GEM_HOME/, stdout) - assert_no_match(/UHOH/, stdout) +on(master, cmd) do |result| + assert_match(/GEM_HOME/, result.stdout) + refute_match(/UHOH/, result.stdout) end step "Check that FOO_DEBUG is filtered out" -on(master, "FOO_DEBUG=BAD #{cli} ruby -e 'puts ENV[%{FOO_DEBUG}] || %{OK}'") do - assert_match(/^OK$/, stdout) - assert_no_match(/BAD/, stdout, "FOO_DEBUG is not being filtered out") +on(master, "FOO_DEBUG=BAD #{cli} ruby -e 'puts ENV[%{FOO_DEBUG}] || %{OK}'") do |result| + assert_match(/^OK$/, result.stdout) + refute_match(/BAD/, result.stdout, "FOO_DEBUG is not being filtered out") end step "Check that puppet is loadable" cmd = "#{cli} ruby -rpuppet -e 'puts %{GOOD: } + Puppet.version'" -on(master, cmd) do - assert_match(/GOOD:/, stdout) - assert_no_match(/error/i, stdout) +on(master, cmd) do |result| + assert_match(/GOOD:/, result.stdout) + refute_match(/error/i, result.stdout) end step "Verify that Java cli args passed through to ruby command" -on(master, "JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} ruby -e ''") do - assert_match(/jruby \d\.\d\.\d.*$/, stdout, +on(master, "JAVA_ARGS_CLI=-Djruby.cli.version=true #{cli} ruby -e ''") do |result| + assert_match(/jruby \d\.\d\.\d.*$/, result.stdout, 'jruby version not included in ruby command output') end diff --git a/acceptance/suites/tests/authorization/default_rules.rb b/acceptance/suites/tests/authorization/default_rules.rb index ceffe4e2c..a3b663aee 100644 --- a/acceptance/suites/tests/authorization/default_rules.rb +++ b/acceptance/suites/tests/authorization/default_rules.rb @@ -16,14 +16,15 @@ {'jruby-puppet' => {'use-legacy-auth-conf' => false}}) end -def curl_authenticated(path) +def curl_authenticated(path, &block) curl = 'curl ' curl += '--cert $(puppet config print hostcert) ' curl += '--key $(puppet config print hostprivkey) ' curl += '--cacert $(puppet config print localcacert) ' curl += "--write-out '\\nSTATUSCODE=%{http_code}\\n' " curl += "https://#{master}:8140#{path}" - on(master, curl) + result = on(master, curl) + block.call(result.stdout) end def curl_unauthenticated(path) @@ -33,12 +34,12 @@ def curl_unauthenticated(path) on(master, curl) end -def assert_allowed(expected_statuscode = 200) - assert_no_match(/Forbidden request/, stdout) +def assert_allowed(stdout, expected_statuscode = 200) + refute_match(/Forbidden request/, stdout) assert_match(/STATUSCODE=#{expected_statuscode}/, stdout) end -def assert_denied(expected_stdout) +def assert_denied(stdout, expected_stdout) assert_match(/Forbidden request/, stdout) assert_match(expected_stdout, stdout) assert_match(/STATUSCODE=403/, stdout) @@ -55,115 +56,139 @@ def report_query(node) masterfqdn = on(master, '/opt/puppetlabs/bin/facter fqdn').stdout.chomp step 'environments endpoint' do - curl_authenticated('/puppet/v3/environments') - assert_allowed + curl_authenticated('/puppet/v3/environments') do |stdout| + assert_allowed(stdout) + end - curl_unauthenticated('/puppet/v3/environments') - assert_denied(/\/puppet\/v3\/environments \(method :get\)/) + curl_unauthenticated('/puppet/v3/environments') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/environments \(method :get\)/) + end end step 'catalog endpoint' do - curl_authenticated("/puppet/v3/catalog/#{masterfqdn}?environment=production") - assert_allowed + curl_authenticated("/puppet/v3/catalog/#{masterfqdn}?environment=production") do |stdout| + assert_allowed(stdout) + end - curl_authenticated('/puppet/v3/catalog/notme?environment=production') - assert_denied(/\/puppet\/v3\/catalog\/notme \(method :get\)/) + curl_authenticated('/puppet/v3/catalog/notme?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/catalog\/notme \(method :get\)/) + end - curl_unauthenticated("/puppet/v3/catalog/#{masterfqdn}?environment=production") - assert_denied(/\/puppet\/v3\/catalog\/#{masterfqdn} \(method :get\)/) + curl_unauthenticated("/puppet/v3/catalog/#{masterfqdn}?environment=production") do |stdout| + assert_denied(stdout, /\/puppet\/v3\/catalog\/#{masterfqdn} \(method :get\)/) + end end step 'node endpoint' do - curl_authenticated("/puppet/v3/node/#{masterfqdn}?environment=production") - assert_allowed + curl_authenticated("/puppet/v3/node/#{masterfqdn}?environment=production") do |stdout| + assert_allowed(stdout) + end - curl_authenticated('/puppet/v3/node/notme?environment=production') - assert_denied(/\/puppet\/v3\/node\/notme \(method :get\)/) + curl_authenticated('/puppet/v3/node/notme?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/node\/notme \(method :get\)/) + end - curl_unauthenticated("/puppet/v3/node/#{masterfqdn}?environment=production") - assert_denied(/\/puppet\/v3\/node\/#{masterfqdn} \(method :get\)/) + curl_unauthenticated("/puppet/v3/node/#{masterfqdn}?environment=production") do |stdout| + assert_denied(stdout, /\/puppet\/v3\/node\/#{masterfqdn} \(method :get\)/) + end end step 'report endpoint' do - curl_authenticated(report_query(masterfqdn)) - assert_allowed + curl_authenticated(report_query(masterfqdn)) do |stdout| + assert_allowed(stdout) + end # In PE, the master (specifically the orchestrator) # is allowed to make report submissions on behalf of # other nodes - curl_authenticated(report_query('notme')) - if master.is_pe? - assert_allowed - else - assert_denied(/\/puppet\/v3\/report\/notme \(method :put\)/) + curl_authenticated(report_query('notme')) do |stdout| + if master.is_pe? + assert_allowed(stdout) + else + assert_denied(stdout, /\/puppet\/v3\/report\/notme \(method :put\)/) + end end - curl_unauthenticated(report_query(masterfqdn)) - assert_denied(/\/puppet\/v3\/report\/#{masterfqdn} \(method :put\)/) + curl_unauthenticated(report_query(masterfqdn)) do |stdout| + assert_denied(stdout, /\/puppet\/v3\/report\/#{masterfqdn} \(method :put\)/) + end end step 'file_metadata endpoint' do # We'd actually need to install a module in order to get back a 200, # but we know that a 404 means we got past authorization - curl_authenticated('/puppet/v3/file_metadata/modules/foo?environment=production') - assert_allowed(404) + curl_authenticated('/puppet/v3/file_metadata/modules/foo?environment=production') do |stdout| + assert_allowed(stdout, 404) + end - curl_unauthenticated('/puppet/v3/file_metadata/modules/foo?environment=production') - assert_denied(/\/puppet\/v3\/file_metadata\/modules\/foo \(method :get\)/) + curl_unauthenticated('/puppet/v3/file_metadata/modules/foo?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/file_metadata\/modules\/foo \(method :get\)/) + end end step 'file_content endpoint' do # We'd actually need to install a module in order to get back a 200, # but we know that a 404 means we got past authorization - curl_authenticated('/puppet/v3/file_content/modules/foo?environment=production') - assert_allowed(404) + curl_authenticated('/puppet/v3/file_content/modules/foo?environment=production') do |stdout| + assert_allowed(stdout, 404) + end - curl_unauthenticated('/puppet/v3/file_content/modules/foo?environment=production') - assert_denied(/\/puppet\/v3\/file_content\/modules\/foo \(method :get\)/) + curl_unauthenticated('/puppet/v3/file_content/modules/foo?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/file_content\/modules\/foo \(method :get\)/) + end end step 'file_bucket_file endpoint' do # We'd actually need to store a file in the filebucket in order to get # back a 200, but we know that a 500 means we got past authorization - curl_authenticated('/puppet/v3/file_bucket_file/md5/123?environment=production') - assert_allowed(500) + curl_authenticated('/puppet/v3/file_bucket_file/md5/123?environment=production') do |stdout| + assert_allowed(stdout, 500) + end - curl_unauthenticated('/puppet/v3/file_bucket_file/md5/123?environment=production') - assert_denied(/\/puppet\/v3\/file_bucket_file\/md5\/123 \(method :get\)/) + curl_unauthenticated('/puppet/v3/file_bucket_file/md5/123?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/file_bucket_file\/md5\/123 \(method :get\)/) + end end step 'status service endpoint' do - curl_unauthenticated('/status/v1/services') - assert_allowed + curl_unauthenticated('/status/v1/services') do |stdout| + assert_allowed(stdout) + end end step 'static file content endpoint' do # We'd actually need to perform a commit and use its code-id in order to # get back a 200, but we know that a 400 means we got past authorization - curl_authenticated('/puppet/v3/static_file_content/foo/bar?environment=production') - assert_allowed(400) + curl_authenticated('/puppet/v3/static_file_content/foo/bar?environment=production') do |stdout| + assert_allowed(stdout, 400) + end - curl_unauthenticated('/puppet/v3/static_file_content/foo/bar?environment=production') - assert_denied(/\/puppet\/v3\/static_file_content\/foo\/bar \(method :get\)/) + curl_unauthenticated('/puppet/v3/static_file_content/foo/bar?environment=production') do |stdout| + assert_denied(stdout, /\/puppet\/v3\/static_file_content\/foo\/bar \(method :get\)/) + end end step 'certificate_revocation_list endpoint' do - curl_authenticated('/puppet-ca/v1/certificate_revocation_list/ca?environment=production') - assert_allowed + curl_authenticated('/puppet-ca/v1/certificate_revocation_list/ca?environment=production') do |stdout| + assert_allowed(stdout) + end - curl_unauthenticated('/puppet-ca/v1/certificate_revocation_list/ca?environment=production') - assert_allowed + curl_unauthenticated('/puppet-ca/v1/certificate_revocation_list/ca?environment=production') do |stdout| + assert_allowed(stdout) + end end step 'certificate endpoint' do - curl_unauthenticated('/puppet-ca/v1/certificate/ca?environment=production') - assert_allowed + curl_unauthenticated('/puppet-ca/v1/certificate/ca?environment=production') do |stdout| + assert_allowed(stdout) + end end step 'certificate_request endpoint' do # We'd actually need to store a CSR file on the server in order to get # back a 200, but we know that a 404 means we got past authorization - curl_unauthenticated('/puppet-ca/v1/certificate_request/foo?environment=production') - assert_allowed(404) + curl_unauthenticated('/puppet-ca/v1/certificate_request/foo?environment=production') do |stdout| + assert_allowed(stdout, 404) + end end end diff --git a/acceptance/suites/tests/certificate_authority/split_external_cas.rb b/acceptance/suites/tests/certificate_authority/split_external_cas.rb index d62b1b57c..309043507 100644 --- a/acceptance/suites/tests/certificate_authority/split_external_cas.rb +++ b/acceptance/suites/tests/certificate_authority/split_external_cas.rb @@ -120,26 +120,26 @@ with_puppet_running_on(master, master_opts) do # Now, try and run the agent on the master against itself. step "Successfully run the puppet agent on the master" - on master, puppet_agent("#{agent_cmd_prefix} --test"), :acceptable_exit_codes => (0..255) do - assert_no_match /Creating a new SSL key/, stdout - assert_no_match /\Wfailed\W/i, stderr - assert_no_match /\Wfailed\W/i, stdout - assert_no_match /\Werror\W/i, stderr - assert_no_match /\Werror\W/i, stdout + on master, puppet_agent("#{agent_cmd_prefix} --test"), :acceptable_exit_codes => (0..255) do |result| + refute_match /Creating a new SSL key/, result.stdout + refute_match /\Wfailed\W/i, result.stderr + refute_match /\Wfailed\W/i, result.stdout + refute_match /\Werror\W/i, result.stderr + refute_match /\Werror\W/i, result.stdout # Assert the exit code so we get a "Failed test" instead of an "Errored test" - assert exit_code == 0 + assert result.exit_code == 0 end step "Master accepts client cert with email address in subject" on master, "cp #{testdir}/etc/agent/puppet.conf{,.no_email}" on master, "cp #{testdir}/etc/agent/puppet.conf{.email,}" - on master, puppet_agent("#{agent_cmd_prefix} --test"), :acceptable_exit_codes => (0..255) do - assert_no_match /\Wfailed\W/i, stdout - assert_no_match /\Wfailed\W/i, stderr - assert_no_match /\Werror\W/i, stdout - assert_no_match /\Werror\W/i, stderr + on master, puppet_agent("#{agent_cmd_prefix} --test"), :acceptable_exit_codes => (0..255) do |result| + refute_match /\Wfailed\W/i, result.stdout + refute_match /\Wfailed\W/i, result.stderr + refute_match /\Werror\W/i, result.stdout + refute_match /\Werror\W/i, result.stderr # Assert the exit code so we get a "Failed test" instead of an "Errored test" - assert exit_code == 0 + assert result.exit_code == 0 end step "Agent refuses to connect to revoked master" @@ -147,9 +147,9 @@ on master, "cp #{testdir}/etc/agent/puppet.conf{.crl,}" revoke_opts = "--hostcrl #{testdir}/ca_master.crl" - on master, puppet_agent("#{agent_cmd_prefix} #{revoke_opts} --test"), :acceptable_exit_codes => (0..255) do - assert_match /certificate revoked.*?example.org/, stderr - assert exit_code == 1 + on master, puppet_agent("#{agent_cmd_prefix} #{revoke_opts} --test"), :acceptable_exit_codes => (0..255) do |result| + assert_match /certificate revoked.*?example.org/, result.stderr + assert result.exit_code == 1 end end diff --git a/acceptance/suites/tests/code_commands/code_scripts.rb b/acceptance/suites/tests/code_commands/code_scripts.rb index ca1a5e227..e53d76dee 100644 --- a/acceptance/suites/tests/code_commands/code_scripts.rb +++ b/acceptance/suites/tests/code_commands/code_scripts.rb @@ -109,7 +109,7 @@ class { 'git': } step 'SETUP: Initialize the local git repository' do on master, "chown git #{git_local_repo}" - on master, "git config --global --add safe.directory #{git_local_repo}" + on master, "git config --system --add safe.directory '*'" on master, "cd #{git_local_repo} && git config --global user.name 'TestUser'" on master, "cd #{git_local_repo} && git config --global user.email 'you@example.com'" on master, "cd #{git_local_repo} && git init" diff --git a/acceptance/suites/upgrade_tests/00_version_check.rb b/acceptance/suites/upgrade_tests/00_version_check.rb index b37b00923..fbe7ee49b 100644 --- a/acceptance/suites/upgrade_tests/00_version_check.rb +++ b/acceptance/suites/upgrade_tests/00_version_check.rb @@ -1,13 +1,13 @@ test_name "Testing Master/Agent backwards compatibility" step "Check that legacy agents have Puppet 4.x installed" do - on(hosts, puppet("--version")) do - assert_match(/\A4\./, stdout, "puppet --version does not start with major version 4.") + on(hosts, puppet("--version")) do |result| + assert_match(/\A4\./, result.stdout, "puppet --version does not start with major version 4.") end end step "Check that the master has Puppetserver 2.x installed" do - on(master, "puppetserver --version") do - assert_match(/\Apuppetserver version: 2\./i, stdout, "puppetserver --version does not start with major version 2.") + on(master, "puppetserver --version") do |result| + assert_match(/\Apuppetserver version: 2\./i, result.stdout, "puppetserver --version does not start with major version 2.") end end diff --git a/acceptance/suites/upgrade_tests/10_upgrade.rb b/acceptance/suites/upgrade_tests/10_upgrade.rb index 4c715837c..7c1157b08 100644 --- a/acceptance/suites/upgrade_tests/10_upgrade.rb +++ b/acceptance/suites/upgrade_tests/10_upgrade.rb @@ -32,8 +32,8 @@ end step "Check that the master has Puppetserver 5.x installed" do - on(master, "puppetserver --version") do - assert_match(/\Apuppetserver version: 5\./i, stdout, "puppetserver --version does not start with major version 5.") + on(master, "puppetserver --version") do |result| + assert_match(/\Apuppetserver version: 5\./i, result.stdout, "puppetserver --version does not start with major version 5.") end end