summaryrefslogtreecommitdiff
path: root/lib/puppet
AgeCommit message (Collapse)Author
2016-01-19Fix reference to validate_bool in functionMatt Bostock
The documentation in `validate_ip_address` references `validate_bool`, but I believe this should read `validate_ip_address` instead, which makes more sense. Looks like this was copied from `validate_ipv4_address`, which I fixed in 7b068781.
2016-01-08Merge pull request #552 from mattbostock/add_x509_rsa_key_pairDavid Schmitt
Add a function to validate an x509 RSA key pair
2016-01-08Add a function to validate an x509 RSA key pairMatt Bostock
Add a function to validate an x509 RSA certificate and key pair, as commonly used for TLS certificates. The rationale behind this is that we store our TLS certificates and private keys in Hiera YAML files, and poor indentation or formatting in the YAML file could cause a valid certificate to be considered invalid. Will cause the Puppet run to fail if: - an invalid certificate is detected - an invalid RSA key is detected - the certificate does not match the key, i.e. the certificate has not been signed by the supplied key The test certificates I've used in the spec tests were generated using the Go standard library: $ go run $GOROOT/src/crypto/tls/generate_cert.go -host localhost Example output: ==> cache-1.router: Error: Not a valid RSA key: Neither PUB key nor PRIV key:: nested asn1 error at /var/govuk/puppet/modules/nginx/manifests/config/ssl.pp:30 on node cache-1.router.dev.gov.uk
2016-01-04Merge pull request #545 from mpolenchuk/masterDavid Schmitt
Add clamp function
2015-12-31Add clamp functionMichael Polenchuk
Clamp keeps value within the range. Employ of soft() makes the whole thing is independant of order.
2015-12-15refactors the validate_absolute_path to utilize the is_absolute_pathCorey Osman
2015-12-15adds new parser called is_absolute_pathCorey Osman
* is_absolute_path returns boolean true if the given path is absolute, returns false otherwise. * works for windows and unix
2015-12-08(#2886) seeded_rand: new functionKjetil Torgrim Homme
seeded_rand is needed for repeatable randomness across nodes in a cluster
2015-11-30Merge pull request #546 from jdevesa/validate_ipBryan Jen
Add validator for any IP address
2015-11-30Add validator for any IP addressJaume Devesa
Provide a validator for IP addresses, regardless they are IPv4 or IPv6, and its documentation.
2015-11-23Fix reference to validate_bool in IP4 functionMatt Bostock
The documentation in `validate_ipv4_address` references `validate_bool`, but I believe this should read `validate_ipv4_address` instead, which makes more sense.
2015-10-16Merge pull request #538 from mmckinst/bool2str_enhanceDavid Schmitt
add functionality to bool2str function
2015-10-15add functionality to bool2str to return strings of your choice for a booleanMark McKinstry
2015-10-14Let load_module_metadata succeed on empty fileColleen Murphy
Some modules or module versions don't have a metadata.json file, but we might still want to use the load_module_metadata function on them. The lack of a file can still give us important information. For example, it might tell us that the version of the module installed is "very old" even if we can't read the version number directly. This patch adds a parameter to let the user specify if an empty file is acceptable. To preserve backwards compatibility it does not change the current default behavior, which is to raise an error if metadata.json does not exist.
2015-10-13(MODULES-2421) improve description of file_lineDavid Schmitt
This mostly needed extraction of the existing doc strings from the type.
2015-09-28Check for numeric values as empty fails on thoseRoman Mueller
2015-09-21Fix backwards compatibility from #511Morgan Haskel
Maintain the old behavior in the case where the optional second parameter isn't passed. Also, adding arity is backwards incompatible since stdlib still supports 2.7, so remove that.
2015-09-17(MAINT) validate_re: Clarify docs and error messageDavid Schmitt
2015-09-14Clarify what an empty intersection looks like.Ben Ford
2015-09-14Merge pull request #523 from DavidS/modules-2516-is_aBryan Jen
(MODULES-2561) add is_a function
2015-09-14Merge pull request #511 from dmitryilyin/parseyaml_defaultBryan Jen
[MODULES-2462] Improve parseyaml function
2015-09-14(MODULES-2516) Adds an is_a() functionDavid Schmitt
The data type system is very hard to understand. Many people don't understand why type_of([1,2,3]) == Array will fail, but type_of([1,2,3]) <= Array passes. This does a simpler validation that doesn't rely on explicit data types. Instead, use $foo = [1,2,3] if $foo.is_a(Array) { notify { 'This is an array': } } This is based on code by Ben Ford <ben.ford@puppetlabs.com>. * Added acceptance tests * Added dispatch * Improved unit tests * Added docs to README
2015-09-04accept any case of boolean stringsCorey Osman
* previously the str2bool function did not accept 'TRUE' as a bool type. This causes the function to now accept TRUE, FALSE strings as a boolean type in order to be converted to a proper boolean. * This would also cause Y,N, YES, NO to be accepted as boolean types as well.
2015-09-02Merge pull request #513 from dmitryilyin/fetchDavid Schmitt
Add a new function "try_get_value"
2015-09-01Add a new function "try_get_value"Dmitry Ilyin
* Extracts a value from a deeply-nested data structure * Returns default if a value could not be extracted
2015-08-27Adds a convert_base function, which can convert numbers between basesfhats
Squashed, improved docs, updated error handling and unit tests by David S.
2015-08-25[MODULES-2462] Improve parseyaml functionDmitry Ilyin
* Add default value support Second argument will be returned if yaml cannot be parsed instead of false value * Update tests
2015-08-24(MODULE-2456) Modify union to accept more than two arraysJetroid
Add spec tests to test the new functionality: *Case for 3 arrays. *Case for 4 arrays. Modify README to note new functionality. This is for issue MODULE-2456, follow the precedent of MODULE-444. This change allows union to be much more useful, unioning many arrays in one line rather than in n lines. Additionally, as this is only added functionality, and does not affect the 2 array case that all modules currently using array are using, it should not affect any existing modules utilizing union. This is now useful, for example, for merging many arrays of resources (eg: packages.) to generate just one list with no duplicates, to avoid duplicate resource declarations.
2015-08-14(MODULES-2410) Add new functions dos2unix and unix2dosNigel Gibbs
2015-08-06allow `match` parameter to influence `ensure => absent` behavior.Johnson Earls
Split the `destroy` method of the file_type::ruby provider into two private methods: `handle_destroy_line` which is the same as the previous `destroy` method, and `handle_destroy_with_match` which will destroy any line which matches the `match` parameter, raising an error if multiple lines match and the `multiple` parameter is not `true`. This new behavior is only used if the new boolean parameter `match_for_absence` is `true` (it defaults to `false`).
2015-08-04(MODULES-2316) Change file_type boolean parameter to symbolsDominic Cleal
Puppet's boolean parameter type is only available in Puppet 3.3 and higher, so change file_type's new "replace" parameter to a regular parameter with true and false as possible values. This matches the existing "multiple" parameter.
2015-07-31Merge pull request #483 from nibalizer/load_metadata_jsonHunter Haugen
Add load_metadata_json function
2015-07-30Add load_metadata_json functionSpencer Krum
This function loads the metadata.json into a puppet variable. This enables a number of neat things such as: * Which version of the module am I using? 2.x? 3.x? * Which author of the module am I using? puppetlabs? example42?
2015-07-30Remove colorful language from module.Zee Alexander
2015-07-30(MODULES-2024) Adding replace attribute to file_lineRaymond Maika
2015-07-22adding support for hash in the size functiongcmalloc
2015-07-20Fix documentation error in upcaseDan Offord
The documentation example shows an incorrect response when using the function, this PR corrects the example to agree with what the function actually does.
2015-07-09Merge pull request #482 from DavidS/document_validate_slength_3rd_argMorgan Haskel
Add validate_slength's optional 3rd arg to README
2015-07-09Add validate_slength's optional 3rd arg to READMEAlexander Fisher
2015-06-24catch and rescue from looking up non-existent facts when looking for 'kind'Mathias Klette
facter (2.x) only provides facts without interface suffix for * ipaddress * netmask 'macaddress' and 'network' facts will always have the related interface name appended. in turns lookupvar throws errors when strict_variables is enabled.
2015-06-05Also catch :undefined_variable as thrown by future parserTomas Doran
2015-06-04Fix time() on 1.8.7Hunter Haugen
The time() function takes an argument of a timezone, and always returns time in epoch format. The epoch format is the number of seconds that have elapsed since January 1, 1970 (midnight UTC/GMT), not counting leap seconds. This means that it is universally the same regardless of timezones. I don't know what the timezone argument is supposed to do, and it is not documented. So lets just make 1.8.7 work like > 1.8.7
2015-06-01fqdn_rotate: Improve documentationEli Young
2015-06-01fqdn_rotate: Don't use the value itself as part of the random seedEli Young
Previously, the random number generator was seeded with the array or string to be rotated in addition to any values specifically provided for seeding. This behavior is potentially insecure in that it allows an attacker who can modify the source data to choose the post-shuffle order.
2015-06-01Convert tests to use plain rspec-puppetDavid Schmitt
Tests in the new style produces the following documentation output: abs should not eq nil should run abs() and raise an Puppet::ParseError should run abs(-34) and return 34 should run abs("-34") and return 34 should run abs(34) and return 34 should run abs("34") and return 34
2015-05-29simplify mac address regexIgor Galić
let the computer do the counting and repetition and case
2015-05-29Merge pull request #463 from CENGN/fix/master/file_line_multiple_afterDavid Schmitt
(MODULES-2071) Patch file_line provider to use multiple with after
2015-05-29 (MODULES-2071) Refactor file_line provider to contain logic to handle ↵Raymond Maika
parameter multiple in function handle_create_with_after Without this, file_line resource without the `match` parameter but with the `after` param will throw an error if there are multiple matches for the after expression. This patch creates the handling for the `multiple` parameter in handle_create_with_after. This allows you to add a line after the `after` expression if it appears at multiple points in a file. Updated reference to `file_line` in the README to reflect that the multiple parameter can be set when using `after` and/or `match` as the matching regex.
2015-05-27validate_integer, validate_numeric: explicitely reject hashes in arraysDavid Schmitt
Without this patch, Ruby 1.8's Hash#to_s behaviour causes [{1=>2}] to be treated as "12" when validating values.
2015-05-26fqdn_rotate: reset srand seed correctly on old ruby versionsDavid Schmitt
Without this, the global seed is reseeded on every use of fqdn_rotate, which is a waste. Older rubies might even use a time-base seed which adversly impacts the quality of the RNG.