./sysutils/puppet, Configuration management framework written in Ruby

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 7.19.0, Package name: ruby27-puppet-7.19.0, Maintainer: pkgsrc-users

Puppet lets you centrally manage every important aspect of your system using
a cross-platform specification language that manages all the separate
elements normally aggregated in different files, like users, cron jobs, and
hosts, along with obviously discrete elements like packages, services, and

Required to run:
[sysutils/ruby-facter] [devel/ruby-locale] [www/ruby-httpclient] [textproc/ruby-multi_json] [devel/ruby-fast_gettext] [databases/ruby-hiera] [devel/ruby-concurrent-ruby] [devel/ruby-semantic_puppet] [sysutils/ruby-puppet-resource_api] [lang/ruby26-base] [devel/ruby-deep_merge]

Required to build:

Master sites:

Filesize: 2714 KB

Version history: (Expand)

CVS history: (Expand)

   2022-09-16 08:10:03 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
sysutils/puppet: update to 7.19.0

Puppet 7.19.0

Released September 2022.

New versions of Puppet now release every six weeks rather than every four


* Support for Fedora 36 (x86_64)

	This release adds support for Fedora 36 (x86_64).  PA-4668

* Updated Augeas to 1.13.0

	Bumped Augeas to 1.13.0 for all supported platforms except for
	Solaris and AIX.  Those two platforms remain on 1.12.0, as Augeas
	1.13.0 fails to compile due to a few readline function calls that
	are not on Solaris or AIX.  PA-4494

Resolved issues

* Puppet sends malformed PuppetDB reports with Oj

	Reports sent to PuppetDB using the Oj JSON backend are now properly
	formatted.  PUP-11620

	puppet module list --render-as json does not report unmet dependencies

	puppet module list --render-as json now includes information about
	unmet dependencies.  PUP-11604

* Puppet does not write SELinux labels on ZFS

	Marked ZFS as an SELinux-capable filesystem.  PUP-11603

	Puppet::Util.safe_posix_fork fails if /proc/self is not a directory

	Puppet now handles misconfigured /proc filesystems correctly.

* Puppet on Ruby 3.1 warns about ERB passing safe_level as non-keyword argument

	Puppet now passes ERB arguments as keywords.  PUP-11552


* FIPS OpenSSL: disable c_rehash binary

	Fixed CVE-2022-1292 and CVE-2022-2068.  PA-4621
   2022-09-04 19:00:14 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
sysutils/puppet: update to 7.18.0

Quote from release notes:

7.18.0 (2022-08)


* Bump to openssl-fips-1.1.1k-6
* Update puppet-ca-bundle
* Support for macOS 12 (M1)
* Support for Windows 11 Enterprise (x86_64)
* Support for Ubuntu 22.04 (x86_64)

Resolved issues

* Sub-directory names returned as task names when listing tasks from a
* Puppet agent --disable is ignored with cron puppet agent (splay).
* puppet-cacerts keystore is missing on Red Hat 9, SLES 15 and Ubuntu 20.04
* Deprecations and removals
* Support for Operating Systems removed


* Update puppet runtime's curl to 7.83.1
  - Updated runtime to fix CVE-2022-22576, CVE-2022-27774, and
    CVE-2022-27776. PA-4472

7.17.0 (2022-05)

We would like to thank the following Puppet community members for their
contributions to this release: jplindquist, lollipopman, jps-help.


* Resolve deferred values on demand instead of at catalog read time
* Add virt-what and dmidecode in Puppet Agent
* Nokogiri security vulnerability fix
  - Fix for CVE-2022-29181. PA-4489

Resolved issues

* Puppet::HTTP::Client cannot connect to a server requiring client cert
  authentication and whose server cert is issued by a CA in the
* Remove compiler errors for deferred function mismatched types
* Yum provider does not properly update package using version range and
  install options
* Legacy function error does not include the source ref
* Cannot login under user created by Puppet on macOS 12.1
* Puppet Agent does not automatically refresh CRLs on crl_refresh_interval
* systemd: Puppet Agent starts before network-online.target is reached

7.16.0 (2022-04)


* Allow Puppet::HTTP::Client to connect to trusted server using the puppet
  certificate for client authentication
* Ruby security fix
  - Bumped Ruby to 2.7.6 to fix CVE-2022-28739. PA-4364

7.15.0 (2022-03)

Resolved issues

* puppet lookup fails to interpolate topscope variables when an environment
  is specified
* Rspec tests with custom facts fail on some modules
* No option to fail fast when agent-specified environment does not exist
* Nokigiri upgrade for macOS
* Some gemspecs are missing from puppet-agent MSI

7.14.0 (2022-01)


* Support for RHEL 9
* Bump Ruby component

Resolved issues

* Puppet uses deprecated psych features
* Agent no longer calls the Puppet::Node terminus to resolve the environment
  during the run
* Puppet user and service resources are slow on Mac OS X
* Puppet lookups failed due to missing certificates
* Lockups on servers running in multithreaded mode
* The generate types command does not handle errors correctly
   2022-04-28 16:54:53 by Jonathan Perkin | Files touched by this commit (2) | Package updated
Log message:
puppet: Fix up SMF install on SunOS.

There's no way that this package is working correctly anywhere though, there
are many broken paths.  It needs quite a bit of love, and an update.
   2021-12-14 15:47:28 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
sysutils/puppet: update to 7.13.1

Puppet 7.13.1 (2021-12-09)


ENC enforced environment bypass

Changed the priority of the --environment option by skipping the
classification whenever the flag is specified.  This allows the user to
bypass the ENC enforced environment with the CLI option.  PUP-7479

Resolved issues

Puppet::FileSystem.chmod does not validate its arguments
Puppet::FileSystem.chmod now validates its arguments like other
methods.  PUP-11345
Warning: #<Puppet::Transaction::Persistence after upgrading to Puppet agent

Fixes a regression introduced in 6.25.0 and 7.10.0 that caused a
Puppet::Transaction::Persistence warning during each agent run. PUP-11321

User resource tries to create rather than modify users created by a utility

This release moves the ssh_authorized_key resource's creation to the end of
the user type flow, after all user properties and parameters were resolved,
to avoid order dependency errors.  PUP-11320

Puppet code merger using incorrect command

Reduces memory usage when parsing manifests. PUP-11318

Failure when using the names "apply" and "plan" within an \ 
apply() block in a

The names "apply" and "plan" can now be used as resource \ 
parameter names in
all cases.  Previously, using them within an apply() block in a plan would
fail.  PUP-11315

Puppet attempts to execute directories from /etc/init.d/

Prevents Puppet from considering directories from /etc/init.d/ as
services.  PUP-11313

Puppet creates excessive Pathname instances

Reduces the number of Pathname allocations when parsing Puppet manifests.

Pathname.absolute? uses excessive memory

Backported Ruby patch to Pathname.absolute? to reduce memory usage.

High memory consumption from lib/puppet/pops/parser/lexer2.rb

Reduced lexer2 memory usage.  PUP-11236

versioncmp() treats 11.0 as greater than 11

versioncmp() now strips redundant numbers.  PUP-11235

puppet lookup --facts {filename} fails if filename does not contain a dot

Before this release, puppet lookup --facts {filename} failed early when the
filename given did not contain a dot.  This fix removes the early extensions
check and adds a fallback instead: tries both formats (JSON then YAML) to
read the given facts file when its path doesn't end with any of the expected
extensions (yaml/yml/json).  Otherwise, it follows previous implementation
and respects the given extension.  PUP-11204

Facts provided in a file cannot be used for classification

Fixed a bug where facts provided in a file were not being merged with the
facts used for classification.  This is because Puppet collected and merged
the said facts after the classification happened.  To fix this, we ensured
that Puppet resolves the facts being used for classification before the node
request.  PUP-10435

Inconsistent handling of trusted facts in the lookup CLI

When using puppet lookup with --facts, if the facts file overrides any of
hostname, domain, fqdn, clientcert, then it must override all of them.
Also, if a value for certname is provided in a fact file for the lookup
application, use it when creating the trusted information object.  This
makes it possible to override trusted.certname for classification.  PUP-8220

Lookup ignores environment from the classifier when using a rule with
trusted facts

Fixed an issue where trusted facts could not be used as rules for
classification.  This was fixed by gathering the trusted facts from the
PuppetDB query result, and overriding the trusted facts context.  PUP-8094

Misleading results when using --node flag in puppet lookup

Fixed an issue where puppet lookup would result in misleading results when
using the --node flag.  This happened because there can be cases where the
target node does not have any facts cached.  To avoid this, the fix
implemented checks for the node facts/facts given in a fact file, and if it
doesn't find any it raises an error.  PUP-7362

Files starting with "~" in recursive directories are evaluated as usernames

Puppet can now manage files whose names start with tilde "~" characters.

Failed to generate additional resources using 'eval_generate': Cannot manage
files of type socket

This release allows Puppet to retrieve attributes for fifo and socket files
and manage them when the given manifest has a file resource which is
recursing over a given path.  PUP-4045
   2021-12-12 14:38:01 by Takahiro Kambe | Files touched by this commit (4) | Package updated
Log message:
sysutils/puppet: update to 7.12.1

Fixes a few security problems.

* CVE-2021-27025 - Silent Configuration Failure
* CVE-2021-27023 - Unsafe HTTP Redirect.

Other changes are too many to write here, please refer
   2021-10-26 13:20:30 by Nia Alarie | Files touched by this commit (630)
Log message:
sysutils: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes
   2021-10-07 16:58:44 by Nia Alarie | Files touched by this commit (630)
Log message:
sysutils: Remove SHA1 hashes for distfiles
   2021-06-03 17:09:37 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
sysutils/puppet: update to 7.7.0

This release remove restriction to Ruby < 3.

Puppet 7.7.0

Released June 2021.

We would like to thank the following Puppet community members for their
contributions to this release: tobias-urdin and nmaludy.


* Puppet loads internal files using the require_relative method

  When loading internal files, Puppet now uses the require_relative method,
  eliminating thousands of file system calls.  This accounts for between 5
  to 15% of the total number of file system calls for different
  platforms.  PUP-11055

* Case sensitive parameter for the fqdn_rand() function

  The fqdn_rand() function now accepts an optional parameter to downcase the
  FQDN fact, so that the function's result is not case sensitive.  You must
  pass the parameter after the seed string, for example, fqdn_rand(100,
  'expensive job 1', true).  By default, the function remains
  case-sensitive.  PUP-10922

* File limit with the max_files parameter

  By default, the file and tidy resource types generate a warning on the
  Puppet Enterprise (PE) console and report when Puppet tries to manage more
  than 1000 files with the recurse parameter set to true.  The file and tidy
  resource types now support a new parameter — max_files — that enforces a
  hard limit.  If the number of recursive files is greater than the limit,
  the agent run fails.  You can set the max_files parameter to -1 to disable
  the warning.  PUP-10946

* Improved Ruby performance

  This release improves the performance of Ruby, resulting in the follow
    - Puppet now loads and runs faster -- particularly on Windows.  PA-3732
    - New Ruby performance patches -- reducing 50-90% of file IO when
      loading Puppet and Facter.  PA-3732

* Support for macOS 11 and Red Hat 8 Power

  This release adds support for macOS 11 Big Sur (64-bit packages only) and
  Red Hat 8 on IBM Power.  PA-3529, PA-3612.

Resolved issues

* Ruby 3 freezes CHILD_STATUS and cannot be stubbed

  This release eliminates the usage of the $CHILD_STATUS global variable in
  the built-in service and package providers.  PUP-11048

* Ruby 3 removed URI.escape/unescape

  This release eliminates calls to URI.escape/unescape, which was deprecated
  in Ruby 2.x and removed in Ruby 3.  PUP-11046

* Agent failures with server_list

  Previously, when Puppet processed server_list and tried to find a
  functional server, it threw an error if it could not connect, causing the
  agent to fail.  This is now fixed.  PUP-10844

* Puppet does not specify SELinux filetype when getting the default context

  Previously, Puppet created files with the wrong default SELinux context,
  which was only corrected after a subsequent Puppet run.  This is now
  fixed.  Contributed by Puppet community member tobias-urdin. PUP-7559

* Unable to mask a static systemd service

  This release fixes an issue where the systemd provider did not mask static
  systemd services.  Contributed by Puppet community member nmaludy.

* Unable to update UserRightAssignment

  Previously, validating the logonaccount and logonpassword parameters for
  the service resource on Windows failed too early.  This release moves the
  parameters further down the catalog compilation order list to avoid early
  errors.  PUP-10999

* PUPPET_SERVER MSI install property does not work

  Previously, using PUPPET_SERVER as an MSI property did not set the server
  setting.  This is now fixed.  PA-3667