From 43426d89d51977685a77399026b30f9a99139bcb Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 8 Jan 2024 21:30:10 +0100 Subject: [PATCH] shell escape Puppet command options --- lib/beaker_puppet_helpers/module_utils.rb | 5 +++-- spec/beaker_puppet_helpers/module_utils_spec.rb | 7 +++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/beaker_puppet_helpers/module_utils.rb b/lib/beaker_puppet_helpers/module_utils.rb index 905182d..ecd910a 100644 --- a/lib/beaker_puppet_helpers/module_utils.rb +++ b/lib/beaker_puppet_helpers/module_utils.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +require 'shellwords' require 'beaker/command' require 'puppet/modulebuilder' @@ -21,8 +22,8 @@ def install_puppet_module_via_pmt_on(hosts, module_name, version = nil, module_r block_on hosts do |host| puppet_opts = {} puppet_opts.merge!(host[:default_module_install_opts]) if host[:default_module_install_opts] - puppet_opts[:version] = version if version - puppet_opts[:module_repository] = module_repository if module_repository + puppet_opts[:version] = Shellwords.escape(version) if version + puppet_opts[:module_repository] = Shellwords.escape(module_repository) if module_repository on host, Beaker::PuppetCommand.new('module', ['install', module_name], puppet_opts) end diff --git a/spec/beaker_puppet_helpers/module_utils_spec.rb b/spec/beaker_puppet_helpers/module_utils_spec.rb index 2b1a684..deb5dff 100644 --- a/spec/beaker_puppet_helpers/module_utils_spec.rb +++ b/spec/beaker_puppet_helpers/module_utils_spec.rb @@ -37,6 +37,13 @@ def logger dsl.install_puppet_module_via_pmt_on(host, 'test', '1.2.3') end + it 'escapes the version parameter' do + expect(Beaker::PuppetCommand).to receive(:new).with('module', %w[install test], { version: '\\>\\=\\ 4.0\\ \\<\\ 6.0' }).once + expect(dsl).to receive(:on).with(host, anything).once + + dsl.install_puppet_module_via_pmt_on(host, 'test', '>= 4.0 < 6.0') + end + it 'accepts the module_repository parameter' do expect(Beaker::PuppetCommand).to receive(:new).with('module', %w[install test], { module_repository: 'http://forge.example.com' }).once expect(dsl).to receive(:on).with(host, anything).once