diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..12ed4ff109624ca4b2696bdfa6638dcf8967fcbe
--- /dev/null
+++ b/.devcontainer/Dockerfile
@@ -0,0 +1,6 @@
+FROM puppet/pdk:latest
+
+# [Optional] Uncomment this section to install additional packages.
+# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
+# && apt-get -y install --no-install-recommends <your-package-list-here>
+
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000000000000000000000000000000000000..f1a55dc3f0acb1031982196149da8edcb1a2d6ef
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,23 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
+// https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
+{
+ "name": "Puppet Development Kit (Community)",
+ "dockerFile": "Dockerfile",
+
+ // Set *default* container specific settings.json values on container create.
+ "settings": {
+ "terminal.integrated.shell.linux": "/bin/bash"
+ },
+
+ // Add the IDs of extensions you want installed when the container is created.
+ "extensions": [
+ "puppet.puppet-vscode",
+ "rebornix.Ruby"
+ ]
+
+ // Use 'forwardPorts' to make a list of ports inside the container available locally.
+ // "forwardPorts": [],
+
+ // Use 'postCreateCommand' to run commands after the container is created.
+ // "postCreateCommand": "pdk --version",
+}
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000000000000000000000000000000000000..8da4715e7dae6f3e4c91e9c5642ecab5d361d3f7
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,21 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+charset = utf-8
+indent_style = space
+indent_size = 2
+
+# The JSON files contain newlines inconsistently
+[*.json]
+indent_size = 2
+insert_final_newline = ignore
+
+[*.{ps1,psm1}]
+indent_size = 4
diff --git a/.fixtures.yml b/.fixtures.yml
new file mode 100644
index 0000000000000000000000000000000000000000..2296adb3a2c93c33eb195611cddd1d4b433a4dee
--- /dev/null
+++ b/.fixtures.yml
@@ -0,0 +1,6 @@
+# This file can be used to install module dependencies for unit testing
+# See https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures for details
+---
+fixtures:
+ forge_modules:
+# stdlib: "puppetlabs/stdlib"
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d49a282204f95e69b20f82be215ceefc76129d11
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,4 @@
+---
+include:
+ - project: 'puppet-infra/shared-ci-piplines'
+ file: '/puppet-module-pipeline.yaml'
diff --git a/.pdkignore b/.pdkignore
new file mode 100644
index 0000000000000000000000000000000000000000..3c059934e7b2f21e361661b8c5c72b819145d191
--- /dev/null
+++ b/.pdkignore
@@ -0,0 +1,48 @@
+.git/
+.*.sw[op]
+.metadata
+.yardoc
+.yardwarns
+*.iml
+/.bundle/
+/.idea/
+/.vagrant/
+/coverage/
+/bin/
+/doc/
+/Gemfile.local
+/Gemfile.lock
+/junit/
+/log/
+/pkg/
+/spec/fixtures/manifests/
+/spec/fixtures/modules/
+/tmp/
+/vendor/
+/convert_report.txt
+/update_report.txt
+.DS_Store
+.project
+.envrc
+/inventory.yaml
+*~
+\#*\#
+.\#*
+/appveyor.yml
+/.fixtures.yml
+/Gemfile
+/.gitattributes
+/.gitignore
+/.gitlab-ci.yml
+/.pdkignore
+/.puppet-lint.rc
+/Rakefile
+/rakelib/
+/.rspec
+/.rubocop.yml
+/.travis.yml
+/.yardopts
+/spec/
+/.vscode/
+/.sync.yml
+/.devcontainer/
diff --git a/.puppet-lint.rc b/.puppet-lint.rc
new file mode 100644
index 0000000000000000000000000000000000000000..cc96ece0513d69709b87af611173e2a6e4532f62
--- /dev/null
+++ b/.puppet-lint.rc
@@ -0,0 +1 @@
+--relative
diff --git a/.rspec b/.rspec
new file mode 100644
index 0000000000000000000000000000000000000000..16f9cdb013585a86aa600f8d0c002e8a2c33b6a9
--- /dev/null
+++ b/.rspec
@@ -0,0 +1,2 @@
+--color
+--format documentation
diff --git a/.rubocop.yml b/.rubocop.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8f782e741528905cd59743f73283f8a39e9bf210
--- /dev/null
+++ b/.rubocop.yml
@@ -0,0 +1,519 @@
+---
+require:
+- rubocop-performance
+- rubocop-rspec
+AllCops:
+ DisplayCopNames: true
+ TargetRubyVersion: '2.4'
+ Include:
+ - "**/*.rb"
+ Exclude:
+ - bin/*
+ - ".vendor/**/*"
+ - "**/Gemfile"
+ - "**/Rakefile"
+ - pkg/**/*
+ - spec/fixtures/**/*
+ - vendor/**/*
+ - "**/Puppetfile"
+ - "**/Vagrantfile"
+ - "**/Guardfile"
+Layout/LineLength:
+ Description: People have wide screens, use them.
+ Max: 200
+RSpec/BeforeAfterAll:
+ Description: Beware of using after(:all) as it may cause state to leak between tests.
+ A necessary evil in acceptance testing.
+ Exclude:
+ - spec/acceptance/**/*.rb
+RSpec/HookArgument:
+ Description: Prefer explicit :each argument, matching existing module's style
+ EnforcedStyle: each
+RSpec/DescribeSymbol:
+ Exclude:
+ - spec/unit/facter/**/*.rb
+Style/BlockDelimiters:
+ Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
+ be consistent then.
+ EnforcedStyle: braces_for_chaining
+Style/ClassAndModuleChildren:
+ Description: Compact style reduces the required amount of indentation.
+ EnforcedStyle: compact
+Style/EmptyElse:
+ Description: Enforce against empty else clauses, but allow `nil` for clarity.
+ EnforcedStyle: empty
+Style/FormatString:
+ Description: Following the main puppet project's style, prefer the % format format.
+ EnforcedStyle: percent
+Style/FormatStringToken:
+ Description: Following the main puppet project's style, prefer the simpler template
+ tokens over annotated ones.
+ EnforcedStyle: template
+Style/Lambda:
+ Description: Prefer the keyword for easier discoverability.
+ EnforcedStyle: literal
+Style/RegexpLiteral:
+ Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168
+ EnforcedStyle: percent_r
+Style/TernaryParentheses:
+ Description: Checks for use of parentheses around ternary conditions. Enforce parentheses
+ on complex expressions for better readability, but seriously consider breaking
+ it up.
+ EnforcedStyle: require_parentheses_when_complex
+Style/TrailingCommaInArguments:
+ Description: Prefer always trailing comma on multiline argument lists. This makes
+ diffs, and re-ordering nicer.
+ EnforcedStyleForMultiline: comma
+Style/TrailingCommaInArrayLiteral:
+ Description: Prefer always trailing comma on multiline literals. This makes diffs,
+ and re-ordering nicer.
+ EnforcedStyleForMultiline: comma
+Style/SymbolArray:
+ Description: Using percent style obscures symbolic intent of array's contents.
+ EnforcedStyle: brackets
+RSpec/MessageSpies:
+ EnforcedStyle: receive
+Style/Documentation:
+ Exclude:
+ - lib/puppet/parser/functions/**/*
+ - spec/**/*
+Style/WordArray:
+ EnforcedStyle: brackets
+Performance/AncestorsInclude:
+ Enabled: true
+Performance/BigDecimalWithNumericArgument:
+ Enabled: true
+Performance/BlockGivenWithExplicitBlock:
+ Enabled: true
+Performance/CaseWhenSplat:
+ Enabled: true
+Performance/ConstantRegexp:
+ Enabled: true
+Performance/MethodObjectAsBlock:
+ Enabled: true
+Performance/RedundantSortBlock:
+ Enabled: true
+Performance/RedundantStringChars:
+ Enabled: true
+Performance/ReverseFirst:
+ Enabled: true
+Performance/SortReverse:
+ Enabled: true
+Performance/Squeeze:
+ Enabled: true
+Performance/StringInclude:
+ Enabled: true
+Performance/Sum:
+ Enabled: true
+Style/CollectionMethods:
+ Enabled: true
+Style/MethodCalledOnDoEndBlock:
+ Enabled: true
+Style/StringMethods:
+ Enabled: true
+Bundler/InsecureProtocolSource:
+ Enabled: false
+Gemspec/DuplicatedAssignment:
+ Enabled: false
+Gemspec/OrderedDependencies:
+ Enabled: false
+Gemspec/RequiredRubyVersion:
+ Enabled: false
+Gemspec/RubyVersionGlobalsUsage:
+ Enabled: false
+Layout/ArgumentAlignment:
+ Enabled: false
+Layout/BeginEndAlignment:
+ Enabled: false
+Layout/ClosingHeredocIndentation:
+ Enabled: false
+Layout/EmptyComment:
+ Enabled: false
+Layout/EmptyLineAfterGuardClause:
+ Enabled: false
+Layout/EmptyLinesAroundArguments:
+ Enabled: false
+Layout/EmptyLinesAroundAttributeAccessor:
+ Enabled: false
+Layout/EndOfLine:
+ Enabled: false
+Layout/FirstArgumentIndentation:
+ Enabled: false
+Layout/HashAlignment:
+ Enabled: false
+Layout/HeredocIndentation:
+ Enabled: false
+Layout/LeadingEmptyLines:
+ Enabled: false
+Layout/SpaceAroundMethodCallOperator:
+ Enabled: false
+Layout/SpaceInsideArrayLiteralBrackets:
+ Enabled: false
+Layout/SpaceInsideReferenceBrackets:
+ Enabled: false
+Lint/BigDecimalNew:
+ Enabled: false
+Lint/BooleanSymbol:
+ Enabled: false
+Lint/ConstantDefinitionInBlock:
+ Enabled: false
+Lint/DeprecatedOpenSSLConstant:
+ Enabled: false
+Lint/DisjunctiveAssignmentInConstructor:
+ Enabled: false
+Lint/DuplicateElsifCondition:
+ Enabled: false
+Lint/DuplicateRequire:
+ Enabled: false
+Lint/DuplicateRescueException:
+ Enabled: false
+Lint/EmptyConditionalBody:
+ Enabled: false
+Lint/EmptyFile:
+ Enabled: false
+Lint/ErbNewArguments:
+ Enabled: false
+Lint/FloatComparison:
+ Enabled: false
+Lint/HashCompareByIdentity:
+ Enabled: false
+Lint/IdentityComparison:
+ Enabled: false
+Lint/InterpolationCheck:
+ Enabled: false
+Lint/MissingCopEnableDirective:
+ Enabled: false
+Lint/MixedRegexpCaptureTypes:
+ Enabled: false
+Lint/NestedPercentLiteral:
+ Enabled: false
+Lint/NonDeterministicRequireOrder:
+ Enabled: false
+Lint/OrderedMagicComments:
+ Enabled: false
+Lint/OutOfRangeRegexpRef:
+ Enabled: false
+Lint/RaiseException:
+ Enabled: false
+Lint/RedundantCopEnableDirective:
+ Enabled: false
+Lint/RedundantRequireStatement:
+ Enabled: false
+Lint/RedundantSafeNavigation:
+ Enabled: false
+Lint/RedundantWithIndex:
+ Enabled: false
+Lint/RedundantWithObject:
+ Enabled: false
+Lint/RegexpAsCondition:
+ Enabled: false
+Lint/ReturnInVoidContext:
+ Enabled: false
+Lint/SafeNavigationConsistency:
+ Enabled: false
+Lint/SafeNavigationWithEmpty:
+ Enabled: false
+Lint/SelfAssignment:
+ Enabled: false
+Lint/SendWithMixinArgument:
+ Enabled: false
+Lint/ShadowedArgument:
+ Enabled: false
+Lint/StructNewOverride:
+ Enabled: false
+Lint/ToJSON:
+ Enabled: false
+Lint/TopLevelReturnWithArgument:
+ Enabled: false
+Lint/TrailingCommaInAttributeDeclaration:
+ Enabled: false
+Lint/UnreachableLoop:
+ Enabled: false
+Lint/UriEscapeUnescape:
+ Enabled: false
+Lint/UriRegexp:
+ Enabled: false
+Lint/UselessMethodDefinition:
+ Enabled: false
+Lint/UselessTimes:
+ Enabled: false
+Metrics/AbcSize:
+ Enabled: false
+Metrics/BlockLength:
+ Enabled: false
+Metrics/BlockNesting:
+ Enabled: false
+Metrics/ClassLength:
+ Enabled: false
+Metrics/CyclomaticComplexity:
+ Enabled: false
+Metrics/MethodLength:
+ Enabled: false
+Metrics/ModuleLength:
+ Enabled: false
+Metrics/ParameterLists:
+ Enabled: false
+Metrics/PerceivedComplexity:
+ Enabled: false
+Migration/DepartmentName:
+ Enabled: false
+Naming/AccessorMethodName:
+ Enabled: false
+Naming/BlockParameterName:
+ Enabled: false
+Naming/HeredocDelimiterCase:
+ Enabled: false
+Naming/HeredocDelimiterNaming:
+ Enabled: false
+Naming/MemoizedInstanceVariableName:
+ Enabled: false
+Naming/MethodParameterName:
+ Enabled: false
+Naming/RescuedExceptionsVariableName:
+ Enabled: false
+Naming/VariableNumber:
+ Enabled: false
+Performance/BindCall:
+ Enabled: false
+Performance/DeletePrefix:
+ Enabled: false
+Performance/DeleteSuffix:
+ Enabled: false
+Performance/InefficientHashSearch:
+ Enabled: false
+Performance/UnfreezeString:
+ Enabled: false
+Performance/UriDefaultParser:
+ Enabled: false
+RSpec/Be:
+ Enabled: false
+RSpec/Capybara/CurrentPathExpectation:
+ Enabled: false
+RSpec/Capybara/FeatureMethods:
+ Enabled: false
+RSpec/Capybara/VisibilityMatcher:
+ Enabled: false
+RSpec/ContextMethod:
+ Enabled: false
+RSpec/ContextWording:
+ Enabled: false
+RSpec/DescribeClass:
+ Enabled: false
+RSpec/EmptyHook:
+ Enabled: false
+RSpec/EmptyLineAfterExample:
+ Enabled: false
+RSpec/EmptyLineAfterExampleGroup:
+ Enabled: false
+RSpec/EmptyLineAfterHook:
+ Enabled: false
+RSpec/ExampleLength:
+ Enabled: false
+RSpec/ExampleWithoutDescription:
+ Enabled: false
+RSpec/ExpectChange:
+ Enabled: false
+RSpec/ExpectInHook:
+ Enabled: false
+RSpec/FactoryBot/AttributeDefinedStatically:
+ Enabled: false
+RSpec/FactoryBot/CreateList:
+ Enabled: false
+RSpec/FactoryBot/FactoryClassName:
+ Enabled: false
+RSpec/HooksBeforeExamples:
+ Enabled: false
+RSpec/ImplicitBlockExpectation:
+ Enabled: false
+RSpec/ImplicitSubject:
+ Enabled: false
+RSpec/LeakyConstantDeclaration:
+ Enabled: false
+RSpec/LetBeforeExamples:
+ Enabled: false
+RSpec/MissingExampleGroupArgument:
+ Enabled: false
+RSpec/MultipleExpectations:
+ Enabled: false
+RSpec/MultipleMemoizedHelpers:
+ Enabled: false
+RSpec/MultipleSubjects:
+ Enabled: false
+RSpec/NestedGroups:
+ Enabled: false
+RSpec/PredicateMatcher:
+ Enabled: false
+RSpec/ReceiveCounts:
+ Enabled: false
+RSpec/ReceiveNever:
+ Enabled: false
+RSpec/RepeatedExampleGroupBody:
+ Enabled: false
+RSpec/RepeatedExampleGroupDescription:
+ Enabled: false
+RSpec/RepeatedIncludeExample:
+ Enabled: false
+RSpec/ReturnFromStub:
+ Enabled: false
+RSpec/SharedExamples:
+ Enabled: false
+RSpec/StubbedMock:
+ Enabled: false
+RSpec/UnspecifiedException:
+ Enabled: false
+RSpec/VariableDefinition:
+ Enabled: false
+RSpec/VoidExpect:
+ Enabled: false
+RSpec/Yield:
+ Enabled: false
+Security/Open:
+ Enabled: false
+Style/AccessModifierDeclarations:
+ Enabled: false
+Style/AccessorGrouping:
+ Enabled: false
+Style/AsciiComments:
+ Enabled: false
+Style/BisectedAttrAccessor:
+ Enabled: false
+Style/CaseLikeIf:
+ Enabled: false
+Style/ClassEqualityComparison:
+ Enabled: false
+Style/ColonMethodDefinition:
+ Enabled: false
+Style/CombinableLoops:
+ Enabled: false
+Style/CommentedKeyword:
+ Enabled: false
+Style/Dir:
+ Enabled: false
+Style/DoubleCopDisableDirective:
+ Enabled: false
+Style/EmptyBlockParameter:
+ Enabled: false
+Style/EmptyLambdaParameter:
+ Enabled: false
+Style/Encoding:
+ Enabled: false
+Style/EvalWithLocation:
+ Enabled: false
+Style/ExpandPathArguments:
+ Enabled: false
+Style/ExplicitBlockArgument:
+ Enabled: false
+Style/ExponentialNotation:
+ Enabled: false
+Style/FloatDivision:
+ Enabled: false
+Style/FrozenStringLiteralComment:
+ Enabled: false
+Style/GlobalStdStream:
+ Enabled: false
+Style/HashAsLastArrayItem:
+ Enabled: false
+Style/HashLikeCase:
+ Enabled: false
+Style/HashTransformKeys:
+ Enabled: false
+Style/HashTransformValues:
+ Enabled: false
+Style/IfUnlessModifier:
+ Enabled: false
+Style/KeywordParametersOrder:
+ Enabled: false
+Style/MinMax:
+ Enabled: false
+Style/MixinUsage:
+ Enabled: false
+Style/MultilineWhenThen:
+ Enabled: false
+Style/NegatedUnless:
+ Enabled: false
+Style/NumericPredicate:
+ Enabled: false
+Style/OptionalBooleanParameter:
+ Enabled: false
+Style/OrAssignment:
+ Enabled: false
+Style/RandomWithOffset:
+ Enabled: false
+Style/RedundantAssignment:
+ Enabled: false
+Style/RedundantCondition:
+ Enabled: false
+Style/RedundantConditional:
+ Enabled: false
+Style/RedundantFetchBlock:
+ Enabled: false
+Style/RedundantFileExtensionInRequire:
+ Enabled: false
+Style/RedundantRegexpCharacterClass:
+ Enabled: false
+Style/RedundantRegexpEscape:
+ Enabled: false
+Style/RedundantSelfAssignment:
+ Enabled: false
+Style/RedundantSort:
+ Enabled: false
+Style/RescueStandardError:
+ Enabled: false
+Style/SingleArgumentDig:
+ Enabled: false
+Style/SlicingWithRange:
+ Enabled: false
+Style/SoleNestedConditional:
+ Enabled: false
+Style/StderrPuts:
+ Enabled: false
+Style/StringConcatenation:
+ Enabled: false
+Style/Strip:
+ Enabled: false
+Style/SymbolProc:
+ Enabled: false
+Style/TrailingBodyOnClass:
+ Enabled: false
+Style/TrailingBodyOnMethodDefinition:
+ Enabled: false
+Style/TrailingBodyOnModule:
+ Enabled: false
+Style/TrailingCommaInHashLiteral:
+ Enabled: false
+Style/TrailingMethodEndStatement:
+ Enabled: false
+Style/UnpackFirst:
+ Enabled: false
+Lint/DuplicateBranch:
+ Enabled: false
+Lint/DuplicateRegexpCharacterClassElement:
+ Enabled: false
+Lint/EmptyBlock:
+ Enabled: false
+Lint/EmptyClass:
+ Enabled: false
+Lint/NoReturnInBeginEndBlocks:
+ Enabled: false
+Lint/ToEnumArguments:
+ Enabled: false
+Lint/UnexpectedBlockArity:
+ Enabled: false
+Lint/UnmodifiedReduceAccumulator:
+ Enabled: false
+Performance/CollectionLiteralInLoop:
+ Enabled: false
+Style/ArgumentsForwarding:
+ Enabled: false
+Style/CollectionCompact:
+ Enabled: false
+Style/DocumentDynamicEvalDefinition:
+ Enabled: false
+Style/NegatedIfElseCondition:
+ Enabled: false
+Style/NilLambda:
+ Enabled: false
+Style/RedundantArgument:
+ Enabled: false
+Style/SwapValues:
+ Enabled: false
diff --git a/.sync.yml b/.sync.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8c2c98ed7242c79e8d57e882d3df06f18ec0d781
--- /dev/null
+++ b/.sync.yml
@@ -0,0 +1,8 @@
+# This file can be used to customize the files managed by PDK.
+#
+# See https://github.com/puppetlabs/pdk-templates/blob/main/README.md
+# for more information.
+#
+# See https://github.com/puppetlabs/pdk-templates/blob/main/config_defaults.yml
+# for the default values.
+--- {}
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
new file mode 100644
index 0000000000000000000000000000000000000000..24650e52586e9ab1e85de79e06f5dc8790efcdd2
--- /dev/null
+++ b/.vscode/extensions.json
@@ -0,0 +1,8 @@
+{
+ "recommendations": [
+ "puppet.puppet-vscode",
+ "rebornix.Ruby",
+ "ms-vscode.powershell",
+ "EditorConfig.EditorConfig"
+ ]
+}
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 0000000000000000000000000000000000000000..79547efad98d0396e7ce8998f465899e6e6ec467
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,26 @@
+{
+ // Enable per-language
+ "[powershell]": {
+ "editor.formatOnSave": true
+ },
+ // Controls how the editor should render whitespace characters, possibilities are 'none', 'boundary', and 'all'. The 'boundary' option does not render single spaces between words.
+ "editor.renderWhitespace": "boundary", // Default: none
+ // Does not reformat one-line code blocks, such as "if (...) {...} else {...}".
+ "powershell.codeFormatting.ignoreOneLineBlock": false, // Default: True
+ // Adds a newline (line break) after a closing brace.
+ "powershell.codeFormatting.newLineAfterCloseBrace": true, // Default: True
+ // Adds a newline (line break) after an open brace.
+ "powershell.codeFormatting.newLineAfterOpenBrace": true, // Default: True
+ // Places open brace on the same line as its associated statement.
+ "powershell.codeFormatting.openBraceOnSameLine": true, // Default: True
+ // Adds a space after a separator (',' and ';').
+ "powershell.codeFormatting.whitespaceAfterSeparator": true, // Default: True
+ // Adds spaces before and after an operator ('=', '+', '-', etc.).
+ "powershell.codeFormatting.whitespaceAroundOperator": true, // Default: True
+ // Adds a space between a keyword and its associated scriptblock expression.
+ "powershell.codeFormatting.whitespaceBeforeOpenBrace": true, // Default: True
+ // Adds a space between a keyword (if, elseif, while, switch, etc) and its associated conditional expression.
+ "powershell.codeFormatting.whitespaceBeforeOpenParen": true, // Default: True
+ // Align assignment statements in a hashtable or a DSC Configuration.
+ "powershell.codeFormatting.alignPropertyValuePairs": true // Default: True
+}
diff --git a/.yardopts b/.yardopts
new file mode 100644
index 0000000000000000000000000000000000000000..29c933bcf15d56c2583bbfafabc88093ffa1da68
--- /dev/null
+++ b/.yardopts
@@ -0,0 +1 @@
+--markup markdown
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000000000000000000000000000000000000..d7bba92b3089535e5e3845fdac607a841c433478
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,11 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## Release 0.0.0
+
+**Features**
+
+**Bugfixes**
+
+**Known Issues**
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000000000000000000000000000000000000..581f5d708f2ae0c66e6298611cc15c5b6cfe539a
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,69 @@
+source ENV['GEM_SOURCE'] || 'https://rubygems.org'
+
+def location_for(place_or_version, fake_version = nil)
+ git_url_regex = %r{\A(?<url>(https?|git)[:@][^#]*)(#(?<branch>.*))?}
+ file_url_regex = %r{\Afile:\/\/(?<path>.*)}
+
+ if place_or_version && (git_url = place_or_version.match(git_url_regex))
+ [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact
+ elsif place_or_version && (file_url = place_or_version.match(file_url_regex))
+ ['>= 0', { path: File.expand_path(file_url[:path]), require: false }]
+ else
+ [place_or_version, { require: false }]
+ end
+end
+
+ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
+minor_version = ruby_version_segments[0..1].join('.')
+
+group :development do
+ gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
+ gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
+ gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet-lint-absolute_classname-check", '3.0.0', require: false
+ gem "puppet-lint-absolute_template_path", '1.0.1', require: false
+ gem "puppet-lint-empty_trailing_lines", '0.0.1', require: false
+ gem "puppet-lint-file_ensure-check", '0.3.1', require: false
+ gem "puppet-lint-strict_indent-check", '2.0.7', require: false
+ gem "puppet-lint-trailing_comma-check", '0.4.2', require: false
+ gem "puppet-lint-unquoted_string-check", '2.0.0', require: false
+end
+group :system_tests do
+ gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
+ gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+end
+
+puppet_version = ENV['PUPPET_GEM_VERSION']
+facter_version = ENV['FACTER_GEM_VERSION']
+hiera_version = ENV['HIERA_GEM_VERSION']
+
+gems = {}
+
+gems['puppet'] = location_for(puppet_version)
+
+# If facter or hiera versions have been specified via the environment
+# variables
+
+gems['facter'] = location_for(facter_version) if facter_version
+gems['hiera'] = location_for(hiera_version) if hiera_version
+
+gems.each do |gem_name, gem_params|
+ gem gem_name, *gem_params
+end
+
+# Evaluate Gemfile.local and ~/.gemfile if they exist
+extra_gemfiles = [
+ "#{__FILE__}.local",
+ File.join(Dir.home, '.gemfile'),
+]
+
+extra_gemfiles.each do |gemfile|
+ if File.file?(gemfile) && File.readable?(gemfile)
+ eval(File.read(gemfile), binding)
+ end
+end
+# vim: syntax=ruby
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000000000000000000000000000000000000..2906c15babbebe65d3ed29e72a07328609fefe8e
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require 'bundler'
+require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-syntax/tasks/puppet-syntax'
+require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
+require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
+require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
+
+def changelog_user
+ return unless Rake.application.top_level_tasks.include? "changelog"
+ returnVal = nil || JSON.load(File.read('metadata.json'))['author']
+ raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil?
+ puts "GitHubChangelogGenerator user:#{returnVal}"
+ returnVal
+end
+
+def changelog_project
+ return unless Rake.application.top_level_tasks.include? "changelog"
+
+ returnVal = nil
+ returnVal ||= begin
+ metadata_source = JSON.load(File.read('metadata.json'))['source']
+ metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
+
+ metadata_source_match && metadata_source_match[1]
+ end
+
+ raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
+
+ puts "GitHubChangelogGenerator project:#{returnVal}"
+ returnVal
+end
+
+def changelog_future_release
+ return unless Rake.application.top_level_tasks.include? "changelog"
+ returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
+ raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
+ puts "GitHubChangelogGenerator future_release:#{returnVal}"
+ returnVal
+end
+
+PuppetLint.configuration.send('disable_relative')
+
+if Bundler.rubygems.find_name('github_changelog_generator').any?
+ GitHubChangelogGenerator::RakeTask.new :changelog do |config|
+ raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
+ config.user = "#{changelog_user}"
+ config.project = "#{changelog_project}"
+ config.future_release = "#{changelog_future_release}"
+ config.exclude_labels = ['maintenance']
+ config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
+ config.add_pr_wo_labels = true
+ config.issues = false
+ config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
+ config.configure_sections = {
+ "Changed" => {
+ "prefix" => "### Changed",
+ "labels" => ["backwards-incompatible"],
+ },
+ "Added" => {
+ "prefix" => "### Added",
+ "labels" => ["enhancement", "feature"],
+ },
+ "Fixed" => {
+ "prefix" => "### Fixed",
+ "labels" => ["bug", "documentation", "bugfix"],
+ },
+ }
+ end
+else
+ desc 'Generate a Changelog from GitHub'
+ task :changelog do
+ raise <<EOM
+The changelog tasks depends on recent features of the github_changelog_generator gem.
+Please manually add it to your .sync.yml for now, and run `pdk update`:
+---
+Gemfile:
+ optional:
+ ':development':
+ - gem: 'github_changelog_generator'
+ version: '~> 1.15'
+ condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
+EOM
+ end
+end
+
diff --git a/manifests/aes_sw.pp b/manifests/aes_sw.pp
index d4700177d03dfffb0e7fc42fd97eb22cd900f7f1..d907ca2f141cd5e5d6291e387c19a49e1dc3f613 100644
--- a/manifests/aes_sw.pp
+++ b/manifests/aes_sw.pp
@@ -1,7 +1,7 @@
class aes::aes_sw {
$examadm_user = examadm
- $examadm_group = "${examadm_user}"
+ $examadm_group = $examadm_user
$examadm_home = "/home/${examadm_user}"
package {
@@ -13,27 +13,27 @@ class aes::aes_sw {
ensure => installed,
}
- user { "examadm" :
- ensure => present,
+ user { 'examadm' :
+ ensure => present,
managehome => false,
membership => inclusive,
- system => true,
- shell => '/sbin/nologin',
+ system => true,
+ shell => '/sbin/nologin',
}
- file { "${examadm_home}":
+ file { $examadm_home:
ensure => directory,
mode => '0755',
- owner => "${examadm_user}",
- group => "${examadm_group}",
+ owner => $examadm_user,
+ group => $examadm_group,
}
- file { "/etc/systemd/system/aes_login.service":
- ensure => present,
- owner => root,
- group => root,
- mode => '0644',
- content => @(LOGINSERVICE)
+ file { '/etc/systemd/system/aes_login.service':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0644',
+ content => @(LOGINSERVICE),
[Unit]
Description=AES Login server
After=network.target
@@ -50,16 +50,16 @@ class aes::aes_sw {
}
# todo: logrotate
- service { "aes_login" :
- ensure => "running",
+ service { 'aes_login' :
+ ensure => 'running',
}
- file { "/etc/systemd/system/aes_ms.service":
- ensure => present,
- owner => root,
- group => root,
- mode => '0644',
- content => @(MSSERVICE)
+ file { '/etc/systemd/system/aes_ms.service':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0644',
+ content => @(MSSERVICE),
[Unit]
Description=AES Exam server
After=network.target
@@ -75,31 +75,31 @@ class aes::aes_sw {
| MSSERVICE
}
- file { "/etc/cron.daily/aes_ms":
- ensure => present,
- owner => root,
- group => root,
- mode => '0700',
- content => @(MSCRON)
+ file { '/etc/cron.daily/aes_ms':
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0700',
+ content => @(MSCRON),
#!/bin/sh
/usr/bin/systemctl restart aes_ms
| MSCRON
}
# todo: logrotate
- service { "aes_ms" :
- ensure => "running",
+ service { 'aes_ms' :
+ ensure => 'running',
}
exec { 'script-repo-updated':
command => "/opt/utils/update_repo.sh ${examadm_home}/scripts https://oauth2:iAyewr9Jq5E-tnsVrmbj@gitlab.liu.se/examadm/scripts.git master",
- cwd => "${examadm_home}",
- user => "${examadm_user}",
- group => "${examadm_group}",
+ cwd => $examadm_home,
+ user => $examadm_user,
+ group => $examadm_group,
}
schedule { 'everyday':
period => daily,
- range => '01:00 - 04:00',
+ range => '01:00 - 04:00',
}
}
diff --git a/manifests/auth.pp b/manifests/auth.pp
index fae4da6870c814e1f6b510171b713ddbf0ee3cd5..be636f5463f919987366c10a1831a3ad83c82adb 100644
--- a/manifests/auth.pp
+++ b/manifests/auth.pp
@@ -1,12 +1,12 @@
class aes::auth(
Optional[String] $keytab_production = undef,
Optional[String] $keytab_devel = undef
-){
+) {
$auth_user = auth
- $auth_group = "${auth_user}"
+ $auth_group = $auth_user
$auth_home = "/srv/${auth_user}"
- $auth_service = "aes_auth"
+ $auth_service = 'aes_auth'
# Pick the right keytab for the current environment. We use the fqdn rather than
# $environment since the keys are tied to the domain name rather than what
@@ -14,11 +14,11 @@ class aes::auth(
if $facts[fqdn] == 'aes.edu.liu.se' {
# The AD service account for this key is: ida_sys002_srv
$auth_keytab_data = $keytab_production
- $server_type = "production"
+ $server_type = 'production'
} elsif $facts[fqdn] == 'aes-devel.edu.liu.se' {
# The AD service account for this key is: ida_sys004_srv
$auth_keytab_data = $keytab_devel
- $server_type = "devel"
+ $server_type = 'devel'
} else {
$auth_keytab_data = undef
}
@@ -28,39 +28,39 @@ class aes::auth(
# since both the auth server and the broker requires boost.
package {
[
- 'krb5-libs',
- 'krb5-devel',
- 'openssl-devel',
+ 'krb5-libs',
+ 'krb5-devel',
+ 'openssl-devel',
]:
ensure => installed,
}
# Group for local authentication. All accounts that are members
# of this group are considered trusted by the authentication system.
- group { "aes_local_auth" :
- ensure => present
+ group { 'aes_local_auth' :
+ ensure => present,
}
- user { "${auth_user}" :
- ensure => present,
- home => "${auth_home}",
- comment => 'Authentication server for AES',
+ user { $auth_user :
+ ensure => present,
+ home => $auth_home,
+ comment => 'Authentication server for AES',
managehome => false,
membership => inclusive,
- groups => [ "aes_local_auth" ],
- system => true,
- shell => '/sbin/nologin',
+ groups => [ 'aes_local_auth' ],
+ system => true,
+ shell => '/sbin/nologin',
}
- file { "${auth_home}" :
+ file { $auth_home :
ensure => directory,
- owner => "${auth_user}",
- group => "${auth_group}",
- mode => '0755',
+ owner => $auth_user,
+ group => $auth_group,
+ mode => '0755',
}
file { "/etc/systemd/system/${auth_service}.service" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0644',
@@ -68,7 +68,7 @@ class aes::auth(
}
file { "${auth_home}/on_update.sh" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0700',
@@ -76,50 +76,49 @@ class aes::auth(
}
file { "${auth_home}/config.json" :
- ensure => present,
- owner => "${auth_user}",
- group => "${auth_group}",
+ ensure => file,
+ owner => $auth_user,
+ group => $auth_group,
mode => '0644',
source => "puppet:///modules/${module_name}/auth/config.json",
}
file { "${auth_home}/start.sh" :
- ensure => present,
- owner => "${auth_user}",
- group => "${auth_group}",
+ ensure => file,
+ owner => $auth_user,
+ group => $auth_group,
mode => '0755',
source => "puppet:///modules/${module_name}/auth/start.sh",
}
file { "${auth_home}/keys" :
ensure => directory,
- owner => "${auth_user}",
- group => "${auth_group}",
- mode => "0700"
+ owner => $auth_user,
+ group => $auth_group,
+ mode => '0700',
}
if $auth_keytab_data {
file { "${auth_home}/keys/kerberos.keytab" :
- ensure => file,
- owner => root,
- group => "${auth_group}",
- mode => "0640",
- content => "${auth_keytab_data}"
+ ensure => file,
+ owner => root,
+ group => $auth_group,
+ mode => '0640',
+ content => $auth_keytab_data,
}
}
exec { 'update-auth-repo' :
- command => "/opt/utils/update_repo.sh ${auth_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
+ command => "/opt/utils/update_repo.sh ${auth_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
environment => [ "REPO_USER=${auth_user}", "REPO_GROUP=${auth_group}", "REPO_ON_UPDATE=${auth_home}/on_update.sh" ],
# This command will need to run "on_update" as root in order to restart the service.
- user => root,
- group => root,
- cwd => "${auth_home}",
- require => File["${auth_home}/on_update.sh"],
+ user => root,
+ group => root,
+ cwd => $auth_home,
+ require => File["${auth_home}/on_update.sh"],
}
- service { "${auth_service}" :
- ensure => "running",
+ service { $auth_service :
+ ensure => 'running',
}
-
-}
\ No newline at end of file
+}
diff --git a/manifests/auth_keydb.pp b/manifests/auth_keydb.pp
index d56a745ec9a6e11452b80bc625c0f503b50007c1..72a808e05a22f7274e85e093d6d0148b9c4d3f2b 100644
--- a/manifests/auth_keydb.pp
+++ b/manifests/auth_keydb.pp
@@ -1,39 +1,39 @@
class aes::auth_keydb {
$keydb_user = auth_keydb
- $keydb_group = "${keydb_user}"
+ $keydb_group = $keydb_user
$keydb_home = "/srv/${keydb_user}"
- $keydb_service = "aes_auth_keydb"
+ $keydb_service = 'aes_auth_keydb'
# Figure out which certificate to use based on the hostname.
if $facts[fqdn] == 'aes.edu.liu.se' {
- $server_type = "production"
+ $server_type = 'production'
} elsif $facts[fqdn] == 'aes-devel.edu.liu.se' {
- $server_type = "devel"
+ $server_type = 'devel'
} else {
$server_type = undef
}
- user { "${keydb_user}" :
- ensure => present,
- home => "${keydb_home}",
- comment => 'Authentication server for AES',
+ user { $keydb_user :
+ ensure => present,
+ home => $keydb_home,
+ comment => 'Authentication server for AES',
managehome => false,
membership => inclusive,
- groups => [ "aes_local_auth" ],
- system => true,
- shell => '/sbin/nologin',
+ groups => [ 'aes_local_auth' ],
+ system => true,
+ shell => '/sbin/nologin',
}
- file { "${keydb_home}" :
+ file { $keydb_home :
ensure => directory,
- owner => "${keydb_user}",
- group => "${keydb_group}",
- mode => '0755',
+ owner => $keydb_user,
+ group => $keydb_group,
+ mode => '0755',
}
file { "/etc/systemd/system/${keydb_service}.service" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0644',
@@ -41,7 +41,7 @@ class aes::auth_keydb {
}
file { "${keydb_home}/on_update.sh" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0700',
@@ -49,30 +49,29 @@ class aes::auth_keydb {
}
exec { 'update-keydb-repo' :
- command => "/opt/utils/update_repo.sh ${keydb_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
+ command => "/opt/utils/update_repo.sh ${keydb_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
environment => [ "REPO_USER=${keydb_user}", "REPO_GROUP=${keydb_group}", "REPO_ON_UPDATE=${keydb_home}/on_update.sh" ],
# This command will need to run "on_update" as root in order to restart the service.
- user => root,
- group => root,
- cwd => "${keydb_home}",
- require => File["${keydb_home}/on_update.sh"],
+ user => root,
+ group => root,
+ cwd => $keydb_home,
+ require => File["${keydb_home}/on_update.sh"],
}
- service { "${keydb_service}" :
- ensure => "running",
+ service { $keydb_service :
+ ensure => 'running',
}
# These are temporary until the AdmC database is up and running.
- file { "/etc/systemd/system/aes_temp_userdb.service" :
- ensure => present,
+ file { '/etc/systemd/system/aes_temp_userdb.service' :
+ ensure => file,
owner => root,
group => root,
mode => '0644',
source => "puppet:///modules/${module_name}/auth/temp_userdb.service",
}
- service { "aes_temp_userdb" :
- ensure => "running",
- }
-}
\ No newline at end of file
+ service { 'aes_temp_userdb' :
+ ensure => 'running',
+}}
\ No newline at end of file
diff --git a/manifests/broker.pp b/manifests/broker.pp
index 685314359d8e28c0549bd0ee1209dccdb7875a31..973989b813a655e6c33de66116f2dd91ddd1fa10 100644
--- a/manifests/broker.pp
+++ b/manifests/broker.pp
@@ -1,48 +1,48 @@
class aes::broker {
$broker_user = broker
- $broker_group = "${broker_user}"
+ $broker_group = $broker_user
$broker_home = "/srv/${broker_user}"
- $broker_service = "aes_broker"
+ $broker_service = 'aes_broker'
# Sadly, it does not seem like we can not only install asio, so we need
# to install the Boost as a whole.
package {
[
- 'boost169',
- 'boost169-devel',
+ 'boost169',
+ 'boost169-devel',
]:
ensure => installed,
}
# Figure out which certificate to use based on the hostname.
if $facts[fqdn] == 'aes.edu.liu.se' {
- $server_type = "production"
+ $server_type = 'production'
} elsif $facts[fqdn] == 'aes-devel.edu.liu.se' {
- $server_type = "devel"
+ $server_type = 'devel'
} else {
$server_type = undef
}
- user { "${broker_user}" :
- ensure => present,
- home => "${broker_home}",
- comment => 'Message broker for AES',
+ user { $broker_user :
+ ensure => present,
+ home => $broker_home,
+ comment => 'Message broker for AES',
managehome => false,
membership => inclusive,
- system => true,
- shell => '/sbin/nologin',
+ system => true,
+ shell => '/sbin/nologin',
}
- file { "${broker_home}" :
+ file { $broker_home :
ensure => directory,
- owner => "${broker_user}",
- group => "${broker_group}",
- mode => '0755',
+ owner => $broker_user,
+ group => $broker_group,
+ mode => '0755',
}
file { "/etc/systemd/system/${broker_service}.service" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0644',
@@ -50,7 +50,7 @@ class aes::broker {
}
file { "${broker_home}/on_update.sh" :
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0700',
@@ -59,47 +59,46 @@ class aes::broker {
file { "${broker_home}/ssl" :
ensure => directory,
- owner => "${broker_user}",
- group => "${broker_group}",
- mode => '0700'
+ owner => $broker_user,
+ group => $broker_group,
+ mode => '0700',
}
file { "${broker_home}/ssl/cert.pem" :
- ensure => present,
- owner => "${broker_user}",
- group => "${broker_group}",
- mode => '0700',
- source => "puppet:///modules/${module_name}/broker/cert/${server_type}_cert.pem"
+ ensure => file,
+ owner => $broker_user,
+ group => $broker_group,
+ mode => '0700',
+ source => "puppet:///modules/${module_name}/broker/cert/${server_type}_cert.pem",
}
file { "${broker_home}/ssl/key.pem" :
- ensure => present,
- owner => "${broker_user}",
- group => "${broker_group}",
- mode => '0700',
- source => "puppet:///modules/${module_name}/broker/cert/${server_type}_key.pem"
+ ensure => file,
+ owner => $broker_user,
+ group => $broker_group,
+ mode => '0700',
+ source => "puppet:///modules/${module_name}/broker/cert/${server_type}_key.pem",
}
file { "${broker_home}/ssl/password" :
- ensure => present,
- owner => "${broker_user}",
- group => "${broker_group}",
- mode => '0700',
- source => "puppet:///modules/${module_name}/broker/cert/${server_type}_password"
+ ensure => file,
+ owner => $broker_user,
+ group => $broker_group,
+ mode => '0700',
+ source => "puppet:///modules/${module_name}/broker/cert/${server_type}_password",
}
exec { 'update-broker-repo' :
- command => "/opt/utils/update_repo.sh ${broker_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
+ command => "/opt/utils/update_repo.sh ${broker_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
environment => [ "REPO_USER=${broker_user}", "REPO_GROUP=${broker_group}", "REPO_ON_UPDATE=${broker_home}/on_update.sh" ],
# This command will need to run "on_update" as root in order to restart the service.
- user => root,
- group => root,
- cwd => "${broker_home}",
- require => File["${broker_home}/on_update.sh"],
+ user => root,
+ group => root,
+ cwd => $broker_home,
+ require => File["${broker_home}/on_update.sh"],
}
- service { "${broker_service}" :
- ensure => "running",
+ service { $broker_service :
+ ensure => 'running',
}
-
-}
\ No newline at end of file
+}
diff --git a/manifests/examfiles.pp b/manifests/examfiles.pp
index 1af3e29ceb94babf50d1ade46545bc18856f4bf6..db8b5d49bfc0a00d5b0907156fccf3480fcf1520 100644
--- a/manifests/examfiles.pp
+++ b/manifests/examfiles.pp
@@ -1,11 +1,11 @@
class aes::examfiles {
- include ::users::henhe83
- include ::users::micis03
- include ::users::jondy94
+ include users::henhe83
+ include users::micis03
+ include users::jondy94
- group { "liuitdrs" :
- ensure => present,
+ group { 'liuitdrs' :
+ ensure => present,
allowdupe => false,
}
diff --git a/manifests/init.pp b/manifests/init.pp
index 363db911693701ee1ad88118b183aaaad093a69e..e722866b50b58d73e57edcb24acff5b243d87e55 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -7,7 +7,7 @@ class aes {
include aes::broker
include aes::auth
include aes::auth_keydb
- include ::liurepo::centos_sclo_rh
+ include liurepo::centos_sclo_rh
package {
[
@@ -36,10 +36,10 @@ class aes {
# File for updating repositories.
file { '/opt/utils':
- ensure => directory,
- mode => '0755',
- owner => root,
- group => root,
+ ensure => directory,
+ mode => '0755',
+ owner => root,
+ group => root,
}
file { '/opt/utils/update_repo.sh':
ensure => file,
@@ -51,19 +51,19 @@ class aes {
# File to easily see when Puppet was last executed.
# Ideally, we would like to know if it is devel or production as well.
- exec { '/usr/bin/touch /var/last_puppet_run' :
- cwd => "/var",
- user => root,
+ exec { '/usr/bin/touch /var/last_puppet_run' :
+ cwd => '/var',
+ user => root,
group => root,
}
# File containing which environment is used.
file { '/var/puppet_environment' :
- ensure => file,
- mode => '0644',
- owner => root,
- group => root,
- content => "${environment}"
+ ensure => file,
+ mode => '0644',
+ owner => root,
+ group => root,
+ content => $environment,
}
::users::liu_user { 'klaar36':
diff --git a/manifests/latex.pp b/manifests/latex.pp
index 8ea97cfe4f329bcfbaaa78286e5147f0b3f7a20f..a60733369c86a233fb8a11a24b868bea9e68fb6b 100644
--- a/manifests/latex.pp
+++ b/manifests/latex.pp
@@ -2,16 +2,16 @@ class aes::latex {
package {
[
- 'texlive',
- 'texlive-latex',
- 'texlive-xetex',
- 'texlive-collection-xetex',
- 'texlive-collection-latex',
- 'texlive-collection-latexrecommended',
- 'texlive-xetex-def',
- 'texlive-tcolorbox',
- 'texlive-booktabs',
- 'latexmk',
+ 'texlive',
+ 'texlive-latex',
+ 'texlive-xetex',
+ 'texlive-collection-xetex',
+ 'texlive-collection-latex',
+ 'texlive-collection-latexrecommended',
+ 'texlive-xetex-def',
+ 'texlive-tcolorbox',
+ 'texlive-booktabs',
+ 'latexmk',
]:
ensure => installed,
}
diff --git a/manifests/opendsa.pp b/manifests/opendsa.pp
index b8f3a56fd86e14ed2ca518fc6fd565da01d75804..c54b242937a39f17e94bab8793970ba7ee90265b 100644
--- a/manifests/opendsa.pp
+++ b/manifests/opendsa.pp
@@ -1,38 +1,38 @@
class aes::opendsa {
$opendsa_user = opendsa
- $opendsa_group = "${opendsa_user}"
+ $opendsa_group = $opendsa_user
$opendsa_home = "/srv/${opendsa_user}"
- $opendsa_service = "${opendsa_user}"
+ $opendsa_service = $opendsa_user
- user { "${opendsa_user}" :
- ensure => present,
- home => "${opendsa_home}",
- comment => 'OpenDSA server',
+ user { $opendsa_user :
+ ensure => present,
+ home => $opendsa_home,
+ comment => 'OpenDSA server',
managehome => false,
membership => inclusive,
- system => true,
- shell => '/sbin/nologin',
+ system => true,
+ shell => '/sbin/nologin',
}
- file { "${opendsa_home}":
+ file { $opendsa_home:
ensure => directory,
- owner => "${opendsa_user}",
- group => "${opendsa_group}",
- mode => '0755',
+ owner => $opendsa_user,
+ group => $opendsa_group,
+ mode => '0755',
}
# This file will be executed as root, which is why we don't let anyone but root examine it.
file { "${opendsa_home}/on_update.sh":
- ensure => present,
- owner => root,
- group => root,
- mode => '0700',
+ ensure => file,
+ owner => root,
+ group => root,
+ mode => '0700',
source => "puppet:///modules/${module_name}/opendsa/on_update.sh",
}
file { "/etc/systemd/system/${opendsa_service}.service":
- ensure => present,
+ ensure => file,
owner => root,
group => root,
mode => '0644',
@@ -40,26 +40,26 @@ class aes::opendsa {
}
exec { 'update-repo':
- command => "/opt/utils/update_repo.sh ${opendsa_home}/OpenDSA https://oauth2:taNPRZid9Hv6jJtdW_T8@gitlab.liu.se/opendsa/OpenDSA.git exam",
+ command => "/opt/utils/update_repo.sh ${opendsa_home}/OpenDSA https://oauth2:taNPRZid9Hv6jJtdW_T8@gitlab.liu.se/opendsa/OpenDSA.git exam",
environment => [ "REPO_USER=${opendsa_user}", "REPO_GROUP=${opendsa_group}", "REPO_ON_UPDATE=${opendsa_home}/on_update.sh" ],
# This command will need to run "on_update" as root in order to restart the service.
- user => root,
- group => root,
- cwd => "${opendsa_home}",
- require => File["${opendsa_home}/on_update.sh"],
+ user => root,
+ group => root,
+ cwd => $opendsa_home,
+ require => File["${opendsa_home}/on_update.sh"],
}
file { "${opendsa_home}/manage.sh":
- ensure => present,
- owner => "${opendsa_user}",
- group => "${opendsa_group}",
- mode => '0755',
+ ensure => file,
+ owner => $opendsa_user,
+ group => $opendsa_group,
+ mode => '0755',
source => "puppet:///modules/${module_name}/opendsa/manage.sh",
}
- # Do we need port 12000 open? NO
- service { "${opendsa_service}" :
- ensure => "running",
+ # Do we need port 12000 open? NO
+ service { $opendsa_service :
+ ensure => 'running',
}
# Ändra TDDD86-raden i rules.d/opendsa till "TDDD86[AB]_191219"
diff --git a/manifests/squid_filter.pp b/manifests/squid_filter.pp
index f6ae203a37670bd30b5361900f10f28ea7912e3d..b94f736acb232ae81d92ebba2fc3bb54757d6ecb 100644
--- a/manifests/squid_filter.pp
+++ b/manifests/squid_filter.pp
@@ -1,36 +1,36 @@
class aes::squid_filter {
- package { "squid" :
- ensure => "present",
+ package { 'squid' :
+ ensure => 'present',
}
file { '/etc/squid/squid.conf':
- ensure => file,
- mode => '0644',
- owner => root,
- group => root,
+ ensure => file,
+ mode => '0644',
+ owner => root,
+ group => root,
content => file("${module_name}/squid/squid.conf"),
}
-
+
file { '/usr/libexec/squid/helpers':
- ensure => directory,
+ ensure => directory,
recurse => true,
- purge => true,
- force => true,
- owner => squid,
- group => squid,
- mode => '0644',
- source => "puppet:///modules/${module_name}/squid/helpers",
- notify => Service['squid']
+ purge => true,
+ force => true,
+ owner => squid,
+ group => squid,
+ mode => '0644',
+ source => "puppet:///modules/${module_name}/squid/helpers",
+ notify => Service['squid'],
}
file { '/usr/libexec/squid/helpers/squid-url-rewrite.py':
ensure => file,
owner => squid,
group => squid,
- mode => '0755',
+ mode => '0755',
source => "puppet:///modules/${module_name}/squid/helpers/squid-url-rewrite.py",
- notify => Service['squid']
+ notify => Service['squid'],
}
file { '/var/cache/squid' :
@@ -54,15 +54,15 @@ class aes::squid_filter {
group => squid,
}
- exec { '/usr/lib64/squid/ssl_crtd -c -s /var/lib/squid/ssl_db' :
- user => "squid",
- group => "squid",
+ exec { '/usr/lib64/squid/ssl_crtd -c -s /var/lib/squid/ssl_db' :
+ user => 'squid',
+ group => 'squid',
creates => '/var/lib/squid/ssl_db',
}
# todo: logrotate
- service { "squid" :
- ensure => "running",
+ service { 'squid' :
+ ensure => 'running',
}
}
diff --git a/metadata.json b/metadata.json
index 9651bb0d0ff5e9b14fbef00faafdba27e61d16c2..30851da4a6d6861e83fcdbadd5b0ec14638fa582 100644
--- a/metadata.json
+++ b/metadata.json
@@ -3,18 +3,18 @@
"version": "0.0.0",
"author": "LiU-IT",
"summary": "Module for aes",
- "license": "TBD",
+ "license": "Apache-2.0",
"source": "https://gitlab.liu.se/liu-puppet-modules/aes/tree/production",
"project_page": "https://gitlab.liu.se/liu-puppet-modules/aes",
"issues_url": "https://gitlab.liu.se/liu-puppet-modules/aes/issues",
"dependencies": [
+
],
"data_provider": "hiera",
"operatingsystem_support": [
{
"operatingsystem": "CentOS",
"operatingsystemrelease": [
- "6",
"7",
"8"
]
@@ -23,7 +23,10 @@
"requirements": [
{
"name": "puppet",
- "version_requirement": ">= 5.5.10 < 7.0.0"
+ "version_requirement": ">= 6.21.0 < 8.0.0"
}
- ]
+ ],
+ "pdk-version": "2.1.0",
+ "template-url": "https://gitlab.it.liu.se/puppet-infra/pdk-templates.git#liu",
+ "template-ref": "heads/liu-0-g8fb0f81"
}
diff --git a/spec/classes/aes_spec.rb b/spec/classes/aes_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..137f66635f0fd47f9c43d99ddb9b6dc2e341afe7
--- /dev/null
+++ b/spec/classes/aes_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/aes_sw_spec.rb b/spec/classes/aes_sw_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..d906484d158a4d1f948bac9952c38108df5010fc
--- /dev/null
+++ b/spec/classes/aes_sw_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::aes_sw' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/auth_keydb_spec.rb b/spec/classes/auth_keydb_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..97bbeabc37ea262766d50369ea8e8621a8ba1f2f
--- /dev/null
+++ b/spec/classes/auth_keydb_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::auth_keydb' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/auth_spec.rb b/spec/classes/auth_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..5feb091765d206dc2a9086d2fe6beaf0c21d1f07
--- /dev/null
+++ b/spec/classes/auth_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::auth' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/broker_spec.rb b/spec/classes/broker_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..503f421650b5b9c07f78060a48f0f665575916c5
--- /dev/null
+++ b/spec/classes/broker_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::broker' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/examfiles_spec.rb b/spec/classes/examfiles_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..98adf01b31b23fedf1475c9db00d6d63c335317b
--- /dev/null
+++ b/spec/classes/examfiles_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::examfiles' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/latex_spec.rb b/spec/classes/latex_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..b5fbcad5e33f3047c95ea9f0da48deb51ae51212
--- /dev/null
+++ b/spec/classes/latex_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::latex' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/opendsa_spec.rb b/spec/classes/opendsa_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..7c01a8defb768db0b9759d9c7f4a8bf993fcbf95
--- /dev/null
+++ b/spec/classes/opendsa_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::opendsa' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/classes/squid_filter_spec.rb b/spec/classes/squid_filter_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..7c07485ca7b453fb420e05fbedf0aa4dc34cf478
--- /dev/null
+++ b/spec/classes/squid_filter_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'aes::squid_filter' do
+ on_supported_os.each do |os, os_facts|
+ context "on #{os}" do
+ let(:facts) { os_facts }
+
+ it { is_expected.to compile }
+ end
+ end
+end
diff --git a/spec/default_facts.yml b/spec/default_facts.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f777abfc9905202e7ccf5b5fcc76b9b4c59a39fb
--- /dev/null
+++ b/spec/default_facts.yml
@@ -0,0 +1,8 @@
+# Use default_module_facts.yml for module specific facts.
+#
+# Facts specified here will override the values provided by rspec-puppet-facts.
+---
+ipaddress: "172.16.254.254"
+ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+is_pe: false
+macaddress: "AA:AA:AA:AA:AA:AA"
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
new file mode 100644
index 0000000000000000000000000000000000000000..c4cb9ef0f8906567ea118c5db8ba59e01707525b
--- /dev/null
+++ b/spec/spec_helper.rb
@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+RSpec.configure do |c|
+ c.mock_with :rspec
+end
+
+require 'puppetlabs_spec_helper/module_spec_helper'
+require 'rspec-puppet-facts'
+
+require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
+
+# LiU - Default to UTF-8 encoding
+Encoding.default_external = Encoding::UTF_8
+
+include RspecPuppetFacts
+
+default_facts = {
+ puppetversion: Puppet.version,
+ facterversion: Facter.version,
+}
+
+default_fact_files = [
+ File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')),
+ File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')),
+]
+
+default_fact_files.each do |f|
+ next unless File.exist?(f) && File.readable?(f) && File.size?(f)
+
+ begin
+ default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
+ rescue => e
+ RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
+ end
+end
+
+# read default_facts and merge them over what is provided by facterdb
+default_facts.each do |fact, value|
+ add_custom_fact fact, value
+end
+
+RSpec.configure do |c|
+ c.default_facts = default_facts
+ c.before :each do
+ # set to strictest setting for testing
+ # by default Puppet runs at warning level
+ Puppet.settings[:strict] = :warning
+ Puppet.settings[:strict_variables] = true
+ end
+ c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
+ c.after(:suite) do
+ RSpec::Puppet::Coverage.report!(0)
+ end
+end
+
+# Ensures that a module is defined
+# @param module_name Name of the module
+def ensure_module_defined(module_name)
+ module_name.split('::').reduce(Object) do |last_module, next_module|
+ last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false)
+ last_module.const_get(next_module, false)
+ end
+end
+
+# 'spec_overrides' from sync.yml will appear below this line