From 9b388926286ef345b9886daa9bec89b087503803 Mon Sep 17 00:00:00 2001 From: flepoutre <84913246+flepoutre@users.noreply.github.com> Date: Thu, 11 Jan 2024 13:38:28 +0000 Subject: [PATCH] Add Puppet8x support --- lib/puppet/util/trocla_helper.rb | 50 ++++++++++++++++---------------- manifests/ca/params.pp | 10 ++++--- manifests/config.pp | 33 +++++++++++---------- manifests/master.pp | 22 ++++++++------ manifests/master/hiera.pp | 2 +- manifests/master/ree.pp | 12 ++++++++ manifests/params.pp | 10 ++++--- manifests/yaml.pp | 37 ++++++++++++----------- templates/troclarc.yaml.erb | 2 +- 9 files changed, 102 insertions(+), 76 deletions(-) create mode 100644 manifests/master/ree.pp diff --git a/lib/puppet/util/trocla_helper.rb b/lib/puppet/util/trocla_helper.rb index ee3057e..05a2584 100644 --- a/lib/puppet/util/trocla_helper.rb +++ b/lib/puppet/util/trocla_helper.rb @@ -1,30 +1,30 @@ module Puppet::Util::TroclaHelper def trocla(trocla_func,has_options,*args) - # Functions called from puppet manifests that look like this: - # lookup("foo", "bar") - # internally in puppet are invoked: func(["foo", "bar"]) - # - # where as calling from templates should work like this: - # scope.function_lookup("foo", "bar") - # - # Therefore, declare this function with args '*args' to accept any number - # of arguments and deal with puppet's special calling mechanism now: - if args[0].is_a?(Array) - args = args[0] - end - - key = args[0] || raise(Puppet::ParseError, "You need to pass at least a key as an argument!") - format = args[1] || 'plain' - options = args[2] || {} - - if options.is_a?(String) - require 'yaml' - options = YAML.load(options) - end - - r = has_options ? store.send(trocla_func, key, format, options) : store.send(trocla_func, key, format) - store.close - r + # Functions called from puppet manifests that look like this: + # lookup("foo", "bar") + # internally in puppet are invoked: func(["foo", "bar"]) + # + # where as calling from templates should work like this: + # scope.function_lookup("foo", "bar") + # + # Therefore, declare this function with args '*args' to accept any number + # of arguments and deal with puppet's special calling mechanism now: + if args[0].is_a?(Array) + args = args[0] + end + + key = args[0] || raise(Puppet::ParseError, "You need to pass at least a key as an argument!") + format = args[1] || 'plain' + options = args[2] || {} + + if options.is_a?(String) + require 'yaml' + options = YAML.load(options) + end + + r = has_options ? store.send(trocla_func, key, format, options) : store.send(trocla_func, key, format) + store.close + r end module_function :trocla diff --git a/manifests/ca/params.pp b/manifests/ca/params.pp index 437e990..a1eba14 100644 --- a/manifests/ca/params.pp +++ b/manifests/ca/params.pp @@ -1,11 +1,13 @@ # input for a ca from trocla, so that you need only # +# @param trocla_options +# # trocla('some_ca','x509',$trocla::ca::params::ca_options) -class trocla::ca::params( - $trocla_options = { +class trocla::ca::params ( + Hash $trocla_options = { 'profiles' => ['sysdomain_nc','x509veryverylong'], - 'CN' => "automated-ca ${name} for ${::domain}", + 'CN' => "automated-ca ${name} for ${facts['networking']['domain']}", }, ) { - $ca_options = merge($trocla_options,{ become_ca => true, render => { certonly => true }}) + $ca_options = merge($trocla_options, { become_ca => true, render => { certonly => true } }) } diff --git a/manifests/config.pp b/manifests/config.pp index 52df765..4048dd8 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -3,7 +3,7 @@ #Options # [*options*] Options for trocla. Default: empty hash. # [*profiles*] Profiles for trocla. Default: empty hash. -# [*x509_profile_domain_constraint*] +# [*x509_profile_domain_constraints*] # A profile for x509 name constraint that matches # the own domain by default. # This will add a profile for x509 certs with the @@ -21,20 +21,23 @@ # encryption. Default: empty Hash # [*manage_dependencies*] Whether to manage the dependencies or not. # Default *true* +# [*edit_uid*] edit_uid +# Default: puppet +# class trocla::config ( - $options = {}, - $profiles = {}, - $x509_profile_domain_constraints = [$::domain], - $store = undef, - $store_options = {}, - $encryption = undef, - $encryption_options = {}, - $manage_dependencies = true, - $edit_uid = 'puppet', + Hash $options = {}, + Hash $profiles = {}, + Array $x509_profile_domain_constraints = [$facts['networking']['domain']], + Optional[String] $store = undef, + Hash $store_options = {}, + Optional[String] $encryption = undef, + Hash $encryption_options = {}, + Boolean $manage_dependencies = true, + String $edit_uid = 'puppet', ) { - include ::trocla::params + include trocla::params if $manage_dependencies { - require ::trocla::master + require trocla::master } if empty($x509_profile_domain_constraints) { @@ -42,14 +45,14 @@ } else { $default_profiles = { "${trocla::params::sysdomain_profile_name}" => { - name_constraints => $x509_profile_domain_constraints - } + name_constraints => $x509_profile_domain_constraints, + }, } $merged_profiles = merge($default_profiles,$profiles) } # Deploy default config file and link it for trocla cli lookup - file{ + file { "${settings::confdir}/troclarc.yaml": content => template('trocla/troclarc.yaml.erb'), owner => 'root', diff --git a/manifests/master.pp b/manifests/master.pp index 8ed94ce..4580d59 100644 --- a/manifests/master.pp +++ b/manifests/master.pp @@ -2,20 +2,24 @@ # # This module manages the necessary things for trocla on a master. # +# @param package_name +# @param provider +# @param source +# class trocla::master ( - $provider = 'default', + String $package_name = 'trocla', + Optional[String] $provider = undef, + Optional[String] $source = undef, ) { - package {'trocla': + package { 'trocla': ensure => 'installed', + name => $package_name, + provider => $provider, + source => $source, } - if $provider != 'default' { - Package['trocla']{ - provider => $provider, - } - } - if $provider != 'gem' and $provider != 'puppetserver_gem' and $::osfamily == 'RedHat' { - Package['trocla']{ + if $provider != 'gem' and $provider != 'puppetserver_gem' and $facts['os']['family'] == 'RedHat' { + Package['trocla'] { name => 'rubygem-trocla' } } diff --git a/manifests/master/hiera.pp b/manifests/master/hiera.pp index 75b8bb3..20acf2f 100644 --- a/manifests/master/hiera.pp +++ b/manifests/master/hiera.pp @@ -1,6 +1,6 @@ # manage trocla/hiera integration class trocla::master::hiera { - package{'rubygem-hiera-backend-trocla': + package { 'rubygem-hiera-backend-trocla': ensure => present, } } diff --git a/manifests/master/ree.pp b/manifests/master/ree.pp new file mode 100644 index 0000000..56971a2 --- /dev/null +++ b/manifests/master/ree.pp @@ -0,0 +1,12 @@ +# Class: trocla::master::ree +# +# This module manages the necessary things for trocla on a master for +# RubyEnterprise installation. +# +# [Remember: No empty lines between comments and class definition] +class trocla::master::ree { + require ruby_enterprise::gems::moneta + require ruby_enterprise::gems::highline + + ruby_enterprise::gem { 'trocla': } +} diff --git a/manifests/params.pp b/manifests/params.pp index f99aa2a..5a9eb53 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,6 +1,8 @@ # a set of default params for various trocla usages -class trocla::params( - $sysdomain_profile_name = 'sysdomain_nc' -){ - +# +# @param sysdomain_profile_name +# +class trocla::params ( + String $sysdomain_profile_name = 'sysdomain_nc' +) { } diff --git a/manifests/yaml.pp b/manifests/yaml.pp index 67d69ec..79ae834 100644 --- a/manifests/yaml.pp +++ b/manifests/yaml.pp @@ -2,13 +2,15 @@ # This will install and configure trocla with the # default yaml storage. # -# [*data_file*] Where to store the passwords. -# Default: /var/lib/trocla/trocla_data.yaml -# This should be managed using the package. +# @param manage_data_dir +# @param data_file +# Where to store the passwords. Default: /var/lib/trocla/trocla_data.yaml. This should be managed using the package. +# @param edit_uid +# class trocla::yaml ( - $manage_data_dir = true, - $data_file = '/var/lib/trocla/trocla_data.yaml', - $edit_uid = 'puppet', + Boolean $manage_data_dir = true, + String $data_file = '/var/lib/trocla/trocla_data.yaml', + String $edit_uid = 'puppet', ) { class { 'trocla::config': edit_uid => $edit_uid, @@ -23,19 +25,20 @@ if $manage_data_dir { $data_dir = dirname($data_file) - Package<| title == 'trocla' |> -> file { - $data_dir: - ensure => directory, - owner => $edit_uid, - group => 0, - mode => '0600'; + file { $data_dir: + ensure => directory, + owner => $edit_uid, + group => 0, + mode => '0600', + require => Package['trocla']; } } - Package<| title == 'trocla' |> -> file { + file { $data_file: - ensure => file, - owner => $edit_uid, - group => 0, - mode => '0600'; + ensure => file, + owner => $edit_uid, + group => 0, + mode => '0600', + require => Package['trocla']; } } diff --git a/templates/troclarc.yaml.erb b/templates/troclarc.yaml.erb index f83ef3b..5584fd8 100644 --- a/templates/troclarc.yaml.erb +++ b/templates/troclarc.yaml.erb @@ -11,7 +11,7 @@ out << "#{indent}#{e[0]}:" out << sort_pseudo_yaml(e[1],indent+' ') elsif e[1].is_a?(Array) - out << (["#{indent}#{e[0]}:"]+e[1].collect{|e| " - #{e}" }).join("\n#{indent}") + out << (["#{indent}#{e[0]}:"]+e[1].collect{|e| "- #{e}" }).join("\n#{indent}") else out << "#{indent}#{e[0].is_a?(Symbol) ? ":#{e[0].to_s}" : e[0]}: #{e[1].is_a?(Symbol) ? ":#{e[1].to_s}" : e[1]}" end