From e2187a98d472a298da5fb0db7838afcfc076186c Mon Sep 17 00:00:00 2001 From: Phil Friderici Date: Thu, 10 Aug 2023 23:32:20 +0200 Subject: [PATCH] Use Puppet Litmus for acceptance testing (#79) * Satisfy puppet-lint & rubocop Checks for "puppet-lint: variable contains a capital letter" are currently only ignored. This is because it would break backward compatibility. Removes warnings/errors: pdk (WARNING): puppet-lint: class included by absolute name (::$class) (examples/ca.pp:1:9) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (examples/init.pp:1:9) pdk (WARNING): puppet-lint: defined type not documented (manifests/ca.pp:38:1) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (manifests/ca.pp:49:11) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (manifests/ca.pp:50:11) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (manifests/ca.pp:51:11) pdk (WARNING): puppet-lint: absolute class name reference (manifests/ca.pp:115:29) pdk (WARNING): puppet-lint: absolute class name reference (manifests/ca.pp:137:29) pdk (WARNING): puppet-lint: absolute class name reference (manifests/ca.pp:148:30) pdk (WARNING): puppet-lint: absolute class name reference (manifests/ca.pp:159:25) pdk (WARNING): puppet-lint: ensure set to present on file resource (manifests/ca.pp:109:23) pdk (WARNING): puppet-lint: ensure set to present on file resource (manifests/ca.pp:131:23) pdk (WARNING): puppet-lint: ensure set to present on file resource (manifests/ca.pp:142:24) pdk (ERROR): puppet-lint: there should be a single space or newline before a closing brace (manifests/ca.pp:165:4) pdk (ERROR): puppet-lint: there should be a single space or single newline after an opening brace (manifests/ca.pp:48:1) pdk (WARNING): puppet-lint: missing documentation for defined type parameter ca_cert::ca::ca_file_group (manifests/ca.pp:45:20) pdk (WARNING): puppet-lint: missing documentation for defined type parameter ca_cert::ca::ca_file_group (manifests/ca.pp:45:20) pdk (ERROR): puppet-lint: there should be a single space or newline before a closing brace (manifests/enable.pp:23:4) pdk (ERROR): puppet-lint: there should be a single space or single newline after an opening brace (manifests/enable.pp:3:1) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (manifests/init.pp:54:11) pdk (WARNING): puppet-lint: class included by absolute name (::$class) (manifests/init.pp:55:11) pdk (ERROR): puppet-lint: there should be a single space or single newline after an opening brace (manifests/init.pp:53:1) pdk (WARNING): puppet-lint: variable contains a capital letter (manifests/init.pp:46:11) pdk (WARNING): puppet-lint: variable contains a capital letter (manifests/init.pp:73:16) pdk (WARNING): puppet-lint: variable contains a capital letter (manifests/init.pp:74:16) pdk (ERROR): puppet-lint: there should be a single space before an opening brace (manifests/params.pp:47:57) pdk (ERROR): puppet-lint: there should be a single space before an opening brace (manifests/params.pp:76:67) pdk (ERROR): puppet-lint: there should be a single space or newline before a closing brace (manifests/update.pp:12:4) pdk (ERROR): puppet-lint: there should be a single space or single newline after an opening brace (manifests/update.pp:3:1) pdk (WARNING): rubocop: Unnecessary disabling of `RSpec/VoidExpect`. (spec/defines/ca_spec.rb:2:1) * Satisfy metadata-json-lint Removes warnings: pdk (WARNING): metadata-json-lint: Dependency puppet/archive has an open ended dependency version requirement >= 6.0.0 (metadata.json) * Add GitHub actions for automatic validation & testing * Use a unsupported OS for testing failing on these Removes errors: rspec ./spec/classes/ca_cert_spec.rb:192 # ca_cert on a Solaris based OS is expected to raise Puppet::Error with message matching /Unsupported osfamily/ rspec ./spec/classes/params_spec.rb:60 # ca_cert::params on an unsupported operating system is expected to raise Puppet::Error with message matching /Unsupported osfamily/ * Align unit tests with code The code is only executed on osfamily RedHat with major version below 7. The unit tests did only skip the tests on RedHat 7 but not on 8. Removes errors: rspec './spec/classes/update_spec.rb[1:9:3:1]' # ca_cert::update on redhat-8-x86_64 with force_enable set to true is expected to contain Exec[enable_ca_trust] with command => "update-ca-trust force-enable" rspec './spec/classes/update_spec.rb[1:9:4:1]' # ca_cert::update on redhat-8-x86_64 with force_enable set to false is expected to contain Exec[enable_ca_trust] with command => "update-ca-trust enable" * Remove traces of remote_file from unit tests and .fixtures.yml When remote_file got replaced by archive [1] the unit tests were not updated accordingly. Removes errors. rspec ./spec/defines/ca_spec.rb:141 # ca_cert::ca os-dependent items On Debian based systems with a remote certificate is expected to contain Remote_file[/usr/local/share/ca-certificates/Globalsign_Org_Intermediate.crt] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt" rspec ./spec/defines/ca_spec.rb:202 # ca_cert::ca os-dependent items On RedHat based systems with a remote certificate is expected to contain Remote_file[/etc/pki/ca-trust/source/anchors/Globalsign_Org_Intermediate.crt] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt" rspec ./spec/defines/ca_spec.rb:246 # ca_cert::ca os-dependent items On RedHat based systems when explicitly distrusting a certificate is expected to contain Remote_file[/etc/pki/ca-trust/source/blacklist/Globalsign_Org_Intermediate.crt] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt" rspec ./spec/defines/ca_spec.rb:273 # ca_cert::ca os-dependent items On Suse 11 based systems with a remote certificate is expected to contain Remote_file[/etc/ssl/certs/Globalsign_Org_Intermediate.pem] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.pem" rspec ./spec/defines/ca_spec.rb:347 # ca_cert::ca os-dependent items On Suse 12 based systems with a remote certificate is expected to contain Remote_file[/etc/pki/trust/anchors/Globalsign_Org_Intermediate.crt] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt" rspec ./spec/defines/ca_spec.rb:393 # ca_cert::ca os-dependent items On Suse 12 based systems when explicitly distrusting a certificate is expected to contain Remote_file[/etc/pki/trust/blacklist/Globalsign_Org_Intermediate.crt] with ensure => "present" and source => "http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt" [1] https://github.com/pcfens/puppet-ca_cert/pull/69/ * Remove traces of TravisCI and appveyor * Update to PDK v3.0.0 * Use Puppet Litmus for acceptance testing --------- Co-authored-by: Phil Friderici --- .fixtures.yml | 5 +- .github/workflows/acceptance-testing.yml | 42 ++ .../workflows/run-pdk-tests-on-puppet-7.yml | 34 + .../workflows/run-pdk-tests-on-puppet-8.yml | 34 + .gitignore | 3 +- .pdkignore | 11 +- .rubocop.yml | 630 +++++++++++++++++- .sync.yml | 31 - .travis.yml | 76 --- Gemfile | 54 +- Rakefile | 24 +- appveyor.yml | 56 -- examples/ca.pp | 2 +- examples/init.pp | 2 +- manifests/ca.pp | 29 +- manifests/enable.pp | 2 - manifests/init.pp | 11 +- manifests/params.pp | 4 +- manifests/update.pp | 2 - metadata.json | 8 +- provision.yaml | 19 + spec/acceptance/ca_cert_ca_spec.rb | 4 +- spec/classes/ca_cert_spec.rb | 4 +- spec/classes/params_spec.rb | 2 +- spec/classes/update_spec.rb | 2 +- spec/defines/ca_spec.rb | 21 +- spec/spec_helper.rb | 21 +- spec/spec_helper_acceptance.rb | 21 +- 28 files changed, 851 insertions(+), 303 deletions(-) create mode 100644 .github/workflows/acceptance-testing.yml create mode 100644 .github/workflows/run-pdk-tests-on-puppet-7.yml create mode 100644 .github/workflows/run-pdk-tests-on-puppet-8.yml delete mode 100644 .travis.yml delete mode 100644 appveyor.yml create mode 100644 provision.yaml diff --git a/.fixtures.yml b/.fixtures.yml index cac4d89..489195a 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,7 +1,10 @@ fixtures: repositories: stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" - remote_file: "https://github.com/lwf/puppet-remote_file.git" puppet_archive: "https://github.com/voxpupuli/puppet-archive.git" + # needed for Litmus acceptance testing: + facts: https://github.com/puppetlabs/puppetlabs-facts.git + provision: https://github.com/puppetlabs/provision.git + puppet_agent: https://github.com/puppetlabs/puppetlabs-puppet_agent.git symlinks: ca_cert: "#{source_dir}" diff --git a/.github/workflows/acceptance-testing.yml b/.github/workflows/acceptance-testing.yml new file mode 100644 index 0000000..6db58de --- /dev/null +++ b/.github/workflows/acceptance-testing.yml @@ -0,0 +1,42 @@ +--- +name: CI + +on: pull_request + +concurrency: + group: ${{ github.head_ref }} + cancel-in-progress: true + +jobs: + acceptance: + name: Litmus Acceptance + runs-on: ubuntu-20.04 + env: + BOLT_GEM: true + CI: true + steps: + - uses: actions/checkout@v3 + - name: Setup ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: '2.7.3' + bundler-cache: true + + - name: Provision Testing Environments + run: | + bundle exec rake 'litmus:provision_list[default]' + bundle exec rake 'litmus:install_agent' + bundle exec rake 'litmus:install_module' + - name: Run Tests + run: bundle exec rake 'litmus:acceptance:parallel' + + - name: Tear Down + run: bundle exec rake 'litmus:tear_down' + + tests: + needs: + - acceptance + runs-on: ubuntu-20.04 + name: Test suite + steps: + - run: echo Test suite completed diff --git a/.github/workflows/run-pdk-tests-on-puppet-7.yml b/.github/workflows/run-pdk-tests-on-puppet-7.yml new file mode 100644 index 0000000..1b13f18 --- /dev/null +++ b/.github/workflows/run-pdk-tests-on-puppet-7.yml @@ -0,0 +1,34 @@ +name: Run PDK tests on Puppet 7.x + +on: + - push + - pull_request + +jobs: + validate-7: + runs-on: ubuntu-latest + steps: + - name: Clone repository + uses: actions/checkout@v2 + + - name: Run pdk validate + uses: puppets-epic-show-theatre/action-pdk-validate@v1 + with: + puppet-version: "7" + # [optional] A string indicating the Puppet version to validate against, such as "5.4.2" or "5.5". + # pe-version: "" + # [optional] A string indicating the PE version to validate against, such as "2017.3.5" or "2018.1". + + test-7: + runs-on: ubuntu-latest + steps: + - name: Clone repository + uses: actions/checkout@v2 + + - name: Run unit tests + uses: puppets-epic-show-theatre/action-pdk-test-unit@v1 + with: + puppet-version: "7" + # [optional] A string indicating the Puppet version to validate against, such as "5.4.2" or "5.5". + # pe-version: "" + # [optional] A string indicating the PE version to validate against, such as "2017.3.5" or "2018.1". diff --git a/.github/workflows/run-pdk-tests-on-puppet-8.yml b/.github/workflows/run-pdk-tests-on-puppet-8.yml new file mode 100644 index 0000000..12460e0 --- /dev/null +++ b/.github/workflows/run-pdk-tests-on-puppet-8.yml @@ -0,0 +1,34 @@ +name: Run PDK tests on Puppet 8.x + +on: + - push + - pull_request + +jobs: + validate-8: + runs-on: ubuntu-latest + steps: + - name: Clone repository + uses: actions/checkout@v2 + + - name: Run pdk validate + uses: puppets-epic-show-theatre/action-pdk-validate@v1 + with: + puppet-version: "8" + # [optional] A string indicating the Puppet version to validate against, such as "5.4.2" or "5.5". + # pe-version: "" + # [optional] A string indicating the PE version to validate against, such as "2017.3.5" or "2018.1". + + test-8: + runs-on: ubuntu-latest + steps: + - name: Clone repository + uses: actions/checkout@v2 + + - name: Run unit tests + uses: puppets-epic-show-theatre/action-pdk-test-unit@v1 + with: + puppet-version: "8" + # [optional] A string indicating the Puppet version to validate against, such as "5.4.2" or "5.5". + # pe-version: "" + # [optional] A string indicating the PE version to validate against, such as "2017.3.5" or "2018.1". diff --git a/.gitignore b/.gitignore index 2767022..3f15512 100644 --- a/.gitignore +++ b/.gitignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -25,3 +25,4 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml diff --git a/.pdkignore b/.pdkignore index e6215cd..584438f 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -25,18 +25,19 @@ .project .envrc /inventory.yaml -/appveyor.yml +/spec/fixtures/litmus_inventory.yaml /.fixtures.yml /Gemfile /.gitattributes /.gitignore -/.gitlab-ci.yml /.pdkignore +/.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ +/.sync.yml +/.devcontainer/ diff --git a/.rubocop.yml b/.rubocop.yml index 5307849..5be1f9f 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,12 +1,12 @@ --- require: +- rubocop-performance - rubocop-rspec -- rubocop-i18n AllCops: DisplayCopNames: true - TargetRubyVersion: '2.1' + TargetRubyVersion: '2.6' Include: - - "./**/*.rb" + - "**/*.rb" Exclude: - bin/* - ".vendor/**/*" @@ -18,16 +18,9 @@ AllCops: - "**/Puppetfile" - "**/Vagrantfile" - "**/Guardfile" -Metrics/LineLength: +Layout/LineLength: Description: People have wide screens, use them. Max: 200 -GetText: - Enabled: false -GetText/DecorateString: - Description: We don't want to decorate test output. - Exclude: - - spec/**/* - Enabled: false RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. @@ -36,14 +29,13 @@ RSpec/BeforeAfterAll: RSpec/HookArgument: Description: Prefer explicit :each argument, matching existing module's style EnforcedStyle: each +RSpec/DescribeSymbol: + Exclude: + - spec/unit/facter/**/*.rb Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. EnforcedStyle: braces_for_chaining -Style/BracesAroundHashParameters: - Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0. - See https://github.com/rubocop-hq/rubocop/pull/7643 - Enabled: true Style/ClassAndModuleChildren: Description: Compact style reduces the required amount of indentation. EnforcedStyle: compact @@ -72,7 +64,7 @@ Style/TrailingCommaInArguments: Description: Prefer always trailing comma on multiline argument lists. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma -Style/TrailingCommaInLiteral: +Style/TrailingCommaInArrayLiteral: Description: Prefer always trailing comma on multiline literals. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma @@ -87,26 +79,176 @@ Style/Documentation: - spec/**/* Style/WordArray: EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/Sum: + Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true -GetText/DecorateFunctionMessage: +Bundler/GemFilename: Enabled: false -GetText/DecorateStringFormattingUsingInterpolation: +Bundler/InsecureProtocolSource: Enabled: false -GetText/DecorateStringFormattingUsingPercent: +Capybara/CurrentPathExpectation: + Enabled: false +Capybara/VisibilityMatcher: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: Enabled: false Layout/EndOfLine: Enabled: false -Layout/IndentHeredoc: +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: Enabled: false Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false +Metrics/BlockNesting: + Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: @@ -119,19 +261,463 @@ Metrics/ParameterLists: Enabled: false Metrics/PerceivedComplexity: Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Capybara/FeatureMethods: + Enabled: false +RSpec/ContainExactly: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false RSpec/DescribeClass: Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false RSpec/ExampleLength: Enabled: false -RSpec/MessageExpectation: +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/FactoryBot/AttributeDefinedStatically: + Enabled: false +RSpec/FactoryBot/CreateList: + Enabled: false +RSpec/FactoryBot/FactoryClassName: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MatchArray: + Enabled: false +RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false RSpec/NestedGroups: Enabled: false -Style/AsciiComments: +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: Enabled: false Style/IfUnlessModifier: Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false Style/SymbolProc: Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/TripleQuotes: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/ArrayIntersect: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DirEmpty: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NestedFileDirname: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/.sync.yml b/.sync.yml index 1053c1c..b1d312e 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,34 +1,3 @@ --- - spec/spec_helper.rb: hiera_config: spec/fixtures/hiera.yaml - -.travis.yml: - bundler_args: --with system_tests - docker_sets: - - set: centos-7 - - set: default - user: pcfens - secure: 'XVGxqfPUDznxOF3GNz2ztpthET0dXApOMK5ppwhnbd4Chde1QKtJJkz3fi8UqDE+juDv/CUukhXf7rNiAR+KEtxCJYJ3UM6huYLPDKnvsVDqi4MBpMDZf7x0AVmCFeLAroSrN3DAjkNsQyPFTh+vOeAzI5JlWGP9LjrfSIBJcSo=' - -Gemfile: - required: - ':system_tests': - - gem: 'puppet-module-posix-system-r#{minor_version}' - platforms: ruby - - gem: 'puppet-module-win-system-r#{minor_version}' - platforms: - - mswin - - mingw - - x64_mingw - - gem: beaker - version: '~> 3.13' - from_env: BEAKER_VERSION - - gem: beaker-abs - from_env: BEAKER_ABS_VERSION - version: '~> 0.1' - - gem: beaker-pe - - gem: beaker-hostgenerator - from_env: BEAKER_HOSTGENERATOR_VERSION - - gem: beaker-rspec - from_env: BEAKER_RSPEC_VERSION diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 9512c55..0000000 --- a/.travis.yml +++ /dev/null @@ -1,76 +0,0 @@ ---- -os: linux -dist: xenial -language: ruby -cache: bundler -before_install: - - bundle -v - - rm -f Gemfile.lock - - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" - - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - - gem --version - - bundle -v -script: - - 'bundle exec rake $CHECK' -bundler_args: --with system_tests -rvm: - - 2.5.7 -stages: - - static - - spec - - acceptance - - - if: tag =~ ^v\d - name: deploy -jobs: - fast_finish: true - include: - - - bundler_args: --with system_tests - dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=centos-7 BEAKER_TESTMODE=apply - rvm: 2.5.7 - script: bundle exec rake beaker - services: docker - stage: acceptance - sudo: required - - - bundler_args: --with system_tests - dist: trusty - env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_set=default BEAKER_TESTMODE=apply - rvm: 2.5.7 - script: bundle exec rake beaker - services: docker - stage: acceptance - sudo: required - - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" - stage: static - - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 - stage: spec - - - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.7 - stage: spec - - - env: DEPLOY_TO_FORGE=yes - stage: deploy -branches: - only: - - master - - /^v\d/ -notifications: - email: false -deploy: - provider: puppetforge - username: pcfens - password: - secure: "XVGxqfPUDznxOF3GNz2ztpthET0dXApOMK5ppwhnbd4Chde1QKtJJkz3fi8UqDE+juDv/CUukhXf7rNiAR+KEtxCJYJ3UM6huYLPDKnvsVDqi4MBpMDZf7x0AVmCFeLAroSrN3DAjkNsQyPFTh+vOeAzI5JlWGP9LjrfSIBJcSo=" - on: - tags: true - all_branches: true - condition: "$DEPLOY_TO_FORGE = yes" diff --git a/Gemfile b/Gemfile index 8c4ee95..add1873 100644 --- a/Gemfile +++ b/Gemfile @@ -13,30 +13,32 @@ def location_for(place_or_version, fake_version = nil) end end -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '~> 3.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.48.1', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 3.13') - gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1') - gem "beaker-pe", require: false - gem "beaker-hostgenerator" - gem "beaker-rspec" + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] @@ -53,16 +55,6 @@ gems['puppet'] = location_for(puppet_version) gems['facter'] = location_for(facter_version) if facter_version gems['hiera'] = location_for(hiera_version) if hiera_version -if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} - # If we're using a Puppet gem on Windows which handles its own win32-xxx gem - # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). - gems['win32-dir'] = ['<= 0.4.9', require: false] - gems['win32-eventlog'] = ['<= 0.6.5', require: false] - gems['win32-process'] = ['<= 0.7.5', require: false] - gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['0.8.8', require: false] -end - gems.each do |gem_name, gem_params| gem gem_name, *gem_params end diff --git a/Rakefile b/Rakefile index cb7ed0c..74415a9 100644 --- a/Rakefile +++ b/Rakefile @@ -1,11 +1,11 @@ # frozen_string_literal: true -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +require 'bundler' +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? +require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" @@ -42,7 +42,8 @@ end PuppetLint.configuration.send('disable_relative') -if Bundler.rubygems.find_name('github_changelog_generator').any? + +if Gem.loaded_specs.key? 'github_changelog_generator' GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" @@ -52,7 +53,7 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." config.add_pr_wo_labels = true config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" + config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" config.configure_sections = { "Changed" => { "prefix" => "### Changed", @@ -60,11 +61,11 @@ if Bundler.rubygems.find_name('github_changelog_generator').any? }, "Added" => { "prefix" => "### Added", - "labels" => ["feature", "enhancement"], + "labels" => ["enhancement", "feature"], }, "Fixed" => { "prefix" => "### Fixed", - "labels" => ["bugfix"], + "labels" => ["bug", "documentation", "bugfix"], }, } end @@ -72,16 +73,15 @@ else desc 'Generate a Changelog from GitHub' task :changelog do raise <= Gem::Version.new('2.2.2')" + version: '~> 1.15' + condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" EOM end end diff --git a/appveyor.yml b/appveyor.yml deleted file mode 100644 index ec38949..0000000 --- a/appveyor.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -version: 1.1.x.{build} -branches: - only: - - master - - release -skip_commits: - message: /^\(?doc\)?.*/ -clone_depth: 10 -init: - - SET - - 'mkdir C:\ProgramData\PuppetLabs\code && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\facter && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\hiera && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\puppet\var && exit 0' -environment: - matrix: - - - RUBY_VERSION: 24-x64 - CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - - - PUPPET_GEM_VERSION: ~> 5.0 - RUBY_VERSION: 24 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 5.0 - RUBY_VERSION: 24-x64 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 6.0 - RUBY_VERSION: 25 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 6.0 - RUBY_VERSION: 25-x64 - CHECK: parallel_spec -matrix: - fast_finish: true -install: - - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH% - - bundle install --jobs 4 --retry 2 --without system_tests - - type Gemfile.lock -build: off -test_script: - - bundle exec puppet -V - - ruby -v - - gem -v - - bundle -v - - bundle exec rake %CHECK% -notifications: - - provider: Email - to: - - nobody@nowhere.com - on_build_success: false - on_build_failure: false - on_build_status_changed: false diff --git a/examples/ca.pp b/examples/ca.pp index 995904d..2cbac94 100644 --- a/examples/ca.pp +++ b/examples/ca.pp @@ -1,4 +1,4 @@ -class { '::ca_cert': } +class { 'ca_cert': } ca_cert::ca { 'globalsign_org_intermediate': source => 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt', diff --git a/examples/init.pp b/examples/init.pp index 75f3126..780cff6 100644 --- a/examples/init.pp +++ b/examples/init.pp @@ -1 +1 @@ -class { '::ca_cert': } +class { 'ca_cert': } diff --git a/manifests/ca.pp b/manifests/ca.pp index 830e6f4..31296ad 100644 --- a/manifests/ca.pp +++ b/manifests/ca.pp @@ -24,6 +24,10 @@ # The checksum of the file. (defaults to undef) # [*checksum_type*] # The type of file checksum. (defauts to undef) +# [*ca_file_group*] +# The installed CA certificate's POSIX group permissions. This uses +# the same syntax as Puppet's native file resource's "group" parameter. +# (defaults to 'root' with the exeption of AIX which defaults to 'system') # [*ca_file_mode*] # The installed CA certificate's POSIX filesystem permissions. This uses # the same syntax as Puppet's native file resource's "mode" parameter. @@ -34,7 +38,6 @@ # ca_cert::ca { 'globalsign_org_intermediate': # source => 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt', # } - define ca_cert::ca ( Optional[String] $ca_text = undef, String $source = 'text', @@ -45,10 +48,9 @@ Optional[String] $ca_file_group = undef, Optional[String] $ca_file_mode = undef, ) { - - include ::ca_cert::params - include ::ca_cert::update - require ::ca_cert::enable + include ca_cert::params + include ca_cert::update + require ca_cert::enable if $ca_file_group == undef { $file_group = $ca_cert::params::ca_file_group @@ -106,18 +108,18 @@ case $protocol_type { 'puppet': { file { $resource_name: - ensure => present, + ensure => 'file', source => $source, path => $ca_cert, owner => 'root', group => $file_group, mode => $file_mode, - notify => Class['::ca_cert::update'], + notify => Class['ca_cert::update'], } } 'ftp', 'https', 'http': { archive { $ca_cert: - ensure => present, + ensure => 'present', source => $source, checksum => $checksum, checksum_type => $checksum_type, @@ -128,24 +130,24 @@ 'file': { $source_path = $source_array[1] file { $resource_name: - ensure => present, + ensure => 'file', source => $source_path, path => $ca_cert, owner => 'root', group => $file_group, mode => $file_mode, - notify => Class['::ca_cert::update'], + notify => Class['ca_cert::update'], } } 'text': { file { $resource_name: - ensure => present, + ensure => 'file', content => $ca_text, path => $ca_cert, owner => 'root', group => $file_group, mode => $file_mode, - notify => Class['::ca_cert::update'], + notify => Class['ca_cert::update'], } } default: { @@ -156,12 +158,11 @@ 'absent': { file { $ca_cert: ensure => absent, - notify => Class['::ca_cert::update'], + notify => Class['ca_cert::update'], } } default: { fail("Ca_cert::Ca[${name}] - ensure must be set to present, trusted, distrusted, or absent.") } } - } diff --git a/manifests/enable.pp b/manifests/enable.pp index e340b0d..b3d6742 100644 --- a/manifests/enable.pp +++ b/manifests/enable.pp @@ -1,6 +1,5 @@ # Private class class ca_cert::enable { - include ca_cert if ($facts['os']['family'] == 'RedHat' and versioncmp($facts['os']['release']['full'], '7') < 0) { @@ -21,5 +20,4 @@ } } } - } diff --git a/manifests/init.pp b/manifests/init.pp index 395e590..9198bbe 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -43,16 +43,15 @@ # lint:ignore:variable_is_lowercase class ca_cert ( Boolean $always_update_certs = false, - Boolean $purge_unmanaged_CAs = false, + Boolean $purge_unmanaged_CAs = false, # lint:ignore:variable_contains_upcase Boolean $install_package = true, Boolean $force_enable = false, Hash $ca_certs = {}, String $package_ensure = 'installed', String $package_name = $ca_cert::params::package_name, ) inherits ca_cert::params { - - include ::ca_cert::params - include ::ca_cert::update + include ca_cert::params + include ca_cert::update if $always_update_certs == true { Exec <| title=='ca_cert_update' |> { @@ -70,8 +69,8 @@ owner => 'root', group => $cert_dir_group, mode => $cert_dir_mode, - purge => $purge_unmanaged_CAs, - recurse => $purge_unmanaged_CAs, + purge => $purge_unmanaged_CAs, # lint:ignore:variable_contains_upcase + recurse => $purge_unmanaged_CAs, # lint:ignore:variable_contains_upcase notify => Exec['ca_cert_update'], } diff --git a/manifests/params.pp b/manifests/params.pp index d186672..c77a355 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -44,7 +44,7 @@ $package_name = 'ca-certificates' } 'Suse': { - if $facts['os']['release']['major'] =~ /(10|11)/ { + if $facts['os']['release']['major'] =~ /(10|11)/ { $trusted_cert_dir = '/etc/ssl/certs' $update_cmd = 'c_rehash' $ca_file_extension = 'pem' @@ -73,7 +73,7 @@ $package_name = 'ca-certificates' } 'Solaris': { - if versioncmp($facts['os']['release']['major'], '11') >= 0 { + if versioncmp($facts['os']['release']['major'], '11') >= 0 { $trusted_cert_dir = '/etc/certs/CA/' $update_cmd = '/usr/sbin/svcadm restart /system/ca-certificates' $cert_dir_group = 'sys' diff --git a/manifests/update.pp b/manifests/update.pp index a8c417f..f4b961a 100644 --- a/manifests/update.pp +++ b/manifests/update.pp @@ -1,6 +1,5 @@ # Private class class ca_cert::update { - require ca_cert require ca_cert::enable @@ -10,5 +9,4 @@ refreshonly => true, path => ['/usr/sbin', '/usr/bin', '/bin'], } - } diff --git a/metadata.json b/metadata.json index 6b6987e..7a03470 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppet/archive", - "version_requirement": ">= 6.0.0" + "version_requirement": ">= 6.0.0 < 8.0.0" } ], "operatingsystem_support": [ @@ -62,7 +62,7 @@ "version_requirement": ">= 4.0.0 < 9.0.0" } ], - "pdk-version": "1.18.0", - "template-url": "pdk-default#1.18.0", - "template-ref": "tags/1.18.0-0-g095317c" + "pdk-version": "3.0.0", + "template-url": "pdk-default#3.0.0", + "template-ref": "tags/3.0.0-0-g056e50d" } diff --git a/provision.yaml b/provision.yaml new file mode 100644 index 0000000..0bfb668 --- /dev/null +++ b/provision.yaml @@ -0,0 +1,19 @@ +--- +default: + provisioner: docker + images: + - 'litmusimage/almalinux:8' + - 'litmusimage/centos:6' + - 'litmusimage/centos:7' + - 'litmusimage/centos:stream8' + - 'litmusimage/centos:stream9' + - 'litmusimage/debian:10' + - 'litmusimage/debian:11' + - 'litmusimage/oraclelinux:8' + - 'litmusimage/oraclelinux:9' + - 'litmusimage/rockylinux:8' + - 'litmusimage/scientificlinux:6' + - 'litmusimage/scientificlinux:7' + - 'litmusimage/ubuntu:18.04' + - 'litmusimage/ubuntu:20.04' + - 'litmusimage/ubuntu:22.04' diff --git a/spec/acceptance/ca_cert_ca_spec.rb b/spec/acceptance/ca_cert_ca_spec.rb index 9523e1d..ea5d7c7 100644 --- a/spec/acceptance/ca_cert_ca_spec.rb +++ b/spec/acceptance/ca_cert_ca_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -case fact('os.family') +case host_inventory['facter']['os']['family'] when 'Debian' trusted_ca_file_remote = '/usr/local/share/ca-certificates/Globalsign_Org_Intermediate.crt' absent_ca_file_remote = '/etc/pki/ca-trust/source/blacklist/CACert.crt' @@ -69,7 +69,7 @@ it { is_expected.to be_file } end - case fact('os.family') + case host_inventory['facter']['os']['family'] when 'Debian' describe file(absent_ca_file_remote) do it { is_expected.not_to be_file } diff --git a/spec/classes/ca_cert_spec.rb b/spec/classes/ca_cert_spec.rb index d0c9302..208a4c4 100644 --- a/spec/classes/ca_cert_spec.rb +++ b/spec/classes/ca_cert_spec.rb @@ -180,11 +180,11 @@ } end end - context 'on a Solaris based OS' do + context 'on an unsupported operating system' do let :facts do { 'os' => { - 'family' => 'Solaris', + 'family' => 'WeirdOS', }, } end diff --git a/spec/classes/params_spec.rb b/spec/classes/params_spec.rb index 6c38f4a..c92505c 100644 --- a/spec/classes/params_spec.rb +++ b/spec/classes/params_spec.rb @@ -52,7 +52,7 @@ let :facts do { 'os' => { - 'family' => 'Solaris', + 'family' => 'WeirdOS', }, } end diff --git a/spec/classes/update_spec.rb b/spec/classes/update_spec.rb index b3e0d5f..d6512ea 100644 --- a/spec/classes/update_spec.rb +++ b/spec/classes/update_spec.rb @@ -21,7 +21,7 @@ ) } when 'RedHat' - if facts[:os]['release']['major'] == '7' + if facts[:os]['release']['major'] >= '7' it { is_expected.not_to contain_exec('enable_ca_trust') } else context 'with force_enable set to true' do diff --git a/spec/defines/ca_spec.rb b/spec/defines/ca_spec.rb index 224b004..b9e66fb 100644 --- a/spec/defines/ca_spec.rb +++ b/spec/defines/ca_spec.rb @@ -1,5 +1,4 @@ require 'spec_helper' -# rubocop:disable RSpec/VoidExpect describe 'ca_cert::ca', type: :define do HTTP_URL = 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt'.freeze @@ -139,7 +138,7 @@ end it { - is_expected.to contain_remote_file(DEBIAN_CA_FILE).with( + is_expected.to contain_archive(DEBIAN_CA_FILE).with( 'ensure' => 'present', 'source' => HTTP_URL, ) @@ -155,7 +154,7 @@ it { is_expected.to contain_file('Globalsign_Org_Intermediate.crt').with( - 'ensure' => 'present', + 'ensure' => 'file', 'content' => GLOBALSIGN_ORG_CA, 'path' => DEBIAN_CA_FILE, ) @@ -200,7 +199,7 @@ end it { - is_expected.to contain_remote_file(REDHAT_CA_FILE).with( + is_expected.to contain_archive(REDHAT_CA_FILE).with( 'ensure' => 'present', 'source' => HTTP_URL, ) @@ -216,7 +215,7 @@ it { is_expected.to contain_file('Globalsign_Org_Intermediate.crt').with( - 'ensure' => 'present', + 'ensure' => 'file', 'content' => GLOBALSIGN_ORG_CA, 'path' => REDHAT_CA_FILE, ) @@ -244,7 +243,7 @@ end it { - is_expected.to contain_remote_file(DISTRUSTED_REDHAT_CA_FILE).with( + is_expected.to contain_archive(DISTRUSTED_REDHAT_CA_FILE).with( 'ensure' => 'present', 'source' => HTTP_URL, ) @@ -271,7 +270,7 @@ end it { - is_expected.to contain_remote_file(SUSE_11_CA_FILE).with( + is_expected.to contain_archive(SUSE_11_CA_FILE).with( 'ensure' => 'present', 'source' => SUSE_11_HTTP_URL, ) @@ -287,7 +286,7 @@ it { is_expected.to contain_file('Globalsign_Org_Intermediate.pem').with( - 'ensure' => 'present', + 'ensure' => 'file', 'content' => GLOBALSIGN_ORG_CA, 'path' => SUSE_11_CA_FILE, ) @@ -345,7 +344,7 @@ end it { - is_expected.to contain_remote_file(SUSE_12_CA_FILE).with( + is_expected.to contain_archive(SUSE_12_CA_FILE).with( 'ensure' => 'present', 'source' => HTTP_URL, ) @@ -361,7 +360,7 @@ it { is_expected.to contain_file('Globalsign_Org_Intermediate.crt').with( - 'ensure' => 'present', + 'ensure' => 'file', 'content' => GLOBALSIGN_ORG_CA, 'path' => SUSE_12_CA_FILE, ) @@ -391,7 +390,7 @@ end it { - is_expected.to contain_remote_file(DISTRUSTED_SUSE_12_CA_FILE).with( + is_expected.to contain_archive(DISTRUSTED_SUSE_12_CA_FILE).with( 'ensure' => 'present', 'source' => HTTP_URL, ) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 58fa9f6..ce5a374 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,5 +1,9 @@ # frozen_string_literal: true +RSpec.configure do |c| + c.mock_with :rspec +end + require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' @@ -21,8 +25,8 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end @@ -43,6 +47,19 @@ end c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] c.after(:suite) do + RSpec::Puppet::Coverage.report!(0) + end + + # Filter backtrace noise + backtrace_exclusion_patterns = [ + %r{spec_helper}, + %r{gems}, + ] + + if c.respond_to?(:backtrace_exclusion_patterns) + c.backtrace_exclusion_patterns = backtrace_exclusion_patterns + elsif c.respond_to?(:backtrace_clean_patterns) + c.backtrace_clean_patterns = backtrace_exclusion_patterns end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 3ed4c59..8e1157f 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,22 +1,9 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' +# frozen_string_literal: true -run_puppet_install_helper +require 'puppet_litmus' +PuppetLitmus.configure! -UNSUPPORTED_PLATFORMS = ['windows', 'aix', 'Solaris', 'BSD'].freeze - -RSpec.configure do |c| - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - c.formatter = :documentation - - c.before :suite do - puppet_module_install(source: proj_root, module_name: 'ca_cert') - hosts.each do |host| - on host, puppet('module', 'install', 'puppetlabs-stdlib'), acceptable_exit_codes: [0, 1] - on host, puppet('module', 'install', 'lwf-remote_file'), acceptable_exit_codes: [0, 1] - end - end -end +require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) shared_examples 'an idempotent resource' do it 'applies with no errors' do